From b1b1abc28446fc10881a5d439adfe71aeb37a3b0 Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Wed, 15 Apr 2026 15:52:34 +0200 Subject: [PATCH 1/6] se05x: adding patch to remove se05x component from se05x --- ...emove-support-for-crypto-from-mbedos.patch | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 patches/0266-SE05x-remove-support-for-crypto-from-mbedos.patch diff --git a/patches/0266-SE05x-remove-support-for-crypto-from-mbedos.patch b/patches/0266-SE05x-remove-support-for-crypto-from-mbedos.patch new file mode 100644 index 000000000..5f4feb6c9 --- /dev/null +++ b/patches/0266-SE05x-remove-support-for-crypto-from-mbedos.patch @@ -0,0 +1,38 @@ +From b675aff2d931af574053bfc49da4433a0b2ba2b3 Mon Sep 17 00:00:00 2001 +From: Andrea Gilardoni +Date: Mon, 18 May 2026 16:13:48 +0200 +Subject: [PATCH] SE05x: remove support for crypto from mbedos + +in favor of external library for se05x crypto shared among all cores +--- + targets/targets.json | 8 ++------ + 1 file changed, 2 insertions(+), 6 deletions(-) + +diff --git a/targets/targets.json b/targets/targets.json +index f69cbeef40..6cff815ec4 100644 +--- a/targets/targets.json ++++ b/targets/targets.json +@@ -3686,18 +3686,14 @@ + "QSPIF", + "WHD", + "4343W_FS", +- "CYW43XXX", +- "SE050" ++ "CYW43XXX" + ], + "macros_add": [ + "MBEDTLS_FS_IO", + "MBEDTLS_SHA1_C", + "CM4_BOOT_BY_APPLICATION", + "QSPI_NO_SAMPLE_SHIFT", +- "CYW43XXX_UNBUFFERED_UART", +- "T1oI2C", +- "T1oI2C_UM11225", +- "FLOW_SILENT" ++ "CYW43XXX_UNBUFFERED_UART" + ], + "device_has_add": [ + "USBDEVICE", +-- +2.53.0 + From 3de052f3d54ef8405ee7e7c8d7cb98ca90d8168b Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Tue, 19 May 2026 10:01:54 +0200 Subject: [PATCH 2/6] se05x: remove component from mbed os --- extras/variables/nicla.variables | 2 +- .../NICLA_VISION/conf/custom_mbedtls_config.h | 3368 ----------------- variants/NICLA_VISION/conf/mbed_app.json | 1 - 3 files changed, 1 insertion(+), 3370 deletions(-) delete mode 100644 variants/NICLA_VISION/conf/custom_mbedtls_config.h diff --git a/extras/variables/nicla.variables b/extras/variables/nicla.variables index c894e0366..b9340db07 100644 --- a/extras/variables/nicla.variables +++ b/extras/variables/nicla.variables @@ -1,5 +1,5 @@ export FLAVOUR="nicla" export VARIANTS=("NICLA NICLA_VISION GENERIC_STM32H747_M4") export FQBNS=("nicla_sense nicla_voice nicla_vision") -export LIBRARIES=("SPI Wire Scheduler Nicla_System WiFi ea_malloc openamp_arduino STM32H747_System ThreadDebug GC2145 Himax_HM01B0 PDM KernelDebug RPC USBHID Camera rpclib USBHOST mbed-memory-status USBMSD SocketWrapper MRI SE05X MLC NDP syntiant_ilib") +export LIBRARIES=("SPI Wire Scheduler Nicla_System WiFi ea_malloc openamp_arduino STM32H747_System ThreadDebug GC2145 Himax_HM01B0 PDM KernelDebug RPC USBHID Camera rpclib USBHOST mbed-memory-status USBMSD SocketWrapper MRI MLC NDP syntiant_ilib") export BOOTLOADERS=("NICLA NICLA_VISION NICLA_VOICE") diff --git a/variants/NICLA_VISION/conf/custom_mbedtls_config.h b/variants/NICLA_VISION/conf/custom_mbedtls_config.h deleted file mode 100644 index c2a399cc2..000000000 --- a/variants/NICLA_VISION/conf/custom_mbedtls_config.h +++ /dev/null @@ -1,3368 +0,0 @@ -/** - * \file sss_mbedtls_x86_config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -/* - * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved - * Copyright 2020 NXP - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef MBEDTLS_CONFIG_X86_H -#define MBEDTLS_CONFIG_X86_H - -/* clang-format off */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#ifdef CHECK_MEMORY - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -#define MBEDTLS_PLATFORM_MEMORY - -void tstDoTraceAndFree( - const char * szWhat, - const char * szFunction, const unsigned int line, - void * pWhat ); - -void * tstDoTraceAndCalloc( - const char * szNUM, const char * szSize, - const char * szFunction, const unsigned int line, - const unsigned int num, const unsigned int size ); - -#define MBEDTLS_PLATFORM_FREE_MACRO(WHAT) \ - tstDoTraceAndFree(#WHAT, __FUNCTION__, __LINE__, WHAT ) -#define MBEDTLS_PLATFORM_CALLOC_MACRO(NUM, SIZE) \ - tstDoTraceAndCalloc(#NUM, #SIZE, __FUNCTION__, __LINE__, NUM, SIZE ) - -#define MBEDTLS_MEMORY_DEBUG -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -#endif /* CHECK_MEMORY */ - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/aria.c - * library/timing.c - * include/mbedtls/bn_mul.h - * - * Required by: - * MBEDTLS_AESNI_C - * MBEDTLS_PADLOCK_C - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_NO_UDBL_DIVISION - * - * The platform lacks support for double-width integer division (64-bit - * division on a 32-bit platform, 128-bit division on a 64-bit platform). - * - * Used in: - * include/mbedtls/bignum.h - * library/bignum.c - * - * The bignum code uses double-width division to speed up some operations. - * Double-width division is often implemented in software that needs to - * be linked with the program. The presence of a double-width integer - * type is usually detected automatically through preprocessor macros, - * but the automatic detection cannot know whether the code needs to - * and can be linked with an implementation of division for that type. - * By default division is assumed to be usable if the type is present. - * Uncomment this option to prevent the use of double-width division. - * - * Note that division for the native integer type is always required. - * Furthermore, a 64-bit type is always required even on a 32-bit - * platform, but it need not support multiplication or division. In some - * cases it is also desirable to disable some double-width operations. For - * example, if double-width division is implemented in software, disabling - * it can reduce code size in some embedded targets. - */ -//#define MBEDTLS_NO_UDBL_DIVISION - -/** - * \def MBEDTLS_NO_64BIT_MULTIPLICATION - * - * The platform lacks support for 32x32 -> 64-bit multiplication. - * - * Used in: - * library/poly1305.c - * - * Some parts of the library may use multiplication of two unsigned 32-bit - * operands with a 64-bit result in order to speed up computations. On some - * platforms, this is not available in hardware and has to be implemented in - * software, usually in a library provided by the toolchain. - * - * Sometimes it is not desirable to have to link to that library. This option - * removes the dependency of that library on platforms that lack a hardware - * 64-bit multiplier by embedding a software implementation in Mbed TLS. - * - * Note that depending on the compiler, this may decrease performance compared - * to using the library function provided by the toolchain. - */ -//#define MBEDTLS_NO_64BIT_MULTIPLICATION - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions - */ -#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h, time(), and an implementation for - * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necesarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - * - * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that - * behaves similarly to the gmtime_r() function from the C standard. Refer to - * the documentation for mbedtls_platform_gmtime_r() for more information. - * - * \note It is possible to configure an implementation for - * mbedtls_platform_gmtime_r() at compile-time by using the macro - * MBEDTLS_PLATFORM_GMTIME_R_ALT. - */ -//#define MBEDTLS_HAVE_TIME_DATE - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -//#define MBEDTLS_PLATFORM_MEMORY - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT -//#define MBEDTLS_PLATFORM_FPRINTF_ALT -//#define MBEDTLS_PLATFORM_PRINTF_ALT -//#define MBEDTLS_PLATFORM_SNPRINTF_ALT -//#define MBEDTLS_PLATFORM_NV_SEED_ALT -//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_REMOVED - -/** - * \def MBEDTLS_CHECK_PARAMS - * - * This configuration option controls whether the library validates more of - * the parameters passed to it. - * - * When this flag is not defined, the library only attempts to validate an - * input parameter if: (1) they may come from the outside world (such as the - * network, the filesystem, etc.) or (2) not validating them could result in - * internal memory errors such as overflowing a buffer controlled by the - * library. On the other hand, it doesn't attempt to validate parameters whose - * values are fully controlled by the application (such as pointers). - * - * When this flag is defined, the library additionally attempts to validate - * parameters that are fully controlled by the application, and should always - * be valid if the application code is fully correct and trusted. - * - * For example, when a function accepts as input a pointer to a buffer that may - * contain untrusted data, and its documentation mentions that this pointer - * must not be NULL: - * - the pointer is checked to be non-NULL only if this option is enabled - * - the content of the buffer is always validated - * - * When this flag is defined, if a library function receives a parameter that - * is invalid, it will: - * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a - * call to the function mbedtls_param_failed() - * - immediately return (with a specific error code unless the function - * returns void and can't communicate an error). - * - * When defining this flag, you also need to: - * - either provide a definition of the function mbedtls_param_failed() in - * your application (see platform_util.h for its prototype) as the library - * calls that function, but does not provide a default definition for it, - * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() - * below if the above mechanism is not flexible enough to suit your needs. - * See the documentation of this macro later in this file. - * - * Uncomment to enable validation of application-controlled parameters. - */ -//#define MBEDTLS_CHECK_PARAMS - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternate core implementation of a symmetric crypto, an arithmetic or hash - * module (e.g. platform specific assembly optimized implementations). Keep - * in mind that the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base - * function declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - * - * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their - * use constitutes a security risk. If possible, we recommend - * avoiding dependencies on them, and considering stronger message - * digests and ciphers instead. - * - */ -//#define MBEDTLS_AES_ALT -//#define MBEDTLS_ARC4_ALT -//#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_BLOWFISH_ALT -//#define MBEDTLS_CAMELLIA_ALT -//#define MBEDTLS_CCM_ALT -//#define MBEDTLS_CHACHA20_ALT -//#define MBEDTLS_CHACHAPOLY_ALT -//#define MBEDTLS_CMAC_ALT -//#define MBEDTLS_DES_ALT -//#define MBEDTLS_DHM_ALT -//#define MBEDTLS_ECJPAKE_ALT -//#define MBEDTLS_GCM_ALT -//#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT -//#define MBEDTLS_MD5_ALT -//#define MBEDTLS_POLY1305_ALT -//#define MBEDTLS_RIPEMD160_ALT -//#define MBEDTLS_RSA_ALT -//#define MBEDTLS_SHA1_ALT -//#define MBEDTLS_SHA256_ALT -//#define MBEDTLS_SHA512_ALT -//#define MBEDTLS_XTEA_ALT - -/* - * When replacing the elliptic curve module, pleace consider, that it is - * implemented with two .c files: - * - ecp.c - * - ecp_curves.c - * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT - * macros as described above. The only difference is that you have to make sure - * that you provide functionality for both .c files. - */ - -#if defined(SSS_HAVE_ALT) && (SSS_HAVE_ALT) -# define MBEDTLS_ECP_ALT -# define MBEDTLS_RSA_ALT -#endif /* SSS_HAVE_ALT */ -//#define MBEDTLS_ECP_ALT - - -/** - * - MBEDTLS_ECDSA_VERIFY_ALT - * To use SE for all public key ecdsa verify operation, enable MBEDTLS_ECDSA_VERIFY_ALT - */ - -#if defined(SSS_HAVE_ALT) && (SSS_HAVE_ALT) -# define MBEDTLS_ECDH_ALT -# define MBEDTLS_ECDH_GEN_PUBLIC_ALT -# define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//# define MBEDTLS_ECDSA_VERIFY_ALT -#endif /* SSS_HAVE_ALT */ -//#define MBEDTLS_ECDH_ALT - -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. - * - * \note If you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT -//#define MBEDTLS_AES_DECRYPT_ALT -//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT -//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//#define MBEDTLS_ECDSA_VERIFY_ALT -//#define MBEDTLS_ECDSA_SIGN_ALT -//#define MBEDTLS_ECDSA_GENKEY_ALT - -/** - * \def MBEDTLS_ECP_INTERNAL_ALT - * - * Expose a part of the internal interface of the Elliptic Curve Point module. - * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternative core implementation of elliptic curve arithmetic. Keep in mind - * that function prototypes should remain the same. - * - * This partially replaces one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation - * is still present and it is used for group structures not supported by the - * alternative. - * - * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT - * and implementing the following functions: - * unsigned char mbedtls_internal_ecp_grp_capable( - * const mbedtls_ecp_group *grp ) - * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) - * The mbedtls_internal_ecp_grp_capable function should return 1 if the - * replacement functions implement arithmetic for the given group and 0 - * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are - * called before and after each point operation and provide an opportunity to - * implement optimized set up and tear down instructions. - * - * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac - * function, but will use your mbedtls_internal_ecp_double_jac if the group is - * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when - * receives it as an argument). If the group is not supported then the original - * implementation is used. The other functions and the definition of - * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your - * implementation of mbedtls_internal_ecp_double_jac and - * mbedtls_internal_ecp_grp_capable must be compatible with this definition. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -/* Required for all the functions in this section */ -//#define MBEDTLS_ECP_INTERNAL_ALT -/* Support for Weierstrass curves with Jacobi representation */ -//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT -//#define MBEDTLS_ECP_ADD_MIXED_ALT -//#define MBEDTLS_ECP_DOUBLE_JAC_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT -/* Support for curves with Montgomery arithmetic */ -//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT -//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT -//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT - -/** - * \def MBEDTLS_TEST_NULL_ENTROPY - * - * Enables testing and use of mbed TLS without any configured entropy sources. - * This permits use of the library on platforms before an entropy source has - * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the - * MBEDTLS_ENTROPY_NV_SEED switches). - * - * WARNING! This switch MUST be disabled in production builds, and is suitable - * only for development. - * Enabling the switch negates any security provided by the library. - * - * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - */ -//#define MBEDTLS_TEST_NULL_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in entropy_poll.h, and accept NULL as first argument. - * - * Uncomment to use your own hardware entropy collector. - */ -//#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Use precomputed AES tables stored in ROM. - * - * Uncomment this macro to use precomputed AES tables stored in ROM. - * Comment this macro to generate AES tables in RAM at runtime. - * - * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb - * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the - * initialization time before the first AES operation can be performed. - * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c - * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded - * performance if ROM access is slower than RAM access. - * - * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * - */ -//#define MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_AES_FEWER_TABLES - * - * Use less ROM/RAM for AES tables. - * - * Uncommenting this macro omits 75% of the AES tables from - * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) - * by computing their values on the fly during operations - * (the tables are entry-wise rotations of one another). - * - * Tradeoff: Uncommenting this reduces the RAM / ROM footprint - * by ~6kb but at the cost of more arithmetic operations during - * runtime. Specifically, one has to compare 4 accesses within - * different tables to 4 accesses with additional arithmetic - * operations within the same table. The performance gain/loss - * depends on the system and memory details. - * - * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * - */ -//#define MBEDTLS_AES_FEWER_TABLES - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CFB - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_OFB - * - * Enable Output Feedback mode (OFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_OFB - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#define MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#define MBEDTLS_CIPHER_PADDING_ZEROS - -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES - * - * Remove 3DES ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on 3DES from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible - * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including - * them explicitly. - * - * A man-in-the-browser attacker can recover authentication tokens sent through - * a TLS connection using a 3DES based cipher suite (see "On the Practical - * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Ga�tan - * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls - * in your threat model or you are unsure, then you should keep this option - * enabled to remove 3DES based cipher suites. - * - * Comment this macro to keep 3DES in the default ciphersuite list. - */ -#define MBEDTLS_REMOVE_3DES_CIPHERSUITES - -/** - * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED - * - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_ECP_DP_CURVE448_ENABLED - -#ifdef TGT_A71CH -# undef MBEDTLS_ECP_DP_SECP192R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP224R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP384R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP521R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP192K1_ENABLED -# undef MBEDTLS_ECP_DP_SECP224K1_ENABLED -# undef MBEDTLS_ECP_DP_SECP256K1_ENABLED -# undef MBEDTLS_ECP_DP_BP256R1_ENABLED -# undef MBEDTLS_ECP_DP_BP384R1_ENABLED -# undef MBEDTLS_ECP_DP_BP512R1_ENABLED -# undef MBEDTLS_ECP_DP_CURVE25519_ENABLED -# undef MBEDTLS_ECP_DP_CURVE448_ENABLED -#endif - - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define MBEDTLS_ECP_NIST_OPTIM - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * Uncomment this macro to enable restartable ECC computations. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. - */ -//#define MBEDTLS_ECP_RESTARTABLE - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#define MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#define MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -//#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific, - * mbedtls_timing_hardclock and HAVEGE based poll functions. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -//#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_ENTROPY_NV_SEED - * - * Enable the non-volatile (NV) seed file-based entropy source. - * (Also enables the NV seed read/write functions in the platform layer) - * - * This is crucial (if not required) on systems that do not have a - * cryptographic entropy source (in hardware or kernel) available. - * - * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C - * - * \note The read/write functions that are used by the entropy source are - * determined in the platform layer, and can be modified at runtime and/or - * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. - * - * \note If you use the default implementation functions that read a seedfile - * with regular fopen(), please make sure you make a seedfile with the - * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at - * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from - * and written to or you will get an entropy source error! The default - * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE - * bytes from the file. - * - * \note The entropy collector will write to the seed file before entropy is - * given to an external source, to update it. - */ -//#define MBEDTLS_ENTROPY_NV_SEED - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define MBEDTLS_PKCS1_V21 - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -//#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonnable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -//#define MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -//#define MBEDTLS_SSL_PROTO_SSL3 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintainance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - * - * Fallback to old (pre-2.7), non-conforming implementation of the truncated - * HMAC extension which also truncates the HMAC key. Note that this option is - * only meant for a transitory upgrade period and is likely to be removed in - * a future version of the library. - * - * \warning The old implementation is non-compliant and has a security weakness - * (2^80 brute force attack on the HMAC key used for a single, - * uninterrupted connection). This should only be enabled temporarily - * when (1) the use of truncated HMAC is essential in order to save - * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use - * the fixed implementation yet (pre-2.7). - * - * \deprecated This option is deprecated and will likely be removed in a - * future version of Mbed TLS. - * - * Uncomment to fallback to old, non-compliant truncated HMAC implementation. - * - * Requires: MBEDTLS_SSL_TRUNCATED_HMAC - */ -//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -//#define MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be a applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * \deprecated This feature is deprecated and will be removed - * in the next major revision of the library. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/cipher.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#define MBEDTLS_AES_C - -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on - * it, and considering stronger ciphers instead. - * - */ -#define MBEDTLS_ARC4_C - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/rsa_internal.c - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define MBEDTLS_BLOWFISH_C - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#define MBEDTLS_CAMELLIA_C - -/** - * \def MBEDTLS_ARIA_C - * - * Enable the ARIA block cipher. - * - * Module: library/aria.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 - */ -//#define MBEDTLS_ARIA_C - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#define MBEDTLS_CCM_C - -/** - * \def MBEDTLS_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -#define MBEDTLS_CERTS_C - -/** - * \def MBEDTLS_CHACHA20_C - * - * Enable the ChaCha20 stream cipher. - * - * Module: library/chacha20.c - */ -#define MBEDTLS_CHACHA20_C - -/** - * \def MBEDTLS_CHACHAPOLY_C - * - * Enable the ChaCha20-Poly1305 AEAD algorithm. - * - * Module: library/chachapoly.c - * - * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C - */ -#define MBEDTLS_CHACHAPOLY_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -#define MBEDTLS_CMAC_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-based random generator. - * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C - * - * This module provides the CTR_DRBG AES random number generator. - */ -#define MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -#define MBEDTLS_DES_C - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#define MBEDTLS_ECDH_C - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C - */ -#define MBEDTLS_ECDSA_C - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C - */ -//#define MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#define MBEDTLS_ECP_C - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#define MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#define MBEDTLS_GCM_C - -/** - * \def MBEDTLS_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: MBEDTLS_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define MBEDTLS_HAVEGE_C - -/** - * \def MBEDTLS_HKDF_C - * - * Enable the HKDF algorithm (RFC 5869). - * - * Module: library/hkdf.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the Hashed Message Authentication Code - * (HMAC)-based key derivation function (HKDF). - */ -#define MBEDTLS_HKDF_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_NIST_KW_C - * - * Enable the Key Wrapping mode for 128-bit block ciphers, - * as defined in NIST SP 800-38F. Only KW and KWP modes - * are supported. At the moment, only AES is approved by NIST. - * - * Module: library/nist_kw.c - * - * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C - */ -//#define MBEDTLS_NIST_KW_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD4_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 - * depending on the handshake parameters. Further, it is used for checking - * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded - * encrypted keys. - * - * \warning MD5 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -//#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#define MBEDTLS_PEM_PARSE_C - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define MBEDTLS_PEM_WRITE_C - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: MBEDTLS_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define MBEDTLS_PKCS11_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other module rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_POLY1305_C - * - * Enable the Poly1305 MAC algorithm. - * - * Module: library/poly1305.c - * Caller: library/chachapoly.c - */ -#define MBEDTLS_POLY1305_C - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#define MBEDTLS_RIPEMD160_C - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * library/rsa_internal.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#define MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 - * depending on the handshake parameters, and for SHA1-signed certificates. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-224 and SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This module adds support for SHA-384 and SHA-512. - */ -#define MBEDTLS_SHA512_C - -#if (SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM) -#undef MBEDTLS_SHA512_C -#endif - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. See also our Knowledge Base article about threading: - * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -//#define MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -//#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define MBEDTLS_XTEA_C - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ -//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ - -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ - -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for certificate signing. - * Without this build-time option, SHA-1 support must be activated explicitly - * through mbedtls_ssl_conf_cert_profile. Turning on this option is not - * recommended because of it is possible to generate SHA-1 collisions, however - * this may be safe for legacy infrastructure where additional controls apply. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations - * - * Allow user to override any previous default. - * - */ -#if defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#include "mbedtls/check_config.h" - -/* clang-format on */ - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/variants/NICLA_VISION/conf/mbed_app.json b/variants/NICLA_VISION/conf/mbed_app.json index f3227a71f..361a0ab94 100644 --- a/variants/NICLA_VISION/conf/mbed_app.json +++ b/variants/NICLA_VISION/conf/mbed_app.json @@ -1,5 +1,4 @@ { - "macros" : ["MBEDTLS_USER_CONFIG_FILE=\"custom_mbedtls_config.h\""], "target_overrides": { "*": { "target.printf_lib": "std", From 8d50a8d89f474eba9be3f4f6d912788b4069870b Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Mon, 18 May 2026 17:02:15 +0200 Subject: [PATCH 3/6] se05x: removing header files from mbedos --- .../COMPONENT_SE050/fsl_sss_ftr.h | 651 -- .../hostlib/hostLib/inc/Applet_SE050_Ver.h | 114 - .../hostLib/inc/PlugAndTrust_HostLib_Ver.h | 63 - .../hostLib/inc/PlugAndTrust_Pkg_Ver.h | 62 - .../hostlib/hostLib/inc/nxEnsure.h | 279 - .../hostlib/hostLib/inc/nxScp03_Apis.h | 90 - .../hostlib/hostLib/inc/nxScp03_Const.h | 97 - .../hostlib/hostLib/inc/nxScp03_Types.h | 306 - .../COMPONENT_SE050/hostlib/hostLib/inc/scp.h | 127 - .../hostlib/hostLib/inc/se05x_const.h | 168 - .../hostlib/hostLib/inc/se05x_ecc_curves.h | 19 - .../hostLib/inc/se05x_ecc_curves_inc.h | 268 - .../hostLib/inc/se05x_ecc_curves_values.h | 2801 -------- .../hostlib/hostLib/inc/se05x_enums.h | 1030 --- .../hostlib/hostLib/inc/se05x_ftr.h | 36 - .../hostlib/hostLib/inc/se05x_tlv.h | 370 -- .../hostlib/hostLib/inc/sm_const.h | 123 - .../hostLib/libCommon/infra/global_platf.h | 28 - .../hostlib/hostLib/libCommon/infra/sm_apdu.h | 217 - .../hostlib/hostLib/libCommon/infra/sm_api.h | 119 - .../hostLib/libCommon/infra/sm_errors.h | 31 - .../hostLib/libCommon/infra/sm_types.h | 163 - .../hostlib/hostLib/libCommon/nxlog/nxLog.h | 107 - .../hostLib/libCommon/nxlog/nxLog_App.h | 183 - .../libCommon/nxlog/nxLog_DefaultConfig.h | 44 - .../hostLib/libCommon/nxlog/nxLog_hostLib.h | 183 - .../hostLib/libCommon/nxlog/nxLog_mbedtls.h | 183 - .../hostLib/libCommon/nxlog/nxLog_scp.h | 183 - .../hostLib/libCommon/nxlog/nxLog_smCom.h | 183 - .../hostLib/libCommon/nxlog/nxLog_sss.h | 183 - .../libCommon/smCom/T1oI2C/phEseStatus.h | 421 -- .../libCommon/smCom/T1oI2C/phEseTypes.h | 31 - .../libCommon/smCom/T1oI2C/phNxpEsePal_i2c.h | 110 - .../smCom/T1oI2C/phNxpEseProto7816_3.h | 443 -- .../libCommon/smCom/T1oI2C/phNxpEse_Api.h | 70 - .../smCom/T1oI2C/phNxpEse_Internal.h | 54 - .../hostLib/libCommon/smCom/apduComm.h | 65 - .../hostlib/hostLib/libCommon/smCom/smCom.h | 49 - .../hostLib/libCommon/smCom/smComT1oI2C.h | 71 - .../hostlib/hostLib/platform/inc/i2c_a7.h | 160 - .../hostlib/hostLib/platform/inc/se05x_apis.h | 20 - .../hostlib/hostLib/platform/inc/sm_printf.h | 40 - .../hostlib/hostLib/platform/inc/sm_timer.h | 31 - .../se05x_03_xx_xx/se05x_04_xx_APDU_apis.h | 1207 ---- .../se05x_03_xx_xx/se05x_04_xx_APDU_impl.h | 1535 ----- .../hostLib/se05x_03_xx_xx/se05x_APDU.h | 76 - .../hostLib/se05x_03_xx_xx/se05x_APDU_apis.h | 5812 ----------------- .../hostLib/se05x_03_xx_xx/se05x_APDU_impl.h | 3470 ---------- .../COMPONENT_SE050/sss/ex/inc/ex_scp03_puf.h | 124 - .../COMPONENT_SE050/sss/ex/inc/ex_sss.h | 96 - .../COMPONENT_SE050/sss/ex/inc/ex_sss_auth.h | 180 - .../COMPONENT_SE050/sss/ex/inc/ex_sss_boot.h | 220 - .../sss/ex/inc/ex_sss_main_inc.h | 382 -- .../sss/ex/inc/ex_sss_main_inc_linux.h | 25 - .../COMPONENT_SE050/sss/ex/inc/ex_sss_objid.h | 112 - .../COMPONENT_SE050/sss/ex/inc/ex_sss_ports.h | 53 - .../sss/ex/inc/ex_sss_scp03_keys.h | 75 - .../sss/ex/inc/ex_sss_tp_scp03_keys.h | 119 - .../sss/ex/src/ex_sss_boot_int.h | 70 - .../COMPONENT_SE050/sss/inc/fsl_sscp.h | 428 -- .../COMPONENT_SE050/sss/inc/fsl_sss_api.h | 1892 ------ .../COMPONENT_SE050/sss/inc/fsl_sss_api_ver.h | 64 - .../COMPONENT_SE050/sss/inc/fsl_sss_config.h | 84 - .../sss/inc/fsl_sss_ftr_default.h | 673 -- .../sss/inc/fsl_sss_keyid_map.h | 182 - .../sss/inc/fsl_sss_lpc55s_apis.h | 115 - .../sss/inc/fsl_sss_mbedtls_apis.h | 837 --- .../sss/inc/fsl_sss_mbedtls_types.h | 253 - .../sss/inc/fsl_sss_openssl_apis.h | 839 --- .../sss/inc/fsl_sss_openssl_types.h | 239 - .../COMPONENT_SE050/sss/inc/fsl_sss_policy.h | 221 - .../sss/inc/fsl_sss_se05x_apis.h | 781 --- .../sss/inc/fsl_sss_se05x_policy.h | 51 - .../sss/inc/fsl_sss_se05x_scp03.h | 56 - .../sss/inc/fsl_sss_se05x_types.h | 618 -- .../COMPONENT_SE050/sss/inc/fsl_sss_sscp.h | 717 -- .../sss/inc/fsl_sss_user_apis.h | 627 -- .../sss/inc/fsl_sss_user_types.h | 144 - .../sss/inc/fsl_sss_util_asn1_der.h | 175 - .../sss/inc/fsl_sss_util_rsa_sign_utils.h | 28 - .../sss/plugin/mbedtls/ecdsa_verify_alt.h | 12 - .../sss/plugin/mbedtls/ecp_alt.h | 191 - .../sss/plugin/mbedtls/rsa_alt.h | 86 - .../sss/plugin/mbedtls/sss_mbedtls.h | 102 - .../plugin/mbedtls/sss_mbedtls_x86_config.h | 3368 ---------- .../sss/port/default/fsl_sss_types.h | 67 - 86 files changed, 36382 deletions(-) delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/fsl_sss_ftr.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/Applet_SE050_Ver.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_HostLib_Ver.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_Pkg_Ver.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxEnsure.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Const.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Types.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/scp.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_const.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_inc.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_values.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_enums.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ftr.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_tlv.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/sm_const.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/global_platf.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_apdu.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_api.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_errors.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_types.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_App.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_DefaultConfig.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_hostLib.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_mbedtls.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_scp.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_smCom.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_sss.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseStatus.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseTypes.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEsePal_i2c.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEseProto7816_3.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Api.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Internal.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/apduComm.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smCom.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smComT1oI2C.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/i2c_a7.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/se05x_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_printf.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_timer.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_impl.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_impl.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_scp03_puf.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_auth.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_boot.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc_linux.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_objid.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_ports.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_scp03_keys.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_tp_scp03_keys.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/src/ex_sss_boot_int.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sscp.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api_ver.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_config.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_ftr_default.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_keyid_map.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_lpc55s_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_types.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_types.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_policy.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_policy.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_scp03.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_types.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_sscp.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_apis.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_types.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_asn1_der.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_rsa_sign_utils.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecdsa_verify_alt.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecp_alt.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/rsa_alt.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls_x86_config.h delete mode 100644 cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/port/default/fsl_sss_types.h diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/fsl_sss_ftr.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/fsl_sss_ftr.h deleted file mode 100644 index 95dd7f92f..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/fsl_sss_ftr.h +++ /dev/null @@ -1,651 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_APIS_INC_FSL_SSS_FTR_H_ -#define SSS_APIS_INC_FSL_SSS_FTR_H_ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -/* clang-format off */ - - -/* # CMake Features : Start */ - - -/** Applet : The Secure Element Applet - * - * You can compile host library for different Applets listed below. - * Please note, some of these Applets may be for NXP Internal use only. - */ - -/** Compiling without any Applet Support */ -#define SSS_HAVE_APPLET_NONE 0 - -/** A71CH (ECC) */ -#define SSS_HAVE_APPLET_A71CH 0 - -/** A71CL (RSA) */ -#define SSS_HAVE_APPLET_A71CL 0 - -/** Similar to A71CH */ -#define SSS_HAVE_APPLET_A71CH_SIM 0 - -/** SE050 Type A (ECC) */ -#define SSS_HAVE_APPLET_SE05X_A 0 - -/** SE050 Type B (RSA) */ -#define SSS_HAVE_APPLET_SE05X_B 0 - -/** SE050 (Super set of A + B) */ -#define SSS_HAVE_APPLET_SE05X_C 1 - -/** SE050 (Similar to A71CL) */ -#define SSS_HAVE_APPLET_SE05X_L 0 - -/** NXP Internal testing Applet */ -#define SSS_HAVE_APPLET_LOOPBACK 0 - -#if (( 0 \ - + SSS_HAVE_APPLET_NONE \ - + SSS_HAVE_APPLET_A71CH \ - + SSS_HAVE_APPLET_A71CL \ - + SSS_HAVE_APPLET_A71CH_SIM \ - + SSS_HAVE_APPLET_SE05X_A \ - + SSS_HAVE_APPLET_SE05X_B \ - + SSS_HAVE_APPLET_SE05X_C \ - + SSS_HAVE_APPLET_SE05X_L \ - + SSS_HAVE_APPLET_LOOPBACK \ - ) > 1) -# error "Enable only one of 'Applet'" -#endif - - -#if (( 0 \ - + SSS_HAVE_APPLET_NONE \ - + SSS_HAVE_APPLET_A71CH \ - + SSS_HAVE_APPLET_A71CL \ - + SSS_HAVE_APPLET_A71CH_SIM \ - + SSS_HAVE_APPLET_SE05X_A \ - + SSS_HAVE_APPLET_SE05X_B \ - + SSS_HAVE_APPLET_SE05X_C \ - + SSS_HAVE_APPLET_SE05X_L \ - + SSS_HAVE_APPLET_LOOPBACK \ - ) == 0) -# error "Enable at-least one of 'Applet'" -#endif - - - -/** SE05X_Ver : SE05X Applet version. - * - * Selection of Applet version 03_XX enables SE050 features. - * Selection of Applet version 06_00 enables SE051 features. - * - */ - -/** SE050 */ -#define SSS_HAVE_SE05X_VER_03_XX 1 - -/** SE051 */ -#define SSS_HAVE_SE05X_VER_06_00 0 - -#if (( 0 \ - + SSS_HAVE_SE05X_VER_03_XX \ - + SSS_HAVE_SE05X_VER_06_00 \ - ) > 1) -# error "Enable only one of 'SE05X_Ver'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SE05X_VER_03_XX \ - + SSS_HAVE_SE05X_VER_06_00 \ - ) == 0) -# error "Enable at-least one of 'SE05X_Ver'" -#endif - - - -/** HostCrypto : Counterpart Crypto on Host - * - * What is being used as a cryptographic library on the host. - * As of now only OpenSSL / mbedTLS is supported - */ - -/** Use mbedTLS as host crypto */ -#define SSS_HAVE_HOSTCRYPTO_MBEDTLS 0 - -/** Use mbed-crypto as host crypto - * Required for ARM-PSA / TF-M */ -#define SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO 0 - -/** Use OpenSSL as host crypto */ -#define SSS_HAVE_HOSTCRYPTO_OPENSSL 0 - -/** User Implementation of Host Crypto - * e.g. Files at ``sss/src/user/crypto`` have low level AES/CMAC primitives. - * The files at ``sss/src/user`` use those primitives. - * This becomes an example for users with their own AES Implementation - * This then becomes integration without mbedTLS/OpenSSL for SCP03 / AESKey. - * - * .. note:: ECKey abstraction is not implemented/available yet. */ -#define SSS_HAVE_HOSTCRYPTO_USER 0 - -/** NO Host Crypto - * Note, this is unsecure and only provided for experimentation - * on platforms that do not have an mbedTLS PORT - * Many :ref:`sssftr-control` have to be disabled to have a valid build. */ -#define SSS_HAVE_HOSTCRYPTO_NONE 0 - -#if (( 0 \ - + SSS_HAVE_HOSTCRYPTO_MBEDTLS \ - + SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO \ - + SSS_HAVE_HOSTCRYPTO_OPENSSL \ - + SSS_HAVE_HOSTCRYPTO_USER \ - + SSS_HAVE_HOSTCRYPTO_NONE \ - ) > 1) -# error "Enable only one of 'HostCrypto'" -#endif - - -/** mbedTLS_ALT : ALT Engine implementation for mbedTLS - * - * When set to None, mbedTLS would not use ALT Implementation to connect to / use Secure Element. - * This needs to be set to SSS for Cloud Demos over SSS APIs - */ - -/** Use SSS Layer ALT implementation */ -#define SSS_HAVE_MBEDTLS_ALT_SSS 1 - -/** Legacy implementation */ -#define SSS_HAVE_MBEDTLS_ALT_A71CH 0 - -/** Not using any mbedTLS_ALT - * - * When this is selected, cloud demos can not work with mbedTLS */ -#define SSS_HAVE_MBEDTLS_ALT_NONE 0 - -#if (( 0 \ - + SSS_HAVE_MBEDTLS_ALT_SSS \ - + SSS_HAVE_MBEDTLS_ALT_A71CH \ - + SSS_HAVE_MBEDTLS_ALT_NONE \ - ) > 1) -# error "Enable only one of 'mbedTLS_ALT'" -#endif - - -#if (( 0 \ - + SSS_HAVE_MBEDTLS_ALT_SSS \ - + SSS_HAVE_MBEDTLS_ALT_A71CH \ - + SSS_HAVE_MBEDTLS_ALT_NONE \ - ) == 0) -# error "Enable at-least one of 'mbedTLS_ALT'" -#endif - - - -/** SCP : Secure Channel Protocol - * - * In case we enable secure channel to Secure Element, which interface to be used. - */ - -/** */ -#define SSS_HAVE_SCP_NONE 0 - -/** Use SSS Layer for SCP. Used for SE050 family. */ -#define SSS_HAVE_SCP_SCP03_SSS 0 - -/** Use Host Crypto Layer for SCP03. Legacy implementation. Used for older demos of A71CH Family. */ -#define SSS_HAVE_SCP_SCP03_HOSTCRYPTO 0 - -#if (( 0 \ - + SSS_HAVE_SCP_NONE \ - + SSS_HAVE_SCP_SCP03_SSS \ - + SSS_HAVE_SCP_SCP03_HOSTCRYPTO \ - ) > 1) -# error "Enable only one of 'SCP'" -#endif - - -/** FIPS : Enable or disable FIPS - * - * This selection mostly impacts tests, and generally not the actual Middleware - */ - -/** NO FIPS */ -#define SSS_HAVE_FIPS_NONE 1 - -/** SE050 IC FIPS */ -#define SSS_HAVE_FIPS_SE050 0 - -/** FIPS 140-2 */ -#define SSS_HAVE_FIPS_140_2 0 - -/** FIPS 140-3 */ -#define SSS_HAVE_FIPS_140_3 0 - -#if (( 0 \ - + SSS_HAVE_FIPS_NONE \ - + SSS_HAVE_FIPS_SE050 \ - + SSS_HAVE_FIPS_140_2 \ - + SSS_HAVE_FIPS_140_3 \ - ) > 1) -# error "Enable only one of 'FIPS'" -#endif - - -#if (( 0 \ - + SSS_HAVE_FIPS_NONE \ - + SSS_HAVE_FIPS_SE050 \ - + SSS_HAVE_FIPS_140_2 \ - + SSS_HAVE_FIPS_140_3 \ - ) == 0) -# error "Enable at-least one of 'FIPS'" -#endif - - - -/** SBL : Enable/Disable SBL Bootable support - * - * This option is to enable/disable boot from SBL by switching linker address - */ - -/** Not SBL bootable */ -#define SSS_HAVE_SBL_NONE 1 - -/** SE050 based LPC55S SBL bootable */ -#define SSS_HAVE_SBL_SBL_LPC55S 0 - -#if (( 0 \ - + SSS_HAVE_SBL_NONE \ - + SSS_HAVE_SBL_SBL_LPC55S \ - ) > 1) -# error "Enable only one of 'SBL'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SBL_NONE \ - + SSS_HAVE_SBL_SBL_LPC55S \ - ) == 0) -# error "Enable at-least one of 'SBL'" -#endif - - - -/** SE05X_Auth : SE050 Authentication - * - * This settings is used by examples to connect using various options - * to authenticate with the Applet. - * The SE05X_Auth options can be changed for KSDK Demos and Examples. - * To change SE05X_Auth option follow below steps. - * Set flag ``SSS_HAVE_SCP_SCP03_SSS`` to 1 and Reset flag ``SSS_HAVE_SCP_NONE`` to 0. - * To change SE05X_Auth option other than ``None`` and ``PlatfSCP03``, - * execute se05x_Delete_and_test_provision.exe in order to provision the Authentication Key. - * To change SE05X_Auth option to ``ECKey`` or ``ECKey_PlatfSCP03``, - * Set additional flag ``SSS_HAVE_HOSTCRYPTO_ANY`` to 1. - */ - -/** Use the default session (i.e. session less) login */ -#define SSS_HAVE_SE05X_AUTH_NONE 1 - -/** Do User Authentication with UserID */ -#define SSS_HAVE_SE05X_AUTH_USERID 0 - -/** Use Platform SCP for connection to SE */ -#define SSS_HAVE_SE05X_AUTH_PLATFSCP03 0 - -/** Do User Authentication with AES Key - * Earlier this was called AppletSCP03 */ -#define SSS_HAVE_SE05X_AUTH_AESKEY 0 - -/** Do User Authentication with EC Key - * Earlier this was called FastSCP */ -#define SSS_HAVE_SE05X_AUTH_ECKEY 0 - -/** UserID and PlatfSCP03 */ -#define SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03 0 - -/** AESKey and PlatfSCP03 */ -#define SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03 0 - -/** ECKey and PlatfSCP03 */ -#define SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03 0 - -#if (( 0 \ - + SSS_HAVE_SE05X_AUTH_NONE \ - + SSS_HAVE_SE05X_AUTH_USERID \ - + SSS_HAVE_SE05X_AUTH_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY \ - + SSS_HAVE_SE05X_AUTH_ECKEY \ - + SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03 \ - ) > 1) -# error "Enable only one of 'SE05X_Auth'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SE05X_AUTH_NONE \ - + SSS_HAVE_SE05X_AUTH_USERID \ - + SSS_HAVE_SE05X_AUTH_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY \ - + SSS_HAVE_SE05X_AUTH_ECKEY \ - + SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03 \ - ) == 0) -# error "Enable at-least one of 'SE05X_Auth'" -#endif - - - -/** A71CH_AUTH : A71CH Authentication - * - * This settings is used by SSS-API based examples to connect using either plain or authenticated to the A71CH. - */ - -/** Plain communication, not authenticated or encrypted */ -#define SSS_HAVE_A71CH_AUTH_NONE 1 - -/** SCP03 enabled */ -#define SSS_HAVE_A71CH_AUTH_SCP03 0 - -#if (( 0 \ - + SSS_HAVE_A71CH_AUTH_NONE \ - + SSS_HAVE_A71CH_AUTH_SCP03 \ - ) > 1) -# error "Enable only one of 'A71CH_AUTH'" -#endif - - -#if (( 0 \ - + SSS_HAVE_A71CH_AUTH_NONE \ - + SSS_HAVE_A71CH_AUTH_SCP03 \ - ) == 0) -# error "Enable at-least one of 'A71CH_AUTH'" -#endif - - -/* ====================================================================== * - * == Feature selection/values ========================================== * - * ====================================================================== */ - - -/** SE05X Secure Element : Symmetric AES */ -#define SSSFTR_SE05X_AES 1 - -/** SE05X Secure Element : Elliptic Curve Cryptography */ -#define SSSFTR_SE05X_ECC 1 - -/** SE05X Secure Element : RSA */ -#define SSSFTR_SE05X_RSA 1 - -/** SE05X Secure Element : KEY operations : SET Key */ -#define SSSFTR_SE05X_KEY_SET 1 - -/** SE05X Secure Element : KEY operations : GET Key */ -#define SSSFTR_SE05X_KEY_GET 1 - -/** SE05X Secure Element : Authenticate via ECKey */ -#define SSSFTR_SE05X_AuthECKey 1 - -/** SE05X Secure Element : Allow creation of user/authenticated session. - * - * If the intended deployment only uses Platform SCP - * Or it is a pure session less integration, this can - * save some code size. */ -#define SSSFTR_SE05X_AuthSession 0 - -/** SE05X Secure Element : Allow creation/deletion of Crypto Objects - * - * If disabled, new Crytpo Objects are neither created and - * old/existing Crypto Objects are not deleted. - * It is assumed that during provisioning phase, the required - * Crypto Objects are pre-created or they are never going to - * be needed. */ -#define SSSFTR_SE05X_CREATE_DELETE_CRYPTOOBJ 1 - -/** Software : Symmetric AES */ -#define SSSFTR_SW_AES 1 - -/** Software : Elliptic Curve Cryptography */ -#define SSSFTR_SW_ECC 1 - -/** Software : RSA */ -#define SSSFTR_SW_RSA 1 - -/** Software : KEY operations : SET Key */ -#define SSSFTR_SW_KEY_SET 1 - -/** Software : KEY operations : GET Key */ -#define SSSFTR_SW_KEY_GET 1 - -/** Software : Used as a test counterpart - * - * e.g. Major part of the mebdTLS SSS layer is purely used for - * testing of Secure Element implementation, and can be avoided - * fully during many production scenarios. */ -#define SSSFTR_SW_TESTCOUNTERPART 1 - -/* ====================================================================== * - * == Computed Options ================================================== * - * ====================================================================== */ - -/** Symmetric AES */ -#define SSSFTR_AES (SSSFTR_SE05X_AES + SSSFTR_SW_AES) -/** Elliptic Curve Cryptography */ -#define SSSFTR_ECC (SSSFTR_SE05X_ECC + SSSFTR_SW_ECC) -/** RSA */ -#define SSSFTR_RSA (SSSFTR_SE05X_RSA + SSSFTR_SW_RSA) -/** KEY operations : SET Key */ -#define SSSFTR_KEY_SET (SSSFTR_SE05X_KEY_SET + SSSFTR_SW_KEY_SET) -/** KEY operations : GET Key */ -#define SSSFTR_KEY_GET (SSSFTR_SE05X_KEY_GET + SSSFTR_SW_KEY_GET) -/** KEY operations */ -#define SSSFTR_KEY (SSSFTR_KEY_SET + SSSFTR_KEY_GET) -/** KEY operations */ -#define SSSFTR_SE05X_KEY (SSSFTR_SE05X_KEY_SET + SSSFTR_SE05X_KEY_GET) -/** KEY operations */ -#define SSSFTR_SW_KEY (SSSFTR_SW_KEY_SET + SSSFTR_SW_KEY_GET) - - -#define SSS_HAVE_APPLET \ - (SSS_HAVE_APPLET_A71CH | SSS_HAVE_APPLET_A71CL | SSS_HAVE_APPLET_A71CH_SIM | SSS_HAVE_APPLET_SE05X_A | SSS_HAVE_APPLET_SE05X_B | SSS_HAVE_APPLET_SE05X_C | SSS_HAVE_APPLET_SE05X_L | SSS_HAVE_APPLET_LOOPBACK) - -#define SSS_HAVE_APPLET_SE05X_IOT \ - (SSS_HAVE_APPLET_SE05X_A | SSS_HAVE_APPLET_SE05X_B | SSS_HAVE_APPLET_SE05X_C) - -#define SSS_HAVE_MBEDTLS_ALT \ - (SSS_HAVE_MBEDTLS_ALT_SSS | SSS_HAVE_MBEDTLS_ALT_A71CH) - -#define SSS_HAVE_HOSTCRYPTO_ANY \ - (SSS_HAVE_HOSTCRYPTO_MBEDTLS | SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO | SSS_HAVE_HOSTCRYPTO_OPENSSL | SSS_HAVE_HOSTCRYPTO_USER) - -#define SSS_HAVE_FIPS \ - (SSS_HAVE_FIPS_SE050 | SSS_HAVE_FIPS_140_2 | SSS_HAVE_FIPS_140_3) - - -/* Version checks GTE - Greater Than Or Equal To */ -#if SSS_HAVE_APPLET_SE05X_IOT -# if SSS_HAVE_SE05X_VER_06_00 -# define SSS_HAVE_SE05X_VER_GTE_06_00 1 -# define SSS_HAVE_SE05X_VER_GTE_03_XX 1 -# endif /* SSS_HAVE_SE05X_VER_06_00 */ -# if SSS_HAVE_SE05X_VER_03_XX -# define SSS_HAVE_SE05X_VER_GTE_06_00 0 -# define SSS_HAVE_SE05X_VER_GTE_03_XX 1 -# endif /* SSS_HAVE_SE05X_VER_03_XX */ -#else //SSS_HAVE_APPLET_SE05X_IOT -# define SSS_HAVE_SE05X_VER_GTE_03_XX 0 -# define SSS_HAVE_SE05X_VER_GTE_06_00 0 -#endif // SSS_HAVE_APPLET_SE05X_IOT -/** Deprecated items. Used here for backwards compatibility. */ - -#define WithApplet_SE05X (SSS_HAVE_APPLET_SE05X_IOT) -#define WithApplet_SE050_A (SSS_HAVE_APPLET_SE05X_A) -#define WithApplet_SE050_B (SSS_HAVE_APPLET_SE05X_B) -#define WithApplet_SE050_C (SSS_HAVE_APPLET_SE05X_C) -#define SSS_HAVE_SE050_A (SSS_HAVE_APPLET_SE05X_A) -#define SSS_HAVE_SE050_B (SSS_HAVE_APPLET_SE05X_B) -#define SSS_HAVE_SE050_C (SSS_HAVE_APPLET_SE05X_C) -#define SSS_HAVE_SE05X (SSS_HAVE_APPLET_SE05X_IOT) -#define SSS_HAVE_SE (SSS_HAVE_APPLET) -#define SSS_HAVE_LOOPBACK (SSS_HAVE_APPLET_LOOPBACK) -#define SSS_HAVE_ALT (SSS_HAVE_MBEDTLS_ALT) -#define WithApplet_None (SSS_HAVE_APPLET_NONE) -#define SSS_HAVE_None (SSS_HAVE_APPLET_NONE) -#define WithApplet_A71CH (SSS_HAVE_APPLET_A71CH) -#define SSS_HAVE_A71CH (SSS_HAVE_APPLET_A71CH) -#define WithApplet_A71CL (SSS_HAVE_APPLET_A71CL) -#define SSS_HAVE_A71CL (SSS_HAVE_APPLET_A71CL) -#define WithApplet_A71CH_SIM (SSS_HAVE_APPLET_A71CH_SIM) -#define SSS_HAVE_A71CH_SIM (SSS_HAVE_APPLET_A71CH_SIM) -#define WithApplet_SE05X_A (SSS_HAVE_APPLET_SE05X_A) -#define SSS_HAVE_SE05X_A (SSS_HAVE_APPLET_SE05X_A) -#define WithApplet_SE05X_B (SSS_HAVE_APPLET_SE05X_B) -#define SSS_HAVE_SE05X_B (SSS_HAVE_APPLET_SE05X_B) -#define WithApplet_SE05X_C (SSS_HAVE_APPLET_SE05X_C) -#define SSS_HAVE_SE05X_C (SSS_HAVE_APPLET_SE05X_C) -#define WithApplet_SE05X_L (SSS_HAVE_APPLET_SE05X_L) -#define SSS_HAVE_SE05X_L (SSS_HAVE_APPLET_SE05X_L) -#define WithApplet_LoopBack (SSS_HAVE_APPLET_LOOPBACK) -#define SSS_HAVE_LoopBack (SSS_HAVE_APPLET_LOOPBACK) -#define SSS_HAVE_MBEDTLS (SSS_HAVE_HOSTCRYPTO_MBEDTLS) -#define SSS_HAVE_MBEDCRYPTO (SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO) -#define SSS_HAVE_OPENSSL (SSS_HAVE_HOSTCRYPTO_OPENSSL) -#define SSS_HAVE_USER (SSS_HAVE_HOSTCRYPTO_USER) -#define SSS_HAVE_NONE (SSS_HAVE_HOSTCRYPTO_NONE) -#define SSS_HAVE_ALT_SSS (SSS_HAVE_MBEDTLS_ALT_SSS) -#define SSS_HAVE_ALT_A71CH (SSS_HAVE_MBEDTLS_ALT_A71CH) -#define SSS_HAVE_ALT_NONE (SSS_HAVE_MBEDTLS_ALT_NONE) -#define SSS_HAVE_SE05X_Auth_None (SSS_HAVE_SE05X_AUTH_NONE) -#define SSS_HAVE_SE05X_Auth_UserID (SSS_HAVE_SE05X_AUTH_USERID) -#define SSS_HAVE_SE05X_Auth_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_PLATFSCP03) -#define SSS_HAVE_SE05X_Auth_AESKey (SSS_HAVE_SE05X_AUTH_AESKEY) -#define SSS_HAVE_SE05X_Auth_ECKey (SSS_HAVE_SE05X_AUTH_ECKEY) -#define SSS_HAVE_SE05X_Auth_UserID_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03) -#define SSS_HAVE_SE05X_Auth_AESKey_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03) -#define SSS_HAVE_SE05X_Auth_ECKey_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03) - -/* # CMake Features : END */ - -/* ========= Miscellaneous values : START =================== */ - -/* ECC Mode is available */ -#define SSS_HAVE_ECC 1 - -/* RSA is available */ -#define SSS_HAVE_RSA 1 - -/* TPM BARRETO_NAEHRIG Curve is enabled */ -#define SSS_HAVE_TPM_BN 1 - -/* Edwards Curve is enabled */ -#define SSS_HAVE_EC_ED 1 - -/* Montgomery Curve is enabled */ -#define SSS_HAVE_EC_MONT 1 - -/* MIFARE DESFire is enabled */ -#define SSS_HAVE_MIFARE_DESFIRE 1 - -/* PBKDF2 is enabled */ -#define SSS_HAVE_PBKDF2 1 - -/* TLS handshake support on SE is enabled */ -#define SSS_HAVE_TLS_HANDSHAKE 1 - -/* Import Export Key is enabled */ -#define SSS_HAVE_IMPORT 1 - -/* With NXP NFC Reader Library */ -#define SSS_HAVE_NXPNFCRDLIB 0 - -#define SSS_HAVE_A71XX \ - (SSS_HAVE_APPLET_A71CH | SSS_HAVE_APPLET_A71CH_SIM) - -#define SSS_HAVE_SSCP (SSS_HAVE_A71XX) - -/* For backwards compatibility */ -#define SSS_HAVE_TESTCOUNTERPART (SSSFTR_SW_TESTCOUNTERPART) - -/* ========= Miscellaneous values : END ===================== */ - -/* ========= Calculated values : START ====================== */ - -/* Should we expose, SSS APIs */ -#define SSS_HAVE_SSS ( 0 \ - + SSS_HAVE_SSCP \ - + SSS_HAVE_APPLET_SE05X_IOT \ - + SSS_HAVE_HOSTCRYPTO_OPENSSL \ - + SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO \ - + SSS_HAVE_HOSTCRYPTO_MBEDTLS \ - + SSS_HAVE_HOSTCRYPTO_USER \ - ) - -/* MBEDCRYPTO is superset of MBEDTLS and exposing that way */ -#if SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO -# undef SSS_HAVE_MBEDTLS -# undef SSS_HAVE_HOSTCRYPTO_MBEDTLS - -# define SSS_HAVE_MBEDTLS 1 -# define SSS_HAVE_HOSTCRYPTO_MBEDTLS 1 -#endif // SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO - -#if SSS_HAVE_HOSTCRYPTO_NONE -# undef SSSFTR_SE05X_AuthSession -# define SSSFTR_SE05X_AuthSession 0 -#endif - -/* Montgomery curves is not supported in SE05X_A*/ -#if SSS_HAVE_APPLET_SE05X_A -# undef SSS_HAVE_EC_MONT -# define SSS_HAVE_EC_MONT 0 -/* ED is not supported in SE050_A */ -#if SSS_HAVE_SE05X_VER_03_XX -# undef SSS_HAVE_EC_ED -# define SSS_HAVE_EC_ED 0 -#endif -#endif - -#if SSS_HAVE_RSA -# define SSS_HAVE_RSA_4K 1 -#endif - -#if SSS_HAVE_ECC -# define SSS_HAVE_EC_NIST_192 1 -# define SSS_HAVE_EC_NIST_224 1 -# define SSS_HAVE_EC_NIST_256 1 -# define SSS_HAVE_EC_NIST_384 1 -# define SSS_HAVE_EC_NIST_521 1 -# define SSS_HAVE_EC_BP 1 -# define SSS_HAVE_EC_NIST_K 1 -# define SSS_HAVE_ECDAA 1 -# define SSS_HAVE_EDDSA 1 -#if SSS_HAVE_APPLET_SE05X_A -# undef SSS_HAVE_ECDAA -# undef SSS_HAVE_EDDSA -# define SSS_HAVE_ECDAA 0 -# define SSS_HAVE_EDDSA 0 -#endif -#endif - -#if SSS_HAVE_APPLET -#define SSS_HAVE_HASH_1 1 -#define SSS_HAVE_HASH_224 1 -#define SSS_HAVE_HASH_512 1 -#endif - - -/* ========= Calculated values : END ======================== */ - -/* clang-format on */ - -#endif /* SSS_APIS_INC_FSL_SSS_FTR_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/Applet_SE050_Ver.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/Applet_SE050_Ver.h deleted file mode 100644 index 51aaf715b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/Applet_SE050_Ver.h +++ /dev/null @@ -1,114 +0,0 @@ -/* -* -* Copyright 2019,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef APPLET_SE050_VERSION_INFO_H_INCLUDED -#define APPLET_SE050_VERSION_INFO_H_INCLUDED - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -/* clang-format off */ -//#define APPLET_SE050_PROD_NAME "Applet_SE050" -//#define APPLET_SE050_VER_STRING_NUM "v03.01.00" -//#define APPLET_SE050_PROD_NAME_VER_FULL "Applet_SE050_v03.01.00" - -#if SSS_HAVE_SE05X_VER_04_04 == 1 -# define APPLET_SE050_VER_MAJOR (4u) -# define APPLET_SE050_VER_MINOR (4u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_04_08 == 1 -# define APPLET_SE050_VER_MAJOR (4u) -# define APPLET_SE050_VER_MINOR (8u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_04_12 == 1 -# define APPLET_SE050_VER_MAJOR (4u) -# define APPLET_SE050_VER_MINOR (12u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_05_00 == 1 -# define APPLET_SE050_VER_MAJOR (5u) -# define APPLET_SE050_VER_MINOR (0u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_05_02 == 1 -# define APPLET_SE050_VER_MAJOR (5u) -# define APPLET_SE050_VER_MINOR (2u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_05_04 == 1 -# define APPLET_SE050_VER_MAJOR (5u) -# define APPLET_SE050_VER_MINOR (4u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_05_08 == 1 -# define APPLET_SE050_VER_MAJOR (5u) -# define APPLET_SE050_VER_MINOR (8u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_05_10 == 1 -# define APPLET_SE050_VER_MAJOR (5u) -# define APPLET_SE050_VER_MINOR (10u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_05_12 == 1 -# define APPLET_SE050_VER_MAJOR (5u) -# define APPLET_SE050_VER_MINOR (12u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_SE05X_VER_06_00 == 1 -# define APPLET_SE050_VER_MAJOR (6u) -# define APPLET_SE050_VER_MINOR (0u) -# define APPLET_SE050_VER_DEV (0u) -#elif SSS_HAVE_FIPS -# define APPLET_SE050_VER_MAJOR (3u) -# define APPLET_SE050_VER_MINOR (6u) -# define APPLET_SE050_VER_DEV (0u) -#else -# define APPLET_SE050_VER_MAJOR (3u) -# define APPLET_SE050_VER_MINOR (1u) -# define APPLET_SE050_VER_DEV (0u) -# define APPLET_SE050_VER_DEV_PATCH1 (1u) /* Allow this as well */ -#endif - - -/* v03.01 = 30001u */ -#define APPLET_SE050_VER_MAJOR_MINOR ( 0 \ - | (APPLET_SE050_VER_MAJOR * 10000u) \ - | (APPLET_SE050_VER_MINOR)) - -/* v03.01.00 = 300010000ULL */ -#define APPLET_SE050_VER_MAJOR_MINOR_DEV ( 0 \ - | (APPLET_SE050_VER_MAJOR * 10000*10000u) \ - | (APPLET_SE050_VER_MINOR * 10000u) \ - | (APPLET_SE050_VER_DEV)) - -/* clang-format on */ - -/* Version Information: - * Generated by: - * ..\..\..\scripts\version_info.py (v2019.01.17_00) - * - * Do not edit this file. Update: - * ./version_info.txt instead. - * - * - * prod_name = "Applet_SE050" - * - * prod_desc = "Applet AR6" - * - * lang_c_prefix = prod_name.upper() - * - * lang_namespace = "" - * - * v_major = "03" - * - * v_minor = "01" - * - * v_dev = "00" - * - * v_meta = "" - * - * maturity = "P" - * - */ - -#endif /* APPLET_SE050_VERSION_INFO_H_INCLUDED */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_HostLib_Ver.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_HostLib_Ver.h deleted file mode 100644 index 52d7966be..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_HostLib_Ver.h +++ /dev/null @@ -1,63 +0,0 @@ -/* Copyright 2019-2021 NXP - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -#ifndef PLUGANDTRUST_HOSTLIB_VERSION_INFO_H_INCLUDED -#define PLUGANDTRUST_HOSTLIB_VERSION_INFO_H_INCLUDED - - -/* clang-format off */ -#define PLUGANDTRUST_HOSTLIB_PROD_NAME "PlugAndTrust_HostLib" -#define PLUGANDTRUST_HOSTLIB_VER_STRING_NUM "v03.03.00_20210528" -#define PLUGANDTRUST_HOSTLIB_PROD_NAME_VER_FULL "PlugAndTrust_HostLib_v03.03.00_20210528" -#define PLUGANDTRUST_HOSTLIB_VER_MAJOR (3u) -#define PLUGANDTRUST_HOSTLIB_VER_MINOR (3u) -#define PLUGANDTRUST_HOSTLIB_VER_DEV (0u) - -/* v03.03 = 30003u */ -#define PLUGANDTRUST_HOSTLIB_VER_MAJOR_MINOR ( 0 \ - | (PLUGANDTRUST_HOSTLIB_VER_MAJOR * 10000u) \ - | (PLUGANDTRUST_HOSTLIB_VER_MINOR)) - -/* v03.03.00 = 300030000ULL */ -#define PLUGANDTRUST_HOSTLIB_VER_MAJOR_MINOR_DEV ( 0 \ - | (PLUGANDTRUST_HOSTLIB_VER_MAJOR * 10000*10000u) \ - | (PLUGANDTRUST_HOSTLIB_VER_MINOR * 10000u) \ - | (PLUGANDTRUST_HOSTLIB_VER_DEV)) - -/* clang-format on */ - - -/* Version Information: - * Generated by: - * scripts\version_info.py (v2019.01.17_00) - * - * Do not edit this file. Update: - * hostlib/version_info.txt instead. - * - * - * prod_name = "PlugAndTrust_HostLib" - * - * prod_desc = "Host Library" - * - * lang_c_prefix = prod_name.upper() - * - * lang_namespace = "" - * - * v_major = "03" - * - * v_minor = "03" - * - * v_dev = "00" - * - * v_meta = "" - * - * maturity = "B" - * - * - */ - -#endif /* PLUGANDTRUST_HOSTLIB_VERSION_INFO_H_INCLUDED */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_Pkg_Ver.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_Pkg_Ver.h deleted file mode 100644 index 619970855..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/PlugAndTrust_Pkg_Ver.h +++ /dev/null @@ -1,62 +0,0 @@ -/* Copyright 2019-2021 NXP - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -#ifndef PLUGANDTRUST_VERSION_INFO_H_INCLUDED -#define PLUGANDTRUST_VERSION_INFO_H_INCLUDED - - -/* clang-format off */ -#define PLUGANDTRUST_PROD_NAME "PlugAndTrust" -#define PLUGANDTRUST_VER_STRING_NUM "v03.03.00_20210528" -#define PLUGANDTRUST_PROD_NAME_VER_FULL "PlugAndTrust_v03.03.00_20210528" -#define PLUGANDTRUST_VER_MAJOR (3u) -#define PLUGANDTRUST_VER_MINOR (3u) -#define PLUGANDTRUST_VER_DEV (0u) - -/* v03.03 = 30003u */ -#define PLUGANDTRUST_VER_MAJOR_MINOR ( 0 \ - | (PLUGANDTRUST_VER_MAJOR * 10000u) \ - | (PLUGANDTRUST_VER_MINOR)) - -/* v03.03.00 = 300030000ULL */ -#define PLUGANDTRUST_VER_MAJOR_MINOR_DEV ( 0 \ - | (PLUGANDTRUST_VER_MAJOR * 10000*10000u) \ - | (PLUGANDTRUST_VER_MINOR * 10000u) \ - | (PLUGANDTRUST_VER_DEV)) - -/* clang-format on */ - - -/* Version Information: - * Generated by: - * scripts\version_info.py (v2019.01.17_00) - * - * Do not edit this file. Update: - * ./version_info.txt instead. - * - * prod_name = "PlugAndTrust" - * - * prod_desc = "Plug And Trust Package" - * - * lang_c_prefix = prod_name.upper() - * - * lang_namespace = "" - * - * v_major = "03" - * - * v_minor = "03" - * - * v_dev = "00" - * - * # Develop Branch - * v_meta = "" - * - * maturity = "B" - * - */ - -#endif /* PLUGANDTRUST_VERSION_INFO_H_INCLUDED */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxEnsure.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxEnsure.h deleted file mode 100644 index a58a75f22..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxEnsure.h +++ /dev/null @@ -1,279 +0,0 @@ -/* -* -* Copyright 2019 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -/** @file - * - * @addtogroup param_check - * - * @{ - * - * nxEnsure.h: Helper parameter assertion check macros. - * - * Pre Condition: The source file must have included nxLog - * header file. - * - * Project: SecureIoTMW - * - * - */ - -#ifndef HOSTLIB_HOSTLIB_INC_NXENSURE_H_ -#define HOSTLIB_HOSTLIB_INC_NXENSURE_H_ - -/* ***************************************************************************************************************** - * Includes - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * MACROS/Defines - * ***************************************************************************************************************** */ - -/** Build time over-ride if we want to enable/disable Warning Prints - * - * During debug builds, it makes sense to print them, - * During retail builds, such loggings would be of any use and remove and reduce code size. - * - */ -#ifndef NX_ENSURE_DO_LOG_MESSAGE -#define NX_ENSURE_DO_LOG_MESSAGE 1 -#endif /* NX_ENSURE_DO_LOG_MESSAGE */ - -/** - * @brief Waring print of the parameter ``strCONDITION`` - * - * @warning NX_ENSURE_MESSAGE is an internal message/API to this file. - * Do not use directly. - * - */ -#if NX_ENSURE_DO_LOG_MESSAGE -# define NX_ENSURE_MESSAGE(strCONDITION) \ - LOG_W("nxEnsure:'" strCONDITION "' failed. At Line:%d Function:%s", __LINE__, __FUNCTION__) -#else /* NX_ENSURE_DO_LOG_MESSAGE */ -# define NX_ENSURE_MESSAGE(strCONDITION) /* No Message */ -#endif /* NX_ENSURE_DO_LOG_MESSAGE */ - -/** - * @brief Waring print of the parameter ``strCONDITION`` - * - * @warning NX_ENSURE_MESSAGE is an internal message/API to this file. - * Do not use directly. - * - */ -#if NX_ENSURE_DO_LOG_MESSAGE -# define NX_ENSURE_MESSAGE(strCONDITION) \ - LOG_W("nxEnsure:'" strCONDITION "' failed. At Line:%d Function:%s", __LINE__, __FUNCTION__) -#else /* NX_ENSURE_DO_LOG_MESSAGE */ -# define NX_ENSURE_MESSAGE(strCONDITION) /* No Message */ -#endif /* NX_ENSURE_DO_LOG_MESSAGE */ - -/** If condition fails, goto :cleanup label - * - * @code{.c} - * - * { - * ... - * - * status = Operation1(); - * ENSURE_OR_GO_CLEANUP(0 == status); - * - * status = Operation2(); - * ENSURE_OR_GO_CLEANUP(0 == status); - * - * ... - * - * cleanup: - * return status; - * } - * - * @endcode - * - */ -#define ENSURE_OR_GO_CLEANUP(CONDITION) \ - if (!(CONDITION)) { \ - NX_ENSURE_MESSAGE(#CONDITION); \ - goto cleanup; \ - } - -/** If condition fails, goto :exit label - * - * @code{.c} - * - * { - * ... - * - * status = Operation1(); - * ENSURE_OR_GO_EXIT(0 == status); - * - * status = Operation2(); - * ENSURE_OR_GO_EXIT(0 == status); - * - * ... - * - * exit: - * return status; - * } - * - * @endcode - * - */ -#define ENSURE_OR_GO_EXIT(CONDITION) \ - if (!(CONDITION)) { \ - NX_ENSURE_MESSAGE(#CONDITION); \ - goto exit; \ - } - -/** If condition fails, break. - * - * Sample Usage: - * - * @code{.c} - * - * int SomeAPI() - * { - * ... - * - * do { - * status = Operation1(); - * ENSURE_OR_BREAK(0 == status); - * - * status = Operation2(); - * ENSURE_OR_BREAK(0 == status); - * - * ... - * - * } while(0); - * - * return status; - * } - * - * @endcode - * - */ -#define ENSURE_OR_BREAK(CONDITION) \ - if (!(CONDITION)) { \ - NX_ENSURE_MESSAGE(#CONDITION); \ - break; \ - } - -/** If condition fails, return - * - * - * @code{.c} - * - * void SomeAPI() - * { - * ... - * - * status = Operation1(); - * ENSURE_OR_RETURN(0 == status); - * - * status = Operation2(); - * ENSURE_OR_RETURN(0 == status); - * - * ... - * - * return; - * } - * - * @endcode - * - * @warning This macro introduces system of mutliple - * returns from a function which is not - * easy to debug/trace through and hence - * not recommended. - * - */ -#define ENSURE_OR_RETURN(CONDITION) \ - if (!(CONDITION)) { \ - NX_ENSURE_MESSAGE(#CONDITION); \ - return; \ - } - -/** If condition fails, return - * - * - * @code{.c} - * - * int SomeAPI() - * { - * ... - * - * status = Operation1(); - * ENSURE_OR_RETURN_ON_ERROR(0 == status, ERR_FAIL); - * - * status = Operation2(); - * ENSURE_OR_RETURN_ON_ERROR(0 == status, ERR_NOT_ENOUGH_SPACE); - * - * ... - * - * return 0; - * } - * - * @endcode - * - * @warning This macro introduces system of mutliple - * returns from a function which is not - * easy to debug/trace through and hence - * not recommended. - * - */ -#define ENSURE_OR_RETURN_ON_ERROR(CONDITION, RETURN_VALUE) \ - if (!(CONDITION)) { \ - NX_ENSURE_MESSAGE(#CONDITION); \ - return RETURN_VALUE; \ - } - -/** If condition fails, goto quit with return value status updated. - * - * - * @code{.c} - * - * int SomeAPI() - * { - int status = 0; - * ... - * - * value = Operation1(); - * ENSURE_OR_QUIT_WITH_STATUS_ON_ERROR(0 == value, status, ERR_FAIL); - * - * value = Operation2(); - * ENSURE_OR_QUIT_WITH_STATUS_ON_ERROR(0 == value, status, ERR_NOT_ENOUGH_SPACE); - * - * ... - * quit: - * return status; - * } - * - * @endcode - * - * @warning This macro introduces system of mutliple - * returns from a function which is not - * easy to debug/trace through and hence - * not recommended. - * - */ -#define ENSURE_OR_EXIT_WITH_STATUS_ON_ERROR(CONDITION, STATUS, RETURN_VALUE) \ - if (!(CONDITION)) { \ - NX_ENSURE_MESSAGE(#CONDITION); \ - STATUS = RETURN_VALUE; \ - goto exit; \ - } - -/* ***************************************************************************************************************** - * Types/Structure Declarations - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Extern Variables - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Function Prototypes - * ***************************************************************************************************************** */ - -/** @} */ - -#endif /* HOSTLIB_HOSTLIB_INC_NXENSURE_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Apis.h deleted file mode 100644 index a37357e3f..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Apis.h +++ /dev/null @@ -1,90 +0,0 @@ -/* -* -* Copyright 2018 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef NXSCP03_APIS_H_ -#define NXSCP03_APIS_H_ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "nxScp03_Types.h" -#include "nxScp03_Const.h" - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** -* To Secure the on going communicatation -*/ - -/** -* To Verify SE -*/ -sss_status_t nxScp03_HostLocal_VerifyCardCryptogram( - sss_object_t *keyObj, uint8_t *hostChallenge, uint8_t *cardChallenge, uint8_t *cardCryptogram); - -/** -* To Verify Host -*/ -sss_status_t nxScp03_HostLocal_CalculateHostCryptogram( - sss_object_t *keyObj, uint8_t *hostChallenge, uint8_t *cardChallenge, uint8_t *hostCryptogram); - -/** -* To sending secure Command APDU -*/ -sss_status_t nxSCP03_Encrypt_CommandAPDU( - NXSCP03_DynCtx_t *pdySCP03SessCtx, uint8_t *cmdBuf, size_t *cmdBufLen); -/** -* To provide additional Security with MAC as CRC -*/ -sss_status_t nxpSCP03_CalculateMac_CommandAPDU( - NXSCP03_DynCtx_t *pdySCP03SessCtx, uint8_t *pCmdBuf, size_t pCmdBufLen, uint8_t *mac, size_t *macLen); - -/** -* To get Plain Response APDU -*/ -uint16_t nxpSCP03_Decrypt_ResponseAPDU( - NXSCP03_DynCtx_t *pdySCP03SessCtx, size_t cmdBufLen, uint8_t *rspBuf, size_t *pRspBufLen, uint8_t hasle); - -/* -* To set the derivation data -*/ -void nxScp03_setDerivationData( - uint8_t ddA[], uint16_t *pDdALen, uint8_t ddConstant, uint16_t ddL, uint8_t iCounter, uint8_t *context, uint16_t contextLen); - -/** -* To Generate Session Keys -*/ -sss_status_t nxScp03_Generate_SessionKey( - sss_object_t *keyObj, uint8_t *inData, uint32_t inDataLen, uint8_t *outSignature, uint32_t *outSignatureLen); - -/** -* To Maintain count of commands -*/ -void nxpSCP03_Inc_CommandCounter(NXSCP03_DynCtx_t *pdySCP03SessCtx); - -#ifdef __cplusplus -} /* extern "c"*/ -#endif - -#endif /* NXSCP03_APIS_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Const.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Const.h deleted file mode 100644 index 26890fa45..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Const.h +++ /dev/null @@ -1,97 +0,0 @@ -/* -* -* Copyright 2018 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef NXSCP03_CONST_H_ -#define NXSCP03_CONST_H_ -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#define SCP_GP_IU_KEY_DIV_DATA_LEN 10 //!< SCP GP Init Update key Div length -#define SCP_GP_IU_KEY_INFO_LEN 3 //!< SCP GP Init Update key info length -#define SCP_GP_CARD_CHALLENGE_LEN 8 //!< SCP GP Card Challenge length -#define SCP_GP_HOST_CHALLENGE_LEN 8 //!< SCP GP Host Challenge length -#define SCP_GP_IU_CARD_CRYPTOGRAM_LEN 8 //!< SCP GP Card Cryptogram length -#define SCP_GP_IU_SEQ_COUNTER_LEN 3 //!< SCP GP Init Update Sequence Counter length -#define SCP_GP_SW_LEN 2 //!< SCP Status Word length -#define CRYPTO_KEY_CHECK_LEN (3) //!< SCP key check length - -#define ASN_ECC_NIST_256_HEADER_LEN 26 -#define KEY_PARAMETER_REFERENCE_TAG 0xF0 -#define KEY_PARAMETER_REFERENCE_VALUE_LEN 0x01 // Fixed for Nist256key -#define KEY_PARAMETER_REFERENCE_VALUE 0x03 // key parameter value need to check in the spec it is 00 -#define GPCS_KEY_TYPE_ECC_NIST256 0xB0 -#define GPCS_KEY_TYPE_AES 0x88 -#define GPCS_KEY_LEN_AES 16 - -#define SCP_ID 0xAB -#define SCP_CONFIG 0x01 - -#define SCP_MCV_LEN 16 // MAC Chaining Length - -#define CLA_ISO7816 (0x00) //!< ISO7816-4 defined CLA byte -#define CLA_GP_7816 (0x80) //!< GP 7816-4 defined CLA byte -#define CLA_GP_SECURITY_BIT (0x04) //!< GP CLA Security bit - -#define INS_GP_INITIALIZE_UPDATE (0x50) //!< Global platform defined instruction -#define INS_GP_EXTERNAL_AUTHENTICATE (0x82) //!< Global platform defined instruction -#define INS_GP_SELECT (0xA4) //!< Global platform defined instruction -#define INS_GP_PUT_KEY (0xD8) //!< Global platform defined instruction -#define INS_GP_INTERNAL_AUTHENTICATE (0x88) //!< Global platform defined instruction -#define INS_GP_GET_DATA (0xCA) //!< Global platform defined instruction -#define P1_GP_GET_DATA (0xBF) //!< Global platform defined instruction -#define P2_GP_GET_DATA (0x21) //!< Global platform defined instruction - -/* Sizes used in SCP */ -#define AES_KEY_LEN_nBYTE (16) //!< AES key length - -#define SCP_KEY_SIZE (16) -#define SCP_CMAC_SIZE (16) // length of the CMAC calculated (and used as MAC chaining value) -#define SCP_IV_SIZE (16) // length of the Inital Vector -#define SCP_COMMAND_MAC_SIZE (8) // length of the MAC appended in the APDU payload (8 'MSB's) - -#define DATA_CARD_CRYPTOGRAM (0x00) //!< Data card cryptogram -#define DATA_HOST_CRYPTOGRAM (0x01) //!< Data host cryptogram -#define DATA_DERIVATION_SENC (0x04) //!< Data Derivation to generate Sess ENC Key -#define DATA_DERIVATION_SMAC (0x06) //!< Data Derivation to generate Sess MAC Key -#define DATA_DERIVATION_SRMAC (0x07) //!< Data Derivation to generate Sess RMAC Key -#define DATA_DERIVATION_INITIAL_MCV (0x08)//!< Data Derivation to generate Initial MCV -#define DATA_DERIVATION_L_64BIT (0x0040) //!< Data Derivation length -#define DATA_DERIVATION_L_128BIT (0x0080) //!< Data Derivation length -#define DATA_DERIVATION_KDF_CTR (0x01) //!< Data Derivation counter - -#define DD_LABEL_LEN 12 //!< Data Derivation length - -/* defines used to indicate the command type */ -#define C_MAC (0x01) //!< C MAC security -#define C_ENC (0x02) //!< C ENC security -#define R_MAC (0x10) //!< R MAC security -#define R_ENC (0x20) //!< R ENC security - -#define SECLVL_CDEC_RENC_CMAC_RMAC (0x33) //!< Full security - -#define SCP_DATA_PAD_BYTE 0x80 //!< Data Pad Byte - -#define CMAC_SIZE (8) //!< CMAC Compare size - -#define SCP_OK (SW_OK) -#define SCP_UNDEFINED_CHANNEL_ID (0x7041) //!< Undefined SCP channel identifier -#define SCP_FAIL (0x7042) //!< Undefined SCP channel identifier -#define SCP_CARD_CRYPTOGRAM_FAILS_TO_VERIFY (0x7043) //!< Undefined SCP channel identifier -#define SCP_PARAMETER_ERROR (0x7044) //!< Undefined SCP channel identifier - -#define NO_C_MAC_NO_C_ENC_NO_R_MAC_NO_R_ENC 0 //!< No security requested -#define C_MAC_NO_C_ENC_R_MAC_NO_R_ENC (C_MAC | R_MAC) //!< One apply MAC'ing (Not implemented) -#define C_MAC_C_ENC_R_MAC_R_ENC (C_MAC | C_ENC | R_MAC | R_ENC) //!< Apply full security -#define SECURITY_LEVEL C_MAC_C_ENC_R_MAC_R_ENC - -#define APPLET_SCP_INIT_UPDATE_LEN 0x0D //!< Applet SCP Initialize Update Length -#define APPLET_SCP_EXT_AUTH_LEN 0x15 //!< Applet SCP External Authenticate Length - -#endif /*NXSCP03_CONST_H_*/ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Types.h deleted file mode 100644 index 0ce5df623..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/nxScp03_Types.h +++ /dev/null @@ -1,306 +0,0 @@ -/* -* -* Copyright 2018,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef NXSCP03_TYPES_H_ -#define NXSCP03_TYPES_H_ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ -#include -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_MBEDTLS -#include -#endif -#if SSS_HAVE_OPENSSL -#include -#endif -#if SSS_HAVE_HOSTCRYPTO_USER -# include -#endif - -#include "sm_api.h" -#if SSS_HAVE_SSCP -#include "fsl_sscp_a71ch.h" -#endif - -typedef enum -{ - kSSS_AuthType_None = 0, - /** Global platform SCP03 */ - kSSS_AuthType_SCP03 = 1, - /** (e.g. SE05X) UserID based connection */ - kSSS_AuthType_ID = 2, - - /** (e.g. SE05X) Use AESKey for user authentication - * - * Earlier this was called kSSS_AuthType_AppletSCP03 - */ - kSSS_AuthType_AESKey = 3, - /** (e.g. SE05X) Use ECKey for user authentication - * - * Earlier this was called kSSS_AuthType_FastSCP - */ - kSSS_AuthType_ECKey = 4, - - /* ================ Internal ======================= */ - /* Not to be selected by end user... directly */ - - /** - * Used internally, not to be set/used by user. - * - * For the versions of the applet where we have to add - * the a counter during KDF. - */ - kSSS_AuthType_INT_ECKey_Counter = 0x14, - - kSSS_SIZE = 0x7FFFFFFF, -} SE_AuthType_t; - -#define kSSS_AuthType_INT_FastSCP_Counter kSSS_AuthType_INT_ECKey_Counter -#define kSSS_AuthType_FastSCP_Counter kSSS_AuthType_INT_ECKey_Counter -#define kSSS_AuthType_FastSCP kSSS_AuthType_ECKey -#define kSSS_AuthType_AppletSCP03 kSSS_AuthType_AESKey - -/** - * Dynamic SCP03 Context. - * - * This structure is filled **after** establishing - * an SCP03 session. - */ -typedef struct -{ - sss_object_t Enc; //!< session channel encryption key - sss_object_t Mac; //!< session command authentication key - sss_object_t Rmac; //!< session response authentication key - uint8_t MCV[16]; //!< MAC chaining value - uint8_t cCounter[16]; //!< command counter - uint8_t SecurityLevel; //!< security level set - - /** Handle differnt types of auth.. PlatformSCP / AppletSCP */ - SE_AuthType_t authType; -} NXSCP03_DynCtx_t; - -/** - * Static SCP03 Context. - * - * This structure is filled **before** establishing - * an SCP03 session. - * - * Depending on system, these objects may point to keys - * inside other security system. - */ -typedef struct -{ - /** Key version no to use for chanel - authentication in SCP03 */ - uint8_t keyVerNo; - /** Encryption key object */ - sss_object_t Enc; - sss_object_t Mac; //!< static secure channel authentication key obj - sss_object_t Dek; //!< data encryption key obj -} NXSCP03_StaticCtx_t; - -/** -* Static and Dynamic Context in one Context. -* -* -* Depending on system, these objects may point to keys -* inside other security system. -*/ -typedef struct -{ - NXSCP03_StaticCtx_t *pStatic_ctx; //!< .static keys data - NXSCP03_DynCtx_t *pDyn_ctx; //!< session keys data -} NXSCP03_AuthCtx_t; - -/** Static part of keys for FAST SCP */ -typedef struct -{ - /** Host ECDSA Private key */ - sss_object_t HostEcdsaObj; - /** Host ephemeral ECC key pair */ - sss_object_t HostEcKeypair; - /** SE ECC public key */ - sss_object_t SeEcPubKey; - /** Host master Secret */ - sss_object_t masterSec; -} NXECKey03_StaticCtx_t; - -/** Keys to connect for a ECKey Connection */ -typedef struct -{ - /** The Input/Static part of the ECKey Authentication - * - * We start/initiate a session with the keys here. - */ - NXECKey03_StaticCtx_t *pStatic_ctx; - /** The Dynamic part of the ECKey Authentication - * - * We derive/compute the session keys based on the - * ``pStatic_ctx``. - */ - NXSCP03_DynCtx_t *pDyn_ctx; // session keys data -} SE05x_AuthCtx_ECKey_t; - -/** UseID / PIN baed authentication object - * - * This is required to open an UserID / PIN based session to the SE. - */ -typedef struct -{ - /** The corresponding authentication object on the Host */ - sss_object_t * pObj; -} SE05x_AuthCtx_ID_t; - - -/** Legacy, only for A71CH with Host Crypto */ -typedef struct -{ - sss_object_t pKeyEnc; //!< SSS AES Enc Key object - sss_object_t pKeyMac; //!< SSS AES Mac Key object - sss_object_t pKeyDek; //!< SSS AES Dek Key object -} SM_SECURE_SCP03_KEYOBJ; - -/** Authentication mechanims */ -typedef struct _SE_AuthCtx -{ - /** How exactly we are going to authenticat ot the system. - * - * Since ``ctx`` is a union, this is needed to know exactly how - * we are going to authenticate. - */ - - SE_AuthType_t authType; - - /** Depending on ``authType``, the input and output parameters. - * - * This has both input and output parameters. - * - * Input is for Keys that are used to initiate the connection. - * While connecting, session keys/parameters are generated and they - * are also part of this context. - * - * In any case, we connect to only one type - */ - union { - /** For PlatformSCP / Applet SCP. - * - * Same SCP context will be used for platform and applet scp03 */ - NXSCP03_AuthCtx_t scp03; - - /** For ECKey */ - SE05x_AuthCtx_ECKey_t eckey; - - /** For UserID/PIN based based Authentication */ - SE05x_AuthCtx_ID_t idobj; - - /** Legacy, only for A71CH with Host Crypto */ - SM_SECURE_SCP03_KEYOBJ a71chAuthKeys; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_AUTH_MAX_CONTEXT_SIZE]; - } extension; - } ctx; -} SE_AuthCtx_t; - -/** - * When connecting to a secure element, - * - * Extension of sss_connect_ctx_t - */ -typedef struct -{ - /** to support binary compatibility/check, sizeOfStucture helps */ - uint16_t sizeOfStucture; - /** If we need to authenticate, add required objects for authentication */ - SE_AuthCtx_t auth; - /** If some policy restrictions apply when we connect, point it here */ - sss_policy_session_u *session_policy; - - /* =================================== */ - /* Implementation specific part starts */ - /* =================================== */ - - /** If we connect logically, via some software layer */ - sss_tunnel_t *tunnelCtx; - - /** How exactly are we going to connect physically */ - SSS_Conn_Type_t connType; - - /** Connection port name for Socket names, etc. */ - const char *portName; - - /** 12C address on embedded devices. */ - U32 i2cAddress; - - /** If we need to refresh session, SE050 specific */ - uint8_t refresh_session : 1; - - /** In the case of Key Rotation, and other use cases - * where we do not select the IoT Applet and skip - * the selection of the IoT Applet. - * - * One of the use cases is to do platform SCP - * key rotation. - * - * When set to 0: - * Do not skip IoT Applet selection and run as-is. - * - * When set to 1: - * Skip selection of card manager. - * Skip selection of Applet. - * - * Internally, if there is platform SCP selected as - * Auth mechanism during compile time, the internal - * logic would Select the card manager. But, - * skip selection of the Applet. - * - */ - uint8_t skip_select_applet : 1; -} SE_Connect_Ctx_t; - -/** Wrapper strucutre sss_connect_ctx_t */ -typedef struct -{ - /** To support binary compatibility/check, sizeOfStucture helps */ - uint16_t sizeOfStucture; - /** If we need to authenticate, add required objects for authentication */ - SE_AuthCtx_t auth; - /** If some policy restrictions apply when we connect, point it here */ - sss_policy_session_u *session_policy; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_CONNECT_MAX_CONTEXT_SIZE]; - } extension; -} sss_connect_ctx_t; - -/* Deprecated */ - -#define SE05x_AuthCtx_t SE_AuthCtx_t - -#define kSE05x_AuthType_None kSSS_AuthType_None -#define kSE05x_AuthType_SCP03 kSSS_AuthType_SCP03 -#define kSE05x_AuthType_UserID kSSS_AuthType_ID -#define kSE05x_AuthType_AESKey kSSS_AuthType_AESKey -#define kSE05x_AuthType_ECKey kSSS_AuthType_ECKey - -/* For backwards compatibility */ -#define SE05x_AuthType_t SE_AuthType_t - -#endif /* NXSCP03_TYPES_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/scp.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/scp.h deleted file mode 100644 index ab59629b2..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/scp.h +++ /dev/null @@ -1,127 +0,0 @@ -/* -* -* Copyright 2016,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -/** - * @par Description - * This file defines the interface to an APDU transfer function supporting both - * communication in the clear and channel encryption. - * @par History - * - */ - -#ifndef SCP_H -#define SCP_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include "smCom.h" - -/// @cond -#define HOST_CHANNEL_STATE_IDX 0 -#define ADMIN_CHANNEL_STATE_IDX 1 - -/* Sizes used in SCP */ -#define AES_KEY_LEN_nBYTE (16) -#define DES_KEY_LEN_nBYTE (16) - -#define SCP_CRYPTOGRAM_SIZE (16) -#define SCP_CHALLENGE_SIZE (8) -#define SCP_KEY_SIZE (16) -#define SCP_CMAC_SIZE (16) // length of the CMAC calculated (and used as MAC chaining value) -#define SCP_COMMAND_MAC_SIZE (8) // length of the MAC appended in the APDU payload (8 'MSB's) - -/* defines used to indicate the command type */ -#define C_MAC (0x01) -#define C_ENC (0x02) -#define R_MAC (0x10) -#define R_ENC (0x20) - -#define SECLVL_CDEC_RENC_CMAC_RMAC (0x33) - -#define SCP02_SECLVL_CMAC (0x01) -#define SCP02_SECLVL_CDEC_CMAC (0x03) -#define SCP02_SECLVL_CDEC_CMAC_RMAC (0x13) - -#define SCP03_KEY_ID (0x01) - -#define PUT_KEYS_MULTIPLE_KEYS (0x80) -#define PUT_KEYS_KEY_TYPE_CODING_AES (0x88) -#define PUT_KEYS_KEY_IDENTIFIER ((PUT_KEYS_MULTIPLE_KEYS) | (SCP03_KEY_ID)) - -/* security levels, matching the CLA bytes for each level */ -#define SECLVL_OFF (0x80) -#define SECLVL_MAC (0xC0) -#define SECLVL_ENC (0xE0) - -#define DD_INPUT_SIZE (32) - -#define DD_OFFSET_SESSION_COUNTER (10) -#define DD_OFFSET_DD_CONSTANT (11) -#define DD_OFFSET_L_MSB (13) -#define DD_OFFSET_L_LSB (14) -#define DD_OFFSET_I (15) -#define DD_OFFSET_HOST_CHALLENGE (16) -#define DD_OFFSET_CARD_CHALLENGE (24) - -#define DATA_CARD_CRYPTOGRAM (0x00) -#define DATA_HOST_CRYPTOGRAM (0x01) -#define DATA_DERIVATION_SENC (0x04) -#define DATA_DERIVATION_SMAC (0x06) -#define DATA_DERIVATION_SRMAC (0x07) -#define DATA_DERIVATION_L_64BIT (0x0040) -#define DATA_DERIVATION_L_128BIT (0x0080) -#define DATA_DERIVATION_KDF_CTR (0x01) - -#define DD_LABEL_LEN 12 - -#define SCP_GP_IU_KEY_DIV_DATA_LEN 10 -#define SCP_GP_IU_KEY_INFO_LEN 3 -#define SCP02_GP_IU_KEY_INFO_LEN 2 -#define SCP_GP_CARD_CHALLENGE_LEN 8 -#define SCP02_GP_CARD_CHALLENGE_LEN 6 -#define SCP_GP_HOST_CHALLENGE_LEN 8 -#define SCP_GP_IU_CARD_CRYPTOGRAM_LEN 8 -#define SCP_GP_IU_SEQ_COUNTER_LEN 3 -#define SCP02_GP_IU_SEQ_COUNTER_LEN 2 -#define SCP_GP_SW_LEN 2 -#define CRYPTO_KEY_CHECK_LEN (3) - -#define SCP_MCV_LEN 16 // MAC Chaining Length -/// @endcond - -/** - * Enumerated type encoding the security level requested to be applied to the APDU. - */ -typedef enum -{ - NO_C_MAC_NO_C_ENC_NO_R_MAC_NO_R_ENC = 0, //!< No security requested - C_MAC_NO_C_ENC_R_MAC_NO_R_ENC = (C_MAC | R_MAC), //!< One apply MAC'ing (Not implemented) - C_MAC_C_ENC_R_MAC_R_ENC = (C_MAC | C_ENC | R_MAC | R_ENC) //!< Apply full security -} scp_CommandType_t; - -/** - * Exchanges APDU, applies SCP03 encryption depending on \p type parameter and on the - * authentication status of the SCP03 channel. - * - * @param[in] conn_ctx connection context - * @param[in,out] pApdu apdu_t datastructure - * @param[in] type encryption/mac request - * - * @retval ::SMCOM_OK Operation successful - * @retval ::SMCOM_SND_FAILED Send Failed - * @retval ::SMCOM_RCV_FAILED Receive Failed - * @retval ::ERR_CRYPTO_ENGINE_FAILED Failure in crypto engine - * @retval ::SCP_RSP_MAC_FAIL MAC on response failed to verify - * @retval ::SCP_DECODE_FAIL Encrypted Response did not decode to correctly padded plaintext - */ -U32 scp_Transceive(void *conn_ctx, apdu_t * pApdu, scp_CommandType_t type); - -#ifdef __cplusplus -} -#endif -#endif /* _SCP_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_const.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_const.h deleted file mode 100644 index a2a95fe11..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_const.h +++ /dev/null @@ -1,168 +0,0 @@ -/* -* -* Copyright 2019,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef FSL_SSS_SE05X_CONST_H -#define FSL_SSS_SE05X_CONST_H - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT - -#include - -#define SE05X_SESSIONID_LEN (8) - -/* See MAX_APDU_PAYLOAD_LENGTH in SE05x APDU Specifications. - * - * Using 892 so that buffer boundaries are potentially word aligned for Se050. - * Using 1024 for Se051. - * And expecting a failure from OnCard in case host sends a - * larger than expected buffer. - * Please note, depending on choice of: - * {No Auth | UserID Auth | Applet SCP | Fast SCP } - * and combination of either of above along with Platform SCP, - * there is no easy way how many Exact bytes the host can - * send to SE05x. - */ -#if SSS_HAVE_SE05X_VER_GTE_06_00 -/* SE051 MAX_APDU_PAYLOAD_LENGTH 1024 */ -#define SE05X_MAX_BUF_SIZE_CMD (1024) -#define SE05X_MAX_BUF_SIZE_RSP (1024) -#else -/* SE050 MAX_APDU_PAYLOAD_LENGTH 892 */ -#define SE05X_MAX_BUF_SIZE_CMD (892) -#define SE05X_MAX_BUF_SIZE_RSP (892) -#endif - -#define SE050_MODULE_UNIQUE_ID_LEN 18 - -#define SE05X_I2CM_MAX_BUF_SIZE_CMD (271) -#define SE05X_I2CM_MAX_BUF_SIZE_RSP (271) -#define SE05X_I2CM_MAX_TIMESTAMP_SIZE (12) -#define SE05X_I2CM_MAX_FRESHNESS_SIZE (16) -#define SE05X_I2CM_MAX_CHIP_ID_SIZE (18) - -/** How many attestation records - * - * Whle reading RSA Objects, modulus and public exporent get attested separately, */ - -#define SE05X_MAX_ATTST_DATA 2 - -#if SE05X_FTR_32BIT_CURVE_ID -#define START_SE05X_ID_CURVE_START (0x7E000000) -#else -#define START_SE05X_ID_CURVE_START (0) -#endif - -#define CIPHER_BLOCK_SIZE 16 -#define CIPHER_UPDATE_DATA_SIZE 256 -#define AEAD_BLOCK_SIZE 16 -#define BINARY_WRITE_MAX_LEN 500 - -enum Se05x_SYMM_CIPHER_MODES -{ - Se05x_SYMM_MODE_NONE = 0x00, - Se05x_SYMM_CBC = 0x01, - Se05x_SYMM_EBC = 0x02, - Se05x_SYMM_CTR = 0x08, /* For AES */ -}; - -enum Se05x_AES_PADDING -{ - Se05x_AES_PADDING_NONE = 0x00, - Se05x_AES_PAD_NOPAD = 0x01, - Se05x_AES_PAD_ISO9797_M1 = 0x02, - Se05x_AES_PAD_ISO9797_M2 = 0x03, -}; - -enum Se05x_SHA_TYPE -{ - Se05x_SHA_1 = 0x00, - Se05x_SHA_256 = 0x04, - Se05x_SHA_384 = 0x05, - Se05x_SHA_512 = 0x06, -}; - -enum Se05x_MAC_TYPE -{ - Se05x_CMAC = 0x0A, -}; - -enum Se05x_MAC_Sign_verify -{ - Se05x_MAC_Sign = 0x00, - Se05x_MAC_Verify = 0x01, -}; - -enum Se05x_I2CM_RESULT_TYPE -{ - Se05x_I2CM_RESULT_SUCCESS = 0xA5, - Se05x_I2CM_RESULT_FAILURE = 0x96 // The APDU spec defines this as 0x5A, implementation deviates! -}; - -#define MAX_OBJ_PCR_VALUE_SIZE 32 -#define MAX_POLICY_BUFFER_SIZE 256 -#define MAX_OBJ_POLICY_SIZE 47 -#define MAX_OBJ_POLICY_TYPES 6 -#define DEFAULT_OBJECT_POLICY_SIZE 8 -#define OBJ_POLICY_HEADER_OFFSET 5 -#define OBJ_POLICY_LENGTH_OFFSET 0 -#define OBJ_POLICY_AUTHID_OFFSET 1 -#define OBJ_POLICY_EXT_OFFSET 9 -#define OBJ_POLICY_PCR_DATA_SIZE (4 + MAX_OBJ_PCR_VALUE_SIZE) /*4 bytes PCR Obj id + 32 bytes PCR value*/ -#define OBJ_POLICY_AUTH_DATA_SIZE 2 - -#define SESSION_POLICY_LENGTH_OFFSET 0 -#define SESSION_POLICY_AR_HEADER_OFFSET 1 -#define DEFAULT_SESSION_POLICY_SIZE 3 - - -/*below bitmaps are set according to Se050 Applet implementation -Byte Ordering for Policy header:B1 B2 B3 B4 -bits ordering -b8 b7 b6 b5 b4 b3 b2 b1 -example : B1b8 : 0x80000000 -*/ - -/* Access Rules for Object Policy*/ -#define POLICY_OBJ_FORBID_ALL 0x20000000 -#define POLICY_OBJ_ALLOW_SIGN 0x10000000 -#define POLICY_OBJ_ALLOW_VERIFY 0x08000000 -#define POLICY_OBJ_ALLOW_KA 0x04000000 -#define POLICY_OBJ_ALLOW_ENC 0x02000000 -#define POLICY_OBJ_ALLOW_DEC 0x01000000 -#define POLICY_OBJ_ALLOW_KDF 0x00800000 -#define POLICY_OBJ_ALLOW_WRAP 0x00400000 -#define POLICY_OBJ_ALLOW_READ 0x00200000 -#define POLICY_OBJ_ALLOW_WRITE 0x00100000 -#define POLICY_OBJ_ALLOW_GEN 0x00080000 -#define POLICY_OBJ_ALLOW_DELETE 0x00040000 -#define POLICY_OBJ_REQUIRE_SM 0x00020000 -#define POLICY_OBJ_REQUIRE_PCR_VALUE 0x00010000 -#define POLICY_OBJ_ALLOW_ATTESTATION 0x00008000 -#define POLICY_OBJ_ALLOW_DESFIRE_AUTHENTICATION 0x00004000 -#define POLICY_OBJ_ALLOW_DESFIRE_DUMP_SESSION_KEYS 0x00002000 -#define POLICY_OBJ_ALLOW_IMPORT_EXPORT 0x00001000 -#if SSS_HAVE_SE05X_VER_GTE_06_00 // 4.4 -#define POLICY_OBJ_FORBID_DERIVED_OUTPUT 0x00000800 -#endif -#if SSS_HAVE_SE05X_VER_GTE_06_00 // 5.4 -#define POLICY_OBJ_ALLOW_KDF_EXT_RANDOM 0x00000400 -#endif - -/* Access Rules for Session Policy*/ -#define POLICY_SESSION_MAX_APDU 0x8000 -#define POLICY_SESSION_MAX_TIME 0x4000 -#define POLICY_SESSION_ALLOW_REFRESH 0x2000 -/**/ - -#endif /* SSS_HAVE_APPLET_SE05X_IOT */ - -#endif /* FSL_SSS_SE05X_CONST_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves.h deleted file mode 100644 index 88787499e..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves.h +++ /dev/null @@ -1,19 +0,0 @@ -/* -* -* Copyright 2019,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef SE05X_ECC_CURVES_H_INC -#define SE05X_ECC_CURVES_H_INC - -#include "se05x_tlv.h" - -#define PROCESS_ECC_CURVE(NAME) \ - smStatus_t Se05x_API_CreateCurve_##NAME(Se05xSession_t *pSession, uint32_t obj_id) - -#include - -#undef PROCESS_ECC_CURVE - -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_inc.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_inc.h deleted file mode 100644 index 636ebef12..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_inc.h +++ /dev/null @@ -1,268 +0,0 @@ -/* -* -* Copyright 2019 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - - -/* NIST/X9.62/SECG curve over a 192 bit prime field */ -PROCESS_ECC_CURVE(prime192v1); - -/* NIST/SECG curve over a 224 bit prime field */ -PROCESS_ECC_CURVE(secp224r1); - -/* NIST/SECG curve over a 384 bit prime field */ -PROCESS_ECC_CURVE(secp384r1); - -/* X9.62/SECG curve over a 256 bit prime field */ -PROCESS_ECC_CURVE(prime256v1); - -/* NIST/SECG curve over a 521 bit prime field */ -PROCESS_ECC_CURVE(secp521r1); - -/* RFC 5639 curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP160r1); - -/* RFC 5639 curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP160t1); - -/* RFC 5639 curve over a 192 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP192r1); - -/* RFC 5639 curve over a 192 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP192t1); - -/* RFC 5639 curve over a 224 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP224r1); - -/* RFC 5639 curve over a 224 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP224t1); - -/* RFC 5639 curve over a 256 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP256r1); - -/* RFC 5639 curve over a 256 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP256t1); - -/* RFC 5639 curve over a 320 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP320r1); - -/* RFC 5639 curve over a 320 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP320t1); - -/* RFC 5639 curve over a 384 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP384r1); - -/* RFC 5639 curve over a 384 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP384t1); - -/* RFC 5639 curve over a 512 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP512r1); - -/* RFC 5639 curve over a 512 bit prime field */ -PROCESS_ECC_CURVE(brainpoolP512t1); - -/* SECG curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(secp160k1); - -/* SECG curve over a 192 bit prime field */ -PROCESS_ECC_CURVE(secp192k1); - -/* SECG curve over a 224 bit prime field */ -PROCESS_ECC_CURVE(secp224k1); - -/* SECG curve over a 256 bit prime field */ -PROCESS_ECC_CURVE(secp256k1); - -/* BN curve 256 bits */ -PROCESS_ECC_CURVE(tpm_bm_p256); - -#if 0 -/* clang-format off */ -/* SECG/WTLS curve over a 112 bit prime field */ -PROCESS_ECC_CURVE(secp112r1); - -/* SECG curve over a 112 bit prime field */ -PROCESS_ECC_CURVE(secp112r2); - -/* SECG curve over a 128 bit prime field */ -PROCESS_ECC_CURVE(secp128r1); - -/* SECG curve over a 128 bit prime field */ -PROCESS_ECC_CURVE(secp128r2); - -/* SECG curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(secp160r1); - -/* SECG/WTLS curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(secp160r2); - - - -/* X9.62 curve over a 192 bit prime field */ -PROCESS_ECC_CURVE(prime192v2); - -/* X9.62 curve over a 192 bit prime field */ -PROCESS_ECC_CURVE(prime192v3); - -/* X9.62 curve over a 239 bit prime field */ -PROCESS_ECC_CURVE(prime239v1); - -/* X9.62 curve over a 239 bit prime field */ -PROCESS_ECC_CURVE(prime239v2); - -/* X9.62 curve over a 239 bit prime field */ -PROCESS_ECC_CURVE(prime239v3); - - -/* SECG curve over a 113 bit binary field */ -PROCESS_ECC_CURVE(sect113r1); - -/* SECG curve over a 113 bit binary field */ -PROCESS_ECC_CURVE(sect113r2); - -/* SECG/WTLS curve over a 131 bit binary field */ -PROCESS_ECC_CURVE(sect131r1); - -/* SECG curve over a 131 bit binary field */ -PROCESS_ECC_CURVE(sect131r2); - -/* NIST/SECG/WTLS curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(sect163k1); - -/* SECG curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(sect163r1); - -/* NIST/SECG curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(sect163r2); - -/* SECG curve over a 193 bit binary field */ -PROCESS_ECC_CURVE(sect193r1); - -/* SECG curve over a 193 bit binary field */ -PROCESS_ECC_CURVE(sect193r2); - -/* NIST/SECG/WTLS curve over a 233 bit binary field */ -PROCESS_ECC_CURVE(sect233k1); - -/* NIST/SECG/WTLS curve over a 233 bit binary field */ -PROCESS_ECC_CURVE(sect233r1); - -/* SECG curve over a 239 bit binary field */ -PROCESS_ECC_CURVE(sect239k1); - -/* NIST/SECG curve over a 283 bit binary field */ -PROCESS_ECC_CURVE(sect283k1); - -/* NIST/SECG curve over a 283 bit binary field */ -PROCESS_ECC_CURVE(sect283r1); - -/* NIST/SECG curve over a 409 bit binary field */ -PROCESS_ECC_CURVE(sect409k1); - -/* NIST/SECG curve over a 409 bit binary field */ -PROCESS_ECC_CURVE(sect409r1); - -/* NIST/SECG curve over a 571 bit binary field */ -PROCESS_ECC_CURVE(sect571k1); - -/* NIST/SECG curve over a 571 bit binary field */ -PROCESS_ECC_CURVE(sect571r1); - -/* X9.62 curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(c2pnb163v1); - -/* X9.62 curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(c2pnb163v2); - -/* X9.62 curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(c2pnb163v3); - -/* X9.62 curve over a 176 bit binary field */ -PROCESS_ECC_CURVE(c2pnb176v1); - -/* X9.62 curve over a 191 bit binary field */ -PROCESS_ECC_CURVE(c2tnb191v1); - -/* X9.62 curve over a 191 bit binary field */ -PROCESS_ECC_CURVE(c2tnb191v2); - -/* X9.62 curve over a 191 bit binary field */ -PROCESS_ECC_CURVE(c2tnb191v3); - -/* X9.62 curve over a 208 bit binary field */ -PROCESS_ECC_CURVE(c2pnb208w1); - -/* X9.62 curve over a 239 bit binary field */ -PROCESS_ECC_CURVE(c2tnb239v1); - -/* X9.62 curve over a 239 bit binary field */ -PROCESS_ECC_CURVE(c2tnb239v2); - -/* X9.62 curve over a 239 bit binary field */ -PROCESS_ECC_CURVE(c2tnb239v3); - -/* X9.62 curve over a 272 bit binary field */ -PROCESS_ECC_CURVE(c2pnb272w1); - -/* X9.62 curve over a 304 bit binary field */ -PROCESS_ECC_CURVE(c2pnb304w1); - -/* X9.62 curve over a 359 bit binary field */ -PROCESS_ECC_CURVE(c2tnb359v1); - -/* X9.62 curve over a 368 bit binary field */ -PROCESS_ECC_CURVE(c2pnb368w1); - -/* X9.62 curve over a 431 bit binary field */ -PROCESS_ECC_CURVE(c2tnb431r1); - -/* WTLS curve over a 113 bit binary field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls1); - -/* NIST/SECG/WTLS curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls3); - -/* SECG curve over a 113 bit binary field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls4); - -/* X9.62 curve over a 163 bit binary field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls5); - -/* SECG/WTLS curve over a 112 bit prime field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls6); - -/* SECG/WTLS curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls7); - -/* WTLS curve over a 112 bit prime field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls8); - -/* WTLS curve over a 160 bit prime field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls9); - -/* NIST/SECG/WTLS curve over a 233 bit binary field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls10); - -/* NIST/SECG/WTLS curve over a 233 bit binary field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls11); - -/* WTLS curve over a 224 bit prime field */ -PROCESS_ECC_CURVE(wap_wsg_idm_ecid_wtls12); - -/* - IPSec/IKE/Oakley curve #3 over a 155 bit binary field. - Not suitable for ECDSA. - Questionable extension field! */ -PROCESS_ECC_CURVE(Oakley_EC2N_3); - -/* - IPSec/IKE/Oakley curve #4 over a 185 bit binary field. - Not suitable for ECDSA. - Questionable extension field! */ -PROCESS_ECC_CURVE(Oakley_EC2N_4); - - -/* clang-format on */ - -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_values.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_values.h deleted file mode 100644 index c7398db66..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ecc_curves_values.h +++ /dev/null @@ -1,2801 +0,0 @@ -/* -* -* Copyright 2018 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef SE05X_ECC_CURVES_LIST_H_INC -#define SE05X_ECC_CURVES_LIST_H_INC - -/* clang-format off */ - -#if 0 -/* secp112r1 : SECG/WTLS curve over a 112 bit prime field */ -#define EC_PARAM_secp112r1_prime \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, \ - 0x80, 0x76, 0xBE, 0xAD, 0x20, 0x8B -#define EC_PARAM_secp112r1_a \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, \ - 0x80, 0x76, 0xBE, 0xAD, 0x20, 0x88 -#define EC_PARAM_secp112r1_b \ - 0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, \ - 0xDE, 0x89, 0x11, 0x70, 0x2B, 0x22 -#define EC_PARAM_secp112r1_x \ - 0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, \ - 0x6B, 0x55, 0xF9, 0xC2, 0xF0, 0x98 -#define EC_PARAM_secp112r1_y \ - 0xA8, 0x9C, 0xE5, 0xAF, 0x87, 0x24, 0xC0, 0xA2, \ - 0x3E, 0x0E, 0x0F, 0xF7, 0x75, 0x00 -#define EC_PARAM_secp112r1_order \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, \ - 0x28, 0xDF, 0xAC, 0x65, 0x61, 0xC5 -#endif - -#if 0 -/* secp112r2 : SECG curve over a 112 bit prime field */ -#define EC_PARAM_secp112r2_prime \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, \ - 0x80, 0x76, 0xBE, 0xAD, 0x20, 0x8B -#define EC_PARAM_secp112r2_a \ - 0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, \ - 0xAA, 0xF6, 0x5C, 0x0E, 0xF0, 0x2C -#define EC_PARAM_secp112r2_b \ - 0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, \ - 0xFC, 0xC3, 0x4C, 0x85, 0xD7, 0x09 -#define EC_PARAM_secp112r2_x \ - 0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, \ - 0x64, 0x9D, 0xD0, 0x92, 0x86, 0x43 -#define EC_PARAM_secp112r2_y \ - 0xAD, 0xCD, 0x46, 0xF5, 0x88, 0x2E, 0x37, 0x47, \ - 0xDE, 0xF3, 0x6E, 0x95, 0x6E, 0x97 -#define EC_PARAM_secp112r2_order \ - 0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, \ - 0x7C, 0xA1, 0x05, 0x20, 0xD0, 0x4B -#endif - -#if 0 -/* secp128r1 : SECG curve over a 128 bit prime field */ -#define EC_PARAM_secp128r1_prime \ - 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_secp128r1_a \ - 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_secp128r1_b \ - 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, \ - 0xD8, 0x24, 0x99, 0x3C, 0x2C, 0xEE, 0x5E, 0xD3 -#define EC_PARAM_secp128r1_x \ - 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, \ - 0x0C, 0x28, 0x60, 0x7C, 0xA5, 0x2C, 0x5B, 0x86 -#define EC_PARAM_secp128r1_y \ - 0xCF, 0x5A, 0xC8, 0x39, 0x5B, 0xAF, 0xEB, 0x13, \ - 0xC0, 0x2D, 0xA2, 0x92, 0xDD, 0xED, 0x7A, 0x83 -#define EC_PARAM_secp128r1_order \ - 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, \ - 0x75, 0xA3, 0x0D, 0x1B, 0x90, 0x38, 0xA1, 0x15 -#endif - -#if 0 -/* secp128r2 : SECG curve over a 128 bit prime field */ -#define EC_PARAM_secp128r2_prime \ - 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_secp128r2_a \ - 0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, \ - 0xBF, 0x59, 0xCC, 0x9B, 0xBF, 0xF9, 0xAE, 0xE1 -#define EC_PARAM_secp128r2_b \ - 0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, \ - 0xDC, 0x2C, 0x65, 0x58, 0xBB, 0x6D, 0x8A, 0x5D -#define EC_PARAM_secp128r2_x \ - 0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, \ - 0xE6, 0xFB, 0x32, 0xA7, 0xCD, 0xEB, 0xC1, 0x40 -#define EC_PARAM_secp128r2_y \ - 0x27, 0xB6, 0x91, 0x6A, 0x89, 0x4D, 0x3A, 0xEE, \ - 0x71, 0x06, 0xFE, 0x80, 0x5F, 0xC3, 0x4B, 0x44 -#define EC_PARAM_secp128r2_order \ - 0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xBE, 0x00, 0x24, 0x72, 0x06, 0x13, 0xB5, 0xA3 -#endif - -#if 1 -/* secp160k1 : SECG curve over a 160 bit prime field */ -#define EC_PARAM_secp160k1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFE, 0xFF, 0xFF, 0xAC, 0x73 -#define EC_PARAM_secp160k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_secp160k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x07 -#define EC_PARAM_secp160k1_x \ - 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, \ - 0x92, 0xA4, 0x01, 0x9E, 0x76, 0x30, 0x36, 0xF4, \ - 0xF5, 0xDD, 0x4D, 0x7E, 0xBB -#define EC_PARAM_secp160k1_y \ - 0x93, 0x8C, 0xF9, 0x35, 0x31, 0x8F, 0xDC, \ - 0xED, 0x6B, 0xC2, 0x82, 0x86, 0x53, 0x17, 0x33, \ - 0xC3, 0xF0, 0x3C, 0x4F, 0xEE -#define EC_PARAM_secp160k1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xB8, 0xFA, 0x16, 0xDF, 0xAB, \ - 0x9A, 0xCA, 0x16, 0xB6, 0xB3 -#endif - -#if 0 -/* secp160r1 : SECG curve over a 160 bit prime field */ -#define EC_PARAM_secp160r1_prime \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0x7F, 0xFF, 0xFF, 0xFF -#define EC_PARAM_secp160r1_a \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0x7F, 0xFF, 0xFF, 0xFC -#define EC_PARAM_secp160r1_b \ - 0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, \ - 0x8B, 0x65, 0xAC, 0xF8, 0x9F, 0x81, 0xD4, 0xD4, \ - 0xAD, 0xC5, 0x65, 0xFA, 0x45 -#define EC_PARAM_secp160r1_x \ - 0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, \ - 0x28, 0x46, 0x64, 0x69, 0x89, 0x68, 0xC3, 0x8B, \ - 0xB9, 0x13, 0xCB, 0xFC, 0x82 -#define EC_PARAM_secp160r1_y \ - 0x00, 0x23, 0xA6, 0x28, 0x55, 0x31, 0x68, 0x94, \ - 0x7D, 0x59, 0xDC, 0xC9, 0x12, 0x04, 0x23, 0x51, \ - 0x37, 0x7A, 0xC5, 0xFB, 0x32 -#define EC_PARAM_secp160r1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xF4, 0xC8, 0xF9, 0x27, 0xAE, \ - 0xD3, 0xCA, 0x75, 0x22, 0x57 -#endif - -#if 0 -/* secp160r2 : SECG/WTLS curve over a 160 bit prime field */ -#define EC_PARAM_secp160r2_prime \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFE, 0xFF, 0xFF, 0xAC, 0x73 -#define EC_PARAM_secp160r2_a \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFE, 0xFF, 0xFF, 0xAC, 0x70 -#define EC_PARAM_secp160r2_b \ - 0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, \ - 0x8B, 0xAB, 0x57, 0x27, 0x49, 0x04, 0x66, 0x4D, \ - 0x5A, 0xF5, 0x03, 0x88, 0xBA -#define EC_PARAM_secp160r2_x \ - 0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, \ - 0x7E, 0x1F, 0x4F, 0xF1, 0x1B, 0x30, 0xF7, 0x19, \ - 0x9D, 0x31, 0x44, 0xCE, 0x6D -#define EC_PARAM_secp160r2_y \ - 0x00, 0xFE, 0xAF, 0xFE, 0xF2, 0xE3, 0x31, 0xF2, \ - 0x96, 0xE0, 0x71, 0xFA, 0x0D, 0xF9, 0x98, 0x2C, \ - 0xFE, 0xA7, 0xD4, 0x3F, 0x2E -#define EC_PARAM_secp160r2_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x35, 0x1E, 0xE7, 0x86, 0xA8, \ - 0x18, 0xF3, 0xA1, 0xA1, 0x6B -#endif - -#if 1 -/* secp192k1 : SECG curve over a 192 bit prime field */ -#define EC_PARAM_secp192k1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xEE, 0x37 -#define EC_PARAM_secp192k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_secp192k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 -#define EC_PARAM_secp192k1_x \ - 0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, \ - 0x26, 0xB0, 0x7D, 0x02, 0x80, 0xB7, 0xF4, 0x34, \ - 0x1D, 0xA5, 0xD1, 0xB1, 0xEA, 0xE0, 0x6C, 0x7D -#define EC_PARAM_secp192k1_y \ - 0x9B, 0x2F, 0x2F, 0x6D, 0x9C, 0x56, 0x28, 0xA7, \ - 0x84, 0x41, 0x63, 0xD0, 0x15, 0xBE, 0x86, 0x34, \ - 0x40, 0x82, 0xAA, 0x88, 0xD9, 0x5E, 0x2F, 0x9D -#define EC_PARAM_secp192k1_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFE, 0x26, 0xF2, 0xFC, 0x17, \ - 0x0F, 0x69, 0x46, 0x6A, 0x74, 0xDE, 0xFD, 0x8D -#endif - -#if 1 -/* secp224k1 : SECG curve over a 224 bit prime field */ -#define EC_PARAM_secp224k1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFE, 0xFF, 0xFF, 0xE5, 0x6D -#define EC_PARAM_secp224k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_secp224k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x05 -#define EC_PARAM_secp224k1_x \ - 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, \ - 0xDF, 0x30, 0xFC, 0x28, 0xA1, 0x69, 0xA4, 0x67, \ - 0xE9, 0xE4, 0x70, 0x75, 0xA9, 0x0F, 0x7E, 0x65, \ - 0x0E, 0xB6, 0xB7, 0xA4, 0x5C -#define EC_PARAM_secp224k1_y \ - 0x7E, 0x08, 0x9F, 0xED, 0x7F, 0xBA, 0x34, \ - 0x42, 0x82, 0xCA, 0xFB, 0xD6, 0xF7, 0xE3, 0x19, \ - 0xF7, 0xC0, 0xB0, 0xBD, 0x59, 0xE2, 0xCA, 0x4B, \ - 0xDB, 0x55, 0x6D, 0x61, 0xA5 -#define EC_PARAM_secp224k1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xDC, \ - 0xE8, 0xD2, 0xEC, 0x61, 0x84, 0xCA, 0xF0, 0xA9, \ - 0x71, 0x76, 0x9F, 0xB1, 0xF7 -#endif - -#if 1 -/* secp224r1 : NIST/SECG curve over a 224 bit prime field */ -#define EC_PARAM_secp224r1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_secp224r1_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFE -#define EC_PARAM_secp224r1_b \ - 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, \ - 0xF5, 0x41, 0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, \ - 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, \ - 0x23, 0x55, 0xFF, 0xB4 -#define EC_PARAM_secp224r1_x \ - 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, \ - 0x32, 0x13, 0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, \ - 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, \ - 0x11, 0x5C, 0x1D, 0x21 -#define EC_PARAM_secp224r1_y \ - 0xBD, 0x37, 0x63, 0x88, 0xB5, 0xF7, 0x23, 0xFB, \ - 0x4C, 0x22, 0xDF, 0xE6, 0xCD, 0x43, 0x75, 0xA0, \ - 0x5A, 0x07, 0x47, 0x64, 0x44, 0xD5, 0x81, 0x99, \ - 0x85, 0x00, 0x7E, 0x34 -#define EC_PARAM_secp224r1_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x16, 0xA2, \ - 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, \ - 0x5C, 0x5C, 0x2A, 0x3D -#endif - -#if 1 -/* secp256k1 : SECG curve over a 256 bit prime field */ -#define EC_PARAM_secp256k1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F -#define EC_PARAM_secp256k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_secp256k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07 -#define EC_PARAM_secp256k1_x \ - 0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, \ - 0x55, 0xA0, 0x62, 0x95, 0xCE, 0x87, 0x0B, 0x07, \ - 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9, \ - 0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98 -#define EC_PARAM_secp256k1_y \ - 0x48, 0x3A, 0xDA, 0x77, 0x26, 0xA3, 0xC4, 0x65, \ - 0x5D, 0xA4, 0xFB, 0xFC, 0x0E, 0x11, 0x08, 0xA8, \ - 0xFD, 0x17, 0xB4, 0x48, 0xA6, 0x85, 0x54, 0x19, \ - 0x9C, 0x47, 0xD0, 0x8F, 0xFB, 0x10, 0xD4, 0xB8 -#define EC_PARAM_secp256k1_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B, \ - 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41 -#endif - -#if 1 -/* secp384r1 : NIST/SECG curve over a 384 bit prime field */ -#define EC_PARAM_secp384r1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_secp384r1_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_secp384r1_b \ - 0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, \ - 0x98, 0x8E, 0x05, 0x6B, 0xE3, 0xF8, 0x2D, 0x19, \ - 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12, \ - 0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, \ - 0xC6, 0x56, 0x39, 0x8D, 0x8A, 0x2E, 0xD1, 0x9D, \ - 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF -#define EC_PARAM_secp384r1_x \ - 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, \ - 0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74, \ - 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, \ - 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, \ - 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C, \ - 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7 -#define EC_PARAM_secp384r1_y \ - 0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F, \ - 0x5D, 0x9E, 0x98, 0xBF, 0x92, 0x92, 0xDC, 0x29, \ - 0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C, \ - 0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0, \ - 0x0A, 0x60, 0xB1, 0xCE, 0x1D, 0x7E, 0x81, 0x9D, \ - 0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F -#define EC_PARAM_secp384r1_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, \ - 0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A, \ - 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73 -#endif - -#if 1 -/* secp521r1 : NIST/SECG curve over a 521 bit prime field */ -#define EC_PARAM_secp521r1_prime \ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF -#define EC_PARAM_secp521r1_a \ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFC -#define EC_PARAM_secp521r1_b \ - 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, \ - 0x9A, 0x1F, 0x92, 0x9A, 0x21, 0xA0, 0xB6, 0x85, \ - 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3, \ - 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, \ - 0x09, 0xE1, 0x56, 0x19, 0x39, 0x51, 0xEC, 0x7E, \ - 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1, \ - 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, \ - 0x34, 0xF1, 0xEF, 0x45, 0x1F, 0xD4, 0x6B, 0x50, \ - 0x3F, 0x00 -#define EC_PARAM_secp521r1_x \ - 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, \ - 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95, \ - 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, \ - 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, \ - 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7, \ - 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, \ - 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, \ - 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5, \ - 0xBD, 0x66 -#define EC_PARAM_secp521r1_y \ - 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B, \ - 0xC0, 0x04, 0x5C, 0x8A, 0x5F, 0xB4, 0x2C, 0x7D, \ - 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B, \ - 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E, \ - 0x66, 0x2C, 0x97, 0xEE, 0x72, 0x99, 0x5E, 0xF4, \ - 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD, \ - 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72, \ - 0xC2, 0x40, 0x88, 0xBE, 0x94, 0x76, 0x9F, 0xD1, \ - 0x66, 0x50 -#define EC_PARAM_secp521r1_order \ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFA, 0x51, 0x86, 0x87, 0x83, 0xBF, 0x2F, \ - 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09, \ - 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, \ - 0x47, 0xAE, 0xBB, 0x6F, 0xB7, 0x1E, 0x91, 0x38, \ - 0x64, 0x09 -#endif - -#if 1 -/* prime192v1 : NIST/X9.62/SECG curve over a 192 bit prime field */ -#define EC_PARAM_prime192v1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime192v1_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime192v1_b \ - 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, \ - 0x0F, 0xA7, 0xE9, 0xAB, 0x72, 0x24, 0x30, 0x49, \ - 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1 -#define EC_PARAM_prime192v1_x \ - 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, \ - 0x7C, 0xBF, 0x20, 0xEB, 0x43, 0xA1, 0x88, 0x00, \ - 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12 -#define EC_PARAM_prime192v1_y \ - 0x07, 0x19, 0x2B, 0x95, 0xFF, 0xC8, 0xDA, 0x78, \ - 0x63, 0x10, 0x11, 0xED, 0x6B, 0x24, 0xCD, 0xD5, \ - 0x73, 0xF9, 0x77, 0xA1, 0x1E, 0x79, 0x48, 0x11 -#define EC_PARAM_prime192v1_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x99, 0xDE, 0xF8, 0x36, \ - 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 -#endif - -#if 0 -/* prime192v2 : X9.62 curve over a 192 bit prime field */ -#define EC_PARAM_prime192v2_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime192v2_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime192v2_b \ - 0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, \ - 0xE4, 0x9C, 0x0D, 0x63, 0x64, 0xA4, 0xE5, 0x98, \ - 0x0C, 0x39, 0x3A, 0xA2, 0x16, 0x68, 0xD9, 0x53 -#define EC_PARAM_prime192v2_x \ - 0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, \ - 0xF2, 0xDE, 0x77, 0x69, 0xCF, 0xE9, 0xC9, 0x89, \ - 0xC0, 0x72, 0xAD, 0x69, 0x6F, 0x48, 0x03, 0x4A -#define EC_PARAM_prime192v2_y \ - 0x65, 0x74, 0xD1, 0x1D, 0x69, 0xB6, 0xEC, 0x7A, \ - 0x67, 0x2B, 0xB8, 0x2A, 0x08, 0x3D, 0xF2, 0xF2, \ - 0xB0, 0x84, 0x7D, 0xE9, 0x70, 0xB2, 0xDE, 0x15 -#define EC_PARAM_prime192v2_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFE, 0x5F, 0xB1, 0xA7, 0x24, \ - 0xDC, 0x80, 0x41, 0x86, 0x48, 0xD8, 0xDD, 0x31 -#endif - -#if 0 -/* prime192v3 : X9.62 curve over a 192 bit prime field */ -#define EC_PARAM_prime192v3_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime192v3_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime192v3_b \ - 0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, \ - 0xA7, 0x42, 0x3D, 0xAE, 0xCC, 0xC9, 0x47, 0x60, \ - 0xA7, 0xD4, 0x62, 0x25, 0x6B, 0xD5, 0x69, 0x16 -#define EC_PARAM_prime192v3_x \ - 0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, \ - 0xA1, 0x78, 0x37, 0x16, 0x58, 0x8D, 0xCE, 0x2B, \ - 0x8B, 0x4A, 0xEE, 0x8E, 0x22, 0x8F, 0x18, 0x96 -#define EC_PARAM_prime192v3_y \ - 0x38, 0xA9, 0x0F, 0x22, 0x63, 0x73, 0x37, 0x33, \ - 0x4B, 0x49, 0xDC, 0xB6, 0x6A, 0x6D, 0xC8, 0xF9, \ - 0x97, 0x8A, 0xCA, 0x76, 0x48, 0xA9, 0x43, 0xB0 -#define EC_PARAM_prime192v3_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7A, 0x62, 0xD0, 0x31, \ - 0xC8, 0x3F, 0x42, 0x94, 0xF6, 0x40, 0xEC, 0x13 -#endif - -#if 0 -/* prime239v1 : X9.62 curve over a 239 bit prime field */ -#define EC_PARAM_prime239v1_prime \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime239v1_a \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime239v1_b \ - 0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, \ - 0xD0, 0xD6, 0x54, 0x92, 0x14, 0x75, 0xCA, 0x71, \ - 0xA9, 0xDB, 0x2F, 0xB2, 0x7D, 0x1D, 0x37, 0x79, \ - 0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A -#define EC_PARAM_prime239v1_x \ - 0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, \ - 0xCC, 0x33, 0xB8, 0x64, 0x2B, 0xED, 0xF9, 0x05, \ - 0xC3, 0xD3, 0x58, 0x57, 0x3D, 0x3F, 0x27, 0xFB, \ - 0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF -#define EC_PARAM_prime239v1_y \ - 0x7D, 0xEB, 0xE8, 0xE4, 0xE9, 0x0A, 0x5D, 0xAE, \ - 0x6E, 0x40, 0x54, 0xCA, 0x53, 0x0B, 0xA0, 0x46, \ - 0x54, 0xB3, 0x68, 0x18, 0xCE, 0x22, 0x6B, 0x39, \ - 0xFC, 0xCB, 0x7B, 0x02, 0xF1, 0xAE -#define EC_PARAM_prime239v1_order \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0x9E, \ - 0x5E, 0x9A, 0x9F, 0x5D, 0x90, 0x71, 0xFB, 0xD1, \ - 0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B -#endif - -#if 0 -/* prime239v2 : X9.62 curve over a 239 bit prime field */ -#define EC_PARAM_prime239v2_prime \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime239v2_a \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime239v2_b \ - 0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, \ - 0xFE, 0xD5, 0x0D, 0x99, 0xF0, 0x24, 0x9C, 0x3F, \ - 0xEE, 0x58, 0xB9, 0x4B, 0xA0, 0x03, 0x8C, 0x7A, \ - 0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C -#define EC_PARAM_prime239v2_x \ - 0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, \ - 0x20, 0xC9, 0x21, 0xBB, 0x5E, 0x9E, 0x26, 0x29, \ - 0x6A, 0x3C, 0xDC, 0xF2, 0xF3, 0x57, 0x57, 0xA0, \ - 0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7 -#define EC_PARAM_prime239v2_y \ - 0x5B, 0x01, 0x25, 0xE4, 0xDB, 0xEA, 0x0E, 0xC7, \ - 0x20, 0x6D, 0xA0, 0xFC, 0x01, 0xD9, 0xB0, 0x81, \ - 0x32, 0x9F, 0xB5, 0x55, 0xDE, 0x6E, 0xF4, 0x60, \ - 0x23, 0x7D, 0xFF, 0x8B, 0xE4, 0xBA -#define EC_PARAM_prime239v2_order \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0xCF, \ - 0xA7, 0xE8, 0x59, 0x43, 0x77, 0xD4, 0x14, 0xC0, \ - 0x38, 0x21, 0xBC, 0x58, 0x20, 0x63 -#endif - -#if 0 -/* prime239v3 : X9.62 curve over a 239 bit prime field */ -#define EC_PARAM_prime239v3_prime \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime239v3_a \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime239v3_b \ - 0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, \ - 0xB1, 0xF4, 0xCB, 0x03, 0xD6, 0xA7, 0x50, 0xA3, \ - 0x0C, 0x25, 0x01, 0x02, 0xD4, 0x98, 0x87, 0x17, \ - 0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E -#define EC_PARAM_prime239v3_x \ - 0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, \ - 0xCF, 0x00, 0x5C, 0x94, 0x9A, 0xA2, 0xC6, 0xD9, \ - 0x48, 0x53, 0xD0, 0xE6, 0x60, 0xBB, 0xF8, 0x54, \ - 0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A -#define EC_PARAM_prime239v3_y \ - 0x16, 0x07, 0xE6, 0x89, 0x8F, 0x39, 0x0C, 0x06, \ - 0xBC, 0x1D, 0x55, 0x2B, 0xAD, 0x22, 0x6F, 0x3B, \ - 0x6F, 0xCF, 0xE4, 0x8B, 0x6E, 0x81, 0x84, 0x99, \ - 0xAF, 0x18, 0xE3, 0xED, 0x6C, 0xF3 -#define EC_PARAM_prime239v3_order \ - 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0x97, \ - 0x5D, 0xEB, 0x41, 0xB3, 0xA6, 0x05, 0x7C, 0x3C, \ - 0x43, 0x21, 0x46, 0x52, 0x65, 0x51 -#endif - -#if 1 -/* prime256v1 : X9.62/SECG curve over a 256 bit prime field */ -#define EC_PARAM_prime256v1_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -#define EC_PARAM_prime256v1_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC -#define EC_PARAM_prime256v1_b \ - 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, \ - 0xB3, 0xEB, 0xBD, 0x55, 0x76, 0x98, 0x86, 0xBC, \ - 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6, \ - 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B -#define EC_PARAM_prime256v1_x \ - 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, \ - 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, \ - 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, \ - 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 -#define EC_PARAM_prime256v1_y \ - 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, \ - 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16, \ - 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, \ - 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5 -#define EC_PARAM_prime256v1_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, \ - 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 -#endif - -#if 0 -/* sect113r1 : SECG curve over a 113 bit binary field */ -#define EC_PARAM_sect113r1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_sect113r1_a \ - 0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, \ - 0xFE, 0x64, 0x9C, 0xE8, 0x58, 0x20, 0xF7 -#define EC_PARAM_sect113r1_b \ - 0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, \ - 0x44, 0x18, 0x8B, 0xE0, 0xE9, 0xC7, 0x23 -#define EC_PARAM_sect113r1_x \ - 0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, \ - 0x14, 0x07, 0xD7, 0x35, 0x62, 0xC1, 0x0F -#define EC_PARAM_sect113r1_y \ - 0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, \ - 0x84, 0xD1, 0x31, 0x5E, 0xD3, 0x18, 0x86 -#define EC_PARAM_sect113r1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0xD9, 0xCC, 0xEC, 0x8A, 0x39, 0xE5, 0x6F -#endif - -#if 0 -/* sect113r2 : SECG curve over a 113 bit binary field */ -#define EC_PARAM_sect113r2_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_sect113r2_a \ - 0x00, 0x68, 0x99, 0x18, 0xDB, 0xEC, 0x7E, 0x5A, \ - 0x0D, 0xD6, 0xDF, 0xC0, 0xAA, 0x55, 0xC7 -#define EC_PARAM_sect113r2_b \ - 0x00, 0x95, 0xE9, 0xA9, 0xEC, 0x9B, 0x29, 0x7B, \ - 0xD4, 0xBF, 0x36, 0xE0, 0x59, 0x18, 0x4F -#define EC_PARAM_sect113r2_x \ - 0x01, 0xA5, 0x7A, 0x6A, 0x7B, 0x26, 0xCA, 0x5E, \ - 0xF5, 0x2F, 0xCD, 0xB8, 0x16, 0x47, 0x97 -#define EC_PARAM_sect113r2_y \ - 0x00, 0xB3, 0xAD, 0xC9, 0x4E, 0xD1, 0xFE, 0x67, \ - 0x4C, 0x06, 0xE6, 0x95, 0xBA, 0xBA, 0x1D -#define EC_PARAM_sect113r2_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, \ - 0x08, 0x78, 0x9B, 0x24, 0x96, 0xAF, 0x93 -#endif - -#if 0 -/* sect131r1 : SECG/WTLS curve over a 131 bit binary field */ -#define EC_PARAM_sect131r1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, \ - 0x0D -#define EC_PARAM_sect131r1_a \ - 0x07, 0xA1, 0x1B, 0x09, 0xA7, 0x6B, 0x56, 0x21, \ - 0x44, 0x41, 0x8F, 0xF3, 0xFF, 0x8C, 0x25, 0x70, \ - 0xB8 -#define EC_PARAM_sect131r1_b \ - 0x02, 0x17, 0xC0, 0x56, 0x10, 0x88, 0x4B, 0x63, \ - 0xB9, 0xC6, 0xC7, 0x29, 0x16, 0x78, 0xF9, 0xD3, \ - 0x41 -#define EC_PARAM_sect131r1_x \ - 0x00, 0x81, 0xBA, 0xF9, 0x1F, 0xDF, 0x98, 0x33, \ - 0xC4, 0x0F, 0x9C, 0x18, 0x13, 0x43, 0x63, 0x83, \ - 0x99 -#define EC_PARAM_sect131r1_y \ - 0x07, 0x8C, 0x6E, 0x7E, 0xA3, 0x8C, 0x00, 0x1F, \ - 0x73, 0xC8, 0x13, 0x4B, 0x1B, 0x4E, 0xF9, 0xE1, \ - 0x50 -#define EC_PARAM_sect131r1_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x02, 0x31, 0x23, 0x95, 0x3A, 0x94, 0x64, 0xB5, \ - 0x4D -#endif - -#if 0 -/* sect131r2 : SECG curve over a 131 bit binary field */ -#define EC_PARAM_sect131r2_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, \ - 0x0D -#define EC_PARAM_sect131r2_a \ - 0x03, 0xE5, 0xA8, 0x89, 0x19, 0xD7, 0xCA, 0xFC, \ - 0xBF, 0x41, 0x5F, 0x07, 0xC2, 0x17, 0x65, 0x73, \ - 0xB2 -#define EC_PARAM_sect131r2_b \ - 0x04, 0xB8, 0x26, 0x6A, 0x46, 0xC5, 0x56, 0x57, \ - 0xAC, 0x73, 0x4C, 0xE3, 0x8F, 0x01, 0x8F, 0x21, \ - 0x92 -#define EC_PARAM_sect131r2_x \ - 0x03, 0x56, 0xDC, 0xD8, 0xF2, 0xF9, 0x50, 0x31, \ - 0xAD, 0x65, 0x2D, 0x23, 0x95, 0x1B, 0xB3, 0x66, \ - 0xA8 -#define EC_PARAM_sect131r2_y \ - 0x06, 0x48, 0xF0, 0x6D, 0x86, 0x79, 0x40, 0xA5, \ - 0x36, 0x6D, 0x9E, 0x26, 0x5D, 0xE9, 0xEB, 0x24, \ - 0x0F -#define EC_PARAM_sect131r2_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x01, 0x69, 0x54, 0xA2, 0x33, 0x04, 0x9B, 0xA9, \ - 0x8F -#endif - -#if 0 -/* sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field */ -#define EC_PARAM_sect163k1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xC9 -#define EC_PARAM_sect163k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect163k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect163k1_x \ - 0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, \ - 0xAC, 0xAA, 0x07, 0xD7, 0x93, 0xDE, 0x4E, 0x6D, \ - 0x5E, 0x5C, 0x94, 0xEE, 0xE8 -#define EC_PARAM_sect163k1_y \ - 0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, \ - 0x58, 0x32, 0x1F, 0x2E, 0x80, 0x05, 0x36, 0xD5, \ - 0x38, 0xCC, 0xDA, 0xA3, 0xD9 -#define EC_PARAM_sect163k1_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x02, 0x01, 0x08, 0xA2, 0xE0, 0xCC, \ - 0x0D, 0x99, 0xF8, 0xA5, 0xEF -#endif - -#if 0 -/* sect163r1 : SECG curve over a 163 bit binary field */ -#define EC_PARAM_sect163r1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xC9 -#define EC_PARAM_sect163r1_a \ - 0x07, 0xB6, 0x88, 0x2C, 0xAA, 0xEF, 0xA8, 0x4F, \ - 0x95, 0x54, 0xFF, 0x84, 0x28, 0xBD, 0x88, 0xE2, \ - 0x46, 0xD2, 0x78, 0x2A, 0xE2 -#define EC_PARAM_sect163r1_b \ - 0x07, 0x13, 0x61, 0x2D, 0xCD, 0xDC, 0xB4, 0x0A, \ - 0xAB, 0x94, 0x6B, 0xDA, 0x29, 0xCA, 0x91, 0xF7, \ - 0x3A, 0xF9, 0x58, 0xAF, 0xD9 -#define EC_PARAM_sect163r1_x \ - 0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89, \ - 0x77, 0x89, 0x56, 0x67, 0x89, 0x56, 0x7F, 0x78, \ - 0x7A, 0x78, 0x76, 0xA6, 0x54 -#define EC_PARAM_sect163r1_y \ - 0x00, 0x43, 0x5E, 0xDB, 0x42, 0xEF, 0xAF, 0xB2, \ - 0x98, 0x9D, 0x51, 0xFE, 0xFC, 0xE3, 0xC8, 0x09, \ - 0x88, 0xF4, 0x1F, 0xF8, 0x83 -#define EC_PARAM_sect163r1_order \ - 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0x48, 0xAA, 0xB6, 0x89, 0xC2, \ - 0x9C, 0xA7, 0x10, 0x27, 0x9B -#endif - -#if 0 -/* sect163r2 : NIST/SECG curve over a 163 bit binary field */ -#define EC_PARAM_sect163r2_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xC9 -#define EC_PARAM_sect163r2_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect163r2_b \ - 0x02, 0x0A, 0x60, 0x19, 0x07, 0xB8, 0xC9, 0x53, \ - 0xCA, 0x14, 0x81, 0xEB, 0x10, 0x51, 0x2F, 0x78, \ - 0x74, 0x4A, 0x32, 0x05, 0xFD -#define EC_PARAM_sect163r2_x \ - 0x03, 0xF0, 0xEB, 0xA1, 0x62, 0x86, 0xA2, 0xD5, \ - 0x7E, 0xA0, 0x99, 0x11, 0x68, 0xD4, 0x99, 0x46, \ - 0x37, 0xE8, 0x34, 0x3E, 0x36 -#define EC_PARAM_sect163r2_y \ - 0x00, 0xD5, 0x1F, 0xBC, 0x6C, 0x71, 0xA0, 0x09, \ - 0x4F, 0xA2, 0xCD, 0xD5, 0x45, 0xB1, 0x1C, 0x5C, \ - 0x0C, 0x79, 0x73, 0x24, 0xF1 -#define EC_PARAM_sect163r2_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x02, 0x92, 0xFE, 0x77, 0xE7, 0x0C, \ - 0x12, 0xA4, 0x23, 0x4C, 0x33 -#endif - -#if 0 -/* sect193r1 : SECG curve over a 193 bit binary field */ -#define EC_PARAM_sect193r1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, \ - 0x01 -#define EC_PARAM_sect193r1_a \ - 0x00, 0x17, 0x85, 0x8F, 0xEB, 0x7A, 0x98, 0x97, \ - 0x51, 0x69, 0xE1, 0x71, 0xF7, 0x7B, 0x40, 0x87, \ - 0xDE, 0x09, 0x8A, 0xC8, 0xA9, 0x11, 0xDF, 0x7B, \ - 0x01 -#define EC_PARAM_sect193r1_b \ - 0x00, 0xFD, 0xFB, 0x49, 0xBF, 0xE6, 0xC3, 0xA8, \ - 0x9F, 0xAC, 0xAD, 0xAA, 0x7A, 0x1E, 0x5B, 0xBC, \ - 0x7C, 0xC1, 0xC2, 0xE5, 0xD8, 0x31, 0x47, 0x88, \ - 0x14 -#define EC_PARAM_sect193r1_x \ - 0x01, 0xF4, 0x81, 0xBC, 0x5F, 0x0F, 0xF8, 0x4A, \ - 0x74, 0xAD, 0x6C, 0xDF, 0x6F, 0xDE, 0xF4, 0xBF, \ - 0x61, 0x79, 0x62, 0x53, 0x72, 0xD8, 0xC0, 0xC5, \ - 0xE1 -#define EC_PARAM_sect193r1_y \ - 0x00, 0x25, 0xE3, 0x99, 0xF2, 0x90, 0x37, 0x12, \ - 0xCC, 0xF3, 0xEA, 0x9E, 0x3A, 0x1A, 0xD1, 0x7F, \ - 0xB0, 0xB3, 0x20, 0x1B, 0x6A, 0xF7, 0xCE, 0x1B, \ - 0x05 -#define EC_PARAM_sect193r1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0xC7, 0xF3, 0x4A, \ - 0x77, 0x8F, 0x44, 0x3A, 0xCC, 0x92, 0x0E, 0xBA, \ - 0x49 -#endif - -#if 0 -/* sect193r2 : SECG curve over a 193 bit binary field */ -#define EC_PARAM_sect193r2_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, \ - 0x01 -#define EC_PARAM_sect193r2_a \ - 0x01, 0x63, 0xF3, 0x5A, 0x51, 0x37, 0xC2, 0xCE, \ - 0x3E, 0xA6, 0xED, 0x86, 0x67, 0x19, 0x0B, 0x0B, \ - 0xC4, 0x3E, 0xCD, 0x69, 0x97, 0x77, 0x02, 0x70, \ - 0x9B -#define EC_PARAM_sect193r2_b \ - 0x00, 0xC9, 0xBB, 0x9E, 0x89, 0x27, 0xD4, 0xD6, \ - 0x4C, 0x37, 0x7E, 0x2A, 0xB2, 0x85, 0x6A, 0x5B, \ - 0x16, 0xE3, 0xEF, 0xB7, 0xF6, 0x1D, 0x43, 0x16, \ - 0xAE -#define EC_PARAM_sect193r2_x \ - 0x00, 0xD9, 0xB6, 0x7D, 0x19, 0x2E, 0x03, 0x67, \ - 0xC8, 0x03, 0xF3, 0x9E, 0x1A, 0x7E, 0x82, 0xCA, \ - 0x14, 0xA6, 0x51, 0x35, 0x0A, 0xAE, 0x61, 0x7E, \ - 0x8F -#define EC_PARAM_sect193r2_y \ - 0x01, 0xCE, 0x94, 0x33, 0x56, 0x07, 0xC3, 0x04, \ - 0xAC, 0x29, 0xE7, 0xDE, 0xFB, 0xD9, 0xCA, 0x01, \ - 0xF5, 0x96, 0xF9, 0x27, 0x22, 0x4C, 0xDE, 0xCF, \ - 0x6C -#define EC_PARAM_sect193r2_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01, 0x5A, 0xAB, 0x56, \ - 0x1B, 0x00, 0x54, 0x13, 0xCC, 0xD4, 0xEE, 0x99, \ - 0xD5 -#endif - -#if 0 -/* sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field */ -#define EC_PARAM_sect233k1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect233k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_sect233k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect233k1_x \ - 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, \ - 0x1A, 0xF1, 0x29, 0xF2, 0x2F, 0xF4, 0x14, 0x95, \ - 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C, \ - 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26 -#define EC_PARAM_sect233k1_y \ - 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, \ - 0xF7, 0x0F, 0x55, 0x5A, 0x67, 0xC4, 0x27, 0xA8, \ - 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0, \ - 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3 -#define EC_PARAM_sect233k1_order \ - 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, \ - 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB, \ - 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF -#endif - -#if 0 -/* sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field */ -#define EC_PARAM_sect233r1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect233r1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect233r1_b \ - 0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, \ - 0x7F, 0x8C, 0x09, 0x23, 0xBB, 0x58, 0x21, 0x3B, \ - 0x33, 0x3B, 0x20, 0xE9, 0xCE, 0x42, 0x81, 0xFE, \ - 0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD -#define EC_PARAM_sect233r1_x \ - 0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, \ - 0xBB, 0x21, 0x39, 0xF1, 0xBB, 0x75, 0x5F, 0xEF, \ - 0x65, 0xBC, 0x39, 0x1F, 0x8B, 0x36, 0xF8, 0xF8, \ - 0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B -#define EC_PARAM_sect233r1_y \ - 0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, \ - 0x06, 0x78, 0xE5, 0x85, 0x28, 0xBE, 0xBF, 0x8A, \ - 0x0B, 0xEF, 0xF8, 0x67, 0xA7, 0xCA, 0x36, 0x71, \ - 0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52 -#define EC_PARAM_sect233r1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, \ - 0xE9, 0x74, 0xE7, 0x2F, 0x8A, 0x69, 0x22, 0x03, \ - 0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7 -#endif - -#if 0 -/* sect239k1 : SECG curve over a 239 bit binary field */ -#define EC_PARAM_sect239k1_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect239k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_sect239k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect239k1_x \ - 0x29, 0xA0, 0xB6, 0xA8, 0x87, 0xA9, 0x83, 0xE9, \ - 0x73, 0x09, 0x88, 0xA6, 0x87, 0x27, 0xA8, 0xB2, \ - 0xD1, 0x26, 0xC4, 0x4C, 0xC2, 0xCC, 0x7B, 0x2A, \ - 0x65, 0x55, 0x19, 0x30, 0x35, 0xDC -#define EC_PARAM_sect239k1_y \ - 0x76, 0x31, 0x08, 0x04, 0xF1, 0x2E, 0x54, 0x9B, \ - 0xDB, 0x01, 0x1C, 0x10, 0x30, 0x89, 0xE7, 0x35, \ - 0x10, 0xAC, 0xB2, 0x75, 0xFC, 0x31, 0x2A, 0x5D, \ - 0xC6, 0xB7, 0x65, 0x53, 0xF0, 0xCA -#define EC_PARAM_sect239k1_order \ - 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x5A, \ - 0x79, 0xFE, 0xC6, 0x7C, 0xB6, 0xE9, 0x1F, 0x1C, \ - 0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5 -#endif - -#if 0 -/* sect283k1 : NIST/SECG curve over a 283 bit binary field */ -#define EC_PARAM_sect283k1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x10, 0xA1 -#define EC_PARAM_sect283k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_sect283k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect283k1_x \ - 0x05, 0x03, 0x21, 0x3F, 0x78, 0xCA, 0x44, 0x88, \ - 0x3F, 0x1A, 0x3B, 0x81, 0x62, 0xF1, 0x88, 0xE5, \ - 0x53, 0xCD, 0x26, 0x5F, 0x23, 0xC1, 0x56, 0x7A, \ - 0x16, 0x87, 0x69, 0x13, 0xB0, 0xC2, 0xAC, 0x24, \ - 0x58, 0x49, 0x28, 0x36 -#define EC_PARAM_sect283k1_y \ - 0x01, 0xCC, 0xDA, 0x38, 0x0F, 0x1C, 0x9E, 0x31, \ - 0x8D, 0x90, 0xF9, 0x5D, 0x07, 0xE5, 0x42, 0x6F, \ - 0xE8, 0x7E, 0x45, 0xC0, 0xE8, 0x18, 0x46, 0x98, \ - 0xE4, 0x59, 0x62, 0x36, 0x4E, 0x34, 0x11, 0x61, \ - 0x77, 0xDD, 0x22, 0x59 -#define EC_PARAM_sect283k1_order \ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xE9, 0xAE, 0x2E, 0xD0, 0x75, 0x77, \ - 0x26, 0x5D, 0xFF, 0x7F, 0x94, 0x45, 0x1E, 0x06, \ - 0x1E, 0x16, 0x3C, 0x61 -#endif - -#if 0 -/* sect283r1 : NIST/SECG curve over a 283 bit binary field */ -#define EC_PARAM_sect283r1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x10, 0xA1 -#define EC_PARAM_sect283r1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect283r1_b \ - 0x02, 0x7B, 0x68, 0x0A, 0xC8, 0xB8, 0x59, 0x6D, \ - 0xA5, 0xA4, 0xAF, 0x8A, 0x19, 0xA0, 0x30, 0x3F, \ - 0xCA, 0x97, 0xFD, 0x76, 0x45, 0x30, 0x9F, 0xA2, \ - 0xA5, 0x81, 0x48, 0x5A, 0xF6, 0x26, 0x3E, 0x31, \ - 0x3B, 0x79, 0xA2, 0xF5 -#define EC_PARAM_sect283r1_x \ - 0x05, 0xF9, 0x39, 0x25, 0x8D, 0xB7, 0xDD, 0x90, \ - 0xE1, 0x93, 0x4F, 0x8C, 0x70, 0xB0, 0xDF, 0xEC, \ - 0x2E, 0xED, 0x25, 0xB8, 0x55, 0x7E, 0xAC, 0x9C, \ - 0x80, 0xE2, 0xE1, 0x98, 0xF8, 0xCD, 0xBE, 0xCD, \ - 0x86, 0xB1, 0x20, 0x53 -#define EC_PARAM_sect283r1_y \ - 0x03, 0x67, 0x68, 0x54, 0xFE, 0x24, 0x14, 0x1C, \ - 0xB9, 0x8F, 0xE6, 0xD4, 0xB2, 0x0D, 0x02, 0xB4, \ - 0x51, 0x6F, 0xF7, 0x02, 0x35, 0x0E, 0xDD, 0xB0, \ - 0x82, 0x67, 0x79, 0xC8, 0x13, 0xF0, 0xDF, 0x45, \ - 0xBE, 0x81, 0x12, 0xF4 -#define EC_PARAM_sect283r1_order \ - 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xEF, 0x90, 0x39, 0x96, 0x60, 0xFC, \ - 0x93, 0x8A, 0x90, 0x16, 0x5B, 0x04, 0x2A, 0x7C, \ - 0xEF, 0xAD, 0xB3, 0x07 -#endif - -#if 0 -/* sect409k1 : NIST/SECG curve over a 409 bit binary field */ -#define EC_PARAM_sect409k1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect409k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_sect409k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect409k1_x \ - 0x00, 0x60, 0xF0, 0x5F, 0x65, 0x8F, 0x49, 0xC1, \ - 0xAD, 0x3A, 0xB1, 0x89, 0x0F, 0x71, 0x84, 0x21, \ - 0x0E, 0xFD, 0x09, 0x87, 0xE3, 0x07, 0xC8, 0x4C, \ - 0x27, 0xAC, 0xCF, 0xB8, 0xF9, 0xF6, 0x7C, 0xC2, \ - 0xC4, 0x60, 0x18, 0x9E, 0xB5, 0xAA, 0xAA, 0x62, \ - 0xEE, 0x22, 0x2E, 0xB1, 0xB3, 0x55, 0x40, 0xCF, \ - 0xE9, 0x02, 0x37, 0x46 -#define EC_PARAM_sect409k1_y \ - 0x01, 0xE3, 0x69, 0x05, 0x0B, 0x7C, 0x4E, 0x42, \ - 0xAC, 0xBA, 0x1D, 0xAC, 0xBF, 0x04, 0x29, 0x9C, \ - 0x34, 0x60, 0x78, 0x2F, 0x91, 0x8E, 0xA4, 0x27, \ - 0xE6, 0x32, 0x51, 0x65, 0xE9, 0xEA, 0x10, 0xE3, \ - 0xDA, 0x5F, 0x6C, 0x42, 0xE9, 0xC5, 0x52, 0x15, \ - 0xAA, 0x9C, 0xA2, 0x7A, 0x58, 0x63, 0xEC, 0x48, \ - 0xD8, 0xE0, 0x28, 0x6B -#define EC_PARAM_sect409k1_order \ - 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFE, 0x5F, 0x83, 0xB2, 0xD4, 0xEA, \ - 0x20, 0x40, 0x0E, 0xC4, 0x55, 0x7D, 0x5E, 0xD3, \ - 0xE3, 0xE7, 0xCA, 0x5B, 0x4B, 0x5C, 0x83, 0xB8, \ - 0xE0, 0x1E, 0x5F, 0xCF -#endif - -#if 0 -/* sect409r1 : NIST/SECG curve over a 409 bit binary field */ -#define EC_PARAM_sect409r1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect409r1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect409r1_b \ - 0x00, 0x21, 0xA5, 0xC2, 0xC8, 0xEE, 0x9F, 0xEB, \ - 0x5C, 0x4B, 0x9A, 0x75, 0x3B, 0x7B, 0x47, 0x6B, \ - 0x7F, 0xD6, 0x42, 0x2E, 0xF1, 0xF3, 0xDD, 0x67, \ - 0x47, 0x61, 0xFA, 0x99, 0xD6, 0xAC, 0x27, 0xC8, \ - 0xA9, 0xA1, 0x97, 0xB2, 0x72, 0x82, 0x2F, 0x6C, \ - 0xD5, 0x7A, 0x55, 0xAA, 0x4F, 0x50, 0xAE, 0x31, \ - 0x7B, 0x13, 0x54, 0x5F -#define EC_PARAM_sect409r1_x \ - 0x01, 0x5D, 0x48, 0x60, 0xD0, 0x88, 0xDD, 0xB3, \ - 0x49, 0x6B, 0x0C, 0x60, 0x64, 0x75, 0x62, 0x60, \ - 0x44, 0x1C, 0xDE, 0x4A, 0xF1, 0x77, 0x1D, 0x4D, \ - 0xB0, 0x1F, 0xFE, 0x5B, 0x34, 0xE5, 0x97, 0x03, \ - 0xDC, 0x25, 0x5A, 0x86, 0x8A, 0x11, 0x80, 0x51, \ - 0x56, 0x03, 0xAE, 0xAB, 0x60, 0x79, 0x4E, 0x54, \ - 0xBB, 0x79, 0x96, 0xA7 -#define EC_PARAM_sect409r1_y \ - 0x00, 0x61, 0xB1, 0xCF, 0xAB, 0x6B, 0xE5, 0xF3, \ - 0x2B, 0xBF, 0xA7, 0x83, 0x24, 0xED, 0x10, 0x6A, \ - 0x76, 0x36, 0xB9, 0xC5, 0xA7, 0xBD, 0x19, 0x8D, \ - 0x01, 0x58, 0xAA, 0x4F, 0x54, 0x88, 0xD0, 0x8F, \ - 0x38, 0x51, 0x4F, 0x1F, 0xDF, 0x4B, 0x4F, 0x40, \ - 0xD2, 0x18, 0x1B, 0x36, 0x81, 0xC3, 0x64, 0xBA, \ - 0x02, 0x73, 0xC7, 0x06 -#define EC_PARAM_sect409r1_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xE2, 0xAA, 0xD6, 0xA6, 0x12, \ - 0xF3, 0x33, 0x07, 0xBE, 0x5F, 0xA4, 0x7C, 0x3C, \ - 0x9E, 0x05, 0x2F, 0x83, 0x81, 0x64, 0xCD, 0x37, \ - 0xD9, 0xA2, 0x11, 0x73 -#endif - -#if 0 -/* sect571k1 : NIST/SECG curve over a 571 bit binary field */ -#define EC_PARAM_sect571k1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25 -#define EC_PARAM_sect571k1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_sect571k1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect571k1_x \ - 0x02, 0x6E, 0xB7, 0xA8, 0x59, 0x92, 0x3F, 0xBC, \ - 0x82, 0x18, 0x96, 0x31, 0xF8, 0x10, 0x3F, 0xE4, \ - 0xAC, 0x9C, 0xA2, 0x97, 0x00, 0x12, 0xD5, 0xD4, \ - 0x60, 0x24, 0x80, 0x48, 0x01, 0x84, 0x1C, 0xA4, \ - 0x43, 0x70, 0x95, 0x84, 0x93, 0xB2, 0x05, 0xE6, \ - 0x47, 0xDA, 0x30, 0x4D, 0xB4, 0xCE, 0xB0, 0x8C, \ - 0xBB, 0xD1, 0xBA, 0x39, 0x49, 0x47, 0x76, 0xFB, \ - 0x98, 0x8B, 0x47, 0x17, 0x4D, 0xCA, 0x88, 0xC7, \ - 0xE2, 0x94, 0x52, 0x83, 0xA0, 0x1C, 0x89, 0x72 -#define EC_PARAM_sect571k1_y \ - 0x03, 0x49, 0xDC, 0x80, 0x7F, 0x4F, 0xBF, 0x37, \ - 0x4F, 0x4A, 0xEA, 0xDE, 0x3B, 0xCA, 0x95, 0x31, \ - 0x4D, 0xD5, 0x8C, 0xEC, 0x9F, 0x30, 0x7A, 0x54, \ - 0xFF, 0xC6, 0x1E, 0xFC, 0x00, 0x6D, 0x8A, 0x2C, \ - 0x9D, 0x49, 0x79, 0xC0, 0xAC, 0x44, 0xAE, 0xA7, \ - 0x4F, 0xBE, 0xBB, 0xB9, 0xF7, 0x72, 0xAE, 0xDC, \ - 0xB6, 0x20, 0xB0, 0x1A, 0x7B, 0xA7, 0xAF, 0x1B, \ - 0x32, 0x04, 0x30, 0xC8, 0x59, 0x19, 0x84, 0xF6, \ - 0x01, 0xCD, 0x4C, 0x14, 0x3E, 0xF1, 0xC7, 0xA3 -#define EC_PARAM_sect571k1_order \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x13, 0x18, 0x50, 0xE1, \ - 0xF1, 0x9A, 0x63, 0xE4, 0xB3, 0x91, 0xA8, 0xDB, \ - 0x91, 0x7F, 0x41, 0x38, 0xB6, 0x30, 0xD8, 0x4B, \ - 0xE5, 0xD6, 0x39, 0x38, 0x1E, 0x91, 0xDE, 0xB4, \ - 0x5C, 0xFE, 0x77, 0x8F, 0x63, 0x7C, 0x10, 0x01 -#endif - -#if 0 -/* sect571r1 : NIST/SECG curve over a 571 bit binary field */ -#define EC_PARAM_sect571r1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25 -#define EC_PARAM_sect571r1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_sect571r1_b \ - 0x02, 0xF4, 0x0E, 0x7E, 0x22, 0x21, 0xF2, 0x95, \ - 0xDE, 0x29, 0x71, 0x17, 0xB7, 0xF3, 0xD6, 0x2F, \ - 0x5C, 0x6A, 0x97, 0xFF, 0xCB, 0x8C, 0xEF, 0xF1, \ - 0xCD, 0x6B, 0xA8, 0xCE, 0x4A, 0x9A, 0x18, 0xAD, \ - 0x84, 0xFF, 0xAB, 0xBD, 0x8E, 0xFA, 0x59, 0x33, \ - 0x2B, 0xE7, 0xAD, 0x67, 0x56, 0xA6, 0x6E, 0x29, \ - 0x4A, 0xFD, 0x18, 0x5A, 0x78, 0xFF, 0x12, 0xAA, \ - 0x52, 0x0E, 0x4D, 0xE7, 0x39, 0xBA, 0xCA, 0x0C, \ - 0x7F, 0xFE, 0xFF, 0x7F, 0x29, 0x55, 0x72, 0x7A -#define EC_PARAM_sect571r1_x \ - 0x03, 0x03, 0x00, 0x1D, 0x34, 0xB8, 0x56, 0x29, \ - 0x6C, 0x16, 0xC0, 0xD4, 0x0D, 0x3C, 0xD7, 0x75, \ - 0x0A, 0x93, 0xD1, 0xD2, 0x95, 0x5F, 0xA8, 0x0A, \ - 0xA5, 0xF4, 0x0F, 0xC8, 0xDB, 0x7B, 0x2A, 0xBD, \ - 0xBD, 0xE5, 0x39, 0x50, 0xF4, 0xC0, 0xD2, 0x93, \ - 0xCD, 0xD7, 0x11, 0xA3, 0x5B, 0x67, 0xFB, 0x14, \ - 0x99, 0xAE, 0x60, 0x03, 0x86, 0x14, 0xF1, 0x39, \ - 0x4A, 0xBF, 0xA3, 0xB4, 0xC8, 0x50, 0xD9, 0x27, \ - 0xE1, 0xE7, 0x76, 0x9C, 0x8E, 0xEC, 0x2D, 0x19 -#define EC_PARAM_sect571r1_y \ - 0x03, 0x7B, 0xF2, 0x73, 0x42, 0xDA, 0x63, 0x9B, \ - 0x6D, 0xCC, 0xFF, 0xFE, 0xB7, 0x3D, 0x69, 0xD7, \ - 0x8C, 0x6C, 0x27, 0xA6, 0x00, 0x9C, 0xBB, 0xCA, \ - 0x19, 0x80, 0xF8, 0x53, 0x39, 0x21, 0xE8, 0xA6, \ - 0x84, 0x42, 0x3E, 0x43, 0xBA, 0xB0, 0x8A, 0x57, \ - 0x62, 0x91, 0xAF, 0x8F, 0x46, 0x1B, 0xB2, 0xA8, \ - 0xB3, 0x53, 0x1D, 0x2F, 0x04, 0x85, 0xC1, 0x9B, \ - 0x16, 0xE2, 0xF1, 0x51, 0x6E, 0x23, 0xDD, 0x3C, \ - 0x1A, 0x48, 0x27, 0xAF, 0x1B, 0x8A, 0xC1, 0x5B -#define EC_PARAM_sect571r1_order \ - 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xE6, 0x61, 0xCE, 0x18, \ - 0xFF, 0x55, 0x98, 0x73, 0x08, 0x05, 0x9B, 0x18, \ - 0x68, 0x23, 0x85, 0x1E, 0xC7, 0xDD, 0x9C, 0xA1, \ - 0x16, 0x1D, 0xE9, 0x3D, 0x51, 0x74, 0xD6, 0x6E, \ - 0x83, 0x82, 0xE9, 0xBB, 0x2F, 0xE8, 0x4E, 0x47 -#endif - -#if 0 -/* c2pnb163v1 : X9.62 curve over a 163 bit binary field */ -#define EC_PARAM_c2pnb163v1_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01, 0x07 -#define EC_PARAM_c2pnb163v1_a \ - 0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, \ - 0x22, 0xE0, 0x78, 0x96, 0x75, 0xF4, 0x32, 0xC8, \ - 0x94, 0x35, 0xDE, 0x52, 0x42 -#define EC_PARAM_c2pnb163v1_b \ - 0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, \ - 0x3C, 0xFF, 0x38, 0xC7, 0x4B, 0x20, 0xB6, 0xCD, \ - 0x4D, 0x6F, 0x9D, 0xD4, 0xD9 -#define EC_PARAM_c2pnb163v1_x \ - 0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, \ - 0x79, 0x32, 0x9F, 0xCC, 0x3D, 0x74, 0x88, 0x0F, \ - 0x33, 0xBB, 0xE8, 0x03, 0xCB -#define EC_PARAM_c2pnb163v1_y \ - 0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, \ - 0xEA, 0x1D, 0x3F, 0x87, 0xF7, 0xEA, 0x58, 0x48, \ - 0xAE, 0xF0, 0xB7, 0xCA, 0x9F -#define EC_PARAM_c2pnb163v1_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xE6, 0x0F, 0xC8, 0x82, 0x1C, \ - 0xC7, 0x4D, 0xAE, 0xAF, 0xC1 -#endif - -#if 0 -/* c2pnb163v2 : X9.62 curve over a 163 bit binary field */ -#define EC_PARAM_c2pnb163v2_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01, 0x07 -#define EC_PARAM_c2pnb163v2_a \ - 0x01, 0x08, 0xB3, 0x9E, 0x77, 0xC4, 0xB1, 0x08, \ - 0xBE, 0xD9, 0x81, 0xED, 0x0E, 0x89, 0x0E, 0x11, \ - 0x7C, 0x51, 0x1C, 0xF0, 0x72 -#define EC_PARAM_c2pnb163v2_b \ - 0x06, 0x67, 0xAC, 0xEB, 0x38, 0xAF, 0x4E, 0x48, \ - 0x8C, 0x40, 0x74, 0x33, 0xFF, 0xAE, 0x4F, 0x1C, \ - 0x81, 0x16, 0x38, 0xDF, 0x20 -#define EC_PARAM_c2pnb163v2_x \ - 0x00, 0x24, 0x26, 0x6E, 0x4E, 0xB5, 0x10, 0x6D, \ - 0x0A, 0x96, 0x4D, 0x92, 0xC4, 0x86, 0x0E, 0x26, \ - 0x71, 0xDB, 0x9B, 0x6C, 0xC5 -#define EC_PARAM_c2pnb163v2_y \ - 0x07, 0x9F, 0x68, 0x4D, 0xDF, 0x66, 0x84, 0xC5, \ - 0xCD, 0x25, 0x8B, 0x38, 0x90, 0x02, 0x1B, 0x23, \ - 0x86, 0xDF, 0xD1, 0x9F, 0xC5 -#define EC_PARAM_c2pnb163v2_order \ - 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFD, 0xF6, 0x4D, 0xE1, 0x15, 0x1A, \ - 0xDB, 0xB7, 0x8F, 0x10, 0xA7 -#endif - -#if 0 -/* c2pnb163v3 : X9.62 curve over a 163 bit binary field */ -#define EC_PARAM_c2pnb163v3_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01, 0x07 -#define EC_PARAM_c2pnb163v3_a \ - 0x07, 0xA5, 0x26, 0xC6, 0x3D, 0x3E, 0x25, 0xA2, \ - 0x56, 0xA0, 0x07, 0x69, 0x9F, 0x54, 0x47, 0xE3, \ - 0x2A, 0xE4, 0x56, 0xB5, 0x0E -#define EC_PARAM_c2pnb163v3_b \ - 0x03, 0xF7, 0x06, 0x17, 0x98, 0xEB, 0x99, 0xE2, \ - 0x38, 0xFD, 0x6F, 0x1B, 0xF9, 0x5B, 0x48, 0xFE, \ - 0xEB, 0x48, 0x54, 0x25, 0x2B -#define EC_PARAM_c2pnb163v3_x \ - 0x02, 0xF9, 0xF8, 0x7B, 0x7C, 0x57, 0x4D, 0x0B, \ - 0xDE, 0xCF, 0x8A, 0x22, 0xE6, 0x52, 0x47, 0x75, \ - 0xF9, 0x8C, 0xDE, 0xBD, 0xCB -#define EC_PARAM_c2pnb163v3_y \ - 0x05, 0xB9, 0x35, 0x59, 0x0C, 0x15, 0x5E, 0x17, \ - 0xEA, 0x48, 0xEB, 0x3F, 0xF3, 0x71, 0x8B, 0x89, \ - 0x3D, 0xF5, 0x9A, 0x05, 0xD0 -#define EC_PARAM_c2pnb163v3_order \ - 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFE, 0x1A, 0xEE, 0x14, 0x0F, 0x11, \ - 0x0A, 0xFF, 0x96, 0x13, 0x09 -#endif - -#if 0 -/* c2pnb176v1 : X9.62 curve over a 176 bit binary field */ -#define EC_PARAM_c2pnb176v1_prime \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x07 -#define EC_PARAM_c2pnb176v1_a \ - 0x00, 0xE4, 0xE6, 0xDB, 0x29, 0x95, 0x06, 0x5C, \ - 0x40, 0x7D, 0x9D, 0x39, 0xB8, 0xD0, 0x96, 0x7B, \ - 0x96, 0x70, 0x4B, 0xA8, 0xE9, 0xC9, 0x0B -#define EC_PARAM_c2pnb176v1_b \ - 0x00, 0x5D, 0xDA, 0x47, 0x0A, 0xBE, 0x64, 0x14, \ - 0xDE, 0x8E, 0xC1, 0x33, 0xAE, 0x28, 0xE9, 0xBB, \ - 0xD7, 0xFC, 0xEC, 0x0A, 0xE0, 0xFF, 0xF2 -#define EC_PARAM_c2pnb176v1_x \ - 0x00, 0x8D, 0x16, 0xC2, 0x86, 0x67, 0x98, 0xB6, \ - 0x00, 0xF9, 0xF0, 0x8B, 0xB4, 0xA8, 0xE8, 0x60, \ - 0xF3, 0x29, 0x8C, 0xE0, 0x4A, 0x57, 0x98 -#define EC_PARAM_c2pnb176v1_y \ - 0x00, 0x6F, 0xA4, 0x53, 0x9C, 0x2D, 0xAD, 0xDD, \ - 0xD6, 0xBA, 0xB5, 0x16, 0x7D, 0x61, 0xB4, 0x36, \ - 0xE1, 0xD9, 0x2B, 0xB1, 0x6A, 0x56, 0x2C -#define EC_PARAM_c2pnb176v1_order \ - 0x00, 0x00, 0x01, 0x00, 0x92, 0x53, 0x73, 0x97, \ - 0xEC, 0xA4, 0xF6, 0x14, 0x57, 0x99, 0xD6, 0x2B, \ - 0x0A, 0x19, 0xCE, 0x06, 0xFE, 0x26, 0xAD -#endif - -#if 0 -/* c2tnb191v1 : X9.62 curve over a 191 bit binary field */ -#define EC_PARAM_c2tnb191v1_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_c2tnb191v1_a \ - 0x28, 0x66, 0x53, 0x7B, 0x67, 0x67, 0x52, 0x63, \ - 0x6A, 0x68, 0xF5, 0x65, 0x54, 0xE1, 0x26, 0x40, \ - 0x27, 0x6B, 0x64, 0x9E, 0xF7, 0x52, 0x62, 0x67 -#define EC_PARAM_c2tnb191v1_b \ - 0x2E, 0x45, 0xEF, 0x57, 0x1F, 0x00, 0x78, 0x6F, \ - 0x67, 0xB0, 0x08, 0x1B, 0x94, 0x95, 0xA3, 0xD9, \ - 0x54, 0x62, 0xF5, 0xDE, 0x0A, 0xA1, 0x85, 0xEC -#define EC_PARAM_c2tnb191v1_x \ - 0x36, 0xB3, 0xDA, 0xF8, 0xA2, 0x32, 0x06, 0xF9, \ - 0xC4, 0xF2, 0x99, 0xD7, 0xB2, 0x1A, 0x9C, 0x36, \ - 0x91, 0x37, 0xF2, 0xC8, 0x4A, 0xE1, 0xAA, 0x0D -#define EC_PARAM_c2tnb191v1_y \ - 0x76, 0x5B, 0xE7, 0x34, 0x33, 0xB3, 0xF9, 0x5E, \ - 0x33, 0x29, 0x32, 0xE7, 0x0E, 0xA2, 0x45, 0xCA, \ - 0x24, 0x18, 0xEA, 0x0E, 0xF9, 0x80, 0x18, 0xFB -#define EC_PARAM_c2tnb191v1_order \ - 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x04, 0xA2, 0x0E, 0x90, \ - 0xC3, 0x90, 0x67, 0xC8, 0x93, 0xBB, 0xB9, 0xA5 -#endif - -#if 0 -/* c2tnb191v2 : X9.62 curve over a 191 bit binary field */ -#define EC_PARAM_c2tnb191v2_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_c2tnb191v2_a \ - 0x40, 0x10, 0x28, 0x77, 0x4D, 0x77, 0x77, 0xC7, \ - 0xB7, 0x66, 0x6D, 0x13, 0x66, 0xEA, 0x43, 0x20, \ - 0x71, 0x27, 0x4F, 0x89, 0xFF, 0x01, 0xE7, 0x18 -#define EC_PARAM_c2tnb191v2_b \ - 0x06, 0x20, 0x04, 0x8D, 0x28, 0xBC, 0xBD, 0x03, \ - 0xB6, 0x24, 0x9C, 0x99, 0x18, 0x2B, 0x7C, 0x8C, \ - 0xD1, 0x97, 0x00, 0xC3, 0x62, 0xC4, 0x6A, 0x01 -#define EC_PARAM_c2tnb191v2_x \ - 0x38, 0x09, 0xB2, 0xB7, 0xCC, 0x1B, 0x28, 0xCC, \ - 0x5A, 0x87, 0x92, 0x6A, 0xAD, 0x83, 0xFD, 0x28, \ - 0x78, 0x9E, 0x81, 0xE2, 0xC9, 0xE3, 0xBF, 0x10 -#define EC_PARAM_c2tnb191v2_y \ - 0x17, 0x43, 0x43, 0x86, 0x62, 0x6D, 0x14, 0xF3, \ - 0xDB, 0xF0, 0x17, 0x60, 0xD9, 0x21, 0x3A, 0x3E, \ - 0x1C, 0xF3, 0x7A, 0xEC, 0x43, 0x7D, 0x66, 0x8A -#define EC_PARAM_c2tnb191v2_order \ - 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x50, 0x50, 0x8C, 0xB8, \ - 0x9F, 0x65, 0x28, 0x24, 0xE0, 0x6B, 0x81, 0x73 -#endif - -#if 0 -/* c2tnb191v3 : X9.62 curve over a 191 bit binary field */ -#define EC_PARAM_c2tnb191v3_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_c2tnb191v3_a \ - 0x6C, 0x01, 0x07, 0x47, 0x56, 0x09, 0x91, 0x22, \ - 0x22, 0x10, 0x56, 0x91, 0x1C, 0x77, 0xD7, 0x7E, \ - 0x77, 0xA7, 0x77, 0xE7, 0xE7, 0xE7, 0x7F, 0xCB -#define EC_PARAM_c2tnb191v3_b \ - 0x71, 0xFE, 0x1A, 0xF9, 0x26, 0xCF, 0x84, 0x79, \ - 0x89, 0xEF, 0xEF, 0x8D, 0xB4, 0x59, 0xF6, 0x63, \ - 0x94, 0xD9, 0x0F, 0x32, 0xAD, 0x3F, 0x15, 0xE8 -#define EC_PARAM_c2tnb191v3_x \ - 0x37, 0x5D, 0x4C, 0xE2, 0x4F, 0xDE, 0x43, 0x44, \ - 0x89, 0xDE, 0x87, 0x46, 0xE7, 0x17, 0x86, 0x01, \ - 0x50, 0x09, 0xE6, 0x6E, 0x38, 0xA9, 0x26, 0xDD -#define EC_PARAM_c2tnb191v3_y \ - 0x54, 0x5A, 0x39, 0x17, 0x61, 0x96, 0x57, 0x5D, \ - 0x98, 0x59, 0x99, 0x36, 0x6E, 0x6A, 0xD3, 0x4C, \ - 0xE0, 0xA7, 0x7C, 0xD7, 0x12, 0x7B, 0x06, 0xBE -#define EC_PARAM_c2tnb191v3_order \ - 0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, \ - 0x55, 0x55, 0x55, 0x55, 0x61, 0x0C, 0x0B, 0x19, \ - 0x68, 0x12, 0xBF, 0xB6, 0x28, 0x8A, 0x3E, 0xA3 -#endif - -#if 0 -/* c2pnb208w1 : X9.62 curve over a 208 bit binary field */ -#define EC_PARAM_c2pnb208w1_prime \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x07 -#define EC_PARAM_c2pnb208w1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00 -#define EC_PARAM_c2pnb208w1_b \ - 0x00, 0xC8, 0x61, 0x9E, 0xD4, 0x5A, 0x62, 0xE6, \ - 0x21, 0x2E, 0x11, 0x60, 0x34, 0x9E, 0x2B, 0xFA, \ - 0x84, 0x44, 0x39, 0xFA, 0xFC, 0x2A, 0x3F, 0xD1, \ - 0x63, 0x8F, 0x9E -#define EC_PARAM_c2pnb208w1_x \ - 0x00, 0x89, 0xFD, 0xFB, 0xE4, 0xAB, 0xE1, 0x93, \ - 0xDF, 0x95, 0x59, 0xEC, 0xF0, 0x7A, 0xC0, 0xCE, \ - 0x78, 0x55, 0x4E, 0x27, 0x84, 0xEB, 0x8C, 0x1E, \ - 0xD1, 0xA5, 0x7A -#define EC_PARAM_c2pnb208w1_y \ - 0x00, 0x0F, 0x55, 0xB5, 0x1A, 0x06, 0xE7, 0x8E, \ - 0x9A, 0xC3, 0x8A, 0x03, 0x5F, 0xF5, 0x20, 0xD8, \ - 0xB0, 0x17, 0x81, 0xBE, 0xB1, 0xA6, 0xBB, 0x08, \ - 0x61, 0x7D, 0xE3 -#define EC_PARAM_c2pnb208w1_order \ - 0x00, 0x00, 0x01, 0x01, 0xBA, 0xF9, 0x5C, 0x97, \ - 0x23, 0xC5, 0x7B, 0x6C, 0x21, 0xDA, 0x2E, 0xFF, \ - 0x2D, 0x5E, 0xD5, 0x88, 0xBD, 0xD5, 0x71, 0x7E, \ - 0x21, 0x2F, 0x9D -#endif - -#if 0 -/* c2tnb239v1 : X9.62 curve over a 239 bit binary field */ -#define EC_PARAM_c2tnb239v1_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x10, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_c2tnb239v1_a \ - 0x32, 0x01, 0x08, 0x57, 0x07, 0x7C, 0x54, 0x31, \ - 0x12, 0x3A, 0x46, 0xB8, 0x08, 0x90, 0x67, 0x56, \ - 0xF5, 0x43, 0x42, 0x3E, 0x8D, 0x27, 0x87, 0x75, \ - 0x78, 0x12, 0x57, 0x78, 0xAC, 0x76 -#define EC_PARAM_c2tnb239v1_b \ - 0x79, 0x04, 0x08, 0xF2, 0xEE, 0xDA, 0xF3, 0x92, \ - 0xB0, 0x12, 0xED, 0xEF, 0xB3, 0x39, 0x2F, 0x30, \ - 0xF4, 0x32, 0x7C, 0x0C, 0xA3, 0xF3, 0x1F, 0xC3, \ - 0x83, 0xC4, 0x22, 0xAA, 0x8C, 0x16 -#define EC_PARAM_c2tnb239v1_x \ - 0x57, 0x92, 0x70, 0x98, 0xFA, 0x93, 0x2E, 0x7C, \ - 0x0A, 0x96, 0xD3, 0xFD, 0x5B, 0x70, 0x6E, 0xF7, \ - 0xE5, 0xF5, 0xC1, 0x56, 0xE1, 0x6B, 0x7E, 0x7C, \ - 0x86, 0x03, 0x85, 0x52, 0xE9, 0x1D -#define EC_PARAM_c2tnb239v1_y \ - 0x61, 0xD8, 0xEE, 0x50, 0x77, 0xC3, 0x3F, 0xEC, \ - 0xF6, 0xF1, 0xA1, 0x6B, 0x26, 0x8D, 0xE4, 0x69, \ - 0xC3, 0xC7, 0x74, 0x4E, 0xA9, 0xA9, 0x71, 0x64, \ - 0x9F, 0xC7, 0xA9, 0x61, 0x63, 0x05 -#define EC_PARAM_c2tnb239v1_order \ - 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0F, \ - 0x4D, 0x42, 0xFF, 0xE1, 0x49, 0x2A, 0x49, 0x93, \ - 0xF1, 0xCA, 0xD6, 0x66, 0xE4, 0x47 -#endif - -#if 0 -/* c2tnb239v2 : X9.62 curve over a 239 bit binary field */ -#define EC_PARAM_c2tnb239v2_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x10, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_c2tnb239v2_a \ - 0x42, 0x30, 0x01, 0x77, 0x57, 0xA7, 0x67, 0xFA, \ - 0xE4, 0x23, 0x98, 0x56, 0x9B, 0x74, 0x63, 0x25, \ - 0xD4, 0x53, 0x13, 0xAF, 0x07, 0x66, 0x26, 0x64, \ - 0x79, 0xB7, 0x56, 0x54, 0xE6, 0x5F -#define EC_PARAM_c2tnb239v2_b \ - 0x50, 0x37, 0xEA, 0x65, 0x41, 0x96, 0xCF, 0xF0, \ - 0xCD, 0x82, 0xB2, 0xC1, 0x4A, 0x2F, 0xCF, 0x2E, \ - 0x3F, 0xF8, 0x77, 0x52, 0x85, 0xB5, 0x45, 0x72, \ - 0x2F, 0x03, 0xEA, 0xCD, 0xB7, 0x4B -#define EC_PARAM_c2tnb239v2_x \ - 0x28, 0xF9, 0xD0, 0x4E, 0x90, 0x00, 0x69, 0xC8, \ - 0xDC, 0x47, 0xA0, 0x85, 0x34, 0xFE, 0x76, 0xD2, \ - 0xB9, 0x00, 0xB7, 0xD7, 0xEF, 0x31, 0xF5, 0x70, \ - 0x9F, 0x20, 0x0C, 0x4C, 0xA2, 0x05 -#define EC_PARAM_c2tnb239v2_y \ - 0x56, 0x67, 0x33, 0x4C, 0x45, 0xAF, 0xF3, 0xB5, \ - 0xA0, 0x3B, 0xAD, 0x9D, 0xD7, 0x5E, 0x2C, 0x71, \ - 0xA9, 0x93, 0x62, 0x56, 0x7D, 0x54, 0x53, 0xF7, \ - 0xFA, 0x6E, 0x22, 0x7E, 0xC8, 0x33 -#define EC_PARAM_c2tnb239v2_order \ - 0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, \ - 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3C, \ - 0x6F, 0x28, 0x85, 0x25, 0x9C, 0x31, 0xE3, 0xFC, \ - 0xDF, 0x15, 0x46, 0x24, 0x52, 0x2D -#endif - -#if 0 -/* c2tnb239v3 : X9.62 curve over a 239 bit binary field */ -#define EC_PARAM_c2tnb239v3_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x10, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_c2tnb239v3_a \ - 0x01, 0x23, 0x87, 0x74, 0x66, 0x6A, 0x67, 0x76, \ - 0x6D, 0x66, 0x76, 0xF7, 0x78, 0xE6, 0x76, 0xB6, \ - 0x69, 0x99, 0x17, 0x66, 0x66, 0xE6, 0x87, 0x66, \ - 0x6D, 0x87, 0x66, 0xC6, 0x6A, 0x9F -#define EC_PARAM_c2tnb239v3_b \ - 0x6A, 0x94, 0x19, 0x77, 0xBA, 0x9F, 0x6A, 0x43, \ - 0x51, 0x99, 0xAC, 0xFC, 0x51, 0x06, 0x7E, 0xD5, \ - 0x87, 0xF5, 0x19, 0xC5, 0xEC, 0xB5, 0x41, 0xB8, \ - 0xE4, 0x41, 0x11, 0xDE, 0x1D, 0x40 -#define EC_PARAM_c2tnb239v3_x \ - 0x70, 0xF6, 0xE9, 0xD0, 0x4D, 0x28, 0x9C, 0x4E, \ - 0x89, 0x91, 0x3C, 0xE3, 0x53, 0x0B, 0xFD, 0xE9, \ - 0x03, 0x97, 0x7D, 0x42, 0xB1, 0x46, 0xD5, 0x39, \ - 0xBF, 0x1B, 0xDE, 0x4E, 0x9C, 0x92 -#define EC_PARAM_c2tnb239v3_y \ - 0x2E, 0x5A, 0x0E, 0xAF, 0x6E, 0x5E, 0x13, 0x05, \ - 0xB9, 0x00, 0x4D, 0xCE, 0x5C, 0x0E, 0xD7, 0xFE, \ - 0x59, 0xA3, 0x56, 0x08, 0xF3, 0x38, 0x37, 0xC8, \ - 0x16, 0xD8, 0x0B, 0x79, 0xF4, 0x61 -#define EC_PARAM_c2tnb239v3_order \ - 0x0C, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, \ - 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xAC, \ - 0x49, 0x12, 0xD2, 0xD9, 0xDF, 0x90, 0x3E, 0xF9, \ - 0x88, 0x8B, 0x8A, 0x0E, 0x4C, 0xFF -#endif - -#if 0 -/* c2pnb272w1 : X9.62 curve over a 272 bit binary field */ -#define EC_PARAM_c2pnb272w1_prime \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x0B -#define EC_PARAM_c2pnb272w1_a \ - 0x00, 0x91, 0xA0, 0x91, 0xF0, 0x3B, 0x5F, 0xBA, \ - 0x4A, 0xB2, 0xCC, 0xF4, 0x9C, 0x4E, 0xDD, 0x22, \ - 0x0F, 0xB0, 0x28, 0x71, 0x2D, 0x42, 0xBE, 0x75, \ - 0x2B, 0x2C, 0x40, 0x09, 0x4D, 0xBA, 0xCD, 0xB5, \ - 0x86, 0xFB, 0x20 -#define EC_PARAM_c2pnb272w1_b \ - 0x00, 0x71, 0x67, 0xEF, 0xC9, 0x2B, 0xB2, 0xE3, \ - 0xCE, 0x7C, 0x8A, 0xAA, 0xFF, 0x34, 0xE1, 0x2A, \ - 0x9C, 0x55, 0x70, 0x03, 0xD7, 0xC7, 0x3A, 0x6F, \ - 0xAF, 0x00, 0x3F, 0x99, 0xF6, 0xCC, 0x84, 0x82, \ - 0xE5, 0x40, 0xF7 -#define EC_PARAM_c2pnb272w1_x \ - 0x00, 0x61, 0x08, 0xBA, 0xBB, 0x2C, 0xEE, 0xBC, \ - 0xF7, 0x87, 0x05, 0x8A, 0x05, 0x6C, 0xBE, 0x0C, \ - 0xFE, 0x62, 0x2D, 0x77, 0x23, 0xA2, 0x89, 0xE0, \ - 0x8A, 0x07, 0xAE, 0x13, 0xEF, 0x0D, 0x10, 0xD1, \ - 0x71, 0xDD, 0x8D -#define EC_PARAM_c2pnb272w1_y \ - 0x00, 0x10, 0xC7, 0x69, 0x57, 0x16, 0x85, 0x1E, \ - 0xEF, 0x6B, 0xA7, 0xF6, 0x87, 0x2E, 0x61, 0x42, \ - 0xFB, 0xD2, 0x41, 0xB8, 0x30, 0xFF, 0x5E, 0xFC, \ - 0xAC, 0xEC, 0xCA, 0xB0, 0x5E, 0x02, 0x00, 0x5D, \ - 0xDE, 0x9D, 0x23 -#define EC_PARAM_c2pnb272w1_order \ - 0x00, 0x00, 0x01, 0x00, 0xFA, 0xF5, 0x13, 0x54, \ - 0xE0, 0xE3, 0x9E, 0x48, 0x92, 0xDF, 0x6E, 0x31, \ - 0x9C, 0x72, 0xC8, 0x16, 0x16, 0x03, 0xFA, 0x45, \ - 0xAA, 0x7B, 0x99, 0x8A, 0x16, 0x7B, 0x8F, 0x1E, \ - 0x62, 0x95, 0x21 -#endif - -#if 0 -/* c2pnb304w1 : X9.62 curve over a 304 bit binary field */ -#define EC_PARAM_c2pnb304w1_prime \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x07 -#define EC_PARAM_c2pnb304w1_a \ - 0x00, 0xFD, 0x0D, 0x69, 0x31, 0x49, 0xA1, 0x18, \ - 0xF6, 0x51, 0xE6, 0xDC, 0xE6, 0x80, 0x20, 0x85, \ - 0x37, 0x7E, 0x5F, 0x88, 0x2D, 0x1B, 0x51, 0x0B, \ - 0x44, 0x16, 0x00, 0x74, 0xC1, 0x28, 0x80, 0x78, \ - 0x36, 0x5A, 0x03, 0x96, 0xC8, 0xE6, 0x81 -#define EC_PARAM_c2pnb304w1_b \ - 0x00, 0xBD, 0xDB, 0x97, 0xE5, 0x55, 0xA5, 0x0A, \ - 0x90, 0x8E, 0x43, 0xB0, 0x1C, 0x79, 0x8E, 0xA5, \ - 0xDA, 0xA6, 0x78, 0x8F, 0x1E, 0xA2, 0x79, 0x4E, \ - 0xFC, 0xF5, 0x71, 0x66, 0xB8, 0xC1, 0x40, 0x39, \ - 0x60, 0x1E, 0x55, 0x82, 0x73, 0x40, 0xBE -#define EC_PARAM_c2pnb304w1_x \ - 0x00, 0x19, 0x7B, 0x07, 0x84, 0x5E, 0x9B, 0xE2, \ - 0xD9, 0x6A, 0xDB, 0x0F, 0x5F, 0x3C, 0x7F, 0x2C, \ - 0xFF, 0xBD, 0x7A, 0x3E, 0xB8, 0xB6, 0xFE, 0xC3, \ - 0x5C, 0x7F, 0xD6, 0x7F, 0x26, 0xDD, 0xF6, 0x28, \ - 0x5A, 0x64, 0x4F, 0x74, 0x0A, 0x26, 0x14 -#define EC_PARAM_c2pnb304w1_y \ - 0x00, 0xE1, 0x9F, 0xBE, 0xB7, 0x6E, 0x0D, 0xA1, \ - 0x71, 0x51, 0x7E, 0xCF, 0x40, 0x1B, 0x50, 0x28, \ - 0x9B, 0xF0, 0x14, 0x10, 0x32, 0x88, 0x52, 0x7A, \ - 0x9B, 0x41, 0x6A, 0x10, 0x5E, 0x80, 0x26, 0x0B, \ - 0x54, 0x9F, 0xDC, 0x1B, 0x92, 0xC0, 0x3B -#define EC_PARAM_c2pnb304w1_order \ - 0x00, 0x00, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, \ - 0xAB, 0xAC, 0x80, 0x01, 0x01, 0xD5, 0x56, 0x57, \ - 0x2A, 0xAB, 0xAC, 0x80, 0x01, 0x02, 0x2D, 0x5C, \ - 0x91, 0xDD, 0x17, 0x3F, 0x8F, 0xB5, 0x61, 0xDA, \ - 0x68, 0x99, 0x16, 0x44, 0x43, 0x05, 0x1D -#endif - -#if 0 -/* c2tnb359v1 : X9.62 curve over a 359 bit binary field */ -#define EC_PARAM_c2tnb359v1_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_c2tnb359v1_a \ - 0x56, 0x67, 0x67, 0x6A, 0x65, 0x4B, 0x20, 0x75, \ - 0x4F, 0x35, 0x6E, 0xA9, 0x20, 0x17, 0xD9, 0x46, \ - 0x56, 0x7C, 0x46, 0x67, 0x55, 0x56, 0xF1, 0x95, \ - 0x56, 0xA0, 0x46, 0x16, 0xB5, 0x67, 0xD2, 0x23, \ - 0xA5, 0xE0, 0x56, 0x56, 0xFB, 0x54, 0x90, 0x16, \ - 0xA9, 0x66, 0x56, 0xA5, 0x57 -#define EC_PARAM_c2tnb359v1_b \ - 0x24, 0x72, 0xE2, 0xD0, 0x19, 0x7C, 0x49, 0x36, \ - 0x3F, 0x1F, 0xE7, 0xF5, 0xB6, 0xDB, 0x07, 0x5D, \ - 0x52, 0xB6, 0x94, 0x7D, 0x13, 0x5D, 0x8C, 0xA4, \ - 0x45, 0x80, 0x5D, 0x39, 0xBC, 0x34, 0x56, 0x26, \ - 0x08, 0x96, 0x87, 0x74, 0x2B, 0x63, 0x29, 0xE7, \ - 0x06, 0x80, 0x23, 0x19, 0x88 -#define EC_PARAM_c2tnb359v1_x \ - 0x3C, 0x25, 0x8E, 0xF3, 0x04, 0x77, 0x67, 0xE7, \ - 0xED, 0xE0, 0xF1, 0xFD, 0xAA, 0x79, 0xDA, 0xEE, \ - 0x38, 0x41, 0x36, 0x6A, 0x13, 0x2E, 0x16, 0x3A, \ - 0xCE, 0xD4, 0xED, 0x24, 0x01, 0xDF, 0x9C, 0x6B, \ - 0xDC, 0xDE, 0x98, 0xE8, 0xE7, 0x07, 0xC0, 0x7A, \ - 0x22, 0x39, 0xB1, 0xB0, 0x97 -#define EC_PARAM_c2tnb359v1_y \ - 0x53, 0xD7, 0xE0, 0x85, 0x29, 0x54, 0x70, 0x48, \ - 0x12, 0x1E, 0x9C, 0x95, 0xF3, 0x79, 0x1D, 0xD8, \ - 0x04, 0x96, 0x39, 0x48, 0xF3, 0x4F, 0xAE, 0x7B, \ - 0xF4, 0x4E, 0xA8, 0x23, 0x65, 0xDC, 0x78, 0x68, \ - 0xFE, 0x57, 0xE4, 0xAE, 0x2D, 0xE2, 0x11, 0x30, \ - 0x5A, 0x40, 0x71, 0x04, 0xBD -#define EC_PARAM_c2tnb359v1_order \ - 0x01, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, \ - 0xBC, 0xA1, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, \ - 0x86, 0xBC, 0xA1, 0xAF, 0x28, 0x6B, 0xC9, 0xFB, \ - 0x8F, 0x6B, 0x85, 0xC5, 0x56, 0x89, 0x2C, 0x20, \ - 0xA7, 0xEB, 0x96, 0x4F, 0xE7, 0x71, 0x9E, 0x74, \ - 0xF4, 0x90, 0x75, 0x8D, 0x3B -#endif - -#if 0 -/* c2pnb368w1 : X9.62 curve over a 368 bit binary field */ -#define EC_PARAM_c2pnb368w1_prime \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07 -#define EC_PARAM_c2pnb368w1_a \ - 0x00, 0xE0, 0xD2, 0xEE, 0x25, 0x09, 0x52, 0x06, \ - 0xF5, 0xE2, 0xA4, 0xF9, 0xED, 0x22, 0x9F, 0x1F, \ - 0x25, 0x6E, 0x79, 0xA0, 0xE2, 0xB4, 0x55, 0x97, \ - 0x0D, 0x8D, 0x0D, 0x86, 0x5B, 0xD9, 0x47, 0x78, \ - 0xC5, 0x76, 0xD6, 0x2F, 0x0A, 0xB7, 0x51, 0x9C, \ - 0xCD, 0x2A, 0x1A, 0x90, 0x6A, 0xE3, 0x0D -#define EC_PARAM_c2pnb368w1_b \ - 0x00, 0xFC, 0x12, 0x17, 0xD4, 0x32, 0x0A, 0x90, \ - 0x45, 0x2C, 0x76, 0x0A, 0x58, 0xED, 0xCD, 0x30, \ - 0xC8, 0xDD, 0x06, 0x9B, 0x3C, 0x34, 0x45, 0x38, \ - 0x37, 0xA3, 0x4E, 0xD5, 0x0C, 0xB5, 0x49, 0x17, \ - 0xE1, 0xC2, 0x11, 0x2D, 0x84, 0xD1, 0x64, 0xF4, \ - 0x44, 0xF8, 0xF7, 0x47, 0x86, 0x04, 0x6A -#define EC_PARAM_c2pnb368w1_x \ - 0x00, 0x10, 0x85, 0xE2, 0x75, 0x53, 0x81, 0xDC, \ - 0xCC, 0xE3, 0xC1, 0x55, 0x7A, 0xFA, 0x10, 0xC2, \ - 0xF0, 0xC0, 0xC2, 0x82, 0x56, 0x46, 0xC5, 0xB3, \ - 0x4A, 0x39, 0x4C, 0xBC, 0xFA, 0x8B, 0xC1, 0x6B, \ - 0x22, 0xE7, 0xE7, 0x89, 0xE9, 0x27, 0xBE, 0x21, \ - 0x6F, 0x02, 0xE1, 0xFB, 0x13, 0x6A, 0x5F -#define EC_PARAM_c2pnb368w1_y \ - 0x00, 0x7B, 0x3E, 0xB1, 0xBD, 0xDC, 0xBA, 0x62, \ - 0xD5, 0xD8, 0xB2, 0x05, 0x9B, 0x52, 0x57, 0x97, \ - 0xFC, 0x73, 0x82, 0x2C, 0x59, 0x05, 0x9C, 0x62, \ - 0x3A, 0x45, 0xFF, 0x38, 0x43, 0xCE, 0xE8, 0xF8, \ - 0x7C, 0xD1, 0x85, 0x5A, 0xDA, 0xA8, 0x1E, 0x2A, \ - 0x07, 0x50, 0xB8, 0x0F, 0xDA, 0x23, 0x10 -#define EC_PARAM_c2pnb368w1_order \ - 0x00, 0x00, 0x01, 0x00, 0x90, 0x51, 0x2D, 0xA9, \ - 0xAF, 0x72, 0xB0, 0x83, 0x49, 0xD9, 0x8A, 0x5D, \ - 0xD4, 0xC7, 0xB0, 0x53, 0x2E, 0xCA, 0x51, 0xCE, \ - 0x03, 0xE2, 0xD1, 0x0F, 0x3B, 0x7A, 0xC5, 0x79, \ - 0xBD, 0x87, 0xE9, 0x09, 0xAE, 0x40, 0xA6, 0xF1, \ - 0x31, 0xE9, 0xCF, 0xCE, 0x5B, 0xD9, 0x67 -#endif - -#if 0 -/* c2tnb431r1 : X9.62 curve over a 431 bit binary field */ -#define EC_PARAM_c2tnb431r1_prime \ - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_c2tnb431r1_a \ - 0x1A, 0x82, 0x7E, 0xF0, 0x0D, 0xD6, 0xFC, 0x0E, \ - 0x23, 0x4C, 0xAF, 0x04, 0x6C, 0x6A, 0x5D, 0x8A, \ - 0x85, 0x39, 0x5B, 0x23, 0x6C, 0xC4, 0xAD, 0x2C, \ - 0xF3, 0x2A, 0x0C, 0xAD, 0xBD, 0xC9, 0xDD, 0xF6, \ - 0x20, 0xB0, 0xEB, 0x99, 0x06, 0xD0, 0x95, 0x7F, \ - 0x6C, 0x6F, 0xEA, 0xCD, 0x61, 0x54, 0x68, 0xDF, \ - 0x10, 0x4D, 0xE2, 0x96, 0xCD, 0x8F -#define EC_PARAM_c2tnb431r1_b \ - 0x10, 0xD9, 0xB4, 0xA3, 0xD9, 0x04, 0x7D, 0x8B, \ - 0x15, 0x43, 0x59, 0xAB, 0xFB, 0x1B, 0x7F, 0x54, \ - 0x85, 0xB0, 0x4C, 0xEB, 0x86, 0x82, 0x37, 0xDD, \ - 0xC9, 0xDE, 0xDA, 0x98, 0x2A, 0x67, 0x9A, 0x5A, \ - 0x91, 0x9B, 0x62, 0x6D, 0x4E, 0x50, 0xA8, 0xDD, \ - 0x73, 0x1B, 0x10, 0x7A, 0x99, 0x62, 0x38, 0x1F, \ - 0xB5, 0xD8, 0x07, 0xBF, 0x26, 0x18 -#define EC_PARAM_c2tnb431r1_x \ - 0x12, 0x0F, 0xC0, 0x5D, 0x3C, 0x67, 0xA9, 0x9D, \ - 0xE1, 0x61, 0xD2, 0xF4, 0x09, 0x26, 0x22, 0xFE, \ - 0xCA, 0x70, 0x1B, 0xE4, 0xF5, 0x0F, 0x47, 0x58, \ - 0x71, 0x4E, 0x8A, 0x87, 0xBB, 0xF2, 0xA6, 0x58, \ - 0xEF, 0x8C, 0x21, 0xE7, 0xC5, 0xEF, 0xE9, 0x65, \ - 0x36, 0x1F, 0x6C, 0x29, 0x99, 0xC0, 0xC2, 0x47, \ - 0xB0, 0xDB, 0xD7, 0x0C, 0xE6, 0xB7 -#define EC_PARAM_c2tnb431r1_y \ - 0x20, 0xD0, 0xAF, 0x89, 0x03, 0xA9, 0x6F, 0x8D, \ - 0x5F, 0xA2, 0xC2, 0x55, 0x74, 0x5D, 0x3C, 0x45, \ - 0x1B, 0x30, 0x2C, 0x93, 0x46, 0xD9, 0xB7, 0xE4, \ - 0x85, 0xE7, 0xBC, 0xE4, 0x1F, 0x6B, 0x59, 0x1F, \ - 0x3E, 0x8F, 0x6A, 0xDD, 0xCB, 0xB0, 0xBC, 0x4C, \ - 0x2F, 0x94, 0x7A, 0x7D, 0xE1, 0xA8, 0x9B, 0x62, \ - 0x5D, 0x6A, 0x59, 0x8B, 0x37, 0x60 -#define EC_PARAM_c2tnb431r1_order \ - 0x00, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, \ - 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, \ - 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, \ - 0x34, 0x03, 0x40, 0x34, 0x03, 0x23, 0xC3, 0x13, \ - 0xFA, 0xB5, 0x05, 0x89, 0x70, 0x3B, 0x5E, 0xC6, \ - 0x8D, 0x35, 0x87, 0xFE, 0xC6, 0x0D, 0x16, 0x1C, \ - 0xC1, 0x49, 0xC1, 0xAD, 0x4A, 0x91 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls1 : WTLS curve over a 113 bit binary field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls1_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls1_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls1_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls1_x \ - 0x01, 0x66, 0x79, 0x79, 0xA4, 0x0B, 0xA4, 0x97, \ - 0xE5, 0xD5, 0xC2, 0x70, 0x78, 0x06, 0x17 -#define EC_PARAM_wap_wsg_idm_ecid_wtls1_y \ - 0x00, 0xF4, 0x4B, 0x4A, 0xF1, 0xEC, 0xC2, 0x63, \ - 0x0E, 0x08, 0x78, 0x5C, 0xEB, 0xCC, 0x15 -#define EC_PARAM_wap_wsg_idm_ecid_wtls1_order \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFD, 0xBF, 0x91, 0xAF, 0x6D, 0xEA, 0x73 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls3 : NIST/SECG/WTLS curve over a 163 bit binary field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls3_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0xC9 -#define EC_PARAM_wap_wsg_idm_ecid_wtls3_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls3_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls3_x \ - 0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, \ - 0xAC, 0xAA, 0x07, 0xD7, 0x93, 0xDE, 0x4E, 0x6D, \ - 0x5E, 0x5C, 0x94, 0xEE, 0xE8 -#define EC_PARAM_wap_wsg_idm_ecid_wtls3_y \ - 0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, \ - 0x58, 0x32, 0x1F, 0x2E, 0x80, 0x05, 0x36, 0xD5, \ - 0x38, 0xCC, 0xDA, 0xA3, 0xD9 -#define EC_PARAM_wap_wsg_idm_ecid_wtls3_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x02, 0x01, 0x08, 0xA2, 0xE0, 0xCC, \ - 0x0D, 0x99, 0xF8, 0xA5, 0xEF -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls4 : SECG curve over a 113 bit binary field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls4_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls4_a \ - 0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, \ - 0xFE, 0x64, 0x9C, 0xE8, 0x58, 0x20, 0xF7 -#define EC_PARAM_wap_wsg_idm_ecid_wtls4_b \ - 0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, \ - 0x44, 0x18, 0x8B, 0xE0, 0xE9, 0xC7, 0x23 -#define EC_PARAM_wap_wsg_idm_ecid_wtls4_x \ - 0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, \ - 0x14, 0x07, 0xD7, 0x35, 0x62, 0xC1, 0x0F -#define EC_PARAM_wap_wsg_idm_ecid_wtls4_y \ - 0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, \ - 0x84, 0xD1, 0x31, 0x5E, 0xD3, 0x18, 0x86 -#define EC_PARAM_wap_wsg_idm_ecid_wtls4_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0xD9, 0xCC, 0xEC, 0x8A, 0x39, 0xE5, 0x6F -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls5 : X9.62 curve over a 163 bit binary field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls5_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01, 0x07 -#define EC_PARAM_wap_wsg_idm_ecid_wtls5_a \ - 0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, \ - 0x22, 0xE0, 0x78, 0x96, 0x75, 0xF4, 0x32, 0xC8, \ - 0x94, 0x35, 0xDE, 0x52, 0x42 -#define EC_PARAM_wap_wsg_idm_ecid_wtls5_b \ - 0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, \ - 0x3C, 0xFF, 0x38, 0xC7, 0x4B, 0x20, 0xB6, 0xCD, \ - 0x4D, 0x6F, 0x9D, 0xD4, 0xD9 -#define EC_PARAM_wap_wsg_idm_ecid_wtls5_x \ - 0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, \ - 0x79, 0x32, 0x9F, 0xCC, 0x3D, 0x74, 0x88, 0x0F, \ - 0x33, 0xBB, 0xE8, 0x03, 0xCB -#define EC_PARAM_wap_wsg_idm_ecid_wtls5_y \ - 0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, \ - 0xEA, 0x1D, 0x3F, 0x87, 0xF7, 0xEA, 0x58, 0x48, \ - 0xAE, 0xF0, 0xB7, 0xCA, 0x9F -#define EC_PARAM_wap_wsg_idm_ecid_wtls5_order \ - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xE6, 0x0F, 0xC8, 0x82, 0x1C, \ - 0xC7, 0x4D, 0xAE, 0xAF, 0xC1 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls6 : SECG/WTLS curve over a 112 bit prime field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls6_prime \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, \ - 0x80, 0x76, 0xBE, 0xAD, 0x20, 0x8B -#define EC_PARAM_wap_wsg_idm_ecid_wtls6_a \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, \ - 0x80, 0x76, 0xBE, 0xAD, 0x20, 0x88 -#define EC_PARAM_wap_wsg_idm_ecid_wtls6_b \ - 0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, \ - 0xDE, 0x89, 0x11, 0x70, 0x2B, 0x22 -#define EC_PARAM_wap_wsg_idm_ecid_wtls6_x \ - 0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, \ - 0x6B, 0x55, 0xF9, 0xC2, 0xF0, 0x98 -#define EC_PARAM_wap_wsg_idm_ecid_wtls6_y \ - 0xA8, 0x9C, 0xE5, 0xAF, 0x87, 0x24, 0xC0, 0xA2, \ - 0x3E, 0x0E, 0x0F, 0xF7, 0x75, 0x00 -#define EC_PARAM_wap_wsg_idm_ecid_wtls6_order \ - 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, \ - 0x28, 0xDF, 0xAC, 0x65, 0x61, 0xC5 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls7 : SECG/WTLS curve over a 160 bit prime field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls7_prime \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFE, 0xFF, 0xFF, 0xAC, 0x73 -#define EC_PARAM_wap_wsg_idm_ecid_wtls7_a \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFE, 0xFF, 0xFF, 0xAC, 0x70 -#define EC_PARAM_wap_wsg_idm_ecid_wtls7_b \ - 0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, \ - 0x8B, 0xAB, 0x57, 0x27, 0x49, 0x04, 0x66, 0x4D, \ - 0x5A, 0xF5, 0x03, 0x88, 0xBA -#define EC_PARAM_wap_wsg_idm_ecid_wtls7_x \ - 0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, \ - 0x7E, 0x1F, 0x4F, 0xF1, 0x1B, 0x30, 0xF7, 0x19, \ - 0x9D, 0x31, 0x44, 0xCE, 0x6D -#define EC_PARAM_wap_wsg_idm_ecid_wtls7_y \ - 0x00, 0xFE, 0xAF, 0xFE, 0xF2, 0xE3, 0x31, 0xF2, \ - 0x96, 0xE0, 0x71, 0xFA, 0x0D, 0xF9, 0x98, 0x2C, \ - 0xFE, 0xA7, 0xD4, 0x3F, 0x2E -#define EC_PARAM_wap_wsg_idm_ecid_wtls7_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x35, 0x1E, 0xE7, 0x86, 0xA8, \ - 0x18, 0xF3, 0xA1, 0xA1, 0x6B -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls8 : WTLS curve over a 112 bit prime field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls8_prime \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xE7 -#define EC_PARAM_wap_wsg_idm_ecid_wtls8_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_wap_wsg_idm_ecid_wtls8_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 -#define EC_PARAM_wap_wsg_idm_ecid_wtls8_x \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls8_y \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 -#define EC_PARAM_wap_wsg_idm_ecid_wtls8_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, \ - 0xEC, 0xEA, 0x55, 0x1A, 0xD8, 0x37, 0xE9 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls9 : WTLS curve over a 160 bit prime field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls9_prime \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFC, 0x80, 0x8F -#define EC_PARAM_wap_wsg_idm_ecid_wtls9_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_wap_wsg_idm_ecid_wtls9_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x03 -#define EC_PARAM_wap_wsg_idm_ecid_wtls9_x \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls9_y \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x02 -#define EC_PARAM_wap_wsg_idm_ecid_wtls9_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xCD, 0xC9, 0x8A, 0xE0, 0xE2, \ - 0xDE, 0x57, 0x4A, 0xBF, 0x33 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls10 : NIST/SECG/WTLS curve over a 233 bit binary field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls10_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls10_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_wap_wsg_idm_ecid_wtls10_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls10_x \ - 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, \ - 0x1A, 0xF1, 0x29, 0xF2, 0x2F, 0xF4, 0x14, 0x95, \ - 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C, \ - 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26 -#define EC_PARAM_wap_wsg_idm_ecid_wtls10_y \ - 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, \ - 0xF7, 0x0F, 0x55, 0x5A, 0x67, 0xC4, 0x27, 0xA8, \ - 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0, \ - 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3 -#define EC_PARAM_wap_wsg_idm_ecid_wtls10_order \ - 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, \ - 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB, \ - 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls11 : NIST/SECG/WTLS curve over a 233 bit binary field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls11_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls11_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls11_b \ - 0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, \ - 0x7F, 0x8C, 0x09, 0x23, 0xBB, 0x58, 0x21, 0x3B, \ - 0x33, 0x3B, 0x20, 0xE9, 0xCE, 0x42, 0x81, 0xFE, \ - 0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD -#define EC_PARAM_wap_wsg_idm_ecid_wtls11_x \ - 0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, \ - 0xBB, 0x21, 0x39, 0xF1, 0xBB, 0x75, 0x5F, 0xEF, \ - 0x65, 0xBC, 0x39, 0x1F, 0x8B, 0x36, 0xF8, 0xF8, \ - 0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B -#define EC_PARAM_wap_wsg_idm_ecid_wtls11_y \ - 0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, \ - 0x06, 0x78, 0xE5, 0x85, 0x28, 0xBE, 0xBF, 0x8A, \ - 0x0B, 0xEF, 0xF8, 0x67, 0xA7, 0xCA, 0x36, 0x71, \ - 0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52 -#define EC_PARAM_wap_wsg_idm_ecid_wtls11_order \ - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, \ - 0xE9, 0x74, 0xE7, 0x2F, 0x8A, 0x69, 0x22, 0x03, \ - 0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7 -#endif - -#if 0 -/* wap-wsg-idm-ecid-wtls12 : WTLS curve over a 224 bit prime field */ -#define EC_PARAM_wap_wsg_idm_ecid_wtls12_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_wap_wsg_idm_ecid_wtls12_a \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFE -#define EC_PARAM_wap_wsg_idm_ecid_wtls12_b \ - 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, \ - 0xF5, 0x41, 0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, \ - 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, \ - 0x23, 0x55, 0xFF, 0xB4 -#define EC_PARAM_wap_wsg_idm_ecid_wtls12_x \ - 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, \ - 0x32, 0x13, 0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, \ - 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, \ - 0x11, 0x5C, 0x1D, 0x21 -#define EC_PARAM_wap_wsg_idm_ecid_wtls12_y \ - 0xBD, 0x37, 0x63, 0x88, 0xB5, 0xF7, 0x23, 0xFB, \ - 0x4C, 0x22, 0xDF, 0xE6, 0xCD, 0x43, 0x75, 0xA0, \ - 0x5A, 0x07, 0x47, 0x64, 0x44, 0xD5, 0x81, 0x99, \ - 0x85, 0x00, 0x7E, 0x34 -#define EC_PARAM_wap_wsg_idm_ecid_wtls12_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x16, 0xA2, \ - 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, \ - 0x5C, 0x5C, 0x2A, 0x3D -#endif - -#if 0 -/* Oakley-EC2N-3 : - IPSec/IKE/Oakley curve #3 over a 155 bit binary field. - Not suitable for ECDSA. - Questionable extension field! */ -#define EC_PARAM_Oakley_EC2N_3_prime \ - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_Oakley_EC2N_3_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_Oakley_EC2N_3_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x07, 0x33, 0x8F -#define EC_PARAM_Oakley_EC2N_3_x \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x7B -#define EC_PARAM_Oakley_EC2N_3_y \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x01, 0xC8 -#define EC_PARAM_Oakley_EC2N_3_order \ - 0x02, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, \ - 0xAA, 0xAA, 0xC7, 0xF3, 0xC7, 0x88, 0x1B, 0xD0, \ - 0x86, 0x8F, 0xA8, 0x6C -#endif - -#if 0 -/* Oakley-EC2N-4 : - IPSec/IKE/Oakley curve #4 over a 185 bit binary field. - Not suitable for ECDSA. - Questionable extension field! */ -#define EC_PARAM_Oakley_EC2N_4_prime \ - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_Oakley_EC2N_4_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_Oakley_EC2N_4_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1E, 0xE9 -#define EC_PARAM_Oakley_EC2N_4_x \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 -#define EC_PARAM_Oakley_EC2N_4_y \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0D -#define EC_PARAM_Oakley_EC2N_4_order \ - 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xED, 0xF9, 0x7C, 0x44, \ - 0xDB, 0x9F, 0x24, 0x20, 0xBA, 0xFC, 0xA7, 0x5E -#endif - -#if 1 -/* brainpoolP160r1 : RFC 5639 curve over a 160 bit prime field */ -#define EC_PARAM_brainpoolP160r1_prime \ - 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, \ - 0x60, 0xDF, 0xC7, 0xAD, 0x95, 0xB3, 0xD8, 0x13, \ - 0x95, 0x15, 0x62, 0x0F -#define EC_PARAM_brainpoolP160r1_a \ - 0x34, 0x0E, 0x7B, 0xE2, 0xA2, 0x80, 0xEB, 0x74, \ - 0xE2, 0xBE, 0x61, 0xBA, 0xDA, 0x74, 0x5D, 0x97, \ - 0xE8, 0xF7, 0xC3, 0x00 -#define EC_PARAM_brainpoolP160r1_b \ - 0x1E, 0x58, 0x9A, 0x85, 0x95, 0x42, 0x34, 0x12, \ - 0x13, 0x4F, 0xAA, 0x2D, 0xBD, 0xEC, 0x95, 0xC8, \ - 0xD8, 0x67, 0x5E, 0x58 -#define EC_PARAM_brainpoolP160r1_x \ - 0xBE, 0xD5, 0xAF, 0x16, 0xEA, 0x3F, 0x6A, 0x4F, \ - 0x62, 0x93, 0x8C, 0x46, 0x31, 0xEB, 0x5A, 0xF7, \ - 0xBD, 0xBC, 0xDB, 0xC3 -#define EC_PARAM_brainpoolP160r1_y \ - 0x16, 0x67, 0xCB, 0x47, 0x7A, 0x1A, 0x8E, 0xC3, \ - 0x38, 0xF9, 0x47, 0x41, 0x66, 0x9C, 0x97, 0x63, \ - 0x16, 0xDA, 0x63, 0x21 -#define EC_PARAM_brainpoolP160r1_order \ - 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, \ - 0x60, 0xDF, 0x59, 0x91, 0xD4, 0x50, 0x29, 0x40, \ - 0x9E, 0x60, 0xFC, 0x09 -#endif - -#if 1 -/* brainpoolP160t1 : RFC 5639 curve over a 160 bit prime field */ -#define EC_PARAM_brainpoolP160t1_prime \ - 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, \ - 0x60, 0xDF, 0xC7, 0xAD, 0x95, 0xB3, 0xD8, 0x13, \ - 0x95, 0x15, 0x62, 0x0F -#define EC_PARAM_brainpoolP160t1_a \ - 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, \ - 0x60, 0xDF, 0xC7, 0xAD, 0x95, 0xB3, 0xD8, 0x13, \ - 0x95, 0x15, 0x62, 0x0C -#define EC_PARAM_brainpoolP160t1_b \ - 0x7A, 0x55, 0x6B, 0x6D, 0xAE, 0x53, 0x5B, 0x7B, \ - 0x51, 0xED, 0x2C, 0x4D, 0x7D, 0xAA, 0x7A, 0x0B, \ - 0x5C, 0x55, 0xF3, 0x80 -#define EC_PARAM_brainpoolP160t1_x \ - 0xB1, 0x99, 0xB1, 0x3B, 0x9B, 0x34, 0xEF, 0xC1, \ - 0x39, 0x7E, 0x64, 0xBA, 0xEB, 0x05, 0xAC, 0xC2, \ - 0x65, 0xFF, 0x23, 0x78 -#define EC_PARAM_brainpoolP160t1_y \ - 0xAD, 0xD6, 0x71, 0x8B, 0x7C, 0x7C, 0x19, 0x61, \ - 0xF0, 0x99, 0x1B, 0x84, 0x24, 0x43, 0x77, 0x21, \ - 0x52, 0xC9, 0xE0, 0xAD -#define EC_PARAM_brainpoolP160t1_order \ - 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, \ - 0x60, 0xDF, 0x59, 0x91, 0xD4, 0x50, 0x29, 0x40, \ - 0x9E, 0x60, 0xFC, 0x09 -#endif - -#if 1 -/* brainpoolP192r1 : RFC 5639 curve over a 192 bit prime field */ -#define EC_PARAM_brainpoolP192r1_prime \ - 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, \ - 0xA7, 0xA3, 0x46, 0x30, 0x93, 0xD1, 0x8D, 0xB7, \ - 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97 -#define EC_PARAM_brainpoolP192r1_a \ - 0x6A, 0x91, 0x17, 0x40, 0x76, 0xB1, 0xE0, 0xE1, \ - 0x9C, 0x39, 0xC0, 0x31, 0xFE, 0x86, 0x85, 0xC1, \ - 0xCA, 0xE0, 0x40, 0xE5, 0xC6, 0x9A, 0x28, 0xEF -#define EC_PARAM_brainpoolP192r1_b \ - 0x46, 0x9A, 0x28, 0xEF, 0x7C, 0x28, 0xCC, 0xA3, \ - 0xDC, 0x72, 0x1D, 0x04, 0x4F, 0x44, 0x96, 0xBC, \ - 0xCA, 0x7E, 0xF4, 0x14, 0x6F, 0xBF, 0x25, 0xC9 -#define EC_PARAM_brainpoolP192r1_x \ - 0xC0, 0xA0, 0x64, 0x7E, 0xAA, 0xB6, 0xA4, 0x87, \ - 0x53, 0xB0, 0x33, 0xC5, 0x6C, 0xB0, 0xF0, 0x90, \ - 0x0A, 0x2F, 0x5C, 0x48, 0x53, 0x37, 0x5F, 0xD6 -#define EC_PARAM_brainpoolP192r1_y \ - 0x14, 0xB6, 0x90, 0x86, 0x6A, 0xBD, 0x5B, 0xB8, \ - 0x8B, 0x5F, 0x48, 0x28, 0xC1, 0x49, 0x00, 0x02, \ - 0xE6, 0x77, 0x3F, 0xA2, 0xFA, 0x29, 0x9B, 0x8F -#define EC_PARAM_brainpoolP192r1_order \ - 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, \ - 0xA7, 0xA3, 0x46, 0x2F, 0x9E, 0x9E, 0x91, 0x6B, \ - 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1 -#endif - -#if 1 -/* brainpoolP192t1 : RFC 5639 curve over a 192 bit prime field */ -#define EC_PARAM_brainpoolP192t1_prime \ - 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, \ - 0xA7, 0xA3, 0x46, 0x30, 0x93, 0xD1, 0x8D, 0xB7, \ - 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97 -#define EC_PARAM_brainpoolP192t1_a \ - 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, \ - 0xA7, 0xA3, 0x46, 0x30, 0x93, 0xD1, 0x8D, 0xB7, \ - 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x94 -#define EC_PARAM_brainpoolP192t1_b \ - 0x13, 0xD5, 0x6F, 0xFA, 0xEC, 0x78, 0x68, 0x1E, \ - 0x68, 0xF9, 0xDE, 0xB4, 0x3B, 0x35, 0xBE, 0xC2, \ - 0xFB, 0x68, 0x54, 0x2E, 0x27, 0x89, 0x7B, 0x79 -#define EC_PARAM_brainpoolP192t1_x \ - 0x3A, 0xE9, 0xE5, 0x8C, 0x82, 0xF6, 0x3C, 0x30, \ - 0x28, 0x2E, 0x1F, 0xE7, 0xBB, 0xF4, 0x3F, 0xA7, \ - 0x2C, 0x44, 0x6A, 0xF6, 0xF4, 0x61, 0x81, 0x29 -#define EC_PARAM_brainpoolP192t1_y \ - 0x09, 0x7E, 0x2C, 0x56, 0x67, 0xC2, 0x22, 0x3A, \ - 0x90, 0x2A, 0xB5, 0xCA, 0x44, 0x9D, 0x00, 0x84, \ - 0xB7, 0xE5, 0xB3, 0xDE, 0x7C, 0xCC, 0x01, 0xC9 -#define EC_PARAM_brainpoolP192t1_order \ - 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, \ - 0xA7, 0xA3, 0x46, 0x2F, 0x9E, 0x9E, 0x91, 0x6B, \ - 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1 -#endif - -#if 1 -/* brainpoolP224r1 : RFC 5639 curve over a 224 bit prime field */ -#define EC_PARAM_brainpoolP224r1_prime \ - 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, \ - 0x2A, 0x18, 0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87, \ - 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, \ - 0x7E, 0xC8, 0xC0, 0xFF -#define EC_PARAM_brainpoolP224r1_a \ - 0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C, \ - 0x29, 0x98, 0x03, 0xA6, 0xC1, 0x53, 0x0B, 0x51, \ - 0x4E, 0x18, 0x2A, 0xD8, 0xB0, 0x04, 0x2A, 0x59, \ - 0xCA, 0xD2, 0x9F, 0x43 -#define EC_PARAM_brainpoolP224r1_b \ - 0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38, \ - 0x87, 0x07, 0x13, 0xB1, 0xA9, 0x23, 0x69, 0xE3, \ - 0x3E, 0x21, 0x35, 0xD2, 0x66, 0xDB, 0xB3, 0x72, \ - 0x38, 0x6C, 0x40, 0x0B -#define EC_PARAM_brainpoolP224r1_x \ - 0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4, \ - 0x34, 0x08, 0x23, 0xB2, 0xA8, 0x7D, 0xC6, 0x8C, \ - 0x9E, 0x4C, 0xE3, 0x17, 0x4C, 0x1E, 0x6E, 0xFD, \ - 0xEE, 0x12, 0xC0, 0x7D -#define EC_PARAM_brainpoolP224r1_y \ - 0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F, \ - 0x24, 0xC6, 0xB8, 0x9E, 0x4E, 0xCD, 0xAC, 0x24, \ - 0x35, 0x4B, 0x9E, 0x99, 0xCA, 0xA3, 0xF6, 0xD3, \ - 0x76, 0x14, 0x02, 0xCD -#define EC_PARAM_brainpoolP224r1_order \ - 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, \ - 0x2A, 0x18, 0x30, 0x25, 0x75, 0xD0, 0xFB, 0x98, \ - 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3, \ - 0xA5, 0xA7, 0x93, 0x9F -#endif - -#if 1 -/* brainpoolP224t1 : RFC 5639 curve over a 224 bit prime field */ -#define EC_PARAM_brainpoolP224t1_prime \ - 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, \ - 0x2A, 0x18, 0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87, \ - 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, \ - 0x7E, 0xC8, 0xC0, 0xFF -#define EC_PARAM_brainpoolP224t1_a \ - 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, \ - 0x2A, 0x18, 0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87, \ - 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, \ - 0x7E, 0xC8, 0xC0, 0xFC -#define EC_PARAM_brainpoolP224t1_b \ - 0x4B, 0x33, 0x7D, 0x93, 0x41, 0x04, 0xCD, 0x7B, \ - 0xEF, 0x27, 0x1B, 0xF6, 0x0C, 0xED, 0x1E, 0xD2, \ - 0x0D, 0xA1, 0x4C, 0x08, 0xB3, 0xBB, 0x64, 0xF1, \ - 0x8A, 0x60, 0x88, 0x8D -#define EC_PARAM_brainpoolP224t1_x \ - 0x6A, 0xB1, 0xE3, 0x44, 0xCE, 0x25, 0xFF, 0x38, \ - 0x96, 0x42, 0x4E, 0x7F, 0xFE, 0x14, 0x76, 0x2E, \ - 0xCB, 0x49, 0xF8, 0x92, 0x8A, 0xC0, 0xC7, 0x60, \ - 0x29, 0xB4, 0xD5, 0x80 -#define EC_PARAM_brainpoolP224t1_y \ - 0x03, 0x74, 0xE9, 0xF5, 0x14, 0x3E, 0x56, 0x8C, \ - 0xD2, 0x3F, 0x3F, 0x4D, 0x7C, 0x0D, 0x4B, 0x1E, \ - 0x41, 0xC8, 0xCC, 0x0D, 0x1C, 0x6A, 0xBD, 0x5F, \ - 0x1A, 0x46, 0xDB, 0x4C -#define EC_PARAM_brainpoolP224t1_order \ - 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, \ - 0x2A, 0x18, 0x30, 0x25, 0x75, 0xD0, 0xFB, 0x98, \ - 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3, \ - 0xA5, 0xA7, 0x93, 0x9F -#endif - -#if 1 -/* brainpoolP256r1 : RFC 5639 curve over a 256 bit prime field */ -#define EC_PARAM_brainpoolP256r1_prime \ - 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, \ - 0x3E, 0x66, 0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x72, \ - 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28, \ - 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77 -#define EC_PARAM_brainpoolP256r1_a \ - 0x7D, 0x5A, 0x09, 0x75, 0xFC, 0x2C, 0x30, 0x57, \ - 0xEE, 0xF6, 0x75, 0x30, 0x41, 0x7A, 0xFF, 0xE7, \ - 0xFB, 0x80, 0x55, 0xC1, 0x26, 0xDC, 0x5C, 0x6C, \ - 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9 -#define EC_PARAM_brainpoolP256r1_b \ - 0x26, 0xDC, 0x5C, 0x6C, 0xE9, 0x4A, 0x4B, 0x44, \ - 0xF3, 0x30, 0xB5, 0xD9, 0xBB, 0xD7, 0x7C, 0xBF, \ - 0x95, 0x84, 0x16, 0x29, 0x5C, 0xF7, 0xE1, 0xCE, \ - 0x6B, 0xCC, 0xDC, 0x18, 0xFF, 0x8C, 0x07, 0xB6 -#define EC_PARAM_brainpoolP256r1_x \ - 0x8B, 0xD2, 0xAE, 0xB9, 0xCB, 0x7E, 0x57, 0xCB, \ - 0x2C, 0x4B, 0x48, 0x2F, 0xFC, 0x81, 0xB7, 0xAF, \ - 0xB9, 0xDE, 0x27, 0xE1, 0xE3, 0xBD, 0x23, 0xC2, \ - 0x3A, 0x44, 0x53, 0xBD, 0x9A, 0xCE, 0x32, 0x62 -#define EC_PARAM_brainpoolP256r1_y \ - 0x54, 0x7E, 0xF8, 0x35, 0xC3, 0xDA, 0xC4, 0xFD, \ - 0x97, 0xF8, 0x46, 0x1A, 0x14, 0x61, 0x1D, 0xC9, \ - 0xC2, 0x77, 0x45, 0x13, 0x2D, 0xED, 0x8E, 0x54, \ - 0x5C, 0x1D, 0x54, 0xC7, 0x2F, 0x04, 0x69, 0x97 -#define EC_PARAM_brainpoolP256r1_order \ - 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, \ - 0x3E, 0x66, 0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x71, \ - 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7, \ - 0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7 -#endif - -#if 1 -/* brainpoolP256t1 : RFC 5639 curve over a 256 bit prime field */ -#define EC_PARAM_brainpoolP256t1_prime \ - 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, \ - 0x3E, 0x66, 0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x72, \ - 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28, \ - 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77 -#define EC_PARAM_brainpoolP256t1_a \ - 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, \ - 0x3E, 0x66, 0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x72, \ - 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28, \ - 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x74 -#define EC_PARAM_brainpoolP256t1_b \ - 0x66, 0x2C, 0x61, 0xC4, 0x30, 0xD8, 0x4E, 0xA4, \ - 0xFE, 0x66, 0xA7, 0x73, 0x3D, 0x0B, 0x76, 0xB7, \ - 0xBF, 0x93, 0xEB, 0xC4, 0xAF, 0x2F, 0x49, 0x25, \ - 0x6A, 0xE5, 0x81, 0x01, 0xFE, 0xE9, 0x2B, 0x04 -#define EC_PARAM_brainpoolP256t1_x \ - 0xA3, 0xE8, 0xEB, 0x3C, 0xC1, 0xCF, 0xE7, 0xB7, \ - 0x73, 0x22, 0x13, 0xB2, 0x3A, 0x65, 0x61, 0x49, \ - 0xAF, 0xA1, 0x42, 0xC4, 0x7A, 0xAF, 0xBC, 0x2B, \ - 0x79, 0xA1, 0x91, 0x56, 0x2E, 0x13, 0x05, 0xF4 -#define EC_PARAM_brainpoolP256t1_y \ - 0x2D, 0x99, 0x6C, 0x82, 0x34, 0x39, 0xC5, 0x6D, \ - 0x7F, 0x7B, 0x22, 0xE1, 0x46, 0x44, 0x41, 0x7E, \ - 0x69, 0xBC, 0xB6, 0xDE, 0x39, 0xD0, 0x27, 0x00, \ - 0x1D, 0xAB, 0xE8, 0xF3, 0x5B, 0x25, 0xC9, 0xBE -#define EC_PARAM_brainpoolP256t1_order \ - 0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, \ - 0x3E, 0x66, 0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x71, \ - 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7, \ - 0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7 -#endif - -#if 1 -/* brainpoolP320r1 : RFC 5639 curve over a 320 bit prime field */ -#define EC_PARAM_brainpoolP320r1_prime \ - 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, \ - 0xE1, 0x3C, 0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, \ - 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF, \ - 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, \ - 0xFC, 0xD4, 0x12, 0xB1, 0xF1, 0xB3, 0x2E, 0x27 -#define EC_PARAM_brainpoolP320r1_a \ - 0x3E, 0xE3, 0x0B, 0x56, 0x8F, 0xBA, 0xB0, 0xF8, \ - 0x83, 0xCC, 0xEB, 0xD4, 0x6D, 0x3F, 0x3B, 0xB8, \ - 0xA2, 0xA7, 0x35, 0x13, 0xF5, 0xEB, 0x79, 0xDA, \ - 0x66, 0x19, 0x0E, 0xB0, 0x85, 0xFF, 0xA9, 0xF4, \ - 0x92, 0xF3, 0x75, 0xA9, 0x7D, 0x86, 0x0E, 0xB4 -#define EC_PARAM_brainpoolP320r1_b \ - 0x52, 0x08, 0x83, 0x94, 0x9D, 0xFD, 0xBC, 0x42, \ - 0xD3, 0xAD, 0x19, 0x86, 0x40, 0x68, 0x8A, 0x6F, \ - 0xE1, 0x3F, 0x41, 0x34, 0x95, 0x54, 0xB4, 0x9A, \ - 0xCC, 0x31, 0xDC, 0xCD, 0x88, 0x45, 0x39, 0x81, \ - 0x6F, 0x5E, 0xB4, 0xAC, 0x8F, 0xB1, 0xF1, 0xA6 -#define EC_PARAM_brainpoolP320r1_x \ - 0x43, 0xBD, 0x7E, 0x9A, 0xFB, 0x53, 0xD8, 0xB8, \ - 0x52, 0x89, 0xBC, 0xC4, 0x8E, 0xE5, 0xBF, 0xE6, \ - 0xF2, 0x01, 0x37, 0xD1, 0x0A, 0x08, 0x7E, 0xB6, \ - 0xE7, 0x87, 0x1E, 0x2A, 0x10, 0xA5, 0x99, 0xC7, \ - 0x10, 0xAF, 0x8D, 0x0D, 0x39, 0xE2, 0x06, 0x11 -#define EC_PARAM_brainpoolP320r1_y \ - 0x14, 0xFD, 0xD0, 0x55, 0x45, 0xEC, 0x1C, 0xC8, \ - 0xAB, 0x40, 0x93, 0x24, 0x7F, 0x77, 0x27, 0x5E, \ - 0x07, 0x43, 0xFF, 0xED, 0x11, 0x71, 0x82, 0xEA, \ - 0xA9, 0xC7, 0x78, 0x77, 0xAA, 0xAC, 0x6A, 0xC7, \ - 0xD3, 0x52, 0x45, 0xD1, 0x69, 0x2E, 0x8E, 0xE1 -#define EC_PARAM_brainpoolP320r1_order \ - 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, \ - 0xE1, 0x3C, 0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, \ - 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3, \ - 0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, \ - 0x86, 0x91, 0x55, 0x5B, 0x44, 0xC5, 0x93, 0x11 -#endif - -#if 1 -/* brainpoolP320t1 : RFC 5639 curve over a 320 bit prime field */ -#define EC_PARAM_brainpoolP320t1_prime \ - 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, \ - 0xE1, 0x3C, 0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, \ - 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF, \ - 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, \ - 0xFC, 0xD4, 0x12, 0xB1, 0xF1, 0xB3, 0x2E, 0x27 -#define EC_PARAM_brainpoolP320t1_a \ - 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, \ - 0xE1, 0x3C, 0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, \ - 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF, \ - 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, \ - 0xFC, 0xD4, 0x12, 0xB1, 0xF1, 0xB3, 0x2E, 0x24 -#define EC_PARAM_brainpoolP320t1_b \ - 0xA7, 0xF5, 0x61, 0xE0, 0x38, 0xEB, 0x1E, 0xD5, \ - 0x60, 0xB3, 0xD1, 0x47, 0xDB, 0x78, 0x20, 0x13, \ - 0x06, 0x4C, 0x19, 0xF2, 0x7E, 0xD2, 0x7C, 0x67, \ - 0x80, 0xAA, 0xF7, 0x7F, 0xB8, 0xA5, 0x47, 0xCE, \ - 0xB5, 0xB4, 0xFE, 0xF4, 0x22, 0x34, 0x03, 0x53 -#define EC_PARAM_brainpoolP320t1_x \ - 0x92, 0x5B, 0xE9, 0xFB, 0x01, 0xAF, 0xC6, 0xFB, \ - 0x4D, 0x3E, 0x7D, 0x49, 0x90, 0x01, 0x0F, 0x81, \ - 0x34, 0x08, 0xAB, 0x10, 0x6C, 0x4F, 0x09, 0xCB, \ - 0x7E, 0xE0, 0x78, 0x68, 0xCC, 0x13, 0x6F, 0xFF, \ - 0x33, 0x57, 0xF6, 0x24, 0xA2, 0x1B, 0xED, 0x52 -#define EC_PARAM_brainpoolP320t1_y \ - 0x63, 0xBA, 0x3A, 0x7A, 0x27, 0x48, 0x3E, 0xBF, \ - 0x66, 0x71, 0xDB, 0xEF, 0x7A, 0xBB, 0x30, 0xEB, \ - 0xEE, 0x08, 0x4E, 0x58, 0xA0, 0xB0, 0x77, 0xAD, \ - 0x42, 0xA5, 0xA0, 0x98, 0x9D, 0x1E, 0xE7, 0x1B, \ - 0x1B, 0x9B, 0xC0, 0x45, 0x5F, 0xB0, 0xD2, 0xC3 -#define EC_PARAM_brainpoolP320t1_order \ - 0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, \ - 0xE1, 0x3C, 0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, \ - 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3, \ - 0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, \ - 0x86, 0x91, 0x55, 0x5B, 0x44, 0xC5, 0x93, 0x11 -#endif - -#if 1 -/* brainpoolP384r1 : RFC 5639 curve over a 384 bit prime field */ -#define EC_PARAM_brainpoolP384r1_prime \ - 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, \ - 0x0F, 0x5D, 0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, \ - 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4, \ - 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, \ - 0xAC, 0xD3, 0xA7, 0x29, 0x90, 0x1D, 0x1A, 0x71, \ - 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53 -#define EC_PARAM_brainpoolP384r1_a \ - 0x7B, 0xC3, 0x82, 0xC6, 0x3D, 0x8C, 0x15, 0x0C, \ - 0x3C, 0x72, 0x08, 0x0A, 0xCE, 0x05, 0xAF, 0xA0, \ - 0xC2, 0xBE, 0xA2, 0x8E, 0x4F, 0xB2, 0x27, 0x87, \ - 0x13, 0x91, 0x65, 0xEF, 0xBA, 0x91, 0xF9, 0x0F, \ - 0x8A, 0xA5, 0x81, 0x4A, 0x50, 0x3A, 0xD4, 0xEB, \ - 0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26 -#define EC_PARAM_brainpoolP384r1_b \ - 0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26, \ - 0x8B, 0x39, 0xB5, 0x54, 0x16, 0xF0, 0x44, 0x7C, \ - 0x2F, 0xB7, 0x7D, 0xE1, 0x07, 0xDC, 0xD2, 0xA6, \ - 0x2E, 0x88, 0x0E, 0xA5, 0x3E, 0xEB, 0x62, 0xD5, \ - 0x7C, 0xB4, 0x39, 0x02, 0x95, 0xDB, 0xC9, 0x94, \ - 0x3A, 0xB7, 0x86, 0x96, 0xFA, 0x50, 0x4C, 0x11 -#define EC_PARAM_brainpoolP384r1_x \ - 0x1D, 0x1C, 0x64, 0xF0, 0x68, 0xCF, 0x45, 0xFF, \ - 0xA2, 0xA6, 0x3A, 0x81, 0xB7, 0xC1, 0x3F, 0x6B, \ - 0x88, 0x47, 0xA3, 0xE7, 0x7E, 0xF1, 0x4F, 0xE3, \ - 0xDB, 0x7F, 0xCA, 0xFE, 0x0C, 0xBD, 0x10, 0xE8, \ - 0xE8, 0x26, 0xE0, 0x34, 0x36, 0xD6, 0x46, 0xAA, \ - 0xEF, 0x87, 0xB2, 0xE2, 0x47, 0xD4, 0xAF, 0x1E -#define EC_PARAM_brainpoolP384r1_y \ - 0x8A, 0xBE, 0x1D, 0x75, 0x20, 0xF9, 0xC2, 0xA4, \ - 0x5C, 0xB1, 0xEB, 0x8E, 0x95, 0xCF, 0xD5, 0x52, \ - 0x62, 0xB7, 0x0B, 0x29, 0xFE, 0xEC, 0x58, 0x64, \ - 0xE1, 0x9C, 0x05, 0x4F, 0xF9, 0x91, 0x29, 0x28, \ - 0x0E, 0x46, 0x46, 0x21, 0x77, 0x91, 0x81, 0x11, \ - 0x42, 0x82, 0x03, 0x41, 0x26, 0x3C, 0x53, 0x15 -#define EC_PARAM_brainpoolP384r1_order \ - 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, \ - 0x0F, 0x5D, 0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, \ - 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3, \ - 0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, \ - 0xCF, 0x3A, 0xB6, 0xAF, 0x6B, 0x7F, 0xC3, 0x10, \ - 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65 -#endif - -#if 1 -/* brainpoolP384t1 : RFC 5639 curve over a 384 bit prime field */ -#define EC_PARAM_brainpoolP384t1_prime \ - 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, \ - 0x0F, 0x5D, 0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, \ - 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4, \ - 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, \ - 0xAC, 0xD3, 0xA7, 0x29, 0x90, 0x1D, 0x1A, 0x71, \ - 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53 -#define EC_PARAM_brainpoolP384t1_a \ - 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, \ - 0x0F, 0x5D, 0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, \ - 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4, \ - 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, \ - 0xAC, 0xD3, 0xA7, 0x29, 0x90, 0x1D, 0x1A, 0x71, \ - 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x50 -#define EC_PARAM_brainpoolP384t1_b \ - 0x7F, 0x51, 0x9E, 0xAD, 0xA7, 0xBD, 0xA8, 0x1B, \ - 0xD8, 0x26, 0xDB, 0xA6, 0x47, 0x91, 0x0F, 0x8C, \ - 0x4B, 0x93, 0x46, 0xED, 0x8C, 0xCD, 0xC6, 0x4E, \ - 0x4B, 0x1A, 0xBD, 0x11, 0x75, 0x6D, 0xCE, 0x1D, \ - 0x20, 0x74, 0xAA, 0x26, 0x3B, 0x88, 0x80, 0x5C, \ - 0xED, 0x70, 0x35, 0x5A, 0x33, 0xB4, 0x71, 0xEE -#define EC_PARAM_brainpoolP384t1_x \ - 0x18, 0xDE, 0x98, 0xB0, 0x2D, 0xB9, 0xA3, 0x06, \ - 0xF2, 0xAF, 0xCD, 0x72, 0x35, 0xF7, 0x2A, 0x81, \ - 0x9B, 0x80, 0xAB, 0x12, 0xEB, 0xD6, 0x53, 0x17, \ - 0x24, 0x76, 0xFE, 0xCD, 0x46, 0x2A, 0xAB, 0xFF, \ - 0xC4, 0xFF, 0x19, 0x1B, 0x94, 0x6A, 0x5F, 0x54, \ - 0xD8, 0xD0, 0xAA, 0x2F, 0x41, 0x88, 0x08, 0xCC -#define EC_PARAM_brainpoolP384t1_y \ - 0x25, 0xAB, 0x05, 0x69, 0x62, 0xD3, 0x06, 0x51, \ - 0xA1, 0x14, 0xAF, 0xD2, 0x75, 0x5A, 0xD3, 0x36, \ - 0x74, 0x7F, 0x93, 0x47, 0x5B, 0x7A, 0x1F, 0xCA, \ - 0x3B, 0x88, 0xF2, 0xB6, 0xA2, 0x08, 0xCC, 0xFE, \ - 0x46, 0x94, 0x08, 0x58, 0x4D, 0xC2, 0xB2, 0x91, \ - 0x26, 0x75, 0xBF, 0x5B, 0x9E, 0x58, 0x29, 0x28 -#define EC_PARAM_brainpoolP384t1_order \ - 0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, \ - 0x0F, 0x5D, 0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, \ - 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3, \ - 0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, \ - 0xCF, 0x3A, 0xB6, 0xAF, 0x6B, 0x7F, 0xC3, 0x10, \ - 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65 -#endif - -#if 1 -/* brainpoolP512r1 : RFC 5639 curve over a 512 bit prime field */ -#define EC_PARAM_brainpoolP512r1_prime \ - 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, \ - 0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, \ - 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, \ - 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, \ - 0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42, \ - 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, \ - 0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, \ - 0x28, 0xAA, 0x60, 0x56, 0x58, 0x3A, 0x48, 0xF3 -#define EC_PARAM_brainpoolP512r1_a \ - 0x78, 0x30, 0xA3, 0x31, 0x8B, 0x60, 0x3B, 0x89, \ - 0xE2, 0x32, 0x71, 0x45, 0xAC, 0x23, 0x4C, 0xC5, \ - 0x94, 0xCB, 0xDD, 0x8D, 0x3D, 0xF9, 0x16, 0x10, \ - 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC, \ - 0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1, \ - 0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5, \ - 0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, \ - 0xE7, 0xC1, 0xAC, 0x4D, 0x77, 0xFC, 0x94, 0xCA -#define EC_PARAM_brainpoolP512r1_b \ - 0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA, \ - 0xEA, 0x98, 0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A, \ - 0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9, \ - 0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11, 0x17, 0xA7, \ - 0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D, \ - 0x77, 0xFC, 0x94, 0xCA, 0xDC, 0x08, 0x3E, 0x67, \ - 0x98, 0x40, 0x50, 0xB7, 0x5E, 0xBA, 0xE5, 0xDD, \ - 0x28, 0x09, 0xBD, 0x63, 0x80, 0x16, 0xF7, 0x23 -#define EC_PARAM_brainpoolP512r1_x \ - 0x81, 0xAE, 0xE4, 0xBD, 0xD8, 0x2E, 0xD9, 0x64, \ - 0x5A, 0x21, 0x32, 0x2E, 0x9C, 0x4C, 0x6A, 0x93, \ - 0x85, 0xED, 0x9F, 0x70, 0xB5, 0xD9, 0x16, 0xC1, \ - 0xB4, 0x3B, 0x62, 0xEE, 0xF4, 0xD0, 0x09, 0x8E, \ - 0xFF, 0x3B, 0x1F, 0x78, 0xE2, 0xD0, 0xD4, 0x8D, \ - 0x50, 0xD1, 0x68, 0x7B, 0x93, 0xB9, 0x7D, 0x5F, \ - 0x7C, 0x6D, 0x50, 0x47, 0x40, 0x6A, 0x5E, 0x68, \ - 0x8B, 0x35, 0x22, 0x09, 0xBC, 0xB9, 0xF8, 0x22 -#define EC_PARAM_brainpoolP512r1_y \ - 0x7D, 0xDE, 0x38, 0x5D, 0x56, 0x63, 0x32, 0xEC, \ - 0xC0, 0xEA, 0xBF, 0xA9, 0xCF, 0x78, 0x22, 0xFD, \ - 0xF2, 0x09, 0xF7, 0x00, 0x24, 0xA5, 0x7B, 0x1A, \ - 0xA0, 0x00, 0xC5, 0x5B, 0x88, 0x1F, 0x81, 0x11, \ - 0xB2, 0xDC, 0xDE, 0x49, 0x4A, 0x5F, 0x48, 0x5E, \ - 0x5B, 0xCA, 0x4B, 0xD8, 0x8A, 0x27, 0x63, 0xAE, \ - 0xD1, 0xCA, 0x2B, 0x2F, 0xA8, 0xF0, 0x54, 0x06, \ - 0x78, 0xCD, 0x1E, 0x0F, 0x3A, 0xD8, 0x08, 0x92 -#define EC_PARAM_brainpoolP512r1_order \ - 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, \ - 0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, \ - 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, \ - 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, \ - 0x55, 0x3E, 0x5C, 0x41, 0x4C, 0xA9, 0x26, 0x19, \ - 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47, \ - 0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, \ - 0xB5, 0x87, 0x96, 0x82, 0x9C, 0xA9, 0x00, 0x69 -#endif - -#if 1 -/* brainpoolP512t1 : RFC 5639 curve over a 512 bit prime field */ -#define EC_PARAM_brainpoolP512t1_prime \ - 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, \ - 0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, \ - 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, \ - 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, \ - 0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42, \ - 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, \ - 0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, \ - 0x28, 0xAA, 0x60, 0x56, 0x58, 0x3A, 0x48, 0xF3 -#define EC_PARAM_brainpoolP512t1_a \ - 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, \ - 0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, \ - 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, \ - 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, \ - 0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42, \ - 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, \ - 0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, \ - 0x28, 0xAA, 0x60, 0x56, 0x58, 0x3A, 0x48, 0xF0 -#define EC_PARAM_brainpoolP512t1_b \ - 0x7C, 0xBB, 0xBC, 0xF9, 0x44, 0x1C, 0xFA, 0xB7, \ - 0x6E, 0x18, 0x90, 0xE4, 0x68, 0x84, 0xEA, 0xE3, \ - 0x21, 0xF7, 0x0C, 0x0B, 0xCB, 0x49, 0x81, 0x52, \ - 0x78, 0x97, 0x50, 0x4B, 0xEC, 0x3E, 0x36, 0xA6, \ - 0x2B, 0xCD, 0xFA, 0x23, 0x04, 0x97, 0x65, 0x40, \ - 0xF6, 0x45, 0x00, 0x85, 0xF2, 0xDA, 0xE1, 0x45, \ - 0xC2, 0x25, 0x53, 0xB4, 0x65, 0x76, 0x36, 0x89, \ - 0x18, 0x0E, 0xA2, 0x57, 0x18, 0x67, 0x42, 0x3E -#define EC_PARAM_brainpoolP512t1_x \ - 0x64, 0x0E, 0xCE, 0x5C, 0x12, 0x78, 0x87, 0x17, \ - 0xB9, 0xC1, 0xBA, 0x06, 0xCB, 0xC2, 0xA6, 0xFE, \ - 0xBA, 0x85, 0x84, 0x24, 0x58, 0xC5, 0x6D, 0xDE, \ - 0x9D, 0xB1, 0x75, 0x8D, 0x39, 0xC0, 0x31, 0x3D, \ - 0x82, 0xBA, 0x51, 0x73, 0x5C, 0xDB, 0x3E, 0xA4, \ - 0x99, 0xAA, 0x77, 0xA7, 0xD6, 0x94, 0x3A, 0x64, \ - 0xF7, 0xA3, 0xF2, 0x5F, 0xE2, 0x6F, 0x06, 0xB5, \ - 0x1B, 0xAA, 0x26, 0x96, 0xFA, 0x90, 0x35, 0xDA -#define EC_PARAM_brainpoolP512t1_y \ - 0x5B, 0x53, 0x4B, 0xD5, 0x95, 0xF5, 0xAF, 0x0F, \ - 0xA2, 0xC8, 0x92, 0x37, 0x6C, 0x84, 0xAC, 0xE1, \ - 0xBB, 0x4E, 0x30, 0x19, 0xB7, 0x16, 0x34, 0xC0, \ - 0x11, 0x31, 0x15, 0x9C, 0xAE, 0x03, 0xCE, 0xE9, \ - 0xD9, 0x93, 0x21, 0x84, 0xBE, 0xEF, 0x21, 0x6B, \ - 0xD7, 0x1D, 0xF2, 0xDA, 0xDF, 0x86, 0xA6, 0x27, \ - 0x30, 0x6E, 0xCF, 0xF9, 0x6D, 0xBB, 0x8B, 0xAC, \ - 0xE1, 0x98, 0xB6, 0x1E, 0x00, 0xF8, 0xB3, 0x32 -#define EC_PARAM_brainpoolP512t1_order \ - 0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, \ - 0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, \ - 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E, \ - 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, \ - 0x55, 0x3E, 0x5C, 0x41, 0x4C, 0xA9, 0x26, 0x19, \ - 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47, \ - 0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, \ - 0xB5, 0x87, 0x96, 0x82, 0x9C, 0xA9, 0x00, 0x69 -#endif - -#if 1 -/* TPM_BM_P256 : TPM_BM_P256 curve over a 256 bit */ -#define EC_PARAM_tpm_bm_p256_prime \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, \ - 0x46, 0xE5, 0xF2, 0x5E, 0xEE, 0x71, 0xA4, 0x9F, \ - 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98, 0x0A, 0x82, \ - 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x13 -#define EC_PARAM_tpm_bm_p256_a \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -#define EC_PARAM_tpm_bm_p256_b \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 -#define EC_PARAM_tpm_bm_p256_x \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 -#define EC_PARAM_tpm_bm_p256_y \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 -#define EC_PARAM_tpm_bm_p256_order \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, \ - 0x46, 0xE5, 0xF2, 0x5E, 0xEE, 0x71, 0xA4, 0x9E, \ - 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99, 0x92, 0x1A, \ - 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x0D -#endif - -/* clang-format on */ -#endif /* SE05X_ECC_CURVES_LIST_H_INC */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_enums.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_enums.h deleted file mode 100644 index cb0191c91..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_enums.h +++ /dev/null @@ -1,1030 +0,0 @@ -/* -* -* Copyright 2019,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -/** @file */ - -#ifndef SE05x_ENUMS_H -#define SE05x_ENUMS_H - -#include - - -/* + more or less machine Generated */ - -/** Reserved idendntifiers of the Applet */ -typedef enum -{ - /** Invalid */ - kSE05x_AppletResID_NA = 0, - /** An authentication object which allows the user to switch - * LockState of the applet. The LockState defines whether the - * applet is transport locked or not. */ - kSE05x_AppletResID_TRANSPORT = 0x7FFF0200, - /** A device unique NIST P-256 key pair which contains SK.SE.ECKA - * and PK.SE.ECKA in ECKey session context. */ - kSE05x_AppletResID_KP_ECKEY_USER = 0x7FFF0201, - /** A device unique NIST P-256 key pair which contains SK.SE.ECKA - * and PK.SE.ECKA in ECKey session context; A constant card - * challenge (all zeroes) is applicable. */ - kSE05x_AppletResID_KP_ECKEY_IMPORT = 0x7FFF0202, - /* Reserved Key @ location 0x7FFF0203 */ - /** An authentication object which allows the user to change the - applet variant. */ - kSE05x_AppletResID_FEATURE = 0x7FFF0204, - /** An authentication object which allows the user to delete all - objects, except trust provisioned by NXP objects. */ - kSE05x_AppletResID_FACTORY_RESET = 0x7FFF0205, - /** A BinaryFile Secure Object which holds the device unique - * ID. This file cannot be overwritten or deleted. */ - kSE05x_AppletResID_UNIQUE_ID = 0x7FFF0206, - /** An authentication object which allows the user to change the - * platform SCP requirements, i.e. make platform SCP mandatory or - * not, using SetPlatformSCPRequest. Mandatory means full security, - * i.e. command & response MAC and encryption. Only SCP03 will be - * sufficient. */ - kSE05x_AppletResID_PLATFORM_SCP = 0x7FFF0207, - /** An authentication object which grants access to the I2C master - * feature. If the credential is not present, access to I2C master - * is allowed in general. Otherwise, a session using this - * credential shall be established and I2CM commands shall be sent - * within this session. */ - kSE05x_AppletResID_I2CM_ACCESS = 0x7FFF0208, - /** An authentication object which grants access to the - * SetLockState command */ - kSE05x_AppletResID_RESTRICT = 0x7FFF020A, - -} SE05x_AppletResID_t; - -/** Mapping of 2 byte return code */ -typedef enum -{ - /** Invalid */ - kSE05x_SW12_NA = 0, - /** No Error */ - kSE05x_SW12_NO_ERROR = 0x9000, - /** Conditions not satisfied */ - kSE05x_SW12_CONDITIONS_NOT_SATISFIED = 0x6985, - /** Security status not satisfied. */ - kSE05x_SW12_SECURITY_STATUS = 0x6982, - /** Wrong data provided. */ - kSE05x_SW12_WRONG_DATA = 0x6A80, - /** Data invalid - policy set invalid for the given object */ - kSE05x_SW12_DATA_INVALID = 0x6984, - /** Command not allowed - access denied based on object policy */ - kSE05x_SW12_COMMAND_NOT_ALLOWED = 0x6986, -} SE05x_SW12_t; - -/** Values for INS in ISO7816 APDU */ -typedef enum -{ - /** Invalid */ - kSE05x_INS_NA = 0, - /** 3 MSBit for instruction characteristics. */ - kSE05x_INS_MASK_INS_CHAR = 0xE0, - /** 5 LSBit for instruction */ - kSE05x_INS_MASK_INSTRUCTION = 0x1F, - - /** Mask for transient object creation, can only be combined with INS_WRITE. */ - kSE05x_INS_TRANSIENT = 0x80, - /** Mask for authentication object creation, can only be combined with INS_WRITE */ - kSE05x_INS_AUTH_OBJECT = 0x40, - /** Mask for getting attestation data. */ - kSE05x_INS_ATTEST = 0x20, - - /** Write or create a persistent object. */ - kSE05x_INS_WRITE = 0x01, - /** Read the object */ - kSE05x_INS_READ = 0x02, - /** Perform Security Operation */ - kSE05x_INS_CRYPTO = 0x03, - /** General operation */ - kSE05x_INS_MGMT = 0x04, - /** Process session command */ - kSE05x_INS_PROCESS = 0x05, -} SE05x_INS_t; - -/** Values for P1 in ISO7816 APDU */ -typedef enum -{ - /** Invalid */ - kSE05x_P1_NA = 0, - /** Highest bit not used */ - kSE05x_P1_UNUSED = 0x80, - /** 2 MSBit for key type */ - kSE05x_P1_MASK_KEY_TYPE = 0x60, - /** 5 LSBit for credential type */ - kSE05x_P1_MASK_CRED_TYPE = 0x1F, - - /** Key pair (private key + public key) */ - kSE05x_P1_KEY_PAIR = 0x60, - /** Private key */ - kSE05x_P1_PRIVATE = 0x40, - /** Public key */ - kSE05x_P1_PUBLIC = 0x20, - - kSE05x_P1_DEFAULT = 0x00, - kSE05x_P1_EC = 0x01, - kSE05x_P1_RSA = 0x02, - kSE05x_P1_AES = 0x03, - kSE05x_P1_DES = 0x04, - kSE05x_P1_HMAC = 0x05, - kSE05x_P1_BINARY = 0x06, - kSE05x_P1_UserID = 0x07, - kSE05x_P1_COUNTER = 0x08, - kSE05x_P1_PCR = 0x09, - kSE05x_P1_CURVE = 0x0B, - kSE05x_P1_SIGNATURE = 0x0C, - kSE05x_P1_MAC = 0x0D, - kSE05x_P1_CIPHER = 0x0E, - kSE05x_P1_TLS = 0x0F, - kSE05x_P1_CRYPTO_OBJ = 0x10, -#if SSS_HAVE_SE05X_VER_GTE_06_00 - /** Applet >= 4.4 */ - kSE05x_P1_AEAD = 0x11, - /** Applet >= 4.4 */ - kSE05x_P1_AEAD_SP800_38D = 0x12, -#endif /* SSS_HAVE_SE05X_VER_GTE_06_00 */ -} SE05x_P1_t; - -/** Values for P2 in ISO7816 APDU */ -typedef enum -{ - /** Invalid */ - kSE05x_P2_DEFAULT = 0x00, - kSE05x_P2_GENERATE = 0x03, - kSE05x_P2_CREATE = 0x04, - kSE05x_P2_SIZE = 0x07, - kSE05x_P2_SIGN = 0x09, - kSE05x_P2_VERIFY = 0x0A, - kSE05x_P2_INIT = 0x0B, - kSE05x_P2_UPDATE = 0x0C, - kSE05x_P2_FINAL = 0x0D, - kSE05x_P2_ONESHOT = 0x0E, - kSE05x_P2_DH = 0x0F, - kSE05x_P2_DIVERSIFY = 0x10, - // kSE05x_P2_AUTH_PART1 = 0x11, - kSE05x_P2_AUTH_FIRST_PART2 = 0x12, - kSE05x_P2_AUTH_NONFIRST_PART2 = 0x13, - kSE05x_P2_DUMP_KEY = 0x14, - kSE05x_P2_CHANGE_KEY_PART1 = 0x15, - kSE05x_P2_CHANGE_KEY_PART2 = 0x16, - kSE05x_P2_KILL_AUTH = 0x17, - kSE05x_P2_IMPORT = 0x18, - kSE05x_P2_EXPORT = 0x19, - kSE05x_P2_SESSION_CREATE = 0x1B, - kSE05x_P2_SESSION_CLOSE = 0x1C, - kSE05x_P2_SESSION_REFRESH = 0x1E, - kSE05x_P2_SESSION_POLICY = 0x1F, - kSE05x_P2_VERSION = 0x20, - kSE05x_P2_VERSION_EXT = 0x21, - kSE05x_P2_MEMORY = 0x22, - kSE05x_P2_LIST = 0x25, - kSE05x_P2_TYPE = 0x26, - kSE05x_P2_EXIST = 0x27, - kSE05x_P2_DELETE_OBJECT = 0x28, - kSE05x_P2_DELETE_ALL = 0x2A, - kSE05x_P2_SESSION_UserID = 0x2C, - kSE05x_P2_HKDF = 0x2D, - kSE05x_P2_PBKDF = 0x2E, - /* Applet >= 4.4 */ - kSE05x_P2_HKDF_EXPAND_ONLY = 0x2F, - kSE05x_P2_I2CM = 0x30, - kSE05x_P2_I2CM_ATTESTED = 0x31, - kSE05x_P2_MAC = 0x32, - kSE05x_P2_UNLOCK_CHALLENGE = 0x33, - kSE05x_P2_CURVE_LIST = 0x34, - kSE05x_P2_SIGN_ECDAA = 0x35, - kSE05x_P2_ID = 0x36, - kSE05x_P2_ENCRYPT_ONESHOT = 0x37, - kSE05x_P2_DECRYPT_ONESHOT = 0x38, - kSE05x_P2_ATTEST = 0x3A, - kSE05x_P2_ATTRIBUTES = 0x3B, - kSE05x_P2_CPLC = 0x3C, - kSE05x_P2_TIME = 0x3D, - kSE05x_P2_TRANSPORT = 0x3E, - kSE05x_P2_VARIANT = 0x3F, - kSE05x_P2_PARAM = 0x40, - kSE05x_P2_DELETE_CURVE = 0x41, - kSE05x_P2_ENCRYPT = 0x42, - kSE05x_P2_DECRYPT = 0x43, - kSE05x_P2_VALIDATE = 0x44, - kSE05x_P2_GENERATE_ONESHOT = 0x45, - kSE05x_P2_VALIDATE_ONESHOT = 0x46, - kSE05x_P2_CRYPTO_LIST = 0x47, - kSE05x_P2_RANDOM = 0x49, - kSE05x_P2_TLS_PMS = 0x4A, - kSE05x_P2_TLS_PRF_CLI_HELLO = 0x4B, - kSE05x_P2_TLS_PRF_SRV_HELLO = 0x4C, - kSE05x_P2_TLS_PRF_CLI_RND = 0x4D, - kSE05x_P2_TLS_PRF_SRV_RND = 0x4E, - kSE05x_P2_TLS_PRF_BOTH = 0x5A, - kSE05x_P2_RAW = 0x4F, - kSE05x_P2_IMPORT_EXT = 0x51, - kSE05x_P2_SCP = 0x52, - kSE05x_P2_AUTH_FIRST_PART1 = 0x53, - kSE05x_P2_AUTH_NONFIRST_PART1 = 0x54, -#if SSS_HAVE_SE05X_VER_GTE_06_00 - kSE05x_P2_CM_COMMAND = 0x55, - kSE05x_P2_MODE_OF_OPERATION = 0x56, - kSE05x_P2_RESTRICT = 0x57, - kSE05x_P2_SANITY = 0x58, - kSE05x_P2_DH_REVERSE = 0x59, - kSE05x_P2_READ_STATE = 0x5B -#endif -} SE05x_P2_t; - - -/** Data for available memory */ -typedef enum -{ - /** Invalid */ - kSE05x_MemoryType_NA = 0, - /** Persistent memory */ - kSE05x_MemoryType_PERSISTENT = 0x01, - /** Transient memory, clear on reset */ - kSE05x_MemoryType_TRANSIENT_RESET = 0x02, - /** Transient memory, clear on deselect */ - kSE05x_MemoryType_TRANSIENT_DESELECT = 0x03, -} SE05x_MemoryType_t; - -/** Where was this object originated */ -typedef enum -{ - /** Invalid */ - kSE05x_Origin_NA = 0, - /** Generated outside the module. */ - kSE05x_Origin_EXTERNAL = 0x01, - /** Generated inside the module. */ - kSE05x_Origin_INTERNAL = 0x02, - /** Trust provisioned by NXP */ - kSE05x_Origin_PROVISIONED = 0x03, -} SE05x_Origin_t; - -/** Different TAG Values to talk to SE05X IoT Applet */ -typedef enum -{ - /** Invalid */ - kSE05x_TAG_NA = 0, - kSE05x_TAG_SESSION_ID = 0x10, - kSE05x_TAG_POLICY = 0x11, - kSE05x_TAG_MAX_ATTEMPTS = 0x12, - kSE05x_TAG_IMPORT_AUTH_DATA = 0x13, - kSE05x_TAG_IMPORT_AUTH_KEY_ID = 0x14, - kSE05x_TAG_POLICY_CHECK = 0x15, - kSE05x_TAG_1 = 0x41, - kSE05x_TAG_2 = 0x42, - kSE05x_TAG_3 = 0x43, - kSE05x_TAG_4 = 0x44, - kSE05x_TAG_5 = 0x45, - kSE05x_TAG_6 = 0x46, - kSE05x_TAG_7 = 0x47, - kSE05x_TAG_8 = 0x48, - kSE05x_TAG_9 = 0x49, - kSE05x_TAG_10 = 0x4A, - kSE05x_TAG_11 = 0x4B, - kSE05x_GP_TAG_CONTRL_REF_PARM = 0xA6, - kSE05x_GP_TAG_AID = 0x4F, - kSE05x_GP_TAG_KEY_TYPE = 0x80, - kSE05x_GP_TAG_KEY_LEN = 0x81, - kSE05x_GP_TAG_GET_DATA = 0x83, - kSE05x_GP_TAG_DR_SE = 0x85, - kSE05x_GP_TAG_RECEIPT = 0x86, - kSE05x_GP_TAG_SCP_PARMS = 0x90, -} SE05x_TAG_t; - -#ifndef __DOXYGEN__ -#define kSE05x_TAG_GP_CONTRL_REF_PARM kSE05x_GP_TAG_CONTRL_REF_PARM -#endif - -/** Different signature algorithms for EC */ -typedef enum -{ - /** Invalid */ - kSE05x_ECSignatureAlgo_NA = 0, - /** NOT SUPPORTED */ - kSE05x_ECSignatureAlgo_PLAIN = 0x09, - kSE05x_ECSignatureAlgo_SHA = 0x11, - kSE05x_ECSignatureAlgo_SHA_224 = 0x25, - kSE05x_ECSignatureAlgo_SHA_256 = 0x21, - kSE05x_ECSignatureAlgo_SHA_384 = 0x22, - kSE05x_ECSignatureAlgo_SHA_512 = 0x26, -} SE05x_ECSignatureAlgo_t; - -/** Different signature algorithms for ED */ -typedef enum -{ - /** Invalid */ - kSE05x_EDSignatureAlgo_NA = 0, - /** Message input must be plain Data. Pure EDDSA algorithm */ - kSE05x_EDSignatureAlgo_ED25519PURE_SHA_512 = 0xA3, -} SE05x_EDSignatureAlgo_t; - -/** Different signature algorithms for ECDAA */ -typedef enum -{ - /** Invalid */ - kSE05x_ECDAASignatureAlgo_NA = 0, - /** Message input must be pre-hashed (using SHA256) */ - kSE05x_ECDAASignatureAlgo_ECDAA = 0xF4, -} SE05x_ECDAASignatureAlgo_t; - -/** Different signature algorithms for RSA */ -typedef enum -{ - /** Invalid */ - kSE05x_RSASignatureAlgo_NA = 0, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignatureAlgo_SHA1_PKCS1_PSS = 0x15, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignatureAlgo_SHA224_PKCS1_PSS = 0x2B, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignatureAlgo_SHA256_PKCS1_PSS = 0x2C, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignatureAlgo_SHA384_PKCS1_PSS = 0x2D, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignatureAlgo_SHA512_PKCS1_PSS = 0x2E, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignatureAlgo_SHA1_PKCS1 = 0x0A, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignatureAlgo_SHA_224_PKCS1 = 0x27, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignatureAlgo_SHA_256_PKCS1 = 0x28, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignatureAlgo_SHA_384_PKCS1 = 0x29, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignatureAlgo_SHA_512_PKCS1 = 0x2A, -} SE05x_RSASignatureAlgo_t; - -/** Different encryption/decryption algorithms for RSA */ -typedef enum -{ - /** Invalid */ - kSE05x_RSAEncryptionAlgo_NA = 0, - /** Plain RSA, padding required on host. */ - kSE05x_RSAEncryptionAlgo_NO_PAD = 0x0C, - /** RFC8017: RSAES-PKCS1-v1_5 */ - kSE05x_RSAEncryptionAlgo_PKCS1 = 0x0A, - /** RFC8017: RSAES-OAEP */ - kSE05x_RSAEncryptionAlgo_PKCS1_OAEP = 0x0F, -} SE05x_RSAEncryptionAlgo_t; - -/** Size of RSA Key Objects */ -typedef enum -{ - /** Invalid */ - kSE05x_RSABitLength_NA = 0, - kSE05x_RSABitLength_512 = 512, - kSE05x_RSABitLength_1024 = 1024, - kSE05x_RSABitLength_1152 = 1152, - kSE05x_RSABitLength_2048 = 2048, - kSE05x_RSABitLength_3072 = 3072, - kSE05x_RSABitLength_4096 = 4096, -} SE05x_RSABitLength_t; - -/** Part of the RSA Key Objects */ -typedef enum -{ - /** Invalid */ - kSE05x_RSAKeyComponent_NA = 0xFF, - /** Modulus */ - kSE05x_RSAKeyComponent_MOD = 0x00, - /** Public key exponent */ - kSE05x_RSAKeyComponent_PUB_EXP = 0x01, - /** Private key exponent */ - kSE05x_RSAKeyComponent_PRIV_EXP = 0x02, - /** CRT component p */ - kSE05x_RSAKeyComponent_P = 0x03, - /** CRT component q */ - kSE05x_RSAKeyComponent_Q = 0x04, - /** CRT component dp */ - kSE05x_RSAKeyComponent_DP = 0x05, - /** CRT component dq */ - kSE05x_RSAKeyComponent_DQ = 0x06, - /** CRT component q_inv */ - kSE05x_RSAKeyComponent_INVQ = 0x07, -} SE05x_RSAKeyComponent_t; - -/** Hashing/Digest algorithms */ -typedef enum -{ - /** Invalid */ - kSE05x_DigestMode_NA = 0, - kSE05x_DigestMode_NO_HASH = 0x00, - kSE05x_DigestMode_SHA = 0x01, - /** Not supported */ - kSE05x_DigestMode_SHA224 = 0x07, - kSE05x_DigestMode_SHA256 = 0x04, - kSE05x_DigestMode_SHA384 = 0x05, - kSE05x_DigestMode_SHA512 = 0x06, -} SE05x_DigestMode_t; - -/** HMAC/CMAC Algorithms */ -typedef enum -{ - /** Invalid */ - kSE05x_MACAlgo_NA = 0, - kSE05x_MACAlgo_HMAC_SHA1 = 0x18, - kSE05x_MACAlgo_HMAC_SHA256 = 0x19, - kSE05x_MACAlgo_HMAC_SHA384 = 0x1A, - kSE05x_MACAlgo_HMAC_SHA512 = 0x1B, - kSE05x_MACAlgo_CMAC_128 = 0x31, -} SE05x_MACAlgo_t; - -/** AEAD Algorithms */ -typedef enum -{ - /** Invalid */ - kSE05x_AeadAlgo_NA = 0, - kSE05x_AeadGCMAlgo = 0xB0, - kSE05x_AeadGCM_IVAlgo = 0xF3, - kSE05x_AeadCCMAlgo = 0xF4, -} SE05x_AeadAlgo_t; - -/** HKDF Mode */ -typedef enum -{ - /** Invalid */ - kSE05x_HkdfMode_NA = 0x00, - kSE05x_HkdfMode_ExtractExpand = 0x01, - kSE05x_HkdfMode_ExpandOnly = 0x02, -} SE05x_HkdfMode_t; - -/** ECC Curve Identifiers */ -typedef enum -{ - /** Invalid */ - kSE05x_ECCurve_NA = 0x00, - kSE05x_ECCurve_NIST_P192 = 0x01, - kSE05x_ECCurve_NIST_P224 = 0x02, - kSE05x_ECCurve_NIST_P256 = 0x03, - kSE05x_ECCurve_NIST_P384 = 0x04, - kSE05x_ECCurve_NIST_P521 = 0x05, - kSE05x_ECCurve_Brainpool160 = 0x06, - kSE05x_ECCurve_Brainpool192 = 0x07, - kSE05x_ECCurve_Brainpool224 = 0x08, - kSE05x_ECCurve_Brainpool256 = 0x09, - kSE05x_ECCurve_Brainpool320 = 0x0A, - kSE05x_ECCurve_Brainpool384 = 0x0B, - kSE05x_ECCurve_Brainpool512 = 0x0C, - kSE05x_ECCurve_Secp160k1 = 0x0D, - kSE05x_ECCurve_Secp192k1 = 0x0E, - kSE05x_ECCurve_Secp224k1 = 0x0F, - kSE05x_ECCurve_Secp256k1 = 0x10, - kSE05x_ECCurve_TPM_ECC_BN_P256 = 0x11, - /** Not Weierstrass */ - kSE05x_ECCurve_ECC_ED_25519 = 0x40, - kSE05x_ECCurve_ECC_MONT_DH_25519 = 0x41, - /** Not Weierstrass */ - kSE05x_ECCurve_ECC_MONT_DH_448 = 0x43, -} SE05x_ECCurve_t; - -#ifndef __DOXYGEN__ - -/** Same as kSE05x_ECCurve_TPM_ECC_BN_P256 */ -#define kSE05x_ECCurve_RESERVED_ID_ECC_ED_25519 kSE05x_ECCurve_ECC_ED_25519 -#define kSE05x_ECCurve_RESERVED_ID_ECC_MONT_DH_25519 kSE05x_ECCurve_ECC_MONT_DH_25519 -#if SSS_HAVE_SE05X_VER_GTE_06_00 -#define kSE05x_ECCurve_RESERVED_ID_ECC_MONT_DH_448 kSE05x_ECCurve_ECC_MONT_DH_448 -#endif -#define kSE05x_ECCurve_Total_Weierstrass_Curves kSE05x_ECCurve_TPM_ECC_BN_P256 -#endif - -/** Parameters while setting the curve */ -typedef enum -{ /** Invalid */ - kSE05x_ECCurveParam_NA = 0, - kSE05x_ECCurveParam_PARAM_A = 0x01, - kSE05x_ECCurveParam_PARAM_B = 0x02, - kSE05x_ECCurveParam_PARAM_G = 0x04, - kSE05x_ECCurveParam_PARAM_N = 0x08, - kSE05x_ECCurveParam_PARAM_PRIME = 0x10, -} SE05x_ECCurveParam_t; - -/** Symmetric cipher modes */ -typedef enum -{ - /** Invalid */ - kSE05x_CipherMode_NA = 0, - /** Typically using DESKey identifiers */ - kSE05x_CipherMode_DES_CBC_NOPAD = 0x01, - /** Typically using DESKey identifiers */ - kSE05x_CipherMode_DES_CBC_ISO9797_M1 = 0x02, - /** Typically using DESKey identifiers */ - kSE05x_CipherMode_DES_CBC_ISO9797_M2 = 0x03, - /** NOT SUPPORTED */ - kSE05x_CipherMode_DES_CBC_PKCS5 = 0x04, - /** Typically using DESKey identifiers */ - kSE05x_CipherMode_DES_ECB_NOPAD = 0x05, - /** NOT SUPPORTED */ - kSE05x_CipherMode_DES_ECB_ISO9797_M1 = 0x06, - /** NOT SUPPORTED */ - kSE05x_CipherMode_DES_ECB_ISO9797_M2 = 0x07, - /** NOT SUPPORTED */ - kSE05x_CipherMode_DES_ECB_PKCS5 = 0x08, - /** Typically using AESKey identifiers */ - kSE05x_CipherMode_AES_ECB_NOPAD = 0x0E, - /** Typically using AESKey identifiers */ - kSE05x_CipherMode_AES_CBC_NOPAD = 0x0D, - /** Typically using AESKey identifiers */ - kSE05x_CipherMode_AES_CBC_ISO9797_M1 = 0x16, - /** Typically using AESKey identifiers */ - kSE05x_CipherMode_AES_CBC_ISO9797_M2 = 0x17, - /** NOT SUPPORTED */ - kSE05x_CipherMode_AES_CBC_PKCS5 = 0x18, - /** Typically using AEAD GCM mode */ - kSE05x_CipherMode_AES_GCM = 0xB0, - /** Typically using AESKey identifiers */ - kSE05x_CipherMode_AES_CTR = 0xF0, - /** Typically using AEAD GCM with internal IV Gen */ - kSE05x_CipherMode_AES_GCM_INT_IV = 0xF3, - /** Typically using AEAD CCM mode */ - kSE05x_CipherMode_AES_CCM = 0xF4, -} SE05x_CipherMode_t; - -/** Features which are available / enabled in the Applet */ -typedef enum { - /** Invalid */ - kSE05x_AppletConfig_NA = 0, - /** Use of curve TPM_ECC_BN_P256 */ - kSE05x_AppletConfig_ECDAA = 0x0001, - /** EC DSA and DH support */ - kSE05x_AppletConfig_ECDSA_ECDH_ECDHE = 0x0002, - /** Use of curve RESERVED_ID_ECC_ED_25519 */ - kSE05x_AppletConfig_EDDSA = 0x0004, - /** Use of curve RESERVED_ID_ECC_MONT_DH_25519 */ - kSE05x_AppletConfig_DH_MONT = 0x0008, - /** Writing HMACKey objects */ - kSE05x_AppletConfig_HMAC = 0x0010, - /** Writing RSAKey objects */ - kSE05x_AppletConfig_RSA_PLAIN = 0x0020, - /** Writing RSAKey objects */ - kSE05x_AppletConfig_RSA_CRT = 0x0040, - /** Writing AESKey objects */ - kSE05x_AppletConfig_AES = 0x0080, - /** Writing DESKey objects */ - kSE05x_AppletConfig_DES = 0x0100, - /** PBKDF2 */ - kSE05x_AppletConfig_PBKDF = 0x0200, - /** TLS Handshake support commands (see 4.16) in APDU Spec*/ - kSE05x_AppletConfig_TLS = 0x0400, - /** Mifare DESFire support (see 4.15) in APDU Spec*/ - kSE05x_AppletConfig_MIFARE = 0x0800, - /** RFU1 */ - kSE05x_AppletConfig_RFU1 = 0x1000, - /** I2C Master support (see 4.17) in APDU Spec*/ - kSE05x_AppletConfig_I2CM = 0x2000, - /** RFU2 */ - kSE05x_AppletConfig_RFU2 = 0x4000, -} SE05x_AppletConfig_t; - -/** Transient / Persistent lock */ -typedef enum -{ - /** Invalid */ - kSE05x_LockIndicator_NA = 0, - kSE05x_LockIndicator_TRANSIENT_LOCK = 0x01, - kSE05x_LockIndicator_PERSISTENT_LOCK = 0x02, -} SE05x_LockIndicator_t; - -/** - * Applet >= 4.4 - * - * See @ref Se05x_API_DisableObjCreation */ -typedef enum -{ - kSE05x_RestrictMode_NA = 0, - kSE05x_RestrictMode_RESTRICT_NEW = 0x01, - kSE05x_RestrictMode_RESTRICT_ALL = 0x02, -} SE05x_RestrictMode_t; - -/** - * Lock the sample (until unlocked ) - */ -typedef enum -{ - /** Invalid */ - kSE05x_LockState_NA = 0, - kSE05x_LockState_LOCKED = 0x01, - // kSE05x_LockState_UNLOCKED = Any except 0x01, -} SE05x_LockState_t; - -/** Cryptographic context for operation */ -typedef enum -{ - /** Invalid */ - kSE05x_CryptoContext_NA = 0, - /** For DigestInit/DigestUpdate/DigestFinal */ - kSE05x_CryptoContext_DIGEST = 0x01, - /** For CipherInit/CipherUpdate/CipherFinal */ - kSE05x_CryptoContext_CIPHER = 0x02, - /** For MACInit/MACUpdate/MACFinal */ - kSE05x_CryptoContext_SIGNATURE = 0x03, - /** For AEADInit/AEADUpdate/AEADFinal */ - kSE05x_CryptoContext_AEAD = 0x04, -} SE05x_CryptoContext_t; - -/** Result of operations */ -typedef enum -{ - /** Invalid */ - kSE05x_Result_NA = 0, - kSE05x_Result_SUCCESS = 0x01, - kSE05x_Result_FAILURE = 0x02, -} SE05x_Result_t; - -/** Whether object is transient or persistent */ -typedef enum -{ - /** Invalid */ - kSE05x_TransientIndicator_NA = 0, - kSE05x_TransientIndicator_PERSISTENT = 0x01, - kSE05x_TransientIndicator_TRANSIENT = 0x02, -} SE05x_TransientIndicator_t; - -/** Whether object attribute is set */ -typedef enum -{ - /** Invalid */ - kSE05x_SetIndicator_NA = 0, - kSE05x_SetIndicator_NOT_SET = 0x01, - kSE05x_SetIndicator_SET = 0x02, -} SE05x_SetIndicator_t; - -/** When there are more entries yet to be fetched from few of the APIs */ -typedef enum -{ - /** Invalid */ - kSE05x_MoreIndicator_NA = 0, - /** No more data available */ - kSE05x_MoreIndicator_NO_MORE = 0x01, - /** More data available */ - kSE05x_MoreIndicator_MORE = 0x02, -} SE05x_MoreIndicator_t; - -#if SSS_HAVE_SE05X_VER_GTE_06_00 -/** Health check */ -typedef enum -{ - /** Invalid */ - kSE05x_HealthCheckMode_NA = 0, - /** Performs all on-demand self-tests. Can only be done when - * the module is in FIPS mode. When the test fails, the chip - * goes into TERMINATED state. */ - kSE05x_HealthCheckMode_FIPS = 0xF906, - /** Performs ROM integrity checks. When the test fails, the chip - * triggers the attack counter and the chip will reset. */ - kSE05x_HealthCheckMode_CODE_SIGNATURE = 0xFE01, - /** Performs flash integrity tests. When the test fails, the chip - * triggers the attack counter and the chip will reset. */ - kSE05x_HealthCheckMode_DYNAMIC_FLASH_INTEGRITY = 0xFD02, - /** Performs tests on the active shield protection of the - * hardware. When the test fails, the chip triggers the attack - * counter and the chip will reset. */ - kSE05x_HealthCheckMode_SHIELDING = 0xFB04, - /** Performs self-tests on hardware sensors and reports the - * status. */ - kSE05x_HealthCheckMode_SENSOR = 0xFA05, - /** Performs self-tests on the hardware registers. When the test - * fails, the chip triggers the attack counter and the chip will - * reset. */ - kSE05x_HealthCheckMode_SFR_CHECK = 0xFC03, -} SE05x_HealthCheckMode_t; -#endif - -/** Mandate platform SCP or not */ -typedef enum -{ - /** Invalid */ - kSE05x_PlatformSCPRequest_NA = 0, - /** Platform SCP is required (full enc & MAC) */ - kSE05x_PlatformSCPRequest_REQUIRED = 0x01, - /** No platform SCP required. */ - kSE05x_PlatformSCPRequest_NOT_REQUIRED = 0x02, -} SE05x_PlatformSCPRequest_t; - -/** Crypto object identifiers */ -typedef enum -{ - /** Invalid */ - kSE05x_CryptoObject_NA = 0, - kSE05x_CryptoObject_DIGEST_SHA, - kSE05x_CryptoObject_DIGEST_SHA224, - kSE05x_CryptoObject_DIGEST_SHA256, - kSE05x_CryptoObject_DIGEST_SHA384, - kSE05x_CryptoObject_DIGEST_SHA512, - kSE05x_CryptoObject_DES_CBC_NOPAD, - kSE05x_CryptoObject_DES_CBC_ISO9797_M1, - kSE05x_CryptoObject_DES_CBC_ISO9797_M2, - kSE05x_CryptoObject_DES_CBC_PKCS5, - kSE05x_CryptoObject_DES_ECB_NOPAD, - kSE05x_CryptoObject_DES_ECB_ISO9797_M1, - kSE05x_CryptoObject_DES_ECB_ISO9797_M2, - kSE05x_CryptoObject_DES_ECB_PKCS5, - kSE05x_CryptoObject_AES_ECB_NOPAD, - kSE05x_CryptoObject_AES_CBC_NOPAD, - kSE05x_CryptoObject_AES_CBC_ISO9797_M1, - kSE05x_CryptoObject_AES_CBC_ISO9797_M2, - kSE05x_CryptoObject_AES_CBC_PKCS5, - kSE05x_CryptoObject_AES_CTR, - kSE05x_CryptoObject_HMAC_SHA1, - kSE05x_CryptoObject_HMAC_SHA256, - kSE05x_CryptoObject_HMAC_SHA384, - kSE05x_CryptoObject_HMAC_SHA512, - kSE05x_CryptoObject_CMAC_128, - kSE05x_CryptoObject_AES_GCM, - kSE05x_CryptoObject_AES_GCM_INT_IV, - kSE05x_CryptoObject_AES_CCM, -} SE05x_CryptoObject_t; - -/** @copydoc SE05x_CryptoObject_t */ -#define SE05x_CryptoObjectID_t SE05x_CryptoObject_t - -/** Maximum number of session supported by SE050 */ -#define SE050_MAX_NUMBER_OF_SESSIONS 2 -/** Maximum number of session supported by SE050 */ -#define SE050_OBJECT_IDENTIFIER_SIZE 4 -/** How many bytes can be used for buffer for I2C Master interface */ -#define SE050_MAX_I2CM_COMMAND_LENGTH 255 -/** - * the maximum APDU payload length will be smaller, depending on which protocol applies, etc. - */ -#define SE050_MAX_APDU_PAYLOAD_LENGTH 892 -//#define SE050_DEFAULT_MAX_ATTEMPTS 10 - -/** 3 MSBit for instruction characteristics. */ -#define SE050_INS_MASK_INS_CHAR 0xE0 -/** 5 LSBit for instruction */ -#define SE050_INS_MASK_INSTRUCTION 0x1F - -/** Type of Object */ -typedef enum -{ - /** */ - kSE05x_SecObjTyp_EC_KEY_PAIR = 0x01, - /** */ - kSE05x_SecObjTyp_EC_PRIV_KEY = 0x02, - /** */ - kSE05x_SecObjTyp_EC_PUB_KEY = 0x03, - /** */ - kSE05x_SecObjTyp_RSA_KEY_PAIR = 0x04, - /** */ - kSE05x_SecObjTyp_RSA_KEY_PAIR_CRT = 0x05, - /** */ - kSE05x_SecObjTyp_RSA_PRIV_KEY = 0x06, - /** */ - kSE05x_SecObjTyp_RSA_PRIV_KEY_CRT = 0x07, - /** */ - kSE05x_SecObjTyp_RSA_PUB_KEY = 0x08, - /** */ - kSE05x_SecObjTyp_AES_KEY = 0x09, - /** */ - kSE05x_SecObjTyp_DES_KEY = 0x0A, - /** */ - kSE05x_SecObjTyp_BINARY_FILE = 0x0B, - /** */ - kSE05x_SecObjTyp_UserID = 0x0C, - /** */ - kSE05x_SecObjTyp_COUNTER = 0x0D, - /** */ - kSE05x_SecObjTyp_PCR = 0x0F, - /** */ - kSE05x_SecObjTyp_CURVE = 0x10, - /** */ - kSE05x_SecObjTyp_HMAC_KEY = 0x11, -} SE05x_SecObjTyp_t; - -/** @copydoc SE05x_SecObjTyp_t */ -typedef SE05x_SecObjTyp_t SE05x_SecureObjectType_t; - -/** Type of memory. Used when we query available free size */ -typedef enum -{ - /** Transient memory, clear on reset */ - kSE05x_MemTyp_TRANSIENT_RESET = 0x01, - /** Transient memory, clear on deselect */ - kSE05x_MemTyp_TRANSIENT_DESELECT = 0x02, - /** Persistent memory */ - kSE05x_MemTyp_PERSISTENT = 0x03, -} SE05x_MemTyp_t; - -/** Algorithms for RSA Signature */ -typedef enum -{ - /** Invalid */ - kSE05x_RSASignAlgo_NA = 0, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignAlgo_SHA1_PKCS1_PSS = 0x15, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignAlgo_SHA224_PKCS1_PSS = 0x2B, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignAlgo_SHA256_PKCS1_PSS = 0x2C, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignAlgo_SHA384_PKCS1_PSS = 0x2D, - /** RFC8017: RSASSA-PSS */ - kSE05x_RSASignAlgo_SHA512_PKCS1_PSS = 0x2E, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignAlgo_SHA_224_PKCS1 = 0x27, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignAlgo_SHA_256_PKCS1 = 0x28, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignAlgo_SHA_384_PKCS1 = 0x29, - /** RFC8017: RSASSA-PKCS1-v1_5 */ - kSE05x_RSASignAlgo_SHA_512_PKCS1 = 0x2A, -} SE05x_RSASignAlgo_t; - -// typedef enum -// { -// /** Plain RSA, padding required on host. */ -// kSE05x_RSAEncrAlgo_NO_PAD = 0x0C, -// * RFC8017: RSAES-PKCS1-v1_5 -// kSE05x_RSAEncrAlgo_PKCS1 = 0x0A, -// /** RFC8017: RSAES-OAEP */ -// kSE05x_RSAEncrAlgo_PKCS1_OAEP = 0x0F, -// } SE05x_RSAEncrAlgo_t; - -/** Public part of RSA Keys */ -typedef enum -{ - kSE05x_RSAPubKeyComp_NA = 0, - kSE05x_RSAPubKeyComp_MOD = kSE05x_RSAKeyComponent_MOD, - kSE05x_RSAPubKeyComp_PUB_EXP = kSE05x_RSAKeyComponent_PUB_EXP, -} SE05x_RSAPubKeyComp_t; - -/** Cyrpto module subtype */ -typedef union { - /** In case it's digest */ - SE05x_DigestMode_t digest; - /** In case it's cipher */ - SE05x_CipherMode_t cipher; - /** In case it's mac */ - SE05x_MACAlgo_t mac; - /** In case it's aead */ - SE05x_AeadAlgo_t aead; - /** Accessing 8 bit value for APDUs */ - uint8_t union_8bit; -} SE05x_CryptoModeSubType_t; - -/** @addtogroup se050_i2cm - * - * @{ - */ -/** @brief I2C Master micro operation */ -typedef enum -{ - kSE05x_TAG_I2CM_Config = 0x01, - kSE05x_TAG_I2CM_Write = 0x03, - kSE05x_TAG_I2CM_Read = 0x04, -} SE05x_I2CM_TAG_t; - -/*! -*@} -*/ /* end of se050_i2cm */ - -/** Whether key is transient of persistent */ -typedef enum -{ - kSE05x_TransientType_Persistent = 0, - kSE05x_TransientType_Transient = kSE05x_INS_TRANSIENT, -} SE05x_TransientType_t; - -/** Part of the asymmetric key */ -typedef enum -{ - kSE05x_KeyPart_NA = kSE05x_P1_DEFAULT, - /** Key pair (private key + public key) */ - kSE05x_KeyPart_Pair = kSE05x_P1_KEY_PAIR, - /** Private key */ - kSE05x_KeyPart_Private = kSE05x_P1_PRIVATE, - /** Public key */ - kSE05x_KeyPart_Public = kSE05x_P1_PUBLIC, -} SE05x_KeyPart_t; - -/** Cipher Operation. - * - * Encrypt or decrypt */ -typedef enum -{ - kSE05x_Cipher_Oper_NA = 0, - kSE05x_Cipher_Oper_Encrypt = kSE05x_P2_ENCRYPT, - kSE05x_Cipher_Oper_Decrypt = kSE05x_P2_DECRYPT, -} SE05x_Cipher_Oper_t; - -/** One Shot operations helper */ -typedef enum -{ - kSE05x_Cipher_Oper_OneShot_NA = 0, - kSE05x_Cipher_Oper_OneShot_Encrypt = kSE05x_P2_ENCRYPT_ONESHOT, - kSE05x_Cipher_Oper_OneShot_Decrypt = kSE05x_P2_DECRYPT_ONESHOT, -} SE05x_Cipher_Oper_OneShot_t; - -/** MAC operations */ -typedef enum -{ - kSE05x_Mac_Oper_NA = 0, - kSE05x_Mac_Oper_Generate = kSE05x_P2_GENERATE, - kSE05x_Mac_Oper_Validate = kSE05x_P2_VALIDATE, -} SE05x_Mac_Oper_t; - -/** In case the read is attested */ -typedef enum -{ - kSE05x_AttestationType_None = 0, - kSE05x_AttestationType_AUTH = kSE05x_INS_AUTH_OBJECT, -} SE05x_AttestationType_t; - -/** Symmetric keys */ -typedef enum -{ - kSE05x_SymmKeyType_NA = 0, - kSE05x_SymmKeyType_AES = kSE05x_P1_AES, - kSE05x_SymmKeyType_DES = kSE05x_P1_DES, - kSE05x_SymmKeyType_HMAC = kSE05x_P1_HMAC, - kSE05x_SymmKeyType_CMAC = kSE05x_P1_AES, -} SE05x_SymmKeyType_t; - -/** @copydoc SE05x_AppletConfig_t */ -typedef SE05x_AppletConfig_t SE05x_Variant_t; - -/** TLS Perform PRF */ -typedef enum -{ - kSE05x_TLS_PRF_NA = 0, - kSE05x_TLS_PRF_CLI_HELLO = kSE05x_P2_TLS_PRF_CLI_HELLO, - kSE05x_TLS_PRF_SRV_HELLO = kSE05x_P2_TLS_PRF_SRV_HELLO, - kSE05x_TLS_PRF_CLI_RND = kSE05x_P2_TLS_PRF_CLI_RND, - kSE05x_TLS_PRF_SRV_RND = kSE05x_P2_TLS_PRF_SRV_RND, - kSE05x_TLS_PRF_BOTH = kSE05x_P2_TLS_PRF_BOTH, -} SE05x_TLSPerformPRFType_t; - -/** Attestation */ -typedef enum -{ - kSE05x_AttestationAlgo_NA = 0, - kSE05x_AttestationAlgo_EC_PLAIN = kSE05x_ECSignatureAlgo_PLAIN, - kSE05x_AttestationAlgo_EC_SHA = kSE05x_ECSignatureAlgo_SHA, - kSE05x_AttestationAlgo_EC_SHA_224 = kSE05x_ECSignatureAlgo_SHA_224, - kSE05x_AttestationAlgo_EC_SHA_256 = kSE05x_ECSignatureAlgo_SHA_256, - kSE05x_AttestationAlgo_EC_SHA_384 = kSE05x_ECSignatureAlgo_SHA_384, - kSE05x_AttestationAlgo_EC_SHA_512 = kSE05x_ECSignatureAlgo_SHA_512, - kSE05x_AttestationAlgo_ED25519PURE_SHA_512 = kSE05x_EDSignatureAlgo_ED25519PURE_SHA_512, - kSE05x_AttestationAlgo_ECDAA = kSE05x_ECDAASignatureAlgo_ECDAA, - kSE05x_AttestationAlgo_RSA_SHA1_PKCS1_PSS = kSE05x_RSASignatureAlgo_SHA1_PKCS1_PSS, - kSE05x_AttestationAlgo_RSA_SHA224_PKCS1_PSS = kSE05x_RSASignatureAlgo_SHA224_PKCS1_PSS, - kSE05x_AttestationAlgo_RSA_SHA256_PKCS1_PSS = kSE05x_RSASignatureAlgo_SHA256_PKCS1_PSS, - kSE05x_AttestationAlgo_RSA_SHA384_PKCS1_PSS = kSE05x_RSASignatureAlgo_SHA384_PKCS1_PSS, - kSE05x_AttestationAlgo_RSA_SHA512_PKCS1_PSS = kSE05x_RSASignatureAlgo_SHA512_PKCS1_PSS, - kSE05x_AttestationAlgo_RSA_SHA_224_PKCS1 = kSE05x_RSASignatureAlgo_SHA_224_PKCS1, - kSE05x_AttestationAlgo_RSA_SHA_256_PKCS1 = kSE05x_RSASignatureAlgo_SHA_256_PKCS1, - kSE05x_AttestationAlgo_RSA_SHA_384_PKCS1 = kSE05x_RSASignatureAlgo_SHA_384_PKCS1, - kSE05x_AttestationAlgo_RSA_SHA_512_PKCS1 = kSE05x_RSASignatureAlgo_SHA_512_PKCS1, - -} SE05x_AttestationAlgo_t; - -/** RSA Key format */ -typedef enum -{ - kSE05x_RSAKeyFormat_CRT = kSE05x_P2_DEFAULT, - kSE05x_RSAKeyFormat_RAW = kSE05x_P2_RAW, -} SE05x_RSAKeyFormat_t; - -/** @copydoc SE05x_MACAlgo_t */ -typedef SE05x_MACAlgo_t SE05x_MacOperation_t; - -/** SE05X's key IDs */ -typedef uint32_t SE05x_KeyID_t; -/** Case when there is no KEK */ -#define SE05x_KeyID_KEK_NONE 0 - -/** [Optional: if the authentication key is the same as the key to be replaced, this TAG should not be present]. */ -#define SE05x_KeyID_MFDF_NONE 0 - -/** SE05X key's max attempts */ -typedef uint16_t SE05x_MaxAttemps_t; -/** Fall back to applet default */ -#define SE05x_MaxAttemps_UNLIMITED 0 -/** Identify in code that this is not an AUTH object and hence not applicable */ -#define SE05x_MaxAttemps_NA 0 - -/** When we want to read with attestation */ -#define kSE05x_INS_READ_With_Attestation (kSE05x_INS_READ | kSE05x_INS_ATTEST) - -/** When we want to read I2CM Data with attestation */ -#define kSE05x_INS_I2CM_Attestation (kSE05x_INS_CRYPTO | kSE05x_INS_ATTEST) - -#ifndef __DOXYGEN__ -/* RSA Helper Macros to make code little more readable */ -#define SE05X_RSA_NO_p /* Skip */ NULL, 0 -#define SE05X_RSA_NO_q /* Skip */ NULL, 0 -#define SE05X_RSA_NO_dp /* Skip */ NULL, 0 -#define SE05X_RSA_NO_dq /* Skip */ NULL, 0 -#define SE05X_RSA_NO_qInv /* Skip */ NULL, 0 -#define SE05X_RSA_NO_pubExp /* Skip */ NULL, 0 -#define SE05X_RSA_NO_priv /* Skip */ NULL, 0 -#define SE05X_RSA_NO_pubMod /* Skip */ NULL, 0 -#endif // __DOXYGEN__ - - -#endif /* SE05x_ENUMS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ftr.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ftr.h deleted file mode 100644 index 95ac4a2ee..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_ftr.h +++ /dev/null @@ -1,36 +0,0 @@ -/* -* -* Copyright 2019,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef SE05X_FTR_H -#define SE05X_FTR_H - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT - -#include - -/** @def SE05X_FTR_8BIT_CURVE_ID - * - * Curve IDs are 8bit wide. Else, the follow same 32 bit - * namespace. - */ - -#if APPLET_SE050_VER_MAJOR_MINOR > 10002u -#define SE05X_FTR_8BIT_CURVE_ID (1) -#define SE05X_FTR_32BIT_CURVE_ID (0) -#else -#define SE05X_FTR_8BIT_CURVE_ID (0) -#define SE05X_FTR_32BIT_CURVE_ID (1) -#endif /* APPLET_SE050_VER_MAJOR_MINOR > 10002u */ - -#endif /* SSS_HAVE_APPLET_SE05X_IOT */ - -#endif /* SE05X_FTR_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_tlv.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_tlv.h deleted file mode 100644 index 3c2158ac8..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/se05x_tlv.h +++ /dev/null @@ -1,370 +0,0 @@ -/* -* -* Copyright 2019,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef SE05X_TLV_H_INC -#define SE05X_TLV_H_INC - -#include -#include - - -#include "nxLog.h" -#include "nxScp03_Types.h" -//#include - -// #define VERBOSE_APDU_LOGS 1 - - -#define kSE05x_CLA 0x80 - -typedef enum -{ - SM_NOT_OK = 0xFFFF, - SM_OK = 0x9000, - SM_ERR_CONDITIONS_OF_USE_NOT_SATISFIED = 0x6985, - SM_ERR_ACCESS_DENIED_BASED_ON_POLICY = 0x6986, -} smStatus_t; - - -typedef enum -{ - CRED_DEFAULT = 0x00, - CRED_EC = 0x01, - CRED_RSA = 0x02, - CRED_AES = 0x03, - CRED_DES = 0x04, - CRED_BINARY = 0x05, - CRED_PIN = 0x06, - CRED_COUNTER = 0x07, - CRED_PCR = 0x08, - CRED_OBJECT = 0x09, - - CRED_PUB_EC, - CRED_PUB_RSA -} eSE05xType_t; - - -typedef struct -{ - uint8_t *se05xTxBuf; - size_t se05xTxBufLen; - size_t ws_LC; // With Session LC - size_t ws_LCW; // With Session LC Width 1 or 3 bytes - uint8_t *wsSe05x_cmd; // WithSession SE05X command - size_t wsSe05x_cmdLen; // WithSession SE05X command Length - size_t wsSe05x_tag1Len; // WithSession SE05X Tag1 len - size_t wsSe05x_tag1W; // WithSession SE05X Tag1 Width - uint8_t *wsSe05x_tag1Cmd; // WithSession SE05X Tag1 Command Data - size_t wsSe05x_tag1CmdLen; // WithSession SE05X Tag1 Command Data Len - const tlvHeader_t *se05xCmd_hdr; // SE05x Command Header - size_t se05xCmdLC; // SE05x Command LC - size_t se05xCmdLCW; // SE05x Command LC width - uint8_t *se05xCmd; // SE05x Command - size_t se05xCmdLen; // SE05x Command Length - uint8_t *dataToMac; - size_t dataToMacLen; -} Se05xApdu_t; - -struct Se05xSession; -struct _sss_se05x_tunnel_context; - -typedef struct Se05xSession -{ - uint8_t value[8]; - uint8_t hasSession : 1; - SE_AuthType_t authType; - /** Meta Funciton - * - * Internall first calls fp_Transform - * Then calls fp_RawTXn - * Then calls fp_DeCrypt - */ - smStatus_t(*fp_TXn)(struct Se05xSession * pSession, - const tlvHeader_t *hdr, uint8_t *cmdBuf, size_t cmdBufLen, uint8_t *rsp, size_t *rspLen, uint8_t hasle); - - /** API called by fp_TXn. Helps handle UserID/Applet/ECKey to transform buffer. - * - * But this API never sends any data out over any communication link. */ - smStatus_t(*fp_Transform)(struct Se05xSession * pSession, - /** IN */ - const tlvHeader_t *inHdr, - /** IN */ - uint8_t *inCmdBuf, - /** IN */ - size_t inCmdBufLen, - /** OUT: - * For Session less, - * For Platform SCP this will be copy of, inHDR, with outHdr[0] = outHdr[0] | 0x04 - * For Plain Session: Same as inHDR - * - * For With Session: - * This will be with TLV Header for Wrapped Session Command - */ - tlvHeader_t *outHdr, - /** OUT: For Session less, this will be copy of inCmdBuf - * - * For session based impelementation, this will have - * TAG=Session, L=8,V=Session,TAG=TAG1,L=inCmdBufLen,inCmdBuf */ - uint8_t * pTxBuf, - /** IN,OUT: */ - size_t * pTxBufLen, - /** IN */ - uint8_t hasle); - - /* API called by fp_TXn. Helps handle Applet/Fast SCP to decrypt buffer. - * - * But this API never reads any data */ - smStatus_t(*fp_DeCrypt)(struct Se05xSession * pSession, - size_t prevCmdBufLen, - uint8_t *pInRxBuf, - size_t *pInRxBufLen, - uint8_t hasle); -#if SSS_HAVE_APPLET_SE05X_IOT - /* It's either a minimal/single implemntation that calls smCom_TransceiveRaw() - * - * if pTunnelCtx is Null, directly call smCom_TransceiveRaw() - * - * Or an API part of tunnel ctx that can do PlatformSCP */ - smStatus_t (*fp_RawTXn)(void *conn_ctx, - struct _sss_se05x_tunnel_context *pChannelCtx, - SE_AuthType_t currAuth, - const tlvHeader_t *hdr, - uint8_t *cmdBuf, - size_t cmdBufLen, - uint8_t *rsp, - size_t *rspLen, - uint8_t hasle); - - struct _sss_se05x_tunnel_context * pChannelCtx; -#endif -#if SSS_HAVE_SE - smStatus_t(*fp_Transmit)( - SE_AuthType_t currAuth, - const tlvHeader_t *hdr, - uint8_t *cmdBuf, - size_t cmdBufLen, - uint8_t *rsp, - size_t *rspLen, - uint8_t hasle); -#endif - NXSCP03_DynCtx_t *pdynScp03Ctx; - - /**Connection data context */ - void *conn_ctx; -} Se05xSession_t; - - -typedef struct -{ - uint8_t *value; - size_t value_len; -} Se05xPolicy_t; - -typedef struct -{ - uint8_t ts[12]; -} SE05x_TimeStamp_t; - -typedef struct -{ - uint8_t features[30]; -} SE05x_ExtendedFeatures_t; - -typedef struct -{ - SE05x_Variant_t variant; - SE05x_ExtendedFeatures_t *extended_features; -} Se05x_AppletFeatures_t; - -typedef Se05x_AppletFeatures_t *pSe05xAppletFeatures_t; -typedef Se05xSession_t *pSe05xSession_t; -typedef Se05xPolicy_t *pSe05xPolicy_t; - -#if VERBOSE_APDU_LOGS -#define DO_LOG_V(TAG, DESCRIPTION, VALUE) nLog("APDU", NX_LEVEL_DEBUG, #TAG " [" DESCRIPTION "] = 0x%X", VALUE); -#define DO_LOG_A(TAG, DESCRIPTION, ARRAY, ARRAY_LEN) \ - nLog_au8("APDU", NX_LEVEL_DEBUG, #TAG " [" DESCRIPTION "]", ARRAY, ARRAY_LEN); -#else -#define DO_LOG_V(TAG, DESCRIPTION, VALUE) -#define DO_LOG_A(TAG, DESCRIPTION, ARRAY, ARRAY_LEN) -#endif - -#define TLVSET_Se05xSession(DESCRIPTION, PBUF, PBUFLEN, TAG, SESSIONID) \ - TLVSET_u8buf(DESCRIPTION, PBUF, PBUFLEN, TAG, SESSIONID->value, sizeof(SESSIONID->value)) - -#define TLVSET_Se05xPolicy(DESCRIPTION, PBUF, PBUFLEN, TAG, POLICY) \ - tlvSet_Se05xPolicy(DESCRIPTION, PBUF, PBUFLEN, TAG, POLICY) - -#define TLVSET_U8(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_U8(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_U16(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_U16(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_U16Optional(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_U16Optional(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_U32(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_U32(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_U64_SIZE(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE,SIZE) \ - tlvSet_U64_size(PBUF, PBUFLEN, TAG, VALUE,SIZE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_KeyID(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_KeyID(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_MaxAttemps(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_MaxAttemps(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_AttestationAlgo TLVSET_U8 -#define TLVSET_CipherMode TLVSET_U8 - -#define TLVSET_ECCurve(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - tlvSet_ECCurve(PBUF, PBUFLEN, TAG, VALUE); \ - DO_LOG_V(TAG, DESCRIPTION, VALUE) - -#define TLVSET_ECCurveParam TLVSET_U8 -#define TLVSET_ECDAASignatureAlgo TLVSET_U8 -#define TLVSET_ECSignatureAlgo TLVSET_U8 -#define TLVSET_EDSignatureAlgo TLVSET_U8 -#define TLVSET_MacOperation TLVSET_U8 -#define TLVSET_RSAEncryptionAlgo TLVSET_U8 -#define TLVSET_RSAKeyComponent TLVSET_U8 -#define TLVSET_RSASignatureAlgo TLVSET_U8 -#define TLVSET_DigestMode TLVSET_U8 -#define TLVSET_Variant tlvSet_u8buf_features -#define TLVSET_RSAPubKeyComp TLVSET_U8 -#define TLVSET_PlatformSCPRequest TLVSET_U8 -#define TLVSET_MemoryType TLVSET_U8 - -#define TLVSET_CryptoContext TLVSET_U8 -#define TLVSET_CryptoModeSubType(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) \ - TLVSET_U8(DESCRIPTION, PBUF, PBUFLEN, TAG, ((VALUE).union_8bit)) - -#define TLVSET_CryptoObjectID TLVSET_U16 - -// #define TLVSET_pVoid(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) (0) -// #define tlvGet_pVoid(DESCRIPTION, PBUF, PBUFLEN, TAG, VALUE) (0) - -#define TLVSET_u8buf(DESCRIPTION, PBUF, PBUFLEN, TAG, CMD, CMDLEN) \ - tlvSet_u8buf(PBUF, PBUFLEN, TAG, CMD, CMDLEN); \ - DO_LOG_A(TAG, DESCRIPTION, CMD, CMDLEN) - -#define TLVSET_u8bufOptional(DESCRIPTION, PBUF, PBUFLEN, TAG, CMD, CMDLEN) \ - tlvSet_u8bufOptional(PBUF, PBUFLEN, TAG, CMD, CMDLEN); \ - DO_LOG_A(TAG, DESCRIPTION, CMD, CMDLEN) - -#define TLVSET_u8bufOptional_ByteShift(DESCRIPTION, PBUF, PBUFLEN, TAG, CMD, CMDLEN) \ - tlvSet_u8bufOptional_ByteShift(PBUF, PBUFLEN, TAG, CMD, CMDLEN); \ - DO_LOG_A(TAG, DESCRIPTION, CMD, CMDLEN) - - -#define TLVSET_u8buf_I2CM(DESCRIPTION, PBUF, PBUFLEN, TAG, CMD, CMDLEN) \ - tlvSet_u8buf_I2CM(PBUF, PBUFLEN, TAG, CMD, CMDLEN); \ - DO_LOG_A(TAG, DESCRIPTION, CMD, CMDLEN) - - -int tlvSet_U8(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint8_t value); -int tlvSet_U16(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint16_t value); -int tlvSet_U16Optional(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint16_t value); -int tlvSet_U32(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint32_t value); -int tlvSet_U64_size(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint64_t value,uint16_t size); -int tlvSet_u8buf(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, const uint8_t *cmd, size_t cmdLen); -int tlvSet_u8bufOptional(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, const uint8_t *cmd, size_t cmdLen); -/* Same as tlvSet_u8bufOptional, but some time, Most Significant Byte needs to be shifted and Plus by 1 */ -int tlvSet_u8bufOptional_ByteShift(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, const uint8_t *cmd, size_t cmdLen); -int tlvSet_Se05xPolicy(const char *description, uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, Se05xPolicy_t *policy); -int tlvSet_KeyID(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint32_t keyID); -int tlvSet_MaxAttemps(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, uint16_t maxAttemps); -int tlvSet_ECCurve(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, SE05x_ECCurve_t value); -int tlvSet_u8buf_features(uint8_t **buf, size_t *bufLen, SE05x_TAG_t tag, pSe05xAppletFeatures_t appletVariant); - -int tlvGet_U8(uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag, uint8_t *pRsp); -int tlvGet_U16(uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag, uint16_t *pRsp); -int tlvGet_U32(uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag, uint32_t *pRsp); - -int tlvGet_u8buf(uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag, uint8_t *rsp, size_t *pRspLen); -int tlvGet_ValueIndex(uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag); -int tlvGet_Se05xSession( - uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag, pSe05xSession_t *pSessionId); -int tlvGet_TimeStamp(uint8_t *buf, size_t *pBufIndex, const size_t bufLen, SE05x_TAG_t tag, SE05x_TimeStamp_t *pTs); - -int tlvSet_u8buf_I2CM(uint8_t **buf, size_t *bufLen, SE05x_I2CM_TAG_t tag, const uint8_t *cmd, size_t cmdLen); - -int tlvGet_SecureObjectType(uint8_t *buf, size_t *pBufIndex, size_t bufLen, SE05x_TAG_t tag, SE05x_SecObjTyp_t *pType); - -int tlvGet_Result(uint8_t *buf, size_t *pBufIndex, size_t bufLen, SE05x_TAG_t tag, SE05x_Result_t *presult); - - - -smStatus_t se05x_Transform(struct Se05xSession *pSession, - const tlvHeader_t *hdr, - uint8_t *cmdApduBuf, - const size_t cmdApduBufLen, - tlvHeader_t *out_hdr, - uint8_t *txBuf, - size_t *ptxBufLen, - uint8_t hasle); - -smStatus_t se05x_Transform_scp(struct Se05xSession *pSession, - const tlvHeader_t *hdr, - uint8_t *cmdApduBuf, - const size_t cmdApduBufLen, - tlvHeader_t *outhdr, - uint8_t *txBuf, - size_t *ptxBufLen, - uint8_t hasle); - -smStatus_t se05x_DeCrypt(struct Se05xSession *pSessionCtx, - size_t cmd_cmacLen, - uint8_t *rsp, - size_t *rspLength, - uint8_t hasle); - -smStatus_t DoAPDUTxRx_s_Case2(Se05xSession_t *pSessionCtx, - const tlvHeader_t *hdr, - uint8_t *cmdBuf, - size_t cmdBufLen, - uint8_t *rspBuf, - size_t *pRspBufLen); - -smStatus_t DoAPDUTx_s_Case3(Se05xSession_t *pSessionCtx, - const tlvHeader_t *hdr, - uint8_t *cmdBuf, - size_t cmdBufLen); - -smStatus_t DoAPDUTxRx_s_Case4(Se05xSession_t *pSessionCtx, - const tlvHeader_t *hdr, - uint8_t *cmdBuf, - size_t cmdBufLen, - uint8_t *rspBuf, - size_t *pRspBufLen); - -smStatus_t DoAPDUTxRx_s_Case4_ext(Se05xSession_t *pSessionCtx, - const tlvHeader_t *hdr, - uint8_t *cmdBuf, - size_t cmdBufLen, - uint8_t *rspBuf, - size_t *pRspBufLen); - -smStatus_t DoAPDUTxRx(Se05xSession_t *pSessionCtx, - uint8_t *cmdBuf, - size_t cmdBufLen, - uint8_t *rspBuf, - size_t *pRspBufLen); - -#if SSS_HAVE_APPLET_SE05X_IOT -smStatus_t Se05x_API_I2CM_Send( - pSe05xSession_t sessionId, const uint8_t *buffer, size_t bufferLen, uint8_t *result, size_t *presultLen); -#endif -#endif // !SE05X_TLV_H_INC diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/sm_const.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/sm_const.h deleted file mode 100644 index 7beb37cfa..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc/sm_const.h +++ /dev/null @@ -1,123 +0,0 @@ -/* -* -* Copyright 2016,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef _A71CH_CONST_H_ -#define _A71CH_CONST_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_A71CH && (!(SSS_HAVE_A71CH_SIM)) -# define APPLET_NAME "a71ch" // 0x61.37.31.63.68 -# define APPLET_NAME_LEN (sizeof(APPLET_NAME) - 1) -# define SE_NAME "A71CH" -#endif -#if SSS_HAVE_LOOPBACK -# define APPLET_NAME \ - { 0xD2, 0x76, 0x00, 0x00, 0x85, 0x54, 0x65, 0x73, \ - 0x74, 0x01, 0x01 } //echo applet -# define APPLET_NAME_LEN (11) -# define SE_NAME "LoopBack" -#endif -#if SSS_HAVE_A71CL -# define APPLET_NAME \ - { 0xA0, 0x00, 0x00, 0x00, 0x41, 0x6C, 0x69, 0x59, \ - 0x75, 0x6E, 0x2E, 0x49, 0x44, 0x32, 0x01}// "Ali Yun" -# define APPLET_NAME_LEN (15) -# define SE_NAME "A71CL" -#endif - -#if SSS_HAVE_SE050_L -# define APPLET_NAME \ -{ 0xA0, 0x00, 0x00, 0x00, 0x41, 0x6C, 0x69, 0x59, \ - 0x75, 0x6E, 0x2E, 0x49, 0x44, 0x32 \ -}// "Ali Yun" - - -# define APPLET_NAME_LEN (14) -# define SE_NAME "SE050_L" -#endif - -#if SSS_HAVE_A71CH_SIM -# define APPLET_NAME \ - {0xa0, 0x00, 0x00, 0x03, 0x96, 0x54, 0x53, 0x00, \ - 0x00, 0x00, 0x01, 0x03, 0x00, 0x00, 0x00, 0x00} -# define APPLET_NAME_LEN (16) -# define SE_NAME "SE050:EAR:CH" -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT -# define APPLET_NAME \ - {0xa0, 0x00, 0x00, 0x03, 0x96, 0x54, 0x53, 0x00, \ - 0x00, 0x00, 0x01, 0x03, 0x00, 0x00, 0x00, 0x00} -# define APPLET_NAME_LEN (16) - -# define SSD_NAME \ - { 0xD2, 0x76, 0x00, 0x00, 0x85, 0x30, 0x4A, 0x43, 0x4F, 0x90, 0x03} -#endif - -#if SSS_HAVE_SE05X_A -# define SE_NAME "SE050:A" -#endif -#if SSS_HAVE_SE05X_B -# define SE_NAME "SE050:B" -#endif -#if SSS_HAVE_SE05X_C -# define SE_NAME "SE050:C" -#endif - -#define A71CH_KEY_PAIR_MAX_A 2 //!< Maximum amount of ECC key pairs that can be stored in A71CH (A device) -#define A71CH_PUBLIC_KEY_MAX_A 2 //!< Maximum amount of ECC public keys that can be stored in A71CH (A device) -#define A71CH_SYM_KEY_MAX_A 4 //!< Maximum amount of Symmetric keys that can be stored in A71CH (A device) -#define A71CH_KEY_PAIR_MAX_B 4 //!< Maximum amount of ECC key pairs that can be stored in A71CH (B device) -#define A71CH_PUBLIC_KEY_MAX_B 3 //!< Maximum amount of ECC public keys that can be stored in A71CH (B device) -#define A71CH_SYM_KEY_MAX_B 8 //!< Maximum amount of Symmetric keys that can be stored in A71CH (A device) -#define A71CH_COUNTER_MAX 2 //!< Maximum amount of monotonic counters that can be stored in A71CH (A&B) - -// We cover two A71CH product variants that differ in the amount of credentials that can be stored. -// These two variants are referred to (in this example source code) as -// - TYPE_A (or simply A) - which is the device with lesser storage -// - TYPE_B (or simply B) - which is the device with more storage -// As the example source code depends on the amount of credentials that can be stored -// the ::A71CH_DEVICE_TYPE define must be used to select between either variant at compile time. -#define A71CH_DEVICE_TYPE_A (0x41) //!< Symbolic constant to represent the Initial A71CH device -#define A71CH_DEVICE_TYPE_B (0x42) //!< Synbolic constant to represent the A71CH device with more storage -#define A71CH_DEVICE_TYPE A71CH_DEVICE_TYPE_B //!< Indicate the credential storage capabilities of the A71CH - - -/** @def A71CH_KEY_PAIR_MAX - * Maximum ECC Key Pairs in the Secure module */ -/** @def A71CH_PUBLIC_KEY_MAX - * Maximum ECC Public Keys in the Secure module */ -/** @def A71CH_SYM_KEY_MAX - * Maximum ECC Symmetric Keys in the Secure module */ -/** @def A71CH_GP_STORAGE_SIZE - * Maximum General Purpose Storage in the Secure module */ - -#if A71CH_DEVICE_TYPE == A71CH_DEVICE_TYPE_A -//!< Effective value used in examples -# define A71CH_KEY_PAIR_MAX A71CH_KEY_PAIR_MAX_A -# define A71CH_PUBLIC_KEY_MAX A71CH_PUBLIC_KEY_MAX_A -# define A71CH_SYM_KEY_MAX A71CH_SYM_KEY_MAX_A -# define A71CH_GP_STORAGE_SIZE A71CH_GP_STORAGE_SIZE_A -#else -# define A71CH_KEY_PAIR_MAX A71CH_KEY_PAIR_MAX_B -# define A71CH_PUBLIC_KEY_MAX A71CH_PUBLIC_KEY_MAX_B -# define A71CH_SYM_KEY_MAX A71CH_SYM_KEY_MAX_B -# define A71CH_GP_STORAGE_SIZE A71CH_GP_STORAGE_SIZE_B -#endif - -#ifdef __cplusplus -} -#endif -#endif //_A71CHCONSTL_H_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/global_platf.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/global_platf.h deleted file mode 100644 index 9e358d425..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/global_platf.h +++ /dev/null @@ -1,28 +0,0 @@ -/* -* -* Copyright 2016,2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef _GLOBAL_PLATF_ -#define _GLOBAL_PLATF_ - -#include "sm_types.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define CLA_ISO7816 (0x00) //!< ISO7816-4 defined CLA byte - -#define INS_GP_INITIALIZE_UPDATE (0x50) //!< Global platform defined instruction -#define INS_GP_EXTERNAL_AUTHENTICATE (0x82) //!< Global platform defined instruction -#define INS_GP_SELECT (0xA4) //!< Global platform defined instruction -#define INS_GP_PUT_KEY (0xD8) //!< Global platform defined instruction - -U16 GP_Select(void *conn_ctx, const U8 *appletName, U16 appletNameLen, U8 *response, U16 *responseLen); -U16 GP_GetCLAppletVersion(U8 *appletVersion, U16 *verionLength); -#ifdef __cplusplus -} -#endif -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_apdu.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_apdu.h deleted file mode 100644 index 47a739a5f..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_apdu.h +++ /dev/null @@ -1,217 +0,0 @@ -/* - * - * Copyright 2016 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @par Description - * This file defines the API of the APDU parser for AX host library. - * @par History - * 1.0 31-mar-2014 : Initial version - * - */ - -#ifndef _SM_APDU_H_ -#define _SM_APDU_H_ - -#include "apduComm.h" -#include "sm_types.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef A71_IGNORE_PARAM_CHECK -#error "Do not remove API parameter check" -#endif - -/* ------------------------------ */ - -#define MAX_APDU_BUF_LENGTH (256 + 1024) // This value has not been optimized for TGT_A71CH (256+64) - -#define MAX_EXT_APDU_BUF_LENGTH (32769) // extended APDU Max supported Len is 0x7FFF + 2 bytes status code - - -#define APDU_HEADER_LENGTH (5) -#define APDU_EXTENDED_HEADER_LENGTH (7) -#define EXT_CASE4_APDU_OVERHEAD (9) -#define SCP03_OVERHEAD (24) // padding (=16) + mac (=8) -#define RSP_APDU_STATUS_OVERHEAD (2) -#define APDU_STD_MAX_DATA (255) - -// -#ifdef TGT_A70CI -#define TAG_SST_IDENTIFIER (0x01) -#define TAG_SST_INDEX (0x02) -#define TAG_ECC_PRIVATE_KEY (0x03) -#define TAG_ECC_PUBLIC_KEY (0x04) -#define TAG_SHARED_SECRET (0x05) -#define TAG_RSA_PRIVATE_KEY_P (0x06) -#define TAG_RSA_PRIVATE_KEY_Q (0x07) -#define TAG_RSA_PRIVATE_KEY_DP (0x08) -#define TAG_RSA_PRIVATE_KEY_DQ (0x09) -#define TAG_RSA_PRIVATE_KEY_IPQ (0x0A) -#define TAG_PUBLIC_KEY (0x0B) -#define TAG_AES_KEY (0x0C) -#define TAG_AUTH_PUBLIC_KEY_ID (0x0D) -#define TAG_CONTEXT (0x0F) -#define TAG_DIRECTION (0x10) -#define TAG_IV (0x11) -#define TAG_INPUT_DATA (0x12) -#define TAG_OUTPUT_DATA (0x13) -#define TAG_AUTHENTICATION_DATA (0x14) -#define TAG_GMAC_DATA (0x15) -#define TAG_GMAC_LENGTH (0x16) -#define TAG_KEYWRAP_ALGO (0x17) -#define TAG_HASH (0x18) -#define TAG_SIGNATURE (0x19) -#define TAG_VERIFICATION (0x1A) -#define TAG_CERTIFICATE (0x1B) -#define TAG_SIZE (0x1C) -#define TAG_SALT (0x1E) -#elif defined(TGT_A70CM) -#define TAG_DLMS_SECURITY_BYTE (0x00) -#define TAG_SST_IDENTIFIER (0x01) -#define TAG_SST_INDEX (0x02) -#define TAG_ECC_PRIVATE_KEY (0x03) -#define TAG_ECC_PUBLIC_KEY (0x04) -#define TAG_SHARED_SECRET (0x05) -#define TAG_RSA_PRIVATE_KEY_P (0x06) -#define TAG_RSA_PRIVATE_KEY_Q (0x07) -#define TAG_RSA_PRIVATE_KEY_DP (0x08) -#define TAG_RSA_PRIVATE_KEY_DQ (0x09) -#define TAG_RSA_PRIVATE_KEY_IPQ (0x0A) -#define TAG_RSA_PUBLIC_KEY_MOD (0x0B) -#define TAG_AES_KEY (0x0C) -#define TAG_WRAPPED_AES_KEY (0x0D) -#define TAG_CONTEXT (0x0E) -#define TAG_DIRECTION (0x0F) -#define TAG_IV (0x10) -#define TAG_INPUT_DATA (0x11) -#define TAG_OUTPUT_DATA (0x12) -#define TAG_AUTHENTICATION_DATA (0x13) -#define TAG_GMAC_DATA (0x14) -#define TAG_GMAC_LENGTH (0x15) -#define TAG_KEYWRAP_ALGO (0x16) -#define TAG_HASH (0x17) -#define TAG_SIGNATURE (0x18) -#define TAG_DLMS_AK_INDEX (0x19) -#define TAG_VERIFICATION (0x1A) -#define TAG_CERTIFICATE (0x1B) -#define TAG_OFFSET (0x1C) -#define TAG_SIZE (0x1D) -#define TAG_SST_WRAPPING_KEY_INDEX (0x1E) -#else // -/// @cond not_relevant_for_A71ch & A71cl -#define TAG_DLMS_SECURITY_BYTE (0x00) -#define TAG_SST_IDENTIFIER (0x01) -#define TAG_SST_INDEX (0x02) -#define TAG_ECC_PRIVATE_KEY (0x03) -#define TAG_ECC_PUBLIC_KEY (0x04) -#define TAG_SHARED_SECRET (0x05) -#define TAG_RSA_PRIVATE_KEY_P (0x06) -#define TAG_RSA_PRIVATE_KEY_Q (0x07) -#define TAG_RSA_PRIVATE_KEY_DP (0x08) -#define TAG_RSA_PRIVATE_KEY_DQ (0x09) -#define TAG_SST_IDENTIFIER2 (0x0A) -#define TAG_SST_INDEX2 (0x0B) -#define TAG_AES_KEY (0x0C) -#define TAG_WRAPPED_AES_KEY (0x0D) -#define TAG_CONTEXT (0x0E) -#define TAG_DIRECTION (0x0F) -#define TAG_IV (0x10) -#define TAG_INPUT_DATA (0x11) -#define TAG_OUTPUT_DATA (0x12) -#define TAG_AUTHENTICATION_DATA (0x13) -#define TAG_GMAC_DATA (0x14) -#define TAG_GMAC_LENGTH (0x15) -#define TAG_KEYWRAP_ALGO (0x16) -#define TAG_HASH (0x17) -#define TAG_SIGNATURE (0x18) -#define TAG_STATE (0x19) -#define TAG_VERIFICATION (0x1A) -#define TAG_CERTIFICATE (0x1B) -#define TAG_OFFSET (0x1C) -#define TAG_SIZE (0x1D) -#define TAG_SST_WRAPPING_KEY_INDEX (0x1E) -#define TAG_INTERFACE (0x1F) -#define TAG_CHUNK_NUMBER (0x23) -#define TAG_SCP_MIN_SEC_LEVEL (0x24) -#define TAG_STATUS_WORD (0x25) -/// @endcond -#endif // TGT_A70CI -// - -/* ------------------------------ */ -#define AX_CLA (0x80) - -// #define SW_WARNING_FILE_DEACTIVATED (0x6283) -// #define SW_WARNING_FILE_TERMINATED (0x6285) - -#define SW_WRONG_LENGTH (0x6700) //!< ISO7816-4 defined status word: Wrong Length of data -#define SW_SECURE_MESSAGING_NOT_SUPPORTED (0x6882) //!< ISO7816-4 defined status word -#define SW_SECURITY_STATUS_NOT_SATISFIED (0x6982) //!< ISO7816-4 defined status word -#define SW_DATA_INVALID (0x6984) //!< ISO7816-4 defined status word -#define SW_CONDITIONS_NOT_SATISFIED (0x6985) //!< ISO7816-4 defined status word: Conditions of use not satisfied, e.g. a command is not allowed, the provided identifier is not applicable or the index is out of range. -#define SW_COMMAND_NOT_ALLOWED (0x6986) //!< ISO7816-4 defined status word -#define SW_WRONG_DATA (0x6A80) //!< ISO7816-4 defined status word: Wrong data, e.g. the command does not have the right parameters or a parameter is not correct (size, structure). -#define SW_FILE_NOT_FOUND (0x6A82) //!< ISO7816-4 defined status word -#define SW_INCORRECT_P1P2 (0x6A86) //!< ISO7816-4 defined status word: Incorrect P1-P2 parameters -#define SW_INS_NOT_SUPPORTED (0x6D00) //!< ISO7816-4 defined status word: INS byte not supported -#define SW_CLA_NOT_SUPPORTED (0x6E00) //!< ISO7816-4 defined status word: CLA byte not supported -#define SW_NO_ERROR (0x9000) //!< ISO7816-4 defined status word - -#define USE_STANDARD_APDU_LEN 0 //!< Create a standard length APDU. -#define USE_EXTENDED_APDU_LEN 1 //!< Create an extended length APDU. -#define SESSION_ID_LEN 4 - -U8 SetApduHeader(apdu_t * pApdu, U8 extendedLength); -U8 AllocateAPDUBuffer(apdu_t * pApdu); -U8 FreeAPDUBuffer(apdu_t * pApdu); -void smApduAdaptLcLe(apdu_t *pApdu, U16 lc, U16 le); -void smApduAdaptLc(apdu_t *pApdu, U16 lc); -void smApduAdaptLe(apdu_t *pApdu, U16 le); -// U16 GetStatusWord(apdu_t *pApdu); -U16 smGetSw(apdu_t *pApdu, U8 *pIsOk); -void set_SessionId_Tlv(U32 sessionId); - - -U16 AddTlvItem(apdu_t * pApdu, U16 tag, U16 dataLength, const U8 *pValue); -U16 ParseResponse(apdu_t * pApdu, U16 expectedTag, U16 * pLen, U8* pValue); -U16 AddStdCmdData(apdu_t * pApdu, U16 dataLen, const U8 *data); - -U16 smApduGetResponseBody(apdu_t *pApdu, U8 *buf, U16 *bufLen); -U16 smApduAppendCmdData(apdu_t * pApdu, const U8 *data, U16 dataLen); -U16 smApduAdaptChkSum(apdu_t *pApdu, U16 chkSum); - -/** - * @brief Check and convert given hex string to array of bytes to buffer. - * - * Memory allocation needs to be done by the caller, boundary checks on the output - * are performed, null-termination is always added. - * @param[in] str: The binary data to convert. - * @param[in] buffer: buffer to which converted array to be copied. - * @param[in] buffer_len: Size of the available buffer for sanity check. - * @param[out] len: The length of the binary data written to buffer. - * @return True if conversion is successful. - */ -bool smApduGetArrayBytes(char *str, size_t *len, uint8_t * buffer, size_t buffer_len); - -/** - * @brief Parse given apdu command and return command data offset and command data length along with case-id as described in ISO/IEC FDIS 7816-3 spec. - * - * @param[in] apdu: Buffer containing APDU command. - * @param[in] apduLen: The length of APDU command. - * @param[out] data_offset: Offset of data field if present. - * @param[out] dataLen: Length of data field (LC field value) if present. - * @param[out] apdu_case: APDU txrx case accoring to 7816 spec. - * @return True if APDU command has valid format. - */ -bool smApduGetTxRxCase(uint8_t *apdu, size_t apduLen, size_t* data_offset, size_t *dataLen, apduTxRx_case_t *apdu_case); - - -#ifdef __cplusplus -} -#endif -#endif //_SM_APDU_H_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_api.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_api.h deleted file mode 100644 index 6fa2de732..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_api.h +++ /dev/null @@ -1,119 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** -* @par Description -* This file is the communication specific Host API of the A70CM/CI and A71CH secure module. -* It also customizes the Generic Ax library for this specific product instance -* @par History -* 1.0 27-march-2014 : Initial version -* 7-may-2017 : Unified version for A70CM, CI and A71CH -* -*****************************************************************************/ -#ifndef _SM_API_ -#define _SM_API_ - -#include "sm_types.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#define AX_HOST_LIB_MAJOR (PLUGANDTRUST_HOSTLIB_VER_MAJOR) //!< Major number A71CH Host Library -#define AX_HOST_LIB_MINOR (PLUGANDTRUST_HOSTLIB_VER_MINOR) //!< Minor (High Nibble)/Patch number (Low Nibble) of A71CH Host Library - -/*! -* @addtogroup sss_sscp_a71ch -* @{ -*/ - -#define SE_CONNECT_TYPE_START 0x000 - -typedef enum -{ - kType_SE_Conn_Type_NONE = 0, - /** Used for A71XX Family */ - kType_SE_Conn_Type_SCII2C = SE_CONNECT_TYPE_START + 2, - /** Used for PC/OSX for virtual COM Port */ - kType_SE_Conn_Type_VCOM = SE_CONNECT_TYPE_START + 3, - /** Used for Legacy JRCP V1 protocol with iMX Linux Proxy */ - kType_SE_Conn_Type_JRCP_V1 = SE_CONNECT_TYPE_START + 4, - /** Used for New JRCP Protocol */ - kType_SE_Conn_Type_JRCP_V2 = SE_CONNECT_TYPE_START + 5, - /** Used for T=1 over I2C for SE050 family */ - kType_SE_Conn_Type_T1oI2C = SE_CONNECT_TYPE_START + 6, - /** Used for Use NFC Interface to talk to SE */ - kType_SE_Conn_Type_NFC = SE_CONNECT_TYPE_START + 7, - /** Used for Use a software layer to talk to SE - * This logicaly allows double encryption of packets - * from same host and allows multi-tenenancy - * - * Channel can be deemed as "Secure Channel" where applicable. - * - * Or it may be a plain "arbiter" to allow plain communication from - * multiple threads on the same application. - */ - kType_SE_Conn_Type_Channel = SE_CONNECT_TYPE_START + 8, - - kType_SE_Conn_Type_PCSC = SE_CONNECT_TYPE_START + 9, - - kType_SE_Conn_Type_LAST, - kType_SE_Conn_Type_SIZE = 0x7FFF -} SSS_Conn_Type_t; - -#define SELECT_APPLET 0 //!< Select predefined applet -#define SELECT_NONE 1 //!< Don't issue a select -#define SELECT_SSD 2 //!< Select SSD - -/** - * Contains the information required to resume a connection with the Security Module. - * Its content is only to be interpreted by the Host Library. - * The semantics of the param1 and param2 fields depends on the link layer. - */ -typedef struct { - U16 connType; - U16 param1; //!< Useage depends on link layer - U16 param2; //!< Useage depends on link layer - U16 hostLibVersion; //!< MSByte contains major version (::AX_HOST_LIB_MAJOR); LSByte contains minor version of HostLib (::AX_HOST_LIB_MINOR) - U32 appletVersion; /*!< MSByte contains major version; - 3 leading bits of LSByte contains minor version of Applet; - Last bit of LSByte encodes whether Applet is in Debug Mode, a '1' means 'Debug Mode' is available */ - U16 sbVersion; //!< Expected to be 0x0000 - U8 select; //!< Applet selection mode -} SmCommState_t; - -/** \name Communication functions - @{ */ -U16 SM_Close(void *conn_ctx, U8 mode); -U16 SM_Connect(void *conn_ctx, SmCommState_t *commState, U8 *atr, U16 *atrLen); -U16 SM_ConnectWithAID(SmCommState_t *commState, U8* appletAID, U16 appletAIDLen, U8 *atr, U16 *atrLen); -U16 SM_RjctConnect(void **conn_ctx, const char *connectString, SmCommState_t *commState, U8 *atr, U16 *atrLen); -U16 SM_RjctConnectWithAID(const char *connectString, SmCommState_t *commState, U8* appletAID, U16 appletAIDLen, U8 *atr, U16 *atrLen); -U16 SM_I2CConnect(void **conn_ctx, SmCommState_t *commState, U8 *atr, U16 *atrLen, const char *pConnString); - -U16 SM_SendAPDU(U8 *cmd, U16 cmdLen, U8 *resp, U16 *respLen); - -#if defined(SMCOM_JRCP_V1_AM) -U16 SM_LockChannel(); -U16 SM_UnlockChannel(); -#endif - -#if defined(SMCOM_JRCP_V1_AM) -#define SM_LOCK_CHANNEL() SM_LockChannel() -#define SM_UNLOCK_CHANNEL() SM_UnlockChannel() -#else -#define SM_LOCK_CHANNEL() -#define SM_UNLOCK_CHANNEL() -#endif - -/** @}*/ - -#ifdef __cplusplus -} -#endif -#endif //_SM_API_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_errors.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_errors.h deleted file mode 100644 index b5ba47077..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_errors.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * - * Copyright 2016 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * - * @par Description - * This file provides an interface to generic APDU response evaluation. - * @par History - * 1.0 20-feb-2012 : Initial version - * - */ - -#ifndef _SM_ERRORS_ -#define _SM_ERRORS_ - -#include "apduComm.h" - -#ifdef __cplusplus -extern "C" { -#endif - -U16 CheckNoResponseData(apdu_t * pApdu); -U16 CheckNoResponseDataRaw(U8 *rawResponse, U16 rawResponseLen); - -#ifdef __cplusplus -} -#endif -#endif //_SM_ERRORS_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_types.h deleted file mode 100644 index 56220f1b0..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra/sm_types.h +++ /dev/null @@ -1,163 +0,0 @@ -/* - * - * Copyright 2016-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @par Description - * This file defines A7-series specific types - * @par History - * 1.0 20-feb-2012 : Initial version - * - */ - -#ifndef _SM_TYPES_H_ -#define _SM_TYPES_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(__GNUC__) || defined(__arm__) || defined(__ICCARM__) -#include -#include -#include -#endif /* __GNUC__ || __arm__ || iccarm */ - -#if defined(__ICCARM__) -#include "stddef.h" -#endif /* __ICCARM__ */ - -#if defined(_MSC_VER) && _MSC_VER >= 1600 -#include -#if _MSC_VER >= 1800 -#include -#endif -#endif /* _MSC_VER */ - -typedef uint8_t U8; -typedef uint16_t U16; -typedef uint32_t U32; - -typedef int8_t S8; -typedef int16_t S16; -typedef int32_t S32; - -#if !defined(__cplusplus) && !defined(__GNUC__) && !defined(__arm__) && !defined(__ICCARM__) -#ifdef _MSC_VER -#if _MSC_VER < 1600 -typedef unsigned char bool; // C++ and GCC has bool. -#define false(0) -#define true(1) -#endif //_MSC_VER < 1600 -#else // _MSC_VER -typedef unsigned char bool; // C++ and GCC has bool. -#endif -#endif /* bool */ - -#ifndef FALSE -#define FALSE false -#endif - -#ifndef TRUE -#define TRUE true -#endif - -/** @define AX_EMBEDDED Plaform is embedded like Kinetis / LPC / i.MX RT / Freedom Series */ -#if defined(FREEDOM) || defined(IMX_RT) || defined(CPU_LPC54018) || defined(LPC_55x) || defined(QN9090DK6) -#define AX_EMBEDDED 1 -#elif defined(AX_EMBEDDED) -/* OK */ -#else -#define AX_EMBEDDED 0 -#endif - -/** - * Identification of ECC curve. Not all turnkey solutions cover all these ECC curves. - */ -typedef enum -{ - ECCCurve_NIST_P192 = 0x01, - ECCCurve_NIST_P224 = 0x02, - ECCCurve_NIST_P256 = 0x03, /**< NIST Curve with 256 bits */ - ECCCurve_BrainPoolP192r1 = 0x04, - ECCCurve_BrainPoolP224r1 = 0x05, - ECCCurve_BrainPoolP256r1 = 0x06 -} ECCCurve_t; - -/** - * Identification of hash algorithm - */ -typedef enum -{ - HASHAlgo_SHA1 = 0x01, - HASHAlgo_SHA256 = 0x02 -} HASHAlgo_t; - -typedef U16 SM_Error_t; - -#define AX_UNUSED_ARG(x) (void)(x) - -// The following defines are visible at the smCom layer -// Because they are also used in the platform specific implementation -// layer, they have ended up in this include file. -// They do not belong here from a structural point of view. -#define SMCOM_CLOSE_MODE_STD 0x00 -#define SMCOM_CLOSE_MODE_TERMINATE 0x01 - -// The following is a set of predefined return values. - -/* Don't use -// Protocol error codes -#define BAD_SEQ_NUMBER 0x8000 -#define UNAUTH_CLIENT 0x8001 -#define SEND_ERROR 0x8002 -#define UNKNOW_ORDER 0x8003 -*/ - -/* ------------------------------ */ -// Error/status word -#define SW_OK (0x9000) //!< Operation successfull - -#define ERR_CONNECT_LINK_FAILED (0x7001) -#define ERR_CONNECT_SELECT_FAILED (0x7002) -#define ERR_COMM_ERROR (0x7003) //!< Generic communication error -#define ERR_NO_VALID_IP_PORT_PATTERN (0x8000) -#define ERR_COM_ALREADY_OPEN (0x7016) //!< Communication link is already open with device - -/* Range 0x701x is reserved for Error codes defined in smCom.h */ -// #define SMCOM_SND_FAILED 0x7010 -// #define SMCOM_RCV_FAILED 0x7011 - -#define ERR_MEMORY (0x7020) //!< Memory allocation error -#define ERR_GENERAL_ERROR (0x7021) //!< Non-specific error code -#define ERR_WRONG_RESPONSE (0x7022) //!< Semantic error discovered while parsing APDU response -#define ERR_API_ERROR (0x7023) //!< Illegal parameter value passed to API -#define ERR_TLV_MISSING (0x7024) //!< Specific TAG is missing from APDU response -#define ERR_HASH_COMPARE_FAILS (0x7025) -#define ERR_BUF_TOO_SMALL (0x7026) //!< Buffer provided is too small -#define ERR_CRYPTO_ENGINE_FAILED \ - (0x7027) //!< The crypto engine (implemented underneath a crypto abstraction layer) failed to provide a crypto service. -#define ERR_PATTERN_COMPARE_FAILED (0x7028) -#define ERR_NOT_IMPLEMENTED (0x7029) -#define ERR_FILE_SYSTEM (0x7030) -#define ERR_NO_PRIVATE_KEY (0x7031) -#define ERR_IDENT_IDX_RANGE (0x7032) //!< Identifier or Index of Reference Key is out of bounds -#define ERR_CRC_CHKSUM_VERIFY (0x7033) //!< CRC checksum verify error -#define ERR_INTERNAL_BUF_TOO_SMALL (0x7034) //!< In A71CH PSP 1.6 this had value 0x7033. Code was already taken by A71CL - -#define SCP_OK (SW_OK) -#define SCP_UNDEFINED_CHANNEL_ID (0x7041) //!< Undefined SCP channel identifier -#define SCP_FAIL (0x7042) -#define SCP_CARD_CRYPTOGRAM_FAILS_TO_VERIFY (0x7043) -#define SCP_PARAMETER_ERROR (0x7044) - -#define SCP_RSP_MAC_FAIL (0x7050) //!< MAC on APDU response is not correct -#define SCP_DECODE_FAIL (0x7051) //!< Encrypted Response did not decode to correctly padded plaintext - -#ifdef __cplusplus -} -#endif - -#endif // _SM_TYPES_H_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog.h deleted file mode 100644 index a520a5704..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog.h +++ /dev/null @@ -1,107 +0,0 @@ -/* -* -* Copyright 2018 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef NX_LOG_H -#define NX_LOG_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * - * Overview - * ========================================== - * - * These set of files help control logging levels in - * the applicaiton. - * - * The overall idea is to - * - Control logging at mutiple levels - * - Fine gain control of logging - * - Easy for the devleoper to add log messages - * - Easy for the devleoper to add/remove log components - * - Focus on embedded systems - * - * - * Control logging at mutiple levels - * ========================================== - * - * Each component can log one of the following levels. - * DEBUG - For the developer. Too much verbsity. - * INFO - General Information. Easy for end user to keep track what is happening. - * WARN - Some error occured, but can be handled - * ERROR - Some erro roccured, but no nice way to handle - * - * For each level, the logging APIs, LOG_D, LOG_I, LOG_W, LOG_E are available. - * - * - * Fine gain control of logging - * ========================================== - * - * Each component get's its own logging file. - * e.g. nxLog_SSS.h for SSS Layer, nxLog_UseCase.h for use cases. - * SSS Layer and UseCase layer's source files include these individual files - * and with that they can control logging level. - * - * Common `nxLog_Config.h` can control the logging levels, - * or individual source files can control their logging levels. - * - * Easy for the devleoper to add log messages - * ========================================== - * - * Within the source code, only include the file for the given component, e.g. `nxLog_SSS.h`. - * And only call LOG_D, LOG_E, etc. within that file. - * - * - * Easy for the devleoper to add/remove log components - * =========================================================================== - * - * When not required, the files like `nxLog_SSS.h` can be deleted. And when needed - * the script nxLog_Gen.py can be run: - * - * python nxLog_Gen.py - * - * - * Focus on embedded systems - * =========================================================================== - * - * Do not take loging level information at run time, but at compile time. - * This enables to reduce the code size. - * - * - **/ - -#include -#include - -#define NX_LEVEL_DEBUG 4 -#define NX_LEVEL_INFO 3 -#define NX_LEVEL_WARN 2 -#define NX_LEVEL_ERROR 1 - -#define NX_LOG_D -#define NX_LOG_I -#define NX_LOG_W -#define NX_LOG_E - -/* - * Initialised the multithreading locks if running on Native or FreeRtos. - * If running on system where mutex or semaphore is not available, return - * success without doing anything. - */ -uint8_t nLog_Init(); -void nLog_DeInit(); - -void nLog(const char *comp, int level, const char *format, ...); - -void nLog_au8(const char *comp, int level, const char *message, const unsigned char *array, size_t array_len); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_App.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_App.h deleted file mode 100644 index c2ad1f90b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_App.h +++ /dev/null @@ -1,183 +0,0 @@ -/* -* -* Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_APP_H -#define NX_LOG_APP_H - -#include - -/* ############################################################ */ -/* ## AUTO Generated ########################################## */ -/* ############################################################ */ - -/* Default configuration file */ -#include - -/* clang-format off */ - -/* Check if we are double defining these macros */ -#if defined(LOG_D) || defined(LOG_I) || defined(LOG_W) || defined(LOG_E) -/* This should not happen. The only reason this could happn is double inclusion of different log files. */ -# error "LOG_ macro already defined" -#endif /* LOG_E */ - -/* Enable/Set log levels for 'App' - start */ -/* If source file, or nxLog_Config.h has not set it, set these defines - * - * Do not #undef these values, rather set to 0/1. This way we can - * jump to definition and avoid plain-old-text-search to jump to - * undef. */ - -#ifndef NX_LOG_ENABLE_APP_DEBUG -# define NX_LOG_ENABLE_APP_DEBUG (NX_LOG_ENABLE_DEFAULT_DEBUG) -#endif -#ifndef NX_LOG_ENABLE_APP_INFO -# define NX_LOG_ENABLE_APP_INFO (NX_LOG_ENABLE_APP_DEBUG + NX_LOG_ENABLE_DEFAULT_INFO) -#endif -#ifndef NX_LOG_ENABLE_APP_WARN -# define NX_LOG_ENABLE_APP_WARN (NX_LOG_ENABLE_APP_INFO + NX_LOG_ENABLE_DEFAULT_WARN) -#endif -#ifndef NX_LOG_ENABLE_APP_ERROR -# define NX_LOG_ENABLE_APP_ERROR (NX_LOG_ENABLE_APP_WARN + NX_LOG_ENABLE_DEFAULT_ERROR) -#endif - -/* Enable/Set log levels for 'App' - end */ - -#if NX_LOG_ENABLE_APP_DEBUG -# define LOG_DEBUG_ENABLED 1 -# define LOG_D(format, ...) \ - nLog("App", NX_LEVEL_DEBUG, format, ##__VA_ARGS__) -# define LOG_X8_D(VALUE) \ - nLog("App", NX_LEVEL_DEBUG, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_D(VALUE) \ - nLog("App", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X16_D(VALUE) \ - nLog("App", NX_LEVEL_DEBUG, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_D(VALUE) \ - nLog("App", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X32_D(VALUE) \ - nLog("App", NX_LEVEL_DEBUG, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_D(VALUE) \ - nLog("App", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_D(ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_DEBUG, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_DEBUG, MESSAGE, ARRAY, LEN) -#else -# define LOG_DEBUG_ENABLED 0 -# define LOG_D(...) -# define LOG_X8_D(VALUE) -# define LOG_U8_D(VALUE) -# define LOG_X16_D(VALUE) -# define LOG_U16_D(VALUE) -# define LOG_X32_D(VALUE) -# define LOG_U32_D(VALUE) -# define LOG_AU8_D(ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_APP_INFO -# define LOG_INFO_ENABLED 1 -# define LOG_I(format, ...) \ - nLog("App", NX_LEVEL_INFO, format, ##__VA_ARGS__) -# define LOG_X8_I(VALUE) \ - nLog("App", NX_LEVEL_INFO, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_I(VALUE) \ - nLog("App", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X16_I(VALUE) \ - nLog("App", NX_LEVEL_INFO, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_I(VALUE) \ - nLog("App", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X32_I(VALUE) \ - nLog("App", NX_LEVEL_INFO, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_I(VALUE) \ - nLog("App", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_I(ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_INFO, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_INFO, MESSAGE, ARRAY, LEN) -#else -# define LOG_INFO_ENABLED 0 -# define LOG_I(...) -# define LOG_X8_I(VALUE) -# define LOG_U8_I(VALUE) -# define LOG_X16_I(VALUE) -# define LOG_U16_I(VALUE) -# define LOG_X32_I(VALUE) -# define LOG_U32_I(VALUE) -# define LOG_AU8_I(ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_APP_WARN -# define LOG_WARN_ENABLED 1 -# define LOG_W(format, ...) \ - nLog("App", NX_LEVEL_WARN, format, ##__VA_ARGS__) -# define LOG_X8_W(VALUE) \ - nLog("App", NX_LEVEL_WARN, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_W(VALUE) \ - nLog("App", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X16_W(VALUE) \ - nLog("App", NX_LEVEL_WARN, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_W(VALUE) \ - nLog("App", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X32_W(VALUE) \ - nLog("App", NX_LEVEL_WARN, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_W(VALUE) \ - nLog("App", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_W(ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_WARN, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_WARN, MESSAGE, ARRAY, LEN) -#else -# define LOG_WARN_ENABLED 0 -# define LOG_W(...) -# define LOG_X8_W(VALUE) -# define LOG_U8_W(VALUE) -# define LOG_X16_W(VALUE) -# define LOG_U16_W(VALUE) -# define LOG_X32_W(VALUE) -# define LOG_U32_W(VALUE) -# define LOG_AU8_W(ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_APP_ERROR -# define LOG_ERROR_ENABLED 1 -# define LOG_E(format, ...) \ - nLog("App", NX_LEVEL_ERROR, format, ##__VA_ARGS__) -# define LOG_X8_E(VALUE) \ - nLog("App", NX_LEVEL_ERROR, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_E(VALUE) \ - nLog("App", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X16_E(VALUE) \ - nLog("App", NX_LEVEL_ERROR, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_E(VALUE) \ - nLog("App", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X32_E(VALUE) \ - nLog("App", NX_LEVEL_ERROR, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_E(VALUE) \ - nLog("App", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_E(ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_ERROR, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY,LEN) \ - nLog_au8("App", NX_LEVEL_ERROR, MESSAGE, ARRAY, LEN) -#else -# define LOG_ERROR_ENABLED 0 -# define LOG_E(...) -# define LOG_X8_E(VALUE) -# define LOG_U8_E(VALUE) -# define LOG_X16_E(VALUE) -# define LOG_U16_E(VALUE) -# define LOG_X32_E(VALUE) -# define LOG_U32_E(VALUE) -# define LOG_AU8_E(ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY, LEN) -#endif - -/* clang-format on */ - -#endif /* NX_LOG_APP_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_DefaultConfig.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_DefaultConfig.h deleted file mode 100644 index 1b0cee9de..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_DefaultConfig.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * - * Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_DEFAULT_CONFIG_H -#define NX_LOG_DEFAULT_CONFIG_H - -/* See Plug & Trust Middleware Docuemntation --> stack --> Logging - for more information */ - -/* - * - 1 => Enable Debug level logging - for all. - * - 0 => Disable Debug level logging. This has to be - * enabled individually by other logging - * header/source files */ -#define NX_LOG_ENABLE_DEFAULT_DEBUG 1 - -/* Same as NX_LOG_ENABLE_DEFAULT_DEBUG but for Info Level */ -#define NX_LOG_ENABLE_DEFAULT_INFO 1 - -/* Same as NX_LOG_ENABLE_DEFAULT_DEBUG but for Warn Level */ -#define NX_LOG_ENABLE_DEFAULT_WARN 1 - -/* Same as NX_LOG_ENABLE_DEFAULT_DEBUG but for Error Level. - * Ideally, this shoudl alwasy be kept enabled */ -#define NX_LOG_ENABLE_DEFAULT_ERROR 1 - - -/* Release - retail build */ -#ifdef FLOW_SILENT -#undef NX_LOG_ENABLE_DEFAULT_DEBUG -#undef NX_LOG_ENABLE_DEFAULT_INFO -#undef NX_LOG_ENABLE_DEFAULT_WARN -#undef NX_LOG_ENABLE_DEFAULT_ERROR - -#define NX_LOG_ENABLE_DEFAULT_DEBUG 0 -#define NX_LOG_ENABLE_DEFAULT_INFO 0 -#define NX_LOG_ENABLE_DEFAULT_WARN 0 -#define NX_LOG_ENABLE_DEFAULT_ERROR 0 -#endif - -#endif /* NX_LOG_DEFAULT_CONFIG_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_hostLib.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_hostLib.h deleted file mode 100644 index 65e68a3b9..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_hostLib.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * - * Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_HOSTLIB_H -#define NX_LOG_HOSTLIB_H - -#include - -/* ############################################################ */ -/* ## AUTO Generated ########################################## */ -/* ############################################################ */ - -/* Default configuration file */ -#include - -/* clang-format off */ - -/* Check if we are double defining these macros */ -#if defined(LOG_D) || defined(LOG_I) || defined(LOG_W) || defined(LOG_E) -/* This should not happen. The only reason this could happn is double inclusion of different log files. */ -# error "LOG_ macro already defined" -#endif /* LOG_E */ - -/* Enable/Set log levels for 'hostLib' - start */ -/* If source file, or nxLog_Config.h has not set it, set these defines - * - * Do not #undef these values, rather set to 0/1. This way we can - * jump to definition and avoid plain-old-text-search to jump to - * undef. */ - -#ifndef NX_LOG_ENABLE_HOSTLIB_DEBUG -# define NX_LOG_ENABLE_HOSTLIB_DEBUG (NX_LOG_ENABLE_DEFAULT_DEBUG) -#endif -#ifndef NX_LOG_ENABLE_HOSTLIB_INFO -# define NX_LOG_ENABLE_HOSTLIB_INFO (NX_LOG_ENABLE_HOSTLIB_DEBUG + NX_LOG_ENABLE_DEFAULT_INFO) -#endif -#ifndef NX_LOG_ENABLE_HOSTLIB_WARN -# define NX_LOG_ENABLE_HOSTLIB_WARN (NX_LOG_ENABLE_HOSTLIB_INFO + NX_LOG_ENABLE_DEFAULT_WARN) -#endif -#ifndef NX_LOG_ENABLE_HOSTLIB_ERROR -# define NX_LOG_ENABLE_HOSTLIB_ERROR (NX_LOG_ENABLE_HOSTLIB_WARN + NX_LOG_ENABLE_DEFAULT_ERROR) -#endif - -/* Enable/Set log levels for 'hostLib' - end */ - -#if NX_LOG_ENABLE_HOSTLIB_DEBUG -# define LOG_DEBUG_ENABLED 1 -# define LOG_D(format, ...) \ - nLog("hostLib", NX_LEVEL_DEBUG, format, ##__VA_ARGS__) -# define LOG_X8_D(VALUE) \ - nLog("hostLib", NX_LEVEL_DEBUG, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_D(VALUE) \ - nLog("hostLib", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X16_D(VALUE) \ - nLog("hostLib", NX_LEVEL_DEBUG, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_D(VALUE) \ - nLog("hostLib", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X32_D(VALUE) \ - nLog("hostLib", NX_LEVEL_DEBUG, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_D(VALUE) \ - nLog("hostLib", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_D(ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_DEBUG, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_DEBUG, MESSAGE, ARRAY, LEN) -#else -# define LOG_DEBUG_ENABLED 0 -# define LOG_D(...) -# define LOG_X8_D(VALUE) -# define LOG_U8_D(VALUE) -# define LOG_X16_D(VALUE) -# define LOG_U16_D(VALUE) -# define LOG_X32_D(VALUE) -# define LOG_U32_D(VALUE) -# define LOG_AU8_D(ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_HOSTLIB_INFO -# define LOG_INFO_ENABLED 1 -# define LOG_I(format, ...) \ - nLog("hostLib", NX_LEVEL_INFO, format, ##__VA_ARGS__) -# define LOG_X8_I(VALUE) \ - nLog("hostLib", NX_LEVEL_INFO, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_I(VALUE) \ - nLog("hostLib", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X16_I(VALUE) \ - nLog("hostLib", NX_LEVEL_INFO, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_I(VALUE) \ - nLog("hostLib", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X32_I(VALUE) \ - nLog("hostLib", NX_LEVEL_INFO, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_I(VALUE) \ - nLog("hostLib", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_I(ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_INFO, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_INFO, MESSAGE, ARRAY, LEN) -#else -# define LOG_INFO_ENABLED 0 -# define LOG_I(...) -# define LOG_X8_I(VALUE) -# define LOG_U8_I(VALUE) -# define LOG_X16_I(VALUE) -# define LOG_U16_I(VALUE) -# define LOG_X32_I(VALUE) -# define LOG_U32_I(VALUE) -# define LOG_AU8_I(ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_HOSTLIB_WARN -# define LOG_WARN_ENABLED 1 -# define LOG_W(format, ...) \ - nLog("hostLib", NX_LEVEL_WARN, format, ##__VA_ARGS__) -# define LOG_X8_W(VALUE) \ - nLog("hostLib", NX_LEVEL_WARN, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_W(VALUE) \ - nLog("hostLib", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X16_W(VALUE) \ - nLog("hostLib", NX_LEVEL_WARN, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_W(VALUE) \ - nLog("hostLib", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X32_W(VALUE) \ - nLog("hostLib", NX_LEVEL_WARN, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_W(VALUE) \ - nLog("hostLib", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_W(ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_WARN, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_WARN, MESSAGE, ARRAY, LEN) -#else -# define LOG_WARN_ENABLED 0 -# define LOG_W(...) -# define LOG_X8_W(VALUE) -# define LOG_U8_W(VALUE) -# define LOG_X16_W(VALUE) -# define LOG_U16_W(VALUE) -# define LOG_X32_W(VALUE) -# define LOG_U32_W(VALUE) -# define LOG_AU8_W(ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_HOSTLIB_ERROR -# define LOG_ERROR_ENABLED 1 -# define LOG_E(format, ...) \ - nLog("hostLib", NX_LEVEL_ERROR, format, ##__VA_ARGS__) -# define LOG_X8_E(VALUE) \ - nLog("hostLib", NX_LEVEL_ERROR, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_E(VALUE) \ - nLog("hostLib", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X16_E(VALUE) \ - nLog("hostLib", NX_LEVEL_ERROR, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_E(VALUE) \ - nLog("hostLib", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X32_E(VALUE) \ - nLog("hostLib", NX_LEVEL_ERROR, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_E(VALUE) \ - nLog("hostLib", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_E(ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_ERROR, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY,LEN) \ - nLog_au8("hostLib", NX_LEVEL_ERROR, MESSAGE, ARRAY, LEN) -#else -# define LOG_ERROR_ENABLED 0 -# define LOG_E(...) -# define LOG_X8_E(VALUE) -# define LOG_U8_E(VALUE) -# define LOG_X16_E(VALUE) -# define LOG_U16_E(VALUE) -# define LOG_X32_E(VALUE) -# define LOG_U32_E(VALUE) -# define LOG_AU8_E(ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY, LEN) -#endif - -/* clang-format on */ - -#endif /* NX_LOG_HOSTLIB_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_mbedtls.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_mbedtls.h deleted file mode 100644 index cd866fc9c..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_mbedtls.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * - * Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_MBEDTLS_H -#define NX_LOG_MBEDTLS_H - -#include - -/* ############################################################ */ -/* ## AUTO Generated ########################################## */ -/* ############################################################ */ - -/* Default configuration file */ -#include - -/* clang-format off */ - -/* Check if we are double defining these macros */ -#if defined(LOG_D) || defined(LOG_I) || defined(LOG_W) || defined(LOG_E) -/* This should not happen. The only reason this could happn is double inclusion of different log files. */ -# error "LOG_ macro already defined" -#endif /* LOG_E */ - -/* Enable/Set log levels for 'mbedtls' - start */ -/* If source file, or nxLog_Config.h has not set it, set these defines - * - * Do not #undef these values, rather set to 0/1. This way we can - * jump to definition and avoid plain-old-text-search to jump to - * undef. */ - -#ifndef NX_LOG_ENABLE_MBEDTLS_DEBUG -# define NX_LOG_ENABLE_MBEDTLS_DEBUG (NX_LOG_ENABLE_SSS_DEBUG) -#endif -#ifndef NX_LOG_ENABLE_MBEDTLS_INFO -# define NX_LOG_ENABLE_MBEDTLS_INFO (NX_LOG_ENABLE_MBEDTLS_DEBUG + NX_LOG_ENABLE_SSS_INFO) -#endif -#ifndef NX_LOG_ENABLE_MBEDTLS_WARN -# define NX_LOG_ENABLE_MBEDTLS_WARN (NX_LOG_ENABLE_MBEDTLS_INFO + NX_LOG_ENABLE_SSS_WARN) -#endif -#ifndef NX_LOG_ENABLE_MBEDTLS_ERROR -# define NX_LOG_ENABLE_MBEDTLS_ERROR (NX_LOG_ENABLE_MBEDTLS_WARN + NX_LOG_ENABLE_SSS_ERROR) -#endif - -/* Enable/Set log levels for 'mbedtls' - end */ - -#if NX_LOG_ENABLE_MBEDTLS_DEBUG -# define LOG_DEBUG_ENABLED 1 -# define LOG_D(format, ...) \ - nLog("mbedtls", NX_LEVEL_DEBUG, format, ##__VA_ARGS__) -# define LOG_X8_D(VALUE) \ - nLog("mbedtls", NX_LEVEL_DEBUG, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_D(VALUE) \ - nLog("mbedtls", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X16_D(VALUE) \ - nLog("mbedtls", NX_LEVEL_DEBUG, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_D(VALUE) \ - nLog("mbedtls", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X32_D(VALUE) \ - nLog("mbedtls", NX_LEVEL_DEBUG, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_D(VALUE) \ - nLog("mbedtls", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_D(ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_DEBUG, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_DEBUG, MESSAGE, ARRAY, LEN) -#else -# define LOG_DEBUG_ENABLED 0 -# define LOG_D(...) -# define LOG_X8_D(VALUE) -# define LOG_U8_D(VALUE) -# define LOG_X16_D(VALUE) -# define LOG_U16_D(VALUE) -# define LOG_X32_D(VALUE) -# define LOG_U32_D(VALUE) -# define LOG_AU8_D(ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_MBEDTLS_INFO -# define LOG_INFO_ENABLED 1 -# define LOG_I(format, ...) \ - nLog("mbedtls", NX_LEVEL_INFO, format, ##__VA_ARGS__) -# define LOG_X8_I(VALUE) \ - nLog("mbedtls", NX_LEVEL_INFO, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_I(VALUE) \ - nLog("mbedtls", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X16_I(VALUE) \ - nLog("mbedtls", NX_LEVEL_INFO, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_I(VALUE) \ - nLog("mbedtls", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X32_I(VALUE) \ - nLog("mbedtls", NX_LEVEL_INFO, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_I(VALUE) \ - nLog("mbedtls", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_I(ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_INFO, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_INFO, MESSAGE, ARRAY, LEN) -#else -# define LOG_INFO_ENABLED 0 -# define LOG_I(...) -# define LOG_X8_I(VALUE) -# define LOG_U8_I(VALUE) -# define LOG_X16_I(VALUE) -# define LOG_U16_I(VALUE) -# define LOG_X32_I(VALUE) -# define LOG_U32_I(VALUE) -# define LOG_AU8_I(ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_MBEDTLS_WARN -# define LOG_WARN_ENABLED 1 -# define LOG_W(format, ...) \ - nLog("mbedtls", NX_LEVEL_WARN, format, ##__VA_ARGS__) -# define LOG_X8_W(VALUE) \ - nLog("mbedtls", NX_LEVEL_WARN, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_W(VALUE) \ - nLog("mbedtls", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X16_W(VALUE) \ - nLog("mbedtls", NX_LEVEL_WARN, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_W(VALUE) \ - nLog("mbedtls", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X32_W(VALUE) \ - nLog("mbedtls", NX_LEVEL_WARN, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_W(VALUE) \ - nLog("mbedtls", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_W(ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_WARN, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_WARN, MESSAGE, ARRAY, LEN) -#else -# define LOG_WARN_ENABLED 0 -# define LOG_W(...) -# define LOG_X8_W(VALUE) -# define LOG_U8_W(VALUE) -# define LOG_X16_W(VALUE) -# define LOG_U16_W(VALUE) -# define LOG_X32_W(VALUE) -# define LOG_U32_W(VALUE) -# define LOG_AU8_W(ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_MBEDTLS_ERROR -# define LOG_ERROR_ENABLED 1 -# define LOG_E(format, ...) \ - nLog("mbedtls", NX_LEVEL_ERROR, format, ##__VA_ARGS__) -# define LOG_X8_E(VALUE) \ - nLog("mbedtls", NX_LEVEL_ERROR, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_E(VALUE) \ - nLog("mbedtls", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X16_E(VALUE) \ - nLog("mbedtls", NX_LEVEL_ERROR, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_E(VALUE) \ - nLog("mbedtls", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X32_E(VALUE) \ - nLog("mbedtls", NX_LEVEL_ERROR, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_E(VALUE) \ - nLog("mbedtls", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_E(ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_ERROR, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY,LEN) \ - nLog_au8("mbedtls", NX_LEVEL_ERROR, MESSAGE, ARRAY, LEN) -#else -# define LOG_ERROR_ENABLED 0 -# define LOG_E(...) -# define LOG_X8_E(VALUE) -# define LOG_U8_E(VALUE) -# define LOG_X16_E(VALUE) -# define LOG_U16_E(VALUE) -# define LOG_X32_E(VALUE) -# define LOG_U32_E(VALUE) -# define LOG_AU8_E(ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY, LEN) -#endif - -/* clang-format on */ - -#endif /* NX_LOG_MBEDTLS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_scp.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_scp.h deleted file mode 100644 index c8bc4f2ad..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_scp.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * - * Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_SCP_H -#define NX_LOG_SCP_H - -#include - -/* ############################################################ */ -/* ## AUTO Generated ########################################## */ -/* ############################################################ */ - -/* Default configuration file */ -#include - -/* clang-format off */ - -/* Check if we are double defining these macros */ -#if defined(LOG_D) || defined(LOG_I) || defined(LOG_W) || defined(LOG_E) -/* This should not happen. The only reason this could happn is double inclusion of different log files. */ -# error "LOG_ macro already defined" -#endif /* LOG_E */ - -/* Enable/Set log levels for 'scp' - start */ -/* If source file, or nxLog_Config.h has not set it, set these defines - * - * Do not #undef these values, rather set to 0/1. This way we can - * jump to definition and avoid plain-old-text-search to jump to - * undef. */ - -#ifndef NX_LOG_ENABLE_SCP_DEBUG -# define NX_LOG_ENABLE_SCP_DEBUG (NX_LOG_ENABLE_DEFAULT_DEBUG) -#endif -#ifndef NX_LOG_ENABLE_SCP_INFO -# define NX_LOG_ENABLE_SCP_INFO (NX_LOG_ENABLE_SCP_DEBUG + NX_LOG_ENABLE_DEFAULT_INFO) -#endif -#ifndef NX_LOG_ENABLE_SCP_WARN -# define NX_LOG_ENABLE_SCP_WARN (NX_LOG_ENABLE_SCP_INFO + NX_LOG_ENABLE_DEFAULT_WARN) -#endif -#ifndef NX_LOG_ENABLE_SCP_ERROR -# define NX_LOG_ENABLE_SCP_ERROR (NX_LOG_ENABLE_SCP_WARN + NX_LOG_ENABLE_DEFAULT_ERROR) -#endif - -/* Enable/Set log levels for 'scp' - end */ - -#if NX_LOG_ENABLE_SCP_DEBUG -# define LOG_DEBUG_ENABLED 1 -# define LOG_D(format, ...) \ - nLog("scp", NX_LEVEL_DEBUG, format, ##__VA_ARGS__) -# define LOG_X8_D(VALUE) \ - nLog("scp", NX_LEVEL_DEBUG, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_D(VALUE) \ - nLog("scp", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X16_D(VALUE) \ - nLog("scp", NX_LEVEL_DEBUG, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_D(VALUE) \ - nLog("scp", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X32_D(VALUE) \ - nLog("scp", NX_LEVEL_DEBUG, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_D(VALUE) \ - nLog("scp", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_D(ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_DEBUG, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_DEBUG, MESSAGE, ARRAY, LEN) -#else -# define LOG_DEBUG_ENABLED 0 -# define LOG_D(...) -# define LOG_X8_D(VALUE) -# define LOG_U8_D(VALUE) -# define LOG_X16_D(VALUE) -# define LOG_U16_D(VALUE) -# define LOG_X32_D(VALUE) -# define LOG_U32_D(VALUE) -# define LOG_AU8_D(ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SCP_INFO -# define LOG_INFO_ENABLED 1 -# define LOG_I(format, ...) \ - nLog("scp", NX_LEVEL_INFO, format, ##__VA_ARGS__) -# define LOG_X8_I(VALUE) \ - nLog("scp", NX_LEVEL_INFO, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_I(VALUE) \ - nLog("scp", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X16_I(VALUE) \ - nLog("scp", NX_LEVEL_INFO, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_I(VALUE) \ - nLog("scp", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X32_I(VALUE) \ - nLog("scp", NX_LEVEL_INFO, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_I(VALUE) \ - nLog("scp", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_I(ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_INFO, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_INFO, MESSAGE, ARRAY, LEN) -#else -# define LOG_INFO_ENABLED 0 -# define LOG_I(...) -# define LOG_X8_I(VALUE) -# define LOG_U8_I(VALUE) -# define LOG_X16_I(VALUE) -# define LOG_U16_I(VALUE) -# define LOG_X32_I(VALUE) -# define LOG_U32_I(VALUE) -# define LOG_AU8_I(ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SCP_WARN -# define LOG_WARN_ENABLED 1 -# define LOG_W(format, ...) \ - nLog("scp", NX_LEVEL_WARN, format, ##__VA_ARGS__) -# define LOG_X8_W(VALUE) \ - nLog("scp", NX_LEVEL_WARN, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_W(VALUE) \ - nLog("scp", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X16_W(VALUE) \ - nLog("scp", NX_LEVEL_WARN, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_W(VALUE) \ - nLog("scp", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X32_W(VALUE) \ - nLog("scp", NX_LEVEL_WARN, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_W(VALUE) \ - nLog("scp", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_W(ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_WARN, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_WARN, MESSAGE, ARRAY, LEN) -#else -# define LOG_WARN_ENABLED 0 -# define LOG_W(...) -# define LOG_X8_W(VALUE) -# define LOG_U8_W(VALUE) -# define LOG_X16_W(VALUE) -# define LOG_U16_W(VALUE) -# define LOG_X32_W(VALUE) -# define LOG_U32_W(VALUE) -# define LOG_AU8_W(ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SCP_ERROR -# define LOG_ERROR_ENABLED 1 -# define LOG_E(format, ...) \ - nLog("scp", NX_LEVEL_ERROR, format, ##__VA_ARGS__) -# define LOG_X8_E(VALUE) \ - nLog("scp", NX_LEVEL_ERROR, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_E(VALUE) \ - nLog("scp", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X16_E(VALUE) \ - nLog("scp", NX_LEVEL_ERROR, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_E(VALUE) \ - nLog("scp", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X32_E(VALUE) \ - nLog("scp", NX_LEVEL_ERROR, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_E(VALUE) \ - nLog("scp", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_E(ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_ERROR, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY,LEN) \ - nLog_au8("scp", NX_LEVEL_ERROR, MESSAGE, ARRAY, LEN) -#else -# define LOG_ERROR_ENABLED 0 -# define LOG_E(...) -# define LOG_X8_E(VALUE) -# define LOG_U8_E(VALUE) -# define LOG_X16_E(VALUE) -# define LOG_U16_E(VALUE) -# define LOG_X32_E(VALUE) -# define LOG_U32_E(VALUE) -# define LOG_AU8_E(ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY, LEN) -#endif - -/* clang-format on */ - -#endif /* NX_LOG_SCP_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_smCom.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_smCom.h deleted file mode 100644 index 7d42451a1..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_smCom.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * - * Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_SMCOM_H -#define NX_LOG_SMCOM_H - -#include - -/* ############################################################ */ -/* ## AUTO Generated ########################################## */ -/* ############################################################ */ - -/* Default configuration file */ -#include - -/* clang-format off */ - -/* Check if we are double defining these macros */ -#if defined(LOG_D) || defined(LOG_I) || defined(LOG_W) || defined(LOG_E) -/* This should not happen. The only reason this could happn is double inclusion of different log files. */ -# error "LOG_ macro already defined" -#endif /* LOG_E */ - -/* Enable/Set log levels for 'smCom' - start */ -/* If source file, or nxLog_Config.h has not set it, set these defines - * - * Do not #undef these values, rather set to 0/1. This way we can - * jump to definition and avoid plain-old-text-search to jump to - * undef. */ - -#ifndef NX_LOG_ENABLE_SMCOM_DEBUG -# define NX_LOG_ENABLE_SMCOM_DEBUG (NX_LOG_ENABLE_DEFAULT_DEBUG) -#endif -#ifndef NX_LOG_ENABLE_SMCOM_INFO -# define NX_LOG_ENABLE_SMCOM_INFO (NX_LOG_ENABLE_SMCOM_DEBUG + NX_LOG_ENABLE_DEFAULT_INFO) -#endif -#ifndef NX_LOG_ENABLE_SMCOM_WARN -# define NX_LOG_ENABLE_SMCOM_WARN (NX_LOG_ENABLE_SMCOM_INFO + NX_LOG_ENABLE_DEFAULT_WARN) -#endif -#ifndef NX_LOG_ENABLE_SMCOM_ERROR -# define NX_LOG_ENABLE_SMCOM_ERROR (NX_LOG_ENABLE_SMCOM_WARN + NX_LOG_ENABLE_DEFAULT_ERROR) -#endif - -/* Enable/Set log levels for 'smCom' - end */ - -#if NX_LOG_ENABLE_SMCOM_DEBUG -# define LOG_DEBUG_ENABLED 1 -# define LOG_D(format, ...) \ - nLog("smCom", NX_LEVEL_DEBUG, format, ##__VA_ARGS__) -# define LOG_X8_D(VALUE) \ - nLog("smCom", NX_LEVEL_DEBUG, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_D(VALUE) \ - nLog("smCom", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X16_D(VALUE) \ - nLog("smCom", NX_LEVEL_DEBUG, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_D(VALUE) \ - nLog("smCom", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X32_D(VALUE) \ - nLog("smCom", NX_LEVEL_DEBUG, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_D(VALUE) \ - nLog("smCom", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_D(ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_DEBUG, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_DEBUG, MESSAGE, ARRAY, LEN) -#else -# define LOG_DEBUG_ENABLED 0 -# define LOG_D(...) -# define LOG_X8_D(VALUE) -# define LOG_U8_D(VALUE) -# define LOG_X16_D(VALUE) -# define LOG_U16_D(VALUE) -# define LOG_X32_D(VALUE) -# define LOG_U32_D(VALUE) -# define LOG_AU8_D(ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SMCOM_INFO -# define LOG_INFO_ENABLED 1 -# define LOG_I(format, ...) \ - nLog("smCom", NX_LEVEL_INFO, format, ##__VA_ARGS__) -# define LOG_X8_I(VALUE) \ - nLog("smCom", NX_LEVEL_INFO, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_I(VALUE) \ - nLog("smCom", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X16_I(VALUE) \ - nLog("smCom", NX_LEVEL_INFO, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_I(VALUE) \ - nLog("smCom", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X32_I(VALUE) \ - nLog("smCom", NX_LEVEL_INFO, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_I(VALUE) \ - nLog("smCom", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_I(ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_INFO, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_INFO, MESSAGE, ARRAY, LEN) -#else -# define LOG_INFO_ENABLED 0 -# define LOG_I(...) -# define LOG_X8_I(VALUE) -# define LOG_U8_I(VALUE) -# define LOG_X16_I(VALUE) -# define LOG_U16_I(VALUE) -# define LOG_X32_I(VALUE) -# define LOG_U32_I(VALUE) -# define LOG_AU8_I(ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SMCOM_WARN -# define LOG_WARN_ENABLED 1 -# define LOG_W(format, ...) \ - nLog("smCom", NX_LEVEL_WARN, format, ##__VA_ARGS__) -# define LOG_X8_W(VALUE) \ - nLog("smCom", NX_LEVEL_WARN, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_W(VALUE) \ - nLog("smCom", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X16_W(VALUE) \ - nLog("smCom", NX_LEVEL_WARN, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_W(VALUE) \ - nLog("smCom", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X32_W(VALUE) \ - nLog("smCom", NX_LEVEL_WARN, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_W(VALUE) \ - nLog("smCom", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_W(ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_WARN, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_WARN, MESSAGE, ARRAY, LEN) -#else -# define LOG_WARN_ENABLED 0 -# define LOG_W(...) -# define LOG_X8_W(VALUE) -# define LOG_U8_W(VALUE) -# define LOG_X16_W(VALUE) -# define LOG_U16_W(VALUE) -# define LOG_X32_W(VALUE) -# define LOG_U32_W(VALUE) -# define LOG_AU8_W(ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SMCOM_ERROR -# define LOG_ERROR_ENABLED 1 -# define LOG_E(format, ...) \ - nLog("smCom", NX_LEVEL_ERROR, format, ##__VA_ARGS__) -# define LOG_X8_E(VALUE) \ - nLog("smCom", NX_LEVEL_ERROR, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_E(VALUE) \ - nLog("smCom", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X16_E(VALUE) \ - nLog("smCom", NX_LEVEL_ERROR, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_E(VALUE) \ - nLog("smCom", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X32_E(VALUE) \ - nLog("smCom", NX_LEVEL_ERROR, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_E(VALUE) \ - nLog("smCom", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_E(ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_ERROR, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY,LEN) \ - nLog_au8("smCom", NX_LEVEL_ERROR, MESSAGE, ARRAY, LEN) -#else -# define LOG_ERROR_ENABLED 0 -# define LOG_E(...) -# define LOG_X8_E(VALUE) -# define LOG_U8_E(VALUE) -# define LOG_X16_E(VALUE) -# define LOG_U16_E(VALUE) -# define LOG_X32_E(VALUE) -# define LOG_U32_E(VALUE) -# define LOG_AU8_E(ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY, LEN) -#endif - -/* clang-format on */ - -#endif /* NX_LOG_SMCOM_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_sss.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_sss.h deleted file mode 100644 index fb61c1fdc..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog/nxLog_sss.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * - * Copyright 2018 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef NX_LOG_SSS_H -#define NX_LOG_SSS_H - -#include - -/* ############################################################ */ -/* ## AUTO Generated ########################################## */ -/* ############################################################ */ - -/* Default configuration file */ -#include - -/* clang-format off */ - -/* Check if we are double defining these macros */ -#if defined(LOG_D) || defined(LOG_I) || defined(LOG_W) || defined(LOG_E) -/* This should not happen. The only reason this could happn is double inclusion of different log files. */ -# error "LOG_ macro already defined" -#endif /* LOG_E */ - -/* Enable/Set log levels for 'sss' - start */ -/* If source file, or nxLog_Config.h has not set it, set these defines - * - * Do not #undef these values, rather set to 0/1. This way we can - * jump to definition and avoid plain-old-text-search to jump to - * undef. */ - -#ifndef NX_LOG_ENABLE_SSS_DEBUG -# define NX_LOG_ENABLE_SSS_DEBUG (NX_LOG_ENABLE_DEFAULT_DEBUG) -#endif -#ifndef NX_LOG_ENABLE_SSS_INFO -# define NX_LOG_ENABLE_SSS_INFO (NX_LOG_ENABLE_SSS_DEBUG + NX_LOG_ENABLE_DEFAULT_INFO) -#endif -#ifndef NX_LOG_ENABLE_SSS_WARN -# define NX_LOG_ENABLE_SSS_WARN (NX_LOG_ENABLE_SSS_INFO + NX_LOG_ENABLE_DEFAULT_WARN) -#endif -#ifndef NX_LOG_ENABLE_SSS_ERROR -# define NX_LOG_ENABLE_SSS_ERROR (NX_LOG_ENABLE_SSS_WARN + NX_LOG_ENABLE_DEFAULT_ERROR) -#endif - -/* Enable/Set log levels for 'sss' - end */ - -#if NX_LOG_ENABLE_SSS_DEBUG -# define LOG_DEBUG_ENABLED 1 -# define LOG_D(format, ...) \ - nLog("sss", NX_LEVEL_DEBUG, format, ##__VA_ARGS__) -# define LOG_X8_D(VALUE) \ - nLog("sss", NX_LEVEL_DEBUG, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_D(VALUE) \ - nLog("sss", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X16_D(VALUE) \ - nLog("sss", NX_LEVEL_DEBUG, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_D(VALUE) \ - nLog("sss", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_X32_D(VALUE) \ - nLog("sss", NX_LEVEL_DEBUG, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_D(VALUE) \ - nLog("sss", NX_LEVEL_DEBUG, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_D(ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_DEBUG, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_DEBUG, MESSAGE, ARRAY, LEN) -#else -# define LOG_DEBUG_ENABLED 0 -# define LOG_D(...) -# define LOG_X8_D(VALUE) -# define LOG_U8_D(VALUE) -# define LOG_X16_D(VALUE) -# define LOG_U16_D(VALUE) -# define LOG_X32_D(VALUE) -# define LOG_U32_D(VALUE) -# define LOG_AU8_D(ARRAY, LEN) -# define LOG_MAU8_D(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SSS_INFO -# define LOG_INFO_ENABLED 1 -# define LOG_I(format, ...) \ - nLog("sss", NX_LEVEL_INFO, format, ##__VA_ARGS__) -# define LOG_X8_I(VALUE) \ - nLog("sss", NX_LEVEL_INFO, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_I(VALUE) \ - nLog("sss", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X16_I(VALUE) \ - nLog("sss", NX_LEVEL_INFO, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_I(VALUE) \ - nLog("sss", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_X32_I(VALUE) \ - nLog("sss", NX_LEVEL_INFO, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_I(VALUE) \ - nLog("sss", NX_LEVEL_INFO, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_I(ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_INFO, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_INFO, MESSAGE, ARRAY, LEN) -#else -# define LOG_INFO_ENABLED 0 -# define LOG_I(...) -# define LOG_X8_I(VALUE) -# define LOG_U8_I(VALUE) -# define LOG_X16_I(VALUE) -# define LOG_U16_I(VALUE) -# define LOG_X32_I(VALUE) -# define LOG_U32_I(VALUE) -# define LOG_AU8_I(ARRAY, LEN) -# define LOG_MAU8_I(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SSS_WARN -# define LOG_WARN_ENABLED 1 -# define LOG_W(format, ...) \ - nLog("sss", NX_LEVEL_WARN, format, ##__VA_ARGS__) -# define LOG_X8_W(VALUE) \ - nLog("sss", NX_LEVEL_WARN, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_W(VALUE) \ - nLog("sss", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X16_W(VALUE) \ - nLog("sss", NX_LEVEL_WARN, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_W(VALUE) \ - nLog("sss", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_X32_W(VALUE) \ - nLog("sss", NX_LEVEL_WARN, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_W(VALUE) \ - nLog("sss", NX_LEVEL_WARN, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_W(ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_WARN, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_WARN, MESSAGE, ARRAY, LEN) -#else -# define LOG_WARN_ENABLED 0 -# define LOG_W(...) -# define LOG_X8_W(VALUE) -# define LOG_U8_W(VALUE) -# define LOG_X16_W(VALUE) -# define LOG_U16_W(VALUE) -# define LOG_X32_W(VALUE) -# define LOG_U32_W(VALUE) -# define LOG_AU8_W(ARRAY, LEN) -# define LOG_MAU8_W(MESSAGE, ARRAY, LEN) -#endif - -#if NX_LOG_ENABLE_SSS_ERROR -# define LOG_ERROR_ENABLED 1 -# define LOG_E(format, ...) \ - nLog("sss", NX_LEVEL_ERROR, format, ##__VA_ARGS__) -# define LOG_X8_E(VALUE) \ - nLog("sss", NX_LEVEL_ERROR, "%s=0x%02X",#VALUE, VALUE) -# define LOG_U8_E(VALUE) \ - nLog("sss", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X16_E(VALUE) \ - nLog("sss", NX_LEVEL_ERROR, "%s=0x%04X",#VALUE, VALUE) -# define LOG_U16_E(VALUE) \ - nLog("sss", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_X32_E(VALUE) \ - nLog("sss", NX_LEVEL_ERROR, "%s=0x%08X",#VALUE, VALUE) -# define LOG_U32_E(VALUE) \ - nLog("sss", NX_LEVEL_ERROR, "%s=%u",#VALUE, VALUE) -# define LOG_AU8_E(ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_ERROR, #ARRAY, ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY,LEN) \ - nLog_au8("sss", NX_LEVEL_ERROR, MESSAGE, ARRAY, LEN) -#else -# define LOG_ERROR_ENABLED 0 -# define LOG_E(...) -# define LOG_X8_E(VALUE) -# define LOG_U8_E(VALUE) -# define LOG_X16_E(VALUE) -# define LOG_U16_E(VALUE) -# define LOG_X32_E(VALUE) -# define LOG_U32_E(VALUE) -# define LOG_AU8_E(ARRAY, LEN) -# define LOG_MAU8_E(MESSAGE, ARRAY, LEN) -#endif - -/* clang-format on */ - -#endif /* NX_LOG_SSS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseStatus.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseStatus.h deleted file mode 100644 index b14761df9..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseStatus.h +++ /dev/null @@ -1,421 +0,0 @@ -/* - * Copyright 2010-2014,2018-2019 NXP - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * ESE Status Values - Function Return Codes - */ - -#ifndef PHESESTATUS_H -#define PHESESTATUS_H - -#include "phEseTypes.h" - -/* Internally required by PHESESTVAL. */ -#define PHESESTSHL8 (8U) -/* Required by PHESESTVAL. */ -#define PHESESTBLOWER ((ESESTATUS)(0x00FFU)) - -/* - * ESE Status Composition Macro - * - * This is the macro which must be used to compose status values. - * - * phEseCompID Component ID, as defined in phEseCompId.h . - * phEseStatus Status values, as defined in phEseStatus.h . - * - * The macro is not required for the ESESTATUS_SUCCESS value. - * This is the only return value to be used directly. - * For all other values it shall be used in assignment and conditional statements, e.g.: - * ESESTATUS status = PHESESTVAL(phEseCompID, phEseStatus); ... - * if (status == PHESESTVAL(phEseCompID, phEseStatus)) ... - */ -#define PHESESTVAL(phEseCompID, phEseStatus) \ - ( ((phEseStatus) == (ESESTATUS_SUCCESS)) ? (ESESTATUS_SUCCESS) : \ - ( (((ESESTATUS)(phEseStatus)) & (PHESESTBLOWER)) | \ - (((uint16_t)(phEseCompID)) << (PHESESTSHL8)) ) ) - -/* - * PHESESTATUS - * Get grp_retval from Status Code - */ -#define PHESESTATUS(phEseStatus) ((phEseStatus) & 0x00FFU) -#define PHESECID(phEseStatus) (((phEseStatus) & 0xFF00U)>>8) - -/* - * Status Codes - * - * Generic Status codes for the ESE components. Combined with the Component ID - * they build the value (status) returned by each function. - * Example: - * grp_comp_id "Component ID" - e.g. 0x10, plus - * status code as listed in this file - e.g. 0x03 - * result in a status value of 0x0003. - */ - -/* - * The function indicates successful completion - */ -#define ESESTATUS_SUCCESS (0x0000) - -/* - * The function indicates successful completion - */ -#define ESESTATUS_OK (ESESTATUS_SUCCESS) - -/* - * At least one parameter could not be properly interpreted - */ -#define ESESTATUS_INVALID_PARAMETER (0x0001) - -/* - * Invalid buffer provided by application - * */ -#define ESESTATUS_INVALID_BUFFER (0x0002) - -/* - * The buffer provided by the caller is too small - */ -#define ESESTATUS_BUFFER_TOO_SMALL (0x0003) - -/* - * Invalid class byte provided by application - * */ -#define ESESTATUS_INVALID_CLA (0x0004) - -/* - * Invalid command pdu type provided by application - * */ -#define ESESTATUS_INVALID_CPDU_TYPE (0x0005) - -/* - * Invalid command LE type provided by application - * */ -#define ESESTATUS_INVALID_LE_TYPE (0x0007) - -/* - * Device specifier/handle value is invalid for the operation - */ -#define ESESTATUS_INVALID_DEVICE (0x0006) - -/* - * The function executed successfully but could have returned - * more information than space provided by the caller - */ -#define ESESTATUS_MORE_FRAME (0x0008) - -/* - * No response from the remote device received: Time-out - */ -#define ESESTATUS_LAST_FRAME (0x0009) - -/* - * CRC Error during data transaction with the device - */ -#define ESESTATUS_CRC_ERROR (0x000A) - -/* - * SOF Error during data transaction with the device - */ -#define ESESTATUS_SOF_ERROR (0x000B) - -/* - * Not enough resources Memory, Timer etc(e.g. allocation failed.) - */ -#define ESESTATUS_INSUFFICIENT_RESOURCES (0x000C) - -/* - * A non-blocking function returns this immediately to indicate - * that an internal operation is in progress - */ -#define ESESTATUS_PENDING (0x000D) - -/* - * A board communication error occurred - * (e.g. Configuration went wrong) - */ -#define ESESTATUS_BOARD_COMMUNICATION_ERROR (0x000F) - -/* - * Invalid State of the particular state machine - */ -#define ESESTATUS_INVALID_STATE (0x0011) - - -/* - * This Layer is Not initialized, hence initialization required. - */ -#define ESESTATUS_NOT_INITIALISED (0x0031) - - -/* - * The Layer is already initialized, hence initialization repeated. - */ -#define ESESTATUS_ALREADY_INITIALISED (0x0032) - - -/* - * Feature not supported - */ -#define ESESTATUS_FEATURE_NOT_SUPPORTED (0x0033) - -/* - * Parity Error - */ -#define ESESTATUS_PARITY_ERROR (0x0034) - - -/* The Registration command has failed because the user wants to register on - * an element for which he is already registered - */ -#define ESESTATUS_ALREADY_REGISTERED (0x0035) - -/* Chained frame is being sent */ -#define ESESTATUS_CHAINED_FRAME (0x0036) - -/* - * Single frame is sent - */ -#define ESESTATUS_SINGLE_FRAME (0x0037) - -/* - * A DESELECT event has occurred - */ -#define ESESTATUS_DESELECTED (0x0038) - -/* - * A RELEASE event has occurred - */ -#define ESESTATUS_RELEASED (0x0039) - -/* - * The operation is currently not possible or not allowed - */ -#define ESESTATUS_NOT_ALLOWED (0x003A) - -/* - * Other indicaated error sent by JCOP. - */ -#define ESESTATUS_OTHER_ERROR (0x003C) -/* - * The system is busy with the firmware download operation. - */ -#define ESESTATUS_DWNLD_BUSY (0x006E) - -/* - * The system is busy with the previous operation. - */ -#define ESESTATUS_BUSY (0x006F) - - -/* NDEF Mapping error codes */ - -/* The remote device (type) is not valid for this request. */ -#define ESESTATUS_INVALID_REMOTE_DEVICE (0x001D) - -/* Read operation failed */ -#define ESESTATUS_READ_FAILED (0x0014) - -/* - * Write operation failed - */ -#define ESESTATUS_WRITE_FAILED (0x0015) - - -/* Non Ndef Compliant */ -#define ESESTATUS_NO_NDEF_SUPPORT (0x0016) - -/* resend the frame with seq_counter 0*/ -#define ESESTATUS_RESET_SEQ_COUNTER_FRAME_RESEND (0x001A) - -/* Incorrect number of bytes received from the card*/ -#define ESESTATUS_INVALID_RECEIVE_LENGTH (0x001B) - -/* The data format/composition is not understood/correct. */ -#define ESESTATUS_INVALID_FORMAT (0x001C) - - -/* There is not sufficient storage available. */ -#define ESESTATUS_INSUFFICIENT_STORAGE (0x001F) - -/* The last command would be re-sent */ -#define ESESTATUS_FRAME_RESEND (0x0023) - -/* The write timeout error */ -#define ESESTATUS_WRITE_TIMEOUT (0x0024) - -/* - * Response Time out for the control message(ESEC not responded) - */ -#define ESESTATUS_RESPONSE_TIMEOUT (0x0025) - -/* - * Resend the last R Frame - */ -#define ESESTATUS_FRAME_RESEND_R_FRAME (0x0026) - -/* - * Send next chained frame - */ -#define ESESTATUS_SEND_NEXT_FRAME (0x0027) - -/* - * Protocol revovery started - */ -#define ESESTATUS_REVOCERY_STARTED (0x0028) - -/* - * Single Target Detected - */ -#define ESESTATUS_SEND_R_FRAME (0x0029) - -/* - * Resend the RNAK - */ - -#define ESESTATUS_FRAME_RESEND_RNAK (0x0030) - -/* - * Resend the last R Frame - */ -#define ESESTATUS_FRAME_SEND_R_FRAME (0x003B) - -/* - * Unknown error Status Codes - */ -#define ESESTATUS_UNKNOWN_ERROR (0x00FE) - -/* - * Status code for failure - */ -#define ESESTATUS_FAILED (0x00FF) - -/* - * The function/command has been aborted - */ -#define ESESTATUS_CMD_ABORTED (0x0002) - -/* - * No target found after poll - */ -#define ESESTATUS_NO_TARGET_FOUND (0x000A) - -/* Attempt to disconnect a not connected remote device. */ -#define ESESTATUS_NO_DEVICE_CONNECTED (0x000B) - - -/* requesting a resynchronization */ -#define ESESTATUS_RESYNCH_REQ (0x000E) - -/* - * acknowledging resynchronization - */ -#define ESESTATUS_RESYNCH_RES (0x0010) - -/* - * S-block offering a maximum size of the information field - */ -#define ESESTATUS_IFS_REQ (0x001E) - -/* S-block offering a maximum size of the information field */ -#define ESESTATUS_IFS_RES (0x0017) - -/* S-block requesting a chain abortion */ -#define ESESTATUS_ABORT_REQ (0x00F0) - - -/*S-block acknowledging the chain abortion*/ -#define ESESTATUS_ABORT_RES (0x00F2) - - -/* S-block requesting a waiting time extension*/ -#define ESESTATUS_WTX_REQ (0x00F5) - -/* S-block acknowledging the waiting time extension */ -#define ESESTATUS_WTX_RES (0x00F6) - -/* S-block interface reset request */ -#define ESESTATUS_RESET_REQ (0x00F7) - -/* S-block interface reset response */ -#define ESESTATUS_RESET_RES (0x00F8) - -/* S-block requesting a end of apdu transfer*/ -#define ESESTATUS_END_APDU_REQ (0x00F9) - -/* S-block acknowledging end of apdu transfer*/ -#define ESESTATUS_END_APDU_RES (0x00FA) - -/* - * Shutdown in progress, cannot handle the request at this time. - */ -#define ESESTATUS_SHUTDOWN (0x0091) - -/* - * Target is no more in RF field - */ -#define ESESTATUS_TARGET_LOST (0x0092) - -/* - * Request is rejected - */ -#define ESESTATUS_REJECTED (0x0093) - -/* - * Target is not connected - */ -#define ESESTATUS_TARGET_NOT_CONNECTED (0x0094) - -/* - * Invalid handle for the operation - */ -#define ESESTATUS_INVALID_HANDLE (0x0095) - -/* - * Process aborted - */ -#define ESESTATUS_ABORTED (0x0096) - -/* - * Requested command is not supported - */ -#define ESESTATUS_COMMAND_NOT_SUPPORTED (0x0097) - -/* - * Tag is not NDEF compilant - */ -#define ESESTATUS_NON_NDEF_COMPLIANT (0x0098) - -/* - * Not enough memory available to complete the requested operation - */ -#define ESESTATUS_NOT_ENOUGH_MEMORY (0x001F) - -/* - * Indicates incoming connection - */ -#define ESESTATUS_INCOMING_CONNECTION (0x0045) - -/* - * Indicates Connection was successful - */ -#define ESESTATUS_CONNECTION_SUCCESS (0x0046) - -/* - * Indicates Connection failed - */ -#define ESESTATUS_CONNECTION_FAILED (0x0047) - -#endif /* PHESESTATUS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseTypes.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseTypes.h deleted file mode 100644 index 6a511644b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phEseTypes.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright 2010-2014,2018-2019 NXP - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PHESETYPES_H -#define PHESETYPES_H -#include -#include -#include -#include - -typedef uint8_t utf8_t; /* UTF8 Character String */ -typedef uint8_t bool_t; /* boolean data type */ -typedef uint16_t ESESTATUS; /* Return values */ -#define STATIC static - -#define UNUSED(X) (void)X; - -#endif /* PHESETYPES_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEsePal_i2c.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEsePal_i2c.h deleted file mode 100644 index 8b44bc7d6..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEsePal_i2c.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright 2010-2014,2018-2020 NXP - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - /** - * \addtogroup eSe_PAL_I2C - * \brief PAL I2C port implementation for linux - * @{ */ -#ifndef _PHNXPESE_PAL_I2C_H -#define _PHNXPESE_PAL_I2C_H - -/* Basic type definitions */ -#include - - -/*! - * \brief ESE Poll timeout (min 1 miliseconds) - */ -#define ESE_POLL_DELAY_MS (1) -/*! - * \brief ESE Poll timeout. - * As Max WTX timeout is 1sec, select ESE_NAD_POLLING_MAX count in such a way that WTX request frm SE is not skiped - * select target value is 2 sec. - * - * Note: Here ESE_NAD_POLLING_MAX is depend on platform, If i2c driver does not have backoff delay implemented, - * then set ESE_NAD_POLLING_MAX value to >=300 - * - */ -#if AX_EMBEDDED //back off delay is implemented for AX_EMBEDDED devices - /*TODO:semslite need more than 20 polling count right now max is set to 60 as 46 was the max sof counter observed - SIMW-2927*/ -#if defined(LPC_55x) - #define ESE_NAD_POLLING_MAX (2*250) - #else - #define ESE_NAD_POLLING_MAX (2*30) -#endif -#else - #define ESE_NAD_POLLING_MAX (2*250) -#endif -/*! - * \brief Max retry count for Write - */ -#define MAX_RETRY_COUNT 3 - -/*! - * \brief ESE wakeup delay in case of write error retry - */ -#define WAKE_UP_DELAY_MS 5 //5 ms -/*! - * \brief ESE wakeup delay in case of write error retry - */ -#define NAD_POLLING_SCALER 1 -/*! - * \brief ESE wakeup delay in case of write error retry - */ -#define CHAINED_PKT_SCALER 1 -/*! - * \brief This function is used to set slave address of ESE - * - */ -// #define I2C_MASTER_SLAVE_ADDR_7BIT (0x90U >> 1) //slve bit address is 20U but driver do right shift so set to 40U -#define SMCOM_I2C_ADDRESS (0x90) - -/*! - * \ingroup eSe_PAL_I2C - * - * \brief PAL Configuration exposed to upper layer. - */ -typedef struct phPalEse_Config -{ - int8_t *pDevName; - /*!< Port name connected to ESE - * - * Platform specific canonical device name to which ESE is connected. - * - * e.g. On Linux based systems this would be /dev/p73 - */ - - int8_t DeviceAddress; - /*!< I2C Address of SE connected - */ - - uint32_t dwBaudRate; - /*!< Communication speed between DH and ESE - * - * This is the baudrate of the bus for communication between DH and ESE - */ - - void *pDevHandle; - /*!< Device handle output */ -} phPalEse_Config_t,*pphPalEse_Config_t; /* pointer to phPalEse_Config_t */ - -void phPalEse_i2c_close(void *pDevHandle); -ESESTATUS phPalEse_i2c_open_and_configure(pphPalEse_Config_t pConfig); -int phPalEse_i2c_read(void *pDevHandle, uint8_t * pBuffer, int nNbBytesToRead); -int phPalEse_i2c_write(void *pDevHandle,uint8_t * pBuffer, int nNbBytesToWrite); -/** @} */ -#endif /* _PHNXPESE_PAL_I2C_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEseProto7816_3.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEseProto7816_3.h deleted file mode 100644 index ccfd00e87..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEseProto7816_3.h +++ /dev/null @@ -1,443 +0,0 @@ -/* - * Copyright 2010-2014,2018-2020 NXP - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef _PHNXPESEPROTO7816_3_H_ -#define _PHNXPESEPROTO7816_3_H_ -#include - - -/** - * \addtogroup ISO7816-3_protocol_lib - * \brief 7816-3 PROTOCOL STACK - * @{ */ - -/********************* Definitions and structures *****************************/ - -/*! - * \brief S-Frame types used in 7816-3 protocol stack - */ -typedef enum sFrameTypes { - RESYNCH_REQ = 0x00,/*!< Re-synchronisation request between host and ESE */ - RESYNCH_RSP = 0x20,/*!< Re-synchronisation response between host and ESE */ - IFSC_REQ = 0x01,/*!< IFSC size request */ - IFSC_RES = 0x21,/*!< IFSC size response */ - ABORT_REQ = 0x02,/*!< Abort request */ - ABORT_RES = 0x22,/*!< Abort response */ - WTX_REQ = 0x03,/*!< WTX request */ - WTX_RSP = 0x23,/*!< WTX response */ -#if defined(T1oI2C_UM11225) - INTF_RESET_REQ = 0x0F,/*!< Interface reset request */ - INTF_RESET_RSP = 0x2F,/*!< Interface reset response */ - PROP_END_APDU_REQ = 0x05,/*!< Proprietary Enf of APDU request */ - PROP_END_APDU_RSP = 0x25,/*!< Proprietary Enf of APDU response */ - CHIP_RESET_REQ = 0x06, /*chip reset request*/ - CHIP_RESET_RES = 0x26, /*chip reset response*/ - ATR_REQ = 0x07, /* get ATR request*/ - ATR_RES = 0x27, /*get ATR response*/ -#elif defined(T1oI2C_GP1_0) - SWR_REQ = 0x0F,/*!< Software reset request */ - SWR_RSP = 0x2F,/*!< Software reset response */ - COLD_RESET_REQ = 0x1E, /*cold reset request*/ - COLD_RESET_RES = 0x3E, /*cold reset response*/ - RELEASE_REQ = 0x06, /* Release request*/ - RELEASE_RES = 0x26, /* Release response*/ - CIP_REQ = 0x04,/*!< Get CIP request */ - CIP_RES = 0x24,/*!< Get CIP response */ -#endif - INVALID_REQ_RES /*!< Invalid request */ - } sFrameTypes_t; - -/*! - * \brief R-Frame types used in 7816-3 protocol stack - */ -typedef enum rFrameTypes -{ - RACK = 0x01, /*!< R-frame Acknowledgement frame indicator */ - RNACK = 0x02 /*!< R-frame Negative-Acknowledgement frame indicator */ -}rFrameTypes_t; - -/*! - * \brief R-Frame error types used 7816-3 protocol stack - */ -typedef enum rFrameErrorTypes -{ - NO_ERROR, /*!< R-frame received with success */ - PARITY_ERROR, /*!< R-frame received with parity error */ - OTHER_ERROR, /*!< R-frame received with Other error */ - SOF_MISSED_ERROR, /*!< R-frame received with frame missing error */ - UNDEFINED_ERROR /*!< R-frame received with some undefined error */ -}rFrameErrorTypes_t; - -/*! - * \brief Frame types used in 7816-3 protocol stack - */ -typedef enum phNxpEseProto7816_FrameTypes -{ - IFRAME,/*!< Frame type: I-frame */ - SFRAME,/*!< Frame type: S-frame */ - RFRAME,/*!< Frame type: R-frame */ - INVALID,/*!< Frame type: Invalid */ - UNKNOWN /*!< Frame type: Unknown */ -}phNxpEseProto7816_FrameTypes_t; - -/*! - * \brief 7816-3 protocol stack states - */ -typedef enum phNxpEseProto7816_State -{ - PH_NXP_ESE_PROTO_7816_IDLE,/*!< 7816-3 protocol state: IDLE */ - PH_NXP_ESE_PROTO_7816_TRANSCEIVE,/*!< 7816-3 protocol state: TRANSCEIVE going on */ - PH_NXP_ESE_PROTO_7816_DEINIT /*!< 7816-3 protocol state: DeInit going on */ -}phNxpEseProto7816_State_t; - -/*! - * \brief 7816-3 protocol transceive states - */ -typedef enum phNxpEseProto7816_TransceiveStates -{ - IDLE_STATE, /*!< 7816-3 protocol transceive state: IDLE */ - SEND_IFRAME, /*!< 7816-3 protocol transceive state: I-frame to be sent */ - SEND_R_NACK, /*!< 7816-3 protocol transceive state: R-NACK frame to be sent */ - SEND_R_ACK, /*!< 7816-3 protocol transceive state: R-ACK frame to be sent */ - SEND_S_RSYNC, /*!< 7816-3 protocol transceive state: S-frame re-synchronisation command to be sent */ -#if defined(T1oI2C_UM11225) - SEND_S_INTF_RST, /*!< 7816-3 protocol transceive state: S-frame interface reset command to be sent */ - SEND_S_EOS, /*!< 7816-3 protocol transceive state: S-frame end of session command to be sent */ - SEND_S_ATR, /*!< 7816-3 protocol transceive state: S-frame ATR command to be sent */ - SEND_S_CHIP_RST, /*!< 7816-3 protocol transceive state: S-frame chip reset command to be sent */ -#elif defined(T1oI2C_GP1_0) - SEND_S_SWR, /*!< 7816-3 protocol transceive state: S-frame Software reset command to be sent */ - SEND_S_RELEASE, /*!< 7816-3 protocol transceive state: S-frame RELEASE command to be sent */ - SEND_S_CIP, /*!< 7816-3 protocol transceive state: S-frame CIP command to be sent */ - SEND_S_COLD_RST, /*!< 7816-3 protocol transceive state: S-frame cold reset command to be sent */ -#endif - SEND_S_WTX_REQ, /*!< 7816-3 protocol transceive state: S-frame WTX command to be sent */ - SEND_S_WTX_RSP, /*!< 7816-3 protocol transceive state: S-frame WTX response to be sent */ - -}phNxpEseProto7816_TransceiveStates_t; - -/*! - * \brief I-frame information structure for ISO 7816-3 - * - * This structure holds the information of I-frame used for sending - * and receiving the frame packet. - * - */ -typedef struct iFrameInfo -{ - bool_t isChained; /*!< I-frame: Indicates if more frames to follow in the same data packet or not */ - uint8_t *p_data; /*!< I-frame: Actual data (Information field (INF)) */ - uint8_t seqNo; /*!< I-frame: Sequence number of the I-frame */ - uint32_t maxDataLen; /*!< I-frame: Maximum data length to be allowed in a single I-frame */ - uint32_t dataOffset; /*!< I-frame: Offset to the actual data(INF) for the current frame of the packet */ - uint32_t totalDataLen; /*!< I-frame: Total data left in the packet, used to set the chained flag/calculating offset */ - uint32_t sendDataLen; /*!< I-frame: the length of the I-frame actual data */ -}iFrameInfo_t; - -/*! - * \brief S-frame information structure for ISO 7816-3 - * - * This structure holds the information of S-frame used for sending - * and receiving the frame packet. - * - */ -typedef struct sFrameInfo -{ - sFrameTypes_t sFrameType;/*!< S-frame: Type of S-frame cmd/rsp */ -}sFrameInfo_t; - -/*! - * \brief R-frame information structure for ISO 7816-3 - * - * This structure holds the information of R-frame used for sending - * and receiving the frame packet. - * - */ -typedef struct rFrameInfo -{ - uint8_t seqNo; /*!< R-frame: Sequence number of the expected I-frame */ - rFrameErrorTypes_t errCode; /*!< R-frame: Error type */ -}rFrameInfo_t; - -/*! - * \brief Next/Last Tx information structure holding transceive data - * - * This structure holds the information of the next/last sent - * I-frame/R-frame/S-frame depending on the frame type - * - */ -typedef struct phNxpEseProto7816_NextTx_Info -{ - //union { - iFrameInfo_t - IframeInfo; /*!< Information of the I-frame to be send next or the last sent I-frame depending on the frame type */ - rFrameInfo_t - RframeInfo; /*!< Information of the R-frame to be send next or the last sent R-frame depending on the frame type */ - sFrameInfo_t - SframeInfo; /*!< Information of the S-frame to be send next or the last sent S-frame depending on the frame type */ - //} f; - phNxpEseProto7816_FrameTypes_t FrameType; /*!< Frame (I/R/S frames) type to be sent next */ -}phNxpEseProto7816_NextTx_Info_t; - -/*! - * \brief Last sent Tx ransceive data - * - * This structure holds the information of the last sent - * I-frame/R-frame/S-frame - * - */ -typedef phNxpEseProto7816_NextTx_Info_t phNxpEseProto7816_LastTx_Info_t; - -/*! - * \brief Last Rx information structure holding transceive data - * - * This structure holds the information of the next/last sent - * I-frame/R-frame/S-frame - * - */ -typedef struct phNxpEseRx_Cntx -{ - iFrameInfo_t lastRcvdIframeInfo; /*!< I-frame: Last received frame */ - rFrameInfo_t lastRcvdRframeInfo; /*!< R-frame: Last received frame */ - sFrameInfo_t lastRcvdSframeInfo; /*!< S-frame: Last received frame */ - phNxpEseProto7816_FrameTypes_t lastRcvdFrameType; /*!< Last received frame type */ - phNxpEse_data *pRsp; -}phNxpEseRx_Cntx_t; - -/*! - * \brief 7816-3 protocol stack context structure - * - * This structure holds the complete information of the - * 7816-3 protocol stack context - * - */ -typedef struct phNxpEseProto7816 -{ - phNxpEseProto7816_LastTx_Info_t phNxpEseLastTx_Cntx; /*!< Last transmitted frame information */ - phNxpEseProto7816_NextTx_Info_t phNxpEseNextTx_Cntx; /*!< Next frame to be transmitted */ - phNxpEseRx_Cntx_t phNxpEseRx_Cntx; /*!< Last received frame information */ - phNxpEseProto7816_TransceiveStates_t phNxpEseProto7816_nextTransceiveState; /*!< Next Transceive state. It determines the next - action to be done from host */ - phNxpEseProto7816_State_t phNxpEseProto7816_CurrentState;/*!< Current protocol stack state */ - uint8_t recoveryCounter; /*!< Keeps track of number of error recovery done. Stack exits after it reaches max. count */ - unsigned long int wtx_counter_limit; /*!< Max. WTX counter limit */ - unsigned long int wtx_counter; /*!< WTX count tracker */ - uint8_t timeoutCounter; /*!< Keeps track of number of timeout happened. Stack exits after it reaches max. count */ - phNxpEseProto7816_FrameTypes_t lastSentNonErrorframeType; /*!< Copy of the last sent non-error frame type: R-ACK, S-frame, I-frame */ - unsigned long int rnack_retry_limit; - unsigned long int rnack_retry_counter; -}phNxpEseProto7816_t; - -/*! - * \brief 7816-3 protocol stack init params - * - * This structure holds the parameters to be passed to open 7816-3 protocl stack instance - * - */ -typedef struct phNxpEseProto7816InitParam -{ - unsigned long int wtx_counter_limit; /*!< WTX count limit */ - bool_t interfaceReset; /*!< INTF reset required or not>*/ - unsigned long int rnack_retry_limit; -}phNxpEseProto7816InitParam_t; - -/*! - * \brief 7816-3 protocol PCB bit level structure - * - * This structure holds the bit level information of PCB byte - * as per 7816-3 protocol - * - */ -typedef struct phNxpEseProto7816_PCB_bits { - uint8_t lsb :1; /*!< PCB: lsb */ - uint8_t bit2 :1; /*!< PCB: bit2 */ - uint8_t bit3 :1; /*!< PCB: bit3 */ - uint8_t bit4 :1; /*!< PCB: bit4 */ - uint8_t bit5 :1; /*!< PCB: bit5 */ - uint8_t bit6 :1; /*!< PCB: bit6 */ - uint8_t bit7 :1; /*!< PCB: bit7 */ - uint8_t msb :1; /*!< PCB: msb */ -}phNxpEseProto7816_PCB_bits_t; - -/*! - * \brief 7816_3 protocol stack instance - */ -//phNxpEseProto7816_t phNxpEseProto7816_3_Var; - -/*! - * \brief Max. size of the frame that can be sent - */ -#define IFSC_SIZE_SEND 254 -/*! - * \brief Delay to be used before sending the next frame, after error reported by ESE - */ -#define DELAY_ERROR_RECOVERY 3500 -/*! - * \brief 7816-3 protocol frame header length - */ -#if defined(T1oI2C_UM11225) - #define PH_PROTO_7816_HEADER_LEN 0x03 // LEN field is 1 byte -#elif defined(T1oI2C_GP1_0) - #define PH_PROTO_7816_HEADER_LEN 0x04 // LEN field is 2 byte -#endif -/*! - * \brief 7816-3 protocol frame CRC length - */ -#define PH_PROTO_7816_CRC_LEN 0x02 -/*! - * \brief 7816-3 Chaining flag bit for masking - */ -#define PH_PROTO_7816_CHAINING 0x20 -/*! - * \brief 7816-3 frame length offset - */ -#define PH_PROPTO_7816_FRAME_LENGTH_OFFSET 0x02 -/*! - * \brief 7816-3 S-block request command mask - */ -#define PH_PROTO_7816_S_BLOCK_REQ 0xC0 -/*! - * \brief 7816-3 S-block response mask - */ -#define PH_PROTO_7816_S_BLOCK_RSP 0xE0 -/*! - * \brief 7816-3 S-block reset command mask - */ -#define PH_PROTO_7816_S_RESET 0x0F -/*! - * \brief 7816-3 S-block End of APDU cmd mask - */ -#define PH_PROTO_7816_S_END_OF_APDU 0x05 -/*! - * \brief 7816-3 S-block WTX mask - */ -#define PH_PROTO_7816_S_WTX 0x03 -/*! - * \brief 7816-3 S-block re-sync mask - */ -#define PH_PROTO_7816_S_RESYNCH 0x00 -/*! - * \brief 7816-3 protocol max. error retry counter - */ -#define PH_PROTO_7816_FRAME_RETRY_COUNT 10 -/*! - * \brief 7816-3 protocol max. WTX default count - */ -#define PH_PROTO_WTX_DEFAULT_COUNT 500 -/*! - * \brief 7816-3 protocol max. timeout retry count - */ -#define PH_PROTO_7816_TIMEOUT_RETRY_COUNT 1 -/*! - * \brief 7816-3 to represent magic number zero - */ -#define PH_PROTO_7816_VALUE_ZERO 0x00 -/*! - * \brief 7816-3 to represent magic number one - */ -#define PH_PROTO_7816_VALUE_ONE 0x01 -/*! - * \brief 7816-3 for max retry for CRC error - */ -#define MAX_RNACK_RETRY_LIMIT 0x02 -/*! - * \brief 7816-3 S-block chip reset mask - */ -#if defined(T1oI2C_UM11225) -#define PH_PROTO_7816_S_CHIP_RST 0x06 -#elif defined(T1oI2C_GP1_0) -#define PH_PROTO_7816_S_COLD_RST 0x1E -#endif -/*! - * \brief 7816-3 S-block get atr mask - */ -#define PH_PROTO_7816_S_GET_ATR 0x07 -/*! - * \brief 7816-3 S-block software reset mask - */ -#define PH_PROTO_7816_S_SWR 0x0F -/*! - * \brief 7816-3 S-block release cmd mask - */ -#define PH_PROTO_7816_S_RELEASE 0x06 -/*! - * \brief 7816-3 S-block get CIP cmd mask - */ -#define PH_PROTO_7816_S_GET_CIP 0x04 - -/* T=1 protocol Block format for T1oI2C UM11225_SE050 - ___________________________________________________________________________________________________ -| Prologue Filed (Mandatory) | Information Field (Optional)| Epilogue Filed (Mandatory) | -|________________________________________|_____________________________|____________________________| -|NAD(1 byte) | PCB(1 byte) | LEN(1 byte) | INF(LEN bytes) | CRC(2 bytes) | | -|____________|_____________|_____________|_____________________________|____________________________| | -*/ - -/* T=1 protocol Block format for T1oI2C GP - ___________________________________________________________________________________________________ -| Prologue Filed (Mandatory) | Information Field (Optional)| Epilogue Filed (Mandatory) | -|________________________________________|_____________________________|____________________________| -|NAD(1 byte) | PCB(1 byte) | LEN(2 byte) | INF(LEN bytes) | CRC(2 bytes) | | -|____________|_____________|_____________|_____________________________|____________________________| | -*/ - -#define PH_PROPTO_7816_NAD_OFFSET 0 -#define PH_PROPTO_7816_PCB_OFFSET 1 -#define PH_PROPTO_7816_LEN_UPPER_OFFSET 2 -#define PH_PROPTO_7816_LEN_LOWER_OFFSET 3 /* for GP lower byte will be a part of T=1 protocol frame*/ -#define PH_PROPTO_7816_INF_BYTE_OFFSET (PH_PROTO_7816_HEADER_LEN) - - - -/*! - * \brief Start of frame marker - * \ communication Direction NAD value - * \ SE host to SE 0x5A - * \ SE to SE host 0xA5 - * \ eUICC host to Euicc 0x4B - * \ eUICC to eUICC host 0xB4 - */ -#define SEND_PACKET_SOF 0x5A -/*! - * \Retrieve Information Filed from 7816-3 T=1 protocol frame - * NAD -1 byte - * PCB -1 byte - * LEN -(1 or 3 bytes for UM11225_SE050) & (2 bytes for GP) - * CRC16 -2 bytes - */ -#define PH_PROTO_7816_INF_FILED (PH_PROTO_7816_HEADER_LEN + PH_PROTO_7816_CRC_LEN) -/* - * APIs exposed from the 7816-3 protocol layer - */ - -#if defined(T1oI2C_UM11225) -bool_t phNxpEseProto7816_IntfReset(void* conn_ctx, phNxpEse_data *AtrRsp); -bool_t phNxpEseProto7816_GetAtr(void* conn_ctx, phNxpEse_data *pRsp); -bool_t phNxpEseProto7816_ChipReset(void* conn_ctx); -#endif -bool_t phNxpEseProto7816_Close(void* conn_ctx); -bool_t phNxpEseProto7816_Open(void* conn_ctx, phNxpEseProto7816InitParam_t initParam , phNxpEse_data *AtrRsp); -bool_t phNxpEseProto7816_Transceive(void* conn_ctx, phNxpEse_data *pCmd, phNxpEse_data *pRsp); -bool_t phNxpEseProto7816_Reset(void); -bool_t phNxpEseProto7816_SetIfscSize(uint16_t IFSC_Size); -bool_t phNxpEseProto7816_ResetProtoParams(void); -#if defined(T1oI2C_GP1_0) -bool_t phNxpEseProto7816_SoftReset(void* conn_ctx); -bool_t phNxpEseProto7816_GetCip(void* conn_ctx, phNxpEse_data *pRsp); -bool_t phNxpEseProto7816_ColdReset(void* conn_ctx); -#endif -uint8_t getMaxSupportedSendIFrameSize(void); -/** @} */ -#endif /* _PHNXPESEPROTO7816_3_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Api.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Api.h deleted file mode 100644 index 6b8e2025b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Api.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * - * \brief ESE Lib layer interface to application - * @{ */ - -#ifndef _PHNXPESE_API_H_ -#define _PHNXPESE_API_H_ - -#include -#include -#include -#include "smComT1oI2C.h" - -#include "phEseStatus.h" - -/** - * - * \brief Ese data buffer - * - */ -typedef struct phNxpEse_data -{ - uint32_t len; /*!< length of the buffer */ - uint8_t *p_data; /*!< pointer to a buffer */ -} phNxpEse_data; - - -/** - * - * \brief Ese library init parameters to be set while calling phNxpEse_init - * - */ -typedef struct phNxpEse_initParams -{ - phNxpEse_initMode initMode; /*!< Ese communication mode */ -} phNxpEse_initParams; - - -ESESTATUS phNxpEse_init(void *conn_ctx, phNxpEse_initParams initParams, phNxpEse_data *AtrRsp); -ESESTATUS phNxpEse_open(void **conn_ctx, phNxpEse_initParams initParams, const char *pConnString); -ESESTATUS phNxpEse_Transceive(void* conn_ctx, phNxpEse_data *pCmd, phNxpEse_data *pRsp); -ESESTATUS phNxpEse_deInit(void* conn_ctx); -ESESTATUS phNxpEse_close(void* conn_ctx); -ESESTATUS phNxpEse_reset(void* conn_ctx); -ESESTATUS phNxpEse_chipReset(void* conn_ctx); -ESESTATUS phNxpEse_setIfsc(uint16_t IFSC_Size); -ESESTATUS phNxpEse_EndOfApdu(void* conn_ctx); -void* phNxpEse_memset(void *buff, int val, size_t len); -void* phNxpEse_memcpy(void *dest, const void *src, size_t len); -void *phNxpEse_memalloc(uint32_t size); -void phNxpEse_free(void* ptr); -ESESTATUS phNxpEse_getAtr(void* conn_ctx, phNxpEse_data *pRsp); -ESESTATUS phNxpEse_getCip(void* conn_ctx, phNxpEse_data *pRsp); -/** @} */ -#endif /* _PHNXPESE_API_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Internal.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Internal.h deleted file mode 100644 index cea3c0c4b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C/phNxpEse_Internal.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef _PHNXPESE_INTERNAL_H_ -#define _PHNXPESE_INTERNAL_H_ - -#include -#include - -#ifdef T1oI2C_UM1225_SE050 -/* MW version 02.13.00 onwards */ -# error Do not define T1oI2C_UM1225_SE050, define T1oI2C_UM11225 instead. -#endif - -/********************* Definitions and structures *****************************/ - -typedef enum -{ - ESE_STATUS_CLOSE = 0x00, - ESE_STATUS_BUSY, - ESE_STATUS_RECOVERY, - ESE_STATUS_IDLE, - ESE_STATUS_OPEN, -} phNxpEse_LibStatus; - -/* I2C Control structure */ -typedef struct phNxpEse_Context -{ - phNxpEse_LibStatus EseLibStatus; /* Indicate if Ese Lib is open or closed */ - void *pDevHandle; - - uint8_t p_read_buff[MAX_DATA_LEN]; - uint16_t cmd_len; - uint8_t p_cmd_data[MAX_DATA_LEN]; - phNxpEse_initParams initParams; -} phNxpEse_Context_t; - - -ESESTATUS phNxpEse_WriteFrame(void* conn_ctx, uint32_t data_len, const uint8_t *p_data); -ESESTATUS phNxpEse_read(void* conn_ctx, uint32_t *data_len, uint8_t **pp_data); -void phNxpEse_clearReadBuffer(void* conn_ctx); - -#endif /* _PHNXPESE_INTERNAL_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/apduComm.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/apduComm.h deleted file mode 100644 index b87c5d400..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/apduComm.h +++ /dev/null @@ -1,65 +0,0 @@ -/* - * - * Copyright 2016 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef _APDUCOMM_H_ -#define _APDUCOMM_H_ - -#include "sm_types.h" -/// @cond -#define APDU_OFFSET_CLA (0) -#define APDU_OFFSET_INS (1) -#define APDU_OFFSET_P1 (2) -#define APDU_OFFSET_P2 (3) -/// @endcond -#define APDU_OFFSET_LC (4) //!< Zero index based offset into the APDU of the LC field. - -/** - * Contains APDU exchanged between Host and Secure Modulde. - */ -typedef struct -{ - U8 cla; - U8 ins; - U8 p1; - U8 p2; - U8* pBuf; - U16 buflen; - U16 rxlen; - U8 extendedLength; - U8 hasData; - U16 lc; - U8 lcLength; - U8 hasLe; - U16 le; - U8 leLength; - U16 offset; - -#ifdef TGT_A71CL - U8 txHasChkSum; - U16 txChkSum; - U16 txChkSumLength; - U8 rxHasChkSum; - U16 rxChkSum; - U16 rxChkSumLength; -#endif - -} apdu_t; - -/** - * Contains APDU TxRx case as described in ISO/IEC FDIS 7816-3 spec. - */ -typedef enum -{ - APDU_TXRX_CASE_1 = 0x00, - APDU_TXRX_CASE_2 = 0x01, - APDU_TXRX_CASE_2E = 0x02, - APDU_TXRX_CASE_3 = 0x03, - APDU_TXRX_CASE_3E = 0x04, - APDU_TXRX_CASE_4 = 0x05, - APDU_TXRX_CASE_4E = 0x06, - APDU_TXRX_CASE_INVALID = 0xFF, -} apduTxRx_case_t; -#endif //_APDUCOMM_H_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smCom.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smCom.h deleted file mode 100644 index 797d5b1a0..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smCom.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * - * Copyright 2016-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @par Description - * Interface of installable communication layer to exchange APDU's between Host and Secure Module. - */ - -#ifndef _SCCOM_H_ -#define _SCCOM_H_ - -#include "sm_types.h" -#include "apduComm.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define SMCOM_OK 0x9000 //!< Communication successful -#define SMCOM_SND_FAILED 0x7010 //!< Communication failed while sending data -#define SMCOM_RCV_FAILED 0x7011 //!< Communication failed while receiving data -#define SMCOM_COM_FAILED 0x7012 //!< Cannot open communication link with ax device -#define SMCOM_PROTOCOL_FAILED 0x7013 //!< APDU exchange protocol failed to be established successfully -#define SMCOM_NO_ATR 0x7014 //!< No ATR can be retrieved -#define SMCOM_NO_PRIOR_INIT 0x7015 //!< The callbacks doing the actual transfer have not been installed -#define SMCOM_COM_ALREADY_OPEN 0x7016 //!< Communication link is already open with device -#define SMCOM_COM_INIT_FAILED 0x7017 //!< Communication init failed - - -/* ------------------------------------------------------------------------- */ -typedef U32 (*ApduTransceiveFunction_t) (void* conn_ctx, apdu_t * pAdpu); -typedef U32 (*ApduTransceiveRawFunction_t) (void* conn_ctx, U8 * pTx, U16 txLen, U8 * pRx, U32 * pRxLen); - -U16 smCom_Init(ApduTransceiveFunction_t pTransceive, ApduTransceiveRawFunction_t pTransceiveRaw); -void smCom_DeInit(void); -U32 smCom_Transceive(void *conn_ctx, apdu_t *pApdu); -U32 smCom_TransceiveRaw(void *conn_ctx, U8 *pTx, U16 txLen, U8 *pRx, U32 *pRxLen); - -#if defined(SMCOM_JRCP_V2) -void smCom_Echo(void *conn_ctx, const char *comp, const char *level, const char *buffer); -#endif - -#ifdef __cplusplus -} -#endif -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smComT1oI2C.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smComT1oI2C.h deleted file mode 100644 index 6def7131b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/smComT1oI2C.h +++ /dev/null @@ -1,71 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @par Description - * This file provides the API of the SmCom T1oI2C communication layer. - * - *****************************************************************************/ - -#ifndef _SMCOMT1OI2C_H_ -#define _SMCOMT1OI2C_H_ - -#include "smCom.h" - -/** - * \ingroup spi_libese - * \brief Ese Channel mode - * - */ -typedef enum -{ - ESE_MODE_NORMAL = 0, /*!< All wired transaction other OSU */ - ESE_MODE_OSU /*!< Jcop Os update mode */ -} phNxpEse_initMode; - -#if defined(__cplusplus) -extern "C" { -#endif - -/** - * closes the T=1 o I2C communication layer. - * @param conn_ctx connection context - * @param mode Ese Communication mode either - * ESE_MODE_NORMAL: All wired transaction other OSU or - * ESE_MODE_OSU :Jcop Os update mode - * @return - */ -U16 smComT1oI2C_Close(void *conn_ctx, U8 mode); - -/** - * @param conn_ctx connection context - * Reset the T=1 o protocol instance. - * @return - */ -U16 smComT1oI2C_ComReset(void *conn_ctx); - -/** - * Initializes or resumes the T=1 o I2C communication layer. - * @param conn_ctx IN: connection context - * @param mode Ese Communication mode either ESE_MODE_NORMAL: All wired transaction other OSU or ESE_MODE_OSU :Jcop Os update mode - * @param T1oI2Catr IN: Pointer to buffer to contain SCI2C_ATR value - * @param T1oI2CatrLen IN: Size of buffer provided; OUT: Actual length of atr retrieved - * @return - */ -U16 smComT1oI2C_Open(void *conn_ctx, U8 mode, U8 seqCnt, U8 *T1oI2Catr, U16 *T1oI2CatrLen); - -/** -* Open I2C device. -* @param conn_ctx IN: pointer connection context -* @param pConnParam IN: I2C address -* @return -*/ -U16 smComT1oI2C_Init(void **conn_ctx, const char *pConnString); - -#if defined(__cplusplus) -} -#endif -#endif /* _SMCOMT1OI2C_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/i2c_a7.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/i2c_a7.h deleted file mode 100644 index dc1b72086..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/i2c_a7.h +++ /dev/null @@ -1,160 +0,0 @@ -/* - * - * Copyright 2017-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @par Description - * - * I2C API used by SCI2C & T=1 over I2C protocol implementation. - * - * - SCIIC / SCI2C is the protocol used by A71CH / A71CL family of secure elements. - * - * - T=1 over I2C is the protocol used by SE050 family of secure elements. - * - * - T=1 over I2C with GP is the protocol used by other secure elements. - * - * These APIs are to be implemented when porting the Middleware stack to a new - * host platform. - * - * @note Few APIs are only required for the SCI2C protocol and few are only - * needed for T=1 over I2C Protocol. They are marked by the defines - * ``SCI2C`` , ``T1oI2C`` and ``T1oI2C_GP1_0`` - * - * # Convention of the APIs. - * - * - * APIs for which a buffer is input. e.g.:: - * - * i2c_error_t axI2CWrite(unsigned char bus, unsigned char addr, - * unsigned char * pTx, unsigned short txLen); - * - * - * In the above case :samp:`pTx` is a buffer input. It is assumed that - * the lengh as set in :samp:`txLen` is same as that pointed to by - * :samp:`pTx`. This parameter is used as is and any mistake by the - * calling/implemented API will have unpredictable errors. - * - * - * APIs for which a buffer is output. e.g.:: - * - * i2c_error_t axI2CWriteRead(unsigned char bus, - * unsigned char addr, - * unsigned char *pTx, - * unsigned short txLen, - * unsigned char *pRx, - * unsigned short *pRxLen); - * - * - * In the above case :samp:`pRx` is a buffer output and :samp:`pRxLen` - * is both input and output. It is assumed that the lengh as set in - * :samp:`pRxLen` is set to the maximum as available to the pointer - * pointed by :samp:`pRx`. This parameter is used as is and any mistake - * by the calling/implemented API will have unpredictable errors. - * - * @par History - * - **/ - -#ifndef _I2C_A7_H -#define _I2C_A7_H - -#include "sm_types.h" - -#define SCI2C_T_CMDG 180 //!< Minimum delay between stop of Wakeup command and start of subsequent command (Value in micro seconds) - -#define I2C_IDLE 0 -#define I2C_STARTED 1 -#define I2C_RESTARTED 2 -#define I2C_REPEATED_START 3 -#define DATA_ACK 4 -#define DATA_NACK 5 -#define I2C_BUSY 6 -#define I2C_NO_DATA 7 -#define I2C_NACK_ON_ADDRESS 8 -#define I2C_NACK_ON_DATA 9 -#define I2C_ARBITRATION_LOST 10 -#define I2C_TIME_OUT 11 -#define I2C_OK 12 -#define I2C_FAILED 13 - -typedef unsigned int i2c_error_t; -#define I2C_BUS_0 (0) - -#if defined(__cplusplus) -extern "C"{ -#endif -/** Initialize the I2C platform HW/Driver*/ - -/* MAX data supported by respective protocol in single read/write*/ -#if defined(SCI2C) -#define MAX_DATA_LEN 270 -#elif defined(T1oI2C) -#define MAX_DATA_LEN 260 -#endif - - -i2c_error_t axI2CInit(void **conn_ctx, const char *pDevName); - -/** Terminate / de-initialize the I2C platform HW/Driver - * - * - * @param[in] connection context. - * @param[in] mode Can be either 0 or 1. - * - * Where applicable, and implemented a value of 0 corresponds - * to a 'light-weight' terminate. - * - * In genral, this is not used for most of the porting - * platforms and use cases. - * - * - */ -void axI2CTerm(void* conn_ctx, int mode); - -#if AX_EMBEDDED -/** Smarter handling of back off logic - * - * When we get a NAK from SE, we back off and keep on increasing the delay for next I2C Read/Write. - * - * When we get an ACK from SE, we reset this back off delay. - */ -void axI2CResetBackoffDelay( void ); -#endif /* FREEDOM */ - -#if defined(SCI2C) /* Means SCI2C SCIIC */ -/** Write a byte. - * - * Needed only for SCI2C */ -i2c_error_t axI2CWriteByte(void* conn_ctx, unsigned char bus, unsigned char addr, unsigned char * pTx); -/** Write and read only after an ACK. - * - * Needed only for SCI2C */ -i2c_error_t axI2CWriteRead(void* conn_ctx, - unsigned char bus, - unsigned char addr, - unsigned char *pTx, - unsigned short txLen, - unsigned char *pRx, - unsigned short *pRxLen); -#endif - -#if defined(SCI2C) /* Means SCI2C SCIIC */ || defined(T1oI2C) -/** Write a frame. - * - * Needed for SCI2C and T=1 over I2C */ -i2c_error_t axI2CWrite(void* conn_ctx, unsigned char bus, unsigned char addr, unsigned char * pTx, unsigned short txLen); -#endif - -#ifdef T1oI2C -/** Read a byte. - * - * Needed only for T=1 over I2C */ -i2c_error_t axI2CRead(void* conn_ctx, unsigned char bus, unsigned char addr, unsigned char * pRx, unsigned short rxLen); -#endif /* T1oI2C */ -#if defined(__cplusplus) -} -#endif - -#endif // _I2C_A7_H diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/se05x_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/se05x_apis.h deleted file mode 100644 index 1c1da67dd..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/se05x_apis.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - * - * Copyright 2018-2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef _SE05X_API_H -#define _SE05X_API_H - -/* - * Define Reset logic for reset pin on SE - * Active high for SE050 - */ -#define SE_RESET_LOGIC 1 - -void se05x_ic_reset(void); -void se05x_ic_power_on(void); -void se05x_ic_power_off(void); - -#endif // _SE05X_API_H diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_printf.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_printf.h deleted file mode 100644 index eabfb652a..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_printf.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * - * Copyright 2016-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef _SM_PRINTF_H_ -#define _SM_PRINTF_H_ -#include -#include -#include "sm_types.h" -#ifdef __cplusplus -extern "C" { -#endif - - -#if AX_EMBEDDED \ - && (!defined (__MBED__)) -# include "fsl_debug_console.h" -#else -# define PRINTF printf -# define SCANF scanf -# define PUTCHAR putchar -# define GETCHAR getchar -#endif - -#define CONSOLE (0x01) -#define MEMORY (0x02) -#define LOGFILE (0x04) -#define DBGOUT_ALL (CONSOLE|MEMORY|LOGFILE) - -#define DBGOUT CONSOLE - -void sm_printf(unsigned char dev, const char * format, ...); -void AssertZeroAllocation(void); - -#ifdef __cplusplus -} -#endif -#endif // _SM_PRINTF_H_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_timer.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_timer.h deleted file mode 100644 index 72c351264..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc/sm_timer.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * - * Copyright 2016 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef _SM_TIMER_H_ -#define _SM_TIMER_H_ - -#include -#ifdef __gnu_linux__ -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* Change this value to tick rate used by the controller */ -#define TICK_RATE_HZ 1000 -#define MS_TO_TICKS(msec) (( (msec) * (TICK_RATE_HZ) ) / (1000)) - -/* function used for delay loops */ -uint32_t sm_initSleep(void); -void sm_sleep(uint32_t msec); -void sm_usleep(uint32_t microsec); - -#ifdef __cplusplus -} -#endif -#endif // _SM_TIMER_H_ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_apis.h deleted file mode 100644 index 02ce2e318..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_apis.h +++ /dev/null @@ -1,1207 +0,0 @@ -/* - * - * Copyright 2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#if SSS_HAVE_SE05X_VER_GTE_06_00 -/* OK */ -#else -#error "Only with SE051 based build" -#endif - -/** Se05x_API_AeadOneShot - * - * Authenticated encryption or decryption with associated data in one shot mode. - * - * The key object must be either an AES key or DES key. - * - * The AEADOneShot command returns the computed GMAC (when P2 equals - * P2_ENCRYPT_ONESHOT) or indicates whether the GMAC is correct (when P2 equals - * P2_DECRYPT_ONESHOT). The length of the GMAC is always 16 bytes when P2 equals - * P2_ENCRYPT_ONESHOT. - * - * When P2 equals P2_DECRYPT_ONESHOT: - * - * * the minimum tag length to pass is 4 bytes. - * - * * when the GMAC tag is not correct, only the result will be returned, no output data will be present. - * - * Note: on applet v4.4.0, the maximum lengths are not yet enforced and might - * differ from the values listed in the C-APDU. - * - * # Command to Applet - * - * @rst - * +---------+---------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+===========================+================================================+ - * | CLA | 0x80 | | - * +---------+---------------------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+---------------------------+------------------------------------------------+ - * | P1 | P1_AEAD or P1_AEAD_INT_IV | See :cpp:type:`SE05x_P1_t` | - * +---------+---------------------------+------------------------------------------------+ - * | P2 | P2_ENCRYPT_ONESHOT or | See :cpp:type:`SE05x_P2_t` | - * | | P2_DECRYPT_ONESHOT | | - * +---------+---------------------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+---------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the AESKey Secure object. | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 1-byte AEADMode | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing input data. Maximum | - * | | | length = 256 bytes. [Optional] | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_4] | Byte array containing Additional Authenticated | - * | | | Data. Maximum length = 64 bytes. [Optional] | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_5] | Byte array containing an initialization vector | - * | | | (if P1 equals P1_AEAD) or 2-byte value | - * | | | containing the initialization vector length | - * | | | (if P1 equals P1_AEAD_SP800_108). Maximum IV | - * | | | length = 60 bytes. [Optional] | - * | | | [Conditional: required when P1 equals | - * | | | P1_AEAD_INT_IV] | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_6] | Byte array containing the GMAC tag to verify. | - * | | | [Conditional: when P2 equals | - * | | | P2_DECRYPT_ONESHOT] | - * +---------+---------------------------+------------------------------------------------+ - * | Le | 0x00 | Expecting return data. | - * +---------+---------------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------------------------+ - * | Value | Description | - * +============+==============================================+ - * | TLV[TAG_1] | Byte array containing output data. | - * +------------+----------------------------------------------+ - * | TLV[TAG_2] | Byte array containing tag (if P2 = | - * | | P2_ENCRYPT_ONESHOT) or byte array containing | - * | | Result (if P2 = P2_DECRYPT_ONESHOT) | - * +------------+----------------------------------------------+ - * | TLV[TAG_3] | Byte array containing the initialization | - * | | vector (if P1 = P1_AEAD_INT_IV and P2 = | - * | | P2_ENCRYPT_ONESHOT). | - * +------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] cipherMode The cipher mode - * @param[in] inputData The input data - * @param[in] inputDataLen The input data length - * @param[in] aad The aad - * @param[in] aadLen The aad length - * @param[in] IV The iv - * @param[in] IVLen The iv length - * @param tagData The tag data - * @param tagDataLen The tag data length - * @param outputData The output data - * @param poutputDataLen The poutput data length - * @param[in] operation The operation - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadOneShot(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CipherMode_t cipherMode, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *IV, - size_t IVLen, - uint8_t *tagData, - size_t *tagDataLen, - uint8_t *outputData, - size_t *poutputDataLen, - const SE05x_Cipher_Oper_OneShot_t operation); - -/** Se05x_API_AeadInit - * - * Initialize an authentication encryption or decryption with associated data. - * The Crypto Object keeps the state of the AEAD operation until it's finalized - * or deleted. Once the AEADFinal function is executed successfully, the Crypto - * Object state returns to the state immediately after the previous AEADInit - * function. - * - * When P1 equals P1_AEAD_INT_IV and P2 equals P1_ENCRYPT, TLV[TAG_5] must - * includes the length of the initialization vector. In that case, the - * initialization vector is generated internally and passed back in the response - * command. When the device is in FIPS mode (see FIPS Compliance), P1 equal to - * P1_AEAD will result in SW_CONDITIONS_NOT_SATISFIED. - * - * # Command to Applet - * - * @rst - * +---------+---------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+===========================+================================================+ - * | CLA | 0x80 | | - * +---------+---------------------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+---------------------------+------------------------------------------------+ - * | P1 | P1_AEAD or P1_AEAD_INT_IV | See :cpp:type:`SE05x_P1_t` | - * +---------+---------------------------+------------------------------------------------+ - * | P2 | P2_ENCRYPT or P2_DECRYPT | See :cpp:type:`SE05x_P2_t` | - * +---------+---------------------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+---------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the AESKey Secure object. | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +---------+---------------------------+------------------------------------------------+ - * | | TLV[TAG_5] | Byte array containing the initialization | - * | | | vector (if P1 equals P1_AEAD or P1 equals | - * | | | P1_AEAD and P2 equals P2_DECRYPT) or 2-byte | - * | | | value containing the initialization vector | - * | | | length (if P1 equals P1_AEAD_INT_IV and P2 | - * | | | equals P2_ENCRYPT) [Optional] | - * | | | [Conditional: required when P1 equals | - * | | | P1_AEAD_INT_IV and P2 equals P2_ENCRYPT] | - * +---------+---------------------------+------------------------------------------------+ - * | Le | - | | - * +---------+---------------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------------------------+ - * | Value | Description | - * +============+===============================================+ - * | TLV[TAG_3] | Byte array containing the used initialization | - * | | vector. It remains valid until deselect, | - * | | AEADInit, AEADFinal or AEADOneShot is called. | - * | | [Conditional: Only when P1 equals | - * | | P1_AEAD_INT_IV and P2 equals P2_ENCRYPT] | - * +------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] cryptoObjectID The crypto object id - * @param[in] pIV { parameter_description } - * @param[in] IVLen The iv length - * @param[in] operation The operation - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CipherMode_t cipherMode, - SE05x_CryptoObjectID_t cryptoObjectID, - uint8_t *pIV, - size_t IVLen, - const SE05x_Cipher_Oper_t operation); - -/** Se05x_API_AeadCCMInit - * - * Initialize an authentication encryption or decryption with associated data. - * The Crypto Object keeps the state of the AEAD operation until it's finalized - * or deleted. Once the AEADFinal function is executed successfully, the Crypto - * Object state returns to the state immediately after the previous AEADInit - * function.AEAD in CCM mode. - * - * # Command to Applet - * - * @rst - * +---------+--------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+==========================+================================================+ - * | CLA | 0x80 | | - * +---------+--------------------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+--------------------------+------------------------------------------------+ - * | P1 | P1_AEAD | See :cpp:type:`SE05x_P1_t` | - * +---------+--------------------------+------------------------------------------------+ - * | P2 | P2_ENCRYPT or P2_DECRYPT | See :cpp:type:`SE05x_P2_t` | - * +---------+--------------------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+--------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the AESKey Secure object. | - * +---------+--------------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +---------+--------------------------+------------------------------------------------+ - * | | TLV[TAG_5] | Byte array containing the initialization | - * | | | vector [12 bytes until 60 bytes] or a 2-byte | - * | | | value containing the initialization vector | - * | | | length, depending on the AEADMode of the | - * | | | Crypto Object. | - * +---------+--------------------------+------------------------------------------------+ - * | | TLV[TAG_6] | Byte array containing 2-byte AAD length. | - * | | | [Conditional: needed if AEADMode equals | - * | | | AES_CCM] | - * +---------+--------------------------+------------------------------------------------+ - * | | TLV[TAG_7] | Byte array containing 2-byte message length. | - * | | | [Conditional: needed if AEADMode equals | - * | | | AES_CCM] | - * +---------+--------------------------+------------------------------------------------+ - * | | TLV[TAG_8] | Byte array containing 2-byte tag size. | - * | | | [Conditional: needed if AEADMode equals | - * | | | AES_CCM]. | - * +---------+--------------------------+------------------------------------------------+ - * | Le | - | | - * +---------+--------------------------+------------------------------------------------+ - * @endrst - * - * - * # R-APDU Body - * NA - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] cryptoObjectID The crypto object id - * @param[in] pIV { parameter_description } - * @param[in] IVLen The iv length - * @param[in] aadLen The aad length - * @param[in] payloadLen The payloadLen length - * @param[in] tagLen The tag length - * @param[in] operation The operation - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadCCMInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *pIV, - size_t IVLen, - size_t aadLen, - size_t payloadLen, - size_t tagLen, - const SE05x_Cipher_Oper_t operation); - -/** - * @brief Se05x_API_AeadCCMLastUpdate - * - * # Command to Applet - * - * @rst - * +------------+---------------+------------------------------------------------+ - * | Field | Value | Description | - * +============+===============+================================================+ - * | CLA | 0x80 | | - * +------------+---------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+---------------+------------------------------------------------+ - * | P1 | P1_AEAD | See :cpp:type:`SE05x_P1_t` | - * +------------+---------------+------------------------------------------------+ - * | P2 | P2_UPDATE | See :cpp:type:`SE05x_P2_t` | - * +------------+---------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +------------+---------------+------------------------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+---------------+------------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing input data | - * | | | [Conditional: only when | - * | | | TLV[TAG_4] is not present] | - * | | | [Optional] | - * +------------+---------------+------------------------------------------------+ - * | Le | 0x00 | Expecting returned data. | - * +------------+---------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * NA - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * - * - * @param[in] session_ctx The session context - * @param[in] cryptoObjectID The crypto object id - * @param[in] pInputData The input data - * @param[in] inputDataLen The input data length - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadCCMLastUpdate( - pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID, const uint8_t *pInputData, size_t inputDataLen); - -/** Se05x_API_AeadCCMFinal - * - * Finish a sequence of AES_CCM AEAD operations. - * - * # Command to Applet - * - * @rst - * +------------+----------------------------------+---------------------------------+ - * | Field | Value | Description | - * +============+==================================+=================================+ - * | CLA | 0x80 | | - * +------------+----------------------------------+---------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+----------------------------------+---------------------------------+ - * | P1 | P1_AEAD | See :cpp:type:`SE05x_P1_t` | - * +------------+----------------------------------+---------------------------------+ - * | P2 | P2_FINAL | See :cpp:type:`SE05x_P2_t` | - * +------------+----------------------------------+---------------------------------+ - * | Lc | #(Payload) | | - * +------------+----------------------------------+---------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+----------------------------------+---------------------------------+ - * | TLV[TAG_6] | Byte array containing tag to | | - * | | verify [Conditional] When the | | - * | | mode is decrypt and verify (i.e. | | - * | | AEADInit has been called with | | - * | | P2 = P2_DECRYPT). | | - * +------------+----------------------------------+---------------------------------+ - * | Le | 0x00 | Expected returned data. | - * +------------+----------------------------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_1] | Output data | - * | | | - * +------------+------------------------------------------------+ - * | TLV[TAG_2] | Byte array containing tag (if P2 = P2_ENCRYPT) | - * | | or byte array containing Result (if P2 = | - * | | P2_DECRYPT) | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] cryptoObjectID The crypto object id - * @param[out] pOutputData The output data - * @param[out] pOutputLen The output length - * @param tag The tag - * @param tagLen The tag length - * @param[in] operation The operation - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadCCMFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - uint8_t *pOutputData, - size_t *pOutputLen, - uint8_t *pTag, - size_t *pTagLen, - const SE05x_Cipher_Oper_t operation); - -/** Se05x_API_AeadUpdate_aad - * - * Update a Crypto Object of type CC_AEAD. - * - * The user either needs to send input data or Additional Authenticated Data - * (AAD), but not both at once. - * - * # Command to Applet - * - * @rst - * +------------+----------------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +============+==================================+================================================+ - * | CLA | 0x80 | | - * +------------+----------------------------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+----------------------------------+------------------------------------------------+ - * | P1 | P1_AEAD | See :cpp:type:`SE05x_P1_t` | - * +------------+----------------------------------+------------------------------------------------+ - * | P2 | P2_UPDATE | See :cpp:type:`SE05x_P2_t` | - * +------------+----------------------------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +------------+----------------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+----------------------------------+------------------------------------------------+ - * | | TLV[TAG_4] | Byte array containing Additional Authenticated | - * | | | Data. [Conditional: only when TLV[TAG_3] is | - * | | | not present] [Optional] | - * +------------+----------------------------------+------------------------------------------------+ - * | Le | 0x00 | Expecting returned data. | - * +------------+----------------------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] cryptoObjectID The crypto object id - * @param[in] pAadData The aad data - * @param[in] aadDataLen The aad data length - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadUpdate_aad( - pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID, const uint8_t *pAadData, size_t aadDataLen); - -/** - * @brief Se05x_API_AeadUpdate - * - * # Command to Applet - * - * @rst - * +------------+---------------+------------------------------------------------+ - * | Field | Value | Description | - * +============+===============+================================================+ - * | CLA | 0x80 | | - * +------------+---------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+---------------+------------------------------------------------+ - * | P1 | P1_AEAD | See :cpp:type:`SE05x_P1_t` | - * +------------+---------------+------------------------------------------------+ - * | P2 | P2_UPDATE | See :cpp:type:`SE05x_P2_t` | - * +------------+---------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +------------+---------------+------------------------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+---------------+------------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing input data | - * | | | [Conditional: only when | - * | | | TLV[TAG_4] is not present] | - * | | | [Optional] | - * +------------+---------------+------------------------------------------------+ - * | Le | 0x00 | Expecting returned data. | - * +------------+---------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+---------------------------------------+ - * | Value | Description | - * +============+=======================================+ - * | TLV[TAG_1] | Output data [Conditional: only when | - * | | TLV[TAG_3] is passed as input] | - * +------------+---------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * - * - * @param[in] session_ctx The session context - * @param[in] cryptoObjectID The crypto object id - * @param[in] pInputData The input data - * @param[in] inputDataLen The input data length - * @param pOutputData The output data - * @param pOutputLen The output length - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadUpdate(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *pInputData, - size_t inputDataLen, - uint8_t *pOutputData, - size_t *pOutputLen); - -/** Se05x_API_AeadFinal - * - * Finish a sequence of AEAD operations. The AEADFinal command provides the - * computed GMAC or indicates whether the GMAC is correct depending on the P2 - * parameters passed during AEADInit. The length of the GMAC is always 16 bytes - * when P2 equals P2_ENCRYPT. When P2 equals P2_DECRYPT, the minimum tag length - * to pass is 4 bytes. - * - * # Command to Applet - * - * @rst - * +------------+----------------------------------+---------------------------------+ - * | Field | Value | Description | - * +============+==================================+=================================+ - * | CLA | 0x80 | | - * +------------+----------------------------------+---------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+----------------------------------+---------------------------------+ - * | P1 | P1_AEAD | See :cpp:type:`SE05x_P1_t` | - * +------------+----------------------------------+---------------------------------+ - * | P2 | P2_FINAL | See :cpp:type:`SE05x_P2_t` | - * +------------+----------------------------------+---------------------------------+ - * | Lc | #(Payload) | | - * +------------+----------------------------------+---------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+----------------------------------+---------------------------------+ - * | TLV[TAG_6] | Byte array containing tag to | | - * | | verify [Conditional] When the | | - * | | mode is decrypt and verify (i.e. | | - * | | AEADInit has been called with | | - * | | P2 = P2_DECRYPT). | | - * +------------+----------------------------------+---------------------------------+ - * | Le | 0x00 | Expected returned data. | - * +------------+----------------------------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_2] | Byte array containing tag (if P2 = P2_ENCRYPT) | - * | | or byte array containing Result (if P2 = | - * | | P2_DECRYPT) | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] cryptoObjectID The crypto object id - * @param tag The tag - * @param tagLen The tag length - * @param[in] operation The operation - * - * @return The sm status. - */ -smStatus_t Se05x_API_AeadFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - uint8_t *tag, - size_t *tagLen, - const SE05x_Cipher_Oper_t operation); - -/** Se05x_API_DisableObjCreation - * - * - * # Command to Applet - * - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] lockIndicator [1:kSE05x_TAG_1] - * @param[in] restrictMode [2:kSE05x_TAG_2] - */ -smStatus_t Se05x_API_DisableObjCreation( - pSe05xSession_t session_ctx, SE05x_LockIndicator_t lockIndicator, SE05x_RestrictMode_t restrictMode); - -/** Se05x_API_ReadObjectAttributes - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[out] data [0:kSE05x_TAG_2] - * @param[in,out] pdataLen Length for data - */ -smStatus_t Se05x_API_ReadObjectAttributes( - pSe05xSession_t session_ctx, uint32_t objectID, uint8_t *data, size_t *pdataLen); - -/** Se05x_API_TriggerSelfTest - * - * Trigger a system health check for the system. When calling this command, a self-test is - * triggered in the operating system. When the test fails, the device might not respond with - * a R-APDU as the chip is reset. - * If HealthCheckMode is set to HCM_FIPS, the test will only work if the device is running in - * FIPS approved mode of operation. - * - * # Command to Applet - * - * - * @rst - * +------------+---------------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +============+=================================+================================================+ - * | CLA | 0x80 | | - * +------------+---------------------------------+------------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t`. In addition to | - * | | | INS_CRYPTO, users can set the INS_ATTEST | - * | | | flag. In that case, attestation applies. | - * +------------+---------------------------------+------------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +------------+---------------------------------+------------------------------------------------+ - * | P2 | P2_SANITY | See :cpp:type:`SE05x_P2_t` | - * +------------+---------------------------------+------------------------------------------------+ - * | Lc | #(Payload) | Payload length | - * +------------+---------------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_1] | 2-byte value from HealthCheckMode | - * +------------+---------------------------------+------------------------------------------------+ - * | Le | 0x00 | 2-byte response + attested data (if INS_ATTEST | - * | | | is set). | - * +------------+---------------------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_1] | TLV containing 1-byte Result. | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] HealthCheckMode The health check mode - * @param result The result of Self Test - * - * @return The sm status. - */ - -smStatus_t Se05x_API_TriggerSelfTest( - pSe05xSession_t session_ctx, SE05x_HealthCheckMode_t healthCheckMode, uint8_t *result); - -/** Se05x_API_TriggerSelfTest_W_Attst - * - * Trigger a system health check for the system. When calling this command, a self-test is - * triggered in the operating system. When the test fails, the device might not respond with - * a R-APDU as the chip is reset. - * If HealthCheckMode is set to HCM_FIPS, the test will only work if the device is running in - * FIPS approved mode of operation. - * - * # Command to Applet - * - * - * @rst - * +------------+---------------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +============+=================================+================================================+ - * | CLA | 0x80 | | - * +------------+---------------------------------+------------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t`. In addition to | - * | | | INS_CRYPTO, users can set the INS_ATTEST | - * | | | flag. In that case, attestation applies. | - * +------------+---------------------------------+------------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +------------+---------------------------------+------------------------------------------------+ - * | P2 | P2_SANITY | See :cpp:type:`SE05x_P2_t` | - * +------------+---------------------------------+------------------------------------------------+ - * | Lc | #(Payload) | Payload length | - * +------------+---------------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_1] | 2-byte value from HealthCheckMode | - * +------------+---------------------------------+------------------------------------------------+ - * | TLV[TAG_5] | 4-byte attestation object | | - * | | identifier. [Optional] | | - * | | [Conditional: only when | | - * | | INS_ATTEST is set] | | - * +------------+---------------------------------+------------------------------------------------+ - * | TLV[TAG_6] | 1-byte AttestationAlgo | | - * | | [Optional] [Conditional: only | | - * | | when INS_ATTEST is set] | | - * +------------+---------------------------------+------------------------------------------------+ - * | TLV[TAG_7] | 16-byte freshness random | | - * | | [Optional] [Conditional: only | | - * | | when INS_ATTEST is set] | | - * +------------+---------------------------------+------------------------------------------------+ - * | Le | 0x00 | 2-byte response + attested data (if INS_ATTEST | - * | | | is set). | - * +------------+---------------------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_1] | TLV containing 1-byte Result. | - * +------------+------------------------------------------------+ - * | TLV[TAG_3] | TLV containing 12-byte timestamp | - * | | [Conditional: only when C-APDU contains | - * | | INS_ATTEST] | - * +------------+------------------------------------------------+ - * | TLV[TAG_4] | TLV containing 16-byte freshness (random) | - * | | [Conditional: only when C-APDU contains | - * | | INS_ATTEST] | - * +------------+------------------------------------------------+ - * | TLV[TAG_5] | TLV containing 18-byte chip unique ID | - * | | [Conditional: only when C-APDU contains | - * | | INS_ATTEST] | - * +------------+------------------------------------------------+ - * | TLV[TAG_6] | TLV containing signature over the concatenated | - * | | values of TLV[TAG_1], TLV[TAG_3], TLV[TAG_4] | - * | | and TLV[TAG_5]. [Conditional: only when | - * | | C-APDU contains INS_ATTEST] | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] HealthCheckMode The health check mode - * @param[in] attestID The attest id - * @param[in] attestAlgo The attest algorithm - * @param[in] random The random - * @param[in] randomLen The random length - * @param result The result of Self Test - * @param ptimeStamp The ptime stamp - * @param outrandom The outrandom - * @param poutrandomLen The poutrandom length - * @param chipId The chip identifier - * @param pchipIdLen The pchip identifier length - * @param signature The signature - * @param psignatureLen The psignature length - * - * @return The sm status. - */ -smStatus_t Se05x_API_TriggerSelfTest_W_Attst(pSe05xSession_t session_ctx, - SE05x_HealthCheckMode_t healthCheckMode, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *result, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_ECDHGenerateSharedSecret_InObject - * - * See @ref Se05x_API_ECDHGenerateSharedSecret - * - */ -smStatus_t Se05x_API_ECDHGenerateSharedSecret_InObject(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *pubKey, - size_t pubKeyLen, - uint32_t sharedSecretID, - uint8_t invertEndianness); - -/* -* @param[in] session_ctx Session Context[0:kSE05x_pSession] -* @param[in] keyPairId keyPairId[1:kSE05x_TAG_1] -* @param[in] pskId pskId[2:kSE05x_TAG_2] -* @param[in] hmacKeyId hmacKeyId[3:kSE05x_TAG_3] -* @param[in] inputData inputData[4:kSE05x_TAG_4] -* @param[in] inputDataLen Length of inputData -* @param[in] clientVersion client version[6:kSE05x_TAG_6] -* @param[in] clientVersionLen Length of client version -*/ - -smStatus_t Se05x_API_TLSCalculateRsaPreMasterSecret(pSe05xSession_t session_ctx, - uint32_t keyPairId, - uint32_t pskId, - uint32_t hmacKeyId, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *clientVersion, - size_t clientVersionLen); - -/** Se05x_API_WriteRSAKey_Ver -* -* See @ref Se05x_API_WriteRSAKey. Also allows to set key version (4 bytes). -* -*/ -smStatus_t Se05x_API_WriteRSAKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t size, - const uint8_t *p, - size_t pLen, - const uint8_t *q, - size_t qLen, - const uint8_t *dp, - size_t dpLen, - const uint8_t *dq, - size_t dqLen, - const uint8_t *qInv, - size_t qInvLen, - const uint8_t *pubExp, - size_t pubExpLen, - const uint8_t *priv, - size_t privLen, - const uint8_t *pubMod, - size_t pubModLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - const SE05x_RSAKeyFormat_t rsa_format, - uint32_t version); - -/** Se05x_API_UpdateRSAKey_Ver -* -* See @ref Se05x_API_WriteRSAKey. Also allows to set key version (4 bytes). -* Called to update the value of already existing object. If policy is passed, -* it should match with existing policy on object. -*/ -smStatus_t Se05x_API_UpdateRSAKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t size, - const uint8_t *p, - size_t pLen, - const uint8_t *q, - size_t qLen, - const uint8_t *dp, - size_t dpLen, - const uint8_t *dq, - size_t dqLen, - const uint8_t *qInv, - size_t qInvLen, - const uint8_t *pubExp, - size_t pubExpLen, - const uint8_t *priv, - size_t privLen, - const uint8_t *pubMod, - size_t pubModLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - const SE05x_RSAKeyFormat_t rsa_format, - uint32_t version); - -#define Se05x_API_WriteECKey_with_version Se05x_API_WriteECKey_Ver -/** Se05x_API_WriteECKey_Ver -* -* See @ref Se05x_API_WriteECKey. Also allows to set key version (4 bytes). -* -*/ -smStatus_t Se05x_API_WriteECKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_ECCurve_t curveID, - const uint8_t *privKey, - size_t privKeyLen, - const uint8_t *pubKey, - size_t pubKeyLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - uint32_t version); - -/** Se05x_API_UpdateECKey_Ver -* -* See @ref Se05x_API_WriteECKey. Also allows to set key version (4 bytes). -* Called to update the value of already existing object. If policy is passed, -* it should match with existing policy on object. -*/ -smStatus_t Se05x_API_UpdateECKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_ECCurve_t curveID, - const uint8_t *privKey, - size_t privKeyLen, - const uint8_t *pubKey, - size_t pubKeyLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - uint32_t version); - -/** Se05x_API_WriteSymmKey_Ver -* -* See @ref Se05x_API_WriteSymmKey. Also allows to set key version (4 bytes). -* -*/ -smStatus_t Se05x_API_WriteSymmKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_KeyID_t kekID, - const uint8_t *keyValue, - size_t keyValueLen, - const SE05x_INS_t ins_type, - const SE05x_SymmKeyType_t type, - uint32_t version); - -/** Se05x_API_UpdateSymmKey_Ver -* -* See @ref Se05x_API_WriteSymmKey. Also allows to set key version (4 bytes). -* Called to update the value of already existing object. If policy is passed, -* it should match with existing policy on object. -*/ -smStatus_t Se05x_API_UpdateSymmKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_KeyID_t kekID, - const uint8_t *keyValue, - size_t keyValueLen, - const SE05x_INS_t ins_type, - const SE05x_SymmKeyType_t type, - uint32_t version); - -/** Se05x_API_WriteBinary_Ver -* -* See @ref Se05x_API_WriteBinary. Also allows to set key version (4 bytes). -* -*/ -smStatus_t Se05x_API_WriteBinary_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t offset, - uint16_t length, - const uint8_t *inputData, - size_t inputDataLen, - uint32_t version); - -/** Se05x_API_UpdateBinary_Ver -* -* See @ref Se05x_API_WriteBinary. Also allows to set key version (4 bytes). -* Called to update the value of already existing object. If policy is passed, -* it should match with existing policy on object. -* -*/ -smStatus_t Se05x_API_UpdateBinary_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t offset, - uint16_t length, - const uint8_t *inputData, - size_t inputDataLen, - uint32_t version); - -/** Se05x_API_ReadState -* -* -* # Command to Applet -* -* -* # R-APDU Body -* -* NA -* -* # R-APDU Trailer -* -* -* -* -* @param[in] session_ctx Session Context [0:kSE05x_pSession] -* @param[out] pstateValues [1:kSE05x_TAG_1] -*/ -smStatus_t Se05x_API_ReadState(pSe05xSession_t session_ctx, uint8_t *pstateValues, size_t *pstateValuesLen); - -/** Se05x_API_GetExtVersion -* -* Gets the applet extended version information. -* -* This will return 37-byte VersionInfo (including major, minor and patch version -* of the applet, supported applet features and secure box version). -* -* # Command to Applet -* -* @rst -* +-------+------------------------------+----------------------------------------------+ -* | Field | Value | Description | -* +=======+==============================+==============================================+ -* | CLA | 0x80 | | -* +-------+------------------------------+----------------------------------------------+ -* | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | -* +-------+------------------------------+----------------------------------------------+ -* | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | -* +-------+------------------------------+----------------------------------------------+ -* | P2 | P2_VERSION or P2_VERSION_EXT | See :cpp:type:`SE05x_P2_t` | -* +-------+------------------------------+----------------------------------------------+ -* | Lc | #(Payload) | | -* +-------+------------------------------+----------------------------------------------+ -* | Le | 0x00 | Expecting TLV with 7-byte data (when P2 = | -* | | | P2_VERSION) or a TLV with 37 byte data (when | -* | | | P2= P2_VERSION_EXT). | -* +-------+------------------------------+----------------------------------------------+ -* @endrst -* -* -* # R-APDU Body -* -* @rst -* +------------+------------------------------------------------+ -* | Value | Description | -* +============+================================================+ -* | TLV[TAG_1] | 7-byte :cpp:type:`VersionInfoRef` (if P2 = | -* | | P2_VERSION) or 7-byte VersionInfo followed by | -* | | 30 bytes extendedFeatureBits (if P2 = | -* | | P2_VERSION_EXT) | -* +------------+------------------------------------------------+ -* @endrst -* -* # R-APDU Trailer -* -* @rst -* +-------------+--------------------------------+ -* | SW | Description | -* +=============+================================+ -* | SW_NO_ERROR | Data is returned successfully. | -* +-------------+--------------------------------+ -* @endrst -* -* @param[in] session_ctx The session context -* @param pappletVersion The papplet version -* @param appletVersionLen The applet version length -* -* @return The sm status. -*/ -smStatus_t Se05x_API_GetExtVersion(pSe05xSession_t session_ctx, uint8_t *pappletVersion, size_t *appletVersionLen); - -/**Se05x_API_SendCardManagerCmd -* -* Sends a command to the Card Manager. -* -* This APDU will send command to Card Manager -* -* # Command to Card Manager -* -* @rst -* +---------+---------------+--------------------------------------+ -* | Field | Value | Description | -* +=========+===============+======================================+ -* | CLA | 0x80 | | -* +---------+---------------+--------------------------------------+ -* | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | -* +---------+---------------+--------------------------------------+ -* | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | -* +---------+---------------+--------------------------------------+ -* | P2 | P2_CM_COMMAND | See :cpp:type:`SE05x_P2_t` | -* +---------+---------------+--------------------------------------+ -* | Lc | #(Payload) | Payload length | -* +---------+---------------+--------------------------------------+ -* | Payload | TLV[TAG_1] | APDU to be sent to the Card Manager. | -* +---------+---------------+--------------------------------------+ -* | Le | 0x00 | Expected response length | -* +---------+---------------+--------------------------------------+ -* @endrst -* -* # R-APDU Body -* -* @rst -* +------------+----------------------------------------+ -* | Value | Description | -* +============+========================================+ -* | TLV[TAG_1] | Byte array containing the Card Manager | -* | | response. | -* +------------+----------------------------------------+ -* @endrst -* -* # R-APDU Trailer -* -* @rst -* +-------------+--------------------------------------+ -* | SW | Description | -* +=============+======================================+ -* | SW_NO_ERROR | The command is handled successfully. | -* +-------------+--------------------------------------+ -* @endrst -* -* @param[in] session_ctx The session context -* @param[in] pCmdData The command input data -* @param[in] cmdDataLen The command input data length -* @param[out] pOutputData The response data -* @param[out] pOutputDataLen The response data length -* -* @return The sm status. -*/ -smStatus_t Se05x_API_SendCardManagerCmd( - pSe05xSession_t session_ctx, uint8_t *pCmdData, size_t cmdDataLen, uint8_t *pOutputData, size_t *pOutputDataLen); - -/** Se05x_API_UpdatePCR -* -* See @ref Se05x_API_WritePCR. -* Called to update the value of already existing object. If policy is passed, -* it should match with existing policy on object. -*/ -smStatus_t Se05x_API_UpdatePCR( - pSe05xSession_t session_ctx, pSe05xPolicy_t policy, uint32_t pcrID, const uint8_t *inputData, size_t inputDataLen); - -/** Se05x_API_UpdateCounter -* -* See @ref Se05x_API_SetCounterValue. -* Called to update the value of already existing object. If policy is passed, -* it should match with existing policy on object. -*/ -smStatus_t Se05x_API_UpdateCounter( - pSe05xSession_t session_ctx, pSe05xPolicy_t policy, uint32_t objectID, uint16_t size, uint64_t value); diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_impl.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_impl.h deleted file mode 100644 index ac531d92b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_04_xx_APDU_impl.h +++ /dev/null @@ -1,1535 +0,0 @@ -/* - * Copyright 2020 NXP - * - * SPDX-License-Identifier: Apache-2.0 - */ - -#include -#include -#include - -#if defined(NONSECURE_WORLD) -#include "veneer_printf_table.h" -#endif - -#if SSS_HAVE_SE05X_VER_GTE_06_00 -/* OK */ -#else -#error "Only with SE051 based build" -#endif - -#ifndef NEWLINE -#define NEWLINE must be already defined -#endif - -smStatus_t Se05x_API_AeadOneShot(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CipherMode_t cipherMode, - const uint8_t *pInputData, - size_t inputDataLen, - const uint8_t *pAad, - size_t aadLen, - uint8_t *pIV, - size_t IVLen, - uint8_t *pTagData, - size_t *pTagDataLen, - uint8_t *pOutputData, - size_t *pOutputDataLen, - const SE05x_Cipher_Oper_OneShot_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, operation}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); - SE05x_Result_t result; - uint16_t ivlen16 = (uint16_t)IVLen; - size_t ivlen32 = IVLen; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadOneShot []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CipherMode("cipherMode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cipherMode); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, pInputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("AdditionalData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, pAad, aadLen); - if (0 != tlvRet) { - goto cleanup; - } - - if ((cipherMode == kSE05x_CipherMode_AES_GCM) || - ((cipherMode == kSE05x_CipherMode_AES_GCM_INT_IV) && (operation == kSE05x_Cipher_Oper_OneShot_Decrypt))) { - tlvRet = TLVSET_u8bufOptional("IV", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, pIV, IVLen); - if (0 != tlvRet) { - goto cleanup; - } - } - else { - tlvRet = TLVSET_U16("IVLen", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, ivlen16); - if (0 != tlvRet) { - goto cleanup; - } - } - if (operation == kSE05x_Cipher_Oper_OneShot_Decrypt) { - tlvRet = TLVSET_u8bufOptional("tag", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, pTagData, *pTagDataLen); - if (0 != tlvRet) { - goto cleanup; - } - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - if (inputDataLen != 0) { - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pOutputData, pOutputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - } - if (operation == kSE05x_Cipher_Oper_OneShot_Encrypt) { - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, pTagData, pTagDataLen); - if (0 != tlvRet) { - goto cleanup; - } - } - if (operation == kSE05x_Cipher_Oper_OneShot_Decrypt) { - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, &result); - if (0 != tlvRet) { - goto cleanup; - } - if (result != kSE05x_Result_SUCCESS) { - goto cleanup; - } - } - if ((operation == kSE05x_Cipher_Oper_OneShot_Encrypt) && (cipherMode == kSE05x_CipherMode_AES_GCM_INT_IV)) { - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_3, pIV, &ivlen32); - if (0 != tlvRet) { - goto cleanup; - } - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CipherMode_t cipherMode, - SE05x_CryptoObjectID_t cryptoObjectID, - uint8_t *pIV, - size_t IVLen, - const SE05x_Cipher_Oper_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, operation}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); - uint16_t ivlen16 = (uint16_t)IVLen; - size_t ivlen32 = IVLen; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadInit []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - if ((cipherMode == kSE05x_CipherMode_AES_GCM) || - ((cipherMode == kSE05x_CipherMode_AES_GCM_INT_IV) && (operation == kSE05x_Cipher_Oper_Decrypt))) { - tlvRet = TLVSET_u8bufOptional("IV", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, pIV, IVLen); - if (0 != tlvRet) { - goto cleanup; - } - } - else { - tlvRet = TLVSET_U16("IVLen", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, ivlen16); - if (0 != tlvRet) { - goto cleanup; - } - } - if ((cipherMode == kSE05x_CipherMode_AES_GCM) || - ((cipherMode == kSE05x_CipherMode_AES_GCM_INT_IV) && (operation == kSE05x_Cipher_Oper_Decrypt))) { - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - } - else { - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pIV, &ivlen32); - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - } -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadCCMInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *pIV, - size_t IVLen, - size_t aadLen, - size_t payloadLen, - size_t tagLen, - const SE05x_Cipher_Oper_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, operation}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint16_t aadLen16 = (uint16_t)aadLen; - uint16_t payloadLen16 = (uint16_t)payloadLen; - uint16_t tagLen16 = (uint16_t)tagLen; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadCCMInit []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("IV", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, pIV, IVLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("aadLen", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, aadLen16); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("payloadLen", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, payloadLen16); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("tagLen", &pCmdbuf, &cmdbufLen, kSE05x_TAG_8, tagLen16); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadUpdate_aad( - pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID, const uint8_t *pAadData, size_t aadDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, kSE05x_P2_UPDATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadUpdate_aad []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("aad", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, pAadData, aadDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadUpdate(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *pInputData, - size_t inputDataLen, - uint8_t *pOutputData, - size_t *pOutputLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, kSE05x_P2_UPDATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadUpdate []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, pInputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pOutputData, pOutputLen); - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadCCMLastUpdate( - pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID, const uint8_t *pInputData, size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, kSE05x_P2_UPDATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadUpdate []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, pInputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadCCMFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - uint8_t *pOutputData, - size_t *pOutputLen, - uint8_t *pTag, - size_t *pTagLen, - const SE05x_Cipher_Oper_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, kSE05x_P2_FINAL}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); - size_t tagLen = *pTagLen; - SE05x_Result_t result; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadFinal []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - if (operation == kSE05x_Cipher_Oper_Decrypt) { - tlvRet = TLVSET_u8bufOptional("tag", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, pTag, tagLen); - if (0 != tlvRet) { - goto cleanup; - } - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pOutputData, pOutputLen); - if (0 != tlvRet) { - goto cleanup; - } - if (operation == kSE05x_Cipher_Oper_Encrypt) { - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, pTag, pTagLen); - if (0 != tlvRet) { - goto cleanup; - } - } - if (operation == kSE05x_Cipher_Oper_Decrypt) { - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, &result); - if (0 != tlvRet) { - goto cleanup; - } - - if (result != kSE05x_Result_SUCCESS) { - goto cleanup; - } - } - - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_AeadFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - uint8_t *pTag, - size_t *pTagLen, - const SE05x_Cipher_Oper_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_AEAD, kSE05x_P2_FINAL}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); - size_t tagLen = *pTagLen; - SE05x_Result_t result; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "AeadFinal []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - if (operation == kSE05x_Cipher_Oper_Decrypt) { - tlvRet = TLVSET_u8bufOptional("tag", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, pTag, tagLen); - if (0 != tlvRet) { - goto cleanup; - } - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - if (operation == kSE05x_Cipher_Oper_Encrypt) { - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, pTag, pTagLen); - if (0 != tlvRet) { - goto cleanup; - } - } - if (operation == kSE05x_Cipher_Oper_Decrypt) { - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, &result); - if (0 != tlvRet) { - goto cleanup; - } - if (result != kSE05x_Result_SUCCESS) { - goto cleanup; - } - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DisableObjCreation( - pSe05xSession_t session_ctx, SE05x_LockIndicator_t lockIndicator, SE05x_RestrictMode_t restrictMode) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_RESTRICT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DisableObjCreation []"); -#endif /* VERBOSE_APDU_LOGS */ - - tlvRet = TLVSET_U8("lockIndicator", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, lockIndicator); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("restrictMode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, restrictMode); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_TriggerSelfTest( - pSe05xSession_t session_ctx, SE05x_HealthCheckMode_t healthCheckMode, uint8_t *result) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SANITY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "TriggerSelfTest []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U16("health check mode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, healthCheckMode); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U8(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, result); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_TriggerSelfTest_W_Attst(pSe05xSession_t session_ctx, - SE05x_HealthCheckMode_t healthCheckMode, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *result, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT | kSE05x_INS_ATTEST, kSE05x_P1_DEFAULT, kSE05x_P2_SANITY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "TriggerSelfTest []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U16("health check mode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, healthCheckMode); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("attestID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, attestID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("attestAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, attestAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8buf("random", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, random, randomLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U8(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, result); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_TimeStamp(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_3, ptimeStamp); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_4, outrandom, poutrandomLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_5, chipId, pchipIdLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_6, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadObjectAttributes( - pSe05xSession_t session_ctx, uint32_t objectID, uint8_t *data, size_t *pdataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_ATTRIBUTES}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadObjectAttributes []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, data, pdataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadObjectAttributes_W_Attst(pSe05xSession_t session_ctx, - uint32_t objectID, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *data, - size_t *pdataLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ_With_Attestation, kSE05x_P1_DEFAULT, kSE05x_P2_ATTRIBUTES}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadObjectAttributes_W_Attst []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("attestID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, attestID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_AttestationAlgo("attestAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, attestAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("random", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, random, randomLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, data, pdataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_TimeStamp(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_3, ptimeStamp); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_4, outrandom, poutrandomLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_5, chipId, pchipIdLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_6, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ECDHGenerateSharedSecret_InObject(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *pubKey, - size_t pubKeyLen, - uint32_t sharedSecretID, - uint8_t invertEndianness) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = { - {kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_EC, invertEndianness == 0x01 ? kSE05x_P2_DH_REVERSE : kSE05x_P2_DH}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ECDHGenerateSharedSecret []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("pubKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, pubKey, pubKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("sharedSecretID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, sharedSecretID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - if (2 == rspbufLen) { - retStatus = (rspbuf[0] << 8) | (rspbuf[1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_TLSCalculateRsaPreMasterSecret(pSe05xSession_t session_ctx, - uint32_t keyPairId, - uint32_t pskId, - uint32_t hmacKeyId, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *clientVersion, - size_t clientVersionLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_TLS, kSE05x_P2_TLS_PMS}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "TLSCalculateRsaPreMasterSecret []"); -#endif /* VERBOSE_APDU_LOGS */ - if (pskId != 0) { - tlvRet = TLVSET_U32("pskId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, pskId); - if (0 != tlvRet) { - goto cleanup; - } - } - tlvRet = TLVSET_U32("keyPairId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, keyPairId); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("hmacKeyId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, hmacKeyId); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("clientVersion", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, clientVersion, clientVersionLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteRSAKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t size, - const uint8_t *p, - size_t pLen, - const uint8_t *q, - size_t qLen, - const uint8_t *dp, - size_t dpLen, - const uint8_t *dq, - size_t dqLen, - const uint8_t *qInv, - size_t qInvLen, - const uint8_t *pubExp, - size_t pubExpLen, - const uint8_t *priv, - size_t privLen, - const uint8_t *pubMod, - size_t pubModLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - const SE05x_RSAKeyFormat_t rsa_format, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_RSA | key_part, rsa_format}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_WriteRSAKey_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("To be Checked(last 3 not pdf)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("size in bits", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, size); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("p", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, p, pLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("q", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, q, qLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("dp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, dp, dpLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("dq", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, dq, dqLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("qnv", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, qInv, qInvLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("public exp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_8, pubExp, pubExpLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("priv", &pCmdbuf, &cmdbufLen, kSE05x_TAG_9, priv, privLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("public mod", &pCmdbuf, &cmdbufLen, kSE05x_TAG_10, pubMod, pubModLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteECKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_ECCurve_t curveID, - const uint8_t *privKey, - size_t privKeyLen, - const uint8_t *pubKey, - size_t pubKeyLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_EC | key_part, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_WriteECKey_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECCurve("curveID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, curveID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("privKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, privKey, privKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("pubKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, pubKey, pubKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteSymmKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_KeyID_t kekID, - const uint8_t *keyValue, - size_t keyValueLen, - const SE05x_INS_t ins_type, - const SE05x_SymmKeyType_t type, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, type, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_WriteSymmKey_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_KeyID("KEK id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, kekID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("key value", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, keyValue, keyValueLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteBinary_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t offset, - uint16_t length, - const uint8_t *inputData, - size_t inputDataLen, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_BINARY, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_WriteBinary_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("input data", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadState(pSe05xSession_t session_ctx, uint8_t *pstateValues, size_t *pstateValuesLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_READ_STATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadState []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pstateValues, pstateValuesLen); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_GetExtVersion(pSe05xSession_t session_ctx, uint8_t *pappletVersion, size_t *appletVersionLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_VERSION_EXT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "GetVersion []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pappletVersion, appletVersionLen); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_SendCardManagerCmd( - pSe05xSession_t session_ctx, uint8_t *pCmdData, size_t cmdDataLen, uint8_t *pOutputData, size_t *pOutputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_CM_COMMAND}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "SendCardManagerCmd []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("cmdData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, pCmdData, cmdDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pOutputData, pOutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_UpdateRSAKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t size, - const uint8_t *p, - size_t pLen, - const uint8_t *q, - size_t qLen, - const uint8_t *dp, - size_t dpLen, - const uint8_t *dq, - size_t dqLen, - const uint8_t *qInv, - size_t qInvLen, - const uint8_t *pubExp, - size_t pubExpLen, - const uint8_t *priv, - size_t privLen, - const uint8_t *pubMod, - size_t pubModLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - const SE05x_RSAKeyFormat_t rsa_format, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_RSA | key_part, rsa_format}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_UpdateRSAKey_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - /* Tag policy Check is not applicable for Generate key */ - if (((p != NULL) && (pLen != 0)) || ((pubExp != NULL) && (pubExpLen != 0)) || ((priv != NULL) && (privLen != 0))) { - tlvRet = TLVSET_Se05xPolicy("check policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY_CHECK, policy); - if (0 != tlvRet) { - goto cleanup; - } - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("size in bits", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, size); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("p", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, p, pLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("q", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, q, qLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("dp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, dp, dpLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("dq", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, dq, dqLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("qnv", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, qInv, qInvLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("public exp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_8, pubExp, pubExpLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("priv", &pCmdbuf, &cmdbufLen, kSE05x_TAG_9, priv, privLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("public mod", &pCmdbuf, &cmdbufLen, kSE05x_TAG_10, pubMod, pubModLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_UpdateECKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_ECCurve_t curveID, - const uint8_t *privKey, - size_t privKeyLen, - const uint8_t *pubKey, - size_t pubKeyLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_EC | key_part, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_UpdateECKey_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - - /* Tag policy Check is not applicable for Generate key */ - if (((privKey != NULL) && (privKeyLen != 0)) || ((pubKey != NULL) && (pubKeyLen != 0))) { - tlvRet = TLVSET_Se05xPolicy("check policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY_CHECK, policy); - if (0 != tlvRet) { - goto cleanup; - } - } - - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECCurve("curveID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, curveID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("privKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, privKey, privKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("pubKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, pubKey, pubKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_UpdateBinary_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t offset, - uint16_t length, - const uint8_t *inputData, - size_t inputDataLen, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_BINARY, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_UpdateBinary_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("check policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY_CHECK, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("input data", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_UpdateSymmKey_Ver(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_KeyID_t kekID, - const uint8_t *keyValue, - size_t keyValueLen, - const SE05x_INS_t ins_type, - const SE05x_SymmKeyType_t type, - uint32_t version) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, type, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_UpdateSymmKey_Ver []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_Se05xPolicy("check policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY_CHECK, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_KeyID("KEK id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, kekID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("key value", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, keyValue, keyValueLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("version", &pCmdbuf, &cmdbufLen, kSE05x_TAG_11, version); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_UpdatePCR( - pSe05xSession_t session_ctx, pSe05xPolicy_t policy, uint32_t pcrID, const uint8_t *inputData, size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_PCR, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(pcrID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_UpdatePCR []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("check policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY_CHECK, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, pcrID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_UpdateCounter( - pSe05xSession_t session_ctx, pSe05xPolicy_t policy, uint32_t objectID, uint16_t size, uint64_t value) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_COUNTER, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_CreateCounter []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy check", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY_CHECK, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - - if ((size > 0) && (size <= 8)) { - if (value != 0) { - tlvRet = TLVSET_U64_SIZE("value", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, value, size); - if (0 != tlvRet) { - goto cleanup; - } - } - } - else { - LOG_E("Wrong size provided"); - goto cleanup; - } - - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU.h deleted file mode 100644 index b01f54216..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * - * Copyright 2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file */ - -#ifndef SE050X_APDU_H -#define SE050X_APDU_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include "se05x_tlv.h" -#include "se05x_const.h" -#include "se05x_APDU_apis.h" - -/** Se05x_API_DeleteAll_Iterative - * - * Go through each object and delete it individually. - * - * This API does not use the Applet API @ref Se05x_API_DeleteAll. It - * does not delete ALL objects and purposefully skips few objects. - * - * Instead, this API uses @ref Se05x_API_ReadIDList and @ref - * Se05x_API_ReadCryptoObjectList to first fetch list of objects to host, and - * **selectitvely** deletes. - * - * For e.g. It does not kill objects from: - * - The range SE05X_OBJID_SE05X_APPLET_RES_START to - * SE05X_OBJID_SE05X_APPLET_RES_END. This range is used by applet. - * - The range EX_SSS_OBJID_DEMO_AUTH_START to EX_SSS_OBJID_DEMO_AUTH_END, - * which is used by middleware DEMOS for authentication. - * - And others. - * - * Kindly see the Implementation of is API Se05x_API_DeleteAll_Iterative to see - * the list of ranges that are skipped. - * - * @param[in] session_ctx Session Context - * - * @return The status of API. - */ -smStatus_t Se05x_API_DeleteAll_Iterative(pSe05xSession_t session_ctx); - -/** - * @brief Get the Curve ID for existing Key. - * - * This API is functionally same as @ref Se05x_API_GetECCurveId - * but uses @ref SE05x_ECCurve_t as a type instead of uint8_t. - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param pcurveId The pcurve identifier - * - * - * @return The sm status. - */ -smStatus_t Se05x_API_EC_CurveGetId(pSe05xSession_t session_ctx, uint32_t objectID, SE05x_ECCurve_t *pcurveId); - -/** Wrapper for @ref Se05x_API_ECDHGenerateSharedSecret */ - -#define Se05x_API_ECGenSharedSecret Se05x_API_ECDHGenerateSharedSecret - -/** Wrapper for @ref Se05x_API_DigestOneShot */ -#define Se05x_API_SHAOneShot Se05x_API_DigestOneShot - -// For SIMW-656 -bool Se05x_IsInValidRangeOfUID(uint32_t uid); - -#ifdef __cplusplus -} -#endif - -#endif /* SE050X_APDU_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_apis.h deleted file mode 100644 index ca095d260..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_apis.h +++ /dev/null @@ -1,5812 +0,0 @@ -/* - * - * Copyright 2019-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file */ - -#ifndef SE050X_APDU_APIS_H_INC -#define SE050X_APDU_APIS_H_INC - -#include "se05x_enums.h" -#include "se05x_tlv.h" - -/* Enable compilation of deprecated API Se05x_API_WritePCR - * Deprecated from Q1 2021. - * Support will be removed by Q1 2022 - */ -#define ENABLE_DEPRECATED_API_WritePCR 1 - -/** Se05x_API_CreateSession - * - * Creates a session on SE05X . - * - * Depending on the authentication object being referenced, a specific method of - * authentication applies. The response needs to adhere to this authentication - * method. - * - * - * # Command to Applet - * - * @rst - * +---------+-------------------+------------------------------+ - * | Field | Value | Description | - * +=========+===================+==============================+ - * | CLA | 0x80 | | - * +---------+-------------------+------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +---------+-------------------+------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+-------------------+------------------------------+ - * | P2 | P2_SESSION_CREATE | See :cpp:type:`SE05x_P2_t` | - * +---------+-------------------+------------------------------+ - * | Lc | #(Payload) | Payload length. | - * +---------+-------------------+------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte authentication object | - * | | | identifier. | - * +---------+-------------------+------------------------------+ - * | Le | 0x0A | Expecting TLV with 8-byte | - * | | | session ID. | - * +---------+-------------------+------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------+ - * | Value | Description | - * +============+============================+ - * | TLV[TAG_1] | 8-byte session identifier. | - * +------------+----------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * SW_NO_ERROR: - * * The command is handled successfully. - * - * SW_CONDITIONS_NOT_SATISFIED: - * * The authenticator does not exist - * * The provided input data are incorrect. - * * The session is invalid. - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] authObjectID auth [1:kSE05x_TAG_1] - * @param[out] sessionId [0:kSE05x_TAG_1] - * @param[in,out] psessionIdLen Length for sessionId - * - * - */ -smStatus_t Se05x_API_CreateSession( - pSe05xSession_t session_ctx, uint32_t authObjectID, uint8_t *sessionId, size_t *psessionIdLen); - -/** Se05x_API_ExchangeSessionData - * - * Sets session policies for the current session. - * - * - * # Command to Applet - * - * @rst - * +---------+-------------------+-----------------------------+ - * | Field | Value | Description | - * +=========+===================+=============================+ - * | CLA | 0x80 or 0x84 | - | - * +---------+-------------------+-----------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +---------+-------------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+-------------------+-----------------------------+ - * | P2 | P2_SESSION_POLICY | See P2 | - * +---------+-------------------+-----------------------------+ - * | Lc | #(Payload) | Payload length. | - * +---------+-------------------+-----------------------------+ - * | Payload | TLV[TAG_1] | Session policies | - * +---------+-------------------+-----------------------------+ - * | | C-MAC | If applicable | - * +---------+-------------------+-----------------------------+ - * | Le | 0x00 | - | - * +---------+-------------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +-------+----------------------------+ - * | Value | Description | - * +=======+============================+ - * | R-MAC | Optional, depending on | - * | | established security level | - * +-------+----------------------------+ - * @endrst - * - * - * @rst - * +-----------------------------+------------------------+ - * | SW | Description | - * +=============================+========================+ - * | SW_NO_ERROR | The command is handled | - * | | successfully. | - * +-----------------------------+------------------------+ - * | SW_CONDITIONS_NOT_SATISFIED | Invalid policies | - * +-----------------------------+------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] policy Check pdf [1:kSE05x_TAG_1] - * - */ -smStatus_t Se05x_API_ExchangeSessionData(pSe05xSession_t session_ctx, pSe05xPolicy_t policy); - -/** Se05x_API_RefreshSession - * - * Refreshes a session on , the policy of the running session can be updated; the - * rest of the session state remains. - * - * # Command to Applet - * - * @rst - * +-------+--------------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+====================+===============================================+ - * | CLA | 0x80 | - | - * +-------+--------------------+-----------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+--------------------+-----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------------+-----------------------------------------------+ - * | P2 | P2_SESSION_REFRESH | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------------+-----------------------------------------------+ - * | Lc | #(Payload) | Payload length. | - * +-------+--------------------+-----------------------------------------------+ - * | | TLV[TAG_POLICY] | Byte array containing the policy to attach to | - * | | | the session. [Optional] | - * +-------+--------------------+-----------------------------------------------+ - * | Le | - | | - * +-------+--------------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] policy policy [1:kSE05x_TAG_POLICY] - */ -smStatus_t Se05x_API_RefreshSession(pSe05xSession_t session_ctx, pSe05xPolicy_t policy); - -/** Se05x_API_CloseSession - * - * Closes a running session. - * - * When a session is closed, it cannot be reopened. - * - * All session parameters are transient. - * - * # Command to Applet - * - * @rst - * +-------+------------------+-----------------------------+ - * | Field | Value | Description | - * +=======+==================+=============================+ - * | CLA | 0x80 | | - * +-------+------------------+-----------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------+-----------------------------+ - * | P2 | P2_SESSION_CLOSE | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+-------------------------------------+ - * | SW | Description | - * +=============+=====================================+ - * | SW_NO_ERROR | The session is closed successfully. | - * +-------------+-------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - */ -smStatus_t Se05x_API_CloseSession(pSe05xSession_t session_ctx); - -/** Se05x_API_VerifySessionUserID - * - * Verifies the session user identifier (UserID) in order to allow setting up a - * session. If the UserID is correct, the session establishment is successful; - * otherwise the session cannot be opened (SW_CONDITIONS_NOT_SATISFIED is - * returned). - * - * # Command to Applet - * - * @rst - * +-------+-------------------+-----------------------------+ - * | Field | Value | Description | - * +=======+===================+=============================+ - * | CLA | 0x80 | | - * +-------+-------------------+-----------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+-------------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+-------------------+-----------------------------+ - * | P2 | P2_SESSION_USERID | See :cpp:type:`SE05x_P2_t` | - * +-------+-------------------+-----------------------------+ - * | Lc | #(Payload) | Payload length. | - * +-------+-------------------+-----------------------------+ - * | | TLV[TAG_1] | UserID value | - * +-------+-------------------+-----------------------------+ - * | Le | - | | - * +-------+-------------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] userId userId [1:kSE05x_TAG_1] - * @param[in] userIdLen Length of userId - */ -smStatus_t Se05x_API_VerifySessionUserID(pSe05xSession_t session_ctx, const uint8_t *userId, size_t userIdLen); - -/** Se05x_API_SetLockState - * - * Sets the applet transport lock (locked or unlocked). There is a Persistent - * lock and a Transient Lock. If the Persistent lock is UNLOCKED, the device is - * unlocked (regardless of the Transient lock). If the Persistent lock is LOCKED, - * the device is only unlocked when the Transient lock is UNLOCKED and the device - * will be locked again after deselect of the applet. - * - * Note that regardless of the lock state, the credential RESERVED_ID_TRANSPORT - * allows access to all features. For example, it is possible to write/update - * objects within the session opened by RESERVED_ID_TRANSPORT, even if the applet - * is locked. - * - * The default TRANSIENT_LOCK state is LOCKED; there is no default - * PERSISTENT_LOCK state (depends on product configuration). - * - * This command can only be used in a session that used the credential with - * identifier RESERVED_ID_TRANSPORT as authentication object. - * - * @rst - * +-----------------+----------------+-----------------------------------------------+ - * | PERSISTENT_LOCK | TRANSIENT_LOCK | Behavior | - * +=================+================+===============================================+ - * | UNLOCKED | UNLOCKED | Unlocked until PERSISTENT_LOCK set to LOCKED. | - * +-----------------+----------------+-----------------------------------------------+ - * | UNLOCKED | LOCKED | Unlocked until PERSISTENT_LOCK set to LOCKED. | - * +-----------------+----------------+-----------------------------------------------+ - * | LOCKED | UNLOCKED | Unlocked until deselect or TRANSIENT_LOCK set | - * | | | to LOCKED. | - * +-----------------+----------------+-----------------------------------------------+ - * | LOCKED | LOCKED | Locked until PERSISTENT_LOCK set to UNLOCKED. | - * +-----------------+----------------+-----------------------------------------------+ - * @endrst - * - * - * # Command to Applet - * - * @rst - * +---------+--------------+-------------------------------------+ - * | Field | Value | Description | - * +=========+==============+=====================================+ - * | CLA | 0x80 | | - * +---------+--------------+-------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +---------+--------------+-------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+--------------+-------------------------------------+ - * | P2 | P2_TRANSPORT | See :cpp:type:`SE05x_P2_t` | - * +---------+--------------+-------------------------------------+ - * | Lc | #(Payload) | | - * +---------+--------------+-------------------------------------+ - * | Payload | TLV[TAG_1] | 1-byte :cpp:type:`LockIndicatorRef` | - * +---------+--------------+-------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`LockStateRef` | - * +---------+--------------+-------------------------------------+ - * | Le | | | - * +---------+--------------+-------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] lockIndicator lock indicator [1:kSE05x_TAG_1] - * @param[in] lockState lock state [2:kSE05x_TAG_2] - */ -smStatus_t Se05x_API_SetLockState(pSe05xSession_t session_ctx, uint8_t lockIndicator, uint8_t lockState); - -/** Se05x_API_SetPlatformSCPRequest - * - * Sets the required state for platform SCP (required or not required). This is a - * persistent state. - * - * If platform SCP is set to SCP_REQUIRED, any applet APDU command will be - * refused by the applet when platform SCP is not enabled. Enabled means full - * encryption and MAC, both on C-APDU and R-APDU. Any other level is not - * sufficient and will not be accepted. SCP02 will not be accepted (as there is - * no response MAC and encryption). - * - * If platform SCP is set to "not required," any applet APDU command will be - * accepted by the applet. - * - * This command can only be used in a session that used the credential with - * identifier RESERVED_ID_PLATFORM_SCP as authentication object. - * - * Note that the default state is SCP_NOT_REQUIRED. - * - * - * # Command to Applet - * - * @rst - * +---------+------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=========+============+===============================================+ - * | CLA | 0x80 | | - * +---------+------------+-----------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +---------+------------+-----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+------------+-----------------------------------------------+ - * | P2 | P2_SCP | See :cpp:type:`SE05x_P2_t` | - * +---------+------------+-----------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+------------+-----------------------------------------------+ - * | Payload | TLV[TAG_1] | 1-byte :cpp:type:`SE05x_PlatformSCPRequest_t` | - * +---------+------------+-----------------------------------------------+ - * | Le | | | - * +---------+------------+-----------------------------------------------+ - * @endrst - * - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] platformSCPRequest platf scp req [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_SetPlatformSCPRequest(pSe05xSession_t session_ctx, SE05x_PlatformSCPRequest_t platformSCPRequest); - -/** Se05x_API_SetAppletFeatures - * - * Sets the applet features that are supported. To successfully execute this - * command, the session must be authenticated using the RESERVED_ID_FEATURE. - * - * The 2-byte input value is a pre-defined AppletConfig value. - * - * # Command to Applet - * - * @rst - * +---------+------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=========+============+===============================================+ - * | CLA | 0x80 | | - * +---------+------------+-----------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +---------+------------+-----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+------------+-----------------------------------------------+ - * | P2 | P2_VARIANT | See :cpp:type:`SE05x_P2_t` | - * +---------+------------+-----------------------------------------------+ - * | Lc | #(Payload) | Payload length | - * +---------+------------+-----------------------------------------------+ - * | Payload | TLV[TAG_1] | 2-byte Variant from | - * | | | :cpp:type:`SE05x_AppletConfig_t` | - * +---------+------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] variant variant [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_SetAppletFeatures(pSe05xSession_t session_ctx, pSe05xAppletFeatures_t appletVariant); - -/** Se05x_API_WriteECKey - * - * Write or update an EC key object. - * - * P1KeyPart indicates the key type to be created (if the object does not yet - * exist). - * - * If P1KeyPart = P1_KEY_PAIR, Private Key Value (TLV[TAG_3]) and Public Key - * Value (TLV[TAG_4) must both be present, or both be absent. If absent, the key - * pair is generated in the SE05X . - * - * If the object already exists, P1KeyPart is ignored. - * - * @rst - * +---------+------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+========================+================================================+ - * | P1 | :cpp:type:`SE05x_P1_t` | See :cpp:type:`SE05x_P1_t` , P1KeyType | - * | | | P1_EC | should only be set for new objects. | - * +---------+------------------------+------------------------------------------------+ - * | P2 | P2_DEFAULT | See P2 | - * +---------+------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional - only when the object | - * | | | identifier is not in use yet] | - * +---------+------------------------+------------------------------------------------+ - * | | TLV[TAG_MAX_ATTEMPTS] | 2-byte maximum number of attempts. If 0 is | - * | | | given, this means unlimited. [Optional: | - * | | | default unlimited] [Conditional: only when | - * | | | the object identifier is not in use yet and | - * | | | INS includes INS_AUTH_OBJECT; see | - * | | | AuthenticationObjectPolicies ] | - * +---------+------------------------+------------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +---------+------------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 1-byte curve identifier, see ECCurve | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet; ] | - * +---------+------------------------+------------------------------------------------+ - * | | TLV[TAG_3] | Private key value (see :cpp:type:`ECKeyRef` | - * | | | ) [Conditional: only when the private key is | - * | | | externally generated and P1KeyType is either | - * | | | P1_KEY_PAIR or P1_PRIVATE] | - * +---------+------------------------+------------------------------------------------+ - * | | TLV[TAG_4] | Public key value (see :cpp:type:`ECKeyRef` ) | - * | | | [Conditional: only when the public key is | - * | | | externally generated and P1KeyType is either | - * | | | P1_KEY_PAIR or P1_PUBLIC] | - * +---------+------------------------+------------------------------------------------+ - * | | TLV[TAG_11] | 4-byte version [Optional] | - * +---------+------------------------+------------------------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param[in] policy The policy - * @param[in] maxAttempt The maximum attempt - * @param[in] objectID The object id - * @param[in] curveID The curve id - * @param[in] privKey The priv key - * @param[in] privKeyLen The priv key length - * @param[in] pubKey The pub key - * @param[in] pubKeyLen The pub key length - * @param[in] ins_type The insert type - * @param[in] key_part The key part - * - * @return The sm status. - */ -smStatus_t Se05x_API_WriteECKey(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_ECCurve_t curveID, - const uint8_t *privKey, - size_t privKeyLen, - const uint8_t *pubKey, - size_t pubKeyLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part); - -/** Se05x_API_WriteRSAKey - * - * Creates or writes an RSA key or a key component. - * - * Supported key sizes are listed in RSABitLength. Other values are not - * supported. - * - * An RSA key creation requires multiple ADPUs to be sent: - * - * * The first APDU must contain: - * - * * Policy (optional, so only if non-default applies) - * - * * Object identifier - * - * * Key size - * - * * 1 of the key components. - * - * * Each next APDU must contain 1 of the key components. - * - * The policy applies only once all key components are set. - * - * Once an RSAKey object has been created, its format remains fixed and cannot - * be updated (so CRT or raw mode, no switch possible). - * - * If the object already exists, P1KeyType is ignored. - * - * For key pairs, if no component is present (TAG_3 until TAG_9), the key pair - * will be generated on chip; otherwise the key pair will be constructed - * starting with the given component. - * - * For private keys or public keys, there should always be exactly one of the - * tags TAG_3 until TAG_10. - * - * * TLV[TAG_8] and TLV[TAG_10] must only contain a value if the key pair is - * to be set to a known value and P1KeyType is either P1_KEY_PAIR or - * P1_PUBLIC; otherwise the value must be absent and the length must be - * equal to 0. - * - * * TLV[TAG_9] must only contain a value it the key is to be set in raw mode - * to a known value and P1KeyType is either P1_KEY_PAIR or P1_PRIVATE; - * otherwise the value must be absent and the length must be equal to 0. - * - * * If TLV[TAG_3] up to TLV[TAG_10] are absent (except TLV[TAG_8]), the RSA - * key will be generated on chip in case the object does not yet exist; - * otherwise it will be regenerated. This only applies to RSA key pairs. - * - * * Keys can be set by setting the different components of a key; only 1 - * component can be set at a time in this case. - * - * - * @rst - * +---------+-------------------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+===============================+================================================+ - * | P1 | :cpp:type:`SE05x_KeyPart_t` | | See :cpp:type:`SE05x_P1_t` | - * | | P1_RSA | | - * +---------+-------------------------------+------------------------------------------------+ - * | P2 | P2_DEFAULT or P2_RAW | See :cpp:type:`SE05x_P2_t`; P2_RAW only in | - * | | | case P1KeyPart = P1_KEY_PAIR and TLV[TAG_3] | - * | | | until TLV[TAG_10] is empty and the must | - * | | | generate a raw RSA key pair; all other cases: | - * | | | P2_DEFAULT. | - * +---------+-------------------------------+------------------------------------------------+ - * | Payload | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 2-byte key size in bits | - * | | | (:cpp:type:`SE05x_RSABitLength_t`) | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_3] | P component [Conditional: only when the | - * | | | object identifier is in CRT mode and the key | - * | | | is generated externally and P1KeyPart is | - * | | | either P1_KEY_PAIR or P1_PRIVATE] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_4] | Q component [Conditional: only when the | - * | | | object identifier is in CRT mode and the key | - * | | | is generated externally and P1KeyPart is | - * | | | either P1_KEY_PAIR or P1_PRIVATE] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_5] | DP component [Conditional: only when the | - * | | | object identifier is in CRT mode and the key | - * | | | is generated externally and P1KeyPart is | - * | | | either P1_KEY_PAIR or P1_PRIVATE] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_6] | DQ component [Conditional: only when the | - * | | | object identifier is in CRT mode and the key | - * | | | is generated externally and P1KeyPart is | - * | | | either P1_KEY_PAIR or P1_PRIVATE] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_7] | INV_Q component [Conditional: only when the | - * | | | object identifier is in CRT mode and the key | - * | | | is generated externally and P1KeyPart is | - * | | | either P1_KEY_PAIR or P1_PRIVATE] | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_8] | Public exponent | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_9] | Private Key (non-CRT mode only) | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_10] | Public Key (Modulus) | - * +---------+-------------------------------+------------------------------------------------+ - * | | TLV[TAG_11] | 4-byte version [Optional] | - * +---------+-------------------------------+------------------------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param[in] policy The policy - * @param[in] objectID The object id - * @param[in] size The size - * @param[in] p The part p - * @param[in] pLen The p length - * @param[in] q The quarter - * @param[in] qLen The quarter length - * @param[in] dp The part dp - * @param[in] dpLen The dp length - * @param[in] dq The part dq - * @param[in] dqLen The dq length - * @param[in] qInv The quarter inv - * @param[in] qInvLen The quarter inv length - * @param[in] pubExp The pub exponent - * @param[in] pubExpLen The pub exponent length - * @param[in] priv The priv - * @param[in] privLen The priv length - * @param[in] pubMod The pub modifier - * @param[in] pubModLen The pub modifier length - * @param[in] transient_type The transient type - * @param[in] key_part The key part - * @param[in] rsa_format The rsa format - * - * @return The sm status. - */ - -smStatus_t Se05x_API_WriteRSAKey(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t size, - const uint8_t *p, - size_t pLen, - const uint8_t *q, - size_t qLen, - const uint8_t *dp, - size_t dpLen, - const uint8_t *dq, - size_t dqLen, - const uint8_t *qInv, - size_t qInvLen, - const uint8_t *pubExp, - size_t pubExpLen, - const uint8_t *priv, - size_t privLen, - const uint8_t *pubMod, - size_t pubModLen, - const SE05x_INS_t transient_type, - const SE05x_KeyPart_t key_part, - const SE05x_RSAKeyFormat_t rsa_format); - -/** Se05x_API_WriteSymmKey - * - * Creates or writes an AES key, DES key or HMAC key, indicated by P1: - * - * * P1_AES - * - * * P1_DES - * - * * P1_HMAC - * - * Users can pass RFC3394 wrapped keys by indicating the KEK in TLV[TAG_2]. Note - * that RFC3394 required 8-byte aligned input, so this can only be used when the - * key has an 8-byte aligned length. - * - * # Command to Applet - * - * @rst - * +---------+-----------------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=========+=======================+===============================================+ - * | P1 | See above | See :cpp:type:`SE05x_P1_t` | - * +---------+-----------------------+-----------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +---------+-----------------------+-----------------------------------------------+ - * | Payload | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_MAX_ATTEMPTS] | 2-byte maximum number of attempts. If 0 is | - * | | | given, this means unlimited. [Optional: | - * | | | default unlimited] [Conditional: only when | - * | | | the object identifier is not in use yet and | - * | | | INS includes INS_AUTH_OBJECT; see | - * | | | AuthenticationObjectPolicies] | - * +---------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +---------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 4-byte KEK identifier [Conditional: only | - * | | | when the key value is RFC3394 wrapped] | - * +---------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_3] | Key value, either plain or RFC3394 wrapped. | - * +---------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_4] | Tag length for GCM/GMAC. Will only be used if | - * | | | the object is an AESKey. [Optional] | - * +---------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_11] | 4-byte version [Optional] | - * +---------+-----------------------+-----------------------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param[in] policy The policy - * @param[in] maxAttempt The maximum attempt - * @param[in] objectID The object id - * @param[in] kekID The kek id - * @param[in] keyValue The key value - * @param[in] keyValueLen The key value length - * @param[in] ins_type The insert type - * @param[in] type The type - * - * @return The sm status. - */ -smStatus_t Se05x_API_WriteSymmKey(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_KeyID_t kekID, - const uint8_t *keyValue, - size_t keyValueLen, - const SE05x_INS_t ins_type, - const SE05x_SymmKeyType_t type); - -/** Se05x_API_WriteBinary - * - * Creates or writes to a binary file object. Data are written to either the - * start of the file or (if specified) to the offset passed to the function. - * - * # Command to Applet - * - * @rst - * +---------+-----------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=========+=================+===============================================+ - * | P1 | P1_BINARY | See :cpp:type:`SE05x_P1_t` | - * +---------+-----------------+-----------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +---------+-----------------+-----------------------------------------------+ - * | Payload | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-----------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +---------+-----------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 2-byte file offset [Optional: default = 0] | - * +---------+-----------------+-----------------------------------------------+ - * | | TLV[TAG_3] | 2-byte file length (up to 0x7FFF). | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-----------------+-----------------------------------------------+ - * | | TLV[TAG_4] | Data to be written [Optional: if not given, | - * | | | TAG_3 must be filled] | - * +---------+-----------------+-----------------------------------------------+ - * | | TLV[TAG_11] | 4-byte version [Optional] | - * +---------+-----------------+-----------------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] policy policy [1:kSE05x_TAG_POLICY] - * @param[in] objectID object id [2:kSE05x_TAG_1] - * @param[in] offset offset [3:kSE05x_TAG_2] - * @param[in] length length [4:kSE05x_TAG_3] - * @param[in] inputData input data [5:kSE05x_TAG_4] - * @param[in] inputDataLen Length of inputData - */ - -smStatus_t Se05x_API_WriteBinary(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t offset, - uint16_t length, - const uint8_t *inputData, - size_t inputDataLen); - -/** Se05x_API_WriteUserID - * - * Creates a UserID object, setting the user identifier value. The policy defines - * the maximum number of attempts that can be performed as comparison. - * - * # Command to Applet - * - * @rst - * +-------+-----------------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+=======================+===============================================+ - * | P1 | P1_USERID | See :cpp:type:`SE05x_P1_t` | - * +-------+-----------------------+-----------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +-------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +-------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_MAX_ATTEMPTS] | 2-byte maximum number of attempts. If 0 is | - * | | | given, this means unlimited. For pins, the | - * | | | maximum number of attempts must be smaller | - * | | | than 256. [Optional: default = 0] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet and INS includes | - * | | | INS_AUTH_OBJECT; see :cpp:type:`-`] | - * +-------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier. | - * +-------+-----------------------+-----------------------------------------------+ - * | | TLV[TAG_2] | Byte array containing 4 to 16 bytes user | - * | | | identifier value. | - * +-------+-----------------------+-----------------------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param[in] policy The policy - * @param[in] maxAttempt The maximum attempt - * @param[in] objectID The object id - * @param[in] userId The user identifier - * @param[in] userIdLen The user identifier length - * @param[in] attestation_type The attestation type - * - * @return The sm status. - */ -smStatus_t Se05x_API_WriteUserID(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - const uint8_t *userId, - size_t userIdLen, - const SE05x_AttestationType_t attestation_type); - -/** Se05x_API_CreateCounter - * - * Creates a new counter object. - * - * Counters can only be incremented, not decremented. - * - * When a counter reaches its maximum value (e.g., 0xFFFFFFFF for a 4-byte - * counter), they cannot be incremented again. - * - * An input value (TAG_3) must always have the same length as the existing - * counter (if it exists); otherwise the command will return an error. - * - * # Command to Applet - * - * @rst - * +---------+-----------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+=================+================================================+ - * | P1 | P1_COUNTER | See :cpp:type:`SE05x_P1_t` | - * +---------+-----------------+------------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +---------+-----------------+------------------------------------------------+ - * | Payload | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-----------------+------------------------------------------------+ - * | | TLV[TAG_1] | 4-byte counter identifier. | - * +---------+-----------------+------------------------------------------------+ - * | | TLV[TAG_2] | 2-byte counter size (1 up to 8 bytes). | - * | | | [Conditional: only if object doesn't exist yet | - * | | | and TAG_3 is not given] | - * +---------+-----------------+------------------------------------------------+ - * | | TLV[TAG_3] | Counter value [Optional: - if object doesn't | - * | | | exist: must be present if TAG_2 is not given. | - * | | | - if object exists: if not present, increment | - * | | | by 1. if present, set counter to value.] | - * +---------+-----------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * NA - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] policy policy [1:kSE05x_TAG_POLICY] - * @param[in] objectID object id [2:kSE05x_TAG_1] - * @param[in] size size [3:kSE05x_TAG_2] - */ -smStatus_t Se05x_API_CreateCounter( - pSe05xSession_t session_ctx, pSe05xPolicy_t policy, uint32_t objectID, uint16_t size); - -/** Se05x_API_SetCounterValue - * - * See @ref Se05x_API_CreateCounter - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[in] size size [3:kSE05x_TAG_2] - * @param[in] value value [4:kSE05x_TAG_3] - */ -smStatus_t Se05x_API_SetCounterValue(pSe05xSession_t session_ctx, uint32_t objectID, uint16_t size, uint64_t value); - -/** Se05x_API_IncCounter - * - * See @ref Se05x_API_CreateCounter - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_IncCounter(pSe05xSession_t session_ctx, uint32_t objectID); - -/** Se05x_API_WritePCR - * - * Creates or writes to a PCR object. - * - * A PCR is a hash to which data can be appended; i.e., writing data to a PCR - * will update the value of the PCR to be the hash of all previously inserted - * data concatenated with the new input data. - * - * A PCR will always use DigestMode = DIGEST_SHA256; no other configuration - * possible. - * - * If TAG_2 and TAG_3 is not passed, the PCR is reset to its initial value (i.e., - * the value set when the PCR was created). - * - * This reset is controlled under the POLICY_OBJ_ALLOW_DELETE policy, so users - * that can delete the PCR can also reset the PCR to initial value. - * - * # Command to Applet - * - * @rst - * +---------+-----------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+=================+================================================+ - * | P1 | P1_PCR | See :cpp:type:`SE05x_P1_t` | - * +---------+-----------------+------------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +---------+-----------------+------------------------------------------------+ - * | Payload | TLV[TAG_POLICY] | Byte array containing the object policy. | - * | | | [Optional: default policy applies] | - * | | | [Conditional: only when the object identifier | - * | | | is not in use yet] | - * +---------+-----------------+------------------------------------------------+ - * | | TLV[TAG_1] | 4-byte PCR identifier. | - * +---------+-----------------+------------------------------------------------+ - * | | TLV[TAG_2] | Initial hash value [Conditional: only when | - * | | | the object identifier is not in use yet] | - * +---------+-----------------+------------------------------------------------+ - * | | TLV[TAG_3] | Data to be extended to the existing PCR. | - * | | | [Conditional: only when the object identifier | - * | | | is already in use] [Optional: not present if | - * | | | a Reset is requested] | - * +---------+-----------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] policy policy [1:kSE05x_TAG_POLICY] - * @param[in] pcrID object id [2:kSE05x_TAG_1] - * @param[in] initialValue initialValue [3:kSE05x_TAG_2] - * @param[in] initialValueLen Length of initialValue - * @param[in] inputData inputData [4:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - */ -#if ENABLE_DEPRECATED_API_WritePCR -smStatus_t Se05x_API_WritePCR(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t pcrID, - const uint8_t *initialValue, - size_t initialValueLen, - const uint8_t *inputData, - size_t inputDataLen); -#endif // ENABLE_DEPRECATED_API_WritePCR -smStatus_t Se05x_API_WritePCR_WithType(pSe05xSession_t session_ctx, - const SE05x_INS_t ins_type, - pSe05xPolicy_t policy, - uint32_t pcrID, - const uint8_t *initialValue, - size_t initialValueLen, - const uint8_t *inputData, - size_t inputDataLen); - -/** Se05x_API_ImportObject - * - * Writes a serialized Secure Object to the SE05X (i.e., "import") - * - * # Command to Applet - * - * @rst - * +---------+------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=========+============+===============================================+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+------------+-----------------------------------------------+ - * | P2 | P2_IMPORT | See :cpp:type:`SE05x_P2_t` | - * +---------+------------+-----------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier. | - * +---------+------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_RSAKeyComponent_t` | - * | | | [Conditional: only when the identifier refers | - * | | | to an RSAKey object] | - * +---------+------------+-----------------------------------------------+ - * | | TLV[TAG_3] | Serialized object (encrypted). | - * +---------+------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[in] rsaKeyComp rsaKeyComp [2:kSE05x_TAG_2] - * @param[in] serializedObject serializedObject [3:kSE05x_TAG_3] - * @param[in] serializedObjectLen Length of serializedObject - */ -smStatus_t Se05x_API_ImportObject(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAKeyComponent_t rsaKeyComp, - const uint8_t *serializedObject, - size_t serializedObjectLen); - -/** Se05x_API_ImportExternalObject - * - * Combined with the INS_IMPORT_EXTERNAL mask, enables users to send a - * WriteSecureObject APDU (WriteECKey until WritePCR) protected by a - * secure channel. - * - * Secure Objects can be imported into the SE05X through a secure channel which - * does not require the establishment of a session. This feature is also referred - * to single side import and can only be used to create or update objects. - * - * The mechanism is based on ECKey session to protect the Secure Object content - * and is summarized in the following figure. - * - * External import flow - * - * The flow above can be summarized in the following steps: - * - * 1. The user obtains the SE public key for import via the to get - * the public key from the device's key pair. Key ID 0x02 will - * return the public key of the EC key pair with - * RESERVED_ID_EXTERNAL_IMPORT. The response is signed by the - * same key pair. - * - * 2. The user calls with input: - * * the applet AID (e.g.A0000003965453000000010300000000) - * - * * the SCPparameters - * - * * 1-byte SCP identifier, must equal0xAB - * - * * 2-byte SCP parameter, must equal 0x01 followed by 1-byte - * security level (which follows the GlobalPlatform security - * level definition, see: . - * - * * key type, must be 0x88 (AES keytype) - * - * * key length, must be 0x10 (AES128key) - * - * * host public key (65-byte NIST P-256 publickey) - * - * * host public key curve identifier (must be 0x03 (=NIST_P256)) - * - * * ASN.1 signature over the TLV with tags 0xA6 and0x7F49. - * - * The applet will then calculate the master key by performing SHA256 - * over a byte array containing (in order): - * - * * 4-byte counter value being0x00000001 - * - * * shared secret (ECDH calculation according [IEEE P1363] using - * the private keyfrom RESERVED_ID_ECKEY_SESSION and the public - * key provided as input to ECKeySessionInternalAuthenticate. The - * length depends on the curve used (e.g. 32 byte for NIST P-256 - * curve). - * - * * 16-byte random generated by the SE05X. - * - * * 2-byte SCP parameter, must equal 0x01 followed by 1-byte - * security level (which follows the GlobalPlatform security level - * definition, see: . - * - * * 1-byte keytype - * - * * 1-byte keylength - * - * The master key will then be the 16 MSB's of the hash output. - * - * Using the master key, the 3 session keys are derived by following the - * GlobalPlatform specification to derive session keys, e.g. derivation input: - * - * * ENCsession key = CMAC(MK, 00000000000000000000000400008001) - * - * * CMACsession key = CMAC(MK, 00000000000000000000000600008001) - * - * * RMACsession key = CMAC(MK, 00000000000000000000000700008001) - * - * The Authentication Object ID needs to be passed using TAG_IMPORT_AUTH_KEY_ID, - * followed by the Write APDU command (using tag TAG_1). - * - * The Write APDU command needs to be constructed as follows: - * - * * Encrypt the command encryption counter (starting with - * 0x00000000000000000000000000000001) using the S_ENC key. This - * becomes the IV for the encrypted APDU. - * - * * Get the APDU command payload and pad it (ISO9797 M2 padding). - * - * * Encrypt the payload in AES CBC mode using the S_ENC key. - * - * * Set the Secure Messaging bit in the CLA (0x04). - * - * * Concatenate the MAC chaining value with the full APDU. - * - * * Then calculate the MAC on this byte array and append the 8-byte - * MAC value to the APDU. - * - * * Finally increment the encryption counter for the next command. - * - * A receipt will be generated by doing a CMAC operation on the input from tag - * 0xA6 and 0x7F49 using the RMAC session key, - * - * Receipt = CMAC(RMAC session key, ) - * - * There is no need to establish a session; therefore, the ImportExternalObject - * commands are always sent in the default session. The ImportExternalObject - * commands are replayable. - * - * The P1 and P2 parameters shall be coded as per the intended operation. For - * example, to import an EC Key, the P1 and P2 parameters as defined in - * WriteECKey shall be specified. - * - * # Command to Applet - * - * @rst - * +---------+-----------------------------+---------------------------------------------+ - * | Field | Value | Description | - * +=========+=============================+=============================================+ - * | CLA | 0x80 | | - * +---------+-----------------------------+---------------------------------------------+ - * | INS | INS_IMPORT_EXTERNAL | See :cpp:type:`SE05x_INS_t` | - * +---------+-----------------------------+---------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +---------+-----------------------------+---------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +---------+-----------------------------+---------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+-----------------------------+---------------------------------------------+ - * | Payload | TLV[TAG_IMPORT_AUTH_DATA] | Authentication data | - * +---------+-----------------------------+---------------------------------------------+ - * | | TLV[TAG_IMPORT_AUTH_KEY_ID] | Host public key Identifier | - * +---------+-----------------------------+---------------------------------------------+ - * | | TLV[TAG_1]... | Wraps a complete WriteSecureObject command, | - * | | | protected by ECKey session secure messaging | - * +---------+-----------------------------+---------------------------------------------+ - * | | TLV[TAG_11] | 4-byte version [Optional] | - * +---------+-----------------------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] ECKeydata ECKeydata [1:kSE05x_TAG_2] - * @param[in] ECKeydataLen Length of ECKeydata - * @param[in] serializedObject serializedObject [2:kSE05x_TAG_3] - * @param[in] serializedObjectLen Length of serializedObject - */ -smStatus_t Se05x_API_ImportExternalObject(pSe05xSession_t session_ctx, - const uint8_t *ECKeydata, - size_t ECKeydataLen, - const uint8_t *ECAuthKeyID, - size_t ECAuthKeyIDLen, - const uint8_t *serializedObject, - size_t serializedObjectLen); - -/** Se05x_API_ReadObject - * - * Reads the content of a Secure Object. - * - * * If the object is a key pair, the command will return the key - * pair's public key. - * - * * If the object is a public key, the command will return the public - * key. - * - * * If the object is a private key or a symmetric key or a userID, - * the command will return SW_CONDITIONS_NOT_SATISFIED. - * - * * If the object is a binary file, the file content is read, giving - * the offset in TLV[TAG_2] and the length to read in - * TLV[TAG_3]. Both TLV[TAG_2] and TLV[TAG_3] are bound together; - * i.e.. either both tags are present, or both are absent. If both - * are absent, the whole file content is returned. - * - * * If the object is a monotonic counter, the counter value is - * returned. - * - * * If the object is a PCR, the PCR value is returned. - * - * * If TLV[TAG_4] is filled, only the modulus or public exponent of - * an RSA key pair or RSA public key is read. It does not apply to - * other Secure Object types. - * - * # Command to Applet - * - * @rst - * +-------+------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+============+==============================================+ - * | CLA | 0x80 | | - * +-------+------------+----------------------------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t`, in addition to | - * | | | INS_READ, users can set the INS_ATTEST flag. | - * | | | In that case, attestation applies. | - * +-------+------------+----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+----------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+----------------------------------------------+ - * | Lc | #(Payload) | Payload Length. | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_2] | 2-byte offset [Optional: default 0] | - * | | | [Conditional: only when the object is a | - * | | | BinaryFile object] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_3] | 2-byte length [Optional: default 0] | - * | | | [Conditional: only when the object is a | - * | | | BinaryFile object] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_4] | 1-byte :cpp:type:`SE05x_RSAKeyComponent_t`: | - * | | | either RSA_COMP_MOD or RSA_COMP_PUB_EXP. | - * | | | [Optional] [Conditional: only for RSA key | - * | | | components] | - * +-------+------------+----------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------------+ - * | Value | Description | - * +============+============================================+ - * | TLV[TAG_1] | Data read from the secure object. | - * +------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | The read is done successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[in] offset offset [2:kSE05x_TAG_2] - * @param[in] length length [3:kSE05x_TAG_3] - * @param[out] data [0:kSE05x_TAG_1] - * @param[in,out] pdataLen Length for data - */ -smStatus_t Se05x_API_ReadObject( - pSe05xSession_t session_ctx, uint32_t objectID, uint16_t offset, uint16_t length, uint8_t *data, size_t *pdataLen); - -/** Se05x_API_ReadObject_W_Attst - * - * Read with attestation. - * - * See @ref Se05x_API_ReadObject - * - * When INS_ATTEST is set in addition to INS_READ, the secure object is read with - * attestation. In addition to the response in TLV[TAG_1], there are additional - * tags: - * - * TLV[TAG_2] will hold the object attributes (see ObjectAttributes). - * - * TLV[TAG_3] relative timestamp when the object has been retrieved - * - * TLV[TAG_4] will hold freshness random data - * - * TLV[TAG_5] will hold the unique ID of the device. - * - * TLV[TAG_6] will hold the signature over all concatenated Value fields tags of - * the response (TAG_1 until and including TAG_5). - * - * # Command to Applet - * - * @rst - * +-------+------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+============+==============================================+ - * | CLA | 0x80 | | - * +-------+------------+----------------------------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t`, in addition to | - * | | | INS_READ, users can set the INS_ATTEST flag. | - * | | | In that case, attestation applies. | - * +-------+------------+----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+----------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+----------------------------------------------+ - * | Lc | #(Payload) | Payload Length. | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_2] | 2-byte offset [Optional: default 0] | - * | | | [Conditional: only when the object is a | - * | | | BinaryFile object] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_3] | 2-byte length [Optional: default 0] | - * | | | [Conditional: only when the object is a | - * | | | BinaryFile object] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_4] | 1-byte :cpp:type:`SE05x_RSAKeyComponent_t`: | - * | | | either RSA_COMP_MOD or RSA_COMP_PUB_EXP. | - * | | | [Optional] [Conditional: only for RSA key | - * | | | components] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_5] | 4-byte attestation object identifier. | - * | | | [Optional] [Conditional: only when | - * | | | INS_ATTEST is set] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_6] | 1-byte :cpp:type:`SE05x_AttestationAlgo_t` | - * | | | [Optional] [Conditional: only when | - * | | | INS_ATTEST is set] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_7] | 16-byte freshness random [Optional] | - * | | | [Conditional: only when INS_ATTEST is set] | - * +-------+------------+----------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------+----------------------------------------------+ - * @endrst - * - * - * @rst - * +------------+--------------------------------------------+ - * | Value | Description | - * +============+============================================+ - * | TLV[TAG_1] | Data read from the secure object. | - * +------------+--------------------------------------------+ - * | TLV[TAG_2] | (only when INS_ATTEST is set) Byte array | - * | | containing the attributes (see | - * | | :cpp:type:`ObjectAttributesRef`). | - * +------------+--------------------------------------------+ - * | TLV[TAG_3] | (only when INS_ATTEST is set) 12-byte | - * | | timestamp | - * +------------+--------------------------------------------+ - * | TLV[TAG_4] | (only when INS_ATTEST is set) 16-byte | - * | | freshness random | - * +------------+--------------------------------------------+ - * | TLV[TAG_5] | (only when INS_ATTEST is set) 18-byte Chip | - * | | unique ID | - * +------------+--------------------------------------------+ - * | TLV[TAG_6] | (only when INS_ATTEST is set) Signature | - * | | applied over the value of TLV[TAG_1], | - * | | TLV[TAG_2], TLV[TAG_3], TLV[TAG_4] and | - * | | TLV[TAG_5]. | - * +------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------------+ - * | Value | Description | - * +============+============================================+ - * | TLV[TAG_1] | Data read from the secure object. | - * +------------+--------------------------------------------+ - * | TLV[TAG_2] | (only when INS_ATTEST is set) Byte array | - * | | containing the attributes (see | - * | | :cpp:type:`ObjectAttributesRef`). | - * +------------+--------------------------------------------+ - * | TLV[TAG_3] | (only when INS_ATTEST is set) 12-byte | - * | | timestamp | - * +------------+--------------------------------------------+ - * | TLV[TAG_4] | (only when INS_ATTEST is set) 16-byte | - * | | freshness random | - * +------------+--------------------------------------------+ - * | TLV[TAG_5] | (only when INS_ATTEST is set) 18-byte Chip | - * | | unique ID | - * +------------+--------------------------------------------+ - * | TLV[TAG_6] | (only when INS_ATTEST is set) Signature | - * | | applied over the value of TLV[TAG_1], | - * | | TLV[TAG_2], TLV[TAG_3], TLV[TAG_4] and | - * | | TLV[TAG_5]. | - * +------------+--------------------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] offset The offset - * @param[in] length The length - * @param[in] attestID The attest id - * @param[in] attestAlgo The attest algorithm - * @param[in] random The random - * @param[in] randomLen The random length - * @param data The data - * @param pdataLen The pdata length - * @param attribute The attribute - * @param pattributeLen The pattribute length - * @param ptimeStamp The ptime stamp - * @param outrandom The outrandom - * @param poutrandomLen The poutrandom length - * @param chipId The chip identifier - * @param pchipIdLen The pchip identifier length - * @param signature The signature - * @param psignatureLen The psignature length - * - * @return The sm status. - */ -smStatus_t Se05x_API_ReadObject_W_Attst(pSe05xSession_t session_ctx, - uint32_t objectID, - uint16_t offset, - uint16_t length, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *data, - size_t *pdataLen, - uint8_t *attribute, - size_t *pattributeLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_ReadRSA - * - * See @ref Se05x_API_ReadObject - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[in] offset offset [2:kSE05x_TAG_2] - * @param[in] length length [3:kSE05x_TAG_3] - * @param[in] rsa_key_comp rsa_key_comp [4:kSE05x_TAG_4] - * @param[out] data [0:kSE05x_TAG_1] - * @param[in,out] pdataLen Length for data - */ -smStatus_t Se05x_API_ReadRSA(pSe05xSession_t session_ctx, - uint32_t objectID, - uint16_t offset, - uint16_t length, - SE05x_RSAPubKeyComp_t rsa_key_comp, - uint8_t *data, - size_t *pdataLen); - -/** Se05x_API_ReadRSA_W_Attst - * - * See @ref Se05x_API_ReadObject_W_Attst - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] offset The offset - * @param[in] length The length - * @param[in] rsa_key_comp The rsa key component - * @param[in] attestID The attest id - * @param[in] attestAlgo The attest algorithm - * @param[in] random The random - * @param[in] randomLen The random length - * @param data The data - * @param pdataLen The pdata length - * @param attribute The attribute - * @param pattributeLen The pattribute length - * @param ptimeStamp The ptime stamp - * @param outrandom The outrandom - * @param poutrandomLen The poutrandom length - * @param chipId The chip identifier - * @param pchipIdLen The pchip identifier length - * @param signature The signature - * @param psignatureLen The psignature length - * - * @return The sm status. - */ -smStatus_t Se05x_API_ReadRSA_W_Attst(pSe05xSession_t session_ctx, - uint32_t objectID, - uint16_t offset, - uint16_t length, - SE05x_RSAPubKeyComp_t rsa_key_comp, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *data, - size_t *pdataLen, - uint8_t *attribute, - size_t *pattributeLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_ReadObjectAttributes_W_Attst - * - * Reads the attributes of a Secure Object (without the value of the Secure - * Object). - * - * Each Secure Object has a number of attributes assigned to it. These attributes - * are listed in for Authentication Objects and in for non-Authentication - * Objects. - * - * # Authentication Object attributes - * - * @rst - * +----------------------------------+--------------+------------------------------------------------+ - * | Attribute | Size (bytes) | Description | - * +==================================+==============+================================================+ - * | Object identifier | 4 | See :cpp:type:`identifiersRef` | - * +----------------------------------+--------------+------------------------------------------------+ - * | Object type | 1 | One of SecureObjectType | - * +----------------------------------+--------------+------------------------------------------------+ - * | Authentication attribute | 1 | One of :cpp:type:`SetIndicatorRef` | - * +----------------------------------+--------------+------------------------------------------------+ - * | Object counter | 2 | Number of failed attempts for an | - * | | | authentication object if the Maximum | - * | | | Authentication Attempts has been set. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Authentication object identifier | 4 | "Owner" of the secure object; i.e., the | - * | | | identifier of the session authentication | - * | | | object when the object has been created. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Maximum authentication attempts | 2 | Maximum number of authentication attempts. 0 | - * | | | means unlimited. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Policy | Variable | Policy attached to the object | - * +----------------------------------+--------------+------------------------------------------------+ - * | Origin | 1 | One of :cpp:type:`OriginRef`; indicates the | - * | | | origin of the Secure Object, either | - * | | | externally set, internally generated or trust | - * | | | provisioned by NXP. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Version | 1 | The Secure Object version. Default = 0. See | - * | | | FIPS compliance for details about versioning | - * | | | of Secure Objects. | - * +----------------------------------+--------------+------------------------------------------------+ - * @endrst - * - * # Non-Authentication Objects - * - * @rst - * +----------------------------------+--------------+------------------------------------------------+ - * | Attribute | Size (bytes) | Description | - * +==================================+==============+================================================+ - * | Object identifier | 4 | See Object identifiers | - * +----------------------------------+--------------+------------------------------------------------+ - * | Object type | 1 | One of SecureObjectType | - * +----------------------------------+--------------+------------------------------------------------+ - * | Authentication attribute | 1 | One of :cpp:type:`SetIndicatorRef` | - * +----------------------------------+--------------+------------------------------------------------+ - * | Tag length | 2 | Set to 0x0000, except for AESKey objects: for | - * | | | AESKey objects, this indicates the GMAC | - * | | | length that applies when doing AEAD | - * | | | operations. If the value is set to 0 and AEAD | - * | | | operations are done, the GMAC length shall be | - * | | | 128 bit. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Authentication object identifier | 4 | "Owner" of the secure object; i.e., the | - * | | | identifier of the session authentication | - * | | | object when the object has been created. | - * +----------------------------------+--------------+------------------------------------------------+ - * | RFU | 2 | Set to 0x0000. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Policy | Variable | Policy attached to the object | - * +----------------------------------+--------------+------------------------------------------------+ - * | Origin | 1 | One of :cpp:type:`OriginRef`; indicates the | - * | | | origin of the Secure Object, either | - * | | | externally set, internally generated or trust | - * | | | provisioned by NXP. | - * +----------------------------------+--------------+------------------------------------------------+ - * | Version | 1 | The Secure Object version. Default = 0. See | - * | | | FIPS compliance for details about versioning | - * | | | of Secure Objects. | - * +----------------------------------+--------------+------------------------------------------------+ - * @endrst - * - * - * # Command to Applet - * - * @rst - * +-------+---------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+===============+===============================================+ - * | CLA | 0x80 | | - * +-------+---------------+-----------------------------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t`, in addition to | - * | | | INS_READ, users can set the INS_ATTEST flag. | - * | | | In that case, attestation applies. | - * +-------+---------------+-----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------+-----------------------------------------------+ - * | P2 | P2_ATTRIBUTES | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------+-----------------------------------------------+ - * | Lc | #(Payload) | Payload Length. | - * +-------+---------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +-------+---------------+-----------------------------------------------+ - * | | TLV[TAG_5] | 4-byte attestation object identifier. | - * | | | [Optional] [Conditional: only when | - * | | | INS_ATTEST is set] | - * +-------+---------------+-----------------------------------------------+ - * | | TLV[TAG_6] | 1-byte AttestationAlgo [Optional] | - * | | | [Conditional: only when INS_ATTEST is set] | - * +-------+---------------+-----------------------------------------------+ - * | | TLV[TAG_7] | 16-byte freshness random [Optional] | - * | | | [Conditional: only when INS_ATTEST is set] | - * +-------+---------------+-----------------------------------------------+ - * | Le | 0x00 | | - * +-------+---------------+-----------------------------------------------+ - * @endrst - * - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------------+ - * | Value | Description | - * +============+============================================+ - * | TLV[TAG_2] | Byte array containing the attributes (see | - * | | Object Attributes). | - * +------------+--------------------------------------------+ - * | TLV[TAG_3] | (only when INS_ATTEST is set) 12-byte | - * | | timestamp | - * +------------+--------------------------------------------+ - * | TLV[TAG_4] | (only when INS_ATTEST is set) 16-byte | - * | | freshness random | - * +------------+--------------------------------------------+ - * | TLV[TAG_5] | (only when INS_ATTEST is set) 18-byte Chip | - * | | unique ID | - * +------------+--------------------------------------------+ - * | TLV[TAG_6] | (only when INS_ATTEST is set) Signature | - * | | applied over the value of TLV[TAG_2], | - * | | TLV[TAG_2], TLV[TAG_3], TLV[TAG_4] and | - * | | TLV[TAG_5]. | - * +------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | The read is done successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] attestID The attest id - * @param[in] attestAlgo The attest algorithm - * @param[in] random The random - * @param[in] randomLen The random length - * @param data The data - * @param pdataLen The pdata length - * @param ptimeStamp The ptime stamp - * @param outrandom The outrandom - * @param poutrandomLen The poutrandom length - * @param chipId The chip identifier - * @param pchipIdLen The pchip identifier length - * @param signature The signature - * @param psignatureLen The psignature length - * - * @return The sm status. - */ -smStatus_t Se05x_API_ReadObjectAttributes_W_Attst(pSe05xSession_t session_ctx, - uint32_t objectID, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *data, - size_t *pdataLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_ExportObject - * - * Reads a transient Secure Object from SE05X. - * - * Secure Objects can be serialized so the Secure Object can be represented as a - * byte array. The byte array contains all attributes of the Secure Object, as - * well as the value (including the secret part!) of the object. - * - * The purpose of the serialization is to be able to allow export and import of - * Secure Objects. Serialized Secure Objects can be reconstructed so they can be - * used as a (normal) Secure Object. Any operation like key or file management - * and crypto operation can only be done on a deserialized Secure Object. - * - * Users can export transient Secure Objects to a non-trusted environment (e.g., - * host controller). The object must be AESKey, DESKey, RSAKey or ECCKey. - * - * Exported credentials are always encrypted and MAC'ed. - * - * The following steps are taken: - * - * * The secure element holds a randomly generated persistent - * 256-bit AES cipher and an 128-bit AES CMAC key. Both keys do - * not require user interaction, they are internal to the SE05X . - * - * * A Secure Object that is identified for export is - * serialized. This means the key value as well as all Secure - * Object attributes are stored as byte array (see Object - * attributes for attribute details). - * - * * The serialized Secure Object is encrypted using AES CBC (no - * padding) and using the default IV. - * - * * A CMAC is applied to the serialized Secure Object + metadata - * using the AES CMAC key. - * - * * The byte array is exported. - * - * An object may only be imported into the store if the SecureObject ID and type - * are the same as the exported object. Therefore, it is not possible to import - * if the corresponding object in the applet has been deleted. - * - * NOTES: - * - * * The exported object is not deleted automatically. - * - * * The timestamp has a 100msec granularity, so it is possible to - * export multiple times with the same timestamp. The freshness - * (user input) should avoid duplicate attestation results as the - * user has to provide different freshness input. - * - * # Command to Applet - * - * @rst - * +-------+------------+--------------------------------------------+ - * | Field | Value | Description | - * +=======+============+============================================+ - * | CLA | 0x80 | | - * +-------+------------+--------------------------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t`. | - * +-------+------------+--------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+--------------------------------------------+ - * | P2 | P2_EXPORT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+--------------------------------------------+ - * | Lc | #(Payload) | Payload Length. | - * +-------+------------+--------------------------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier | - * +-------+------------+--------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_RSAKeyComponent_t` | - * | | | (only applies to Secure Objects of type | - * | | | RSAKey). | - * +-------+------------+--------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------------------------+ - * | Value | Description | - * +============+==============================================+ - * | TLV[TAG_1] | Byte array containing exported Secure Object | - * | | data. | - * +------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+----------------------------------------------+ - * | SW | Description | - * +=============+==============================================+ - * | SW_NO_ERROR | The file is created or updated successfully. | - * +-------------+----------------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[in] rsaKeyComp rsaKeyComp [2:kSE05x_TAG_2] - * @param[out] data [0:kSE05x_TAG_1] - * @param[in,out] pdataLen Length for data - */ -smStatus_t Se05x_API_ExportObject(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAKeyComponent_t rsaKeyComp, - uint8_t *data, - size_t *pdataLen); - -/** Se05x_API_ReadType - * - * Get the type of a Secure Object. - * - * # Command to Applet - * - * @rst - * +-------+------------+-----------------------------+ - * | Field | Value | Description | - * +=======+============+=============================+ - * | CLA | 0x80 | | - * +-------+------------+-----------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-----------------------------+ - * | P2 | P2_TYPE | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-----------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-----------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier. | - * +-------+------------+-----------------------------+ - * | Le | 0x00 | | - * +-------+------------+-----------------------------+ - * @endrst - * - - * # R-APDU Body - * - * @rst - * +------------+-----------------------------------+ - * | Value | Description | - * +============+===================================+ - * | TLV[TAG_1] | Type of the Secure Object: one of | - * | | :cpp:type:`SE05x_SecObjTyp_t` | - * +------------+-----------------------------------+ - * | TLV[TAG_2] | :cpp:type:`TransientIndicatorRef` | - * +------------+-----------------------------------+ - * @endrst - * - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param ptype The ptype - * @param pisTransient The pis transient - * @param[in] attestation_type The attestation type - * - * @return The sm status. - */ -smStatus_t Se05x_API_ReadType(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_SecureObjectType_t *ptype, - uint8_t *pisTransient, - const SE05x_AttestationType_t attestation_type); - -/** Se05x_API_ReadSize - * - * ReadSize - * - * Get the size of a Secure Object (in bytes): - * - * * For EC keys: the size of the curve is returned. - * - * * For RSA keys: the key size is returned. - * - * * For AES/DES/HMAC keys, the key size is returned. - * - * * For binary files: the file size is returned - * - * * For userIDs: nothing is returned (SW_CONDITIONS_NOT_SATISFIED). - * - * * For counters: the counter length is returned. - * - * * For PCR: the PCR length is returned. - * - * # Command to Applet - * - * @rst - * +-------+------------+-----------------------------+ - * | Field | Value | Description | - * +=======+============+=============================+ - * | CLA | 0x80 | | - * +-------+------------+-----------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-----------------------------+ - * | P2 | P2_SIZE | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-----------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-----------------------------+ - * | | TLV[TAG_1] | 4-byte object identifier. | - * +-------+------------+-----------------------------+ - * | Le | 0x00 | | - * +-------+------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------+ - * | Value | Description | - * +============+=============================+ - * | TLV[TAG_1] | Byte array containing size. | - * +------------+-----------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param psize The psize - * - * @return The sm status. - */ -smStatus_t Se05x_API_ReadSize(pSe05xSession_t session_ctx, uint32_t objectID, uint16_t *psize); - -/** Se05x_API_ReadIDList - * - * Get a list of present Secure Object identifiers. - * - * The offset in TAG_1 is an 0-based offset in the list of object. As the user - * does not know how many objects would be returned, the offset needs to be based - * on the return values from the previous ReadIDList. If the applet only returns - * a part of the result, it will indicate that more identifiers are available (by - * setting TLV[TAG_1] in the response to 0x01). The user can then retrieve the - * next chunk of identifiers by calling ReadIDList with an offset that equals the - * amount of identifiers listed in the previous response. - * - * _Example 1:_ first ReadIDList command TAG_1=0, response TAG_1=0, - * TAG_2=complete list - * - * _Example 2:_ first ReadIDList command TAG_1=0, response TAG_1=1, TAG_2=first - * chunk (m entries) second ReadIDList command TAG_1=m, response TAG_1=1, - * TAG_2=second chunk (n entries) thirst ReadIDList command TAG_1=(m+n), response - * TAG_1=0, TAG_2=third last chunk - * - * # Command to Applet - * - * @rst - * +-------+------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+============+===============================================+ - * | CLA | 0x80 | | - * +-------+------------+-----------------------------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-----------------------------------------------+ - * | P2 | P2_LIST | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 2-byte offset | - * +-------+------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte type filter: 1 byte from | - * | | | :cpp:type:`SE05x_SecObjTyp_t` or 0xFF for all | - * | | | types. | - * +-------+------------+-----------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------------------------------------+ - * | Value | Description | - * +============+===========================================+ - * | TLV[TAG_1] | 1-byte :cpp:type:`MoreIndicatorRef` | - * +------------+-------------------------------------------+ - * | TLV[TAG_2] | Byte array containing 4-byte identifiers. | - * +------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] outputOffset output offset [1:kSE05x_TAG_1] - * @param[in] filter filter [2:kSE05x_TAG_2] - * @param[out] pmore If more ids are present [0:kSE05x_TAG_1] - * @param[out] idlist Byte array containing 4-byte identifiers [1:kSE05x_TAG_2] - * @param[in,out] pidlistLen Length for idlist - */ -smStatus_t Se05x_API_ReadIDList(pSe05xSession_t session_ctx, - uint16_t outputOffset, - uint8_t filter, - uint8_t *pmore, - uint8_t *idlist, - size_t *pidlistLen); - -/** Se05x_API_CheckObjectExists - * - * - * Check if a Secure Object with a certain identifier exists or not. - * - * # Command to Applet - * - * @rst - * +-------+------------+-------------------------------------------+ - * | Field | Value | Description | - * +=======+============+===========================================+ - * | CLA | 0x80 | | - * +-------+------------+-------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-------------------------------------------+ - * | P2 | P2_EXIST | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-------------------------------------------+ - * | | TLV[TAG_1] | 4-byte existing Secure Object identifier. | - * +-------+------------+-------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------------+ - * | Value | Description | - * +============+===================================+ - * | TLV[TAG_1] | 1-byte :cpp:type:`SE05x_Result_t` | - * +------------+-----------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[out] presult [0:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_CheckObjectExists(pSe05xSession_t session_ctx, uint32_t objectID, SE05x_Result_t *presult); - -/** Se05x_API_DeleteSecureObject - * - * Deletes a Secure Object. - * - * If the object origin = ORIGIN_PROVISIONED, an error will be returned and the - * object is not deleted. - * - * - * # Command to Applet - * - * @rst - * +-------+------------------+-------------------------------------------+ - * | Field | Value | Description | - * +=======+==================+===========================================+ - * | CLA | 0x80 | | - * +-------+------------------+-------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------------+-------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------+-------------------------------------------+ - * | P2 | P2_DELETE_OBJECT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------+-------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------------+-------------------------------------------+ - * | | TLV[TAG_1] | 4-byte existing Secure Object identifier. | - * +-------+------------------+-------------------------------------------+ - * | Le | - | | - * +-------+------------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+----------------------------------------------+ - * | SW | Description | - * +=============+==============================================+ - * | SW_NO_ERROR | The file is created or updated successfully. | - * +-------------+----------------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_DeleteSecureObject(pSe05xSession_t session_ctx, uint32_t objectID); - -/** Se05x_API_CreateECCurve - * - * Create an EC curve listed in ECCurve. - * - * - * # Command to Applet - * - * @rst - * +-------+------------+-------------------------------+ - * | Field | Value | Description | - * +=======+============+===============================+ - * | CLA | 0x80 | | - * +-------+------------+-------------------------------+ - * | INS | INS_WRITE | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-------------------------------+ - * | P1 | P1_CURVE | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-------------------------------+ - * | P2 | P2_CREATE | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-------------------------------+ - * | | TLV[TAG_1] | 1-byte curve identifier (from | - * | | | :cpp:type:`SE05x_ECCurve_t`). | - * +-------+------------+-------------------------------+ - * | Le | | | - * +-------+------------+-------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] curveID curve id [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_CreateECCurve(pSe05xSession_t session_ctx, SE05x_ECCurve_t curveID); - -/** Se05x_API_SetECCurveParam - * - * Set a curve parameter. The curve must have been created first by - * CreateEcCurve. - * - * All parameters must match the expected value for the listed curves. If the - * curve parameters are not correct, the curve cannot be used. - * - * Users have to set all 5 curve parameters for the curve to be usable. Once all - * curve parameters are given, the secure element will check if all parameters - * are correct and return SW_NO_ERROR.. - * - * # Command to Applet - * - * @rst - * +-------+------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+============+==============================================+ - * | CLA | 0x80 | | - * +-------+------------+----------------------------------------------+ - * | INS | INS_WRITE | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+----------------------------------------------+ - * | P1 | P1_CURVE | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+----------------------------------------------+ - * | P2 | P2_PARAM | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_1] | 1-byte curve identifier, from | - * | | | :cpp:type:`SE05x_ECCurve_t` | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_ECCurveParam_t` | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_3] | Bytestring containing curve parameter value. | - * +-------+------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] curveID curve id [1:kSE05x_TAG_1] - * @param[in] ecCurveParam ecCurveParam [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - */ -smStatus_t Se05x_API_SetECCurveParam(pSe05xSession_t session_ctx, - SE05x_ECCurve_t curveID, - SE05x_ECCurveParam_t ecCurveParam, - const uint8_t *inputData, - size_t inputDataLen); - -/** Se05x_API_GetECCurveId - * - * Get the curve associated with an EC key. - * - * - * # Command to Applet - * - * @rst - * +---------+------------+-----------------------------+ - * | Field | Value | Description | - * +=========+============+=============================+ - * | CLA | 0x80 | | - * +---------+------------+-----------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t` | - * +---------+------------+-----------------------------+ - * | P1 | P1_CURVE | See :cpp:type:`SE05x_P1_t` | - * +---------+------------+-----------------------------+ - * | P2 | P2_ID | See :cpp:type:`SE05x_P2_t` | - * +---------+------------+-----------------------------+ - * | Lc | #(Payload) | | - * +---------+------------+-----------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier | - * +---------+------------+-----------------------------+ - * | Le | 0x00 | | - * +---------+------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------------------------+ - * | Value | Description | - * +============+===============================+ - * | TLV[TAG_1] | 1-byte curve identifier (from | - * | | :cpp:type:`SE05x_ECCurve_t`) | - * +------------+-------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID object id [1:kSE05x_TAG_1] - * @param[out] pcurveId [0:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_GetECCurveId(pSe05xSession_t session_ctx, uint32_t objectID, uint8_t *pcurveId); - -/** Se05x_API_ReadECCurveList - * - * Get a list of (Weierstrass) EC curves that are instantiated. - * - * - * # Command to Applet - * - * @rst - * +-------+----------+-----------------------------+ - * | Field | Value | Description | - * +=======+==========+=============================+ - * | CLA | 0x80 | | - * +-------+----------+-----------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t` | - * +-------+----------+-----------------------------+ - * | P1 | P1_CURVE | See :cpp:type:`SE05x_P1_t` | - * +-------+----------+-----------------------------+ - * | P2 | P2_LIST | See :cpp:type:`SE05x_P2_t` | - * +-------+----------+-----------------------------+ - * | Le | 0x00 | | - * +-------+----------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_1] | Byte array listing all curve identifiers in | - * | | :cpp:type:`SE05x_ECCurve_t` (excluding UNUSED) | - * | | where the curve identifier < 0x40; for each | - * | | curve, a 1-byte :cpp:type:`SetIndicatorRef` is | - * | | returned. | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[out] curveList [0:kSE05x_TAG_1] - * @param[in,out] pcurveListLen Length for curveList - */ -smStatus_t Se05x_API_ReadECCurveList(pSe05xSession_t session_ctx, uint8_t *curveList, size_t *pcurveListLen); - -/** Se05x_API_DeleteECCurve - * - * Deletes an EC curve. - * - * # Command to Applet - * - * @rst - * +-------+------------------+-------------------------------+ - * | Field | Value | Description | - * +=======+==================+===============================+ - * | CLA | 0x80 | | - * +-------+------------------+-------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------------+-------------------------------+ - * | P1 | P1_CURVE | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------+-------------------------------+ - * | P2 | P2_DELETE_OBJECT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------+-------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------------+-------------------------------+ - * | | TLV[TAG_1] | 1-byte curve identifier (from | - * | | | :cpp:type:`SE05x_ECCurve_t`) | - * +-------+------------------+-------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] curveID curve id [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_DeleteECCurve(pSe05xSession_t session_ctx, SE05x_ECCurve_t curveID); - -/** Se05x_API_CreateCryptoObject - * - * Creates a Crypto Object on the SE05X . Once the Crypto Object is created, it - * is bound to the user who created the Crypto Object. - * - * A CryptoObject is a 2-byte value consisting of a CryptoContext in MSB and one - * of the following in LSB: - * - * * DigestMode in case CryptoContext = CC_DIGEST - * - * * CipherMode in case CryptoContext = CC_CIPHER - * - * * MACAlgo in case CryptoContext = CC_SIGNATURE - * - * * AEADMode in case CryptoContext = CC_AEAD - * - * # Command to Applet - * - * @rst - * +---------+---------------+-------------------------------------------+ - * | Field | Value | Description | - * +=========+===============+===========================================+ - * | CLA | 0x80 | | - * +---------+---------------+-------------------------------------------+ - * | INS | INS_WRITE | See :cpp:type:`SE05x_INS_t` | - * +---------+---------------+-------------------------------------------+ - * | P1 | P1_CRYPTO_OBJ | See :cpp:type:`SE05x_P1_t` | - * +---------+---------------+-------------------------------------------+ - * | P2 | P2_DEFAULT | See :cpp:type:`SE05x_P2_t` | - * +---------+---------------+-------------------------------------------+ - * | Lc | #(Payload) | Payload length | - * +---------+---------------+-------------------------------------------+ - * | Payload | TLV[TAG_1] | 2-byte Crypto Object identifier | - * +---------+---------------+-------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_CryptoObject_t` | - * +---------+---------------+-------------------------------------------+ - * | | TLV[TAG_3] | 1-byte Crypto Object subtype, either from | - * | | | :cpp:type:`DigestModeRef`, CipherMode, | - * | | | MACAlgo (depending on TAG_2) or AEADMode. | - * +---------+---------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+----------------------------------------------+ - * | SW | Description | - * +=============+==============================================+ - * | SW_NO_ERROR | The file is created or updated successfully. | - * +-------------+----------------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_1] - * @param[in] cryptoContext cryptoContext [2:kSE05x_TAG_2] - * - * @param[in] subtype 1-byte Crypto Object subtype, either from - * DigestMode, CipherMode or MACAlgo (depending on - * TAG_2). [3:kSE05x_TAG_3] - */ -smStatus_t Se05x_API_CreateCryptoObject(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - SE05x_CryptoContext_t cryptoContext, - SE05x_CryptoModeSubType_t subtype); - -/** Se05x_API_ReadCryptoObjectList - * - * Get the list of allocated Crypto Objects indicating the identifier, the - * CryptoContext and the sub type of the CryptoContext. - * - * # Command to Applet - * - * @rst - * +-------+---------------+-----------------------------+ - * | Field | Value | Description | - * +=======+===============+=============================+ - * | CLA | 0x80 | | - * +-------+---------------+-----------------------------+ - * | INS | INS_READ | See :cpp:type:`SE05x_INS_t` | - * +-------+---------------+-----------------------------+ - * | P1 | P1_CRYPTO_OBJ | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------+-----------------------------+ - * | P2 | P2_LIST | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------+-----------------------------+ - * | Le | 0x00 | | - * +-------+---------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------------------------+ - * | Value | Description | - * +============+===============================================+ - * | TLV[TAG_1] | Byte array containing a list of 2-byte Crypto | - * | | Object identifiers, followed by 1-byte | - * | | CryptoContext and 1-byte subtype for each | - * | | Crypto Object (so 4 bytes for each Crypto | - * | | Object). | - * +------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[out] idlist If more ids are present [0:kSE05x_TAG_1] - * @param[in,out] pidlistLen Length for idlist - */ -smStatus_t Se05x_API_ReadCryptoObjectList(pSe05xSession_t session_ctx, uint8_t *idlist, size_t *pidlistLen); - -/** Se05x_API_DeleteCryptoObject - * - * Deletes a Crypto Object on the SE05X . - * - * Note: when a Crypto Object is deleted, the memory (as mentioned in ) is de- - * allocated, but the transient memory is only freed when de-selecting the - * applet! - * - * # Command to Applet - * - * @rst - * +---------+------------------+---------------------------------+ - * | Field | Value | Description | - * +=========+==================+=================================+ - * | CLA | 0x80 | | - * +---------+------------------+---------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +---------+------------------+---------------------------------+ - * | P1 | P1_CRYPTO_OBJ | See :cpp:type:`SE05x_P1_t` | - * +---------+------------------+---------------------------------+ - * | P2 | P2_DELETE_OBJECT | See :cpp:type:`SE05x_P2_t` | - * +---------+------------------+---------------------------------+ - * | Lc | #(Payload) | Payload length | - * +---------+------------------+---------------------------------+ - * | Payload | TLV[TAG_1] | 2-byte Crypto Object identifier | - * +---------+------------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+----------------------------------------------+ - * | SW | Description | - * +=============+==============================================+ - * | SW_NO_ERROR | The file is created or updated successfully. | - * +-------------+----------------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_DeleteCryptoObject(pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID); - -/** Se05x_API_ECDSASign - * - * The ECDSASign command signs external data using the indicated key pair or - * private key. - * - * The ECSignatureAlgo indicates the ECDSA algorithm that is used, but the - * hashing of data always must be done on the host. E.g., if ECSignatureAlgo = - * SIG_ ECDSA_SHA256, the user must have applied SHA256 on the input data - * already. - * - * The user must take care of providing the correct input length; i.e., the data - * input length (TLV[TAG_3]) must match the digest indicated in the signature - * algorithm (TLV[TAG_2]). - * - * In any case, the APDU payload must be smaller than MAX_APDU_PAYLOAD_LENGTH. - * - * This is performed according to the ECDSA algorithm as specified in [ANSI - * X9.62]. The signature (a sequence of two integers 'r' and 's') as - * returned in the response adheres to the ASN.1 DER encoded formatting rules for - * integers. - * - * # Command to Applet - * - * @rst - * +-------+--------------+---------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+=============================================+ - * | CLA | 0x80 | | - * +-------+--------------+---------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+---------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+---------------------------------------------+ - * | P2 | P2_SIGN | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+---------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+---------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of EC key pair or private | - * | | | key. | - * +-------+--------------+---------------------------------------------+ - * | | TLV[TAG_2] | 1-byte ECSignatureAlgo. | - * +-------+--------------+---------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing input data. | - * +-------+--------------+---------------------------------------------+ - * | Le | 0x00 | Expecting ASN.1 signature | - * +-------+--------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------------+ - * | Value | Description | - * +============+==================================+ - * | TLV[TAG_1] | ECDSA Signature in ASN.1 format. | - * +------------+----------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] ecSignAlgo ecSignAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] signature [0:kSE05x_TAG_1] - * @param[in,out] psignatureLen Length for signature - */ -smStatus_t Se05x_API_ECDSASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_ECSignatureAlgo_t ecSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_EdDSASign - * - * The EdDSASign command signs external data using the indicated key pair or - * private key (using a Twisted Edwards curve). This is performed according to - * the EdDSA algorithm as specified in [RFC8032]. - * - * The input data need to be the plain data (not hashed). - * - * The signature as returned in the response is a 64-byte array, being the - * concatenation of the signature r and s component (without leading zeroes for - * sign indication). - * - * # Command to Applet - * - * @rst - * +-------+--------------+---------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+=============================================+ - * | CLA | 0x80 | | - * +-------+--------------+---------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+---------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+---------------------------------------------+ - * | P2 | P2_SIGN | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+---------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+---------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of EC key pair or private | - * | | | key. | - * +-------+--------------+---------------------------------------------+ - * | | TLV[TAG_2] | 1-byte EDSignatureAlgo | - * +-------+--------------+---------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing plain input data. | - * +-------+--------------+---------------------------------------------+ - * | Le | 0x00 | Expecting signature | - * +-------+--------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------+ - * | Value | Description | - * +============+==========================================+ - * | TLV[TAG_1] | EdDSA Signature (r concatenated with s). | - * +------------+------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] edSignAlgo edSignAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] signature [0:kSE05x_TAG_1] - * @param[in,out] psignatureLen Length for signature - */ -smStatus_t Se05x_API_EdDSASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_EDSignatureAlgo_t edSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_ECDAASign - * - * The ECDAASign command signs external data using the indicated key pair or - * private key. This is performed according to ECDAA. The generated signature is: - * - * * r = random mod n - * - * * s = (r + T.ds) mod n where d is the private key - * - * The ECDAASignatureAlgo indicates the applied algorithm. - * - * This APDU command should be used with a key identifier linked to - * TPM_ECC_BN_P256 curve. - * - * _Note:_ The applet allows the random input to be 32 bytes of zeroes; the user - * must take care that this is not considered as valid input. Only input in the - * interval [1, n-1] must be considered as valid. - * - * # Command to Applet - * - * @rst - * +-------+--------------+------------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+================================================+ - * | CLA | 0x80 | | - * +-------+--------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+------------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+------------------------------------------------+ - * | P2 | P2_SIGN | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+------------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of EC key pair or private | - * | | | key. | - * +-------+--------------+------------------------------------------------+ - * | | TLV[TAG_2] | 1-byte ECDAASignatureAlgo | - * +-------+--------------+------------------------------------------------+ - * | | TLV[TAG_3] | T = 32-byte array containing hashed input | - * | | | data. | - * +-------+--------------+------------------------------------------------+ - * | | TLV[TAG_4] | r = 32-byte array containing random data, must | - * | | | be in the interval [1, n-1] where n is the | - * | | | order of the curve. | - * +-------+--------------+------------------------------------------------+ - * | Le | 0x00 | Expecting signature | - * +-------+--------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------+ - * | Value | Description | - * +============+==========================================+ - * | TLV[TAG_1] | ECDSA Signature (r concatenated with s). | - * +------------+------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] ecdaaSignAlgo ecdaaSignAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[in] randomData randomData [4:kSE05x_TAG_4] - * @param[in] randomDataLen Length of randomData - * @param[out] signature [0:kSE05x_TAG_1] - * @param[in,out] psignatureLen Length for signature - */ -smStatus_t Se05x_API_ECDAASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_ECDAASignatureAlgo_t ecdaaSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *randomData, - size_t randomDataLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_ECDSAVerify - * - * The ECDSAVerify command verifies whether the signature is correct for a given - * (hashed) data input using an EC public key or EC key pair's public key. - * - * The ECSignatureAlgo indicates the ECDSA algorithm that is used, but the - * hashing of data must always be done on the host. E.g., if ECSignatureAlgo = - * SIG_ ECDSA_SHA256, the user must have applied SHA256 on the input data - * already. - * - * The key cannot be passed externally to the command directly. In case users - * want to use the command to verify signatures using different public keys or - * the public key value regularly changes, the user should create a transient key - * object to which the key value is written and then the identifier of that - * transient secure object can be used by this ECDSAVerify command. - * - * # Command to Applet - * - * @rst - * +-------+--------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+===============================================+ - * | CLA | 0x80 | | - * +-------+--------------+-----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+-----------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+-----------------------------------------------+ - * | P2 | P2_VERIFY | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+-----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of the key pair or public | - * | | | key. | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte ECSignatureAlgo. | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing ASN.1 signature | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_5] | Byte array containing hashed data to compare. | - * +-------+--------------+-----------------------------------------------+ - * | Le | 0x03 | Expecting TLV with :cpp:type:`SE05x_Result_t` | - * +-------+--------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------+ - * | Value | Description | - * +============+======================================+ - * | TLV[TAG_1] | Result of the signature verification | - * | | (:cpp:type:`SE05x_Result_t`). | - * +------------+--------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-----------------------------+--------------------------------------+ - * | SW | Description | - * +=============================+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-----------------------------+--------------------------------------+ - * | SW_CONDITIONS_NOT_SATISFIED | Incorrect data | - * +-----------------------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] ecSignAlgo ecSignAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[in] signature signature [4:kSE05x_TAG_5] - * @param[in] signatureLen Length of signature - * @param[out] presult [0:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_ECDSAVerify(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_ECSignatureAlgo_t ecSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *signature, - size_t signatureLen, - SE05x_Result_t *presult); - -/** Se05x_API_EdDSAVerify - * - * The EdDSAVerify command verifies whether the signature is correct for a given - * data input (hashed using SHA512) using an EC public key or EC key pair's - * public key. The signature needs to be given as concatenation of r and s. - * - * The data needs to be compared with the plain message without being hashed. - * - * _Note_ : See chapter 7 for correct byte order as both r and s need to be byte - * swapped. - * - * This is performed according to the EdDSA algorithm as specified in [RFC8032]. - * - * The key cannot be passed externally to the command directly. In case users - * want to use the command to verify signatures using different public keys or - * the public key value regularly changes, the user should create a transient key - * object to which the key value is written and then the identifier of that - * transient secure object can be used by this EdDSAVerify command. - * - * # Command to Applet - * - * @rst - * +-------+--------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+===============================================+ - * | CLA | 0x80 | | - * +-------+--------------+-----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+-----------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+-----------------------------------------------+ - * | P2 | P2_VERIFY | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+-----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of the key pair or public | - * | | | key. | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`EDSignatureAlgoRef`. | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_3] | 64-byte array containing the signature | - * | | | (concatenation of r and s). | - * +-------+--------------+-----------------------------------------------+ - * | | TLV[TAG_5] | Byte array containing plain data to compare. | - * +-------+--------------+-----------------------------------------------+ - * | Le | 0x03 | Expecting TLV with :cpp:type:`SE05x_Result_t` | - * +-------+--------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------+ - * | Value | Description | - * +============+======================================+ - * | TLV[TAG_1] | Result of the signature verification | - * | | (:cpp:type:`SE05x_Result_t`). | - * +------------+--------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-----------------------------+--------------------------------------+ - * | SW | Description | - * +=============================+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-----------------------------+--------------------------------------+ - * | SW_CONDITIONS_NOT_SATISFIED | Incorrect data | - * +-----------------------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] edSignAlgo edSignAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[in] signature signature [4:kSE05x_TAG_5] - * @param[in] signatureLen Length of signature - * @param[out] presult [0:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_EdDSAVerify(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_EDSignatureAlgo_t edSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *signature, - size_t signatureLen, - SE05x_Result_t *presult); - -/** Se05x_API_ECDHGenerateSharedSecret - * - * The ECDHGenerateSharedSecret command generates a shared secret ECC point on - * the curve using an EC private key on SE05X and an external public key provided - * by the caller. The output shared secret is returned to the caller. - * - * All curves from ECCurve are supported, except ECC_ED_25519. - * - * Note that ECDHGenerateSharedSecret commands with EC keys using curve - * ID_ECC_MONT_DH_25519 or ID_ECC_MONT_DH_448 cause NVM write operations for each - * call. This is not the case for the other curves. - * - * When CONFIG_FIPS_MODE_DISABLED is not set, this function will always return - * SW_CONDTIONS_NOT_SATISFIED. - * - * The shared secret can only be received when the Secure Object containing the - * key pair or private key (TLV[TAG_1]) does not contain the policy - * POLICY_OBJ_FORBID_DERIVED_OUTPUT. If that is the case, the user must provide - * TLV[TAG_7} to store the shared secret in an HMACKey object. The user is - * responsible to assign the correct size of the HMACKey object: this must equal - * the size of the shared secret exactly. - * - * On applet 4.4.0, the policy POLICY_OBJ_FORBID_DERIVED_OUTPUT is not yet - * verified for this function. It will always be allowed. - * - * # Command to Applet - * - * @rst - * +------------+------------------------------+----------------------------------------------+ - * | Field | Value | Description | - * +============+==============================+==============================================+ - * | CLA | 0x80 | | - * +------------+------------------------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+------------------------------+----------------------------------------------+ - * | P1 | P1_EC | See :cpp:type:`SE05x_P1_t` | - * +------------+------------------------------+----------------------------------------------+ - * | P2 | P2_DH | See :cpp:type:`SE05x_P2_t` | - * +------------+------------------------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +------------+------------------------------+----------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the key pair or private | - * | | | key. | - * +------------+------------------------------+----------------------------------------------+ - * | TLV[TAG_2] | External public key (see | | - * | | :cpp:type:`ECKeyRef`). | | - * +------------+------------------------------+----------------------------------------------+ - * | TLV[TAG_7] | 4-byte HMACKey identifier to | | - * | | store output. [Optional] | | - * +------------+------------------------------+----------------------------------------------+ - * | Le | 0x00 | Expected shared secret length. | - * +------------+------------------------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------------------------+ - * | Value | Description | - * +============+==============================================+ - * | TLV[TAG_1] | The returned shared secret. [Conditional: | - * | | only when the input does not contain | - * | | TLV[TAG_7].} | - * +------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] pubKey pubKey [2:kSE05x_TAG_2] - * @param[in] pubKeyLen Length of pubKey - * @param[out] sharedSecret [0:kSE05x_TAG_1] - * @param[in,out] psharedSecretLen Length for sharedSecret - */ -smStatus_t Se05x_API_ECDHGenerateSharedSecret(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *pubKey, - size_t pubKeyLen, - uint8_t *sharedSecret, - size_t *psharedSecretLen); - -/** Se05x_API_RSASign - * - * The RSASign command signs the input message using an RSA private key. - * - * @rst - * +----------------------+-------+----------------------------+ - * | Name | Value | Description | - * +======================+=======+============================+ - * | RSA_SHA1_PKCS1_PSS | 0x15 | RFC8017: RSASSA-PSS | - * +----------------------+-------+----------------------------+ - * | RSA_SHA224_PKCS1_PSS | 0x2B | RFC8017: RSASSA-PSS | - * +----------------------+-------+----------------------------+ - * | RSA_SHA256_PKCS1_PSS | 0x2C | RFC8017: RSASSA-PSS | - * +----------------------+-------+----------------------------+ - * | RSA_SHA384_PKCS1_PSS | 0x2D | RFC8017: RSASSA-PSS | - * +----------------------+-------+----------------------------+ - * | RSA_SHA512_PKCS1_PSS | 0x2E | RFC8017: RSASSA-PSS | - * +----------------------+-------+----------------------------+ - * | RSA_SHA1_PKCS1 | 0x0A | RFC8017: RSASSA-PKCS1-v1_5 | - * +----------------------+-------+----------------------------+ - * | RSA_SHA_224_PKCS1 | 0x27 | RFC8017: RSASSA-PKCS1-v1_5 | - * +----------------------+-------+----------------------------+ - * | RSA_SHA_256_PKCS1 | 0x28 | RFC8017: RSASSA-PKCS1-v1_5 | - * +----------------------+-------+----------------------------+ - * | RSA_SHA_384_PKCS1 | 0x29 | RFC8017: RSASSA-PKCS1-v1_5 | - * +----------------------+-------+----------------------------+ - * | RSA_SHA_512_PKCS1 | 0x2A | RFC8017: RSASSA-PKCS1-v1_5 | - * +----------------------+-------+----------------------------+ - * @endrst - * - * # Command to Applet - * - * @rst - * +-------+--------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+==============================================+ - * | CLA | 0x80 | | - * +-------+--------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+----------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+----------------------------------------------+ - * | P2 | P2_SIGN | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of the key pair or private | - * | | | key. | - * +-------+--------------+----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_RSASignAlgo_t` | - * +-------+--------------+----------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing input data. | - * +-------+--------------+----------------------------------------------+ - * | Le | 0x00 | Expecting ASN.1 signature. | - * +-------+--------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------+ - * | Value | Description | - * +============+================================+ - * | TLV[TAG_1] | RSA signature in ASN.1 format. | - * +------------+--------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] rsaSigningAlgo rsaSigningAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] signature [0:kSE05x_TAG_1] - * @param[in,out] psignatureLen Length for signature - */ -smStatus_t Se05x_API_RSASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSASignatureAlgo_t rsaSigningAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *signature, - size_t *psignatureLen); - -/** Se05x_API_RSAVerify - * - * The RSAVerify command verifies the given signature and returns the result. - * - * The key cannot be passed externally to the command directly. In case users - * want to use the command to verify signatures using different public keys or - * the public key value regularly changes, the user should create a transient key - * object to which the key value is written and then the identifier of that - * transient secure object can be used by this RSAVerify command. - * - * # Command to Applet - * - * @rst - * +---------+--------------+---------------------------------------------+ - * | Field | Value | Description | - * +=========+==============+=============================================+ - * | CLA | 0x80 | | - * +---------+--------------+---------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+--------------+---------------------------------------------+ - * | P1 | P1_SIGNATURE | See :cpp:type:`SE05x_P1_t` | - * +---------+--------------+---------------------------------------------+ - * | P2 | P2_VERIFY | See :cpp:type:`SE05x_P2_t` | - * +---------+--------------+---------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+--------------+---------------------------------------------+ - * | Payload | | | - * +---------+--------------+---------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of the key pair or public | - * | | | key. | - * +---------+--------------+---------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_RSASignAlgo_t` | - * +---------+--------------+---------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing data to be verified. | - * +---------+--------------+---------------------------------------------+ - * | | TLV[TAG_5] | Byte array containing ASN.1 signature. | - * +---------+--------------+---------------------------------------------+ - * | Le | 0x03 | Expecting Result in TLV | - * +---------+--------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------+ - * | Value | Description | - * +============+==========================================+ - * | TLV[TAG_1] | :cpp:type:`SE05x_Result_t`: Verification | - * | | result | - * +------------+------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] rsaSigningAlgo rsaSigningAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[in] signature signature [4:kSE05x_TAG_5] - * @param[in] signatureLen Length of signature - * @param[out] presult [0:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_RSAVerify(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSASignatureAlgo_t rsaSigningAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *signature, - size_t signatureLen, - SE05x_Result_t *presult); - -/** Se05x_API_RSAEncrypt - * - * The RSAEncrypt command encrypts data. - * - * # Command to Applet - * - * @rst - * +---------+--------------------+----------------------------------------------+ - * | Field | Value | Description | - * +=========+====================+==============================================+ - * | CLA | 0x80 | | - * +---------+--------------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+--------------------+----------------------------------------------+ - * | P1 | P1_RSA | See :cpp:type:`SE05x_P1_t` | - * +---------+--------------------+----------------------------------------------+ - * | P2 | P2_ENCRYPT_ONESHOT | See :cpp:type:`SE05x_P2_t` | - * +---------+--------------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+--------------------+----------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the key pair or public | - * | | | key. | - * +---------+--------------------+----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_RSAEncryptionAlgo_t` | - * +---------+--------------------+----------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing data to be encrypted. | - * +---------+--------------------+----------------------------------------------+ - * | Le | 0x00 | Expected TLV with encrypted data. | - * +---------+--------------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------+ - * | Value | Description | - * +============+================+ - * | TLV[TAG_1] | Encrypted data | - * +------------+----------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] rsaEncryptionAlgo rsaEncryptionAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] encryptedData [0:kSE05x_TAG_1] - * @param[in,out] pencryptedDataLen Length for encryptedData - */ -smStatus_t Se05x_API_RSAEncrypt(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAEncryptionAlgo_t rsaEncryptionAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *encryptedData, - size_t *pencryptedDataLen); - -/** Se05x_API_RSADecrypt - * - * The RSADecrypt command decrypts data. - * - * - * # Command to Applet - * - * @rst - * +---------+--------------------+----------------------------------------------+ - * | Field | Value | Description | - * +=========+====================+==============================================+ - * | CLA | 0x80 | | - * +---------+--------------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+--------------------+----------------------------------------------+ - * | P1 | P1_RSA | See :cpp:type:`SE05x_P1_t` | - * +---------+--------------------+----------------------------------------------+ - * | P2 | P2_DECRYPT_ONESHOT | See :cpp:type:`SE05x_P2_t` | - * +---------+--------------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+--------------------+----------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the key pair or private | - * | | | key. | - * +---------+--------------------+----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_RSAEncryptionAlgo_t` | - * +---------+--------------------+----------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing data to be decrypted. | - * +---------+--------------------+----------------------------------------------+ - * | Le | 0x00 | Expected TLV with decrypted data. | - * +---------+--------------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------+ - * | Value | Description | - * +============+================+ - * | TLV[TAG_1] | Encrypted data | - * +------------+----------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] rsaEncryptionAlgo rsaEncryptionAlgo [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] decryptedData [0:kSE05x_TAG_1] - * @param[in,out] pdecryptedDataLen Length for decryptedData - */ -smStatus_t Se05x_API_RSADecrypt(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAEncryptionAlgo_t rsaEncryptionAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *decryptedData, - size_t *pdecryptedDataLen); - -/** Se05x_API_CipherInit - * - * Initialize a symmetric encryption or decryption. The Crypto Object keeps the - * state of the cipher operation until it's finalized or deleted. Once the - * CipherFinal function is executed successfully, the Crypto Object state returns - * to the state immediately after the previous CipherInit function. - * - * # Command to Applet - * - * @rst - * +---------+--------------------------+--------------------------------------------+ - * | Field | Value | Description | - * +=========+==========================+============================================+ - * | CLA | 0x80 | | - * +---------+--------------------------+--------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+--------------------------+--------------------------------------------+ - * | P1 | P1_CIPHER | See :cpp:type:`SE05x_P1_t` | - * +---------+--------------------------+--------------------------------------------+ - * | P2 | P2_ENCRYPT or P2_DECRYPT | See :cpp:type:`SE05x_P2_t` | - * +---------+--------------------------+--------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+--------------------------+--------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the key object. | - * +---------+--------------------------+--------------------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +---------+--------------------------+--------------------------------------------+ - * | | TLV[TAG_4] | Initialization Vector [Optional] | - * | | | [Conditional: only when the Crypto Object | - * | | | type equals CC_CIPHER and subtype is not | - * | | | including ECB] | - * +---------+--------------------------+--------------------------------------------+ - * | Le | - | | - * +---------+--------------------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] cryptoObjectID cryptoObjectID [2:kSE05x_TAG_2] - * @param[in] IV IV [3:kSE05x_TAG_4] - * @param[in] IVLen Length of IV - * @param[in] operation See @ref SE05x_Cipher_Oper_t - */ -smStatus_t Se05x_API_CipherInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *IV, - size_t IVLen, - const SE05x_Cipher_Oper_t operation); - -/** Se05x_API_CipherUpdate - * - * Update a cipher context. - * - * - * # Command to Applet - * - * @rst - * +------------+----------------------------------+---------------------------------+ - * | Field | Value | Description | - * +============+==================================+=================================+ - * | CLA | 0x80 | | - * +------------+----------------------------------+---------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+----------------------------------+---------------------------------+ - * | P1 | P1_CIPHER | See :cpp:type:`SE05x_P1_t` | - * +------------+----------------------------------+---------------------------------+ - * | P2 | P2_UPDATE | See :cpp:type:`SE05x_P2_t` | - * +------------+----------------------------------+---------------------------------+ - * | Lc | #(Payload) | | - * +------------+----------------------------------+---------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+----------------------------------+---------------------------------+ - * | TLV[TAG_3] | Byte array containing input data | | - * +------------+----------------------------------+---------------------------------+ - * | Le | 0x00 | Expecting returned data. | - * +------------+----------------------------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------+ - * | Value | Description | - * +============+=============+ - * | TLV[TAG_1] | Output data | - * +------------+-------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_2] - * @param[in] inputData inputData [2:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] outputData [0:kSE05x_TAG_1] - * @param[in,out] poutputDataLen Length for outputData - */ -smStatus_t Se05x_API_CipherUpdate(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen); - -/** Se05x_API_CipherFinal - * - * Finish a sequence of cipher operations. - * - * # Command to Applet - * - * @rst - * +------------+------------+---------------------------------+ - * | Field | Value | Description | - * +============+============+=================================+ - * | CLA | 0x80 | | - * +------------+------------+---------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+------------+---------------------------------+ - * | P1 | P1_CIPHER | See :cpp:type:`SE05x_P1_t` | - * +------------+------------+---------------------------------+ - * | P2 | P2_FINAL | See :cpp:type:`SE05x_P2_t` | - * +------------+------------+---------------------------------+ - * | Lc | #(Payload) | | - * +------------+------------+---------------------------------+ - * | Payload | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +------------+------------+---------------------------------+ - * | TLV[TAG_3] | Input data | | - * +------------+------------+---------------------------------+ - * | Le | 0x00 | Expected returned data. | - * +------------+------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------+ - * | Value | Description | - * +============+=============+ - * | TLV[TAG_1] | Output data | - * +------------+-------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_2] - * @param[in] inputData inputData [2:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] outputData [0:kSE05x_TAG_1] - * @param[in,out] poutputDataLen Length for outputData - */ -smStatus_t Se05x_API_CipherFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen); - -/** - * @brief Se05x_API_CipherOneShot - * - * Encrypt or decrypt data in one shot mode. - * - * The key object must be either an AES key or DES key. - * - * # Command to Applet - * - * @rst - * +---------+-----------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=========+=======================+================================================+ - * | CLA | 0x80 | | - * +---------+-----------------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+-----------------------+------------------------------------------------+ - * | P1 | P1_CIPHER | See :cpp:type:`SE05x_P1_t` | - * +---------+-----------------------+------------------------------------------------+ - * | P2 | P2_ENCRYPT_ONESHOT or | See :cpp:type:`SE05x_P2_t` | - * | | P2_DECRYPT_ONESHOT | | - * +---------+-----------------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+-----------------------+------------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the key object. | - * +---------+-----------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 1-byte CipherMode | - * +---------+-----------------------+------------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing input data. | - * +---------+-----------------------+------------------------------------------------+ - * | | TLV[TAG_4] | Byte array containing an initialization | - * | | | vector. [Optional] [Conditional: only when | - * | | | the Crypto Object type equals CC_CIPHER and | - * | | | subtype is not including ECB] | - * +---------+-----------------------+------------------------------------------------+ - * | Le | 0x00 | Expecting return data. | - * +---------+-----------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------+ - * | Value | Description | - * +============+=============+ - * | TLV[TAG_1] | Output data | - * +------------+-------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] cipherMode The cipher mode - * @param[in] inputData The input data - * @param[in] inputDataLen The input data length - * @param[in] IV Initial vector - * @param[in] IVLen The iv length - * @param outputData The output data - * @param poutputDataLen The poutput data length - * @param[in] operation The operation - * - * @return The sm status. - */ -smStatus_t Se05x_API_CipherOneShot(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CipherMode_t cipherMode, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *IV, - size_t IVLen, - uint8_t *outputData, - size_t *poutputDataLen, - const SE05x_Cipher_Oper_OneShot_t operation); - -/** Se05x_API_MACInit - * - * Initiate a MAC operation. The state of the MAC operation is kept in the Crypto - * Object until it's finalized or deleted. - * - * The 4-byte identifier of the key must refer to an AESKey, DESKey or HMACKey. - * - * - * # Command to Applet - * - * @rst - * +---------+----------------------------+-----------------------------------+ - * | Field | Value | Description | - * +=========+============================+===================================+ - * | CLA | 0x80 | | - * +---------+----------------------------+-----------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+----------------------------+-----------------------------------+ - * | P1 | P1_MAC | See :cpp:type:`SE05x_P1_t` | - * +---------+----------------------------+-----------------------------------+ - * | P2 | P2_GENERATE or P2_VALIDATE | See :cpp:type:`SE05x_P2_t` | - * +---------+----------------------------+-----------------------------------+ - * | Lc | #(Payload) | | - * +---------+----------------------------+-----------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the MAC key. | - * +---------+----------------------------+-----------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +---------+----------------------------+-----------------------------------+ - * | Le | 0x00 | | - * +---------+----------------------------+-----------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] cryptoObjectID cryptoObjectID [2:kSE05x_TAG_2] - * @param[in] mac_oper The Operation - */ -smStatus_t Se05x_API_MACInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CryptoObjectID_t cryptoObjectID, - const SE05x_Mac_Oper_t mac_oper); - -/** Se05x_API_MACUpdate - * - * Update MAC - * - * # Command to Applet - * - * @rst - * +---------+------------+-------------------------------------------+ - * | Field | Value | Description | - * +=========+============+===========================================+ - * | CLA | 0x80 | | - * +---------+------------+-------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+------------+-------------------------------------------+ - * | P1 | P1_MAC | See :cpp:type:`SE05x_P1_t` | - * +---------+------------+-------------------------------------------+ - * | P2 | P2_UPDATE | See :cpp:type:`SE05x_P2_t` | - * +---------+------------+-------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+------------+-------------------------------------------+ - * | Payload | TLV[TAG_1] | Byte array containing data to be taken as | - * | | | input to MAC. | - * +---------+------------+-------------------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +---------+------------+-------------------------------------------+ - * | Le | - | | - * +---------+------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] inputData inputData [1:kSE05x_TAG_1] - * @param[in] inputDataLen Length of inputData - * @param[in] cryptoObjectID cryptoObjectID [2:kSE05x_TAG_2] - */ -smStatus_t Se05x_API_MACUpdate( - pSe05xSession_t session_ctx, const uint8_t *inputData, size_t inputDataLen, SE05x_CryptoObjectID_t cryptoObjectID); - -/** Se05x_API_MACFinal - * - * # Command to Applet - * - * @rst - * +---------+------------+--------------------------------------------+ - * | Field | Value | Description | - * +=========+============+============================================+ - * | CLA | 0x80 | | - * +---------+------------+--------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+------------+--------------------------------------------+ - * | P1 | P1_MAC | See :cpp:type:`SE05x_P1_t` | - * +---------+------------+--------------------------------------------+ - * | P2 | P2_FINAL | See :cpp:type:`SE05x_P2_t` | - * +---------+------------+--------------------------------------------+ - * | Payload | TLV[TAG_1] | Byte array containing data to be taken as | - * | | | input to MAC. | - * +---------+------------+--------------------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +---------+------------+--------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing MAC to validate. | - * | | | [Conditional: only applicable the crypto | - * | | | object is set for validating (MACInit P2 = | - * | | | P2_VALIDATE)] | - * +---------+------------+--------------------------------------------+ - * | Le | 0x00 | Expecting MAC or result. | - * +---------+------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------------------------+ - * | Value | Description | - * +============+===============================================+ - * | TLV[TAG_1] | MAC value (when MACInit had P2 = P2_GENERATE) | - * | | or :cpp:type:`SE05x_Result_t` (when MACInit | - * | | had P2 = P2_VERIFY). | - * +------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] inputData inputData [1:kSE05x_TAG_1] - * @param[in] inputDataLen Length of inputData - * @param[in] cryptoObjectID cryptoObjectID [2:kSE05x_TAG_2] - * @param[in] macValidateData macValidateData [3:kSE05x_TAG_3] - * @param[in] macValidateDataLen Length of macValidateData - * @param[out] macValue [0:kSE05x_TAG_1] - * @param[in,out] pmacValueLen Length for macValue - */ -smStatus_t Se05x_API_MACFinal(pSe05xSession_t session_ctx, - const uint8_t *inputData, - size_t inputDataLen, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *macValidateData, - size_t macValidateDataLen, - uint8_t *macValue, - size_t *pmacValueLen); - -/** Se05x_API_MACOneShot_G - * - * Generate. See @ref Se05x_API_MACOneShot_V for Verfiication. - * - * Performs a MAC operation in one shot (without keeping state). - * - * The 4-byte identifier of the key must refer to an AESKey, DESKey or HMACKey. - * - * # Command to Applet - * - * @rst - * +---------+------------------------+---------------------------------------------+ - * | Field | Value | Description | - * +=========+========================+=============================================+ - * | CLA | 0x80 | | - * +---------+------------------------+---------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +---------+------------------------+---------------------------------------------+ - * | P1 | P1_MAC | See :cpp:type:`SE05x_P1_t` | - * +---------+------------------------+---------------------------------------------+ - * | P2 | P2_GENERATE_ONESHOT or | See :cpp:type:`SE05x_P2_t` | - * | | P2_VALIDATE_ONESHOT | | - * +---------+------------------------+---------------------------------------------+ - * | Lc | #(Payload) | | - * +---------+------------------------+---------------------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte identifier of the key object. | - * +---------+------------------------+---------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`MACAlgoRef` | - * +---------+------------------------+---------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing data to be taken as | - * | | | input to MAC. | - * +---------+------------------------+---------------------------------------------+ - * | | TLV[TAG_5] | MAC to verify (when P2=P2_VALIDATE_ONESHOT) | - * +---------+------------------------+---------------------------------------------+ - * | Le | 0x00 | Expecting MAC or Result. | - * +---------+------------------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+---------------------------------------+ - * | Value | Description | - * +============+=======================================+ - * | TLV[TAG_1] | MAC value (P2=P2_GENERATE_ONESHOT) or | - * | | :cpp:type:`SE05x_Result_t` (when | - * | | p2=P2_VALIDATE_ONESHOT). | - * +------------+---------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] macOperation macOperation [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] macValue [0:kSE05x_TAG_1] - * @param[in,out] pmacValueLen Length for macValue - */ -smStatus_t Se05x_API_MACOneShot_G(pSe05xSession_t session_ctx, - uint32_t objectID, - uint8_t macOperation, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *macValue, - size_t *pmacValueLen); - -/** Se05x_API_MACOneShot_V - * - * Validate. See @ref Se05x_API_MACOneShot_G for Generation. - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] macOperation macOperation [2:kSE05x_TAG_2] - * @param[in] inputData inputData [3:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[in] MAC MAC to verify (when P2=P2_VALIDATE_ONESHOT) [4:kSE05x_TAG_5] - * @param[in] MACLen Length of MAC - * @param[out] macValue [0:kSE05x_TAG_1] - * @param[in,out] pmacValueLen Length for macValue - */ -smStatus_t Se05x_API_MACOneShot_V(pSe05xSession_t session_ctx, - uint32_t objectID, - uint8_t macOperation, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *MAC, - size_t MACLen, - uint8_t *macValue, - size_t *pmacValueLen); - -/** Se05x_API_HKDF - * - * Note that this KDF is equal to the KDF in Feedback Mode described in [NIST - * SP800-108] with the PRF being HMAC with SHA256 and with an 8-bit counter at - * the end of the iteration variable. - * - * The full HKDF algorithm is executed, i.e. Extract-And-Expand. - * - * The caller must provide a salt length (0 up to 64 bytes). If salt length - * equals 0 or salt is not provided as input, the default salt will be used. - * - * The output of the HKDF functions can be either: - * - * * send back to the caller => _precondition_ : none of the input Secure Objects -if present- shall have a policy POLICY_OBJ_FORBID_DERIVED_OUTPUT set. - * - * * be stored in a Secure Object => _precondition_ : the Secure Object must be created upfront and the size must exactly match the expected length. - * - * - * # Command to Applet - * - * @rst - * +------------+--------------------------------+-----------------------------------+ - * | Field | Value | Description | - * +============+================================+===================================+ - * | CLA | 0x80 | | - * +------------+--------------------------------+-----------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+--------------------------------+-----------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +------------+--------------------------------+-----------------------------------+ - * | P2 | P2_HKDF | See :cpp:type:`SE05x_P2_t` | - * +------------+--------------------------------+-----------------------------------+ - * | Lc | #(Payload) | | - * +------------+--------------------------------+-----------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte HMACKey identifier (= IKM) | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_2] | 1-byte DigestMode (except | | - * | | DIGEST_NO_HASH) | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_3] | Byte array (0-64 bytes) | | - * | | containing salt. [Optional] | | - * | | [Conditional: only when | | - * | | TLV[TAG_6] is absent.] | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_4] | Info: The context and | | - * | | information to apply (1 to 80 | | - * | | bytes). [Optional] | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_5] | 2-byte requested length (L): 1 | | - * | | up to MAX_APDU_PAYLOAD_LENGTH | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_6] | 4-byte HMACKey identifier | | - * | | containing salt. [Optional] | | - * | | [Conditional: only when | | - * | | TLV[TAG_3] is absent] | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_7] | 4-byte HMACKey identifier to | | - * | | store output. [Optional] | | - * +------------+--------------------------------+-----------------------------------+ - * | Le | 0x00 | | - * +------------+--------------------------------+-----------------------------------+ - * @endrst - * - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------------+ - * | Value | Description | - * +============+============================================+ - * | TLV[TAG_1] | HKDF output. [Conditional: only when the | - * | | input does not contain TLV[TAG-7]] | - * +------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+------------------------------------+ - * | SW | Description | - * +=============+====================================+ - * | SW_NO_ERROR | The HKDF is executed successfully. | - * +-------------+------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] hmacID hmacID [1:kSE05x_TAG_1] - * @param[in] digestMode digestMode [2:kSE05x_TAG_2] - * @param[in] salt salt [3:kSE05x_TAG_3] - * @param[in] saltLen Length of salt - * @param[in] info info [4:kSE05x_TAG_4] - * @param[in] infoLen Length of info - * @param[in] deriveDataLen 2-byte requested length (L) [5:kSE05x_TAG_5] - * @param[out] hkdfOuput [0:kSE05x_TAG_1] - * @param[in,out] phkdfOuputLen Length for hkdfOuput - */ -smStatus_t Se05x_API_HKDF(pSe05xSession_t session_ctx, - uint32_t hmacID, - SE05x_DigestMode_t digestMode, - const uint8_t *salt, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - uint16_t deriveDataLen, - uint8_t *hkdfOuput, - size_t *phkdfOuputLen); - -/** Se05x_API_HKDF_Extended - * - * Only step 2 of the algorithm is executed, i.e. Expand only. - * - * Using an IV as input parameter results in a FIPS compliant SP800-108 KDF in - * Feedback Mode where K[0] is the provided IV. This KDF is then using a 8-bit - * counter, AFTER_FIXED counter location. - * - * # Command to Applet - * - * @rst - * +------------+--------------------------------+-----------------------------------+ - * | Field | Value | Description | - * +============+================================+===================================+ - * | CLA | 0x80 | | - * +------------+--------------------------------+-----------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +------------+--------------------------------+-----------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +------------+--------------------------------+-----------------------------------+ - * | P2 | P2_HKDF_EXPAND_ONLY | See :cpp:type:`SE05x_P2_t` | - * +------------+--------------------------------+-----------------------------------+ - * | Lc | #(Payload) | | - * +------------+--------------------------------+-----------------------------------+ - * | Payload | TLV[TAG_1] | 4-byte HMACKey identifier (= PRK) | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_2] | 1-byte DigestMode (except | | - * | | DIGEST_NO_HASH) | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_3] | Byte array (0-64 bytes) | | - * | | containing IV. [Optional] | | - * | | [Conditional: only when | | - * | | TLV[TAG_6] is absent.] | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_4] | Info: The context and | | - * | | information to apply (1 to 80 | | - * | | bytes). [Optional] | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_5] | 2-byte requested length (L): 1 | | - * | | up to MAX_APDU_PAYLOAD_LENGTH | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_6] | 4-byte HMACKey identifier | | - * | | containing IV. [Optional] | | - * | | [Conditional: only when | | - * | | TLV[TAG_3] is absent] | | - * +------------+--------------------------------+-----------------------------------+ - * | TLV[TAG_7] | 4-byte HMACKey identifier to | | - * | | store output. [Optional] | | - * +------------+--------------------------------+-----------------------------------+ - * | Le | 0x00 | | - * +------------+--------------------------------+-----------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------------+ - * | Value | Description | - * +============+============================================+ - * | TLV[TAG_1] | HKDF output. [Conditional: only when the | - * | | input does not contain TLV[TAG-7]] | - * +------------+--------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+------------------------------------+ - * | SW | Description | - * +=============+====================================+ - * | SW_NO_ERROR | The HKDF is executed successfully. | - * +-------------+------------------------------------+ - * - * - */ -smStatus_t Se05x_API_HKDF_Extended(pSe05xSession_t session_ctx, - uint32_t hmacID, - SE05x_DigestMode_t digestMode, - SE05x_HkdfMode_t hkdfMode, - const uint8_t *salt, - size_t saltLen, - uint32_t saltID, - const uint8_t *info, - size_t infoLen, - uint32_t derivedKeyID, - uint16_t deriveDataLen, - uint8_t *hkdfOuput, - size_t *phkdfOuputLen); - -/** Se05x_API_PBKDF2 - * - * Password Based Key Derivation Function 2 (PBKDF2) according [RFC8018]. - * - * The password is an input to the KDF and must be stored inside the . - * - * The output is returned to the host. - * - * - * # Command to Applet - * - * @rst - * +-------+------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+============+==============================================+ - * | CLA | 0x80 | | - * +-------+------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+------------+----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+----------------------------------------------+ - * | P2 | P2_PBKDF | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte password identifier (object type must | - * | | | be HMACKey) | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_2] | Salt (0 to 64 bytes) [Optional] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_3] | 2-byte Iteration count: 1 up to 0x7FFF. | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_4] | 2-byte Requested length: 1 up to 512 bytes. | - * +-------+------------+----------------------------------------------+ - * | Le | 0x00 | Expecting derived key material. | - * +-------+------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------------------------------+ - * | Value | Description | - * +============+=====================================+ - * | TLV[TAG_1] | Derived key material (session key). | - * +------------+-------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID 4-byte password identifier (object type must be HMACKey) [1:kSE05x_TAG_1] - * @param[in] salt salt [2:kSE05x_TAG_2] - * @param[in] saltLen Length of salt - * @param[in] count count [3:kSE05x_TAG_3] - * @param[in] requestedLen requestedLen [4:kSE05x_TAG_4] - * @param[out] derivedSessionKey [0:kSE05x_TAG_1] - * @param[in,out] pderivedSessionKeyLen Length for derivedSessionKey - */ -smStatus_t Se05x_API_PBKDF2(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *salt, - size_t saltLen, - uint16_t count, - uint16_t requestedLen, - uint8_t *derivedSessionKey, - size_t *pderivedSessionKeyLen); - -/** Se05x_API_DFDiversifyKey - * - * - * Create a Diversified Key. Input is _divInput_ 1 up to 31 bytes. - * - * Note that users need to create the diversified key object before calling this - * function. - * - * Both the master key and the diversified key need the policy - * POLICY_OBJ_ALLOW_DESFIRE_AUTHENTICATION to be set. - * - * # Command to Applet - * - * @rst - * +-------+--------------+------------------------------------------+ - * | Field | Value | Description | - * +=======+==============+==========================================+ - * | CLA | 0x80 | | - * +-------+--------------+------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+------------------------------------------+ - * | P2 | P2_DIVERSIFY | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+------------------------------------------+ - * | | TLV[TAG_1] | 4-byte master key identifier. | - * +-------+--------------+------------------------------------------+ - * | | TLV[TAG_2] | 4-byte diversified key identifier. | - * +-------+--------------+------------------------------------------+ - * | | TLV[TAG_3] | Byte array containing divInput (up to 31 | - * | | | bytes). | - * +-------+--------------+------------------------------------------+ - * | Le | | | - * +-------+--------------+------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-----------------------------+--------------------------------------+ - * | SW | Description | - * +=============================+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-----------------------------+--------------------------------------+ - * | SW_CONDITIONS_NOT_SATISFIED | No master key found. | - * +-----------------------------+--------------------------------------+ - * | | Wrong length for divInput. | - * +-----------------------------+--------------------------------------+ - * @endrst - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] masterKeyID masterKeyID [1:kSE05x_TAG_1] - * @param[in] diversifiedKeyID diversifiedKeyID [2:kSE05x_TAG_2] - * @param[in] divInputData divInputData [3:kSE05x_TAG_3] - * @param[in] divInputDataLen Length of divInputData - */ -smStatus_t Se05x_API_DFDiversifyKey(pSe05xSession_t session_ctx, - uint32_t masterKeyID, - uint32_t diversifiedKeyID, - const uint8_t *divInputData, - size_t divInputDataLen); - -/** Se05x_API_DFAuthenticateFirstPart1 - * - * MIFARE DESFire support - * - * MIFARE DESFire EV2 Key derivation (S-mode). This is limited to AES128 keys - * only. - * - * The SE05X can be used by a card reader to setup a session where the SE05X - * stores the master key(s) and the session keys are generated and passed to the - * host. - * - * The SE05X keeps an internal state of MIFARE DESFire authentication data during - * authentication setup. This state is fully transient, so it is lost on deselect - * of the applet. - * - * The MIFARE DESFire state is owned by 1 user at a time; i.e., the user who - * calls DFAuthenticateFirstPart1 owns the MIFARE DESFire context until - * DFAuthenticateFirstPart1 is called again or until DFKillAuthentication is - * called. - * - * The SE05X can also be used to support a ChangeKey command, either supporting - * ChangeKey or ChangeKeyEV2. To establish a correct use case, policies need to - * be applied to the keys to indicate keys can be used for ChangeKey or not, etc. - * (to be detailed) - * - * # Command to Applet - * - * @rst - * +-------+---------------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+=====================+==============================================+ - * | CLA | 0x80 | | - * +-------+---------------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+---------------------+----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------------+----------------------------------------------+ - * | P2 | P2_AUTH_FIRST_PART1 | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+---------------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte key identifier. | - * +-------+---------------------+----------------------------------------------+ - * | | TLV[TAG_2] | 16-byte encrypted card challenge: E(Kx,RndB) | - * +-------+---------------------+----------------------------------------------+ - * | Le | 0x00 | | - * +-------+---------------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+---------------------------------------------+ - * | Value | Description | - * +============+=============================================+ - * | TLV[TAG_1] | 32-byte output data: E(Kx, RandA || RandB') | - * +------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] inputData inputData [2:kSE05x_TAG_2] - * @param[in] inputDataLen Length of inputData - * @param[out] outputData [0:kSE05x_TAG_1] - * @param[in,out] poutputDataLen Length for outputData - */ -smStatus_t Se05x_API_DFAuthenticateFirstPart1(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen); - -/** Se05x_API_DFAuthenticateNonFirstPart1 - * - * - * # Command to Applet - * - * @rst - * +-------+------------------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+========================+==============================================+ - * | CLA | 0x80 | | - * +-------+------------------------+----------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+------------------------+----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------------+----------------------------------------------+ - * | P2 | P2_AUTH_NONFIRST_PART1 | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte key identifier. | - * +-------+------------------------+----------------------------------------------+ - * | | TLV[TAG_2] | 16-byte encrypted card challenge: E(Kx,RndB) | - * +-------+------------------------+----------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+---------------------------------------------+ - * | Value | Description | - * +============+=============================================+ - * | TLV[TAG_1] | 32-byte output data: E(Kx, RandA || RandB') | - * +------------+---------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] objectID objectID [1:kSE05x_TAG_1] - * @param[in] inputData inputData [2:kSE05x_TAG_2] - * @param[in] inputDataLen Length of inputData - * @param[out] outputData [0:kSE05x_TAG_1] - * @param[in,out] poutputDataLen Length for outputData - */ -smStatus_t Se05x_API_DFAuthenticateNonFirstPart1(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen); - -/** Se05x_API_DFAuthenticateFirstPart2 - * - * For First part 2, the key identifier is implicitly set to the identifier used - * for the First authentication. DFAuthenticateFirstPart1 needs to be called - * before; otherwise an error is returned. - * - * # Command to Applet - * - * @rst - * +-------+---------------------+------------------------------------+ - * | Field | Value | Description | - * +=======+=====================+====================================+ - * | CLA | 0x80 | | - * +-------+---------------------+------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+---------------------+------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------------+------------------------------------+ - * | P2 | P2_AUTH_FIRST_PART2 | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------------+------------------------------------+ - * | Lc | #(Payload) | | - * +-------+---------------------+------------------------------------+ - * | | TLV[TAG_1] | 32 byte input: | - * | | | E(Kx,TI||RndA'||PDcap2||PCDcap2) | - * +-------+---------------------+------------------------------------+ - * | Le | 0x00 | | - * +-------+---------------------+------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------+ - * | Value | Description | - * +============+==========================================+ - * | TLV[TAG_1] | 12-byte array returning PDcap2||PCDcap2. | - * +------------+------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-----------------------------+--------------------------------------+ - * | SW | Description | - * +=============================+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-----------------------------+--------------------------------------+ - * | SW_WRONG_DATA | | - * +-----------------------------+--------------------------------------+ - * | SW_CONDITIONS_NOT_SATISFIED | | - * +-----------------------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] inputData inputData [1:kSE05x_TAG_1] - * @param[in] inputDataLen Length of inputData - * @param[out] outputData [0:kSE05x_TAG_1] - * @param[in,out] poutputDataLen Length for outputData - */ -smStatus_t Se05x_API_DFAuthenticateFirstPart2(pSe05xSession_t session_ctx, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen); - -/** Se05x_API_DFAuthenticateNonFirstPart2 - * - * For NonFirst part 2, the key identifier is implicitly set to the identifier - * used for the NonFirst part 1 authentication. DFAuthenticateNonFirstPart1 needs - * to be called before; otherwise an error is returned. - * - * If authentication fails, SW_WRONG_DATA will be returned. - * - * # Command to Applet - * - * @rst - * +-------+------------------------+----------------------------+ - * | Field | Value | Description | - * +=======+========================+============================+ - * | CLA | 0x80 | | - * +-------+------------------------+----------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+------------------------+----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------------+----------------------------+ - * | P2 | P2_AUTH_NONFIRST_PART2 | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------------+----------------------------+ - * | Lc | #(Payload) | | - * +-------+------------------------+----------------------------+ - * | | TLV[TAG_1] | 16-byte E(Kx, RndA') | - * +-------+------------------------+----------------------------+ - * | Le | 0x00 | | - * +-------+------------------------+----------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] inputData inputData [1:kSE05x_TAG_1] - * @param[in] inputDataLen Length of inputData - */ -smStatus_t Se05x_API_DFAuthenticateNonFirstPart2( - pSe05xSession_t session_ctx, const uint8_t *inputData, size_t inputDataLen); - -/** Se05x_API_DFDumpSessionKeys - * - * Dump the Transaction Identifier and the session keys to the host. - * - * - * # Command to Applet - * - * @rst - * +-------+-------------+-----------------------------------+ - * | Field | Value | Description | - * +=======+=============+===================================+ - * | CLA | 0x80 | | - * +-------+-------------+-----------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+-------------+-----------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+-------------+-----------------------------------+ - * | P2 | P2_DUMP_KEY | See :cpp:type:`SE05x_P2_t` | - * +-------+-------------+-----------------------------------+ - * | Lc | #(Payload) | | - * +-------+-------------+-----------------------------------+ - * | Le | 0x28 | Expecting TLV with 38 bytes data. | - * +-------+-------------+-----------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------------------------------+ - * | Value | Description | - * +============+======================================+ - * | TLV[TAG_1] | 38 bytes: KeyID.SesAuthENCKey || | - * | | KeyID.SesAuthMACKey || TI || Cmd-Ctr | - * +------------+--------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[out] sessionData 38 bytes: KeyID.SesAuthENCKey || KeyID.SesAuthMACKey || TI || Cmd-Ctr [0:kSE05x_TAG_1] - * @param[in,out] psessionDataLen Length for sessionData - */ -smStatus_t Se05x_API_DFDumpSessionKeys(pSe05xSession_t session_ctx, uint8_t *sessionData, size_t *psessionDataLen); - -/** Se05x_API_DFChangeKeyPart1 - * - * - * The DFChangeKeyPart1 command is supporting the function to change keys on the - * DESFire PICC. The command generates the cryptogram required to perform such - * operation. - * - * The new key and, if used, the current (or old) key must be stored in the SE05X - * and have the POLICY_OBJ_ALLOW_DESFIRE_AUTHENTICATION associated to execute - * this command. This means the new PICC key must have been loaded into the SE05X - * prior to issuing this command. - * - * The 1-byte key set number indicates whether DESFire ChangeKey or DESFire - * ChangeKeyEV2 is used. When key set equals 0xFF, ChangeKey is used. - * - * - * # Command to Applet - * - * @rst - * +-------+---------------------+------------------------------------------------+ - * | Field | Value | Description | - * +=======+=====================+================================================+ - * | CLA | 0x80 | | - * +-------+---------------------+------------------------------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+---------------------+------------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------------+------------------------------------------------+ - * | P2 | P2_CHANGE_KEY_PART1 | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+---------------------+------------------------------------------------+ - * | | TLV[TAG_1] | 4-byte identifier of the old key. [Optional: | - * | | | if the authentication key is the same as the | - * | | | key to be replaced, this TAG should not be | - * | | | present]. | - * +-------+---------------------+------------------------------------------------+ - * | | TLV[TAG_2] | 4-byte identifier of the new key. | - * +-------+---------------------+------------------------------------------------+ - * | | TLV[TAG_3] | 1-byte key set number [Optional: default = | - * | | | 0xC6] | - * +-------+---------------------+------------------------------------------------+ - * | | TLV[TAG_4] | 1-byte DESFire key number to be targeted. | - * +-------+---------------------+------------------------------------------------+ - * | | TLV[TAG_5] | 1-byte key version | - * +-------+---------------------+------------------------------------------------+ - * | Le | 0x00 | | - * +-------+---------------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------+ - * | Value | Description | - * +============+=============================+ - * | TLV[TAG_1] | Cryptogram holding key data | - * +------------+-----------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] oldObjectID oldObjectID [1:kSE05x_TAG_1] - * @param[in] newObjectID newObjectID [2:kSE05x_TAG_2] - * @param[in] keySetNr keySetNr [3:kSE05x_TAG_3] - * @param[in] keyNoDESFire keyNoDESFire [4:kSE05x_TAG_4] - * @param[in] keyVer keyVer [5:kSE05x_TAG_5] - * @param[out] KeyData [0:kSE05x_TAG_1] - * @param[in,out] pKeyDataLen Length for KeyData - */ -smStatus_t Se05x_API_DFChangeKeyPart1(pSe05xSession_t session_ctx, - uint32_t oldObjectID, - uint32_t newObjectID, - uint8_t keySetNr, - uint8_t keyNoDESFire, - uint8_t keyVer, - uint8_t *KeyData, - size_t *pKeyDataLen); - -/** Se05x_API_DFChangeKeyPart2 - * - * The DFChangeKeyPart2 command verifies the MAC returned by ChangeKey or - * ChangeKeyEV2. Note that this function only needs to be called if a MAC is - * returned (which is not the case if the currently authenticated key is changed - * on the DESFire card). - * - * # Command to Applet - * - * @rst - * +-------+---------------------+----------------------------+ - * | Field | Value | Description | - * +=======+=====================+============================+ - * | CLA | 0x80 | | - * +-------+---------------------+----------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+---------------------+----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------------+----------------------------+ - * | P2 | P2_CHANGE_KEY_PART2 | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------------+----------------------------+ - * | Lc | #(Payload) | | - * +-------+---------------------+----------------------------+ - * | | TLV[TAG_1] | MAC | - * +-------+---------------------+----------------------------+ - * | Le | 0x00 | | - * +-------+---------------------+----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-----------------------------------+ - * | Value | Description | - * +============+===================================+ - * | TLV[TAG_1] | 1-byte :cpp:type:`SE05x_Result_t` | - * +------------+-----------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] MAC MAC [1:kSE05x_TAG_1] - * @param[in] MACLen Length of MAC - * @param[out] presult [0:kSE05x_TAG_1] - */ -smStatus_t Se05x_API_DFChangeKeyPart2(pSe05xSession_t session_ctx, const uint8_t *MAC, size_t MACLen, uint8_t *presult); - -/** Se05x_API_DFKillAuthentication - * - * DFKillAuthentication invalidates any authentication and clears the internal - * DESFire state. Keys used as input (master keys or diversified keys) are not - * touched. - * - * # Command to Applet - * - * @rst - * +-------+--------------+----------------------------+ - * | Field | Value | Description | - * +=======+==============+============================+ - * | CLA | 0x80 | | - * +-------+--------------+----------------------------+ - * | INS | INS_CRYPTO | :cpp:type:`SE05x_INS_t` | - * +-------+--------------+----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+--------------+----------------------------+ - * | P2 | P2_KILL_AUTH | See :cpp:type:`SE05x_P2_t` | - * +-------+--------------+----------------------------+ - * | Lc | #(Payload) | | - * +-------+--------------+----------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - */ -smStatus_t Se05x_API_DFKillAuthentication(pSe05xSession_t session_ctx); - -/** Se05x_API_TLSGenerateRandom - * - * Generates a random that is stored in the SE05X and used by TLSPerformPRF. - * - * # Command to Applet - * - * @rst - * +-------+------------+-----------------------------------+ - * | Field | Value | Description | - * +=======+============+===================================+ - * | CLA | 0x80 | | - * +-------+------------+-----------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-----------------------------------+ - * | P1 | P1_TLS | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-----------------------------------+ - * | P2 | P2_RANDOM | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-----------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-----------------------------------+ - * | Le | 0x22 | Expecting TLV with 32 bytes data. | - * +-------+------------+-----------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------+ - * | Value | Description | - * +============+======================+ - * | TLV[TAG_1] | 32-byte random value | - * +------------+----------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[out] randomValue [0:kSE05x_TAG_1] - * @param[in,out] prandomValueLen Length for randomValue - */ -smStatus_t Se05x_API_TLSGenerateRandom(pSe05xSession_t session_ctx, uint8_t *randomValue, size_t *prandomValueLen); - -/** Se05x_API_TLSCalculatePreMasterSecret - * - * The command TLSCalculatePreMasterSecret will compute the pre-master secret for - * TLS according [RFC5246]. The pre-master secret will always be stored in an - * HMACKey object (TLV[TAG_3]). The HMACKey object must be created before; - * otherwise the calculation of the pre-master secret will fail. - * - * It can use one of these algorithms: - - - - - * - * * PSK Key Exchange algorithm as defined in [RFC4279] - * - * * RSA_PSK Key Exchange algorithm as defined in [RFC4279] - * - * * ECDHE_PSK Key Exchange algorithm as defined in [RFC5489] - * - * * EC Key Exchange algorithm as defined in [RFC4492] - * - * * RSA Key Exchange algorithm as defined in [RFC5246] - * - * - * TLV[TAG_1] needs to be an (existing) HMACKey identifier containing the pre- - * shared Key. - * - * Input data in TLV[TAG_4] are: - * - * * An EC public key when TLV[TAG_2] refers to an EC key pair. - * - * * An RSA encrypted secret when TLV[TAG_2] refers to an RSA key pair. - * - * * Empty when TLV[TAG_2] is absent or empty. - * - * - * # Command to Applet - * - * @rst - * +-------+------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+============+==============================================+ - * | CLA | 0x80 | | - * +-------+------------+----------------------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+----------------------------------------------+ - * | P1 | P1_TLS | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+----------------------------------------------+ - * | P2 | P2_PMS | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte PSK identifier referring to a 16, 32, | - * | | | 48 or 64-byte Pre Shared Key. [Optional] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_2] | 4-byte key pair identifier. [Optional] | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_3] | 4-byte target HMACKey identifier. | - * +-------+------------+----------------------------------------------+ - * | | TLV[TAG_4] | Byte array containing input data. | - * +-------+------------+----------------------------------------------+ - * | Le | - | | - * +-------+------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] keyPairId keyPairId [1:kSE05x_TAG_1] - * @param[in] pskId pskId [2:kSE05x_TAG_2] - * @param[in] hmacKeyId hmacKeyId [3:kSE05x_TAG_3] - * @param[in] inputData inputData [4:kSE05x_TAG_4] - * @param[in] inputDataLen Length of inputData - */ -smStatus_t Se05x_API_TLSCalculatePreMasterSecret(pSe05xSession_t session_ctx, - uint32_t keyPairId, - uint32_t pskId, - uint32_t hmacKeyId, - const uint8_t *inputData, - size_t inputDataLen); - -/** Se05x_API_TLSPerformPRF - * - * The command TLSPerformPRF will compute either: - * - * * the master secret for TLS according [RFC5246], section 8.1 - * - * * key expansion data from a master secret for TLS according [RFC5246], section 6.3 - * - * Each time before calling this function, TLSGenerateRandom must be called. - * Executing this function will clear the random that is stored in the SE05X . - * - * The function can be called as client or as server and either using the pre- - * master secret or master secret as input, stored in an HMACKey. The input - * length must be either 16, 32, 48 or 64 bytes. - * - * This results in P2 having 4 possibilities: - * - * * P2_TLS_PRF_CLI_HELLO: pass the clientHelloRandom to calculate a master secret, the serverHelloRandom is in SE05X , generated by TLSGenerateRandom. - * - * * P2_TLS_PRF_SRV_HELLO: pass the serverHelloRandom to calculate a master secret, the clientHelloRandom is in SE05X , generated by TLSGenerateRandom. - * - * * P2_TLS_PRF_CLI_RANDOM: pass the clientRandom to generate key expansion data, the serverRandom is in SE05X , generated by TLSGenerateRandom. - * - * * P2_TLS_PRF_SRV_RANDOM: pass the serverRandom to generate key expansion data, the clientRandom is in SE05X - * - * - * # Command to Applet - * - * @rst - * +-------+------------------------+-----------------------------------------------+ - * | Field | Value | Description | - * +=======+========================+===============================================+ - * | CLA | 0x80 | | - * +-------+------------------------+-----------------------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------------------+-----------------------------------------------+ - * | P1 | P1_TLS | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------------+-----------------------------------------------+ - * | P2 | See description above. | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------------+-----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------------------+-----------------------------------------------+ - * | | TLV[TAG_1] | 4-byte HMACKey identifier. | - * +-------+------------------------+-----------------------------------------------+ - * | | TLV[TAG_2] | 1-byte :cpp:type:`SE05x_DigestMode_t`, except | - * | | | DIGEST_NO_HASH. | - * +-------+------------------------+-----------------------------------------------+ - * | | TLV[TAG_3] | Label (1 to 64 bytes) | - * +-------+------------------------+-----------------------------------------------+ - * | | TLV[TAG_4] | 32-byte random | - * +-------+------------------------+-----------------------------------------------+ - * | | TLV[TAG_5] | 2-byte requested length | - * +-------+------------------------+-----------------------------------------------+ - * | Le | 0x00 | | - * +-------+------------------------+-----------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------------------------+ - * | Value | Description | - * +============+==============================================+ - * | TLV[TAG_1] | Byte array containing requested output data. | - * +------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * - * @param[in] session_ctx The session context - * @param[in] objectID The object id - * @param[in] digestAlgo The digest algorithm - * @param[in] label The label - * @param[in] labelLen The label length - * @param[in] random The random - * @param[in] randomLen The random length - * @param[in] reqLen The request length - * @param outputData The output data - * @param poutputDataLen The poutput data length - * @param[in] tlsprf The tlsprf - * - * @return The sm status. - */ -smStatus_t Se05x_API_TLSPerformPRF(pSe05xSession_t session_ctx, - uint32_t objectID, - uint8_t digestAlgo, - const uint8_t *label, - size_t labelLen, - const uint8_t *random, - size_t randomLen, - uint16_t reqLen, - uint8_t *outputData, - size_t *poutputDataLen, - const SE05x_TLSPerformPRFType_t tlsprf); - -/** Se05x_API_I2CM_ExecuteCommandSet - * - * Execute one or multiple I2C commands in master mode. Execution is conditional - * to the presence of the authentication object identified by - * RESERVED_ID_I2CM_ACCESS. If the credential is not present in the eSE, access - * is allowed in general. Otherwise, a session shall be established before - * executing this command. In this case, the I2CM_ExecuteCommandSet command shall - * be sent within the mentioned session. - * - * The I2C command set is constructed as a sequence of instructions described in - * with the following rules: - * - * * The length should be limited to MAX_I2CM_COMMAND_LENGTH. - * - * * The data to be read cannot exceed MAX_I2CM_COMMAND_LENGTH, including protocol overhead. - * - * # Command to Applet - * - * @rst - * +-------+------------+------------------------------------------------+ - * | Field | Value | Description | - * +=======+============+================================================+ - * | CLA | 0x80 | | - * +-------+------------+------------------------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t`, in addition to | - * | | | INS_CRYPTO, users can set the INS_ATTEST flag. | - * | | | In that case, attestation applies. | - * +-------+------------+------------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+------------------------------------------------+ - * | P2 | P2_I2CM | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+------------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+------------------------------------------------+ - * | | TLV[TAG_1] | Byte array containing I2C Command set as TLV | - * | | | array. | - * +-------+------------+------------------------------------------------+ - * | | TLV[TAG_2] | 4-byte attestation object identifier. | - * | | | [Optional] [Conditional: only when | - * | | | INS_ATTEST is set] | - * +-------+------------+------------------------------------------------+ - * | | TLV[TAG_3] | 1-byte :cpp:type:`SE05x_AttestationAlgo_t` | - * | | | [Optional] [Conditional: only when | - * | | | INS_ATTEST is set] | - * +-------+------------+------------------------------------------------+ - * | | TLV[TAG_7] | 16-byte freshness random [Optional] | - * | | | [Conditional: only when INS_ATTEST is set] | - * +-------+------------+------------------------------------------------+ - * | Le | 0x00 | Expecting TLV with return data. | - * +-------+------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_1] | Read response, a bytestring containing a | - * | | sequence of: * CONFIGURE (0x01), | - * | | followed by 1 byte of return code (0x5A = | - * | | SUCCESS). * WRITE (0x03), | - * | | followed by 1 byte of return code * | - * | | READ (0x04), followed by - | - * | | Length: 2 bytes in big endian encoded without | - * | | TLV length encoding - | - * | | Read bytes * | - * | | 0xFF followed by the error return code in case | - * | | of a structural error of the incoming buffer | - * | | (too long, for example) | - * +------------+------------------------------------------------+ - * | TLV[TAG_3] | TLV containing 12-byte timestamp | - * +------------+------------------------------------------------+ - * | TLV[TAG_4] | TLV containing 16-byte freshness (random) | - * +------------+------------------------------------------------+ - * | TLV[TAG_5] | TLV containing 18-byte chip unique ID | - * +------------+------------------------------------------------+ - * | TLV[TAG_6] | TLV containing signature over the concatenated | - * | | values of TLV[TAG_1], TLV[TAG_3], TLV[TAG_4] | - * | | and TLV[TAG_5]. | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * - * - * @param[in] session_ctx The session context - * @param[in] inputData The input data - * @param[in] inputDataLen The input data length - * @param[in] attestationID The attestation id - * @param[in] attestationAlgo The attestation algorithm - * @param response The response - * @param presponseLen The presponse length - * @param ptimeStamp The ptime stamp - * @param freshness The freshness - * @param pfreshnessLen The pfreshness length - * @param chipId The chip identifier - * @param pchipIdLen The pchip identifier length - * @param signature The signature - * @param psignatureLen The psignature length - * @param randomAttst The random attst - * @param[in] randomAttstLen The random attst length - * - * @return The sm status. - */ -smStatus_t Se05x_API_I2CM_ExecuteCommandSet(pSe05xSession_t session_ctx, - const uint8_t *inputData, - size_t inputDataLen, - uint32_t attestationID, - uint8_t attestationAlgo, - uint8_t *response, - size_t *presponseLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *freshness, - size_t *pfreshnessLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen, - uint8_t *randomAttst, - size_t randomAttstLen); - -/** Se05x_API_DigestInit - * - * Open a digest operation. The state of the digest operation is kept in the - * Crypto Object until the Crypto Object is finalized or deleted. - * - * - * # Command to Applet - * - * @rst - * +-------+------------+---------------------------------+ - * | Field | Value | Description | - * +=======+============+=================================+ - * | CLA | 0x80 | | - * +-------+------------+---------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+---------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+---------------------------------+ - * | P2 | P2_INIT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+---------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+---------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +-------+------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_2] - */ -smStatus_t Se05x_API_DigestInit(pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID); - -/** Se05x_API_DigestUpdate - * - * - * # Command to Applet - * - * @rst - * +-------+------------+---------------------------------+ - * | Field | Value | Description | - * +=======+============+=================================+ - * | CLA | 0x80 | | - * +-------+------------+---------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+---------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+---------------------------------+ - * | P2 | P2_UPDATE | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+---------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+---------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +-------+------------+---------------------------------+ - * | | TLV[TAG_3] | Data to be hashed. | - * +-------+------------+---------------------------------+ - * | Le | | | - * +-------+------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------------+ - * | SW | Description | - * +=============+======================================+ - * | SW_NO_ERROR | The command is handled successfully. | - * +-------------+--------------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_2] - * @param[in] inputData inputData [2:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - */ -smStatus_t Se05x_API_DigestUpdate( - pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID, const uint8_t *inputData, size_t inputDataLen); - -/** Se05x_API_DigestFinal - * - * - * # Command to Applet - * - * @rst - * +-------+------------+------------------------------------+ - * | Field | Value | Description | - * +=======+============+====================================+ - * | CLA | 0x80 | | - * +-------+------------+------------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+------------------------------------+ - * | P2 | P2_FINAL | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+------------------------------------+ - * | | TLV[TAG_2] | 2-byte Crypto Object identifier | - * +-------+------------+------------------------------------+ - * | | TLV[TAG_3] | Data to be encrypted or decrypted. | - * +-------+------------+------------------------------------+ - * | Le | 0x00 | Expecting TLV with hash value. | - * +-------+------------+------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------+ - * | Value | Description | - * +============+=============+ - * | TLV[TAG_1] | CMAC value | - * +------------+-------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+-----------------------------------+ - * | SW | Description | - * +=============+===================================+ - * | SW_NO_ERROR | The hash is created successfully. | - * +-------------+-----------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] cryptoObjectID cryptoObjectID [1:kSE05x_TAG_2] - * @param[in] inputData inputData [2:kSE05x_TAG_3] - * @param[in] inputDataLen Length of inputData - * @param[out] cmacValue [0:kSE05x_TAG_1] - * @param[in,out] pcmacValueLen Length for cmacValue - */ -smStatus_t Se05x_API_DigestFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *cmacValue, - size_t *pcmacValueLen); - -/** Se05x_API_DigestOneShot - * - * Performs a hash operation in one shot (without context). - * - * - * # Command to Applet - * - * @rst - * +-------+------------+-------------------------------------------+ - * | Field | Value | Description | - * +=======+============+===========================================+ - * | CLA | 0x80 | | - * +-------+------------+-------------------------------------------+ - * | INS | INS_CRYPTO | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-------------------------------------------+ - * | P2 | P2_ONESHOT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-------------------------------------------+ - * | | TLV[TAG_1] | 1-byte DigestMode (except DIGEST_NO_HASH) | - * +-------+------------+-------------------------------------------+ - * | | TLV[TAG_2] | Data to hash. | - * +-------+------------+-------------------------------------------+ - * | Le | 0x00 | TLV expecting hash value | - * +-------+------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------+ - * | Value | Description | - * +============+=============+ - * | TLV[TAG_1] | Hash value. | - * +------------+-------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+-----------------------------------+ - * | SW | Description | - * +=============+===================================+ - * | SW_NO_ERROR | The hash is created successfully. | - * +-------------+-----------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - * @param[in] digestMode digestMode [1:kSE05x_TAG_1] - * @param[in] inputData inputData [2:kSE05x_TAG_2] - * @param[in] inputDataLen Length of inputData - * @param[out] hashValue [0:kSE05x_TAG_1] - * @param[in,out] phashValueLen Length for hashValue - */ -smStatus_t Se05x_API_DigestOneShot(pSe05xSession_t session_ctx, - uint8_t digestMode, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *hashValue, - size_t *phashValueLen); - -/** Se05x_API_GetVersion - * - * Gets the applet version information. - * - * This will return 7-byte VersionInfo (including major, minor and patch version - * of the applet, supported applet features and secure box version). - * - * # Command to Applet - * - * @rst - * +-------+------------------------------+----------------------------------------------+ - * | Field | Value | Description | - * +=======+==============================+==============================================+ - * | CLA | 0x80 | | - * +-------+------------------------------+----------------------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------------------------+----------------------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------------------------+----------------------------------------------+ - * | P2 | P2_VERSION or P2_VERSION_EXT | See :cpp:type:`SE05x_P2_t` | - * +-------+------------------------------+----------------------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------------------------+----------------------------------------------+ - * | Le | 0x00 | Expecting TLV with 7-byte data (when P2 = | - * | | | P2_VERSION) or a TLV with 37 byte data (when | - * | | | P2= P2_VERSION_EXT). | - * +-------+------------------------------+----------------------------------------------+ - * @endrst - * - * - * # R-APDU Body - * - * @rst - * +------------+------------------------------------------------+ - * | Value | Description | - * +============+================================================+ - * | TLV[TAG_1] | 7-byte :cpp:type:`VersionInfoRef` (if P2 = | - * | | P2_VERSION) or 7-byte VersionInfo followed by | - * | | 30 bytes extendedFeatureBits (if P2 = | - * | | P2_VERSION_EXT) | - * +------------+------------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * @param[in] session_ctx The session context - * @param pappletVersion The papplet version - * @param appletVersionLen The applet version length - * - * @return The sm status. - */ -smStatus_t Se05x_API_GetVersion(pSe05xSession_t session_ctx, uint8_t *pappletVersion, size_t *appletVersionLen); - -/** Se05x_API_GetTimestamp - * - * Gets a monotonic counter value (time stamp) from the operating system of the - * device (both persistent and transient part). See TimestampFunctionality for - * details on the timestamps. - * - * - * # Command to Applet - * - * @rst - * +-------+------------+-------------------------------+ - * | Field | Value | Description | - * +=======+============+===============================+ - * | CLA | 0x80 | | - * +-------+------------+-------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-------------------------------+ - * | P2 | P2_TIME | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-------------------------------+ - * | Le | 0x2C | Expecting TLV with timestamp. | - * +-------+------------+-------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+-------------------------------------------+ - * | Value | Description | - * +============+===========================================+ - * | TLV[TAG_1] | TLV containing a 12-byte operating system | - * | | timestamp. | - * +------------+-------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx The session context - * @param ptimeStamp The ptime stamp - * - * @return The sm status. - */ -smStatus_t Se05x_API_GetTimestamp(pSe05xSession_t session_ctx, SE05x_TimeStamp_t *ptimeStamp); - -/** Se05x_API_GetFreeMemory - * - * Gets the amount of free memory. MemoryType indicates the type of memory. - * - * The result indicates the amount of free memory. Note that behavior of the - * function might not be fully linear and can have a granularity of 16 bytes - * where the applet will typically report the "worst case" amount. For example, - * when allocating 2 bytes a time, the first report will show 16 bytes being - * allocated, which remains the same for the next 7 allocations of 2 bytes. - * - * - * # Command to Applet - * - * @rst - * +-------+------------+---------------------------------+ - * | Field | Value | Description | - * +=======+============+=================================+ - * | CLA | 0x80 | | - * +-------+------------+---------------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+---------------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+---------------------------------+ - * | P2 | P2_MEMORY | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+---------------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+---------------------------------+ - * | | TLV[TAG_1] | :cpp:type:`SE05x_MemTyp_t` | - * +-------+------------+---------------------------------+ - * | Le | 0x04 | Expecting TLV with 2-byte data. | - * +-------+------------+---------------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+----------------------------------------------+ - * | Value | Description | - * +============+==============================================+ - * | TLV[TAG_1] | 2 bytes indicating the amount of free memory | - * | | of the requested memory type. 0x7FFF as | - * | | response means at least 32768 bytes are | - * | | available. | - * +------------+----------------------------------------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx The session context - * @param[in] memoryType The memory type - * @param pfreeMem The pfree memory - * - * @return The sm status. - */ -smStatus_t Se05x_API_GetFreeMemory(pSe05xSession_t session_ctx, SE05x_MemoryType_t memoryType, uint16_t *pfreeMem); - -/** Se05x_API_GetRandom - * - * Gets random data from the SE05X . - * - * - * # Command to Applet - * - * @rst - * +-------+------------+-----------------------------+ - * | Field | Value | Description | - * +=======+============+=============================+ - * | CLA | 0x80 | | - * +-------+------------+-----------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+------------+-----------------------------+ - * | P2 | P2_RANDOM | See :cpp:type:`SE05x_P2_t` | - * +-------+------------+-----------------------------+ - * | Lc | #(Payload) | | - * +-------+------------+-----------------------------+ - * | | TLV[TAG_1] | 2-byte requested size. | - * +-------+------------+-----------------------------+ - * | Le | 0x00 | Expecting random data | - * +-------+------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * @rst - * +------------+--------------+ - * | Value | Description | - * +============+==============+ - * | TLV[TAG_1] | Random data. | - * +------------+--------------+ - * @endrst - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx The session context - * @param[in] size The size - * @param randomData The random data - * @param prandomDataLen The prandom data length - * - * @return The sm status. - */ -smStatus_t Se05x_API_GetRandom(pSe05xSession_t session_ctx, uint16_t size, uint8_t *randomData, size_t *prandomDataLen); - -/** Se05x_API_DeleteAll - * - * Delete all Secure Objects, delete all curves and Crypto Objects. Secure - * Objects that are trust provisioned by NXP are not deleted (i.e., all objects - * that have Origin set to ORIGIN_PROVISIONED, including the objects with - * reserved object identifiers listed in Object attributes). - * - * This command can only be used from sessions that are authenticated using the - * credential with index RESERVED_ID_FACTORY_RESET. - * - * _Important_ : if a secure messaging session is up & running (e.g., AESKey or - * ECKey session) and the command is sent within this session, the response of - * the DeleteAll command will not be wrapped (i.e., not encrypted and no R-MAC), - * so this will also break down the secure channel protocol (as the session is - * closed by the DeleteAll command itself). - * - * # Command to Applet - * - * @rst - * +-------+---------------+-----------------------------+ - * | Field | Value | Description | - * +=======+===============+=============================+ - * | CLA | 0x80 | | - * +-------+---------------+-----------------------------+ - * | INS | INS_MGMT | See :cpp:type:`SE05x_INS_t` | - * +-------+---------------+-----------------------------+ - * | P1 | P1_DEFAULT | See :cpp:type:`SE05x_P1_t` | - * +-------+---------------+-----------------------------+ - * | P2 | P2_DELETE_ALL | See :cpp:type:`SE05x_P2_t` | - * +-------+---------------+-----------------------------+ - * | Lc | 0x00 | | - * +-------+---------------+-----------------------------+ - * @endrst - * - * # R-APDU Body - * - * NA - * - * # R-APDU Trailer - * - * @rst - * +-------------+--------------------------------+ - * | SW | Description | - * +=============+================================+ - * | SW_NO_ERROR | Data is returned successfully. | - * +-------------+--------------------------------+ - * @endrst - * - * - * - * @param[in] session_ctx Session Context [0:kSE05x_pSession] - */ -smStatus_t Se05x_API_DeleteAll(pSe05xSession_t session_ctx); - -#if SSS_HAVE_SE05X_VER_GTE_06_00 -#include "se05x_04_xx_APDU_apis.h" -#endif - -#endif /* SE050X_APDU_APIS_H_INC */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_impl.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_impl.h deleted file mode 100644 index 4717f19f7..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_impl.h +++ /dev/null @@ -1,3470 +0,0 @@ -/* - * - * Copyright 2019-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#if defined(NONSECURE_WORLD) -#include "veneer_printf_table.h" -#endif - -#if defined(NONSECURE_WORLD) -#define NEWLINE() DbgConsole_Printf_NSE("\r\n") -#else -#define NEWLINE() printf("\r\n") -#endif - -smStatus_t Se05x_API_CreateSession( - pSe05xSession_t session_ctx, uint32_t authObjectID, uint8_t *sessionId, size_t *psessionIdLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SESSION_CREATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CreateSession []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("auth", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, authObjectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, sessionId, psessionIdLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ExchangeSessionData(pSe05xSession_t session_ctx, pSe05xPolicy_t policy) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SESSION_POLICY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - // uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ExchangeSessionData []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("Policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, policy); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_RefreshSession(pSe05xSession_t session_ctx, pSe05xPolicy_t policy) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SESSION_REFRESH}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "RefreshSession []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CloseSession(pSe05xSession_t session_ctx) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SESSION_CLOSE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t iCnt = 0; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CloseSession []"); -#endif /* VERBOSE_APDU_LOGS */ - if (((session_ctx->value[0] || session_ctx->value[1] || session_ctx->value[2] || session_ctx->value[3] || - session_ctx->value[4] || session_ctx->value[5] || session_ctx->value[6] || session_ctx->value[7])) && - (session_ctx->hasSession == 1)) { - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - if (retStatus == SM_OK) { - for (iCnt = 0; iCnt < 8; iCnt++) { - session_ctx->value[iCnt] = 0; - } - session_ctx->hasSession = 0; - } - } - else { - LOG_D("CloseSession command is sent only if valid Session exists!!!"); - } - return retStatus; -} - -smStatus_t Se05x_API_VerifySessionUserID(pSe05xSession_t session_ctx, const uint8_t *userId, size_t userIdLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SESSION_UserID}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "VerifySessionUserID []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("userId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, userId, userIdLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_SetLockState(pSe05xSession_t session_ctx, uint8_t lockIndicator, uint8_t lockState) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_TRANSPORT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "SetLockState []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U8("lock indicator", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, lockIndicator); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("lock state", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, lockState); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_SetPlatformSCPRequest(pSe05xSession_t session_ctx, SE05x_PlatformSCPRequest_t platformSCPRequest) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_SCP}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "SetPlatformSCPRequest []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_PlatformSCPRequest("platf scp req", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, platformSCPRequest); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_SetAppletFeatures(pSe05xSession_t session_ctx, pSe05xAppletFeatures_t appletVariant) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_VARIANT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "SetAppletFeatures []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Variant(&pCmdbuf, &cmdbufLen, kSE05x_TAG_1, appletVariant); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteECKey(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_ECCurve_t curveID, - const uint8_t *privKey, - size_t privKeyLen, - const uint8_t *pubKey, - size_t pubKeyLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_EC | key_part, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "WriteECKey []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECCurve("curveID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, curveID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("privKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, privKey, privKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("pubKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, pubKey, pubKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteRSAKey(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t size, - const uint8_t *p, - size_t pLen, - const uint8_t *q, - size_t qLen, - const uint8_t *dp, - size_t dpLen, - const uint8_t *dq, - size_t dqLen, - const uint8_t *qInv, - size_t qInvLen, - const uint8_t *pubExp, - size_t pubExpLen, - const uint8_t *priv, - size_t privLen, - const uint8_t *pubMod, - size_t pubModLen, - const SE05x_INS_t ins_type, - const SE05x_KeyPart_t key_part, - const SE05x_RSAKeyFormat_t rsa_format) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_RSA | key_part, rsa_format}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "WriteRSAKey []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("To be Checked(last 3 not pdf)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("size in bits", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, size); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("p", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, p, pLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("q", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, q, qLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("dp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, dp, dpLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("dq", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, dq, dqLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("qnv", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, qInv, qInvLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("public exp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_8, pubExp, pubExpLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("priv", &pCmdbuf, &cmdbufLen, kSE05x_TAG_9, priv, privLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional_ByteShift("public mod", &pCmdbuf, &cmdbufLen, kSE05x_TAG_10, pubMod, pubModLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteSymmKey(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - SE05x_KeyID_t kekID, - const uint8_t *keyValue, - size_t keyValueLen, - const SE05x_INS_t ins_type, - const SE05x_SymmKeyType_t type) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, type, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "WriteSymmKey []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_KeyID("KEK id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, kekID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("key value", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, keyValue, keyValueLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteBinary(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t objectID, - uint16_t offset, - uint16_t length, - const uint8_t *inputData, - size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_BINARY, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "WriteBinary []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("input data", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_WriteUserID(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - SE05x_MaxAttemps_t maxAttempt, - uint32_t objectID, - const uint8_t *userId, - size_t userIdLen, - const SE05x_AttestationType_t attestation_type) -{ - smStatus_t retStatus = SM_NOT_OK; - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | attestation_type, kSE05x_P1_UserID, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "WriteUserID []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_MaxAttemps("maxAttempt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_MAX_ATTEMPTS, maxAttempt); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("userId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, userId, userIdLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CreateCounter(pSe05xSession_t session_ctx, pSe05xPolicy_t policy, uint32_t objectID, uint16_t size) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_COUNTER, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "Se05x_API_CreateCounter []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - - if (size != 0) { - tlvRet = TLVSET_U16("size", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, size); - if (0 != tlvRet) { - goto cleanup; - } - } - - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_SetCounterValue(pSe05xSession_t session_ctx, uint32_t objectID, uint16_t size, uint64_t value) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_COUNTER, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "SetCounterValue []"); -#endif /* VERBOSE_APDU_LOGS */ - - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - - if ((size > 0) && (size <= 8)) { - if (value != 0) { - tlvRet = TLVSET_U64_SIZE("value", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, value, size); - if (0 != tlvRet) { - goto cleanup; - } - } - } - else { - LOG_E("Wrong size provided"); - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_IncCounter(pSe05xSession_t session_ctx, uint32_t objectID) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_COUNTER, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(objectID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "IncCounter []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -#if ENABLE_DEPRECATED_API_WritePCR -smStatus_t Se05x_API_WritePCR(pSe05xSession_t session_ctx, - pSe05xPolicy_t policy, - uint32_t pcrID, - const uint8_t *initialValue, - size_t initialValueLen, - const uint8_t *inputData, - size_t inputDataLen) -{ - return Se05x_API_WritePCR_WithType( - session_ctx, kSE05x_INS_NA, policy, pcrID, initialValue, initialValueLen, inputData, inputDataLen); -} -#endif // ENABLE_DEPRECATED_API_WritePCR - -smStatus_t Se05x_API_WritePCR_WithType(pSe05xSession_t session_ctx, - const SE05x_INS_t ins_type, - pSe05xPolicy_t policy, - uint32_t pcrID, - const uint8_t *initialValue, - size_t initialValueLen, - const uint8_t *inputData, - size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE | ins_type, kSE05x_P1_PCR, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - - if (Se05x_IsInValidRangeOfUID(pcrID)) - return SM_NOT_OK; - -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "WritePCR []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_Se05xPolicy("policy", &pCmdbuf, &cmdbufLen, kSE05x_TAG_POLICY, policy); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, pcrID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("initialValue", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, initialValue, initialValueLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ImportObject(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAKeyComponent_t rsaKeyComp, - const uint8_t *serializedObject, - size_t serializedObjectLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_DEFAULT, kSE05x_P2_IMPORT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ImportObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - if (rsaKeyComp != kSE05x_RSAKeyComponent_NA) { - tlvRet = TLVSET_RSAKeyComponent("rsaKeyComp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, rsaKeyComp); - if (0 != tlvRet) { - goto cleanup; - } - } - tlvRet = TLVSET_u8bufOptional( - "serializedObject", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, serializedObject, serializedObjectLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ImportExternalObject(pSe05xSession_t session_ctx, - const uint8_t *ECKeydata, - size_t ECKeydataLen, - const uint8_t *ECAuthKeyID, - size_t ECAuthKeyIDLen, - const uint8_t *serializedObject, - size_t serializedObjectLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, 0x06, kSE05x_P1_DEFAULT, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ImportExternalObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8buf("AuthData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_IMPORT_AUTH_DATA, ECKeydata, ECKeydataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8buf("AuthID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_IMPORT_AUTH_KEY_ID, ECAuthKeyID, ECAuthKeyIDLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional( - "serializedObject", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, serializedObject, serializedObjectLen); - - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadObject( - pSe05xSession_t session_ctx, uint32_t objectID, uint16_t offset, uint16_t length, uint8_t *data, size_t *pdataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, data, pdataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - - if (retStatus == SM_ERR_ACCESS_DENIED_BASED_ON_POLICY) - LOG_W("Denied to read object %08X bases on policy.", objectID); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadObject_W_Attst(pSe05xSession_t session_ctx, - uint32_t objectID, - uint16_t offset, - uint16_t length, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *data, - size_t *pdataLen, - uint8_t *attribute, - size_t *pattributeLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ_With_Attestation, kSE05x_P1_DEFAULT, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadObject_W_Attst []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("attestID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, attestID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_AttestationAlgo("attestAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, attestAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("random", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, random, randomLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, data, pdataLen); /* */ - if (0 != tlvRet) { - /* Keys with no read policy will not return TAG1 */ - //goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, attribute, pattributeLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_TimeStamp(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_3, ptimeStamp); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_4, outrandom, poutrandomLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_5, chipId, pchipIdLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_6, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadRSA(pSe05xSession_t session_ctx, - uint32_t objectID, - uint16_t offset, - uint16_t length, - SE05x_RSAPubKeyComp_t rsa_key_comp, - uint8_t *data, - size_t *pdataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadRSA []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSAPubKeyComp("rsa_key_comp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, rsa_key_comp); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, data, pdataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadRSA_W_Attst(pSe05xSession_t session_ctx, - uint32_t objectID, - uint16_t offset, - uint16_t length, - SE05x_RSAPubKeyComp_t rsa_key_comp, - uint32_t attestID, - SE05x_AttestationAlgo_t attestAlgo, - const uint8_t *random, - size_t randomLen, - uint8_t *data, - size_t *pdataLen, - uint8_t *attribute, - size_t *pattributeLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *outrandom, - size_t *poutrandomLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ_With_Attestation, kSE05x_P1_DEFAULT, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadRSA_W_Attst []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, offset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16Optional("length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, length); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSAPubKeyComp("rsa_key_comp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, rsa_key_comp); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("attestID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, attestID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_AttestationAlgo("attestAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, attestAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("random", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, random, randomLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, data, pdataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, attribute, pattributeLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_TimeStamp(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_3, ptimeStamp); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_4, outrandom, poutrandomLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_5, chipId, pchipIdLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_6, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ExportObject( - pSe05xSession_t session_ctx, uint32_t objectID, SE05x_RSAKeyComponent_t rsaKeyComp, uint8_t *data, size_t *pdataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_EXPORT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ExportObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSAKeyComponent("rsaKeyComp", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, rsaKeyComp); - if (0 != tlvRet) { - goto cleanup; - } - - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, data, pdataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadType(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_SecureObjectType_t *ptype, - uint8_t *pisTransient, - const SE05x_AttestationType_t attestation_type) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ | attestation_type, kSE05x_P1_DEFAULT, kSE05x_P2_TYPE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadType []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_SecureObjectType(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, ptype); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_U8(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_2, pisTransient); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadSize(pSe05xSession_t session_ctx, uint32_t objectID, uint16_t *psize) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_SIZE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadSize []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U16(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, psize); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadIDList(pSe05xSession_t session_ctx, - uint16_t outputOffset, - uint8_t filter, - uint8_t *pmore, - uint8_t *idlist, - size_t *pidlistLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_DEFAULT, kSE05x_P2_LIST}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadIDList []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U16("output offset", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, outputOffset); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("filter", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, filter); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U8(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pmore); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, - &rspIndex, - rspbufLen, - kSE05x_TAG_2, - idlist, - pidlistLen); /* Byte array containing 4-byte identifiers */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (smStatus_t)((pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1])); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CheckObjectExists(pSe05xSession_t session_ctx, uint32_t objectID, SE05x_Result_t *presult) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_EXIST}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CheckObjectExists []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, presult); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DeleteSecureObject(pSe05xSession_t session_ctx, uint32_t objectID) -{ - smStatus_t retStatus = SM_NOT_OK; - - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_DELETE_OBJECT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DeleteSecureObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CreateECCurve(pSe05xSession_t session_ctx, SE05x_ECCurve_t curveID) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_CURVE, kSE05x_P2_CREATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CreateECCurve []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_ECCurve("curve id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, curveID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_SetECCurveParam(pSe05xSession_t session_ctx, - SE05x_ECCurve_t curveID, - SE05x_ECCurveParam_t ecCurveParam, - const uint8_t *inputData, - size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_CURVE, kSE05x_P2_PARAM}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "SetECCurveParam []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_ECCurve("curve id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, curveID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECCurveParam("ecCurveParam", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, ecCurveParam); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_GetECCurveId(pSe05xSession_t session_ctx, uint32_t objectID, uint8_t *pcurveId) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_CURVE, kSE05x_P2_ID}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "GetECCurveId []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("object id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U8(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pcurveId); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadECCurveList(pSe05xSession_t session_ctx, uint8_t *curveList, size_t *pcurveListLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_CURVE, kSE05x_P2_LIST}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadECCurveList []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, curveList, pcurveListLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DeleteECCurve(pSe05xSession_t session_ctx, SE05x_ECCurve_t curveID) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_CURVE, kSE05x_P2_DELETE_OBJECT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DeleteECCurve []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_ECCurve("curve id", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, curveID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CreateCryptoObject(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - SE05x_CryptoContext_t cryptoContext, - SE05x_CryptoModeSubType_t subtype) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_WRITE, kSE05x_P1_CRYPTO_OBJ, kSE05x_P2_DEFAULT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CreateCryptoObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoContext("cryptoContext", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoContext); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoModeSubType( - "1-byte Crypto Object subtype, either from DigestMode, CipherMode or MACAlgo (depending on TAG_2).", - &pCmdbuf, - &cmdbufLen, - kSE05x_TAG_3, - subtype); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ReadCryptoObjectList(pSe05xSession_t session_ctx, uint8_t *idlist, size_t *pidlistLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_CRYPTO_OBJ, kSE05x_P2_LIST}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ReadCryptoObjectList []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = - tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, idlist, pidlistLen); /* If more ids are present */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DeleteCryptoObject(pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_CRYPTO_OBJ, kSE05x_P2_DELETE_OBJECT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DeleteCryptoObject []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ECDSASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_ECSignatureAlgo_t ecSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_SIGN}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ECDSASign []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECSignatureAlgo("ecSignAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, ecSignAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_EdDSASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_EDSignatureAlgo_t edSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_SIGN}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "EdDSASign []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_EDSignatureAlgo("edSignAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, edSignAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ECDAASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_ECDAASignatureAlgo_t ecdaaSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *randomData, - size_t randomDataLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_SIGN}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ECDAASign []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECDAASignatureAlgo("ecdaaSignAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, ecdaaSignAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("randomData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, randomData, randomDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ECDSAVerify(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_ECSignatureAlgo_t ecSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *signature, - size_t signatureLen, - SE05x_Result_t *presult) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_VERIFY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ECDSAVerify []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_ECSignatureAlgo("ecSignAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, ecSignAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("signature", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, signature, signatureLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, presult); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_EdDSAVerify(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_EDSignatureAlgo_t edSignAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *signature, - size_t signatureLen, - SE05x_Result_t *presult) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_VERIFY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "EdDSAVerify []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_EDSignatureAlgo("edSignAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, edSignAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("signature", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, signature, signatureLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, presult); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_ECDHGenerateSharedSecret(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *pubKey, - size_t pubKeyLen, - uint8_t *sharedSecret, - size_t *psharedSecretLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_EC, kSE05x_P2_DH}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "ECDHGenerateSharedSecret []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("pubKey", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, pubKey, pubKeyLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, sharedSecret, psharedSecretLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_RSASign(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSASignatureAlgo_t rsaSigningAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *signature, - size_t *psignatureLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_SIGN}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "RSASign []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSASignatureAlgo("rsaSigningAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, rsaSigningAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_RSAVerify(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSASignatureAlgo_t rsaSigningAlgo, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *signature, - size_t signatureLen, - SE05x_Result_t *presult) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_SIGNATURE, kSE05x_P2_VERIFY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "RSAVerify []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSASignatureAlgo("rsaSigningAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, rsaSigningAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("signature", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, signature, signatureLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_Result(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, presult); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_RSAEncrypt(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAEncryptionAlgo_t rsaEncryptionAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *encryptedData, - size_t *pencryptedDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_RSA, kSE05x_P2_ENCRYPT_ONESHOT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "RSAEncrypt []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSAEncryptionAlgo("rsaEncryptionAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, rsaEncryptionAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, encryptedData, pencryptedDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_RSADecrypt(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_RSAEncryptionAlgo_t rsaEncryptionAlgo, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *decryptedData, - size_t *pdecryptedDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_RSA, kSE05x_P2_DECRYPT_ONESHOT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "RSADecrypt []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_RSAEncryptionAlgo("rsaEncryptionAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, rsaEncryptionAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, decryptedData, pdecryptedDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CipherInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *IV, - size_t IVLen, - const SE05x_Cipher_Oper_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_CIPHER, operation}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CipherInit []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("IV", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, IV, IVLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CipherUpdate(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_CIPHER, kSE05x_P2_UPDATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CipherUpdate []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CipherFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_CIPHER, kSE05x_P2_FINAL}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CipherFinal []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8buf("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_CipherOneShot(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CipherMode_t cipherMode, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *IV, - size_t IVLen, - uint8_t *outputData, - size_t *poutputDataLen, - const SE05x_Cipher_Oper_OneShot_t operation) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_CIPHER, operation}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "CipherOneShot []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CipherMode("cipherMode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cipherMode); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("IV", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, IV, IVLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_MACInit(pSe05xSession_t session_ctx, - uint32_t objectID, - SE05x_CryptoObjectID_t cryptoObjectID, - const SE05x_Mac_Oper_t mac_oper) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_MAC, mac_oper}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "MACInit []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_MACUpdate( - pSe05xSession_t session_ctx, const uint8_t *inputData, size_t inputDataLen, SE05x_CryptoObjectID_t cryptoObjectID) -{ - smStatus_t retStatus = SM_NOT_OK; - - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_MAC, kSE05x_P2_UPDATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "MACUpdate []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_MACFinal(pSe05xSession_t session_ctx, - const uint8_t *inputData, - size_t inputDataLen, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *macValidateData, - size_t macValidateDataLen, - uint8_t *macValue, - size_t *pmacValueLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_MAC, kSE05x_P2_FINAL}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "MACFinal []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8buf("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional( - "macValidateData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, macValidateData, macValidateDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, macValue, pmacValueLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_MACOneShot_G(pSe05xSession_t session_ctx, - uint32_t objectID, - uint8_t macOperation, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *macValue, - size_t *pmacValueLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_MAC, kSE05x_P2_GENERATE_ONESHOT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "MACOneShot_G []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("macOperation", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, macOperation); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, macValue, pmacValueLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_MACOneShot_V(pSe05xSession_t session_ctx, - uint32_t objectID, - uint8_t macOperation, - const uint8_t *inputData, - size_t inputDataLen, - const uint8_t *MAC, - size_t MACLen, - uint8_t *macValue, - size_t *pmacValueLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_MAC, kSE05x_P2_VALIDATE_ONESHOT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "MACOneShot_V []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("macOperation", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, macOperation); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional( - "MAC to verify (when P2=P2_VALIDATE_ONESHOT)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, MAC, MACLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, macValue, pmacValueLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_HKDF(pSe05xSession_t session_ctx, - uint32_t hmacID, - SE05x_DigestMode_t digestMode, - const uint8_t *salt, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - uint16_t deriveDataLen, - uint8_t *hkdfOuput, - size_t *phkdfOuputLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_HKDF}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "HKDF []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("hmacID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, hmacID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_DigestMode("digestMode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, digestMode); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("salt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, salt, saltLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("info", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, info, infoLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("2-byte requested length (L)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, deriveDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, hkdfOuput, phkdfOuputLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_HKDF_Extended(pSe05xSession_t session_ctx, - uint32_t hmacID, - SE05x_DigestMode_t digestMode, - SE05x_HkdfMode_t hkdfMode, - const uint8_t *salt, - size_t saltLen, - uint32_t saltID, - const uint8_t *info, - size_t infoLen, - uint32_t derivedKeyID, - uint16_t deriveDataLen, - uint8_t *hkdfOuput, - size_t *phkdfOuputLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_HKDF}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); - hdr.hdr[3] = (hkdfMode == kSE05x_HkdfMode_ExpandOnly ? kSE05x_P2_HKDF_EXPAND_ONLY : kSE05x_P2_HKDF); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "HKDF []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("hmacID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, hmacID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_DigestMode("digestMode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, digestMode); - if (0 != tlvRet) { - goto cleanup; - } - if ((salt != NULL) && (hkdfMode != kSE05x_HkdfMode_ExpandOnly)) { - tlvRet = TLVSET_u8bufOptional("salt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, salt, saltLen); - if (0 != tlvRet) { - goto cleanup; - } - } - tlvRet = TLVSET_u8bufOptional("info", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, info, infoLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("2-byte requested length (L)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, deriveDataLen); - if (0 != tlvRet) { - goto cleanup; - } - // Warning: TAGS must be in numerical order, so this cannot be the else statement of (salt != null) - if ((salt == NULL) && (hkdfMode != kSE05x_HkdfMode_ExpandOnly)) { - tlvRet = TLVSET_U32("saltID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_6, saltID); - if (0 != tlvRet) { - goto cleanup; - } - } - if (hkdfOuput == NULL) { - tlvRet = TLVSET_U32("derivedKeyID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, derivedKeyID); - if (0 != tlvRet) { - goto cleanup; - } - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - if (hkdfOuput == NULL) { - retStatus = SM_NOT_OK; - if (2 == rspbufLen) { - retStatus = (rspbuf[0] << 8) | (rspbuf[1]); - } - } - else { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, hkdfOuput, phkdfOuputLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_PBKDF2(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *salt, - size_t saltLen, - uint16_t count, - uint16_t requestedLen, - uint8_t *derivedSessionKey, - size_t *pderivedSessionKeyLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_PBKDF}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "PBKDF2 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32( - "4-byte password identifier (object type must be HMACKey)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("salt", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, salt, saltLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("count", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, count); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("requestedLen", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, requestedLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = - tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, derivedSessionKey, pderivedSessionKeyLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFDiversifyKey(pSe05xSession_t session_ctx, - uint32_t masterKeyID, - uint32_t diversifiedKeyID, - const uint8_t *divInputData, - size_t divInputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_DIVERSIFY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFDiversifyKey []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("masterKeyID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, masterKeyID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("diversifiedKeyID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, diversifiedKeyID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("divInputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, divInputData, divInputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFAuthenticateFirstPart1(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_AUTH_FIRST_PART1}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFAuthenticateFirstPart1 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFAuthenticateNonFirstPart1(pSe05xSession_t session_ctx, - uint32_t objectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_AUTH_NONFIRST_PART1}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFAuthenticateFirstPart1 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFAuthenticateFirstPart2(pSe05xSession_t session_ctx, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *outputData, - size_t *poutputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_AUTH_FIRST_PART2}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFAuthenticateFirstPart2 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFAuthenticateNonFirstPart2( - pSe05xSession_t session_ctx, const uint8_t *inputData, size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_AUTH_NONFIRST_PART2}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFAuthenticateNonFirstPart2 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFDumpSessionKeys(pSe05xSession_t session_ctx, uint8_t *sessionData, size_t *psessionDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_DUMP_KEY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFDumpSessionKeys []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, - &rspIndex, - rspbufLen, - kSE05x_TAG_1, - sessionData, - psessionDataLen); /* 38 bytes: KeyID.SesAuthENCKey || KeyID.SesAuthMACKey || TI || Cmd-Ctr */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFChangeKeyPart1(pSe05xSession_t session_ctx, - uint32_t oldObjectID, - uint32_t newObjectID, - uint8_t keySetNr, - uint8_t keyNoDESFire, - uint8_t keyVer, - uint8_t *KeyData, - size_t *pKeyDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_CHANGE_KEY_PART1}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFChangeKeyPart1 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_KeyID("oldObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, oldObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("newObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, newObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("keySetNr", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, keySetNr); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("keyNoDESFire", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, keyNoDESFire); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("keyVer", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, keyVer); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, KeyData, pKeyDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFChangeKeyPart2(pSe05xSession_t session_ctx, const uint8_t *MAC, size_t MACLen, uint8_t *presult) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_CHANGE_KEY_PART2}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFChangeKeyPart2 []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("MAC", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, MAC, MACLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U8(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, presult); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DFKillAuthentication(pSe05xSession_t session_ctx) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_KILL_AUTH}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DFKillAuthentication []"); -#endif /* VERBOSE_APDU_LOGS */ - - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - - return retStatus; -} - -smStatus_t Se05x_API_TLSGenerateRandom(pSe05xSession_t session_ctx, uint8_t *randomValue, size_t *prandomValueLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_TLS, kSE05x_P2_RANDOM}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "TLSGenerateRandom []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, randomValue, prandomValueLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_TLSCalculatePreMasterSecret(pSe05xSession_t session_ctx, - uint32_t keyPairId, - uint32_t pskId, - uint32_t hmacKeyId, - const uint8_t *inputData, - size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_TLS, kSE05x_P2_TLS_PMS}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "TLSCalculatePreMasterSecret []"); -#endif /* VERBOSE_APDU_LOGS */ - if (pskId != 0) { - tlvRet = TLVSET_U32("pskId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, pskId); - if (0 != tlvRet) { - goto cleanup; - } - } - tlvRet = TLVSET_U32("keyPairId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, keyPairId); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("hmacKeyId", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, hmacKeyId); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_TLSPerformPRF(pSe05xSession_t session_ctx, - uint32_t objectID, - uint8_t digestAlgo, - const uint8_t *label, - size_t labelLen, - const uint8_t *random, - size_t randomLen, - uint16_t reqLen, - uint8_t *outputData, - size_t *poutputDataLen, - const SE05x_TLSPerformPRFType_t tlsprf) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_TLS, tlsprf}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "TLSPerformPRF []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U32("objectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, objectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("digestAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, digestAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("Label (1 to 64 bytes)", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, label, labelLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("32-byte random", &pCmdbuf, &cmdbufLen, kSE05x_TAG_4, random, randomLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U16("2-byte requested length", &pCmdbuf, &cmdbufLen, kSE05x_TAG_5, reqLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, outputData, poutputDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_I2CM_ExecuteCommandSet(pSe05xSession_t session_ctx, - const uint8_t *inputData, - size_t inputDataLen, - uint32_t attestationID, - uint8_t attestationAlgo, - uint8_t *response, - size_t *presponseLen, - SE05x_TimeStamp_t *ptimeStamp, - uint8_t *freshness, - size_t *pfreshnessLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen, - uint8_t *randomAttst, - size_t randomAttstLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_I2CM_Attestation, kSE05x_P1_DEFAULT, kSE05x_P2_I2CM}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "I2CM_ExecuteCommandSet []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_u8bufOptional("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U32("attestationID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, attestationID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_U8("attestationAlgo", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, attestationAlgo); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8bufOptional("freshness random", &pCmdbuf, &cmdbufLen, kSE05x_TAG_7, randomAttst, randomAttstLen); - if (0 != tlvRet) { - goto cleanup; - } - - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, response, presponseLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_TimeStamp(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_3, ptimeStamp); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_4, freshness, pfreshnessLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_5, chipId, pchipIdLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_6, signature, psignatureLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DigestInit(pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_INIT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DigestInit []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DigestUpdate( - pSe05xSession_t session_ctx, SE05x_CryptoObjectID_t cryptoObjectID, const uint8_t *inputData, size_t inputDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_UPDATE}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DigestUpdate []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8buf("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DigestFinal(pSe05xSession_t session_ctx, - SE05x_CryptoObjectID_t cryptoObjectID, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *cmacValue, - size_t *pcmacValueLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_FINAL}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DigestFinal []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_CryptoObjectID("cryptoObjectID", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, cryptoObjectID); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8buf("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_3, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, cmacValue, pcmacValueLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DigestOneShot(pSe05xSession_t session_ctx, - uint8_t digestMode, - const uint8_t *inputData, - size_t inputDataLen, - uint8_t *hashValue, - size_t *phashValueLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_CRYPTO, kSE05x_P1_DEFAULT, kSE05x_P2_ONESHOT}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DigestOneShot []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U8("digestMode", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, digestMode); - if (0 != tlvRet) { - goto cleanup; - } - tlvRet = TLVSET_u8buf("inputData", &pCmdbuf, &cmdbufLen, kSE05x_TAG_2, inputData, inputDataLen); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, hashValue, phashValueLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_GetVersion(pSe05xSession_t session_ctx, uint8_t *pappletVersion, size_t *appletVersionLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_VERSION}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "GetVersion []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pappletVersion, appletVersionLen); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_GetTimestamp(pSe05xSession_t session_ctx, SE05x_TimeStamp_t *ptimeStamp) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_TIME}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "GetTimestamp []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTxRx_s_Case2(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_TimeStamp(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, ptimeStamp); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_GetFreeMemory(pSe05xSession_t session_ctx, SE05x_MemoryType_t memoryType, uint16_t *pfreeMem) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_MEMORY}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "GetFreeMemory []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_MemoryType("memoryType", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, memoryType); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_U16(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, pfreeMem); /* - */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_GetRandom(pSe05xSession_t session_ctx, uint16_t size, uint8_t *randomData, size_t *prandomDataLen) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_RANDOM}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; - uint8_t *pCmdbuf = &cmdbuf[0]; - int tlvRet = 0; - uint8_t rspbuf[SE05X_MAX_BUF_SIZE_RSP]; - uint8_t *pRspbuf = &rspbuf[0]; - size_t rspbufLen = ARRAY_SIZE(rspbuf); -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "GetRandom []"); -#endif /* VERBOSE_APDU_LOGS */ - tlvRet = TLVSET_U16("size", &pCmdbuf, &cmdbufLen, kSE05x_TAG_1, size); - if (0 != tlvRet) { - goto cleanup; - } - retStatus = DoAPDUTxRx_s_Case4_ext(session_ctx, &hdr, cmdbuf, cmdbufLen, rspbuf, &rspbufLen); - if (retStatus == SM_OK) { - retStatus = SM_NOT_OK; - size_t rspIndex = 0; - tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, randomData, prandomDataLen); /* */ - if (0 != tlvRet) { - goto cleanup; - } - if ((rspIndex + 2) == rspbufLen) { - retStatus = (pRspbuf[rspIndex] << 8) | (pRspbuf[rspIndex + 1]); - } - } - -cleanup: - return retStatus; -} - -smStatus_t Se05x_API_DeleteAll(pSe05xSession_t session_ctx) -{ - smStatus_t retStatus = SM_NOT_OK; - tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_MGMT, kSE05x_P1_DEFAULT, kSE05x_P2_DELETE_ALL}}; - uint8_t cmdbuf[SE05X_MAX_BUF_SIZE_CMD]; - size_t cmdbufLen = 0; -#if VERBOSE_APDU_LOGS - NEWLINE(); - nLog("APDU", NX_LEVEL_DEBUG, "DeleteAll []"); -#endif /* VERBOSE_APDU_LOGS */ - retStatus = DoAPDUTx_s_Case3(session_ctx, &hdr, cmdbuf, cmdbufLen); - return retStatus; -} diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_scp03_puf.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_scp03_puf.h deleted file mode 100644 index be9e9f1ce..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_scp03_puf.h +++ /dev/null @@ -1,124 +0,0 @@ -/* - * - * Copyright 2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef __EX_SCP03_PUF_H__ -#define __EX_SCP03_PUF_H__ - -#if defined(SECURE_WORLD) - -/** - * Activation Code to start PUF. - * This is used only for testing purposes, actual - * activation code should be stored in PFR and always - * read from PFR before PUF_Start. - * - * AC is different for all PUFs, this code cannot be used - * on any other board. - */ - -#define ACTIVATION_CODE_TESTING_LOCAL \ - { \ - 0xA2, 0x7D, 0xF7, 0x38, 0x15, 0x8E, 0x1F, 0xE1, 0x8D, 0x9F, 0x45, 0x6F, 0x8A, 0x2C, 0xA5, 0x8D, 0xC2, 0x15, \ - 0xD1, 0x9A, 0x13, 0xFA, 0xD8, 0x5E, 0x36, 0x00, 0x9A, 0xDD, 0x42, 0xB6, 0x4F, 0x6D, 0x08, 0xFB, 0x89, \ - 0x37, 0x3C, 0x1D, 0xAF, 0xD5, 0x63, 0xE1, 0xE8, 0xC8, 0x93, 0x93, 0x5C, 0xD8, 0x49, 0xF3, 0x2D, 0xD1, \ - 0xF9, 0x3D, 0x74, 0x97, 0x37, 0xBD, 0xC5, 0xBE, 0x04, 0x6A, 0x5E, 0xBC, 0xF3, 0x7D, 0xBD, 0xE0, 0xC6, \ - 0x3E, 0x66, 0x5F, 0xC0, 0x5C, 0x57, 0x09, 0x57, 0x8C, 0x45, 0x30, 0x12, 0x6F, 0xFA, 0x3B, 0xDB, 0x40, \ - 0xCE, 0xB8, 0xF2, 0x6E, 0x9B, 0xF1, 0x16, 0x74, 0x2A, 0x34, 0x7A, 0x6F, 0xB6, 0xEF, 0xA3, 0xD3, 0x8C, \ - 0xF0, 0x03, 0xB8, 0xB8, 0x8B, 0x2F, 0x27, 0x16, 0xDD, 0xE0, 0x92, 0xC8, 0xD7, 0x4E, 0x4A, 0x44, 0xBC, \ - 0x4D, 0x7C, 0x7E, 0xA0, 0xE7, 0x8E, 0xA3, 0x5D, 0xFB, 0x53, 0x4D, 0x67, 0x74, 0x4B, 0x65, 0x1E, 0xC1, \ - 0x57, 0x7C, 0x67, 0xB3, 0x58, 0x42, 0x4F, 0x36, 0xF9, 0x0C, 0x77, 0x58, 0x6C, 0x9A, 0x04, 0x15, 0x0D, \ - 0x71, 0x55, 0x3F, 0x8E, 0x69, 0x12, 0x2C, 0xFC, 0xCA, 0x80, 0xD7, 0xC7, 0x27, 0xFE, 0xEA, 0x6E, 0x7D, \ - 0xFC, 0x84, 0x50, 0x0F, 0x00, 0x71, 0x09, 0x8F, 0x2C, 0x91, 0x57, 0xAF, 0xE7, 0xF3, 0x11, 0xA8, 0xA2, \ - 0x76, 0xF2, 0x1D, 0x88, 0xA5, 0x2F, 0x2E, 0x09, 0x02, 0xB3, 0xC4, 0xD5, 0x1D, 0x39, 0x20, 0x3C, 0x36, \ - 0x51, 0x19, 0x9C, 0xFB, 0xC9, 0x33, 0xD6, 0xBE, 0x93, 0xBD, 0x68, 0x6D, 0x51, 0x30, 0xA9, 0x11, 0x98, \ - 0xAD, 0x84, 0xC5, 0x50, 0x9A, 0x7E, 0x11, 0x8E, 0x43, 0x78, 0x79, 0x3A, 0xE2, 0xF0, 0x52, 0xB8, 0xDD, \ - 0x4E, 0xD3, 0xB8, 0xE0, 0xF9, 0xA6, 0x34, 0xF2, 0xE1, 0xA3, 0xEC, 0x92, 0x46, 0xE4, 0xAE, 0x09, 0xFB, \ - 0x2A, 0x1F, 0x6F, 0xD0, 0x23, 0x0F, 0xE8, 0x0D, 0x52, 0x98, 0x88, 0xA3, 0x15, 0xC9, 0x01, 0x94, 0x61, \ - 0x1D, 0xB7, 0x2F, 0x5F, 0xB2, 0x94, 0x5D, 0x01, 0x54, 0x61, 0xB1, 0xF2, 0xB6, 0xF3, 0x79, 0x22, 0x2F, \ - 0x9C, 0x44, 0xAB, 0xD5, 0x0D, 0xC8, 0x42, 0x06, 0x03, 0x33, 0x8E, 0x52, 0xDF, 0xC8, 0xDE, 0x18, 0xF6, \ - 0xD6, 0x73, 0x64, 0x70, 0x94, 0xC5, 0x0F, 0x64, 0x3E, 0x7E, 0x14, 0xE9, 0xF4, 0x4C, 0xF9, 0x5E, 0x5A, \ - 0xC6, 0x39, 0xF7, 0xA9, 0x72, 0xB5, 0x08, 0x51, 0x11, 0x7A, 0xDB, 0x8A, 0x72, 0xF9, 0xF7, 0x23, 0x59, \ - 0xAC, 0x9A, 0x61, 0x2F, 0xA6, 0xDB, 0x84, 0xBD, 0x7C, 0x7E, 0x1A, 0xEA, 0xFB, 0x6B, 0xC8, 0x5E, 0xE3, \ - 0x04, 0xBF, 0x13, 0x05, 0xFA, 0xDA, 0xF7, 0x96, 0x91, 0x6A, 0x40, 0xA8, 0xC7, 0x77, 0xC6, 0xCB, 0xAC, \ - 0x2C, 0xD9, 0xCD, 0x6C, 0x6D, 0xA4, 0x19, 0x50, 0x07, 0x8C, 0x72, 0xEE, 0x0F, 0x33, 0xA2, 0x48, 0x20, \ - 0x24, 0x5E, 0x93, 0xE7, 0xC2, 0x73, 0x02, 0x00, 0x87, 0xFD, 0x11, 0x2A, 0x8F, 0x9F, 0xD9, 0xFB, 0xF7, \ - 0xAC, 0x0D, 0x77, 0xBB, 0x1C, 0xF8, 0x55, 0xE7, 0x10, 0x05, 0x5C, 0x18, 0x23, 0x26, 0xDD, 0x60, 0xDD, \ - 0xFF, 0xAB, 0x8D, 0x68, 0xDE, 0x7E, 0xE8, 0xB3, 0xDE, 0xA2, 0x6D, 0x35, 0x7C, 0x9B, 0x31, 0x11, 0x5E, \ - 0xEC, 0xB5, 0x51, 0x00, 0x1C, 0x5C, 0x65, 0xA3, 0xC7, 0x35, 0xFA, 0x37, 0x1C, 0xDF, 0xD0, 0x26, 0xA0, \ - 0x44, 0x57, 0xD4, 0xC9, 0xCE, 0xE5, 0x2B, 0xB4, 0x06, 0xF6, 0x9B, 0xE9, 0xE5, 0x66, 0x6F, 0x24, 0x30, \ - 0xBF, 0x6D, 0x8E, 0x2E, 0xE7, 0x13, 0x94, 0x0B, 0x6F, 0x1A, 0x7A, 0x77, 0xAB, 0xD9, 0xB4, 0x2D, 0xFF, \ - 0x4F, 0xB4, 0xC7, 0x04, 0x2E, 0xF7, 0x1B, 0xF6, 0x66, 0x2D, 0xA7, 0x59, 0x99, 0x57, 0x5F, 0x2C, 0x1A, \ - 0x75, 0x81, 0xF3, 0xAC, 0x41, 0x7A, 0xFB, 0x47, 0xF3, 0x0E, 0xDC, 0x9E, 0xAB, 0xED, 0x18, 0xA4, 0x43, \ - 0xCC, 0x80, 0xFB, 0x6E, 0x53, 0xD6, 0x91, 0x9F, 0x30, 0x80, 0xEA, 0x04, 0x42, 0x7B, 0x94, 0x62, 0x34, \ - 0x25, 0xEA, 0xA4, 0x9A, 0x72, 0x9B, 0x81, 0x47, 0xA5, 0xA0, 0xE9, 0x07, 0xBB, 0x09, 0xDA, 0x4C, 0x51, \ - 0x61, 0x00, 0xC7, 0x1E, 0x0E, 0x37, 0x7F, 0xF2, 0x2B, 0x82, 0xD0, 0xF6, 0x18, 0xFA, 0x56, 0xC7, 0x2D, \ - 0xEB, 0x22, 0xFC, 0xDC, 0x97, 0xDF, 0x65, 0xBC, 0xB4, 0x2A, 0xB3, 0x10, 0xFF, 0xC5, 0x7A, 0x9F, 0xF8, \ - 0xCD, 0xB9, 0x84, 0x60, 0x9E, 0x92, 0xFD, 0xF9, 0x16, 0x90, 0xB2, 0x81, 0x52, 0x7E, 0x03, 0xBC, 0x91, \ - 0xD8, 0x9A, 0x0C, 0xC1, 0x99, 0x93, 0x42, 0x67, 0x96, 0x3C, 0x01, 0x55, 0x37, 0x86, 0xD2, 0x37, 0xE6, \ - 0x07, 0xC8, 0x74, 0x41, 0xCD, 0x88, 0x93, 0x51, 0xBA, 0x9B, 0xB0, 0x00, 0x6D, 0x14, 0x4F, 0xD8, 0x7F, \ - 0x77, 0x9F, 0x7E, 0x15, 0xE2, 0xA9, 0xA0, 0xC8, 0x7F, 0xD4, 0xFA, 0xCD, 0x60, 0x91, 0xA8, 0x9B, 0xB7, \ - 0x41, 0x6E, 0x07, 0xCB, 0x21, 0xE9, 0x42, 0xC1, 0xB7, 0x6E, 0x63, 0x68, 0x90, 0x0E, 0x29, 0xBB, 0x0D, \ - 0x83, 0x32, 0xD0, 0x71, 0x5A, 0xE1, 0xEC, 0x21, 0x0E, 0x78, 0xC6, 0x60, 0x3D, 0x78, 0xFA, 0x5C, 0xEE, \ - 0xAC, 0x29, 0xC4, 0xE4, 0x0F, 0x92, 0x27, 0xBE, 0xD0, 0xA5, 0x1E, 0xF4, 0xDD, 0xAB, 0xB9, 0x22, 0xA0, \ - 0x7E, 0xFE, 0x47, 0x1D, 0x62, 0x69, 0x9D, 0x8D, 0x01, 0xCF, 0x5D, 0xC1, 0xAD, 0x50, 0x61, 0x77, 0x91, \ - 0x39, 0x0A, 0x97, 0x92, 0x92, 0x66, 0x9F, 0xE5, 0x57, 0x26, 0xD7, 0x01, 0xC3, 0xEF, 0x23, 0xCC, 0x98, \ - 0xB9, 0x39, 0x20, 0x6D, 0xC8, 0x10, 0x2D, 0xB8, 0x18, 0x2E, 0xC2, 0x25, 0x83, 0x88, 0x2A, 0xDF, 0xC7, \ - 0xBF, 0xBC, 0xE8, 0xA9, 0x7B, 0xD4, 0x19, 0x0E, 0xEF, 0x4E, 0xE4, 0xBA, 0x8B, 0x7C, 0xDB, 0x6A, 0x2A, \ - 0xEA, 0xA3, 0xED, 0xDD, 0xCF, 0x00, 0x85, 0x4B, 0xA0, 0xC2, 0xBC, 0x72, 0x39, 0x3D, 0x6A, 0x5C, 0x9D, \ - 0xDA, 0x8C, 0x1C, 0x67, 0x9A, 0xDC, 0x73, 0xF3, 0x9E, 0x2E, 0xA2, 0x0C, 0x42, 0x86, 0xE4, 0xA6, 0x3F, \ - 0x05, 0x57, 0xD0, 0xE4, 0xA7, 0x75, 0x5B, 0xA8, 0xA4, 0xE3, 0x1A, 0x57, 0x02, 0xBD, 0xE7, 0xDA, 0x32, \ - 0xA2, 0x69, 0xAA, 0xEC, 0xEB, 0xAF, 0x42, 0x8C, 0x72, 0xE4, 0xB1, 0x15, 0x26, 0x25, 0x7B, 0x29, 0xF8, \ - 0x97, 0x3F, 0x12, 0x29, 0x4F, 0x0B, 0xA5, 0x2E, 0x74, 0x8F, 0xA9, 0xF4, 0xED, 0x00, 0x42, 0x73, 0x92, \ - 0x59, 0x0B, 0xA8, 0x98, 0xF7, 0x7E, 0xE7, 0x09, 0xEE, 0xA4, 0x91, 0x2F, 0x93, 0xB7, 0x91, 0x1A, 0xBF, \ - 0x94, 0x96, 0xF9, 0xCC, 0xA4, 0x16, 0xDA, 0x01, 0x7C, 0x1A, 0xF9, 0xC3, 0xE5, 0x8A, 0xCC, 0x96, 0x54, \ - 0xC2, 0xDE, 0x1E, 0x04, 0x98, 0xA3, 0x6B, 0x55, 0x61, 0xB8, 0x1C, 0x57, 0x70, 0x9E, 0xAB, 0x48, 0xEA, \ - 0xD7, 0x18, 0x0A, 0xC8, 0x45, 0xB1, 0xC8, 0x6A, 0x5A, 0xAA, 0xB6, 0xDE, 0x76, 0x76, 0x2B, 0x82, 0x45, \ - 0x7E, 0x17, 0x83, 0x51, 0xAA, 0x13, 0xC8, 0xBF, 0x30, 0x62, 0xB9, 0xAE, 0xB7, 0x74, 0x55, 0xC7, 0x24, \ - 0x94, 0x3C, 0x1C, 0xA5, 0x1E, 0x94, 0x70, 0x71, 0xAF, 0x29, 0x5B, 0x79, 0xF1, 0xAF, 0x31, 0x30, 0x82, \ - 0x0F, 0x3C, 0x5A, 0x05, 0x1D, 0x88, 0x7D, 0x63, 0x4C, 0xCE, 0x7D, 0xFD, 0x07, 0x17, 0xB0, 0xC8, 0x13, \ - 0xC4, 0x7B, 0x0F, 0xBD, 0xFC, 0x5E, 0x58, 0x14, 0xD6, 0x17, 0x10, 0x5D, 0xDB, 0x54, 0x60, 0x3C, 0x68, \ - 0x0B, 0x54, 0x84, 0xFA, 0xAB, 0xD0, 0x02, 0xFE, 0x66, 0xB3, 0xEC, 0xDF, 0x06, 0x97, 0xC4, 0x0C, 0xDC, \ - 0xEC, 0x4B, 0x9B, 0x6C, 0x3A, 0x04, 0x72, 0x84, 0xA0, 0x9D, 0xC2, 0x6A, 0xB5, 0x69, 0x81, 0x30, 0x57, \ - 0x5F, 0x40, 0x81, 0x4C, 0x57, 0xA8, 0x0B, 0x41, 0x24, 0x68, 0x36, 0x8E, 0xFD, 0x2A, 0xE0, 0x69, 0xF5, \ - 0x3E, 0x56, 0x52, 0xF4, 0x5A, 0xFF, 0xF6, 0x32, 0xC2, 0xAE, 0xF4, 0xCC, 0x88, 0xA6, 0x5F, 0xFB, 0xFB, \ - 0x6B, 0xD1, 0xFF, 0x65, 0x31, 0xE9, 0x38, 0x1B, 0xCC, 0xA0, 0x47, 0xC0, 0x0D, 0x3C, 0x10, 0x5D, 0xB3, \ - 0x46, 0x63, 0x2A, 0xC4, 0x74, 0xCA, 0xC4, 0x3E, 0x49, 0xEB, 0x0A, 0xE3, 0xD6, 0xF1, 0xE8, 0xF5, 0xC3, \ - 0x9C, 0xD2, 0xE6, 0xEF, 0xCB, 0x29, 0xAF, 0x5D, 0xEA, 0x27, 0x1D, 0x8B, 0x8F, 0xEB, 0x33, 0x9E, 0x57, \ - 0xD4, 0x55, 0xD8, 0xB0, 0x34, 0x43, 0xA4, 0xF6, 0x38, 0x8B, 0x66, 0x1E, 0x30, 0xA1, 0x7D, 0xAF, 0xC2, \ - 0x1E, 0x6B, 0xFD, 0x73, 0x05, 0x39, 0xB5, 0x06, 0xEF, 0x93, 0x1D, 0x7A, 0xF7, 0x15, 0x74, 0x3A, 0x72, \ - 0x06, 0x6F, 0x9F, 0xA8, 0xCF, 0x4D, 0x2A, 0x8C, 0xB4, 0x7F, 0xB9, 0x40, 0xE7, 0x2E, 0x8B, 0xC1, 0xD9, \ - 0x84, 0xFF, 0x5E, 0x78, 0x5D, 0x6C, 0x36, 0xDC, 0xD5, 0x92, 0x94, 0x17, 0x11, 0x0E, 0xE0, 0xE2, 0xFD, \ - 0xC0, \ - } - -#define KEY_CODE_ENC \ - { \ - 0x00, 0x00, 0x00, 0x02, 0xE2, 0x9B, 0x12, 0x4E, 0xF2, 0xDC, 0xA8, 0xE3, 0x2D, 0x7A, 0xB3, 0x98, 0x56, 0x3E, \ - 0x0A, 0x0F, 0x66, 0xCF, 0xB2, 0x37, 0x31, 0xBD, 0xD4, 0xD4, 0x42, 0x27, 0x73, 0x92, 0x23, 0xCC, 0xA7, \ - 0xE7, 0x51, 0xA4, 0x99, 0x91, 0x19, 0x68, 0x74, 0x92, 0xC9, 0x9D, 0xF2, 0x9F, 0x5B, 0x6E, 0x5E, 0x81 \ - } - -#define KEY_CODE_MAC \ - { \ - 0x00, 0x00, 0x00, 0x02, 0x81, 0x54, 0x3E, 0x5D, 0x47, 0xDE, 0x23, 0x7C, 0x00, 0x1B, 0x16, 0xBE, 0x1B, 0x05, \ - 0xED, 0xD2, 0xD5, 0xB2, 0x4D, 0x3C, 0xD3, 0xDD, 0xD5, 0xA9, 0x40, 0x5E, 0x7D, 0x90, 0x73, 0x74, 0xDE, \ - 0x05, 0xAC, 0x76, 0x7D, 0x87, 0xB6, 0x5E, 0x1F, 0x8E, 0xB5, 0x93, 0x53, 0x41, 0x51, 0x27, 0xE9, 0xF9 \ - } - -#define KEY_CODE_DEK \ - { \ - 0x00, 0x00, 0x00, 0x02, 0x88, 0xE0, 0x9A, 0x2B, 0x23, 0x77, 0xC3, 0xF5, 0xEE, 0x28, 0x4F, 0x7C, 0x5B, 0xD8, \ - 0x9C, 0xF5, 0xA8, 0xC9, 0xE4, 0xE3, 0xDC, 0x8D, 0x34, 0x3C, 0x00, 0x39, 0x7E, 0xA3, 0x35, 0x39, 0xFD, \ - 0xD1, 0xE4, 0x8D, 0xA9, 0x8C, 0x41, 0xAF, 0x8C, 0x8D, 0x50, 0xFE, 0x63, 0x96, 0x46, 0x2E, 0x4D, 0xEB \ - } - -#define EX_SSS_AUTH_SE05X_KEY_ENC KEY_CODE_ENC -#define EX_SSS_AUTH_SE05X_KEY_MAC KEY_CODE_MAC -#define EX_SSS_AUTH_SE05X_KEY_DEK KEY_CODE_DEK - -#endif // SECURE_WORLD - -#endif // __EX_SCP03_PUF_H__ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss.h deleted file mode 100644 index f967247a4..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss.h +++ /dev/null @@ -1,96 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_EX_INC_EX_SSS_H_ -#define SSS_EX_INC_EX_SSS_H_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#include - -#if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM -#include -#endif -#if SSS_HAVE_MBEDTLS -#include -#endif -#if SSS_HAVE_OPENSSL -#include -#endif - -#if SSS_HAVE_SSCP -#include -#endif - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -#ifndef MAKE_TEST_ID -#define MAKE_TEST_ID(ID) (0xEF000000u + ID) -#endif /* MAKE_TEST_ID */ - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -#if 0 -typedef struct -{ - sss_session_t currentSession; - - sss_key_store_t ks; - - sss_sscp_session_t *sscp_session; -#if (SSS_HAVE_A71CH) || (SSS_HAVE_A71CH_SIM) - sss_a71ch_key_store_t *a71ch_keystore; -#endif - - sscp_context_t sscp; - sss_asymmetric_t asymVerifyCtx; - sss_asymmetric_t asymm; - sss_object_t keyPair; - sss_object_t extPubkey; - - sss_object_t Device_Cert; - sss_object_t Pubkey; - sss_object_t interCaCert; - sss_object_t interkeyPair; - sss_object_t clientCert; -#if SSS_HAVE_APPLET_SE05X_IOT - sss_session_t hostSession; - sss_key_store_t hostKs; - sss_object_t hostKey; -#endif - sss_symmetric_t symm; - sss_rng_context_t rng; - sss_mac_t mac; - -} sss_ex_ctx_t; - -#endif - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ -// extern const char *gszA71COMPortDefault; -// extern const char *gszA71SocketPortDefault; - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/* Entry point for each individual SSS API Based example */ - -#endif /* SSS_EX_INC_EX_SSS_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_auth.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_auth.h deleted file mode 100644 index ffd5be8b3..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_auth.h +++ /dev/null @@ -1,180 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_EX_INC_EX_SSS_AUTH_H_ -#define SSS_EX_INC_EX_SSS_AUTH_H_ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#include "ex_sss_boot.h" -#include "ex_sss_objid.h" -#include "ex_sss_scp03_keys.h" -#if defined(SECURE_WORLD) -#include "ex_scp03_puf.h" -#endif /* SECURE_WORLD */ -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -/* clang-format off */ - -/* Used in examples and testing */ -/* doc:start:auth-key-user-id */ -#define EX_SSS_AUTH_SE05X_UserID_AUTH_ID kEX_SSS_ObjID_UserID_Auth - -#define EX_SSS_AUTH_SE05X_UserID_VALUE \ - { \ - 0xC0, 0x01, 0x02, 0x03, 0x04 \ - } /* COOL 234*/ - -#define EX_SSS_AUTH_SE05X_UserID_VALUE2 \ - { \ - 0xC0, 0x01, 0x02, 0x03, 0x04, 0x05 \ - } /* COOL 2345*/ -/* doc:end:auth-key-user-id */ - -#define EX_SSS_AUTH_SE05X_NONE_AUTH_ID 0x00000000 - -/* doc:start:auth-key-applet-scp */ -#define EX_SSS_AUTH_SE05X_APPLETSCP_AUTH_ID kEX_SSS_ObjID_APPLETSCP03_Auth - -#define EX_SSS_AUTH_SE05X_APPLETSCP_VALUE \ - { \ - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, \ - 0x4B, 0x4C, 0x4D, 0x4E, 0x4F \ - } - -#define EX_SSS_AUTH_SE05X_APPLETSCP_VALUE2 \ - { 0xea, 0x62, 0x04, 0x48, 0x0b, 0xf5, 0x19, 0xf6, 0xc2, 0xb7, 0x7f, \ - 0xba, 0x8b, 0x2d, 0x57, 0x30 \ - } -/* doc:end:auth-key-applet-scp */ - -/* Use the Platform SCP03 keys from required OEF - * See https://www.nxp.com/docs/en/application-note/AN12436.pdf - */ - -#if EXTERNAL_CUSTOMER_BUILD_CONFIGURATION - -#if SSS_HAVE_SE05X_VER_06_00 // Applet 6.0 - #ifndef EX_SSS_AUTH_SE05X_KEY_ENC - # define EX_SSS_AUTH_SE05X_KEY_ENC SSS_AUTH_SE051C2_KEY_ENC - #endif - #ifndef EX_SSS_AUTH_SE05X_KEY_MAC - # define EX_SSS_AUTH_SE05X_KEY_MAC SSS_AUTH_SE051C2_KEY_MAC - #endif - #ifndef EX_SSS_AUTH_SE05X_KEY_DEK - # define EX_SSS_AUTH_SE05X_KEY_DEK SSS_AUTH_SE051C2_KEY_DEK - #endif -#else - #ifndef EX_SSS_AUTH_SE05X_KEY_ENC - # define EX_SSS_AUTH_SE05X_KEY_ENC SSS_AUTH_SE050_DEVKIT_KEY_ENC - #endif - #ifndef EX_SSS_AUTH_SE05X_KEY_MAC - # define EX_SSS_AUTH_SE05X_KEY_MAC SSS_AUTH_SE050_DEVKIT_KEY_MAC - #endif - #ifndef EX_SSS_AUTH_SE05X_KEY_DEK - # define EX_SSS_AUTH_SE05X_KEY_DEK SSS_AUTH_SE050_DEVKIT_KEY_DEK - #endif -#endif - -#else -/* Test / dummy keys */ - -#ifndef EX_SSS_AUTH_SE05X_KEY_ENC -# define EX_SSS_AUTH_SE05X_KEY_ENC \ - { 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0x00, 0x01 } -#endif - -#ifndef EX_SSS_AUTH_SE05X_KEY_MAC -# define EX_SSS_AUTH_SE05X_KEY_MAC \ - { 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0x00, 0x02 } -#endif - -#ifndef EX_SSS_AUTH_SE05X_KEY_DEK -# define EX_SSS_AUTH_SE05X_KEY_DEK \ - { 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0x00, 0x03 } -#endif - -#endif - - -#define EX_SSS_AUTH_SE05X_KEY_VERSION_NO 0x0B - -/* doc:start:auth-key-fast-scp-ecdsa */ -#define EX_SSS_AUTH_SE05X_ECKEY_ECDSA_AUTH_ID kEX_SSS_objID_ECKEY_Auth - -#define EX_SSS_AUTH_SE05X_KEY_HOST_ECDSA_KEY \ - { \ - 0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, \ - 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, \ - 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, \ - 0x03, 0x01, 0x07, 0x04, 0x6D, 0x30, 0x6B, 0x02, \ - 0x01, 0x01, 0x04, 0x20, \ - 0x6D, 0x2F, 0x43, 0x2F, 0x8A, 0x2F, 0x45, 0xEC, \ - 0xD5, 0x82, 0x84, 0x7E, 0xC0, 0x83, 0xBB, 0xEB, \ - 0xC2, 0x3F, 0x1D, 0xF4, 0xF0, 0xDD, 0x2A, 0x6F, \ - 0xB8, 0x1A, 0x24, 0xE7, 0xB6, 0xD5, 0x4C, 0x7F, \ - 0xA1, 0x44, 0x03, 0x42, 0x00, \ - 0x04, 0x3C, 0x9E, 0x47, 0xED, 0xF0, 0x51, 0xA3, \ - 0x58, 0x9F, 0x67, 0x30, 0x2D, 0x22, 0x56, 0x7C, \ - 0x2E, 0x17, 0x22, 0x9E, 0x88, 0x83, 0x33, 0x8E, \ - 0xC3, 0xB7, 0xD5, 0x27, 0xF9, 0xEE, 0x71, 0xD0, \ - 0xA8, 0x1A, 0xAE, 0x7F, 0xE2, 0x1C, 0xAA, 0x66, \ - 0x77, 0x78, 0x3A, 0xA8, 0x8D, 0xA6, 0xD6, 0xA8, \ - 0xAD, 0x5E, 0xC5, 0x3B, 0x10, 0xBC, 0x0B, 0x11, \ - 0x09, 0x44, 0x82, 0xF0, 0x4D, 0x24, 0xB5, 0xBE, \ - 0xC4 \ - } - -#define EX_SSS_AUTH_SE05X_KEY_HOST_ECDSA_KEY2 \ - { \ - 0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, \ - 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, \ - 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, \ - 0x03, 0x01, 0x07, 0x04, 0x6D, 0x30, 0x6B, 0x02, \ - 0x01, 0x01, 0x04, 0x20, \ - 0x12, 0xe2, 0xd3, 0xc7, 0x31, 0xa6, 0x7c, 0x32, \ - 0xfb, 0xd7, 0x2f, 0xa9, 0xc4, 0xbb, 0xc2, 0xd0, \ - 0x64, 0xad, 0x50, 0x99, 0xd3, 0x3d, 0x01, 0x4b, \ - 0x4f, 0x36, 0x90, 0x9c, 0xba, 0xab, 0xbb, 0xda, \ - 0xA1, 0x44, 0x03, 0x42, 0x00, \ - 0x04, 0x0d, 0x0e, 0x03, 0xdd, 0x40, 0x1e, 0x77, \ - 0xff, 0xab, 0xa8, 0xb5, 0x79, 0xdb, 0x8a, 0xf4, \ - 0x09, 0x7b, 0x59, 0x4e, 0xe8, 0xa0, 0xb8, 0x1c, \ - 0xeb, 0xa8, 0x53, 0x96, 0xc6, 0x13, 0x96, 0x56, \ - 0x13, 0x5e, 0x68, 0x75, 0xb9, 0xe9, 0x79, 0x29, \ - 0x28, 0x8c, 0x7d, 0xa1, 0xf2, 0x78, 0x7b, 0x66, \ - 0x86, 0xcc, 0x9e, 0x6b, 0xf6, 0x03, 0xc2, 0xfe, \ - 0x59, 0x1b, 0xab, 0x4a, 0x40, 0x24, 0x70, 0xe4, \ - 0x8b \ - } - -/* doc:end:auth-key-fast-scp-ecdsa */ - -/* clang-format on */ - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -#endif /* SSS_EX_INC_EX_SSS_AUTH_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_boot.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_boot.h deleted file mode 100644 index 3d6ed1b12..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_boot.h +++ /dev/null @@ -1,220 +0,0 @@ -/* - * - * Copyright 2019-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file - * - * ex_sss_boot.h: *The purpose and scope of this file* - * - * Project: SecureIoTMW-Debug@appboot-top-eclipse_x86 - * - * $Date: Mar 10, 2019 $ - * $Author: ing05193 $ - * $Revision$ - */ - -#ifndef SSS_EX_INC_EX_SSS_BOOT_H_ -#define SSS_EX_INC_EX_SSS_BOOT_H_ - -/* ***************************************************************************************************************** - * Includes - * ***************************************************************************************************************** */ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "ex_sss.h" -#include "fsl_sss_api.h" - -#if SSS_HAVE_APPLET_SE05X_IOT -#include "fsl_sss_se05x_types.h" -#endif -#include "ex_sss_ports.h" -#include "nxScp03_Types.h" - -/* ***************************************************************************************************************** - * MACROS/Defines - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Types/Structure Declarations - * ***************************************************************************************************************** */ -#if SSS_HAVE_SE || SSS_HAVE_APPLET_SE05X_IOT - -typedef union ex_auth { - struct - { - NXSCP03_StaticCtx_t ex_static; //!< .static keys data - NXSCP03_DynCtx_t ex_dyn; //!< session keys data - } scp03; - struct - { - NXECKey03_StaticCtx_t ex_static; //!< .static keys data - NXSCP03_DynCtx_t ex_dyn; //!< session keys data - } eckey; - struct - { - sss_object_t ex_id; - } id; -} ex_SE05x_authCtx_t; -#endif - -typedef struct -{ - sss_session_t session; - sss_key_store_t ks; - -#if SSS_HAVE_HOSTCRYPTO_ANY || SSS_HAVE_SSCP - sss_session_t host_session; -#endif - -#if SSS_HAVE_HOSTCRYPTO_ANY - sss_key_store_t host_ks; -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT || SSS_HAVE_APPLET_LOOPBACK - SE_Connect_Ctx_t se05x_open_ctx; - sss_tunnel_t *pTunnel_ctx; - ex_SE05x_authCtx_t ex_se05x_auth; -#endif - -#if SSS_HAVE_SSCP - sscp_context_t sscp_ctx; -#endif - -} ex_sss_boot_ctx_t; - -#if SSS_HAVE_APPLET_SE05X_IOT -typedef struct -{ - sss_session_t platf_session; - SE_Connect_Ctx_t platf_open_ctx; - sss_session_t *phost_session; - sss_key_store_t *phost_ks; -#if 1 //SSS_HAVE_HOSTCRYPTO_ANY - /* Keeping this to be consistant on binary sizes */ - ex_SE05x_authCtx_t ex_se05x_auth; -#endif // SSS_HAVE_HOSTCRYPTO_ANY -} ex_sss_platf_ctx_t; -#endif - -typedef struct -{ - sss_object_t pub_obj; - sss_object_t obj; - sss_object_t dev_cert; - sss_object_t interCaCert; - sss_key_store_t *pHost_ks; - uint32_t client_keyPair_index; - uint32_t client_cert_index; -} ex_sss_cloud_ctx_t; - -/* ***************************************************************************************************************** - * Extern Variables - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Function Prototypes - * ***************************************************************************************************************** */ - -#if SSS_HAVE_APPLET_SE05X_IOT - -sss_status_t ex_sss_se05x_prepare_host(sss_session_t *host_session, - sss_key_store_t *host_ks, - SE05x_Connect_Ctx_t *se05x_open_ctx, - ex_SE05x_authCtx_t *ex_se05x_authctx, - SE_AuthType_t auth_type); - -/* Prepare host for multiple user sessions */ -sss_status_t ex_sss_se05x_prepare_host_keys(sss_session_t *pHostSession, - sss_key_store_t *pHostKs, - SE_Connect_Ctx_t *pConnectCtx, - ex_SE05x_authCtx_t *se05x_auth_ctx, - uint32_t offset); -#endif - -#if SSS_HAVE_SE -sss_status_t ex_sss_se_prepare_host(sss_session_t *host_session, - sss_key_store_t *host_ks, - SE_Connect_Ctx_t *se05x_open_ctx, - ex_SE05x_authCtx_t *ex_se05x_authctx, - SE_AuthType_t auth_type); -#endif - -/** The case where we connect to the cyrptogrpahic system directly. - * - * e.g. when running form an embedded sytem, without any choice of Port Numbers, etc. - */ -sss_status_t ex_sss_boot_direct(void); - -/** The case where we connect to the cyrptogrpahic system in-directly. - * - * This function is a similar to @ref ex_sss_boot_direct. - * - * This function expects that the last argument in argv is the - * expected/probable port name. - * - * e.g. when running form PC, where we are connected - * to secure element via a COM Port/Socket Port. In such cases, - * taking the Port number from a Command Line Argument, - * or Environment Variable would make sense and examples - * would become more portable. - * - * @param argc count of parameters, as received by main - * @param argv Array of argv, as received by main - * @param[out] pPortName Possible port name - * @return 0 if successful. - */ -sss_status_t ex_sss_boot_connectstring(int argc, const char *argv[], const char **pPortName); - -/** - * For the case where few activities have to be performed - * after RTOS initialization, this API would be executed - * as an RTOS Task. - * - * @return - */ -sss_status_t ex_sss_boot_rtos(void *); - -/** Is this a serail port */ -bool ex_sss_boot_isSerialPortName(const char *portName); - -/** Is this --help request */ -bool ex_sss_boot_isHelp(const char *argname); - -/** Is this a socket port */ -bool ex_sss_boot_isSocketPortName(const char *portName); - -/** Open an example session */ -sss_status_t ex_sss_boot_open(ex_sss_boot_ctx_t *pCtx, const char *portName); - -/** Open an example cc session */ -sss_status_t ex_sss_boot_open_on_id(ex_sss_boot_ctx_t *pCtx, const char *portName, const int32_t authId); - -/** Open an example session */ -sss_status_t ex_sss_boot_factory_reset(ex_sss_boot_ctx_t *pCtx); - -/** Close an example session */ -void ex_sss_session_close(ex_sss_boot_ctx_t *pCtx); - -/** Entry Point for each example */ -sss_status_t ex_sss_entry(ex_sss_boot_ctx_t *pCtx); - -#define ex_sss_kestore_and_object_init ex_sss_key_store_and_object_init - -sss_status_t ex_sss_key_store_and_object_init(ex_sss_boot_ctx_t *pCtx); - -int ex_sss_boot_rtos_init(void); - -#if SSS_HAVE_HOSTCRYPTO_ANY -sss_status_t ex_sss_boot_open_host_session(ex_sss_boot_ctx_t *pCtx); -#endif - -#if defined(__cplusplus) -} -#endif - -#endif /* SSS_EX_INC_EX_SSS_BOOT_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc.h deleted file mode 100644 index 9ce448dbb..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc.h +++ /dev/null @@ -1,382 +0,0 @@ -/* - * - * Copyright 2019-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/* Common, Re-Usable main implementation */ -/* Include this header file only once in the application */ - -/* - * Applications control the boot flow by defining these macros. - * - * - * - EX_SSS_BOOT_PCONTEXT : Pointer to ex_sss_boot_ctx_t - * This allows that boot framework do not blindly rely on - * global variables. - * - * - EX_SSS_BOOT_DO_ERASE : Delete all objects on boot up if 1 - * Few examples expect the IC is *empty*, and few examples - * expect to work with previously provisioned/persisted data. - * This variable allows to over-ride that behaviour. - * - * - EX_SSS_BOOT_EXPOSE_ARGC_ARGV : Expose ARGC & ARGV from Command - * line to Application. - * When running from PC/Linux/OSX, command line arguments allow - * to choose extra command line parameters, e.g. Input/Output - * certificate or signing/verifying data. - * But on embedded platforms, such feature is not possible to - * achieve. - * - * Optional variables: - * - * - EX_SSS_BOOT_RTOS_STACK_SIZE : For RTOS based system, - * this is over-ridden and passed to RTOS based example - * boot up. It sets value needed for new task. - * Please note, FREE RTOS will reserve - * EX_SSS_BOOT_RTOS_STACK_SIZE * sizeof(UBaseType_t) - * bytes. - * - * - EX_SSS_BOOT_OPEN_HOST_SESSION : For examples that do not - * need host side implementation, his allows to skip opening - * the host session. (Host session is needed to either re-verify - * test data at host, or for SCP03). - * By default this is enabled. - * - * - */ - -#if defined(FRDM_KW41Z) || defined(FRDM_K64F) || defined(IMX_RT) || defined(LPC_55x) || defined(QN9090DK6) -#define HAVE_KSDK -#endif - -#ifdef HAVE_KSDK -#include "ex_sss_main_inc_ksdk.h" -#endif - -#if defined(__linux__) && defined(T1oI2C) -#if SSS_HAVE_APPLET_SE05X_IOT -#include "ex_sss_main_inc_linux.h" -#endif -#endif -#include /* memset */ - -#include "PlugAndTrust_Pkg_Ver.h" -#include "string.h" /* memset */ - -#if defined(USE_RTOS) && USE_RTOS == 1 -#ifndef INC_FREERTOS_H /* Header guard of FreeRTOS */ -#include "FreeRTOS.h" -#include "FreeRTOSConfig.h" -#endif /* INC_FREERTOS_H */ -#include "task.h" -#include "iot_logging_task.h" -#define LOGGING_TASK_PRIORITY (tskIDLE_PRIORITY + 1) -#define LOGGING_TASK_STACK_SIZE (200) -#define LOGGING_QUEUE_LENGTH (16) -#endif - -#if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM -#include "ex_a71ch_scp03.h" -#endif - -#ifdef EX_SSS_BOOT_PCONTEXT -#define PCONTEXT EX_SSS_BOOT_PCONTEXT -#else -#define PCONTEXT (NULL) -#endif - -#if !defined(EX_SSS_BOOT_DO_ERASE) -#error EX_SSS_BOOT_DO_ERASE must be set to 0 or 1 -#endif - -#if !defined(EX_SSS_BOOT_EXPOSE_ARGC_ARGV) -#error EX_SSS_BOOT_EXPOSE_ARGC_ARGV must be set to 0 or 1 -#endif - -#if EX_SSS_BOOT_EXPOSE_ARGC_ARGV -static int gex_sss_argc; -static const char **gex_sss_argv; -#endif - -#if !defined(EX_SSS_BOOT_OPEN_HOST_SESSION) -#define EX_SSS_BOOT_OPEN_HOST_SESSION 1 -#endif - -#if !defined(EX_SSS_BOOT_RTOS_STACK_SIZE) -#define EX_SSS_BOOT_RTOS_STACK_SIZE 8500 -#endif - -#if defined(USE_RTOS) && USE_RTOS == 1 -static TaskHandle_t gSSSExRtosTaskHandle = NULL; -static void sss_ex_rtos_task(void *ctx); -#if INCLUDE_uxTaskGetStackHighWaterMark -void sss_ex_rtos_stack_size(const char *when); -#endif // INCLUDE_uxTaskGetStackHighWaterMark -#if (!AX_EMBEDDED) -extern void prvMiscInitialisation(void); -#endif -#endif /* RTOS */ - -#if defined(CPU_JN518X) -/* Allocate the memory for the heap. */ -uint8_t __attribute__((section(".bss.$SRAM1"))) ucHeap[configTOTAL_HEAP_SIZE]; -#endif - -int main(int argc, const char *argv[]) -{ - int ret; - sss_status_t status = kStatus_SSS_Fail; - const char *portName; - -#if EX_SSS_BOOT_EXPOSE_ARGC_ARGV - gex_sss_argc = argc; - gex_sss_argv = argv; -#endif // EX_SSS_BOOT_EXPOSE_ARGC_ARGV - -#ifdef HAVE_KSDK - ex_sss_main_ksdk_bm(); -#endif // HAVE_KSDK - -#if defined(__linux__) && defined(T1oI2C) && SSS_HAVE_APPLET_SE05X_IOT - ex_sss_main_linux_conf(); -#endif // defined(__linux__) && defined(T1oI2C) && SSS_HAVE_APPLET_SE05X_IOT - - LOG_I(PLUGANDTRUST_PROD_NAME_VER_FULL); - -#ifdef EX_SSS_BOOT_PCONTEXT - memset((EX_SSS_BOOT_PCONTEXT), 0, sizeof(*(EX_SSS_BOOT_PCONTEXT))); -#endif // EX_SSS_BOOT_PCONTEXT - -#if AX_EMBEDDED - portName = NULL; -#else - status = ex_sss_boot_connectstring(argc, argv, &portName); - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_boot_connectstring Failed"); - goto cleanup; - } -#endif // AX_EMBEDDED - -#if defined(USE_RTOS) && USE_RTOS == 1 -#if (!AX_EMBEDDED) && ENABLE_CLOUD_DEMOS - prvMiscInitialisation(); -#endif -#endif - - /* Initialise Logging locks */ - if (nLog_Init() != 0) { - LOG_E("Lock initialisation failed"); - } -#if defined(EX_SSS_BOOT_SKIP_SELECT_APPLET) && (EX_SSS_BOOT_SKIP_SELECT_APPLET == 1) - (PCONTEXT)->se05x_open_ctx.skip_select_applet = 1; -#endif - -#if defined(USE_RTOS) && USE_RTOS == 1 - if (xTaskCreate(&sss_ex_rtos_task, - "sss_ex_rtos_task", - EX_SSS_BOOT_RTOS_STACK_SIZE, - (void *)portName, - (tskIDLE_PRIORITY), - &gSSSExRtosTaskHandle) != pdPASS) { - LOG_E("Task creation failed!.\r\n"); - while (1) - ; - } - - /* Run RTOS */ - vTaskStartScheduler(); - -#else /* No RTOS, No Embedded */ - -#if !AX_EMBEDDED - if (ex_sss_boot_isHelp(portName)) { - memset(PCONTEXT, 0, sizeof(*PCONTEXT)); -#if EX_SSS_BOOT_EXPOSE_ARGC_ARGV - /* so that tool can fetchup last value */ - gex_sss_argc++; -#endif // EX_SSS_BOOT_EXPOSE_ARGC_ARGV - goto before_ex_sss_entry; - } -#endif - - status = ex_sss_boot_open(PCONTEXT, portName); - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_session_open Failed"); - goto cleanup; - } - -#if EX_SSS_BOOT_DO_ERASE - status = ex_sss_boot_factory_reset((PCONTEXT)); -#endif - - if (kType_SSS_SubSystem_NONE == ((PCONTEXT)->session.subsystem)) { - /* Nothing to do. Device is not opened - * This is needed for the case when we open a generic communication - * channel, without being specific to SE05X - */ - } - else { - status = ex_sss_key_store_and_object_init((PCONTEXT)); - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_key_store_and_object_init Failed"); - goto cleanup; - } - } - -#if EX_SSS_BOOT_OPEN_HOST_SESSION && SSS_HAVE_HOSTCRYPTO_ANY - ex_sss_boot_open_host_session((PCONTEXT)); -#endif - -#if (SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM) && SSS_HAVE_A71CH_AUTH_SCP03 - LOG_I("A71CH SCP03 add-on"); - { - // Variables used by calls to legacy API - U8 sCounter[3]; - U16 sCounterLen = sizeof(sCounter); - U16 sw = 0; - U8 scpKeyEncBase[SCP_KEY_SIZE]; - U8 scpKeyMacBase[SCP_KEY_SIZE]; - U8 scpKeyDekBase[SCP_KEY_SIZE]; - - LOG_I("** Establish SCP03 session: Start **"); - status = ex_a71ch_FetchRandomScp03Keys(scpKeyEncBase, scpKeyMacBase, scpKeyDekBase); - ENSURE_OR_GO_CLEANUP(status == kStatus_SSS_Success); - - status = ex_a71ch_SetSeScp03Keys(scpKeyEncBase, scpKeyMacBase, scpKeyDekBase); - ENSURE_OR_GO_CLEANUP(status == kStatus_SSS_Success); - - LOG_I("Clear host-side SCP03 channel state"); - DEV_ClearChannelState(); - - LOG_I("SCP_Authenticate()"); - sw = SCP_Authenticate(scpKeyEncBase, scpKeyMacBase, scpKeyDekBase, SCP_KEY_SIZE, sCounter, &sCounterLen); - status = (sw == SW_OK) ? kStatus_SSS_Success : kStatus_SSS_Fail; - ENSURE_OR_GO_CLEANUP(sw == SW_OK); - LOG_I("** Establish SCP03 session: End **"); - } -#endif // SSS_HAVE_A71CH && SSS_HAVE_A71CH_AUTH_SCP03 - -#if !AX_EMBEDDED -before_ex_sss_entry: -#endif - - status = ex_sss_entry((PCONTEXT)); - LOG_I("ex_sss Finished"); - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_entry Failed"); - goto cleanup; - } -#endif /* No RTOS, No Embedded */ - // Delete locks for pthreads - nLog_DeInit(); - goto cleanup; - -cleanup: -#ifdef EX_SSS_BOOT_PCONTEXT - ex_sss_session_close((EX_SSS_BOOT_PCONTEXT)); -#endif - if (kStatus_SSS_Success == status) { - ret = 0; -#if defined(HAVE_KSDK) && HAVE_KSDK_LED_APIS == 1 - ex_sss_main_ksdk_success(); -#endif -#if defined(__linux__) && defined(T1oI2C) && SSS_HAVE_APPLET_SE05X_IOT - ex_sss_main_linux_unconf(); -#endif // defined(__linux__) && defined(T1oI2C) && SSS_HAVE_APPLET_SE05X_IOT - } - else { - LOG_E("!ERROR! ret != 0."); - ret = 1; -#if defined(HAVE_KSDK) && HAVE_KSDK_LED_APIS == 1 - ex_sss_main_ksdk_failure(); -#endif - } - return ret; -} - -#if defined(USE_RTOS) && USE_RTOS == 1 -static void sss_ex_rtos_task(void *ctx) -{ - sss_status_t status; - -#if INCLUDE_uxTaskGetStackHighWaterMark - sss_ex_rtos_stack_size("Boot"); -#endif // INCLUDE_uxTaskGetStackHighWaterMark - -#if AX_EMBEDDED - ex_sss_main_ksdk_boot_rtos_task(); -#endif - status = ex_sss_boot_open(PCONTEXT, (const char *)ctx); - - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_session_open Failed."); - goto exit; - } - - status = ex_sss_key_store_and_object_init((PCONTEXT)); - - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_key_store_and_object_init Failed"); - goto exit; - } - -#if INCLUDE_uxTaskGetStackHighWaterMark - sss_ex_rtos_stack_size("Before:ex_sss_entry"); -#endif // INCLUDE_uxTaskGetStackHighWaterMark - -#if EX_SSS_BOOT_DO_ERASE - status = ex_sss_boot_factory_reset((PCONTEXT)); - if (kStatus_SSS_Success != status) { - LOG_W("ex_sss_boot_factory_reset Failed"); - } -#if INCLUDE_uxTaskGetStackHighWaterMark - sss_ex_rtos_stack_size("after:erase"); -#endif // INCLUDE_uxTaskGetStackHighWaterMark -#endif - -#if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM -#if EX_SSS_BOOT_OPEN_HOST_SESSION - ex_sss_boot_open_host_session((PCONTEXT)); -#endif -#endif - - xLoggingTaskInitialize(LOGGING_TASK_STACK_SIZE, LOGGING_TASK_PRIORITY, LOGGING_QUEUE_LENGTH); - status = ex_sss_entry((PCONTEXT)); - - LOG_I("ex_sss Finished"); - if (kStatus_SSS_Success != status) { - LOG_E("ex_sss_entry Failed"); - } - - ex_sss_session_close(PCONTEXT); - /* Delete locks for FreeRtos*/ - nLog_DeInit(); -#if INCLUDE_uxTaskGetStackHighWaterMark - sss_ex_rtos_stack_size("After:ex_sss_entry"); -#endif // INCLUDE_uxTaskGetStackHighWaterMark -exit: -#if defined(_MSC_VER) || defined(__linux__) || defined(__MINGW32__) || defined(__MINGW64__) - if (kStatus_SSS_Success == status) { - exit(0); - } - else { - exit(1); - } -#else - vTaskDelete(NULL); -#endif -} - -#if INCLUDE_uxTaskGetStackHighWaterMark -void sss_ex_rtos_stack_size(const char *when) -{ -#if LOG_INFO_ENABLED - UBaseType_t stackused; - stackused = EX_SSS_BOOT_RTOS_STACK_SIZE - uxTaskGetStackHighWaterMark(gSSSExRtosTaskHandle); - LOG_I("STACK USED [%s] %d", when, sizeof(UBaseType_t) * stackused); -#endif -} -#endif /* INCLUDE_uxTaskGetStackHighWaterMark */ - -#endif /* No RTOS, No Embedded */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc_linux.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc_linux.h deleted file mode 100644 index cd8b4002d..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_main_inc_linux.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - * - * Copyright 2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#include "ax_reset.h" - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -void ex_sss_main_linux_conf() -{ - axReset_HostConfigure(); - axReset_PowerUp(); -} - -void ex_sss_main_linux_unconf() -{ - axReset_PowerDown(); - axReset_HostUnconfigure(); -} diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_objid.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_objid.h deleted file mode 100644 index 5e5beb1b4..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_objid.h +++ /dev/null @@ -1,112 +0,0 @@ -/* - * - * Copyright 2019-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file - * - * ex_sss_objid.h: Reserved Object Identifiers - * - * Project: SecureIoTMW-Debug@simw-top-eclipse_x86 - * - * $Date: Mar 27, 2019 $ - * $Author: ing05193 $ - * $Revision$ - */ - -#ifndef SSS_EX_INC_EX_SSS_OBJID_H_ -#define SSS_EX_INC_EX_SSS_OBJID_H_ - -/* ***************************************************************************************************************** - * Includes - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * MACROS/Defines - * ***************************************************************************************************************** */ - -/* clang-format off */ -#define EX_SSS_OBJID_CUST_START 0x00000001u -#define SE05X_OBJID_TP_MASK(X) (0xFFFFFFFC & (X)) -#define EX_SSS_OBJID_CUST_END 0x7BFFFFFFu - -#define EX_SSS_OBJID_AKM_START 0x7C000000u -#define EX_SSS_OBJID_AKM_END 0x7CFFFFFFu - -#define EX_SSS_OBJID_DEMO_START 0x7D000000u -#define EX_SSS_OBJID_DEMO_SA_START 0x7D500000u -#define EX_SSS_OBJID_DEMO_WIFI_START 0x7D51F000u -/* doc:start:mif-kdf-start-keyid */ -#define EX_SSS_OBJID_DEMO_MFDF_START 0x7D5DF000u -/* doc:end:mif-kdf-start-keyid */ -/////// EX_SSS_OBJID_DEMO_SA_END 0x7D5FFFFFu -#define EX_SSS_OBJID_DEMO_AUTH_START 0x7DA00000u -#define EX_SSS_OBJID_DEMO_AUTH_MASK(X) (0xFFFF0000u & (X)) -/////// EX_SSS_OBJID_DEMO_AUTH_END 0x7DA0FFFFu -#define EX_SSS_OBJID_DEMO_CLOUD_START 0x7DC00000u -#define EX_SSS_OBJID_DEMO_CLOUD_IBM_START 0x7DC1B000u -#define EX_SSS_OBJID_DEMO_CLOUD_GCP_START 0x7DC6C000u -#define EX_SSS_OBJID_DEMO_CLOUD_AWS_START 0x7DCA5000u -#define EX_SSS_OBJID_DEMO_CLOUD_AZURE_START 0x7DCAC000u -/////// EX_SSS_OBJID_DEMO_CLOUD_END 0x7DCFFFFFu -#define EX_SSS_OBJID_DEMO_END 0x7DFFFFFFu -#define SE05X_OBJID_SE05X_APPLET_RES_START 0x7FFF0000u -#define SE05X_OBJID_SE05X_APPLET_RES_MASK(X) \ - (0xFFFF0000u & (X)) -#define SE05X_OBJID_SE05X_APPLET_RES_END 0x7FFFFFFFu - -/* IoT Hub Managed */ -#define SE05X_OBJID_IOT_HUB_M_START 0x80000000u -#define SE05X_OBJID_IOT_HUB_M_END 0xEEFFFFFFu -#define EX_SSS_OBJID_TEST_START 0xEF000000u -#define EX_SSS_OBJID_TEST_END 0xEFFFFFFFu - -/* IoT Hub Access */ -#define EX_SSS_OBJID_IOT_HUB_A_START 0xF0000000u -#define EX_SSS_OBJID_IOT_HUB_A_MASK(X) (0xF0000000u & (X)) - -//Device Key and Certificate - ECC-256 -#define EX_SSS_OBJID_TP_KEY_EC_D 0xF0000100 -#define EX_SSS_OBJID_TP_CERT_EC_D 0xF0000101 -//Gateway Key and Certificate - ECC-256 -#define EX_SSS_OBJID_TP_KEY_EC_G 0xF0000102 -#define EX_SSS_OBJID_TP_CERT_EC_G 0xF0000103 - -//Device Key and Certificate - RSA-2K -#define EX_SSS_OBJID_TP_KEY_RSA2K_D 0xF0000110 -#define EX_SSS_OBJID_TP_CERT_RSA2K_D 0xF0000111 -//Gateway Key and Certificate - RSA-2K -#define EX_SSS_OBJID_TP_KEY_RSA2K_G 0xF0000112 -#define EX_SSS_OBJID_TP_CERT_RSA2K_G 0xF0000113 -//Device Key and Certificate - RSA-4K -#define EX_SSS_OBJID_TP_KEY_RSA4K_D 0xF0000120 -#define EX_SSS_OBJID_TP_CERT_RSA4K_D 0xF0000121 -//Gateway Key and Certificate - RSA-4K -#define EX_SSS_OBJID_TP_KEY_RSA4K_G 0xF0000122 -#define EX_SSS_OBJID_TP_CERT_RSA4K_G 0xF0000123 - -#define EX_SSS_OBJID_IOT_HUB_A_END 0xFFFFFFFFu - -/* clang-format on */ - -/* ***************************************************************************************************************** - * Types/Structure Declarations - * ***************************************************************************************************************** */ - -enum -{ - kEX_SSS_ObjID_UserID_Auth = EX_SSS_OBJID_DEMO_AUTH_START + 1, - kEX_SSS_ObjID_APPLETSCP03_Auth, - kEX_SSS_objID_ECKEY_Auth, -}; - -/* ***************************************************************************************************************** - * Extern Variables - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Function Prototypes - * ***************************************************************************************************************** */ - -#endif /* SSS_EX_INC_EX_SSS_OBJID_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_ports.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_ports.h deleted file mode 100644 index ed238e7ef..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_ports.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * - * Copyright 2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file - * - * ex_sss_ports.h: Default ports being used in Examples and test cases - * - * $Date: Mar 10, 2019 $ - * $Author: ing05193 $ - * $Revision$ - */ - -#ifndef SSS_EX_INC_EX_SSS_PORTS_H_ -#define SSS_EX_INC_EX_SSS_PORTS_H_ - -/* ***************************************************************************************************************** - * Includes - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * MACROS/Defines - * ***************************************************************************************************************** */ - -#define EX_SSS_BOOT_SSS_PORT "EX_SSS_BOOT_SSS_PORT" -#ifdef __linux__ -#define EX_SSS_BOOT_SSS_COMPORT_DEFAULT "/dev/ttyACM0" -#else -#define EX_SSS_BOOT_SSS_COMPORT_DEFAULT "\\\\.\\COM7" -#endif -#define EX_SSS_BOOT_SSS_SOCKET_HOSTNAME_DEFAULT "127.0.0.1" -#define EX_SSS_BOOT_SSS_SOCKET_PORTNUMBER_DEFAULT 8050 -#define EX_SSS_BOOT_SSS_SOCKET_PORTSZ_DEFAULT "8050" -#define EX_SSS_BOOT_SSS_PCSC_READER_DEFAULT "NXP SE050C v03.01.00 0" -#define EX_SSS_BOOT_SSS_SOCKETPORT_DEFAULT \ - EX_SSS_BOOT_SSS_SOCKET_HOSTNAME_DEFAULT \ - ":" EX_SSS_BOOT_SSS_SOCKET_PORTSZ_DEFAULT - -/* ***************************************************************************************************************** - * Types/Structure Declarations - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Extern Variables - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Function Prototypes - * ***************************************************************************************************************** */ - -#endif /* SSS_EX_INC_EX_SSS_PORTS_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_scp03_keys.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_scp03_keys.h deleted file mode 100644 index 9e894babd..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_scp03_keys.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_EX_INC_EX_SSS_SCP03_KEYS_H_ -#define SSS_EX_INC_EX_SSS_SCP03_KEYS_H_ - -#include "ex_sss_tp_scp03_keys.h" - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -#define EX_SSS_BOOT_SCP03_PATH_ENV "EX_SSS_BOOT_SCP03_PATH" - -/* Modify based on platform */ -#if defined(ANDROID) -/* Could be set to /data/vendor/secure_iot/ if sepolicies are in effect */ -/* doc:start:android-scp03-path */ -#define EX_SSS_SCP03_FILE_DIR "/data/vendor/SE05x/" -#define EX_SSS_SCP03_FILE_PATH EX_SSS_SCP03_FILE_DIR "plain_scp.txt" -/* doc:end:android-scp03-path */ -#elif defined(__linux__) -/* doc:start:linux-scp03-path */ -#define EX_SSS_SCP03_FILE_DIR "/tmp/SE05X/" -#define EX_SSS_SCP03_FILE_PATH EX_SSS_SCP03_FILE_DIR "plain_scp.txt" -/* doc:end:linux-scp03-path */ -#elif defined(_MSC_VER) -/* doc:start:windows-scp03-path */ -#define EX_SSS_SCP03_FILE_DIR "C:\\nxp\\SE05X\\" -#define EX_SSS_SCP03_FILE_PATH EX_SSS_SCP03_FILE_DIR "plain_scp.txt" -/* doc:end:windows-scp03-path */ -#else -/* Not defined / avialable */ -#endif - -#ifdef EX_SSS_SCP03_FILE_PATH -sss_status_t scp03_keys_from_path( - uint8_t *penc, size_t enc_len, uint8_t *pmac, size_t mac_len, uint8_t *pdek, size_t dek_len); -#endif - -#define SSS_AUTH_SE050_OEF_0004A2D0_KEY_ENC \ - { \ - 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0x00, 0x01 \ - } - -#define SSS_AUTH_SE050_OEF_0004A2D0_KEY_MAC \ - { \ - 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0x00, 0x02 \ - } - -#define SSS_AUTH_SE050_OEF_0004A2D0_KEY_DEK \ - { \ - 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0xAB, 0xCD, 0x00, 0x03 \ - } - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -#endif /* SSS_EX_INC_EX_SSS_SCP03_KEYS_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_tp_scp03_keys.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_tp_scp03_keys.h deleted file mode 100644 index 24421b7cd..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc/ex_sss_tp_scp03_keys.h +++ /dev/null @@ -1,119 +0,0 @@ -/* - * - * Copyright 2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_AUTH_SE050_OEF_20191211_1809_ -#define SSS_AUTH_SE050_OEF_20191211_1809_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -/* clang-format off */ - - - -/* See https://www.nxp.com/docs/en/application-note/AN12436.pdf */ - -// Variant ==> OEF ID -// SE050A1 ==> A204 -// SE050A2 ==> A205 -// SE050B1 ==> A202 -// SE050B2 ==> A203 -// SE050C1 ==> A200 -// SE050C2 ==> A201 -// Development Board ==> A1F4 (DEVKIT) - -// SE050A1 -#define SSS_AUTH_SE050A1_KEY_ENC \ - {0x34, 0xae, 0x09, 0x67, 0xe3, 0x29, 0xe9, 0x51, 0x8e, 0x72, 0x65, 0xd5, 0xad, 0xcc, 0x01, 0xc2 } -#define SSS_AUTH_SE050A1_KEY_MAC \ - {0x52, 0xb2, 0x53, 0xca, 0xdf, 0x47, 0x2b, 0xdb, 0x3d, 0x0f, 0xb3, 0x8e, 0x09, 0x77, 0x00, 0x99 } -#define SSS_AUTH_SE050A1_KEY_DEK \ - {0xac, 0xc9, 0x14, 0x31, 0xfe, 0x26, 0x81, 0x1b, 0x5e, 0xcb, 0xc8, 0x45, 0x62, 0x0d, 0x83, 0x44 } - -// SE050A2 -#define SSS_AUTH_SE050A2_KEY_ENC \ - {0x46, 0xa9, 0xc4, 0x8c, 0x34, 0xef, 0xe3, 0x44, 0xa5, 0x22, 0xe6, 0x67, 0x44, 0xf8, 0x99, 0x6a } -#define SSS_AUTH_SE050A2_KEY_MAC \ - {0x12, 0x03, 0xff, 0x61, 0xdf, 0xbc, 0x9c, 0x86, 0x19, 0x6a, 0x22, 0x74, 0xae, 0xf4, 0xed, 0x28 } -#define SSS_AUTH_SE050A2_KEY_DEK \ - {0xf7, 0x56, 0x1c, 0x6f, 0x48, 0x33, 0x61, 0x19, 0xee, 0x39, 0x43, 0x9a, 0xab, 0x34, 0x09, 0x8e } - -// SE050B1 -#define SSS_AUTH_SE050B1_KEY_ENC \ - {0xd4, 0x99, 0xbc, 0x90, 0xde, 0xa5, 0x42, 0xcf, 0x78, 0xd2, 0x5e, 0x13, 0xd6, 0x4c, 0xbb, 0x1f } -#define SSS_AUTH_SE050B1_KEY_MAC \ - {0x08, 0x15, 0x55, 0x96, 0x43, 0xfb, 0x79, 0xeb, 0x85, 0x01, 0xa0, 0xdc, 0x83, 0x3d, 0x90, 0x1f } -#define SSS_AUTH_SE050B1_KEY_DEK \ - {0xbe, 0x7d, 0xdf, 0xb4, 0x06, 0xe8, 0x1a, 0xe4, 0xe9, 0x66, 0x5a, 0x9f, 0xed, 0x64, 0x26, 0x7c } - -// SE050B2 -#define SSS_AUTH_SE050B2_KEY_ENC \ - {0x5f, 0xa4, 0x3d, 0x82, 0x02, 0xd2, 0x5e, 0x9a, 0x85, 0xb1, 0xfe, 0x7e, 0x2d, 0x26, 0x47, 0x8d } -#define SSS_AUTH_SE050B2_KEY_MAC \ - {0x10, 0x5c, 0xea, 0x22, 0x19, 0xf5, 0x2b, 0xd1, 0x67, 0xa0, 0x74, 0x63, 0xc6, 0x93, 0x79, 0xc3 } -#define SSS_AUTH_SE050B2_KEY_DEK \ - {0xd7, 0x02, 0x81, 0x57, 0xf2, 0xad, 0x37, 0x2c, 0x74, 0xbe, 0x96, 0x9b, 0xcc, 0x39, 0x06, 0x27 } - -// SE050C1 -#define SSS_AUTH_SE050C1_KEY_ENC \ - {0x85, 0x2b, 0x59, 0x62, 0xe9, 0xcc, 0xe5, 0xd0, 0xbe, 0x74, 0x6b, 0x83, 0x3b, 0xcc, 0x62, 0x87 } -#define SSS_AUTH_SE050C1_KEY_MAC \ - {0xdb, 0x0a, 0xa3, 0x19, 0xa4, 0x08, 0x69, 0x6c, 0x8e, 0x10, 0x7a, 0xb4, 0xe3, 0xc2, 0x6b, 0x47 } -#define SSS_AUTH_SE050C1_KEY_DEK \ - {0x4c, 0x2f, 0x75, 0xc6, 0xa2, 0x78, 0xa4, 0xae, 0xe5, 0xc9, 0xaf, 0x7c, 0x50, 0xee, 0xa8, 0x0c } - -// SE050C2 -#define SSS_AUTH_SE050C2_KEY_ENC \ - {0xbd, 0x1d, 0xe2, 0x0a, 0x81, 0xea, 0xb2, 0xbf, 0x3b, 0x70, 0x9a, 0x9d, 0x69, 0xa3, 0x12, 0x54 } -#define SSS_AUTH_SE050C2_KEY_MAC \ - {0x9a, 0x76, 0x1b, 0x8d, 0xba, 0x6b, 0xed, 0xf2, 0x27, 0x41, 0xe4, 0x5d, 0x8d, 0x42, 0x36, 0xf5 } -#define SSS_AUTH_SE050C2_KEY_DEK \ - {0x9b, 0x99, 0x3b, 0x60, 0x0f, 0x1c, 0x64, 0xf5, 0xad, 0xc0, 0x63, 0x19, 0x2a, 0x96, 0xc9, 0x47 } - -// SE050_DEVKIT -#define SSS_AUTH_SE050_DEVKIT_KEY_ENC \ - {0x35, 0xc2, 0x56, 0x45, 0x89, 0x58, 0xa3, 0x4f, 0x61, 0x36, 0x15, 0x5f, 0x82, 0x09, 0xd6, 0xcd } -#define SSS_AUTH_SE050_DEVKIT_KEY_MAC \ - {0xaf, 0x17, 0x7d, 0x5d, 0xbd, 0xf7, 0xc0, 0xd5, 0xc1, 0x0a, 0x05, 0xb9, 0xf1, 0x60, 0x7f, 0x78 } -#define SSS_AUTH_SE050_DEVKIT_KEY_DEK \ - {0xa1, 0xbc, 0x84, 0x38, 0xbf, 0x77, 0x93, 0x5b, 0x36, 0x1a, 0x44, 0x25, 0xfe, 0x79, 0xfa, 0x29 } - -// SE051A2 -#define SSS_AUTH_SE051A2_KEY_ENC \ - { 0x84, 0x0a, 0x5d, 0x51, 0x79, 0x55, 0x11, 0xc9, 0xce, 0xf0, 0xc9, 0x6f, 0xd2, 0xcb, 0xf0, 0x41 } -#define SSS_AUTH_SE051A2_KEY_MAC \ - { 0x64, 0x6b, 0xc2, 0xb8, 0xc3, 0xa4, 0xd9, 0xc1, 0xfa, 0x8d, 0x71, 0x16, 0xbe, 0x04, 0xfd, 0xfe } -#define SSS_AUTH_SE051A2_KEY_DEK \ - { 0x03, 0xe6, 0x69, 0x9a, 0xca, 0x94, 0x26, 0xd9, 0xc3, 0x89, 0x22, 0xf8, 0x91, 0x4c, 0xe5, 0xf7 } - -// SE051C2 -#define SSS_AUTH_SE051C2_KEY_ENC \ - { 0x88, 0xdb, 0xcd, 0x65, 0x82, 0x0d, 0x2a, 0xa0, 0x6f, 0xfa, 0xb9, 0x2a, 0xa8, 0xe7, 0x93, 0x64 } -#define SSS_AUTH_SE051C2_KEY_MAC \ - { 0xa8, 0x64, 0x4e, 0x2a, 0x04, 0xd9, 0xe9, 0xc8, 0xc0, 0xea, 0x60, 0x86, 0x68, 0x29, 0x99, 0xe5 } -#define SSS_AUTH_SE051C2_KEY_DEK \ - { 0x8a, 0x38, 0x72, 0x38, 0x99, 0x88, 0x18, 0x44, 0xe2, 0xc1, 0x51, 0x3d, 0xac, 0xd9, 0xf8, 0x0d } - -/* clang-format on */ - -/* ************************************************************************** */ -/* Structures and Typedefs */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -#endif /* SSS_AUTH_SE050_OEF_20191211_1809_ */ \ No newline at end of file diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/src/ex_sss_boot_int.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/src/ex_sss_boot_int.h deleted file mode 100644 index f060e1244..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/src/ex_sss_boot_int.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * - * Copyright 2019-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file - * - * ex_sss_boot_int.h: *The purpose and scope of this file* - * - * Project: SecureIoTMW-Debug@appboot-top-eclipse_x86 - * - * $Date: Mar 10, 2019 $ - * $Author: ing05193 $ - * $Revision$ - */ - -#ifndef SSS_EX_SRC_EX_SSS_BOOT_INT_H_ -#define SSS_EX_SRC_EX_SSS_BOOT_INT_H_ - -/* ***************************************************************************************************************** - * Includes - * ***************************************************************************************************************** */ -#include - -#include "fsl_sss_se05x_apis.h" - -/* ***************************************************************************************************************** - * MACROS/Defines - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Types/Structure Declarations - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Extern Variables - * ***************************************************************************************************************** */ - -/* ***************************************************************************************************************** - * Function Prototypes - * ***************************************************************************************************************** */ -#if SSS_HAVE_SE -sss_status_t ex_sss_boot_se_open(ex_sss_boot_ctx_t *pCtx, const char *portName); -#endif - -/** Entry Point for SE050 based build */ - -#if SSS_HAVE_APPLET_SE05X_IOT -sss_status_t ex_sss_boot_se05x_open(ex_sss_boot_ctx_t *pCtx, const char *portName); -sss_status_t ex_sss_boot_se05x_open_on_Id(ex_sss_boot_ctx_t *pCtx, const char *portName, const int32_t authID); -#endif - -#if SSS_HAVE_MBEDTLS -sss_status_t ex_sss_boot_mbedtls_open(ex_sss_boot_ctx_t *pCtx, const char *portName); -#endif - -#if SSS_HAVE_OPENSSL -sss_status_t ex_sss_boot_openssl_open(ex_sss_boot_ctx_t *pCtx, const char *portName); -#endif - -#if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM -sss_status_t ex_sss_boot_a71ch_open(ex_sss_boot_ctx_t *pCtx, const char *portName); -#endif - -#if SSS_HAVE_A71CL || SSS_HAVE_SE050_L -sss_status_t ex_sss_boot_a71cl_open(ex_sss_boot_ctx_t *pCtx, const char *portName); -#endif - -#endif /* SSS_EX_SRC_EX_SSS_BOOT_INT_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sscp.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sscp.h deleted file mode 100644 index bb4f10f61..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sscp.h +++ /dev/null @@ -1,428 +0,0 @@ -/* - * - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ -#ifndef _FSL_SSCP_H_ -#define _FSL_SSCP_H_ - -#include -#include -#include - -#include "fsl_sscp_commands.h" - -/*! -@defgroup sscp Security Subsystem Communication Protocol (SSCP) - - # SSCP protocol description - - SSCP is very simple remote procedure call protocol. - Function parameters are described by one or multiple SSCP operation descriptor(s). - One parameter descriptor describes up to 7 function parameters as contexts, buffers, values or aggregates. - Multiple parameter descriptors can be linked by the aggregate parameter type (kSSCP_ParamType_Aggregate). - - Function arguments are described as a buffer (address and size), a value (a tuple of two words), - a context (pointer and type id) or an aggregate. - If the parameter is the aggregate (kSSCP_ParamType_Aggregate type), then it will contain a pointer to another - sscp_operation_t. This allows to link additional sscp_operation_t. - - The protocol allows for remote calling by a copy of all arguments (including buffer contents), - that is, to remote call to a sub-system having no physical access to Host CPU memory. - If a sub-system has access to Host CPU memory, the SSCP transport implementation can decide to transfer - only the buffer descriptor (pointer and size) without physically transmitting the buffer content, - as the buffer content can be accessed by the sub-system when the remote function executes. - The same holds for the context descriptor (pointer and type id). The actual SSCP implementation - can transfer only pointer to a sub-system, if the sub-system has the memory, where the context data - structure is located, and if it has an application level knowledge of the context data structure - layout (either based on the command id or the context type id). - - Byte length (for void* and uintptr_t) and endianess is inherited from the host CPU. - - # SSCP operation descriptors - - A remote function is invoked by transmitting a command id (unique identifier to specify a remote function), - followed by SSCP operation descriptors ::sscp_operation_t. There is always one descriptor and optionally - it can link another descriptor, if the number of ::sscp_operation_t params is not sufficient - to described all function parameters. In the example below, the last params[n-1] on the left side is an aggregate - that links secondary descriptor. - - @code - command - paramTypes - params[0] - ... - params[n-1] ------------- paramTypes - params[0] - ... - params[n-1] - @endcode - - where n = 1, 2, ..., 7. - - These operation descriptors serve as an input to ::sscp_invoke_command() function. - The serialization to the communication system is implementation specific. - For example, implementations may decide to transfer only pointers and values (without payloads), - because security sub-system has access to memory, so it can read and write payloads on its own during function - execution. Other implementations may need to serialize everything to a communication bus. - - This implementation specific data transfer is implemented by an invoke() function. - During implementation specific initialization of the SSCP transfer, sscp__init() function, - a pointer to implementation specific invoke() function is stored in the sscp__context_t. - - @code - sscp_mu_init(ctx, invoke = sscp_mu_invoke_command) - ... - ctx->invoke() - ... - ctx->invoke() - ... - sscp_deinit(ctx) - @endcode - - # Example for SSCP protocol implementation with S3MU - - The ::sscp_invoke_command() implementation for the S3MU (Sentinel), ::sscp_mu_invoke_command(), - builds up the serial message as follows: - - word 0 | word 1 | word 2 | word 3 | ... | word (n*2 + 1) - -------|-----------|-------------|-------------|-----|--------------- - CMD |paramTypes | params[0].a | params[0].b | ... | params[n-1].b - - where the n value is CMD specific and it is present in the CMD word. - Passing this message through S3MU to the Sentinel sub-system is done by simply moving the 16 words into S3MU Tx A - registers. - - # Example with the SSS API - - @code - sss_status_t sss_aead_one_go(sss_aead_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *nonce, - size_t nonceLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *tag, - size_t tagLen); - - uint32_t cmd = kSSCP_CMD_SSS_AeadOneGo(n=6); - - sscp_operation_t op = (0); - sscp_status_t status = kStatus_SSCP_Fail; - uint32_t ret = 0; - - if (context->mode == Encrypt) - { - op.paramTypes = SSCP_OP_SET_PARAM(kSSCP_ParamType_ContextReference, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_MemrefOutput, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_MemrefOutput, - kSSCP_ParamType_None); - } - else - { - op.paramTypes = SSCP_OP_SET_PARAM(kSSCP_ParamType_ContextReference, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_MemrefOutput, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_MemrefInput, - kSSCP_ParamType_None); - } - - ... context is an aggregate data type ... - ... implementation specific sscp_operation_t to serialize the context data ... - op.params[0].context.ptr = context; - op.params[0].context.type = kSSCP_ParamContextType_SSS_Aead; - - ... function parameters ... - op.params[1].memref.buffer = srcData; - op.params[1].memref.size = size; - - op.params[2].memref.buffer = destData; - op.params[2].memref.size = size; - - op.params[3].memref.buffer = nonce; - op.params[3].memref.size = nonceLen; - - op.params[4].memref.buffer = aad; - op.params[4].memref.size = aadLen; - - op.params[5].memref.buffer = tag; - op.params[5].memref.size = tagLen; - - ... Serialize to the link ... - status = context->session->sscp->invoke(context->sscpSession, cmd, &op, &ret); - if (status != kStatus_SSCP_Success) - { - return kStatus_SSS_Fail; - } - - return (sss_status_t)ret; - - @endcode - - # Example with the SSCP Client API - - @code - SSCP_Result SSCP_InvokeCommand(SSCP_Session *sessionSSCP, - uint32_t commandID, - SSCP_Operation *operation, - uint32_t *returnOrigin); - - - uint32_t cmd = kSSCP_CMD_SSCP_InvokeCommand; - - sscp_operation_t op = {0}; - sscp_status_t status = kStatus_SSCP_Fail; - uint32_t ret = 0; - - op.paramTypes = SSCP_OP_SET_PARAM(kSSCP_ParamType_ContextReference, - kSSCP_ParamType_ValueInput, - kSSCP_ParamType_ContextReference, - kSSCP_ParamType_MemrefOutput, - kSSCP_ParamType_None, - kSSCP_ParamType_None, - kSSCP_ParamType_None); - - op.params[0].context.ptr = sessionSSCP; - op.params[0].context.type = kSSCP_ParamContextType_SSCP_Session; - - op.params[1].value.a = commandID; - op.params[1].value.b = 0; - - op.params[2].context.ptr = operation; - op.params[2].context.type = kSSCP_ParamContextType_SSCP_Operation; - - op.params[3].memref.buffer = returnOrigin; - op.params[3].memref.size = sizeof(*returnOrigin); - - @endcode - */ - -/*! - * @addtogroup sscp - * @{ - */ - -/*! @brief Maximum number of parameters to be supported in one sscp_operation_t */ -#define SSCP_OPERATION_PARAM_COUNT (7) - -/*! @brief Default SSCP context is a pointer to memory. */ -#ifndef SSCP_MAX_CONTEXT_SIZE -#define SSCP_MAX_CONTEXT_SIZE (sizeof(void *)) -#endif - -/*! @brief Set parameter types for the SSCP operation. Each param type is encoded into 4-bits bit field. */ -#define SSCP_OP_SET_PARAM(p0, p1, p2, p3, p4, p5, p6) \ - (((uint32_t)p0 & 0xFu)) | (((uint32_t)p1 & 0xFu) << 4u) | (((uint32_t)p2 & 0xFu) << 8u) | \ - (((uint32_t)p3 & 0xFu) << 12u) | (((uint32_t)p4 & 0xFu) << 16u) | (((uint32_t)p5 & 0xFu) << 20u) | \ - (((uint32_t)p6 & 0xFu) << 24u); - -/*! @brief Decode i-th parameter as 4-bit unsigned integer. */ -#define SSCP_OP_GET_PARAM(i, paramTypes) ((uint32_t)((((uint32_t)paramTypes) >> i * 4) & 0xFu)) - -/*! @brief Data type for SSCP function return values */ -typedef uint32_t sscp_status_t; - -typedef struct _sscp_context sscp_context_t; - -/** - * @brief SSCP operation descriptor - * - */ -typedef struct _sscp_operation sscp_operation_t; - -/*! @brief Typedef for a function that sends a command and associated parameters to security sub-system - * - * The commandID and operation content is serialized and sent over to the selected security sub-system. - * This is implementation specific function. - * The function can invoke both blocking and non-blocking secure functions in the selected security sub-system. - * - * @param context Initialized SSCP context - * @param commandID Command - an id of a remote secure function to be invoked - * @param op Description of function arguments as a sequence of buffers, values, context references and aggregates - * @param ret Return code of the remote secure function (application layer return value) - * - * @returns Status of the operation - * @retval kStatus_SSCP_Success A blocking command has completed or a non-blocking command has been accepted. - * @retval kStatus_SSCP_Fail Operation failure, for example hardware fail. - * @retval kStatus_SSCP_InvalidArgument One of the arguments is invalid for the function to execute. - */ -typedef sscp_status_t (*fn_sscp_invoke_command_t)( - sscp_context_t *context, uint32_t commandID, sscp_operation_t *op, uint32_t *ret); - -/** - * struct _sscp_context - SSCP context struct - * - * This data type is used to keep context of the SSCP link. - * It has one mandatory member - pointer to invoke() function. - * Otherwise it is completely implementation specific. - * - * @param invoke Pointer to implementation specific invoke() function - * @param context Container for the implementation specific data. - */ -struct _sscp_context -{ - fn_sscp_invoke_command_t invoke; - // sscp_status_t (*sscp_invoke_command)(sscp_context_t *context, uint32_t commandID, sscp_operation_t *op); - - /*! Implementation specific part */ - struct - { - uint8_t data[SSCP_MAX_CONTEXT_SIZE]; - } context; -}; - -/** - * struct _sscp_memref - Buffer - * - * This data type is used to describe a function argument as a buffer. - * - * @param buffer Memory address - * @param size Length of the buffer in bytes - */ -typedef struct _sscp_memref -{ - void *buffer; - size_t size; -} sscp_memref_t; - -/** - * struct _sscp_value - Small raw data - * - * This data type is used to describe a function argument as a tuple of two 32-bit values. - * - * @param a First 32-bit data value. - * @param b Second 32-bit data value. - */ -typedef struct _sscp_value -{ - uint32_t a; - uint32_t b; -} sscp_value_t; - -/** - * @brief SSCP descriptor for an aggregate - * - * This data type is used to link additional SSCP operation. - * - * @param op Pointer to sscp_operation_t. - */ -typedef struct _sscp_aggregate_operation -{ - sscp_operation_t *op; -} sscp_aggregate_operation_t; - -/** - * @brief SSCP descriptor for a context struct - * - * This data type is used pass context struct to SSCP by reference - * - * @param ptr Pointer to a data structure - * @param type 32-bit identifier specifying context struct type - */ -typedef struct _sscp_context_operation -{ - void *ptr; - uint32_t type; -} sscp_context_reference_t; - -/** - * @brief Data structure representing a function argument. - * - * Either the client uses a shared memory reference, or a small raw - * data container. - * - * @param value Small raw data container - * @param memref Memory reference - * @param aggregate Reference to another SSCP descriptor - * @param context Pointer to a data struct to be passed to SSCP by reference - */ -typedef union _sscp_parameter { - sscp_value_t value; - sscp_memref_t memref; - sscp_aggregate_operation_t aggregate; - sscp_context_reference_t context; -} sscp_parameter_t; - -/** - * @brief Data structure describing function arguments. - * Function argument are described as a sequence of buffers, values, context references and aggregates. - * It serves as an input to ::sscp_invoke_command(), an implementation specific serialization function. - * - * @param paramTypes Type of data passed. - * @param params Array of parameters of type sscp_parameter_t. - * - */ -struct _sscp_operation -{ - uint32_t paramTypes; - sscp_parameter_t params[SSCP_OPERATION_PARAM_COUNT]; -}; - -/** - * @brief Enum with SSCP operation parameters. - */ -typedef enum _sscp_param_types -{ - kSSCP_ParamType_None = 0, /*! Parameter not in use */ - kSSCP_ParamType_Aggregate = 0x1u, /*! Link to another ::sscp_operation_t */ - kSSCP_ParamType_ContextReference, /*! Reference to a context structure - pointer and type */ - kSSCP_ParamType_MemrefInput, /*! Reference to a memory buffer - input to remote function or service */ - kSSCP_ParamType_MemrefOutput, /*! Reference to a memory buffer - output by remote function or service. - Implementations shall update the size member of the ::sscp_memref_t - with the actual number of bytes written. */ - kSSCP_ParamType_MemrefInOut, /*! Reference to a memory buffer - input to and ouput from remote function or service - */ - kSSCP_ParamType_ValueInput, /*! Tuple of two 32-bit integers - input to remote function or service */ - kSSCP_ParamType_ValueOutput, /*! Tuple of two 32-bit integers - output by remote function or service */ -} sscp_param_types_t; - -/** - * @brief Enum with return values from SSCP functions - */ -enum _sscp_return_values -{ - kStatus_SSCP_Success = 0x10203040u, - kStatus_SSCP_Fail = 0x40302010u, -}; - -/******************************************************************************* - * API - ******************************************************************************/ -#if defined(__cplusplus) -extern "C" { -#endif - -/*! @brief Sends a command and associated parameters to security sub-system - * - * The commandID and operation content is serialized and sent over to the selected security sub-system. - * This is implementation specific function. - * The function can invoke both blocking and non-blocking secure functions in the selected security sub-system. - * - * @param context Initialized SSCP context - * @param commandID Command - an id of a remote secure function to be invoked - * @param op Description of function arguments as a sequence of buffers and values - * @param ret Return code of the remote secure function (application layer return value) - * - * @returns Status of the operation - * @retval kStatus_SSCP_Success A blocking command has completed or a non-blocking command has been accepted. - * @retval kStatus_SSCP_Fail Operation failure, for example hardware fail. - * @retval kStatus_SSCP_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sscp_status_t sscp_invoke_command(sscp_context_t *context, uint32_t commandID, sscp_operation_t *op, uint32_t *ret); - -#if defined(__cplusplus) -} -#endif - -/*! - *@} - */ /* end of sscp */ - -#endif /* _FSL_SSCP_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api.h deleted file mode 100644 index f1b71c086..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api.h +++ /dev/null @@ -1,1892 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ -/** @file */ -#ifndef _FSL_SSS_H_ -#define _FSL_SSS_H_ - -#if !defined(SSS_CONFIG_FILE) -#include "fsl_sss_config.h" -#else -#include SSS_CONFIG_FILE -#endif - -#include - -#include "fsl_sss_types.h" - -/** Version of the SSS API */ -#define SSS_API_VERSION (0x00000001u) - -/** Size of an AES Block, in bytes */ -#define SSS_AES_BLOCK_SIZE (16u) -/** Size of a DES Block, in bytes */ -#define SSS_DES_BLOCK_SIZE (8u) -/** Size of a DES Key, in bytes */ -#define SSS_DES_KEY_SIZE (8u) -/** Size of a DES IV, in bytes */ -#define SSS_DES_IV_SIZE (8u) - -/** Status of the SSS APIs */ -typedef enum -{ - /** Operation was successful */ - kStatus_SSS_Success = 0x5a5a5a5au, - /** Operation failed */ - kStatus_SSS_Fail = 0x3c3c0000u, - /** Operation not performed because some of the passed parameters - * were found inappropriate */ - kStatus_SSS_InvalidArgument = 0x3c3c0001u, - /** Where the underlying sub-system *supports* multi-threading, - * Internal status to handle simultaneous access. - * - * This status is not expected to be returned to higher layers. - * */ - kStatus_SSS_ResourceBusy = 0x3c3c0002u, -} sss_status_t; - -/** Helper macro to set enum value */ - -#define SSS_ENUM(GROUP, INDEX) ((GROUP) | (INDEX)) - -/** Cryptographic sub system */ -typedef enum -{ - kType_SSS_SubSystem_NONE, - /** Software based */ - kType_SSS_Software = SSS_ENUM(0x01 << 8, 0x00), - kType_SSS_mbedTLS = SSS_ENUM(kType_SSS_Software, 0x01), - kType_SSS_OpenSSL = SSS_ENUM(kType_SSS_Software, 0x02), - /** HOST HW Based */ - kType_SSS_HW = SSS_ENUM(0x02 << 8, 0x00), - kType_SSS_SECO = SSS_ENUM(kType_SSS_HW, 0x01), - /** Isolated HW */ - kType_SSS_Isolated_HW = SSS_ENUM(0x04 << 8, 0x00), - kType_SSS_Sentinel = SSS_ENUM(kType_SSS_Isolated_HW, 0x01), - kType_SSS_Sentinel200 = SSS_ENUM(kType_SSS_Isolated_HW, 0x02), - kType_SSS_Sentinel300 = SSS_ENUM(kType_SSS_Isolated_HW, 0x03), - kType_SSS_Sentinel400 = SSS_ENUM(kType_SSS_Isolated_HW, 0x04), - kType_SSS_Sentinel500 = SSS_ENUM(kType_SSS_Isolated_HW, 0x05), - /** Secure Element */ - kType_SSS_SecureElement = SSS_ENUM(0x08 << 8, 0x00), - /** To connect to https://www.nxp.com/products/:A71CH */ - kType_SSS_SE_A71CH = SSS_ENUM(kType_SSS_SecureElement, 0x01), - kType_SSS_SE_A71CL = SSS_ENUM(kType_SSS_SecureElement, 0x02), - /** To connect to https://www.nxp.com/products/:SE050 */ - kType_SSS_SE_SE05x = SSS_ENUM(kType_SSS_SecureElement, 0x03), - kType_SSS_SubSystem_LAST -} sss_type_t; - -/** Destintion connection type */ -typedef enum -{ - /* Plain => Lowest level of security requested. - * => Probably a system with no mechanism to *identify* who - * has opened the session from host - * => Probably a system with Easy for man in the middle attack. - * - */ - kSSS_ConnectionType_Plain, - /* Password: - * => Some level of user authentication/identification requested - * => Probably a system with "static" authentication/identification. - * => Probably same Password us always. - * => "Password" mostly gets sent in plain over the communication layer - * => Probably a system with replay attack possible - */ - kSSS_ConnectionType_Password, - /* Encrypted: - * Communication is guaranteed to be Encrypted. - * For SE => This would mean highest level of authentication - * For other system => channel would be encrypted - * - * In general, almost a level of security that is definitely higher than - * Plain/Password/PIN. - * - * Using *Dynamic* Sessions Keys for authenticated communication. - */ - kSSS_ConnectionType_Encrypted -} sss_connection_type_t; - -#ifndef __DOXYGEN__ - -#define SSS_ALGORITHM_START_AES (0x00) -#define SSS_ALGORITHM_START_CHACHA (0x01) -#define SSS_ALGORITHM_START_DES (0x02) -#define SSS_ALGORITHM_START_SHA (0x03) -#define SSS_ALGORITHM_START_MAC (0x04) -#define SSS_ALGORITHM_START_DH (0x05) -#define SSS_ALGORITHM_START_DSA (0x06) -#define SSS_ALGORITHM_START_RSASSA_PKCS1_V1_5 (0x07) -#define SSS_ALGORITHM_START_RSASSA_PKCS1_PSS_MGF1 (0x08) -#define SSS_ALGORITHM_START_RSAES_PKCS1_OAEP (0x09) -#define SSS_ALGORITHM_START_RSAES_PKCS1_V1_5 (0x0A) -#define SSS_ALGORITHM_START_RSASSA_NO_PADDING (0x0B) -#define SSS_ALGORITHM_START_ECDSA (0x0C) -#define SSS_ALGORITHM_START_ECDAA (0x0D) - -/* Not available outside this file */ -#define SSS_ENUM_ALGORITHM(GROUP, INDEX) (((SSS_ALGORITHM_START_##GROUP) << 8) | (INDEX)) - -#endif - -/** Cryptographic algorithm to be applied */ -typedef enum /* _sss_algorithm */ -{ - kAlgorithm_None, - /* AES */ - kAlgorithm_SSS_AES_ECB = SSS_ENUM_ALGORITHM(AES, 0x01), - kAlgorithm_SSS_AES_CBC = SSS_ENUM_ALGORITHM(AES, 0x02), - kAlgorithm_SSS_AES_CTR = SSS_ENUM_ALGORITHM(AES, 0x03), - kAlgorithm_SSS_AES_GCM = SSS_ENUM_ALGORITHM(AES, 0x04), - kAlgorithm_SSS_AES_CCM = SSS_ENUM_ALGORITHM(AES, 0x05), - kAlgorithm_SSS_AES_GCM_INT_IV = SSS_ENUM_ALGORITHM(AES, 0x06), - /* CHACHA_POLY */ - kAlgorithm_SSS_CHACHA_POLY = SSS_ENUM_ALGORITHM(CHACHA, 0x01), - /* DES */ - kAlgorithm_SSS_DES_ECB = SSS_ENUM_ALGORITHM(DES, 0x01), - kAlgorithm_SSS_DES_CBC = SSS_ENUM_ALGORITHM(DES, 0x02), - /* DES3 */ - kAlgorithm_SSS_DES3_ECB = SSS_ENUM_ALGORITHM(DES, 0x03), - kAlgorithm_SSS_DES3_CBC = SSS_ENUM_ALGORITHM(DES, 0x04), - /* digest */ - /* doc:start hash_algo */ - kAlgorithm_SSS_SHA1 = SSS_ENUM_ALGORITHM(SHA, 0x01), - kAlgorithm_SSS_SHA224 = SSS_ENUM_ALGORITHM(SHA, 0x02), - kAlgorithm_SSS_SHA256 = SSS_ENUM_ALGORITHM(SHA, 0x03), - kAlgorithm_SSS_SHA384 = SSS_ENUM_ALGORITHM(SHA, 0x04), - kAlgorithm_SSS_SHA512 = SSS_ENUM_ALGORITHM(SHA, 0x05), - /* doc:end hash_algo */ - /* MAC */ - kAlgorithm_SSS_CMAC_AES = SSS_ENUM_ALGORITHM(MAC, 0x01), - kAlgorithm_SSS_HMAC_SHA1 = SSS_ENUM_ALGORITHM(MAC, 0x02), - kAlgorithm_SSS_HMAC_SHA224 = SSS_ENUM_ALGORITHM(MAC, 0x03), - kAlgorithm_SSS_HMAC_SHA256 = SSS_ENUM_ALGORITHM(MAC, 0x04), - kAlgorithm_SSS_HMAC_SHA384 = SSS_ENUM_ALGORITHM(MAC, 0x05), - kAlgorithm_SSS_HMAC_SHA512 = SSS_ENUM_ALGORITHM(MAC, 0x06), - /* See above: - * kAlgorithm_SSS_HMAC_SHA224 = SSS_ENUM_ALGORITHM(CHACHA, 0x01) */ - - /* Diffie-Helmann */ - kAlgorithm_SSS_DH = SSS_ENUM_ALGORITHM(DH, 0x01), - kAlgorithm_SSS_ECDH = SSS_ENUM_ALGORITHM(DH, 0x02), - /* DSA */ - kAlgorithm_SSS_DSA_SHA1 = SSS_ENUM_ALGORITHM(DSA, 0x01), - kAlgorithm_SSS_DSA_SHA224 = SSS_ENUM_ALGORITHM(DSA, 0x02), - kAlgorithm_SSS_DSA_SHA256 = SSS_ENUM_ALGORITHM(DSA, 0x03), - - /* RSA */ - /* doc:start rsa_sign_algo */ - kAlgorithm_SSS_RSASSA_PKCS1_V1_5_NO_HASH = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_V1_5, 0x01), - kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA1 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_V1_5, 0x02), - kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA224 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_V1_5, 0x03), - kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA256 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_V1_5, 0x04), - kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA384 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_V1_5, 0x05), - kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA512 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_V1_5, 0x06), - kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA1 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_PSS_MGF1, 0x01), - kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA224 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_PSS_MGF1, 0x02), - kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA256 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_PSS_MGF1, 0x03), - kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA384 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_PSS_MGF1, 0x04), - kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA512 = SSS_ENUM_ALGORITHM(RSASSA_PKCS1_PSS_MGF1, 0x05), - /* doc:end rsa_sign_algo */ - - /* doc:start rsa_enc_algo */ - kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA1 = SSS_ENUM_ALGORITHM(RSAES_PKCS1_OAEP, 0x01), - kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA224 = SSS_ENUM_ALGORITHM(RSAES_PKCS1_OAEP, 0x02), - kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA256 = SSS_ENUM_ALGORITHM(RSAES_PKCS1_OAEP, 0x03), - kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA384 = SSS_ENUM_ALGORITHM(RSAES_PKCS1_OAEP, 0x04), - kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA512 = SSS_ENUM_ALGORITHM(RSAES_PKCS1_OAEP, 0x05), - kAlgorithm_SSS_RSAES_PKCS1_V1_5 = SSS_ENUM_ALGORITHM(RSAES_PKCS1_V1_5, 0x01), - /* doc:end rsa_enc_algo */ - - /* doc:start rsa_sign_algo_no_padding */ - kAlgorithm_SSS_RSASSA_NO_PADDING = SSS_ENUM_ALGORITHM(RSASSA_NO_PADDING, 0x01), - /* doc:end rsa_sign_algo_no_padding */ - - /* ECDSA */ - /* doc:start ecc_sign_algo */ - kAlgorithm_SSS_ECDSA_SHA1 = SSS_ENUM_ALGORITHM(ECDSA, 0x01), - kAlgorithm_SSS_ECDSA_SHA224 = SSS_ENUM_ALGORITHM(ECDSA, 0x02), - kAlgorithm_SSS_ECDSA_SHA256 = SSS_ENUM_ALGORITHM(ECDSA, 0x03), - kAlgorithm_SSS_ECDSA_SHA384 = SSS_ENUM_ALGORITHM(ECDSA, 0x04), - kAlgorithm_SSS_ECDSA_SHA512 = SSS_ENUM_ALGORITHM(ECDSA, 0x05), - /* doc:end ecc_sign_algo */ - - /* ECDAA */ - /* doc:start ecc_bn_sign_algo */ - kAlgorithm_SSS_ECDAA = SSS_ENUM_ALGORITHM(ECDAA, 0x01), - /* doc:end ecc_bn_sign_algo */ -} sss_algorithm_t; - -#undef SSS_ENUM_ALGORITHM - -#ifndef __DOXYGEN__ - -// Deprecated names for RSAES_PKCS1_OAEP algorithms -#define kAlgorithm_SSS_RSASSA_PKCS1_OEAP_SHA1 kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA1 -#define kAlgorithm_SSS_RSASSA_PKCS1_OEAP_SHA224 kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA224 -#define kAlgorithm_SSS_RSASSA_PKCS1_OEAP_SHA256 kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA256 -#define kAlgorithm_SSS_RSASSA_PKCS1_OEAP_SHA384 kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA384 -#define kAlgorithm_SSS_RSASSA_PKCS1_OEAP_SHA512 kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA512 - -// Deprecated names for RSAES_PKCS1_V1_5 algorithms -#define kAlgorithm_SSS_RSAES_PKCS1_V1_5_SHA1 kAlgorithm_SSS_RSAES_PKCS1_V1_5 -#define kAlgorithm_SSS_RSAES_PKCS1_V1_5_SHA224 kAlgorithm_SSS_RSAES_PKCS1_V1_5 -#define kAlgorithm_SSS_RSAES_PKCS1_V1_5_SHA256 kAlgorithm_SSS_RSAES_PKCS1_V1_5 -#define kAlgorithm_SSS_RSAES_PKCS1_V1_5_SHA384 kAlgorithm_SSS_RSAES_PKCS1_V1_5 -#define kAlgorithm_SSS_RSAES_PKCS1_V1_5_SHA512 kAlgorithm_SSS_RSAES_PKCS1_V1_5 - -#endif /* __DOXYGEN__ */ - -/** High level algorihtmic operations. - * - * Augmented by @ref sss_algorithm_t - */ -typedef enum -{ - kMode_SSS_Encrypt = 1, //!< Encrypt - kMode_SSS_Decrypt = 2, //!< Decrypt - kMode_SSS_Sign = 3, //!< Sign - kMode_SSS_Verify = 4, //!< Verify - /* Compute Shared Secret. e.g. Diffie-Hellman */ - kMode_SSS_ComputeSharedSecret = 5, - kMode_SSS_Digest = 6, //!< Message Digest - kMode_SSS_Mac = 7, //!< Message Authentication Code - - // For now, use kMode_SSS_ComputeSharedSecret for HKDF Extract and Expand - // kMode_SSS_HKDF = 8, //!< HKDF Extract and Expand (RFC 5869) - kMode_SSS_HKDF_ExpandOnly = 9 //!< HKDF Expand Only (RFC 5869) -} sss_mode_t; - -/** - * Permissions of an object - */ -typedef enum -{ - /** Can read (applicable) contents of the key. - * - * @note This is not same as @ref kAccessPermission_SSS_Use. - * - * Without reading, the object, the key can be used. - */ - kAccessPermission_SSS_Read = (1u << 0), - /** Can change the value of an object */ - kAccessPermission_SSS_Write = (1u << 1), - /** Can use an object */ - kAccessPermission_SSS_Use = (1u << 2), - /** Can delete an object */ - kAccessPermission_SSS_Delete = (1u << 3), - /** Can change permissions applicable to an object */ - kAccessPermission_SSS_ChangeAttributes = (1u << 4), - /** Bitwise OR of all sss_access_permission. */ - kAccessPermission_SSS_All_Permission = 0x1F, -} sss_access_permission_t; - -/** - * Persistent / Non persistent mode of a key - */ -typedef enum -{ - kKeyObject_Mode_None = 0, //!< kKeyObject_Mode_None - /** Key object will be persisted in memory - * and will retain it's value after a closed session - */ - kKeyObject_Mode_Persistent = 1, - /** Key Object will be stored in RAM. - * It will lose it's contents after a session is closed - */ - kKeyObject_Mode_Transient = 2, -} sss_key_object_mode_t; - -/** Part of a key */ -typedef enum -{ - kSSS_KeyPart_NONE, - /** Applicable where we have UserID, Binary Files, - * Certificates, Symmetric Keys, PCR, HMAC-key, counter */ - kSSS_KeyPart_Default = 1, - /** Public part of asymmetric key */ - kSSS_KeyPart_Public = 2, - /** Private only part of asymmetric key */ - kSSS_KeyPart_Private = 3, - /** Both, public and private part of asymmetric key */ - kSSS_KeyPart_Pair = 4, -} sss_key_part_t; - -/** For all cipher types, key bit length is provides at the time key is inserted/generated */ -typedef enum -{ - kSSS_CipherType_NONE, - kSSS_CipherType_AES = 10, - kSSS_CipherType_DES = 12, - - kSSS_CipherType_CMAC = 20, - kSSS_CipherType_HMAC = 21, - - kSSS_CipherType_MAC = 30, - kSSS_CipherType_RSA = 31, /*! RSA RAW format */ - kSSS_CipherType_RSA_CRT = 32, /*! RSA CRT format */ - - /* The following keys can be identified - * solely by the *Family* and bit length - */ - kSSS_CipherType_EC_NIST_P = 40, /*! Keys Part of NIST-P Family */ - kSSS_CipherType_EC_NIST_K = 41, /*! Keys Part of NIST-K Family */ - - /* The following keys need their full curve parameters (p,a,b,x,y,n,h) - */ - /** Montgomery Key, */ - kSSS_CipherType_EC_MONTGOMERY = 50, - /** twisted Edwards form elliptic curve public key */ - kSSS_CipherType_EC_TWISTED_ED = 51, - /** Brainpool form elliptic curve public key */ - kSSS_CipherType_EC_BRAINPOOL = 52, - /** Barreto Naehrig curve */ - kSSS_CipherType_EC_BARRETO_NAEHRIG = 53, - - kSSS_CipherType_UserID = 70, - - /** Use kSSS_CipherType_Binary to store Certificate */ - kSSS_CipherType_Certificate = 71, - kSSS_CipherType_Binary = 72, - - kSSS_CipherType_Count = 73, - kSSS_CipherType_PCR = 74, - kSSS_CipherType_ReservedPin = 75, -} sss_cipher_type_t; - -/** XY Co-ordinates for ECC Curves */ -typedef struct -{ - /** X Point */ - uint8_t *X; - /** Y Point */ - uint8_t *Y; -} sss_ecc_point_t; - -/** ECC Curve Parameter */ -typedef struct -{ - uint8_t *p; /**< ECC parameter P */ - uint8_t *a; /**< ECC parameter a */ - uint8_t *b; /**< ECC parameter b */ - sss_ecc_point_t *G; /**< ECC parameter G */ - uint8_t *n; /**< ECC parameter n */ - uint8_t *h; /**< ECC parameter h */ -} sss_eccgfp_group_t; - -/** - * @addtogroup sss_session - * @{ - */ - -/** Properties of session that are U32 - * - * From 0 to kSSS_SessionProp_Optional_Prop_Start, - * around 2^24 = 16777215 Properties are - * possible. - * - * From 0 to kSSS_SessionProp_Optional_Prop_Start, - * around 2^24 = 16777215 Properties are - * possible. - * - */ -typedef enum -{ - /** Invalid */ - kSSS_SessionProp_u32_NA = 0, - /** Major version */ - kSSS_SessionProp_VerMaj, - /** Minor Version */ - kSSS_SessionProp_VerMin, - /** Development Version */ - kSSS_SessionProp_VerDev, - - /* Lenght of UID */ - kSSS_SessionProp_UIDLen, - - /** Optional Properties Start */ - kSSS_SessionProp_u32_Optional_Start = 0x00FFFFFFu, - - /** How much persistent memory is free */ - kSSS_KeyStoreProp_FreeMem_Persistant, - - /** How much transient memory is free */ - kSSS_KeyStoreProp_FreeMem_Transient, - - /** Proprietary Properties Start */ - kSSS_SessionProp_u32_Proprietary_Start = 0x01FFFFFFu, - -} sss_session_prop_u32_t; - -/** Properties of session that are S32 - * - * From 0 to kSSS_SessionProp_Optional_Prop_Start, - * around 2^24 = 16777215 Properties are - * possible. - * - * From 0 to kSSS_SessionProp_Optional_Prop_Start, - * around 2^24 = 16777215 Properties are - * possible. - * - */ -typedef enum -{ - /** Invalid */ - kSSS_SessionProp_au8_NA = 0, - /** Name of the product, string */ - kSSS_SessionProp_szName, - /** Unique Identifier */ - kSSS_SessionProp_UID, - - /** Optional Properties Start */ - kSSS_SessionProp_au8_Optional_Start = 0x00FFFFFFu, - - /** Proprietary Properties Start */ - kSSS_SessionProp_au8_Proprietary_Start = 0x01FFFFFFu, - -} sss_session_prop_au8_t; - -/** @} */ - -/** - * @addtogroup sss_session - * @{ - */ - -/** @brief Root session - * - * This is a *singleton* for each connection (physical/logical) - * to individual cryptographic system. - */ -typedef struct -{ - /** Indicates which security subsystem is selected. - * - * This is set when @ref sss_session_open is successful */ - sss_type_t subsystem; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_SESSION_MAX_CONTEXT_SIZE]; - } extension; -} sss_session_t; -/** @} */ - -/** - * @addtogroup sss_key_store - * @{ - */ - -/** @brief Store for secure and non secure key objects within a cryptographic system. - * - * - A cryptographic system may have more than partitions to store such keys. - * - */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_session_t *session; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_KEY_STORE_MAX_CONTEXT_SIZE]; - } extension; -} sss_key_store_t; - -/** properties of a Key Store that return array */ -typedef enum -{ - /** Optional Properties Start */ - kSSS_KeyStoreProp_au8_Optional_Start = 0x00FFFFFFu, - -} sss_key_store_prop_au8_t; - -/** Entity on the other side of the tunnel */ -typedef enum -{ - /** Default value */ - kSSS_TunnelDest_None = 0, - - /** SE05X IoT Applet */ - kSSS_TunnelType_Se05x_Iot_applet, -} sss_tunnel_dest_t; - -/** @} */ - -/** - * @addtogroup sss_key_object - * @{ - */ - -/** @brief An object (secure / non-secure) within a Key Store. - * - */ -typedef struct -{ - /** key store holding the data and other properties */ - sss_key_store_t *keyStore; - /** The type/part of object is referneced from @ref sss_key_part_t */ - uint32_t objectType; - /** cipherType type from @ref sss_cipher_type_t */ - uint32_t cipherType; - /** Application specific key identifier. The keyId is kept in the key store - * along with the key data and other properties. */ - uint32_t keyId; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_KEY_OBJECT_MAX_CONTEXT_SIZE]; - } extension; -} sss_object_t; - -/** @} */ - -/** - * @addtogroup sss_crypto_symmetric - * @{ - */ - -/** @brief Typedef for the symmetric crypto context */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_session_t *session; - /** Key to be used for the symmetric operation */ - sss_object_t *keyObject; - /** Algorithm to be applied, e.g AES_ECB / CBC */ - sss_algorithm_t algorithm; - /** Mode of operation, e.g Encryption/Decryption */ - sss_mode_t mode; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_SYMMETRIC_MAX_CONTEXT_SIZE]; - } extension; -} sss_symmetric_t; -/** @} */ - -/** @brief Authenticated Encryption with Additional Data - * - */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_session_t *session; - /** Key to be used for asymmetric */ - sss_object_t *keyObject; - /** Algorithm to be used */ - sss_algorithm_t algorithm; - /** High level operation (encrypt/decrypt) */ - sss_mode_t mode; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_AEAD_MAX_CONTEXT_SIZE]; - } extension; -} sss_aead_t; - -/** Message Digest operations */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_session_t *session; - /** Algorithm to be applied, e.g SHA1, SHA256 */ - sss_algorithm_t algorithm; - /** Mode of operation, e.g Sign/Verify */ - sss_mode_t mode; - /** Full digest length per algorithm definition. This field is initialized along with algorithm. */ - size_t digestFullLen; - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_DIGEST_MAX_CONTEXT_SIZE]; - } extension; -} sss_digest_t; - -/** @brief Message Authentication Code - * - */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_session_t *session; - /** Key to be used for ... */ - sss_object_t *keyObject; - /** Algorithm to be applied, e.g. MAC/CMAC */ - sss_algorithm_t algorithm; - /** Mode of operation for MAC (kMode_SSS_Mac) */ - sss_mode_t mode; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_MAC_MAX_CONTEXT_SIZE]; - } extension; -} sss_mac_t; - -/** @brief Asymmetric Cryptographic operations - * - * e.g. RSA/ECC. - */ - -typedef struct -{ - /** Pointer to root session */ - sss_session_t *session; - /** KeyObject used for Asymmetric operation */ - sss_object_t *keyObject; - /** Algorithm to be applied, e.g. ECDSA */ - sss_algorithm_t algorithm; - /** Mode of operation for the Asymmetric operation. - * e.g. Sign/Verify/Encrypt/Decrypt */ - sss_mode_t mode; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_ASYMMETRIC_MAX_CONTEXT_SIZE]; - } extension; -} sss_asymmetric_t; - -/** Header for a IS716 APDU */ - -typedef struct -{ - /** ISO 7816 APDU Header */ - uint8_t hdr[0 /* For Indentation */ - + 1 /* CLA */ - + 1 /* INS */ - + 1 /* P1 */ - + 1 /* P2 */ - ]; -} tlvHeader_t; - -/** Tunneling - * - * Used for communication via another system. - */ -typedef struct -{ - /** Pointer to the session */ - sss_session_t *session; - /** Tunnel to which Applet (Currently unused) */ - uint32_t tunnelType; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_TUNNEL_MAX_CONTEXT_SIZE]; - } extension; -} sss_tunnel_t; - -/** - * @addtogroup sss_crypto_derive_key - * @{ - */ - -/** Key derivation */ -typedef struct -{ - /** Pointer to the session */ - sss_session_t *session; - /** KeyObject used to derive key s*/ - sss_object_t *keyObject; - /** Algorithm to be applied, e.g. ... */ - sss_algorithm_t algorithm; - /** Mode of operation for .... e.g. ... */ - sss_mode_t mode; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_DERIVE_KEY_MAX_CONTEXT_SIZE]; - } extension; -} sss_derive_key_t; -/** @} */ - -/** Random number generator context */ -typedef struct -{ - /** Pointer to the session */ - sss_session_t *session; - - /** Reserved memory for implementation specific extension */ - struct - { - uint8_t data[SSS_RNG_MAX_CONTEXT_SIZE]; - } context; - -} sss_rng_context_t; - -/******************************************************************************* - * API - ******************************************************************************/ -#if defined(__cplusplus) -extern "C" { -#endif - -/** - * @addtogroup sss_session - * @{ - */ - -/** - * Same as @ref sss_session_open but to support sub systems - * that explictily need a create before opening. - * - * For the sake of portabilty across various sub systems, - * the applicaiton has to call @ref sss_session_create - * before calling @ref sss_session_open. - * - * - * @param[in,out] session Pointer to session context - * @param[in] subsystem See @ref sss_session_open - * @param[in] application_id See @ref sss_session_open - * @param[in] connection_type See @ref sss_session_open - * @param[in] connectionData See @ref sss_session_open - */ -sss_status_t sss_session_create(sss_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** - * @brief Open session between application and a security subsystem. - * - * Open virtual session between application (user context) and a - * security subsystem and function thereof. Pointer to session - * shall be supplied to all SSS APIs as argument. Low level SSS - * functions can provide implementation specific behaviour based - * on the session argument. - * Note: sss_session_open() must not be called concurrently from - * multiple threads. The application must ensure this. - * - * @param[in,out] session Session context. - * @param[in] subsystem Indicates which security subsystem is - * selected to be used. - * @param[in] application_id ObjectId/AuthenticationID Connecting to: - * - ``application_id`` == 0 => Super use / Plaform user - * - Anything else => Authenticated user - * @param[in] connection_type How are we connecting to the system. - * @param[in,out] connectionData subsystem specific connection parameters. - * - * @return status - */ -sss_status_t sss_session_open(sss_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** - * @brief Get an underlying property of the crypto sub system - * - * This API is used to get values that are - * numeric in nature. - * - * Property can be either fixed value that is - * calculated at compile time and returned - * directly, or it may involve some access to the - * underlying system. - * - * For applicable properties see @ref sss_session_prop_u32_t - * - * @param[in] session Session context - * @param[in] property Value that is part of @ref sss_session_prop_u32_t - * @param[out] pValue - * - * @return - */ -sss_status_t sss_session_prop_get_u32(sss_session_t *session, uint32_t property, uint32_t *pValue); - -/** - * @brief Get an underlying property of the crypto sub system - * - * This API is used to get values that are - * numeric in nature. - * - * Property can be either fixed value that is - * calculated at compile time and returned - * directly, or it may involve some access to the - * underlying system. - * - * @param[in] session Session context - * @param[in] property Value that is part of @ref sss_session_prop_au8_t - * @param[out] pValue Output buffer array - * @param[in,out] pValueLen Count of values thare are/must br read - * @return - */ -sss_status_t sss_session_prop_get_au8(sss_session_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** - * @brief Close session between application and security subsystem. - * - * This function closes a session which has been opened with a security subsystem. - * All commands within the session must have completed before this function can be called. - * The implementation must do nothing if the input ``session`` parameter is NULL. - * - * - * @param session Session context. - */ -void sss_session_close(sss_session_t *session); - -/** Counterpart to @ref sss_session_create - * - * Similar to contraint on @ref sss_session_create, application - * may call @ref sss_session_delete to explicitly release all - * underlying/used session specific resoures of that implementation. - */ -void sss_session_delete(sss_session_t *session); - -/** - *@} - */ /* end of sss_session */ - -/** - * @addtogroup sss_key_store - * @{ - */ - -/** @brief Constructor for the key store context data structure. - * - * @param[out] keyStore Pointer to key store context. Key store context is updated on function return. - * @param session Session context. - */ -sss_status_t sss_key_store_context_init(sss_key_store_t *keyStore, sss_session_t *session); - -/** @brief Get handle to key store. - * If the key store already exists, nothing is allocated. - * If the key store does not exists, new empty key store is created and initialized. - * Key store context structure is updated with actual information. - * - * @param[out] keyStore Pointer to key store context. Key store context is updated on function return. - * @param keyStoreId Implementation specific ID, can be used in case security subsystem manages multiple different - * key stores. - */ -sss_status_t sss_key_store_allocate(sss_key_store_t *keyStore, uint32_t keyStoreId); - -/** @brief Save all cached persistent objects to persistent memory. - */ -sss_status_t sss_key_store_save(sss_key_store_t *keyStore); - -/** @brief Load from persistent memory to cached objects. - */ -sss_status_t sss_key_store_load(sss_key_store_t *keyStore); - -/** @brief This function moves data[] from memory to the destination key store. - * - * @param keyStore Key store context - * @param keyObject Reference to a key and it's properties - * @param data Data to be stored in Key. When setting ecc private key only, do not include key header. - * @param dataLen Length of the data - * @param keyBitLen Crypto algorithm key bit length - * @param options Pointer to implementation specific options - * @param optionsLen Length of the options in bytes - * - * @return - */ -sss_status_t sss_key_store_set_key(sss_key_store_t *keyStore, - sss_object_t *keyObject, - const uint8_t *data, - size_t dataLen, - size_t keyBitLen, - void *options, - size_t optionsLen); - -/** @brief This function generates key[] in the destination key store. */ -sss_status_t sss_key_store_generate_key( - sss_key_store_t *keyStore, sss_object_t *keyObject, size_t keyBitLen, void *options); - -/** @brief This function exports plain key[] from key store (if constraints and user id allows reading) */ -sss_status_t sss_key_store_get_key( - sss_key_store_t *keyStore, sss_object_t *keyObject, uint8_t *data, size_t *dataLen, size_t *pKeyBitLen); - -/** - * @brief Access key store using one more level of encryption - * - * e.g. Access keys / encryption key during storage - * - * @param keyStore The key store - * @param keyObject The key object that is to be used as a KEK (Key Encryption Key) - * - * @return The sss status. - */ -sss_status_t sss_key_store_open_key(sss_key_store_t *keyStore, sss_object_t *keyObject); - -/** - * @brief The referenced key cannot be updated any more. - * - * @param keyStore The key store - * @param keyObject The key object to be locked / frozen. - * - * @return The sss status. - */ -sss_status_t sss_key_store_freeze_key(sss_key_store_t *keyStore, sss_object_t *keyObject); - -/** - * @brief Delete / destroy allocated keyObect . - * - * @param keyStore The key store - * @param keyObject The key object to be deleted - * - * @return The sss status. - */ -sss_status_t sss_key_store_erase_key(sss_key_store_t *keyStore, sss_object_t *keyObject); - -// sss_status_t sss_key_store_clear_all(sss_key_store_t *keyStore); - -/** @brief Destructor for the key store context. */ -void sss_key_store_context_free(sss_key_store_t *keyStore); - -/** - *@} - */ /* end of sss_key_store */ - -/** - * @addtogroup sss_key_object - * @{ - */ - -/** @brief Constructor for a key object data structure - * The function initializes keyObject data structure and associates it with a key store - * in which the plain key and other attributes are stored. - * - * @param keyObject - * @param keyStore - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_key_object_init(sss_object_t *keyObject, sss_key_store_t *keyStore); - -/** - * @brief Allocate / pre-provision memory for new key - * - * This API allows underlying cryptographic subsystems to perform - * preconditions of before creating any cryptographic key object. - * - * @param[in,out] keyObject The object If required, update implementation - * defined values inside the keyObject - * @param keyId External Key ID. Later on this may be used by - * @ref sss_key_object_get_handle - * @param keyPart See @ref sss_key_part_t - * @param cipherType See @ref sss_cipher_type_t - * @param keyByteLenMax Maximum storage this type of key may need. For - * systems that have their own internal allocation - * table this would help - * @param options 0 = Persistant Key (Default) or Transient Key. - * See sss_key_object_mode_t - * - * @return Status of object allocation. - */ -sss_status_t sss_key_object_allocate_handle(sss_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t options); /* Check if this can be made sss_key_object_mode_t */ - -/** - * @brief Get handle to an existing allocated/provisioned/created Object - * - * See @ref sss_key_object_allocate_handle. - * - * After calling this API, Ideally keyObject should become equivlant - * to as set after the calling of @ref - * sss_key_object_allocate_handle api. - * - * @param keyObject The key object - * @param[in] keyId The key identifier - * - * @return The sss status. - */ -sss_status_t sss_key_object_get_handle(sss_object_t *keyObject, uint32_t keyId); - -/** @brief Assign user to a key object. - * - * @param keyObject the object where permission restrictions are applied - * - * @param user Assign User id for a key object. The user is kept in the key - * store along with the key data and other properties. - * @param options Transient or persistent update. Allows for transient update - * of persistent attributes. - */ -sss_status_t sss_key_object_set_user(sss_object_t *keyObject, uint32_t user, uint32_t options); - -/** @brief Assign purpose to a key object. - * - * @param keyObject the object where permission restrictions are applied - * @param purpose Usage of the key. - * @param options Transient or persistent update. Allows for transient update of persistent attributes. - */ -sss_status_t sss_key_object_set_purpose(sss_object_t *keyObject, sss_mode_t purpose, uint32_t options); - -/** @brief Assign access permissions to a key object. - * - * @param keyObject the object where permission restrictions are applied - * @param access Logical OR of read, write, delete, use, change attributes defined by enum _sss_access_permission. - * @param options Transient or persistent update. Allows for transient update of persistent attributes. - */ -sss_status_t sss_key_object_set_access(sss_object_t *keyObject, uint32_t access, uint32_t options); - -/** @brief Set elliptic curve domain parameters over Fp for a key object - * - * When the key object is a reference to one of ECC Private, ECC Public or ECC Pair key types, - * this function shall be used to specify the exact domain parameters prior to using the key object - * for ECDSA or ECDH algorithms. - * - * @param keyObject The destination key object - * @param group Pointer to elliptic curve domain parameters over Fp (sextuple p,a,b,G,n,h) - */ -sss_status_t sss_key_object_set_eccgfp_group(sss_object_t *keyObject, sss_eccgfp_group_t *group); - -/** @brief get attributes */ -sss_status_t sss_key_object_get_user(sss_object_t *keyObject, uint32_t *user); - -/** Check what is purpose restrictions on an object - * - * @param keyObject Object to be checked - * @param purpose Know what is permitted. - * @return - */ -sss_status_t sss_key_object_get_purpose(sss_object_t *keyObject, sss_mode_t *purpose); - -/** Check what are access restrictions on an object - * - * @param keyObject Object - * @param access What is permitted - * @return - */ -sss_status_t sss_key_object_get_access(sss_object_t *keyObject, uint32_t *access); - -/** @brief Destructor for the key object. - * The function frees key object context. - * - * @param keyObject Pointer to key object context. - */ -void sss_key_object_free(sss_object_t *keyObject); - -/** - *@} - */ /* end of sss_key_object */ - -/** - * @addtogroup sss_crypto_symmetric - * @{ - */ - -/** @brief Symmetric context init. - * The function initializes symmetric context with initial values. - * - * @param context Pointer to symmetric crypto context. - * @param session Associate SSS session with symmetric context. - * @param keyObject Associate SSS key object with symmetric context. - * @param algorithm One of the symmetric algorithms defined by @ref sss_algorithm_t. - * @param mode One of the modes defined by @ref sss_mode_t. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_symmetric_context_init(sss_symmetric_t *context, - sss_session_t *session, - sss_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @brief Symmetric cipher in one blocking function call. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to symmetric crypto context. - * @param iv Buffer containing the symmetric operation Initialization Vector. - * @param ivLen Length of the Initialization Vector in bytes. - * @param srcData Buffer containing the input data (block aligned). - * @param destData Buffer containing the output data. - * @param dataLen Size of input and output data buffer in bytes. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_cipher_one_go( - sss_symmetric_t *context, uint8_t *iv, size_t ivLen, const uint8_t *srcData, uint8_t *destData, size_t dataLen); - -/** @brief Symmetric cipher init. - * The function starts the symmetric cipher operation. - * - * @param context Pointer to symmetric crypto context. - * @param iv Buffer containing the symmetric operation Initialization Vector. - * @param ivLen Length of the Initialization Vector in bytes. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_cipher_init(sss_symmetric_t *context, uint8_t *iv, size_t ivLen); - -/** @brief Symmetric cipher update. - * Input data does not have to be a multiple of block size. Subsequent calls to this function are possible. - * Unless one or more calls of this function have supplied sufficient input data, no output is generated. - * The cipher operation is finalized with a call to @ref sss_cipher_finish(). - * - * @param context Pointer to symmetric crypto context. - * @param srcData Buffer containing the input data. - * @param srcLen Length of the input data in bytes. - * @param destData Buffer containing the output data. - * @param[in,out] destLen Length of the output data in bytes. Buffer length on entry, reflects actual output size on - * return. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_cipher_update( - sss_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @brief Symmetric cipher finalize. - * - * @param context Pointer to symmetric crypto context. - * @param srcData Buffer containing final chunk of input data. - * @param srcLen Length of final chunk of input data in bytes. - * @param destData Buffer containing output data. - * @param[in,out] destLen Length of output data in bytes. Buffer length on entry, reflects actual output size on - * return. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_cipher_finish( - sss_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @brief Symmetric AES in Counter mode in one blocking function call. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to symmetric crypto context. - * @param srcData Buffer containing the input data. - * @param destData Buffer containing the output data. - * @param size Size of source and destination data buffers in bytes. - * @param[in,out] initialCounter Input counter (updates on return) - * @param[out] lastEncryptedCounter Output cipher of last counter, for chained CTR calls. NULL can be passed if - * chained calls are not used. - * @param[out] szLeft Output number of bytes in left unused in lastEncryptedCounter block. NULL can be passed if - * chained calls are not used. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_cipher_crypt_ctr(sss_symmetric_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *initialCounter, - uint8_t *lastEncryptedCounter, - size_t *szLeft); - -/** @brief Symmetric context release. - * The function frees symmetric context. - * - * @param context Pointer to symmetric crypto context. - */ -void sss_symmetric_context_free(sss_symmetric_t *context); -/** - *@} - */ /* end of sss_crypto_symmetric */ - -/** - * @addtogroup sss_crypto_aead - * @{ - */ - -/** @brief AEAD context init. - * The function initializes aead context with initial values. - * - * @param context Pointer to aead crypto context. - * @param session Associate SSS session with aead context. - * @param keyObject Associate SSS key object with aead context. - * @param algorithm One of the aead algorithms defined by @ref sss_algorithm_t. - * @param mode One of the modes defined by @ref sss_mode_t. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_aead_context_init( - sss_aead_t *context, sss_session_t *session, sss_object_t *keyObject, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @brief AEAD in one blocking function call. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to aead crypto context. - * @param srcData Buffer containing the input data. - * @param destData Buffer containing the output data. - * @param size Size of input and output data buffer in bytes. - * @param nonce The operation nonce or IV. - * @param nonceLen The length of nonce in bytes. For AES-GCM it must be >= 1. For AES-CCM it must be 7, 8, 9, 10, - * 11, 12, or 13. - * @param aad Input additional authentication data AAD - * @param aadLen Input size in bytes of AAD - * @param tag Encryption: Output buffer filled with computed tag - * Decryption: Input buffer filled with received tag - * @param tagLen Length of the tag in bytes. - * For AES-GCM it must be 4,8,12,13,14,15 or 16. - * For AES-CCM it must be 4,6,8,10,12,14 or 16. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_aead_one_go(sss_aead_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *nonce, - size_t nonceLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *tag, - size_t *tagLen); - -/** @brief AEAD init. - * The function starts the aead operation. - * - * @param context Pointer to aead crypto context. - * @param nonce The operation nonce or IV. - * @param nonceLen The length of nonce in bytes. For AES-GCM it must be >= 1. For AES-CCM it must be 7, 8, 9, 10, - * 11, 12, or 13. - * @param tagLen Length of the computed or received tag in bytes. - * For AES-GCM it must be 4,8,12,13,14,15 or 16. - * For AES-CCM it must be 4,6,8,10,12,14 or 16. - * @param aadLen Input size in bytes of AAD. Used only for AES-CCM. Ignored for AES-GCM. - * @param payloadLen Length in bytes of the payload. Used only for AES-CCM. Ignored for AES-GCM. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_aead_init( - sss_aead_t *context, uint8_t *nonce, size_t nonceLen, size_t tagLen, size_t aadLen, size_t payloadLen); - -/** @brief Feeds a new chunk of the AAD. - * Subsequent calls of this function are possible. - * - * @param context Pointer to aead crypto context - * @param aadData Input buffer containing the chunk of AAD - * @param aadDataLen Length of the AAD data in bytes. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_aead_update_aad(sss_aead_t *context, const uint8_t *aadData, size_t aadDataLen); - -/** @brief AEAD data update. - * Feeds a new chunk of the data payload. - * Input data does not have to be a multiple of block size. Subsequent calls to this function are possible. - * Unless one or more calls of this function have supplied sufficient input data, no output is generated. - * The integration check is done by @ref sss_aead_finish(). Until then it is not sure if the decrypt data is - * authentic. - * - * @param context Pointer to aead crypto context. - * @param srcData Buffer containing the input data. - * @param srcLen Length of the input data in bytes. - * @param destData Buffer containing the output data. - * @param[in,out] destLen Length of the output data in bytes. Buffer length on entry, reflects actual output size on - * return. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_aead_update( - sss_aead_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @brief Finalize AEAD. - * The functions processes data that has not been processed by previous calls to sss_aead_update() as well as - * srcData. It finalizes the AEAD operations and computes the tag (encryption) or compares the computed tag with the - * tag supplied in the parameter (decryption). - * - * @param context Pointer to aead crypto context. - * @param srcData Buffer containing final chunk of input data. - * @param srcLen Length of final chunk of input data in bytes. - * @param destData Buffer containing output data. - * @param[in,out] destLen Length of output data in bytes. Buffer length on entry, reflects actual output size on - * return. - * @param tag Encryption: Output buffer filled with computed tag - * Decryption: Input buffer filled with received tag - * @param tagLen Length of the computed or received tag in bytes. - * For AES-GCM it must be 4,8,12,13,14,15 or 16. - * For AES-CCM it must be 4,6,8,10,12,14 or 16. - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_aead_finish(sss_aead_t *context, - const uint8_t *srcData, - size_t srcLen, - uint8_t *destData, - size_t *destLen, - uint8_t *tag, - size_t *tagLen); - -/** @brief AEAD context release. - * The function frees aead context. - * - * @param context Pointer to aead context. - */ -void sss_aead_context_free(sss_aead_t *context); -/** - *@} - */ /* end of sss_crypto_aead */ - -/** - * @addtogroup sss_crypto_digest - * @{ - */ - -/** @brief Digest context init. - * The function initializes digest context with initial values. - * - * @param context Pointer to digest context. - * @param session Associate SSS session with digest context. - * @param algorithm One of the digest algorithms defined by @ref sss_algorithm_t. - * @param mode One of the modes defined by @ref sss_mode_t. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_digest_context_init( - sss_digest_t *context, sss_session_t *session, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @brief Message digest in one blocking function call. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to digest context. - * @param message Input message - * @param messageLen Length of the input message in bytes - * @param digest Output message digest - * @param digestLen Message digest byte length - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_digest_one_go( - sss_digest_t *context, const uint8_t *message, size_t messageLen, uint8_t *digest, size_t *digestLen); - -/** @brief Init digest for a message. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to digest context. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_digest_init(sss_digest_t *context); - -/** @brief Update digest for a message. - * - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to digest context. - * @param message Buffer with a message chunk. - * @param messageLen Length of the input buffer in bytes. - * @returns Status of the operation - * - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_digest_update(sss_digest_t *context, const uint8_t *message, size_t messageLen); - -/** @brief Finish digest for a message. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to digest context. - * @param digest Output message digest - * @param digestLen Message digest byte length - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_digest_finish(sss_digest_t *context, uint8_t *digest, size_t *digestLen); - -/** @brief Digest context release. - * The function frees digest context. - * - * @param context Pointer to digest context. - */ -void sss_digest_context_free(sss_digest_t *context); - -/** - *@} - */ /* end of sss_crypto_digest */ - -/** - * @addtogroup sss_crypto_mac - * @{ - */ - -/** @brief MAC context init. - * The function initializes mac context with initial values. - * - * @param context Pointer to mac context. - * @param session Associate SSS session with mac context. - * @param keyObject Associate SSS key object with mac context. - * @param algorithm One of the mac algorithms defined by @ref sss_algorithm_t. - * @param mode One of the modes defined by @ref sss_mode_t. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_mac_context_init( - sss_mac_t *context, sss_session_t *session, sss_object_t *keyObject, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @brief Message MAC in one blocking function call. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to mac context. - * @param message Input message - * @param messageLen Length of the input message in bytes - * @param mac Output message MAC - * @param macLen Computed MAC byte length - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_mac_one_go( - sss_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @brief Init mac for a message. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to mac context. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_mac_init(sss_mac_t *context); - -/** @brief Update mac for a message. - * - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to mac context. - * @param message Buffer with a message chunk. - * @param messageLen Length of the input buffer in bytes. - * @returns Status of the operation - * - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_mac_update(sss_mac_t *context, const uint8_t *message, size_t messageLen); - -/** @brief Finish mac for a message. - * The function blocks current thread until the operation completes or an error occurs. - * - * @param context Pointer to mac context. - * @param mac Output message MAC - * @param macLen Computed MAC byte length - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - */ -sss_status_t sss_mac_finish(sss_mac_t *context, uint8_t *mac, size_t *macLen); - -/** @brief MAC context release. - * The function frees mac context. - * - * @param context Pointer to mac context. - */ -void sss_mac_context_free(sss_mac_t *context); -/** - *@} - */ /* end of sss_crypto_mac */ - -/** - * @addtogroup sss_crypto_asymmetric - * @{ - */ - -/** @brief Asymmetric context init. - * The function initializes asymmetric context with initial values. - * - * @param context Pointer to asymmetric crypto context. - * @param session Associate SSS session with asymmetric context. - * @param keyObject Associate SSS key object with asymmetric context. - * @param algorithm One of the asymmetric algorithms defined by @ref sss_algorithm_t. - * @param mode One of the modes defined by @ref sss_mode_t. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_asymmetric_context_init(sss_asymmetric_t *context, - sss_session_t *session, - sss_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @brief Asymmetric encryption - * The function uses asymmetric algorithm to encrypt data. Public key portion of a key pair is used for encryption. - * - * @param context Pointer to asymmetric context. - * @param srcData Input buffer - * @param srcLen Length of the input in bytes - * @param destData Output buffer - * @param destLen Length of the output in bytes - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_asymmetric_encrypt( - sss_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @brief Asymmetric decryption - * The function uses asymmetric algorithm to decrypt data. Private key portion of a key pair is used for - * decryption. - * - * @param context Pointer to asymmetric context. - * @param srcData Input buffer - * @param srcLen Length of the input in bytes - * @param destData Output buffer - * @param destLen Length of the output in bytes - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_asymmetric_decrypt( - sss_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @brief Asymmetric signature of a message digest - * The function signs a message digest. - * - * @param context Pointer to asymmetric context. - * @param digest Input buffer containing the input message digest - * @param digestLen Length of the digest in bytes - * @param signature Output buffer written with the signature of the digest - * @param signatureLen Length of the signature in bytes - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_asymmetric_sign_digest( - sss_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t *signatureLen); - -/** @brief Asymmetric verify of a message digest - * The function verifies a message digest. - * - * @param context Pointer to asymmetric context. - * @param digest Input buffer containing the input message digest - * @param digestLen Length of the digest in bytes - * @param signature Input buffer containing the signature to verify - * @param signatureLen Length of the signature in bytes - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_asymmetric_verify_digest( - sss_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t signatureLen); - -/** @brief Asymmetric context release. - * The function frees asymmetric context. - * - * @param context Pointer to asymmetric context. - */ -void sss_asymmetric_context_free(sss_asymmetric_t *context); -/** - *@} - */ /* end of sss_crypto_asymmetric */ - -/** - * @addtogroup sss_crypto_derive_key - * @{ - */ - -/** @brief Derive key context init. - * The function initializes derive key context with initial values. - * - * @param context Pointer to derive key context. - * @param session Associate SSS session with the derive key context. - * @param keyObject Associate SSS key object with the derive key context. - * @param algorithm One of the derive key algorithms defined by @ref sss_algorithm_t. - * @param mode One of the modes defined by @ref sss_mode_t. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_derive_key_context_init(sss_derive_key_t *context, - sss_session_t *session, - sss_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @brief Symmetric key derivation - * The function cryptographically derives a key from another key. - * For example MIFARE key derivation, PRF, HKDF-Extract. - * - * @deprecated Please use ::sss_derive_key_one_go instead - * - * @param context Pointer to derive key context. - * @param saltData Input data buffer, typically with some random data. - * @param saltLen Length of saltData buffer in bytes. - * @param info Input data buffer, typically with some fixed info. - * @param infoLen Length of info buffer in bytes. - * @param[in,out] derivedKeyObject Reference to a derived key - * @param deriveDataLen Requested length of output - * @param hkdfOutput Output buffer containing key derivation output - * @param hkdfOutputLen Output containing length of hkdfOutput - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_derive_key_go(sss_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_object_t *derivedKeyObject, - uint16_t deriveDataLen, - uint8_t *hkdfOutput, - size_t *hkdfOutputLen); - -/** @brief Symmetric key derivation (replaces the deprecated function ::sss_derive_key_go) - * The function cryptographically derives a key from another key. - * For example MIFARE key derivation, PRF, HKDF-Extract-Expand, HKDF-Expand. - * Refer to ::sss_derive_key_sobj_one_go in case the Salt is available as a key object. - * - * @param context Pointer to derive key context. - * @param saltData Input data buffer, typically with some random data. - * @param saltLen Length of saltData buffer in bytes. - * @param info Input data buffer, typically with some fixed info. - * @param infoLen Length of info buffer in bytes. - * @param[in,out] derivedKeyObject Reference to a derived key - * @param[in] deriveDataLen Expected length of derived key. - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_derive_key_one_go(sss_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** - * @brief Symmetric key derivation (salt in key object) - * Refer to ::sss_derive_key_one_go in case the salt is not available as a key object. - * - * @param context Pointer to derive key context - * @param saltKeyObject Reference to salt. The salt key object must reside in the same keystore as the derive key context. - * @param[in] info Input data buffer, typically with some fixed info. - * @param[in] infoLen Length of info buffer in bytes. - * @param derivedKeyObject Reference to a derived key - * @param[in] deriveDataLen The derive data length - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_derive_key_sobj_one_go(sss_derive_key_t *context, - sss_object_t *saltKeyObject, - const uint8_t *info, - size_t infoLen, - sss_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @brief Asymmetric key derivation Diffie-Helmann - * The function cryptographically derives a key from another key. - * For example Diffie-Helmann. - * - * @param context Pointer to derive key context. - * @param otherPartyKeyObject Public key of the other party in the Diffie-Helmann algorithm - * @param[in,out] derivedKeyObject Reference to a derived key - * - * @returns Status of the operation - * @retval #kStatus_SSS_Success The operation has completed successfully. - * @retval #kStatus_SSS_Fail The operation has failed. - * @retval #kStatus_SSS_InvalidArgument One of the arguments is invalid for the function to execute. - */ -sss_status_t sss_derive_key_dh( - sss_derive_key_t *context, sss_object_t *otherPartyKeyObject, sss_object_t *derivedKeyObject); - -/** @brief Derive key context release. - * The function frees derive key context. - * - * @param context Pointer to derive key context. - */ -void sss_derive_key_context_free(sss_derive_key_t *context); -/** - *@} - */ /* end of sss_crypto_derive_key */ - -/** - * @addtogroup sss_rng - * @{ - */ - -/** - * @brief Initialise random generator context between application and a security subsystem. - * - * - * @warning API Changed - * - * Earlier: - * sss_status_t sss_rng_context_init( - * sss_session_t *session, sss_rng_context_t *context); - * - * Now: Parameters are swapped - * sss_status_t sss_rng_context_init( - * sss_rng_context_t *context, sss_session_t *session); - * - * @param session Session context. - * @param context random generator context. - * @return status - */ -sss_status_t sss_rng_context_init(sss_rng_context_t *context, sss_session_t *session); - -/** - * @brief Generate random number. - * - * @param context random generator context. - * @param random_data buffer to hold random data. - * @param dataLen required random number length - * @return status - */ -sss_status_t sss_rng_get_random(sss_rng_context_t *context, uint8_t *random_data, size_t dataLen); - -/** - * @brief free random genertor context. - * - * @param context generator context. - * @return status - */ -sss_status_t sss_rng_context_free(sss_rng_context_t *context); - -/** - *@} - */ /* end of sss_rng */ - -/** - * @addtogroup sss_crypto_tunnel - * @{ - */ - -/** @brief Constructor for the tunnelling service context. - * - * Earlier: - * sss_status_t sss_tunnel_context_init( - * sss_session_t *session, sss_tunnel_t *context); - * - * Now: Parameters are swapped - * sss_status_t sss_tunnel_context_init( - * sss_tunnel_t *context, sss_session_t *session); - * - * @param[out] context Pointer to tunnel context. Tunnel context is updated on function return. - * @param session Pointer to session this tunnelling service belongs to. - */ -sss_status_t sss_tunnel_context_init(sss_tunnel_t *context, sss_session_t *session); - -/** @brief Tunnelling service. - * - * @param[in,out] context Pointer to tunnel context. - * @param data Pointer to data to be send to subsystem. - * @param dataLen Length of the data in bytes. - * @param keyObjects Objects references used by the service. - * @param keyObjectCount Number of key references at ``keyObjects``. - * @param tunnelType Implementation specific id of the service. - */ -sss_status_t sss_tunnel(sss_tunnel_t *context, - uint8_t *data, - size_t dataLen, - sss_object_t *keyObjects, - uint32_t keyObjectCount, - uint32_t tunnelType); - -/** @brief Destructor for the tunnelling service context. - * - * @param[out] context Pointer to tunnel context. */ -void sss_tunnel_context_free(sss_tunnel_t *context); - -/** - *@} - */ /* end of sss_crypto_channel */ - -/** - * @addtogroup sss_str_log - * @{ - */ - -/** - * @brief Returns string error code for @ref sss_status_t - * - * @param[in] status See @ref sss_status_t - * - * @return String conversion of ``status`` to String. - */ - -const char *sss_status_sz(sss_status_t status); - -/** -* @brief Returns string error code for @ref sss_cipher_type_t -* -* @param[in] status See @ref sss_cipher_type_t -* -* @return String conversion of ``cipher_type`` to String. -*/ - -const char *sss_cipher_type_sz(sss_cipher_type_t cipher_type); - -/** - *@} - */ /* end of sss_str_log */ - -#if defined(__cplusplus) -} -#endif - -#endif /* _FSL_SSS_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api_ver.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api_ver.h deleted file mode 100644 index cdc223d1c..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_api_ver.h +++ /dev/null @@ -1,64 +0,0 @@ -/* Copyright 2019-2021 NXP - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -#ifndef SSS_APIS_VERSION_INFO_H_INCLUDED -#define SSS_APIS_VERSION_INFO_H_INCLUDED - - -/* clang-format off */ -#define SSS_APIS_PROD_NAME "SSS_APIs" -#define SSS_APIS_VER_STRING_NUM "v03.06.00_20210528" -#define SSS_APIS_PROD_NAME_VER_FULL "SSS_APIs_v03.06.00_20210528" -#define SSS_APIS_VER_MAJOR (3u) -#define SSS_APIS_VER_MINOR (6u) -#define SSS_APIS_VER_DEV (0u) - -/* v03.06 = 30006u */ -#define SSS_APIS_VER_MAJOR_MINOR ( 0 \ - | (SSS_APIS_VER_MAJOR * 10000u) \ - | (SSS_APIS_VER_MINOR)) - -/* v03.06.00 = 300060000ULL */ -#define SSS_APIS_VER_MAJOR_MINOR_DEV ( 0 \ - | (SSS_APIS_VER_MAJOR * 10000*10000u) \ - | (SSS_APIS_VER_MINOR * 10000u) \ - | (SSS_APIS_VER_DEV)) - -/* clang-format on */ - - -/* Version Information: - * Generated by: - * scripts\version_info.py (v2019.01.17_00) - * - * Do not edit this file. Update: - * sss/version_info.txt instead. - * - * prod_name = "SSS_APIs" - * - * prod_desc = "SSS APIs" - * - * lang_c_prefix = prod_name.upper() - * - * lang_namespace = "" - * - * v_major = "03" - * - * v_minor = "06" - * - * v_dev = "00" - * - * v_meta = "" - * - * maturity = "B" - * - * # - * # 03.00.00 : Changed Enums - * # - */ - -#endif /* SSS_APIS_VERSION_INFO_H_INCLUDED */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_config.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_config.h deleted file mode 100644 index 6d2b9c363..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_config.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef _FSL_SSS_CONFIG_H_ -#define _FSL_SSS_CONFIG_H_ - -/* clang-format off */ -#define SSS_SESSION_MAX_CONTEXT_SIZE ( 0 \ - + (1 * sizeof(void *)) \ - + (1 * sizeof(void *)) \ - + (8 * sizeof(void *)) \ - + 16) -#define SSS_KEY_STORE_MAX_CONTEXT_SIZE ( 0 \ - + (1 * sizeof(void *)) \ - + (4 * sizeof(void *)) \ - + 16) -#define SSS_KEY_OBJECT_MAX_CONTEXT_SIZE ( 0 \ - + (1 * sizeof(void *)) \ - + (2 * sizeof(int)) \ - + (4 * sizeof(void *)) \ - + 16) -#define SSS_SYMMETRIC_MAX_CONTEXT_SIZE ( 0 \ - + (2 * sizeof(void *)) \ - + (2 * sizeof(int)) \ - + (2 * sizeof(void *)) \ - + 16 /* Buffer in case of unaligned block cipher operations */ \ - + 4 /* Buffer length in case of unaligned block cipher operations */ \ - + 16) -#define SSS_AEAD_MAX_CONTEXT_SIZE ( 0 \ - + (5 * sizeof(void *)) \ - + (6 * sizeof(int)) \ - + (5 * sizeof(void *)) \ - + 16) -#define SSS_DIGEST_MAX_CONTEXT_SIZE ( 0 \ - + (1 * sizeof(void *)) \ - + (3 * sizeof(int)) \ - + (2 * sizeof(void *)) \ - + 16) -#define SSS_MAC_MAX_CONTEXT_SIZE ( 0 \ - + (2 * sizeof(void *)) \ - + (2 * sizeof(int)) \ - + (2 * sizeof(void *)) \ - + 32) -#define SSS_ASYMMETRIC_MAX_CONTEXT_SIZE ( 0 \ - + (2 * sizeof(void *)) \ - + (3 * sizeof(int)) \ - + (2 * sizeof(void *)) \ - + 16) -#define SSS_TUNNEL_MAX_CONTEXT_SIZE ( 0 \ - + (1 * sizeof(void *)) \ - + (2 * sizeof(int)) \ - + (2 * sizeof(void *)) \ - + 16) -#define SSS_CHANNEL_MAX_CONTEXT_SIZE ( 0 \ - + (2 * sizeof(void *)) \ - + 16) -#define SSS_DERIVE_KEY_MAX_CONTEXT_SIZE ( 0 \ - + (2 * sizeof(void *)) \ - + (2 * sizeof(int)) \ - + (2 * sizeof(void *)) \ - + 16) -#define SSS_RNG_MAX_CONTEXT_SIZE ( 0 \ - + (1 * sizeof(void *)) \ - + (2 * sizeof(void *)) \ - + 16) - -#define SSS_CONNECT_MAX_CONTEXT_SIZE ( 0 \ - + (4 * sizeof(void *)) \ - + 8 \ - ) - -#define SSS_AUTH_MAX_CONTEXT_SIZE ( 0 \ - + (3 * sizeof(void *)) \ - + 8 \ - ) - -#define SSS_POLICY_COUNT_MAX (10) - -/* clang-format on */ - -#endif /* _FSL_SSS_CONFIG_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_ftr_default.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_ftr_default.h deleted file mode 100644 index 0113d794b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_ftr_default.h +++ /dev/null @@ -1,673 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_APIS_INC_FSL_SSS_FTR_H_ -#define SSS_APIS_INC_FSL_SSS_FTR_H_ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -/* clang-format off */ - - -/* # CMake Features : Start */ - - -/** Applet : The Secure Element Applet - * - * You can compile host library for different Applets listed below. - * Please note, some of these Applets may be for NXP Internal use only. - */ - -/** Compiling without any Applet Support */ -#define SSS_HAVE_APPLET_NONE 0 - -/** A71CH (ECC) */ -#define SSS_HAVE_APPLET_A71CH 0 - -/** A71CL (RSA) */ -#define SSS_HAVE_APPLET_A71CL 0 - -/** Similar to A71CH */ -#define SSS_HAVE_APPLET_A71CH_SIM 0 - -/** SE050 Type A (ECC) */ -#define SSS_HAVE_APPLET_SE05X_A 0 - -/** SE050 Type B (RSA) */ -#define SSS_HAVE_APPLET_SE05X_B 0 - -/** SE050 (Super set of A + B) */ -#define SSS_HAVE_APPLET_SE05X_C 1 - -/** SE050 (Similar to A71CL) */ -#define SSS_HAVE_APPLET_SE05X_L 0 - -/** NXP Internal testing Applet */ -#define SSS_HAVE_APPLET_LOOPBACK 0 - -#if (( 0 \ - + SSS_HAVE_APPLET_NONE \ - + SSS_HAVE_APPLET_A71CH \ - + SSS_HAVE_APPLET_A71CL \ - + SSS_HAVE_APPLET_A71CH_SIM \ - + SSS_HAVE_APPLET_SE05X_A \ - + SSS_HAVE_APPLET_SE05X_B \ - + SSS_HAVE_APPLET_SE05X_C \ - + SSS_HAVE_APPLET_SE05X_L \ - + SSS_HAVE_APPLET_LOOPBACK \ - ) > 1) -# error "Enable only one of 'Applet'" -#endif - - -#if (( 0 \ - + SSS_HAVE_APPLET_NONE \ - + SSS_HAVE_APPLET_A71CH \ - + SSS_HAVE_APPLET_A71CL \ - + SSS_HAVE_APPLET_A71CH_SIM \ - + SSS_HAVE_APPLET_SE05X_A \ - + SSS_HAVE_APPLET_SE05X_B \ - + SSS_HAVE_APPLET_SE05X_C \ - + SSS_HAVE_APPLET_SE05X_L \ - + SSS_HAVE_APPLET_LOOPBACK \ - ) == 0) -# error "Enable at-least one of 'Applet'" -#endif - - - -/** SE05X_Ver : SE05X Applet version. - * - * Selection of Applet version 03_XX enables SE050 features. - * Selection of Applet version 06_00 enables SE051 features. - * - */ - -/** SE050 */ -#define SSS_HAVE_SE05X_VER_03_XX 1 - -/** SE051 */ -#define SSS_HAVE_SE05X_VER_06_00 0 - -#if (( 0 \ - + SSS_HAVE_SE05X_VER_03_XX \ - + SSS_HAVE_SE05X_VER_06_00 \ - ) > 1) -# error "Enable only one of 'SE05X_Ver'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SE05X_VER_03_XX \ - + SSS_HAVE_SE05X_VER_06_00 \ - ) == 0) -# error "Enable at-least one of 'SE05X_Ver'" -#endif - - - -/** HostCrypto : Counterpart Crypto on Host - * - * What is being used as a cryptographic library on the host. - * As of now only OpenSSL / mbedTLS is supported - */ - -/** Use mbedTLS as host crypto */ -#define SSS_HAVE_HOSTCRYPTO_MBEDTLS 1 - -/** Use mbed-crypto as host crypto - * Required for ARM-PSA / TF-M */ -#define SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO 0 - -/** Use OpenSSL as host crypto */ -#define SSS_HAVE_HOSTCRYPTO_OPENSSL 0 - -/** User Implementation of Host Crypto - * e.g. Files at ``sss/src/user/crypto`` have low level AES/CMAC primitives. - * The files at ``sss/src/user`` use those primitives. - * This becomes an example for users with their own AES Implementation - * This then becomes integration without mbedTLS/OpenSSL for SCP03 / AESKey. - * - * .. note:: ECKey abstraction is not implemented/available yet. */ -#define SSS_HAVE_HOSTCRYPTO_USER 0 - -/** NO Host Crypto - * Note, this is unsecure and only provided for experimentation - * on platforms that do not have an mbedTLS PORT - * Many :ref:`sssftr-control` have to be disabled to have a valid build. */ -#define SSS_HAVE_HOSTCRYPTO_NONE 0 - -#if (( 0 \ - + SSS_HAVE_HOSTCRYPTO_MBEDTLS \ - + SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO \ - + SSS_HAVE_HOSTCRYPTO_OPENSSL \ - + SSS_HAVE_HOSTCRYPTO_USER \ - + SSS_HAVE_HOSTCRYPTO_NONE \ - ) > 1) -# error "Enable only one of 'HostCrypto'" -#endif - - -#if (( 0 \ - + SSS_HAVE_HOSTCRYPTO_MBEDTLS \ - + SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO \ - + SSS_HAVE_HOSTCRYPTO_OPENSSL \ - + SSS_HAVE_HOSTCRYPTO_USER \ - + SSS_HAVE_HOSTCRYPTO_NONE \ - ) == 0) -# error "Enable at-least one of 'HostCrypto'" -#endif - - - -/** mbedTLS_ALT : ALT Engine implementation for mbedTLS - * - * When set to None, mbedTLS would not use ALT Implementation to connect to / use Secure Element. - * This needs to be set to SSS for Cloud Demos over SSS APIs - */ - -/** Use SSS Layer ALT implementation */ -#define SSS_HAVE_MBEDTLS_ALT_SSS 1 - -/** Legacy implementation */ -#define SSS_HAVE_MBEDTLS_ALT_A71CH 0 - -/** Not using any mbedTLS_ALT - * - * When this is selected, cloud demos can not work with mbedTLS */ -#define SSS_HAVE_MBEDTLS_ALT_NONE 0 - -#if (( 0 \ - + SSS_HAVE_MBEDTLS_ALT_SSS \ - + SSS_HAVE_MBEDTLS_ALT_A71CH \ - + SSS_HAVE_MBEDTLS_ALT_NONE \ - ) > 1) -# error "Enable only one of 'mbedTLS_ALT'" -#endif - - -#if (( 0 \ - + SSS_HAVE_MBEDTLS_ALT_SSS \ - + SSS_HAVE_MBEDTLS_ALT_A71CH \ - + SSS_HAVE_MBEDTLS_ALT_NONE \ - ) == 0) -# error "Enable at-least one of 'mbedTLS_ALT'" -#endif - - - -/** SCP : Secure Channel Protocol - * - * In case we enable secure channel to Secure Element, which interface to be used. - */ - -/** */ -#define SSS_HAVE_SCP_NONE 0 - -/** Use SSS Layer for SCP. Used for SE050 family. */ -#define SSS_HAVE_SCP_SCP03_SSS 1 - -/** Use Host Crypto Layer for SCP03. Legacy implementation. Used for older demos of A71CH Family. */ -#define SSS_HAVE_SCP_SCP03_HOSTCRYPTO 0 - -#if (( 0 \ - + SSS_HAVE_SCP_NONE \ - + SSS_HAVE_SCP_SCP03_SSS \ - + SSS_HAVE_SCP_SCP03_HOSTCRYPTO \ - ) > 1) -# error "Enable only one of 'SCP'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SCP_NONE \ - + SSS_HAVE_SCP_SCP03_SSS \ - + SSS_HAVE_SCP_SCP03_HOSTCRYPTO \ - ) == 0) -# error "Enable at-least one of 'SCP'" -#endif - - - -/** FIPS : Enable or disable FIPS - * - * This selection mostly impacts tests, and generally not the actual Middleware - */ - -/** NO FIPS */ -#define SSS_HAVE_FIPS_NONE 1 - -/** SE050 IC FIPS */ -#define SSS_HAVE_FIPS_SE050 0 - -/** FIPS 140-2 */ -#define SSS_HAVE_FIPS_140_2 0 - -/** FIPS 140-3 */ -#define SSS_HAVE_FIPS_140_3 0 - -#if (( 0 \ - + SSS_HAVE_FIPS_NONE \ - + SSS_HAVE_FIPS_SE050 \ - + SSS_HAVE_FIPS_140_2 \ - + SSS_HAVE_FIPS_140_3 \ - ) > 1) -# error "Enable only one of 'FIPS'" -#endif - - -#if (( 0 \ - + SSS_HAVE_FIPS_NONE \ - + SSS_HAVE_FIPS_SE050 \ - + SSS_HAVE_FIPS_140_2 \ - + SSS_HAVE_FIPS_140_3 \ - ) == 0) -# error "Enable at-least one of 'FIPS'" -#endif - - - -/** SBL : Enable/Disable SBL Bootable support - * - * This option is to enable/disable boot from SBL by switching linker address - */ - -/** Not SBL bootable */ -#define SSS_HAVE_SBL_NONE 1 - -/** SE050 based LPC55S SBL bootable */ -#define SSS_HAVE_SBL_SBL_LPC55S 0 - -#if (( 0 \ - + SSS_HAVE_SBL_NONE \ - + SSS_HAVE_SBL_SBL_LPC55S \ - ) > 1) -# error "Enable only one of 'SBL'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SBL_NONE \ - + SSS_HAVE_SBL_SBL_LPC55S \ - ) == 0) -# error "Enable at-least one of 'SBL'" -#endif - - - -/** SE05X_Auth : SE050 Authentication - * - * This settings is used by examples to connect using various options - * to authenticate with the Applet. - * The SE05X_Auth options can be changed for KSDK Demos and Examples. - * To change SE05X_Auth option follow below steps. - * Set flag ``SSS_HAVE_SCP_SCP03_SSS`` to 1 and Reset flag ``SSS_HAVE_SCP_NONE`` to 0. - * To change SE05X_Auth option other than ``None`` and ``PlatfSCP03``, - * execute se05x_Delete_and_test_provision.exe in order to provision the Authentication Key. - * To change SE05X_Auth option to ``ECKey`` or ``ECKey_PlatfSCP03``, - * Set additional flag ``SSS_HAVE_HOSTCRYPTO_ANY`` to 1. - */ - -/** Use the default session (i.e. session less) login */ -#define SSS_HAVE_SE05X_AUTH_NONE 1 - -/** Do User Authentication with UserID */ -#define SSS_HAVE_SE05X_AUTH_USERID 0 - -/** Use Platform SCP for connection to SE */ -#define SSS_HAVE_SE05X_AUTH_PLATFSCP03 0 - -/** Do User Authentication with AES Key - * Earlier this was called AppletSCP03 */ -#define SSS_HAVE_SE05X_AUTH_AESKEY 0 - -/** Do User Authentication with EC Key - * Earlier this was called FastSCP */ -#define SSS_HAVE_SE05X_AUTH_ECKEY 0 - -/** UserID and PlatfSCP03 */ -#define SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03 0 - -/** AESKey and PlatfSCP03 */ -#define SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03 0 - -/** ECKey and PlatfSCP03 */ -#define SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03 0 - -#if (( 0 \ - + SSS_HAVE_SE05X_AUTH_NONE \ - + SSS_HAVE_SE05X_AUTH_USERID \ - + SSS_HAVE_SE05X_AUTH_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY \ - + SSS_HAVE_SE05X_AUTH_ECKEY \ - + SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03 \ - ) > 1) -# error "Enable only one of 'SE05X_Auth'" -#endif - - -#if (( 0 \ - + SSS_HAVE_SE05X_AUTH_NONE \ - + SSS_HAVE_SE05X_AUTH_USERID \ - + SSS_HAVE_SE05X_AUTH_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY \ - + SSS_HAVE_SE05X_AUTH_ECKEY \ - + SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03 \ - + SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03 \ - ) == 0) -# error "Enable at-least one of 'SE05X_Auth'" -#endif - - - -/** A71CH_AUTH : A71CH Authentication - * - * This settings is used by SSS-API based examples to connect using either plain or authenticated to the A71CH. - */ - -/** Plain communication, not authenticated or encrypted */ -#define SSS_HAVE_A71CH_AUTH_NONE 1 - -/** SCP03 enabled */ -#define SSS_HAVE_A71CH_AUTH_SCP03 0 - -#if (( 0 \ - + SSS_HAVE_A71CH_AUTH_NONE \ - + SSS_HAVE_A71CH_AUTH_SCP03 \ - ) > 1) -# error "Enable only one of 'A71CH_AUTH'" -#endif - - -#if (( 0 \ - + SSS_HAVE_A71CH_AUTH_NONE \ - + SSS_HAVE_A71CH_AUTH_SCP03 \ - ) == 0) -# error "Enable at-least one of 'A71CH_AUTH'" -#endif - - -/* ====================================================================== * - * == Feature selection/values ========================================== * - * ====================================================================== */ - - -/** SE05X Secure Element : Symmetric AES */ -#define SSSFTR_SE05X_AES 1 - -/** SE05X Secure Element : Elliptic Curve Cryptography */ -#define SSSFTR_SE05X_ECC 1 - -/** SE05X Secure Element : RSA */ -#define SSSFTR_SE05X_RSA 1 - -/** SE05X Secure Element : KEY operations : SET Key */ -#define SSSFTR_SE05X_KEY_SET 1 - -/** SE05X Secure Element : KEY operations : GET Key */ -#define SSSFTR_SE05X_KEY_GET 1 - -/** SE05X Secure Element : Authenticate via ECKey */ -#define SSSFTR_SE05X_AuthECKey 1 - -/** SE05X Secure Element : Allow creation of user/authenticated session. - * - * If the intended deployment only uses Platform SCP - * Or it is a pure session less integration, this can - * save some code size. */ -#define SSSFTR_SE05X_AuthSession 1 - -/** SE05X Secure Element : Allow creation/deletion of Crypto Objects - * - * If disabled, new Crytpo Objects are neither created and - * old/existing Crypto Objects are not deleted. - * It is assumed that during provisioning phase, the required - * Crypto Objects are pre-created or they are never going to - * be needed. */ -#define SSSFTR_SE05X_CREATE_DELETE_CRYPTOOBJ 1 - -/** Software : Symmetric AES */ -#define SSSFTR_SW_AES 1 - -/** Software : Elliptic Curve Cryptography */ -#define SSSFTR_SW_ECC 1 - -/** Software : RSA */ -#define SSSFTR_SW_RSA 1 - -/** Software : KEY operations : SET Key */ -#define SSSFTR_SW_KEY_SET 1 - -/** Software : KEY operations : GET Key */ -#define SSSFTR_SW_KEY_GET 1 - -/** Software : Used as a test counterpart - * - * e.g. Major part of the mebdTLS SSS layer is purely used for - * testing of Secure Element implementation, and can be avoided - * fully during many production scenarios. */ -#define SSSFTR_SW_TESTCOUNTERPART 1 - -/* ====================================================================== * - * == Computed Options ================================================== * - * ====================================================================== */ - -/** Symmetric AES */ -#define SSSFTR_AES (SSSFTR_SE05X_AES + SSSFTR_SW_AES) -/** Elliptic Curve Cryptography */ -#define SSSFTR_ECC (SSSFTR_SE05X_ECC + SSSFTR_SW_ECC) -/** RSA */ -#define SSSFTR_RSA (SSSFTR_SE05X_RSA + SSSFTR_SW_RSA) -/** KEY operations : SET Key */ -#define SSSFTR_KEY_SET (SSSFTR_SE05X_KEY_SET + SSSFTR_SW_KEY_SET) -/** KEY operations : GET Key */ -#define SSSFTR_KEY_GET (SSSFTR_SE05X_KEY_GET + SSSFTR_SW_KEY_GET) -/** KEY operations */ -#define SSSFTR_KEY (SSSFTR_KEY_SET + SSSFTR_KEY_GET) -/** KEY operations */ -#define SSSFTR_SE05X_KEY (SSSFTR_SE05X_KEY_SET + SSSFTR_SE05X_KEY_GET) -/** KEY operations */ -#define SSSFTR_SW_KEY (SSSFTR_SW_KEY_SET + SSSFTR_SW_KEY_GET) - - -#define SSS_HAVE_APPLET \ - (SSS_HAVE_APPLET_A71CH | SSS_HAVE_APPLET_A71CL | SSS_HAVE_APPLET_A71CH_SIM | SSS_HAVE_APPLET_SE05X_A | SSS_HAVE_APPLET_SE05X_B | SSS_HAVE_APPLET_SE05X_C | SSS_HAVE_APPLET_SE05X_L | SSS_HAVE_APPLET_LOOPBACK) - -#define SSS_HAVE_APPLET_SE05X_IOT \ - (SSS_HAVE_APPLET_SE05X_A | SSS_HAVE_APPLET_SE05X_B | SSS_HAVE_APPLET_SE05X_C) - -#define SSS_HAVE_MBEDTLS_ALT \ - (SSS_HAVE_MBEDTLS_ALT_SSS | SSS_HAVE_MBEDTLS_ALT_A71CH) - -#define SSS_HAVE_HOSTCRYPTO_ANY \ - (SSS_HAVE_HOSTCRYPTO_MBEDTLS | SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO | SSS_HAVE_HOSTCRYPTO_OPENSSL | SSS_HAVE_HOSTCRYPTO_USER) - -#define SSS_HAVE_FIPS \ - (SSS_HAVE_FIPS_SE050 | SSS_HAVE_FIPS_140_2 | SSS_HAVE_FIPS_140_3) - - -/* Version checks GTE - Greater Than Or Equal To */ -#if SSS_HAVE_APPLET_SE05X_IOT -# if SSS_HAVE_SE05X_VER_06_00 -# define SSS_HAVE_SE05X_VER_GTE_06_00 1 -# define SSS_HAVE_SE05X_VER_GTE_03_XX 1 -# endif /* SSS_HAVE_SE05X_VER_06_00 */ -# if SSS_HAVE_SE05X_VER_03_XX -# define SSS_HAVE_SE05X_VER_GTE_06_00 0 -# define SSS_HAVE_SE05X_VER_GTE_03_XX 1 -# endif /* SSS_HAVE_SE05X_VER_03_XX */ -#else //SSS_HAVE_APPLET_SE05X_IOT -# define SSS_HAVE_SE05X_VER_GTE_03_XX 0 -# define SSS_HAVE_SE05X_VER_GTE_06_00 0 -#endif // SSS_HAVE_APPLET_SE05X_IOT -/** Deprecated items. Used here for backwards compatibility. */ - -#define WithApplet_SE05X (SSS_HAVE_APPLET_SE05X_IOT) -#define WithApplet_SE050_A (SSS_HAVE_APPLET_SE05X_A) -#define WithApplet_SE050_B (SSS_HAVE_APPLET_SE05X_B) -#define WithApplet_SE050_C (SSS_HAVE_APPLET_SE05X_C) -#define SSS_HAVE_SE050_A (SSS_HAVE_APPLET_SE05X_A) -#define SSS_HAVE_SE050_B (SSS_HAVE_APPLET_SE05X_B) -#define SSS_HAVE_SE050_C (SSS_HAVE_APPLET_SE05X_C) -#define SSS_HAVE_SE05X (SSS_HAVE_APPLET_SE05X_IOT) -#define SSS_HAVE_SE (SSS_HAVE_APPLET) -#define SSS_HAVE_LOOPBACK (SSS_HAVE_APPLET_LOOPBACK) -#define SSS_HAVE_ALT (SSS_HAVE_MBEDTLS_ALT) -#define WithApplet_None (SSS_HAVE_APPLET_NONE) -#define SSS_HAVE_None (SSS_HAVE_APPLET_NONE) -#define WithApplet_A71CH (SSS_HAVE_APPLET_A71CH) -#define SSS_HAVE_A71CH (SSS_HAVE_APPLET_A71CH) -#define WithApplet_A71CL (SSS_HAVE_APPLET_A71CL) -#define SSS_HAVE_A71CL (SSS_HAVE_APPLET_A71CL) -#define WithApplet_A71CH_SIM (SSS_HAVE_APPLET_A71CH_SIM) -#define SSS_HAVE_A71CH_SIM (SSS_HAVE_APPLET_A71CH_SIM) -#define WithApplet_SE05X_A (SSS_HAVE_APPLET_SE05X_A) -#define SSS_HAVE_SE05X_A (SSS_HAVE_APPLET_SE05X_A) -#define WithApplet_SE05X_B (SSS_HAVE_APPLET_SE05X_B) -#define SSS_HAVE_SE05X_B (SSS_HAVE_APPLET_SE05X_B) -#define WithApplet_SE05X_C (SSS_HAVE_APPLET_SE05X_C) -#define SSS_HAVE_SE05X_C (SSS_HAVE_APPLET_SE05X_C) -#define WithApplet_SE05X_L (SSS_HAVE_APPLET_SE05X_L) -#define SSS_HAVE_SE05X_L (SSS_HAVE_APPLET_SE05X_L) -#define WithApplet_LoopBack (SSS_HAVE_APPLET_LOOPBACK) -#define SSS_HAVE_LoopBack (SSS_HAVE_APPLET_LOOPBACK) -#define SSS_HAVE_MBEDTLS (SSS_HAVE_HOSTCRYPTO_MBEDTLS) -#define SSS_HAVE_MBEDCRYPTO (SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO) -#define SSS_HAVE_OPENSSL (SSS_HAVE_HOSTCRYPTO_OPENSSL) -#define SSS_HAVE_USER (SSS_HAVE_HOSTCRYPTO_USER) -#define SSS_HAVE_NONE (SSS_HAVE_HOSTCRYPTO_NONE) -#define SSS_HAVE_ALT_SSS (SSS_HAVE_MBEDTLS_ALT_SSS) -#define SSS_HAVE_ALT_A71CH (SSS_HAVE_MBEDTLS_ALT_A71CH) -#define SSS_HAVE_ALT_NONE (SSS_HAVE_MBEDTLS_ALT_NONE) -#define SSS_HAVE_SE05X_Auth_None (SSS_HAVE_SE05X_AUTH_NONE) -#define SSS_HAVE_SE05X_Auth_UserID (SSS_HAVE_SE05X_AUTH_USERID) -#define SSS_HAVE_SE05X_Auth_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_PLATFSCP03) -#define SSS_HAVE_SE05X_Auth_AESKey (SSS_HAVE_SE05X_AUTH_AESKEY) -#define SSS_HAVE_SE05X_Auth_ECKey (SSS_HAVE_SE05X_AUTH_ECKEY) -#define SSS_HAVE_SE05X_Auth_UserID_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_USERID_PLATFSCP03) -#define SSS_HAVE_SE05X_Auth_AESKey_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_AESKEY_PLATFSCP03) -#define SSS_HAVE_SE05X_Auth_ECKey_PlatfSCP03 (SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03) - -/* # CMake Features : END */ - -/* ========= Miscellaneous values : START =================== */ - -/* ECC Mode is available */ -#define SSS_HAVE_ECC 1 - -/* RSA is available */ -#define SSS_HAVE_RSA 1 - -/* TPM BARRETO_NAEHRIG Curve is enabled */ -#define SSS_HAVE_TPM_BN 1 - -/* Edwards Curve is enabled */ -#define SSS_HAVE_EC_ED 1 - -/* Montgomery Curve is enabled */ -#define SSS_HAVE_EC_MONT 1 - -/* MIFARE DESFire is enabled */ -#define SSS_HAVE_MIFARE_DESFIRE 1 - -/* PBKDF2 is enabled */ -#define SSS_HAVE_PBKDF2 1 - -/* TLS handshake support on SE is enabled */ -#define SSS_HAVE_TLS_HANDSHAKE 1 - -/* Import Export Key is enabled */ -#define SSS_HAVE_IMPORT 1 - -/* With NXP NFC Reader Library */ -#define SSS_HAVE_NXPNFCRDLIB 0 - -#define SSS_HAVE_A71XX \ - (SSS_HAVE_APPLET_A71CH | SSS_HAVE_APPLET_A71CH_SIM) - -#define SSS_HAVE_SSCP (SSS_HAVE_A71XX) - -/* For backwards compatibility */ -#define SSS_HAVE_TESTCOUNTERPART (SSSFTR_SW_TESTCOUNTERPART) - -/* ========= Miscellaneous values : END ===================== */ - -/* ========= Calculated values : START ====================== */ - -/* Should we expose, SSS APIs */ -#define SSS_HAVE_SSS ( 0 \ - + SSS_HAVE_SSCP \ - + SSS_HAVE_APPLET_SE05X_IOT \ - + SSS_HAVE_HOSTCRYPTO_OPENSSL \ - + SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO \ - + SSS_HAVE_HOSTCRYPTO_MBEDTLS \ - + SSS_HAVE_HOSTCRYPTO_USER \ - ) - -/* MBEDCRYPTO is superset of MBEDTLS and exposing that way */ -#if SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO -# undef SSS_HAVE_MBEDTLS -# undef SSS_HAVE_HOSTCRYPTO_MBEDTLS - -# define SSS_HAVE_MBEDTLS 1 -# define SSS_HAVE_HOSTCRYPTO_MBEDTLS 1 -#endif // SSS_HAVE_HOSTCRYPTO_MBEDCRYPTO - -#if SSS_HAVE_HOSTCRYPTO_NONE -# undef SSSFTR_SE05X_AuthSession -# define SSSFTR_SE05X_AuthSession 0 -#endif - -/* Montgomery curves is not supported in SE05X_A*/ -#if SSS_HAVE_APPLET_SE05X_A -# undef SSS_HAVE_EC_MONT -# define SSS_HAVE_EC_MONT 0 -/* ED is not supported in SE050_A */ -#if SSS_HAVE_SE05X_VER_03_XX -# undef SSS_HAVE_EC_ED -# define SSS_HAVE_EC_ED 0 -#endif -#endif - -#if SSS_HAVE_RSA -# define SSS_HAVE_RSA_4K 1 -#endif - -#if SSS_HAVE_ECC -# define SSS_HAVE_EC_NIST_192 1 -# define SSS_HAVE_EC_NIST_224 1 -# define SSS_HAVE_EC_NIST_256 1 -# define SSS_HAVE_EC_NIST_384 1 -# define SSS_HAVE_EC_NIST_521 1 -# define SSS_HAVE_EC_BP 1 -# define SSS_HAVE_EC_NIST_K 1 -# define SSS_HAVE_ECDAA 1 -# define SSS_HAVE_EDDSA 1 -#if SSS_HAVE_APPLET_SE05X_A -# undef SSS_HAVE_ECDAA -# undef SSS_HAVE_EDDSA -# define SSS_HAVE_ECDAA 0 -# define SSS_HAVE_EDDSA 0 -#endif -#endif - -#if SSS_HAVE_APPLET -#define SSS_HAVE_HASH_1 1 -#define SSS_HAVE_HASH_224 1 -#define SSS_HAVE_HASH_512 1 -#endif - - -/* ========= Calculated values : END ======================== */ - -/* clang-format on */ - -#endif /* SSS_APIS_INC_FSL_SSS_FTR_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_keyid_map.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_keyid_map.h deleted file mode 100644 index 2b9b58a1c..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_keyid_map.h +++ /dev/null @@ -1,182 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/* Mapping between key id and physical key store */ - -#ifndef SSS_INC_KEYID_MAP_H_ -#define SSS_INC_KEYID_MAP_H_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#include - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -/* Physical index */ -/* clang-format off */ -#define K_INDEX_MASK (0xFFFFu << 0u) -#define K_TYPE_MASK (0xFFu << 24u) -#define K_TYPE_ECC_KP (0x01u << 24u) -#define K_TYPE_ECC_PUB (0x02u << 24u) -#define K_TYPE_AES (0x03u << 24u) -#define K_TYPE_CERT (0x04u << 24u) - -/* Key store N Count */ -#define KS_N_ECC_KEY_PAIRS 4 -#define KS_N_ECC_PUB_KEYS 3 -#define KS_N_AES_KEYS 8 -#define KS_N_CERTIFCATES 4 -#define KS_N_RSA_KEY_PAIRS 1 -#define KS_N_SYM_KEYS 1 - -/* clang-format on */ - -#define KS_N_ENTIRES_CL (0 + KS_N_RSA_KEY_PAIRS + KS_N_SYM_KEYS) - -#define KS_N_ENTIRES (0 + KS_N_ECC_KEY_PAIRS + KS_N_ECC_PUB_KEYS + KS_N_AES_KEYS + KS_N_CERTIFCATES) - -#define KEYSTORE_MAGIC (0xA71C401L) -#define KEYSTORE_VERSION (0x0004) -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -/* Generic entry of a Key ID Mapping inside the secure element */ -typedef struct -{ - /** External index */ - uint32_t extKeyId; - - /* Of type sss_key_part_t - * - * B0,B1,B2,B3 -> Key part and B4,B5,B6,B7 -> (No of slots taken - 1) */ - uint8_t keyPart; - uint8_t accessPermission; - uint8_t cipherType; /* Of type sss_cipher_type_t */ - /** Internal index */ - uint8_t keyIntIndex; -} keyIdAndTypeIndexLookup_t; - -typedef struct _keyStoreTable_t -{ - /** Fixed - Unique 32bit magic number. - * - * In case some one over-writes we can know. */ - uint32_t magic; - /** Fixed - constant based on version number */ - uint16_t version; - /** - * maxEntries Fixed - constant in the Layout. Should be equal to - * KS_N_ENTIRES This will help in porting between A71CH with less memory and - * SE050 with more memory - */ - uint16_t maxEntries; - /** Dynamic entries */ - keyIdAndTypeIndexLookup_t *entries; -} keyStoreTable_t; - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** - * Initialize the File allocation table entry - * - * @param keystore_shadow Shadow structure (to be persisted later to EEPROM or - * File System) - * @param lookup_entires Mapping table - * @param max_entries Maximum entries that the Key Store can have - */ -void ks_common_init_fat( - keyStoreTable_t *keystore_shadow, keyIdAndTypeIndexLookup_t *lookup_entires, size_t max_entries); - -/** - * Update the File Allocation Table for the key. - * - * @param[out] keystore_shadow - * @param[in] sss_key The key object. - * @param[in] intIndex internal index. - * @param extId External 32bit id of the key - * @param object_type Type of the object - * @param intIndex Internal index of the key. - * @param accessPermission Access (Read/write/etc.) - * - * @note accessPermission is not used for A71CH - * - * @return Fail if not able to add the entry. - - */ -sss_status_t ks_common_update_fat(keyStoreTable_t *keystore_shadow, - uint32_t extId, - sss_key_part_t object_part, - sss_cipher_type_t cipher_type, - uint8_t intIndex, - uint32_t accessPermission, - uint16_t keyLen); - -/** - * check if the internal slot is availble for the key type. - * - * @param[in] keystore_shadow - * @param[in] object_type type of key Object - * @param[out] next_free_index avialable internal index for a particular key - * type - * - * @return Fail if internal index is not available. - */ -sss_status_t ks_common_check_available_int_index(keyStoreTable_t *keystore_shadow, - uint8_t object_type, - uint8_t cipher_type, - uint16_t *next_free_index, - uint16_t keyLen); - -sss_status_t ks_common_extId_to_int_index(keyStoreTable_t *keystore_shadow, uint32_t extId, uint16_t *intIndex); -/** - * check if the key store is valid. - * - * @param[in] keystore_shadow The shadow of keystore - * @param[out] status - * - * @return Fail if key store is not valid - */ -sss_status_t isValidKeyStoreShadow(keyStoreTable_t *keystore_shadow); -/** -* check if the internal slot is availble for the key type. -* -* @param[in] keystore_shadow -* @param[in] keyId key id for getting key object -* @param[out] keyType type of keyobject retrieved from keyId* type -* -* @return Fail if keyId not found -*/ -sss_status_t ks_common_get_keyType_from_keyid( - keyStoreTable_t *keystore_shadow, uint32_t keyId, uint32_t *keyType, uint32_t *cipherType); -/** - * remove entry from shadow keystore. - * - * @param[in] keystore_shadow - * @param[in] extId key id for getting key object - * - * @return Fail if keyId not found - */ -sss_status_t ks_common_remove_fat(keyStoreTable_t *keystore_shadow, uint32_t extId); - -void ks_sw_fat_remove(const char *szRootPath); -void ks_sw_fat_free(keyStoreTable_t *keystore_shadow); -void ks_sw_fat_allocate(keyStoreTable_t **keystore_shadow); -void ks_sw_getKeyFileName( - char *const file_name, const size_t size, const sss_object_t *sss_key, const char *root_folder); -sss_status_t ks_sw_fat_load(const char *szRootPath, keyStoreTable_t *pKeystore_shadow); - -#endif /* SSS_INC_KEYID_MAP_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_lpc55s_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_lpc55s_apis.h deleted file mode 100644 index d9e1a05f4..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_lpc55s_apis.h +++ /dev/null @@ -1,115 +0,0 @@ -/* - * - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef __FSL_SSS_LPC55S_APIS_H__ -#define __FSL_SSS_LPC55S_APIS_H__ - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if defined(SECURE_WORLD) -#if SSS_HAVE_HOSTCRYPTO_MBEDTLS -#include -#include - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** @copydoc sss_session_open - * - */ -sss_status_t sss_lpc55s_impl_session_open(sss_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_close - * - */ -void sss_lpc55s_impl_session_close(sss_session_t *session); - -/** - * @addtogroup sss_lpc55s_impl_mac - * @{ - */ -/** @copydoc sss_mac_context_init - * - */ -sss_status_t sss_lpc55s_impl_mac_context_init( - sss_mac_t *context, sss_session_t *session, sss_object_t *keyObject, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @copydoc sss_mac_one_go - * - */ -sss_status_t sss_lpc55s_impl_mac_one_go( - sss_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_context_free - * - */ -void sss_lpc55s_impl_mac_context_free(sss_mac_t *context); - -/** Re-define sss_host_session_open to be redirected - * from HashCrypt session open - */ -#ifdef sss_host_session_open -#undef sss_host_session_open -#define sss_host_session_open(session, subsystem, application_id, connection_type, connectionData) \ - sss_lpc55s_impl_session_open((session), (subsystem), (application_id), (connection_type), (connectionData)) -#endif - -/** Re-define sss_host_session_close to be redirected - * from HashCrypt session open - */ -#ifdef sss_host_session_close -#undef sss_host_session_close -#define sss_host_session_close(session) sss_lpc55s_impl_session_close((session)) -#endif - -/** Re-define sss_host_mac_context_init to be redirected - * from HashCrypt MAC operations - */ -#ifdef sss_host_mac_context_init -#undef sss_host_mac_context_init -#define sss_host_mac_context_init(context, session, keyObject, algorithm, mode) \ - sss_lpc55s_impl_mac_context_init((context), (session), (keyObject), (algorithm), (mode)) -#endif - -/** Re-define sss_host_mac_one_go to be redirected - * from HashCrypt MAC operations - */ -#ifdef sss_host_mac_one_go -#undef sss_host_mac_one_go -#define sss_host_mac_one_go(context, message, messageLen, mac, macLen) \ - sss_lpc55s_impl_mac_one_go((context), (message), (messageLen), (mac), (macLen)) -#endif - -/** Re-define sss_host_mac_context_free to be redirected - * from HashCrypt MAC operations - */ -#ifdef sss_host_mac_context_free -#undef sss_host_mac_context_free -#define sss_host_mac_context_free(context) sss_lpc55s_impl_mac_context_free((context)) -#endif - -/* clang-format on */ -#endif /* SSS_HAVE_HOSTCRYPTO_MBEDTLS */ -#endif /* SECURE_WORLD */ - -#ifdef __cplusplus -} // extern "C" -#endif /* __cplusplus */ - -#endif /* __FSL_SSS_LPC55S_APIS_H__ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_apis.h deleted file mode 100644 index d077f6308..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_apis.h +++ /dev/null @@ -1,837 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef FSL_SSS_MBEDTLS_APIS_H -#define FSL_SSS_MBEDTLS_APIS_H - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_MBEDTLS -#include - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/** - * @addtogroup sss_mbedtls_session - * @{ - */ -/** @copydoc sss_session_create - * - */ -sss_status_t sss_mbedtls_session_create(sss_mbedtls_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_open - * - */ -sss_status_t sss_mbedtls_session_open(sss_mbedtls_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_prop_get_u32 - * - */ -sss_status_t sss_mbedtls_session_prop_get_u32(sss_mbedtls_session_t *session, uint32_t property, uint32_t *pValue); - -/** @copydoc sss_session_prop_get_au8 - * - */ -sss_status_t sss_mbedtls_session_prop_get_au8( - sss_mbedtls_session_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** @copydoc sss_session_close - * - */ -void sss_mbedtls_session_close(sss_mbedtls_session_t *session); - -/** @copydoc sss_session_delete - * - */ -void sss_mbedtls_session_delete(sss_mbedtls_session_t *session); - -/*! @} */ /* end of : sss_mbedtls_session */ - -/** - * @addtogroup sss_mbedtls_keyobj - * @{ - */ -/** @copydoc sss_key_object_init - * - */ -sss_status_t sss_mbedtls_key_object_init(sss_mbedtls_object_t *keyObject, sss_mbedtls_key_store_t *keyStore); - -/** @copydoc sss_key_object_allocate_handle - * - */ -sss_status_t sss_mbedtls_key_object_allocate_handle(sss_mbedtls_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t options); - -/** @copydoc sss_key_object_get_handle - * - */ -sss_status_t sss_mbedtls_key_object_get_handle(sss_mbedtls_object_t *keyObject, uint32_t keyId); - -/** @copydoc sss_key_object_set_user - * - */ -sss_status_t sss_mbedtls_key_object_set_user(sss_mbedtls_object_t *keyObject, uint32_t user, uint32_t options); - -/** @copydoc sss_key_object_set_purpose - * - */ -sss_status_t sss_mbedtls_key_object_set_purpose(sss_mbedtls_object_t *keyObject, sss_mode_t purpose, uint32_t options); - -/** @copydoc sss_key_object_set_access - * - */ -sss_status_t sss_mbedtls_key_object_set_access(sss_mbedtls_object_t *keyObject, uint32_t access, uint32_t options); - -/** @copydoc sss_key_object_set_eccgfp_group - * - */ -sss_status_t sss_mbedtls_key_object_set_eccgfp_group(sss_mbedtls_object_t *keyObject, sss_eccgfp_group_t *group); - -/** @copydoc sss_key_object_get_user - * - */ -sss_status_t sss_mbedtls_key_object_get_user(sss_mbedtls_object_t *keyObject, uint32_t *user); - -/** @copydoc sss_key_object_get_purpose - * - */ -sss_status_t sss_mbedtls_key_object_get_purpose(sss_mbedtls_object_t *keyObject, sss_mode_t *purpose); - -/** @copydoc sss_key_object_get_access - * - */ -sss_status_t sss_mbedtls_key_object_get_access(sss_mbedtls_object_t *keyObject, uint32_t *access); - -/** @copydoc sss_key_object_free - * - */ -void sss_mbedtls_key_object_free(sss_mbedtls_object_t *keyObject); - -/*! @} */ /* end of : sss_mbedtls_keyobj */ - -/** - * @addtogroup sss_mbedtls_keyderive - * @{ - */ -/** @copydoc sss_derive_key_context_init - * - */ -sss_status_t sss_mbedtls_derive_key_context_init(sss_mbedtls_derive_key_t *context, - sss_mbedtls_session_t *session, - sss_mbedtls_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_derive_key_go - * - */ -sss_status_t sss_mbedtls_derive_key_go(sss_mbedtls_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_mbedtls_object_t *derivedKeyObject, - uint16_t deriveDataLen, - uint8_t *hkdfOutput, - size_t *hkdfOutputLen); - -/** @copydoc sss_derive_key_one_go -* -*/ -sss_status_t sss_mbedtls_derive_key_one_go(sss_mbedtls_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_mbedtls_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_sobj_one_go -* -*/ -sss_status_t sss_mbedtls_derive_key_sobj_one_go(sss_mbedtls_derive_key_t *context, - sss_mbedtls_object_t *saltKeyObject, - const uint8_t *info, - size_t infoLen, - sss_mbedtls_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_dh - * - */ -sss_status_t sss_mbedtls_derive_key_dh(sss_mbedtls_derive_key_t *context, - sss_mbedtls_object_t *otherPartyKeyObject, - sss_mbedtls_object_t *derivedKeyObject); - -/** @copydoc sss_derive_key_context_free - * - */ -void sss_mbedtls_derive_key_context_free(sss_mbedtls_derive_key_t *context); - -/*! @} */ /* end of : sss_mbedtls_keyderive */ - -/** - * @addtogroup sss_mbedtls_keystore - * @{ - */ -/** @copydoc sss_key_store_context_init - * - */ -sss_status_t sss_mbedtls_key_store_context_init(sss_mbedtls_key_store_t *keyStore, sss_mbedtls_session_t *session); - -/** @copydoc sss_key_store_allocate - * - */ -sss_status_t sss_mbedtls_key_store_allocate(sss_mbedtls_key_store_t *keyStore, uint32_t keyStoreId); - -/** @copydoc sss_key_store_save - * - */ -sss_status_t sss_mbedtls_key_store_save(sss_mbedtls_key_store_t *keyStore); - -/** @copydoc sss_key_store_load - * - */ -sss_status_t sss_mbedtls_key_store_load(sss_mbedtls_key_store_t *keyStore); - -/** @copydoc sss_key_store_set_key - * - */ -sss_status_t sss_mbedtls_key_store_set_key(sss_mbedtls_key_store_t *keyStore, - sss_mbedtls_object_t *keyObject, - const uint8_t *data, - size_t dataLen, - size_t keyBitLen, - void *options, - size_t optionsLen); - -/** @copydoc sss_key_store_generate_key - * - */ -sss_status_t sss_mbedtls_key_store_generate_key( - sss_mbedtls_key_store_t *keyStore, sss_mbedtls_object_t *keyObject, size_t keyBitLen, void *options); - -/** @copydoc sss_key_store_get_key - * - */ -sss_status_t sss_mbedtls_key_store_get_key(sss_mbedtls_key_store_t *keyStore, - sss_mbedtls_object_t *keyObject, - uint8_t *data, - size_t *dataLen, - size_t *pKeyBitLen); - -/** @copydoc sss_key_store_open_key - * - */ -sss_status_t sss_mbedtls_key_store_open_key(sss_mbedtls_key_store_t *keyStore, sss_mbedtls_object_t *keyObject); - -/** @copydoc sss_key_store_freeze_key - * - */ -sss_status_t sss_mbedtls_key_store_freeze_key(sss_mbedtls_key_store_t *keyStore, sss_mbedtls_object_t *keyObject); - -/** @copydoc sss_key_store_erase_key - * - */ -sss_status_t sss_mbedtls_key_store_erase_key(sss_mbedtls_key_store_t *keyStore, sss_mbedtls_object_t *keyObject); - -/** @copydoc sss_key_store_context_free - * - */ -void sss_mbedtls_key_store_context_free(sss_mbedtls_key_store_t *keyStore); - -/*! @} */ /* end of : sss_mbedtls_keystore */ - -/** - * @addtogroup sss_mbedtls_asym - * @{ - */ -/** @copydoc sss_asymmetric_context_init - * - */ -sss_status_t sss_mbedtls_asymmetric_context_init(sss_mbedtls_asymmetric_t *context, - sss_mbedtls_session_t *session, - sss_mbedtls_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_asymmetric_encrypt - * - */ -sss_status_t sss_mbedtls_asymmetric_encrypt( - sss_mbedtls_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_decrypt - * - */ -sss_status_t sss_mbedtls_asymmetric_decrypt( - sss_mbedtls_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_sign_digest - * - */ -sss_status_t sss_mbedtls_asymmetric_sign_digest( - sss_mbedtls_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t *signatureLen); - -/** @copydoc sss_asymmetric_verify_digest - * - */ -sss_status_t sss_mbedtls_asymmetric_verify_digest( - sss_mbedtls_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t signatureLen); - -/** @copydoc sss_asymmetric_context_free - * - */ -void sss_mbedtls_asymmetric_context_free(sss_mbedtls_asymmetric_t *context); - -/*! @} */ /* end of : sss_mbedtls_asym */ - -/** - * @addtogroup sss_mbedtls_symm - * @{ - */ -/** @copydoc sss_symmetric_context_init - * - */ -sss_status_t sss_mbedtls_symmetric_context_init(sss_mbedtls_symmetric_t *context, - sss_mbedtls_session_t *session, - sss_mbedtls_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_cipher_one_go - * - */ -sss_status_t sss_mbedtls_cipher_one_go(sss_mbedtls_symmetric_t *context, - uint8_t *iv, - size_t ivLen, - const uint8_t *srcData, - uint8_t *destData, - size_t dataLen); - -/** @copydoc sss_cipher_init - * - */ -sss_status_t sss_mbedtls_cipher_init(sss_mbedtls_symmetric_t *context, uint8_t *iv, size_t ivLen); - -/** @copydoc sss_cipher_update - * - */ -sss_status_t sss_mbedtls_cipher_update( - sss_mbedtls_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_finish - * - */ -sss_status_t sss_mbedtls_cipher_finish( - sss_mbedtls_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_crypt_ctr - * - */ -sss_status_t sss_mbedtls_cipher_crypt_ctr(sss_mbedtls_symmetric_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *initialCounter, - uint8_t *lastEncryptedCounter, - size_t *szLeft); - -/** @copydoc sss_symmetric_context_free - * - */ -void sss_mbedtls_symmetric_context_free(sss_mbedtls_symmetric_t *context); - -/*! @} */ /* end of : sss_mbedtls_symm */ - -/** - * @addtogroup sss_mbedtls_aead - * @{ - */ -/** @copydoc sss_aead_context_init - * - */ -sss_status_t sss_mbedtls_aead_context_init(sss_mbedtls_aead_t *context, - sss_mbedtls_session_t *session, - sss_mbedtls_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_aead_one_go - * - */ -sss_status_t sss_mbedtls_aead_one_go(sss_mbedtls_aead_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *nonce, - size_t nonceLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_init - * - */ -sss_status_t sss_mbedtls_aead_init( - sss_mbedtls_aead_t *context, uint8_t *nonce, size_t nonceLen, size_t tagLen, size_t aadLen, size_t payloadLen); - -/** @copydoc sss_aead_update_aad - * - */ -sss_status_t sss_mbedtls_aead_update_aad(sss_mbedtls_aead_t *context, const uint8_t *aadData, size_t aadDataLen); - -/** @copydoc sss_aead_update - * - */ -sss_status_t sss_mbedtls_aead_update( - sss_mbedtls_aead_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_aead_finish - * - */ -sss_status_t sss_mbedtls_aead_finish(sss_mbedtls_aead_t *context, - const uint8_t *srcData, - size_t srcLen, - uint8_t *destData, - size_t *destLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_context_free - * - */ -void sss_mbedtls_aead_context_free(sss_mbedtls_aead_t *context); - -/*! @} */ /* end of : sss_mbedtls_aead */ - -/** - * @addtogroup sss_mbedtls_mac - * @{ - */ -/** @copydoc sss_mac_context_init - * - */ -sss_status_t sss_mbedtls_mac_context_init(sss_mbedtls_mac_t *context, - sss_mbedtls_session_t *session, - sss_mbedtls_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_mac_one_go - * - */ -sss_status_t sss_mbedtls_mac_one_go( - sss_mbedtls_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_init - * - */ -sss_status_t sss_mbedtls_mac_init(sss_mbedtls_mac_t *context); - -/** @copydoc sss_mac_update - * - */ -sss_status_t sss_mbedtls_mac_update(sss_mbedtls_mac_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_mac_finish - * - */ -sss_status_t sss_mbedtls_mac_finish(sss_mbedtls_mac_t *context, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_context_free - * - */ -void sss_mbedtls_mac_context_free(sss_mbedtls_mac_t *context); - -/*! @} */ /* end of : sss_mbedtls_mac */ - -/** - * @addtogroup sss_mbedtls_md - * @{ - */ -/** @copydoc sss_digest_context_init - * - */ -sss_status_t sss_mbedtls_digest_context_init( - sss_mbedtls_digest_t *context, sss_mbedtls_session_t *session, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @copydoc sss_digest_one_go - * - */ -sss_status_t sss_mbedtls_digest_one_go( - sss_mbedtls_digest_t *context, const uint8_t *message, size_t messageLen, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_init - * - */ -sss_status_t sss_mbedtls_digest_init(sss_mbedtls_digest_t *context); - -/** @copydoc sss_digest_update - * - */ -sss_status_t sss_mbedtls_digest_update(sss_mbedtls_digest_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_digest_finish - * - */ -sss_status_t sss_mbedtls_digest_finish(sss_mbedtls_digest_t *context, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_context_free - * - */ -void sss_mbedtls_digest_context_free(sss_mbedtls_digest_t *context); - -/*! @} */ /* end of : sss_mbedtls_md */ - -/** - * @addtogroup sss_mbedtls_rng - * @{ - */ -/** @copydoc sss_rng_context_init - * - */ -sss_status_t sss_mbedtls_rng_context_init(sss_mbedtls_rng_context_t *context, sss_mbedtls_session_t *session); - -/** @copydoc sss_rng_get_random - * - */ -sss_status_t sss_mbedtls_rng_get_random(sss_mbedtls_rng_context_t *context, uint8_t *random_data, size_t dataLen); - -/** @copydoc sss_rng_context_free - * - */ -sss_status_t sss_mbedtls_rng_context_free(sss_mbedtls_rng_context_t *context); - -/*! @} */ /* end of : sss_mbedtls_rng */ - -/* clang-format off */ -# if (SSS_HAVE_SSS == 1) - /* Direct Call : session */ -# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \ - sss_mbedtls_session_create(((sss_mbedtls_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \ - sss_mbedtls_session_open(((sss_mbedtls_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_session_prop_get_u32(session,property,pValue) \ - sss_mbedtls_session_prop_get_u32(((sss_mbedtls_session_t * ) session),(property),(pValue)) -# define sss_session_prop_get_au8(session,property,pValue,pValueLen) \ - sss_mbedtls_session_prop_get_au8(((sss_mbedtls_session_t * ) session),(property),(pValue),(pValueLen)) -# define sss_session_close(session) \ - sss_mbedtls_session_close(((sss_mbedtls_session_t * ) session)) -# define sss_session_delete(session) \ - sss_mbedtls_session_delete(((sss_mbedtls_session_t * ) session)) - /* Direct Call : keyobj */ -# define sss_key_object_init(keyObject,keyStore) \ - sss_mbedtls_key_object_init(((sss_mbedtls_object_t * ) keyObject),((sss_mbedtls_key_store_t * ) keyStore)) -# define sss_key_object_allocate_handle(keyObject,keyId,keyPart,cipherType,keyByteLenMax,options) \ - sss_mbedtls_key_object_allocate_handle(((sss_mbedtls_object_t * ) keyObject),(keyId),(keyPart),(cipherType),(keyByteLenMax),(options)) -# define sss_key_object_get_handle(keyObject,keyId) \ - sss_mbedtls_key_object_get_handle(((sss_mbedtls_object_t * ) keyObject),(keyId)) -# define sss_key_object_set_user(keyObject,user,options) \ - sss_mbedtls_key_object_set_user(((sss_mbedtls_object_t * ) keyObject),(user),(options)) -# define sss_key_object_set_purpose(keyObject,purpose,options) \ - sss_mbedtls_key_object_set_purpose(((sss_mbedtls_object_t * ) keyObject),(purpose),(options)) -# define sss_key_object_set_access(keyObject,access,options) \ - sss_mbedtls_key_object_set_access(((sss_mbedtls_object_t * ) keyObject),(access),(options)) -# define sss_key_object_set_eccgfp_group(keyObject,group) \ - sss_mbedtls_key_object_set_eccgfp_group(((sss_mbedtls_object_t * ) keyObject),(group)) -# define sss_key_object_get_user(keyObject,user) \ - sss_mbedtls_key_object_get_user(((sss_mbedtls_object_t * ) keyObject),(user)) -# define sss_key_object_get_purpose(keyObject,purpose) \ - sss_mbedtls_key_object_get_purpose(((sss_mbedtls_object_t * ) keyObject),(purpose)) -# define sss_key_object_get_access(keyObject,access) \ - sss_mbedtls_key_object_get_access(((sss_mbedtls_object_t * ) keyObject),(access)) -# define sss_key_object_free(keyObject) \ - sss_mbedtls_key_object_free(((sss_mbedtls_object_t * ) keyObject)) - /* Direct Call : keyderive */ -# define sss_derive_key_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_derive_key_context_init(((sss_mbedtls_derive_key_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_derive_key_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen,hkdfOutput,hkdfOutputLen) \ - sss_mbedtls_derive_key_go(((sss_mbedtls_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_mbedtls_object_t * ) derivedKeyObject),(deriveDataLen),(hkdfOutput),(hkdfOutputLen)) -# define sss_derive_key_one_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen) \ - sss_mbedtls_derive_key_one_go(((sss_mbedtls_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_mbedtls_object_t * ) derivedKeyObject),(deriveDataLen)) -# define sss_derive_key_sobj_one_go(context,saltKeyObject,info,infoLen,derivedKeyObject,deriveDataLen) \ - sss_mbedtls_derive_key_sobj_one_go(((sss_mbedtls_derive_key_t * ) context),((sss_mbedtls_object_t * )saltKeyObject),(info),(infoLen),((sss_mbedtls_object_t * ) derivedKeyObject),(deriveDataLen)) -# define sss_derive_key_dh(context,otherPartyKeyObject,derivedKeyObject) \ - sss_mbedtls_derive_key_dh(((sss_mbedtls_derive_key_t * ) context),((sss_mbedtls_object_t * ) otherPartyKeyObject),((sss_mbedtls_object_t * ) derivedKeyObject)) -# define sss_derive_key_context_free(context) \ - sss_mbedtls_derive_key_context_free(((sss_mbedtls_derive_key_t * ) context)) - /* Direct Call : keystore */ -# define sss_key_store_context_init(keyStore,session) \ - sss_mbedtls_key_store_context_init(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_session_t * ) session)) -# define sss_key_store_allocate(keyStore,keyStoreId) \ - sss_mbedtls_key_store_allocate(((sss_mbedtls_key_store_t * ) keyStore),(keyStoreId)) -# define sss_key_store_save(keyStore) \ - sss_mbedtls_key_store_save(((sss_mbedtls_key_store_t * ) keyStore)) -# define sss_key_store_load(keyStore) \ - sss_mbedtls_key_store_load(((sss_mbedtls_key_store_t * ) keyStore)) -# define sss_key_store_set_key(keyStore,keyObject,data,dataLen,keyBitLen,options,optionsLen) \ - sss_mbedtls_key_store_set_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject),(data),(dataLen),(keyBitLen),(options),(optionsLen)) -# define sss_key_store_generate_key(keyStore,keyObject,keyBitLen,options) \ - sss_mbedtls_key_store_generate_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject),(keyBitLen),(options)) -# define sss_key_store_get_key(keyStore,keyObject,data,dataLen,pKeyBitLen) \ - sss_mbedtls_key_store_get_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject),(data),(dataLen),(pKeyBitLen)) -# define sss_key_store_open_key(keyStore,keyObject) \ - sss_mbedtls_key_store_open_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject)) -# define sss_key_store_freeze_key(keyStore,keyObject) \ - sss_mbedtls_key_store_freeze_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject)) -# define sss_key_store_erase_key(keyStore,keyObject) \ - sss_mbedtls_key_store_erase_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject)) -# define sss_key_store_context_free(keyStore) \ - sss_mbedtls_key_store_context_free(((sss_mbedtls_key_store_t * ) keyStore)) - /* Direct Call : asym */ -# define sss_asymmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_asymmetric_context_init(((sss_mbedtls_asymmetric_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_asymmetric_encrypt(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_asymmetric_encrypt(((sss_mbedtls_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_asymmetric_decrypt(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_asymmetric_decrypt(((sss_mbedtls_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_asymmetric_sign_digest(context,digest,digestLen,signature,signatureLen) \ - sss_mbedtls_asymmetric_sign_digest(((sss_mbedtls_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_asymmetric_verify_digest(context,digest,digestLen,signature,signatureLen) \ - sss_mbedtls_asymmetric_verify_digest(((sss_mbedtls_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_asymmetric_context_free(context) \ - sss_mbedtls_asymmetric_context_free(((sss_mbedtls_asymmetric_t * ) context)) - /* Direct Call : symm */ -# define sss_symmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_symmetric_context_init(((sss_mbedtls_symmetric_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_cipher_one_go(context,iv,ivLen,srcData,destData,dataLen) \ - sss_mbedtls_cipher_one_go(((sss_mbedtls_symmetric_t * ) context),(iv),(ivLen),(srcData),(destData),(dataLen)) -# define sss_cipher_init(context,iv,ivLen) \ - sss_mbedtls_cipher_init(((sss_mbedtls_symmetric_t * ) context),(iv),(ivLen)) -# define sss_cipher_update(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_cipher_update(((sss_mbedtls_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_cipher_finish(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_cipher_finish(((sss_mbedtls_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_cipher_crypt_ctr(context,srcData,destData,size,initialCounter,lastEncryptedCounter,szLeft) \ - sss_mbedtls_cipher_crypt_ctr(((sss_mbedtls_symmetric_t * ) context),(srcData),(destData),(size),(initialCounter),(lastEncryptedCounter),(szLeft)) -# define sss_symmetric_context_free(context) \ - sss_mbedtls_symmetric_context_free(((sss_mbedtls_symmetric_t * ) context)) - /* Direct Call : aead */ -# define sss_aead_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_aead_context_init(((sss_mbedtls_aead_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_aead_one_go(context,srcData,destData,size,nonce,nonceLen,aad,aadLen,tag,tagLen) \ - sss_mbedtls_aead_one_go(((sss_mbedtls_aead_t * ) context),(srcData),(destData),(size),(nonce),(nonceLen),(aad),(aadLen),(tag),(tagLen)) -# define sss_aead_init(context,nonce,nonceLen,tagLen,aadLen,payloadLen) \ - sss_mbedtls_aead_init(((sss_mbedtls_aead_t * ) context),(nonce),(nonceLen),(tagLen),(aadLen),(payloadLen)) -# define sss_aead_update_aad(context,aadData,aadDataLen) \ - sss_mbedtls_aead_update_aad(((sss_mbedtls_aead_t * ) context),(aadData),(aadDataLen)) -# define sss_aead_update(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_aead_update(((sss_mbedtls_aead_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_aead_finish(context,srcData,srcLen,destData,destLen,tag,tagLen) \ - sss_mbedtls_aead_finish(((sss_mbedtls_aead_t * ) context),(srcData),(srcLen),(destData),(destLen),(tag),(tagLen)) -# define sss_aead_context_free(context) \ - sss_mbedtls_aead_context_free(((sss_mbedtls_aead_t * ) context)) - /* Direct Call : mac */ -# define sss_mac_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_mac_context_init(((sss_mbedtls_mac_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_mac_one_go(context,message,messageLen,mac,macLen) \ - sss_mbedtls_mac_one_go(((sss_mbedtls_mac_t * ) context),(message),(messageLen),(mac),(macLen)) -# define sss_mac_init(context) \ - sss_mbedtls_mac_init(((sss_mbedtls_mac_t * ) context)) -# define sss_mac_update(context,message,messageLen) \ - sss_mbedtls_mac_update(((sss_mbedtls_mac_t * ) context),(message),(messageLen)) -# define sss_mac_finish(context,mac,macLen) \ - sss_mbedtls_mac_finish(((sss_mbedtls_mac_t * ) context),(mac),(macLen)) -# define sss_mac_context_free(context) \ - sss_mbedtls_mac_context_free(((sss_mbedtls_mac_t * ) context)) - /* Direct Call : md */ -# define sss_digest_context_init(context,session,algorithm,mode) \ - sss_mbedtls_digest_context_init(((sss_mbedtls_digest_t * ) context),((sss_mbedtls_session_t * ) session),(algorithm),(mode)) -# define sss_digest_one_go(context,message,messageLen,digest,digestLen) \ - sss_mbedtls_digest_one_go(((sss_mbedtls_digest_t * ) context),(message),(messageLen),(digest),(digestLen)) -# define sss_digest_init(context) \ - sss_mbedtls_digest_init(((sss_mbedtls_digest_t * ) context)) -# define sss_digest_update(context,message,messageLen) \ - sss_mbedtls_digest_update(((sss_mbedtls_digest_t * ) context),(message),(messageLen)) -# define sss_digest_finish(context,digest,digestLen) \ - sss_mbedtls_digest_finish(((sss_mbedtls_digest_t * ) context),(digest),(digestLen)) -# define sss_digest_context_free(context) \ - sss_mbedtls_digest_context_free(((sss_mbedtls_digest_t * ) context)) - /* Direct Call : rng */ -# define sss_rng_context_init(context,session) \ - sss_mbedtls_rng_context_init(((sss_mbedtls_rng_context_t * ) context),((sss_mbedtls_session_t * ) session)) -# define sss_rng_get_random(context,random_data,dataLen) \ - sss_mbedtls_rng_get_random(((sss_mbedtls_rng_context_t * ) context),(random_data),(dataLen)) -# define sss_rng_context_free(context) \ - sss_mbedtls_rng_context_free(((sss_mbedtls_rng_context_t * ) context)) -# endif /* (SSS_HAVE_SSS == 1) */ -# if (SSS_HAVE_OPENSSL == 0) - /* Host Call : session */ -# define sss_host_session_create(session,subsystem,application_id,connection_type,connectionData) \ - sss_mbedtls_session_create(((sss_mbedtls_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_host_session_open(session,subsystem,application_id,connection_type,connectionData) \ - sss_mbedtls_session_open(((sss_mbedtls_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_host_session_prop_get_u32(session,property,pValue) \ - sss_mbedtls_session_prop_get_u32(((sss_mbedtls_session_t * ) session),(property),(pValue)) -# define sss_host_session_prop_get_au8(session,property,pValue,pValueLen) \ - sss_mbedtls_session_prop_get_au8(((sss_mbedtls_session_t * ) session),(property),(pValue),(pValueLen)) -# define sss_host_session_close(session) \ - sss_mbedtls_session_close(((sss_mbedtls_session_t * ) session)) -# define sss_host_session_delete(session) \ - sss_mbedtls_session_delete(((sss_mbedtls_session_t * ) session)) - /* Host Call : keyobj */ -# define sss_host_key_object_init(keyObject,keyStore) \ - sss_mbedtls_key_object_init(((sss_mbedtls_object_t * ) keyObject),((sss_mbedtls_key_store_t * ) keyStore)) -# define sss_host_key_object_allocate_handle(keyObject,keyId,keyPart,cipherType,keyByteLenMax,options) \ - sss_mbedtls_key_object_allocate_handle(((sss_mbedtls_object_t * ) keyObject),(keyId),(keyPart),(cipherType),(keyByteLenMax),(options)) -# define sss_host_key_object_get_handle(keyObject,keyId) \ - sss_mbedtls_key_object_get_handle(((sss_mbedtls_object_t * ) keyObject),(keyId)) -# define sss_host_key_object_set_user(keyObject,user,options) \ - sss_mbedtls_key_object_set_user(((sss_mbedtls_object_t * ) keyObject),(user),(options)) -# define sss_host_key_object_set_purpose(keyObject,purpose,options) \ - sss_mbedtls_key_object_set_purpose(((sss_mbedtls_object_t * ) keyObject),(purpose),(options)) -# define sss_host_key_object_set_access(keyObject,access,options) \ - sss_mbedtls_key_object_set_access(((sss_mbedtls_object_t * ) keyObject),(access),(options)) -# define sss_host_key_object_set_eccgfp_group(keyObject,group) \ - sss_mbedtls_key_object_set_eccgfp_group(((sss_mbedtls_object_t * ) keyObject),(group)) -# define sss_host_key_object_get_user(keyObject,user) \ - sss_mbedtls_key_object_get_user(((sss_mbedtls_object_t * ) keyObject),(user)) -# define sss_host_key_object_get_purpose(keyObject,purpose) \ - sss_mbedtls_key_object_get_purpose(((sss_mbedtls_object_t * ) keyObject),(purpose)) -# define sss_host_key_object_get_access(keyObject,access) \ - sss_mbedtls_key_object_get_access(((sss_mbedtls_object_t * ) keyObject),(access)) -# define sss_host_key_object_free(keyObject) \ - sss_mbedtls_key_object_free(((sss_mbedtls_object_t * ) keyObject)) - /* Host Call : keyderive */ -# define sss_host_derive_key_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_derive_key_context_init(((sss_mbedtls_derive_key_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_derive_key_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen,hkdfOutput,hkdfOutputLen) \ - sss_mbedtls_derive_key_go(((sss_mbedtls_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_mbedtls_object_t * ) derivedKeyObject),(deriveDataLen),(hkdfOutput),(hkdfOutputLen)) -# define sss_host_derive_key_dh(context,otherPartyKeyObject,derivedKeyObject) \ - sss_mbedtls_derive_key_dh(((sss_mbedtls_derive_key_t * ) context),((sss_mbedtls_object_t * ) otherPartyKeyObject),((sss_mbedtls_object_t * ) derivedKeyObject)) -# define sss_host_derive_key_context_free(context) \ - sss_mbedtls_derive_key_context_free(((sss_mbedtls_derive_key_t * ) context)) - /* Host Call : keystore */ -# define sss_host_key_store_context_init(keyStore,session) \ - sss_mbedtls_key_store_context_init(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_session_t * ) session)) -# define sss_host_key_store_allocate(keyStore,keyStoreId) \ - sss_mbedtls_key_store_allocate(((sss_mbedtls_key_store_t * ) keyStore),(keyStoreId)) -# define sss_host_key_store_save(keyStore) \ - sss_mbedtls_key_store_save(((sss_mbedtls_key_store_t * ) keyStore)) -# define sss_host_key_store_load(keyStore) \ - sss_mbedtls_key_store_load(((sss_mbedtls_key_store_t * ) keyStore)) -# define sss_host_key_store_set_key(keyStore,keyObject,data,dataLen,keyBitLen,options,optionsLen) \ - sss_mbedtls_key_store_set_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject),(data),(dataLen),(keyBitLen),(options),(optionsLen)) -# define sss_host_key_store_generate_key(keyStore,keyObject,keyBitLen,options) \ - sss_mbedtls_key_store_generate_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject),(keyBitLen),(options)) -# define sss_host_key_store_get_key(keyStore,keyObject,data,dataLen,pKeyBitLen) \ - sss_mbedtls_key_store_get_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject),(data),(dataLen),(pKeyBitLen)) -# define sss_host_key_store_open_key(keyStore,keyObject) \ - sss_mbedtls_key_store_open_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject)) -# define sss_host_key_store_freeze_key(keyStore,keyObject) \ - sss_mbedtls_key_store_freeze_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject)) -# define sss_host_key_store_erase_key(keyStore,keyObject) \ - sss_mbedtls_key_store_erase_key(((sss_mbedtls_key_store_t * ) keyStore),((sss_mbedtls_object_t * ) keyObject)) -# define sss_host_key_store_context_free(keyStore) \ - sss_mbedtls_key_store_context_free(((sss_mbedtls_key_store_t * ) keyStore)) - /* Host Call : asym */ -# define sss_host_asymmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_asymmetric_context_init(((sss_mbedtls_asymmetric_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_asymmetric_encrypt(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_asymmetric_encrypt(((sss_mbedtls_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_asymmetric_decrypt(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_asymmetric_decrypt(((sss_mbedtls_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_asymmetric_sign_digest(context,digest,digestLen,signature,signatureLen) \ - sss_mbedtls_asymmetric_sign_digest(((sss_mbedtls_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_host_asymmetric_verify_digest(context,digest,digestLen,signature,signatureLen) \ - sss_mbedtls_asymmetric_verify_digest(((sss_mbedtls_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_host_asymmetric_context_free(context) \ - sss_mbedtls_asymmetric_context_free(((sss_mbedtls_asymmetric_t * ) context)) - /* Host Call : symm */ -# define sss_host_symmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_symmetric_context_init(((sss_mbedtls_symmetric_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_cipher_one_go(context,iv,ivLen,srcData,destData,dataLen) \ - sss_mbedtls_cipher_one_go(((sss_mbedtls_symmetric_t * ) context),(iv),(ivLen),(srcData),(destData),(dataLen)) -# define sss_host_cipher_init(context,iv,ivLen) \ - sss_mbedtls_cipher_init(((sss_mbedtls_symmetric_t * ) context),(iv),(ivLen)) -# define sss_host_cipher_update(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_cipher_update(((sss_mbedtls_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_cipher_finish(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_cipher_finish(((sss_mbedtls_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_cipher_crypt_ctr(context,srcData,destData,size,initialCounter,lastEncryptedCounter,szLeft) \ - sss_mbedtls_cipher_crypt_ctr(((sss_mbedtls_symmetric_t * ) context),(srcData),(destData),(size),(initialCounter),(lastEncryptedCounter),(szLeft)) -# define sss_host_symmetric_context_free(context) \ - sss_mbedtls_symmetric_context_free(((sss_mbedtls_symmetric_t * ) context)) - /* Host Call : aead */ -# define sss_host_aead_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_aead_context_init(((sss_mbedtls_aead_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_aead_one_go(context,srcData,destData,size,nonce,nonceLen,aad,aadLen,tag,tagLen) \ - sss_mbedtls_aead_one_go(((sss_mbedtls_aead_t * ) context),(srcData),(destData),(size),(nonce),(nonceLen),(aad),(aadLen),(tag),(tagLen)) -# define sss_host_aead_init(context,nonce,nonceLen,tagLen,aadLen,payloadLen) \ - sss_mbedtls_aead_init(((sss_mbedtls_aead_t * ) context),(nonce),(nonceLen),(tagLen),(aadLen),(payloadLen)) -# define sss_host_aead_update_aad(context,aadData,aadDataLen) \ - sss_mbedtls_aead_update_aad(((sss_mbedtls_aead_t * ) context),(aadData),(aadDataLen)) -# define sss_host_aead_update(context,srcData,srcLen,destData,destLen) \ - sss_mbedtls_aead_update(((sss_mbedtls_aead_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_aead_finish(context,srcData,srcLen,destData,destLen,tag,tagLen) \ - sss_mbedtls_aead_finish(((sss_mbedtls_aead_t * ) context),(srcData),(srcLen),(destData),(destLen),(tag),(tagLen)) -# define sss_host_aead_context_free(context) \ - sss_mbedtls_aead_context_free(((sss_mbedtls_aead_t * ) context)) - /* Host Call : mac */ -# define sss_host_mac_context_init(context,session,keyObject,algorithm,mode) \ - sss_mbedtls_mac_context_init(((sss_mbedtls_mac_t * ) context),((sss_mbedtls_session_t * ) session),((sss_mbedtls_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_mac_one_go(context,message,messageLen,mac,macLen) \ - sss_mbedtls_mac_one_go(((sss_mbedtls_mac_t * ) context),(message),(messageLen),(mac),(macLen)) -# define sss_host_mac_init(context) \ - sss_mbedtls_mac_init(((sss_mbedtls_mac_t * ) context)) -# define sss_host_mac_update(context,message,messageLen) \ - sss_mbedtls_mac_update(((sss_mbedtls_mac_t * ) context),(message),(messageLen)) -# define sss_host_mac_finish(context,mac,macLen) \ - sss_mbedtls_mac_finish(((sss_mbedtls_mac_t * ) context),(mac),(macLen)) -# define sss_host_mac_context_free(context) \ - sss_mbedtls_mac_context_free(((sss_mbedtls_mac_t * ) context)) - /* Host Call : md */ -# define sss_host_digest_context_init(context,session,algorithm,mode) \ - sss_mbedtls_digest_context_init(((sss_mbedtls_digest_t * ) context),((sss_mbedtls_session_t * ) session),(algorithm),(mode)) -# define sss_host_digest_one_go(context,message,messageLen,digest,digestLen) \ - sss_mbedtls_digest_one_go(((sss_mbedtls_digest_t * ) context),(message),(messageLen),(digest),(digestLen)) -# define sss_host_digest_init(context) \ - sss_mbedtls_digest_init(((sss_mbedtls_digest_t * ) context)) -# define sss_host_digest_update(context,message,messageLen) \ - sss_mbedtls_digest_update(((sss_mbedtls_digest_t * ) context),(message),(messageLen)) -# define sss_host_digest_finish(context,digest,digestLen) \ - sss_mbedtls_digest_finish(((sss_mbedtls_digest_t * ) context),(digest),(digestLen)) -# define sss_host_digest_context_free(context) \ - sss_mbedtls_digest_context_free(((sss_mbedtls_digest_t * ) context)) - /* Host Call : rng */ -# define sss_host_rng_context_init(context,session) \ - sss_mbedtls_rng_context_init(((sss_mbedtls_rng_context_t * ) context),((sss_mbedtls_session_t * ) session)) -# define sss_host_rng_get_random(context,random_data,dataLen) \ - sss_mbedtls_rng_get_random(((sss_mbedtls_rng_context_t * ) context),(random_data),(dataLen)) -# define sss_host_rng_context_free(context) \ - sss_mbedtls_rng_context_free(((sss_mbedtls_rng_context_t * ) context)) -# endif /* (SSS_HAVE_SSS == 1) */ -/* clang-format on */ -#endif /* SSS_HAVE_MBEDTLS */ -#ifdef __cplusplus -} // extern "C" -#endif /* __cplusplus */ - -#endif /* FSL_SSS_MBEDTLS_APIS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_types.h deleted file mode 100644 index 1d090753a..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_mbedtls_types.h +++ /dev/null @@ -1,253 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_APIS_INC_FSL_SSS_MBEDTLS_TYPES_H_ -#define SSS_APIS_INC_FSL_SSS_MBEDTLS_TYPES_H_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#include - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_MBEDTLS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -/** - * @addtogroup sss_sw_mbedtls - * @{ - */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -#define SSS_SUBSYSTEM_TYPE_IS_MBEDTLS(subsystem) (subsystem == kType_SSS_mbedTLS) - -#define SSS_SESSION_TYPE_IS_MBEDTLS(session) (session && SSS_SUBSYSTEM_TYPE_IS_MBEDTLS(session->subsystem)) - -#define SSS_KEY_STORE_TYPE_IS_MBEDTLS(keyStore) (keyStore && SSS_SESSION_TYPE_IS_MBEDTLS(keyStore->session)) - -#define SSS_OBJECT_TYPE_IS_MBEDTLS(pObject) (pObject && SSS_KEY_STORE_TYPE_IS_MBEDTLS(pObject->keyStore)) - -#define SSS_ASYMMETRIC_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -#define SSS_DERIVE_KEY_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -#define SSS_SYMMETRIC_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -#define SSS_MAC_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -#define SSS_RNG_CONTEXT_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -#define SSS_DIGEST_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -#define SSS_AEAD_TYPE_IS_MBEDTLS(context) (context && SSS_SESSION_TYPE_IS_MBEDTLS(context->session)) - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -struct _sss_mbedtls_session; - -typedef struct _sss_mbedtls_session -{ - /*! Indicates which security subsystem is selected to be used. */ - sss_type_t subsystem; - - mbedtls_entropy_context *entropy; - mbedtls_ctr_drbg_context *ctr_drbg; - -#ifdef MBEDTLS_FS_IO - /* Root Path for persitant key store */ - const char *szRootPath; -#endif -} sss_mbedtls_session_t; - -struct _sss_mbedtls_object; - -typedef struct _sss_mbedtls_key_store -{ - sss_mbedtls_session_t *session; - -#ifdef MBEDTLS_FS_IO - /*! Implementation specific part */ - struct _sss_mbedtls_object **objects; - uint32_t max_object_count; - - keyStoreTable_t *keystore_shadow; -#endif -} sss_mbedtls_key_store_t; - -typedef struct _sss_mbedtls_object -{ - /*! key store holding the data and other properties */ - sss_mbedtls_key_store_t *keyStore; - /*! Object types */ - uint32_t objectType; - uint32_t cipherType; - /*! Application specific key identifier. The keyId is kept in the key store - * along with the key data and other properties. */ - uint32_t keyId; - - /*! Implementation specific part */ - /** Contents are malloced, so must be freed */ - uint32_t contents_must_free : 1; - /** Type of key. Persistnet/trainsient @ref sss_key_object_mode_t */ - uint32_t keyMode : 3; - /** Max size allocated */ - size_t contents_max_size; - size_t contents_size; - size_t keyBitLen; - uint32_t user_id; - sss_mode_t purpose; - sss_access_permission_t accessRights; - /* malloced / referenced contents */ - void *contents; -} sss_mbedtls_object_t; - -typedef struct _sss_mbedtls_derive_key -{ - sss_mbedtls_session_t *session; - sss_mbedtls_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - -} sss_mbedtls_derive_key_t; - -typedef struct _sss_mbedtls_asymmetric -{ - sss_mbedtls_session_t *session; - sss_mbedtls_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - -} sss_mbedtls_asymmetric_t; - -typedef struct _sss_mbedtls_symmetric -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_mbedtls_session_t *session; - sss_mbedtls_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - mbedtls_cipher_context_t *cipher_ctx; - uint8_t cache_data[16]; - size_t cache_data_len; - -} sss_mbedtls_symmetric_t; - -typedef struct _sss_mbedtls_mac -{ - sss_mbedtls_session_t *session; - sss_mbedtls_object_t *keyObject; /*! Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - - /*! Implementation specific part */ - mbedtls_cipher_context_t *cipher_ctx; /*For init- update -finish*/ - mbedtls_md_context_t *HmacCtx; -} sss_mbedtls_mac_t; - -typedef struct _sss_mbedtls_aead -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_mbedtls_session_t *session; - sss_mbedtls_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - - /*! Implementation specific part */ - mbedtls_gcm_context *gcm_ctx; /*!< Reference to gcm context. */ - mbedtls_ccm_context *ccm_ctx; /*!< Reference to ccm context. */ - uint8_t *pNonce; /*!< Reference to IV. */ - size_t nonceLen; /*!< Store IV len. */ - const uint8_t *pCcm_aad; /*!< Reference to AAD */ - size_t ccm_aadLen; /*!< Store AAD len. */ - uint8_t *pCcm_data; /*!< Ref to CCM data dynamic allocated.. */ - size_t ccm_dataTotalLen; /*!< Store CCM data total len. */ - size_t ccm_dataoffset; /*!< Store CCM data offset. */ - uint8_t cache_data[16]; /*!< Cache for GCM data */ - size_t cache_data_len; /*!< Store GCM Cache len*/ -} sss_mbedtls_aead_t; - -typedef struct _sss_mbedtls_digest -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_mbedtls_session_t *session; - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - /*! Full digest length per algorithm definition. This field is initialized along with algorithm. */ - size_t digestFullLen; - /*! Implementation specific part */ - mbedtls_md_context_t md_ctx; -} sss_mbedtls_digest_t; - -typedef struct -{ - sss_mbedtls_session_t *session; - -} sss_mbedtls_rng_context_t; - -#define sss_mbedtls_tunnel_t sss_tunnel_t - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -#ifdef MBEDTLS_FS_IO - -/** Store key inside persistant key store */ -sss_status_t ks_mbedtls_store_key(const sss_mbedtls_object_t *sss_key); - -sss_status_t ks_mbedtls_load_key(sss_mbedtls_object_t *sss_key, keyStoreTable_t *keystore_shadow, uint32_t extKeyId); - -sss_status_t ks_mbedtls_remove_key(const sss_mbedtls_object_t *sss_key); - -sss_status_t ks_mbedtls_fat_update(sss_mbedtls_key_store_t *keyStore); - -#endif /* MBEDTLS_FS_IO */ - -/* Low Level API Key object create */ -sss_status_t ks_mbedtls_key_object_create(sss_mbedtls_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t keyMode); - -/** @} */ - -#endif /* SSS_HAVE_MBEDTLS */ - -#endif /* SSS_APIS_INC_FSL_SSS_MBEDTLS_TYPES_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_apis.h deleted file mode 100644 index b4e02131d..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_apis.h +++ /dev/null @@ -1,839 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef FSL_SSS_OPENSSL_APIS_H -#define FSL_SSS_OPENSSL_APIS_H - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_OPENSSL -#include - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/** - * @addtogroup sss_openssl_session - * @{ - */ -/** @copydoc sss_session_create - * - */ -sss_status_t sss_openssl_session_create(sss_openssl_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_open - * - */ -sss_status_t sss_openssl_session_open(sss_openssl_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_prop_get_u32 - * - */ -sss_status_t sss_openssl_session_prop_get_u32(sss_openssl_session_t *session, uint32_t property, uint32_t *pValue); - -/** @copydoc sss_session_prop_get_au8 - * - */ -sss_status_t sss_openssl_session_prop_get_au8( - sss_openssl_session_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** @copydoc sss_session_close - * - */ -void sss_openssl_session_close(sss_openssl_session_t *session); - -/** @copydoc sss_session_delete - * - */ -void sss_openssl_session_delete(sss_openssl_session_t *session); - -/*! @} */ /* end of : sss_openssl_session */ - -/** - * @addtogroup sss_openssl_keyobj - * @{ - */ -/** @copydoc sss_key_object_init - * - */ -sss_status_t sss_openssl_key_object_init(sss_openssl_object_t *keyObject, sss_openssl_key_store_t *keyStore); - -/** @copydoc sss_key_object_allocate_handle - * - */ -sss_status_t sss_openssl_key_object_allocate_handle(sss_openssl_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t options); - -/** @copydoc sss_key_object_get_handle - * - */ -sss_status_t sss_openssl_key_object_get_handle(sss_openssl_object_t *keyObject, uint32_t keyId); - -/** @copydoc sss_key_object_set_user - * - */ -sss_status_t sss_openssl_key_object_set_user(sss_openssl_object_t *keyObject, uint32_t user, uint32_t options); - -/** @copydoc sss_key_object_set_purpose - * - */ -sss_status_t sss_openssl_key_object_set_purpose(sss_openssl_object_t *keyObject, sss_mode_t purpose, uint32_t options); - -/** @copydoc sss_key_object_set_access - * - */ -sss_status_t sss_openssl_key_object_set_access(sss_openssl_object_t *keyObject, uint32_t access, uint32_t options); - -/** @copydoc sss_key_object_set_eccgfp_group - * - */ -sss_status_t sss_openssl_key_object_set_eccgfp_group(sss_openssl_object_t *keyObject, sss_eccgfp_group_t *group); - -/** @copydoc sss_key_object_get_user - * - */ -sss_status_t sss_openssl_key_object_get_user(sss_openssl_object_t *keyObject, uint32_t *user); - -/** @copydoc sss_key_object_get_purpose - * - */ -sss_status_t sss_openssl_key_object_get_purpose(sss_openssl_object_t *keyObject, sss_mode_t *purpose); - -/** @copydoc sss_key_object_get_access - * - */ -sss_status_t sss_openssl_key_object_get_access(sss_openssl_object_t *keyObject, uint32_t *access); - -/** @copydoc sss_key_object_free - * - */ -void sss_openssl_key_object_free(sss_openssl_object_t *keyObject); - -/*! @} */ /* end of : sss_openssl_keyobj */ - -/** - * @addtogroup sss_openssl_keyderive - * @{ - */ -/** @copydoc sss_derive_key_context_init - * - */ -sss_status_t sss_openssl_derive_key_context_init(sss_openssl_derive_key_t *context, - sss_openssl_session_t *session, - sss_openssl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_derive_key_one_go -* -*/ -sss_status_t sss_openssl_derive_key_one_go(sss_openssl_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_openssl_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_sobj_one_go -* -*/ -sss_status_t sss_openssl_derive_key_sobj_one_go(sss_openssl_derive_key_t *context, - sss_openssl_object_t *saltKeyObject, - const uint8_t *info, - size_t infoLen, - sss_openssl_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_go - * - */ -sss_status_t sss_openssl_derive_key_go(sss_openssl_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_openssl_object_t *derivedKeyObject, - uint16_t deriveDataLen, - uint8_t *hkdfOutput, - size_t *hkdfOutputLen); - -/** @copydoc sss_derive_key_dh - * - */ -sss_status_t sss_openssl_derive_key_dh(sss_openssl_derive_key_t *context, - sss_openssl_object_t *otherPartyKeyObject, - sss_openssl_object_t *derivedKeyObject); - -/** @copydoc sss_derive_key_context_free - * - */ -void sss_openssl_derive_key_context_free(sss_openssl_derive_key_t *context); - -/*! @} */ /* end of : sss_openssl_keyderive */ - -/** - * @addtogroup sss_openssl_keystore - * @{ - */ -/** @copydoc sss_key_store_context_init - * - */ -sss_status_t sss_openssl_key_store_context_init(sss_openssl_key_store_t *keyStore, sss_openssl_session_t *session); - -/** @copydoc sss_key_store_allocate - * - */ -sss_status_t sss_openssl_key_store_allocate(sss_openssl_key_store_t *keyStore, uint32_t keyStoreId); - -/** @copydoc sss_key_store_save - * - */ -sss_status_t sss_openssl_key_store_save(sss_openssl_key_store_t *keyStore); - -/** @copydoc sss_key_store_load - * - */ -sss_status_t sss_openssl_key_store_load(sss_openssl_key_store_t *keyStore); - -/** @copydoc sss_key_store_set_key - * - */ -sss_status_t sss_openssl_key_store_set_key(sss_openssl_key_store_t *keyStore, - sss_openssl_object_t *keyObject, - const uint8_t *data, - size_t dataLen, - size_t keyBitLen, - void *options, - size_t optionsLen); - -/** @copydoc sss_key_store_generate_key - * - */ -sss_status_t sss_openssl_key_store_generate_key( - sss_openssl_key_store_t *keyStore, sss_openssl_object_t *keyObject, size_t keyBitLen, void *options); - -/** @copydoc sss_key_store_get_key - * - */ -sss_status_t sss_openssl_key_store_get_key(sss_openssl_key_store_t *keyStore, - sss_openssl_object_t *keyObject, - uint8_t *data, - size_t *dataLen, - size_t *pKeyBitLen); - -/** @copydoc sss_key_store_open_key - * - */ -sss_status_t sss_openssl_key_store_open_key(sss_openssl_key_store_t *keyStore, sss_openssl_object_t *keyObject); - -/** @copydoc sss_key_store_freeze_key - * - */ -sss_status_t sss_openssl_key_store_freeze_key(sss_openssl_key_store_t *keyStore, sss_openssl_object_t *keyObject); - -/** @copydoc sss_key_store_erase_key - * - */ -sss_status_t sss_openssl_key_store_erase_key(sss_openssl_key_store_t *keyStore, sss_openssl_object_t *keyObject); - -/** @copydoc sss_key_store_context_free - * - */ -void sss_openssl_key_store_context_free(sss_openssl_key_store_t *keyStore); - -/*! @} */ /* end of : sss_openssl_keystore */ - -/** - * @addtogroup sss_openssl_asym - * @{ - */ -/** @copydoc sss_asymmetric_context_init - * - */ -sss_status_t sss_openssl_asymmetric_context_init(sss_openssl_asymmetric_t *context, - sss_openssl_session_t *session, - sss_openssl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_asymmetric_encrypt - * - */ -sss_status_t sss_openssl_asymmetric_encrypt( - sss_openssl_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_decrypt - * - */ -sss_status_t sss_openssl_asymmetric_decrypt( - sss_openssl_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_sign_digest - * - */ -sss_status_t sss_openssl_asymmetric_sign_digest( - sss_openssl_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t *signatureLen); - -/** @copydoc sss_asymmetric_verify_digest - * - */ -sss_status_t sss_openssl_asymmetric_verify_digest( - sss_openssl_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t signatureLen); - -/** @copydoc sss_asymmetric_context_free - * - */ -void sss_openssl_asymmetric_context_free(sss_openssl_asymmetric_t *context); - -/*! @} */ /* end of : sss_openssl_asym */ - -/** - * @addtogroup sss_openssl_symm - * @{ - */ -/** @copydoc sss_symmetric_context_init - * - */ -sss_status_t sss_openssl_symmetric_context_init(sss_openssl_symmetric_t *context, - sss_openssl_session_t *session, - sss_openssl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_cipher_one_go - * - */ -sss_status_t sss_openssl_cipher_one_go(sss_openssl_symmetric_t *context, - uint8_t *iv, - size_t ivLen, - const uint8_t *srcData, - uint8_t *destData, - size_t dataLen); - -/** @copydoc sss_cipher_init - * - */ -sss_status_t sss_openssl_cipher_init(sss_openssl_symmetric_t *context, uint8_t *iv, size_t ivLen); - -/** @copydoc sss_cipher_update - * - */ -sss_status_t sss_openssl_cipher_update( - sss_openssl_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_finish - * - */ -sss_status_t sss_openssl_cipher_finish( - sss_openssl_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_crypt_ctr - * - */ -sss_status_t sss_openssl_cipher_crypt_ctr(sss_openssl_symmetric_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *initialCounter, - uint8_t *lastEncryptedCounter, - size_t *szLeft); - -/** @copydoc sss_symmetric_context_free - * - */ -void sss_openssl_symmetric_context_free(sss_openssl_symmetric_t *context); - -/*! @} */ /* end of : sss_openssl_symm */ - -/** - * @addtogroup sss_openssl_aead - * @{ - */ -/** @copydoc sss_aead_context_init - * - */ -sss_status_t sss_openssl_aead_context_init(sss_openssl_aead_t *context, - sss_openssl_session_t *session, - sss_openssl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_aead_one_go - * - */ -sss_status_t sss_openssl_aead_one_go(sss_openssl_aead_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *nonce, - size_t nonceLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_init - * - */ -sss_status_t sss_openssl_aead_init( - sss_openssl_aead_t *context, uint8_t *nonce, size_t nonceLen, size_t tagLen, size_t aadLen, size_t payloadLen); - -/** @copydoc sss_aead_update_aad - * - */ -sss_status_t sss_openssl_aead_update_aad(sss_openssl_aead_t *context, const uint8_t *aadData, size_t aadDataLen); - -/** @copydoc sss_aead_update - * - */ -sss_status_t sss_openssl_aead_update( - sss_openssl_aead_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_aead_finish - * - */ -sss_status_t sss_openssl_aead_finish(sss_openssl_aead_t *context, - const uint8_t *srcData, - size_t srcLen, - uint8_t *destData, - size_t *destLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_context_free - * - */ -void sss_openssl_aead_context_free(sss_openssl_aead_t *context); - -/*! @} */ /* end of : sss_openssl_aead */ - -/** - * @addtogroup sss_openssl_mac - * @{ - */ -/** @copydoc sss_mac_context_init - * - */ -sss_status_t sss_openssl_mac_context_init(sss_openssl_mac_t *context, - sss_openssl_session_t *session, - sss_openssl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_mac_one_go - * - */ -sss_status_t sss_openssl_mac_one_go( - sss_openssl_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_init - * - */ -sss_status_t sss_openssl_mac_init(sss_openssl_mac_t *context); - -/** @copydoc sss_mac_update - * - */ -sss_status_t sss_openssl_mac_update(sss_openssl_mac_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_mac_finish - * - */ -sss_status_t sss_openssl_mac_finish(sss_openssl_mac_t *context, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_context_free - * - */ -void sss_openssl_mac_context_free(sss_openssl_mac_t *context); - -/*! @} */ /* end of : sss_openssl_mac */ - -/** - * @addtogroup sss_openssl_md - * @{ - */ -/** @copydoc sss_digest_context_init - * - */ -sss_status_t sss_openssl_digest_context_init( - sss_openssl_digest_t *context, sss_openssl_session_t *session, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @copydoc sss_digest_one_go - * - */ -sss_status_t sss_openssl_digest_one_go( - sss_openssl_digest_t *context, const uint8_t *message, size_t messageLen, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_init - * - */ -sss_status_t sss_openssl_digest_init(sss_openssl_digest_t *context); - -/** @copydoc sss_digest_update - * - */ -sss_status_t sss_openssl_digest_update(sss_openssl_digest_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_digest_finish - * - */ -sss_status_t sss_openssl_digest_finish(sss_openssl_digest_t *context, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_context_free - * - */ -void sss_openssl_digest_context_free(sss_openssl_digest_t *context); - -/*! @} */ /* end of : sss_openssl_md */ - -/** - * @addtogroup sss_openssl_rng - * @{ - */ -/** @copydoc sss_rng_context_init - * - */ -sss_status_t sss_openssl_rng_context_init(sss_openssl_rng_context_t *context, sss_openssl_session_t *session); - -/** @copydoc sss_rng_get_random - * - */ -sss_status_t sss_openssl_rng_get_random(sss_openssl_rng_context_t *context, uint8_t *random_data, size_t dataLen); - -/** @copydoc sss_rng_context_free - * - */ -sss_status_t sss_openssl_rng_context_free(sss_openssl_rng_context_t *context); - -/*! @} */ /* end of : sss_openssl_rng */ - -/* clang-format off */ -# if (SSS_HAVE_SSS == 1) - /* Direct Call : session */ -# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \ - sss_openssl_session_create(((sss_openssl_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \ - sss_openssl_session_open(((sss_openssl_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_session_prop_get_u32(session,property,pValue) \ - sss_openssl_session_prop_get_u32(((sss_openssl_session_t * ) session),(property),(pValue)) -# define sss_session_prop_get_au8(session,property,pValue,pValueLen) \ - sss_openssl_session_prop_get_au8(((sss_openssl_session_t * ) session),(property),(pValue),(pValueLen)) -# define sss_session_close(session) \ - sss_openssl_session_close(((sss_openssl_session_t * ) session)) -# define sss_session_delete(session) \ - sss_openssl_session_delete(((sss_openssl_session_t * ) session)) - /* Direct Call : keyobj */ -# define sss_key_object_init(keyObject,keyStore) \ - sss_openssl_key_object_init(((sss_openssl_object_t * ) keyObject),((sss_openssl_key_store_t * ) keyStore)) -# define sss_key_object_allocate_handle(keyObject,keyId,keyPart,cipherType,keyByteLenMax,options) \ - sss_openssl_key_object_allocate_handle(((sss_openssl_object_t * ) keyObject),(keyId),(keyPart),(cipherType),(keyByteLenMax),(options)) -# define sss_key_object_get_handle(keyObject,keyId) \ - sss_openssl_key_object_get_handle(((sss_openssl_object_t * ) keyObject),(keyId)) -# define sss_key_object_set_user(keyObject,user,options) \ - sss_openssl_key_object_set_user(((sss_openssl_object_t * ) keyObject),(user),(options)) -# define sss_key_object_set_purpose(keyObject,purpose,options) \ - sss_openssl_key_object_set_purpose(((sss_openssl_object_t * ) keyObject),(purpose),(options)) -# define sss_key_object_set_access(keyObject,access,options) \ - sss_openssl_key_object_set_access(((sss_openssl_object_t * ) keyObject),(access),(options)) -# define sss_key_object_set_eccgfp_group(keyObject,group) \ - sss_openssl_key_object_set_eccgfp_group(((sss_openssl_object_t * ) keyObject),(group)) -# define sss_key_object_get_user(keyObject,user) \ - sss_openssl_key_object_get_user(((sss_openssl_object_t * ) keyObject),(user)) -# define sss_key_object_get_purpose(keyObject,purpose) \ - sss_openssl_key_object_get_purpose(((sss_openssl_object_t * ) keyObject),(purpose)) -# define sss_key_object_get_access(keyObject,access) \ - sss_openssl_key_object_get_access(((sss_openssl_object_t * ) keyObject),(access)) -# define sss_key_object_free(keyObject) \ - sss_openssl_key_object_free(((sss_openssl_object_t * ) keyObject)) - /* Direct Call : keyderive */ -# define sss_derive_key_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_derive_key_context_init(((sss_openssl_derive_key_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_derive_key_one_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen) \ - sss_openssl_derive_key_one_go(((sss_openssl_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_openssl_object_t * ) derivedKeyObject),(deriveDataLen)) -# define sss_derive_key_sobj_one_go(context,saltKeyObject,info,infoLen,derivedKeyObject,deriveDataLen) \ - sss_openssl_derive_key_sobj_one_go(((sss_openssl_derive_key_t * ) context),((sss_openssl_object_t *)saltKeyObject),(info),(infoLen),((sss_openssl_object_t * ) derivedKeyObject),(deriveDataLen)) -# define sss_derive_key_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen,hkdfOutput,hkdfOutputLen) \ - sss_openssl_derive_key_go(((sss_openssl_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_openssl_object_t * ) derivedKeyObject),(deriveDataLen),(hkdfOutput),(hkdfOutputLen)) -# define sss_derive_key_dh(context,otherPartyKeyObject,derivedKeyObject) \ - sss_openssl_derive_key_dh(((sss_openssl_derive_key_t * ) context),((sss_openssl_object_t * ) otherPartyKeyObject),((sss_openssl_object_t * ) derivedKeyObject)) -# define sss_derive_key_context_free(context) \ - sss_openssl_derive_key_context_free(((sss_openssl_derive_key_t * ) context)) - /* Direct Call : keystore */ -# define sss_key_store_context_init(keyStore,session) \ - sss_openssl_key_store_context_init(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_session_t * ) session)) -# define sss_key_store_allocate(keyStore,keyStoreId) \ - sss_openssl_key_store_allocate(((sss_openssl_key_store_t * ) keyStore),(keyStoreId)) -# define sss_key_store_save(keyStore) \ - sss_openssl_key_store_save(((sss_openssl_key_store_t * ) keyStore)) -# define sss_key_store_load(keyStore) \ - sss_openssl_key_store_load(((sss_openssl_key_store_t * ) keyStore)) -# define sss_key_store_set_key(keyStore,keyObject,data,dataLen,keyBitLen,options,optionsLen) \ - sss_openssl_key_store_set_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject),(data),(dataLen),(keyBitLen),(options),(optionsLen)) -# define sss_key_store_generate_key(keyStore,keyObject,keyBitLen,options) \ - sss_openssl_key_store_generate_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject),(keyBitLen),(options)) -# define sss_key_store_get_key(keyStore,keyObject,data,dataLen,pKeyBitLen) \ - sss_openssl_key_store_get_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject),(data),(dataLen),(pKeyBitLen)) -# define sss_key_store_open_key(keyStore,keyObject) \ - sss_openssl_key_store_open_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject)) -# define sss_key_store_freeze_key(keyStore,keyObject) \ - sss_openssl_key_store_freeze_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject)) -# define sss_key_store_erase_key(keyStore,keyObject) \ - sss_openssl_key_store_erase_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject)) -# define sss_key_store_context_free(keyStore) \ - sss_openssl_key_store_context_free(((sss_openssl_key_store_t * ) keyStore)) - /* Direct Call : asym */ -# define sss_asymmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_asymmetric_context_init(((sss_openssl_asymmetric_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_asymmetric_encrypt(context,srcData,srcLen,destData,destLen) \ - sss_openssl_asymmetric_encrypt(((sss_openssl_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_asymmetric_decrypt(context,srcData,srcLen,destData,destLen) \ - sss_openssl_asymmetric_decrypt(((sss_openssl_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_asymmetric_sign_digest(context,digest,digestLen,signature,signatureLen) \ - sss_openssl_asymmetric_sign_digest(((sss_openssl_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_asymmetric_verify_digest(context,digest,digestLen,signature,signatureLen) \ - sss_openssl_asymmetric_verify_digest(((sss_openssl_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_asymmetric_context_free(context) \ - sss_openssl_asymmetric_context_free(((sss_openssl_asymmetric_t * ) context)) - /* Direct Call : symm */ -# define sss_symmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_symmetric_context_init(((sss_openssl_symmetric_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_cipher_one_go(context,iv,ivLen,srcData,destData,dataLen) \ - sss_openssl_cipher_one_go(((sss_openssl_symmetric_t * ) context),(iv),(ivLen),(srcData),(destData),(dataLen)) -# define sss_cipher_init(context,iv,ivLen) \ - sss_openssl_cipher_init(((sss_openssl_symmetric_t * ) context),(iv),(ivLen)) -# define sss_cipher_update(context,srcData,srcLen,destData,destLen) \ - sss_openssl_cipher_update(((sss_openssl_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_cipher_finish(context,srcData,srcLen,destData,destLen) \ - sss_openssl_cipher_finish(((sss_openssl_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_cipher_crypt_ctr(context,srcData,destData,size,initialCounter,lastEncryptedCounter,szLeft) \ - sss_openssl_cipher_crypt_ctr(((sss_openssl_symmetric_t * ) context),(srcData),(destData),(size),(initialCounter),(lastEncryptedCounter),(szLeft)) -# define sss_symmetric_context_free(context) \ - sss_openssl_symmetric_context_free(((sss_openssl_symmetric_t * ) context)) - /* Direct Call : aead */ -# define sss_aead_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_aead_context_init(((sss_openssl_aead_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_aead_one_go(context,srcData,destData,size,nonce,nonceLen,aad,aadLen,tag,tagLen) \ - sss_openssl_aead_one_go(((sss_openssl_aead_t * ) context),(srcData),(destData),(size),(nonce),(nonceLen),(aad),(aadLen),(tag),(tagLen)) -# define sss_aead_init(context,nonce,nonceLen,tagLen,aadLen,payloadLen) \ - sss_openssl_aead_init(((sss_openssl_aead_t * ) context),(nonce),(nonceLen),(tagLen),(aadLen),(payloadLen)) -# define sss_aead_update_aad(context,aadData,aadDataLen) \ - sss_openssl_aead_update_aad(((sss_openssl_aead_t * ) context),(aadData),(aadDataLen)) -# define sss_aead_update(context,srcData,srcLen,destData,destLen) \ - sss_openssl_aead_update(((sss_openssl_aead_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_aead_finish(context,srcData,srcLen,destData,destLen,tag,tagLen) \ - sss_openssl_aead_finish(((sss_openssl_aead_t * ) context),(srcData),(srcLen),(destData),(destLen),(tag),(tagLen)) -# define sss_aead_context_free(context) \ - sss_openssl_aead_context_free(((sss_openssl_aead_t * ) context)) - /* Direct Call : mac */ -# define sss_mac_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_mac_context_init(((sss_openssl_mac_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_mac_one_go(context,message,messageLen,mac,macLen) \ - sss_openssl_mac_one_go(((sss_openssl_mac_t * ) context),(message),(messageLen),(mac),(macLen)) -# define sss_mac_init(context) \ - sss_openssl_mac_init(((sss_openssl_mac_t * ) context)) -# define sss_mac_update(context,message,messageLen) \ - sss_openssl_mac_update(((sss_openssl_mac_t * ) context),(message),(messageLen)) -# define sss_mac_finish(context,mac,macLen) \ - sss_openssl_mac_finish(((sss_openssl_mac_t * ) context),(mac),(macLen)) -# define sss_mac_context_free(context) \ - sss_openssl_mac_context_free(((sss_openssl_mac_t * ) context)) - /* Direct Call : md */ -# define sss_digest_context_init(context,session,algorithm,mode) \ - sss_openssl_digest_context_init(((sss_openssl_digest_t * ) context),((sss_openssl_session_t * ) session),(algorithm),(mode)) -# define sss_digest_one_go(context,message,messageLen,digest,digestLen) \ - sss_openssl_digest_one_go(((sss_openssl_digest_t * ) context),(message),(messageLen),(digest),(digestLen)) -# define sss_digest_init(context) \ - sss_openssl_digest_init(((sss_openssl_digest_t * ) context)) -# define sss_digest_update(context,message,messageLen) \ - sss_openssl_digest_update(((sss_openssl_digest_t * ) context),(message),(messageLen)) -# define sss_digest_finish(context,digest,digestLen) \ - sss_openssl_digest_finish(((sss_openssl_digest_t * ) context),(digest),(digestLen)) -# define sss_digest_context_free(context) \ - sss_openssl_digest_context_free(((sss_openssl_digest_t * ) context)) - /* Direct Call : rng */ -# define sss_rng_context_init(context,session) \ - sss_openssl_rng_context_init(((sss_openssl_rng_context_t * ) context),((sss_openssl_session_t * ) session)) -# define sss_rng_get_random(context,random_data,dataLen) \ - sss_openssl_rng_get_random(((sss_openssl_rng_context_t * ) context),(random_data),(dataLen)) -# define sss_rng_context_free(context) \ - sss_openssl_rng_context_free(((sss_openssl_rng_context_t * ) context)) -# endif /* (SSS_HAVE_SSS == 1) */ -# if (SSS_HAVE_MBEDTLS == 0) - /* Host Call : session */ -# define sss_host_session_create(session,subsystem,application_id,connection_type,connectionData) \ - sss_openssl_session_create(((sss_openssl_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_host_session_open(session,subsystem,application_id,connection_type,connectionData) \ - sss_openssl_session_open(((sss_openssl_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_host_session_prop_get_u32(session,property,pValue) \ - sss_openssl_session_prop_get_u32(((sss_openssl_session_t * ) session),(property),(pValue)) -# define sss_host_session_prop_get_au8(session,property,pValue,pValueLen) \ - sss_openssl_session_prop_get_au8(((sss_openssl_session_t * ) session),(property),(pValue),(pValueLen)) -# define sss_host_session_close(session) \ - sss_openssl_session_close(((sss_openssl_session_t * ) session)) -# define sss_host_session_delete(session) \ - sss_openssl_session_delete(((sss_openssl_session_t * ) session)) - /* Host Call : keyobj */ -# define sss_host_key_object_init(keyObject,keyStore) \ - sss_openssl_key_object_init(((sss_openssl_object_t * ) keyObject),((sss_openssl_key_store_t * ) keyStore)) -# define sss_host_key_object_allocate_handle(keyObject,keyId,keyPart,cipherType,keyByteLenMax,options) \ - sss_openssl_key_object_allocate_handle(((sss_openssl_object_t * ) keyObject),(keyId),(keyPart),(cipherType),(keyByteLenMax),(options)) -# define sss_host_key_object_get_handle(keyObject,keyId) \ - sss_openssl_key_object_get_handle(((sss_openssl_object_t * ) keyObject),(keyId)) -# define sss_host_key_object_set_user(keyObject,user,options) \ - sss_openssl_key_object_set_user(((sss_openssl_object_t * ) keyObject),(user),(options)) -# define sss_host_key_object_set_purpose(keyObject,purpose,options) \ - sss_openssl_key_object_set_purpose(((sss_openssl_object_t * ) keyObject),(purpose),(options)) -# define sss_host_key_object_set_access(keyObject,access,options) \ - sss_openssl_key_object_set_access(((sss_openssl_object_t * ) keyObject),(access),(options)) -# define sss_host_key_object_set_eccgfp_group(keyObject,group) \ - sss_openssl_key_object_set_eccgfp_group(((sss_openssl_object_t * ) keyObject),(group)) -# define sss_host_key_object_get_user(keyObject,user) \ - sss_openssl_key_object_get_user(((sss_openssl_object_t * ) keyObject),(user)) -# define sss_host_key_object_get_purpose(keyObject,purpose) \ - sss_openssl_key_object_get_purpose(((sss_openssl_object_t * ) keyObject),(purpose)) -# define sss_host_key_object_get_access(keyObject,access) \ - sss_openssl_key_object_get_access(((sss_openssl_object_t * ) keyObject),(access)) -# define sss_host_key_object_free(keyObject) \ - sss_openssl_key_object_free(((sss_openssl_object_t * ) keyObject)) - /* Host Call : keyderive */ -# define sss_host_derive_key_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_derive_key_context_init(((sss_openssl_derive_key_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_derive_key_one_go(context,saltData,saltLen,saltKeyObject,info,infoLen,derivedKeyObject,deriveDataLen) \ - sss_openssl_derive_key_go(((sss_openssl_derive_key_t * ) context),(saltData),(saltLen),((sss_openssl_object_t *)saltKeyObject),(info),(infoLen),((sss_openssl_object_t * ) derivedKeyObject),(deriveDataLen)) -# define sss_host_derive_key_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen,hkdfOutput,hkdfOutputLen) \ - sss_openssl_derive_key_go(((sss_openssl_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_openssl_object_t * ) derivedKeyObject),(deriveDataLen),(hkdfOutput),(hkdfOutputLen)) -# define sss_host_derive_key_dh(context,otherPartyKeyObject,derivedKeyObject) \ - sss_openssl_derive_key_dh(((sss_openssl_derive_key_t * ) context),((sss_openssl_object_t * ) otherPartyKeyObject),((sss_openssl_object_t * ) derivedKeyObject)) -# define sss_host_derive_key_context_free(context) \ - sss_openssl_derive_key_context_free(((sss_openssl_derive_key_t * ) context)) - /* Host Call : keystore */ -# define sss_host_key_store_context_init(keyStore,session) \ - sss_openssl_key_store_context_init(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_session_t * ) session)) -# define sss_host_key_store_allocate(keyStore,keyStoreId) \ - sss_openssl_key_store_allocate(((sss_openssl_key_store_t * ) keyStore),(keyStoreId)) -# define sss_host_key_store_save(keyStore) \ - sss_openssl_key_store_save(((sss_openssl_key_store_t * ) keyStore)) -# define sss_host_key_store_load(keyStore) \ - sss_openssl_key_store_load(((sss_openssl_key_store_t * ) keyStore)) -# define sss_host_key_store_set_key(keyStore,keyObject,data,dataLen,keyBitLen,options,optionsLen) \ - sss_openssl_key_store_set_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject),(data),(dataLen),(keyBitLen),(options),(optionsLen)) -# define sss_host_key_store_generate_key(keyStore,keyObject,keyBitLen,options) \ - sss_openssl_key_store_generate_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject),(keyBitLen),(options)) -# define sss_host_key_store_get_key(keyStore,keyObject,data,dataLen,pKeyBitLen) \ - sss_openssl_key_store_get_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject),(data),(dataLen),(pKeyBitLen)) -# define sss_host_key_store_open_key(keyStore,keyObject) \ - sss_openssl_key_store_open_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject)) -# define sss_host_key_store_freeze_key(keyStore,keyObject) \ - sss_openssl_key_store_freeze_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject)) -# define sss_host_key_store_erase_key(keyStore,keyObject) \ - sss_openssl_key_store_erase_key(((sss_openssl_key_store_t * ) keyStore),((sss_openssl_object_t * ) keyObject)) -# define sss_host_key_store_context_free(keyStore) \ - sss_openssl_key_store_context_free(((sss_openssl_key_store_t * ) keyStore)) - /* Host Call : asym */ -# define sss_host_asymmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_asymmetric_context_init(((sss_openssl_asymmetric_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_asymmetric_encrypt(context,srcData,srcLen,destData,destLen) \ - sss_openssl_asymmetric_encrypt(((sss_openssl_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_asymmetric_decrypt(context,srcData,srcLen,destData,destLen) \ - sss_openssl_asymmetric_decrypt(((sss_openssl_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_asymmetric_sign_digest(context,digest,digestLen,signature,signatureLen) \ - sss_openssl_asymmetric_sign_digest(((sss_openssl_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_host_asymmetric_verify_digest(context,digest,digestLen,signature,signatureLen) \ - sss_openssl_asymmetric_verify_digest(((sss_openssl_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_host_asymmetric_context_free(context) \ - sss_openssl_asymmetric_context_free(((sss_openssl_asymmetric_t * ) context)) - /* Host Call : symm */ -# define sss_host_symmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_symmetric_context_init(((sss_openssl_symmetric_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_cipher_one_go(context,iv,ivLen,srcData,destData,dataLen) \ - sss_openssl_cipher_one_go(((sss_openssl_symmetric_t * ) context),(iv),(ivLen),(srcData),(destData),(dataLen)) -# define sss_host_cipher_init(context,iv,ivLen) \ - sss_openssl_cipher_init(((sss_openssl_symmetric_t * ) context),(iv),(ivLen)) -# define sss_host_cipher_update(context,srcData,srcLen,destData,destLen) \ - sss_openssl_cipher_update(((sss_openssl_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_cipher_finish(context,srcData,srcLen,destData,destLen) \ - sss_openssl_cipher_finish(((sss_openssl_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_cipher_crypt_ctr(context,srcData,destData,size,initialCounter,lastEncryptedCounter,szLeft) \ - sss_openssl_cipher_crypt_ctr(((sss_openssl_symmetric_t * ) context),(srcData),(destData),(size),(initialCounter),(lastEncryptedCounter),(szLeft)) -# define sss_host_symmetric_context_free(context) \ - sss_openssl_symmetric_context_free(((sss_openssl_symmetric_t * ) context)) - /* Host Call : aead */ -# define sss_host_aead_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_aead_context_init(((sss_openssl_aead_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_aead_one_go(context,srcData,destData,size,nonce,nonceLen,aad,aadLen,tag,tagLen) \ - sss_openssl_aead_one_go(((sss_openssl_aead_t * ) context),(srcData),(destData),(size),(nonce),(nonceLen),(aad),(aadLen),(tag),(tagLen)) -# define sss_host_aead_init(context,nonce,nonceLen,tagLen,aadLen,payloadLen) \ - sss_openssl_aead_init(((sss_openssl_aead_t * ) context),(nonce),(nonceLen),(tagLen),(aadLen),(payloadLen)) -# define sss_host_aead_update_aad(context,aadData,aadDataLen) \ - sss_openssl_aead_update_aad(((sss_openssl_aead_t * ) context),(aadData),(aadDataLen)) -# define sss_host_aead_update(context,srcData,srcLen,destData,destLen) \ - sss_openssl_aead_update(((sss_openssl_aead_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_aead_finish(context,srcData,srcLen,destData,destLen,tag,tagLen) \ - sss_openssl_aead_finish(((sss_openssl_aead_t * ) context),(srcData),(srcLen),(destData),(destLen),(tag),(tagLen)) -# define sss_host_aead_context_free(context) \ - sss_openssl_aead_context_free(((sss_openssl_aead_t * ) context)) - /* Host Call : mac */ -# define sss_host_mac_context_init(context,session,keyObject,algorithm,mode) \ - sss_openssl_mac_context_init(((sss_openssl_mac_t * ) context),((sss_openssl_session_t * ) session),((sss_openssl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_mac_one_go(context,message,messageLen,mac,macLen) \ - sss_openssl_mac_one_go(((sss_openssl_mac_t * ) context),(message),(messageLen),(mac),(macLen)) -# define sss_host_mac_init(context) \ - sss_openssl_mac_init(((sss_openssl_mac_t * ) context)) -# define sss_host_mac_update(context,message,messageLen) \ - sss_openssl_mac_update(((sss_openssl_mac_t * ) context),(message),(messageLen)) -# define sss_host_mac_finish(context,mac,macLen) \ - sss_openssl_mac_finish(((sss_openssl_mac_t * ) context),(mac),(macLen)) -# define sss_host_mac_context_free(context) \ - sss_openssl_mac_context_free(((sss_openssl_mac_t * ) context)) - /* Host Call : md */ -# define sss_host_digest_context_init(context,session,algorithm,mode) \ - sss_openssl_digest_context_init(((sss_openssl_digest_t * ) context),((sss_openssl_session_t * ) session),(algorithm),(mode)) -# define sss_host_digest_one_go(context,message,messageLen,digest,digestLen) \ - sss_openssl_digest_one_go(((sss_openssl_digest_t * ) context),(message),(messageLen),(digest),(digestLen)) -# define sss_host_digest_init(context) \ - sss_openssl_digest_init(((sss_openssl_digest_t * ) context)) -# define sss_host_digest_update(context,message,messageLen) \ - sss_openssl_digest_update(((sss_openssl_digest_t * ) context),(message),(messageLen)) -# define sss_host_digest_finish(context,digest,digestLen) \ - sss_openssl_digest_finish(((sss_openssl_digest_t * ) context),(digest),(digestLen)) -# define sss_host_digest_context_free(context) \ - sss_openssl_digest_context_free(((sss_openssl_digest_t * ) context)) - /* Host Call : rng */ -# define sss_host_rng_context_init(context,session) \ - sss_openssl_rng_context_init(((sss_openssl_rng_context_t * ) context),((sss_openssl_session_t * ) session)) -# define sss_host_rng_get_random(context,random_data,dataLen) \ - sss_openssl_rng_get_random(((sss_openssl_rng_context_t * ) context),(random_data),(dataLen)) -# define sss_host_rng_context_free(context) \ - sss_openssl_rng_context_free(((sss_openssl_rng_context_t * ) context)) -# endif /* (SSS_HAVE_SSS == 1) */ -/* clang-format on */ -#endif /* SSS_HAVE_OPENSSL */ -#ifdef __cplusplus -} // extern "C" -#endif /* __cplusplus */ - -#endif /* FSL_SSS_OPENSSL_APIS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_types.h deleted file mode 100644 index f76bf5b39..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_openssl_types.h +++ /dev/null @@ -1,239 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_APIS_INC_FSL_SSS_OPENSSL_TYPES_H_ -#define SSS_APIS_INC_FSL_SSS_OPENSSL_TYPES_H_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#include -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_OPENSSL - -#include -#include -#include -#include -/** - * @addtogroup sss_sw_openssl - * @{ - */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -#define SSS_SUBSYSTEM_TYPE_IS_OPENSSL(subsystem) (subsystem == kType_SSS_OpenSSL) - -#define SSS_SESSION_TYPE_IS_OPENSSL(session) (session && SSS_SUBSYSTEM_TYPE_IS_OPENSSL(session->subsystem)) - -#define SSS_KEY_STORE_TYPE_IS_OPENSSL(keyStore) (keyStore && SSS_SESSION_TYPE_IS_OPENSSL(keyStore->session)) - -#define SSS_OBJECT_TYPE_IS_OPENSSL(pObject) (pObject && SSS_KEY_STORE_TYPE_IS_OPENSSL(pObject->keyStore)) - -#define SSS_ASYMMETRIC_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -#define SSS_DERIVE_KEY_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -#define SSS_SYMMETRIC_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -#define SSS_MAC_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -#define SSS_RNG_CONTEXT_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -#define SSS_DIGEST_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -#define SSS_AEAD_TYPE_IS_OPENSSL(context) (context && SSS_SESSION_TYPE_IS_OPENSSL(context->session)) - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -struct _sss_openssl_session; - -typedef struct _sss_openssl_session -{ - /*! Indicates which security subsystem is selected to be used. */ - sss_type_t subsystem; - - /* Root Path for persitant key store */ - const char *szRootPath; -} sss_openssl_session_t; - -struct _sss_openssl_object; - -typedef struct _sss_openssl_key_store -{ - sss_openssl_session_t *session; - - /*! Implementation specific part */ - struct _sss_openssl_object **objects; - uint32_t max_object_count; - - keyStoreTable_t *keystore_shadow; - -} sss_openssl_key_store_t; - -typedef struct _sss_openssl_object -{ - /*! key store holding the data and other properties */ - sss_openssl_key_store_t *keyStore; - /*! Object types */ - uint32_t objectType; - uint32_t cipherType; - /*! Application specific key identifier. The keyId is kept in the key store - * along with the key data and other properties. */ - uint32_t keyId; - - /*! Implementation specific part */ - /** Contents are malloced, so must be freed */ - uint32_t contents_must_free : 1; - /** Type of key. Persistnet/trainsient @ref sss_key_object_mode_t */ - uint32_t keyMode : 3; - /** Max size allocated */ - size_t contents_max_size; - size_t contents_size; - size_t keyBitLen; - uint32_t user_id; - sss_mode_t purpose; - sss_access_permission_t accessRights; - /* malloced / referenced contents */ - void *contents; -} sss_openssl_object_t; - -typedef struct _sss_openssl_derive_key -{ - sss_openssl_session_t *session; - sss_openssl_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - -} sss_openssl_derive_key_t; - -typedef struct _sss_openssl_asymmetric -{ - sss_openssl_session_t *session; - sss_openssl_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - -} sss_openssl_asymmetric_t; - -typedef struct _sss_openssl_symmetric -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_openssl_session_t *session; - sss_openssl_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - EVP_CIPHER_CTX *cipher_ctx; - uint8_t cache_data[16]; - size_t cache_data_len; -} sss_openssl_symmetric_t; - -typedef struct -{ - sss_openssl_session_t *session; - sss_openssl_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ - CMAC_CTX *cmac_ctx; - HMAC_CTX *hmac_ctx; -} sss_openssl_mac_t; - -typedef struct _sss_openssl_aead -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_openssl_session_t *session; - sss_openssl_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - - /*! Implementation specific part */ - EVP_CIPHER_CTX *aead_ctx; /*!< Reference to aead context. */ - uint8_t cache_data[16]; /*!< Cache for GCM data */ - size_t cache_data_len; /*!< Store GCM Cache len*/ - uint8_t *pCcm_data; /*!< Ref to CCM data dynamic allocated.. */ - size_t ccm_dataTotalLen; /*!< Store CCM data total len. */ - size_t ccm_dataoffset; /*!< Store CCM data offset. */ - uint8_t *pCcm_tag; /*!< Reference to tag. */ - size_t ccm_tagLen; /*!< Store tag len. */ - const uint8_t *pCcm_aad; /*!< Reference to AAD */ - size_t ccm_aadLen; /*!< Store AAD len. */ - const uint8_t *pCcm_iv; /*!< Reference to IV. */ - size_t ccm_ivLen; /*!< Store IV len. */ -} sss_openssl_aead_t; - -typedef struct _sss_openssl_digest -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_openssl_session_t *session; - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - /*! Full digest length per algorithm definition. This field is initialized along with algorithm. */ - size_t digestFullLen; - /*! Implementation specific part */ - EVP_MD_CTX *mdctx; -} sss_openssl_digest_t; - -typedef struct -{ - sss_openssl_session_t *session; -} sss_openssl_rng_context_t; - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** Similar to @ref sss_openssl_asymmetric_sign_digest, -* -* but hashing/digest done by openssl -*/ -sss_status_t sss_openssl_asymmetric_sign( - sss_openssl_asymmetric_t *context, uint8_t *srcData, size_t srcLen, uint8_t *signature, size_t *signatureLen); - -/** Similar to @ref sss_openssl_asymmetric_verify_digest, -* but hashing/digest done by openssl -* -*/ -sss_status_t sss_openssl_asymmetric_verify( - sss_openssl_asymmetric_t *context, uint8_t *srcData, size_t srcLen, uint8_t *signature, size_t signatureLen); - -/** Store key inside persistant key store */ -sss_status_t ks_openssl_store_key(const sss_openssl_object_t *sss_key); - -sss_status_t ks_openssl_load_key(sss_openssl_object_t *sss_key, keyStoreTable_t *keystore_shadow, uint32_t extKeyId); - -sss_status_t ks_openssl_fat_update(sss_openssl_key_store_t *keyStore); - -sss_status_t ks_openssl_remove_key(const sss_openssl_object_t *sss_key); - -sss_status_t sss_openssl_key_object_allocate(sss_openssl_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t keyMode); - -/** @} */ - -#endif /* SSS_HAVE_OPENSSL */ - -#endif /* SSS_APIS_INC_FSL_SSS_OPENSSL_TYPES_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_policy.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_policy.h deleted file mode 100644 index 5edff4859..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_policy.h +++ /dev/null @@ -1,221 +0,0 @@ -/* - * - * Copyright 2019,2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ -/** @file */ - -#ifndef _FSL_SSS_POLICY_H_ -#define _FSL_SSS_POLICY_H_ - -#if !defined(SSS_CONFIG_FILE) -#include "fsl_sss_config.h" -#else -#include SSS_CONFIG_FILE -#endif - -#include "fsl_sss_types.h" -//#include - -/** @defgroup sss_policy Policy - * - * Policies to restrict and control sessions and objects. - */ - -/** @addtogroup sss_policy - * @{ */ - -/** Type of policy */ -typedef enum -{ - /** No policy applied */ - KPolicy_None, - /** Policy related to session. @see sss_policy_session_u */ - KPolicy_Session, - /** Policy related to key. @see sss_policy_key_u */ - KPolicy_Sym_Key, - KPolicy_Asym_Key, - KPolicy_UserID, - KPolicy_File, - KPolicy_Counter, - KPolicy_PCR, - KPolicy_Common, - KPolicy_Common_PCR_Value, -} sss_policy_type_u; - -/** Policy applicable to a session */ -typedef struct -{ - /** Number of operations permitted in a session */ - uint16_t maxOperationsInSession; - /** Session can be used for this much time, in seconds */ - uint16_t maxDurationOfSession_sec; - /** Whether maxOperationsInSession is set. - * This is to ensure '0 == maxOperationsInSession' does not get set - * by middleware. */ - uint8_t has_MaxOperationsInSession : 1; - /** Whether maxOperationsInSession is set. - * This is to ensure '0 == maxDurationOfSession_sec' does not get set - * by middleware. */ - uint8_t has_MaxDurationOfSession_sec : 1; - /** Whether this session can be refreshed without losing context. - * And also reset maxDurationOfSession_sec / maxOperationsInSession */ - uint8_t allowRefresh : 1; -} sss_policy_session_u; - -/** Policies applicable to Symmetric KEY */ -typedef struct -{ - /** Allow signature generation */ - uint8_t can_Sign : 1; - /** Allow signature verification */ - uint8_t can_Verify : 1; - /** Allow encryption */ - uint8_t can_Encrypt : 1; - /** Allow decryption */ - uint8_t can_Decrypt : 1; - /** Allow key derivation */ - uint8_t can_KD : 1; - /** Allow key wrapping */ - uint8_t can_Wrap : 1; - /** Allow to write the object */ - uint8_t can_Write : 1; - /** Allow to (re)generate the object */ - uint8_t can_Gen : 1; - /** Allow to perform DESFire authentication */ - uint8_t can_Desfire_Auth : 1; - /** Allow to dump DESFire session keys */ - uint8_t can_Desfire_Dump : 1; - /** Allow to imported or exported */ - uint8_t can_Import_Export : 1; -#if 1 // SSS_HAVE_SE05X_VER_GTE_06_00 - /** Forbid derived output */ - uint8_t forbid_Derived_Output : 1; -#endif - /** Allow kdf(prf) external random */ - uint8_t allow_kdf_ext_rnd : 1; -} sss_policy_sym_key_u; - -/** Policies applicable to Asymmetric KEY */ -typedef struct -{ - /** Allow signature generation */ - uint8_t can_Sign : 1; - /** Allow signature verification */ - uint8_t can_Verify : 1; - /** Allow encryption */ - uint8_t can_Encrypt : 1; - /** Allow decryption */ - uint8_t can_Decrypt : 1; - /** Allow key derivation */ - uint8_t can_KD : 1; - /** Allow key wrapping */ - uint8_t can_Wrap : 1; - /** Allow to write the object */ - uint8_t can_Write : 1; - /** Allow to (re)generate the object */ - uint8_t can_Gen : 1; - /** Allow to imported or exported */ - uint8_t can_Import_Export : 1; - /** Allow key agreement */ - uint8_t can_KA : 1; - /** Allow to read the object */ - uint8_t can_Read : 1; - /** Allow to attest an object */ - uint8_t can_Attest : 1; -#if 1 // SSS_HAVE_SE05X_VER_GTE_06_00 - /** Forbid derived output */ - uint8_t forbid_Derived_Output : 1; -#endif -} sss_policy_asym_key_u; - -/** All policies related to secure object type File */ -typedef struct -{ - /** Allow to write the object */ - uint8_t can_Write : 1; - /** Allow to read the object */ - uint8_t can_Read : 1; -} sss_policy_file_u; - -/** All policies related to secure object type Counter */ -typedef struct -{ - /** Allow to write the object */ - uint8_t can_Write : 1; - /** Allow to read the object */ - uint8_t can_Read : 1; -} sss_policy_counter_u; - -/** All policies related to secure object type PCR */ -typedef struct -{ - /** Allow to write the object */ - uint8_t can_Write : 1; - /** Allow to read the object */ - uint8_t can_Read : 1; -} sss_policy_pcr_u; - -/** All policies related to secure object type UserID */ -typedef struct -{ - /** Allow to write the object */ - uint8_t can_Write : 1; -} sss_policy_userid_u; - -/** Common Policies for all object types */ -typedef struct -{ - /** Forbid all operations */ - uint8_t forbid_All : 1; - /** Allow to delete the object */ - uint8_t can_Delete : 1; - /** Require having secure messaging enabled with encryption and integrity on the command */ - uint8_t req_Sm : 1; -} sss_policy_common_u; - -/** Common PCR Value Policies for all object types */ -typedef struct -{ - /** PCR object ID */ - uint32_t pcrObjId; - /** Expected value of the PCR */ - uint8_t pcrExpectedValue[32]; -} sss_policy_common_pcr_value_u; - -/** Unique/individual policy. - * For any operation, you need array of sss_policy_u. - */ -typedef struct -{ - /** Secure Object Type */ - sss_policy_type_u type; - /** Auth ID for each Object Policy, invalid for session policy type == KPolicy_Session*/ - uint32_t auth_obj_id; - /** Union of applicable policies based on the type of object - */ - union { - sss_policy_file_u file; - sss_policy_counter_u counter; - sss_policy_pcr_u pcr; - sss_policy_sym_key_u symmkey; - sss_policy_asym_key_u asymmkey; - sss_policy_userid_u pin; - sss_policy_common_u common; - sss_policy_common_pcr_value_u common_pcr_value; - sss_policy_session_u session; - } policy; -} sss_policy_u; - -/** An array of policies @ref sss_policy_u */ -typedef struct -{ - /** Array of unique policies, this needs to be allocated based nPolicies */ - const sss_policy_u *policies[SSS_POLICY_COUNT_MAX]; - /** Number of policies */ - size_t nPolicies; -} sss_policy_t; - -/** @} */ - -#endif /* _FSL_SSS_POLICY_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_apis.h deleted file mode 100644 index b0937f8f5..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_apis.h +++ /dev/null @@ -1,781 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** @file */ - -#ifndef FSL_SSS_SE05X_APIS_H -#define FSL_SSS_SE05X_APIS_H - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT -#include - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/** - * @addtogroup sss_se05x_session - * @{ - */ -/** @copydoc sss_session_create - * - */ -sss_status_t sss_se05x_session_create(sss_se05x_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_open - * - */ -sss_status_t sss_se05x_session_open(sss_se05x_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_prop_get_u32 - * - */ -sss_status_t sss_se05x_session_prop_get_u32(sss_se05x_session_t *session, uint32_t property, uint32_t *pValue); - -/** @copydoc sss_session_prop_get_au8 - * - */ -sss_status_t sss_se05x_session_prop_get_au8( - sss_se05x_session_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** @copydoc sss_session_close - * - */ -void sss_se05x_session_close(sss_se05x_session_t *session); - -/** @copydoc sss_session_delete - * - */ -void sss_se05x_session_delete(sss_se05x_session_t *session); - -/*! @} */ /* end of : sss_se05x_session */ - -/** - * @addtogroup sss_se05x_keyobj - * @{ - */ -/** @copydoc sss_key_object_init - * - */ -sss_status_t sss_se05x_key_object_init(sss_se05x_object_t *keyObject, sss_se05x_key_store_t *keyStore); - -/** @copydoc sss_key_object_allocate_handle - * - * On SE050, the memory get reserved only when the actual object is created and - * hence there is no memory reservation happening in this API call. but - * internally it checks if the object already exists or not . if the object is - * already existing it returns a failure. - * - */ -sss_status_t sss_se05x_key_object_allocate_handle(sss_se05x_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t options); - -/** @copydoc sss_key_object_get_handle - * - * On SE05X, this API uses @ref Se05x_API_ReadType and fetches - * parameters of the API. - * - */ -sss_status_t sss_se05x_key_object_get_handle(sss_se05x_object_t *keyObject, uint32_t keyId); - -/** Not Available for SE05X - * - */ -sss_status_t sss_se05x_key_object_set_user(sss_se05x_object_t *keyObject, uint32_t user, uint32_t options); - -/** @copydoc sss_key_object_set_purpose - * - */ -sss_status_t sss_se05x_key_object_set_purpose(sss_se05x_object_t *keyObject, sss_mode_t purpose, uint32_t options); - -/** Not Available for SE05X - * - */ -sss_status_t sss_se05x_key_object_set_access(sss_se05x_object_t *keyObject, uint32_t access, uint32_t options); - -/** Not Available for SE05X - * - */ -sss_status_t sss_se05x_key_object_set_eccgfp_group(sss_se05x_object_t *keyObject, sss_eccgfp_group_t *group); - -/** Not Available for SE05X - * - */ -sss_status_t sss_se05x_key_object_get_user(sss_se05x_object_t *keyObject, uint32_t *user); - -/** Not Available for SE05X - * - */ -sss_status_t sss_se05x_key_object_get_purpose(sss_se05x_object_t *keyObject, sss_mode_t *purpose); - -/** Not Available for SE05X - * - */ -sss_status_t sss_se05x_key_object_get_access(sss_se05x_object_t *keyObject, uint32_t *access); - -/** @copydoc sss_key_object_free - * - * On SE050, this has no impact on physical Key Object. - */ -void sss_se05x_key_object_free(sss_se05x_object_t *keyObject); - -/*! @} */ /* end of : sss_se05x_keyobj */ - -/** - * @addtogroup sss_se05x_keyderive - * @{ - */ -/** @copydoc sss_derive_key_context_init - * - */ -sss_status_t sss_se05x_derive_key_context_init(sss_se05x_derive_key_t *context, - sss_se05x_session_t *session, - sss_se05x_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_derive_key_go - * - */ -sss_status_t sss_se05x_derive_key_go(sss_se05x_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_se05x_object_t *derivedKeyObject, - uint16_t deriveDataLen, - uint8_t *hkdfOutput, - size_t *hkdfOutputLen); - -/** @copydoc sss_derive_key_one_go - * - */ -sss_status_t sss_se05x_derive_key_one_go(sss_se05x_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_se05x_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_sobj_one_go -* -*/ -sss_status_t sss_se05x_derive_key_sobj_one_go(sss_se05x_derive_key_t *context, - sss_se05x_object_t *saltKeyObject, - const uint8_t *info, - size_t infoLen, - sss_se05x_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_dh - * - */ -sss_status_t sss_se05x_derive_key_dh( - sss_se05x_derive_key_t *context, sss_se05x_object_t *otherPartyKeyObject, sss_se05x_object_t *derivedKeyObject); - -/** @copydoc sss_derive_key_context_free - * - */ -void sss_se05x_derive_key_context_free(sss_se05x_derive_key_t *context); - -/*! @} */ /* end of : sss_se05x_keyderive */ - -/** - * @addtogroup sss_se05x_keystore - * @{ - */ -/** @copydoc sss_key_store_context_init - * - */ -sss_status_t sss_se05x_key_store_context_init(sss_se05x_key_store_t *keyStore, sss_se05x_session_t *session); - -/** @copydoc sss_key_store_allocate - * - * This API does not do anything special on SE05X. - */ -sss_status_t sss_se05x_key_store_allocate(sss_se05x_key_store_t *keyStore, uint32_t keyStoreId); - -/** @copydoc sss_key_store_save - * - * This API does not do anything special on SE05X. - */ -sss_status_t sss_se05x_key_store_save(sss_se05x_key_store_t *keyStore); - -/** @copydoc sss_key_store_load - * - * This API does not do anything special on SE05X. - */ -sss_status_t sss_se05x_key_store_load(sss_se05x_key_store_t *keyStore); - -/** @copydoc sss_key_store_set_key - * - */ -sss_status_t sss_se05x_key_store_set_key(sss_se05x_key_store_t *keyStore, - sss_se05x_object_t *keyObject, - const uint8_t *data, - size_t dataLen, - size_t keyBitLen, - void *options, - size_t optionsLen); - -/** @copydoc sss_key_store_generate_key - * - */ -sss_status_t sss_se05x_key_store_generate_key( - sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject, size_t keyBitLen, void *options); - -/** @copydoc sss_key_store_get_key - * - */ -sss_status_t sss_se05x_key_store_get_key( - sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject, uint8_t *data, size_t *dataLen, size_t *pKeyBitLen); - -/** @copydoc sss_key_store_open_key - * - * In SE05X, these keys can be used as KEK encryption key - * - * If ``keyObject`` == NULL, then subsequent key injection does not use any KEK. - * - * @return The sss status. - */ -sss_status_t sss_se05x_key_store_open_key(sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject); - -/** Not available for SE05X - * - */ -sss_status_t sss_se05x_key_store_freeze_key(sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject); - -/** @copydoc sss_key_store_erase_key - * - */ -sss_status_t sss_se05x_key_store_erase_key(sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject); - -/** @copydoc sss_key_store_context_free - * - */ -void sss_se05x_key_store_context_free(sss_se05x_key_store_t *keyStore); - -/** Export Key from SE050 to host - * - * Only Transient keys can be exported. - */ -sss_status_t sss_se05x_key_store_export_key( - sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject, uint8_t *key, size_t *keylen); - -/** Re Import previously exported SE05X key from host to the SE05X - * - * Only Transient keys can be imported. - */ -sss_status_t sss_se05x_key_store_import_key( - sss_se05x_key_store_t *keyStore, sss_se05x_object_t *keyObject, uint8_t *key, size_t keylen); - -/*! @} */ /* end of : sss_se05x_keystore */ - -/** - * @addtogroup sss_se05x_asym - * @{ - */ -/** @copydoc sss_asymmetric_context_init - * - */ -sss_status_t sss_se05x_asymmetric_context_init(sss_se05x_asymmetric_t *context, - sss_se05x_session_t *session, - sss_se05x_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_asymmetric_encrypt - * - */ -sss_status_t sss_se05x_asymmetric_encrypt( - sss_se05x_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_decrypt - * - */ -sss_status_t sss_se05x_asymmetric_decrypt( - sss_se05x_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_sign_digest - * - */ -sss_status_t sss_se05x_asymmetric_sign_digest( - sss_se05x_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t *signatureLen); - -/** @copydoc sss_asymmetric_verify_digest - * - */ -sss_status_t sss_se05x_asymmetric_verify_digest( - sss_se05x_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t signatureLen); - -/** @copydoc sss_asymmetric_context_free - * - */ -void sss_se05x_asymmetric_context_free(sss_se05x_asymmetric_t *context); - -/*! @} */ /* end of : sss_se05x_asym */ - -/** - * @addtogroup sss_se05x_symm - * @{ - */ -/** @copydoc sss_symmetric_context_init - * - */ -sss_status_t sss_se05x_symmetric_context_init(sss_se05x_symmetric_t *context, - sss_se05x_session_t *session, - sss_se05x_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_cipher_one_go - * - */ -sss_status_t sss_se05x_cipher_one_go(sss_se05x_symmetric_t *context, - uint8_t *iv, - size_t ivLen, - const uint8_t *srcData, - uint8_t *destData, - size_t dataLen); - -/** @copydoc sss_cipher_init - * - */ -sss_status_t sss_se05x_cipher_init(sss_se05x_symmetric_t *context, uint8_t *iv, size_t ivLen); - -/** @copydoc sss_cipher_update - * - */ -sss_status_t sss_se05x_cipher_update( - sss_se05x_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_finish - * - */ -sss_status_t sss_se05x_cipher_finish( - sss_se05x_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_crypt_ctr - * - */ -sss_status_t sss_se05x_cipher_crypt_ctr(sss_se05x_symmetric_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *initialCounter, - uint8_t *lastEncryptedCounter, - size_t *szLeft); - -/** @copydoc sss_symmetric_context_free - * - */ -void sss_se05x_symmetric_context_free(sss_se05x_symmetric_t *context); - -/*! @} */ /* end of : sss_se05x_symm */ - -/** - * @addtogroup sss_se05x_aead - * @{ - */ -/** @copydoc sss_aead_context_init - * - */ -sss_status_t sss_se05x_aead_context_init(sss_se05x_aead_t *context, - sss_se05x_session_t *session, - sss_se05x_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_aead_one_go - * - */ -sss_status_t sss_se05x_aead_one_go(sss_se05x_aead_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *nonce, - size_t nonceLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_init - * - */ -sss_status_t sss_se05x_aead_init( - sss_se05x_aead_t *context, uint8_t *nonce, size_t nonceLen, size_t tagLen, size_t aadLen, size_t payloadLen); - -/** @copydoc sss_aead_update_aad - * - */ -sss_status_t sss_se05x_aead_update_aad(sss_se05x_aead_t *context, const uint8_t *aadData, size_t aadDataLen); - -/** @copydoc sss_aead_update - * - */ -sss_status_t sss_se05x_aead_update( - sss_se05x_aead_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_aead_finish - * - */ -sss_status_t sss_se05x_aead_finish(sss_se05x_aead_t *context, - const uint8_t *srcData, - size_t srcLen, - uint8_t *destData, - size_t *destLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_context_free - * - */ -void sss_se05x_aead_context_free(sss_se05x_aead_t *context); - -/*! @} */ /* end of : sss_se05x_aead */ - -/** - * @addtogroup sss_se05x_mac - * @{ - */ -/** @copydoc sss_mac_context_init - * - */ -sss_status_t sss_se05x_mac_context_init(sss_se05x_mac_t *context, - sss_se05x_session_t *session, - sss_se05x_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_mac_one_go - * - */ -sss_status_t sss_se05x_mac_one_go( - sss_se05x_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_init - * - */ -sss_status_t sss_se05x_mac_init(sss_se05x_mac_t *context); - -/** @copydoc sss_mac_update - * - */ -sss_status_t sss_se05x_mac_update(sss_se05x_mac_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_mac_finish - * - */ -sss_status_t sss_se05x_mac_finish(sss_se05x_mac_t *context, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_context_free - * - */ -void sss_se05x_mac_context_free(sss_se05x_mac_t *context); - -/*! @} */ /* end of : sss_se05x_mac */ - -/** - * @addtogroup sss_se05x_md - * @{ - */ -/** @copydoc sss_digest_context_init - * - */ -sss_status_t sss_se05x_digest_context_init( - sss_se05x_digest_t *context, sss_se05x_session_t *session, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @copydoc sss_digest_one_go - * - */ -sss_status_t sss_se05x_digest_one_go( - sss_se05x_digest_t *context, const uint8_t *message, size_t messageLen, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_init - * - */ -sss_status_t sss_se05x_digest_init(sss_se05x_digest_t *context); - -/** @copydoc sss_digest_update - * - */ -sss_status_t sss_se05x_digest_update(sss_se05x_digest_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_digest_finish - * - */ -sss_status_t sss_se05x_digest_finish(sss_se05x_digest_t *context, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_context_free - * - */ -void sss_se05x_digest_context_free(sss_se05x_digest_t *context); - -/*! @} */ /* end of : sss_se05x_md */ - -/** - * @addtogroup sss_se05x_rng - * @{ - */ -/** @copydoc sss_rng_context_init - * - */ -sss_status_t sss_se05x_rng_context_init(sss_se05x_rng_context_t *context, sss_se05x_session_t *session); - -/** @copydoc sss_rng_get_random - * - */ -sss_status_t sss_se05x_rng_get_random(sss_se05x_rng_context_t *context, uint8_t *random_data, size_t dataLen); - -/** @copydoc sss_rng_context_free - * - */ -sss_status_t sss_se05x_rng_context_free(sss_se05x_rng_context_t *context); - -/*! @} */ /* end of : sss_se05x_rng */ - -/** -* @addtogroup sss_se05x_tunnel -* @{ -*/ -/** @copydoc sss_tunnel_context_init - * - */ -sss_status_t sss_se05x_tunnel_context_init(sss_se05x_tunnel_context_t *context, sss_se05x_session_t *session); - -/** @copydoc sss_tunnel_context_free -* -*/ -void sss_se05x_tunnel_context_free(sss_se05x_tunnel_context_t *context); - -/*! @} */ /* end of : sss_se05x_tunnel */ - -sss_status_t sss_se05x_refresh_session(sss_se05x_session_t *session, void *connectionData); - -/** - * @addtogroup sss_se05x_tunnel - * @{ - */ - -/** @copydoc sss_tunnel_context_init - * - */ -sss_status_t sss_se05x_tunnel_context_init(sss_se05x_tunnel_context_t *context, sss_se05x_session_t *session); - -/** @copydoc sss_tunnel_t - * - */ -sss_status_t sss_se05x_tunnel(sss_se05x_tunnel_context_t *context, - uint8_t *data, - size_t dataLen, - sss_se05x_object_t *keyObjects, - uint32_t keyObjectCount, - uint32_t tunnelType); - -/** @copydoc sss_tunnel_context_free - * - */ -void sss_se05x_tunnel_context_free(sss_se05x_tunnel_context_t *context); - -/*! @} */ /* end of : sss_se05x_tunnel */ - -/** Set features of the Applet. - * - * See @ref Se05x_API_SetAppletFeatures - */ -sss_status_t sss_se05x_set_feature( - sss_se05x_session_t *session, SE05x_Applet_Feature_t feature, SE05x_Applet_Feature_Disable_t disable_features); - -SE05x_DigestMode_t se05x_get_sha_algo(sss_algorithm_t algorithm); - -#if SSSFTR_SE05X_ECC -sss_status_t sss_se05x_key_store_create_curve(Se05xSession_t *pSession, uint32_t curve_id); -#endif - -/* clang-format off */ -# if (SSS_HAVE_SSS == 1) - /* Direct Call : session */ -# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \ - sss_se05x_session_create(((sss_se05x_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \ - sss_se05x_session_open(((sss_se05x_session_t * ) session),(subsystem),(application_id),(connection_type),(connectionData)) -# define sss_session_prop_get_u32(session,property,pValue) \ - sss_se05x_session_prop_get_u32(((sss_se05x_session_t * ) session),(property),(pValue)) -# define sss_session_prop_get_au8(session,property,pValue,pValueLen) \ - sss_se05x_session_prop_get_au8(((sss_se05x_session_t * ) session),(property),(pValue),(pValueLen)) -# define sss_session_close(session) \ - sss_se05x_session_close(((sss_se05x_session_t * ) session)) -# define sss_session_delete(session) \ - sss_se05x_session_delete(((sss_se05x_session_t * ) session)) - /* Direct Call : keyobj */ -# define sss_key_object_init(keyObject,keyStore) \ - sss_se05x_key_object_init(((sss_se05x_object_t * ) keyObject),((sss_se05x_key_store_t * ) keyStore)) -# define sss_key_object_allocate_handle(keyObject,keyId,keyPart,cipherType,keyByteLenMax,options) \ - sss_se05x_key_object_allocate_handle(((sss_se05x_object_t * ) keyObject),(keyId),(keyPart),(cipherType),(keyByteLenMax),(options)) -# define sss_key_object_get_handle(keyObject,keyId) \ - sss_se05x_key_object_get_handle(((sss_se05x_object_t * ) keyObject),(keyId)) -# define sss_key_object_set_user(keyObject,user,options) \ - sss_se05x_key_object_set_user(((sss_se05x_object_t * ) keyObject),(user),(options)) -# define sss_key_object_set_purpose(keyObject,purpose,options) \ - sss_se05x_key_object_set_purpose(((sss_se05x_object_t * ) keyObject),(purpose),(options)) -# define sss_key_object_set_access(keyObject,access,options) \ - sss_se05x_key_object_set_access(((sss_se05x_object_t * ) keyObject),(access),(options)) -# define sss_key_object_set_eccgfp_group(keyObject,group) \ - sss_se05x_key_object_set_eccgfp_group(((sss_se05x_object_t * ) keyObject),(group)) -# define sss_key_object_get_user(keyObject,user) \ - sss_se05x_key_object_get_user(((sss_se05x_object_t * ) keyObject),(user)) -# define sss_key_object_get_purpose(keyObject,purpose) \ - sss_se05x_key_object_get_purpose(((sss_se05x_object_t * ) keyObject),(purpose)) -# define sss_key_object_get_access(keyObject,access) \ - sss_se05x_key_object_get_access(((sss_se05x_object_t * ) keyObject),(access)) -# define sss_key_object_free(keyObject) \ - sss_se05x_key_object_free(((sss_se05x_object_t * ) keyObject)) - /* Direct Call : keyderive */ -# define sss_derive_key_context_init(context,session,keyObject,algorithm,mode) \ - sss_se05x_derive_key_context_init(((sss_se05x_derive_key_t * ) context),((sss_se05x_session_t * ) session),((sss_se05x_object_t * ) keyObject),(algorithm),(mode)) -# define sss_derive_key_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen,hkdfOutput,hkdfOutputLen) \ - sss_se05x_derive_key_go(((sss_se05x_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_se05x_object_t * ) derivedKeyObject),(deriveDataLen),(hkdfOutput),(hkdfOutputLen)) -# define sss_derive_key_dh(context,otherPartyKeyObject,derivedKeyObject) \ - sss_se05x_derive_key_dh(((sss_se05x_derive_key_t * ) context),((sss_se05x_object_t * ) otherPartyKeyObject),((sss_se05x_object_t * ) derivedKeyObject)) -# define sss_derive_key_context_free(context) \ - sss_se05x_derive_key_context_free(((sss_se05x_derive_key_t * ) context)) - /* Direct Call : keystore */ -# define sss_key_store_context_init(keyStore,session) \ - sss_se05x_key_store_context_init(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_session_t * ) session)) -# define sss_key_store_allocate(keyStore,keyStoreId) \ - sss_se05x_key_store_allocate(((sss_se05x_key_store_t * ) keyStore),(keyStoreId)) -# define sss_key_store_save(keyStore) \ - sss_se05x_key_store_save(((sss_se05x_key_store_t * ) keyStore)) -# define sss_key_store_load(keyStore) \ - sss_se05x_key_store_load(((sss_se05x_key_store_t * ) keyStore)) -# define sss_key_store_set_key(keyStore,keyObject,data,dataLen,keyBitLen,options,optionsLen) \ - sss_se05x_key_store_set_key(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_object_t * ) keyObject),(data),(dataLen),(keyBitLen),(options),(optionsLen)) -# define sss_key_store_generate_key(keyStore,keyObject,keyBitLen,options) \ - sss_se05x_key_store_generate_key(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_object_t * ) keyObject),(keyBitLen),(options)) -# define sss_key_store_get_key(keyStore,keyObject,data,dataLen,pKeyBitLen) \ - sss_se05x_key_store_get_key(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_object_t * ) keyObject),(data),(dataLen),(pKeyBitLen)) -# define sss_key_store_open_key(keyStore,keyObject) \ - sss_se05x_key_store_open_key(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_object_t * ) keyObject)) -# define sss_key_store_freeze_key(keyStore,keyObject) \ - sss_se05x_key_store_freeze_key(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_object_t * ) keyObject)) -# define sss_key_store_erase_key(keyStore,keyObject) \ - sss_se05x_key_store_erase_key(((sss_se05x_key_store_t * ) keyStore),((sss_se05x_object_t * ) keyObject)) -# define sss_key_store_context_free(keyStore) \ - sss_se05x_key_store_context_free(((sss_se05x_key_store_t * ) keyStore)) - /* Direct Call : asym */ -# define sss_asymmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_se05x_asymmetric_context_init(((sss_se05x_asymmetric_t * ) context),((sss_se05x_session_t * ) session),((sss_se05x_object_t * ) keyObject),(algorithm),(mode)) -# define sss_asymmetric_encrypt(context,srcData,srcLen,destData,destLen) \ - sss_se05x_asymmetric_encrypt(((sss_se05x_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_asymmetric_decrypt(context,srcData,srcLen,destData,destLen) \ - sss_se05x_asymmetric_decrypt(((sss_se05x_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_asymmetric_sign_digest(context,digest,digestLen,signature,signatureLen) \ - sss_se05x_asymmetric_sign_digest(((sss_se05x_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_asymmetric_verify_digest(context,digest,digestLen,signature,signatureLen) \ - sss_se05x_asymmetric_verify_digest(((sss_se05x_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_asymmetric_context_free(context) \ - sss_se05x_asymmetric_context_free(((sss_se05x_asymmetric_t * ) context)) - /* Direct Call : symm */ -# define sss_symmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_se05x_symmetric_context_init(((sss_se05x_symmetric_t * ) context),((sss_se05x_session_t * ) session),((sss_se05x_object_t * ) keyObject),(algorithm),(mode)) -# define sss_cipher_one_go(context,iv,ivLen,srcData,destData,dataLen) \ - sss_se05x_cipher_one_go(((sss_se05x_symmetric_t * ) context),(iv),(ivLen),(srcData),(destData),(dataLen)) -# define sss_cipher_init(context,iv,ivLen) \ - sss_se05x_cipher_init(((sss_se05x_symmetric_t * ) context),(iv),(ivLen)) -# define sss_cipher_update(context,srcData,srcLen,destData,destLen) \ - sss_se05x_cipher_update(((sss_se05x_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_cipher_finish(context,srcData,srcLen,destData,destLen) \ - sss_se05x_cipher_finish(((sss_se05x_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_cipher_crypt_ctr(context,srcData,destData,size,initialCounter,lastEncryptedCounter,szLeft) \ - sss_se05x_cipher_crypt_ctr(((sss_se05x_symmetric_t * ) context),(srcData),(destData),(size),(initialCounter),(lastEncryptedCounter),(szLeft)) -# define sss_symmetric_context_free(context) \ - sss_se05x_symmetric_context_free(((sss_se05x_symmetric_t * ) context)) - /* Direct Call : aead */ -# define sss_aead_context_init(context,session,keyObject,algorithm,mode) \ - sss_se05x_aead_context_init(((sss_se05x_aead_t * ) context),((sss_se05x_session_t * ) session),((sss_se05x_object_t * ) keyObject),(algorithm),(mode)) -# define sss_aead_one_go(context,srcData,destData,size,nonce,nonceLen,aad,aadLen,tag,tagLen) \ - sss_se05x_aead_one_go(((sss_se05x_aead_t * ) context),(srcData),(destData),(size),(nonce),(nonceLen),(aad),(aadLen),(tag),(tagLen)) -# define sss_aead_init(context,nonce,nonceLen,tagLen,aadLen,payloadLen) \ - sss_se05x_aead_init(((sss_se05x_aead_t * ) context),(nonce),(nonceLen),(tagLen),(aadLen),(payloadLen)) -# define sss_aead_update_aad(context,aadData,aadDataLen) \ - sss_se05x_aead_update_aad(((sss_se05x_aead_t * ) context),(aadData),(aadDataLen)) -# define sss_aead_update(context,srcData,srcLen,destData,destLen) \ - sss_se05x_aead_update(((sss_se05x_aead_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_aead_finish(context,srcData,srcLen,destData,destLen,tag,tagLen) \ - sss_se05x_aead_finish(((sss_se05x_aead_t * ) context),(srcData),(srcLen),(destData),(destLen),(tag),(tagLen)) -# define sss_aead_context_free(context) \ - sss_se05x_aead_context_free(((sss_se05x_aead_t * ) context)) - /* Direct Call : mac */ -# define sss_mac_context_init(context,session,keyObject,algorithm,mode) \ - sss_se05x_mac_context_init(((sss_se05x_mac_t * ) context),((sss_se05x_session_t * ) session),((sss_se05x_object_t * ) keyObject),(algorithm),(mode)) -# define sss_mac_one_go(context,message,messageLen,mac,macLen) \ - sss_se05x_mac_one_go(((sss_se05x_mac_t * ) context),(message),(messageLen),(mac),(macLen)) -# define sss_mac_init(context) \ - sss_se05x_mac_init(((sss_se05x_mac_t * ) context)) -# define sss_mac_update(context,message,messageLen) \ - sss_se05x_mac_update(((sss_se05x_mac_t * ) context),(message),(messageLen)) -# define sss_mac_finish(context,mac,macLen) \ - sss_se05x_mac_finish(((sss_se05x_mac_t * ) context),(mac),(macLen)) -# define sss_mac_context_free(context) \ - sss_se05x_mac_context_free(((sss_se05x_mac_t * ) context)) - /* Direct Call : md */ -# define sss_digest_context_init(context,session,algorithm,mode) \ - sss_se05x_digest_context_init(((sss_se05x_digest_t * ) context),((sss_se05x_session_t * ) session),(algorithm),(mode)) -# define sss_digest_one_go(context,message,messageLen,digest,digestLen) \ - sss_se05x_digest_one_go(((sss_se05x_digest_t * ) context),(message),(messageLen),(digest),(digestLen)) -# define sss_digest_init(context) \ - sss_se05x_digest_init(((sss_se05x_digest_t * ) context)) -# define sss_digest_update(context,message,messageLen) \ - sss_se05x_digest_update(((sss_se05x_digest_t * ) context),(message),(messageLen)) -# define sss_digest_finish(context,digest,digestLen) \ - sss_se05x_digest_finish(((sss_se05x_digest_t * ) context),(digest),(digestLen)) -# define sss_digest_context_free(context) \ - sss_se05x_digest_context_free(((sss_se05x_digest_t * ) context)) - /* Direct Call : rng */ -# define sss_rng_context_init(context,session) \ - sss_se05x_rng_context_init(((sss_se05x_rng_context_t * ) context),((sss_se05x_session_t * ) session)) -# define sss_rng_get_random(context,random_data,dataLen) \ - sss_se05x_rng_get_random(((sss_se05x_rng_context_t * ) context),(random_data),(dataLen)) -# define sss_rng_context_free(context) \ - sss_se05x_rng_context_free(((sss_se05x_rng_context_t * ) context)) - /* Direct Call : tunnel */ -# define sss_tunnel_context_init(context,session) \ - sss_se05x_tunnel_context_init(((sss_se05x_tunnel_context_t * ) context),((sss_se05x_session_t * ) session)) -# define sss_tunnel(context,data,dataLen,keyObjects,keyObjectCount,tunnelType) \ - sss_se05x_tunnel(((sss_se05x_tunnel_context_t * ) context),(data),(dataLen),((sss_se05x_object_t * ) keyObjects),(keyObjectCount),(tunnelType)) -# define sss_tunnel_context_free(context) \ - sss_se05x_tunnel_context_free(((sss_se05x_tunnel_context_t * ) context)) -# endif /* (SSS_HAVE_SSS == 1) */ -/* clang-format on */ -#endif /* SSS_HAVE_APPLET_SE05X_IOT */ -#ifdef __cplusplus -} // extern "C" -#endif /* __cplusplus */ - -#endif /* FSL_SSS_SE05X_APIS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_policy.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_policy.h deleted file mode 100644 index bab222bf0..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_policy.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef FSL_SSS_SE05X_POLICY_H -#define FSL_SSS_SE05X_POLICY_H - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT -#include -#include -#include - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** @brief - * The function serializes input passed by user (array of sss_policy_t) in to - * uin8[] policy buffer - * - * @param[in] Array of policies passed by user. - * @param[out] buffer passed by user where serialized policy data is copied. - * @param[out] buf_len passed by user where serialized policy data length is copied. - * - * @warning Please ensure pbuff is atleast of size MAX_POLICY_BUFFER_SIZE - * - */ -sss_status_t sss_se05x_create_object_policy_buffer(sss_policy_t *policies, uint8_t *pbuff, size_t *buf_len); -/*! @brief - * The function serializes input passed by user (sss_policy_session_u) in to - * uin8[] policy buffer - * - * @param[in] pointer to sss_policy_session_u passed by user. - * @param[out] buffer passed by user where serialized policy data is copied. - * @param[out] buf_len passed by user where serialized policy data length is copied. - * - * @warning Please ensure session_pol_buff is atleast of size MAX_POLICY_BUFFER_SIZE - * - */ -sss_status_t sss_se05x_create_session_policy_buffer( - sss_policy_session_u *session_policy, uint8_t *session_pol_buff, size_t *buf_len); -#endif /* SSS_HAVE_APPLET_SE05X_IOT */ -#endif /* FSL_SSS_SE05X_POLICY_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_scp03.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_scp03.h deleted file mode 100644 index d15a4bdd9..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_scp03.h +++ /dev/null @@ -1,56 +0,0 @@ -/* -* -* Copyright 2018-2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef FSL_SSS_SE05X_SCP03_H -#define FSL_SSS_SE05X_SCP03_H - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "nxScp03_Const.h" -#include "nxScp03_Types.h" -#include "se05x_tlv.h" -#if SSS_HAVE_MBEDTLS -#include -#endif -#if SSS_HAVE_OPENSSL -#include -#endif - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/** -* To send and receive encrypted communication using SCP03 -*/ -sss_status_t nxScp03_AuthenticateChannel(pSe05xSession_t se05xSession, NXSCP03_AuthCtx_t *authScp03); - -/** -* To send and receive encrypted communication using Fast SCP -*/ -sss_status_t nxECKey_AuthenticateChannel(pSe05xSession_t se05xSession, SE05x_AuthCtx_ECKey_t *pAuthFScp); - -#ifdef __cplusplus -} /* extern "c"*/ -#endif - -#endif /* FSL_SSS_SE05X_SCP03_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_types.h deleted file mode 100644 index 12cb2dd9a..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_se05x_types.h +++ /dev/null @@ -1,618 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_APIS_INC_FSL_SSS_SE05X_TYPES_H_ -#define SSS_APIS_INC_FSL_SSS_SE05X_TYPES_H_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#include -#include - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_APPLET_SE05X_IOT -#include "nxScp03_Types.h" -#include "se05x_const.h" -#include "se05x_tlv.h" -#include "sm_api.h" -#if (__GNUC__ && !AX_EMBEDDED && !__MBED__) -#include -/* Only for base session with os */ -#elif __MBED__ -#include "cmsis_os2.h" -#include "mbed_rtos_storage.h" -#endif -/* FreeRTOS includes. */ -#if USE_RTOS -#include "FreeRTOS.h" -#include "FreeRTOSIPConfig.h" -#include "semphr.h" -#include "task.h" -#endif - -/*! - * @addtogroup sss_sw_se05x - * @{ - */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_SUBSYSTEM_TYPE_IS_SE05X(subsystem) (subsystem == kType_SSS_SE_SE05x) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_SESSION_TYPE_IS_SE05X(session) (session && SSS_SUBSYSTEM_TYPE_IS_SE05X(session->subsystem)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_KEY_STORE_TYPE_IS_SE05X(keyStore) (keyStore && SSS_SESSION_TYPE_IS_SE05X(keyStore->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_OBJECT_TYPE_IS_SE05X(pObject) (pObject && SSS_KEY_STORE_TYPE_IS_SE05X(pObject->keyStore)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_ASYMMETRIC_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_DERIVE_KEY_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_SYMMETRIC_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_MAC_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_RNG_CONTEXT_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_DIGEST_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_AEAD_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_TUNNEL_CONTEXT_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/** Are we using SE05X as crypto subsystem? */ -#define SSS_TUNNEL_TYPE_IS_SE05X(context) (context && SSS_SESSION_TYPE_IS_SE05X(context->session)) - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -struct _sss_se05x_session; - -/** @copydoc sss_tunnel_t */ -typedef struct _sss_se05x_tunnel_context -{ - /** Pointer to the base SE050 SEssion */ - struct _sss_se05x_session *se05x_session; - /** Where exactly this tunnel terminates to */ - sss_tunnel_dest_t tunnelDest; -/** For systems where we potentially have multi-threaded operations, have a lock */ -#if USE_RTOS - SemaphoreHandle_t channelLock; -#elif (__GNUC__ && !AX_EMBEDDED && !__MBED__) - pthread_mutex_t channelLock; -#elif __MBED__ - osSemaphoreId_t channelLock; -#endif -} sss_se05x_tunnel_context_t; - -/** @copydoc sss_session_t */ -typedef struct _sss_se05x_session -{ - /** Indicates which security subsystem is selected to be used. */ - sss_type_t subsystem; - - /** Connection context to SE050 */ - - Se05xSession_t s_ctx; - - /** In case connection is tunneled, context to the tunnel */ - - sss_se05x_tunnel_context_t *ptun_ctx; -} sss_se05x_session_t; - -struct _sss_se05x_object; - -/** @copydoc sss_key_store_t */ -typedef struct -{ - /** Pointer to the session */ - sss_se05x_session_t *session; - /** In case the we are using Key Wrapping while injecting the keys, pointer to key used for wrapping */ - struct _sss_se05x_object *kekKey; - -} sss_se05x_key_store_t; - -/** @copydoc sss_object_t */ -typedef struct _sss_se05x_object -{ - /** key store holding the data and other properties */ - sss_se05x_key_store_t *keyStore; - /** @copydoc sss_object_t::objectType */ - uint32_t objectType; - /** @copydoc sss_object_t::cipherType */ - uint32_t cipherType; - /** Application specific key identifier. The keyId is kept in the key store - * along with the key data and other properties. */ - uint32_t keyId; - - /** If this is an ECC Key, the Curve ID of the key */ - SE05x_ECCurve_t curve_id; - - /** Whether this is a persistant or tansient object */ - uint8_t isPersistant : 1; - -} sss_se05x_object_t; - -/** @copydoc sss_derive_key_t */ -typedef struct -{ - /** @copydoc sss_derive_key_t::session */ - sss_se05x_session_t *session; - /** @copydoc sss_derive_key_t::keyObject */ - sss_se05x_object_t *keyObject; - /** @copydoc sss_derive_key_t::algorithm */ - sss_algorithm_t algorithm; - /** @copydoc sss_derive_key_t::mode */ - sss_mode_t mode; - -} sss_se05x_derive_key_t; - -/** @copydoc sss_asymmetric_t */ -typedef struct -{ - /** @copydoc sss_asymmetric_t::session */ - sss_se05x_session_t *session; - /** @copydoc sss_asymmetric_t::keyObject */ - sss_se05x_object_t *keyObject; - /** @copydoc sss_asymmetric_t::algorithm */ - sss_algorithm_t algorithm; - /** @copydoc sss_asymmetric_t::mode */ - sss_mode_t mode; - -} sss_se05x_asymmetric_t; - -/** @copydoc sss_symmetric_t */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_se05x_session_t *session; - /** Reference to key and it's properties. */ - sss_se05x_object_t *keyObject; - /** @copydoc sss_symmetric_t::algorithm */ - sss_algorithm_t algorithm; - /** @copydoc sss_symmetric_t::mode */ - sss_mode_t mode; - - /* Implementation specific part */ - - /** Used crypto object ID for this operation */ - SE05x_CryptoObjectID_t cryptoObjectId; - /** Since underlying system conly only process in fixed chunks, chache them on host - * to complete the operation sanely */ - uint8_t cache_data[16]; - /** Length of bytes cached on host */ - size_t cache_data_len; -} sss_se05x_symmetric_t; - -/** @copydoc sss_mac_t */ -typedef struct -{ - /** copydoc sss_mac_t::session */ - sss_se05x_session_t *session; - /** copydoc sss_mac_t::keyObject */ - sss_se05x_object_t *keyObject; - - /** copydoc sss_mac_t::algorithm */ - sss_algorithm_t algorithm; - /** copydoc sss_mac_t::mode */ - sss_mode_t mode; - /* Implementation specific part */ - - /** Used crypto object ID for this operation */ - SE05x_CryptoObjectID_t cryptoObjectId; -} sss_se05x_mac_t; - -/** @copydoc sss_aead_t */ -typedef struct -{ - /** @copydoc sss_aead_t::session */ - sss_se05x_session_t *session; - /** @copydoc sss_aead_t::keyObject */ - sss_se05x_object_t *keyObject; - /** @copydoc sss_aead_t::algorithm */ - sss_algorithm_t algorithm; - /** @copydoc sss_aead_t::mode */ - sss_mode_t mode; - - /** Implementation specific part */ - SE05x_CryptoObjectID_t cryptoObjectId; - /** Cache in case of un-alined inputs */ - uint8_t cache_data[16]; - /** How much we have cached */ - size_t cache_data_len; -} sss_se05x_aead_t; - -/** @copydoc sss_digest_t */ -typedef struct -{ - /** Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_se05x_session_t *session; - /** @copydoc sss_digest_t::algorithm */ - sss_algorithm_t algorithm; - /** @copydoc sss_digest_t::mode */ - sss_mode_t mode; - /** @copydoc sss_digest_t::digestFullLen */ - size_t digestFullLen; - /** Implementation specific part */ - - SE05x_CryptoObjectID_t cryptoObjectId; -} sss_se05x_digest_t; - -/** @copydoc sss_rng_context_t */ -typedef struct -{ - /** @copydoc sss_rng_context_t::session */ - sss_se05x_session_t *session; -} sss_se05x_rng_context_t; - -/** SE050 Properties that can be represented as an array */ -typedef enum -{ - kSSS_SE05x_SessionProp_CertUID = kSSS_SessionProp_au8_Proprietary_Start + 1, -} sss_s05x_sesion_prop_au8_t; - -/** SE050 Properties that can be represented as 32bit numbers */ -typedef enum -{ - kSSS_SE05x_SessionProp_CertUIDLen = kSSS_SessionProp_u32_Optional_Start + 1, -} sss_s05x_sesion_prop_u32_t; - -/** deprecated : Used only for backwards compatibility */ -#define SE05x_Connect_Ctx_t SE_Connect_Ctx_t -/** deprecated : Used only for backwards compatibility */ -#define se05x_auth_context_t SE_Connect_Ctx_t - -/** Used to enable Applet Features via ``sss_se05x_set_feature`` */ -typedef struct -{ - /** Use of curve TPM_ECC_BN_P256 */ - uint8_t AppletConfig_ECDAA : 1; - /** EC DSA and DH support */ - uint8_t AppletConfig_ECDSA_ECDH_ECDHE : 1; - /** Use of curve RESERVED_ID_ECC_ED_25519 */ - uint8_t AppletConfig_EDDSA : 1; - /** Use of curve RESERVED_ID_ECC_MONT_DH_25519 */ - uint8_t AppletConfig_DH_MONT : 1; - /** Writing HMACKey objects */ - uint8_t AppletConfig_HMAC : 1; - /** Writing RSAKey objects */ - uint8_t AppletConfig_RSA_PLAIN : 1; - /** Writing RSAKey objects */ - uint8_t AppletConfig_RSA_CRT : 1; - /** Writing AESKey objects */ - uint8_t AppletConfig_AES : 1; - /** Writing DESKey objects */ - uint8_t AppletConfig_DES : 1; - /** PBKDF2 */ - uint8_t AppletConfig_PBKDF : 1; - /** TLS Handshake support commands (see 4.16) in APDU Spec*/ - uint8_t AppletConfig_TLS : 1; - /** Mifare DESFire support (see 4.15) in APDU Spec*/ - uint8_t AppletConfig_MIFARE : 1; - /** Allocated value undefined and reserved for future use */ - uint8_t AppletConfig_RFU1 : 1; - /** I2C Master support (see 4.17) in APDU Spec*/ - uint8_t AppletConfig_I2CM : 1; - /** RFU */ - uint8_t AppletConfig_RFU21 : 1; -} SE05x_Applet_Feature_t; - -/** Used to disable Applet Features via ``sss_se05x_set_feature`` */ -typedef struct -{ - /** Disable feature ECDH B2b8 */ - uint8_t EXTCFG_FORBID_ECDH : 1; - /** Disable feature ECDAA B2b7 */ - uint8_t EXTCFG_FORBID_ECDAA : 1; - /** Disable feature RSA_LT_2K B6b8 */ - uint8_t EXTCFG_FORBID_RSA_LT_2K : 1; - /** Disable feature RSA_SHA1 B6b7 */ - uint8_t EXTCFG_FORBID_RSA_SHA1 : 1; - /** Disable feature AES_GCM B8b8 */ - uint8_t EXTCFG_FORBID_AES_GCM : 1; - /** Disable feature AES_GCM_EXT_IV B8b7 */ - uint8_t EXTCFG_FORBID_AES_GCM_EXT_IV : 1; - /** Disable feature HKDF_EXTRACT B10b7 */ - uint8_t EXTCFG_FORBID_HKDF_EXTRACT : 1; -} SE05x_Applet_Feature_Disable_t; - -/** Attestation data */ -typedef struct -{ - /** Random used during attestation */ - uint8_t outrandom[16]; - /** length of outrandom */ - size_t outrandomLen; - /** time stamp */ - SE05x_TimeStamp_t timeStamp; - /** Length of timeStamp */ - size_t timeStampLen; - /** Uinquie ID of SE050 */ - uint8_t chipId[SE050_MODULE_UNIQUE_ID_LEN]; - /** Lenght of the Unique ID */ - size_t chipIdLen; - /** Attributes */ - uint8_t attribute[MAX_POLICY_BUFFER_SIZE + 15]; - /** Length of Attribute */ - size_t attributeLen; - /** Signature for attestation */ - uint8_t signature[512]; - /** Lenght of signature */ - size_t signatureLen; -} sss_se05x_attst_comp_data_t; - -/** Data to be read with attestation */ -typedef struct -{ - /** Whle reading RSA Objects, modulus and public exporent get attested separately, */ - sss_se05x_attst_comp_data_t data[SE05X_MAX_ATTST_DATA]; - /** How many entries to attest */ - uint8_t valid_number; -} sss_se05x_attst_data_t; - -/** @} */ - -/** @addtogroup se050_i2cm - * - * @{ */ - -/** Types of entries in an I2CM Transaction */ -typedef enum -{ - /** Do nothing */ - kSE05x_I2CM_None = 0, - /** Configure the address, baudrate */ - kSE05x_I2CM_Configure, - /** Write to I2C Slave */ - kSE05x_I2CM_Write = 3, - /** Read from I2C Slave */ - kSE05x_I2CM_Read, - - /** Response from SE05x that there is something wrong */ - kSE05x_I2CM_StructuralIssue = 0xFF -} SE05x_I2CM_TLV_type_t; - -/** Status of I2CM Transaction */ -typedef enum -{ - kSE05x_I2CM_Success = 0x5A, - kSE05x_I2CM_I2C_Nack_Fail = 0x01, - kSE05x_I2CM_I2C_Write_Error = 0x02, - kSE05x_I2CM_I2C_Read_Error = 0x03, - kSE05x_I2CM_I2C_Time_Out_Error = 0x05, - kSE05x_I2CM_Invalid_Tag = 0x11, - kSE05x_I2CM_Invalid_Length = 0x12, - kSE05x_I2CM_Invalid_Length_Encode = 0x13, - kSE05x_I2CM_I2C_Config = 0x21 -} SE05x_I2CM_status_t; - -/** Additional operation on data read by I2C */ -typedef enum -{ - kSE05x_Security_None = 0, - kSE05x_Sign_Request, - kSE05x_Sign_Enc_Request, -} SE05x_I2CM_securityReq_t; - -/** Configuration for I2CM */ -typedef enum -{ - kSE05x_I2CM_Baud_Rate_100Khz = 0, - kSE05x_I2CM_Baud_Rate_400Khz, -} SE05x_I2CM_Baud_Rate_t; - -/** Data Configuration for I2CM */ -typedef struct -{ - /** 7 Bit address of I2C slave */ - uint8_t I2C_addr; - /** What baud rate */ - SE05x_I2CM_Baud_Rate_t I2C_baudRate; - /** return status of the config operation */ - SE05x_I2CM_status_t status; -} SE05x_I2CM_configData_t; - -/** @brief Security Configuration for I2CM */ -typedef struct -{ - /** @copydoc SE05x_I2CM_securityReq_t */ - SE05x_I2CM_securityReq_t operation; - /** object used for the operation */ - uint32_t keyObject; -} SE05x_I2CM_securityData_t; - -/** @brief Write From I2CM to I2C Slave */ -typedef struct -{ - /** How many bytes to write */ - uint8_t writeLength; - /** [Out] status of the operation */ - SE05x_I2CM_status_t wrStatus; - /** Buffer to be written */ - uint8_t *writebuf; /* Input */ -} SE05x_I2CM_writeData_t; - -/** Read to I2CM from I2C Slave */ -typedef struct -{ - /** How many bytes to read */ - uint16_t readLength; - /** [Out] status of the operation */ - SE05x_I2CM_status_t rdStatus; - /** Output. rdBuf will point to Host buffer. */ - uint8_t *rdBuf; -} SE05x_I2CM_readData_t; - -/** Used to report error response, not for outgoing command */ -typedef struct -{ - /** [Out] In case there is any structural issue */ - SE05x_I2CM_status_t issueStatus; -} SE05x_I2CM_structuralIssue_t; - -/** @brief Individual entry in array of TLV commands */ -typedef union { - /** @copydoc SE05x_I2CM_configData_t */ - SE05x_I2CM_configData_t cfg; - /** @copydoc SE05x_I2CM_securityData_t */ - SE05x_I2CM_securityData_t sec; - /** @copydoc SE05x_I2CM_writeData_t */ - SE05x_I2CM_writeData_t w; - /** @copydoc SE05x_I2CM_readData_t */ - SE05x_I2CM_readData_t rd; - /** @copydoc SE05x_I2CM_structuralIssue_t */ - SE05x_I2CM_structuralIssue_t issue; -} SE05x_I2CM_INS_type_t; - -/** Individual entry in array of TLV commands, with type - * - * @ref Se05x_i2c_master_txn would expect an array of these. - */ -typedef struct _SE05x_I2CM_cmd -{ - /** @copybrief SE05x_I2CM_TLV_type_t */ - SE05x_I2CM_TLV_type_t type; - /** @copybrief SE05x_I2CM_INS_type_t */ - SE05x_I2CM_INS_type_t cmd; -} SE05x_I2CM_cmd_t; - -/*! - *@} - */ /* end of se050_i2cm */ - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** MAC Validate - * - */ -sss_status_t sss_se05x_mac_validate_one_go( - sss_se05x_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t macLen); - -/** Similar to @ref sss_se05x_asymmetric_sign_digest, - * - * but hashing/digest done by SE - */ -sss_status_t sss_se05x_asymmetric_sign( - sss_se05x_asymmetric_t *context, uint8_t *srcData, size_t srcLen, uint8_t *signature, size_t *signatureLen); - -/** Similar to @ref sss_se05x_asymmetric_verify_digest, - * but hashing/digest done by SE - * - */ -sss_status_t sss_se05x_asymmetric_verify( - sss_se05x_asymmetric_t *context, uint8_t *srcData, size_t srcLen, uint8_t *signature, size_t signatureLen); - -/** Read with attestation - * - */ -sss_status_t sss_se05x_key_store_get_key_attst(sss_se05x_key_store_t *keyStore, - sss_se05x_object_t *keyObject, - uint8_t *key, - size_t *keylen, - size_t *pKeyBitLen, - sss_se05x_object_t *keyObject_attst, - sss_algorithm_t algorithm_attst, - uint8_t *random_attst, - size_t randomLen_attst, - sss_se05x_attst_data_t *attst_data); - -uint32_t se05x_sssKeyTypeLenToCurveId(sss_cipher_type_t keyType, size_t keyBits); - -/** @addtogroup se050_i2cm - * - * @{ -*/ - -/** @brief Se05x_i2c_master_txn -* -* I2CM Transaction -* -* @param[in] sess session identifier -* @param[in,out] cmds Array of structure type capturing a sequence of i2c master cmd/rsp transactions. -* @param[in] cmdLen Amount of structures contained in cmds -* -* @pre p describes I2C master commands. -* @post p contains execution state of I2C master commands, the I2C master commands can be overwritten to report on execution failure. -*/ -smStatus_t Se05x_i2c_master_txn(sss_session_t *sess, SE05x_I2CM_cmd_t *cmds, uint8_t cmdLen); - -/** @brief Se05x_i2c_master_attst_txn - * - * I2CM Read With Attestation - * - * @param[in] sess session identifier - * @param[in] keyObject Keyobject which contains 4 byte attestaion KeyId - * @param[in,out] p Array of structure type capturing a sequence of i2c master cmd/rsp transactions. - * @param[in] random_attst 16-byte freshness random - * @param[in] random_attstLen length of freshness random - * @param[in] attst_algo 1 byte attestationAlgo - * @param[out] ptimeStamp timestamp - * @param[out] timeStampLen Length for timestamp - * @param[out] freshness freshness (random) - * @param[out] pfreshnessLen Length for freshness - * @param[out] chipId unique chip Id - * @param[out] pchipIdLen Length for chipId - * @param[out] signature signature - * @param[out] psignatureLen Length for signature - * @param[in] noOftags Amount of structures contained in ``p`` - * - * @pre p describes I2C master commands. - * @post p contains execution state of I2C master commands, the I2C master commands can be overwritten to report on execution failure. - */ -smStatus_t Se05x_i2c_master_attst_txn(sss_session_t *sess, - sss_object_t *keyObject, - SE05x_I2CM_cmd_t *p, - uint8_t *random_attst, - size_t random_attstLen, - SE05x_AttestationAlgo_t attst_algo, - SE05x_TimeStamp_t *ptimeStamp, - size_t *timeStampLen, - uint8_t *freshness, - size_t *pfreshnessLen, - uint8_t *chipId, - size_t *pchipIdLen, - uint8_t *signature, - size_t *psignatureLen, - uint8_t noOftags); - -/*! - *@} - */ /* end of se050_i2cm */ - -#endif /* SSS_HAVE_APPLET_SE05X_IOT */ - -#endif /* SSS_APIS_INC_FSL_SSS_SE05X_TYPES_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_sscp.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_sscp.h deleted file mode 100644 index b80f0c3e6..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_sscp.h +++ /dev/null @@ -1,717 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef _FSL_SSS_SSCP_H_ -#define _FSL_SSS_SSCP_H_ - -#include "fsl_sscp.h" -#include "fsl_sss_api.h" - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if !defined(SSS_SSCP_CONFIG_FILE) -#include "fsl_sss_sscp_config.h" -#else -#include SSS_SSCP_CONFIG_FILE -#endif - -#define SSS_SUBSYSTEM_TYPE_IS_SSCP(subsystem) ((subsystem == kType_SSS_SE_A71CH) || (subsystem == kType_SSS_SE_A71CL)) - -#define SSS_SESSION_TYPE_IS_SSCP(session) (session && SSS_SUBSYSTEM_TYPE_IS_SSCP(session->subsystem)) - -#define SSS_KEY_STORE_TYPE_IS_SSCP(keyStore) (keyStore && SSS_SESSION_TYPE_IS_SSCP(keyStore->session)) - -#define SSS_OBJECT_TYPE_IS_SSCP(pObject) (pObject && SSS_KEY_STORE_TYPE_IS_SSCP(pObject->keyStore)) - -#define SSS_DERIVE_KEY_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -#define SSS_ASYMMETRIC_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -#define SSS_SYMMETRIC_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -#define SSS_MAC_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -#define SSS_RNG_CONTEXT_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -#define SSS_DIGEST_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -#define SSS_AEAD_TYPE_IS_SSCP(context) (context && SSS_SESSION_TYPE_IS_SSCP(context->session)) - -typedef enum -{ - kSSS_SSCP_SessionProp_CertUID = kSSS_SessionProp_au8_Proprietary_Start + 1, -} sss_sscp_sesion_prop_au8_t; - -typedef enum -{ - kSSS_SSCP_SessionProp_CertUIDLen = kSSS_SessionProp_u32_Optional_Start + 1, -} sss_sscp_sesion_prop_u32_t; - -typedef void (*fn_sscp_close_t)(void); - -typedef struct _sss_sscp_session -{ - /*! Indicates which security subsystem is selected to be used. */ - sss_type_t subsystem; - - /*! Implementation specific part - * This will be NULL unitl and unless we are not ready to use the sscp_context. - */ - sscp_context_t *sscp_context; - /** - * Allocated structure, not to be used directly... - * Use only sscp_context */ - sscp_context_t mem_sscp_ctx; - /** session identifier */ - uint32_t sessionId; - /** Function pointer that can be used to close the last active session. */ - fn_sscp_close_t fp_closeConnection; -} sss_sscp_session_t; - -typedef struct _sss_sscp_key_store -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_sscp_session_t *session; - /*! Implementation specific part */ - uint32_t keyStoreId; -} sss_sscp_key_store_t; - -typedef struct _sss_sscp_object -{ - /*! key store holding the data and other properties */ - sss_sscp_key_store_t *keyStore; - - uint32_t objectType; /*!< Object types */ - uint32_t cipherType; /*!< Cipher types */ - /*! Application specific key identifier. The keyId is kept in the key store along with the key data and other - * properties. */ - uint32_t keyId; - - void *transientObject; - size_t transientObjectLen; - size_t transientObjectBitLen; - uint8_t slotId; -} sss_sscp_object_t; - -/*! @brief ::sss_symmetric_t with SSCP specific information */ -typedef struct _sss_sscp_symmetric -{ - /*! Virtual connection between application (user context) and - specific security subsystem and function thereof. */ - sss_sscp_session_t *session; - sss_sscp_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*!< What eventual operation algorithm be performed */ - sss_mode_t mode; /*!< High level operation, encrypt/decrypt/etc. */ - uint32_t sessionId; /*!< Session identifier in case of parallel contexts */ - /*! Implementation specific part */ - struct - { - uint8_t data[SSS_SSCP_SYMMETRIC_CONTEXT_SIZE]; - } context; -} sss_sscp_symmetric_t; - -typedef struct _sss_sscp_aead -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_sscp_session_t *session; - sss_sscp_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - - /*! Implementation specific part */ -} sss_sscp_aead_t; - -typedef struct _sss_sscp_digest -{ - /*! Virtual connection between application (user context) and specific security subsystem and function thereof. */ - sss_sscp_session_t *session; - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - /*! Full digest length per algorithm definition. This field is initialized along with algorithm. */ - size_t digestFullLen; - - /*! Implementation specific part */ - struct - { - uint8_t data[SSS_SSCP_DIGEST_CONTEXT_SIZE]; - } context; -} sss_sscp_digest_t; - -typedef struct _sss_sscp_mac -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_sscp_session_t *session; - sss_sscp_object_t *keyObject; /*!< Reference to key and it's properties. */ - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - - /*! Implementation specific part */ - uint32_t macFullLen; - struct - { - uint8_t data[SSS_SSCP_MAC_CONTEXT_SIZE]; - } context; -} sss_sscp_mac_t; - -typedef struct _sss_sscp_asymmetric -{ - sss_sscp_session_t *session; - sss_sscp_object_t *keyObject; - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - size_t signatureFullLen; - uint32_t sessionId; /*!< */ - /*! Implementation specific part */ -} sss_sscp_asymmetric_t; - -typedef struct _sss_sscp_tunnel -{ - sss_sscp_session_t *session; - uint32_t tunnelType; - uint32_t sessionId; /*!< */ - /*! Implementation specific part */ -} sss_sscp_tunnel_t; - -typedef struct _sss_sscp_derive_key -{ - sss_sscp_session_t *session; - sss_sscp_object_t *keyObject; - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - uint32_t sessionId; /*!< */ - /*! Implementation specific part */ -} sss_sscp_derive_key_t; - -typedef struct -{ - /** Context holder of session */ - sss_sscp_session_t *session; -} sss_sscp_rng_context_t; - -/******************************************************************************* - * API - ******************************************************************************/ -#if defined(__cplusplus) -extern "C" { -#endif - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/** - * @addtogroup sss_sscp_session - * @{ - */ -/** @copydoc sss_session_open - * - */ -sss_status_t sss_sscp_session_open(sss_sscp_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connection_type, - void *connectionData); - -/** @copydoc sss_session_prop_get_u32 - * - */ -sss_status_t sss_sscp_session_prop_get_u32(sss_sscp_session_t *session, uint32_t property, uint32_t *pValue); - -/** @copydoc sss_session_prop_get_au8 - * - */ -sss_status_t sss_sscp_session_prop_get_au8( - sss_sscp_session_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** @copydoc sss_session_close - * - */ -void sss_sscp_session_close(sss_sscp_session_t *session); - -/*! @} */ /* end of : sss_sscp_session */ - -/** - * @addtogroup sss_sscp_keyobj - * @{ - */ -/** @copydoc sss_key_object_init - * - */ -sss_status_t sss_sscp_key_object_init(sss_sscp_object_t *keyObject, sss_sscp_key_store_t *keyStore); - -/** @copydoc sss_key_object_allocate_handle - * - */ -sss_status_t sss_sscp_key_object_allocate_handle(sss_sscp_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t options); - -/** @copydoc sss_key_object_get_handle - * - */ -sss_status_t sss_sscp_key_object_get_handle(sss_sscp_object_t *keyObject, uint32_t keyId); - -/** @copydoc sss_key_object_set_user - * - */ -sss_status_t sss_sscp_key_object_set_user(sss_sscp_object_t *keyObject, uint32_t user, uint32_t options); - -/** @copydoc sss_key_object_set_purpose - * - */ -sss_status_t sss_sscp_key_object_set_purpose(sss_sscp_object_t *keyObject, sss_mode_t purpose, uint32_t options); - -/** @copydoc sss_key_object_set_access - * - */ -sss_status_t sss_sscp_key_object_set_access(sss_sscp_object_t *keyObject, uint32_t access, uint32_t options); - -/** @copydoc sss_key_object_set_eccgfp_group - * - */ -sss_status_t sss_sscp_key_object_set_eccgfp_group(sss_sscp_object_t *keyObject, sss_eccgfp_group_t *group); - -/** @copydoc sss_key_object_get_user - * - */ -sss_status_t sss_sscp_key_object_get_user(sss_sscp_object_t *keyObject, uint32_t *user); - -/** @copydoc sss_key_object_get_purpose - * - */ -sss_status_t sss_sscp_key_object_get_purpose(sss_sscp_object_t *keyObject, sss_mode_t *purpose); - -/** @copydoc sss_key_object_get_access - * - */ -sss_status_t sss_sscp_key_object_get_access(sss_sscp_object_t *keyObject, uint32_t *access); - -/** @copydoc sss_key_object_free - * - */ -void sss_sscp_key_object_free(sss_sscp_object_t *keyObject); - -/*! @} */ /* end of : sss_sscp_keyobj */ - -/** - * @addtogroup sss_sscp_keyderive - * @{ - */ -/** @copydoc sss_derive_key_context_init - * - */ -sss_status_t sss_sscp_derive_key_context_init(sss_sscp_derive_key_t *context, - sss_sscp_session_t *session, - sss_sscp_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_derive_key_one_go -* -*/ -sss_status_t sss_sscp_derive_key_one_go(sss_sscp_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_sscp_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_sobj_one_go -* -*/ -sss_status_t sss_sscp_derive_key_sobj_one_go(sss_sscp_derive_key_t *context, - sss_sscp_object_t *saltKeyObject, - const uint8_t *info, - size_t infoLen, - sss_sscp_object_t *derivedKeyObject, - uint16_t deriveDataLen); - -/** @copydoc sss_derive_key_go - * - */ -sss_status_t sss_sscp_derive_key_go(sss_sscp_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_sscp_object_t *derivedKeyObject, - uint16_t deriveDataLen, - uint8_t *hkdfOutput, - size_t *hkdfOutputLen); - -/** @copydoc sss_derive_key_dh - * - */ -sss_status_t sss_sscp_derive_key_dh( - sss_sscp_derive_key_t *context, sss_sscp_object_t *otherPartyKeyObject, sss_sscp_object_t *derivedKeyObject); - -/** @copydoc sss_derive_key_context_free - * - */ -void sss_sscp_derive_key_context_free(sss_sscp_derive_key_t *context); - -/*! @} */ /* end of : sss_sscp_keyderive */ - -/** - * @addtogroup sss_sscp_keystore - * @{ - */ -/** @copydoc sss_key_store_context_init - * - */ -sss_status_t sss_sscp_key_store_context_init(sss_sscp_key_store_t *keyStore, sss_sscp_session_t *session); - -/** @copydoc sss_key_store_allocate - * - */ -sss_status_t sss_sscp_key_store_allocate(sss_sscp_key_store_t *keyStore, uint32_t keyStoreId); - -/** @copydoc sss_key_store_save - * - */ -sss_status_t sss_sscp_key_store_save(sss_sscp_key_store_t *keyStore); - -/** @copydoc sss_key_store_load - * - */ -sss_status_t sss_sscp_key_store_load(sss_sscp_key_store_t *keyStore); - -/** @copydoc sss_key_store_set_key - * - */ -sss_status_t sss_sscp_key_store_set_key(sss_sscp_key_store_t *keyStore, - sss_sscp_object_t *keyObject, - const uint8_t *data, - size_t dataLen, - size_t keyBitLen, - void *options, - size_t optionsLen); - -/** @copydoc sss_key_store_generate_key - * - */ -sss_status_t sss_sscp_key_store_generate_key( - sss_sscp_key_store_t *keyStore, sss_sscp_object_t *keyObject, size_t keyBitLen, void *options); - -/** @copydoc sss_key_store_get_key - * - */ -sss_status_t sss_sscp_key_store_get_key( - sss_sscp_key_store_t *keyStore, sss_sscp_object_t *keyObject, uint8_t *data, size_t *dataLen, size_t *pKeyBitLen); - -#if 0 -/* To be reviewed: Purnank */ -/** @copydoc sss_sscp_key_store_get_key_fromoffset - * - */ -sss_status_t sss_sscp_key_store_get_key_fromoffset(sss_sscp_key_store_t *keyStore, - sss_sscp_object_t *keyObject, - uint8_t *data, - size_t *dataLen, - size_t *pKeyBitLen, - uint16_t offset); -#endif -/** @copydoc sss_key_store_open_key - * - */ -sss_status_t sss_sscp_key_store_open_key(sss_sscp_key_store_t *keyStore, sss_sscp_object_t *keyObject); - -/** @copydoc sss_key_store_freeze_key - * - */ -sss_status_t sss_sscp_key_store_freeze_key(sss_sscp_key_store_t *keyStore, sss_sscp_object_t *keyObject); - -/** @copydoc sss_key_store_erase_key - * - */ -sss_status_t sss_sscp_key_store_erase_key(sss_sscp_key_store_t *keyStore, sss_sscp_object_t *keyObject); - -/** @copydoc sss_key_store_context_free - * - */ -void sss_sscp_key_store_context_free(sss_sscp_key_store_t *keyStore); - -/*! @} */ /* end of : sss_sscp_keystore */ - -/** - * @addtogroup sss_sscp_asym - * @{ - */ -/** @copydoc sss_asymmetric_context_init - * - */ -sss_status_t sss_sscp_asymmetric_context_init(sss_sscp_asymmetric_t *context, - sss_sscp_session_t *session, - sss_sscp_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_asymmetric_encrypt - * - */ -sss_status_t sss_sscp_asymmetric_encrypt( - sss_sscp_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_decrypt - * - */ -sss_status_t sss_sscp_asymmetric_decrypt( - sss_sscp_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_sign_digest - * - */ -sss_status_t sss_sscp_asymmetric_sign_digest( - sss_sscp_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t *signatureLen); - -/** @copydoc sss_asymmetric_verify_digest - * - */ -sss_status_t sss_sscp_asymmetric_verify_digest( - sss_sscp_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t signatureLen); - -/** @copydoc sss_asymmetric_context_free - * - */ -void sss_sscp_asymmetric_context_free(sss_sscp_asymmetric_t *context); - -/*! @} */ /* end of : sss_sscp_asym */ - -/** - * @addtogroup sss_sscp_symm - * @{ - */ -/** @copydoc sss_symmetric_context_init - * - */ -sss_status_t sss_sscp_symmetric_context_init(sss_sscp_symmetric_t *context, - sss_sscp_session_t *session, - sss_sscp_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_cipher_one_go - * - */ -sss_status_t sss_sscp_cipher_one_go(sss_sscp_symmetric_t *context, - uint8_t *iv, - size_t ivLen, - const uint8_t *srcData, - uint8_t *destData, - size_t dataLen); - -/** @copydoc sss_cipher_init - * - */ -sss_status_t sss_sscp_cipher_init(sss_sscp_symmetric_t *context, uint8_t *iv, size_t ivLen); - -/** @copydoc sss_cipher_update - * - */ -sss_status_t sss_sscp_cipher_update( - sss_sscp_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_finish - * - */ -sss_status_t sss_sscp_cipher_finish( - sss_sscp_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_crypt_ctr - * - */ -sss_status_t sss_sscp_cipher_crypt_ctr(sss_sscp_symmetric_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *initialCounter, - uint8_t *lastEncryptedCounter, - size_t *szLeft); - -/** @copydoc sss_symmetric_context_free - * - */ -void sss_sscp_symmetric_context_free(sss_sscp_symmetric_t *context); - -/*! @} */ /* end of : sss_sscp_symm */ - -/** - * @addtogroup sss_sscp_aead - * @{ - */ -/** @copydoc sss_aead_context_init - * - */ -sss_status_t sss_sscp_aead_context_init(sss_sscp_aead_t *context, - sss_sscp_session_t *session, - sss_sscp_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_aead_one_go - * - */ -sss_status_t sss_sscp_aead_one_go(sss_sscp_aead_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *nonce, - size_t nonceLen, - const uint8_t *aad, - size_t aadLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_init - * - */ -sss_status_t sss_sscp_aead_init( - sss_sscp_aead_t *context, uint8_t *nonce, size_t nonceLen, size_t tagLen, size_t aadLen, size_t payloadLen); - -/** @copydoc sss_aead_update_aad - * - */ -sss_status_t sss_sscp_aead_update_aad(sss_sscp_aead_t *context, const uint8_t *aadData, size_t aadDataLen); - -/** @copydoc sss_aead_update - * - */ -sss_status_t sss_sscp_aead_update( - sss_sscp_aead_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_aead_finish - * - */ -sss_status_t sss_sscp_aead_finish(sss_sscp_aead_t *context, - const uint8_t *srcData, - size_t srcLen, - uint8_t *destData, - size_t *destLen, - uint8_t *tag, - size_t *tagLen); - -/** @copydoc sss_aead_context_free - * - */ -void sss_sscp_aead_context_free(sss_sscp_aead_t *context); - -/*! @} */ /* end of : sss_sscp_aead */ - -/** - * @addtogroup sss_sscp_mac - * @{ - */ -/** @copydoc sss_mac_context_init - * - */ -sss_status_t sss_sscp_mac_context_init(sss_sscp_mac_t *context, - sss_sscp_session_t *session, - sss_sscp_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_mac_one_go - * - */ -sss_status_t sss_sscp_mac_one_go( - sss_sscp_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_init - * - */ -sss_status_t sss_sscp_mac_init(sss_sscp_mac_t *context); - -/** @copydoc sss_mac_update - * - */ -sss_status_t sss_sscp_mac_update(sss_sscp_mac_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_mac_finish - * - */ -sss_status_t sss_sscp_mac_finish(sss_sscp_mac_t *context, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_context_free - * - */ -void sss_sscp_mac_context_free(sss_sscp_mac_t *context); - -/*! @} */ /* end of : sss_sscp_mac */ - -/** - * @addtogroup sss_sscp_md - * @{ - */ -/** @copydoc sss_digest_context_init - * - */ -sss_status_t sss_sscp_digest_context_init( - sss_sscp_digest_t *context, sss_sscp_session_t *session, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @copydoc sss_digest_one_go - * - */ -sss_status_t sss_sscp_digest_one_go( - sss_sscp_digest_t *context, const uint8_t *message, size_t messageLen, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_init - * - */ -sss_status_t sss_sscp_digest_init(sss_sscp_digest_t *context); - -/** @copydoc sss_digest_update - * - */ -sss_status_t sss_sscp_digest_update(sss_sscp_digest_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_digest_finish - * - */ -sss_status_t sss_sscp_digest_finish(sss_sscp_digest_t *context, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_context_free - * - */ -void sss_sscp_digest_context_free(sss_sscp_digest_t *context); - -/*! @} */ /* end of : sss_sscp_md */ - -/** - * @addtogroup sss_sscp_rng - * @{ - */ -/** @copydoc sss_rng_context_init - * - */ -sss_status_t sss_sscp_rng_context_init(sss_sscp_rng_context_t *context, sss_sscp_session_t *session); - -/** @copydoc sss_rng_get_random - * - */ -sss_status_t sss_sscp_rng_get_random(sss_sscp_rng_context_t *context, uint8_t *random_data, size_t dataLen); - -/** @copydoc sss_rng_context_free - * - */ -sss_status_t sss_sscp_rng_context_free(sss_sscp_rng_context_t *context); - -/*! @} */ /* end of : sss_sscp_rng */ - -#if defined(__cplusplus) -} -#endif - -#endif /* _FSL_SSS_SSCP_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_apis.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_apis.h deleted file mode 100644 index 65900ab50..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_apis.h +++ /dev/null @@ -1,627 +0,0 @@ -/* - * - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef fsl_sss_user_apis_H -#define fsl_sss_user_apis_H - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_HOSTCRYPTO_USER -#include - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/** - * @addtogroup sss_user_impl_session - * @{ - */ -/** @copydoc sss_session_create - * - */ -sss_status_t sss_user_impl_session_create(sss_user_impl_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connetion_type, - void *connectionData); - -/** @copydoc sss_session_open - * - */ -sss_status_t sss_user_impl_session_open(sss_user_impl_session_t *session, - sss_type_t subsystem, - uint32_t application_id, - sss_connection_type_t connetion_type, - void *connectionData); - -/** @copydoc sss_session_prop_get_u32 - * - */ -sss_status_t sss_user_impl_session_prop_get_u32(sss_user_impl_session_t *session, uint32_t property, uint32_t *pValue); - -/** @copydoc sss_session_prop_get_au8 - * - */ -sss_status_t sss_user_impl_session_prop_get_au8( - sss_user_impl_session_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** @copydoc sss_session_close - * - */ -void sss_user_impl_session_close(sss_user_impl_session_t *session); - -/** @copydoc sss_session_delete - * - */ -void sss_user_impl_session_delete(sss_user_impl_session_t *session); - -/*! @} */ /* end of : sss_user_impl_session */ - -/** - * @addtogroup sss_user_impl_keyobj - * @{ - */ -/** @copydoc sss_key_object_init - * - */ -sss_status_t sss_user_impl_key_object_init(sss_user_impl_object_t *keyObject, sss_user_impl_key_store_t *keyStore); - -/** @copydoc sss_key_object_allocate_handle - * - */ -sss_status_t sss_user_impl_key_object_allocate_handle(sss_user_impl_object_t *keyObject, - uint32_t keyId, - sss_key_part_t keyPart, - sss_cipher_type_t cipherType, - size_t keyByteLenMax, - uint32_t options); - -/** @copydoc sss_key_object_get_handle - * - */ -sss_status_t sss_user_impl_key_object_get_handle(sss_user_impl_object_t *keyObject, uint32_t keyId); - -/** @copydoc sss_key_object_set_user - * - */ -sss_status_t sss_user_impl_key_object_set_user(sss_user_impl_object_t *keyObject, uint32_t user, uint32_t options); - -/** @copydoc sss_key_object_set_purpose - * - */ -sss_status_t sss_user_impl_key_object_set_purpose( - sss_user_impl_object_t *keyObject, sss_mode_t purpose, uint32_t options); - -/** @copydoc sss_key_object_set_access - * - */ -sss_status_t sss_user_impl_key_object_set_access(sss_user_impl_object_t *keyObject, uint32_t access, uint32_t options); - -/** @copydoc sss_key_object_set_eccgfp_group - * - */ -sss_status_t sss_user_impl_key_object_set_eccgfp_group(sss_user_impl_object_t *keyObject, sss_eccgfp_group_t *group); - -/** @copydoc sss_key_object_get_user - * - */ -sss_status_t sss_user_impl_key_object_get_user(sss_user_impl_object_t *keyObject, uint32_t *user); - -/** @copydoc sss_key_object_get_purpose - * - */ -sss_status_t sss_user_impl_key_object_get_purpose(sss_user_impl_object_t *keyObject, sss_mode_t *purpose); - -/** @copydoc sss_key_object_get_access - * - */ -sss_status_t sss_user_impl_key_object_get_access(sss_user_impl_object_t *keyObject, uint32_t *access); - -/** @copydoc sss_key_object_free - * - */ -void sss_user_impl_key_object_free(sss_user_impl_object_t *keyObject); - -/*! @} */ /* end of : sss_user_impl_keyobj */ - -/** - * @addtogroup sss_user_impl_keyderive - * @{ - */ -/** @copydoc sss_derive_key_context_init - * - */ -sss_status_t sss_user_impl_derive_key_context_init(sss_user_impl_derive_key_t *context, - sss_user_impl_session_t *session, - sss_user_impl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_derive_key_go - * - */ -sss_status_t sss_user_impl_derive_key_go(sss_user_impl_derive_key_t *context, - const uint8_t *saltData, - size_t saltLen, - const uint8_t *info, - size_t infoLen, - sss_user_impl_object_t *derivedKeyObject, - uint16_t deriveDataLen, - uint8_t *hkdfOutput, - size_t *hkdfOutputLen); - -/** @copydoc sss_derive_key_dh - * - */ -sss_status_t sss_user_impl_derive_key_dh(sss_user_impl_derive_key_t *context, - sss_user_impl_object_t *otherPartyKeyObject, - sss_user_impl_object_t *derivedKeyObject); - -/** @copydoc sss_derive_key_context_free - * - */ -void sss_user_impl_derive_key_context_free(sss_user_impl_derive_key_t *context); - -/*! @} */ /* end of : sss_user_impl_keyderive */ - -/** - * @addtogroup sss_user_impl_keystore - * @{ - */ -/** @copydoc sss_key_store_context_init - * - */ -sss_status_t sss_user_impl_key_store_context_init( - sss_user_impl_key_store_t *keyStore, sss_user_impl_session_t *session); - -/** @copydoc sss_key_store_allocate - * - */ -sss_status_t sss_user_impl_key_store_allocate(sss_user_impl_key_store_t *keyStore, uint32_t keyStoreId); - -/** @copydoc sss_key_store_save - * - */ -sss_status_t sss_user_impl_key_store_save(sss_user_impl_key_store_t *keyStore); - -/** @copydoc sss_key_store_load - * - */ -sss_status_t sss_user_impl_key_store_load(sss_user_impl_key_store_t *keyStore); - -/** @copydoc sss_key_store_set_key - * - */ -sss_status_t sss_user_impl_key_store_set_key(sss_user_impl_key_store_t *keyStore, - sss_user_impl_object_t *keyObject, - const uint8_t *data, - size_t dataLen, - size_t keyBitLen, - void *options, - size_t optionsLen); - -/** @copydoc sss_key_store_generate_key - * - */ -sss_status_t sss_user_impl_key_store_generate_key( - sss_user_impl_key_store_t *keyStore, sss_user_impl_object_t *keyObject, size_t keyBitLen, void *options); - -/** @copydoc sss_key_store_get_key - * - */ -sss_status_t sss_user_impl_key_store_get_key(sss_user_impl_key_store_t *keyStore, - sss_user_impl_object_t *keyObject, - uint8_t *data, - size_t *dataLen, - size_t *pKeyBitLen); - -/** @copydoc sss_key_store_open_key - * - */ -sss_status_t sss_user_impl_key_store_open_key(sss_user_impl_key_store_t *keyStore, sss_user_impl_object_t *keyObject); - -/** @copydoc sss_key_store_freeze_key - * - */ -sss_status_t sss_user_impl_key_store_freeze_key(sss_user_impl_key_store_t *keyStore, sss_user_impl_object_t *keyObject); - -/** @copydoc sss_key_store_erase_key - * - */ -sss_status_t sss_user_impl_key_store_erase_key(sss_user_impl_key_store_t *keyStore, sss_user_impl_object_t *keyObject); - -/** @copydoc sss_key_store_prop_get_u32 - * - */ -sss_status_t sss_user_impl_key_store_prop_get_u32( - sss_user_impl_key_store_t *session, uint32_t property, uint32_t *pValue); - -/** @copydoc sss_key_store_prop_get_au8 - * - */ -sss_status_t sss_user_impl_key_store_prop_get_au8( - sss_user_impl_key_store_t *session, uint32_t property, uint8_t *pValue, size_t *pValueLen); - -/** @copydoc sss_key_store_context_free - * - */ -void sss_user_impl_key_store_context_free(sss_user_impl_key_store_t *keyStore); - -/*! @} */ /* end of : sss_user_impl_keystore */ - -/** - * @addtogroup sss_user_impl_asym - * @{ - */ -/** @copydoc sss_asymmetric_context_init - * - */ -sss_status_t sss_user_impl_asymmetric_context_init(sss_user_impl_asymmetric_t *context, - sss_user_impl_session_t *session, - sss_user_impl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_asymmetric_encrypt - * - */ -sss_status_t sss_user_impl_asymmetric_encrypt( - sss_user_impl_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_decrypt - * - */ -sss_status_t sss_user_impl_asymmetric_decrypt( - sss_user_impl_asymmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_asymmetric_sign_digest - * - */ -sss_status_t sss_user_impl_asymmetric_sign_digest( - sss_user_impl_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t *signatureLen); - -/** @copydoc sss_asymmetric_verify_digest - * - */ -sss_status_t sss_user_impl_asymmetric_verify_digest( - sss_user_impl_asymmetric_t *context, uint8_t *digest, size_t digestLen, uint8_t *signature, size_t signatureLen); - -/** @copydoc sss_asymmetric_context_free - * - */ -void sss_user_impl_asymmetric_context_free(sss_user_impl_asymmetric_t *context); - -/*! @} */ /* end of : sss_user_impl_asym */ - -/** - * @addtogroup sss_user_impl_symm - * @{ - */ -/** @copydoc sss_symmetric_context_init - * - */ -sss_status_t sss_user_impl_symmetric_context_init(sss_user_impl_symmetric_t *context, - sss_user_impl_session_t *session, - sss_user_impl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_cipher_one_go - * - */ -sss_status_t sss_user_impl_cipher_one_go(sss_user_impl_symmetric_t *context, - uint8_t *iv, - size_t ivLen, - const uint8_t *srcData, - uint8_t *destData, - size_t dataLen); - -/** @copydoc sss_cipher_init - * - */ -sss_status_t sss_user_impl_cipher_init(sss_user_impl_symmetric_t *context, uint8_t *iv, size_t ivLen); - -/** @copydoc sss_cipher_update - * - */ -sss_status_t sss_user_impl_cipher_update( - sss_user_impl_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_finish - * - */ -sss_status_t sss_user_impl_cipher_finish( - sss_user_impl_symmetric_t *context, const uint8_t *srcData, size_t srcLen, uint8_t *destData, size_t *destLen); - -/** @copydoc sss_cipher_crypt_ctr - * - */ -sss_status_t sss_user_impl_cipher_crypt_ctr(sss_user_impl_symmetric_t *context, - const uint8_t *srcData, - uint8_t *destData, - size_t size, - uint8_t *initialCounter, - uint8_t *lastEncryptedCounter, - size_t *szLeft); - -/** @copydoc sss_symmetric_context_free - * - */ -void sss_user_impl_symmetric_context_free(sss_user_impl_symmetric_t *context); - -/*! @} */ /* end of : sss_user_impl_symm */ - -/** - * @addtogroup sss_user_impl_aead - * @{ - */ - -/** - * @addtogroup sss_user_impl_mac - * @{ - */ -/** @copydoc sss_mac_context_init - * - */ -sss_status_t sss_user_impl_mac_context_init(sss_user_impl_mac_t *context, - sss_user_impl_session_t *session, - sss_user_impl_object_t *keyObject, - sss_algorithm_t algorithm, - sss_mode_t mode); - -/** @copydoc sss_mac_one_go - * - */ -sss_status_t sss_user_impl_mac_one_go( - sss_user_impl_mac_t *context, const uint8_t *message, size_t messageLen, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_init - * - */ -sss_status_t sss_user_impl_mac_init(sss_user_impl_mac_t *context); - -/** @copydoc sss_mac_update - * - */ -sss_status_t sss_user_impl_mac_update(sss_user_impl_mac_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_mac_finish - * - */ -sss_status_t sss_user_impl_mac_finish(sss_user_impl_mac_t *context, uint8_t *mac, size_t *macLen); - -/** @copydoc sss_mac_context_free - * - */ -void sss_user_impl_mac_context_free(sss_user_impl_mac_t *context); - -/*! @} */ /* end of : sss_user_impl_mac */ - -/** - * @addtogroup sss_user_impl_md - * @{ - */ -/** @copydoc sss_digest_context_init - * - */ -sss_status_t sss_user_impl_digest_context_init( - sss_user_impl_digest_t *context, sss_user_impl_session_t *session, sss_algorithm_t algorithm, sss_mode_t mode); - -/** @copydoc sss_digest_one_go - * - */ -sss_status_t sss_user_impl_digest_one_go( - sss_user_impl_digest_t *context, const uint8_t *message, size_t messageLen, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_init - * - */ -sss_status_t sss_user_impl_digest_init(sss_user_impl_digest_t *context); - -/** @copydoc sss_digest_update - * - */ -sss_status_t sss_user_impl_digest_update(sss_user_impl_digest_t *context, const uint8_t *message, size_t messageLen); - -/** @copydoc sss_digest_finish - * - */ -sss_status_t sss_user_impl_digest_finish(sss_user_impl_digest_t *context, uint8_t *digest, size_t *digestLen); - -/** @copydoc sss_digest_context_free - * - */ -void sss_user_impl_digest_context_free(sss_user_impl_digest_t *context); - -/*! @} */ /* end of : sss_user_impl_md */ - -/** - * @addtogroup sss_user_impl_rng - * @{ - */ -/** @copydoc sss_rng_context_init - * - */ -sss_status_t sss_user_impl_rng_context_init(sss_user_impl_rng_context_t *context, sss_user_impl_session_t *session); - -/** @copydoc sss_rng_get_random - * - */ -sss_status_t sss_user_impl_rng_get_random(sss_user_impl_rng_context_t *context, uint8_t *random_data, size_t dataLen); - -/** @copydoc sss_rng_context_free - * - */ -sss_status_t sss_user_impl_rng_context_free(sss_user_impl_rng_context_t *context); - -/*! @} */ /* end of : sss_user_impl_rng */ - -/* clang-format off */ - - /* Host Call : session */ -# define sss_host_session_create(session,subsystem,application_id,connetion_type,connectionData) \ - sss_user_impl_session_create(((sss_user_impl_session_t * ) session),(subsystem),(application_id),(connetion_type),(connectionData)) -# define sss_host_session_open(session,subsystem,application_id,connetion_type,connectionData) \ - sss_user_impl_session_open(((sss_user_impl_session_t * ) session),(subsystem),(application_id),(connetion_type),(connectionData)) -# define sss_host_session_prop_get_u32(session,property,pValue) \ - sss_user_impl_session_prop_get_u32(((sss_user_impl_session_t * ) session),(property),(pValue)) -# define sss_host_session_prop_get_au8(session,property,pValue,pValueLen) \ - sss_user_impl_session_prop_get_au8(((sss_user_impl_session_t * ) session),(property),(pValue),(pValueLen)) -# define sss_host_session_close(session) \ - sss_user_impl_session_close(((sss_user_impl_session_t * ) session)) -# define sss_host_session_delete(session) \ - sss_user_impl_session_delete(((sss_user_impl_session_t * ) session)) - /* Host Call : keyobj */ -# define sss_host_key_object_init(keyObject,keyStore) \ - sss_user_impl_key_object_init(((sss_user_impl_object_t * ) keyObject),((sss_user_impl_key_store_t * ) keyStore)) -# define sss_host_key_object_allocate_handle(keyObject,keyId,keyPart,cipherType,keyByteLenMax,options) \ - sss_user_impl_key_object_allocate_handle(((sss_user_impl_object_t * ) keyObject),(keyId),(keyPart),(cipherType),(keyByteLenMax),(options)) -# define sss_host_key_object_get_handle(keyObject,keyId) \ - sss_user_impl_key_object_get_handle(((sss_user_impl_object_t * ) keyObject),(keyId)) -# define sss_host_key_object_set_user(keyObject,user,options) \ - sss_user_impl_key_object_set_user(((sss_user_impl_object_t * ) keyObject),(user),(options)) -# define sss_host_key_object_set_purpose(keyObject,purpose,options) \ - sss_user_impl_key_object_set_purpose(((sss_user_impl_object_t * ) keyObject),(purpose),(options)) -# define sss_host_key_object_set_access(keyObject,access,options) \ - sss_user_impl_key_object_set_access(((sss_user_impl_object_t * ) keyObject),(access),(options)) -# define sss_host_key_object_set_eccgfp_group(keyObject,group) \ - sss_user_impl_key_object_set_eccgfp_group(((sss_user_impl_object_t * ) keyObject),(group)) -# define sss_host_key_object_get_user(keyObject,user) \ - sss_user_impl_key_object_get_user(((sss_user_impl_object_t * ) keyObject),(user)) -# define sss_host_key_object_get_purpose(keyObject,purpose) \ - sss_user_impl_key_object_get_purpose(((sss_user_impl_object_t * ) keyObject),(purpose)) -# define sss_host_key_object_get_access(keyObject,access) \ - sss_user_impl_key_object_get_access(((sss_user_impl_object_t * ) keyObject),(access)) -# define sss_host_key_object_free(keyObject) \ - sss_user_impl_key_object_free(((sss_user_impl_object_t * ) keyObject)) - /* Host Call : keyderive */ -# define sss_host_derive_key_context_init(context,session,keyObject,algorithm,mode) \ - sss_user_impl_derive_key_context_init(((sss_user_impl_derive_key_t * ) context),((sss_user_impl_session_t * ) session),((sss_user_impl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_derive_key_go(context,saltData,saltLen,info,infoLen,derivedKeyObject,deriveDataLen,hkdfOutput,hkdfOutputLen) \ - sss_user_impl_derive_key_go(((sss_user_impl_derive_key_t * ) context),(saltData),(saltLen),(info),(infoLen),((sss_user_impl_object_t * ) derivedKeyObject),(deriveDataLen),(hkdfOutput),(hkdfOutputLen)) -# define sss_host_derive_key_dh(context,otherPartyKeyObject,derivedKeyObject) \ - sss_user_impl_derive_key_dh(((sss_user_impl_derive_key_t * ) context),((sss_user_impl_object_t * ) otherPartyKeyObject),((sss_user_impl_object_t * ) derivedKeyObject)) -# define sss_host_derive_key_context_free(context) \ - sss_user_impl_derive_key_context_free(((sss_user_impl_derive_key_t * ) context)) - /* Host Call : keystore */ -# define sss_host_key_store_context_init(keyStore,session) \ - sss_user_impl_key_store_context_init(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_session_t * ) session)) -# define sss_host_key_store_allocate(keyStore,keyStoreId) \ - sss_user_impl_key_store_allocate(((sss_user_impl_key_store_t * ) keyStore),(keyStoreId)) -# define sss_host_key_store_save(keyStore) \ - sss_user_impl_key_store_save(((sss_user_impl_key_store_t * ) keyStore)) -# define sss_host_key_store_load(keyStore) \ - sss_user_impl_key_store_load(((sss_user_impl_key_store_t * ) keyStore)) -# define sss_host_key_store_set_key(keyStore,keyObject,data,dataLen,keyBitLen,options,optionsLen) \ - sss_user_impl_key_store_set_key(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_object_t * ) keyObject),(data),(dataLen),(keyBitLen),(options),(optionsLen)) -# define sss_host_key_store_generate_key(keyStore,keyObject,keyBitLen,options) \ - sss_user_impl_key_store_generate_key(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_object_t * ) keyObject),(keyBitLen),(options)) -# define sss_host_key_store_get_key(keyStore,keyObject,data,dataLen,pKeyBitLen) \ - sss_user_impl_key_store_get_key(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_object_t * ) keyObject),(data),(dataLen),(pKeyBitLen)) -# define sss_host_key_store_open_key(keyStore,keyObject) \ - sss_user_impl_key_store_open_key(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_object_t * ) keyObject)) -# define sss_host_key_store_freeze_key(keyStore,keyObject) \ - sss_user_impl_key_store_freeze_key(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_object_t * ) keyObject)) -# define sss_host_key_store_erase_key(keyStore,keyObject) \ - sss_user_impl_key_store_erase_key(((sss_user_impl_key_store_t * ) keyStore),((sss_user_impl_object_t * ) keyObject)) -# define sss_host_key_store_prop_get_u32(session,property,pValue) \ - sss_user_impl_key_store_prop_get_u32(((sss_user_impl_key_store_t * ) session),(property),(pValue)) -# define sss_host_key_store_prop_get_au8(session,property,pValue,pValueLen) \ - sss_user_impl_key_store_prop_get_au8(((sss_user_impl_key_store_t * ) session),(property),(pValue),(pValueLen)) -# define sss_host_key_store_context_free(keyStore) \ - sss_user_impl_key_store_context_free(((sss_user_impl_key_store_t * ) keyStore)) - /* Host Call : asym */ -# define sss_host_asymmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_user_impl_asymmetric_context_init(((sss_user_impl_asymmetric_t * ) context),((sss_user_impl_session_t * ) session),((sss_user_impl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_asymmetric_encrypt(context,srcData,srcLen,destData,destLen) \ - sss_user_impl_asymmetric_encrypt(((sss_user_impl_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_asymmetric_decrypt(context,srcData,srcLen,destData,destLen) \ - sss_user_impl_asymmetric_decrypt(((sss_user_impl_asymmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_asymmetric_sign_digest(context,digest,digestLen,signature,signatureLen) \ - sss_user_impl_asymmetric_sign_digest(((sss_user_impl_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_host_asymmetric_verify_digest(context,digest,digestLen,signature,signatureLen) \ - sss_user_impl_asymmetric_verify_digest(((sss_user_impl_asymmetric_t * ) context),(digest),(digestLen),(signature),(signatureLen)) -# define sss_host_asymmetric_context_free(context) \ - sss_user_impl_asymmetric_context_free(((sss_user_impl_asymmetric_t * ) context)) - /* Host Call : symm */ -# define sss_host_symmetric_context_init(context,session,keyObject,algorithm,mode) \ - sss_user_impl_symmetric_context_init(((sss_user_impl_symmetric_t * ) context),((sss_user_impl_session_t * ) session),((sss_user_impl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_cipher_one_go(context,iv,ivLen,srcData,destData,dataLen) \ - sss_user_impl_cipher_one_go(((sss_user_impl_symmetric_t * ) context),(iv),(ivLen),(srcData),(destData),(dataLen)) -# define sss_host_cipher_init(context,iv,ivLen) \ - sss_user_impl_cipher_init(((sss_user_impl_symmetric_t * ) context),(iv),(ivLen)) -# define sss_host_cipher_update(context,srcData,srcLen,destData,destLen) \ - sss_user_impl_cipher_update(((sss_user_impl_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_cipher_finish(context,srcData,srcLen,destData,destLen) \ - sss_user_impl_cipher_finish(((sss_user_impl_symmetric_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_cipher_crypt_ctr(context,srcData,destData,size,initialCounter,lastEncryptedCounter,szLeft) \ - sss_user_impl_cipher_crypt_ctr(((sss_user_impl_symmetric_t * ) context),(srcData),(destData),(size),(initialCounter),(lastEncryptedCounter),(szLeft)) -# define sss_host_symmetric_context_free(context) \ - sss_user_impl_symmetric_context_free(((sss_user_impl_symmetric_t * ) context)) - /* Host Call : aead */ -# define sss_host_aead_context_init(context,session,keyObject,algorithm,mode) \ - sss_user_impl_aead_context_init(((sss_user_impl_aead_t * ) context),((sss_user_impl_session_t * ) session),((sss_user_impl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_aead_one_go(context,srcData,destData,size,nonce,nonceLen,aad,aadLen,tag,tagLen) \ - sss_user_impl_aead_one_go(((sss_user_impl_aead_t * ) context),(srcData),(destData),(size),(nonce),(nonceLen),(aad),(aadLen),(tag),(tagLen)) -# define sss_host_aead_init(context,nonce,nonceLen,tagLen,aadLen,payloadLen) \ - sss_user_impl_aead_init(((sss_user_impl_aead_t * ) context),(nonce),(nonceLen),(tagLen),(aadLen),(payloadLen)) -# define sss_host_aead_update_aad(context,aadData,aadDataLen) \ - sss_user_impl_aead_update_aad(((sss_user_impl_aead_t * ) context),(aadData),(aadDataLen)) -# define sss_host_aead_update(context,srcData,srcLen,destData,destLen) \ - sss_user_impl_aead_update(((sss_user_impl_aead_t * ) context),(srcData),(srcLen),(destData),(destLen)) -# define sss_host_aead_finish(context,srcData,srcLen,destData,destLen,tag,tagLen) \ - sss_user_impl_aead_finish(((sss_user_impl_aead_t * ) context),(srcData),(srcLen),(destData),(destLen),(tag),(tagLen)) -# define sss_host_aead_context_free(context) \ - sss_user_impl_aead_context_free(((sss_user_impl_aead_t * ) context)) - /* Host Call : mac */ -# define sss_host_mac_context_init(context,session,keyObject,algorithm,mode) \ - sss_user_impl_mac_context_init(((sss_user_impl_mac_t * ) context),((sss_user_impl_session_t * ) session),((sss_user_impl_object_t * ) keyObject),(algorithm),(mode)) -# define sss_host_mac_one_go(context,message,messageLen,mac,macLen) \ - sss_user_impl_mac_one_go(((sss_user_impl_mac_t * ) context),(message),(messageLen),(mac),(macLen)) -# define sss_host_mac_init(context) \ - sss_user_impl_mac_init(((sss_user_impl_mac_t * ) context)) -# define sss_host_mac_update(context,message,messageLen) \ - sss_user_impl_mac_update(((sss_user_impl_mac_t * ) context),(message),(messageLen)) -# define sss_host_mac_finish(context,mac,macLen) \ - sss_user_impl_mac_finish(((sss_user_impl_mac_t * ) context),(mac),(macLen)) -# define sss_host_mac_context_free(context) \ - sss_user_impl_mac_context_free(((sss_user_impl_mac_t * ) context)) - /* Host Call : md */ -# define sss_host_digest_context_init(context,session,algorithm,mode) \ - sss_user_impl_digest_context_init(((sss_user_impl_digest_t * ) context),((sss_user_impl_session_t * ) session),(algorithm),(mode)) -# define sss_host_digest_one_go(context,message,messageLen,digest,digestLen) \ - sss_user_impl_digest_one_go(((sss_user_impl_digest_t * ) context),(message),(messageLen),(digest),(digestLen)) -# define sss_host_digest_init(context) \ - sss_user_impl_digest_init(((sss_user_impl_digest_t * ) context)) -# define sss_host_digest_update(context,message,messageLen) \ - sss_user_impl_digest_update(((sss_user_impl_digest_t * ) context),(message),(messageLen)) -# define sss_host_digest_finish(context,digest,digestLen) \ - sss_user_impl_digest_finish(((sss_user_impl_digest_t * ) context),(digest),(digestLen)) -# define sss_host_digest_context_free(context) \ - sss_user_impl_digest_context_free(((sss_user_impl_digest_t * ) context)) - /* Host Call : rng */ -# define sss_host_rng_context_init(context,session) \ - sss_user_impl_rng_context_init(((sss_user_impl_rng_context_t * ) context),((sss_user_impl_session_t * ) session)) -# define sss_host_rng_get_random(context,random_data,dataLen) \ - sss_user_impl_rng_get_random(((sss_user_impl_rng_context_t * ) context),(random_data),(dataLen)) -# define sss_host_rng_context_free(context) \ - sss_user_impl_rng_context_free(((sss_user_impl_rng_context_t * ) context)) - -/* clang-format on */ -#endif /* SSS_HAVE_HOSTCRYPTO_USER */ -#ifdef __cplusplus -} // extern "C" -#endif /* __cplusplus */ - -#endif /* fsl_sss_user_apis_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_types.h deleted file mode 100644 index 302c34e90..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_user_types.h +++ /dev/null @@ -1,144 +0,0 @@ -/* - * - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef SSS_APIS_INC_fsl_sss_user_types_H_ -#define SSS_APIS_INC_fsl_sss_user_types_H_ - -/* ************************************************************************** */ -/* Includes */ -/* ************************************************************************** */ - -#include - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_HOSTCRYPTO_USER - -/** - * @addtogroup sss_sw_host_impl - * @{ - */ - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ - -#define SSS_SUBSYSTEM_TYPE_IS_HOST(subsystem) (subsystem == kType_SSS_mbedTLS) - -#define SSS_SESSION_TYPE_IS_HOST(session) (session && SSS_SUBSYSTEM_TYPE_IS_HOST(session->subsystem)) - -#define SSS_KEY_STORE_TYPE_IS_HOST(keyStore) (keyStore && SSS_SESSION_TYPE_IS_HOST(keyStore->session)) - -#define SSS_OBJECT_TYPE_IS_HOST(pObject) (pObject && SSS_KEY_STORE_TYPE_IS_HOST(pObject->keyStore)) - -#define SSS_SYMMETRIC_TYPE_IS_HOST(context) (context && SSS_SESSION_TYPE_IS_HOST(context->session)) - -#define SSS_RNG_CONTEXT_TYPE_IS_HOST(context) (context && SSS_SESSION_TYPE_IS_HOST(context->session)) - -/* ************************************************************************** */ -/* Structrues and Typedefs */ -/* ************************************************************************** */ - -struct _sss_user_impl_session; - -typedef struct _sss_user_impl_session -{ - /*! Indicates which security subsystem is selected to be used. */ - sss_type_t subsystem; - -} sss_user_impl_session_t; - -struct _sss_user_impl_object; - -typedef struct _sss_user_impl_key_store -{ - sss_user_impl_session_t *session; - -} sss_user_impl_key_store_t; - -typedef struct _sss_user_impl_object -{ - /*! key store holding the data and other properties */ - sss_user_impl_key_store_t *keyStore; - /*! Object types */ - uint32_t objectType; - uint32_t cipherType; - /*! Application specific key identifier. The keyId is kept in the key store - * along with the key data and other properties. */ - uint32_t keyId; -} sss_user_impl_object_t; - -typedef struct _sss_user_impl_derive_key -{ - sss_user_impl_session_t *session; - sss_user_impl_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ -} sss_user_impl_derive_key_t; - -typedef struct _sss_user_impl_asymmetric -{ - sss_user_impl_session_t *session; - sss_user_impl_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ -} sss_user_impl_asymmetric_t; - -typedef struct _sss_user_impl_symmetric -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_user_impl_session_t *session; - /*** Reference to key and it's properties. */ - sss_user_impl_object_t *keyObject; - sss_algorithm_t algorithm; - sss_mode_t mode; -} sss_user_impl_symmetric_t; - -typedef struct _sss_user_impl_mac -{ - sss_user_impl_session_t *session; - /*! Reference to key and it's properties. */ - sss_user_impl_object_t *keyObject; - sss_algorithm_t algorithm; /*! */ - sss_mode_t mode; /*! */ -} sss_user_impl_mac_t; - -typedef struct _sss_user_impl_digest -{ - /*! Virtual connection between application (user context) and specific - * security subsystem and function thereof. */ - sss_user_impl_session_t *session; - sss_algorithm_t algorithm; /*!< */ - sss_mode_t mode; /*!< */ - /*! Full digest length per algorithm definition. This field is initialized along with algorithm. */ - size_t digestFullLen; - /*! Implementation specific part */ -} sss_user_impl_digest_t; - -typedef struct -{ - sss_user_impl_session_t *session; - -} sss_user_impl_rng_context_t; - -/* ************************************************************************** */ -/* Global Variables */ -/* ************************************************************************** */ - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ - -/** @} */ - -#endif /* SSS_HAVE_HOSTCRYPTO_USER */ - -#endif /* SSS_APIS_INC_fsl_sss_user_types_H_ */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_asn1_der.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_asn1_der.h deleted file mode 100644 index ae83a08ca..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_asn1_der.h +++ /dev/null @@ -1,175 +0,0 @@ -/* -* -* Copyright 2018-2020 NXP -* SPDX-License-Identifier: Apache-2.0 -*/ - -#ifndef FSL_SSS_UTIL_ASN1_DER_H -#define FSL_SSS_UTIL_ASN1_DER_H - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#include - -/* ************************************************************************** */ -/* Defines */ -/* ************************************************************************** */ -#define ASN_TAG_INT 0x02 -#define ASN_TAG_SEQUENCE 0x30 -#define ASN_TAG_BITSTRING 0x03 -#define ASN_TAG_OCTETSTRING 0x04 -#define ASN_TAG_OBJ_IDF 0x06 -#define ASN_TAG_CNT_SPECIFIC 0xA1 -#define ASN_TAG_CNT_SPECIFIC_PRIMITIVE 0x80 -#define ASN_TAG_CRL_EXTENSIONS 0xA0 - -extern const uint8_t grsa1kPubHeader[]; -extern const uint8_t grsa1152PubHeader[]; -extern const uint8_t grsa2kPubHeader[]; -extern const uint8_t grsa3kPubHeader[]; -extern const uint8_t grsa4kPubHeader[]; -extern const uint8_t gecc_der_header_nist192[]; -extern const uint8_t gecc_der_header_nist224[]; -extern const uint8_t gecc_der_header_nist256[]; -extern const uint8_t gecc_der_header_nist384[]; -extern const uint8_t gecc_der_header_nist521[]; -extern const uint8_t gecc_der_header_160k[]; -extern const uint8_t gecc_der_header_192k[]; -extern const uint8_t gecc_der_header_224k[]; -extern const uint8_t gecc_der_header_256k[]; -extern const uint8_t gecc_der_header_bp160[]; -extern const uint8_t gecc_der_header_bp192[]; -extern const uint8_t gecc_der_header_bp224[]; -extern const uint8_t gecc_der_header_bp256[]; -extern const uint8_t gecc_der_header_bp320[]; -extern const uint8_t gecc_der_header_bp384[]; -extern const uint8_t gecc_der_header_bp512[]; -extern const uint8_t gecc_der_header_mont_dh_448[]; -extern const uint8_t gecc_der_header_mont_dh_25519[]; -extern const uint8_t gecc_der_header_twisted_ed_25519[]; - -extern const size_t der_ecc_nistp192_header_len; -extern const size_t der_ecc_nistp224_header_len; -extern const size_t der_ecc_nistp256_header_len; -extern const size_t der_ecc_nistp384_header_len; -extern const size_t der_ecc_nistp521_header_len; -extern const size_t der_ecc_160k_header_len; -extern const size_t der_ecc_192k_header_len; -extern const size_t der_ecc_224k_header_len; -extern const size_t der_ecc_256k_header_len; -extern const size_t der_ecc_bp160_header_len; -extern const size_t der_ecc_bp192_header_len; -extern const size_t der_ecc_bp224_header_len; -extern const size_t der_ecc_bp256_header_len; -extern const size_t der_ecc_bp320_header_len; -extern const size_t der_ecc_bp384_header_len; -extern const size_t der_ecc_bp512_header_len; -extern const size_t der_ecc_mont_dh_448_header_len; -extern const size_t der_ecc_mont_dh_25519_header_len; -extern const size_t der_ecc_twisted_ed_25519_header_len; - -/* ************************************************************************** */ -/* Functions */ -/* ************************************************************************** */ -/**/ -sss_status_t sss_util_asn1_rsa_parse_private(const uint8_t *key, - size_t keylen, - sss_cipher_type_t cipher_type, - uint8_t **modulus, - size_t *modlen, - uint8_t **pubExp, - size_t *pubExplen, - uint8_t **priExp, - size_t *priExplen, - uint8_t **prime1, - size_t *prime1len, - uint8_t **prime2, - size_t *prime2len, - uint8_t **exponent1, - size_t *exponent1len, - uint8_t **exponent2, - size_t *exponent2len, - uint8_t **coefficient, - size_t *coefficientlen); - -sss_status_t sss_util_asn1_rsa_parse_private_allow_invalid_key(const uint8_t *key, - size_t keylen, - sss_cipher_type_t cipher_type, - uint8_t **modulus, - size_t *modlen, - uint8_t **pubExp, - size_t *pubExplen, - uint8_t **priExp, - size_t *priExplen, - uint8_t **prime1, - size_t *prime1len, - uint8_t **prime2, - size_t *prime2len, - uint8_t **exponent1, - size_t *exponent1len, - uint8_t **exponent2, - size_t *exponent2len, - uint8_t **coefficient, - size_t *coefficientlen); - -sss_status_t sss_util_asn1_rsa_parse_public_nomalloc( - const uint8_t *key, size_t keylen, uint8_t *modulus, size_t *modlen, uint8_t *pubExp, size_t *pubExplen); - -sss_status_t sss_util_asn1_rsa_parse_public_nomalloc_complete_modulus( - const uint8_t *key, size_t keylen, uint8_t *modulus, size_t *modlen, uint8_t *pubExp, size_t *pubExplen); - -sss_status_t sss_util_asn1_rsa_parse_public( - const uint8_t *key, size_t keylen, uint8_t **modulus, size_t *modlen, uint8_t **pubExp, size_t *pubExplen); - -sss_status_t sss_util_asn1_rsa_get_public( - uint8_t *key, size_t *keylen, uint8_t *modulus, size_t modlen, uint8_t *pubExp, size_t pubExplen); - -#if SSS_HAVE_ECDAA -sss_status_t sss_util_asn1_ecdaa_get_signature( - uint8_t *signature, size_t *signatureLen, uint8_t *rawSignature, size_t rawSignatureLen); -#endif - -sss_status_t sss_util_asn1_get_oid_from_header(uint8_t *input, size_t inLen, uint32_t *output, uint8_t *outLen); - -sss_status_t sss_util_asn1_get_oid_from_sssObj(sss_object_t *pkeyObject, uint32_t *output, uint8_t *outLen); - -sss_status_t sss_util_pkcs8_asn1_get_ec_public_key_index( - const uint8_t *input, size_t inLen, uint16_t *outkeyIndex, size_t *publicKeyLen); - -sss_status_t sss_util_pkcs8_asn1_get_ec_pair_key_index(const uint8_t *input, - size_t inLen, - uint16_t *pubkeyIndex, - size_t *publicKeyLen, - uint16_t *prvkeyIndex, - size_t *privateKeyLen); - -sss_status_t sss_util_rfc8410_asn1_get_ec_pair_key_index(const uint8_t *input, - size_t inLen, - uint16_t *pubkeyIndex, - size_t *publicKeyLen, - uint16_t *prvkeyIndex, - size_t *privateKeyLen); - -int asn_1_parse_tlv(uint8_t *pbuf, size_t *taglen, size_t *bufindex); - -sss_status_t sss_util_asn1_rsa_parse_public_nomalloc( - const uint8_t *key, size_t keylen, uint8_t *modulus, size_t *modlen, uint8_t *pubExp, size_t *pubExplen); - -sss_status_t sss_util_asn1_rsa_parse_public_nomalloc_complete_modulus( - const uint8_t *key, size_t keylen, uint8_t *modulus, size_t *modlen, uint8_t *pubExp, size_t *pubExplen); - -sss_status_t sss_util_openssl_read_pkcs12( - const char *pkcs12_cert, const char *password, uint8_t *private_key, uint8_t *cert); - -sss_status_t sss_util_openssl_write_pkcs12(const char *pkcs12_cert, - const char *password, - const char *ref_key, - long ref_key_length, - const char *cert, - long cert_length); - -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_rsa_sign_utils.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_rsa_sign_utils.h deleted file mode 100644 index c78fd34b0..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc/fsl_sss_util_rsa_sign_utils.h +++ /dev/null @@ -1,28 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef FSL_SSS_UTIL_RSA_SIGN_H -#define FSL_SSS_UTIL_RSA_SIGN_H - -uint8_t pkcs1_v15_encode( - sss_se05x_asymmetric_t *context, const uint8_t *hash, size_t hashlen, uint8_t *out, size_t *outLen); - -uint8_t pkcs1_v15_encode_no_hash( - sss_se05x_asymmetric_t *context, const uint8_t *hash, size_t hashlen, uint8_t *out, size_t *outLen); - -uint8_t sss_mgf_mask_func(uint8_t *dst, - size_t dlen, - uint8_t *src, - size_t slen, - sss_algorithm_t sha_algorithm, - sss_se05x_asymmetric_t *context); - -uint8_t emsa_encode(sss_se05x_asymmetric_t *context, const uint8_t *hash, size_t hashlen, uint8_t *out, size_t *outLen); - -uint8_t emsa_decode_and_compare( - sss_se05x_asymmetric_t *context, uint8_t *sig, size_t siglen, uint8_t *hash, size_t hashlen); - -#endif diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecdsa_verify_alt.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecdsa_verify_alt.h deleted file mode 100644 index 69a324a2d..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecdsa_verify_alt.h +++ /dev/null @@ -1,12 +0,0 @@ -/* - * Copyright 2018-2020 NXP - * - * SPDX-License-Identifier: Apache-2.0 - */ - -#include "fsl_sss_api.h" - -/* - * Set sss keystore for ecdsa verify - */ -void sss_mbedtls_set_sss_keystore(sss_key_store_t *ssskeystore); \ No newline at end of file diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecp_alt.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecp_alt.h deleted file mode 100644 index 88dcf2349..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/ecp_alt.h +++ /dev/null @@ -1,191 +0,0 @@ -/** - * \file ecp_alt.h - * - * \brief This file provides an API for Elliptic Curves over GF(P) (ECP). - * - * The use of ECP in cryptography and TLS is defined in - * Standards for Efficient Cryptography Group (SECG): SEC1 - * Elliptic Curve Cryptography and - * RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites - * for Transport Layer Security (TLS). - * - * RFC-2409: The Internet Key Exchange (IKE) defines ECP - * group types. - * - */ - -/* - * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of Mbed TLS (https://tls.mbed.org) - */ - -#ifndef SSS_ECP_ALT_H_INCLUDED -#define SSS_ECP_ALT_H_INCLUDED - -/* clang-format off */ - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_ECP_ALT) - -#if SSS_HAVE_ALT_SSS -#include -#endif -#if SSS_HAVE_ALT_A71CH -#include "HLSETypes.h" -#endif - -/* - * default mbed TLS elliptic curve arithmetic implementation - * - * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an - * alternative implementation for the whole module and it will replace this - * one.) - */ - -/** - * \brief The ECP group structure. - * - * We consider two types of curve equations: - *
  • Short Weierstrass: y^2 = x^3 + A x + B mod P - * (SEC1 + RFC-4492)
    • - *
  • Montgomery: y^2 = x^3 + A x^2 + x mod P (Curve25519, - * Curve448)
- * In both cases, the generator (\p G) for a prime-order subgroup is fixed. - * - * For Short Weierstrass, this subgroup is the whole curve, and its - * cardinality is denoted by \p N. Our code requires that \p N is an - * odd prime as mbedtls_ecp_mul() requires an odd number, and - * mbedtls_ecdsa_sign() requires that it is prime for blinding purposes. - * - * For Montgomery curves, we do not store \p A, but (A + 2) / 4, - * which is the quantity used in the formulas. Additionally, \p nbits is - * not the size of \p N but the required size for private keys. - * - * If \p modp is NULL, reduction modulo \p P is done using a generic algorithm. - * Otherwise, \p modp must point to a function that takes an \p mbedtls_mpi in the - * range of 0..2^(2*pbits)-1, and transforms it in-place to an integer - * which is congruent mod \p P to the given MPI, and is close enough to \p pbits - * in size, so that it may be efficiently brought in the 0..P-1 range by a few - * additions or subtractions. Therefore, it is only an approximative modular - * reduction. It must return 0 on success and non-zero on failure. - * - */ -typedef struct -{ - mbedtls_ecp_group_id id; /*!< An internal group identifier. */ - mbedtls_mpi P; /*!< The prime modulus of the base field. */ - mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For - Montgomery curves: (A + 2) / 4. */ - mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation. - For Montgomery curves: unused. */ - mbedtls_ecp_point G; /*!< The generator of the subgroup used. */ - mbedtls_mpi N; /*!< The order of \p G. */ - size_t pbits; /*!< The number of bits in \p P.*/ - size_t nbits; /*!< For Short Weierstrass: The number of bits in \p P. - For Montgomery curves: the number of bits in the - private keys. */ - unsigned int h; /*!< \internal 1 if the constants are static. */ - int (*modp)(mbedtls_mpi *); /*!< The function for fast pseudo-reduction - mod \p P (see above).*/ - int (*t_pre)(mbedtls_ecp_point *, void *); /*!< Unused. */ - int (*t_post)(mbedtls_ecp_point *, void *); /*!< Unused. */ - void *t_data; /*!< Unused. */ - mbedtls_ecp_point *T; /*!< Pre-computed points for ecp_mul_comb(). */ - size_t T_size; /*!< The number of pre-computed points. */ - -#if SSS_HAVE_ALT_A71CH - /** Reference to object mapped between HLSE Layer of A71CH Host library */ - HLSE_OBJECT_HANDLE hlse_handle; -#endif -#if SSS_HAVE_ALT_SSS - /** Reference to object mapped between SSS Layer */ - sss_object_t* pSSSObject; - sss_key_store_t* hostKs; -#endif -} -mbedtls_ecp_group; - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h, or define them using the compiler command line. - * \{ - */ - -#if !defined(MBEDTLS_ECP_MAX_BITS) -/** - * The maximum size of the groups, that is, of \c N and \c P. - */ -#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */ -#endif - -#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) -#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) - -#if !defined(MBEDTLS_ECP_WINDOW_SIZE) -/* - * Maximum "window" size used for point multiplication. - * Default: 6. - * Minimum value: 2. Maximum value: 7. - * - * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) ) - * points used for point multiplication. This value is directly tied to EC - * peak memory usage, so decreasing it by one should roughly cut memory usage - * by two (if large curves are in use). - * - * Reduction in size may reduce speed, but larger curves are impacted first. - * Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1): - * w-size: 6 5 4 3 2 - * 521 145 141 135 120 97 - * 384 214 209 198 177 146 - * 256 320 320 303 262 226 - * 224 475 475 453 398 342 - * 192 640 640 633 587 476 - */ -#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */ -#endif /* MBEDTLS_ECP_WINDOW_SIZE */ - -#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) -/* - * Trade memory for speed on fixed-point multiplication. - * - * This speeds up repeated multiplication of the generator (that is, the - * multiplication in ECDSA signatures, and half of the multiplications in - * ECDSA verification and ECDHE) by a factor roughly 3 to 4. - * - * The cost is increasing EC peak memory usage by a factor roughly 2. - * - * Change this value to 0 to reduce peak memory usage. - */ -#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */ -#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ - -/* \} name SECTION: Module settings */ - -#endif /* MBEDTLS_ECP_ALT */ - -#ifdef __cplusplus -} -#endif - -/* clang-format on */ - -#endif /* SSS_ECP_ALT_H_INCLUDED */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/rsa_alt.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/rsa_alt.h deleted file mode 100644 index e7ba8da2b..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/rsa_alt.h +++ /dev/null @@ -1,86 +0,0 @@ -/** - * \file rsa.h - * - * \brief This file provides an API for the RSA public-key cryptosystem. - * - * The RSA public-key cryptosystem is defined in Public-Key - * Cryptography Standards (PKCS) #1 v1.5: RSA Encryption - * and Public-Key Cryptography Standards (PKCS) #1 v2.1: - * RSA Cryptography Specifications. - * - */ -/* - * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved - * Copyright (C) 2019, NXP, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of Mbed TLS (https://tls.mbed.org) - */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_RSA_ALT) -#include - -typedef struct -{ - int ver; /*!< Always 0.*/ - size_t len; /*!< The size of \p N in Bytes. */ - - mbedtls_mpi N; /*!< The public modulus. */ - mbedtls_mpi E; /*!< The public exponent. */ - - mbedtls_mpi D; /*!< The private exponent. */ - mbedtls_mpi P; /*!< The first prime factor. */ - mbedtls_mpi Q; /*!< The second prime factor. */ - - mbedtls_mpi DP; /*!< D % (P - 1). */ - mbedtls_mpi DQ; /*!< D % (Q - 1). */ - mbedtls_mpi QP; /*!< 1 / (Q % P). */ - - mbedtls_mpi RN; /*!< cached R^2 mod N. */ - - mbedtls_mpi RP; /*!< cached R^2 mod P. */ - mbedtls_mpi RQ; /*!< cached R^2 mod Q. */ - - mbedtls_mpi Vi; /*!< The cached blinding value. */ - mbedtls_mpi Vf; /*!< The cached un-blinding value. */ - - int padding; /*!< Selects padding mode: - #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and - #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ - int hash_id; /*!< Hash identifier of mbedtls_md_type_t type, - as specified in md.h for use in the MGF - mask generating function used in the - EME-OAEP and EMSA-PSS encodings. */ -#if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex. */ -#endif - - /** Reference to object mapped between SSS Layer */ - sss_object_t *pSSSObject; -} mbedtls_rsa_context; - -#endif /* MBEDTLS_RSA_ALT */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls.h deleted file mode 100644 index a559e1900..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * - * Copyright 2018-2020 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @par Description - * Implementation of key association between NXP Secure Element and mbedtls. - * @par History - * 1.0 30-jan-2018 : Initial version - * - *****************************************************************************/ - -#ifndef AX_MBEDTLS_H -#define AX_MBEDTLS_H - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#if SSS_HAVE_ALT_SSS -#include "sss_mbedtls.h" -#else -#include "ax_mbedtls.h" -#endif - -#include - -#if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM -#include -#endif -#if SSS_HAVE_MBEDTLS -#include -#endif - -/** @ingroup ax_mbed_tls */ -/** @{ */ - -#include "fsl_sss_api.h" -#include "mbedtls/pk.h" -#include "mbedtls/ssl.h" - -/** - * @brief Associate a keypair provisioned in the secure element for - * subsequent operations. - * - * @param[out] pkey Pointer to the mbedtls_pk_context which will be - * associated with data corresponding to the key_index - * - * @param[in] pkeyObject The object that we are going to be use. - * - * @return 0 if successful, or 1 if unsuccessful - */ -int sss_mbedtls_associate_keypair(mbedtls_pk_context *pkey, sss_object_t *pkeyObject); - -/** - * @brief Associate a pubkey provisioned in the secure element for - * subsequent operations. - * - * @param[out] pkey Pointer to the mbedtls_pk_context which will be - * associated with data corresponding to the key index - * - * @param[in] pkeyObject The object that we are going to be use. - * - * @return 0 if successful, or 1 if unsuccessful - */ -int sss_mbedtls_associate_pubkey(mbedtls_pk_context *pkey, sss_object_t *pkeyObject); - -/** - * @brief Update ECDSA HandShake key with given inded. - * - * @param[in,out] handshake Pointer to the mbedtls_ssl_handshake_params which - * will be associated with data corresponding to the - * key index - * - * @param[in] pkeyObject The object that we are going to be use. - * - * @param[in] hostKs Keystore to host for session key. - * - * @return 0 if successful, or 1 if unsuccessful - */ - -int sss_mbedtls_associate_ecdhctx( - mbedtls_ssl_handshake_params *handshake, sss_object_t *pkeyObject, sss_key_store_t *hostKs); - -/** @} */ - -/** - * \brief This function frees the components of a key pair. Original implementation - * \param key The key pair to free. - */ -void mbedtls_ecp_keypair_free_o(mbedtls_ecp_keypair *key); - -/** - * same as ``mbedtls_ecp_tls_read_group`` - */ -int mbedtls_ecp_tls_read_group_o(mbedtls_ecp_group *grp, const unsigned char **buf, size_t len); - -#endif /* AX_MBEDTLS_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls_x86_config.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls_x86_config.h deleted file mode 100644 index a312a7970..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls/sss_mbedtls_x86_config.h +++ /dev/null @@ -1,3368 +0,0 @@ -/** - * \file sss_mbedtls_x86_config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -/* - * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved - * Copyright 2020 NXP - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef MBEDTLS_CONFIG_X86_H -#define MBEDTLS_CONFIG_X86_H - -/* clang-format off */ - -#if defined(SSS_USE_FTR_FILE) -#include "fsl_sss_ftr.h" -#else -#include "fsl_sss_ftr_default.h" -#endif - -#ifdef CHECK_MEMORY - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -#define MBEDTLS_PLATFORM_MEMORY - -void tstDoTraceAndFree( - const char * szWhat, - const char * szFunction, const unsigned int line, - void * pWhat ); - -void * tstDoTraceAndCalloc( - const char * szNUM, const char * szSize, - const char * szFunction, const unsigned int line, - const unsigned int num, const unsigned int size ); - -#define MBEDTLS_PLATFORM_FREE_MACRO(WHAT) \ - tstDoTraceAndFree(#WHAT, __FUNCTION__, __LINE__, WHAT ) -#define MBEDTLS_PLATFORM_CALLOC_MACRO(NUM, SIZE) \ - tstDoTraceAndCalloc(#NUM, #SIZE, __FUNCTION__, __LINE__, NUM, SIZE ) - -#define MBEDTLS_MEMORY_DEBUG -#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -#endif /* CHECK_MEMORY */ - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/aria.c - * library/timing.c - * include/mbedtls/bn_mul.h - * - * Required by: - * MBEDTLS_AESNI_C - * MBEDTLS_PADLOCK_C - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_NO_UDBL_DIVISION - * - * The platform lacks support for double-width integer division (64-bit - * division on a 32-bit platform, 128-bit division on a 64-bit platform). - * - * Used in: - * include/mbedtls/bignum.h - * library/bignum.c - * - * The bignum code uses double-width division to speed up some operations. - * Double-width division is often implemented in software that needs to - * be linked with the program. The presence of a double-width integer - * type is usually detected automatically through preprocessor macros, - * but the automatic detection cannot know whether the code needs to - * and can be linked with an implementation of division for that type. - * By default division is assumed to be usable if the type is present. - * Uncomment this option to prevent the use of double-width division. - * - * Note that division for the native integer type is always required. - * Furthermore, a 64-bit type is always required even on a 32-bit - * platform, but it need not support multiplication or division. In some - * cases it is also desirable to disable some double-width operations. For - * example, if double-width division is implemented in software, disabling - * it can reduce code size in some embedded targets. - */ -//#define MBEDTLS_NO_UDBL_DIVISION - -/** - * \def MBEDTLS_NO_64BIT_MULTIPLICATION - * - * The platform lacks support for 32x32 -> 64-bit multiplication. - * - * Used in: - * library/poly1305.c - * - * Some parts of the library may use multiplication of two unsigned 32-bit - * operands with a 64-bit result in order to speed up computations. On some - * platforms, this is not available in hardware and has to be implemented in - * software, usually in a library provided by the toolchain. - * - * Sometimes it is not desirable to have to link to that library. This option - * removes the dependency of that library on platforms that lack a hardware - * 64-bit multiplier by embedding a software implementation in Mbed TLS. - * - * Note that depending on the compiler, this may decrease performance compared - * to using the library function provided by the toolchain. - */ -//#define MBEDTLS_NO_64BIT_MULTIPLICATION - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions - */ -#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h, time(), and an implementation for - * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necesarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - * - * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that - * behaves similarly to the gmtime_r() function from the C standard. Refer to - * the documentation for mbedtls_platform_gmtime_r() for more information. - * - * \note It is possible to configure an implementation for - * mbedtls_platform_gmtime_r() at compile-time by using the macro - * MBEDTLS_PLATFORM_GMTIME_R_ALT. - */ -#define MBEDTLS_HAVE_TIME_DATE - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -//#define MBEDTLS_PLATFORM_MEMORY - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT -//#define MBEDTLS_PLATFORM_FPRINTF_ALT -//#define MBEDTLS_PLATFORM_PRINTF_ALT -//#define MBEDTLS_PLATFORM_SNPRINTF_ALT -//#define MBEDTLS_PLATFORM_NV_SEED_ALT -//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_REMOVED - -/** - * \def MBEDTLS_CHECK_PARAMS - * - * This configuration option controls whether the library validates more of - * the parameters passed to it. - * - * When this flag is not defined, the library only attempts to validate an - * input parameter if: (1) they may come from the outside world (such as the - * network, the filesystem, etc.) or (2) not validating them could result in - * internal memory errors such as overflowing a buffer controlled by the - * library. On the other hand, it doesn't attempt to validate parameters whose - * values are fully controlled by the application (such as pointers). - * - * When this flag is defined, the library additionally attempts to validate - * parameters that are fully controlled by the application, and should always - * be valid if the application code is fully correct and trusted. - * - * For example, when a function accepts as input a pointer to a buffer that may - * contain untrusted data, and its documentation mentions that this pointer - * must not be NULL: - * - the pointer is checked to be non-NULL only if this option is enabled - * - the content of the buffer is always validated - * - * When this flag is defined, if a library function receives a parameter that - * is invalid, it will: - * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a - * call to the function mbedtls_param_failed() - * - immediately return (with a specific error code unless the function - * returns void and can't communicate an error). - * - * When defining this flag, you also need to: - * - either provide a definition of the function mbedtls_param_failed() in - * your application (see platform_util.h for its prototype) as the library - * calls that function, but does not provide a default definition for it, - * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() - * below if the above mechanism is not flexible enough to suit your needs. - * See the documentation of this macro later in this file. - * - * Uncomment to enable validation of application-controlled parameters. - */ -//#define MBEDTLS_CHECK_PARAMS - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternate core implementation of a symmetric crypto, an arithmetic or hash - * module (e.g. platform specific assembly optimized implementations). Keep - * in mind that the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base - * function declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - * - * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their - * use constitutes a security risk. If possible, we recommend - * avoiding dependencies on them, and considering stronger message - * digests and ciphers instead. - * - */ -//#define MBEDTLS_AES_ALT -//#define MBEDTLS_ARC4_ALT -//#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_BLOWFISH_ALT -//#define MBEDTLS_CAMELLIA_ALT -//#define MBEDTLS_CCM_ALT -//#define MBEDTLS_CHACHA20_ALT -//#define MBEDTLS_CHACHAPOLY_ALT -//#define MBEDTLS_CMAC_ALT -//#define MBEDTLS_DES_ALT -//#define MBEDTLS_DHM_ALT -//#define MBEDTLS_ECJPAKE_ALT -//#define MBEDTLS_GCM_ALT -//#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT -//#define MBEDTLS_MD5_ALT -//#define MBEDTLS_POLY1305_ALT -//#define MBEDTLS_RIPEMD160_ALT -//#define MBEDTLS_RSA_ALT -//#define MBEDTLS_SHA1_ALT -//#define MBEDTLS_SHA256_ALT -//#define MBEDTLS_SHA512_ALT -//#define MBEDTLS_XTEA_ALT - -/* - * When replacing the elliptic curve module, pleace consider, that it is - * implemented with two .c files: - * - ecp.c - * - ecp_curves.c - * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT - * macros as described above. The only difference is that you have to make sure - * that you provide functionality for both .c files. - */ - -#if defined(SSS_HAVE_ALT) && (SSS_HAVE_ALT) -# define MBEDTLS_ECP_ALT -# define MBEDTLS_RSA_ALT -#endif /* SSS_HAVE_ALT */ -//#define MBEDTLS_ECP_ALT - - -/** - * - MBEDTLS_ECDSA_VERIFY_ALT - * To use SE for all public key ecdsa verify operation, enable MBEDTLS_ECDSA_VERIFY_ALT - */ - -#if defined(SSS_HAVE_ALT) && (SSS_HAVE_ALT) -# define MBEDTLS_ECDH_ALT -# define MBEDTLS_ECDH_GEN_PUBLIC_ALT -# define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//# define MBEDTLS_ECDSA_VERIFY_ALT -#endif /* SSS_HAVE_ALT */ -//#define MBEDTLS_ECDH_ALT - -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. - * - * \note If you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT -//#define MBEDTLS_AES_DECRYPT_ALT -//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT -//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//#define MBEDTLS_ECDSA_VERIFY_ALT -//#define MBEDTLS_ECDSA_SIGN_ALT -//#define MBEDTLS_ECDSA_GENKEY_ALT - -/** - * \def MBEDTLS_ECP_INTERNAL_ALT - * - * Expose a part of the internal interface of the Elliptic Curve Point module. - * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternative core implementation of elliptic curve arithmetic. Keep in mind - * that function prototypes should remain the same. - * - * This partially replaces one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation - * is still present and it is used for group structures not supported by the - * alternative. - * - * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT - * and implementing the following functions: - * unsigned char mbedtls_internal_ecp_grp_capable( - * const mbedtls_ecp_group *grp ) - * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) - * The mbedtls_internal_ecp_grp_capable function should return 1 if the - * replacement functions implement arithmetic for the given group and 0 - * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are - * called before and after each point operation and provide an opportunity to - * implement optimized set up and tear down instructions. - * - * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac - * function, but will use your mbedtls_internal_ecp_double_jac if the group is - * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when - * receives it as an argument). If the group is not supported then the original - * implementation is used. The other functions and the definition of - * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your - * implementation of mbedtls_internal_ecp_double_jac and - * mbedtls_internal_ecp_grp_capable must be compatible with this definition. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -/* Required for all the functions in this section */ -//#define MBEDTLS_ECP_INTERNAL_ALT -/* Support for Weierstrass curves with Jacobi representation */ -//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT -//#define MBEDTLS_ECP_ADD_MIXED_ALT -//#define MBEDTLS_ECP_DOUBLE_JAC_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT -/* Support for curves with Montgomery arithmetic */ -//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT -//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT -//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT - -/** - * \def MBEDTLS_TEST_NULL_ENTROPY - * - * Enables testing and use of mbed TLS without any configured entropy sources. - * This permits use of the library on platforms before an entropy source has - * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the - * MBEDTLS_ENTROPY_NV_SEED switches). - * - * WARNING! This switch MUST be disabled in production builds, and is suitable - * only for development. - * Enabling the switch negates any security provided by the library. - * - * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - */ -//#define MBEDTLS_TEST_NULL_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in entropy_poll.h, and accept NULL as first argument. - * - * Uncomment to use your own hardware entropy collector. - */ -//#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Use precomputed AES tables stored in ROM. - * - * Uncomment this macro to use precomputed AES tables stored in ROM. - * Comment this macro to generate AES tables in RAM at runtime. - * - * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb - * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the - * initialization time before the first AES operation can be performed. - * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c - * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded - * performance if ROM access is slower than RAM access. - * - * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * - */ -//#define MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_AES_FEWER_TABLES - * - * Use less ROM/RAM for AES tables. - * - * Uncommenting this macro omits 75% of the AES tables from - * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) - * by computing their values on the fly during operations - * (the tables are entry-wise rotations of one another). - * - * Tradeoff: Uncommenting this reduces the RAM / ROM footprint - * by ~6kb but at the cost of more arithmetic operations during - * runtime. Specifically, one has to compare 4 accesses within - * different tables to 4 accesses with additional arithmetic - * operations within the same table. The performance gain/loss - * depends on the system and memory details. - * - * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * - */ -//#define MBEDTLS_AES_FEWER_TABLES - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CFB - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_OFB - * - * Enable Output Feedback mode (OFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_OFB - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#define MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#define MBEDTLS_CIPHER_PADDING_ZEROS - -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES - * - * Remove 3DES ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on 3DES from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible - * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including - * them explicitly. - * - * A man-in-the-browser attacker can recover authentication tokens sent through - * a TLS connection using a 3DES based cipher suite (see "On the Practical - * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan - * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls - * in your threat model or you are unsure, then you should keep this option - * enabled to remove 3DES based cipher suites. - * - * Comment this macro to keep 3DES in the default ciphersuite list. - */ -#define MBEDTLS_REMOVE_3DES_CIPHERSUITES - -/** - * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED - * - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_ECP_DP_CURVE448_ENABLED - -#ifdef TGT_A71CH -# undef MBEDTLS_ECP_DP_SECP192R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP224R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP384R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP521R1_ENABLED -# undef MBEDTLS_ECP_DP_SECP192K1_ENABLED -# undef MBEDTLS_ECP_DP_SECP224K1_ENABLED -# undef MBEDTLS_ECP_DP_SECP256K1_ENABLED -# undef MBEDTLS_ECP_DP_BP256R1_ENABLED -# undef MBEDTLS_ECP_DP_BP384R1_ENABLED -# undef MBEDTLS_ECP_DP_BP512R1_ENABLED -# undef MBEDTLS_ECP_DP_CURVE25519_ENABLED -# undef MBEDTLS_ECP_DP_CURVE448_ENABLED -#endif - - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define MBEDTLS_ECP_NIST_OPTIM - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * Uncomment this macro to enable restartable ECC computations. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. - */ -//#define MBEDTLS_ECP_RESTARTABLE - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#define MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#define MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific, - * mbedtls_timing_hardclock and HAVEGE based poll functions. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -//#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_ENTROPY_NV_SEED - * - * Enable the non-volatile (NV) seed file-based entropy source. - * (Also enables the NV seed read/write functions in the platform layer) - * - * This is crucial (if not required) on systems that do not have a - * cryptographic entropy source (in hardware or kernel) available. - * - * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C - * - * \note The read/write functions that are used by the entropy source are - * determined in the platform layer, and can be modified at runtime and/or - * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. - * - * \note If you use the default implementation functions that read a seedfile - * with regular fopen(), please make sure you make a seedfile with the - * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at - * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from - * and written to or you will get an entropy source error! The default - * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE - * bytes from the file. - * - * \note The entropy collector will write to the seed file before entropy is - * given to an external source, to update it. - */ -//#define MBEDTLS_ENTROPY_NV_SEED - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define MBEDTLS_PKCS1_V21 - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -//#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonnable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -//#define MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -//#define MBEDTLS_SSL_PROTO_SSL3 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintainance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - * - * Fallback to old (pre-2.7), non-conforming implementation of the truncated - * HMAC extension which also truncates the HMAC key. Note that this option is - * only meant for a transitory upgrade period and is likely to be removed in - * a future version of the library. - * - * \warning The old implementation is non-compliant and has a security weakness - * (2^80 brute force attack on the HMAC key used for a single, - * uninterrupted connection). This should only be enabled temporarily - * when (1) the use of truncated HMAC is essential in order to save - * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use - * the fixed implementation yet (pre-2.7). - * - * \deprecated This option is deprecated and will likely be removed in a - * future version of Mbed TLS. - * - * Uncomment to fallback to old, non-compliant truncated HMAC implementation. - * - * Requires: MBEDTLS_SSL_TRUNCATED_HMAC - */ -//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -//#define MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be a applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * \deprecated This feature is deprecated and will be removed - * in the next major revision of the library. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/cipher.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#define MBEDTLS_AES_C - -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on - * it, and considering stronger ciphers instead. - * - */ -#define MBEDTLS_ARC4_C - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/rsa_internal.c - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define MBEDTLS_BLOWFISH_C - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#define MBEDTLS_CAMELLIA_C - -/** - * \def MBEDTLS_ARIA_C - * - * Enable the ARIA block cipher. - * - * Module: library/aria.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 - */ -//#define MBEDTLS_ARIA_C - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#define MBEDTLS_CCM_C - -/** - * \def MBEDTLS_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -#define MBEDTLS_CERTS_C - -/** - * \def MBEDTLS_CHACHA20_C - * - * Enable the ChaCha20 stream cipher. - * - * Module: library/chacha20.c - */ -#define MBEDTLS_CHACHA20_C - -/** - * \def MBEDTLS_CHACHAPOLY_C - * - * Enable the ChaCha20-Poly1305 AEAD algorithm. - * - * Module: library/chachapoly.c - * - * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C - */ -#define MBEDTLS_CHACHAPOLY_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -#define MBEDTLS_CMAC_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-based random generator. - * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C - * - * This module provides the CTR_DRBG AES random number generator. - */ -#define MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -#define MBEDTLS_DES_C - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#define MBEDTLS_ECDH_C - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C - */ -#define MBEDTLS_ECDSA_C - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C - */ -//#define MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#define MBEDTLS_ECP_C - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#define MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#define MBEDTLS_GCM_C - -/** - * \def MBEDTLS_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: MBEDTLS_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define MBEDTLS_HAVEGE_C - -/** - * \def MBEDTLS_HKDF_C - * - * Enable the HKDF algorithm (RFC 5869). - * - * Module: library/hkdf.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the Hashed Message Authentication Code - * (HMAC)-based key derivation function (HKDF). - */ -#define MBEDTLS_HKDF_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_NIST_KW_C - * - * Enable the Key Wrapping mode for 128-bit block ciphers, - * as defined in NIST SP 800-38F. Only KW and KWP modes - * are supported. At the moment, only AES is approved by NIST. - * - * Module: library/nist_kw.c - * - * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C - */ -//#define MBEDTLS_NIST_KW_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD4_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 - * depending on the handshake parameters. Further, it is used for checking - * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded - * encrypted keys. - * - * \warning MD5 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#define MBEDTLS_PEM_PARSE_C - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define MBEDTLS_PEM_WRITE_C - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: MBEDTLS_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define MBEDTLS_PKCS11_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other module rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_POLY1305_C - * - * Enable the Poly1305 MAC algorithm. - * - * Module: library/poly1305.c - * Caller: library/chachapoly.c - */ -#define MBEDTLS_POLY1305_C - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#define MBEDTLS_RIPEMD160_C - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * library/rsa_internal.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#define MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 - * depending on the handshake parameters, and for SHA1-signed certificates. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-224 and SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This module adds support for SHA-384 and SHA-512. - */ -#define MBEDTLS_SHA512_C - -#if (SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM) -#undef MBEDTLS_SHA512_C -#endif - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. See also our Knowledge Base article about threading: - * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -//#define MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define MBEDTLS_XTEA_C - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ -//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ - -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ - -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for certificate signing. - * Without this build-time option, SHA-1 support must be activated explicitly - * through mbedtls_ssl_conf_cert_profile. Turning on this option is not - * recommended because of it is possible to generate SHA-1 collisions, however - * this may be safe for legacy infrastructure where additional controls apply. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations - * - * Allow user to override any previous default. - * - */ -#if defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#include "mbedtls/check_config.h" - -/* clang-format on */ - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/port/default/fsl_sss_types.h b/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/port/default/fsl_sss_types.h deleted file mode 100644 index 969be8767..000000000 --- a/cores/arduino/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/port/default/fsl_sss_types.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2018,2019 NXP - * SPDX-License-Identifier: Apache-2.0 - */ - -#ifndef FSL_SSS_TYPES_H -#define FSL_SSS_TYPES_H - -#include -#include -#include - -#if (__STDC__ && !__MBED__) -#include -#endif - -#ifndef FALSE -#define FALSE false -#endif - -#ifndef TRUE -#define TRUE true -#endif - -#ifndef ARRAY_SIZE -#define ARRAY_SIZE(array) (sizeof(array) / (sizeof(array[0]))) -#endif - -#if __MBED__ -#include "mbed_assert.h" -#define assert_static(e) MBED_ASSERT(e) -#else -#define assert_static(e) \ - { \ - char assert_static__[(e) ? 1 : -1]; \ - assert_static__; \ - } -#endif - -/** Compile time assert */ -#define SSS_ASSERT(condition) assert_static(condition) - -/*! @brief Compile time sizeof() check */ -#define SSCP_BUILD_ASSURE(condition, msg) assert_static(condition) - -/* snprintf definition for MSVisualC */ -#ifdef _MSC_VER -#define SNPRINTF _snprintf -#define STRNICMP _strnicmp -#else /* _MSC_VER*/ -#define SNPRINTF snprintf -#define STRNICMP strncasecmp -#endif /*_MSC_VER*/ - -#ifndef SSS_MALLOC -#define SSS_MALLOC malloc -#endif // SSS_MALLOC - -#ifndef SSS_FREE -#define SSS_FREE free -#endif // SSS_FREE - -#ifndef SSS_CALLOC -#define SSS_CALLOC calloc -#endif // SSS_CALLOC - -#endif /* FSL_SSS_TYPES_H */ From 494f82ba516bc9b30fb1af1ff11bd31e4965ed9b Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Wed, 15 Apr 2026 15:53:49 +0200 Subject: [PATCH 4/6] se05x: remove arduino library from the core --- .github/workflows/compile-examples.yml | 1 - .../SE05XImportPublicKey.ino | 86 --- .../SE05XPrivateKey/SE05XPrivateKey.ino | 41 -- .../SE05XRandomNumber/SE05XRandomNumber.ino | 29 - .../SE05XSignAndVerify/SE05XSignAndVerify.ino | 82 --- libraries/SE05X/library.properties | 9 - libraries/SE05X/src/SE05X.cpp | 644 ------------------ libraries/SE05X/src/SE05X.h | 100 --- libraries/SE05X/src/WiFiSSLSE050Client.cpp | 43 -- libraries/SE05X/src/WiFiSSLSE050Client.h | 77 --- 10 files changed, 1112 deletions(-) delete mode 100644 libraries/SE05X/examples/SE05XImportPublicKey/SE05XImportPublicKey.ino delete mode 100644 libraries/SE05X/examples/SE05XPrivateKey/SE05XPrivateKey.ino delete mode 100644 libraries/SE05X/examples/SE05XRandomNumber/SE05XRandomNumber.ino delete mode 100644 libraries/SE05X/examples/SE05XSignAndVerify/SE05XSignAndVerify.ino delete mode 100644 libraries/SE05X/library.properties delete mode 100644 libraries/SE05X/src/SE05X.cpp delete mode 100644 libraries/SE05X/src/SE05X.h delete mode 100644 libraries/SE05X/src/WiFiSSLSE050Client.cpp delete mode 100644 libraries/SE05X/src/WiFiSSLSE050Client.h diff --git a/.github/workflows/compile-examples.yml b/.github/workflows/compile-examples.yml index 6cb1406db..b17c614a6 100644 --- a/.github/workflows/compile-examples.yml +++ b/.github/workflows/compile-examples.yml @@ -129,7 +129,6 @@ jobs: - libraries/PDM - libraries/Camera/examples/CameraCaptureRawBytes - libraries/Camera/examples/CameraCaptureZoomPan - - libraries/SE05X - libraries/STM32H747_System - libraries/ThreadDebug - libraries/USBHID diff --git a/libraries/SE05X/examples/SE05XImportPublicKey/SE05XImportPublicKey.ino b/libraries/SE05X/examples/SE05XImportPublicKey/SE05XImportPublicKey.ino deleted file mode 100644 index 25e17cb99..000000000 --- a/libraries/SE05X/examples/SE05XImportPublicKey/SE05XImportPublicKey.ino +++ /dev/null @@ -1,86 +0,0 @@ -/* - SE05X ImportAndVerify - - This sketch uses the SE05X to generate a new EC NIST P-256 keypair - and store it with id 999, then input buffer SHA256 is signed with the private - key. The public key is imported with another id 899 into SE05X and the - signature is checked using the imported public key. - - Circuit: - - Portenta - - Nicla Vision -*/ - -#include - -const byte input[64] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f -}; - -void printBufferHex(const byte input[], size_t inputLength) { - for (int i = 0; i < inputLength; i++) { - Serial.print(input[i] >> 4, HEX); - Serial.print(input[i] & 0x0f, HEX); - } - Serial.println(); -} - -void setup() { - Serial.begin(9600); - while (!Serial); - - if (!SE05X.begin()) { - Serial.println("Failed to communicate with SE05X!"); - while (1); - } - - const int privKeyId = 999; - const int publKeyId = 899; - byte derBuf[256]; - size_t derSize; - - SE05X.generatePrivateKey(privKeyId, derBuf, sizeof(derBuf), &derSize); - - // print the input - Serial.print("Input is: "); - printBufferHex(input, sizeof(input)); - - //calculate the input SHA256 - byte sha256[256]; - size_t sha256Len; - SE05X.SHA256(input, sizeof(input), sha256, sizeof(sha256), &sha256Len); - Serial.print("Input SHA256 is: "); - printBufferHex(sha256, sha256Len); - - // calculate the signature, input MUST be SHA256 - byte signature[256]; - size_t signatureLen; - SE05X.Sign(privKeyId, sha256, sha256Len, signature, sizeof(signature), &signatureLen); - - // print the signature - Serial.print("Signature using KeyId "); - Serial.print(privKeyId); - Serial.print(" is: "); - printBufferHex(signature, signatureLen); - - Serial.println(); - - SE05X.importPublicKey(publKeyId, derBuf, derSize); - - // To make the signature verifcation fail, uncomment the next line: - // signature[0] = 0x00; - - // validate the signature - if (SE05X.Verify(publKeyId, sha256, sha256Len, signature, signatureLen)) { - Serial.println("Verified signature successfully :D"); - } else { - Serial.println("oh no! failed to verify signature :("); - } -} - -void loop() { - -} diff --git a/libraries/SE05X/examples/SE05XPrivateKey/SE05XPrivateKey.ino b/libraries/SE05X/examples/SE05XPrivateKey/SE05XPrivateKey.ino deleted file mode 100644 index f30ebc651..000000000 --- a/libraries/SE05X/examples/SE05XPrivateKey/SE05XPrivateKey.ino +++ /dev/null @@ -1,41 +0,0 @@ -/* - SE05X Private Key - - This sketch uses the SE05X to generate a new EC NIST P-256 keypair - and store it with id 999, then the public key is printed in DER format. - - Circuit: - - Portenta - - Nicla Vision -*/ - -#include - -void printBufferHex(const byte input[], size_t inputLength) { - for (int i = 0; i < inputLength; i++) { - Serial.print(input[i] >> 4, HEX); - Serial.print(input[i] & 0x0f, HEX); - } - Serial.println(); -} - -void setup() { - Serial.begin(9600); - while (!Serial); - - if (!SE05X.begin()) { - Serial.println("Failed to communicate with SE05X!"); - while (1); - } - - const int KeyId = 999; - byte derBuf[256]; - size_t derSize; - - SE05X.generatePrivateKey(KeyId, derBuf, sizeof(derBuf), &derSize); - printBufferHex(derBuf, derSize); -} - -void loop() { - -} diff --git a/libraries/SE05X/examples/SE05XRandomNumber/SE05XRandomNumber.ino b/libraries/SE05X/examples/SE05XRandomNumber/SE05XRandomNumber.ino deleted file mode 100644 index 2a3e216c4..000000000 --- a/libraries/SE05X/examples/SE05XRandomNumber/SE05XRandomNumber.ino +++ /dev/null @@ -1,29 +0,0 @@ -/* - SE05X Random Number - - This sketch uses the SE05X to generate a random number - every second and print it to the Serial monitor - - Circuit: - - Portenta - - Nicla Vision -*/ - -#include - -void setup() { - Serial.begin(9600); - while (!Serial); - - if (!SE05X.begin()) { - Serial.println("Failed to communicate with SE05X!"); - while (1); - } -} - -void loop() { - Serial.print("Random number = "); - Serial.println(SE05X.random(65535)); - - delay(1000); -} diff --git a/libraries/SE05X/examples/SE05XSignAndVerify/SE05XSignAndVerify.ino b/libraries/SE05X/examples/SE05XSignAndVerify/SE05XSignAndVerify.ino deleted file mode 100644 index 1209ac141..000000000 --- a/libraries/SE05X/examples/SE05XSignAndVerify/SE05XSignAndVerify.ino +++ /dev/null @@ -1,82 +0,0 @@ -/* - SE05X SignAndVerify - - This sketch uses the SE05X to generate a new EC NIST P-256 keypair - and store it with id 999, then input buffer SHA256 is signed with the private - key and verified with the public key. - - Circuit: - - Portenta - - Nicla Vision -*/ - -#include - -const byte input[64] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f -}; - -void printBufferHex(const byte input[], size_t inputLength) { - for (int i = 0; i < inputLength; i++) { - Serial.print(input[i] >> 4, HEX); - Serial.print(input[i] & 0x0f, HEX); - } - Serial.println(); -} - -void setup() { - Serial.begin(9600); - while (!Serial); - - if (!SE05X.begin()) { - Serial.println("Failed to communicate with SE05X!"); - while (1); - } - - const int KeyId = 999; - byte derBuf[256]; - size_t derSize; - - SE05X.generatePrivateKey(KeyId, derBuf, sizeof(derBuf), &derSize); - - // print the input - Serial.print("Input is: "); - printBufferHex(input, sizeof(input)); - - //calculate the input SHA256 - byte sha256[256]; - size_t sha256Len; - SE05X.SHA256(input, sizeof(input), sha256, sizeof(sha256), &sha256Len); - Serial.print("Input SHA256 is: "); - printBufferHex(sha256, sha256Len); - - // calculate the signature, input MUST be SHA256 - byte signature[256]; - size_t signatureLen; - SE05X.Sign(KeyId, sha256, sha256Len, signature, sizeof(signature), &signatureLen); - - // print the signature - Serial.print("Signature using KeyId "); - Serial.print(KeyId); - Serial.print(" is: "); - printBufferHex(signature, signatureLen); - - Serial.println(); - - // To make the signature verifcation fail, uncomment the next line: - // signature[0] = 0x00; - - // validate the signature - if (SE05X.Verify(KeyId, sha256, sha256Len, signature, signatureLen)) { - Serial.println("Verified signature successfully :D"); - } else { - Serial.println("oh no! failed to verify signature :("); - } -} - -void loop() { - -} diff --git a/libraries/SE05X/library.properties b/libraries/SE05X/library.properties deleted file mode 100644 index f083826ce..000000000 --- a/libraries/SE05X/library.properties +++ /dev/null @@ -1,9 +0,0 @@ -name=SE05X -version=0.0.1 -author=Arduino -maintainer=Arduino -sentence=Arduino Library for the NXP SE05X crypto chips -paragraph= -category=Communication -url=https://github.com/arduino/ArduinoCore-mbed/tree/master/libraries/SE05X -architectures=mbed_nicla diff --git a/libraries/SE05X/src/SE05X.cpp b/libraries/SE05X/src/SE05X.cpp deleted file mode 100644 index 1fb3dfe22..000000000 --- a/libraries/SE05X/src/SE05X.cpp +++ /dev/null @@ -1,644 +0,0 @@ -/* - SE05X.cpp - Copyright (c) 2022 Arduino SA. All right reserved. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#include "SE05X.h" - -#define SE05X_EC_KEY_RAW_LENGTH 64 -#define SE05X_EC_KEY_HEADER_LENGTH 27 -#define SE05X_EC_KEY_DER_LENGTH SE05X_EC_KEY_HEADER_LENGTH + SE05X_EC_KEY_RAW_LENGTH -#define SE05X_EC_SIGNATURE_RAW_LENGTH 64 -#define SE05X_EC_SIGNATURE_HEADER_LENGTH 6 -#define SE05X_EC_SIGNATURE_DER_LENGTH SE05X_EC_SIGNATURE_HEADER_LENGTH + SE05X_EC_SIGNATURE_RAW_LENGTH -#define SE05X_SHA256_LENGTH 32 -#define SE05X_DER_BUFFER_SIZE 256 -#define SE05X_TEMP_OBJECT 9999 - -SE05XClass::SE05XClass() -: _cipher_type {kSSS_CipherType_EC_NIST_P} -, _algorithm_type {kAlgorithm_SSS_ECDSA_SHA256} -, _key_size_bits {256} -{ - -} - -SE05XClass::~SE05XClass() -{ - -} - -static void getECKeyXyValuesFromDER(byte* derKey, size_t derLen, byte* rawKey) -{ - memcpy(rawKey, &derKey[derLen - SE05X_EC_KEY_RAW_LENGTH], SE05X_EC_KEY_RAW_LENGTH); -} - -static void setECKeyXyVauesInDER(const byte* rawKey, byte* derKey) -{ - static const byte ecc_der_header_nist256[SE05X_EC_KEY_HEADER_LENGTH] = - { - 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, - 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, - 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, - 0x42, 0x00, 0x04 - }; - - memcpy(&derKey[0], &ecc_der_header_nist256[0], SE05X_EC_KEY_HEADER_LENGTH); - memcpy(&derKey[SE05X_EC_KEY_HEADER_LENGTH], &rawKey[0], SE05X_EC_KEY_RAW_LENGTH); -} - -static void getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen, byte* rawSignature) -{ - byte rLen; - byte sLen; - - rLen = derSignature[3]; - sLen = derSignature[3 + rLen + 2]; - - byte * out = rawSignature; - - if(rLen == (SE05X_EC_SIGNATURE_RAW_LENGTH / 2)) - { - memcpy(out, &derSignature[4], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2)); - } - else if ((rLen == ((SE05X_EC_SIGNATURE_RAW_LENGTH / 2) + 1)) && (derSignature[4] == 0)) - { - memcpy(out, &derSignature[5], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2)); - } - - out += (SE05X_EC_SIGNATURE_RAW_LENGTH / 2); - - if(sLen == (SE05X_EC_SIGNATURE_RAW_LENGTH / 2)) - { - memcpy(out, &derSignature[3 + rLen + 3], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2)); - } - else if ((sLen == ((SE05X_EC_SIGNATURE_RAW_LENGTH / 2) + 1)) && (derSignature[3 + rLen + 3] == 0)) - { - memcpy(out, &derSignature[3 + rLen + 4], (SE05X_EC_SIGNATURE_RAW_LENGTH / 2)); - } -} - -static void setECSignatureRsValuesInDER(const byte* rawSignature, byte* signature) -{ - byte rLen = (SE05X_EC_SIGNATURE_RAW_LENGTH / 2); - byte sLen = (SE05X_EC_SIGNATURE_RAW_LENGTH / 2); - byte rawSignatureLen = SE05X_EC_SIGNATURE_RAW_LENGTH; - - signature[0] = 0x30; - signature[1] = (uint8_t)(rawSignatureLen + 4); - signature[2] = 0x02; - signature[3] = (uint8_t)rLen; - memcpy(&signature[4], &rawSignature[0], rLen); - signature[3 + rLen + 1] = 0x02; - signature[3 + rLen + 2] = (uint8_t)sLen; - memcpy(&signature[3 + rLen + 3], &rawSignature[rLen], sLen); -} - -int SE05XClass::begin() -{ - memset(&_boot_ctx, 0, sizeof(ex_sss_boot_ctx_t)); - - se05x_ic_power_on(); - - if (nLog_Init() != 0) { - SE05X_PRINT_ERROR("Lock initialisation failed"); - return 0; - } - - if (kStatus_SSS_Success != ex_sss_boot_open(&_boot_ctx, "portName")) { - SE05X_PRINT_ERROR("ex_sss_session_open Failed"); - return 0; - } - - if (kStatus_SSS_Success != ex_sss_key_store_and_object_init(&_boot_ctx)) { - SE05X_PRINT_ERROR("ex_sss_key_store_and_object_init Failed"); - return 0; - } - - return 1; -} - -void SE05XClass::end() -{ - se05x_ic_power_off(); -} - -int SE05XClass::writeConfiguration(const byte data[]) -{ - _cipher_type = (sss_cipher_type_t)data[0]; - _algorithm_type = (sss_algorithm_t)(data[1] << 8 | data[2]); - _key_size_bits = (size_t)(data[3] << 8 | data[4]); - return 1; -} - -int SE05XClass::readConfiguration(byte data[]) -{ - data[0] = (byte)_cipher_type; - data[1] = (byte)_algorithm_type >> 8; - data[2] = (byte)_algorithm_type; - data[3] = (byte)_key_size_bits >> 8; - data[4] = (byte)_key_size_bits; - return 1; -} - -int SE05XClass::serialNumber(byte sn[]) -{ - return serialNumber(sn, SE05X_SN_LENGTH); -} - -int SE05XClass::serialNumber(byte sn[], size_t length) -{ - size_t uidLen = SE05X_SN_LENGTH; - byte UID[SE05X_SN_LENGTH]; - - if(!sn) { - return 0; - } - - sss_status_t status = sss_session_prop_get_au8(&_boot_ctx.session, kSSS_SessionProp_UID, UID, &uidLen); - if ((status != kStatus_SSS_Success)) { - SE05X_PRINT_ERROR("Error in Se05x_API_ReadObject \n"); - return 0; - } - memcpy(sn, UID, length < SE05X_SN_LENGTH ? length : SE05X_SN_LENGTH); - return 1; -} - -String SE05XClass::serialNumber() -{ - String result = (char*)NULL; - byte UID[SE05X_SN_LENGTH]; - - serialNumber(UID, sizeof(UID)); - - result.reserve(SE05X_SN_LENGTH * 2); - - for (size_t i = 0; i < SE05X_SN_LENGTH; i++) { - byte b = UID[i]; - - if (b < 16) { - result += "0"; - } - result += String(b, HEX); - } - - result.toUpperCase(); - - return result; -} - -long SE05XClass::random(long max) -{ - return random(0, max); -} - -long SE05XClass::random(long min, long max) -{ - if (min >= max) - { - return min; - } - - long diff = max - min; - - long r; - random((byte*)&r, sizeof(r)); - - if (r < 0) { - r = -r; - } - - r = (r % diff); - - return (r + min); -} - -int SE05XClass::random(byte data[], size_t length) -{ - sss_rng_context_t rng; - - if(kStatus_SSS_Success != sss_rng_context_init(&rng, &_boot_ctx.session)) { - return 0; - } - - if(kStatus_SSS_Success != sss_rng_get_random(&rng, data, length)) { - return 0; - } - - return 1; -} - -int SE05XClass::generatePrivateKey(int keyId, byte pubKeyDer[], size_t pubKeyDerMaxLen, size_t * pubKeyDerLen) -{ - sss_status_t status; - sss_object_t keyObject; - size_t derSzBits; - - if(!initObject(keyId, &keyObject, kSSS_KeyPart_Pair, kKeyObject_Mode_Persistent, _cipher_type)) { - return 0; - } - - status = sss_key_store_generate_key(&_boot_ctx.ks, &keyObject, _key_size_bits, NULL); - - if (status == kStatus_SSS_Success) { - derSzBits = pubKeyDerMaxLen * 8; - * pubKeyDerLen = pubKeyDerMaxLen; - status = sss_key_store_get_key(&_boot_ctx.ks, &keyObject, pubKeyDer, pubKeyDerLen, &derSzBits); - } - - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_key_store_get_key Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::generatePrivateKey(int slot, byte publicKey[]) -{ - byte publicKeyDer[SE05X_DER_BUFFER_SIZE]; - size_t publicKeyDerLen; - - if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) { - return 0; - } - - if (!generatePrivateKey(slot, publicKeyDer, sizeof(publicKeyDer), &publicKeyDerLen)) { - return 0; - } - - getECKeyXyValuesFromDER(publicKeyDer, publicKeyDerLen, publicKey); - return 1; -} - -int SE05XClass::generatePublicKey(int keyId, byte pubKeyDer[], size_t pubKeyDerMaxLen, size_t * pubKeyDerlen) -{ - sss_status_t status; - sss_object_t keyObject; - size_t derSzBits; - - if(!initObject(keyId, &keyObject, kSSS_KeyPart_Pair, kKeyObject_Mode_Persistent, _cipher_type)) { - return 0; - } - - derSzBits = pubKeyDerMaxLen * 8; - * pubKeyDerlen = pubKeyDerMaxLen; - status = sss_key_store_get_key(&_boot_ctx.ks, &keyObject, pubKeyDer, pubKeyDerlen, &derSzBits); - - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_key_store_get_key Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::generatePublicKey(int slot, byte publicKey[]) -{ - byte publicKeyDer[SE05X_DER_BUFFER_SIZE]; - size_t publicKeyDerLen; - - if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) { - return 0; - } - - if (!generatePublicKey(slot, publicKeyDer, sizeof(publicKeyDer), &publicKeyDerLen)) { - return 0; - } - - getECKeyXyValuesFromDER(publicKeyDer, publicKeyDerLen, publicKey); - return 1; -} - -int SE05XClass::importPublicKey(int keyId, const byte pubKeyDer[], size_t pubKeyDerLen) -{ - sss_status_t status; - sss_object_t keyObject; - - if(!initObject(keyId, &keyObject, kSSS_KeyPart_Public, kKeyObject_Mode_Persistent, _cipher_type)) { - return 0; - } - - status = sss_key_store_set_key(&_boot_ctx.ks, &keyObject, pubKeyDer, pubKeyDerLen, _key_size_bits, NULL, 0); - - if(status != kStatus_SSS_Success ) { - SE05X_PRINT_ERROR("sss_key_store_set_key Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::beginSHA256() -{ - sss_status_t status; - - status = sss_digest_context_init(&_digest_ctx, &_boot_ctx.session, kAlgorithm_SSS_SHA256, kMode_SSS_Digest); - - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_digest_context_init Failed!!!"); - return 0; - } - - status = sss_digest_init(&_digest_ctx); - - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_digest_init Failed!!!"); - return 0; - } - - return 1; -} - -int SE05XClass::updateSHA256(const byte in[], size_t inLen) -{ - sss_status_t status; - - status = sss_digest_update(&_digest_ctx, in, inLen); - - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_digest_update Failed!!!"); - return 0; - } - - return 1; -} - -int SE05XClass::endSHA256(byte out[], size_t * outLen) -{ - sss_status_t status; - - status = sss_digest_finish(&_digest_ctx, out, outLen); - sss_digest_context_free(&_digest_ctx); - if (status != kStatus_SSS_Success) { - return 0; - } - - return 1; -} - -int SE05XClass::SHA256(const byte in[], size_t inLen, byte out[], size_t outMaxLen, size_t * outLen) -{ - sss_status_t status; - - status = sss_digest_context_init(&_digest_ctx, &_boot_ctx.session, kAlgorithm_SSS_SHA256, kMode_SSS_Digest); - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_digest_context_init Failed!!!"); - return 0; - } - - * outLen = outMaxLen; - status = sss_digest_one_go(&_digest_ctx, in, inLen, out, outLen); - sss_digest_context_free(&_digest_ctx); - if (status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_digest_one_go Failed!!!"); - return 0; - } - - return 1; -} - -int SE05XClass::Sign(int keyId, const byte hash[], size_t hashLen, byte sig[], size_t sigMaxLen, size_t * sigLen) -{ - sss_status_t status; - sss_object_t keyObject; - sss_asymmetric_t ctx_asymm; - - if(!initObject(keyId, &keyObject, kSSS_KeyPart_Private, kKeyObject_Mode_Persistent, _cipher_type)) { - return 0; - } - - status = sss_asymmetric_context_init(&ctx_asymm, - &_boot_ctx.session, - &keyObject, - _algorithm_type, - kMode_SSS_Sign); - - if(status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_asymmetric_context_init Failed"); - return 0; - } - - * sigLen = sigMaxLen; - if(kStatus_SSS_Success != sss_asymmetric_sign_digest(&ctx_asymm, (uint8_t *)hash, hashLen, (uint8_t *)sig, sigLen)) { - SE05X_PRINT_ERROR("sss_asymmetric_sign_digest Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::ecSign(int slot, const byte message[], byte signature[]) -{ - byte signatureDer[SE05X_DER_BUFFER_SIZE]; - size_t signatureDerLen; - - if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) { - return 0; - } - - if (!Sign(slot, message, SE05X_SHA256_LENGTH, signatureDer, sizeof(signatureDer), &signatureDerLen)) { - return 0; - } - - /* Get r s values from DER buffer */ - getECSignatureRsValuesFromDER(signatureDer, signatureDerLen, signature); - return 1; -} - -int SE05XClass::Verify(int keyId, const byte hash[], size_t hashLen, const byte sig[], size_t sigLen) -{ - sss_status_t status; - sss_object_t keyObject; - sss_asymmetric_t ctx_asymm; - - if(!initObject(keyId, &keyObject, kSSS_KeyPart_Public, kKeyObject_Mode_Persistent, _cipher_type)) { - return 0; - } - - status = sss_asymmetric_context_init(&ctx_asymm, - &_boot_ctx.session, - &keyObject, - _algorithm_type, - kMode_SSS_Verify); - - if(status != kStatus_SSS_Success) { - SE05X_PRINT_ERROR("sss_asymmetric_context_init Failed"); - return 0; - } - - if(kStatus_SSS_Success != sss_asymmetric_verify_digest(&ctx_asymm, (uint8_t *)hash, hashLen, (uint8_t *)sig, sigLen)) { - SE05X_PRINT_ERROR("sss_asymmetric_verify_digest Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::ecdsaVerify(const byte message[], const byte signature[], const byte pubkey[]) -{ - byte pubKeyDER[SE05X_EC_KEY_DER_LENGTH]; - byte signatureDER[SE05X_EC_SIGNATURE_DER_LENGTH]; - int result; - - if ((_cipher_type != kSSS_CipherType_EC_NIST_P) || (_algorithm_type != kAlgorithm_SSS_ECDSA_SHA256)) { - return 0; - } - - setECKeyXyVauesInDER(pubkey, pubKeyDER); - if (!importPublicKey(SE05X_TEMP_OBJECT, pubKeyDER, sizeof(pubKeyDER))) { - return 0; - } - - setECSignatureRsValuesInDER(signature, signatureDER); - - result = Verify(SE05X_TEMP_OBJECT, message, SE05X_SHA256_LENGTH, signatureDER, SE05X_EC_SIGNATURE_DER_LENGTH); - - if (!deleteBinaryObject(SE05X_TEMP_OBJECT)) { - return 0; - } - return result; -} - -int SE05XClass::readBinaryObject(int objectId, byte data[], size_t dataMaxLen, size_t * length) -{ - sss_status_t status; - sss_object_t binObject; - size_t binSizeBits; - - if(!initObject(objectId, &binObject, kSSS_KeyPart_Default, kKeyObject_Mode_Persistent, kSSS_CipherType_Binary)) { - return 0; - } - - * length = dataMaxLen; - status = sss_key_store_get_key(&_boot_ctx.ks, &binObject, data, length, &binSizeBits); - if(status != kStatus_SSS_Success ) { - SE05X_PRINT_ERROR("sss_key_store_get_key Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::readSlot(int slot, byte data[], int length) -{ - size_t binSizeBits; - return readBinaryObject(slot, data, length, &binSizeBits); -} - -int SE05XClass::writeBinaryObject(int objectId, const byte data[], size_t length) -{ - sss_status_t status; - sss_object_t binObject; - - if(!initObject(objectId, &binObject, kSSS_KeyPart_Default, kKeyObject_Mode_Persistent, kSSS_CipherType_Binary)) { - return 0; - } - - status = sss_key_store_set_key(&_boot_ctx.ks, &binObject, data, length, length * 8, NULL, 0); - if(status != kStatus_SSS_Success ) { - SE05X_PRINT_ERROR("sss_key_store_set_key Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::writeSlot(int slot, const byte data[], int length) -{ - if (existsBinaryObject(slot)) { - if (!deleteBinaryObject(slot)) { - return 0; - } - } - return writeBinaryObject(slot, data, length); -} - -int SE05XClass::existsBinaryObject(int objectId) -{ - sss_object_t binObject; - - if(!getObjectHandle(objectId, &binObject)) { - return 0; - } - - return 1; -} - -int SE05XClass::deleteBinaryObject(int objectId) -{ - sss_status_t status; - sss_object_t binObject; - - if(!initObject(objectId, &binObject, kSSS_KeyPart_Default, kKeyObject_Mode_Persistent, kSSS_CipherType_Binary)) { - return 0; - } - - status = sss_key_store_erase_key(&_boot_ctx.ks, &binObject); - if(status != kStatus_SSS_Success ) { - SE05X_PRINT_ERROR("sss_key_store_erase_key Failed"); - return 0; - } - - return 1; -} - -int SE05XClass::deleteAllObjects(void) -{ - sss_se05x_session_t *pSession = (sss_se05x_session_t *)&_boot_ctx.session; - - if(SW_OK != Se05x_API_DeleteAll_Iterative(&pSession->s_ctx)) { - return 0; - } - - return 1; -} - -int SE05XClass::getObjectHandle(int objectId, sss_object_t * object) -{ - if(kStatus_SSS_Success != sss_key_object_init(object, &_boot_ctx.ks)) { - SE05X_PRINT_ERROR("sss_key_object_init Failed"); - return 0; - } - - if(kStatus_SSS_Success != sss_key_object_get_handle(object, objectId)) { - SE05X_PRINT_ERROR("sss_key_object_get_handle Failed"); - return 0; - } - - return 1; -} - -ex_sss_boot_ctx_t* SE05XClass::getDeviceCtx(void) { - return &_boot_ctx; -} - -int SE05XClass::initObject(size_t objectId, sss_object_t * object, sss_key_part_t objectPart, sss_key_object_mode_t objectMode, sss_cipher_type_t objectChiper) -{ - if (getObjectHandle(objectId, object)) { - return 1; - } - - if(kStatus_SSS_Success != sss_key_object_allocate_handle(object, objectId, objectPart, objectChiper, 0, objectMode)) { - SE05X_PRINT_ERROR("sss_key_object_allocate_handle Failed"); - return 0; - } - return 1; -} - - -SE05XClass SE05X; diff --git a/libraries/SE05X/src/SE05X.h b/libraries/SE05X/src/SE05X.h deleted file mode 100644 index e955491ba..000000000 --- a/libraries/SE05X/src/SE05X.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - SE05X.h - Copyright (c) 2022 Arduino SA. All right reserved. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#ifndef _SE05X_H_ -#define _SE05X_H_ - -#include -#include "ex_sss_boot.h" -#include "fsl_sss_api.h" -#include "se05x_apis.h" -#include "se05x_APDU.h" - -#if defined SE05X_PRINT_ERROR_ENABLE -#define SE05X_PRINT_ERROR(x) Serial.println(x) -#else -#define SE05X_PRINT_ERROR(x) -#endif - -#define SE05X_SN_LENGTH 18 - -class SE05XClass -{ -public: - SE05XClass(); - virtual ~SE05XClass(); - - int begin(); - void end(); - - int serialNumber(byte sn[]); - int serialNumber(byte sn[], size_t length); - String serialNumber(); - - long random(long max); - long random(long min, long max); - int random(byte data[], size_t length); - - int generatePrivateKey(int keyId, byte pubKeyDer[], size_t pubKeyDerMaxLen, size_t * pubKeyDerLen); - int generatePublicKey(int keyId, byte pubKeyDer[], size_t pubKeyDerMaxLen, size_t * pubKeyDerLen); - int importPublicKey(int keyId, const byte pubKeyDer[], size_t pubKeyDerLen); - - int beginSHA256(); - int updateSHA256(const byte in[], size_t inLen); - int endSHA256(byte out[], size_t * outLen); - int SHA256(const byte in[], size_t inLen, byte out[], size_t outMaxLen, size_t * outLen); - - int Sign(int keyId, const byte hash[], size_t hashLen, byte sig[], size_t maxSigLen, size_t * sigLen); - int Verify(int keyId, const byte hash[], size_t hashLen, const byte sig[],size_t sigLen); - - int readBinaryObject(int ObjectId, byte data[], size_t dataMaxLen, size_t * length); - int writeBinaryObject(int ObjectId, const byte data[], size_t length); - int existsBinaryObject(int objectId); - int deleteBinaryObject(int objectId); - int deleteAllObjects(); - - int getObjectHandle(int objectId, sss_object_t * object); - - ex_sss_boot_ctx_t* getDeviceCtx(void); - - int generatePrivateKey(int slot, byte publicKey[]); - int generatePublicKey(int slot, byte publicKey[]); - int ecdsaVerify(const byte message[], const byte signature[], const byte pubkey[]); - int ecSign(int slot, const byte message[], byte signature[]); - int readSlot(int slot, byte data[], int length); - int writeSlot(int slot, const byte data[], int length); - inline int locked() { return 1; } - int writeConfiguration(const byte data[]); - int readConfiguration(byte data[]); - inline int lock() { return 1; } - -private: - int initObject(size_t objectId, sss_object_t * object, sss_key_part_t objectPart, sss_key_object_mode_t objectMode, sss_cipher_type_t objectChiper); - -private: - ex_sss_boot_ctx_t _boot_ctx; - sss_digest_t _digest_ctx; - sss_cipher_type_t _cipher_type; - sss_algorithm_t _algorithm_type; - size_t _key_size_bits; -}; - -extern SE05XClass SE05X; - -#endif diff --git a/libraries/SE05X/src/WiFiSSLSE050Client.cpp b/libraries/SE05X/src/WiFiSSLSE050Client.cpp deleted file mode 100644 index b5c43852e..000000000 --- a/libraries/SE05X/src/WiFiSSLSE050Client.cpp +++ /dev/null @@ -1,43 +0,0 @@ -/* - WiFiSSLSE050Client.h - Copyright (c) 2022 Arduino SA. All right reserved. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#include "WiFiSSLSE050Client.h" - -arduino::MbedSSLSE050Client::MbedSSLSE050Client() { - onBeforeConnect(mbed::callback(this, &MbedSSLSE050Client::setRootCAClientCertKey)); -}; - -void arduino::MbedSSLSE050Client::setEccSlot(int KeySlot, const byte cert[], int certLen) { - - _keySlot = KeySlot; - _certLen = certLen; - _cert = cert; -} - -void WiFiSSLSE050Client::setEccSlot(int KeySlot, const byte cert[], int certLen) { - if (!client) { - newMbedClient(); - } - static_cast(client.get())->setEccSlot(KeySlot, cert, certLen); -} - -void WiFiSSLSE050Client::newMbedClient() { - client.reset(new MbedSSLSE050Client()); - client->setNetwork(getNetwork()); -} diff --git a/libraries/SE05X/src/WiFiSSLSE050Client.h b/libraries/SE05X/src/WiFiSSLSE050Client.h deleted file mode 100644 index 3aed4f4e3..000000000 --- a/libraries/SE05X/src/WiFiSSLSE050Client.h +++ /dev/null @@ -1,77 +0,0 @@ -/* - WiFiSSLSE050Client.h - Copyright (c) 2022 Arduino SA. All right reserved. - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -*/ - -#ifndef WIFISSLSE050CLIENT_H -#define WIFISSLSE050CLIENT_H - - -#include "SE05X.h" -#include "WiFiSSLClient.h" -#include "MbedSSLClient.h" - -extern const char CA_CERTIFICATES[]; - -namespace arduino { - -class MbedSSLSE050Client : public arduino::MbedSSLClient { - -public: - MbedSSLSE050Client(); - - void setEccSlot(int KeySlot, const byte cert[], int certLen); - -private: - const byte* _cert; - int _certLen; - int _keySlot; - sss_object_t _keyObject; - - int setRootCAClientCertKey() { - int err = setRootCA(); - if (err != NSAPI_ERROR_OK) { - return err; - } - - if(SE05X.getObjectHandle(_keySlot, &_keyObject) != NSAPI_ERROR_OK) { - return NSAPI_ERROR_DEVICE_ERROR; - } - - if(((TLSSocket*)sock)->set_client_cert_key((void*)_cert, - (size_t)_certLen, - &_keyObject, - SE05X.getDeviceCtx()) != NSAPI_ERROR_OK) { - return NSAPI_ERROR_DEVICE_ERROR; - } - return NSAPI_ERROR_OK; - } -}; - -class WiFiSSLSE050Client : public arduino::WiFiSSLClient { - -public: - - void setEccSlot(int KeySlot, const byte cert[], int certLen); - -protected: - virtual void newMbedClient(); -}; - -} - -#endif /* WIFISSLSE050CLIENT_H */ From db9be3a3ac988049de43d4dc15ed4ea326510427 Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Tue, 19 May 2026 11:11:05 +0200 Subject: [PATCH 5/6] Full variants release --- variants/ARDUINO_NANO33BLE/defines.txt | 2 +- variants/ARDUINO_NANO33BLE/libs/libmbed.a | Bin 6257304 -> 6257332 bytes variants/EDGE_CONTROL/defines.txt | 2 +- variants/EDGE_CONTROL/libs/libmbed.a | Bin 7154162 -> 7154190 bytes variants/GENERIC_STM32H747_M4/defines.txt | 2 +- variants/GENERIC_STM32H747_M4/libs/libmbed.a | Bin 7465868 -> 7465892 bytes variants/GIGA/defines.txt | 2 +- variants/GIGA/libs/libmbed.a | Bin 7507410 -> 7507438 bytes variants/NANO_RP2040_CONNECT/defines.txt | 2 +- variants/NANO_RP2040_CONNECT/libs/libmbed.a | Bin 3918104 -> 3918132 bytes variants/NICLA/defines.txt | 2 +- variants/NICLA/libs/libmbed.a | Bin 5975594 -> 5975622 bytes variants/NICLA_VISION/defines.txt | 6 +----- variants/NICLA_VISION/includes.txt | 21 ------------------- variants/NICLA_VISION/libs/libmbed.a | Bin 7972890 -> 7505908 bytes variants/NICLA_VISION/mbed_config.h | 1 - variants/OPTA/defines.txt | 2 +- variants/OPTA/libs/libmbed.a | Bin 7561690 -> 7561718 bytes variants/OPTA/linker_script.ld | 6 ++++++ variants/PORTENTA_H7_M7/defines.txt | 2 +- variants/PORTENTA_H7_M7/libs/libmbed.a | Bin 7761434 -> 7761414 bytes variants/PORTENTA_X8/defines.txt | 2 +- variants/PORTENTA_X8/libs/libmbed.a | Bin 5271646 -> 5271674 bytes variants/RASPBERRY_PI_PICO/defines.txt | 2 +- variants/RASPBERRY_PI_PICO/libs/libmbed.a | Bin 3918104 -> 3918132 bytes variants/STELLA/defines.txt | 2 +- variants/STELLA/libs/libmbed.a | Bin 6257292 -> 6257320 bytes 27 files changed, 18 insertions(+), 38 deletions(-) diff --git a/variants/ARDUINO_NANO33BLE/defines.txt b/variants/ARDUINO_NANO33BLE/defines.txt index cd703265d..325bc3687 100644 --- a/variants/ARDUINO_NANO33BLE/defines.txt +++ b/variants/ARDUINO_NANO33BLE/defines.txt @@ -34,7 +34,7 @@ -DFEATURE_STORAGE=1 -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751295810.7982233 +-DMBED_BUILD_TIMESTAMP=1779181204.2152987 -D__MBED_CMSIS_RTOS_CM -DMBED_MPU_CUSTOM -DMBED_TICKLESS diff --git a/variants/ARDUINO_NANO33BLE/libs/libmbed.a b/variants/ARDUINO_NANO33BLE/libs/libmbed.a index 709f5c1bd6eed24fa3e7b609491e26d4c08b1e0e..5ebfa0194d3d922e5039272af69166ef0c1877c1 100644 GIT binary patch delta 30642 zcmchAdtg+>)%Y$3$dl|Qn~*@B5FjCJlDnJT>;<6r(OrS2ai{pD^`#lN-G{c9am=It~6ugc7erb<%kv_JmQ?>$MT z%70U->y_}fhfJ0KnNs)tI=WPBswCwvg>t$6jH&V;l&S$cOud)7n^pXW;B~!mHgUD7 z>OWNK{!<!zxkmDNB%E00e#RsB!p>1Rw;hEmrH zuxXvC>fco^{M}SV%AYo?rB3^U{C+y;`P$m&aZ)RqIQ`d#38GqyC9f2aR^0H&yR>@&B$Ie%)04kII{yP1Rbd z>zrh&zFGNnpQ)OZYh(UTOHD?bNh@{QAJVU<&{Xq%%j9xX4Jos1YME;>)%-BdRP*52 z-ph)arkd5y*OCA9UY^)&s`*D{(+*QjZ{@iUOf~;>srx>S{|#;H{5YL8;DG7hT1LNZ znx!jsdcZ&R|I@CSW_{l>{}t0LW2rL&f81u8_0N=s7}G3$*?iSB>wA?tKzOPA=H<*x z)2#1Pt^)Jlr_`~=vqP_%{^>GgrfGI>#Xi?G`)1|VFHN(xQjlVr&B_GrkJ%MtO#iUV zwV7s^mOC;z1A&Bu%0G(+hFyuLpMiwf|xRaN)Q8SIX#t+1W`+j-0G)bZxaY z4ZETO>x1>A+7koM4c7x(#|K^tHvne@HuRN%eF=RxGPj4M9{Z|=+!8xR+Wky_`1J3FclZ32hA`@B{@3fZZnS032HY>xWF=0Ei~h$w+6j!sHzzg zRH_#nYW-#)=zCJo#6Ufzh2=rpcBLVwJz9#0tW}%@cF*M^W~P5 zF9&LU-I9*iMg$M{TlE%yeeCF#-4>w>q)9jVN^a~zaeRBX+$ zpt0+M1Mu~&!EU)JD8!x-l8Kk?34TPbVFK$sWl2Y?J)st4xh*OH&pZ_TMK5;eM9o9W z)A5Ekf+y>Z827XX?;IvEO-W~?&dt_zeEI9(al)*KsZ#E}PLGF)Iw)j&ii8f*0iK(C zVb_V02b7P(X}KXwWbME(!KgFw<&uy}y=5bF`K(O5?gt@DBX~E=W#X5H92DNcfL%|9 z9KMaWWG>TsJS4dv2eOtuXF_%g9TFh35~VH*M*d#Nd?74e3$Z7|4l(g+h-08ckm4$6 z@m8>4TR`Y1a(7f}*;!6i=eRf|bbl|z!2#|KPDgkDG7|K8EeP~EICQCS1wST~!C|9t zY)WXnVf;Q%=rDOyppeFb&J~0wiz{+0{)-HTZ>wity&R*;x8`VA=la6DyhgHg61aul+4$DoHh^sou z$@XNU#npi$uE^ZsJMwTg{T={rFPp+Phd3gBBGzqBMdybdc`_U=kdkyZ}aA)|I zdro9f zyV4RY>X}+wUboCPqgVbAX~S=?vV7Bri-6z*ubuUl>B3hS(AQuw3pZ7PsQcTjO#IAN z%ULlr*8GXxmROP9iH;WrNWJx=38xbcSXy-}TD>AH0Ixk_xmEZ9qtlVLNh3uG)RIVA`E zbT`Zl7iL?x2=i9?M@nOHCVp+c^+S1NRC0>f0dX&)Bn@A=&+4}_;9WZvaDoqZWu)QV z4_VX1ysFa1S5{j~WPV`arE9HSG8eQj2Z^!NpC0{hYo1ZJo2@%#po-vn@V z*1u$39Isb+*xS}&!W|i_rGK_=6P8GT)J5DN+Qhc#k=XT}wbOv442+1?TM24^VO%EO zkQMP(FWPmYR>$;ow8ENT!3PQ=ekEHgHGmwHycE_whsq*m#7Ugf@n$PIEDx>tVMM;j z47o-W2g^gzm_Jlm&@1mo^uyoOMYPEd1vyXqPG2Std@Leb1R*|Z#mxf4-3<|IWL*)= z1&NvH{^!Fj=uBl~0G_lV;uG0+K*_$X5gjsNX5ION($n#>=OVr^FjPBdY9>DLV#G^& zVyJU{TqfT4Qp7hhMd+p#M-0<9$L5xZ7C8p7zS~rac{nKAp%kwC|S4elj1Z2e0SV3>m1h3&sg_NLA_8z~Qsg&!%El>Ac(cpLcL2POAQj)xgv78j0N0>Jswqnmpu~sSA8d_ zb{&}Mp~oX%5H-ndLs`1vgw%;nD0|jLDzYm9(fkWwIi9VNj|fx|e)uvt;MvHfy)|$` zD)YgkkV+qUE>bs}s>953cs4DLPeb;Nv-V|8kuL~A@OBQQv?ruvSl;XxhQo)fIJ6bfcAtrMovQa3G0qtiaZy10e<0EnpfDSHuK?bT4 zqm!_w5b~QpM^?xU%-I{mY!hC+?5_*fZ{yX-c70zsf;2(}HE(aGq;ZB24>b@bV=GehzQ zbpMHX3!W2hn`%a{54G6vx@g-V1C`c6HUqcns4phk45L=n{aT7mr*7J_LvcEYrQ*lZ zY(=t7!9eOq+X`^1!!}>f0!Xp|Uv(Qh!+^3!Zq4+|x0c4*{CtY&kv7PNRhzmQ>MF9W z6ln)j^vOGH%`#b#=9X$(iCD?8mOVeTbs4y`Vq2Gt1^ol5X=ar4iwF-ol$sEOrvA4r z2p?&&%`*tQ^HKt|96LEAiK+%4ZM8jYY_yvw@!HJ51hgnFG6GG_w*=s8M{K{6TWVtY zGwjQKdDQl;o>!DV5$3b0CvETRYZ${uGr?!h+MbkqQFCr5%RZk!XZuj>fH39n{LB_4 zJDchQ9v946zpqY1EknnIh&_Zg@$rJ$jpruKF=K zhoBpT#~jgpWx1&h$oYX~+MqNX>xr(_s{plpT3vw8kBN2|Y9JBFL}Rhdf_AKfWccp< zXuq_JiI}=x@%U&z*Q=kBP7)5NNfsm-5HiojGLSkqtW9D67kj2fKOl6hqM+{2U~Ts0 z?C6h#JCYiT=RnrCAt#PTKk&GtpL#xuUU{d#O;rKxH>)bRF?FC>D3MU01Ia@t-nY5?N4-DK}An^i1Z+dlLh1hgpTqnOXuvz#h z19ts!V6!k=6{sHU{r%!Vzk@y2ytZp#kwI{94%nclffw8oGpv^px{xm(cFWHP#q^W4 z!p4=8osF6&C#K@Gq?r67X4qk{@I*~GE?gJ8N$+{6^R>a5C@BX7Z`tJwz@E*q z-x$oVbVqEd?CMk!PPZeA=Czmh#YTy+>(_mjXXAP|EH{1~TdH-eAnWN7B;+)`6?;<5 zyy{5N;{C7#+;$=MxOU>9HmBWrykw)EEWj^(7Hb{K#Oc={n`ii;cTczA!iYg`P3USX z>b-C_c1v73ZW}u20l5?4$>$lgTeC3EsCE3H4tey@GHBW$t2X^;EfE~mWa7CsgDPdh z%xN5ud?&X>r{bUo2KlsLpyE=eal!D&5j1}O;Gk$t-JCWUMkWq8IcUCS9cm4gOpXI~ zAL&~8;FUq~as%MCtMA}i&CvY%^SIfu)8@p%$CD*-0@BL-!AR~a&WjI-tO3?q~Rqe2j?1Sp8WmbQW>aXxw5m={gQbf4(`yx0B5h}>fn5B zqSk<@bv_*TUhW?JuxwyNZnwlOmNh_?o8$DN&tsI4*qao0POhg+WP7#5pdvReN}J34 zMh-g)W(239*T z7nTl}+cWWB zX}Kc@HZ{dB*HQou%s&zDGIZ3~9=|{yE#)#ty);qyMf_(*$Fe4P4L$BmPN>!9blzjU zCt>+0y?HdxO<1lsHB@R%$ixpVO9++;Q(oMNY@DO9wuu&eer-aA9CL`B?n>y+(05~R zPuL>IOK1rz(w`7TIA$ zuZ)IdeJZx~!+$7AJfJ1oTqk=bC)UgUK?8;2giRj06R>1PVs2k~Csyh`zJ=jCffid0FUWE^wnFmW~4tL7Zx(~ z!cR3AK?Rt3>(Is^9jxiOp$m=5P+Z>Ztc{KCR6MV3s4LGOM-_q_4$(yy_tAzSjwtExq{qk^m0c16zg`tbkuixD&8HNvN%nLq!grF3Gjze4iu+$foX1W z%5Y({nwp&2(F0nsBi4ehZK?^tmrGL|p&BKw7scVwc3S3ErhJs?-+(zs`&PJvvf;^; zv%DWB<@)t0K?D2|s13Pb_lfNgo!g#rGTOfZsG;Rx${sg|{Z}lg=JEQgDY*XXu-b7N z-12b*QCUyM@P<bVc!iu$77t@`e4t93tW1PK=;TI2WvC}4A#1KM9Fv! zb`2PyT)T6KWfT8;y!`YCTz)$B3qD+iSbHwDrP_d)?aYCgLml&ON7|{q{taLVzK*oq zyEGUfMD+)^fwIx-&9H8`P&l$-pjJ<~0i62kkzYN|VX8&LuyeWbuy$8I9_i&S%9zX@ zlwO29z#`4NFXyG_h51)QclndjgfXtKxOTQj$vN=(p)-Cm9;RG8&wT#)V6_kGe8LYaqICdV!J7M~o_U9@QGK@wSez7jd~TSaP~OpTn4}R%X~+d8A_P)akM{$1bKzL1C#GCyutC&>0y9 z+EDZ3JY!AmSi3An5Upyg@kMrFtYlzN6E?x_=0740mUUVvY_%l;t`Q-pcyg>Z4S zDIV@ZF1GI#>Qk+ysm|WR-Ih>NV-&gaMfdu@df9$~$0$zFfyfPLWND0pJFi=Z2H;V@ zwr}DQiwUjcO?!K+CU6Ej)?s%^{80l_vfb$PvokYk!2~CW}9_ zALAk=HEKBXz>=U`JRCENF{W5Xtb^9)Q`RLZL=iV@$|~WO$lAdM%nh4AE)^c!H5vd{vk&|(D>_cAWNgA& zb0+%x9ooKg>cy;0d`c!XDZUHUc2bneon* zMjW69HQlRwYitceg_`S4%3FFmDo$bZ&2TmxFygcxCL!&8Y*Z@L z7`Rduz2rB3gBP*Lr9cwXI4~*|KlZw^@DvhlGr*TQ&RTi*m%Ghg#EiNw!$*?BA_Fm)1i!z4%(jgFUW;p+PF#d};YaQEN? zf@1~s3N9LT7B=EuT;w`FTz8Qh!5H~!Bd*NG`2wbFwYQ;g1u?`+`Pv$wEz!GlHV2cO1MUE<9K;04P z7GYeiL9l6*iHoD$<0XBAa+*8ci_CbS-Tgc6s6?x53&92VIOuvdEz^BLH%J^m$Gx1- zkBkG@UAn>32?AsG=Ci^jwJ+=3Ur6Zzv8N60o!mefk(L+SostMB5qLcX53}&)X7{_? z${B(x)$vE%vQ&Y*TC?fs&1yb6akCot>6_K8Icux|ZGhz8J!g^(4h+Ca;W_V121QlqRG&4$>%3r|#53H5 z2{~Qd@d-=~dkzSD^r&ceZcY(T=14sy=t1psBGYkpWzMN&%>@}jRr61-%n>#r)%;=g z&1yzIYOD!clXGme)`J?uaCd9Yl93vW(XPLmGhH9kx`RAH+{8&cHO!K8d$K6Ug>jx; z+>aO?v%@32o8u^6*x=bw4NpEEb9wgg;6&=FI24q;1~$~Le%_xQ0<6pRL`%)UbW}50 zRpRN79(m9G0G`q}v9B5J@C4{jMv}p-Oj@|Q8^VcTWp8E>9gRqQ@vaH zI$Jdgvhaty;1%A#@+imzsU}{R=6Xfq#cJB;dxfqE88!I2JP>@wa%8pBeaA-RheS*fd%cqjk>^U}v;RH*|dEinnHh zu3fEitB73;7Zw`^nAvlySd@@$MNJsBQ|GrJdY&= zMx860q)Rl1iCr{0&7xzfX4U8}kz#3`DfFy@3Vg$^(UV8XNC;jjW#Un%M-SpTIpd)A z{n6)mmc(Gbzl`?kMW&{uVPRv$YKFB|Yo=RtHR?#n{S9&f5YLMk6UM!hVKxjMbCA!d z45nJf5zm-ovcFJ?I$T+>f9Ts240rx+9n)GX`H5uwI&?bs>@a=5-Pdy=@rn34x6Lpfs8S5k9DuMg-P2=~8iE(8@OI<7+zjn#SY-k9 zV@}AMr=8$(V0}iOajt1s@-As-le}fSJ8y}0WX^%Lg%bLY0?Aa>JRz^7KpG;mEpnHK z&ei{wH(s_az*0Rf?Abhn#bUT+endOmC^ z8@S2o8$D&-SdibOU6144DsSe)>gYsG{_hOd-84IYi=VHk_EWng|6r+p#6ZMosP%8< zdkxM3zz5B^_(c9&hVGaEPWcO<+ZW0%iMru%M$HwTKa=m)E;7N?2`%V29puR?%^ZhW z##LxnK-2~-zL2vS^>kLH62l_6 zGypl(H~WQK#yucRhSU=8d12gFLNg55d3fBsvAP~`?Kk86WX6drsCEn-YhLUbH(5kC zMyIrILFr_P4x0<;Yy6AT3bt!EU*JUh;|Rjfwg(G*OE?MvsseInY3E~}D+QbKcni`K zZ2|k-u#}?r>0?t1cZ-0<2&+8t^+Hxpve$i7xJtW70jh@&EUA1eXg;Kp~!E_B7>%e zr4X~Bq4DyjqMsV%-?+VKo6HQe2l{Gl*}kH!A~rFV*$)@hh>%Hu6h)!enDINmDf*-r z17n}L34F7Nf9A%|`n?X=E27rF{6tY>FX-@bh;RGDC9=~+^JP<{V}$)9*lHr-Kj6cn z{W3Z+;7dg{+PxXIQ*zCw!w1g?egSuj)_z@7DT@GbdIH8riFt~BQNzia0%1+H$^j-b{bWGD!iD!78-Gd0p@MOeYk*WR=ieEhp>HK<5!9}OMuKH>48^3zX|sUk0iB}Ik%!RcWBszFSNU+ss*cG0&t*&w&--!ve6Yz z9y#{I!Fdxd%JQWQyT~^aXg2LFn80sQsgyt~$0{at%Dq!8cMePvvE3XnB;XFJc zL%V6sQA;=ULa$@*gd)KO`wm3z%M*5LH^|`iCjF=jg4qPlMB66ZBc>E4FV*{^{y4$U z`xvF3_a-cv%hk);H{=)Z_OnJ+f2GrkZwR?D^xAuia|I&|U7cr=>x=y+T2iI?;9z)4 zuzp>X1!cVl&!LNdQhbjXAR}?|@!}GL+TnW)Rxv>{4r)+wns${<69wMcRNU8Z`cVha z`lsR!;Y0*o-FJq&7pFVyBk`54;&Uln6e@YLTqwc`ktHdD8`iNp$|Lb5exqba@JtyN zD~Tn)5iy7%H4iH>i}1;S@bsxuNPqyTq}+&XC*bRjk}{FAF%-4)lcoNhGto6qDe;@( z$n#@$?s1XLBJy?~yQY;ikI@Yjo7b24Wf<&vw(sc@^9+4U^%ldqPfE^-41=_1>fQNZ z0c_J=E$K6YBQk1M+r%be^kgJd0WR%Uc3|ej2w9bsq!TsHhgURnizeSH98X%oBk zI>WikCg#g6DIG7O_iT?oHgWGT&Ki?v!!IW86tRb^0B%=y!`|SsUr)SK%rTsC#mlbI zq#T`ir--7AwVkIYP8Ud;2;Q4GOuGvWF%F~#A;WilVx#a`_OPob?DnqpoK4b_s?m|1 zqs`pe&)&Xj4sXHGPJVZL_bLfU(VUJfm}BYEFQ{%(@=D%95QdvKY_I5{zfbx|Xq^yN zEy$S#86sWx@19l~>*O?e3r7~Y3{N-vgB~ySPLW!`Kx^JD-Hr9Y_@7Q*K3orMJ}}uX zQc(4&1itZ?$zNqlEva5})D2uu+LVv9i^ZB~k?)P^ndpP`GKe)R;U>z82~)O;;LOM> zcTMrh<^rs$iB{jGQ~VMwCgScNP1)n+Y!D)p4L70(Vi%jIBnTsCDDiJk=@ITATb&6m9MNspDi-QC<|(JPsbL*;=L!68M}`s3m~~ z_9>6cwM0cnr#6bIo1?f8tp4Ez+#jcI7n`L_e((Y=N(3kdOb+xlr|ZYl<@9xHfzC-^ z#n8Di$ECRGtC}>guT-dz388U@&u>GQkf%u5o~&&8)F!slcTnS4C8}Dh;)QF&?a#tD zwqh6hc59cg9k56y@Ba|_rV6??BhW(bDD}sQ&-jo*81Nw&{(4ps7wE0bo&8@^*= z0%E|{w|zw-kz~N+Gd{n43I>Eka*MEV0;E>rqFeoV!>7LEBJ8Rt2tL9GkEFiKf=35^ z%I*|P2(25+>#p!JBd=^25xrD(*vhtu*^iNGj4$K!m7h`Yr(Ou2dPU;Y1B59g@7hT1Wy4W4VqLIt&P}^sF&PNq{-&min2FE)FJekNa)?~4XevWiik{Vsm(#a zXA70UO=a`7h_BM8=n!|{u?9Z0t*lH_7hKhYy$(j)N}lqR|GeyB&52Z8^>9J^DVfn;TrdU2{oQ zh7eNY2b3?-a%4`bX-IjKfhW~(22k0KQEHlwjN3{BZ zq071DyM&my`9U-CSS2R45Y~aGn?&h8=>OxJn42T$+O0wnaJ z%BjUM{g?p=CwIeyW3sM0r%mq^{?5=l?wZ~pW-S7wO7_t2`0+6sw|G`^_*X>w)$WGx&pZKHewB z&A6ex_~yWEvt|sF`2^*6teO#)D$!(K>ehA#vwuG0$u!YIi;p>|bMFMWGub|4jocF* zyqkUf2w%85W2Lqbh3}xMJAjJ=?(k~Q{Z#g7bR*9r=}q@9hu?8ZSTIBCxb2Q7v^{A) zruv`V(Jst~wOsh~JK7g;jtNkW$qxQuinZ36PtD*hn3iiZE8q&-js-K13#;SEiYr^o zxDVVrbB4AeQ-?&!JF{KTf@a*)U!2*!rWf*j%?6Q$Z!@}_5D!VnHebe_j*6f4PqR%N zGH12p&N-&!WkUkGZKm(O{`R}#A*SSj?sfEU)6ll-?_>pZpGQyMT9MYr^jrMetrc;B z<~gYLqrk!V%W)Og1I%+#*My2p^IRNXT=Bc`tAl|QJM(#JFeo%%t=WOEXVpIb4-JQgh^KXXtE`B{y^=2c8Vt83f=XwJNf zN$?@0CIFbPp&s%RgG%Saj|XidKQmDm`B{c??*g2-;;KNj;jW5e^C8p$0P}fdzZ-t8 zqm|?*6`dqMQ&Ic^_*sS)lArach5WpN!tQ~eqo{`boJURM=Q`?vpFXBxX!5-kllxeP zq3!SsEOgxqwW%ogzKV2|y?B5Pt+=nk(l=|E$pp6n@2eQv*A{3py^iX~1V*B_p$f*< zabLv<^E=4*!pwo_wM*$1^A2QR2%xcO=L<7Oz#vzW|675&$^TtPC&~YXqWn`M2BOeK zKw%Bqd9HLs*r8w`9AYw+fn?{S_JHYe0nsKC+=ot`GPLjY;U-fTsy`kQiS{k35HW>W z?uA7aW-+@Gpz2L-xCTN)NlINsKW)L{XL|~`8{5o(XiLQq;n0jO-0Ja)97h;6T>{dD zrt3sSnm`lQ3C9SG@QZ(`_+}zEYDTyvuQFcnL(tgtM?YtrQc?MZ7!Ik0h@;$7>2-2C zq9>0Nz6(e5f`i*CpP0Z~@XaW;wXpV5CEr?5ML@e$5czN)e)KPu{Ba?VH%-?ouV@*f z>UzLO^MI-&qeU-jWNMsPwMR_YWRQ%wcoI4GDflSV=E|y9#jLFg1Hor7GS!{iYfH!n z|7KS$(h_L3S4scyPSScR`E zX0jJ*xwi%2tADDxM+9O&j8lO?HDXJrSxIj3K^Is8C%gUBQp$8aL43(~|= zmREme7+dRO)mB-%(6Xzc+NG^5x%hIoRyP{Zuk5ZqDECf>1}g(Ht6ttyeM*=iSbm;{X{k2`Q(hL7r<|{S6guNscL@VLDZkA z&X;+FA*%G|o$G}jyyt>6ulam+hnPSa@9H+B^}TAo4as{kzu!wQ;0Q&+@);5Mx{%*8 zgYBS}UaMZHoz1BKm7glu z(Ct602@*sY(Dz_XkFZM>Nd8fkBK*>dnyW&cq=uRt>@&-+$*!-i*(6h-5_OWtru6gE z@U@l}Aq3WM^QM|%BAzi|_j5JJv|Ue##_HC-dccv}Zx%n`&{Z`A-L$GBR9{7T^T4W3 zoglv)FzbDhT1q`mcj|FL<|;G0-8ZfJ%G*m-$LLwjBCxSun2nds^0RSP1^@iQZeeK* z2p{R#BUW@0t6j_WowDfA*cLbn_gyh7NJeCeq$WDEVb-m(`uH%Tke)15^=zJ1Dkew5 z22IAZL83Gn-|*6`;c{=BUT$kI^i+v9wB59-<9EGOf!jgyopoZ?DG@s)k<_2kW6?po zQR^-j{8JKVW}Wq0G58x=*C%>JYBF%d2hVunU*1965^~@#w&?2D7Wg{Q=-Kaz zEeC?knzRSO8OPj$*-sgC4A;s0=59%NN2d0|Jv(SDziHLHJ9?=qt(e^+kBXX$!ajD0 w#ylQn*>oZVKJhkp_IMHZ*zh5)7r>WFX8Wf#{>o}x(o2`>`B~?(+1UL50d^!yFaQ7m delta 30477 zcmch9dtg+>x%jRI*u2PYb`z37UJxK5Y?8B^-RuI1hLDg%0&ED#=1CM$P|%=Iut11K z1b@U!DlkAr34#?$&`@wdr8No^R371qg_c-j!HR+ z3|0TGa{fa@6)AsMLQA9a2l@SM+z&6`frMD8?z`3SLrdci9U%0-W4fW5l*z09)zWzL zf%B^k)r(jBiJL)=*8#wWR;kQj_tbK`D*OAHuIE)ll<8%S4Z%hLoD?wA}rLq2@t@q2}R~-pi6P zhMMK88p%Jsm(@!QHQ!e@tT5E{R-Qj>sQIT$;}7ZlZ|K{op|rODM#I0gjDFcrt1FHA ziht_=Q{FSw{?IaOouM|cGzM1w_(enQKU3EH-B7D98&4Z*e^6;CYJW(% z0>uB2(#Sg3g`GD1(`E1&LtSshUTmnlSs8WCP^XjvlcA24@yZ`{{v^ZqmbPVUW zOmF4sPfsQPr0}gL3g0q9xdqCtP=cWJfzlTjzSZv@OJBP4LJ#F6*^F*<%XgWJgsiVZc3iA{==ypPIsYwTBZbk4GfeS`)kJFcqD{6!9;%qC*nIGJ4)dAVEGB`@# z@5JWd)v>yM4f}#GajRqS8jc3vFl+nC1UONry(AqU_-*iGVcJG8)BG7BnRvy;U`MFf zfII&jyjWmQmao&9m4zOvHl^Zq*Mr{|fb}Eh;&eFBgVm-ql(ijjJCbfd{TL(=fqaUqg0m{K9R+?0w(hKCdh?Tp|0yF=5_u}>?^ z*p?l#tiO)8wy`0x;kvr+Ng;)T9QtgEb}+~UsBI4< z)QOV&SB%7IxuFXLbpU%{x|#TslF&-M{np$ax+78tJ$_;6e!cBqeKPdmZMuFPZ-*xL z)z#fN9oi~ri`jzI7zM0e2%RO!Ms5UOl3@q$b|us?KnqQ7lu*NFFi~4j*rx(2MS_o4 zr{m(#u)Tp`!MN`aNk{kn(h6$377S_|7`9L_bB0|S7(Nomri8`odG>k2h6=oZe&+Zs9xJAI>H_oye!Z$_qSnPd=cUcg#)#`6b?4{dDu!$I3ZFtDUZ{Wg+6>cG7aDJ zO;{VBKBS$P)WGnoL$q|uW3sc{+3583N*Hrnc&8v_7~`81zM2b-<8e#i{$=-+GBf;^ z7%fZ~lfNXqlTRK6_sZ~Au6k0(v|ImNOgfHvHoTJ04>q9rrSRND1u&_jTFA-vWTS>^ z({OA%6`nUv+kuG8+J7~7^9+z>c>l{4+I|#}!wrjhYltls7cS{VO!BMJ!Fz)=_!qc&WR>$0kMW;uDj>X}&9BQ@(Z# zk>~b^9eif6e#T!!)Ff#8$*|oL*r=?R7mr7LB*>e!OAPmW-4SPmcEHo|b;J%ndl;Uk zTg;dF@=oexI8Lv`7KVM{<~(jQY)p8(Ihi{lQpc>n>4~azyvS{yF9=Uw&pcj_yq@9g zN^^+N40IiO!(3-XFaOSJ!|yILe{+kLZD{UpGEWtz0@V4M%|<=}DOsrJ+pJ9d%x3c$ zfgk9+dWSid2VIN@z&STai%7N_htum$LY-;Zsc4hGE&?rI5*~zC9Wjs6n|s$ubG+a~ zsQ7bWs%;IiLDbY`u8GrvCv1LYUcduUMn>6p=Ent5f}?M}qdF50inV+!&<6nG6D&6b z0J7XA*$KU%g3CMeGen9eBiaP$c5`p(j=A0iEijMbY) z=L=&q@w%+Yqk#%_q7KK@bhN~hV8;6jB3~7(Q&xEnN?r(CkOSqB(*|itmf6gfa#*P7 ze=sti2XLy294u5s(|=cGMlZh~*%yD)7dM&?#>GaqnYbL2`v zIbigivlBDXL)#Z1Xsh*c6NlNW79j4uLuKVVMjoX^xTC+dO_(YSX49TXFu*u#q>c#G@Yl*rw06d1^M(VFK{z$Z z`i%}GGXB(-i60nh{eU+RX;4nd27yF4sOF57a*CGkhA4mc2{em?;Aoq5*H0&*A-Twtx&0YNA1B?b6csr6ZX=cY;4FZtTU zFt$`$)c~B;otR;5*7ZY6Cq@_G1NU1q^gxXdS+8t-H25F%LT_E!d^qZuv5%#s(iSzic*=|ECvLOO=M#$N6fRB<}M!mhnqo`#yQ z42(b@F0q>MlGm+g1kyo>(*FRp-eU1n4jp=HYpvj!KcNnx~(RfoSB9R=?10bgvJ$jeq46>q1>MZn1P0#vw?H5;phMSpf4J?CP{o8|i8rSk-$1?yTNEDA$5tUI1|$k`+Iak7h;5iK znD887YZE$Cp0gq2K~{M5&^z&FJR`z3*@)g4Vz%Km(Y81}jE*>)o=(c_#YCH)S*qLD zQ*5GcWvmX#$-?dxX|^K4e1L_f(Y6Ad>afkyp$G95;4AI`Oc)026#9yDX2I>YUgk_T z?3`#0(N$<$%Hsn%7x9TZZS4X`kl?0jTM6Gxv3@rmwB_sip`NXI1^AgqY>x@z1^_pH zVuQH-^z@`8Gyc|)5c2yJ!Rg7E1d+g=bRB6Mz9X7lv|AXkSCgP#w(1=l}mGv2BM zDU7zI&9>RS^bQxGGPCN2qyn1JAGYe$KU_2BP$E%QuFZt^ZL~eBCvfi1bgVN_zV9HQ zz5bl-q<{xF>fT{1)6-M3%T}VVYujV92zAs_vmoYOJ9!Yq2*0#l)$?k>wyVMzzz1-q z7*WzMB0cCpYC;T}{9m?UeB_Yr9z7@BmlB}kjLs;=@*8(o1>tu)YzqTA?jQ=hwzS5B zzc^xhMQB#I|0CqLzBp$4R!1SqFNFnZ@(J4qx&}t3U={fE8QYTrblIZaP8JYuKWqDl zCmEQwTR*o23o}WUTDFG-HDrFjK4gp;2YqFOK$IOAkb!b1XExitqUFtIGrBfobP)E0 zM7ebf6ka_bst@0!kg==RoNvQ2?atilg=l z04Rnm5^T#!j*DecdxvWo06n)ah^p5^1FV_2x-n{l9yKi6UcF($ihWkV3P61=QJn&> zP?x(q>bQPv^4_Sqe1pYUfs}40di}NxGyddPQGNN|fVCQ*jLF2FQ&G!wG-HTg3-zm) z^oJ-(7uw*Zm!q!o@Rb0iK9y`ZCcjpihWB5O>JTgeNN+JlN9pl(ghY4f@olk0f2|`J zw+{{++npZ0MHoxxD9O^x>9*sJ=stp|XgkTTo2SI3;aE>}y&!TneMmkDnXXhr`hHBb zL+Al31FYql=yq%~qpfQoT)i(pT8x!Q7c$L?i=qRj88js8;9&?78-zNU3fLJ!78QG@ zM9 z^Gz@77kfC`Ywbs8tc2R%>t_XR&i!q)y+}I?=rnO=!91qZB!0l#4n9f>4z*JGlP!)c z|F0(xFbevUdB{Q1%5d1k9JZU$>?+Wb0_3&5 zGQiI_`HYX`_Xf1<=i=4h4`|mJDm~)*`^5q35f=kce|12iUSMz@)~o}7XWtq#w68$2 z%$f`N;vv_3E;y!dw9v{J%E`_~?GqDIaavMLexa5j+4VZu`4ZlDPs}!x0001I~ z;si@9i%-nla6St5{_|o|@zw<~8DbY%BTg4YA@ZsgyCmjBxE?V0iZ=bUrH6^q`j}3m zzI!~185%%b&2upagY`Y7oiT^vgi4tlSYg<~s`qeASB%gB_>{V0^2g~bo0DS~TlAI5 z&e$(w^_5at?D|3a%I?{*xdVhsnG*SIS>7tmZi;OR>7|3$>!!Iw*P7TJp+X0ce)sDG zGf`3wh~K=;2g}*U*l+sj`rxvyv1MUGCDn;r$*x`89UI+0u!F;!DEE%`0$Xp`63cfoX-=tBfz*UMR8ps`_MCZN}NTMHc$_T9+`M%Ol<%zY*ss<4C|ECW@_q zGcY}5{$57T>i&GFPebw%Oy4EQRG z86}O34#Ht`;?IaQ$y161b@JVc)2B*dcaVEq5FXPIzd6A1^(={RNz~Dcw>%U7rCDFu z))v1wUSFC2PP|LS&iHBRjGryaKqfthUOX80m-x>EXPza&8-TGjIiX%$_dzc4o`l6C z^<=cqOjxWMASDBpSrRhwBa0G3RKTP~rUi2Gkl9AJ+e*#&+^U2O)hRI^lD8%FWNb5Nt$m+$!{>CP_4K`>VNWIPKGfv#QJHBsfu1Ggx%-R|z3%D~lED*Gq8s z=xk8p2{l|`G#u)ixIh&OtAwy+eSjKn3`z8 zH&j*?;BzI3uLKDk0^2($CN_zdOb^GL=&8xDqAi$~n5%jy1`X09kV>yk>@T)Z-zS0Z zldp%(u1_pe9WJ8|j!x_%hip2?cTIGMlx%+VEP!ZtUry3qb$*cXfVOE`Qj?1hVU_V~lD58rv!{yD+THoSM#rGT@;>r_1QE|B8L|eWRdFhrEzq)2o z>QQpHHxsW4Pg$lKCF2XCdap_^mywj^cCh;$+hbGarwJH=c&Q-evO1s0FlNi08*0+= z%;J<`sx6aNnMkK{jSVf?8f(TE%TnB`+faFRIFzi*%*vFHGdXI~L&35cu79k1GUbel zg$b}}ZA!4ZcygdF$Vahc(b;EHPN?3ey)K&Q{LucCooVP{o`NBi%;G5owLK?b8|#PIz!90sfGST($)NFYO2 zzdMImJDGS-RGb=)D^8{UMP-}~tv{Q3s5)?HwlfEul00YcbEKWzrN`*&O3S@hsFYO& zmvXYH>pwqkM6(h+E0V!Y)g!)qLKp=y1OenKrbK(Px$GgPWXeg!v7d|xR^~E?l^d5{ zpQ49#FfVVr-WNHC^{a*V=iaVn%@?3?h znr-oL9kIc_OVOt?4!1ShZz$87R#IO^E@mYij)q&-FWJv4zDyZ~I+xcJ;*8hq>l9z6 zwBW9{?43#!#4C??*k%S3-+M7VW0}4M)6ndaJA+%10tvwtw@mzZPsTzeYT%l0 zzAYn4MNAByxXrSR9m<-nz`#p?lHm=&*|{d;suH8no{Tl)Ll8llp3nG5iR)>rYzdI> zNTOcI^-{*tfGGlefJoi@v?67M#lMmfYvzWzJA@PA%+F*yh&z%mG#*UIy!rwsg7g59bsWi*PV-7e zZuo|*OQO#rbFD3_M72%U6B0UKEAczkjVwpFGt?h$MDP1eRGD; zQ!i$1P?m1mhk8+$vXeGl&N`{8is6Mzdq!153fUo2um}psmikM^fXcE+sYw*0Og7w! z8x0u<*jFZ~Q;7lhB}qqAb+AgwBWYYEt85-E#Vb2%g=nkbffe=k^QQ(JW}O)a&(5J3Cq-`z`pAQ&7{^DOCz>N^;1bky0| zy^Nww$#Z*Yq5$VUbW?!)AMRxo1!(+HFHO{?lszhGTneKQnjSFX)}_6S0)Wuev%GgQ zqyQbouawdP6bP#m^hdOJV^ zJv*d8N`a{Rjrhe~z4QmBq3L>?bTj}I9W}1~rlZ#F>t$5OLE;8Kz|ye*fY2038&&>- zUungVe0T^Ald@eB1VJqWqEhkWZ%A`r=AMcQ3PJKV6Vfn_Jxb)RaeY#ji-oB;dzm9I zO*a-d|J+fdq^lf|x@9OGS#H=?%9}mctB#Jz`eBw(XOrp(n8MlyJAFfhp0XFqk?6T| z8ZIevb}L6n6dC9;cY*WQMjSNLnV_Tzv`t+iak7Vk7ZdpdVP#(BbgK@UkWQT@Iarjh z?p%7-X;l3(=>X`AzjWSEPCF-$p8ZTn1b%Uz>+NBBLYvpSj;revqrTy1E=hIetn$z{*TEG1@Rr}Wwq)rl$tAV| zyym*=ry}_v%j8fuyjXkTTbIVl33ypc4*8UA{{iQd zZp{inn-FBIGI4Q~yGXPFAgjIGJB$VyXMuZfUo^V^qDCDIj&Ys4RkdAKdFTaqw<-+|2cAN~6D#~l zyZe204zM9q#zjZm8W{^s8;;$y>Em~9+T=cU)25YYdTDCtPgMQ>S*;=%8MJA{`CghV zzt<|7^{@Y+mrBr?#w1uz<0ZFd_o_vQ=6&q$i{HKM);Mg|-u9WhQw?iKCCyw*PV}HD zX9Pa}7q_H3O482EwX=#m>HN+eB5E28YPKmyQfC#zV~Lr1uMw?{HU;6Nh@1~ZQ6<2ac^9JYAlT@+2{~6)A3-XquXKQ~ly7hD$jvEK!$wY~2X)S{ro&T^oRi6XqB5A& zRGwU#b2C%<-SV3@jabo3Q~1i9OhdOC6zjL=s$UCEiM`awodPp~IgoB}MWW%rQq zxIvz6>Re-^j1G^+4{*j|XI={De=A&`U8*nBv?i~FoZpo{_haW5YjQo&Vn5KMY^i8j ziKicW?1Fnfez3zg)`%{R_XNy3OR*==@}P17Eb0?Hf%5H`=+T%jOD3$_4pJq+307Yu(y0>ylS#{v%1@7&5(6~ zi{^gs-vXu(4dyP*^lE}Rrtr>LUX8*DB$i+GD2}>fj`vr&oHJ#ZoDo>R)2rD`F!9i! zxO?|ao9r+5(q!4|%~jVD0!p66Zu;~C@>uhfOArp_@(tv0+f*SCJ+OR)1D#6C9)V*& z_1edC!Wnh-(kP9suu9nK1Xdb7qcoc$+VhE$(W7w5=+R|rkfMN?F*;uLGo(`1e>Mrf z9vqpzw#8yQ8VFFD~3nY>J{+ctWl-eM6vbjrjdPmPXKV}C|Q{RgAZ zs!fB|xnum;@&jCcTeCe4n>xTR9z=yQLrMnytX*}R)J zt#9b1DgRFuWMlM5?tAKj$pH2Q)socFqFha^$C@bXkN;TDx)RaB>nPb&H!jT$k@UiZ z!2oyI%efl2P2r;C(RFbDa&PX(>QccldSA_TsY?^7lx5{b-9LpW;lQcfGwS?fLwc^~ zLWmUkRqo+H)~@Gj_Izr8*!u3g5hx`DFIeH-$alFJYKXuF858pEQRgtLY|6;fI1g6Y zDdk;K{kKx-&Rd|GD66a=*URws@p&Z$f+(3aK_ZwW_VKv?msccO6IeS{RQPjw0XB-^ zD*O>Oh*IczA+JZzBZ9X+nZ_X0{pdN^8&%G^Jjr{nzS~kR7S*Uwk1{`db-WIH82YC;N)2STTOuu$pLX{qH%N@60 zR;9{^xw6P3MLF$w#DDvaBl=;~HC#=~4{!}E9h{$%ugTpgB9qs>mf`sUBBq(*?P>X% zOfeZm6-RD=UwbMHp0a1< zLU;#B*DuK5U#4dlfCO4;)6sm*;?H10<-sOPfDhLNTETRWa1IMm(a3R& z5!}^)#c=)Dlj^RWV3ft`MDjEKaht}@S51TggD0t9s+wSx-3Q0sbGr@$uK#ANMogrq z3|vC>W8l>F;*GHrRS(ACl=Uenn<&7Mhd>^jywkrprQliRf)0c;^w4X|!v($tdF4&OAdk{==4@j`Hx8FE6b=(fsK`94e@*S(AOtxJ@}6BCG6v zc-(ANIh+uO!=v14Ue`D-(yt%Zac*3bUdZ&Eea*+?_&Ga#i~`P*DcuseZz*fL;?Lv0 zd0r2YE=gzB6>63w!n8c2Bw{JDEBs_b;Zp(fZ+W(Gi%JaPf!TxnR&LSm!p*8LVk)yA zEUZyoBp)KlSF!PXzbgDxH89@FzG7o~t8kbaijr2Chb8Y6cJwj?j()%G2e;l%70y!4 zj|`Fdf;3YS|dvKCSC zL!~{qh#RO6N$+~#&S`y- z{SKx=1t9kAF6vSi5Lzi8FlD>x0n;K}6s^dBkJ)*==#n@_7L1eJTa*=k?!BT6CGh2= zk}nn+mH3NS=3XsYs<=~H$!4K^#un6f{2XN#(pGu@;Fhw{q}NJE;DbZQ_b6#r+D>mn zIZ(pk=yY^wy-R*j*%yc8jlU=gSO(;RTO0CqTTj9Gh05NB0+KoM@Q(w0?H}JRQX+S7 z=fLYc@>K>Dd|PD%4tjKahLSv`U_g&$>&Ek|W4y9!*Z4w}Aa?AK`_lMUWozJ+uK_^p z3JVAv&mJB>M_ENU3`o7h5lhtX$MZ!{8H8_K7{6d9S2Y9QoL{^{u}t2xY)bLhstA?y zkNb;rRYKTNBwbpPn~M3uN`Wv>3*X5}M{CzanNijScxPSwlj1o644!zRxI{Gph73O5 zU{MlMoU9sDoTe&-CD2>jiu))l4)59VhvF_}LOJC#OGxD0Zt%RT~MzFK@XMJEcf zAt=NN){>L}YABaS;!AW~f+pZOH0(zbOMa#JAWlR3&=RBKTzDnC(&`o^AWO;(t4Th* z`g4?&D=``$LXn>+3q+3FCzbFOj!X`5>Fq>|1p<#xF#voumvr3})E zT4q_&(aRHS%xK1Gcz3X0Qcdqp=~$OKjj_e$=hLaf0_1qmxX9zt&ASb@Nqi2~=DGzfx zvXr>Y)Hq@A(!d_%A`naLKl1kpAFKN3s3m6>gopArf5()vSZ6OVviS9W(-UQ*Ch;CD z=T!54*$&Jr8Kdz}Og4A1et}Mb60g=G08|VR|{Zpr!Fac**!ln^m995KH$?@~O7NNTfTBJ_{%D_>0m6 z^6vT3q@CVCGT`YoIb*xnJ}E)9eTCt7C*4qI3Fi%BKv*o~U~1+UlRmni17*YDlOkQJ zXHkbah*sobt7c6etLlyPkVOKi-?8ur&vs~XoH$--CH@A|mv4)$z+BC-$t~*Y&H=&$ zF!D6l^ZUuqDv2Uh9-mK+QvDXo9wnQ6?dhB!0tbL!b^3Z#|3`YtOJ>|2f!QoX*3 zst(zxmT5koS%!;P%BXBlR<`_(D7MnKUnQBeQ^S$GkdN!w1h3L!=lXVJ=!ik&doAeN zG?N)Eeye|w8E+epX7trU*BcHBZ^zf?^1RZDjNB#o7*DFHMG)^3LBBV zGsjz{afP8HA@(&lnsJEUqkSG&5Bc#%jc=VB^%nFUT#;CZwj*ro;gBfG@(3N z<(TY(WuRVib5hRgt@f99sP2crVa;0@*XsIH$6hjVLq ze1Z>bDKA&mMX)pA@++l^pO-(XP9U~Jzx-->ySfsQO6vFB7iLHoS`J@Z9ZF7O1m| z;eyZcN@69Q+VE7@gIac&Q}N=qDLYlqN+pAH&rUfTAQXGolvYtOVCwSv@cK*P@R7wo zP2t;nDlHIXci#$)eR5Xd8avzX%?zn{R@v|IQStpN7O1f@qp59hMVm?!tAtes5}+TY zS7@dZX_8F_?&y+-ZP)D;KNYP5=!R5fCOYPbre84nB)4LlDkcp8`E5;1>Nxn0>8U|| z@uy=ermNvT%RJRoR9s%jm8_(r-l=F%H(>&`m6!C?f}kKtt?|*cKZ4KJWn%c8>*wlh zWZ*lmSIkvyh!ZT4$3P?T>hCJ{tFD+Khr?so+H~}t+O6b@xx5dVrgn=4M=1i)4vU_8 zI-oy*DiM_?8>ow0@b-aIzg4{=qxq0y>hXX|IKCUIpP0CN%G7RklC$Am_fBnAS1D2{ zE7^nO4~p%3bZV*U%}6WrS;{Bmihnlsb9J&Zm|(qKYBe%d`j!wm1)b={VBuS5Ok+kc_l+x zkewZQ{V8wfzZiDsN!6egVsE>1wUU~qgMh83pWWH1S`$kP&HeeEowGT;oGpigd|RXE z)$&xl+A_Um8t=grRG;aGTXI`xPv;lzz~AvCp(|SnzxUlgeVV#a<2{_&F6beL-&0?l z-m{W}XY>Pj%~p;NlUyYE-nuFw6?Z%QKkGLjqIB?#<&L{%1ofOVeD~G2-xUuwBnS1Z zK|4nI)9~q0{y`?=1XTaAX&^Qg_^$^UCnICAKhroFOU3@*M8w7z42FK{O9 z_dxv`w3z(tM#td?jT}7Agpy|Yi{Suc_AIDRK?ljtI23#@{LDmt^0NZ%BtP5H*W~9g zD!C7SE}~83$A&JGpE1Zg8-8Y@)#PUhI!}I{L1}Z~XCGQjeh#DKFPo7{TU~-|_p!o^+js+&@e0AO5TVn^JCn1Qwf;H%4B89fo+`pBng+zsq`v)NnY8yrSjl-hJjYf7-&)eZ@*NzS6xOJFYp~d z{Ch6vV%d7UN z%OqoZ=@V7_HkO8IcxFj%#9e>7>IG2=EMm%5F13ErR`okk*B}9!W-2^arO9z=sA)ND zf=?L!uBu#JmYG1{+l!gRAfI+%PWpt==+DuQK>-ZInU`@7X!I`k=bFaYSARJam^otaEmLb+fwiQx=qmBtNR= zNmCB+#Nz5N6?S-K*W=X|Md`FsW(QIw?3~y0RCQlvFR1ANCu!{TW7XzrzOAAiWF^68 zkm2KI(0vyJFiC*dQz4ewNQ?Q^I!2YBdYHO~R^CUq!U`rrNf;gM&m-&A6)UOM5Xv%SEF zr(_V;oj6zB6)=>dwqN)@)ctVtAF6qZhGSjaU0tY5D_SXwPogJz@P(uzWoFY>I!EAn zD%@Bh34=}7s&kb?I}Wrbqvjq_z##PoPYu7c%6oPnuZ3lQD9gT&#$fN4p3U|%o?xA003#ZuZBM=;gmq-qmX=fuU{Yhz}%Vu^`P(&32rJsSaVb~ zHUKyG;hGzwm6OcCi&F~m+e>P$1ayaMZs*1BbW)I4u<|#mzg%5&D1h-38)}9su9DLn zzP;wSlH}x-aIVNh9bTDl>ZP(Jw3o{6{APS)J_%A5rDt$g|Pg$dZ}zV z+Dj!&0>0Pgh*~e#!ZnKLPuB8l6mSv?Pu^tiAiKBC1*_!g+A~UMuN|nd7nbtxxl(&b zNySq*svJV=G*&?RD{{z&1Bpav%qnqk{`n zQK~LjPhUY@M?fWAlh>EkX}mJ)59SFD=Hlc!zOUf$X;XH^O`BHSsc&MY($N8>AaC-H`fg#Xv2;XkeL%bBVP zze8#GJ&61lG@$>nR{Q{cCzM;Iywv){s?ZX0LsctPqDob@tRxhuYX7A){N~FZ%T%@Z zQu5}jYJZQ?fDw84rm9vbGnW2qnKwdJ`|p;QKtim%vQ<@kS82HWFaIllzVM)`Rw$QN zVWk24@}9qQcbcMdhc8zyag8eXZ%fx^mD}2o0{^>*l5tGs&R+Zbm9p(Bw@@0`AAb8; zzEtIAWmc}rEmh{NSGk4qjQu|<4U#|naF@z0SB~{lx&Phrb&<*~l%In=n(RL%K(^L%2LF>OvWTW({ue^z5jFk` zJ1FpFcUeWg==ys9uxJIa(`hFOCnD2myFd9aOq8vAW265WtsH^?VmSThZvQ9cVIf_H z=Frbi_}}L*M~%jv_5UVU4nYjG%s?t;7ij3{3}abfheehW7(5gvukD z1Af&gG|OT(ku@j$Q|W=P0_Jv-BS(rK3N(=Ub7D1g?GFKofpS=St~FqWpHkHpqepYr z`UN(3ikC4@V9+dP@_4X+8tM0PpoZwv1GV&`F0e+P;X?;YvT0*tV3;B&Cg@v12)^lo z=1xj%n`|ENTt{H8BG}=v!!&F_;G$qzk?klAj0}=RT&oPs(a0j8i>l>2=FqIb)OcAM zAuk8M6s#lzyMvtnI?F|UHU{eLx-od%{SYQz|3AVduMLswKTLRZ4D>Tn)^^&{Uu~Sy47mShv&2(9uWbz4J z8hs+N)5`n2qD8^9cfU@Xl_X#>d*{F4;yew_E$mdobPS~l4A^a+U(lPwJB?sA0|nE% zhdZqclVve|ey4YtWx{FPUfyY2hAfSy&pIXe$|3^KcUlvuAXkgaJI-!i=~Tn~9h4=I zflUAl)_MIuJDDRCD4QHk&s3hM4Z7s30Ja(}WXZ1ZGLCgCn zG~NQ>HO>m)ZgtSfAn!Prq6}lOe~UJq=DiU#Lw+2bJ{mMnC#xW{z6v_SJVmMc%r3j9 z8`s_mny;iyP8g*^&(J9W!EZ7Hh*GA#(}S-j$#F+on`;boN^$Tpc~eta8T_gNHNs0jIWNcW~c01@=ua zzs<=^N~MYCg8L1SWq(#u$kWU#!u_T=N60rrlqxja$dIF+XS9CD;Ds~ZE;5WD8FR7MV)hk%^b;qut5 z=1NT?x5_BF6;m`XWwHt}azyv|l#%5Q4dBKBt^3d?p_OV9J0L#x52FFHv%9=L!hv@~FGb0+1pH5IuOK_K#YL_s4NfDA8^c4$oq2j+ z`r^q@C$~-*7xePk&=@{DVF-awhu5Z;UJb2K;Im`cR2FW)1v4@vY##TAunI}Tg<1nm zOAWi&UREUOJ;Q$Os2~y(%tpdQPQDr(7D1n}hs~E~F1=sadWRH3?VW={#F{8 zMsNNxY>HCV7LO@Pqi;VMmdagVDZ);#!=ADvEJ|KbBVP==%6&cwa%Sc%EL|PePeG|S zgsow#6I2VK*=8^v>NBo1`stRimGYx~@vgARF|xWC{g1F@Zf!CC>B#THR56G&8z}M=BXqtJ6%bpAAi;ul5h$ucX=*r;(U;=DFzJvheL}1u4a? z!%RMD^-H4%Mu!jUqM&0|n3YcWr_q{*@GKVmkfLicdzKi){z$Ec?7A54OZ}b;e_z%Z zkj4AU4OIU^xSqTAn8XBaw|nP|X)D9$E2*5xW)){%GW#8khOBA~??gxcCA_7BtS(eG zhM!U7!t8Z?=f53(L%wBkPmVH>MG1u(dhEUMRq|CY*cF~CKQfv=2v3%$5pp<<*_{@L$Dz`n4=<9hy5VB@IC(_thwGL4)?)XB zmk6w6HRR1PRUPS!pTa|w=0ahmCah`6s(o1++R{OLL!RSnf!c{mR@G#45cPZZG&1Sc z_z;hp?G4x7ktIwF-)ggIY?OAHtUPE_to98hKg47)kvWgYyGZbd;lAWKo3=guJWczv zEMZc-aDsspJvmAo7rxYKRQf^4S{?jgPl-mXhC($TDtR;}h-hWDXkDJ}+15)tMyXfL zMz612lc_x`Kj&2DYqxO*%t**suofooYG8DccDW+h=`mb1w@hp9$Sk51Ww4$$OFG>* zLc5s@8pG1XmD(R!2;YVxR=c%rp&b-)`XTK?SsG+PMMO3|FiYE0o|%xxwO9Fw$Ep%d zthWzx=WC0&e}aMOrf0P?xSC@K5>52kbpBH9Orzt@hCB}bw) zx;z^Evv!&+jIREt_NXj^fLQbBF|}@{JWQfJ9&)al&v zLmAevdGy;TU5b3IhB)0DN{VX|_5y^xp_F9ZBH3DLQ<_3EJz~9KP!g-C)Ca9PMWr?i z8&^Wud#Ov8%Ofn1t#}B4|)H{Uuj{LkiShSL`oltDYFFQ?yl92qcPu zxU8YN**qAAwS=A?uiLCtx0S^^n(K8@JnD#&3w&IcsYK2MQBxr)fi8Pew@h9M0{^Uo z@XzcYy2O)R)5A2hd4cXt9s@!dSiMMBqDZr^Y`0PHcslveNy~L=mgj-b-wRgiY85F3 zDUJ!)6S;oTm_}9{?Gr+O*`?E}Nd*OWtKW|Bc+#&>=STN$(5;eh_N#LwN za_zZ-5Yo?`=|^MV(ruNO*0pzag^C?&v=h_bJ`nudu8Wix$c|mQ(Dq6$meCW~(C^cI zE8hWeALyoz`MO5dcTMp~y`zTDsE+?!q?@vvob3f4?k*^yBBSa=O)v;u7dRQ2_ z6H(_!eVTP!Wjl&2?v)AaoKw0xveZfO2yp8v&gjm{!YGInn%6cyK5Nk}Qfi|e;xS7q zA|MuYL3f^SlAwcW(;c0^l6zqV?|Dz?Kof>7(%QN zT*9G4)96nR=r^}d@;2Qfu_Q5?AROCJ@86Z)DA#Z4%3={1ZMu7&zM2OFFa&`X7^r)( zewlnTzzuiF4{-3nPjX>lywl1x`lCF0j5AXUNpjrbp%FUHG)9g#MMdo4Orwa62@$urd{D%0^If%I-A1qVj#$YT<`@k@$Gv$) zWYw4|4ZWBZag&>Gsb4_MaOhCj6CD^)&1VittY^oNT%6~IB&0t?m}OOwz#0Hz5g+I@ zbV^CYdiU_>Yc{4W<7{Zfj8TDgl zo@t5qX~VCbbL9IJQZ^Uz2^_0R7~v2s7gcv_c;rp)tV)1wb{jc=D;lP}$jA$WK_xE#7~eT_=aZ_FvM>s35*|hk@y!B~hDs8U%(AY^=*g&L0g* zqj@h!tqW9W6xeuSH;nYm(?c@hhNwI8s!~yO5Y1Asd`p3X@_cu{NEGOM2*aGDAgUjd%e3EY)hiPa^YgAMc zQxEJHbYx=mRGtfkA}(8^*YH#>j4$|=#p+GvY91IpO?E(%hF<*)blI@zH)ZEtS~(^< zl)HHtUj$Oj40QX%=n*`15Q9;}+~_%cmOv4Q_DAP%-9!=TXQE%|A}hwzx1tOAV8Cd= zcXklc^{Z7bI#=H%ktb(hV7lATGJ=+GVz^sOXAOT~fLBqZOVT)8$kK zs}MuLcMhkh{cy75FI`^X=~NP6GYl2c_h{MMrGSrXDX=2t$?q2!uo$CM{3$O{gY2=XHRZWuLm{+gIed~!ueE@+JDz?V=cV&nFhqkP?m zA>cck%}g>AbJFMsAH~d5vZYob1*j3SI>@=05}wr|LD}R0>3ljqjaqKRoZ%i12Bzt^ zVqTI*oNJA_&NFpU8kgf^`}#2nOZngq(!U}ljZR68O_Vo*o9biBd2|P>PxuZds_GZR zT(o9pY%}-JB)}G<*EqqUnMS@E!oYOU!q_D|*A_#-cUD+>h@&Cpjo1S`wM7E#uz9yF z?7Lz|$0#VZm}vle90c|_H1x*l*fytHg1i&baFxx$(4^bx17RpwixU;dc zQ^=--IG0k>Y<5^=3Oh1pbDWtkAu&d2!@#&1-4(dAvZDi8Q{xI`4Fm!147B-AaRKsU z@b-&w6S)V8@g;l*+x=qV^p-7gdwa^tWbyg9m$>gCL5@d(r`(KdivnX{I`Wse4%|CI z5wkkRySQV5BAUYEZS7>4j*Ez&D&IG-L_EN6(CJ%jChpbk^hX+vHg)o*&N-@!BwxN>4A0&*z6XP(;S7@ok|%6cODR zzn`0SJ2c_9PCUJRFn)3=8@U)lY#(?`PxectTVoRRX$*{22w;bkC5H`6*b>VYmr|51 zc5vOUrFZW}!^bC-*qEwgaN6*4!i9(A5kZNOF2)~51Nbw8`xknpvy0xyP5g!Hm;~7A zfE^4WwZu`Jn81Au2{6nAkAGO0PG6mzxU)%?&smvCL8}$`w3tku^FzlzPkLsC0@x*Z z%dj~`W{-%_(5)lx+s>^9#w^4w?=x*splOB-PcZ*3s_&Rw>aWz1W}D5sg|S7Ge8iPte$pR;i|5jYw^{LlhPob~9-u2`b=4d(*-2oQBV7%2*07=TDx-I`j zwzope1K=F|7Z0SKR4YkI$U6|C%|0Vjvz&}5#sIB+J~d|wL!b@c-63sqK0{y)e`-*1 z8XZ)e{(1vLp>#r;(szzxjAOijFszXBYMMSYmFl~9_jy+VYzAwlJ`@i}>(6&zU#9@J z!_5|A=&iJ{$08oFz?wsEkL~fopX8e&_C)x#9w*gIy)jCHdRuKwz0KEqwD7*b;M9=T zv-&>SiZ>SZoXFQ2n3SPPv(cl|Wc@(c$C@&#=S4m(Nc_SENi@PyWO8kDP6#<`it?rJ zjqN#@9fGrCC&z@&GFd&F38k}o9$CZqMqAc9#t>N|i1~0p+(495Kax= zJYZ-hj2zY|+VEXDjFsXl;~5^9##D|rJ!G7wCX-J1`Otzf~FJCnJ^93@B2)SWA#h3aLErg98@#u&7ws9>FEuz$}X-zh^WI#s+&4@J(WkSLc zoBEkPV#fwi1c<2RC)1@6df~czP|$445?{rrfA?u@>iDigB8FQ=twaZlIyfS!}eiN zHt6MC>(jgw(Bz86qpd%(g^V3VtUhjC$YOvf0vhXp{VCBEn|9Hf7RTg|lH1Y2=Fh^q zC^>pA!S+&$*YQFTP@%;tCf^a*Pk{`?m(70kvw=1{?^m?u^kKGz6->4m0_fV{h?*F0 z^Lf{{mJbpPOm`o$T}YB`>h5bcwR}@g2ijj?PJ5U*VVYlbuFq9@!u+BuW?Styv+z2n^MU>Ynz&IJc2LtEg$?f5Is zZ<1wOQWxg>m2JwSa`t*+mwUR-Fz3oH5o$4k1r{w>n923b0LG&P*v58EFHUvkvdsvT z1EG-s=J~*M{sI?I#zucZTZ8&STEi<#T_19uF|`mV3z+3V~8^UuV7MI?Nf6=qvH66(Op<^mSJ=pTDKR4imY)Aq)~?scSMf z`xuyJ9B@6&dBhMz%t{RV#Kp4`afS0VCHyorMNX3l+(ZFq>d&~QvEVMMCUnOaE*<9_ z(+zt0x@#TxcQDTB#;(0wvTdWS#$H#sQeiaUJBzT+5+rZW>(#HH0BdjJLcz$<%5K69ly8Ui-Op_piu2gI z+q%AOwoV2&C{hUroI$-Sy7c`>zTSq|duxFuNvQ>%8fT>_)d&*lAulrzrH~#0W>=!*sj+u2C0tyezC3P&4h6wfD>eckoJm?t(Lt}wmkv+TM z#=xiY``(gQXbmfZN#BSZYf=XPlAe9}v6MbZKTrEK3hS8KZ|vGsf`<0NPoDYBNk)<|bhXXdK)J zBgQ8WJeF~UueC5N-SlFHe+qM?um~nlGeIJ**OBtsosq>oWh^-QROJsDwDO1k`CS!Q zg!Crinq7J$I&&_|)WJmprviI${{j=g(3`>yIKuYtrCpF$q|eA~L5?UBPqX? zAStF`Xk8xM1Fzg0Zo{khhWmN_z2OEnD&ZP7WldJom*2PtoPsKPTH5~|B}#yMP)(Q6 ztPk!*a-VNkq6dx*3<2Y=EPfOQ*9#a-6V(K8zI4%^tTyikGuL#|zO18sg^D6Z9?Ys{ zM=$IcLNEr9lOWEHzMp0V@W2NKrsD6n9uKEZyNV;3&6|C_+?Us*M`ZX6aGf?dSog_#}!Vt|bi^E|2ik z^+|W7x?t!{RnzXq0Ses)xW3$zKzZ_X>D!Z8(H8kEWfh$XM6m+cV&pB$0jP?-J5e(@@xUDZcm!w`hz(<%@D1cW*pBc&y&|! zaf2eROKw}F3uVa@5t|gJg!3$JcPHkyMc6QUPp!T$m#)4qFPZNnVko%MA}@x|Js5(( zTmV-pjLJ*n69NXK3+nT(CNW1JLkK1wGPmudwS8qby6?HXLfMf{;J#f0Ihzotq3)e| z0emwNBTW~7oOhD%hN6gu^LZ}b;V8l**WS1D*dHUqRZt z&kqdZlL>~UJ3-6C(k?)t6Yi6i%j#PP^KxNpOANKE#|*D6cn_ z35EPg51fm*ZiOZ`G2_Cm>s@$;ITkn#(Xk_|{|YYx935K7V<;#&VmMr8pe^?oy1DJb zBrNDN1pUPnpk)&a=NHNf+v8aR0}7(_W<>8U@RGa zCD7EqSsxaTW6xbVP{i$yMNe}TM-i*Ti{9lk4T_kQTa=&2R;m~RWXjKY`YbBqXFPG1 zE-xuMtnmgDPy~l=`{SI!7i4efIO)8JoTl@%a(aNt|L|8hy&ypLA9aaGAqcJ2k$4rsCk0%MbRB&U&(AId}M-t{FF z@=fXePRU2?fHO*y#_cI7=hHC8mneJ_QO}0Vln)M+e8a*~I5~KUawvM`Ltx5(vWq*#U5g!+RblDwzN~wFYrD**LGYj>B-iDD4%4Kx&kh7 zY%OuiOZZx+QXSg@LzRWbg_gFBX$kE#3m2GQEO*gMU3)#Crm@wfOSz%Iw4WZDP+C5S zsXT^&@66tthRK76qBP{eGxfgoPw$kz$To0rlhJ#3X%3&QF~W4k(b5Z?29EegX*qkM z2dzb54&r#i8cw_rg!FTz_|XwpO1E>}K?xgvEPagK%!djae&uBAy_-R0Zf+h?aL( zUG(OhvYu=k9R<^jm&^Di1URB;OIZ$Q8cp$n*N`u;Xq^K`94>o_BT$KYT%18)mL2AE zBDT8?zlB}U$1{`C=;(`OxnmU+*$OkbcoOnP!H{X8-nwsgQW>bRcMA29AZPvONK})l4G+q`$79NvHnh!SLMf$BA9}tI zb1qOyo&mRb>rkF{kMbmlgWbcj{=K2chRPE4#HMbC3~P%`q3m4_9cE%NN~vn?@b)9T z>VYk3gPwo@2*zCBh1r>?YU1$yDe}6Z5qS^ zo?khPpN~Tc)7_23P9-am6H>`rOWuRc)n zm@J|$VYu#ohQKzO=!)sX^I6IhDiGSbad>SpQvr+yux*7m3wiCqUEZ@&Y+~I3B3{K-BNB(G)ZLOhbq>cyFF!pF= z{m3)iL&0hhItkt(yPj)>{N86rCh*w-CFe1D=_^LIt(GN-!lc|k#*jvHSB{+Nl5NE4 z=8@ZY%m=M?)3uSQ-4wb^xXokER}pagNas;4b*w^^9K0KMhR?+k>@E#Vr^h}Y6{SSiWc6MKX1_S1 zgHbDaXbl5XxD;E*XFPP{|Zb7;Y(pEzxsx2Xv#KK3Bf3r(9!*_=9#PEUiyBlk*AAC=;GQ{(2su{%E1xGY1OXb^^bX{ns>y>Lsywe=(8kZp=duSc zaON@wSHWJ%J71Q!g(fiabj8K;kGSK8BH;Fl93B}!5wKq|m755x7bvW_Ut;G09T)<1 z#0I${o4fW(qh%o#AF=B`q`+qI1>o%y@I6v0M)SZWMwx;nAe(QjrJ`*EOa}L!T?x0s zS@9T`m=q~4aDa?dogoIuZo{kcZSJ~H9r12FZ2Bx#NSG>SN8+e83 zdn@L!9bgn8RLG8p-8@t=lUXkmOc$K1*vx_vC<4ftVb)&qh44tuwTh`Mwt<2PygdnN z7{65XV~s$SkFHi%_GPgsln~Sk*9QnG=;Xmz6NG14$H0r3&!=`Fccu>?K-YJuv@@wo z{a$eVHg`0`gI(P#&(2^L3zd4@`pQg}m5DPv>whYzvLS+2NCV%ie2mX3SS`>bllPT* z&pQw;2P^GLM&AVcXTrV41P=Pa-9Js0H@F$W>YxqBD^IaC2g;|wh0E*YzIwZI9e1BG zazfuT-Cf$QY6=^&C}j$VG$*q$g(Ex$wR6uZ`9V!v4ONF(5EP{ZjM)T7LU@WxZ>`E@ z*J4V6O)l>Uge#P0Gu1@Ff~j-yx+QkCtZaPkEvs6}7BNl?OkunF0-L_@3MWmddYajF zr$ofp0(XIkS@BuZsun%!)n&ZG%U7!=Gp`S?(9;WFcC1$D1#z8A&ULKzrLMs0CYCRN z5+!iEyMcTb?$*%JLDl@p51hpvovSDMdR;%1nxLfQ+|i)!^x?SbcbPYbLMfy#Pf(MF zf`AV6t(5A2u+$wC40MINc*R9qbGPa(@*~>Qevz`qUd02@GGIKV7KEnx^!yUQGGRqsVasgu!e#?gqG?z*+NQ+qy^R> z;xpV7Y0dwo?Yu*oi5w=OOPx4bZVW`+VBw#nGaaoWkzEn~fNxfFF5m~gR&*7h1R zJBc+96D(XXI7XeIK+X<6*!ji)7hTpc#)kzQr0RCSj3(-C%knV?mB3C2Xo=55{Iqq< zk4geI!K1IDeX)N!=4@BiDr`4~8d}F}OJ%LX+6`*#0CP3@VYoEFk~(&t5~FtZ;H*#1 z*xBr~xD%~=#i+41wttQaiC$hb_E)xNfzkl(gfO$1BW>O=cEm{56ih<}FuTR5x!t(6 zflQY$?gX&I2+O35D^AE94H>tlR#uP=Gsf*1#t>NT!s#$!YxL;2Hbae7OgA1MH;=_Z z(MHojnwo^C?xC*lUaa|;TTrYnXru}5krg6Y>aS_X6*Vh5rfLfks~$Ixu2LmTPi%i( zt7`q}PV2x#RYLpg&x(ImCB6Ui31j=~e<$14)})e;Pmc?rm)6#3{nS;owXr6=gL*6p zf2+oz9!s;|s`(%!p^HkT3Yex+b@P7Oh0jKnYMAgjUZtv{Nq?(p2vomCUOiM(?4wE~ zKOCwlQpc0*k86t6{mJw2;a`=gQpLj$O30?|8F3`wa7{P$|<7bj|TwpwzJaW9I$VZb*-iJ?M zA^ZgVYd13HL`^!Gs}IoXw)m=4{?Lm4P=x=C$xsMAQIq7O^&_8O)96V}Qh+9?3cl|T z|6T$mk2IX>6zy}ukGv8wTp#M}_FU$ppFB4`P*2VV*JwZ#uL|G&(VtY^ z4$_mJA@JSL0BihvYw!p@>IEAgBJz)_$0fGvU7B8I8mqp%C z1aNGFmoUUA=ch|2Y-6iiC%Qqgal?fDy_xJ##DXs;yv`kJ6ahE1-(ssKv=(4V*vt|0 z1=il0FolJeP%t(4)NbS6H&&rQ4sLL{o-`Oj2aVzI_@}1UmjxS8nnEu^hQ{?pV`1kc zs+Pa_g@WnGgjy5ZmOv3e&JL+ObN;6?jegprb{%_BKng4@8O06E19`Qdb(590XFoA% zO6^B#=8j8852y?StIG#;~+*UhQLi<%S^y zNqUpn$*O%>8k)7d*3IsxabjCSqU>#+fc4E+Y9AaR+x~_NwL016&`px1O6isp000X;F9wHJ804EJfL5bHS#mxR3DYGw!}@n+}E3rVriY_~I6; zofaQ+ui*<;6tR0uJ=`WU?V|e#R{<1P`L(-*?IGaYcqrL#Dp892*?pd?C0bYX9k+{z zgiypJpE`bhG|mkmW~xc?mwp{+LC3ni+-Jwg2{w@htcLm5@%zGX%7cRHe&vQmlHA=< z$+h}A9+kvtZi=eomo}pa!C0Be=SPFm3A|<)LR*sR_>*|(59mf?T{4f%V{FpPed|7| zV&)%3G_9)RhllW5;?^o5CaqIK?A}lp!~+FVe867Eki&I+cLnDL_yycwKDjsC561z= zTtTc}5V{SXZxVy3zRh)WS&A24xyRsKJ6`8YL$B1eMFTO)^!C-db+QAKz_V|LcQ4h? zWLc(or43>A3O&@Mt9P*%Jy9CaO0$W?Um2B7%evOPxHpLM?UAt7RR1AM(37GGZ|#U# z^C_14Snl+qG%E+z50!6a({QC$#+54}CRHgRz<}|?ENH7}!xQyzgT|Z*_52{S6Wiwp ziP|AENOTsSch?`~(Pp&yK(wt3F>J>q3k&o%BIH-=0NtNOk2Qx*sXrnbG8>iI=!XgjF~7xwMF;YMEvoPvc%KvQ!& zCC{a)`7MeYBXZv-ni`?ZpZBk2QM#t)-!0FAgjjigwWj8l;=c8N{!jisSE{KI$~OzK z;>Nzb?eAPY$~3Of2K5rNOyl}>>G!tAWpn$%e{Q2>Y}dH57you;^m7`QP~7Z~Uw@X* z)3{ivPu95P%A&_LE}=Xg`5zUx><{1Hpm8acWAPf-zgxbtXk0@1@v2mQx#ZT=`uwb^ z4T#1|m_t(=xlq3JnWw2$Dy9ZaEmnr@*3^o{&HniR^y%iD+$IB?R%&X0!{YuIVkeq3 zwZBEVcvw@bUZDSP0o7@iX>O|+HfZW@rzBp})cv|x4ruClao_qs3V)BVXzJvO%b}_J zcgkX5o)tIy<90qb0)w|({t8TC<-IIT-7Up^>;KdpKc?a3w3nvt*X8?2O`THt<*KF* z%FHgS@DgxMGxMKI|6hM0_y11~ZjXET=@XAWeL@Sx3rZI#U7>V?;ti!cefoq?pP(pV zd1rT~rpCsaO(xSV|8+QsJFGUFhMn`d)I|wKW4`uT5vGVZ*x}>bT@i8F+jq7yqCU{~ z!LT?5c5Sh-mQ)j25a^pk25m~v(b5FpIev<@wi$g-Bq}0W%6!i$3W>H<`!4OK!k5Eo z6ZxVW>wH6^RKRIz4ia}fBAIsiqwmsqMea5?`JUD*AqXJG(SJ1iKB5c@>NPfpess%!SG1AdSQqfSLqmvW-HX2l#Y5^tNQ|g~YONaQCDR-57@~|0Nnv&;t zRI9`Q%@{Rlrj|ZZ;P;_2uJ%s9LdA|HZGI7;{S*BPd=x9JpX#^HSEZeHieb~+{~R4dpjrc6RK+_6rE##{KPi^c zKoLP}{htkFGQbdEq^*ura`vk%C-vIwKRA$eog6royw-1U3Vn2k{{l`JV_&fT_B2sm zWZ8%S9U0W!*PG6G-~T&4IOVEvdIsl)WBx_lBw%3b-|oLYL8W;%n}^)B?me=CRlrVb z8kv3EkW3$r=&`P^qG*St_t?rMfN>{?*5aA}0*mu>G`FxvHPo5@O6><&$)cSQwkRb#^fohM9&WZpY^ zm_Abi9^j@2lO=Sw-RvN<@AONi{cHifl?7ipA|OF|a5s()7^kLRX1kqa_BJNbtjPhZ zhpIH*3gGo=6~J9%z=;5raSmhfj&^+t&3h$azVbLYbu?g+K~X{KzYI9dJw+MO!JdZH zjT>$TELPK|G#I6#n=;2Q@Kt34I3y+TVjmU3*h~&`<>I7ddS7wiQDuWuSsD14UWJ?k zv_Ry}^1DEu&>^b=*N3b0mCZ(U4;fNuzgGjtaVG+$wx&67SPWy| ziMTtU#AcY~7G(BGqVa8k>BAM-ukRD|8261Zax^A2=<6|R6?T`HBEAwP2^~YPZBLV9<-QuJ;t5TSeT-M&lM-p#Gir=4`X#>U>fAmJ($Frf=L(1 z*;1X7U)frzYvQ&UCAVgd?%7OMAx4fCzoC1PTV9k#&`w=>G-C-v080+DMH0vMle%`U zNwQ$_{H~y6+I~fMEL@Sf7T@3(xgU?5Iv;r$b2MsTa9o56 zIj1R&oQ=>Y(?@fIXRCF6n$t6JWVwR<`mn~LbsszuT&X3m_Auz_C(D9=_EH32UJ*Q& zTXvLO<+@-kcMefReN(WO8$k>qbga|kDeQkU_?t*YmVp16T~%afu{z0>KBJP!@}|%r za&u9bH+|+ra2mHx7#H-ync&`hj=~TEpQ#?pUV1UOLWR%nA#-`q0V78z1cfZ(UJ;78 z(Lcn{O;H*tgF=4kt|ARHOh>{@PQDx!5>6j?ge+F(DGP%aPL-K=| z)yJ9%ay2`}u}ZvST{=?HztEeGm=Q8YwPBu!3_U+9WVNz&Su-yr*jt^6zm@tY(`$bS znWI*tZWQPSJCNBA?x`P zMUEWU4((}YGW~d4$U5c0zI=Dc?B0s{81-pL0ynl;g>=IAA?tXQ3Papt=gF&QVX09X z6xwOPv0u=PexVU+_SBYUAy>`>!=nC<(0yv^ZA~)~^R7H6-8(w;ZN7}e>IQC8E#ydt zPcq#oijLXLJ! z2B}Se!XixwHj?Mw$bpFp{D@B|5P(3YERD{DYX)HAdoU*L(VC$6);wwXU_8JYI5jrv8lb zbW@qH-=W%0n4G2fa*=+uDmcw!vvNo4E!|a&AMe@SJ1PDehFNZtej%fo zipf^+;2`*{eKsbUhHlZ%RRzO{6T{laUe|}Iijt|bWrzM+7d5}s2F{F6Q8FQ`#{|)Z zyYx+ryqqvB7Ed4?B4gXsC$3aUa&tb^f1}(R8UBWB`u0(M0~3ZE17^=;NMJJ5(^akd zGmJ3$3%dN2eg)Gg95JL_f1M%F{-V&W`;=<|`+8E9bG95W{a!y_ksOKA8S-f0Px^U^ zFxvPJ{ZT~(0kP)MV_L%l$}q9MSG^4?^#Qd#ii9W-+NCN7n-pB7@dks74P~@z2&`W7 z=%q+QqH?Xq7{e=Sifb130))Mx#00}K#ad}gvPv^0v0gQ*iB(kU12%)IQd@+LD`8V| zrPGkhVk@{vmXCyi;>a>oD~d$Wpltect_p_~sJ*P(U(8lLJj%dr70MhKHXDQx#SmQ9 zSVIE~gP~x0YPw;oTHQ7l>1eGpM6!4zPR{=!L#7%zGsH`Uqy)O^5yL8FCGh`~0RlhK zsqqTP@_sIKy^&O zp2(H+rew0_=+Geg^KOG)ONt(KMUy9^^dTg@(BMP&ZZbTl-0b?zw;^|7YwOE^WODh* zf*_La%JiYpuNk&0OY8ERhCMy6}kMu(Ae# zbOim>RY|=?e?DQ@t=Lgy`QS`g?3^^*R3uD_$Aeo}aoTW35k^6r(7ev^@kzU3nOgH4 z5Q#_Knsl2 zwLENA%{7ZC?T40In2x!SvX?J^{|U9%77w387wUF zwbv(nucG%r8-v3Q%1pOJhVM~kdUIU(bw&BmW{X-amxqL}V+(V+W(g4kaTETzDU)>c zd{+21Rr3wu!m(pvH*`dJmFmpF_6m>P8J?@Cg~F;1q7d&HbaYNh_+k~TU_Hyq!d0v% z7}+>QLKIflv(?%lqABzkpV z&jS_)wg|KTud;3hL+gp)QSYjrUTPYf3jUPn#+Od-=~8QzIn^rdKYKsivngBACLi42 za~#`9K!rpzzUaAC(Hs-^^%)Quw#Dj5L%%w2I_le=b&94!%DIgEp(oF|#A|l{(lbZ7 ziy?V)soGR7#Lh)c-X0opP0ek!JM84_^(dJ9A|kqlvB}RY(}Ag};PhWk8PK2RnIbZC zR6Ib7l%GhC&5hWgC?C4KA>tK9LrJy_j5U(LufufYa6?3Yx_eQ?Ag)0&+*&<*2-NXJ z#9=O03`}7XdPUik&k8TB(b7>bMjT=Jw`nM)AumNF@V26e`YjPVcwH!>ct^xmK2xKJ zsN)d<5vrYKgWy2NlOg@-eHSBwhqFk+&Fi0=l6nT>me~e>V`C4Ql+jx~@!s?J#$3#q7^xhR2%`#ol zU(k$$kq@%n0u&+GZphIS2e$XekdX-PdXj?0%LsK49}yMDtF%{xqNwPaiM^7PwZCmjuag-n6{e<%+7D+v z{@m+nmRg1KFN{|hDq@(ceQ&P<)xm9oFnC&plbkuxt2yWJOJtlg|07SD=ajul5S?Q?WM?p%g9Y)qnH~;cG2a;bOdczs!=Y<>Z$N+XyA6 zVV^ft-#b%T_hy-TcjL|vTH*4--Z|VYL=l%K^?oo^rT;CkuX@(skxc3DdjFz4*|jwE zE{|6u2b(sK$?T+y*Z2NLd3IgW)VmvBP@(*9e!KTkz6!(;pptgGg=EI(B-8gk=)FkI zj@pD=pe9J~AZ@)%SbB$CXPHwy+c=i1z0Yu$2V;Y#T<`s?GNP@c_Z616i&jW4#6}PE zVcIC?mZy?CDiV|FoTTV@W%IYCF1nn@dN7_rbV4F|)iWVZTKzzDtE!7;@)#yKLes<- zNEn}V<(CW3i~q_ zON@oDDzOfu?h!Hb2Qcn1gdkSo)Pb<0k~KG`fEx#_DFnDP($+u5`0+7_!RU==VrFs| z5<>`z1e^b20`<0SF?$CwnP6bL{A|p#-0#2;K#qrl=Uj{F3CeMr4=BQDTVCuh z+_yss)&6}(HXS@Zb~_KXU@+=m8M}aG-N=nRv(=NS(OMmw&gVaroUtypa~}vrteGAA zAYTz<2tk$DN^tT6u{^m4<&M@r6uU#2rQ*f0{75fO-sLv_7*>K%)wuR<0z#R6&6`wcS|HUE%)gU{bx$buWgUr;6TY+9?QkT%&bJ@k zrc1bKQf&Ug%!G()hQNeLJ6=k7j628}f)rmGWu(WpB{XnH4ujF!oe49!`+y`j=Hq{!En3khHI5U?CMt0&~x{#`;M51h$>t+10{6(0qO{;x#_(aF~m96eMe zZGo+$#s@R{)6cyU&ly#E(aer8hFBAiag&7gBJD^^^yMxshJf$vLVBDqiI?Uj9_I6o z9kV?{DiY&H_Vw(8IS_E%TF(#!o$Y-7Vr<~Lw4UTZIaY~_jl zSO3g<3uBiCS%$-@_|NZ7I-zA!!Z;OvD`X)E0cfuYNm*%(C}Dvmrl6LTT@xAO7#(2T23fG?`^P5HumJZ?lBI#oAn_^ z1B7W6k{5*2gV**OTL~kFiqidEIgFL!Nv6|0GL7O|?lsNRl3B-nyy-hrO#Ar2lHtJY zarz0I9D#j~FM4{@ucn#)z+)+B9qyT?POle502i5jhLc0g)6(^GO$U|RBi)>F`F<0> zIU^0FC)twhKbSggiA~3)O6UW*vl8rn|%2K86!u7u9{BrrM^rHVY5d(17f*h+Q7q#D7DLavz;#)(1VE? z(dMySNGM`Uy7>ckd@v0|2*%3n*(lgM*&NxEnHU+caHo&QS4pflFS9U-VQ|{=iaCk9 zr5J)h7a3{R=jJBfPZ$iCw8Qq|+13e8ntR1uz~@dZ9hq+KZgKuek*|(5mVJD6fK^D_ zwp!LlDbiST$P&zB*%%FCyawyOYiBJE9(usog|;~bM_Gs!%=5AaCbC*FFm3E_4d&}& z6migQ?Ogew2;)fWgA`LbQhn~EY%`8%Fw9)uG`EHOEb zrgmf++;=qeMYy)>JdOvMD5)R9>APME6qXWHu3?zn~fWosTIpO2ib#kRwi> z!iW=++7o&T+QZZd6DWZTD~vSxv~wPd{i3=;cYf|PaLzFWp%<<=Ut}H-&eG<7gPn?P zqaCKf7u7V&3d^wB$6U!YHE-})mc)Qo2;vtmmk`skCyyT7z*Yh%n9j-&G;r$OgZZ6z zxFkl79~?1INu<>M=-_ge28`APj0wx;%qPacy*?`jFXd()>mk~*X>byYO`$9SIU8Jk zkeS{inPzVpJPtMk#QP|n@DEsK9Gs^y-47Ya=l2c{X<}2B4AyS7g9w8@p3mo|A`(i-(?JO9NCsH0GtD z{EQchfX3VH9qt0?|Cgb=ncIy1f~M>p%5VEX5t2Z~ObGI7SgnpOJ~Z?IS3y)T zwMU0)S=dmPrf{BFh^%ctF|<@oEzEEs!K6D?~LlgmvX|RwV z{bT4!ZXq!owA(7&10h^m_2bQ<7nQ9B*nP9IP%8TicUHb0GHf3=WLUKx1AfCWtkd8r z;6_HM;ea!!cTKNhA1K%Bj=sGXSo^58K&r7mQLRRh$UtS8NtA*Hs!@_~6HIEj49o4+ zc-f&wNvd(kU^QIK&|y5bgAN73UaKIQv($P95OrGm`#k6w6>DRKos&Jg;f}#a^M_qm zR%u`ih;|>Z)1yWyaS#V1qU@>31 z{NZ6IwzD}B?E^?NJk9oQDN)B!#9iKV}kmlMf*czIX z9v#9MKv`V#Nct5Pxsao1XV+}Co=7icmpRITosd=|F2(0uOpouQSoaoPMlfG!quiYu zka1d>e?T;A>B`KEXqH0YL@6CC&6vgm11Mr-O@>*|d?gG49SGORh%wCl4`v+Zt1b*n zw>*>Ko5;K=EXpaU10?FEku5G)f7+!vBa^$!82r)7zh}_Ozu%GHPlZKDff6p}rB|ae z7qV;~TqJOga3J?DutorjPT}GlVT<^i-H>|}mXX=SZ3^}adMYc^m#^eeL`O~L2W)>6 z;~{UaPpxY+0N6xK&9hh3h1;Y2=a2l`Pi;Ws+`b z&xAX%ZLOJ|D^!d>Xp98{-=d3_`#+gQEN(ALv~v=}$kC2-nVnW$4grk)?VHTbg$t%n z1X6$?Tk6})T;)+Awe!zivpU;}krO%%POpiP)9v0_pRlcbCkCdQQ?urCe;P$V>dXz4Lo#0jkBSzf~S!a3Iposd%vbrhLkR;`^4kX1C z45cLD?tcFEaGPGZJ={+lZx1)3Ne$=Tk~LdP*S>NaxK346Xz3kqs8Irm+@qx{Xx4kT zBe~DsR-*@w4GaO(?ks*@2GOZhCz%u+8hdo3Q6K3nV`J}=c}0pNoxpXyMsg-DMn_${^8ENFBU<_L5A#m&T~ZX` zKAY#{9gZR-xemFJ*C|&8+`~5kr(y+da4E}`z6Hr|J~bkM&nzg-oxvmC8aHo!TUD zYEw_WUmr1t$X7L}jKH-#{mFk!%>F5<$mIw9YpHeoo0bVOkrvOP7wl!sj~%CvYwerLc~ z4gr=>J1PGi?pUI@wkkDBQjBqVb$(}z5vAmwk>9!UMG-Bv`JMI~MMTZYUvE+DM2I}X zTye(>`R{945DlXws5PnlK4btL{bK$(mewgZ0_nv@acI{Kp>6l`a$gC-_Ll~J*z|ZxdGA3=`!<{FQ$pyK}<6fHjK2Iy?ochr0s)K_I z^0O87#Mn?US9!2EKUu(UDnywE9pabNZC_Qeiif-~mH?azNw?ybEm>QzM^XL+ZiO|{ z4Lb|=vy;Pe45UKlur>)a^Y#4&r+GdZ#sJ;iUT~Bh=#e95g-vSFf!%K(`H7Sd>iFlI zR@h~$bZ6#B=SC)Cw8EgTMi#PMJST<#nOI@LCRVsH`_8v{-(z4}UvlTkeXK%E*C=?V zo#6@;A?Z&_uR<055e+>7-_@JgdKJ#5hhL27swIJS!-f(|Tp`yRl+VhzLjE8K+H4xr zztGGlXOu?mkiyg4xj+$OOGx8i;X#3;V+%W@Dj1j;4~;g`_PYvQ+;(9wL7!n8Kuix> zHM4MWArm$R_Uyg_11h5QgKvRWb-@vK1m_vv(#Wlc2wsL#o`yk_z4w zOrUhg8zmn|$D(Cu(wIFZ<htNONh9G*QbT)*LN8r%Yqbr={i6 z`-3txgvLS`Pq;jUq&pLR==g6--{u;FW+NGYD1A`6*iW8j8e8dI3mEO+%(jiZbc|}SWkf9+o8V-1f z4Y8~k6DjTA%7e{zasL*cEI7-}GSK*!j)U*)g0Hd{%G}i zkM%sZA%g%8EuK5nXqa*AG3n6}8ODU>cpe?GrjGSIIwFIm9Ye-0kk04HA=Zo?8>eh| zBtI!*-q=n*2~Ac=xqs~0q0FT~g)R-a<=e-467hj2jFKP@c4y1Rx5geDt4LIeO5F%5 z^F*a&h|&weWo9WlDT9D&9q?Wxya3{)^PFY(a3hAcrDJqiCbya>VuGvetn>_%e1-7t z{dX59!Sl`cm+k4xv>T%a-&w72Ky4mG0G?V`<~cqmLzp%xwv3ByZ__g%Mzpwc9}*%6{+S_ zawQ4C)3tZ~AYI)m54MBdl>!XC@0!fb3bsQk$P%vF+S(3&aH;jK-A^+8!g!`B@80#w zBry^Wb<2^n*ubcXNlEbuckgXr1Ti@6c;W7n2Ne;uapMekDI(U~KQ3QNeUf2{c5EJ3 zQ_NHV;{&8%g8-&>O^+nH?Z&uyl)0cXU>0yMJeO~^sjl6$&M@;sH%^jY~r>8T7k<}yZ2f*q1Kz9{buNMPjY zn)Br!aK{Zrz$wZc9uGhfuuCzQn+OyE>+ENx6M{1Q3Tg{kB3t_nPNt)SDn5{|29XC_ zz!!j5Q^5B~teDKhm1x}{3CQZ3YOV03NyreT67DU>EjUc0=$f>O2bCoz$^QB5icZ;M zln7j_oJ|kpRNNzNX8>au3`CO#hDSIgN0!%32%;-TRb1juDAr^GH<}yifqN^$c&}iD z>5T^~t|T%OiXntv5gwfqR;rE{E0XyN5v!Hfzg_V(4`^WI;H+510%`9T+KNT6g$mi_ zl-CYcJix6NN^VJ8#a14NkRfM*S$oCj!t*+pE9UaB21bs+)0L2b@pDDGaw8hGm7NAk zrdFrZLKcjugBLEN%|Yazjw$e(<5Nk!$j$r54W}EsRXVuXWe5nK-`4IHc#y- z`A9+$(opU>Xj11;MsXd+Nr!mA6GI4^Ew~TD(_LY2thi(F$kHnDiL4<|qxQ&eownZt*%2rV{~wxa<9=zTF&Z*m_Fg9^#ZGql8A;Ma}5mRR+vl&T}c zr6@_yv7*-gRoj$@vDAK%vd&TENko*PEU=N!hbGEs<&dg@EYOC^1-KLL9}zD(Z!N7_ z&6fBmSV*MIriW{)+LZ_8!TYMtGP^HB=p&nvJRTpVquzh4Dq_)W6bld0Rm}%3;T*V3 z-$EPUE|^%IA%$9ZR$WX~QdI&gC)h7&uX>d&pUg7*6;@bzh+B-4y(W7<s@?wDwWRrAb+OmCaYXlFb&<9Qsr<0ISUZ4h5kBrD9q>VR@9gPA$_`bJ zAc22{zc#{O+P}b35B_OT^e7*adl>%d(k}R?Rq&U#FKIgrKORnuE$}gwxP^~LNQ?0C zXA*M+KHep>gpV&sv+$uOK}X?ZD5-=Ga^@W%wEZX$`UB|@zBv4@Q2jCZ;tkSxO#Jm_ z;o}RE@sYrKU-INf)kR+a=u19>PiH)#JB;p0>CacgxF zQxUA|Y1GHnT9!B>ryRojI`9e&t^TswJCY48jGCZGFz|(ook<0F^mM;=dI*a^$x*kY z!9rl*=w#CPSy>RZBv1c_t@X^8Q3(Z!)sxVPKjvZTi+ZjAaY~%vafBLv1$loRHnPF zu^LGuSChlmusFgU zS#w&t3MnpdPZr{sx2_lv0^+ZWXov29_T zTFmO2m(?UGTpK3FmqXUq+%sIUy=%_Z7?jyR_)X1@I7J$bJzTq($Br{C?HRTOyZD|V ziW3GQm@+X#_Qz1yK9+y{ncJh=?%dFV_f&M)d>0v+Fb66V9^yEAzlYW zg6d!)Sv$?eceinH@pPBx@Slv1Qt5UfAa{~2UvWyeR9inwt=h`jE*`_h$u;nN7FXyS!9qI`)34*J4+$^a3yl1*0i^XLrJur5MG3>T%aFwn>J< z>4o=Q(|EUH1ZnLt*LuEi#O$PJS8Mrs7vIRo>#G0CRl*|pI6_JZD88mfX~<75o(_Ui z5?cZm_JdT|KbXW!Ge(XYr`N%D%iYh{@=XR*8XnxH7j6&t(?&JisZF&3d`+*w*}aF< zC`m2&+mYMD>5c=AxldTV@SPprViMz>@vXHB`DBZMY4bO=Jf@Bc4t`|=w=qr!H&5kV zs`Z>vkc1w)-vnNmi-x*BDTlp)MAU!gzx3 z;ME*4lRe8?7tJc{i3vjr?$GdERHtm>2;AcUXQ>{oTP9t+Bv+v%3e$_wL^b_p+2+|V)x|0I zl>4uBSGePjwL&`S_4a#po|9g3+(n(JGbk(C$kTOulo4>A5P~#MeyP@pAPKnD?94ZH zo?Ff2c#?2~F5Mok;R@hXBx?~ai|sQC_B)$GgXo6u>pahA%5gB{X5C}lxyHmx!71rn YIiZ_KP-aOQP`z zg^O395j_apDP{XrXhd5$eie;q3)hyQ5dtv%aG#!d2?~nNZX2n)QBX%w+7AV_hpGq^ zM1kpt_MST~p&)zMy9@<&61cOBUEv$)y9E(o`aybztwSRn!4$~f9u{pwBW(iuf13&G zL(s^c0B%dkr+#Q;Hv@N7LGVCVWET-BD7bB4>kO0gQLv*}dIkmC!;5h!*e-BeiQSNP zZXybn1IxeI`+PSS1v`KcwFcRR;dK-u1D1cW`8n4Qg>)aVZQ+~Np%6!~Z#N3*6mVx5 zJI)u{e+jY++*YEq(h@vSs2yN?384#AsKa=E4GQfXaAz6Y=R2N{LT%yVwTjz#Yxlg?!idqcD5G_7ZxCj_q33K?B0W zvQZa+yTWXnx9~O!=djj8Ld`G~ZWGvE0-^sk1%-D6jmuDYXMj7y)DBNXpMI!Kc;%xA z0!%-2>KRmwBHDwt21S^*Ntk~gMM%KHm&dbFL|b?v0!2_%m!Swt)cK(ZTiAXZMaZ$Y z2}LM?WrR;opos3mKbD~gTfnx6wrJl?MiJcrOoc{*G*lhXC{cj%6hI_BWwOX9CNGod(x@2?{t|^0SXS=TT%k80C)8r~yNj@H3%N z7QmK-QN#D6HlbgIMs*a)N6{z_=}q>4?IrXO9ol~z)^&dxw(pvbDZlNHMsfJzl}-V7 zmeEOkQ2(8@+&O%>b8e%`N56I$bqTnu0=meLyJUSAm4j~FHTQMd0672aE)QrPJBY0C z9MIN|kbvc1-Y_AJv+?0Zq~Y-KI-9`u61q%3yA^5L2Ucdf1n#+d6=`lD0snp-X()bj zMVd}P>l23*$UlX&A~1Ym`rSX^`>7msb0s5imk$x!V{&WE5en@W%lM&L}!t7S0 zw}qw4kX{Zf|FZTl(svYF!DuG{^Fls@QrsWlE-8*e>rmH#yDFfI{J6^{=$ZkzYwqis za?p*tSbtqL;Q!aZEC3A;`=K7exJ$?oAA$^t5t#eab69#187Q9FiVV+S`19=T?#J&B zBZDnqTf~mgnpPmgrTy*W&SYe01K3`o(JKOV8gUuO*cNiGBBKC|jB{E$jwMmZ*cMjb zM#i>K`zYrB{Co_1{SkjGY{TY+`0H8rvQg zHleXR;QUYc;Dl%OB{Y`9hs$i^*m*S864;Vp>-!ZCG`0>PoweT&BZ^+enFau^y%5HoZl5`gIki>LM%6hkp~6^iK$vT{*Od%*2w=xF*n z4;0f0V3FyNABv$k4&HDEF1~_dED-DU3X%a!U-TPMEX72B6w4uH4T?>-gW07hw#&c{ z3aLARVlA;JAH_O~)8GXTn11NU^P3P9>mbIvMgY?hc_2$b|am zO7+v84k5YMPUH{APFb8!R=>@aW#Ghf_|lAVDc<52R?5F-?rerV^J0`F@&1wks5LJ?kr za0>jnkHGg+Ip~J|-zlZ98H!Rm0}PwVDbB*)jVQ%IUbdu zAhmBkO7)0x9D#TlN)5b^z-=j?mW@&!LD6KC>L9SA3~lCL4b@-|FGrwMicL^e0xZ|@hP>DzYuhj&O|L@jBDNT%DS<5s zJ^US8S!8X%Gm}wTcLBF2_^pj7t-Elb5aBfV({1=-KT2yGQ2#VT^InwJ?xhp z=P>Fp{Dz@PodNC)lP#VxerS@TNIiw{B>2-|OkaT}wT0OsXi`V8Xd{{=0Mid$f39vq zlN<)z{}Gv9uR@c08n~wwTIj<)USg#IQ2$Coo8Ko#u0zfRy#M1|fey;U&MwjVY&6*c zU`H}{LtgBVwazyH?tgbwXu4-1ayoE#2z5Xvc6x~%P!76r+b(_a1WNB#!2G{^6|^HC zw^zF6Ur>5C0(VCEl!1lFNx;q$)JZwmMoEgVqA5KE+*69|=)pZ!QriYV{o79HAv*4O zT~8gl6*(Q)Qs@K|n%aZFT~_w&Dm1n8z+GW>oR_UZQx$;yUnRkb-_IUIQ`-Y>FN3Z0 zJA2X84j`k?GSnV$dl{UX9ybnU$dR`dql~<*-H&JYqYRsX_rGi>^bj4}w5kKjzq^hy zD1NwvGCB#|S;qGGGABKTcx0SHnH1BnqD&>QCBd=p3u{njTc}uuGTQ{~|0^9?+t|*jM4~(|3|0v3G2C!Vn1r^F_4>!wD zmJ@*;6*kT9FzOV-OlX=lFq)>lZX08((6r8CY6_axAz)d?IeutbTUdAoO|yq3d(gDb z0C$GTQJ&YpI6J`h5_*UZ^>4?ro}pv=uCZl6_MoH43IQWfwj3dQP#bWk34dWjq}0P5c{hA!pLDT+f%!0&(agr}-djwPNyh;k^_rJx*3 zFt4MW9od~n1Mp++Pgl{j3guYhG8o?hV4InK+>dfPf$46=$U$KH456)Pdbb1Se+ng; z8Z^B-Q67S(%Yo%z?!#xSu%@RCxbg$k|CJxQ6*KzoNA>~hfBT6YNDFB~Gr9uY7W2d? zG^4vvn1W^iF!!h1uxbsO(Kc{<85~dFwj0gpFt8(;yO8&E6`ElS*cP#?wC}Rfj1B^K zG$YNI+h-_pA~4DgDeXSQuR^(P0=JhzmcDre%B9$@Lb=WWc7~8H$iPl1g@Xpn^sPb! zn11M<=MqrVCUAQhx-q?e1e%GtKRt}R#KVXJ(+~IQiA7691D@@N@;Zx`MxZ>0fE{Ik z{5zL857?Q)sH`)WP#(qQY?Rjqa9fG?(q_3IMNR^CmLO|6bB3Z>?E<%vX?Zr9)ls}y zgJyLGxHC)~&w;B>0d|%kxtx4A6S9JTKFYTSwngkg8n$Uw_ZTqgJj%BOwj? z(S!=@0NYFGAv)B*%(B^j`KV_B{ePDfrY=FVy8>*7*P zxTC^0u0VwxHm`9iaEAn*Z$*XO1MD=xMeYbW4%`{0PVi`#pdt>&ElOZZLPx(RfiNck z^Fj(sQPKSYwyn5sFDjB_$3#@rEr9mV3;sMG6*&VpHlm`A;75N{1el9m%h25W2s}5k z3bl)|*=TN8G3gaF*BaOsu?K0`rd4R}64W!m_7uIb5zXx?b{$4@+X1$j;WG`I+cSXr zzjxjt%=6rXoCmo7#|sNBL-XzjaA%dyIECgp0k}g#*43bSHQ#mzaL0unHKBQOoZ5)y zbs5->kZ+pMylzJEBfp?x%>8K(qlTj5ZUVLvJbe!;b|#)&fr{+|x0TrWv^_gfF~wgH zDz*!l|JhHJrJb6Hik*$`JfQx$Klc&%ekupuQ2+O_^u^!7??1L>!2I8op>73srh<20 zNAn#7c9g-%`LS(_f0>BpcM>H&{ZPk&9m#AbZ^j5z(jE%3QHdqy{ens`_oqFSX;2Bp zQ^lx+Vig!v<&R3%43$v*3M!#^xeAp~ymkVW*Z{UgEZJ6wMEvO#D(Mb5tVin*M2~yH;y_0 zY(Mitj}*k=@s$w*-W-M=cQ&vsfrqNl<2?l2Q;O{9!97+|+Xle-pY4PmqT?Q_XM2TI z*8jDQ=y49;{G!Bv;X6TDUlVEmEb;Oys7#L6z*uJhJ3~lEWSsvNmDvEcMQoGy(?(QAQ0{UbiSQ^! z<#G&OhRSW>k)fzu0+xSi`*U0?Dt8pQU?9cpRjAwwaR0x2aaq@~t`wDXcy+g9z>YG| z{KrnAa*D=pQF$lv5YKq|6;y7Gm!ED?KX>-(3umvo0D1u)0Js8r1Ns2^vS+XMyH?pZ z+N?Ec^%|yO#xURBQBlK&X&IM;so~79W{rwDm67Di`Y&+%?g2$Umnc^Ks9WtIOXA5& zH@Ci)#FjN~Zz-QCv*iW!LfT@mgV z{49tJ5NEQ##=BQprm&l*yDxMTvlGMBh3+?!6hvOL!4R$EH8Yp=qrl+@(p=fn-@Csx z&^oKm2u5c3l!dZ62i$Y4JX1MYUFyO{9&>MWQSgF)Du0)?*o9qv!u^C*(&EqE(<3L@`e ztyynmGOl@svb{I-uaqK@)Jxsw{`Jc8aq{2oUu{Wb;xA;4W+%Sie~_m_iAxj%*(b1j z_xDe;_mpMe9i@wkiee6?#D=ohCV5m?)n#2t{6ZJ@tLYx6 ztb(X9*CR-29r)0@$YY-*L|q*ybT3AxIUp>YDV#G)#g2H?W95U2G6Ua%=RG`!D2RMW zXrrT|G)(1pZo#bIn;t$B#T=YuV2i)vvD{lhMpt&-Yo33WS}Wl%*zFlVT*1%V5*4NATIh}J z5GLTK951%@3s0lc{m?ENe@-6FF1zOWgiI0T){eViT!{Au>QW(s-D4`VW%%=tn zlq#6Zp$w0`>j%ifLok#z|6xG76f=Za_vwHlWuSop0nG#MsugYoqV@r=T{a4$Wf~iD z!r71kUO!81mk5s;=yhzor5tsR*O7-Ui7rdLmMet|!3nV^1n1$EUIVN`@78Ls7O9UE zlrr~jmW*aYe(M#hlm{iK+~k$6B=S|EW7J3bhqL}$z5b=_0)WN)J+F9aTqea@{3oyN zmf^!{k9d_^dG|oGS8u78C+rt~^-7e65$Y-*RfUo$IDn40tm{bCuU6&-XjBE#1b`Do zN~ASIKYTb#^|R7vyv!(#(IhyvU%u+^(s;_T^BMHfbUY1tO!bzsv0&b;j$|8VyEf_pITe?Die1g;tRiS+8mtW*Ic* z)2bM$d<`&QgZ$brRWp^1hqPet<71%(KkPlqvIVmh;obw4CV`w?I`0e0{)xBKq=_;y zWqzYV*|V|UMUPmTlsVh`j>?i)^tktOWfTZSHb9XNF3JvNgQ~rIOGV}i!n@g|GYW2A z^0N0BW$AeV(cH|0p9r@8$@@F&HuZ(KS!s*VjTp_)8P>k<7s5V&#akT^jyQGfPMtYjhVrBQj+o08&O;Jo{f8P+c zcd<{yD1|z3e)CH{o0Q!mZ-bd>_&ze6x&CtrneAt!W~p2@eB<^o6Z=bw4-@z509SVC zcAqDEi2{ioyZ+$QTdH?LJh|7$Y}H?@kN6lKuw*Yk>a$dG6k&%s%d5&-1Iz2L`D9AX zl;jNfx6fTGqV}%OJ*gMra`I)=GR;3FhO^81`yO|-G^0S}E1MI_SjuPlLKp1s8!Poy zM0I6=Z>AOTR-kW%vf&Wbbuk{{?4EGnU#(b9YJK-v5$mFT<*Oy30Y;AZO_lltVn%JY zZ-eBk#zh`nQ(ZjE_lOkMgqXg(QMI7bvBMiXr^2{WpGfAbv_rpO_*1`}DFu%&l> z|0uNvNrc{Lj1oi?`}<`X6e7T!#&o~UMV7?1@B5w8SrRKQ`xikdX@|EWy$O*cYl=&Q}ewhjwwtGRk0C${S%aq5c*R+?GE?4`;U}@l{1RZpw~kE z$1RHtWkXf|vN(=u+f=PwFE$qTo!ZR1H%U zZwO&im-#O@iVEs72SJ3qaN#|F_QHEZ?mjOjsQvx8&}oT!u=;b6NNTM7Kl!k3cIo}l zS!rEE^tbeR=$zy~P6&wv?KJ4O{j?8#I8T(ur3%(XbJk^EgQ_0#>O(`46gj}U^nX6Y zrvG!OT5^HNs?$enOhUNsYaUviZ^6nI#RlBnp&;@abw)1A`K8g;8vz3rC~`otPi8!P zKsL3dhU%lDp?SwIiwt4UmOgys1xq%;F#+E{EOShw<{{3JouwkymMzYnh@O0fJNYCT?KP^eGErH$Cx4?~S4w z&LF|&-9~iT}d@Xr=EDtF98Y z5aXKl>O`rP5Mq3^I$k0Y2W=jsZjk0bBqxl65NXX5)F-7#lY~6!!j4Z?e`Y(0d1SI% zZ+1(X`V*^kaHd((Pvi-87n7+L>rQY4)LrB>^|^71vI|XJ7o}$|-GHf6W{vvmUSUHU z-Ijl|tfo~n?167whHv`g9|C&)W%Hy5%TC?sYrNzCeg5Oi5^nYltWD_G$P~Y<)}<#l z)!#vLyqn^FT%1swfNs~W(!yt#37g>aORM63oClxIH~#OZU;lUR>$*E=n#xA#a9@vzyhME70TD@@D`&ntHTbqWVu(HN-NJ;}KcTPR_ z_0%7O!5aKS>HEFZU~e49ibBT!Q24$};Gr@U*sGkQG_)f-LdE-6xV80g-+R1%ggV1j7xfY>4Y~y?C;QlW8%-wzJ zsV>D#>WAt#U8l)oJ~9L%pjsHUTs&(>{L0?K}gymoLBkh_dBB&6tA1b_`~EY*zn4OQFqXdP}Pf3MGW^~KF^&#fQdCv ze2s~lZukom_xtRO4X+MRvA<}7Z}euHuLM`i+L!1Djh1fH@4XwmK3MdFWOk<1z{nK* zq#;DybA!!Kae-=#hES{v$%Q@Uc(WH)r_$_l-ni%eHWFx+@Ze znf0z+;o{8NBI(|4yGiML>?Uny?Izv&&~8%9M>dj#vafHDm!0!FRL1hZhKpx8T85jz z3q1;~M#!qJsWCh$O5t~*tJdpGaC*U=k}m8M0Y~q`S-x2GYOjb}Qk-#>z;{G?#yh?| zf;|!x(JaLlsiFpL#4fs+5ap;>Y2oDWdt-#S!ypfKE!Q>jd!KIRh#Pd9Q^*0O^DK!d zkSr4diGdaAXm-!z5$ox)RLoxRLPV$(O(gE>sw39Y9a14DUl1MR@@Ygkv+bf$#SER0 z)Q??P7x6UR9}y+0cSM|&LXj8%(~k-4ZO>cL4RR(uzcI##RzLTnC=yi2#$gto^wPB`7xF!f(#Y$R@M zWOBlpU+RifY}6N#A1ajz-H8s?*4!+Ic`RyyicR@vDWiU@Qb=M1(Adft%Md<$j|=*r3-(*Pl`-fmYP=nC6;QeYZTP zNtF!doX49Z9PM(WPt{t@aU120X6l;^;q1mYG=pT5AsP;F{|8zX+xnqq2Q7-|)dL@E z?kOXPk1$;{IYW2-yXG|Ax)hmOE@|8>B{5LP6WH8qnvbO3hHPDEZ)hr|9)J)}{#%nS z#U)4Ni)z%+*>~|znhjECLIMf4W?+=AP-)Leqcjm%?xPK`ijVkb%@C+Q!?j1H{6tjC z%UTdsFj9NODoGf8-U-#p1|OnDNV*eYBPnw{CooZ?JthexTtZT<-bRvO#s#C?3|G`UYU(z3R+T@ z$hDANzZN4GKQBF{6(=}C6X$H>cbTs}t(9%a5ihjF9B{l8q#AP9%*PSsxZ<(84Ieca)`!_BXr5K8$)NS$Bb+ z4Z_?)+_=?n2l5TG9)bPx99@jG&>?Ivt`yKAMWzkz&}iViliy~q)iq`)vhPL~|u8sUJcKqCPlaSWJ({g}l6C==k558_q6y*zl~hLMMgvjxj_^y|h4N zBCAR!u&>7(-c?pN6ucnOuv{Z5=Jx4<*s|1cj1EXbiG=ad1g9Fp?aCE~UbGvhMP}8{ z8TO4(h!W<%x+s_?)jjYK42jzei>;LHYBHRq28*(4^P}OWqx(gJ*n^8nw=Nkf=-4C@ zh5X-tYa_pUuMtEg+%|}_7LiLx+VCHFl2A(w9BYqeciu51DeE1aBdB`X(Q)(eah<7b4-gr0X78<{&^JQ6vC~k9&pT!Nk zlA~g`E-}ufu}c-O>KBa7l9z~m0WTSQTjdnWv*R5bE<78 zBtc!2yRfl;ww)v{6~zJywq4$DBfpTOJ7_oQ*}vLI5_fh%qaA8;d+jyA{qhkJw7Go-1`-sHmUyZkD#~=`eonoDV8UKd?W;W#EXd~?%g>>FD zlabzj+BPQobG6u%i51{haS)SK&9On$&a*+REQvlwS5}mrsjDm)&A#$hbP`=&2`QwP z%S`i$V1rIZ2T6S(XA7Si#b|4?;L^>_=r3t+PNlMIe~E6CnjCc^-w#~&HCa?5FHOs| z3?BuP<$NS?$%k|&!LX_9pvBwdKvw=|H{ zM_B$d2TR=igdWtyZFlhl@*bV(@2NDysYM2h7H z7~#O!JHp&(Y014v^EtZYhg*lR*~*PWMzgh(g&mmp#+qf5GvY)+yvukHF9t6Wbt}$% zi*Cz_<_PPA*{jUf^#MuZC)=F>l|HjDFV!BnB!=C1W`3CRs*-PW2trD1~@pncQ4 znVz}O0t&Z5{P&v0+aNTBtv_gvpJZ7GVHvX2bBwq`5%UX4M^rYFcKM9Sp>t-M|Am0S zF>FBK*dVFh5jzVej}4GI6ply&f#26YJacTA%F-;iMPqN#85mW-daoZ_K{t^EBJU-= ziS9sXzVKEttM-rR&EEQOY;Q{gS^292wwJJF(MVHzE28h6Yxa=pilYbm1bfV8-P z*T)?Rwr~?ucRh178*zBtpQRy~7%Rl>{HAf%ahv(&IJX43bl%t~?n)>>h`cj2Mr|dp zc~p!nc!`ooUCcr^xg=;{^bSQdr z?^rAIfCdxJ-?_&gwsZ%izzXh~XY3J03g5{?7Y{E5@cXZKykhqamn-5kM8Op;^47pz zeXKzx&%j%%r8mNvxEKSu1-foxtdFZaCv5PkzsMfVUQdbrvm!z0y`!|u$BVMV*c<7w ziJnS6R_J2t^J7nn)=MK$v=)xd_#x`(?AQkJT%E>iH-Z#-&xDdp5&hHEy zf8imTPKL70+VPE9avIO0=k7BLH~Ff@pX*Q4%ffxR;cr*Xc=NlIM&!6e$EDAb(*&nN z$Kv(Eq%d~VOL6-|rxG!Xx5N$kM9u=DVT3b_F;7Gb&M$a0Ug>l@Zk03MAE5WJ^m3|5T$A#VElkkZmw7?EXvGRpb;+P=`Qi+H8`|)#+%xTij~LZ6XsMp?ur;6uuDo3R*T(=YS#(#DQeof%EpD)!716E}#x5GRGJF8<}kTU8S!>m~V7I(j3a-wP8LMN|2Nwfdup z3&namrFn=G=Y4!)Xr4SD>7~d!7F8n>vn>4#7i@R+qb!^l(s`Ppf8uwUZj4F1`!>x$ zbi>F4qesc5#1mrt5vQkLPCOtwoul#M^l)1QPLbfPDK_V3;$ll1F8q{u%!8^Rf*M?t z3VK`6%yxTRb2sN3@^NE(}U)5Mzv^@s$a8AZy&h8JJP1*wzP=rYoY0uQ0g4 zI!w4EvnevEULirKP;O_2-)VS7n>0%77O2*Qq)nD3tIbFnC|XP^31To^3_s4HymfHR z0$#LXc4uU%*wVL?Zi;0hE?>MesbCWI2S?+p77kdLzpd~zvm;uQ-VnQS!g8Tka-vvB zqC93`@-@qRF~gDzyyT+!!s>MN68zQC$)`ng3U35(k=AHRu8{gb2phf-aG4^$98Op= zlNX7Ni6{;zPgW}!cqLjL93cr?Gf%=8tf|ttvahdA{>sv4o7X45BlVv`uot|O+^o>T zn_y(hmw+Gn_bfLaNgnkeEf}$*`C{@?OG)KFCMSv-X#syuuJfb3gjVg9vPqor5P9)I zDf7ia8oO2q&Q_72#yi8?dKAhv#q?CwZLxkR|OQ{zP5@-x`exupey(yoF)yGK| zI%594-lA_}Ls+*HDYc{IY6O?^SJO|cLYWIq1~1`N_STP4)J$Q#A(VY}Q);7SAuH=ro5eyB zITi1w&L3i7!@ZAF*NX8)^3`2T4H6dxmkz4A+HSs{nwVz68?R3@i=8unBRx_* z9GjM8wqO$W9jce7Ni%(-qT-n}Z7|Kv(MYH_Tqy}>R;2l;n8`mp+>cegomL{oJMm=g zfwXurya?^q7irC6Ef5tqn$ubowZMB4-j>w}o($?c$=i}A({Iu_X@*b31+H(H7>!OF z%6Lvlg4;`DCe0Ol7h-@*+N4^s!zZ*|( zpLC!`?rNyv1Cf(=6;c`}Q5e*8a3hfMeqmAw`@#Cj4J&B|;?P>p^vnuMo+UoBe6vg@7{Vg!}~ESpJ9(?HsY_<&U5O~(D}vLwKDptH>SZ4ln>`~_d{0&6Ygm|hlJ1~TA_Mz1quHj4%&+MF zjGn&$2p&JTA+tVQUJO`+)^02u&7L`wd5E6;h`H-O&8!Ge<|Z4M^JAg*i^Yj z_doRf)jiNy_utI3^a2evkgW~Ns-`>jl*ptXoi~~-)n*N%dyis@XKL02_Pjak5Ir&z zQ=l&#%@khAhgnxl*3a~ig(kDW*jp+Uxd14<-1WODS>ooiSc1xotYh>PNF)mP5>L*` z67MAnNkT(~X&ae+-YLjRq`P%O4l+X~ug6wBn)S3YosVn-1KYX~L(8*{(~U||b!1JJ zSt=BXU$9@?i4}7K@d+0;`OPeGJ5)#_ji>UmUpSNTf)VC_by=6`6*VD?G_tQsP{Xjc zE2~2C8M(m~`Nu5rR~cl2P28=Q2sZRU);+1s5;NhaJ!I}6a_VkondvsCOpbwR)WT-M zh=J3>=vjf>HZ!dL_#bK66gF)>-ToIMj4vO|Z|hayLfy11srI-_Cd9!ltD$$kI(FLA zQcL0N5k?{IL_5ws3C@6~POGF_pL+gcC=u@R7W^K_k~!0!l&XSb7lvJvk-IO*tv(Ek zro||YgYXx|-8)ZAlQkF4GCnl8b&&8o8B3@AS?W}|bRoF3+~g+{-als6mQVL$N4!4m z!>7eQMeHQBO#M&r9(~B*Y#*snaTXH$n}78RXU^Y%t7xwTWE-W*7d-^$71xdM@?B{5 zhjc?(@Gc1rderPcCOb(A4Viw6UpLwxn=SsjkswI$6-=E>Orz(#5cW<&_IA1{D|Qw8 z7G3>=uk zrL4wRbDHV)ztFhAX(yQ+@w%)?6wK4UV`(1b2T`duD~^kBcF&HSU!@+D*nF}f=a?0- zz9}b2YRkkeEthkerT&53;JEc;PPH_oaYR0nO>lQ}7}NOA!6EDsx9O?$gaRfh^cJ0& zn@#b*nlLkL`Yow#6S+m1(`B<9QLYYxOla^dH2BIV6jjaFkC`bSkOaR@banblddwqe z1^3+QJHv&Z6brEfM7Pix;;(bb0xFt`|Cc&~eRblDWAw7Dkjhu7NlQ1{w-wI#QEFSF zp)gybx7x3-n(;5GDUpt~Ggd1V^NuybTO(v+{e$mjRL~1X zQT)A6C{22wTrGWjT~-<+<6Q#xE02cceom)6B1?UI?%G)jQ+P+h#gpCe;~!OSckhEq;i5_c0|9sa;#v@t@J~!>wmDt}RW>KhpC;d!dj2JSA^vKbJzLe3|=0OwH5+ zxRN|Q@473z|EHamH`=9`Et-}0sh4^v_ZH)m@D?L^8oB2Vgr;*(cmuMKjej%`_jlRN zG(4F%)f3*AM8hB{6X3~c^M?B}ny2!hY50b@GR05jO?HW6>YvJ+3W{Bp!DAJZ$vw6( zb=>11)51M&Gx5ve;m_1^4-?bOJ#rcC)9_fvRC14vOe6Q$%c!4$M-x-dJzALt?h(Rx zuYgAeQ^Y-%G472(TlTbXC- zr3zwx?G-VIX@xIfj21)I5T+96g@co7KX>zG4&ppjZw;_%n3e~CE##9>6}%l8e`wxd zMztzW1*KH4$_r*zeFiT=R=q#dk16D+TbOd7f+rf^pBW5=Zs5MHVAQ+eTPx#T3Ew=R zD5k+oMkQol&D4JRP%xBrEtdl2fk*GwkqF&l8b^BgGPf)9XrCp9bilKDE_7@ch3c1)srg*BhKc9(E&pq^%@;{;evTA z0e%x<+vU6mm13Y#UvQsg&KBDPxgVvSGb=zci4YeqpQWawqg;z#Bb;@>or@P|x#>k& z++75r^_g|hborgF(2r)h(bN1W`levITfQ3|Lj?zbUFH7y^CeltgqBJ9Ejm#FA>Lb= zU#?XU$zaO=9@pO8`Qq=?x%iujFr{W1Emu7^Jz)7GX2A3VwuAb;GR>8}?m(1YL8ALSgugp<}E_ z6pR?(DmQ}jEic*-1qa~#j#$pm`SEoAF1ohft010^t0K{JctO1~r%+AN(Xb0%84(N{ zkmdq)qQa$6INlCs&WwWI>_J>0-c}aH!WE{aVImW`iK5+EkV?l4At!Hk6gPtL8;6HK zFZhkrHV9Yx#e#aNN(m911C{YxpV{InOH^I%H~Svl;1G#xQ)g#NO;PliUJF}w{2RGJ z`Lk!zi)nBg3>P4Tkp^CmAS2Du(%J77S{AAH*lbTaM-`OuYzAlsFnadMfS2Sh%syu2 zb;0}z|FK~{39}z(%fgHly0Ue4q%=e-JTboa9BWU2DDlS|gfc00{(|q z65WeJ>C8#UAv9I)CpEbC#B8oy0K1ahxy1=>(dSCFq=VrnF;|U6FG?K;XDR92`MLbw zq@o@4_Ks+BMPZR4-qPfgbw%Y$hw^gFOl{v(IO^X~^f{e#igL<7FH+NaoJibtqiDV| zsv!d46|A*%aUkYwyjLXaZHSLa1@)S1vw}2Scf-}LFrplGo%^9Qq7Vt2BIg!Z#gMmY zu7xhXbnuoHH>2J-cJ7Z#9|}DZKLqjv$GJ&!NS|mA{ zC=*$oJoq|yAZ5VNhG^PZ5ZOwtFxSxofp37t2H?%ByLf)}btN&Rx?Jt_5e zq6V#SMt5f2JRd1qiD@pi^R&@o#1SIw`6WsbM~J&l%?nZ*2*thi%{(`yMj(0*EACA% zHVTFUQ9G)*LW&4ZChu?)cO{2krrw=iTtU|~u=N4&Z~|BDlf?t+uC*wtVNbD{u6SjR zFzC4#7x{iR@h`=9rJh(+25&2q-+f(ss<=X`U7}3=U2*Cv(H9(12(~Caj7jmq9?<#x zW`48eEy7m+?)>T;k&Sq3<}dTNOG7Ei8Q@dmqAU#`0dVJF9h{+-W|Vv-g^s|&z@F@A zrYtB$#l&6oabTCt|&eONJ;J`B|WrzN@yRtmLL869d<%N3+|WD(NN7HHbJE zk6_a>dS!_$T4@1RmB1VL!tGnJj^Nda8&*W^nvw#gWWK0c{$w&IDn1cbnuI#tf zB`+!S@nNCkmZbcPqsLw@xhHi{#E$0IN|q~2Ot|Q2{nl+IpIdPW1^ZvUWx;sM3=Fp$ z%lhppIV6qHL|x0LCC^Lkfe>p?mE2Mmn?wtD35~m@##9U#<;BhET-ozyN;W7<39()M zWywIgbtXFVz?G69E5qSeNf%2UC#PRf1?Tl7;6J!iazkp{#KL_)mzlNiAe&?n#4U1rR`N)dW#a3F=cb3X#K-}gN z?-rx*PEzZh(%(r-C_y~~XSUpr-j({$T`?H{z@2wyA5Pn^z3YWP{Bb=BDKNJA}r2*UYa@kF#MsW0n*UH>v zlS{#1mkVXJQZy3PyM8JQRjLN|7MJn>NhWcHaAC35y+18D~rsQ>@~ delta 69195 zcmeHweOy&l_V>PqCI|wGiY3WKP~N%s!o6@+Ob~e!6c7{<5EKzhN3M^iPU@D@(thfr zrJXD-DQ(n|%Emg{XrqpnnwB&=qfJg?T3Tt+PfeSwXYI4kIs2UZ0$jM@KaZc!mvipg zYpuQZ+H1d_eU4lH_3;BM0c#%WYSbIdMss}ZuAq~H@lm8b&u>>cG}_=889F`9ofb3P&7aZ zto%XlCoXi1S=-P6XYhYdpaIPQ+c50Di3T{rp+GdCDg0|G8sHqTvjQ&W$7+j%bu&>9oX4Ri*hfxkICwi6As3+Vst zCajJ`13Ln^sZ2ihM+4g#xUCrs>eUrFL}V5k)HJXyLsl6Y+!3&&gbt!(hnBU_ zfQaxy)CSP@)DDv(55=FTZSgGuDaLpHx0l@`-$GCL?MKyzH4>uIuJx~q5 zp(xr4*qRVM-~eh8u}e{OOObX0MH6Iy=?K_SLI=^I{WoD<`=?>Yu4!53H~OJyf}1b3 z3b?g`E|P=#Z>8m~k;AQXo0NIXD@ReAfZM8|jq!OlF0iA7Hq*~+L%QaH)l3(_J(sQ^-BmY=A2%bN zgrB=2T`QpPk%CkxK8^G;F#O;=?;r5}%pCH@_qFt#Cl*|9NIQ(0MgBfya5-=*lrBy| zhL&Ir=xz?UIfiyl$IV*Uz6N0XE^0W749(&09Asz%V*6b{vHdXl(*l@1QLH^=xuIBl zDE$@1+QZz1C{_uq{ITLFift*jfYB}h7LFu;$SC2-ZOHf}hCff; zY=8XeC^FguwnuCU?d%d{yl|j-+{!`5CV(9!n!I(W)fk?SOiiKS3Nle(WSaDA%P}Vb znVP~gH<76+ti6Fu5=x7eV z7Nd9(Sh{iMn$T+_k`b^5B`9GiL5yGa zs6s=U!}KrF5CQP~kKVZ8y6O@dLh!*t`#5$14Y3BcCfNJ^wGSH71ct&3M^2&FJ~UJW zmTp>fHD5wQT?_0Qg|FN|L;rrNX?zikhKfk+myRf~bYpcjAe1O!$WoNp8srtD#O8pT zV`ypmN*|Qi3Se32kUvV4a2&kh3VihvO0>c-@0XAQnEi;|h=xf>>4%09q_0H7vK^pw z1{&68U?-K-oQ9*%~~z{(%@;U3GD+=t8|Z_HeAUkt#Cx=c9qMBIU}sD5)k2i~^*YCZ4anpcV1!#4BEZtkeY#@7iZ*4Q9*0Iq z7;^%Ra0=L20T=UQr>t#Z=C6WBS_s@yMuG3cerSYi0rl@%g-+_jE-z7w3`mJxjs#%o z=007qY)M-Um|cZZoCjt?&+J4g9S(T^w?&zLScX!RICcr8xB}P}O4^_UyQCDN0V9J$ zkwfSYqmj12YU1FPXk>>1cXWnU`Qi31?ZrSe(i&Iqpphc5bmQ>)^E+r{6G(Mihg9(J zM5*0}+oJb7DD|P0*1#w=YA8z8C)gqx1ac}+YCdGpZouuSyal?kRI=B9MX60;C%Cj7 zfZIc<6FQ;(NvVF`(;}pGdIvd$UOp(TNnl_IbP_SkQJNzpY(Z(x06SvN9g5Oijp`dH z%?j9>(B$tGktmH|b+xO2QQB6WYjFe&Y%y>PnZMeN(p-VtDJbn1h!F``x@qQ`4)1Ha z1R;JXT|&e}6*~O&QUyd>z)#WH^G5mtjsMY|tM#!GbV1G2qS!A3>coh6;F~%)Hqnbi#BpTHcJhl;y zqQKHk+po`jiAFgMIR7IHZCs8gcK=pZ_7d0mg`w+*=**jnj`p=eA80=GG{rbC`ZE0ODLz6z^xT*PA+#;H4>0>8s$nDcLn9DfvpM7{hq!K1zAgdfy$gc&uYcVDZjcpOIf^m{R8ru}6 zpG9LGVa^^jwl%=55pq`M6)?^Lu%mVu&iU~*s*Ku8Ia%m1hPRuD9TqNbPvjJ z4(5F*e^?gE$H_0D{QC&prpzB(iSm`0y%6PFV_^cycMRNAqHWr1OHuwCGg=P*SClW| z@BS#?1{jE+-$eQUY5}h9MER};cC|t$^GTlCa3R;12?p4T1V8;Ss zzoK#N4w(O`GRciY!u_w(gwygguh z#J19|7ozbk1a2v##8=oQ5V;T-6^71eKO`+hg-rrC$Dl~x6p9KZZ1+Qjt^jt0k~ZkT zE-8hR22AL=9ErfvP5WHuKt@dhH^AOPF1Wf*PFp5SVMG~-dbDyqQwnR3d<_0Qi zEuQy8MNR=bD**gEi(LooN@bF+(@?(>E)GRSO#nBQ=qPQX$2-VHz^+nct7noMn%FFG z6HE(+qKPfVbMw)})&RFgh{)_e;Syk1DN^bwb`L~0@J~U-w!rp?9Y}-qza6XEhc@ak zDz*l;Cb;_d;!~)&3E-v@+m!ZBF)D5zQ2*9U@I8p))}THg6*~>=K6UQc%YN`u{d%m{E*M+X8GYJn<+hZ4Om4P^pW6 zU8Sg%da%n%(mDg+`;V;?6y=Uppwiaj{7O`c$)DzMCm)qIfk_@YsI|b&3WoWhN$m&R zp2}OG8@~V0j-_i}H*Sk-cV9r0T8h8zMw9FS+aq=$4eH;HRgP$7x_6LWm?KeHs{r4B za7wVM5S6(SxTVTosz7A~o2p$3+#-cvUO;8-1MD)z?@)N6kRZV#rW5xvdzr5KXoPwnywh8l3;NV-=eGf39>4u%nD#U4kaJ6?Hq& z={_h=j3RAo`BG&$!ZC1D ziLFoDy$)4K_}~hva0rSQ2*r5eFVOrnM2-C|M#)<71wan?w|UH zLe#FnuFT-grD&>?z|IP|m>=7>_}54@wUwy!y@6T|`2W9J&g_6U#}idHhmxVF(i&4P zp-N2tG>2+`R4HLz7OIp$j9-dS<#IQMRSQw2gcoL@N(ry*MwNDe?GY=tr6U=C*@G(E z10Nqol^-9*r`gS8UAC_|M>e7y!$O8D*+s(xM7QH6=<3QRST<-D}i02Y-b>sH%D3=9xZQ zf~s1I%U`0ZtM51g?3j7Frw$R!TI@&hT30m7)xh=?9-4t>br5hzW#k|q++iiPZvZ_1 zv!BpGblgGp?5L3H`oFvc%_8{zk{bVo-y*6X3`EVMM?X~EdpD}?cNA4?J(~iiiDrbV zlis071wkc7&qvkmg*ov5zg5q%0uDvh)_7qds#f9^FxC~ou29kv9bcYC)pmgG5u2p_ zyaZK?uxJh=8J=0lqC}rEWU+_-Zpgxbl|P!kAASK@oJAoRD510pS!{rTIJ2D z$e+2?^>WRFM!msoG#fbm3%)(On&JWj^}0A6cj}5Mj01mejWclQTnB2fy&#^vr78{(oh?u(c><>amRam?pEx)w#?&ds){J&Y&6Cjgq*oAW21fe zia&Y0*~^y8V3O?1-|sQb#wj&f+A0knbo?`i)bP)o@HkbV)^`T69QC38olON6PI(@D~#{_ zVz(NbpsU@~ZI`-OME{%JR#_9d#PfMEe9GJ1dV8rd(U>@3AHnb0*Dcdph7UN>Eu@PT zJ74liHzSL4;tt5NuA!S{q&25`kY~MGCoPgG-b5oaU+1~lT0f`xsz(gpFW$4#I)&eq z=y^|VeHT&@hB$8Vb@y=o(kRcxHkGG65HVfDe>2YWlufYI7kY-M&4YsYmV54HN=WG* zBzc$;^xT+96U}_^3{GV*b|W{Ba2 z{yD^lck9~yRhuI3_v`L!$Gt`a1ZmmQkTAY)|Lzm4v*TCAcCTR_0?A1TIx>vm>+WHE z;k@p>ZEAAG>h9~+_3ut1HQt~%1aiJ_2Zr*~|J*%5%>k~e{kVI%I<9~i(9r#^R^>k+ z>L2i~vr`s*f=StAuAA+eYDu}7^{X$!oMJYr4M%<*1eN52qhr;MQx zz>B?YBkkHV-i@pqB$?8nGC@^eh)4jd{;zkUS}l~NW`lROnkck21E)RGErR#o;{6|W zqX!Y+x4e_sU@Mkx=3l(GTgMTvKjLk%@$>!$@6N107sb#2<~@=P7Lvz$_$*QrX^F@% zD)^!EK%aXy<^||{O4z7QR7oXzZ$JchAtud-%PIGC#e4}ozv}x!}v=Q=Mi+%pd z#!R9}V2F)}@%hGpXmIEZpIUV@rqOAH==?oBobUCd&oVZ^%a+7(jmcgS{G~NMdDbnN z&wazkOI?YA@p>-TZ&U=oZHLceHgOfT%cn6=6++ZYq+b%6c-7}V-C03vb9<97A`hHEPdP~zR}i=oL>~-+e>X8sH!vgo>%u%f~o{voT%#bFyG1jRThF&ZmI7r zA8TUyEZ+s{*br3djYhF7!K-|`s69aQGML0}WbO;TX0{h~h7XF?al_YlcjNnQ@9{(@S(g|Ob${;BnN_z)Jh`Wb*`_Dg9_e9xz*^jL zw8vZ8Y3o5>Bz{SSI$2;6wd;4r85`sHY~NXRZzLT2RkL>gFQqsZI2Z;CDy#{LMz>q`v1~ z8)9vIPsLhD%rWZGo*Ar55Q%H^dmdzd5{WY>_B_G@xnB1$X|>r4ds_13f)gSQ6kR+t z+uHi#P~QEsp1s0l4pEo+ZqEi5_Dn3+1kI*AJ1CT&>hG6pl*Po{>a+bem8*y}Hv!Zs;^)NN!a-%Ck`7j@U#Y|Pqc5OfZUOG8jk$5o6U&G>6B%aUn zcV~m4NYs@3-(%fEV|FyD^}h4{x0^(rvE0E*cOX7{{w;t0{9AqRE|W78xf|miTJ@<+ z6!n%LF~K5O)A`{uZ1E!TcX{|6a}*&;RX!FvWSg$!J=kXWDNgn&LgX(=`DB)Y!QMiHZDG%%ZaWCS&=`rlvY<_u2xxH?jEG2M2*#+8_G%sMCvj_9O;I3 z_=NJgYqZ~XiVUcCU-13>HFtD@4}7l~u;JZ52YCGT)lm;spSt>>>6ZUb#k1xofA?U} z+GKR+f{{pw`1#SPa=x_Tq2ps|Z z2pEMBTHlFY$$e930RE((+&isJeye^)df(LFfBx-vf#HFt6SUkq_4v1AZVv+E@Xcv&chZ8< z!-*&gee~v}w>3eBs!>oU3!#kvmi*2CcG#%obQJVZHTjkO?T}HA%D+;-O-v`$WbXTQ z+K0X4zSWP~vEb=D`vM6uitDvr8{yUGTNL#4onr#Ym&;zS?Hl0sZQt}$U{;S^{;6xy z?tQcQ&hfy_cTNZ_x4Ea+YvUjM;v1skU;M%K+Q;3r+rUTkUpVrHn@iG96pqHi{YF0f zW$pjEY4-6+uW3hg@16=Yk7)?O2XK+c0`BEH?QDDj?mLAbbc4|Th|o=PeG;Ka@UO>0 zgq|YTDumXN>r8}RCf9igZ6nu32)$3PixK*eTromlkn0kJu8?aDLVi%69#0_@NUmN8 z4JOy85gJFXQ&1*aO>W@u$~tmg21diR(=!NdCf5ptwuskl;&msvK8w&hCg zp*{S`x3q)0Y09`;d$nUURouuAw6AHFbC*AWUq?CPU*U3rTShK-xHIJ9&xP!R%W!Tk zx#Vz1_Gu$D`?$t^+5wtEuGfC;pw4?bLk67XZ(2VtYF2k|%{Fc-kTo+n%U^r<;kNA8 z`e=0AdqCpi8dJ$Ovwv6aCZQ&9oj(M|HJqiv&z}qUI=m~F{h{_jO*&UV=vz2#gI^zR z-G{(h$ZaL0(_H-pAYCG))0}2pU?0x&Z|pvf-q$=gqz_lDpf9EON&m^{!|f#Z|Kf!E z)8zgOdjBiAKhNz7_v*t1AAtMu+`$IFL7J6Z$pI+jLSKZw=CoOZ20;1h4rry34SFNm zMKm7JMoB9sN));Xv)+&p$kjZV37Z}N(QX)^>O`Pt3Fs7*;crc>c_?VVVsxMxOvny8 zrnlxy#6jnz(IJ)-p9ttz1+8F103p&L06Hrjoi29X5|sOltVE=}7MQsy{Vk#DXq4&y`C3^*?hb+S~z zdjou}3&X)g9k##@4S0x|CO+e+``3Vzg>oSXk#@?kyKmxZll7te5nb>x)@{oi2AvL; zu|l1kn;D!jTBQT(BynHxUTFpuD?FwFqVFfcbER$7SdQ!=0I~LR@R3|uTqM@Sha~l| zCZ5j-Nt9;(R9u)1!EzW^NAML@Azv^r%NrDCPE(?f;Fm8Ad2FDyLa#rEEMm?gB0}j6 zu?8r;qiIB}* zX{&^CiW%r(#1|HL@7*1=YLINQC`d+p*^|&&p*R25AA2g@vyn9UCUE>y)hoPtb`!W zxDYlsQ5GY9qRYDk2q$4P)%}t1Yto`FmJ=tzzG2~=Yh)>rsNWI3Nm?mVPHLkm9%jb7 zj+Mfa<7#*|^Rg&b6CP2+{3a3u$|E$Pat5+9^_=!uQv_eNBI3BTLW$+53;FCd5jCvF zMIwFplealSe)uEvQ^#(7Bf`qD;5Irb?);|+#iUqN2s2xFnlx^Q9fe6dBjo)eIhVC> z+aWf*Ylo)#_TOC4IAu*Ra*6DzOJ zPS;1I#;Kex><>bh$BpT43FoJFiG)Yt^zk|^ARViWu&xm{VE1@Oe#pX2^w`>vNMC7h zO?JzEePkV5Ac&kvGxXrw>!wI~S3ns?deXxQn=zfukyoWHNvcs?`6ivui{KL~Bcs(; zLXE;Ib3g0qNPdEdo;&E*9R`4BBY%vV-G?AH= zuwycHe$+LoUS(Y~S4S<1R^=*21I$5$jiDvlY9Bsjf7J6fqK%(N-L;b=OyzXqT+aCK zs75!Hawt;Lg{Tr~;FrySwhBQLbTdj08k!`!uzpVu2#MQKUr1Fc339%dbtCv{kLVAj zIFwUh+b4#*a2mFi4+Qjd<5zZ%{!oez%0pWgOg(AXuk(u@EImJwl<-#vL~pkt*2P9g zN#mnJl|D|~Oyh&oqd!vQCG8!=>EmG5A@rff(b2bRRh|*7(d(q=8FOw#8x*diliPzg zqkH{{Nr_YHS7I7YF(O^1Uz?%3tPVHu{I#cb849x~Cp?V3t1gVtp~M?>u+t_yeq8^m zu9x&!Oj%qK{$-12h4HsO&}~=P3VOvDf-R#16Z^w_=x@4{HsMo$MyHXU!^r-=c0uQ^ zRt0uL9cyfeQCD>}(&$0O#lFDO115uae$+jpj!n>`|5OSNgeZBSaCW}m**+U;- zQ|*n5%@CvA2k4JVW4O%U7_5)74nQ7865xM5Om7v_qzwp3KSkO}+BHEBGle9b{+LZJ zG-*|=og|CVjsXWvLrJ3=Y~NtWWoDxOh=W|-8*V2TYJeuiP7-(k6lSM6RJcCVjuchc zkZmUk#!N6iI@gYiV1${W;cN2kNP$8~svmFP482Vq-7D6I*;F*>m!|-76|bFT$HO$c zk#khp(Pl|EA6L!O%bSm&iY5tLXdEPULNO$(UCdN!HNAt`CbKvL}`%%9Kt>*2g67Vzj3i4S}~S@LO~Xe z9>Bs|*dOn;)=-~gou%fYp+?aWP&+o=HRKLZaSFXyyq=DPVZ1pYwm}+pbgM+yfs&diO~u)bN`fPh8D zJ!ySGrG$>pOdr!HY>oXQL@tFW67@-}#V8Zy6@ENCq%v`9S9cFxb~Wz3tHwlWttb~E z=@H{DX+187uUDcmO3@ulPKS;0z(6{cS(aqn%bFT7f>tR!d=S^2%SReBb+SdGnb+nT zkFoJdB-TG^)U%#kBnCWf+#75y-uNfuCbdps;;T34gwr?Ng#vh6p8sE? zVnm?ZG#osUj^Vf6GN!UoTh!!x$n*ydKhMkbG3zMgD%2Z{P(0y*+6r&eIaYkCmR~g7 zw1ADgA`u>6-<9Upal+0GJwX67q2FJr4Cf2VOpR=!B?^_#G1anY7Ks7Rni`lt2vLaO zIC(9R{=Dg*tYL^!)YETnH7Pu;O1izxVN&W&heiEiSxU7ch)cnk@n(77&n9izwiATU(4E{C}ru9 zpy(fDDZM$~^y0=!m{a#k*v`5=k}ghf$zCV-YmK`Px8@BWH~!avgx+dCm|oI&x*nGB zAa`+}X*M6TC8D#2d*`@EB3BTaz}ll|OHF8kA|@Geu7)2Sm7s95n52(MPz1KPr&nW0 z=$t9nl}M~zn6OM*<3leW;jIuH}$%EXmxLt(e`>meS@zhX{w;(Y7Z zA&O;~GU>gMV#-T3`k~yet+@>qJa5V7n(DzxtCt98RKn|=NCZ8QD@6^gI zHv5aA?#Z$y(Ev-o#9SLCbX7P~m#A0*Q+^KKUm3yAFeDCS^A}N5-H^onET{=l@V=Q_ z8=e>O;=~*u{%~I6YQ@x;c1E-Y&MZh&_*v9QlL8hwOq#mHP7*yIQTKGBd_F?7d&TOWLh225X9=JTA4W8VC_T@2B()ENL2I)qTZxKiM?3c6^WMPiAFXc ziNu3nC2FL{XR^gqbLxY`Y&FxQ=RF)I{m08r(n0TGS6O=_SqrfnM;fH?R>G~=VMf+s zWd^-;JeV7rXcP~ME>9WOLotgN>XQrjM}7={DSg=cHYo>7;Ki9s*~3!VTtzH8t(Usu zVOI4bj<`wN3nTc$rNbT?p>jMm+$0^KBkxFYIpcHP_@S>4Gq9K@yVL?}Jb7K_z)w+O z{NCNeuCZx^+v^z7A0}jGA_+GaW#^I_=!SS@os{X1kQg?axn* z;e&HVJTlr^Q^~6%PD+n`jqG7rtPcLsMf2PbM`-7YV!%O<*zJlf1@);yge&-jqufe8k`jPUfT;P;;V&e2>=#_-+ugil+-hG2*Ps>LmyZpjPIUYe++O^l4 zVd(d%j11!!TpYPdayDfkt>U|pnS_#yx_A$qAg5ekgUE z)DbIHm|z+wJn38)mHMt)2b8c}pIRdI5DL5Dk=|Tm1Xn$Hln?JeBDKiI39E8adr5;1 z$k9zjh|O#%EP)9A7pq@O-tHl54emxvnj2sBMymXF59OnQWH!LbfQE>KP=3SC)F^4f zO*z2UhM!Z~12ut>^$Mdvg_{|$q1Jk0V8Lph& zu9!59H1Pr=E#k?9v_(?qNr^%(aLD)~y#BZ@H|;S+6O?R#!#CtaPr4=TCut*=$_hOQ zJVN9qEe#3h0-i8>a~BT5p!(8^v~Sej6>>3hTAfb>e{^-)6H;F+8#ZBUT7x=kK{*^` z5MBZ0HoiK-liz$KElAo;l_cqAoaco!c{5H*;b-1X8_CQNcj(~#!&+&Z)+lTYi?(TU zbD@oUr#~jmwq!ktA?Z`4v5AU6ZSIdqw^YcDl_;lkj5z5PulZ}zD_LmD490kvSqN_> zhP|F%!~7sKK#wdw+rPOd{Ua6Cv zsTrGbp0z!Bo69V{0M2hK&-f@<_9ETPBI|~c{HM=k1heoZc7hpn<~?_9hP>FIShVv_4$k@+1Gf}jBLxx70T+8+?s?BI%WtHtS$(6Y6%?y*YOf<638^HT#;4N}i zFzi6a1QxeqUYowk2w}F1>+SPbGDb>!E>sm1C^0tE%*GUvbM3Iqxn?V;@Y?yA^1cr= zB)W08;K@wAwBVyep{h-sJ}WkYTbS9yhs(P8NLSwTjm%2caHyO4Rr@oOSe+7$f-r0p z{s<57{ZD7U%c_o~3h@n97e{v}dtJ;tXkB%DW0z4$YAGmWw%@38(ppX~dD7rfwXDw) zO}dvcYAqX^2$9yTnLZWZ&yE{4nFX)HJv^Wi;``=f zqi#!2h7>+Ca+be9R~q;1sL8AY5Esh3HjcWsMy?Q%xHl@RuFRTPvpTDBu{Cj(S9b0q z6;WtBqu__L5?5bX)r;o8F`c56amA59= z_ZzcdpiCr_R@#0|hu92{I*EfGGKQP~b+He3DkRd4zmu4En@xlWk3tO(YW~SIh=rt|E_rcu zp1hkW7jjWf-Z9ou(;WHoqCENa9+?w1B<8Z<6*+Ss&)cph3dR`e8RwJ*dB<7*N<@U} zH5iFY$jRdgYx3OHWr2DEYiDctA79CnpCHOMK$4=ZkOh_4Vb@&rix6H4ea1dikpq37srHoNk4?8@KQGbPxXB@UiKvqnC>c zFIVn@8DxrKto&Z3obRq7W4BAKi4p~O$C4LHPaQ0PM`~ln)<`3cER{5A>{hApGEwu` z*qQ3wp|@9DPL}ga#G!E z`6m^I!O}~JLGrv@cwlh&jr>$;)~+x?PhY*y-;=*sZ6Iw(7T9P#m@jXKf*@T}C;dJD zpdu0|5jG<)OKz0y3OJj;Nt(n15mrRPxEae1<-2{CKYE^6&2k1a%L^7MGN6a|Xz^#y zF0d^=?S~J}Es* zI%!#%J5HXoz_LnOWf|b*(ggZ}gk_d-HM3b2(3Q0I(zv<-DxzRyg7EGE@85O&=XUHd znc)Dj(D;pE<9(%Bs9cKjl<{}fM4=Q3dYAhfnj_+LEP$@yvx5cU{DLlp8tF|AMb(%% z;T-tk(85op`3iLPboTBZ!dQMnhA```JjB?8a zd0!b8JFre51)4Kqne=LuoO|xB3C6Y7;|R^oIvY>X9W!(;oEyPRDV#`}ye>ep41#aZTiJj@0DSmwhQjw`z22Coz*O)QGh zMIU?j^(U`Z?m#G*T%SNFgtSE^+6`#g7YH2$!MU0&=O~j*-hkuJ0naY~-es%WiHj zxg6%)7sKTeHvul4ehB7vEG`<|>DOTH7q~+H85mOixDB`{f?JoT^W(CX_VMZ558f~h z<*wnP0UE^lE-4xWwwcN009Q^fOSu)~63Oi%mo3~ma;f4pHE{Wo3nQ01oF#NpAFisV z$VW4qTl>Ysgs&D-I#={YD1oa#53g;0$u-s#u?QytA+(%09XzTk+X^4(nf zbYm0XTV%op(|Y&fb8P4!M$<5l)x#QIIIOwXzu3t1$|ZnxCma_SN?^_^K4?&7LUkBS zphH+Vrr_daz04uH2EOIB)y7}t9~LWyU9o5lw~Oa#_}!ls%SUTvS8S*+UaxkA;5}IS ztbwN-uqKeFt+L3yYsD66@g)=WzNPS1{qHx6BJ_Sq&R|ku%|%wPx1$pJf&6wRo0kLk~>oN74ra?_YYhmzw|Fv zF$V{mV)!dHC8^ScnwmpL1@fUgA+{InEa}TSWl?M0rzM-DIV064RUE7?$mQY&YQk<&Os2OH3LN`GUM z4oUEVNmgZs`l8z2?mEdzn@|DqvXdIVx7rxOHc3{%3YL&cTfW~r5wVxitxr`!TGZNktz3vds*Ktai*4^W1Xk$ zGrftNoDw>w!)4`Nl2o}0cEP9mq}SJbyF!AoB;{G8k6MQo`eW=Z3D((mPpcovhA zG?NvzB@#EeO}@(p9+9{!YI2D>h``BI^K0hGwwh~(Ob%fkgs9};sL6`KPb5aonY@T~ zK!hlGBsPJ3Uy%&1w_csxzy=yosZVH<+QrfCANiVG48$V?$>$XJB{VS&=u?Q!76EuF~ z$mT0OSG9IZr+7J%WUI+LRl@3Y-O(w%Sscl`8xS($r{!**nsS?k49fzR7~~h+Gm?)J3ojR*d!piUqFf%r zAw;mAYsmAD;Jdz8;lUP{qSC0pR)n$POe9)PRn)O67I!er*DErXsFZ`DoBlA>H$g=d z`#;O-C|Gp9IkmJvl?o!3U#D(Y=SZssw$H@RDNXHBS+6bzh~?%~_OkI4Y*DUK7fH|+ z3)90uuJNfH*k7-xyvi0NV);s{EBms>DiYxkww`rSA`#jd?Anc4T&ajok|dN8-u8F_ zUUREhQuz^EDw9;f2*s-ybC*``Rdc}3Iy{<(uSG1cjJC=2;Ht_qHpE>oR7R;|5u9@O zmC6OIKN4+TwXO1=P3dSs`n;%I>HuB9wlTN-UzQlB@Oa~Nkite z1~zPp2G-1*c9m_nF)=tECce<~Ud=RjbrFQF1k{S}7PvnOJ}Lv;}ItQ1J3C z)6TJJ0pX;*lJxQ{x3Rnc4n@o>fM@=vr#;2m9aYM~TgNec#l>mIS)7U4(N6*F`hJ@H zDF7N$v|XCWd3@nTnRC~s?Om<%GMH7juxgWJRy;cmLuW(%En)onomKK|2pH(LQp4`5 zW2_SKhBoE7$FP^o7Z6Jx}WWP2m zV}MEooU!ZBth;Ixgdr6^IKlniyV}gVeKSk$&Z&veslb=+WB9@!X1y=Xt7wW)Is;ii z3N57Y*I7SFEkqWD*N9^Hbq`j*Yn{TE_o!YZ#kT|X3S-;aQ@cM)$$u+RKFmt=XMQA zgctEUS*}anplni-yG7mrqaqMUYdtM@6(tfH4V|=}?qiWBtulK?f6GCwJ)?!AMEOaU zmlgFW6-m$eo+$#OCRmCT@gQWy*Ogk%NV7;emrXM*=cT0;CDM9`m16YpO3QC*??O?| zueWrT=6RAT4o-l?z$;sp&lQyoISbB&Gl2AA*O#U69BNIeuNz>Q Gcm03;m*aT= diff --git a/variants/GIGA/defines.txt b/variants/GIGA/defines.txt index 136fb76db..cef5500b4 100644 --- a/variants/GIGA/defines.txt +++ b/variants/GIGA/defines.txt @@ -44,7 +44,7 @@ -DFEATURE_BLE=1 -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751296168.0928738 +-DMBED_BUILD_TIMESTAMP=1779181360.4514952 -D__MBED_CMSIS_RTOS_CM -DMBED_TICKLESS -DMBEDTLS_FS_IO diff --git a/variants/GIGA/libs/libmbed.a b/variants/GIGA/libs/libmbed.a index 79c8f413a775728d8758e1fa79010c2c4b57456c..5eeb7b600c74fdbf1d7681dc29798aa5d2739156 100644 GIT binary patch delta 48706 zcmc&-3s_ZE_CH`gcwV?DKJWo3C|rd5eu#izqJW8jpn|*+L`xoxS}}IjOh-*k`{HDd zkDSRVElErEq!lBLHd;O>Ei1Jwb<%&5HkxMTf1PvB-k7d)4w^cB-}36|ch*{a?bq6C z?Y+;Tm3!Kq2YR+gN1MZ7H<%5ZLz;>6IG6k79n$wdak;;joGJ|Ryi&P)NzUKR+|MvBT=JM_tIqwqlcQ0~zcS273(x=f}UR&wg$z0xDB4=9|P3ZX^caO;V z`x#I2Qo@mw)@@#9!j) zaQXLzocBwRj2x#>$}gb`Zi5Ouk8^j6oVU$rU@BLjMDgxiLEFiBJK(#EeKeXYc+@HU z@joQz?FfIx$`#yA+P0c=7Qi2h^g$9=aPJ7}|K2fg18?U&EuFdo&f6$`;ehGf9n;`- zTp>cvTON)r=L(gmvVbeRd*u8rvp)rLh4+=5_gmmi@|^dzv^NO{+0M3_yC`5E*JkRy zjw@;#Iok@nM>wZ~rc0M|MHs!{%N5-%aw;+UAe<|@$K*r>{AlEg1o}DtUK7;+O+t!e zH*oiloOdW}61;ae$ay!I+|1+I9$c|N&nKypvn`lWUfS@l5Mw;6MJ~io-NwPmHd{RH$UJ? zR@DD~di4lb(k61Y6?l(uPC?5<$^SEQio$>Yc3-#^ zKT*4nW7IvAn|M3q#K6(z+{C+0BLlgK2syEb_wkt%)$0B!0PFwzCk&D0ys=I`s^=!& zXL8=D!14zUad&~7cZ13A;NgT)i0Nh4Q&8cIy*+y<_k(uEhfa!OZ^bLDL#Cs)y-ww3%p<0|e2h3(@i zC`C`@DvZ-5a>8HilYdKz^;`v|5l6TRjIs*23QFUaa}^Wj+!;A<_r>L&Tm>b*2Ul?? z^ol!IA(4~*<$v@G^?!plZTkCRBUd3uC*rvZO5Z@WsFL$0(3N>y#Z5HHy$5&C$aycB z3%rdol<*Tb3CJn@!DwVSH|a+D9R7W8$$8rXDk1xM3kBqIm3KtWn_i3_#8tMHhHc|2 zQx^U{a#98ldvcXPRmaY|=+~26)jg)_kjb30IxL?14e4vS>ib8|`zZ{O<-D(@y;T9{ z{WJBg!a=t4KGrp+zzy}EHIJ*NG+`50eIq>#|E4tKELW{Yb4PL2e>%xkFS*QBKW9}S zr}RHJMsw9~EWH2Z{Jla?<#5#koz49%UF^YCw}G5(0o{zL=~~O(LZP`_&CO)p#MRtL z@u#_(-;(p@2lx5k&RaD4tpc+GxthB{FE(;Dl>YiFS3}9!kjd5DNZTfJH5fH}ay55C zUmLj^1#+VQ^O}~ck*Jny0PpO8a(EBs>pUY^t`{>CxV1-^H?9QB%5!VP#r_GUwJfY zR19S>@kLEzbtK?|M}B)HmSoXokHjDq4efR-AF{+dl62L2E)G>>*JSoQ)>#R`17bY! zOZA+q2qO&zo|PU{FXIhO#no)AW@rv@sDXDg=^{wUB+qTh6pXblq3uB9S>}@+Nh%sV zw{}qh8?9FU!c=HH?n~HFg-Og`L z8xcwVcEq!nhBC!$Ku(Gl2OZGGx3JM#zc@qgS|ElRb;nvme(V_`bgbfjvepx@zRmZ z)n0R0|HYuBx`1kE|nJRv#svJn$S!tUJ9@ zl|`@I>lM;Lr9LfIer+*y#tt8QbzlRLjG6|UozHltEP~{m^?Grbl7_@f?|o3M)CQ}K z&sd)lN%}jyXLe9z*OcJ>yfUIH+53{B(TH=5_h#kB>gs$Ah2E{553>YWS?nFAZ28YC zz28=r)$piyMi0d@2QBgT>8{dn3^p_W)%?K`r1o##z7Hz0TY1iVn!h4K_ltKIWtH-} z`aIuLk%yPrC#9<*qAJbjT{ekf<`o7Rhl8K(;}t=s=lHDmQfa|PeZ3<=M=DBu{MA~V z$zX8tZJzAY+gnl1Ytwy(`6?pvp7xpPrBXj;n@tet08hYYp;o0J78C#dRPaYS{MBb4 z8#7JVnA!4opSZqiqRnRhrEc9K$&4?2Qdq^K>^}d_XH{nvb|$klhc&zVPWMp*8!h}x zrS?ejl%Mab-YUfgtXS;ny?l?eK7;C6)!%n<=f2X&jUj{y#%8n_dClz10c7}K-|V3( znpzx2zPQN}NzOQZyL6>s8QwOd-Q|cS^S80nnP+}Gpr8|8o+UVs-s_*0F|mUJ1nm8@?;OcQOrrhR3>TBegoBvZHGlv z@ehfSl?0C(8lVixBJinim8$o)RUwc1AV^{sb?;sn;F;OJ%DZi~<6nW@Y z_$}6|n93lG^xJA2MEjcGKILw8ZHwOuWkkc8KWQEsnu-bYc8caNMM#$ zWvVKCSo>YHiqS2wlyq|>L=t|bwo=*O33@~OOFNYj(*!|^>~1FZ%uH651=d};9 za0Mm`x})Ich(U$sAGLebz-9dm7l2^tbm(~(*OL%=f&tlq`d%8}s#J(On>ul#@=YeK2)*Er@o& zz-Z8etB~-hM}Km8Za`8dRaFKKXujAhFM`bZBp@)7f@Ku3L7+~o<&$omH}$3i491yk z4DLMBLfK&mK~=MZ51HN%)~Y$3rxq)+yGA-6HBtno9cek+*}+@`Odt=TsTflGL+4QD zXjl;wl7=o_9J{FI7y`tbj7HZg+xSJ7<1?vV7?|jC15Zt-2uv@cI~aJiogyOPaNyA; zR3(guXiNjYY?(fiKT+VRA+=>)GuhG!dxM;Kr0e2f$`jLEu(AbK-QPmvXk5~@AYM_$ zn7v&+*xDBpD5z+#^NBm6z|;J+>rBPEBCcrW+>>2f2Uv_Lnet87mm+8>FoaMFs4Ov3 zpX1wY8*{`lFwq5c%VymlL+~wE%VWr%ZrxH@umH0ii3#iGucrn>5qa6&eqqBPh5*f> z-|J1`I^NbRUqiO!b=$=}GMN`Fb_>5_PhSVWBr~iN`K+?rHa7cUZ;*yr-8NgPns%f& z%&#NeNFC{Z;c04Q8-fB=EwB=v?FfRV64#?(A7zP|ki>WgIoeTnm|8-e>8-rm-#bT; zEt;TB5tJP!o76dizAdE)j2&^V3VJA+BG6Kv`8tT4`MPHa8;LPVpq9}D0m|1xBS_}i zp7SQqGGHtLYzD9xiVGdyYtIH1u+eJbcl6SLFMY9>XN8ioByW80cUfRUMz#q&vyhP% zNL|$QZk|usq1H*b+Pk$nWY`&?cEvbv^UuAtY#heGq$RpfaX&?YQ?mLz!UD6Hp{1P1 z*pfa6SuO*^3C#||o#KpCTh^zXMXMcn8#UP-u2O{7_37|}N`)94R&ng(r_ZwckvRdu z%_C{4&~g_R1$P-s5tssGDGA;=mm;w8kgCBUiEJi75oWxH#nkxgzX& zIU%hPc2pt^8lc(6@gawqM6AqYWnRd!!L({IgkTj|XNVoM`Gt`GxJULp=<)cu$DX~S z4{mqPt?!C08+&x(%Fuo%aS@Bq05KrKKi9LGKH&d=J`IlTK<@bAQn z9`4JMUO(79`QZ`QfBf~jK4LcJj>XXP9uL=p$n9gi?+>rLvm3M*# zXcWI_RfukA;2AFTsVlq1M}B82pU^#V_VHI92g8MM=iGxAY?-x10Jl5SeZ&FKRJ*xb z^0UK#KE3wJp5V1tJ`&%$#9v(%V(WPHv;aIpY^y_>x_UeaCi1M{xM#`rtsyBa3MEs4 zHnWNMA7Y9m&+QKRg@#>iHzxdP7ME;19kRQx)ah`Xu5n_vxJk`*?p-bra zhl0t6*`a$4D(p-&6mfEX=mt8cqwK^X&cwUD=@&^pc|LSJoz77(Nqa4H_B<8Y7FY}w z4=jLWyQ%N%tc-fsC_pNSM1;QTO!Bus9m% zx5==y8KAAzje(|H9dl zr!@>rZiz(*&m4A_+jw$+`1*%bw6NHDzx)6l`FF4WR|6?lhB0h?5qn;srT-opu(V-V za&1iieCna&i2V@*I=AP&UhD4-+pF4jWe1gArVtM~>N3~tex$b=A zx<|bEpJ#aZk~hBTA4OxlD0i_a2GXeK8SaOaxZhO@n|hU>Fa zO*5A*_V2#I7Fe?(+dtHGVYP`hdvflmZkn04b+mMKzEKVuQN-=EziZTYU8HSvC_-pu z{F-8K9qAAqb)05cP$;?Xh#u-2a% z)q|!_Q03qStKQ7dPJ^9lXJ$k#rrVoPFj=}ZDuQ)B8Tn=iHn`F!^-;NW^@9$Sg0ejC`Mb|zl>TK zC?zZ8##)2L07)w`S#jiYRA?+6{IE6(C5IKpS~4nEgQa5X0cjhdj0vqZF&W=`8DQ)M#y>wqNDn+PTNRn?p9TG`O zKOeZ8W|`!`LQqc3_f7wL;6<9ClLMQrQajl4pMjywvqy^p$<5Xg5k7aqd`#?Lh!NMDI10lwm6RllG!I*YJW7A6s()X@J8<}OW_y+O%CA$6JsO?aM z?yoUl9Z=~jg0nBAP;;i~8x@-_?_8M?!%rO);77`z(RP0F!rJzne`Xm|i5It09i=c#tcm z$BEVu#@?1C?}Vn^$&xg)z6a0@ql}P_*o49 zQf3P3f$*_*!|t}=*2JpeT!lFkuT~hBTwPKd_(dq2&&7$1P~+snT~AZPxk@lRU9ALF zV+`Q-K9i|tVZf<00GC4^G~UqaU&&Q0)K$d0h6v@c zUeuj0bQ;=|XQru|VunGbGF^%V{qY9H&~e%2kAv9OH4%;zlNk+j3@n*pLkqfQuA0eQ zm6W#N2IHfgpad0e6o&%fM{|f&0|cx={7OcNIYyyj3JTbCM)$e>}W!!?vEw|b;D2u*pfw-E}H-ECXZjpc082rE zy(Xviak_>?5x|aZ1D*4{m2Cr+lWj3bdq(TmSTEARgB;ilOM5X&ap+C!db<5x4s4VH z4}9-=a4z)FF6(;gq|3cwh9ygJHk?m-|Dg3S9c$215|?p%o&w`4H^0+r4Ffn$b|YKQ zSwCQ$&~e6vb8BfE?xBlnIA~}V>OrCgA(L$&@rHNPhVHl#%0d~?zUEY zqWr{N7<|J>YX{P+gKfXE$y|M@+QY_9B%=itdH|ef7aP_*FWYLm5gG-P1g))@PS!YL zdvBYC1}brc*8tl7?G)fo3XY`GfZ% zo_ROLL)cJqRph`nNNb8QwJimNYWM!%SD4SqW#L_AD z@yZBM7VlSQ??@i~gPpC!WfT)u6}&UX+Fp306Zz*1duw+_6>xQD;SB9c)vh98;rFavkIUo9ss});V6Jo28XFd(8vR)R<@uLTiGRdftMz;Wj>VgQgfi zp$?#*iI*(wTH-iFQ?Iy^5a@t)UblS?l{V?Z6&-9F?v;<#aEp#O66wZJR5K`sl^);< z{LV4Co1zU@wjcC1s|{=i2dVNMl$fT-!?nnc$s5EXE2v^p3iFQzgIXt0nR*be^qB1n zJL{h-8Wci9BPi4P`>O_#{Z+AHG=GAkh~~xEI5vgJ2sOj*9&y%&BY5F7Eo8@R0w#7C zqzqSwzsEMyEiiIm1DyX64~A&Jh#kcS2#hnS>ooWw4V^wQgiyWoIIOnY;InkApPXzf zD0=Xjut+l8FxW%6Ei{ZA3{Cn#>fnE}eurs50LMZXa$+rz`KdWu4FT`bgJ-hA31zpv zbnv@$ZwShcxPpp5K0TO)Ptl=5c7%%EH?r!3xc8NtmkamRo;KiEoD(eoN%(g*)XAiSaUUy7bPZtJKaOi1z|a!7 z+F{2}Z?LaWpEtV(u`>Q?x<>%l!__v@H^lE{>m^K<@XTi5H*blAOR!#x?>&@OKL#di zTH+sP0SC-ugSTwZ@5R1X;+}B2mx_yOHM%lo%Yzd}u|Xacea)WmEj{Xpm-zbFgi9fT9g9lKFn;d_ZMvycLc=(97iHQa=jPV-6PDdkq8`986ADU9;S`yp{J^FuKN=w^h& zxZ-)sTF<23baN-#1_%g*HF}r)q}DY$S~$t)FG^A|y9>9mR1N1c`?d0rlz-b#Afs3JqS z+{W+?9E9s|CMh+Uwor^Sfy_U9eV~ZC?4geg zQPjv)DHZ(C)+HmxNvL>O0EhvPIV*;aVlf2_OwO$x`p_sPvHXdHV`9jhmZ7WZ#&0{C z_>I*(IDQ&sgd!T|KDaxcj>MQUpgCCdfHiv%IrRR6^~|CuH878j@S5TTHBA6zMD=fwO>%Srb7mt%*%u^ zuqWKkCb}<|pG%(1nh*vibuT4%VQw1MgviF1lT%n9N81ftrxd|fGZ;ds6tLaqU^s+5 z=a=MY7Sh1L@}EJwr@1Nnbboc{W0#i0eCs_hRt| z3?Ud9c5xcESR7>fXT#63TE)Pm?!@qy*`g9f#9ki$6}>qL9iTv<6)r}Fd#PZ395^D5 z9@{{zL7Ma<*!49iJCZhh#4xI~1I++$OdG+j5=0T8l112dDclbDT+xV1mfyr$wqP*m zccRzu-u801aCZ8LP`VFKj=d4CG!@;d=0A=|Dx@dPET)UL5f{^W!iC zsAz`MQ=)tRzDLRq>I9(Lku^P2c0?5eW=J{~jx_s5xZ&H}AisSm6PWhHjP$)vQFdUTf$##&E z|4Vs~&Ymck#Qrzs7_BfA0qlfJ9z}nxx^G zicMPHNXwwk8(vp=@1}*(j5Cf{c{FVq9kWq{P(VoVi=M>vmbAuasWmW_0BnT2OT=3W zr_UPsL=kN#Xduq(tC5$UR73<7J(Mw1O(0wlB&Hi0k3DoUhk`MIf^kg-=@6%RRByWZ z2`x7Xnlx%+x}tU~$*7lzia-ZUCgPcdc~$Aj;S?-ra&sJ2cxE-YuC@rQPydPD*yO;# zM0Ys-5f?l95fKuDvf(HPE!ZhArsUxfU6-UkWQb@cv43Tj~d&l&HRqd zoHFc$Ydpo~)Yvt1R4+w#eJq*mW+OT6gp8Fq^scjKHqs@Z9M}LOt2j`sOUqnOy*AWH z{L<}kPuTJ&GIQy5`zQ=*01opNb@kB^+w9CPG;@Jsc{o!QL+Te~9-yo^GxM#Iih)j5eeK6+816k~Y zF{tVw$PP_X96#4-vVLNtJEkLmh0$G{o!~mA8TnQP0 z2KqT0?aZuldPLHJ2?Xto&|Ji#G|$aq_aUNS60;=hRW|O)urtAJ8_SM3AW6S2Yc})K z&`?9u=B$@k8^PF-x_7c3QEnqHf4X94)?wByFj-Je2SjSbmOk%;tj2IDpYD(Wo8X2K zBi}S5Y5Q0s-{BY{`ZqTwPcH!x+`B>wu+(7-meqH0DKCV${ypu8f&R4`-sKAd7sm zUsvlhCc0B+PM7RVHUOalTSBsTD0hPo4cRQCjJ8Mep*4FIjg306pcYh<32uWtm<<=F zY#EWga0Ye%FqH(b13vs?oa7L1Ga;-0k!@90v1NaD>qw086t+dQ`VkmHkP18DM3<=f zNcLqm*T{ecFMakIt%FS7V(IBdqEBaQ>0u4jNIZPnAcibFm)*=NPlof2+m-{FpCAK< zi%yDuNQB$HE@!{4+=H9kb5t#GqiBm8nb9%lE45+E0%N(bv6uYCBj*=3=VFb3Y!A+9 zot3ee7FlD<31K5H%H#9IoMUW=$9Oa&pV<)qRrSq=2$(=%=YTXx#ykFy zCmlL=W?wqWV_>qse5_lDBI4Zqv57%afL~638{cp`B#O-V%h=uY&>0FPc}-(`(LL`d z0<<^i;X5qf+agHwiLs~EEGJwSE37g2gm- z#s&;TM`4#?+&p@5gdErksu}nSxTpT1aWm;LJ+vGoX5u&ly>1#u)Xg8~*4;Ht;dKqR zfc?OuUkinE-D}6?(w!POx7eS@!6&}N58{~hGSMa@H1P{ZVS{#7r||s$3HDylqVx4)-N|~nVJ+hzIt+9?jC7K!DR`}2ELgjY@>1i zPc*-FT1p`CeK~h-$H>m9T*w0#I&+~#vy3H0kA(_%PmTx`o;||}f9Lu>aN$$#pI1KC z^BZ2v9l*cy`FKzA*=xC-JGm8+mbY>P+PjtU?Y8B{xRnvpw%iXiAw7i~E2neZ0O{8% z{BGd59O)*@A`-AC*XiZ<2LIgQ+;n#?l>g>%?kKll-gG24-E9c}l<-r;|6BN(#rORL ze%A7j3P1ng-xq$q=L0^4pKg4q@MGuS6n@6>?T*6FV|9oBi#Shk3aBIN+7@R zi(EVKc>fE~_DVl~t!GpqA9*a-?#_krWyf+yx%-9jL%iVO9(V|9wL1>L0b%@?!n4W8 zb360y6`q~>Jlo2`;mcx{1dNx`a!vWIG)?z{o_vj zvpItTp_`8PgVGN@0ndhb@WKDm1oHcQbN#>+&k4`|=)u2H?itAU*1)qX{MW)WZ_oM# z9)a2;9XYNY$5n$M@xOVV{DDgz;b4=zFLV2Mcr1|P>|XqVO`f6f;>Is?BWQcaItOX_ zGS^Mogn+j&;&ma{BE^(s5P4pC83Sk+#A5BxN=*H;lPQgqBbdivXmN^ z1smvxBX*6pqxZULB?EHE)#=@7E!~{Y!pC39*u^C?f0&0dfG8xgr z)ji_X_Vd2XA0-7a@In#z#6*TP-OC{I1{SQ6&Pw12D60XsKe(=KjW1YYP}Co)t=5g? z*A&ogfH+f<@MytzW)%}d;}@^|oc>BdZz)DB!>wUk!2)k;H7t@VG*q+Qb*g#J2L)$~ zC|JhC!rj5*c-T0g@TBCT@3aBUyH^T@Ip0>5qmFAYb<` zdbwJOA$)SBGKL&lT4aqe%a!goHz!)WCn6g9`t7AFgq zqB*rc7Bx%pCK>J0e=f>MpxR;V$oAOcQ&Gx@NyXVxqDe-I?%84=DUF09gsOD#-_IEa zn>L;=ep)*8B#X5|Kth}-GG8uUFMTyu7HoiAy4XgNnu-reds1=m)|iq?DN=?5KuzJS zm*E$<$>QryCGScLPaI6PN0o$0YegBvwc#Zbr6`mPqHavd0x6IxgXlA%q;+ybYf$Wj zu^Y zl1tJz*>S~0W%+;f(nONL4JF~s|HKL*KBH6Gp_0}q4Fi*wpG$mLTf-3W%m!n@aidl`}%OXr#CFoP*7K9jCp)SfHVvS9`TlZ2L19~&J+Fof$n zsP*Ax^gF1yiliyJth;K7;p2Fsixiq#c9Hq=m{bz;WSN_>iLFc9 zzC0&eg|mfzM`BBE`4h}5mQw>J1W}FY)#dx7v)Z^Cq;OMt7q%+J*bzu?FJLu*A;6x( zAtlkjFKI46$$TXYObYjvcVR;~idcHM+`?8cDB{FtGDWrUALbrKdg+{c%eLkIZbGJ;Y(zXGbbEF zKzZ4HvTt^%*sW|}FkcPam+e+e_zmqKa&lZnJuAHo)&N;Qan0F0p(0+oy$sit1TC+) z#AX(Z9ntX>d)b;3LkQ*;F0&QRNhQ5faXN~QJ2GG+9d~LES2RnhP#NvgPgFRh{Y*Fl zWLw~_9Wi%y=$ncSZ1pE6n;z!hb)_OzS+>r7(y16ab7Aa=&Nyi&8|YAk*N{nDSz|^K zuFWe6sgsUL_oB#_6Y6xWaBi)9x)?M;zlJCQ$YFsa*C^E9h66cN;1;}b%C1Pmb<#r1KD+OKQsyHfkf zKn<|E5Wj4db**MRo8M%>CYx*Rv-NWAdS4oZmBB)pg=^b+-$P^k$Yo9KbQa!|c|rK( zl@RCQ_t|p%$gb$xi>eI;)_$(jvG&^2EW;wl9&+7c7|Hl>?Gfovk!+2@2_7*>pZSN{ QIV_EaF(xf@YrpRF|6J7`?f?J) delta 48625 zcmc&-dwfk-_CHCz^1OKvk9Z^@k$3L7?<*t{6_Oy5NRWs;kSmltIv7psq8_7)(ob`$ z2CZrJp`=V@PieC)EB8|)T?VRL9BaW--VU)?2rf1E4$z2wwjQ0NuU-A{7wHR}37B}Y329Xz z-vwMTLeAfOIWmJQR-=kkuK3=O^ViH4{=^kOP;x$Kfw#$XKG4$MCLCltTWao-z%5*h zsrv%1q-Er6DeykwoGO|wo6ePBBwXT3?iD%J7=7T$mE31?q5^&l;z~sNIqZHD)cT?LL-K8Wg?ZW`3*U-FYnuTi??uPzb5DH zUvOnBAN&3E`ZlhtMdWNL@IK+3qLzoE|7YZsg#X;gmHkc{=XI953vzPfqRJi|jdAD3 z{feBoe{tL2lMiv@?lmoZiW^7CNq_kteL9&YY6@&U&5gT11oeMAAUYg&2s0)Bjo(emrr-+#y==}yTQqgf4kw{(I++B_&Xx! zoj&ke{Dgol9HY){xCwVcP7EBM!A-c=l=%}k0U;;$rgA<0xa^6}e zA3w%Tc);YmTY=@R8n}Bv&U?Y+ckpmRDGKuMo~pWV<-doVclz)q16Qs^+snA}+o`b) zSB{YLH(%}p0hA5{BTC1C!Komw{4|u9(z&HvIi-uUxN=I@8oBb8k&|<@$!{kAzjKcJ zLE&3C2c`HN&S5B!$qB#MhW(mS9^)L825;jW80DsN4oah@bB;0PcSp`UeQ@~&&Oxc} z7tV1v^y+EOA(NB-@;~~7`oBe+7X5xWh;t~>i7?JV=^LmPO>*7_x;lw-+(r}Ke&OyL zIqxTPkvFeE$;Y{gKu+-oqamK$#9QeL`1}5n^Ns~n!0zX7C@_huxGQqr_F#N>uA-$h za1B?HKK1vJlQNimfvW(jJa))MzwG8J?=w|}4&$6v;bGjbNT1JDJveecNMVR9=L0S6 zZxwJpI8*;tILLNBz`Dj1xTXGcCvjDj#;o9~Zly=yZ%Q-vaaCG0&%jmvX*XB3^mDH2 z*)A&Nl>fOQfUA0I>Vqfe?-lxOAFfKIvq`_Ei@$JHEg)x0K(}M6JLYr0p|B*b`gXFc z;Hqz>q&-~qugQ7)7Z3Pv=WjInwF0m{tiBiY!V6qArI$}})s&p|7OwhM+BS@<#%SjS zuKI51>maULg`DU=f4ag|%T&X?z@emjimUm(6kp)vYT^sH8teK8Lz9niHIyE`!qq&Q zE&jMmn%BtH{Fa0rRUV;FUi)_8wQt>k+<_hfY6a99s0~nCa_!r8pZ+OW%0uTZ_K*-> zuh-x5(_$g#rh4$LLR1i@kPx#~c;<>nG%0`7qbw*?9m`uS!tyH~Q6%6gk0Wigz&5M! zQmJRqz)>pkXrYRIZtb7}Hdrje z#i`JO%6EC@d#aU(B>dMh-i;(4^gQUMirarNr^1aq^NHujZW_XkHk+_Hb8s|y^@wLT zoy^pFYoBrb4n60@x1QZRkSU~Rv~+R zdNk>6_kN;{D!U!Y-p{EcD$~3#tD22CM|f{mZ?3NHS6}SSx*uu_vZ~ZOT;29xRCvFm zF01}g@9ZwBWe#5I?bBJK>F`#QaB^YaC{pvPx9`KM>{gxgp60KLh`Hh2L0zT7jy}(I zRpsGj@=5Qgim1%=d5?}|sCh*`-r|vbI z{^rxKrzg+~LsPTeAe8PfM+-Om z7VF3rr*E5%8c$daHrJ#qP4F#O?F_=&_4)*I<*&X$T{U=Gz_`*BA^(7Hd}q~GxAr^V z%b}`>dN18Ztq#W9^e%zxgLFTsJJ#*pbi0yO1+FU6?d`5nLW9L5%}#|)BfR}c} zL$&aWzwo!SR*V^*oH*w{AxM=+v3tO@SXD$*e84o;hfyic)PR0kCbgKXLiObgI|<4S zXdbUncEyhboR8Nqx*3+0ZuaD8BCHCiU^5?-UGQ50Hy)yH6GMnC4gwZ=onpwiw*wA) zYlt@L!EKHiXD2Im23%2ZolQT*O>iUa_6K}S7w2e`Crt+es#U8=fYnR_dE-n#xq9D^ zxezdvhAmK0P*!oWBh4Hde+<~81vWw0LJChEaSPnXri7Rk$&SFlYppbF$3tvEia5D< z4$NVrFv_knB(S2j7CTs7R)<$blb#WQp)}BhmYWpE1U{kZ^UNk8<>yhbx-91S?2q3&+FMMjb*KMm{N&BM)RYcR-_IB13FqK48TFrvLS4A{=^oRDLY|3Fo z>`v-Cbg=KH`eO*uzZeXzMYrM04#%IM+F@W4QxNp+balkRplc7QB9adW9bKxSk^$P@ z^5yzy;lx-^9jO`LF^8?BP`yq}>9~XqSSVuQ(vC}#s9u;|Ny6Ta9&G)KAw>7Y+k}*z zu`tp6tm6}G7Ked}E2cT`RL5rbiYhkwn~pC`jsBM$Zish{0xvxRDCL3l2#C7nnu>3nfMHLV#ziIQRY zJI5XzMH>2b8M}|N#EL``yo2ozQFfSG(svfY?QiX)$QE7jrYOn|lTB*v!QYLe2#g(Z zt_~iWMiFQ!&wL$B&V1c9lsR9F4}51ZLTK{Muqcvqw(Ej1v<#S905$bB<% z4Y0vt6n1vgMG?!TZk`UREXJ7>j_&>*i$-9@0og{FiG>a^!?s0r_r`^k9abume673v zAv!Q9u;UG4j5qmFkKUy5=k5W_^2_?9m;VcCm@patnJbId0K1*IB&N=KtyNqj}&Iiw&}>+ zz>vlvv}D*bq_`xc!$?)cG7_?D9z|efB9(nZQ<&>V5o@zUYutnjxgKrEfRxZ(%tV+< zqIvBmA$wI)wBRtN1(Nasp^vdy8Opwi#K3k_@sQBHY(|UXBsIu8S)m_k;`*@yp-skB z-G%v~%@KA~BDfCFY{Tf#!%QMpX0oa<^jKfo<1mD166m0LD+3)sFUvrE;1@7h`}ce*sD@{g%!+lDPq| zQC`?yUW1*H1}IJ~410r({1`jQ4H^ZvzxqX!PoE1L%?5om6(aM^usI88VKH{X{y9Yn zB*@sat^=K$V2nVj#V+UrVM+bt;GV77W~>6%%V za^c^-JiE|mvBftiYY?Lx;&dkULa(}P+19AC0EWE?aX&^FyA*b#4gJI215|a-$_ejB zqyI`Qt-MJntsMc4wkrH+FlC1+OFnu!d}V|x!ui+mCulFRVLZeF!{{&7PTJ1!;{~eh zlDkG6r2PnG2L?|{AO*&V2I@Ib7>OAf;ntPf7F%n8UJ!Q|^C!skM71o8VUz7(@Qut@pJc4J@R^NIfse+mzy>(HT6B*dGW^ZrEzj~;x;P+Vf)@1FIy~Al@iVa;yoLJHOyJ1vK3;~9{ zMa_Bcr0$#EX*AM{@`NXNJ@3jHiExix+M6~Jj6DIpvuRioWk(W|B8$Rk6=6I?fnvIY z*a=USM8>D63IxCCL6_$?N!Q!c+_D-YH)m5GC?dFh)Dsq}5{7{9>@;k!Fr`o@^vUa; zMD&?akMz=b%mQg{Ql#s2Wz;^JF`!W8PerjgE?$zDrBUxZtXh(rhoYu2hmDnlEc;K? zEBz=B%={!PBDxz5R@ks9C-61G)`C<)4Se+Hvne|aOg3zZUY#T_DwNnkeS;TDn5K^; z&t8lk%4!^Cc-;^)$3ojUhLFlF=)W;Xlid|Dhk9#Nk(e0b3fV1>*-clwXa$G`hn6YU zr?9&V??>EM#w5|rGV}>KO>M_(F>Dr(<6waUvv}Q`F~{gE9>=-XA(QK4*g6EqxmFKk ziJKDW!ePiu3o`~CNf5+JK9ptP!6d|@UVQr~*3~3V|dz@~x zpipwt9{YMrs-<^wY;%J_3$IIw?Hs4kQw&DSbJ=BfGIwfh7rKFh>IFrx=uN_$OvqR} zGb45hO>;uQWZAOVD6M{HvdeLG_qx~uy2?>u(pk30Ga+pTm#);LX{CaCWKz4y}s#R$6cbEb2dyb0Gljw3)u3X zxG*+@$G`+OHk;ibib(t=&Vx;WP(*P+yjv@32ozBp6z|451cm^mjdppfes|aSK5SBm zfk|*|{Ojt76N&LrG^yn$H;TZI#^8}Y4QrM5#6F)t^aJV1Mif zIP0q+E9kg>AI&sEr9u_h!M$dWh0_>0-|3IA0R`nbIc~rJvf#Xan<|VHUewRgYQwzE z=t{)ueO2F?`4>zoDZHuwkc}cJBDo{qkES~)71L;Qo#lYZ+Xd$8QEvOA_&D_f>K^7{ zzEc~|?_x7Hl#^?Q^$(tJo?$8D1i-Z-erEn(>P$gB5I)kzf7lY-+C(j!t1xGhvY^7;qX5z%`K#9?dt;tduGi z>dG-j3zs!kOClg9x{;e@T4g*jo{v&@_>%5Iv6F92o}Q*@iW$5{Wx5m#e*6~2Q0MHL ziG$eY)ew%8_B86}@@!87?a^fIJS~&CDk*bO3ykk@BQHG7?^f?nE`BGLwTxfLe%@dot~$z}_>W-@8xAlYTWgI&d#bSzbmNi} zNI);+aTa97_zV-HKzY5|(vIGw?U!Fj# z9Yw@!F@MPBaVSFfH#5&BBPgP9hj}aAT0w0=V!koIV^r1SW=G3mHrGX^GSRzb zaT&Mkw_segE=_KpZf+QgoF=)Et>-KssB;2|fOBhV8E)t$EgUp7GwtNKX3ihA5c_}9 zDjjqT(0cw&Ep1%(Jm7BCu&0!TA=D4Cv?1NvSof=&%+;5wJgn?YGFniv2f(p*sbMYf zvaV^PTBFGU)>1l3qwL7`?p8C6P2vczNNXHj+M@_i$p(QvX{lKEL!QZvG{jp^v3{(u z#b`9r2)o|ehVDn&6~N+20qNAcF$waU&xlf>+0LNT6u1)RR)?JCJvI@VqPNCVxC=aL$D{MfsjcyVa zY->Ze@|2zsU5R9{8k_BNe+}!JAurtjWI?ph`V8AsG(3m07dJaZ&t7U{V+oF1 zHO_XFj<7gl*<{;jb%Z2K@T;}8C6E5W#@66CJ6G>?CRkdFPqZWdoMCJ3&v*@rD-c0^ zg1{38Sbs*rE+;X57BH0~Pj+l)P3+IMI%5p%Y0tKOo=$5YgObU6Y;$5&5w0@rxNh?y zf4q82aZq-yBryQ91r@3xslQ?Kr+FwSLV$#i1mfv$UqiD#P#6@|Xt4>QU-h>W_eu6N z8f;Oh9_cQJ4`$j~W}{tU@7`dLr;SPfP4gp{YV9x3OldXFUJHOTH6~hv(3)V4Ubv`b zxD8KhYsy1MlkQpAz0`h)Zn)w~LWl!ac%AmyHQJ;LS8}jrxYs_>!Yw{xPoej!pqfD~ zTEH7i{vznSeNrb?8?I{I=N(oXSpAVo-##gsln07%Ew2*_`>>b_+7bxhz+{h)?bAGh zV*JEr2&XsZ_(EF!vn72(X;1`Zx^RDGAF{tPF`RCkpeUkyA+aAD!xV&?Ac;pBw&CPm z1l)5e z7IRK0yY1upzDJWmPoZpuPPEr3wzF64zd?_^^=2F3UVp_~gg`p5lIor36 zW*MOD0BnM+>6E0%X!3)9zpXT&prB*ka4=qEM85-Wa^8dzQyu~V24UI8oJcYtvft4Z z4TVh*f|(N(4+ozo^^0OUV5O7oq?^@G-A)4B7X%lq%%}WJ$a!(6zEW(NFl>F~JsFR5Y`+cG=(dEFl zf6}knfuWkY+F{$zH0(>x9qsp$LDd!zdj-wBeUq9;4^(24F3F#{XA}|KDap(xcqn3W zT#_3NCgFD4pPvL%!0$&SHFtcJ6W~~QU6B(6yPbte&2u}H6Qmq|OCxB6a>v;0O^^_4N zmDJDcpIt~1Xz7E$>i;dPZ$YQ3NuuuI(bFg+ zEHeh&%EKQfQ3s6i0L{Uo2P}Dg$f5Tiu45KOxw))y=J3PK*1&M0HGrvzV7L=7?N9<_8r~VRf58u2Cl8z1;uF*?KHFm_cDAeTx58~ zk+wpMu?dzJ(yHa(lhY=!X$Dp#P}mN4LrIb0xwF!?un;~5CRuaSidgg!LjXG?+{z|3 z!z<6GO=3+51C!d9(mJr&8PcqB zk#_ELst3ihmjpi?d?bpvxpPoA z7HGf_AW+QSZpa+WE)le22vEr^rdx{l0zO+ZxPt9$Du8+Dd7HPF z!#Tp~gTvame5v7A%L;mX7jQP1#S`2;2AdG(AGz*~4LSJSXv+bUHy*!1Xwt{++x7h$F-X1aU98(%DYR z{xALS@~DY}N#cLgkI8j~BY>TFqoXuaE4!9%kZ*JZ5#j*&t0oNhF4qTS%$MB@&W>am zGQyc9P#((?GX`d;nUplm&oIl=9tAy;muF0|tMYJdxWs&%K{s3!I0f&^F!!dMP<@vShU)devV6r$O^CWA2SP)fieo~Dzm@*rCxq1(7ZvY#Ob%7IN z$or!+>0x38$xY>%N5frHPi1D1hb&1BSduwa9=UKZS@q}48;FcdCF$cV`d?R?`4L|JIo4*RYxhq`4o%^6pd@- z@bQ*qx6Exth5LUR?^PGyRNbbs>}LG zzMaXS$G{}!aMoq{RF?uG(Q|kQInt$2!pV`tkIAzPgI+Yw?Y>K_d${~YI%%|G@bEBs zLaV@Tf8KDK1f!r*kI}y(;PL&uz9-Bj82Fz3+gr4+RjH>f1nyUv!=ATLJ@dIi}$ zcvi_#tjo+H~*?p=BS_JngFUk2yUOy>5z)r)oS(!sm!{A`~Dz=g}Idmf$$B9~i zGZ(#=Af+xWcroWGHc!EfEM9p8JC(~e8O4G&TsMJm6ltX0L}LdR)%w z#)fGW;kp~|AMUx$6@rBf#0sIWj5*ROm%cIvR~^7MXqS>JU8l?ai8*>q1JTCd=%s-Q z-cr$>IeJVD(xYFlS@Q zKE%N!VQKE`%mpg2Gs1Nm%a7RMING}0Ic&;?fys`|xi7Icf+A|)&7Gp&MqCqX$FAJN ztXp85pqzFH)<`XV!3Vhw5p+?k6f%J;L=3`?8L^RM;f372k5PAu8JtvBj7X8UPZSLI zQRRqfYzcvhgmlCabC{P^C;?9!UBuE6>)6T^0}JpjrvW75*%24yxSN7r3Brh@z3GG= zV?31^V^%;x@l+#Fabmn%*%V7=(izbn#(7c_j8=#1f z_&mCo44YfXT#C;fLw^?*#w3VwS)9GX-sN7l6Qp-GYZ=AFjt>*CcsW6Z83Ls6MiX8Da>nG-C$jMlEBPL#p^1I1-Q*iAT(h)$m4bEXmUcBb5 z{7uY%U|^DXAb)cW?FbkG*x6yHB>P=|*eV?`@`;|*%VS`&zkH-ys4C*z!jUP#t{A_f z{#K#>bZ9J@@t2Vw$_LGGC@I`AvYVXljw3*OUJtKe`Q92u8c&Qotz|hL9E7;s5Y~GY z`U&xl%yz<>4|3thgi&2de7jM@%<$yFRFpwq+yZKQIg6XJ%*$TiAftJqH*9{#t zOFo&07lR~B7{$vsODiC17mjl4EX(7u6KNn1_9TYC83s4}yf~^rPSjA~miY51c)geO z!Y;@p!CRRDTKL7IkeQv^ZgkuvxzbV5WL3@Rl|`z}BJ03tn)d)3bBI8)>ffX1%NOA( zAQJrw!k24FffK8z))nlb9!05eJiIMQOhtD8I9_;hT6z%ieWhSt+fKTSRu@0x!b)Zv z%1Xo=B?pIbp{*`H%?aQAT6d&in47ndb)+E6Eml}7 zehd+s#E(aW{P~biyz+z_2Nf+;imY}SIGJTKE?}c#gE5@Ch_CXLh_gJ@wTu`{P?GELj3qf zNH`|y*-MyxtYDb?&%J~L@CovJ9Ebn57b=ez#0aUAz1j<#ju-g(bPeaYNGNJH&_H3? zzNlb#uAT7xkf0#p7x+JDsyk88+x;KyglF>m1VL{b?Faf6i{Hh12qFK{1qu6n0r#>{ zFMc=CLwKv)Gf3#JgYUi+Zi?Ss^{89q5hNsiRp94d<0<$(9o}1*@l`=@u{7exm%;~M z6-24FQm>N*ZgS$WVxzafT~_=`xF2)m#e&vd! z4lor))A3)0w=3OkK}unCBrO-#Rmn#ch4vAuh#r4045hIyR3It*tT0sG(=zZ_tdR)c z720V;6GxouI>wwy^+0(fP8{Pezb{m=1|XR`WC&bSRySkJF9ymDEqDDJV{RBUY|cZj zzI5c^%CRvy@=dCWqQy9X3gYE8He0^F z5m!tsCoCbQwzWQP>{L002?vveq_OYus->Bv7Jk4k5rH+-tQ}VL19+s34Y{MWHG(uSHT+l`xf6& zZx=3WjLs?6u!gJdH|7;<);(NfFO+V8%#!y<7Q4|E4{j6?Zl|kl93hDnj!p1rM>aZ& zX?DH=x8UN6;??p!0R~=bg}3eZ!goe^508|sSo5disf%etK`Z2XV97glt%I^7`@5GM zu2SW(V_8WljXL8>Cq7^DN(|+JRXcH+e#)+rX47N(iUo##B0222ACxpEP^K7|6#rOq zkuHaE#U}q;k}ao};`SB=!nq`A_pwdi(uP>tSulZ8bqHTA>XxErudSJ76|5emvfS3R$o_U^ z=X+{c0Iu@>hshE{+QyY#rd#kz7BGTo4_1zV6r90j5%R0FlG1iMF+70`Gm%9+R` zR#91VhewUJthlUs#KKA}eP?p*+60X&+r#Er7?@mNTsB(0Gga1=vG504OTgCz{!co~ z{lm(#%WN`)36#DQ{?SbrO$=|8MX>3mB9;zVhsv4895b$n4IL=LI-TyQ$K+c}R!6cz!+*Z2TjhFD|*>NeX3#0Mx!lrRPR@(ir5=!qR72utu?Vnp( z7E3NgjNivvIff@+#ExS&=_&@}AxSnulCHFhse5|-FxCe! zIJx=u_?KwJ30G?SC*#9uZUJu0>j4w&bgKa8k=1!Zlzbno0Y!k?R-y7uT`YM&e!>L# zfWIQt2;n!^Yp#b(u*|0O6RdoqIpB2=68O@`6E3kD#lYldtMd7Iw9Zk)+Jf@e*$fy% zhyo!jED2muRlZL?6^$2#)NU&8K=;m2yO0gr%NJ?bwz1rwbwx}iQoFCb18bTnV#DEb zGh0-k2yoF;-AKik<@B8|3MI-qUVfQPpHNP4%h7ic*l9Rro#|YhmcOl+Q}({;{|3g1+W3SS_-`HgB-Cr4z-ix zz`O#O7j*rNu|m`5emdfw>NrjFAe8X1mY?n8745ntC^g*?&qiZR09l;t=*(Ivir6vA zahSC}6j49MF~v+h28Iv~1aVg>X5?7m*hMo`l*(X&LP(oH(*?&GwhqKNlZ4kC9pb2a zK@r7=9T({iBPx(gKH;!y*x(z-QM%cI@_-T==#ltSR~;F0YP>-SEY9Gifc$j#i46%F zwlli2mEbk=hKbLykPB8=Q4PqjkwPvb`%lzp*se^G!i`0k&HPYCvqm2wPGiaeVKEjz=nhCIL+bdIV?+&{X1hq;h4oYGV#QUU`)6jiGIe z=x$a{VR04(#qE$EAeC}=Xw_5deS30vRcE%i$1F_N>Z`6Xffzz;l;H9B{g4mzb#B!$ z=4~-ckuSznean`4IO372P_{3FAwZxJQszo8>fy?XKUQ^SBRK{pwezZGvS}-d&@HOE zM)MPS3;_aR!6I#A0@y*OqLfn75LWF;lQB@y}4~s{VxyHW--1yi$FhO+K+=i+9vO0-vz4njYGQH@u1s?Dj|m zT+)4mg}5<<*eu1H_#t_a?A}(L&niy=Y=hGyJID2f<5P{*`RqhmqKM?{ z)r+)RuF*=f_T6gM`_i_6v4f((Js@Ha6MPSifQvu{U{8=HYfT5XQbZ9w9;s=q&LjB`HJjOl1?Ay2zvk<9{|`Bx?VA7q diff --git a/variants/NANO_RP2040_CONNECT/defines.txt b/variants/NANO_RP2040_CONNECT/defines.txt index a6602e69a..87c09ec94 100644 --- a/variants/NANO_RP2040_CONNECT/defines.txt +++ b/variants/NANO_RP2040_CONNECT/defines.txt @@ -21,7 +21,7 @@ -DDEVICE_USTICKER=1 -DDEVICE_WATCHDOG=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751295788.6373296 +-DMBED_BUILD_TIMESTAMP=1779181422.660762 -D__MBED_CMSIS_RTOS_CM -DMBED_MPU_CUSTOM -DMBEDTLS_ENTROPY_NV_SEED diff --git a/variants/NANO_RP2040_CONNECT/libs/libmbed.a b/variants/NANO_RP2040_CONNECT/libs/libmbed.a index 0ededd88e07911853e2d55e82b4c17bd95a018a3..65da008c4edd72da31a4a02afddb5853308bf60b 100644 GIT binary patch delta 18374 zcmc&bdwdkt)w9Uv$>u>GWD^M4Ja-96cJ?tlvmr`^@Y0~MfM87v78Fz}u|SC>#Gq7B zQKE!v{7CytA+0E}1i>*%3QgXSLhV;ESbmBV zen6=G&di&x=L8M@0K$GVsQu~*@9gG;9}H^0J#*ja>$&d)!Vb7R;D-Ad%-zk2H*frQu*%7a7;3d&jL!#_bK-Y_b`VT~*XDBK zp~aVhS{VG>*~`PZ2RZTcdqaXW>`Cq`VblklbSbFS57^)2Bn@1^SPzp%bJ7n0wbH!F z+&6+d=W^1eVC9RP^v$4_lNwGkXgtJ8-xcIloTR|MluJX`DNa(MR{P}=&tuCt>2h## z8z+5TxHzAa0>EDzzJv2eZ@D}qo#Xr(q&YeNw}rg3oL_?iJLd`)2qR{1z_fiuF*d|KoDMuRO~Y zYp{AFR~!iUui}co1=L=4(r?aj#a{)_!G3D6o8yWv2m23m#YR9?NoL!9)|v;bH70;z z09VM?n&C?~hvRFS3-P1l5=3tRA-5T*M-iGGTY_D&zt{bGZ4V6)*f?Zq5-MS@<@UcE!&^%kY|5vu1GKtz^u+8 z^Y#b>GE$Y$CyE|4ILe$S?+y!ltIR+F)0(aga|9Yk?pqMHC&(^scZTs-1WpI!e3M*R z71nJs44IX+-Ke>j&zD#IB5a(|cCc>8+OTy-aRFKRa9DGsfe#?94Pm{^9L=+n6hDc7 zCTs!QXoB3(7S{1Bovt8N6SxG?D_|3BstiB2*g&D0R&aVmbwkk5^GV_IzSqMa9%Z0X z`M5n2?Au^>u3c{UYk2j8l!Ex~;K3-c#rnk&J|n<8$>rlZ=i=!{ro2}Ii7j?irgvBA=JBih(mu}vPWSW6m+ke;H`>*A~ma>IR* zRpkaGwwBB7@u2z{f?b~89Vy*tpnz#j_Nbb56iKD`A=6`p`SQueLf(W;DpU!A+6G#!a!&67yYx988I>G46)y zZ*C_X<@qOa9CCY6bbqvg74e1oH{j%)ERJ5uL?S%v%VHLo4;H!8)&wE-wt` z=0crKyIr0Pjtw^t(P?)aP$GrK7TS-RYA@v>t^kWE)vI&}#ER#h$Lb^2V$`Md=J?PNd-B-;^!EZJh&5I7xG{C4al z+1_k%BgLOPX?`jEyTRTL?uI2VoY!->@3zZG3dK^ zVhBlKQ82~MNinZ8{%lsTLt**}GeXcWxK7!iHRT~T2!?d35&pz?X6fxo!;;6Rr17f# z*>*W;PE6^`)VP}R@v#FV3`jMa@lKzT{gpy$TYBuL4g-Z^&S|j&BMnHLPI#P^y8?BRZY9m|PVZx63F&Fu{{1 zc|>|#D)T53!b^+d%2+5Q$mX)R5?$p5aa~PLkm}!(@@4x?amUiAkYvi3m2um13DS)! zD#H~|>)R67;-$!{xfVb^(EM(k-286*_6!3H)n-1??aDx%%iK_C{WE@jI;9}yv2~1u zQ1zRHk-7{>hMJ#NhCWUnsXNLh|u?5HL{x}IZTP5xGa)CFB|D%@mU#B z1H0sLp);e*4taU`$X8gMM%Jjfd*pPUimM>iE#O_+9v$C0@^>tekXazK?l>q&>^g$r z$v~w85q8!)%EU9pAyFY7HtX2FoYYJ|mLhnDUi*%Z9}sx2Qn5`zEI zVVNVFh@}Ra_8&o}|2~jM=6F!#N2{kM&D@fI{ zUZ=~6_BR$ffrrhi)~=zgV5{28&#pI!}*;p_gkfIdsK+ zA%^$|6PB3dnZFLP77PV%2NC;`5cEXsjh7s{`-$M8J>5y*DKBkK(1m)U5cZU)rxNH{ zqQ`ddzY>;eCx9ZWwW2H=9un^CXA*v+#X~x)FFLV5lZF~C{uCzC^F=AEyos=rkGT`+ChLcS z>D$G`)(L@}>sBOojW-}wAt59aA)owRqHAn0fyWD%@_V-?IOL>P5|3)pmexRLgLkU)bfQ_iOjG*4^NH(&whuG;_{(4>;3G8WQy#YAA&^z!Njmd1&l!Qk z6)*8_0o83yu*(BcNo_Nz){FuOoH&IZpPh6AGaOC{a>ZKxYRWVSP0i~f87U)JqhR%rOo*+{~sYDNH0F%mOJrm+^ znE!UGen{bu3kksqn_qWGw95z5k`G)-B_@+`b!)yknbxp$Njx~xEOtx8Q1AP}L&)^Uf+G3Uk(7s+qZ5Ahr&3z9vWar4 zuvlp!jE@8^B0QoCyiGZk2jZ*)^8+n%u*zC#4@8zeWnCAfZ{K!ngI2oGRqLO#ww4A= zN8PchMe>7Zt#h<$l#*iyo;N&I=i5Z7lCacjmO}^%(6 z!6_k-{EQIDs`6A_^dqZxUZ1LSXM)5kESarWfdruP8&i9=>W|6**BWsD-#?T}OAs2c z)<2TEl$|odB)%ba9&;-NsdWe6NXwUZKa={L@hpH>cfOYj>HVYb)Yr6ng{}@mIikhz2q##dL>eipj-}qhGB73ZxS-_Pc*5zBb1tMVWk-z2-x`@#&fJ8~ z;+0uS&l|-(V~s--?f&8N+?X_43}d6HCAJ4B)e?JhLfTJ)_~Xm>n4C0v`PO+m?{mX# zYe6S(m%Vvu-IJ)75aDchq?I#&B1pWW18dTBPDzHk?oBgkcO1Nox)~yB>oMocDO=J` zu;h-Xpw?Pjkvwg0nqR9{>2^20k(Q&q4RC8OJbL@m%yR<89P*7GGlC+O9ve3~P>DAUi!SL!`ivm|y_ri<0 z9ltGo4LdfZZC+E8-ZS$O+`0m}fi9-^((f?I8Qtl$WkEL&hIAzWkrwOT`acHU@e7Lj zqv_pO(WNzctYg>f+yYbDa>kapDJ6ShAUeU7JBy?3^7gr7H%y@vgco!lFR)4)BT-dY zRuO{tEph0bep`yXck9?0EHRRawzjdfQ32{{Z%Lp}0Xb0ZZ_IjaY#|HkC|A{Juavzs&+W-^1-RL zgFeIh;2&_dm$3aK9QlWBWj6&<*7w`$nB|EH3;t>AXYro2^9%lMt8WRM4w(m%hJS0O zu4W=kY%Q5X%*F~*4VrF`fP?1Z*35f?RvvmO^B@Z-gj3%endR()hLNZsF>8|iNLS{& z%(s*gQXH0UvE<87cV|vvY7l0T$1>ZEQ{X*9{5V&UJmRmJn{_c4n1Llb&Sv%+$?@hv zHw!njj-SiCTNfShEO77UAl*RXB$jZ9RV!1ndYRKHJEih>(YFNm-ZEseu*3NJv>;VX}N|AizjjVL0CJ`h4Sk_S^x$4DkNojD^RoWp< z^=Fl{Qj54$)441YtA#Kx1f^w>d~zsj4y!Mf5iKD_LUr(9a`sAgl86jeA$yT=3hWGA z&L^Ra-{qL)zM0v5LFViIQT94^Wgv`dZqF`bWhX)QK9s$JB{hOv+7e>AWp8#VTL^b* z5mY-x@{{|s$FbP0G49E32}0sbFmx(gmxmNixYQL~&>JvqhAKYkOm@|+bnghq=Gi&z z%%v2h>JwfOuC3R1Wjf@R+j8jpAU7hjYS!d(- zZ%7BY^{(6jiMk4*Z`+=$yABXaQ)_NlHlb(EKOh}8ndtnzLZ&;cMEf1Vvq$7H$rQ`;c^lZNR(g;)Ac{`#1hx1${$}1in+#S4b*d}vV{V~H(z)bp;82tI#JF zbln(0iJ)|uB#)>sh|Gn}!8Ed>=?nx>PW)zYrTc#KqQ zD#7i+HP!G}3trMvC?3bA;d$+wo`??$9?cJsQf><`9MA&1j;#+o@v%oz$I1O83eS%T zoP@t3nmxXdeno_*s<8$>&G;-SUtV5Vc!DXR-0HDBE=3--cxfpuTv23Tt!@=BK(152 zJX=^*I7hP++yXRD0snQPjJ;_PYgQG;vjU0iC4X<>kXE)~vB2ch?=NiBk_SZ&Jz8ki zbjSRG5<6PWrosS6gQ3CqdFWxhg$n5_3Z2^Q&Pr)wl0V}JKZqGA? zHAVthuKdNqel1#4nakfPY|#z}MPiwk_J)vI9YQb^CBOP%AvM& zD!f%QXaM&Er}W%Om!|ELLi!ONrLVhCI9sd1D00wRw1H`;OefjD&N?<!_s3O@f;t=FX! zM3Nv=UjIeDLw5YJXn-kAEL!k>QRzJfOMoY=zuxK94g%I*H6Ap=m3~{qjm|kn31Le0 z0%sLFeu`jfxZs`S3g%hvOx1i}Gbn;DTPMjoRyjWo^5C}B&L-`wVr7T~rk6AGunyIcZ9uhR06b@u5?95EUb-VMMu{ zWT5UUt6e_&k+XrxOU$_bgtI}bV=zZ75${EJK_!p6&Sk}J{?a^LUi~j8y(k7OU1H{S zODpXZa%v$_?X>a^d0seQ!hD+aTiO!&US?P#&UPzbz|sI|It-@s=2dj7$#ihUwjdwG zrYLz@FAw32W74C~^17HrhN@e6uTeZzeqJD5PWkhf_$kb-@GRxKI%te{@*gvK3BS@~ zJbY4g`c1wsgj>6nm)!4cEO5xyKl2?dLNPIEu}aMh4C#wj4}C+{%R5-qBUb4<#~;;h z9GFs71qvn){zlO}!bRWiVgl7aq4BmCE*F!NUAtKB)GR&Db%31^f*hRSs%No_Y*bUF z%cfNaRL-OKySlY9MkkWwf$9pfmqR|k%|+ki&{>@aT~@8~*Uj>|Ake8fFZ+~hiuT4B zGAXoGRZV>!c&Vil?2d4M7J@)jt|@9#JfGt}YE%IyUZ()x%<{J>UusNsuX9kxBTBX} za}O{iF-ON!?k=r9)`=?sFZE7@;7$}PAAiC9xNggE9|SHsy&*IeJn(u|Q3Q>6I6DsQ zXvvO{-x+i#YZoi5GXyYGv}gKHsgR01>Inuv!!e`bcFzIkW=e-gRnz4Yptq)W*IQP4 zI`5zyh?;dDd0Mr~nyv*OEI`11W`dWtvOrm)#+BZ>t0)tKELh|1Ur&*QGiLH=q!7Ra zTVH@WOuak|8^O!Jj~3R3yVJQO?&AM_c`<`ayk=Eq*8GHPINQ(WCps~1S|(?EMEyOB z<1#b2!|v4iN93sqf+-Sh`bGF?dEsbbuGzF0b=ZU=(_;CwP55P;V>HKcQFR<=Cr?p% z!aqXHQJ!~m+CZMEA@VFT*QXZ?(9_6tGnJ2^J5Spz#&Y>3NF&dp$9v)Oy29H^&L3!MX`jy8c z$U6ldyU{x30qem7?PwSqfyPf2rkM_-6;p+Lu#K(QoPf3*v&ETD<#L>e4o(%a%n=bB z_aYt|K23-NRg$I&d8YlS?^oVY=*S;p<3OK93JPBEt_IXLpfb;mY66R zTJF!|xHzz;V%eE!!)kAuX(y`N=@^CfulB})DGH_wdFE3vYa?DOt_IMDPz|6#@9tSi zKxq<&qy5u`5yL)d7OOsCLu<<_)zyAS}shtQ%@%Dy`V{` zV+9344*fxBHBw^7mXvn1awSFZMMbPUyj!^XnjnUweWgK5cL=^5tjrgJZQ%nn4#J(`sJ#(HBTmx30s!^Fc=H{kyM~RSSx4YJ3$%=zysI zxYF|v-x5YZx;*pF_y)4+qQoMViQ;Ki)hI|(6Lmih|0A&}U3}L#3PG*TE>;@1NL}6I zfh&*tg_uJU%a~EfLO8N~e2o|oS%6`8xwxHG8w$M|C3#3E>g&nZZV*qfL{4Rtkm-y+ zUp_Zie4Od3t#-4xP8aimC9G4rN_4QYM6o*F7YMhcnXvl-@m)U9MDQO>twvA6d0V;b zt0h$9YvKV`KNAV64~a{I@`>rVSYtFDga&BQPm(`4Cq5OVMg8aE5Hmk^69oTARD^bJ zONo&4er>p)P-+K|07xK{)j` zO7+?m9-k@IPkB@|J$Jm^E=#l74v;C1eNuZ2-AsZU>XMddtu%UI>yAlQBc-aG7t*lW z%jiETRT-5BZ>qW|@$9}p*ms2cdxB(djrNxqtw3aNJ{6lUdy@U1GVdpRO4Ix;L1LQh z{xR$vD3o{)lsEp)+aetDk^(>dPJk*mSmHMY$!VG5?+6v5pe7P=r#k5#|9VHD_1d@k zhl0fF-sz_w#j#ai^zX?JoZfldZ!;PK>^Ss^|H809%J@(H(+dnpyd#hc(8d`8yh0dT z93M2R+g7}R-372I5tQ9U^3(R>XM%Qc=~cxGf?O6pt%5RY#*d11af)mTKf9QIMWrc< zfC*f>7Z$sMIGKJ~yw12?pl$Q&;x417s)`9d?LPD3{lzYpW{3{T%^uBv+Y%>F{%!Hy j#ux@nyPqr030f(BcX7LMuSjICcoF`8EU~kAc*Oq$fzXu_ delta 18270 zcmc&beS8$vwX@3RlT9|CWD^M4eC`smyR#p&GrNLB2ofYnEFf6Z5-SQ-Y-0_AC9F|V zv8FW@xZ)#iqr?YlC_(8EB}x<&TBAh42lS=S*uW!JgtX8nZ6oi@+&gn;b^?C?`p3yl z&OP_sbIv{I+;i`py!gx0rY8U%%Z>}MULnAH_>TO#A4P6txS3xOZdk!^Ul$^u$KbAm z4EHTUx0v9!50S4n$s2Q+pah40^X1`xw===h6A46=U;a&P1SH|pJ$lIH8UBlaV=lvg zQQ+TV_z@s764HRH+RX40T(^Y6f+raM#=E{6tVm~g3=!oQef!V?hW|Ry34%$m_X>u8 zYt|(o0-b+8bZIzyJHvl^^N1i^wu<>&7_)~FE(Q^8hvRuhP{0d}wJ?=ogl_>N!a@i0 zrQr4}7~x{Dd=n#lIfyXA`nM=-+|CGJ7sMMGL4sHQb#dr9$Otk-lwU5=9-GSumx7ZI zGr|{z3)2`O3PO?C$Cyy!y_bfJBTPtvoOCAiRiWe%6H=gTG!p`dNI$-Dn6#G(DNykN z6S_D=F4g(<`d02@LZ1tfFGBPU(LDVq6H;LNW+o&-MEbD{%=PbpfpxI{@Z(FvCkL6( z(7;!MuzfQlgJTvGcFc-MKbY{9Q@$9?8^wgbQHXrg3_pk8%?p^Y79!d|F7^BJLrhqK zRd+GrXn5d8Cj1p3a>+rzI>LlM54OR2D)7Pp6TTGe*~NtQfa)^L_WNxO57`<_0G9z= zF4`JKE!z+)AJc+7YMnni&BTeVY38y~(a6Cu=FZG$WS7glF(w*W7cei5jYbY#Vcwb% zg+yJQyjvW&&b&Gysz+?7F&{57An!N#C+m=LoIfv*_3=D9Gsf%?w>)nCo>@l#+SoUm zmuBmb@+h7Qc=4!1FPLAk>j+>}`(blUx(+Fi@(Y}2Ls6DfocEErI!)IPgSv;!TjO-d zcv-+8&-+o`3XenF857e}p`(CdEwf^r(Y6u$Yh!jA%+hgt410O>a6m3Hi8XaGy(V3k zS(@92TKm{iam7z!Cg@EE^LE`Avqmp2AZvaW(;Bbi14!HYm_EfC0_yEfm)s=f*_c{o zomFI0M@-jqWH?63Ch&56fI~xL%q8Nwn%HAYbQH2>IgcN&A{u@nBUXI%jo6=!(NW2K ze0~9zZK$`{A+G;Z?8=9u1syt&0Jd1WB<`?c3yl!0m*@Ogh%G;i^LlmcWorqjH94_V zENqFpsW6&#Yj@mYOEl8{PMmQ;mc1L-p@fQn8gnuwYYBsK!jrlg0oinad|j0eiLK@J z`H7%2dgDXas}zJ+izA_7jf#|(LzX^>OuulIiYGU^SQ9$6BOw`Gh%?8F?Y~Xfr?&>o zT>W~&9VYRgI}-k2=<0tlq0_Lg)h8`r*o;>adJOcK)otA)u!1f@@mJMFu)mu3C#e3a zcER!mC_T}(yeFY7N!6Ah*Zwi#yiY|Ek8DX!6cpd3JhKuT=xRumF>+vd(4XdeLgIdR z;`@m@M#K}E--Nh18BSbI1tQZlS0vS%#A8zu-=el4Vs&4YSmn}j16w=m66fi~!XD51 zIP{wmw^KZDPvW57*-ac`Hj@h zfG;4Bz#Eu9dUmf$K?JUHSOU>gi!E1Lx|Iz;b>NlLEJJiwX}GLK(8qewoOr8K+_}Kg zI5wJpb-m@VfmQiEmM*#^Dl2bL@S^SYV35jY%TXoysRB&eWNC_Kg{pr&eyZqbwfv5* zlFE{bw6jRqJB>7;e5feG0ULD>rz&k)MGhnSa9|oi=ZS{m2>Sm zDOisGkL7@Y-u_pq%lT)ECM3z!5Mql>;vFX}`wgR@t4yyTxD}q|{Kq5Ag1aW28KDaV zC>n{C(}2XHn*T9^sF;7n@Cf|nuAOU>E~a|VhvKA&N{US~st#R7(Qr0eZ%NW* zBVt7e&L5b>53EVQH(0TsO}ZIupFV;BxNF&%5xS~uNkb{o9)V}sJ#mCtT3ty-0|S4J z79?alQZhm72f3t!R8-Pc$0r#RVRu-|M5phPDI-V%lY%L>PfdD*@~5MW4u$Ejm^lJ{ z?X}VZt*#njfuKvH8sSfTXRg+sYEJS8rA^#al;sdJ<|mcEtQuEQJ|%f@v<@k!GS(A> zVfK2?A-3fv4>@%d5Dy(Qk_S_DNW7WKX`s3%-yt6VZgR_99R&<)*`9okWb*O{ec49GW4;^kgXNgNwmI_kT|!p zPzKyP&EgcDH&~D6P;9JV zNG>J7+lsv_6_V1g(o!{h9nrjXi`4Z|W~wG=Nmox+>N$;Mm{s4Esl9YB!;}b$NVoWD zMXHx(VoCj2X^R&8UUYhl*(u&tmHL`ekHLnAwXeQ2wUVXcDmG)i9uH3X15c+uMfVHE z(pyqBj!%$-&!w)V+YO}z_5LdA)WcI_ql8}88Aa_<3qn=YWqVRvjB75N?~x-T@LzT; z)l92XB2UxkwDZa-LFL?mG3?N^%ghxzv>rXSDOMIofWepk9N z$m#;=u%y56r5jfpx-|6FHL@GDl#7`ERvFcj3Z;^T7R!eEG09C-aTT(Gufo)_h~8re-Bm z;;zc?U$m>~rV+a8ZqD3E9f+_h|7qqjda{s^a+rHjYiCxe`03-BzcX0jz^2TeS<%vV z3}$N9pD>4l80xbdKFQR0r!w!EOw9>JLdr%72BZs@#%UJEL;Egdiu*2%u@yy6b-pm` z0L>GGU!ON?u{D~qW@=Uk-J#VkB?+MLj9QxYW_H@jh09RS#7at>RTz^ za9Qc+y?&ff_E~L%i&Tq{h&)hdt8qjl%b&EZG3eXB)wW(!r{K_P-ezkrj~b48le698 z!)I*sX~9W^#D2PPRJPHDC&gs1)a(_QJ#bn>nGlid^0SNVQFDqNQ?oV48A3TUeFP*s za|C2vRkk*-;n}dfMabQ6=9G#rKAXLbh5{MV{a!Zg-yim7@72^QM4R`r zqZ|ZW6X@Zrx%5c3#x)76%46BhnvE8i$or4q>-C_=PI#PR(fRCUG{VTJ_V}DCy_d+N zSZS1W`Hig4+N|Q-q?~8;RI+A%RGR~}TSZzy|?k*)HT=~M`z})v_%VsXYW}YJ-f^;fMjk1x8|;>H!XBjs=I-|@m(TmJw*Nk;n;$fR&|XTH zk8osvX0Ny*nzH%0y^$K8P?r78ew^m^lt7YXow9$~o7>dk1PL1s>=mJ>^EKrWVPbE~ zAJ&^#7TxEE8wh;aw6r~crD5*jm+}wLj6!(zznNb}Phc2{%F+v_ijVf>ze}A<>XBp3 zi^?}y;EdOsKb0M}d?HUbi^nASK;jI#i4YUkWEJ#Lual56f3I}?FF(FMaBIOos1gzZ_5rxXfkRv@c-Vm- z7xY{cy)+%W3;O5{2A&MTw&E6#yjhS-)g)r194pYg45(uG1mzaXf4pEeEwRX`ma_#W zS_6?uprmw*Cx;8>)4EdXkrxIwqvvGxs^+RA`;P5>aE+4o3cJ>Ap@a#@>pIC-YG>@F;)6JaER(#9=5v8QkX z&E15&?{HxoMH0q%Cm8;?P`eMoR{-+Tc{wkf{pHO+{dD1-x2Q{}d?zrksFQk>gp^$( zz{9)NoSuBA*mi4?=ADO(YFJ$qpp`d4;>2I}c#(F~!(St$tS@SdR#WWVSTsbVmN4mS zEjnPJ?0%+bAGJK8Z0#y)qDGdGvgE#ia@VoqNYNWKE+hikEdK3 zNNoR6@t_dxD;-;lm2&{4G_@D^6kws(u`G#B$QudHLh$MM9tN?BGP>RuIw z?<;O8xr1gMvfifUB^&7;fstt3&2ISS<-U@ei2G7&)IL&DNyxR<2;$oK?1qxhNaak2 zSY9Y;A~6j}>Fq@}k&pMl*;EePf&C@-tkanoyJ|qa64_GY_@q{)An!LFuR1#JjYc+1 zan>~IkeHV@05ya>Tj6WY>;*asu-wAz33YxQ5)Xs>2l7=+#k znp0f)kJ5N@KqFR#Q7u^$Pm!&FAhEA`V3d4nJIqgPC&dgMMT)$NiAs5-T_)Ba1PjOy zTDBPzJ4nm`h4eN;BB6E#+ySTGH*p6^SCn=Cris0J?Lo?(y%RI;(CH>A>@7P$$`Z|R zzO3hZm6E*1KmjuqExJ1#Bc?W&jiO`7vkrWcU?b-bBBfk;`hy;P*j~4(>^ibzlYW>T zu3I`uz9&f8aGdmsi~QYy`Sr3+vY!$Hyo@XhU+c(UO~wCrSyQPhtKy=uu0fLR$uRl5 z4yf@z8DpLx4vcpFeO&Yy{CUv4i7w^yATm-mwjZ&7&nOk|a=A|EmB8Y7C2{0Brmfsn z?^an$wvjbrIoS8)Qt0M7*L=O5WCHMJa>G1og)5cRN<;!M6nn30m{f2SS^0o#BiTqO za`@*ivtD%=j$N%`olE0tWZj0|XW{bVZRAqkB?v27ZTi(vl416g7S}?W2~|y@I3~|a zJD+tm=m|iQs$H(*Bym%js}8!_Xm}98u*}Q)Mvz(VLeP~UzW#wr*#WhJd*#H4&YViO ziUS|IZZQ}XbKm!|jyry~==j8?d|gLHY&`FpN9r+(9J0BaG#bKi*=q2uhi!bRxWB}` zquA&Q0l)Hb;ojNq$uvU~wP6ovrs-e0BFC3jeh$5p7!t&|+uaY+y_j5~Z>@KCYvM@O z1EnC=Exx$ceIMC;B)PGM)f?TN8pl!OW|4ilwN#wD*&WhIfFEe#H2_XY3GMDfwwVtaq zVW^B{QS$|%RP^8F$<{=GtTKY{R;P;3ukd`N@ngA1>{#V#(L}7m3_e15IlokV;(5;w zjq^Y+4p+Yt&+B%2mh0C;_5mK*2OvAoebw^`-5H2&u@avDk!Oom9%3b& zn122ot4&Ob{e3?2MX0!?osBVwec&awUhiD^qdB-C?`A*J>|MYQl2Z9G7CyW>wV&?Vs&6gfrnXs_~?OIXPw!8P1&IBHDG^zNWhub6p)cOQ)nf*iWS+f1_;LAKO*?KE!H z*?Cquwa2aTK1H2ZB@p~jdBI-h6wht;Dla=kelTYD0k4f53A9QDy-M0E{Mb94ycO#R z{9Ya%d8DSxC8)l3$X7$oRnl_dTUJw|zw-O4 zVA2e-Ha?FRjb9%#L0tbs|2~alDS~^0oN`6DdAa|!+f)vOZR3ajc3MsoZQ#oU$kNYV z5m4^3s2I(Y1C3WkGbvjgIKEaz>X`gIo{M6F?FsLtxS+r6j7NMXk-IMz&6*xa$Vk5C zh^Jst(ltL=bm9L#yO77s$Y<=2ir-D+O!1~!sIfjdM_e(MTVOWLMZI>;ZJH~Z^0~XM z_AG{B5?*AOLaA+Jn5(4rPKKEU?Pbp~%p9@R%iWr2a-jIh+_feTS|~L<+B%uL+cX8) zuY|uILv>QK9d%31L6kCuyY{j(1?Z+J+-#E-b-g!=U_PnYh03pnW)EtTI*cgU+0`;FSEda9GnH-H5$?fFO@Z-=}^p3@f z<{);IcycE9iYBpRukXHrn?#Q##Aj{wT%|*GH-csjEbg;8fH<`R5Uisz;S#OH5io4SJZSgu1$V-j6yh(3jK(;t| z<-w1b0^3TeZ1!w)ImHTruOL@=)K)md#LVI~$$^;hR29FKmI4IXaUGvQcVdFTrT(R)6{?5JpK3ddDjL1$Z zU(xJ+i=RwWJeg+P0N)VpD+sRAr;4AR<)1Xj-~K5-9Bp|7|Gwi!+c#%f#Zi|FAJMu^ z6~K>L&lXG+g)E^}KNqe9)U!gNQ_z(C(r~<5ES$FFbLCmD5YlsiHLjd0SZIMk^r~AZ zoTuKYvhqs*3?Q?5@pd6oZ%TPC_yQlUGlqOlG2?FGIK2c>IS4**RGGuH4MLQGFbBAw z!vu~eg`4OJT;d=v2MZah7``JEg?akLl85_(WVrn5CO+`0aE~GMY;Oxo=|vgQxaF8& zGf?)P6j}|oX}Tb=wA`15rG(Epy@YP!mmTL;}-2 zp-!6CrD52(Qb{i_-l)x?x1&Ww@Ex059NQ6kpRS8E6x6hIhIW=lM`PbW$Zjx*?R4n; zWhx~ZUiQ~eWtoa3GB%G7ms3iDJY^3z(NuzmBPgNW;$BDiS-O;@r}gHrTikVJ*sJ$- zkQly_f-32j?}Rluj0}Q**>H=i=7kez(jjsJyIRVLAjjPuUPBj-AiGwDd-PV44a^0V po99ChguQf^BBSiT4r`7_1bJ#(xX8f2?8R^=T^~Ye>JIzj{vWz!fJguU diff --git a/variants/NICLA/defines.txt b/variants/NICLA/defines.txt index 070856ff6..7a365618d 100644 --- a/variants/NICLA/defines.txt +++ b/variants/NICLA/defines.txt @@ -33,7 +33,7 @@ -DFEATURE_BLE=1 -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751296019.4294596 +-DMBED_BUILD_TIMESTAMP=1779181463.1376967 -D__MBED_CMSIS_RTOS_CM -DMBED_MPU_CUSTOM -DMBED_TICKLESS diff --git a/variants/NICLA/libs/libmbed.a b/variants/NICLA/libs/libmbed.a index 0f5cfdad218554f1decee9ce40b7788e5ebefa0b..1e33240f2fb65ea975d4318d528ca7c7462f10da 100644 GIT binary patch delta 42631 zcmc(Id0c9Fl{s$QBzO1VHSD!}dhpmP?e=d(wRs9E_MkQj^ z-9J+O7oWy|o%q`D3Z7`q$5gXH?a`o}ERi#%lN<_p`5$s#@teGFw%BCr?{1RrQ@c(EoP^ zgQ_O(jQk`|SJnLb$;?*O-0{=s0q5;g)v)KDM^rWcubxJU(eys@GwU%`&42n?bx2jS zX0`X(7@(@T?PO=Qq_2# z+V~ABpHG@rRVzIi%RNsc`^Ufeek4&qN>H7M(mI5Z!fM>)k@Ez$K+?}BdXff z6IHeA-oPIUE#Gp>_p|G=s`gh;=2=OB|{C&5tQXRj2ga zGf`Fd>u2adRULmCZ~qU$zejIS)%kj6YgKi>3M{o_vFpS+@~yOZZ=h^h{I zzKc}V{pxv`|KW#~syg=kd_-0Et7ll)MV0W0*{vETJxO)g^XeOWlApWs(X1;U`N884 z&t33zfTtt9@=-w3+&DQZw_Ce(F=b_C-S)qBD{USSXzCzDgq8*_h)fpHkmx$>q_x26 zqE{ab+!r7ucWg}H_&^16Hiwynmj`1$3V) zC^c9}D6}BxT#*o=o*i^LLX3DTXok2GnpOw7?h?|duP7huM;~tr`pi$kIxJ47Y#lS# z2PKO8t@-1imxC0@nXP7W@HNTU_69vB)>YD%K?}IjZMO|1c~HS{+J81^y-tCl&6GvL zA1*e~JvV|*D}n7c082yRsyetXMySCt>A|PN#faX)H#G{ zGw6@=f=xoYH22Nm31URcyTMz-loV<)lf1*h>GTK<{$5P(*skD0jYt^;RBoh?91b>z zDsXk0vt+Jk{u+EeNkntwjgUoQA^>ethfEGjQqU?n`P`76^vT4KX<}mP%n+N{SJXQ~ zrm7X1=dx!JzX>K6wf7Gh*CS;t`VD5b}991#%Xcosz%IHqh#~ zp|MI}=m%;1l8d7q8fxAUGOClpFZhT*wJoGBhJi6}0~4>+VU@di=FyOeS_Z~udia~o zY?nP<(fN>>`mUZ1^+DNWH#@UP^MiqD8zVz!=L!vEOKxa#fC6)~%StLuToGEu4Z_DSZ19WLG2ka(84+rZV$xz@dh)5z7#@LO2uZJ5 z7MWcBv!NUK9D{+WdVc6;KF44PN%JPV?8UWgMLlNz} zL-*dz`U69NNEVw%#eMQKH8iC|r`??ue&MosRBYCEdb%6)2R_K#NOM9(Px_O+Q)Pq# zU7OS6AQukmw2nu67+qTbK&OpjO+#{nR74Pcw zqPR!fj&?Fd3%T^Z)ahWbg3$IXlY2`P@*3KpCnpbsla~U}$rgR4{U2_AUs%lG7p#w7?ZMqpJdClg&xSpN&kX+Tmdba)g53cq43Tx&k??!$rc+ zB^v0?U19HO897WdB^hF|{Yd zjdXb*^(nFcTw0~}6WjBa$J8r$*oR3(r%Y0x<52*LXq>JdtK{_UR!@*)e?@&cnrR7U8d91-9M_Y`!f}zl#g9i zS8@l2B8vSrew|qei)jX$Vs?!xdRZ0=VLYJVj0*6Vbg7m>ci6l zsGPaknyJA|P7L9mV@Th_!3G-8Pjit6`52a}2WwvD!eI!YW^y`Y4|wKLO%b2KeSoDX z%H2H^|3_2B*G(9hlufTO(#W}*GaZ7d*+ zIc6sJ9go+@KYQt>=3VYWF-EkkL-<%eMPmrbK46`Z*IH$ufnnj}6~Qj(eJSm*BPx7} z*dJ`BIcS5g=k(5{26UN-CruZmYtht=eevlv7E7M{lgIE*rF`bT&$ z&+TCd(zdt6Nd2#eNAfTqgGu86MzlLwGtyr>Q)o}5?JtQ&0yDRUB)+ZZcNY~7qTK{9pa62WmoNWAwRmMr?$J05WQj2 zZski0OlC=OR*!4<@2lO^QDIgwS;$|<1RAJ+k+xLKdQ7qQAu-~7xpuQyQ_YpyLSa|Z zqo$v7_muXQuz@6Q2-rhNqjsUVm0Og&Lawp*BT4l{GeNTg6>4Wta8}4~bDTn$x27 zrdcqAGzZx|tFNnvwfBk1jr*&1yjY|gf74!2oX+i@^tt)Gwp487i!W&>3(bNWf6}@X z8G15mbi*&&mAsoA;6#4CxdrO5SUl6>azC9}9D=rm={^ywqeZ7%Ax6xL))k6d*p{H{ z&S_vmQ)7zm9M=Jckb2o{C9NZ43?z4csG2^}L${oJY3vu&Xwt<9M^tx3PX> zj1p@gy#2S(45nohbQ6Ta(vy>Qi9ci{#0Ixz9<-k=#xT0F>QB4|s#k&)&`pbO8v+mR$V|MjDH< zeSocUZUNRX2X(Q0C({Sml;z1urk>VmJFpnf7uZTPr4ZvyKc`!$Xox`Ay(~|?rh`n( zt#^~UkOLnCL7?)3ZXHj@V2tRTA9WSKg?yN}3m~fLtW3@&XE9d#>$4Tfb@Hcy!Fs>D z6gtAhwkrmA(qC5wdpcsFMz2-sViU`wT-NIkhzH`aSbd2ixhy+bmRSl(xFmgyG8l5T zN9zpq>#q7%cUM2s>s@^pGPjpDnl3TxXNrv~ z*QUQI763F=??={+h|`dUUfM3?zRk5k^kTMtlbCRGjy_XpF{J&Yhyt1zr;q<9>Prgr zv;7sV$g6K?vv(lv?ysLK7H!->eK=17ph{o-fIe94Hk-%jBlvy+N~5hoKbbEjF$6d; zJH(^g_k-*B;3fTGzJ2NgY%+Vo!$T|ew}h&t=hx^z;UPXoj_&_J|2eN8!4L!%0Y-Xi ztA2x+RnrcAYno`PqHDg_kKhR=jFsfcJ$tCM>L2=rLdgk)-34^uFZ!!uxrX^g92O&r z10oK_iX z7ttW@DOmLz>GhI`NO4S>WUnyNx}g#NJPYqbR*S=v?OSOpOO_4Ve?Zi9?vXJpU0NQso;v{yL7=p;fUc{J8YqU%d#cn(^G8NS zihI*dZPPdfYBcVtsP1A_4r_?A@fr?HaJuHTsPTmgiZYwY7q7t_KI+@3S9sDLqb4cU z?jWssHINpa92!8nd>@rUpZ+eYNG#^Db5XC05p#Zsy2QuUym z(SG!+;OH;>gjUoX8r@ykp|o8Wy_rw_7%xzX9cCNYhk#f(F?u|ok1;Tv=Zx;mqa+L= zX&8#kk~dVQ(=!#(+I~vI-3q&FmpZ|4Ul=`rm!9~bY`1&npd+iIcMBaHX`2{lq-VBA z=ku)}A2e+)56ve|M2GN71`JG~c-%-HP;lI>bdCK7&ciGhBpkBRA|Feof`Ql43pK^@649eFt>#$S?^w7eFW zL1!9cN`<1*w(OYCwF-=F7V_*5gR*I4Y0PR~>Vz?-$416nOA#7)+l-hAyaW@a(MV$c zAmljiW~j8Dl^z=rrO*dZbNWS(+zfiQZ|p-#BftSA+#?#I43rFyO^6qE zN6X~c5q#XCEh&CA_FA%#M*YUvwMwcpK`p7f9HZ*v*z4T!q729EiG7Hdo1%#G0dbpo zB@@>5w7GlSWWM=<)CJu5DZds~#%8fV-kUQmu9q_Jj~XZ16E7?$Q1$CYqR zVF-zu%~R2Pq%!UVkMc1vg)O-}zKlW<84tz1$448A0Jl1xn+S@S@@ibi1ZDszV)6TN zg?!^k>6<;MS-W{GP&=; zz)-^xpRPpC3JEH?ETeP$5ng|Wk(2xj@OE4Esf76Dd{u{m>C&F@>v_nHBF5y$PvhBH z3;_&H4v2N$DKJn+W&CmRFf!g7@2%VMLC)!^pCfQc0BV3Ah~Lmf*wHYr<*+FY4Y=JR zf|Go+b2^>)QhX|Rfj$JVSfIc%9V*1mw!~-h2o(cUWX1$yE@?tUlpSWb#lU3UY3I)ByD)AtSRhh1n?EP53mzFiF;`X&Lj`Eax?^BkwkBb6PX!HI zUG5wUfjJUP>S%&l>={5zn^?`wHxkCiuw^4AmZWBr%V{MiQ-}7TlOhtg_Yzq#fm2*Y zI=x@wNbwZjUX$oe<6?XXoLw@~qTz{0c%}-2fq0fI7cpHkyXeG660h@k3E z$&HRlJO${>S36uV^b;yz?(CeD$=o3dre!^ol1-jrg(Kz+PbxGB5$9(mwI+IkVw8r| z^DzIqOYS3AB{ifA$u)hE^oJ1)VUm9O>%+|to4b4?Oc2pw4|Q>|UPeWtO=G)Mu&}~` za*3PYW%zuLgF+FK2QXQ|K}n~n=#DPQ7oQf2y?=3X_iTp1@>(?XNb)t7ghW}=q;HeA zKh9{NV&52;vVawEqfG~~ohI^lP_%&_8JdzP=BKVnxz8EKX?`QUW(Pv0*0hv? zEEx91-wb6K)4GNm=udM}_(4(>Oy%>#Kfj*x8FQStVos8jWn#NpyglU{O9bP*mhMie zWP=&!qW&ypDqC>kh*d{ZBC?pmunv+213Ua15Zv_;+gL`)NhW6V1fwbHuHUkivBQjv z3jo`oe9i5biW0gWVDkt{nHsHKbM9j1ZSg_Qkp-o%?zAm+bUl7TXn0ML-Ezdn1T0|^ z92eK^Fz-vO9kf27+c&%~F&)yfx#>V@%RSwW`>`fqlq6llF(~=GBRw^+TWpa6+-h+_ zELp!ks0Z!8pxf3pti>30nv~Q1BvoKRjfqb zA<6#hi9-?q>gnC{kpJgtA-`wFfVD>=;Ie};H13S(L8~9?ad40V+-x@6t)%Q|dJp>K zh92jtm@a&Y0yT`=Psf02gVX0e&w2`Lsbubjd}yJFrUmJF9Dy~5hQ6M@oh`Ib_u+|A z%a)|`7!}6>uZezi?XvX!;$bY~f>$Wv+E%9XOC)fPvg25@Cf(~eFs0JPYtt*(0t=-? zZj7&hE%5{Cr&xfD!X!hndD6`jkEXBYmWpb&_nGwMOoed^N4wlRA1if+nS6G{r~zxR zBRNWj%IB4QUG4*H139H5)pS&vp@D^t=xC`Q)=P4?+egl1gl(Evsb+A5vG zbzf3I!!v5x65N3u`=c4%GZI!YmxUpujz}+Qo%d$X z(>$iY_v)FZF^2Fr2P+D`)1c0J?T4o~-x@3i9qs%Y2;&3MfNx(-2F=_09Z- zyK@w$&d*F>2M|%VwEkTi?1sKSIP+66rFlCuf#Z$J%umEPIcZW*o9Ug9P|0N6tM@A5 z+8&emepjElSIk$&86Qx>$?cdjN~s+(y`7`)jGlVz9ndq0jR-hC;zw6JnYl;YQn>|f z6O}l&Je8@y5fIS#&renAd%3S#o>l6r=BCUsel+Fz%zfe(s6UW!Pt3~PeJ8kWvz2g5 zU&>4uTe&P*=^vCNlXbiJEhXK`EjaV`ZIWT$nyQCOqbqAwCa*QX{k}U`BF0sjp>*zQ zB_U{B7l;DiO7oEP47UaNBwBj7A3{W!>WFp(y)?oYql%lpu;lx ziWoa41MRljq%F_(oh3bJ;GWE}@3RRL?Xh{2dL8H40u(Xp`CeoBN*6__*Yz6CHuBN_ z2BBb*)V$f*KsSBd>rgqHQ88+OwL!ImJ9aq~ZXC=f1`JGd(~T8fg$-OY$QaIc8ByVA z%M@d?A6@u}F_EQ^ed3O@T{09Qi4JGi-P>|k=Nj#iY`(=rm%yauLAW_=(h8#=4>GWl zIDp#O1q3@b8xOFu8V6~fp-qpPGFk2&MF2Ti%gRx5>Uh&feD*+FdE69G`p1V_t6Z=L=7iU)g)6%{+5}AwYZ+6lGnql%>IQ zbPHTc=QpQVtm zrF~$Xb~1m2E1Mp<-?A;4d0PxC`5A9yh$7l&C?U#TR6;C$$+EXM3vDni(i9=(fuw7_ zHhgL+GAMu@>}rbqA1$e@+{596vK1~2b02T}Kx6%e6~Fod+aSB;-h(-kVqMO&TNq_| zR@jtn<#*%yqG@t@F4Bm++q#-hrYOy01=dm?r><0eSgPg~tLogS*O9vQ%rS-!v~3*_I8cR_6a<8o_dPiD3l zT-yGET)_S>tlpHeZyW(!XPWhuvcS@IuzV`wh_#i^H7MoWbJovm6xwfLH_ue%+p2hG z7FX)(AZUuhQJS#iRIn7e0RFQPHU%Sri=sig zq=#;k4&@m7u&6ey-%TK0+U5A4c1v;k7E1fj9J490%K*1&rJCD(GsHoQMGWK25Gu1%BC?oE;j zaP4NmF{8scf_Ty%ncIOy+U%*UR?=5n9I%&taB*__teO4nbY?$CVs|DjMx8c~b|mmk zYzzVXt&k9R^G}`RFt8#r2L`5NW;rf&Wo`jO06CLM+Cq2NXe?jjDCKSegVWHX4t~oT z&T`yY$97g>h9io9ak$vsS~y~<-kHglV5l5`fMid3jB}T8G*e@obFGdog)vH?04GTz zi9KnW(Yb(cj$u$LCrWx(IKBB%)N>^bab6lB?BW2q^Yn!9yBUnxz|xK?T;o zJH4(2#lfALi}Dmq+G_Wl81T<>rEs^5lFQ9^dHn{8fE)Nn^T-cHsLNaKjY}tRTAF#P~=hTzgdZa9(nUadf*;JK5e7D(F|)vu&(e*x>_g%8~<2 za^g{w25w)^j^sON*e}Su2g{9gVR1Gu`SeBD0;P@1ekp@PE9KdRe86KgJu_K-eYSUo z!f=vHhpU0}V)LLFeMEL_0rN8$n67yzdxCf<$_D!OhuM4i#E4M>wstdII3GI{ZdCp# zdjR+F7?{R=nSF_`$1nttgPH*Mg?Ck#vv>2F03TR8D>xr@GkY#O+2cfu2-Q)&4-OXU z~7F3S7**f@cp< z>dp7&EaRze6fxzooa18Saqp3lrnZ~_+WJC{cMA_AN7QWva29%Y&La_?I0)6SG-zB- zsS?hn=|NY$l{2G6sBU?i4n$B;rX1I|U(WHaIxs1z8%F>aO7FXxNIrl$9=Z3 zkPhtunz5_TGCm5hRuQ;R6>cm()Mq!_2|>k@x)Rp8QqWCPPxrC+WfEdEWyRBzskyv^ zP@;5ykKC!Or~pMsBR(rj&cVNum77>9WV^p1_wyuXkXXeUkh4I29xKgUlAAJt5yap$ zN#FOAJ`91jw0&^j!)&$SL}|1=(AUK__)vtTTC3Dbxrp!KzM~zUz|t4oES+dL8w8)f zSlZXc?G5EVWp&@YS_N_z_-K*4Fgmb9UIkkx`Roq1j9ea`$Cr^#v@oYPOqTC3?V-{^ zILFg?C_~z^J#VX$g;?MN1qVyu8vd{M=8Y8^JFWjZZ!fFtLK#Y(Vewq)3|ES3==8tk zC9-@f`U|?{TwV-|TW|z?Q>c=~hB%`BYTkA}kWoYHeLe4WHcj9(&Ueb^7h9nSXqy!R zBYBk_p5Kej7$}(5r{phEG6oY|Vm@sbM0*8U`KMXkENTqEn-AnCtoh!7jM;_zzF;|B zbl+@4jUNdcuh-M6=kps_juGWS+vemCFIF&iGgR-o(;y4K&R@rNZqR{7>rdqua+RYN z-u#dJ(_$LU?fJviET+NQDk;Y74#`MEhj$9`9k&PM%v_c=Q!fKmdsW}6*Sw{0&&bW{-3ukb-;yO@>%Znd&9ibwlRWIF<= z3;?#n;>vx2{HqQ9-ecc*@ddWQ-4Sr_30xnru-^r?JBotoyw&}@aS|pdJ+`*rT6SF# zN<(V7#l25YAQ=hQZEfgxhLs%q`T?AI@)Rcgx!*Q!jzH<3x|5#Y-Y=b-Bf5cZJlgLx zTlS+2sWGJRIJ>dMiO~Sg@DVEav52bZ!Xw?-Jcmgne?D<`P9gt%B5DwxRG8(SLcSB4@ywHzNKB#nXlN?-zTT{41X_VOEJg!{!J-l!*Uk_q5Syt~U zXbRH|YAZ=k7kZ;3A9{v!&n#qHKDDsnZblGgEUzKn-crcd5NP+&Ia>>lSF-WugR%4- z1b2Hk=!&jKvcS>@ShB+`lKX8`5Big#$S+NSwjI9TBhe-oZzMn1TFxhMA40nz^mCW{j9gH(LukV^cT-Uw53VqBbn(uj zZ@LRRXWqG@WvtE-Z)Wkeq6Iua^U+KbyD2s`p#Ml79AY9#I)MUhcS7pR&i%WyTX9g6 z05HriZ~ao1K?`F0Utw2~Ik8Q2z}jF4woba+K%cYsAHgRC3{2aL`(K#P>;XdnIWuex zyEh%}$NM+j&$NhvX-m#Mml}kKV}HJh%LxP$44evw@RS6;x(|3!mIqNu9bp@D^XDq5DubOvP8M zLWZFa7e}yqH&h3-_l)A>NlYY+3nk_aeUOtrWpS{3 zbvjMiRQ$Ay@y5sjZxdV$;O2d%t(ad1?4v3FD88A-?866dv%?OjG~7E_)8hx78Y9$R z;|qh1vojbdOSi!>3z|D9zlxE=xDz7C~JwW>$ zP_=exjov`}k0>c&7w4b~rcDhc{9q+25|Fb(8L`{l+ozXo(lP_^!5i+ufGtdSWrO4O zk`?S843sv3Z@?JI_xs@}wtZL05^+z!CvXaRM1rcf>`+NZzNAJGeANBBgJ!GN$0))B4G4S`*P$kM$$_{G3=glo?&UBu&ij3YEax+~sony2n5<=>5PVy5Z7X^+B9d(+we1u7lT zbbq&aMzM>|tSP<7m!Fsb6t1@98$~Er+BT!~QYstJD2*F`EUo2%0E!s5qx5y2!ob=_ zllGNP;}(bJskeMt`W|;qD2>LmrR#Z=h0-YgsdNR;Tc9*T{maIRC6#NLZiJNaS|%sT z>wKrO(_C*j!cx}xX*RiGdXvlpT+y_?Iu{+hu8d#6ig(nwKb1}3_Kh~Ky}4|?5JBJ$ zU?VBr6rrIZpOx9UE5fLe<^h2PbjcTG7kL5?gV9xAm3_mi6L7&7|5A2Xtn)b?%9pV- z#3&8P=wTJ&E(V(vR_@|PkBTH;bKx|W^WAimC`~ezf6lXeSQi3Y8$UE@D=%V)A5d~q zZ@S={aqqxaulEcnpDJ!L$jHMa7q%S&AGVNB^X|l&Lg$Sxf021x zUkoi-Ryi0RIjLMb$>S7IFr9a?d_2#up$z3-cp<35+Y2ZTY9zc9Jca;Gm_46WmUD># zVHH|#ELn8GRk?qZR8KU2}lZYD%& zNVe+9VUom|aHrYC`4y!s#f<)fo?KornSFyAMF33~9It{83>oO#J1Z_QUyFj_vi}Oc zh(QsO5lL48NUM%RA%l0bb)he?^bKTpn)SO8gQs>C4uvT*2Kyz85b{0XyH^h8_kjE2 z>VQ?fJ71f!WAHwvJ^!(IE}&m>kag*mFZ%>?SFcH#M#tax>Z! z;-fUAo`$PY;9y~4C|q^dJfxNtRNw^9#|}NnW=$8il|jEw9eQxI5=*lQF1mCd{{M0Q z&;@KAh_hUJb|~K;#96j|KXe952;zu&X_d*dL{>+E3!LV)zhAkJ~78$^LZsKv zkUj-sATv*#m!opGJKTub;`o@bXu6 zCm()aS^E0ixF8aC9#GMw`aJxs!4Lkh?tEo8VxAGKCuh!AYC2|hSE;hdjq{aV{q!X1 z@0DrLrvB3FD>6=cy+w%h>PwoX*T>|n^m>Mq|Oxcx$9IfxekA_>2s?G3prD` zk@6Z#==h>$wt33j&C9E`ESkWzTmQ%EsVo(aBBTxmausT=i`q9=2e9R^FR%&DVpU{H zn|wQ~*RsS13Z`ZIs!c4tf+H3mseX~gwKyWTt-6(4I%aXScXZ7%wyr>FKnqQtj4C8e_HwaN6oH35pI3^&*(57EKr3l7(e z5O-TyYt2S+GHd`V}vdP1{NS8C?6oC^x3>h_u#u>rX6vmy1JVc%^_KrP?& z#K|oUs^ym!;t2VA93aQ9#}VLUw)-_oY@4*T{6aUJoI3K(1Z#-}!PsPi`Du@9a&Jdm zj<1ardO9iFQUF(p)tb5Y^g+`E?#_MK@>E8xneF)CQ;G4B+J|_jV&o_s^Ipc+Uf6h} zjnCCVV0dI!?E$uljjOHs#o7w7x0ER@B)3sQWoleh+seHJikPyr*2NMSc*|SfuI0D# z`9wSo7xlbb%d31*9DysQ3h2JowY&LXLq%G%uJ$I&=i`LjDYAeMYk7(cg;6*q_zkOl zLJ^Y7g4(Bq3i!^|C$(F-&QY;K57l;O*>#kfr++v7RjF5&o~rdOLr`9ArrvB_>MAVDI?@gzw}X9uO(gEe zI~Dqgz%58ddgzn7UVN57WsEyocZrAI7(((|tnRkzySgHwQzCGX48BeEL){s6RXy4W zX@d3KJQ#Vc?iHc?^%P@e+%?P_mtb;Ib;n@}_EaCFglGy?LbQhs+p455I8;wse^=n5 sk+H+F`Gg3K{^x4HF-gO0y!j|XE(zHf?0k5w`761SM delta 42754 zcmc(I3w%^XviD4cJRvig$@?)O0TPlBCi6@t7(x;fgpe1I#{@Bgf&v19R}j%;L4g%q zo=RUtK~PXZh~PqtEJoe}N(2RQSzrSK7Z4)4-~vi+oio!te10{3;@-R8$M4q;9RH`P zy1Kf%y1Kg0zQ29%vkuC_Xn&i@?67CpOq&u%G&Y2*DzE*E<*r#(`9CcU3IwVmXR7|4 zrQv@}yzeztl~e}i|0|_I{LR&Al(u*y@?JqwLR8{>imIfta z)!kR9{*9&KUnf3(va0&G<+*{X>U+zK)vD^>mibAlYF--d{m1`@zc+A6ekb$Scd4qS zvg){}yl+-j|F(Q|P*v@%>`qlRRKtJdaxhU%r(!SCH75eVS_LPS9fK)X%0>$O-Syhd@IAfQp zyq2V!DyLM^X1hxR`^*3EcdU=fDJoCRR5`KIfIVc-URtbjN@dw#S6NxAa;~dYIXBkh zg+k4@pY>k$99KDiQyTt{2S-k;oLKpOq{{j4DGf5=T0@cQcNdeds#d8yP^+r_Z5i52 zRm)4mz5fvWeauo-t+(>hO;zphDQlxuwX8I-zqIFf?-W&Sd&)Q0RJB++ds|ieoAMZc z@WWhHEi3>0SXKL*GA#J0N?4-SsfI}2>& zw{d=q%PTi$bm?Ns$hh~vb~|kv;AiR}LD5-5+caFLPr5T=tZ7V#J&Nv&4WMN=LPM=%W87y#hmgS1}FDC)WS1D@sxRJP`K19k*6g<=R88!Z+y$vYO1LXXpc%VKgT_XHGbMam$caw8pk zEWjM3z%|R9;o^GX?*X^tMKrhE30xK|0?Wbb7_G|;d|snaJ%}<9_0uK?wf7Gk*c8aLm`p7-Zw?&YN#PCNN6SQ4E|lZ%2T zDcP;XVIw=YgT6{1)M@FD6+u->reK3NOn-5v(j_B;Oc6q9&pZ7{F>-X?M?p?;?`qo@ zbl`r4_ORI8D(;h?uBC|`I_>MM@P@-;bLqsa>-20lg^|EUn&K*Y(x2^}D#H}$+Oph3 zz#+26d2kvO)k6Kni!nV*C-f6 z=!p(+yAqPaQfYxBcve?N*$dcY%OaC5hNn>7@ZiHaLP77m7W{k)BZt|pG^k`cNXR8a zD&4&&_&uG79Erb{Wu#lb2_BorU>Hr(R+$5iK$K<*Uu|JEA#D-aMw;41)62l9;jpJd zjC6G$%~?KvVlcY0N~7lXj3TyA(5&GOABvbhRdb2Y|0tqire-`J^f3e|)NainEib{K zpSf6bJ(6kP3)qp7MG}VSQ|VLdHIsO+$H27hu*RWi8(>JXLwCWZ%}|s2XM1VsuAek_ zeMBmzCvR#h`2dFUF80x?J2U4MLqNUFnIz*$eHtYi?U6u*YTF&M>j9p8wDwZ80@!p< zrTXxI044>^&DK62pdcqq7=4cgq*C90+H2gsN2zHBYyYGuTvn!Q1ibKswun#Q7&*x_ zV8tXi&y@erRz)dQn>j||^R*W`D1gl{5X-JX(Gu-pKVfSdmutUJ64YwXB1bOzJIKZ> zalZ7yx3oRQBLmRvPcLuL&K9$tw?jLC`z@G`XzS-dl-VW9w;$V zpW7kf+}X!qQa^wmEeC5x`sij0?TNJh&0r)je`|^1Rh=(csL}b-(g59Ap(M0eqdO&> zUP*3meF2>vsXHwm!yDpsr-ZCXS%+97UE5W6TgZ=Y@2Tr9Bt-9+bUXM0!<*u)?g8GX zuWoBcg}KFKA%7p|mr8w#bfsd}Wy^tYf5HXw^H|>(&S^#aK&%Q6ho?(j$Er#n3{_>Dm8ih zhq?nwzJMu<#VN`QwKV@DU7~m@YiQE7h?`*g9^DPGV?3`}=Lxo0kX0HCL1w#q4R-UG z?jbR`iGSBk5{q=_JKa^q>D=xPpPR4fO2tOL{JL(M&@8C&XPrZlp*x~RH~*qr%bUrI zIxH6Vw76QWH;Wz7)?oc!u{xUd`ZXMZF{BG3^@Y5KD55n^-(5_@n5e(Rb%4>3TG?zR zEhD2+N$$cR4V~OWznYKI*c;Sn(nks9B56;;II-5QuNMmk(@TPo5S`vvzle8POc-gN z%yh+*$o!Q$Et$VU{~+DfU;hxd9_%#&?NdPOOZ79w62gG@tr(%H(Z8f*HzrdSQTv5D zNc|SQKfV2+eu|jpyb<~%LWHE?{`8a4`e%P1>(|C9u?E6Be-F(7TK2U5X`!(6%ryNn zB^zWbMgq&=Ncz_XeUg}F%!~RBd}_y9STYPN`E7N3iG2WbM;fj2Dg0y z)SoTJFuE?)pMC{YuLLWgTbC(yfwC3)r^UVP%v$|>?QIcycD({a0^|zlCm-lX3&p3o zTa-qpwr%=@ca7QMS&g*p@ zn2+ZTY$e)K@bP9|(l1psL?A3LyOM6{As%!0-S{q~{(My^-S>lj9S_Q2jOe_d^cBB{ ze6Y9)z^m!3OwQqoWvulH%~mAW$%py{gsSgTXb2PAv>4ne^tLkC-4IK)p*p1|HnC{R zkD;N5#U1fvbZChpxePm5m0k*=xcJa0MI*={U%moHaJ*~iS>;NZ$)r(nsr0@cp;vjP z0ov$6Jwvbl4%Xe&q}RKlT}ZFJVUcu&Idrzzq;hSczl!;Tp6b+O#YaU3QeNyAO|NB# zZWYsP$_Y&unhI(AIIMsgVnSo@CA^{_bgqw5NAu_yD(dMw2m8ajqT!NG92gqH*ZruX zmp>93ARZ~3#)XFQjRKTLYklZ6zIwzEFlO1o1>JcF4CTX@Lyz%@pBFHkP;iYFN7shl z6)KfpSs%KWd-WJOdg#N@FL=rbh9Kbg8|m2{p_|358h3@ZBn#EO{&MID9#g_tNrSh0 z^ORQoBXp@yasr-q0Uh{D=uNR)!_;BN#E4?wup`kT$w~a{CRpnwguNynK4Ox?#`9pG zmkL^8?Jo`Wq`nB&dS@+RzFGzQ21i+*NX-4h>cuSu3wqO^=pq=+Sq=ZYqwuCfNa`x(#6?#dfz~Q<#Di8^1No zv!FvO38Q9$kc(?vt#1lDEgaGbETs$R$GgLNDb){hfj<4JG>uw53!B7qfl%3+z77i$ z53j9P!^ZP;3XBGf2sRiR<=l&RZiQXqNqiWXuGfTL=PP6k;mUEm5ErhCQE*4BkfB%c zOQy8d8Xmy?LTP~dZT_kB4E9Dxv{pm@-JtNhg`$y!HZBgoWo8H)LXJSB%}9UT8}1|Q z#1yhM^LX4FlZ%eK82)VmV})sh)}=)_~i%+ z|21MUkFsObq-SxDm? zQjXq@5Kk#oGbm?_ntmM+`K6kf5=N6Y1x0q}t%@Sr^pV^6?2jSfnH?q^*nI#O*bq61 zPstdVF35`P9F^!!1H%x~vrMa%98N7tp%*J6L;A5U?*(lIaNhM!(B+p#4&ZqwUch#{ zdmcLePUJp5$YEg8Iwi(PFYJuW=Q}Zkm%%M+WjV1`JFfXWU5Em6V3kzut(P zz~^xc3(w53QP*-)q` zVOV-{WYn!hp^3N7ih7!-UZOM_NYoobE+ptwRsntX{iuH?XNx;>&kB9)Ti(Q&cD=4hT4Jwn*=Xz`NhTM0rMbz7o0D5=f_nWSSHzKA>mH*e^~Ev1^u#wY-zm*@S#ab?eI9y| z-`SXS@z?`f*(plotPq%TrDJrCJN}cp;Ys*>jTo1P%v42Jj=Xo4W`b8YZ?J zKBr-Rw=5zIlCO78p;KOtO;Q>HEfz?xOo9Bci_Nj=+)>4(rN&dSVcc~_5q00ie#_TE zUZl&)u)3Oe<`1zWd8R8$u1ynngRhM-a#WKLH=gI?U^Jv>?j&mpTN%E5U5=3ha25>E;*XeECTq3O`EG4-ME06vVWN)!cL^ZhRCwtANpv)NFEOS&6Z~z6YHe zX4u(_nK1?@aD2;1XZACU zSi^1ZkYQjtaa-!+YWmYu!xwz5fZ|S0GdwMBtZ@qso>dM?BZe3%_<)EZKy)+D>3h>~ zkk3aLm@Z#u_?6E#7=i@7QC&c9{>8AB?+;)wsXZZb;M#uLX&B5WU~gc{(mgS0bjbmO zC))&r(kq7zo^2isA=MZ59(PXAIOx)^4Sl$CfPpFGZlx=AX%ou@gp`@Ne6mK#1zj?D zPQ+pekj`c`kqRFzoEiMV5XI*c3{3BIjQ0cr?VwU5=91}vt{+zclV|7nbUqwnU|QBQ zKEcGg6^fWQJiahhh`2H*zQw@2VvL5=@-P9*8TaAu#Mh??$u)i%|HcS5FnA*e%Qh=% z{u~AdV(#)Dj~ZccI&4%I2XAr|(KxruYf>;-HA*IM>d6E$7`$`{REz&6NelQ##7;<_H@GYncUqqS=e z-;mA1ZQTY5W;?Z2qoj`gg@7AK!}y_kjxSDDGyszsPTef*l0w&(CI|BI7iD`*pO$e@c3O(hL`Z5ldqYjPD&ns?v^ZGjAXd4lr!B02CsnKgI;n;dqq26?2f z8r9?IAO*PDY_?lT**nf2^r_7~E>$sIc%d$3HSRng1*#25ng1edDO9y!?}fZ?p@_ys zDR~@$F{DASrtIWPFqDSNc`aL!;&EP49PpZ=rW;nJ9OC_0fD2foglk=!;<;7=rQ{kp z)~`?Tj2vhkmv2a^;43eT61g*}0(Q&~r<~=UGX{f>Yq7Z_(Nj*OtmBr7a_xN~B_Um* z-@=hEISXd3K6N&qDZQ`;J94?tkPE$*uh=oxAg2xFl#W`{(aEXx+^59AwC(;>8(#yU zh_a&8Fct~1pqFPf3{9P7W44OYh@YG4;L61ivd~#1?|e-veQQbT4zbYF-%AbQ3p6j} zq@#h8{3GFVhApY};$8qYZWAM#{*oG%uF!SO7WYy=@p5V}u}a7Nl)8f-_w^#b38IFZ zzK3&=PX(pj;_iSKuyj6GzPNyfq&eB@+=3l1rD@&M;@)vr1w}|r0h`(K#_i(I)6O;v zTXwP;@3s6Sp7k86L~}7{(i_VsdXk zF1_4y9e4ULEFIR`^H+YX9YX*$Gi<~`lAD8W?wG!dM}{#lU7$@5=)extV+bJUAQSx~ z)9BgI^rK??YmQ8x!GnVsF*+_jy@VYzL3=5%gZo=a#m|tUcVBY)tK3mQ$<=jq!v1D# z-}Dn~I7f+6O@4YDKaz-3de;V&J{X+-8KY!IaSL{*gZp-;GJUTY=bDfToavqk38m-4 zEqTy`!)wqwLE?L^F8u)GE5aEcQNp?EF@3bB9wK_X$Fz^0W_&y7nV1oIQ`5v3(+`Skp!rb3O`em! zuRXX=<|^Smy!dv%9hK}Z%;ZpC)cqg6bA)sSA zm7OJGd?!7K&R?e_q>K6K4fild=Y6O&pEq%}03`(zaVc&eZHG)xsASn^dI`UdsS8AHcc8ln2#!q#<5SqdF|*fb%735Pbp$-5?= z?u?S7jWaE9O<`6?Gj~*QT#TRjdFJ}z2p6R;dL>F_r_IvEh~Z`)(!}YxaC@SZaO-2t zd;nIC^q*;^AWbb!fTv%%RGWl+ZYW3F%Ba=-q8}s*8Vu5JHZwc z+grd9+q+ggrluRiEN8j*iZP_?BPMg-s2jg(zngJ2Z7CrwCp7%#LAZ~2YNH#2BRU(5mFpT zy62@um$c+$1KSc>7Rm{gx%hdIQ@aYee3IIi6@;&7xZ< zn97E`HQUOs%SB;Q)g11-HNx+=uH&;QrU!bm!0Hqu%8IR?PLI;?bUvyrw|aV?0+;~U zpFTOn>X}#3H(X=Ir&WMstt2K^k|Ls_yFdddjp#+5P*+gqU}L{ zT5YZD$;=jmyOv4x(3e&oQ?_`=5x{k(8DA?4EbR@uPE8!Qw(z+IrJQ@o`bCXG{VnV= znyP$T6%WngN?qp<(GBBZ+YvsNploA?+P-D`UOO>TL?k<@4l zW|2=^yt2KvH`on!C<4eyJK%C!jQzB&p0@znM$H#&!}~My#iVm*8Z{d2JT`{1b>rI1 zfMceH(E}-@tucAn3b)ylSn?!F6u_CVgMDOqLdu-k{p@shzf41Sp|nk7GUM3RHQLR9 zq}9YufKSa#)iQFZddAJkyxLWHFo2D7dGl`d`pi=CU=Va7lV7)n%10+&%-qQ`&TvHW zFPRQ@$rg@S8Jd;OS6*nv00A+c@~Esm;y!GQ$=aZ2D`1QgJj){S#L$x_8?zR%JuzG? zSA3**MV2QlismH656QYdLf9^8Te9{h3lWh0zlJ+9nBa8f=3-ER_4_Q((1PONip^zt z%%m{{JhR%}M+kf}9El2palXSdZeZjnT*W_z`+F!tQ|1^U<}z=DW4yRA+%e@B96UCT zH<}B#dv^P9L35RG69X$i?L+_M_*!gv4WHxz?)`-h&q5Z}#ToT5!2Pns;Tf-S+^Y@; zUw)zp2rL4n*FRID)Ns%dCLUEAk2-AJA47SyU392x;|vC->)+0PTHF;~quyH|Wgp-ZBSs0>+RbqDeDqMbVENNC-&Y0c-d|iuX zXvI(I?O4m^RWBl$Em9JXYhI1L-!M$b^5oR}FY(q#S)Q47f7m`D4e&KR-Y6!N+s8Rn zp5yU_P@LT41iVpS@^yL6BwBjJ+CfbWPp98cj#lPyb3xyQtD4vFumOr_dN5}d4|1c3 z=@W8JiS0-33#73%$CtMJF~_rchmj+i)&e*tJvV1;7;7?2!&1L-WI^6ov%OOf`p%m< zvr2^Oc6CP(K|z@=*S_t?9M5tClak6f0=OXh(9IlAa0UhE{xioj3uCpR^X}yE17;Q! z5!AcSODsztM>H1o*ocuLgdlK3jFA`&dMzFNX`fHHSBFwd+tX*2uon=x zT-8X!kM`Ne_du|mIH@UNfh+mlH0gXFdtW9Y26ic)o=M8}G!TkA)FbzKo=$)vq%kWa z!xepBoRMoN6|y~4pZi6;J1f%Sg`5Sl*~$EGf>Y?Z6}bsd3+cs&_TAe@h-e$!_ZVL< zU>s@dBYhowXU|L4mB}hq(v`jUSl=<3%(cV_N*a;QI9&9H?_sR$>)_^w(WcYa_04lK zau@>0S>XFca(1*|hr9~DQu4-|EhJZmkbe`}X#*jAe%-f-4 zAQt#y!I2WUm;ajsdE>dQqvYzo$veO@y1W^P$>P4<8EzNV(wX1o8F(BOrMdl5UKICS zPy~ElsFHh!D5CCW-cH_+QAF?Cd9U(W0!3Wul;6UVR=w5D3a*iBogI?ji%%FRxw^#s zWlF|ig8R&8>;ZqTAS3@g=Z)pb+}n>QTk}2r7_$rc>R{6AT8WlEG&i+IO@b$dhSI7R z^XqwR5qpic&dVQOtYGYB$cdH%Axpo>-^h1tP;zx=^9#Aku}aaVf8?JR(`ahTAI{?$ z7#B$~;FZDmXW)#NreK#pi=$%<0Swo%$Y+LUMi!Lv`5eR2D;WjL*vT9Vidb1*kRYaU z^6`QcZv7~Y_z4ATcz6m$oO!XJMJ&h3w+qIz8~jm8q2AJ$I^SUL(+ zu^|ZZ{EiodvCU~KmRurHhTUD+B4+-zU@{N0pj82{XBl6_p$L};ljhs+3wAod8(TQF z4B=W$LR1f0;NP$CQD(OoS&-6db>9qr^of2`LX?ao!{z2LuJ5;wC4hRXoDBoc1m+T8B~OEdQN0-SjwGv2RG zrTV}0+rg|6RV%%+vtJ6cMjT;0(eFH8^P_bz1{R)TH@KiQpf%uwRPs@Xs>s6Q-P}_g zigkTNac)i_|A-=5OX^w?S{^9$tOzmTfVHFz`I9^S2NrT|;6&rg3)O7i!KH)C<={%( zn!*)Iox~1@bLFpUO_*D&rBj9%=Cc(cO4wbW-p@dNmhsHl!$h{*gmhK_d*k%Lo z$hGQwzOep&k-pvQvA4Dt@+AaHmd@Kzc&gIf=g=wuW9gF!a@W|bFS^am3X_uVPc1Sf zGjbRL$l2kZDp`lu?!xkM=(zi6-m+tq+!ePr>{Eq@7{^2&P#K^g!1MuWofh^y8jJ!ADK78 zHt2LMQ}0iuFWCE!U^9Rf-*7JOe|4dPC75CVSKe8)pXy)#FtcZrTyxF?*XxCdlYe=j z;&~yWfA)Z|Y9PapC1&>X<{&` z#_oxSF1SbNc+2TQK=iB)dB|2xSb6B5#{uMbV7{YR9Pu-kG_1=Gg*5`Jb96$w~aAwyUm zl?E;@ZBaWQDjT;CnZP-0{F# zf|eaE>Btt%C_g&!c*zzPF~$+O=agvFT`ZZ!0;f2QwyPxv*v1-;kk9*)rtH#=wER}d z2^O$N!Jubp^Fazm5C}$S=*&AMc0Nd8iXgDehED?pl#b=IHwFX3HdrmRyf6fI0>VoV zaAyPq)8*-z{WtZ~JArUUNj}opew{#hE<55bI1+q_Po_(N{e0y^wm4);EiSc@>N{)iGMD8 zn%g%J0FTLYUB)c7ScDrEc>2?xKOd=S52-f3yyzX zwvHtupkTWEm$GAG_0Q{2zKR`YMQH%TELa%H8DCR_%N^YQu}Zivw#YJ;^UZUVD2+Fj zf5GdCwI)!v@uQKp@*;M`0VOAi;(%|(y$xTx-anxHd2y9tSmNjIQCkCYR;aR^7<#?zQGkbZYf^C;7pTA3k?qX(CemHHJu+>q2qHn_6pq| zS8-ke(Y0a#3tHo~jZdyP&k_f{AnX+;K2D)>jO(k!rMaLYokh8TbSgFE2- z6ns+%j;`;nxXMRdtj2Wx<%(1B%>BdS`;z^@pDg&08lA^SnO3q95P4L;bkOF_m=(s!hG#{)nFrAn*WLpZGzr66ygqX8zVUx>;%vKWA?*8N) z&3|G@Jv#|!MR}imVTglW9EB>08rKf_HBzaqA#oyuG<4O$HFr%zoGfz!CwL`#=#d~L zf|(gGVaxaC`6UlsHAV?;Hc6KhNf%fBxNzuVzBt5`NmpJR%C`k^rLM=@SRwf%uJ5hg5i#Jy;_lwXBOnmqc=8+F~xPC&__VeAg z2NG2Y9j?DjG#|r-McE%$#`>!Vk=!SPW9Z~vmH+IZE+^ymR~psjbou_u{hFvql}Z)3 zPNnK5{Z3J-`boc!sZ@jL3*S^W1gT#q_noUO^Z7o33_Vv_s_sPIf`6)elAolXL8Rb2 z_<4dXk$zq#=cJ$aiRC=}{EfT-KRzA0l8jN+;pFo9$}Dv^()9xTuYTky>E}_hTl#sC z=r6+0+vE}HXAk)he#o^2!Tu!hzbYS4hms-x1<&s%Z@~|FXt>j#+=k~q&vhejJ`RLy zFI8swyxxucApK(<{6qa`a_*8$$#NNfz9TQdkI(nr$k&%EOMQOnM!H>rigX}PU4j1_ zN_JnVOd~Tt^9zmJ?5k1*K=u1Vk^aPXSE+iyZv~V>68}g47&5kVY9v`Ywpt5yc;x%a zEt5jo2#nu!(891niw)2bdP8at(14wK4${3%X0p!i<;PAL-{oLez;Qzy)w*i_3 zzY_UklA8q3#{-VWtPfD*!eUH$~oap50RQqn3>m z*lvK-)hrn>Q@5??+k@`@u`0l#1kbXt@L70L_1ykUSd2Ppeits?yga^oK6gp5IuZEx zsFA!jvqnpgK3B~@@PpQlUYSunh6gDyYINfK>KQ_Q6t1?s#l2LNM*QmPJnoTT2$)V2 zjdb1n)ulpV$eCEDkxa(VbiwsO85Z}Vwnvq*- z_9^Ml?Ed5&F?<0AIdf;tQNB3D$kT}jYHULDrcK9c7V%X-N@HA0%@)37K@q*r*Zj&7 zHc+iWHO*F+t4H9bbuBqv9^p&>^G3}xJgS2dPHU@)5_clF42R#NhO%~FuQ9!|Q%fFx zz^?<%40P^f`>XgHK=ToaP+Cw~tU7#bceLc>AGo&QYq-$(NiJ+>iy78i^96<;$Ecd;I-;_`hfoq>Fw!N3$Q*Lz$|8sBy5 z=%_VLo&k*OR0dN3e=D>H0vA*j&a7;!AP?$451_?UL-zy7u8ZgtrejG)f8Q8dz4w)+!7v3k2EH+YNkGqxsr76bpa>V+$m#8?^W*jH!+kVE3Fk`EuhZ0ar2eyNJ#kTQLV7|2 zC?a=m?KbXRq6nzy1T~%Ub}c`Ii?#zaniPDJ^}Bd&?JoAYHxx`K?y6M~tZ8rUaF$|^ z(vYkKf+X@7IQm5GF7BUWwU9<9mdrc(Tx}8GWyHV)&Zim4g(twz(p|4T&aTDxDuw$p zL-VcL#R>zldKk|LM5#&R7(`i?`VQlFsflnG0@{bOcUHp1Xol@jQXm}JCoPW`IH);# wST?&-$mS(Y6t+D6{-iFO?u#FGlRK)IvfU|YxhcbV3K~k&og=rP=P;`NZwlrndjJ3c diff --git a/variants/NICLA_VISION/defines.txt b/variants/NICLA_VISION/defines.txt index 79ccdbfd8..f9fea0fc5 100644 --- a/variants/NICLA_VISION/defines.txt +++ b/variants/NICLA_VISION/defines.txt @@ -6,7 +6,6 @@ -DCOMPONENT_CYW43XXX=1 -DCOMPONENT_FLASHIAP=1 -DCOMPONENT_QSPIF=1 --DCOMPONENT_SE050=1 -DCOMPONENT_WHD=1 -DCORE_CM7 -D__CORTEX_M7 @@ -42,10 +41,9 @@ -DDEVICE_WATCHDOG=1 -DEXTRA_IDLE_STACK_REQUIRED -DFEATURE_BLE=1 --DFLOW_SILENT -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751296054.2534025 +-DMBED_BUILD_TIMESTAMP=1779182017.3223794 -D__MBED_CMSIS_RTOS_CM -DMBED_TICKLESS -DMBEDTLS_FS_IO @@ -56,8 +54,6 @@ -DQSPI_NO_SAMPLE_SHIFT -DRPMSG_BUFFER_SIZE=512 -DSTM32H747xx --DT1oI2C --DT1oI2C_UM11225 -DTARGET_CORDIO -DTARGET_CORTEX -DTARGET_CORTEX_M diff --git a/variants/NICLA_VISION/includes.txt b/variants/NICLA_VISION/includes.txt index 4bef4f58c..43eae847a 100644 --- a/variants/NICLA_VISION/includes.txt +++ b/variants/NICLA_VISION/includes.txt @@ -276,27 +276,6 @@ -iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/STM32Cube_FW/CMSIS -iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/STM32Cube_FW/STM32H7xx_HAL_Driver -iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/STM32Cube_FW/STM32H7xx_HAL_Driver/Legacy --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050 --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/inc --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/infra --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/nxlog --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/libCommon/smCom/T1oI2C --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/platform/inc --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/hostlib/hostLib/se05x_03_xx_xx --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/inc --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/ex/src --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/inc --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/plugin/mbedtls --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/port --iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/COMPONENT_SE050/sss/port/default -iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/TARGET_NICLA_VISION -iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/TARGET_NICLA_VISION/COMPONENT_WHD -iwithprefixbefore/mbed/targets/TARGET_STM/TARGET_STM32H7/TARGET_STM32H747xI/TARGET_NICLA_VISION/COMPONENT_WHD/interface diff --git a/variants/NICLA_VISION/libs/libmbed.a b/variants/NICLA_VISION/libs/libmbed.a index 78b2cae39de052079152c5eec3a755b77ee2949a..0c5aaf983f0dff3cf668343c95abc82ad02d1a59 100644 GIT binary patch delta 223051 zcmd?S30zcF|3ChjVUZaa7zP9sWfPU18Ft1I5D;-m5I5XWQE^LLGAr{?nVFT6na9$S zdVI=9d(=w3TAH?-k0q9snJJY|Zk5>AjHk`t=iIq>7{)sr4ETEe|MTK~KlhyT+0Js$ zdS`gH{s*_~YmU0rb|snFx~vp!MrK5WHiCW3uMrU$I;}P}jm1|e0kS89;?80t7OVq> z3qV>Zc{C3c=BTXz1q1!jI(94vMQgCX6cqbQ3A?lo4d|>T8Zl19uNOgK7o?d<>0byA zBdr@KZDC*_D5Wsb2b3aa)Pj<*%WVWv?pOyl@gAnz!{;YKX$}81fYLe$D1TmL8%+tI zbQ0b^r@%1~WQ-W!{xAS|OMys5c3>Ql^r|BqAWh&+nh3kJAD*iLZ*%-}2za*u!H69p zw_@*M@OA|6m4de=j$wvGe3k~@wm@tpN~K*|4&D~ppfUq752!|N0Undrfyxpy z8$o3ai_1af43=Z2jUeKUk=B-i${PNW1}auuvW8m8s^jQSH79f@p9ULaNcw};b1cGl{u^w}54X;Oo@9TtJY~c8E z@O33F{t3S3Am#xF@BO@ez=X~x!B0f@5b$#n#909s^Ap=1k8c9M*5bYf@Uw;$i@=Xz zH93YC#QIaxc%cIPEV2Cv_*r64Blt1AIm9^-OM#Eo;O8tZtph&?q4wMb<{;()hwi(o zLG3IOw}RRdnT?>%Y$WW`ei&N?YAH;81=Kupk^TAjV-!e z3u+Osm4jNuejiY`5yY;7)7?OA4c{#Sb=!dT-!=ue$ou#F5v(G$68stTwE~EEgS2R6 z`(wHm{LMkk1LFPNdEoCVtUC$*3>%{*L98WMjem11_`43IrLxl(!QT;FF@S#?pphK_ zBM9Ck4KbqM8PGU_vNX`R3WO<|jZTPo_C3&u*trBWuh%+A52gDwO=7&?z z0za(;jV;`01dR;@$lSpU#5~aQKA;-}hzQX_fF;6@L4Y}WmO_9z;toJS>IfsUH$ebH z?h*(XfDV{I%mZfkpEyz||m3;qvI)2GZ`vzt{x<)`9hJJ<;K`K$#j^2Vz4o z!V3c18^l=yBkLg0g&=KG#+5^0+dx{c;PMa%6!8m|N~?hTKaL1??(75Y0@7ZJ9n?$O zC07m_N86-*iq&BUh?RQ%x&k_P1V~31v0;OBNG{QVpfM|@K%^o&Fpfxi)o~6G>0)V{ z1NE4xlbaj@ag?#0_^|#R^t65Wh-1a%tnuKfwa@}{4G=5^A{A*b?uqjd>>?0XDQcnT z*y9i^;>%qSYz^NZArSoikq$+OYB})Gtb`B^KK~)XO^zY@aR_lWNNW_1*asmZ#@0iK z6sj5_!~u|y8XvfgAP}xsBZ(b7l=*8S*IYheL>pSz@{@0Y7@jBLp!Gvo8Czn z|Gp4HT?pbzWv$SK_3y&mIIoMiwm6-3fZW#H7ecG+zuTo6Z~=%bl(azyaY-&(IMBVQ z6dVR|hPfShiNl_@gK@M?951SNae!c5U8}r(Ah**v+9tMgA6C8(oJMsmggFl440Aj1 z;`zT5-nyQbSSzYO8X>F$KtvliQm6d$IqI(A3>V;Q61+9GG+fBAf+rR=~yl#A%PE9N7CKM6?cA|E&{rksN8Y z=dN*pxG?vT`89A0#x_Bu4G>$2?V7eh4Urqvgk9Q>4=+NbJ^WV-k+*j3|YuwqQjTL|MbS1c(wq#G4j$TRlW|3`j>AvSNqW&S?+b9FW9-A<)AX zrfh;9*0A^p^bkSB8(Vb!kI=(e90-IS*6>jt^bkPAn-=u!7UunOHS=w%+mkO>Oe>kv925v)|C@>X~xTcLV^@_oq_~&96AgM*6{HzNN^a$ z8D``?i_W$Mza~I}If!|{1^0>C4d4ujGt4b`$L)qhd$@Z%Buaq*BpN})8)^D<8YH#{ z-mQm39=QK!ym2A@Y9Azid(4OnUXW-Fe;&q6vx^NRsn0`FXK0DgZjfXTadnVn3;Ie( zLJ)Sbi=kT~i2+|acQJ^o6*{SpxI9PBIY7iB{VfoZ82+g3P>_x`XkicQzk_q!(jLD5 z!6K4h+;w|EZkJ)fF1c+vH#$IWPqCXy9mjurC7@mS3fzKK7+0&7#y_J$>nMn$jBhUo zEyD*(Tnb`W;h9>{I*SWiL3`y0XsChoAjWoS3Bi*bRF(hOoA=-B(^n;>O5VHZ1~YDj4>koHpS zpkC5$Ib#l7sI&*H|C`Vzq()VN!^o+H)E2<;pN|-}5>lm5Sp%t3xDO!J8rBSfR7XL! zRYIz(P`?~fodj`Kz{UK8_c+Z{4YvpQ`!Bc0uwa+mwwxOsAh$L5p7{RP?RDV)i}j!0 z<8g2l#8E~`zWj1XFWLm@gX&rf(mKIiyC7Y}-gS`9aIm2jAWjN>hlX8<3=*^)GQtkq zM`|8qv<7!{gA5xWwh}Xz6@pDXbqX>>Joh7HIEvR|Aj1eE-n69ehd_oc)ML7UOvM>! z0rh*3X%F4=Ad?5~{~K=v+N%~a<4-|ma@MUdtb|NggS1uQ1TV;J1BhMWdm13K{XlFh z-*_D|oyF?_nGOSYp&eVP?7>Caf)05O!%5rbIxNh*^P< zWsYUXAj>fjM;Y6RkJ#|^NF!vmH;9yhKhq$qjmY+^07pO^VQNPn;*ghi9jGdXY)5f# z7G#Tff^>uICmh7*YRGO2uFQdKOAyNl2f}*y2;kv!9rSGkX{!RK>}2G@bOPT9pO=<ajb0m|uZXGx z(6@@Pixn(e0)0h1@+b6d4W2&=T!HvT$g#w@ z^N?c%5pRqXe~u|fL~SMHFs!SGoM)_H+X2XF6R`fBR`7E)LKXzbJ>o4g+z{Sbtw1Xn`)Z(7!DpZ4q{XENPSX)*M)P z68c-i1J%&K8N@u$e7`CS`gaIOM;WqWhjd6Tv!FCwT4xnfY8gM!A`+u%i>V!^WnWJB@I&9$& zEF~9$xKddwbYcCQWz!4C8Om!z= zfU9wMISdd$#2csRsRJ;8;ViTjq*=lB!!W>wC=NUT_JR9<_Ldk#QhZ;??E<-7h6TIC#W_E>1&W;k5t*-*La~c5&?^KS1(9S7 zjfR081JZg!g8&8&J<<}RPQk!&yPN=i|A!Y?cpV1b4iHC-ZmEZX&fqmH6$e2aWps+~ zORNTKIKKr3inzQL>;LlBmiXl`3}pCiU%O$De;OD;#2XhA4gKc3amVzUA zvjOY>%?8)v6lTU@;QH+r=ASTk9R<=+hOF2j9hOsR2eAI76Kuv0!Iz6&1L7)0t<*zY zmJM=*K|lv)9?me8*8PgX&x5yW`2y&g(C0-v3S(iXs%&09uv zaG134#(Cqz^3-5Lkrxbe62w^nr}>|ChhYqxtD5o8B{0kgBHpx(?u&+Dws6b`hDieF zf07CRHNY?jQReRsWkEiz0}%x?nxM=X3`BkxfV4@;l8aDg3H*;LWg;H=5y~F-vJN_) zK-u%hn(+!2qdn~30A(UR91msA;A}ONiMaS4lwHLA-!lFN>HlqU2*ceHKoY7Z815{H zJ%JeO0&Op%54@g~xZp@YbSk2@JmlL@LrO zZdV};w}m$WhFin?XJEKJ5PJ;mmHs0-hal{78-ewITOGjv|K3&yM$EVlx8TlF7-5ck z8eoJJhqXN*G}T5pP;gvD+T;+e(Kq(kBE= z2*BU}85v-Ph@~)63fgiQneG4vs9~ftAkHwi121vPTh}{4oGUJuJAl9cbxR4nbsk1a z;qwR>X^HPEV5Epk7h$9&ejNd$yudn$twfd1c;FrorRwFWcX zVN^4SdBFMmM>fEyHi5K4!H#+uzUWgk4;YsRy9kF%ZWXS9n2ry8y@E^37Q6uEOs}pj^Nh&s|^_#1W=;h#^s)OJ*vuKoP7{SnA(r$0C@$*9cTl-xCrAM#l>hCX9;2% z;ll9v&?R6G#2!PtrB6Qsqz0JK0=WOzGQx>)-s3RA8V2XV1QDYb!31j{))MT+&jpy^0+0zc zL4q%}gVm%(4qoZJG$GNOaS?Ds!S9<4qJlNp}+(>3_VF_>%z#2$kw z{onzZ?0R7Rw^r%jr(m)frgRz)&I5n{(_x|bN|@pb6m5YiB8Ye+MTbYj6o$!*+6}}Z z<*Qc06nofE3R9d1X(_a|7N&G4@cVzQHh2PHN?SqNqTr7WFr|$kQw zOv%_&Fx45%+6q%00{;G&V~og$|MkG-Anl=4)VccrOtk}IkHO*eOOM0UpDsEJtbgZ) ztjbj4k4&^cVii={1hL0pBfWSNRJIkwo&x+;#7al7>N-@m0;DxUm9IYzE&?$s`m7i# zI~ddaSHd)Z!Y+v5Gi^s=1Wa=l#Gb&QdYIOZAnmE#0o|lsb7$WHT>sl=vcvPAQkd3S zkk$&eQf|82<6sVA9=Hwnq=h$5IWQ&xrneS%Ho|lsM7(Kd`fo3oE(Ky9`9>B@x5VKy zFx?S+j0QxUL_H$TpnSuRF#SAcP{id*m@a@!ZyW(8G;M(C4q}E!0+^s)2Qyj+Vp}kJ zCCm_!7y~nO+Gb=%!whremBI`W18QN06v{$ihKSKaV8%E+|Cuqa15o=O%npW) zbD$OXvwnn`hwci1&JG=x)mU;5ptmnX_eQmbAYt2*j(lS zX+@p6%sAR^d;OQb0@V!V5l{#A=uxDKkNf%PvYkS3^J{y0>xs)Op)4fgTUDX4xW zt&PCne{H)GCv|*_{0u*2K{a6)5kFxGv=inBl)^0t%K|bVFD;PrILtSP{ymuAeju(_ ze&2PN?=bNFKda2^*TH-db!T9{i0xXKFJku`m@kC`J}}=A5KE?S(qO)`_%#sbi}-yX z%$L9d#a564k&3h$7qb)=FzAlB3dFXeX-%*|#GN6qpeGndOSv-d&{7rySEnv(pe`8!f5IC0u@!~>GSCC zxq2ntnWy)nPi!ynrI!ozo#}IV`T~02_5uanyuF}1*Erk5;7Q+j(-2JuDf;+xaf>`I z2YFAMT3Iz|>f}2oRnDVt|7%tcI$p2vr+tPheChpq#dsROZI+TgyKR<=j-NcomwvKs z)<8;M?5m-RxAa|3V^@28L$3@~C@2}KsO>ak+M-E|?y07-62%%?KR;JNAK5l5fF{+= z@uJmx=XlTqFZK1}&Xg!*GWvU|qC34dKes3CUZ&_o6Bp$A(fVNucRF#H;!xKG(>8s>0c-);^{9(>68J)egKuuqy9{Kdo8$}w+v=HgPRaU zmu>Vo$W7^^_*Cvbbzb#7bpDxH!St0gvwY~iXJ*CFZ@!t;g_9v-wNr@);i&n*a| z4SP}e@9F{tH*lZFmvZ`#zub%I#-kpc>3z9{{xt8i?h5+YVUIw%Gq*65YAbsx=wS?U zjoQKya;lB;>_Qv&x@kGXyB=Rorg=AtJRX_d(-YAN;l<7Fsi^j&lVnjr)bF=>dhY3k ziiQMvax#6OPSKOr)+rS3nOWIs+_pN!cirjNH|BMrC5IKihGu5#vQo6VtcVDmR;x9; zW~6bG-d5<`ZE|dXU-4v6qzxTus4+8xzWTl*mRoT~@r9=?b#%?zfMo8a?-lu-?C4C- zOridv_r!6jR}^;y+0w~vlqp|TM%Z>SJDX}ZDdV{HKFXJR*)g4_O{Mc6^TF(-D);)? zVb-N)QQambG8ZT(df4>yX0ftgsK}9RRuRTZ!Ri=SsXQ1Za!6Gejo+jk!#)0pa(SRF zHV)aovB^OXrR5ZG(_dBgQivIp@`zP#mX3b=>4aGBi#L>S6xp=8UFQAY&bB#%y&qQE zd;CSQ&P2ba-}ksPTzcwnp>OY zeb!5~EhWJ{*3bJnh1lSvII!5#Q`X1b6VELi>^)hmh!pdO&s67ECwb2duu}(_TAi^) zzPQkPY^WV(U1loP4V@Cp6|M2!QD8G8exG^I?QTz9w(vB3(CGc3>8Z7n>l9r!eO2Zi z%dKtle$aLyCd+)D@Umk&HBCp~{_luvE=cK*`;eS59g*Mgs<*4rRx5=@&MAg~0OUGxb zp6+H-2U(#S7;MMsluY3v*F3LUZR#W?Ti}~pRiAs?G`M}Ys-NAbOD7o2IH(Hqv8is} zN2>n5HaU)esk-0WPD@S8q}7l4#L=({Z#7N=RI4;LRSv$P`YX^*p=D(Y!|z&eU*8@! z)xDYIdynm!F3IzK&Yr>4vVk^{ex|l8pXDq%)N2Rce?Ec-pA9gzip0< zQGOG;2n|GXB*Z~8D}z>4;w&xS;P*kKotjUD$>F!l@8d9gE@c>dR}OpELAG6b>?^;%_MXoat&l^_cYg1P{_7+=gsYeQ<|^%a zr!~&fU%KuWCVD4b9M~9DB8Q|w8vo(l1>7Ko`fqo^s-z;U(zG=30rgei>u-lSGbPPf zr=ud&da*f4YUZ{Z)G~4EBFVvQXKU#T(Q$FyZ)4P*#W|LBX5m>KHCH_}z-C)GRHIH5 zOWT^dEOAYg@t8VEoYPA(bL8LZSn;WsMY`lM!jtkEQ!hD6nHX6_<4LR|Le-yI&jY$K~JSA0|#c zrFGu7!rxz<7)x?s{iWiw%rB9@c*1{&ICM)gbDN*>ehzCJ(u&y29CQHN7GB(gRoX2IvuWh^l`DAe59r*!A^0cWeXkk+6Od6b~^@Lim~dVp4RxP zZRTq5KQ(jhjd42N`fr2dIQb#XTS+#Ref^W>8QbIg8hOB9Zg#SoDy(g}FFXUj@Uh3N z&8Gb{)3Q0wzm!0{*f$9O=a2Xv*|}qxJ?mU6wG=EuI}vX0JQY z;i66V;oaF>)WU!`4?6{@OBH5(>z4#X*<()8rO~$^ot4dLmIdV4?h9wH2uQTo4eM~h z$j`FAdpuyRxV5RqtBNC z^UK5{mC}Lzr%szmBS+@MayMcFgW~KkXX3P!-{KoJB5+5T_{>V$4qq5}f4UuYDQVgC z$)`$iak@3|&dD~_%~N*%Dn%UotYihpzFji!IBsp<&Ps7cnIh#JW;-i0ot_w65XW8U z-#Ic$^fOhW6p=X{%jn5;f1F@fbyj|0hdC8jCH#u}rKF&<_uI_W=2wFLyIACq$`rS` zNAUkl{hF1mq-LZW4Sv@I(_ru=cGShs^iux?@|UTzlj1GT~&0w_OQssa(v54%O7jH zKJkgjA(b7jWK<@OsGTZ8KbQ3oW`EY4(`IC)(Me|%FU|#n+8|-9Amz_an-v;Bb zHZ9`QA$FKkutym7&pU9o{(8g@qeNzFZs4=X511*+$o0#`qLONLTyn*TN*N7*G18Yl zw?(1kCe=p1FP;xcwo@*5ZDe0@hdV{e0ov!%fCBFH(~fo-`^_Mzj{2KDh z_<2k6FL#Q1GT-Y2mH!->R$6rG)n8$f|EatibMv3fhsOOiDR?g{cn0s^sL8uA74N=2 zar3voZ=SmF!mlt~*2g#gvs1Dc%bI#L!Xa-tKmejIVjuu~FJF)Q^VC<>*{4e~#`XI} zA%8Oe-zT~hkz%HU;U)U+&ylggPo4;=8dEiYklQ;fa@B?WU*g=J$zMU;u0}?tF5Wq9 z(5FrKzg^?<8fnd)m^cXaT(6&bq2xwy^oU%awo@L7KIbuEh{?S^fsRH&*${fq)yVAF zqzhe(ez}k{7^3ovyH+!vo)`2O$`wLk7jk%iy3((&Muz(NT-bJxcJM<@2O=1&2lZ%- zj8|R#0iqsi`iPIZMEf>IcIkfRhc3nS=$7WykfPcFpZ`$TbTp!_=@`%Q30>G2nc3;J zADD`r+^da|GlLa{SSHFD0JU5Xuc)`h9d^m4&E4!8m1x>T%arZ}vawg=dyK_dQO}Ay z?9%Gu$43ne5uZ;fb=;aoQ3p*uqZ9{gyD6D;SZoFMIxj~(ud}JH{%7TwjfoReba-qb~ZTyDoZ9nRqidhR!EeoCq1!h80-OFY<1k>uE!+w=Wlq7_Mw zHBa{JXL`mYIj;PpXWuY!;vmI=*}@%?UGFR6xCQU@JRK@-{aNA7rX?lW2^>A!b7n7_ zu7!H^x?ilzRH;`FSb5^s0$=#wX?mR%}Y~SCX2!lE~hl-(iy@cV6#U z@rW!{aw$eqV_uhY8ISfZ68lm~TUgvWEjq@Q{vW*5J4u|jODpxO?>$W1{gdXn?|kn| z;v*ocva^qVZ}pAi zI@QJ`if12^%v{N9F%$ZUW~G)z6nnS z55=9X5mu6t2AP8NY+MKME6K&~@ptBk)}?fFH}m7~?JRW4S4B#(!$NHJ5xJ|EsvuDBUzCU5>wB96+QwaM?9YMoZ66bmuC5k2k%DCe3VI znv|TM=)vv!EB=%?3zud#?yh%|C46j~4`=_TT_9;qxtM#I&#ma5@PkTh$x=;| z#igcVOU^Bt8pCn%3H{T=rYGeovg1hl^tXNDxB(Rj3i0GYx@(y|GvOz3&M3)&+EQ_# z;OC4ll7zG3L5w6bxAC!re~If(X^u&2>=pF(wFzAk#Ya^tgWS1831e(#i{h?JGWXy| z39C(mrKF^Z~N|eQm98yh|`_GQVCrr~QDIH7-cXarT@acQ9)ZA-F69hKVzE$;=8J+|@ghOh=lMd@L7uPRdVRJxh~LiwiVKX6}!vNiy;1P?Ce? zB3*bnpr|V8Q*qDR8gpv4aFjpg&Lq8QCdRZ_?m1&zYIY`_tj2SP3->48<7cyc?t3CB z)->UiQpX*7A?a7~Fd$WOGwS%uN&Q~5X(fJ8@?>|h=e4p1PD^3$0r7K)FNP+6@sil2 zr1q=O(ezYoQtW-_8^0#MRxdJ3<$y6~3G0YoKG5zpJ)TyW*}*G+`1#8>+OGEMB|TMG z&W!qAd(?J8_G!|ZUY3)rW^QAk?kn5Pc}*AHU#3ySivKB@!XEP%$+}O(QzvPIhx9rR z+Xm0&=u9sgNa|otWC&Xwy$WibnzS|cb4ue(_~wU593nNgD1c8i=%5U$NO;$=IG9v=6g~S-0>Ja+iP8_J7SuZ zN%DoS(V+*yH9FJYvt$`?I5$Im;~&yB&%7k{8Tq!Zu*bJ%r7qDl6_C_~9Ozk}Cv+d# z%|Waqnm&BW0ZnMpkJ>AXs~hb3jvUiv+;h+AKD6yS*{pNO_ugCV`ED$&c`w`Jn-{?9 zao;w3^|SdEUGrRAvVKaA>8fPh@K^1XmXUAcZZkf~4*9;lx>!@UFUfJ}eS1C`Tl2i5 z_H3a~&8<(WujY)$RDaa#OyBKEmE<#?RSZ6xFWhKzghOWg;i79p8OEO+F) zd|G$ZHsA3xW;w8-Y1y|9Xu^8@&v|=gW^7@87tLCjq+KK5=qvX4jCHm7XEVE!B}^K1 z&+HOs#ZnyDI&tvhU&fyDLdp*D-F4~uir&U>qGJU5^$wYzwNA)OO)SE@>U z?^v2+^On>@GH&`)sbS)G39RycW6GwK=U67}1xJ2<@d1~bVVaCsDU)EfLCbb735ej-(zv}8k70e9n>^q0gp zhpaZP46X6#|A*(&KbR&qTPdCBAbbCbpe zLuZ=NNO7R%>{NWK>{H)3uD5^2!_lG}R+!mLl;7C8k)E+CReT_%n7NHJGd?$!lq3hq z&zvRWew~-`p=p97#fLtoh+k;%T##YOCbL+p^zC-xzLcUB)+B zvB;&^xp5~l?lG-pC3Ax>rT$NRyi1nX)P#3QO#h3c5HCJ|YX#CQDb*87iwyjIyUo4N~zPu;%FH`R%Y5VH3 z%>K4>T=HOMy7)enq<7rrHJQ`Imo`(SMk_9SSLVTPV#gxIf#sEjQx=v(I&ooNHJ9;m z<{Ob>Hy|a!d0)*OW7-pxiIhF=>W5j)kDfJ-`7*lf6?~!V z&0|?_n-&+6%zV$Vw?6BLIG&|R?S8Xd;vOwK@uK)5otlgKH0$Uzhtzn_jJx zZfr(<1J0s8v7)TJZlO!Z?}*@5WkP8tzNH1=k;ao4h=W)tx&HV9h{RX94u!mm_w(6Z z^#A})`E7Q+oSS$)`;AWAOFw5%k#Wk#?7}GeRu>;NP3oPa^;Du7{6U<r@9AyI};Y+!$)|+RHWiZjWbvtb}bs zc)S}+_kj_`=shxQb6#LsN@%l#rp1%s@9@AP}N3z{2%>I0&+Ya3voO0hl~( zVbWBHUPM=i=!w+NOp&RJ79g`HBCMZ43s~C$kS7A{W;7hoH!OxcsGqJsRhdB> zX5p`C&F!Yw(}Q7sy=h}NeJY*XU4N3kAErM_pHKCEoc=y3DUh!I0^4T-KBHbJ-kavW zrV6JiI(-OT{F+LwNHZm@p;_VbAwV0x%f|=hCx3r0Okysf%!`_Exx1Vm_Vf*+r~jR+ zRt&+kJU(sSkh{Y@yJ1eoyV2!$g+$S?M+bSydea&IO$?`=1)(AI=ttpddMCzuV3~n0 zP2QOm>bVqaugZOEA3#Q`i?P1pRP4wau*(8e_HAU&%S1xDu~*ypv@ofSLTvSl)Z{9&PuBKd__@|f=ObA4XLS+_0?)cEu(`!GE37|JdhNu-j zSZBrp`1&PvxcsD&ss|(n(Z##^s^hw08egEOkJXo`bG4uon*jgG@}>=c>w`4UTE_d( ziiZP&=(gOu)$%MgAJDvJ$rNaef6FpHgpc<>Y8g+%&*z8uTf|m$GrI7-Wqfy|_N$ih zk;eExEaQ6`<2zyAFbTvgR>bo0)bsEpwY(ycMqE||(Igf)ok;8U1oZa8o~<4WD2A4F z8xt-+lR_iD^6TXpjYXIsr?oNqXq$66Jg{iql9e3e_#+MZf~j<}d%}D!bZy@P8C{j4 zH!TdU3vu1j^v&}JsR56>nXWf|;WJH=W84t^GvXV=(u1qtH2r?@Yi*J`_<3Op|2>6( z2m{}8Ov7pgOyYXpsn3;jFIMYo{q+!6y(hjt@oQOJNh7$)PPkQgHpt^VPpqoaRLL7< za(M+rR398#CCl;rR8a-7Kc9y9AL~EsdierfR;`bUIDcVYqc@zxs{+nk(CSiB)6z5W zN7wr07Zmo#?uA?Wpk68GzF4lO9^C&P)9;b*`L5Upw~fA1tLcvYiC*;bI{jhU89J$6 z8%#e*2+5)K7lzf)+V%Pfdbq|{V;q2&;jl_~+~Vrf^#*+fRafAT{4E=V%%^7> z)bx3Fr<{d%JC;SMWlDN(P*6CMn?@2om=Em?>dYd;5AdN}BbgM;M-pRbvymJ!l5+=w zx>NO@?wTO%8_YgKVLXOPWwd&CSzPCqX~X!mEtJ%GhoZ50%XszY@`A(Zf{plFi0boM zK5lL>o_@92Co*y_>S0flaeP+7G9es|R0H0yhE7^PH5~s5kCAN@AFYD@NW~B9qYfjO zn#BkW_`zpFxSS9B!+9ah#t;nzz^_8Mk`D)h28EgYgM2s$5`{1hSI8eiAV-LZ;v>3( z*m;)m;ZT?^q+?%;0^MP;5M~n;4UWN&3SnbD!$Is2tN8Rt*dwIR;ln-PVWyl!a)@C2wnMb z9=PnJpcV~IPflQ1{4j^U64GD6dkqYOM!K=<_#SNelXSS)NAC?m0ZLN`bIZm9B`Eja7KnolnZe} z#V9_6>>*)u{=EX_XMp%but8sWH$W7l_W-aCmdO<|is^%dbT)Zr>7w3ILOOfanS3|tPv(HA~GNT9r7AV9^ z3UsZ&hXylPI?@r0qC*voqQkQoMZ48#pTF77BCxL2j6N;oe1lMQC|E8C-YW>MWV92m zbABzK{ zQS|shf$|Pu7+Lvvw8=NVIz}boI?iJWFpA!I%8_CfEM^o9ZDJI?+sY{FVUHpUf57OYSpFy3 z4GORhjVbt%Q8e(okpYx$7{JT*!l=J1 zqnOcUjAF?hWAr}s@H)HMjGnU`Jco*eoUk!U`2ri4aduiEwC)8$-PH*OunvbXd8D%# z{fAIhNHGeOTLAD6pCvMi$`%M=wwh1|0IX*epl96J^N$JFg$Sj)kuic% zbbzljRKRycNYhx(9~4RqDPLmP2+LVK(pijRi7sLkOQMERl*1%mjxSLRU~}QaTlnW6 zBlyP!i;6GmT7aXB0pq`56dgGu&>tDa^e9GIkqhzpjAD+(o>R@j=*U<`Uut&jUKYlx zLDjrt8&C&-gFHOl%_v5`BhY$*o)zfdjH08ytPU|deBC4E8!b{ji$}vn0%e0M1^i21o%dVbdeBVWn_To`7qUPQKiuhJM<--*G_$vyT_twOBN;3 z+WGj~(NDate~w1HuJ@*i-{*SKNxSs}XyU>gFWU9_Io{N5XM7i$_bq;v?1?@4E;5>Q zaJpKyfS%i{52im4nX6V+BpDmn1T0!Fy7MjXQ29_dT5|%|)0eB%YWY|<8gX42M346F zt5&T&e3*_+O*RE5fyVfurSLG(ttpIWs6(<6j*{59;^eM99ZaZB+LOuxK-8ZJZf zhkJQ2VLv+W0TdqOPOCHhQ2Cb%wW2{3rX`zl!sRcz(}ofaZWIQFsO6uy8}|!FO;X}^ zWWjK+D5iz=CHSoHQ-Mk>ar`swTBLZ;hCS;!h9SdXM@{+%5v&*?;Wy{iwRD~9K&Ri&8DIt=Dr54!pEkWl%yPPE|$Zs0uI zHBhZuVrHr*z4Y0!?I(#vz1JcuE4E!58`340oMO7Mc`i{lQfBsg`U9YKvG*Q@7nit}7 zC9Qa9I@Zgo?rM1;ZV#~r^ZUVZ>exCn)Rj6xB}%!)pZ_8C1URKD5=A6=iI?i(!hH<+5vX25hxvLIz5< z`i07>X~`jdaCbGzo9A7NoLNFPa_GjT<3iN`_bWeHI!>*sGSiet`~1f@R8~f> zq9*$H3nSI4YD_K_#PjjT`>`!A@#7mvnAb3M>|sn6+h?Jf^J~!y^NIXNgwzkcRqLD4qbul=^cH< z4N%D~$30*78D{$Ch13oy?n!3i_hud_42ykavAPepSZ%lwE4&IPsSyQI>7=~@2^^<4 zsKl2WBw4w00}La@pH7tIKxNrF<4=|as6+X}HtmRJ0sg30xnVx{(ip=WETM6Rw`8Go z%y>h(@3@(VXKN3H3<%i&kC_{1(oN$HKPNw1^i5M~ z&xB-X{Jdt^5?QR@iG%rhjVEf>&ish(pJ0fTeMG;WVCdqHe5Jfh2|LO3*f^YeOf*E0 zn#cBkSM~B0FSk{%ZqN7s%M|uo? zyP^rTR1aWsd>ariG<>q5v;6CsT*hR>5H|&zRmpK4l}t(EfbO*V!Z1zeei+A|;W|F8 z6V^3$AT&8&9p9Nf?ks5^pQPZEUZL|aNtR5Lw+;`dZ}s+5doYPWdKIJj+h`hoVqiR7 zHQk`4pWN?{Q^OeCoDRE&``mBg9nXWq)E}Xtlx=?V;SuzvhSy5|s0`=#zxn72I%$R> zS$GMx_R?Ak>1Ga_^6Q{ZjtT}4MLcWgKU5LI=wmTj$ozHN@wts)5aZ|FnZRz z+N(<*&l7Cg(H+l+Ltq5mUNbwK4m~o=s|#xo8eEO86y|-Ed^i+dptDm;!|CtkNooz- zw_t8v#|zuCmb=l$%!IIh$-7{dwBO9&V8=}Ax|gpFmQrP*^0sr1-f z!vHS#PQ!IKQf}NW3&U}2C5nXMN|xWJ7$+=dv6!C4cqKOeXryu+gjwy#CmBzc1A4X>j@e7TL+14-ngt2Te8f27LVmN{ivo&lwy|mDfNLMd1jHiG6 zG|Qh>EH-rF^mk#A)3e(Ge5mj1DlfWz$P~4FAJEd?_(sXL)Bv^WdS~Nw9LIm?M2|m@ zbINi&FDk~YlO7Ro5R(L z5t!!1r{yk92$yZ8H>Y(Dri1=qtK74dMx6n)WIF2HC8zbzs&FZK#oOQ9)6R4=OK!mA zpOr!WuVTI7ANIV)PXsO5sl-FUsTpe3QqdDk3ZZMfHKFpQZtGu1r7!hMSIcX05gs}! znEr7r)ldF-5RC}K%qoBLQOmB=onPk%)3b}mscDXvkk{_?O270_`9%+!NAOLaH-5n) z+U?1EL3f;vRjZDfm1hK9b2Kwle%+I5S$Xc5hVGm<C|y)X6XrL*2KO@Ebt*- zbk`;0k=j7>_fFIUGEnx(TROU%O4*b^~lkno?wUNquv-yqGu zgdU3VvJZ>L!+p(b7>|F|##r3KQqY?EzP)`g{}HGs1LMnS_}<`d9{%`98z;h^L(up; zZuH0l2Jw3W*5-ZeO+fYoGlAo~^A=3=K0FBrTKAA4kWPHiuz@al$PglzF$RN zT}^?%mmA``78LixzZ7j^X~~c=I{YyL5MyY!M-0R0!;cuE>F2pYQqBj>v$S~#kzb^4Xn>`02>j3)!<4FtexAn2!5CwyjJ?*u zym|zQs6?cRtaV^osDzvfonUEGff`mBy2`fm`R%MmQ!F~yT!fyGb?Z#?Y7Id&=X?}y z;mEpq8iSiSl`pMcjR|X48}jJc)rM~Ll&qVt8S}HXh8X%wE!K6{CvgUrvepp74NaOA zA>*EX%J7Oz@v6}v1ksYG4ZRhIgrJfV49Y&Eq1A)K>7DUDxN9dQh0t@1lMO=XDJZGm zdP8ryTt*uLI)~A}8LJ;Au(S|5kEL~&(QfaL=|*eT4$~-fLYg~0j%l*~^tbgm87rr~ zDNgNX%V_Pq2;}^aMiX0x8k#?eu#Bn1Pd9`N5@CxFj;53TH>Y!aGJgcZbMTjBSkpov z8R|>|hfp9?XCa`2e~SY2>bp6?U0OPj%AW->)!pd1H~fMv{7Z-9qBOF|aD-|wnM)2E zjxR!6n9GEpL;*_PyTx2K{B26!iOF4CdeaAIcYHRnIB3IrIYAcQ_T_h?jo$jbe~Wl7 z=$ggz-oHh>AFz#Uqd56(PUmg~7Ty=YaFGFfm)}YPL;G8B^yjy_jVf}Ru)GIYFbsgZ zL>1I;URmeBffft{VTGJFHO=YfHWzJ?Dm{?_vv|tzsADc96Mh3Uh=+RB1N1N{m3g_QX@x=F2;2SwT^YW}P zs#gqB(^2KP;2GMrC%$0wLJypSOf1B;#vJ_rB@5_)9lgV48)@(Op7_S!fM_*cwZDg2 z_ASkQePB2}+I2k2Ju_7;OQer%_r-{z8TeYye-PTFHI(4%_{y{P+MLlQ06Yv@gv?KQ;FrhSGY z`p$mC9{%5tvVTN6hF+?||9ko4wVW7Q^A=9FSC7BbhyMH)c2Zpq84?LFf0cOTixW}^ zd)zn+Qa&NP9+$@iqdw-#r%Odk#cJpVc?{7)P0gsmq6BW-46-86H6 z_1nq~0^>6R-?LWuHX<{A!Zr!?If3G#7yE>XZQw6&K?f<432kYgpu)kY{{J`VCSRO?SLF(hKuK z8^1CXDZM%ys|Uk*r!gFYVOFXbu4Unf=JW;@);5Q=Ut>70nZJgGi<`ss7*>^<_;CeI z{p#>o<1F1d0oP5>K7$LD3bW)udhT;oD6WWdOEkgsi+2aByHuOB8Q-#DEtGjzMz72s z)ti5FS+&GWMF_o#7UH_u@Ozs+DFOU1`Y+xH^rI(Z=yzgXz5bL4K+Y zW>&gU^6=15d5VnI{~s z;)3Z1S(td(OnDR?*JoNNEh~%&p{x5$Q>%`cCE_~lt0AFu%IJg;`g<%M=GL1f_M#>K zLAR^WZG2UnKL4*owc?bRPPb=eh0{URV?t=$U(?iO4PpY86zGTk4=Xj~~l z9)f+E%*2yvNi`niE-`9<<6m>tabCi@lxfF)#pL;i7TVVtWo9KS)o~$aGHl%wIp>i*G+VCJgFgd-e z)p2SZ=OTo397#<64igPx9Qz~)Lep24spGULgu@lDv;?WxW~wcOO5ItT(a*tX^D-(& zaq%G?W+uMMLVS*3Gifo_WtEwuII@{+ZnqGsHQIdH!sbddnqC4t(A> znAsd{Ce&adRF7X@%Logid%F)%$L&L*mB`FW9QS`sj=Fgmt5Az^>{H=k+`(Zx2iOX# zjj_0i<-vbbgB^QnaV{|t;~%5P^OfB^u*}|Y=Z`Ywc_Fku6;F{@yY;nsvdF#Z*4Om! zs;zDEWZ+Mt@;?q)7SQ){h@Gz-X5dNSu#)UJ?vaGP|Mm=CndY`mF+{#jdw?Cvy@Dan zA-`Ry=LVv#%1-fKFeRUh=)!=&YdAtvNdNRijUnpbb$ zWV)MPZP4<1E#w663T>D@cu}2)qKDK66E8IugcUtB_hHP0Us30x`ld6rJziIBglj9k z;M!6;w{F&a*(>y1-K=0zy~k~d3JWHvNU>z#CmcHtQ$W-9U0Zw0EN2j&J9g`*Yb$v2mj zDbKvh`?40~=+5RBW@V#0U%fCZk^~oRz*2WF`sR{XO33~$#d5wr9+(TUP4#fC-V;x4 zQ?SOa;T!eWUXe3*A?C*uTE0$d`v36Ri*qB2G>x6yLJrA#xLx_wExv;B$YbKFvWv7u z?k9MC{a7(I-!WHVKtX{%B8K~@Q{T=q>WgQR)K`JuaQ*vvT!N2%EkNzzjg706uGy^& zrL&UsVYIe$p+@FS*L;8-_UXTJ)%26ERd|N?cdn7OlFs`(H=dU=&^6+1Io&DV7SrQ+ ziyE$8&kU!^n}XaDnma2uK9V(NHX>kGgl9kQ{3#0yr}1GA(9=IgC50>Q#2||vK})v# z-~q!Pd;#wC9e6G|>)TxQ1RxTvb`Z~UCOz|1hna1oH}0H!0Df>%UmK+s7AL(R;*frd961TPtx zIcSzvR+>I-6;mqf@s?m(h+0~j`Sg@BWkudA6K^S)mZ?Aef7d>H#({b+zyJGrKkw+~ zyVqL#vi9Yiv(G+zuYGYxx7a}U7s*KoLSG=4Ghb%H1mJVyb@~j>3zU9lY=$9raEurh z<#Tqh)XhEq08KeOAmlk*-crgJbbC&RNlywIFEhxhmGmlGSQi*8?_h^VI%4Cb@sAZu z;yYTU)&)}0xbX!u9W(NXnfKV(sd)v(?BflE_pz6197cBcO^1%v4%TbfgX;^USzemH z1?%~s-jCfb!8*y!>kA)bPp9bv*y;_1I@WPR;p?pY4Mc0$P&kt<*;p9HMvcV+%I7y0 zhOk2$3+*g?T6&=0_{U1}CXSz(H}lC7)>y2KU{{K@(RefDHEL+542WraGBvLOg=#|x zI++k7TD;~;h7MS!OxRIregnp$Mxrrtrk0_2^vX!sTJYiJG<6T+_Y!$H(}O7Z5Z= z4@m}$=t$ET;2=VT;+i8t(lo}M5F*m+fdMbg#5ZI~(lEk4%7@h$47p}fc)POX)l`nA zTDzrC%f{-`TQT#yg#qlb=dHo4a0CHC^<@DP@G{RtDBU@0`Q+m|2Jv5kxHQ4lR{zKU-@V;&9wA+eGX z_=0w*pbtL1;kJNM;F~smd%W@$cGT|0%WED6VBOv}n*7&6o+0FVmOT;ghZn-zhO@a7 zu~+yEgw!z6>_uxvtQ^H&$-}GZ%_r|SsV@1ks^bNC*BXX9k$qcIID4=l#l+?Y`{`8C z$lzFJ3|lqV6wWUHVKcFli(BaAXx7m%Bvxg_cgX9=e&@PTfvn?8Eqo!E^6Jo7mKZWM zoSi(2#OI(NpFrXl-a*-Rs94DYgs086s>McDvEUJWj2!J}Qk}u4$J_X*H{s_%lmBw# zy@Ix4N#(c=?tHm>I2%)rTh53tJGaMz!Clw=6I63_Y{_FC+W727gfC^5v&`z=bo!T1 z@ah+rS^H|`In}Ne)^;-1L)=dY8U$Qy{(*pq9L?D9r>%qX&Ro=c^txpPnIhksUKMa_(@_K*!UENaqDqgb>*$3Er z*yZ&~eK*uRD*Tcq_UMjAS%*We;uNW5Id?+dlxT0Kw2l+am0F{13|GmUl2J+S1|u}v zwS488JL*^UQcfdpIz^#{Ra(2E&?LJSDz)%ZNX=DI)S4tx-LdOYyW*EDJ-J%eTBjW6 zW}Q3X12v|gZQN?ysF`9fw5vB*+zHgEH+8}=)lHYys5g3tr;Ea0)vmm9;i&sX_im}s$cYa*x_$pQl+yd+xww-Y*>LZg%KQf<<1 zNJhtXSGsmn8XCdf>8omdp^TQ-s{E=FCcj2rrSht0b4`>S=Pr$RMrOMnR|-2h%@NvT zzI~A0pErat&crkGg^f(oQK#sW)%SN-Do^l* zdSilmqYomhZ)vwFDoB=7uAw(Hz0@0%?ctr39`HpyIPLYG3Y(8|e?g%*&)7)`Mcj`$ z*9RfJxgWT;PD({^qdSW&6wJ7Fl99hzP{g;1;~&mx>Hamfvh}6n!a8&Q*62ksoW4tg&}pYgYciJtxEI@mT@O3G+BS?1dqu2y^Mi~3eZ!@e>#`V3VB zX{hjOIFD);Ji0t7U}c$plg~zqelOtLW$JkK2Bn89p;njS&YKR>cT#udOMw2`-@_S1`{-7pixX!(33;({L1H;GZ~s zT<8Q%!t?}Z3a%jc4Pb?HmwMy9_Se{l@1knVwBO6zwCkS#bd8VaUQtz}-k@zXipOPX zjUH6Epme7*?UO|1tZ}9gq4nnsicJ z2CsI?q-W)y`@lYzdK1-~`z|6`cDl0co~BOW)w>me3Ze16)=$6Ivhtn!rlt6}_Vs!! zx|luFQ4yk^lC*W-6e-ELM`fm0|8T5rWn*SKqFA@b9XWc>8#{aPaYui74*TYDN7oP! z7q74G7iiXImLo4EOVt>TttHga`{Cxe1aGj^4>M|dc<#k!dl*&IGd&BXq+%D_Im?mg z%*Inm_Uf}eUD+5HXgr)1yX1{My_$RYF3m>tSM|LPU_yv2uMo90nvJ?fqi?dkr>B#Y z)ySTwT@P2BUBhoZWxF!{+z&ZaqN32EdbEJ%-ms##{i%9V_!&GN-4EjQYfo49&zVtg z;YB=LFK-%P5B8`mSw3^gn|zzJ*hj?KXz&X2zRS0X+LC3n%Xfq9vqxS<@vMdJ2(Bxuy2ATLb;W)3&uJqlgX~rw5G>BSux^Es%ba(@FHhJmn zyf&)R-*fp$7U#90l_sxCh&b7m!Jf+~%WH7bh>^ewnqXPKjMv)i@)%@I2&r`wcPa7vg+*F%e0MMWV9r|BIypdwoKb-k(G<3>So!mBlX&47mK!C-|K9@ zM;ot+SHG%V6|_~oO75h7RlRCi=88S4c)6#l@oo?Gt8%>Rrv9qWtFPY(H)|jb?z8RI z)n8T1wB^BDrxr^c#<*I?`K-A6JFaFQ=pi*MnJ2Z*ZD?&U+|uOBU3jgm`suw@nZMQb z_PWRlU8?djJfieBa~ouRZQop%f8!24j7cT*v#T%eljTk$C7+A)cmYG{To{ww2e8sLA-j6ydSx5EwUxMwjd|uw3INRURA#1 z)~^lvn^I%zgnzuJz9o-Sm8)-=%Br>o;z||m->|hMPhd*%woFy6)FGoGd|t>_<G$6M^a%T%`vjnl(h@jVE>I#d@073n8*ua!<;d68+pYIV#bPhl-Ta2U+qRH9H&SfR9{LqLhd`>L@Ga zMwDV#CF3>rhU}MWudkOdX{$`!-pHDVN8b|ckcq76q$vN4hL0J2@j#@!RF=-JkDQqe zE~SFq*`LRZu#)sj=%`N$!-MADI7G61?^2@6mU;HCU1;m%WtemR(nas5H?ok*o<=F2 z+OUT^#gnyr>VtBAs@Eh%yPiVnw`G3dO0(mVlr8p-?m$~yPe!HToy;ip=2s@w#5z}h zaKiCyR}z+U%30%F$3NI17%p|vNH)O!93JuB*G7Jg($*@AQ4HOGE%NPLb@A%}>H7@S zgAX4W$(C7o>?#e37ujQ|O)b4*lQxp&!Z8{brJ~;{^p8iW2P*#KM<;QgT6r=iVGhB2 zl+(x6e9+a?wQcfKyVM)h@j4z+gO?jMF4tDa)J;YbsTeo(&NIgY1c}12ihiiqV{LVSQUX@eEcFl7n@wp+_~hTIgx@>WI7xsG?liZXoE2p4fj=Agy{Y*dIQAEF~8?M z>Z$*(N88!Mk$m`N?3U%~$o3VxlpAVRjB1&xT<+Z4mGY-Bx?Mf&BY2DBkt*A3F|E{ECZ%@OCaqU3rSin{I#9-Ks+F*-)Zjl)XYX6} z;U(3JeCr%;rmB^STJ7w4H_L7&+lMIXwnRe5T$T+(ME|3Nzjm<$vm7zbP@Zfn{x^#M zjpcuRH+U;c4YsVzcavd*S&YIdjf{rp%lw;#bGrODnVN)}ygfDzizqLO6XVou|#i0JGT6M*3jQK&ob6l$(#lx*ZbP9vl%Zsiky7LST@_G*LY=Am0+6U2EII&*=0;qSnv=dK0OkK;5oy?;OW!V zwWCoV(8*=)Fo3>d>S*MYAwrsVp$a@yT@6);TUG(8zehHyM&-2M^$3$|wlZ2uG54Nt9SR5>?ktU*s@%-G#{UyC=6P*DJ*E2&hU zq<6(8I$M74&PHQ5Z8h6(e5mte_B)=>J@6Q$FSIu@Q1(5loL@wu^th+Tpt^J;?@$Rf z7Chn-`6JFyx+?Q`myEB*i;~?BvMac$F89?oE|+?6B_zvPa4IxD+QtgjW3i(x-mAwh zcJ%MxIkn656ln%NiFNAQ4ZhM&UAw0AkV?CBNyYcfaH&juTvSU~Q2{>|Ltq&RzN5e& z0>3}LP3?t0vieFf7UnTq5G<*NzR)e4t(k)lvumc7>h$y#iZ-KKSb4c$EISE-9^Z~A z3GDypRujp-v7S~G5f5KtPhb%inK%xlRVKuvFIy^nV4KSB4l-a*BZYrS$jmIZIv|YA z1+V2Bf>*)AoA_6s)vys@OKSPP5G~=NATCp$Hc&vlxmHu?MZqImGb&UUePmh(*KHj|!qy^#Ks*pd=zs8?MiCko1uRtXGGUv+3SU|1~tMPqVz^GV)wFhzYTiLmHj2-};7HDU3M z^6M>8_;4?p(z*?EHb@J3?nw`eZC1j*Jc%xB&srFm^ksMd9HKuDQOoWkM6<|P+ky1! zSS+klHWLlxqV_EP&!Su*%7ZAdX#oeLpYQo>3e^vpx@?x_!#rX#+k=RqO(Qq=ev#dpMjNS!sH5=TNM3;@UNjYO9d;MKfle7Te5AQm(**LQXGM$5 zVS5I&3Tu}2Sf2h&=6r+K?&02HvCR}8&qJ7C+Z#Ec*a4Zm1Lc?ihA$&IJbRGG`bpsJ$_FF zpBlzNn}(ky?Gwq;cWs%i-4UG-Sm&upT~b~dsM1PwllvMaji{f z+1HWq2NUqAc$x@*g)V?59d&TD{aQw0iKZ2YLHL5- zO3<{Jfc9PY5_A-&EmEGK+jBZmDg*8QQML<(oNo6)QhTSgx=8}}OWOoZs}O=i0)!wn}&RJ~IpM505H25AAscu1Qb82g0`SZ!#cPi zsXtk*iD(%cH$$*bb9T10v{|&xY~=DJ*iLw(i_V$M!wi&u6>$_gR|>$zNJ;nM^1;&m zf>v7RA*r9B6;&UW3IyE?k%F*$@@dfSAE~-j$Y})z42DXZ6xu1RM>h$QMoOPGi}0g} z5XvKrmaYoAl+$CSKr|aEsK{Z6UeMuOf$>r=YF6c9_W{2da z@=22?%*=D-{R{Eff&yk<;|T3stmLKWF?sg*yrRKR1{D z{7+??ft{{Q^JTBU?ucevPGZf}s5h_C$q7{;zg%SX(HP|XS+O>N?J7q0A8Lw1*guP@kZ(99vYUhS(X4S=dK}yM z77`xyrlXSW+KPe)zvXy1V*2>81$o#`=jj4exlc@=JaarV4$+&@hxspNn=%eIphr@V zH(+FGCj3Aw5vvwU#CC`!VKu`3>rP>BVV78;wOcHp`cQ;}oTmdh-5v}diG21bE4Q46 zy&@n45eN_yBIu9BlCFKirY91ZKnVa#2$8^C!o9-WD&oh3j`;+R_)rkb+a$w&VQ?1V z`w@-!!wDn#$}U*Cgl9T2pz(adPwyqrnrI}%HAh192&If^wGJhePl)(jAz+!Hmk4}Q z;6_5EUnOuaA@VVCOP5H9?u?WXm4J|L+J*xnLnNF-G%#PFJHt6de@6SOfXLtlf%H%? zv=wXJ4vLZ^UAq5J`XdD9JB6o^@E;hL6C$I{giv6w;MWTNQ9@*NTHslM4FYcyevVam zxRX*ktp#=wI6z>&Kqn3A4F5#c3w)Ij8Su8+Ei?rtBjFgV?bC>ii~{Kn9E0!%qQ6k? z$T2O&GC-6R-HDf&`WBVkEU+74BVJ|5Fk3`;jt~j*nn06O5DnxuKY?T* z*02}WPzh1;T7lmRJT9<-5DMUhL^7ZtL4+s>S#G4xODkXvP6X&j9^eRp4novO86h&F zDp#TS?Flz2O`%$^T<^rEDkh|+AZ!6Ne61|nBbqlEs@_O^Aa61tHJOtbyte|~Z4^%d zzY*6j_&kAcnHXe-rd=e*Hs0 z@AMQvCy-yipreRJNsgitJBAh%`=dV!#ublxtK^q%1FCxpVhvjUyx1mm^{ zU_#we!mSArpbH_Y+%Aw?K?ZH25}XouOoK2=j^52{5{UjO84ijY82U;r(Z>*v@<~)I z0s@_qgBYlCUIHM$3{MMFyQn&@`42FSP2tcdP7@*_6)7|t?M;aAbQS?A+KX@}tRNHO z#+6U_BOX?SsL=%iUnTqo_5TieI^awrLUf+}gbA=mNSGo?X9!zh524`e)S%mgz5JZG zOphopV}|qM@eG=GUL?Gj;(s7Is^PXYKt0ySVE0nmp6La`9S(Vb?WQY|{KPbdY2AY@b z0F?}K)BrCS(n%v4k^2$;AnqUN+)kPhq=e}*q~1J}=+k06@Vj^l0@n~98j~3n!i@r} z1b!fpKOG_eM9>EX9ujzz5H)_8ke>hiI>wDAgf1^=+=dWzDj@>$>lpMXA)hL+Ovw3l zjCkvaMmT;MgXWhpkYC2Yvm)MaA|A|dAV1VUUB^@dp#r&`cF<&0nD`cf9R$)5A;eD; zm?3ZoA!>?_93z}dh;~{9CgT5(7)PAo_YGYCcZ2{8 zUNU6FYXmo@ej=e^0t*E48bU^8f?iDcp}1-ge?8H-QGGy&%TY%NKEI4{$Hd*4)0yah z65SekmFy9>RNw##0OT2?s(FokE2{Lk7!ROC3q-h=1+Eadju2J9k??y(0oC7?`vajF ze8To@pQU9NcKB2`LmRvodQUubm_FXof!lNE@9H!qK~oTH$2LbhHurHGOk%%>)9GB> z(^~oRSNGxqHufu91goe_)2L|{;qdmf$W(fd$4rCNG`V|I2sEkiS2A{Inqjbs>a6NCut|ur`r*?X1n9n5MBWH zgaj1?Z|rRB<1jFV&;~Z)eaE{j^#jKX)wLfuhRJN;4o3>RX(y-eGCTI+|WD(x_vr86AE zmkP@hv{}a%U1HMbLuNsn%x1+u1jedhE+d~TzD0zh7~y`4nrcsy!@Kk*W2KZ;pcj1&=JCS5T~+ z!*bgOhB13D*pNR5Q3geWGqK#4JHz0-tn5LySvs2ZmL5XRDiKvRNA=pyq)_(Yv~e)M z4bdbKHH7Wi78t3@QM0{mI)<{@ZHL0F1LVVnJd}0(mMjcn0{<9x1HDrU3)mK1bbEz7 zoLzZhYNTorb~3}(JWEVSgKCh63wZ>)d%_s0YJe?#Isx#V!!R2m^}HvKQmj=NeOQ$* zEGlwq72%Nc8bKN{?8-@Fq)(y`{}5#MlkiJC%|S+mKi)T!x+$lN*6O zV&YW97e3B{g$^&J?q_*jVJvWwo|y;3&d8L`-2(g%Le9G#67I+<$<+PlO8m4KJT<)Y zZSYD8Hx~X*Mz^)*#tP5sUz^Yp9gU3c>#X~D=BzAs%W8;xBg!k zaOXxlx_>Yxw|_#Ie+A;?i!PVW0@jR=R3-Z>=PX{Rhp9)htCuR|z1gXf5Xb|$eU`ND z$icgHQZw$=bQZF4SIVQ!H0cw_yKMBs&EjVuzPnQUvXL_rV8=61G422I%mf(b@RC2^ zmHr#e(q9k#I^v2igp~vT5=6p(-n{);M^jj&sw{|AO>Ps)>>WFzcS1N^$g^4A{QDzS z`N7 z3&k)4{nh=WaP<2X;kDHAP=zDN0uWOuJ8!tQG;Ry7*;i!Hmx;^hREqqMWl;#&}(ibT0h_KI)xZCb?CD1N7i)`8!o3cd25 z!m@j|M6btj1<{G<06klp5;Gvr7wH#yrQg3<`dzR{0(YY5zRl9FKzy@^U(D7v48c7= znwj4=hNg{g7Id#yR@1z)dO>7G19bYq!d_WXVrbAx@TutTZZ|51ojwd3vfKX5=eA}4 zDbhjr<3EI7Qv66*53s#!1WTtp8qY#NccY&Z(UV2=72<$~M)08mH97y`19QWEeH;Hi zv3RM$v+*f#w~=L&NS~S5aQ=gin>O*uKsGW=>F%`tN8_~gu_-OFUC5kxo`J_WZ5;Hh zUh{=x1=a-|a$2aXx-!`J-=dx+MaWyF>^sLKpS?=OE%^@7U;Yj?WB%6R!%Qv=nO?8Mdj{ua)H!;o zo;=D-wWz<ydXW3rPLUs7u-3;NoZsC&Wg!qpb@PMr(EnZI3e*17U;pzu{l^9RVS=VxEYpFd#A z1YJVmxOoFMJytk=-hfZf%UPeE_k|0FGh{uT{popQ>rc-IbeWTFiFOohDxiGUkH;EI zzL5FT^I;mv+1hN^pfEF$=u9L!6Nws;=nS6dj6WqxNlwi^Qa?4@6gPFir0^*dC{bDt znbA;H)*)IJ>!=mZ-^=bcq1ToL$ESGh5z1(AzE+lu6@@uIl+4Hh>&Kg#L|9lR$KUqi z%ysFp1Hd9SpGa6bPdfrKJoHp7hwQ?sI|&!ZFRkyFEw5KpG{xDWu3OomE}^PZXrJRc z?UhYmm)t~8tCw`gE^k@cE@hRjHjXORt(aw(w^|L@A)bSEjf!G&eD1YV)09{md+)NE zxB(`yyIf=MS0iIpt6ONQ$+)^F_~Llw;*#2@UrVf1`pJFuQbI^hQb}CB#HM}H&dTOg z`|C^=+~4kpqeY(dd}iOCcT})YMTI)?=|jU6J*Vy8a#Z=PsN=^2rOnO#AwW{HMM zmF*w~^UvZ|(sqydm5*YZYaAhc%*wB)HP<*&`qC3C zcTZqj`Foc1+CZ%K`XRj!Yw>`|$lhCLFvpcp`->kQqWnt^v6kTJO}2H)S#}Lpe2D%NV)7FrEar7cQy^8RATRNh7mSz-YI zMvZ*h41=Im(3DKQY!SGd5W|Iof~H{r#cxlD_|z8-h=(8&b>k6){lo%={^AP>!t;0o zoMML4SIp}H>9vPWs+~Y+5Z~>AD+K=?fz;j}HE1D{2MIJ2BApHb`RsZe z7~@0$YGsN**2xJMb7T$rq6jDdaE!1QgzSbuAC(f8&yXVy|9}ik7JQq)974qB-;sfn z1pTr=e&{UXk#%dzdxyXS3W`H#A^1@U8U)@UM1uTF7qAmXf0RImzy}4=X?esi6j&P(4<0yQEz%4?4 zMBtBt-yrY~p%W3vW*=poEYL;>evZHq0w)RiI>Kz2?-Tq_1b!~?D}hG^{wVN*z^ejp z0-cnR%16o2ATWYDTBf@v|BH?ch20%_rs$aS1@evzd6SNeeB2%RqzH$}bWFt~;7!43 z(vuOPm*|WG2oa7ipP-Bd%{wyaRU+Jaf&9A=;`0yBz^?@Vw1~&Q10mjR{wWR~-n)T+ z*}IVd@7+M&yMePr=UgC=_in^**1MJOKnVY@I=9g&IvwxbNZ^0fyOHp65&unr2Lv7= zq>KeN2)rZEC_1GxLU=3!y9u05h)%YM5D6_2xI&=2m#-IemB1YW(Ul~_K=Ik-L7a9= zbguY_0sMsML1_OY(5mzafI&!D(Fo{G%Z<;vWkUf!`5GICVBv8or1TcEP(ZA!a{k5(c6w32E9!U>Tu59^!&t#8Elw=m%5L5H=~WD4Km1 z(W?a;5mbZ|ID(2g-g_iBh88`^=7tqL%ogYad$Y^?^o!Y@cZY?rh*mg}XMn_NFJX_z z-J25vRQWj0VI{s)+$m~d(l3Dq8EC^8cG!Tg82#|k!GfcbX1Bx9JGGD{lMGJBVq-A< z{sn3k1H!$gXdHU9sfW>@KFHTWQ~sHZRsJ?O(&r5N8^(uU92yWmtS$=43$YQ&pnLJ@ zhzcN*;@=Yi(nbg;kVpJTM(%TgK7x-KR*Y_7`@b+=ACAgjgg`MYpj$u~oo>#56#>dA zIrO}xB#=A*tqWkaPhkKCo;Q1c0LvI25Q>i~P5EaOzM+eU&z3yW6(io^0lFai>foIS z4p-objB3WmVGML~R1iJFy~EE`_-yX%Se?P6pa@L2L+`*x1b<62z9vvfoUQ;0PfbO? zE`h8>l?Ch3k*xz%TLSq+i~clvTt1!{u`D*sFV-g`OpxC zY*(Gt&PwaB$au>SRv(u0y|qj=un(K|jWwFxs#S|rf>YK$tn#$A9sB77{_Jf)g7dCglh}jbLOH0^iADZkoz1TOYK>sseuN<8 zs5OpVJB_&ePFhph$RDlAO!p&li2B}|$hQ7$4P{d=K>668tQqY0GuCvr^e5|mN;K^m zEO{P$78TX)XH?JdGuE~2gP)M^iJ!qc^%JCdKOxH(FIYRXHfNDr_0K4bl~JwIf?}78yQx5uqB+p;7*M(Q0MqeuRn>f3c2Y zy)Geq{RQj8Z233Pv&Us*t-EARV;R4oR*b)(x##|D?ZKYAWPOfpx{Ms=pM_2zU4X{z zuAsl{J&G8`6wU7&lxOZ0>lUi{*Vr4>yq8W{BUF6{vYjW8+Bc0*=d%WE102_gMd$z1 zi1rzC8ZB_^Bq|VOPqwWQ>2~}T>E66*?W(lYBUhoj<|+(C?zxH}Z=ANaWOIMDT3FF{ z)_Cd$hrdU|?E3{;^0LmoW^L`X?AVi$X>P!CNh2AnuCL3L8V=2ue$Aa%b={FCHGB^L z`m(C)LGT}#KlC_4z_)LHTlkj4w|9OBe2d}xaK0YC1@P^hUv+&^-u`~!dn8yXs=B@; z?-P%IHRPKiuK;cYI#=ZF_6QANzR45xfp0BO5T^<@tVTdh-ZoD-UEWrYzXjwkLv8{t z1{(7=d1S4@TfkL~f^QyAIUK&ZJmnDho^m2eXx>^+l!(07J$^F+6hR&joC1u=V;)%n zc#qBZM~O4w%ZGFva15|b-YcF^lfWAWULkNOa6;bm9@!$)bk2O|KqN62;{IIES@7Ap zp3~vW;(AVnF9VTF@}BZUo|*Tg$3GkLPLR(5CId_JW_V-^kcow>IUm0JAbkdy0GyXw zNTHm(g`NX563m6bR={U-3p`1bgBQq^WAL@$%Do7mA6M>q_;iTzLhhrU7_a3%;_h}Qrw0$1nu^8|Ynyq~~(3-|-@joeI+>?C;K z&y#-r7G3m9_`iXFKK!4;@0v%Q^keuA&7)5G5q$rgN1gO-_zoha4|7wTo}~8XcJ%o7 zA;3-q*bm$R{3N%XNA?f!s<_gh!S^nt2Z1)!!GT<}C)7W|>jvHzz%Ibgb0dT-8qc)9 z!`;A;tu7qb-2e<)X5v%Q3JgpFfopUa!@&*1@H`kJlX46t_Ty8A4m1t5=#PE z#$tF<7=(k{@N}e)!-Ii8i0iFVWoqO*(ISSr)ycX)htUnGk{y%ii|I-Bi592%kyAnuyp2myHdGzY+U`hH8J>JwplCu0H zsUB_!#@O${MVKVX1^%i4ycJ>i_%U1$jOTyARkRLQ8673q8<*ZyTs1UXatI$9qY3vkhJ9dQ}|1RROW_>$p4%nyRG9gg1VBf;zp{2JFb%>iW4>j&J!xTfEP z*9WCpifeoVcz1!geejbXLNwm&WaG_|K3)P84M)f5E(&DF?^xfce*3O9LtVX3ZCkCXuJW-xBeP9@wnR2k zXWPcQ=xsgxa(WN7=MEWYzTe!B1va4YyY#k;tj=Kjn#o36Jc~2hS~~wId(t9Z{jKcO zIa9+yX}R zD)Y#f!1pTLQ4i-D7G<8pq2QOKomeNj+X=x(SV+28I)HhIzfSlbcOyb<#`4oGSn2&E z{Ab|KdScCoZvotMaEstxfLjdrGTi5IC*e+GE5>E%DtyX6=XS}4TgCq~=lp+^ISoIp z$lLh`E-zfd{N=qAxCZVUIC=}sf_of}=502^orR+#Oq1Yf8TJaeui+$Ins&IC;68*q z1!urzm<%@zZVp^6oP>KxHrx`p9dIYKxJpBD6Br8j6x`czU%>qVN1K)h!A*dB5pFBo zcW@TmP)5TofqNhB7~EC3VB9#;;O4-+3HKXZ8x$@V?s2#`;bFPzX{0Od6^T%hNIsMu4z%UTCe|^?HY4yH)Cq#5 z9VDnS%(rX{!bN!~*tW=7g_Kn&`*wjl1nw5NSKxkuG)GS1zYtg}kTfEGg}`+J*9+V% zuu9-|1xHFd1Y@_ry#n_OJSdRbfikESctl{Gz~cf>3q0dfJt)N1L3YkT-B83bfeQpK z61Z645`oJFt`N9dV1>YS0@n-NEU-%8c7Zz-bV|DgVPsfTp@6^zzTuu1g;mjSzwjG?E-fQ+%0gg!2JRb z3jBhwCAFDg91&QjW2G%^F-{XMR+^Tic~io0fl&g@0%<;#UcRbgb zU$ia3XUToIFZr=9(Fn3R8P|}SRSfPM@3Xfj_7})(0r;xzomoTAQcPY(+f1su&a5`t z)<#ujWj6>*yRh1MI12o!-$n(fu6AJ+Z#~>r?#fDHY;Ck5$fuBfd>|~C#mvBY2a=8L zjj>t&!#r1)Zr#|{PxbApJH^@(|NZ2das*_5UH;uH92v%4$Qq z>ghJy%b{j57nkzaCmQtV#;QKmCq{0@@C!fB%Bc)m%!>Oxcx=YQwzlY{bm)+@O}2;h zqcs-iw#M0mxo-MM;unLTR+GB-Jq>$km@O_8=F}&3-j*>bV{7D-K1nU>G)Yl) z;kE3wVYW6--=1>P`8v|_Y(4$`iT^!aPlqYxZ&govXlwtihDm8#mt|^Q6kCJXraFDC zp`YXCnUc%T&)7<+KRwFB(bcr*r#?;GF*SI~e&}HH9R0Dm>kFAuR$kIQ-hco9$1!c!z(^#WR&iu&LLgTwR8h;<*dkcM%6?mGgR0-? z8=7oVtvdcuTfQp!f2$q)XrwJUK@*a}`-?UzgZCL9a|Z7>zR6|ESBs1?_R_@6R@Ki1 z8;mmBc^3;ICXBZAkw^V4AiX0yI@*@QVha3lXv!E{2+JI7h+@ydCzr9i{>DglV2rH~ z>-5Q#C^lP84`FX!9vy+x&(njn)JKz9CE4V9C(qUz`!Vi57n{TiRp}wshJ2e@mXq1t z*C8D?)>bNqu)||*pY_F{pa1YighzZDSDZSz@(YphP~;1`-85wqtq}Md!R0aR)L_3> ztmKQJpjK_cpRnicQ6J1A!J>+EL8GikL(VJWrw!3F~vQCJ3pnP$ik(`pxr;Z z0X)MFhr_zf`y$vNu!2wxdz%Gwv43ujj}7`=1Y6C6MN7VF9LduzhS^_k8{(vF_Hse2 zl!DQa`$yTNf+o2cE=Y=#as@q<(+Sc9LAU4hebO93kK%M&X|bS{VziUif_DEX{XJ@l z=^tqA?>x~=@INA=QjbYeAcni7h(foQ?rTEdFZH0|Fn)MI;~ef(X4lw-9>u5 z35`$G&uiGhNw$sbaQ6%|J3ZOv|F`Eef>?EUMhN?5vJFdc3T-W!rO;+!;|p!!Y~k|E zFt)zXmcULG+S;%lQ*2{ceT6m}htk+OvM`4&h=siYGT#AmgTv;>jyi1TSjJRa*xznu z#IP6EYR&AK>783r4Z#Q>NZSoV1oE$jpe=&#B(N7pw!KYOcPHANUNThuFis~N zfMFsbdhP;3yz^6Xs=i_`;8D%$$&p7tYmmbD4s92ZO+7S6ns@X$`6SfkU%m8gn+jU z5*S1DvltQyq$Z+pi$u6r36X&b7=w72`H&0<#9JKUc$I^nCc<+CA;&BRPsa?TcqZg8 zQHjC{ky{(W1o!`PiCY(~~;Sa?Vf8q#wC zQvwCp_IC}7B=0&;@=9$u!fzH9PQF}f3)egFT%i1{tP%nl8;weBZB;FB zYV-cIQ1(L4z9#)l1WDyV?ta!D7A7q%^emlD|1wNYHR(4)O0{EUu@8rbv6r8;=~UZg zC2KnHOTQlhGL#&)7RIW2src3@cKLm5@zbDTc`d^9M;UXnfzOO2}9Z1AFyu$2ZYrQ#8$@^>+d)D_wtg5Gw06s*qW$f zd*4OkJEwIv>4&=I?2)HX^j@rEw^$V5DGbdsFm`{+)<*9@kl|eS!w8}}u4WCy-Vb&L zXUEO~do_+ioddQ8&r_u?i;2Bk!19uX?|>33Vixw&VQ zDRH+~B)ZPskusV^()cJD*+x8qzTl3;COT2PP;6geW2X7(*cvB#$`>AKHKeK#5%V%+ zt&X^5$STz(>W{AW^{oGtso8r#2r9m^fo9cvjLsIYzGQRA=P zpQ^9?{J?m*di7hjFaCWv<@K)q9lYMTU*7&IJz5*lsR#Qwc67VoWa_hCFJzfg?`r=I zwjWfi&1Ty>Y}C89a^|EUQIqSJ7Kx(3Y# zdE0CRi~sJ!m_rL+60j3o9QVGtwHwf-N=K94DcHd~hrUiWDkRtz4^b*kIG(4#D z2goP|vI=<%j;uct9S`gbM`ubCJp$-}ds5KzfwV|%qoB#C;{iBYhDqU10I$H^hSP)g zLEiKYu-Pw9dIKEd{~fLp4&kNu;V9A`xPQQr+yzIxV{kviQFZ+SN4($RWR%I5Xdv-| zfzdKcel{WIQBsI_L2#5ljn;`r&!`kQO5X-Yya(Whz)|{moN?YHAVvW^{W8IO9=M!! zd^RDn+ia2L0^qA~_%FSNKco)X)_50=?hLzuloc%m`dntUuk?y=9)+J&I|IB0ry&}F zc@cm#AFBnAreTO@2abXB0k2r_=={{BaK7NZDR`TK`{8JP-#0+Y*E^46;6cA)=_h!8 zh0~y7)S@#OfwW1PHrpl(UJqb4oDX=T1&@Z@v=G=AycYy-8SriLgI5hCrD^joImw4Q zU8vIzZHOEI97~!($r*z81n@aHMCX&q6mB`_ci^ZoYJkN15J*dK&G7#Oq(kfd@ zFbYWF%s~1`MQtm7%=&DCzcW_^cnDYkR{}>CIw{flyyo;@T9^KJ^)7yw(*Sn_y-FX%clB+_QrB zJn(ODWO4Hi!FwB64M)?Drv>i}@EY75I30>+KqfS0-v+Kb98KL*#x~%?a1-GqcH|dB zNcG)ff9!-IE8x{9_t@%GY|U|#iG383X41Arpv5epp-mF&;KCs6gQVbal^F{plY&E7 zpMAC6xX61+9b+j+crAV>!?8J~Z0G1GcxT z(?7G-%WTT}tN`bXsU_1VPn|gd0cahnWEi0&r^;2{1Bj;KlL*9 zI^rb)`R8g?4@E`NuWa@fJgjqYr?IdTQTa2q^Mi5 zK7tmCIl1{H3gFhrtZ-0yhiXE^xQNy#fyktQB}f;BkRx1fCNJ!1a#|b%J3O7$PuA zpjn_r;D6b<{)-wy`;!9hDnj~ysgOzV|CM5`h5TPBh%9)zy#)3V*w20a=Lp6ifx`uk z5|}TrK%hgQTk)BKE)`fNaDl)@0v8KhF3`C`cvcIn5V&68W`R`#w+q}YaIe7q0uKtT z6?jBooxtM)&nW1`suZPaE(vT9cthZAf%KrGrlL_ep;4eoAnlSNez-uhz}5mS0^19u zO$n-0JQPv|qnE%8fwVz^63h`uFL6W<6-XNuh|U*SAdp4{#HTko!kGd~S*|{%3v)*M z>8o?TvW-?%e|5x`Dp$Ar)|MjsZ;w*ODCsD!hOIq0Ig+Jq3=U@_-c2?6@Ane=Fy|T^ zYX8-DHjDoeFTReYe+K^Sw?^Q2`hk%;7Sr8m@;~Dh!oYe4<9o{VI>fx@#W%9NXY8@; zK%K3%UW4~99aKnXYb&wsIp}+vMQ`-*?%sYNmW>0?Kg7*L*dUfW!9S9{NBk)8O%xw4 zgyrpN9m!Nj!Ef&sK9uFY9~jAo5WkC8_;7akW9auL@%wm%k6;0+R*|ejyO?k`_XI4T zwDDa z$pyjruf0DreUK6wM6Y`!ck@&I`Rl$= zk$y+^&s7gass_RA1ewdZv+5yJ;(o|Wg`D2;-AXTMmj6K|QZ#)Y^3K0k?7jG%VXkdp zq$(ponG=2aH*C7v4tYP3ephyJ9`aujz>?BiSRGc!UPmwU9^C;cWERq>phZaVJvdhmrY4YEUNcm_oiqwM;AugPs9lgb{HuOknlLIZ+?=G_Bd7S4`U^B9^~Xu6IZ^asK50~< zBJUKe$bp6=Q#oRE`YN(xWXp~b`PviC(D)df(?$_Ww!NL%;d?1A!LHpXF&*c%Pi|X_ zV@%Czexx7Fvuq;3|=@K0K{erDib>A`F_55Af#HPOagqfd+rKNZ2 z8*FVk?pY7EwVBzWmyD(eEW6W8$cA6FrLmKK)>cl4@+M3lKc3QsBm1lI z0y_}~iSKj3`9!04y+(+@>j?2NgP!9=? zVt$$g1CY4%heK{;0iU&xRXMPAvNk`AId?k(w6u@b%r^ZtDM9rrj4>8Ppqp?knY`-BwCV+lfoXcRlq$ zv%NE`4o<&M-pWoOd}P;^+V%3%E?(iZB3w#!SV(%`_L;pr!e)4m_nuOBV zZ}^)0w!WCzD3>^A@7! ziNCN}$hj`;#}lHbct*LVxp*HFY!65BsA zJvnM%W$tffGc5L~Oyiz)*Jln@=a5ppabj$GJqsF@-mm4#G7VJjVfW$vOR}7y6A)SP zsPy|<7t~gGiC|4<*NOAm1SwH{QKgAJ5n1Y!KTHh|G0q%0Wsc~GuM@&6By`A$}7ZT`1fjS_UMeL_%NtVJm*?dg_U5?sUiaH^CZnDoQEs}vB2RW@<@{D} z!d}8(T@*8WTN=)kR@9R$6Inn(dZY$tde*Y`1?dqn=oqz%uzk*f`p)*G0qy&1*LyNB zJ(eEfeA_i?66!37%KJK!UY++&EoHR{e;4Gv!LyN)HoK%{+V$ZBTJ?u&Jvxj2Z9$E? z<2t!o&$}3o?o6>y;>+zM%R4TqwX+H5x7tnhbUo7ZsBHh;R(GZSO6A$W7zsBUZaG}_ zn+55U)NCpqW`T6Gr`vchII?*Z%TE2QhixO0(XE|iL%B=`*%kAcSoU(2$rP9&WUaZ( zK(a55I6VupP|PFpcvXl@$3Vt{#yN`(nZb#n^j1r0F6OcpTvjSGQ&w^PhX zk0pv%%ZjsGB(X882bi=(uV8Ce`z3L21FNixNn%@`8g23+(IRn_%FoL$VIfzHA9lTd(CU5@i+BK!?lnscCU!G0 z04K&-i%l#orWAsSy-o5i7CF2_EQSYJ5Rqk|*_oXor(@+-!A6ignmMnGie+=#qkbw> z&`A8~0lSmsEgKgbNFRQvh%|N%!WNVUwl=SGEE_gF5PAF&XHx0ate1X3j4D*k9JBmm zR6(Rit zwEIWO)CxJhCSWP)G=x<~N95 zLzpT|l4H1zk&Z;>xGaP{sUSdfYwDo}t1_B5;8LIpFr+IJ!G;VmC609QUo!N@bX5*{ zFrF$P%!C~jLBA|$o-yPf2>O7KQ@5q?G|fTrRj6H}xd|iCW}>rDFhbBY8$mQT`~rG7 zr=7y25lZGD21-^&*hg4^=_^VGbvsZ-y~V;U&@{{<<4zL@A3!`p@ZS{p9-*H&Z36NJ z!Ke8aLqDOQvp-e?5o3Td4?^})#u1Hb2^SH%5F+CT39*}MjNnft9H^{7qg`fnv!Rh? z1tGpRR1rdfy@Zj<1t;Y~M0X$mKq8)-uUhKl7&5TMy418yr&lJkcV;?Foi^S<$j zGRbE^HOvzH=LjDa)17h3&{zfJ8KP$JpBKPRh{W@0x{^xZAO=dn6Tn#cRiaUXb%ZFv zM}(-U&k0deQG}z!LaotaB^lD;eF^D|AUSG+_bH^q6-KqKCO&Rn?+}8&8Ts>tT)eH2 zz)lh%f&C%?&oB>{Fwv0L3Hgsgev=Ri@HU0qNKJ?MQG}@S|BtYDfs3kI-^cf!3(O1y z44{IbFvEC3@B(6qmt@a?qk#%)7g8&9v<4zY?LuY^qLq~uIp$I^v$XP-f?9Y>O|8@E zbOA5rwK%1s&?z9qIn|N>^RB%h>wEscGaok3e%Iw)?|Ro|uf5j0*5;KB{=BjwVP3}| z7(Yn{{!7UUlumA0CUC95^#V5v+$1oB63i8ECsT#V8j4~txuYo10Qg55x)DM{+#Lca zL_ zD06|N38Jk6O%x9qh$5VUx1xBuK@Jkwlcj~D*h>r0c^zDk{&DrUPo|g2Y+Y*5G8TR* zqzk+6c^qPY5gAKE3_DBT862m9g)pCmxz8}kV(bCMTDafO0U>c3d@Z*8)vQQX@kwx~ z1{P{{-#viol5;aH8a%q{$}o4by(QRU9N8Jmdnr6JBmfNPw+-@E$}Hh;!STW45M&SB z?6}PA=RGhPo2F&CE}X^u^p(3|uZGN&2>%fF-3d#Ke1)Z#!4~e|e-w*xA-s`e$h_nA z!blSp3H^@gS)In#Eu1>z7lq%ug@uRfpBC8F;j&ytB82TseFtHnSt0i~^nET;L zS&m}&--~1DYmCg2k9nBK(lFz-EL!dQ$sf0!iJufqI}*2=Sn0=)V{+!{CoGzB9Hsu7 zvm1N4UpD5H5N(x6p(i`^?1UK2fgo1;J7#h|y94L5k3;jY3V*bm&J=Pqs@TbJqu)#ECMNdH}yZ)4|v zf>m2I<|No~427ykVH6}+KmBt0tr~PcJ;0OZ4|wN@+6{Sm-$h!b@5Y1>g5d20A`c-N zk(`7*#bXHc1A?AM7%Lt}P+U3DR`K8lpAU#em4Fk@ibFATMhG~G9N>yhfG79}A)4#6 zgh+i2Adf3t)R|P{0W4hrx3=X*C*_Q=OZBmraqPgraqN43gdyPTova< zfFDJG8-fnes1dA$(8ORuFj9m&KfBprN7BWe;2B# zJ=ucS(t8<~fR_cCvaryN7{!0`T6%(UMW>th-x#9qn-?F&2ChuE7&pQrj|V<95+65z zU}btj@b7RNOK!MK?B}JJF#7=R(V0PLtq`8vsUCH73ExO;NZyb>nmUP1%NsIWvtGmU z)5gSW#^K8n$FtB8mV|}r5TQw(``Nzgf6Qo{Ta`Xh_dj-Ur3_{@+Xp07KmL09`?~+p z!cvC}W{#_4600A7EB(&k|L26woY!qLW#ha8%-GFLxi$Ib8I=h+Lr1coPNs+3#on^P z|7B8_Y#E29V0&5Ui|a)xF;@d_s%Ek)>vX;iXCmhy3=(k>C2}v_N{Z z)Hhp=l1(QL%GEb_F@Y*igMVfa`AfE-^0EA_QnG2wbH$yhJdfY$n{&0Wi7JnB>3u3U z95rb(fDYiaZnd%e!c{afZ@;lM5mnmNa+Pzhd9QAD_bN~o+P(Ak_Z^#7_sFimiXW;B z6(_2U6-TRN+o(E)v-jjn{hMpDU6WkHgn$8csje*7M3>@Hr*ox*f7W!X3#iEAA!MJv zLh?;jg-keGW2}?=uJt^xnjy!dXV%1OZ?A}smE;ZfcJRgruS zC7S;aL-gy9;R}P+ON8eb#=JZ?Db|* zkmxj#X!+j3D2@&)?@tuoubOH~EzKdJpV!zoX?ZQtR!B)oQ){VyGsMvRA-dAk0Jobn zqcr`qRF2m*_m>S^qpFs^@p8vBIp`+GFG@-B9=4F1+>VxpY%y$Bi%N~UuQYP=l$*4r zG*$hVc<&-!&}Ox8)p+Ylqc>0LjOV5K#Me+d9#e4hG?dpPTF7Xaf>}q&7q%&*voMsV zvQk}hDSXocCvo2{n?`i{&adsVC2aE_HRK@_-87AUvs#}h;Tg3~*UcfO)D8!iFmGob zC)I{+>2ec`tXgS68rXP{WEZfqZjyZJBoVP2QQH$PYGs~PJHw;jGsC2((uoqI=oA^BJ zB513r=1~u6N3&Dsnk?yjre=*++vwCz9_{_%#8&4&Pba!0TbgSRFHgxH@5*x-{PDrq)AV%`pUHx2Y2cdB(djq#- zxop%|`jWU%8bsACCuX`eQsN7>+KSY@!#n#{jcZZ;2-g&sW_7aYU9n&IkgB!oIjgYF z7wTH>+S4qDhOE7C)$9u(ty!b1QpS3wejqfw8q_1zX< zya#znu9XH|tt@~iP{jAk>S*49R1~R#NsAd+dcDmy=KBS(Gp##ssp^J zr#)ToUDG}_#v>1SsX|A(R;2z))Be(Tn=QKC*Zf|o<^588MtH#7+QCpBFI7~g{91WH zYRSBk!rHPXjYf89tPvT5r^(58I-heo8}ynZzZ?#yY-BcQbjO+{jk7`5=@yoGwf0>U z-YcuT|A{SgCLGeZ-fT8V1<@G|HS-rW;OK<@hC>;Udzv$|L2K4G{P^g2B{$}yNcb1a ztxG3lIA3lp%hYBBS#=FRJ`&su zp{}mI(J7gQ`(LSusCt>}ZCORn{2XtqBo6ksx`LqvYS+?A%HvD*B>f-xk`fJvGMi-G z@r+r{<2!q2#5Y`;Ck@zyHRk7>84VikkF_i7HO=j59_L$)dZXNEFy}PXJuTTYMjKB+ zq+~f++Yl16X!J6O*Ic{5{{Cs&M%ffCr$+eY%7dtjhC}zeUhqrBm+R$md(a?Q{3nIE z-q$M)Kb0rG?q4q@y{>&Vz-Oxcns*@qHEt{n^z7`6=-GCy=4-#MJeluEmlA%ep=|Uk z@90|eESsnqHQeFk ztn&E(c$a>)dPfUh<7@x8A5(iI(-5DB5m!h38U^1ASH1mgs>7cBPM3LeM}*S-6VdCb zKDqk?D<-+Hrcs#}tE;dy1%_&y+fzok%!g#FWHm-7WUApR_tNl!?vqLmH~w8h<25Qa zIr;WqrGJ|@85^|51NLY9Qn|?=$ooMfJ+PA6rT*U5aXSLggC(NR>-f%tvp$J5lc=RW z>@{NAT3@aCwD6=>vwj!*`X7ab8q0^(eZDL_D6^N(SaP}bIzCYox5XUE*X+AtCRM^4 zhh)G%TG1GUdsvjOufQi2zFl~mr7O(@P=GzSG?<{E0J~XLvkhOXI*j%E*r#q&0?2VB z)}((LmB{b0f>4ZmJ-MG`akQuX%cpL$aJro35PbtQj{6O_uz^qGSk&_o!^7Eq5m<)! zdx?=zJDB3G}+B1*0J>o#?xci11j;Bl=m;T!_!L%yK>=ntjmWkc@Q= zIMC*Xn|^(GmM*fK^ARzB@k-!cX>1O>y8Ss;BKKN?IVy1ci(h~4hmQkQ{@>IFa=(%6 ztN+U~nR{WEWz+wSHkkW;&O$HzA0dZuuLL#-UVjnfR_?U|1#=-HS`K92Wp#`DOBRRo zAjjA%h#mIlERMvt0O!okj6=j7-MYrHx9*%8%PdQx!r9=m5G!kV0~;Mo`g<+x>|xw} z`5yN2pB+CED?+XJTI8#&?{nCczlGM0_MM&GC79~aQe5GfGaSiYIe158za^YB^K-g8 z3WQ#L>4l$yEBHs-3SMO|X6MDRLI+l#*7VG>g#9W4&?IFz-j>7IS9Rke?>Wu+g-f^L z{hi{k;B*&$yf)F8ok8$!(k$U0!09OIDM8cgb~sL<>acsGS9CfZU<=zZw13>hS`lm} zckUrIg6{Z{*nyb7>i7|D1x?A)OKLdQ8Ak}Zl+#ve0!zAvGYt|?D3-7#!tXRN9CJmh zSl^`HaqNTBg;;C*bgV`GkquhyjHboapcNi|pk&gkV(j7m$xDhaA@>BL4VHa;Zm)jRepU&O7vv| z@Zvii!m%Rqo1keDDqK?FF@JjXmuCyt%WT{0IB?+U^Mxk1?R=q`{rb8-l5PDSr*3?H zzVHK?jV!|p zqewllfaqJv9r1X$r__l?3eVjai8^Y!jlU zClI1ZdB`8}A3%kcV&QR`5FWhpy`omG*cD@Sc6Ck@<12tm1E&{zrD70+QA zAsoPi)8N51!gKnj$mx1vtMQ!ZV1ZE-4rmpaAdpvCxTgtP5ja+0u0U^|xXBk-1dK(* zE=123IRbJ~xQfpQwiyMLAud5ku zd2mbS;pULrN^)D;>6RTE5vSRtWy-IqumET-v>5lmub78VUwn6*<_heb-48{woR-4S z-~<$AF8SfIu=~g33+_1Lgny2jPOb?qxye7A?I8b?0qO>p+4s)01b+&DMa1vIzPlwY zM&k)ozm)uPpn|WN4^WGj_+#e|POs5C9jKn$^71c*7R{1C)-(iXuzXn)VPFS;DKu!7 z1~SV4eAqcUuRlIfjp$VR6g`>+4L4(DK9J=a;6G|OHYlaR-zxljuo1NpF`6Ob1M}U6 zg<691Zt{<1hw|~=>LP=>*W}CALSzsAycod4icc?=;48=m^pPy+TA@9-625h443v62 zd*dIWG4e5XXh>`%n|%$D%kjdVFB0#?zAL{6U#|~VzwEQJUzkPHG>DbXycN4z9BzxI z4!cpx?v7-kZP2;_#b*&Q6PWktxEM{3P<7+SeQn?z1^;5 z;dUeYE-@_7xD5$yxnCJf?0U5$mbj{m4?op8EkwXAb7pW#X@ZY3%`0)(EemPAA9AG%c#PKOIcE|uX1WzAa_Kq~95np(UFcc`?O-01f^J_LTQ zUtcpiF|52vqv14N{ciHYUU<3$sGsyHK`JHGArWP0-rt+riEua&*wr~_oZfiiEn%Uv2>4|KTYcj0RKD;0M@q*R)%rK-D#9nzG)=``ED<6Py)Piq} z7R||Emfw)xN0S_&?o3(rb_Dxx&8ND;s5}+*KWsB_5^v@1;G}AIys|g;e}o-8lvT<> ziR=M~k}0oXTOG=nxbkEv$zPMxx@E3r{Hft7Mn7rkSr2J~_K?c7+Gt?4M309SPYolo-Hm8A@;C zihOFBC;jEs4`nDH8UA1SXWmCs2Wdt|vXXI%Tid)eu=?9^N&+TsCn%HH*c_!hj$c*+ ztJ@|hc`_@Ss06b?cPM(+G(ibtuMlY=^5?siQ1;S9Wd$pr3XdE2D52HGQx%QOKDZyJ zNGdr>2pf>E7-3JY+{4DsP@MX$pJUj_cFa)Xa8m16GnAMB<6#<$vt+jttErV(E@2yv z-vi3A>=idcy4Vha+3YKTW+kR>DNr>m^k)LkLTtj{FabMLi4KSW!&n@YHw$hK4a+5* zi5*;oFKAdfVWoyu5`K*{?`9#+CREYi5ob2sdcbIraHN(M6T*nGoNyub$cl%aPm+HbNlp?GdQ4su=Nvv*x(nrR3)K(0QW8WUT+hS6<55^LBUNolS z^Skn-fY%1P&Froxl?Il#P#Mg|EmX|aPcKyNk-fduVJv+KF#!=x7=&a3HSy{bQxm7Y zl4#(m5&rbF)Px8cV;UXN7|r(*$m4^aDd;5vHwru^@FLJl5$WZPGZ0Aq3(+$LE)lp< z;4y(01?nIfk1voPJx=ijy+q(ffyV@1)WC?13xFpwXCN?B;7ox_1a1^~OyEUN&(?90ZX2KK;&BJ7`dR!P%562UBIF$60lVqpZ^_^k4nW^DxP z@tiV2vn_%ZJ*Rx8snW5urAoX8Xa3Rd-|%*1*#NyEVg7@=^>GYe*DO^m6sWEZ9QXAa zZVA{OfhUN}P9t{WOpGj)jwpx+@%Zm9C;|*S2Pqqa)lPT#^WYX6!pg4&_cfrTixIa6 zJM_}MaRG|jO)hE;?&uWj&SgQAC(MFVWk)QCJx_|!_)nf6{xdF z>k6+r?$4Ahdt*GOXG>Lzr+7@ce|K_3lP1)BNM|+ULlx|&WlHq0-N|bLHK(-RsewPA zq;3u8XxG?1C;UsTQsU*B6aHnu?}4SjZ-Gms%3n*H6yq88YS->jukCO|1h|U|u#>fV z+)K(?xq8Ga$~jH-^ySLG=zmiQ|p~QK2TXjBN>XBa*&8z+@3m@TB zSY1=I*7cnFgx03<=_+ELkbTp#C7;p~nL++`&#WRJL|+9lPxOP1ubx|EjtGO!uzSv6@&cr`oqn$r9BWVL|#Nx9Op z_V&Aoex<#A8{jKkKjWekrebj^R0USHx4Vm;?s3AOzlg>-O4HS{Z?d(vZ&=1krFVMT zuF3xRFx+K=FW zkiEN7=^K&La5^HVNjBy*j5SncjVRXIcCnsJiS%yI-khbiQGRk-*STfBd3w7uy=~Tx ztufi7y=~KXRKmPPQ!#q<RJii z6xd0Q)Sg?NQcHCi!f@M~)Sgna(byQhdbHHCtt_MGk)1>5#;{#XNljW;W^C33mSsN) zQO0DFFqNFe4lsBg45XBX7=5Y_R2d6fr3@WiWzqIinySkRk>U)bSjU6gJ*(&7@B@4q zPqKfOCnYLPQ_D!YS!DsMp6f9tlh{337La-+W-;y_V=t}3qxufEd6m*{yr(7$+HweO z-WH*j>UVQ!IR03foSxH!;g?_Lnx9cdMmthdAs2g0=7-M1P0yE^ngg^AF(l+-7PngI zE(1blSOH4g*Nia-fj%i>XVd~$z?%yV{?G< zMZdKEMZcV^vA^io;7*$?<4%t|U9#P?%fEYlbZgy$VKt<-h-_o0+LV@_or=4qtT9HH zqHYem#uzPf z_{$>6-VLmErV+&piuZHYpAozA?oB!)XUA)AbPepT0zb^&&uZ5wU6W3W=qC|9lA;^` zh+dm{!e3r24RX|MM-gsiVHHZm?d8;BOjAT#*|!LqG9Ag>0&V|&QNU0bVrk!iR7V$C z>@fO}PshL&!GZR^ION& zPVCDU1)-@T0sUrB&$F*86kBNNqW!$aEL`*`L@Z|QaMTuMKgjHB6^B>tS=A0m{ZA(< zNKLmbx+_~QmwY*`@4KJ6==0A^(b}?6L(%Ij&gC87!VIcI?xOddUjYta{1yJlSKo!tvA zN{e~2{94#W$^POcUFxoDrRm<*weQ6tFa&@ zQqcJC>-o2eP+8;jIQ$aVJGf5b>Wb0XC|vVUf$89UI#ZK6&kupYsJNwXwzty}C1|V0 zMVBa-rF+L^%eHaoA#z&Z7F~SS_$-ldFC@HuKkAuj9~aUa@ZM4)w#KFxUDx}_)Q$G`>xcGLKo#^OwG2R;KB%QBdFbm-5Zh@S z0-fH8%ZJO4>ptjqLACDGqhD^tJAy6aFiyK~-UP zcfQ*bmL#{#TKwIWh^APnFFN)i`eFJhftd!MVU=NzvCuTfbbHW*pvgh^1-XMBF;RUl zVzuunN#3UVWzf(Is)pJ^wY*SJ!wL1S+^T1JGgI2SXcuM4!u?$RNq=c_x1`jXH$8Gc zYi+#e2hVZ;daIl&CH|0aI_Gm5E8GY+pF3&%F@I(9 zuKHqXvu!C_PiG>gc#TM|aQudPyXT!bRP1jAD$T!?4lU6RQkpK6&VuOE1j|vJ<@D@4 zR=Zt^)K7!gME0-kN}S^k-XH9nKc`K-!7wcCfJ{c`3R>ZwDA6?dC6o(2lpP%w@(w|wH;!@wkKZRS~-rm`=S9B3d z%a8MAZU<-^@4rkI$rM?(TU|^2GpD=riBeS_%@h3hd|g(DChIOshftaM4-+SRjUy9? zr9qse)876T;q&e7`vGTg(Qu5cbV{FXZ)aJRN{=x+LH!}9yXdGtf8t{Q%!yY1#(&bk z$tpGX(XMf7PNbG-U`@Q2WN6FLCe;UIR^!p2YWV~9b0r2?yRE4%8pV>xc29hP&%aZe zUQmV(yDHas&gb8C*ypb-o<3T8Zl6;=zu6gaA>cK*VK6q{Tdvb&&2%8K50CtCaSXwSK6*?^?U@F+u2V0UE*~U^|1yukTvX7dT4fO z*tYkTXfLgD#}_U4lshYHd439Pm{yJ!U6{41il=Xn*j#@G4{)t*JDQ&COBniI_7>Nu z%isY|{4rtUkmvtsA)p3c#x<+?NFT!_gL8JD_Y*!@YV<$MtE*HR1q zPgo@5|C^<%X@h~Hh83@`)lyxAZJKZdN8L+t(h%< zpIp#cJ_+${7Y9G#!x1x*J)l`{)?F)m`X&F6*Z9iwk~Qg$)*e>X8n|fR-@bfv|b)0*QP#UuNuvB_4VZS^~e0b7ays2-jugO zwe)EGpR8@In>V;h9;B-s`~(fl*EqM=r17|TiKxF7&5U$H8u5u(q(OQ$b{A-?`c@6% zVefGl)!U0?Z~WN@U#WK&$?-@1KiXfY?{`z8+i!}#CO|sXw*2mry z;{cBlSC#q%sa{tTfbco3r`&@s&g*G$P2Jyx$3N;G1S@N`!ef=W0E3m6aoI5j`5oPN zCB`S;;G*NnPvN?TD+=^TTo2+}ic61hy>QVH<;!q|`{fw9U&v{9Q5ITtokeHUmdL(! zJh}aD^?A{wULJ9veobc;L$49h?xjXSLw}2H?+PCLy8EA(wS&BE=eO=!x-WL>zKWeb zr?>Ug)|LK%%HLuuMtfVo+8PvR^!?J4jIfOrll?kSw!P2t*!|}pxomI+@sr6Gj}BV> zQ|%PKxr!QJ&}u2+a_upHljWPs>pgOUwN~!uHPq58R7~yT*(H2HVYF|&{N`S@^+hx# zhw5t8o;BRQ@-l@Cs432#=z5rk?QVbh^23yDTY_DGQO#xh^&j@Ri!`>GsD|i9=Sz08 zZx#>Jm`Xy(or9m`Ds-@3yksbC(HZU68~3TB9(@hXtmL#h(f%U#zcVMb#GKTvX8!_h z(|_=y8dNJ|R=hIV?U7U6`IC6ayAkql`}u20+fZ=w@9TVACJ&C%+M=RkGqbYIyc@cm zCQhukK{yg--vaOCIBn9v)8>liXt`ha^A0YlAN_HMoWr=wPO!<45eU1jn))c)IgArcG+vL=<^+B0tpN5P6WX*|KIZ1QIfZ2f!rTImJVb-qm za*OlgDvUtH2wQ18VeiJfXFkAaTaob*YP%1erNU*F5{B2tAat;3=N>x=LL+p8aJj%; zzN?>yib*dp`*D4PD;E`! zT#G##lwMVq>{I*vBA$=~9VUq&B^*HE(3}qS|L!7PDi!TxJk0(Dnh~0$^tRqRPWro4 z?r+wH&a1uPPhM~GVvEx{XXJ?ubF3btkJy;X*Wk67?#vaXuG4#C(2!R0LRgx*yt7z* z+~xC(v30NVyPX*?cKW@HLfW)9uY`Cka;5DxS4;(u=Xp3^>iPN(fz1`kRbFDhgnPZ7 z`c?hZ5{>N%s8RNna<{j5oi$fHf~QtY3AsPX-8TyNG?ymT%*7r%IgY(t1GT{wUaf5u@(UKb#&RJB^N9AM`)1#_cLXHARaC0sli#^^nwRsN^`GB* zyI3eK*_(neVxZnOn#WDxql#O&=r7hw_GIk%a!?BM&Dc8|TtR|S^69PC?Wx|*AxL6& z59D4QJWZRd4#A61^Kswv0j_}$1q*(JKC?W+QYx$@d0Y~FSw`$P)(Osw72&_OUS~t5Z5|f)Drds zKc;(Md;2LMW<`0+u>m`}uI)Urw~+k4J#G(83EleeM`2j^4jRroJivQA4=4Rs zk~8+I{n?w`eSo|D`h9z8@T>M7kJn!ldsfIFVOajt(BU!#^k}7-Tc~8M+qM}HySaX)}2=Cx6ysFz6xWsAv?2O zTFgdlfbYVrRinGHT}KqV`E3lNsS)>a@2qFPA5nS)9);^?9?8^u^Lp14JnlK9vFrMD6XW!bZm{=!FC`dKVTrf8Vl%tpAy$(N z*|4;GGC#Vwqe_xUH2=1xG+eN30n6k=8K`3zhIjtlpf}?xMZNq4NIm#JiC)s)-VTh$ z($7#_WL!e?R!&4$#Jyb<+Q$b;!QD+^a|tJ7h88HDxEdcGz@Kb(&%Om% zpvl)KdIOpR0xTHuhWPd__@mLLw?4LGt;p*hycKC14KYEc5jl6A_=O4WI3@__8L@VQ!XrWq( z+%!z_!q3rS(^5fo2$)>8fD7kn8KAv!{o#Yu?}VS;P(^JwyJ~t-SXHe*GbI88rgO7{ zs$x9uz0_hHEyJ}dFHt3IIP(yvQ?;03RGH@O^+1*PaaB569NJkzm9~Sm{vN5pTS7Kl zU8}}mtei9ivrxQ_r{1>!`bZ8O7<@<{uZs`p6FoQTQ1o096z;i%p1D$Q>}2FS((E_} zK=<0&0`2mUEfobCpLwh7J2?srV74SS>grv2RbxfYHX>*8!BJe!mD&Lp%~;VD z%1iacTtjLodwry{r#HFkRuQQhk7O^6ypK-;? zogH>^RUg6YOT>Tw!;U_b2KkPblW@E6;hS@UN_0tqwPHrVi;Ov3Y||T#ey#QTC$KvngPoqT5}v^^>bHeA>3mRkAk;FH-&Z z6VcJqBZ9*G@w$HFy8pv0m!Ua;^GM%kL*kD=h+Uys;D8eWP+NHnJCe6l(m2x5k{og4 zdb22+nK!O~d7z_|{(c|=r4%A$-@zk>+WU&}{Eh1e56C{*76fth=+hl7dw7T&*Xs|G zde)MP@Y@bNf~y{v)+|X8=4$2Pl0Guq-sp&8u?r$Bay_-a3e?|$MC2MCdsQQ;TjVbOa8+NP!vFkT&XiB$_v=J!#Hzi3Z2IEZ41ty47q@#Cj)ASMX^Fxu$etO1y(At zV?)jC)&}fKoUnMHh4q<*Pc+Xy4l;TiPO)5ob1K7rLQzs_=0}nZoEetF`&VMa-IgdE zEx85YEcqFT+`t)S>*;yrM<*#T_Uv4Sv zj)jgc?8o06HkP|tuVd!j`Y!D6`t%+Ys?w{P+z%24>o5%%h|HRR`2rUZrii^#aNkMv zV6o`|v<{_Zf(h!aghTKyNeK4?f~K}f7C}t{X}=B8zjMUQiVh`54zvM>&@9j*u#3Pb zfun$w06z^1$T#2sFAMiy1(Hz7aJj%_Jc!7B ziNNKA5O|ZIFA@&LI|*SL=AZDsK}A5{W21262!~=s*Coosw9Rl+NP7^p&phsY_5#>(_Er0`^a{4kM z1Ue#UD>_~(yF`Jb2$8degtuX_kPww`8zJIRM@{_b@lAMG;4y)p3#<`%(kpIG3p_8d zPT)m>R|F=CR)Mtm@vF-TAqa03Fn{_)_Lpi&Y-K)wYCkp`mHlc0S28qj+OIXKV{ z3yKeV1I$h0%?C7F?0ec2a^b)nP&-+GrrBuiB>=~G(#VaB&3;G^1p)+ z;Xf7b^mS3v%(sNzVJIN9LyAC~r^zFVa16$F!re&-M#Y3<(R>Ke1HMHF&3!_M_~!+- z3XBrXxDVm&cv2FgE@TlR9eVbADQ9=!hE$tJ2zr{pe1S6sdIZu}CMjHrz=Z-!1uhY| zRNyj!%EpU&(0|E~VJSOl8kTQV% zd+JRdAvzilAKbi8X}qr-3cu9zvAu4Z>_ZRWTf+ zGEXE#2d5As+$4cs8o%)}7nm<_ra+ItB0{LJSkR9MED^X+V5z_*0+$M0Ca_%K3KhN5 zTH&x>;6{P_fF$V=!f|LWgyYe?P)|q$;e->=qY)xpmcY9Rb6^BRmCWq z7^l(xe-s{O`4MBp-kNa839J;jTi_mnH-KJ} z$ZCNkQ0Z_&(3ynD$veXRd*SXEDB(dvIT%cccy|ycW5`B`cqN1`XpHbq@Dcte3Gc#D z1%%_F>2PZQcO$`Y)!_j`3?%5KfHbj0;8KCh2%)KRL9YgsSQFh&1&nAv9AX z=#v6Z3p_8dPT)m>-YeqfM}e&Z{e)onyP)Yj3ra{Q&>%1qNP^BJycey75KqZcK`#~b zO2SNNju7ELAf$8RkI~JoXy3x4jqpB6lJEj%x*uC92@%0cm=8?}S^<(knF7ZWLSQ=7 zncQ;)-XSng;532K!1+%+{0K|i7~G#e&x5U!%N*GIV0IeW(PfS>R`Dc` z2d`XgF2I+8#-*9#6Z?-=$I!$J-Df8++AKwJpjQ5?yhYsr=zt@VE*8#G;;sCvTgGW9 z9}5z|R+^LPaREhmki4en8=UkrC*b?)>`;sH|Ni7wdy5ig?l>*>|Hlx2$lzPpn zoFA8S0Xi-5pOhA`huf7mr>#gi7Z`c!8~@s{8vnACsnLh={~P}*KEKp~Ijx_~mF!)A z3kaJL<<6a)@5}dpXn9}fDz2*WACvPiC%P=-!|dH3D9 zmLz?XMxRu>*rQEKsCgAO0p|jGo!VI4Rdz&as-Mz2`pN8u))C5b=FZk@rAOzpkG^np zVFz>$+aNOEi*>zSxg$H+)y0Jq@?n2*r~SRGK)xb%=iaTD;!;}fv2VhJS(WkTh31n;7UA;KiPSsyExWw80p4;-AH$VVT617h5|$ChUo?zj3+hyrSQdTda-qjv;B)GZkLOV~q;9xO3Lm)2_-f@CTJZF?KE1urV_dxn$5>HzAHo7* zCirN48w$Sgn=56X6ESmIALf}2+FIzL_&5PsLSyXp>%$}v>3UINA0tI}_xH(={!cRKi?lht;^6=k1=!E7%;f!zRDNUNt*X z^1PkWFXH}XlU4OU(czx4kh{Og-IEID!=0MrE^3ax$GG1z?iacxsX*VnLeej9@dWr- zbg-k(um@2cWE^Ns`d>YH8eiYEmYB?<@$dSmTtMMlDj?=G&9+sMo*- z?-K8 z&4TZ7DaMLut81`p*L2F3rQ(*(Y$;syUwC+%%d)2bHg$9KPV`FZo$Xd}qmqrDK7Y!4 z3TN;;XVB=0>tx)YEe>(mBYGk05ke}xn^G@gdqW&Oyrx|RMV?*1wYKPf3m+>WQ7l#h#A;gi6{xR&86eYw4zDg;%Oj!Hq1f5AnM*%(~Z z1M8c68Rev)3l3L2va>$3D~U3{z@9mO`mTbQm|fFDx5m3}XK|s9uHM|L4WjuBa=+Et z^~}1g7L%@K9hdS}_g$AK$CB=&$bRlnqvu34PM1ub8htJ_FP2VLl@+8+BIAVIQ5UdA z>OImdhhPJMZpERu8a3v(u9Yr)IdjHn+vz0@M%{F$IYa8d`;g?dYY{ofH`S?aFdE-# zG-`HEC%dY?H9_dF(p&d$_oA&V6iUsUFZH6lbh{kVXqKYTNtl~u^WjiA?L~CSl9lFO zb(x>n&*egIb^m^eY*2Dqzj0r`)abEn?y~84^v>ynd9SNJszQ}tj+X8!2*#=32}LGf zHVd*ihIuEs`W2}UCfdC3hG7V*m8r|-XqWnYAlJOwEZA}ULFd+HyNqkrIC~xc!_8Go zXJeWxa$OObf1DUQ0ANl=rbYVU9R&Y_`0D8eF^k$IH9X$gm79y6q)@X0oATwKEhJlbLuv zdt1MIFSb70WoR_Y{WnP~j3_fo3rctOuB?5Ml6i-ey_`a*xah00q$6umu ziGEZQ>A0KWvc!6ZJH`aAN{)E{h~L8=3U|cx^n?*dbrI8DWT<^>PIyU|L|v^mela!! zYzTMQGow;#VA`>0&Z;pyc&sa8Tjug$6~pAF&`zWOV!hCi~Z#jkNOwd zj$WO{UW<0v<)Z4n(L6Y_^>ECBbkFs0ya39@8p6}_XmE|HfHO|p(vO4ZYoHJI( z8(m9MdQzN;bLutmC;Xl;s|)E@zhraVse$A_*d5>L*Gk7x^ndH+xJ~bwe!{7-u1C zT_1tt*4~a0NTa^D;|qC3_4|DsJt@f(3680NLH!)B7^lhQ&hs_3{%P!Q{TzKY3&X0L z`Z*R-sE7L_((dXJ1028LbKchSz@Sqzin6MfqXLc?gxu|BzCn)3J@ZmxOc8Tu6p>BA zaetm|3hsd^a_SL(9@8c}`UOX&!qc*93^xR2!;&3e1Qw@k-Fw7eTpgU^=&fb<-QpO= zf_Li8Y<87ChTSv7F~&RcHtXZ_3LcpyHNBsi{R}>R7|QL@oLP>Rdbfrbr!?U4nk1M= zKO(+PsKf3en3-WH=xF)bJrwcC@_Y#^Y$FjeoAvhTb+>xNGNA0ew{8 z$3=bR%)0VZTGMAUGRvi^Di7LkE9R0`@=UE}FdSg#Xy|QM*q1ms)Usg!NUY z?es9d#pT4+d2G%YhXct}jd5ga5c9?uM|Ag9Ve97{!;Yn6{!RJE{7bkxdSdJ{jiror z)N8S;ipAXSh%p>X*|7I(|1ujJb-QC6oWEl)-R}6f&!=-g@qfo~`B{qE$@)$7=k;~WoZcUxa&SI0TdL5|ni-^M!z^n_)5lLoeN z0cR%0uAiNOgVoRN%($bXN^JsR6C6nhyNabxaJ+#J@P0SJac5{b#6G%z!<-pK6-$pJ zzZp4>+q|e-Bi=!+S}!ar4r*c0x1Q>V*}kRO9H{**$mjE~n5ez>>0?;mYc5`-_G40W z`^fXnk~X8!tlbBbEB7xB{Vj9T+aBL~2Cvh*u1PuiGcThKI9kralI9=#cdTg(Gq(Qc`~)AeKhB8Wp~t-O^X@{RVVvS}BT#x|d& z=Q<+o%Tf?G<8|yy-CH_8yO7&?JgTKGi~<)U`YiTDt|P7xi&rpD%Uks391R{9YbP2! zmi*_JzFI1wn_Lz4S*d9r&=%%O!G`6x{6^{dlG=I5tj&od)fWRPD?Ky+?q4?1Y!`~K zK@lanf$7)kw;*l`C2H_(n8R-5ItF?T6>rW7Xf{iUE^|s0e_LLKO(v_cP3=FWhKhiu zKzVZJ8rMfSm|W^d`#xTG<}`e*ky@%s?~R$1DO}QUIPT5ya;oOHpykW`E5h8rl*wg4v%NR3@!F}s1+8A~Uy%~gqzkoW)83p27;##; za!2v*y#0E~K5d`itRB!2?1NX5ioIOL`9;k;NqeV}Wqp>a--Oc@K(lLlOL;O0A(M+c3#t51LqSxGfer3eJpXwUZnX51RZMOV_4A zZCK5g?y~h?(MO?#n#8Qpg5FyUo=2HGlC;sE56JP&;@h z?7(5@sRQey{j&9FbD*Sg91py9N=~)aXEf=wOQGt->g>smuc(WOxzq6-^-RCrg@=9- z^WKfI#tQbs-ROXJv%B-q*mkoQ^BghS_pQg-<~+yq@_Lqfk7F~UUbx3mrH%hojHBq3 z!XWf@7A^kqUo@ZBJD|gvZ;ny%v_7f+dh&3zeAq$L{GVT6jgO_80s@G@N6pv28I;C~ z)(;71XWtC6bQ_H!8vZ11jvzg#vX)tC#I!_qcBaF^qaBb|&T@?M>N;6J%#*s~CYreC zV!==Sss2lDqRF4nBk};Me?Il^f+qjNG&jh9sy{8UbkOkEN+lsofgqam(#i*r^~%ny z&*$>c(yRKL&-0OqBl#Y1B(f>mVEUYEoU3RMn+*dO)=&$}m#n?8wJ{x6EGe{>Ogg~) zH*9UXNS6gYgwv4{eXooB>o5mO=WTamL1QiWGVD|wQ}V)o8;*nz!ZxJk>^DP}ou4Ca z#vCPmiS-+Ht`)}x_Mua<3ytF}@*sBZ9h@_`eFcOVcp=^*KgPyPnh@t@&?Kc0%~On% zb_hC;)A3TRpl5Qr7vE(=;W5vQg!)Jkkc{Z1obD^72>KIFCrG)1R{8aliUm!tkl`5d zOV103fjmO8v`NrZEa6g$^qHX51XHEUf?m)4Z{cglBtSl=hvKtVxDh{^^&JhG{8g2X zkn;cJkJXPyL;%bhBf;CGjsvwPa5`P8`jfvy`iG#4QRd-NhICQTC7gEgd1y*d;qh;m zB2Xkm?}jGBanf=U=#HNS=}W0MJAkIeXo_$J|H7pl>4^>ooSr1D{!92zg+I01aOqCz z%3u6{7XCD;9gg$Kx}Yl~{u^8v@)bO%t?QruovNf*#2Qa7)jD?)Z_4 zUuQZ0=oVR!h}&>!mUKY`KhNnxsZG#pQH0^r!%_&PBYqUU|6k}-&?F!I!)FMkJVB4+ z3Y;$$R8M`#ktbIlDRQLA?C|3w!`R{H^air&GOI>h*4d6gK0VFaA9fholHm?Zb?$7( z79Cspu0EWFZom?Ud8a;@#>9PDVwI-KyEt(5cJM4ce~ z3d_BOHNtkNRxJ_}@JDio-ZkibiS8mWp74Y)9fF326Ma&WTzXn*hsQK>utE?K;aS2{ zI8$1<`+=0h-wB~Q>IaC{5h8~Mfiz;E<{mCEmJk`DUeNRrh9p4EP*h$*@JU1Zk_n-C zgpPo~nG^vv=Mh5CO9gHhh)i;g@pcV=GWXPsh9HDsOqGo2E&{226Wv1~wR56ly@KJb z0*eWea0yUzJFG4U!LU@&eSqXY5E%O{%9>~h;1o!LYLLBUgosxz=oJE230y1CON@vC zR|!;_M;?fXqLfTOh#odj^r+t>hva@qT?i)R0-&g@3E z^iM-s(*+2MRz&{&1&#!29`K^Cr5ofplRMxLKSF3CSJ1SYqIm$C5tuJy031s=4&QAhgdkKTNFAz8RUY4=7IxBaIXe8TykJB1q41K&>{ruM%W;l5fU5% zS~FW6Ars?~g684i&x;aRO7Vc}1y&ONOMKrP?mr@Z9zdd;98sGKMd%}P#_d8WCxYf? zpz!Bq4NU|TKXyhd8{Xge(2#u zz-6PMmXBbzq;f1Y#C;5hI5 z|9!6>KJ%RAInP<|x%Zy)JOZl)ULeFo^R=LB1=2GUZ!*H;*cQUA5#IM3oi@#F~iPuCEsK6@h$V0sgt726@0A- zK#yQ|h(_<_!w>OZK{^_Cy9n`BjcSI{^F7F@+S|gP??HyY5q*GePO*d-rhG4Qa|G}O z1CaOD>!P=ou`(CdmSyMy)OUcqZvuJW1oFNK9v=i2+UB$~IF5*U4oP7 z5&|s(`63(Pse z3WfXw0$o}_6Rh$KcX5XxM8sl3L@XmjpWHx5B_qWAa+VNHPHR|-A5Vz*xq_Z4@M*%Y zFu@D@nn1rGO<=u?exT$b!ox^78S@2UFI2VgPZro(piN*0f!ze!1?C9M6__t@s6c*j z2sP%K01s-*{e&pVRe>1>ji#gP&`mDfe!d6%v2)ah#*8*z=UJ-ar;Ew|91vUtD zb97-;3J)n%6TnYkYao@dhrpqPhtW3#&G*;e!-}y9{A(~R5F-9Wfu%qy$U;ICY^lIy z0#^~z_+KYHHVDK_!5Kvn{w-GjABlSqG8jYt=!7LAUWGu^E^o>Ug8mw)yoF&%2tlq0 z`kKIcpo=0j2#>!6CIhJ?9SCE!+c~w}e4>xsecSB695cDef|Be}127Z9i zL5PCz6(i8IP~6W=i6J95MNnjkzYhW3iDpccaHyC`7YlqzAYZRkiuDRg#@EuI`ML!+ zRlaTk@^uRe$k)^e=WA*pUsD5X6g#R0ovId$6?j|`_@lsjfeiu!XeLC7Xo{w%0elFs z9Bh?Y)pNOHVG!&40=89u_}OqXtN6*TXJs!q{Hs#dI4mhGndGX}#6KzQUt!EPJj%?T{>Nye(h$ZfIvUMv4~S43B3i(o z@=s!UTZhFc{Y=c*yN#JWxfPaT@)1t*P&n-OoPuGC3RuV49%5#HY;qWt_f2Hwq8UB& zco)$bj@Odx)=wkDS>Mfw781cq9%^bf{VC#kiZwBUE#2%$QIeZszqrlZ+=}uCAuBr^ zT_cb^WsT<9jB-FPyKPE}*)$c=yt6AdvsI~KW|sAm!x&nPG`!J}t}ScooEoFln_2C( zAQw)I8gkuzQ&-U#<1Wmjs*XA zG3GjG)pjRwfH9~H!KpmyXap-aU{)s(P5l0{zCn}&T{}xzeg^90&=yp)KAM$m4mGpk zi$=qwRU_{|De>@Vp4e*JangBf)u^_igu=8~83-RpAR!2%&`9Cl{ARJsIC!D8apY_SUUm`P>4K%a9<&eKL zk=titcW!n=-C%*K4Zdf~A;5t|EIlblad`yjge3$0_6QJVWf#gJzy>5QLI4TS56&aN zP!ZqLv}aRT@-{T>m{gYk!DMsuWeE3fK6<~m6X{FYcJ)QND?XUK%paDj) zqPL@=ax+-@5R;kB-(@ofm4ZV)QkJsO+tJZ}%ve9U8HO?h^_KNCVu2-M?WR}_8JwMI zG2(dFn>~}2G(a}P4hNKpB26x(fh&OX$hJ)+^3>buOgw8N+;e#fPP&72)d6I+6KN@{DR7=5IYoL;k;Zh<)&(LP&YSqp@yX{x7iM277qO znYNIje5S#9@>%VZPem4XWl=(LdCGIdC!eAmydA(o%5xDvy6C_AwB1jjp{`eB$SbnM69x+SGqp2pOJK;n%XbR%y%JWFX5!K>RymR}9) zb!p3I8Wq_6vD^qUo0cOIZgV6PzYdLL1w+DHhKvMHBXq07^ANjS{&1{3jajRWvXso3)Mjqc_&Jj%TBc9>hcsdQ zL{@MPr<2CLf$zXYyBx=YR@!!}*Ur_rm$CM{9qprSTG_a2At(KYX0FMAvb9yQZ#jDV zS1sP_$dRjl+2<&bt7g38xUQh>=$O;aym#0m2ONE{o96Wcjy$;|`{jV67pN`=v8`=C z8-396cyLrE>4?&HrhRwN@eur*A9Az+^gM*Uwn%!&(M867zeA3ZfUbufnSr#w^DH*0 zJ$l&D#k${;-l!XTd~wp$!l@s)zqWqhuFXs=S`9tXFp0v>A(ejxepa%eBaV(rzd6i) z#L?Cd`@fE`IY%7bkk8vk9LvKdCO#f}BkKB?!KLaAIY~|nWPRRqbd)DD7a&l-HgL1D zR?iN<=Q!nhJ@0iKE|Fko!+v`f>E?czwn$0VPp$`LK781)dB{OOY@_0SslgiyiuFhR z_`XrTD|^%VM}OJ2mOh_!rQoBhsszUhiIrrYbsEYZ}1P13FGTUD!T z=U4L_wq4n8&v(tOxH@xL`m*^@AN(%V2WP|`QbV9V_$dSrY^X2Xb~Q3RrY17oQbW4l zTjKp^g7o0ON96b6cai(vfSn}IzaS+=vEsZ@tHqi^;mOrxm!u@Gn701jiPfF_ZYG3v z6=~AmUe33gLTlJGDgDXnsR)|DLmswL+2yvn8ajA1+B)*;8_W6}TE6$$*e$A#Yep@! z4!pW6ZWbO8lvcqtQmb**!x3}2buhNRYBkp`>9MPOVN!y0$LenBLRR+DU8FNfv#c5H zp<|9XD-?ev+WTq>{U7HUmLv_ndLnv4PV=18(EF=P?7|*H#PBSnI%Bmpa!yUkWUn7{ zWCs7eCka9JJ1ulyu^)~(tk{n)t^M43l2iv51g*bV7Xv0uMOnA;vS!A~ZPRlMYjrgt zi2Jv-;)mVKNWx9A>s9&O#lVEm1K>ZfVaeR>KS)RE!HTXj+>&318;jo~f%G7S<5Lnn z51HZURn$-&lyyCZAO5!j^w=Z5-LN^kmr^5J4QpSl+ki(rs?tTyf`j-CqZ0erz7H@| zcCm{eIO6*3$Q#VH6_XX3_0%D`eoFlxtRbxt}l z^2Hu#9}bpNo77{1-fMfsPoJ#qZ1-1TbR!^me48+Zcm|N3!8pM>XM zO)6gOF15XJmChLT5<=YMLZnoxJXR0uk}EXXyn{W$u3ul=Q#h3}UcJYPjro_Rti0M2 zDIXFke-$aU18EOiCySJ$k+M{zoVTa2Sg3rSd9^(fr;5b)c;X0th|*d#Y6dAG9J?oG z24y!2iR2_5IyrQzS(Ec(FtP?VBnWN&Qrn&lefDfG%BxJ^#yaZPe-CVV&cw^M#`Oy-jyZTw^6>Kj|>L=*8eOaIe7~ zfFpgnQNMmQ(C^%Ko?VN%2kN$ASZxypS#R}dTKyS4!CuyUXN}uv(c?T{)EerJc0R|I zB}Kep;Ri0t5;e)zYZ~K8Nr!xHO}i%j$VQ1UeWB+BuqV6ikQa_N4e#$ z+ivQmCF*xIRMS1*+K_XjPVWp|eUXb9y3t>8p6>Mn`|1>qKrZ-UBSK}IO8E;KEdMgf zt-`ALoe2A#0=#R;P6xovI zPa4kV>{oxS=|$~y@3*vr**K?}h!9K;g{^p>iFRdEVByrXsj$WH^)4Ly4En~(JHpaJ zQvIp*yHT}Ty=;W;^K{p!z`+-^69xH|WaFW8dr}x_J!s}Ev$MY!M;h$=H07_B!`jK! zf!Uwe{fzD=WBQ{j8feSGpBgxSJXO&)J9=pQ0xO6zXgget-|OMtf%^z|Hj z*Asc|oll4|j?LCgZpleB+37b2;#{gur*z$j<{I;MHz7=6@ggW$?Ki#&8tL1aq{Oga z^$c`C&t$bPlPY57LArxY7M!cN-(+5_+1WGda3;<$ZlGkdj~B&hCZ@<)!y(9|J?T=TcK^l9;tqvd#U z8urd*UE99xg)Zt2*o~d0iE{_qgIZ`!8GImOw+zd&Hf~MBQrVh|cs_GO-N9RaO*4wZ z&Yj1Jj;KYAg+1helxa)ghM5IQ_h z9}U+I7v8y|dll148a>eAnomstN7`*FftTQ>;P(q~^k78Vu6~E#o4~g4BZU-YFyJ-} zsH3xDRa4G5Y`UsbpPB@DB{D%ar z319&q1|HHM)t}U-1+@$68f3@6{z003o5wCVdg74Li`a`_SvJ0SwR<8vae=Q}LqB(< z`E9in9cEoWcUYU;g{2m^P5*}S>ta>Eo)v%YXlvLUbGYQIy)>fOj?W!-tR#Q<+_BD8 zM)pcBT=$dpxBU2+-r)APeTV_2V8uu~|K+tOsnPD}cpuZO?7a^wd&_XvV3|9>rVCl- z4z%eE%iMa~p++lv_B)|iFjFV67R92!8|0U#)=b^mo0RRk8mjk@CQY2#yX8uOb``R_ z2fHPs7pt&aGMem`yoR0xQNv$HC#TF~dFIqhYBEVhK=q>SIMM{m5Q_?nBuk58Qcch2 z2gJCRdFr|(TcAons=u&EO0gtG*zA~++H2w<)0X}*Q&VAGCdHQMDmF}w;74Js#miCZ zgsB!-tdQ6H-wX_*j3@Dom*p+yQw;e`&J4QcZ-8*awG0qBZaxy+v{1s5Kxva$-_}HK`AV|nfKH2Zg6bUE6@2esjjm3P7 zK2%7V;vSGMx3SkhzNiTGGe(TM?co%5&$`?lkiQ&_7<9{^d!-1StG-~7lmxpLv!k5L z-7vT0mJ$a`a>jDE-f|&;6U*7G8b?c)!QTqC_ocQIm3evouw>UAx$_5yJ7>cKZw3bt ze;IehKzFcZZpq$~UrMz2nX~<^aXHrFOS9-puV;L7!9h(<`VuUnuxk1J7*Z2feF>KRHl%(Ay zH%jEB>9Yd@tZB33bJ&WDj?ON6UhV`p5$=M!KL62uJ5h$6qORLniOD;$IM{O2Klt%s zMp*2Vac{2YE8i2br{ZD^u;ypGxi>li7X2)0tO>NAWm7_6SJ?KmD9&dwbb@jI18I!J zt7FcZyj6{YzU#^)lVb3$Og9*A`Ufs|`=L>FHna8hoBBW{#p3i*XI&CsLUEVmVRWH~ zew2Cmhs5GwzGCdNC#fhLPdq&va`vp6wxRd6g9}iM`Jx!{}pr4N4EkBPPz_ znM@{s`sd$`$H*RP7$c8-pXp03`E6~VLUF!I`Gxs)S@P=@JH(cZk&qaS=(R{jDQr(v-fMa`@Ri=iYU)vw$z*NySIch7oU1M3){bx^$&5WFWQ8tM-TG$Ix3A zec&#O^Q#yKKP%Q%EI*~xSI-4*)^Yv#n9P?9WshBUbnjeP9A5dEmwxdPMavG_QQw_8 z`+*JP3$@j5Vx80ZdY#sTJ{xlPDs$F4(n4&!5(YL*D9ov23u_%&{tKDf+>khbx3z2)7lEKNdk*HZ|FC(7(fdjQ9aqpB6$V z|GN;3`YQEIzqR{W+;@)1;N14QbmgeFV(a;xqcHTH0&~4RAfcKXI-kA$ouidM?BFFX zVc&e`=xTXPOdLzI@BQ}qp`a`|?S+eTxqN?Of;fAKb^hKlyv1nL@>5ao?xiW_Q8MbH z3`XA6YG1nZXFpvx6f3~~Y~S~|k-$7I7T{W-_SfHOgSjI*(rdr74TVlR#HEAzzu-oz zhqlV@BE}nt(f?3aF2WxC9(+jSa__gN4^pAiwL;I$2 zJ{`BibwAe~UQiP+r|K?lzZE3Osq<MxSfNd(dz1d zSW0l=DP1#_P*Ax!uN6!#&}8Ab-CxK0ZV)0}JD^zCf+3CTLT)+6aeEMF>1i-2wWRua zQIE#(d%yKP=$~%Rv7XCt>Y*=R8?82BPSJ6DEYfzt1K<|CF>x*C)iqH!vd-J^!1?MY z1iLwiY(1!ly8Q>4%@yGvBRu?|9&aP(L~E6sT8Y~bKM;OiHwcfyv@r4({cA3|$gLl@ z>9Dzaf=Kc`0)ISEz=bk|4{w~G9zk79g4GaOJ&xv~W|T9Ycd`CrTn%S=bYhC9#PD`p zly0I)%mTvU)POz zgjyreX@LrR66)pf^Dx(FagOBvQtB_r*sooBPRLQ{AJWr|sF~`Kk%C?$I&SX`KUk+d zm|G5Nef>yyMV&v4+fr_;d%4+eouxY zdq>oBJ@*;1eRKqlo}a0A{|+o$eD7WqCNYiNwL zMr$TxMHrb5p~b>AJX4IWc4Gc=vPZ5vx-{*AxzRIdf~_6ctJk4x;aX!pNg|&_>)qd; zJW6lB9JgEG_t8eazckur`04#9@C`?AqF9>g;HKcTTufh*;pjRHq`Bh)u%7(%Rb@9EZDsa!cCmSV)9j>X zE#Qe};eQl-j?TuldNIMDoYNGE9aCrbkZ7IinWvCs81vK}Q-FeorA8;6{o zus*ljipPElLvOjh~Q~v^(6<}F?W*XT~ zYjHmL$t`{L?ESaK>e;RlFj6qHRj!4_TgMvZZ`fCQY+u^cH4o+ibV68w5w0KGI&^RX zTLDW0gXshV_267M6B;YCu_?5;XGJ(wpb6XhNO3jAkHu~u6Ph;!%O%f6yjwtN|Am(E z%=}zClmt1*Wh~}G%LMjEz#~R>=JI1kHuw{hg>Bi9ZIrvRgy?1oZ1TNgqx?KOe9)R8 zf68Y4j@T>6D#5#jCZqfidpK@zLgKW>Ua!gZybryPeL5Z{4<-+6W>lI4vZ4k@EPF0Q zjbxuRIO55mf$}S~yKG+JAIUcT>PTSuufx2+s8x;-w)Hjd1F=;pcN}9CcJp()iRoW( zM6)e!#}8!rAez1Kv7-rF{k!8CHtP?^NX>#l%^%3;2Y<9_`k#)+st*0>NRVA7)B~M$ zN+HBIeX3i+^@RBLUQXCmY$8O(UIR^UH0uSr1!B7(PnSyA4Qm?0?%GiR;)5L~JbazN zLmIlIFNDVp!XDapZ9`9Nu|vy|AVUf5+F=c1M7z-_10x!r!c~Fg0%^)pLd6*eULk5b5|SNW`N9sFcovxdQ0ohAhd0YeGi^npB7(&979LdO{S!Eogp< z5&pERh{E*(Lj;meQ}T}x7$q=PphaLZM{N1%h98t+K4A_%yb$)n7I8u ziRkl$XlAaS*5Cxh*n2RkFB7BR$yFeFdIBtS>z0^iogt#db5Q0&Kz|#Wn z2()1?rSM{ba|rV=U<7?c;3YzA@S-~z6{JC+Ti{>8v>6@&biR?$j}WEO3)(0!LSU4@ zSb-LS$pTXawiaj;I2=e#RZNJ^Ift+xMrH`wpFEb5M}M>(Axd^YU=)NRh2$LwF-mR_ zBK!^^YAhKy98yf)gAo3s1TGM`hAs3P=*i z5~4;df=(8gDzLRco4^hNI}7Y4&@M1XV6MP^9MS&y!h;qEl(Cs+? zg%Bm+GX?>j78jeD|DZ)Lo`ZYl-G;1Rr-x^*ZW_ipv{AeE8idaDr&^!52I0T#_ zdOSKCAu{lzDH`EXgow`%@+`3p^{ZTHpnNH3GjDSS#>~K)Pv>pmbBB`Gg)2sX$|0^aBAa z2+`)p1x-(ghKYFfPB#~nNF|(v{epyu&&~HtMpFp-jKB<(l7{hcLd07vkXG7Mz;%Rh z8wBloN&F}mxI^Ghfo}?|5V)TZqvVL7Zv!c#yM$BF%W+eo&YDYDgr*~$iUJa1K6s4~ z@lO&?L;HVEKhPQeBE&>tqMOWg^lEXlp=m`2(W-?2)vAN28Jym+Vm2_=Le+$skA=_W;;lx{W# z)KUuF6Xv4r2|;sf7$^W4xgb94MED^>6!=C{G5+J}9)OaMB1FI@!rpj*B%Fb^Cv@Uy z1|e=j^jt@RMi5fl3*`3-(EMHjWG0NpK2jDLQUfCs-x0QpS<$nOon zp(2CzK*KzocO-liD`~>{XnR5&Zn!~+0;J*Df@*3GA=-RBVJTKfg#SQI5+dI5k@RB$ zmes=JM`!_~VJ7=h+|s zZWEE!2kB+F3^=;Rz&*}?X@4k;9OUANxrkpi65sF3*8dfRBNpJ23-55&H99#VfX>LC zGcf(p_@sb0(euZIv7(a9q|gzFMoV|dB?Ymq@!>IwKAsud;H<=e+tYB0Wgvzyv4IO_ zJ&U`?DEaZUOTEWK;7C$!pc?*j%4?8bDJtk7CZJ=X3G!^*$T{}5s1-+eX1H_0UYKGdas=L}ni zOs}|FI-a7V?V*egY~0sDE#v&kxqyvZhZ~@AS}oQ&O_k@}Ic!Lxnl2A!u0%CPE?}F9 z>c{?>s3yoWSY4tzWPDJkYM* zTW#3OVYhDX3zg6YX|23|*yaPh17Q$=@wc3$pw)hRcjhYo9q~k6E`PPZI&UT3u)|g} z4}Ck6%3-rU13zVLDt1Ub_aAu$rK{v2c54||VxH<87Qb0ocfY-t2ayn@^*xnu=5n#- z?bKwyl#s-$%+XG@2DhmVOjD{!Is4CSRy#G(g?ILh82^+>@9DMOTc6ZwN~vqyA-39r z0B2zV_LW)!k!VSorQqM#ES3j-vVLoWZaNKxMY^@tB7B`%%lEb2c4U+2`rWS=ZOYNz zbm{`u>UZmI1_VD0-QV{5y=8$1rxayDRb>!*MTB&(1HDKGk>&Kel`IY7`Y%U2@ya}S z_$F*__@%OJW@UzRBtkn#foq9%;N}cA(56PZGM)NesN(2Pu44z|%o=E%{>)uaaTr^e zqN+#C9JYDrM%^uolA5;>n(0@RwFKe?KTJIMt)*1MHd8vNq_+~En%;i5@&g>g=6fK% zbI$RYTEBfOdum<4#u|5ogq?jiB_;moyMNZ-lA8S)HhysQ@Qq5Bqyo8BQcZYH7PdpN zOE$He>rV_WJNkwFc8Bbq=rKJ}T_igiXSSYi{akPro4OLaaJ9Vl+ugG}4W#f{SE+ia za z>^DHrxvOYHo07hb#bv0GF&|v@6W>s%u+LZP`73rvGGsp+n4z|boVdvDeD9ijiGR|t zKH8go`f~mXTbrT23gxg}GSwG`1$1~_y*b6zFcdmACH>&K%WjSPK;I`en zXD^n1y+Io$j?yn9|5bv)Y%dNa<;hyuy@KKlXDd)fHlu@D*H+j1o9liZzquYTMPKdL zT7NE}-wqgj{^YvqDy>%*v#4ZYss`*Q;GxEeu>Ra9Xd(rbNK$h zDf|-x*(x9olZy3w{D18?=OL&6uVWr%$2zH^vS*ia|I&aHHKR zt^U%TJmgDv>u}otmAVgK$vqpLZpRc__`K6v+hlTEEv&B7zx5?*f&5`_D zAGi%k=KbqiUIXdQ#J*?hz!hIan<56nm&Eh%1k`csyZ0t1+Ic7MT~|^|pI+F}K zx01f0*SwOEpJCspzP#74&yt)`&OT1fILEYNzZ~V)F>|j(yNE7rZcWJ7;X0UTJOp;8rQU@T5E>OweI7PF$v06pe>b59W?C*AF7@l#@E*zfojJw1t zubo~Tq3xo$y>%|7-&@y&3;gQbCVZX^<>qxlYyDdtPdR5bAlptzo{hwrREF*9y7K`8 zY)(IF?q?3tm}1+r)ULth*aaQ_PVlAAuBWi;S?XmabqG7tRc#F&w7+##AD1)xF32tp zOba=x^wsq};f}I;#t5;Xdng7W8ix-^3_2OVjqFr+wW`T}3%*OYSD?oDGYko~qKDck zn0Eg;w7t*l;~uItmVYf(T4Q6wcg4ruWns;WjziV{Nc>$E#tc2x5!mNg*i(fHeYUoz z`k8^4p3mkCOYG`Icz?k? z@5(m?$>Aml_j96|*e79L0K}m)figk^V@j z)f4gY6MT-j%TXJ_MaSGbY8w&<-s61yMf7-XI9oLVGfyGp=CwYb84#b&D9>#mmBmfl!f?Pue1 z)kwf&xhkE{x}2*%G2x|sexj@SX*2&lOB~hG1$Sp&e-}_&ow1

Xj%hwBMi>&`tjq zpDTZ_yWlPm{+b~M@#P%nSr*P_HGR~+FjtY-SDhVMmiXQ^qa7@c8sD4yPN*}0Pe^6# zjlSv=5&Lal1qNOq{!!R*fFlRkg2%G*)MyAhEKhx=b5&%(ybDJ-O)niUMi?}72qDF2zegbnJaz8K)50XBpE)K6^iN^HY!ij~GtP}kzO5Wqen9yHMaxKINzzQ&ha`s2X=~mG% zDN(mU^Dzn^S@?wKrN*@_IpvPZoXIC!o%NJEx4pL02ODps52~rvzAK)9orY0I6)TO{ z_RhubV!i{{=B&huh2{kd{aJLcs?`82_|x`V)&_=rz8yx)g3g)h<)($j12HK?96bR; z3MbrS5+$ol`ysE(otPy9Cj=J{0_r7$)vo^UtZH6wtV$T7_SdHM_Y!`O6H3)eGgsRe_n*`FjA4;(NetOk7aHvyE$C#;`;aW(E~OX z>2S;bYL?y^v<3(KR#OYCat9q7p6j>n$gM!^lgE9hC~)I?_x=KDmE9RoF9+z>>r%eC zuFvpfOB?1~4NtrcQ!~0hqjl-7JM-U8FOE61eZ2pz9QZVa&y2UH7w>|f>CnmRDb}0C zX)|Kj?uXT;&Bna_qI)O|{|r->Vo)BA4n*X^?9+$QL^8=(#g{e6$kY2bI1fC0a-=SHY;t^;EF z?Tns_x!+%|mnHj+UeY@E{`?m8I{(ycpe_i%7l0IIv&+ zJs5p?&A7w8%NTMlEDvKW^W=3Y)0nq?GTann-oK|vmd@|VX@2OxOWpfy)DFQ24W_sf z;!4}6kYDYT8?18cki={%$^Z4BNDq-Kjg*WY8wvSCV`lBlRM=cOz}k&cpAB0Q@0Y&m zsA4;|SHe84OYmbKk5Y$KC5={BDNS={FR$=(;^5^`-b2|3kEoGKY9_n%h#HH2{o5nz zNWh@6>SaLtaq8=Ui{sQan5v2k)aRAdCG4*PH7N*hep=0|KJOmNT8>wj;4Z#-YOPGJW2>H2Pw?5EkK#-M(U zezU?eB3b+#_)QUh$*dhiye2O;GqUI{!Nz8bL_jf^C^+>%%*U{VEy3wQ8%0nQJNoOu zNHz-5{V5o4UA6?ru)AqZjqF=644mh>10M63j-G2gmF3@iuJM`~9(R=TYq2xjV;#T^SP`M)v;u{gEB{%}i-! zl!MvUg(MkyY(ZjpG(Cz`P3D)zvsJUz0%n|}mb2tdV$Ya%N7A%}K@%?WJrW2%Mqm^H&Uhc!HIKD&pwOes~zva(W9DK<9lyZCgUY&Y}xB`o2c zXyQHaB${KzrJ2UC2L&&eve>K><^(Drz=z2WA^W(AvA(ju#)Dcj*MA4?q zl$Y2GDTy&H?zaZ1S9sSa>bpGZQg(DwYz$K$SCi$XY+Mx=Ah=~BmH+1tQAMNn4KT9X zkE_jOg&7Y-N3-WYH2cbbg0re&TU#c^u;D+oHJTr+(+_!gYlYQLj-~E7ZfOVKiao=l zoMZ`8VyShuA_m|nfDL{^jn|!{ad*0Z94mQ3wdg(r^#Ul}1^h^OszV$re?m2}_fPk4 zqWgkkE^ij6`w~Asr6jc!wqTS-GYJ{B3W*v%-VV!QZ^{vD2dFEfU%`QHYe`)uR7^F5gfu2X7-K@LXY8>jtvCq6Z^W}^U;pQY*YXO}_tc`&mdrI{j_-u%m?^w{gtN&oSY{Xfz_M0_Lr z`3>A2CYSU!qQh-1>z)9sB6(jXC$L?`*av2QZKOrM#`1P&CMaguHhDWGUg@r5rS;Z$ zHsSNU2=>!wEkoFv6O$}#*K(^d>{R1z4v*^);WGR5{PYAizuszOhh~7`ANV8pWj$YP zlfdr6FiKcCZjzphQhdNJf7mKP{*m3h{1~D%$4ozV0^;TPdtzyvN3o+d=4Q#_(+U+ou%P| zrYXQAb(Q9U_FR zB7-3kIzJacV=z=|_W(UiBAt}?84Q<33R=tHVQIz#;UlC)56~l}t%Al^KL|8RIsh6U zZRwBJS^gy=KrloYBmGCvT8%s+1>?v48W}5f6g2fslQd2mB517u1=5TM=n2v@f(9Ud zAv9coALXxQI7vDxB53qv=_^5N45vu+xt;`A${7?%ftaz0p2+EGQoNwG_{CBuL2Cle zkOn_M&y=QtCcVBAt@2D*M=yDR!E9-Rplv*Sj&$IG@Ojb~f`(j3|EToK1N3}}_MF|X zvB#v02k261Xb9^6euRHu6PcEv182BE+VntzgMs5kaGuNbd@ozGRwE@uanr;?uA*Nl!`jg3jUeGD(l& zLE)vGULmCmx`5LwrGbLhn&f$@I9_;YqjHtBOweO^f;CJY)VCRLBdw0tNjF3UO~Mzs zc?`-?lW@Ic6%RjJ6>gAvfc9J@b%77PSj1n7Fq5=d+92pToPJr_M;i+~7cn^H!{8eq z+ASDpB`B9#QX+BDPZfViU<;f{dPN#7Xsyb2Nb>}3|a7=;x0jd?$XJqXM7@OLHJz;K^FD2;Hz!*fyE*&;$U zew(Dj(hEM}Z;5cNiQbd`DQLW{Li}S=txxI9v{>3_MTdp-%mu*HB9Xq~QF zY9na$O)xko^?4xtyfj77(LDS!X{n&K8oD6ud?5Yj(y0e%*B8?F!b5B0FQq>oplhUN zkc0%9$1}JjWsqdzq8b_ELq8$nlj>-b^o_LHC;X@gw;`>mnRHqDR(Ld!hxEPV-;5RY zOO97sHDk%E)E(^HDs>rKvRZwF{k2;CGc@BNDSODnL$h<+W@KbmHC?NIDzkR4s{U0^ zyr}k++0FIpJo+xwoc*!F9~vwFaQLwUvmJ@-=k;m;yZ1ZZI6nJ@J%s&4Myr}{P`j{E zTm9qK7x(aEW3%i5%${ZUuX<~PI>3)@f6M<8D?hFJv-dw%L)gwe{-fErvuY@7`?h~r z)vH@oqmI3u739wrzA-Jds^%3u6tL2)AXAlbhidTCw)FR&q_%S{M9B;y`!e?dakicVvD`n|C;d8QPM+ph3_amWnL-F{Q% zj50#!B*6@uWG;|lv*;_}f0z7Gz$kQX!VG~cXdyv;2ey2qEYfgfBytc7yoAPor#+rPh83 z0OkNmFgi(2CCL{w*3Q5gQOXpfyV?2@QP5sx=P z8R~x?JZQq9n?n3{fjeZ0k6X|d@&|1sMkpa4zpsjk2Te6x_>Tc9{jt&^guoL8O~aS` z^*|DY^MxSjW~f25e`orEDy6#=Wk8Gwj}f9O>j}GID9{2GBb z2*IZwNCHt`QbuTc%PBvy5TUpp0(W#CyqxB{)G30VXkZ8-+So|g2Azj66*HR%r%p*t zkt{G(__r2Fot5}tdj?0o+Z}Wc73d9FnhA7Kr+A4xcFCH_E0pkSqIb)hSrC*UmLx?+ z7D7}{G9gN&QapsycvcF~M+o6h<2@ck6p+I0gm?}eDrjmF@_(Kl#OO!4h_Ihf;Q=wFf-%jYei0C5E#x&IutvzMzK+ED&fQhUhdV!Xqf5z$C)OvSxP;=m$C; z@%V5C(r}CaM5aD2#hbN9E#m}F$6t|5H#;B$#^+OG=>)+|7h^e zB3@q+j|+$e3Fik)6Y=>?2k~=6d_G@*FJ!<12KC<>Ka^6LPY~F1$X7PX_ZT+h52TEg z$I~@H<`a?qbld4q+S~hiVIcFB}cvT68??5 z6fycsEVYoJ2WUz-fbdUQnk?uNpz^o4|AWs$L6->(0n&OQf)ICC-ehP9UPGu68~j~V zrMxQPfsW6YMkFE4)guUHMO%O<3h!L;h;Jl+2*gWxPpl0QA9Isr@KbnSp!B>cJtfx3 znvFjQN_-X2dOrS#iq3!pBq3!$oyXv>Xc?icFbVQL(U!1WROL3&rbtIkKz)Yyeox!N zI2#EVFOUT0eF1zu1)fL`xfJjuF+eX}MF@JQz`cYzg?zQKGR#11AckwxtBm6TXN0IpJZkY{xL$ zLp0Ws?-F9-I!1^|g9J0|#Z8GY7$^5JoT;ERqbgAt|1@LKxQ`|5M^8D3fQ)Q}5U3L& z1mT?!I8B5iAS+?QyRqRo(RVEnHj4^-hA zLiFAZged6_LbTZ~LBB8XED+zkv>7c-3@6kS`Z0{!DB6Pvs<9JQHE@~&#Duhx5S{Z) zLM%e*YlOiC21oEiX@fQ+L=Bu4^jU$`0xt-x5%{&hT7g#tUL%}`C6}Q2_=kW=Bp^mt znkYy&ARqs#@Zb{+YJisnHNZO|dModQ@SjHUP$MNG{(OPFEfJrZgu;1^f?iKFO1^~< z8NVjt^UjL!W1jmz^-iU|w(y`Ds1+$q>Q4`bc8Y3tN~OE;>oCqcrq&19z>K_g&UVpW^2PxnI#Gur%1Il{*|d>Rq81z z1mbN3I)gF*&6@_83%YTJw1^oJm_qT=6>Z9GtxeU+P%Ku7Kalf7AK*;~Tuku~VEk{Q z9~f4b2vJ2p5h8*gRTVk{uS(1ZZHb0|XF@C_dJtkN9wYoG3x5=vFSF+mLSQT_c{=39 z)Ad755}%2LTQU9@2#==;ks&vTwoMxz)D#EcuZ+UfEASX07Az+Ti!j3pe?Ceu0r63S z_!KVr~5+A>uVbCorTb z+IfA@w3UPW7Yp1g@LNJ;)Wly4j|EaeEQBanGNB6|sUo1YK%2l00=o&c3#89o#3)x_ zKY__;Ix_m1N{HtL%su?6IEoMpOPU!;P~NAoRMW;k*3f*sZxTzc6=Hz_$>&jm_KG$$ z;>_%uL<3I}LVw2BK&24Fi?D@I^ML1sYr_9Wf%O6bk}^eGArb0ncBUU8S^#UmBQ%p4 zH}}-D>XmpmW(!gMSpF)!s^Amq*#NfojB2iW=8S5R z8{dZ&vS*fe4_p5+EV|>JSaQ|pXVq>7dgm2TRrV!L{IG4eBg{IyqGR8UF{tdP6G1E4 z-M5BEu(p?>eWdReY-JfcJ6O-oG@oT;cP^@}l>(XVtSn73*f8Z$b>5O#{v|b@%@1o8 z#rk##HwNV*1m%%#v8Gj7umFNRDVNj~Lq5DKv;_4?Aa`I*zfxNoB%E~Pv2noTD>Ysj zitnf0V7n*1RqLh({r$jI6gW?(+4M>47lA`#2;>s5w>O1GvTq}%>6OZeh=U*d$gCWws;Z%C+-fY6` z17Yc9*WwYz&J_J(o+S zIAiEBgd4$|_@}b;!ju^0N)uM#8e%pTV(RcNcZa5|d_SyIb$TxgCY_MZF4Cp5x3@&b zDCG#>U@&JbLOS|hNx^g(amLV-1qOIy747ojf1s&mYG~SmbYq&uD-mASH6|hhjowY_ zZp!T6!>G&8KFm%dN4gJsE@~ILZu$skLq6BwPvxh!^0Z$let75Ohl7>TBg`g;@b`2E zOE@!L9t%5O!$uj?q88q7td3sHihP*mN30(iWj4L!!>be~xkfcLGw1jsW19l-vVaE( z*4c~K2_If(BcM@_O*xTlRmL>a3>@A4-GGjX^gBiRu3qVBLicV}W90f<26J2#yuBMO z^@;n9)}8fydsK|lI+Crr6Kuw=xp>$p@(S9Pz9r3>ZP`Gx>3bi(Ct>pI2aL0nLD9yv8Zavn%zAk-3qV||jBAh~C3_F-KYkB(6$#Asu8 z=Hk)DG_um<3D5IlPb%cR#Vd|swR1*ChWU6efHzrv+hiy*D$6v&^r=sz^)bxW31;5h zKK?JE$mhb%rUbmO^3H3gh@b1@zen&d^6@_+;y>-uFnUB9AmX-XZM$$oK?+l}2S$&6Kvx$`Yc>Bl3@@kK}0Do^mmU#(Mz&>3vGe${@ zWwrAYBf}8Qn?tH5NLCd5y*aG%;!x<-X?pmi&xqyaEAa8o(!3Y@c&o9jVo0C=5+XO2 zTk(sd{V4d~IHhlZ5H`>>Fp6NuF(*bj8_V)x>@e$npQxu1)gq!!17iB(o&K_q1hzP> zqyFvV-zkpQFq?lvH7Z$x*g}LIyYg^9%Ic0s7;oXOc?mbmD@RgqKzmOm4)nRgR94VLsjsaauQO>a`0645ho+ zEr>B|ddSB=1Y2KeEPs1^yitjcXZ5|n(OBJPh~BH~uuSgr5)BpRbJ zHht&gKP{deqyCIVtaqJY_b^QttnEXYM&(J7w!kOS%6L}b%>J*moA~*CQ>9PrSK?XO zwg1j(r){*hha z?On_bNFIe`RLobrl6Uk;o^0j)Ijg--`U<4CBORsR0q4nngirdHtb8KPA_ZXH`PY}- zpHpA+O25D-{aGukh4sX&`9A60Ug>vwrQaaZd#bq}>F=QV=>fpITE-+ZyDPz*b<&5g zvJz4-p@lRmWtv;7uq&bsN7z6j~z#nZp#mA*-smcK`?oEFSJ42yo!SLQ8O zQ46+eWp{HH>8SCpuTt=>5PS(e_1)ix@3ItTo8QE2n&ZQ_JcU&-gL%SCAHJ!J?{}kp zUVK;h@Xc+heM~|Wev!=N-t)<4VM}J)g!%KJPd+7H`MisC9{K<6laDc#mCZ;qo0^y& ztQT7<=i8lLMtj%G0r0hh-z~UXSZy$^EYUo>%%(kv;={bZu%SNqFVnczLRDhfh8S(pdfryQxN zsK?+uRd~WDpPg-(-Ppox@@$3k%y6PGnX~@w!`BVI#EmIo}Cs zVgs9p@0)GWg%l(d7s*9e3gSJ`R7C;4ACt(en&(&r+5zDR$@EB%W;>1*3F%i=_H)@q;h8<5^6(x3H8U*(g&QwFoW zi5Y93Px{kHZxreO<(2+(pY$U#v=z^9KK{iS+FG$Wp76c9GBN z*m&!@uBWFYGrYZve+_I`fgOqUy%*cwBDsg{vToXJIb8UAM&ZtG-0ZDstnk-?2VHM= zV+EzSJ3Q&*f3h2^Aph+?{?*->aU)&}9QX0R0RAT)iwyJeuIeFP=XiRoa)%BR{0GS!$ zvd6IXaoJ7T{CWnWS8L0^A(9GPoDuw!>Ax zy$^RD?lRnMII^rr79rB%>~I6%9)X()=Ym@cw-fF?xKH7}gZl-}A2&&Q5!N2|55f)j zqO_;a)V8etc#w&WjqhWmZN>a5k*f+?WY5=CO-{=$mKA*nE9;Ddo>?y8mFj?*O^gAgin&H%`K{44CY%}_#a6V2p8OT3Mz^7FuOV#Q zq?`o*V|dvBO)eishO_v&IC5Q&N4?b=oz^DXMqGDOJ42jCr~HP@wU`xD8u}(WJ?bbz zzS8HFLv>!1Q&(YoPu`s9^cNb#>cOs|j;f{Xi+lH)R<-Pu{inef9I1c&e-|d;klXYgZ?)Lou8haABsH*kv4BIe(3?rK&%!q;l zDh$IgfD7or01k-kDkzAEpie)L?EzQhK zb4`sF_5Yo7&$(Xkg8%#b4TtZXZ$Ilj+YM86MwNs5z&XVylv@f~o17ko2E{_fDp@k7 z3w%=m4iBoI(&Pmwetdiw`opDA5T1Z8t%omLc+Vf90an{~Mf#(}`6INbk0(&AbS;GS z!TvsQTznaThvF>d&MHs|e^g*Us#_eRtNkBng_SHN(Qaf5DTe#O4}VL*0R!~G>iZhqw^1wJ`@>v)M9|Ua^@CrAUfF3vIng>ZE-`dY_>R~yW`_#8Jl&z~^S6V1QcLF4u}NQ}U^@Ph;S_zu#`aJU^W4?VdDcaW}z zbjS;m?uPE1b?bumW+uWHC^~o7xSf@7c1Q6u`}is6*a-`ij?TdRq9ok|h3$%ig;iJ& zFM_GS5tTV`b;FOnRe@MCjOuZhL)1)$Qi=;IYi?a(+50tE9jm1A&3F&ID#Xi3Y-cPsS{e5;1dNNqx>M-MrDH&~S~i zyCW)wK^@v^7p!sH030-wgAOhF!tAF^a}<_Nmba2TRES4Mdw0;FvY&eUqTBetg+KL% zttJlemWjgO9Itc4+b^<}Wc;T5k2|`&0ZPa_HjDPf12c7vDI&IL%#^XCr`DT%C-bwn z8tfHlQbwPCn1K^|dz8iH1znUWCW74cs_^9RjItQ*?75HZt*B3lMX$KcXOvi6RL)bu zS}lxb|Bd|WgLM4d@s>pU0lpBa4us86IP6BN55Nf&CiNR&oZUFR42J;Y`l;^5yH;9i z74`u4MD88>N1?m#Ry*-uR9Si|6$$9qDV7Z7b@0SDmSE*jJ9J<@>=EeWR-u02R}!=jDFn?m1m>}Dk9JiFIjph{|z_Z7Wu*!jQ?6R%8RgFVI!qfui(3yW&5*7dBed;VHeVs3Y zEn2PzmyI@mouK18Y_J^bfLl; z!Y3$vmcqd}Tm&D`z+oN7kNn8;tutIL*LR;KL-7Hs+h?g(96)ya0Xl}V_XBhe9mjzl zSsEcIM|*Lw7#R-`g4YfJv>pA4p>xP~5Q6Jy6$EJIL5nMTbkLHBZs7l{hb($@r6JA} zy?n@`ae(9bTn$=u$kI)57JYQc(nC>$E_2i-hkaaaBYNHFo~ zF%yua3ae1JqgbEr!n@*!kPMEf5;#DWgn8J9ZavT{Kyn-kO=o|41M~+8@Dk#H7T92X zp!&?>`r-!0NoZhRLId~YPv&3QYJd-)2cLh|G|7#7@w;WI!VObaPpOzX7TTw&NP(ND zSz8Sb3N)la*AMOd>;J>VRlKRObF`1I&XRG;|N)?{`j&i)XdmD32T&8;KO#%VW`|gVv6Y5C2ts zxH$%`9g)~ov70|QBGKK2d0CF0zd1J1sPK<6!SKJ4E3ZmE)f{2McWJ(~V{vno>80KF z4>zK|;}X+7HjeoezJ<+ogX{4C<@M$$^!B*K&!EK{U7pxc7vUw`G&T>20(Kv1ju`8- z{q8;z*U14`yj7l<54bnW6Ss5{1X#$0)@Pd;C2&PMDiV#TSI|&b)bEXJYyEhs1X@?X!E3_)yG! zxqRe{oRTIcw9A7ORNj`FbXuWr|9*2r3|jnihcJGeEh*ipU7jbilG2B~pvc4+BGAB} zlVKucebO2oV<&5b?qJgJX^fpoz62VgBamT8NeF)^+PZSU3oMC>L{)XJq5S*PtnZ5+ zmK7~{=lC1e(~1`<08B}Jx%Q@YyqVb}r!AUr(3M$(Ma< zo#gxiS&>FCHZC-zV?q*X@5FoN=W(wi!&lZ$4!ElvgTl-7JrIu9BSx|6ypAlT%Yu zv#Wz$`Kt02$y_g0BU~X37iz-Ykk*)eT-u*MSsuVUJyd_-7UW_*(5&&&-nDmEomLnf zPkk*21!}(uzR7SwU*MtQs$^Gm9+dFcgA$#cdYmnA>e0mAQ#o-D*ObMOyGfgxHOTLj z)c|T+?y9gZDEAbx@YPe+jt*gPZm5JAm9&;ON$b8=14sT^uw!c6G)7Lrb@p`#4>xzojoF80pB?0f z9L`uhdUwgSw+mw6%k_3Gs9cBmQ$a2QoThRqgK4bNZ_XVMg ziO^M!9jH)W2j3kT4>nC^^p(FRQL(XUV6vwd7r5_w47n5*OthvD_8P+el_Ylb%J(YxLaCp)$D8j*x%X>?iP2q+7&}C7JHLiw7>rs z7VtFV?o%VDKiup(?QpZk!ic4PLS?175j3mRcEBPi*H#R2C- zx4X4={&3BvKG*)9$^rASf7oRhxzN@A;R+H86Gh-90tM_a(5WN6wRs=ch+jytnwS(T z>1)$`Y*&nL!E`mbkRAjWGJfc_Z>%O~L0|iaYtZ`D-F)mej@F~D>1jr^_zzn@G&^xv zKeZj)485ipEK5X-|7%@W+jlUw+J1}jp2juIswr1R!q>~Y^s$yC*&Q`mAHhYVu0dSr zs8e83P?nQJlaR4)__op4G=X5qw6IieDSS5IVV5abQPqx~DR+L-!%$o0h~ZFcP^w@6 z{;Qx@@jJi`sy8t2Ne&@ayYdU;S0n>4uM13`oonVIR3CiZ9JScj2KV@z!ifE<4->4% zl7&n5JK7?w9RZVDj#*+?>!IY@+u=fwW4Q2br(A6-205Nm^j$GX)yV1p^^CZMNe_cZGh1b zobvt^Yl0#TW$gD3S9C)0Q}sHubw4oE{4g#O-5vs3-1vGDOw-MQ8M@hx-k#9Ngue?M zwl;bvpn&yJu+6_|lEC``Dr%Y(Mifjy+u&bRf7Kd+77hg_q2El>1OLXMaJymfk5-K# z6Ks9<*pnj?&tMfE7$6LzAxfs?-Ze+&~T{|Asb? z3{b?P37e91hEb6Jm?V@WTR8kRGxlKX5KSKp|7*Da2P17N(KwKv01DS{U;XKrWT~+}OCC9`A zxoob4A_%1{o10BxJl~+@a=G2eXJtX-g zn4k~9SRp)*76@w1q%h_i$W?G(P#Cu-f!qYHC(Z$QaC%ob#k&AtOs|JuAUBcwsukP; zX3TK9FG=rK$&H~A_`tCiPIBT;o3RHg^e(Di7_6)Pyj67T`^N6KN>>9dmXiWMEi}t< z6iy`YbZ#Pr1;^Bo520av0e)Hhur+SBJh<6Vi;;d>qA#kvZH+@8+U3Te;+;_@IMkKy z#J_sSdJU#D9$6juKYz3OIHArP2D$S6o?2JJGA%Y#{iQIY5^xq4KQa6bouK?LOuAyY ziB43WrxTN{<1YyJm#85gJ6?TRaIpG&x}fm`<$G1wS*HFGzTk-QF2OQ!8vf@RUE#Pw zXFy@0tsLT&*M%8SnR5#pJkTS8q|-=-@mKu7R_j>x+M zs~#A?_O2jE{j<=(Vu83is_#>V5E6mEJg-0u#sdYc5C%MWW+|>4YEVFrLr|a>4nYCj za$>~?;qX_%&{`}|g(E-^&WeDCR4@>_Qn*F>Z$dn_l(-rM;Z{uj2hA!F6oFw7)DMRs zCwI4EJA6}-ncUySS z1JfXY6fzKyfcXHO5<+z+8sc3RI6j1)Y5fBBWZ=T3{6r{(N^mhQbV`_;)!-2F)Dwrn zf-9Bhgua|vWEhBP4o{|e$Fjl5-=OhQo(BP znxaI1v}Lo^8KtR`JHi;<8jTJlBs%jK9g}O|>Nseu(1ajIf3(Ln89quMA9z+sKfTRRt&1Kl}$`h)m{lO4T1aQqk2c;x<2??ccb*QMx-FZu~=-j$-e zqwOl#R*Bg_sgmMf_Jtj*I37x!G`{Nhq29GP9!jMoUf2NxQRJBlf3bft-h1$Srglrb zIgrNiHnfAcK!OKlz(v9kX+E|J3PGus#J3cLnKMC9>f6NI4tThrV8x+Uw28M%!Vd~v z3x%p`BfVoW1E@xAGQi$u3T=e{MGv9)-}F9lm>dfEvuNm5Js^%f(8!78xUh@l?nr+X z&TwLSDE!j+Q}5}$9dW!LY|Gf~+Zn0$ckY1tT@8das~urE{GLw9GnLMz2I>GlzDu%M z;rurSqgwyuWap^>;tDetoy6el0QwS87XaXD5v&YIZgl>Sh-}s+S2`aCFohs*(*d$; zq)@l!qNf<_1)z|cp$Bj(fCA^W`edDQsUtd23u`3m4Za$;1&k7yC83*5#eT|*j>6Hb zbua?QL)rxR;pg9g8UrD=I~ji1PdI-s03Nu9^b`=lW+YU+EdrKTs;uszSAmEa2??q2 zV??b_#uYk|ef<7zz)>pnfrQ?MZZ0f>b#*7QwbVbk6{@}QnW%JB;*>Onc>7r4iKeKqFf2lLPkWHZCm~r@9$x@-KB|`Hh^#5V> z5Qm>nRA~ERSMRv(j9!T5HUNDw{Ezc@IQ*E>=UUNscZSb^fYSBV<20f6QO}$X@2?^e z{!TNolqwwu`)2S?)@CM@#(PTWM@r~}p|_UO=Qs=JxdI^`Sdhy~AmF+KJ@a&tgnlrk zhvGw?Qs?Exu#>bE*LBWFe@E>T+lpx~VA>PNuqR63$2{?`R^+Fg@lN#6_gazXNOUTd zke^VaU%FHV$9=)@Aq_u;fKTct{9gt?CXQW-4VOES=MQi^Y=(yGdj5;pGwp464y)hMF7hfi!P@|hCy2@-NOG_6wd7&ST99p?z~Qt_`#=qF0(b6e35 zQzO0E-6ysc`2q=frG$JtC1)8~r4~*v;QazbEx^Uk95p&MF4#NnI^!!ubIXA59QYsS z^Pdhs z#=oBNrQkpzd%HyJMs)m?*4*RDni=R4!q1ON+4(}wQ3m2aer`-kACLAGO-*^bedpHZr+C>j9&+V_-&T;4I)q`! z6$@0mMH7x@e+3`+&MWQ(+jkdwmwWR2H>b=NOM)C3_8V+=$lRC?W`C5@$JU+<{^XOC zZ`Ciz;;3k}{fKiY|HwJjTU^YSvk8U!n#1|LE~yP_R#w~4&=?C_B4EokpVuR`k9)fs zu8mGrI5P}6sr=sf)LFhS5Ev6-LIb}{4dq`OmO57V0_13eupyj}tVzA?!(_{u!uMUA z8sg9{M(y&{jou7HR{!{ar+zQ)FObFP`(^6H&P-`J49IkonHJys*HQX2Qd;paQr8pMh%X9-atMyNLPJJ=SspM&8YZ6RW%Xv5`( z$SAT)gMT;7wlsp-BWFCHQE2AbkF8Jm?_Z~-xxs&G|Jbk;UoK{JrW!2wwQyBuU_pD!cR#~8xYHiikyvnMxGfC zqlM2+YZ4Em$uZ@1ucw)MFix@nz>O>%nRQezahCe}a63~awP30o7*Zdu~i#5Ua>Wkv^e zBSZKs_pFy=S>CjvK(sjm9jxpS%KM~d`FC#Do{TYBzxQD5E$ds_G9?nmj%1r>!{e--*-UmDrWlN{C9@Bh@=<1XCpL_fbv$ZZ-zS{+ z&d)w7D$oW`{DSoTEp03xJu*9sjc81g z#9n}9GlZWIpQB)-4Ot8j7#RZs&*g<8UGpe+{-`DA4|RJ|QDdAToL6V$e8b+(Wf}8} zjJ_2LzBDK2OV(@4 zXb~9|fhI4U5z2oSmz&9Up|^!>f)^}uuzUZKAPqkyF?W1Nrgt0cjj=Jpdu8yj+_~-y znOGkoZGxhsATBaGMrh0KkIS7RRzf+>eC?FniS3suVbna~mE0zU13Be@23~abQbh3u zvvPkF#|Cnm@C6%kAHU3WZOg~-cK!Xt;86ZOU7m;7OvxehCxh~)iKSH5nj%Bqt85}j z*7y9Mmb}yLw(h9tptFS!P0hP)rxOl!$TGtAqS~uH!uXQ(yiGk=L6Xx7X9(ORgD0x; zrsXxLm_ypaWhFFkcHWd16{Hx0K^Vtt|DN~0Se4{Bi)};Rv$jDF544RnMhlaZS)21# z+DS6q0T(V4ig$GH#hbU~C9#Q^Ha!$eDjU>^PxEGprA$sLUvxb0Rac29C|`g6H}9ak zB+3a($KCY$?xCT))AhWM?Io#>I5jFt7y>%p%A4dNNd#_-p5*PWmP8S5MnS<4RCXN> zS}$B3qT)AA&yQyBI3_Hx^#L!|A-$3RtV5E;6DrQOf8@8WIBOT=2X&CB0@__#nLp7{ z5=FGb(=cQ%vVML3q4wRU`y{^}E>rPDgRa!dYJu_Cpj zJMa@fwu)cL_EHt0QmDc!Sw}V@< z%P1T6txggp_#R3I8Te11KWy%l=h(psEW&Qk@55$ylca)n7rG2rbZrrZo~Ee7`QQP= zwSJO#BE}4Fx@6Qjclhuxo=c5^b7R7JwrRs}GZnGLAZG3I;a)u@>>%pozTvw=XcTUv z1qsm6lWB;re;PiINf1+`BdGj$?MBRIxke@Q^&4Rblt>`#qM>bo<~kNl>S$B(C;E@r z<4aL+<_NBXTT94st}}TfMijJW5D7Ukc|Hv6t9OoA<3dw+gm_|`!uO9DIsSQeu|iIK z)3adwNC`V2$S|4V8lnSl6nx1FJLW{RFqopqQUhA(1ji9>#|NqS+iw;O=qHirjGGK2 zWI+^Mp)jT=UwyRT;bJ)fzYHss6JR70Pm1fjT|wb0r%=zqTvz*ho?Kw@oXC>mnm~Mz zBP9^WE#SzZj&An%&T)sE&qknzl0vw_r;-1zq_B%hQH<8wjS1s}Clp?{SCk_6s={zM z^BrGR_?dfGvH=ekU-6o~8bY$4Z4+E6g5hzntAW?eDXevYv(jtp3NzqqHgH6_aEL;W z;ujQVz*+c3I4DM!AV8D$6{%44KMPY7>rm}KA^re5iG#aHw-5r@EQ^B})QE#&$bAt6 zHK+&&E6_F^>_Sg*a1LcGhM*a(#X(PW2M0q@{1OP@^fe9^qf0p0j>4Bha17Pr;2b)M zgJz_A3+oz$s@^IbqSOST0}z6I_hpdU6BR8h3`1F}4xVVhB_EAjM3AtBGZRcsLVKUW z2U|Q<^>DvFy8TqG0pp%7E9{{>t3n6f%zX?t1U=a|9J-sGJyrbHgN15Vjm5HSG}6JI z@d3BARUpc?aAa53 zKZ;TfFsF;}8{iw(j#L|4^0;tjq{&93sHCufQ68*&Zoz}h#?J3O>Pcivg0;n?9!sMH zm*6A2`0(kqw?<_dBtl7l4lPM>DGb2p9vL-V>IXtZ}G+D zx@cB$r_mBD!ovjJFkWm!lTMat_%q)XpK0x}`^Ar2MG0D_sz$fg5;6{jz^D(Q}RDO8Dn5IsY2X-U4TsLiuVxWXAMD=YLQ^CAKu^RV} zxy43nqVdtO^cCvSl`)T4J1M3b>54mg5|pRmtxv`TOADr8IaJy2y9^KId3EVrM^0Ik0qitMX8kRw|Z1kx`T| zJ`Lr6$S8ftyeFm_pc{HMF(8BwEG`X}N@&qY{Jm6cB&hU1cb2+6$IJ}to0;P$g!0*k zN_+da%#~G_O6NtkjOwc$JCb>jvK0zukbbOKFlmBI;Mg^6#QIEm7!#A~a=-srZJ(CR zb$=WCF>7cjk2~we4rC=N^KDXAY#YbAnOhK|y7TT9G`nF;FaFBKu_ss_QWnRrj_o8> z1IpIZr(?Ue64W=UOu=62o+%5n*klTS{-ClUQcnYqJLAjNvoSr@Z1X?Lf(EqEjK6uT zES9|(Qhnl2mW8lx027izXole~X{&c$Eh}T$Af_7O<%m?j66Lt)IaGp}YJeFBl6qzC zxckgARHZw6#?8x>5P;%~H02*YC*NSA66OY%pXlF`U_xoR7wf$#+f|dx-(+UdsQ8+4 z4^}d0)P&c|y;x>2!n$%3>wakz)Uinle)!UIvHUQO%gP_JrkO@%tSJ9k8YPr?Bf31s z9LB%4x;#Y6TS%lskVosw-3BKWc==So#t&CdqN%`+B zQF*}vkE5+EfNz9Vz>DLt@=dH0qh{Q^P(F{fZ8WOxYWXdxWkShD}N+r*jGAebJ3lj-NWfR{nPS3tXZP!yy9HZNt8wK z`E4C4nnVqSsI}UPi6&N9AWD!4A9f>7%}c2`D%M?=D&Fx@mR|7=8~y0lyn0L6 zL1E3PtGMUfGOA#CMQm%;R#u!BUCbm!8e@eK%9*VdgQYyEmasyGR|d;=RWz_Z6YD`z zjj#oYjBa3Jsa`DmEHx4)mWhSdM-}r$p9?m?B1NgO%KlZW18tESn3g0XT6ilSo7bYkXOdDQ?m0yV@0 zLIHatzOD*>li@c7elNjqD*UGL@paR8P4+gM4RV~ZBBbKNn2p?2ll6G|+j_t@wu=pe zfT54v!uaHX>Sf&kI|{ZYh|hCw#giChmsj+l>Ni~g-3*hO;v+?eB6u^s`gdj-)()bc zR#ne&0R`6fr;2 zOjmf$7;D~Ptr8`u8&K2J6Fh<^GsUNsPcLQF_&--8@ZHm-wp$Bot|d^BqB+rK+6_!! zU6aS^3pJ;4js}*;`I=kKAlKYZeup2dxy4#os;+Q*_NvcozGAO(qDZ^}i@f>-)aPjU zL&s~xwi}~B5oSW3c18Y2KlwZ~iFP7;v$~J$7gVgE3e!{{TJ6QXUu}DFKH&QYo LP_}l)e^mbmQ)pZ` delta 552925 zcmd?S34D~*)jxhF$po@b79bD^Ss)~2Au~xPnFxU-Fzj2xA}9=#WI_Vj$O3`4a6v6r ztOzJRic7`!twpRzP?@5Fg4HS&N~pC;3$Nmmg4HHe5qT^A&VBZ0w#+1xAPzL$Ri=4EA5`l>*H ziQ^&Qq>jVeTOhy-APOaaM+0(vHVXnMu72ngfvP&_5rXp}FgTykkDeiGJOtXJ7-<4# zoQJ?}L1aP|84&0$?)8U2S9tsu1Ukau>kug5)lCpc=*Iwp1gW-wOAJGPcSt?~LC%nu z1VPS0AgFMqYs?-BL7u{N3WD4MLBS?t-(%-h2yz7Ch}e%b;?S%9aNzu92s(cm+n>AW zoA1sw5G2P9Jp?I0^boA_u}8o`2zCd<@*&t3qc20SfTUOmb_L>!>4-P64uWlQR|y2) zUm#(RKLiVS^e6<&@$5SgEa0WfK!Wi@#OnzVY>T(AL$Ig#qzr=H194YSlKWu?1bYp{ zo635ii+HUjJur^8iT6U;BL}ek2Q&gs+COB{W#|_38zH1OsD1`Q2>tK`+e;v%H+b?W zgvdbTHz5ah0*jZoK!`0~zW^c5@Lmywc!IxTr8yAcg8Tj~A3~hrdMt#vKxmL2JO|GI zE(>MsgwXCVB>_U6VbKK$m7{DQgvvqc(SWPeYh9e7q9EC_W`e@dI(?lw*853&L!1>j;F|Kr{FPun5(I#uE@*;n6oi z<0&R?0gby@whuHi5c!Q;*EQ&%r`Wm&G`84*5!-Qr(2u^u3nid&grkpuh6NEWY`)() z3L01V%QK+q4Zdmw4FwS{Tz%gf0U93R>LL&kbREKb3DT{CbbknUhMbiU-aC-qDzGo# z`XPin!}fU)PVvAd9z?jn@5dVZ9>+#NxEw@&BV3;z58>WI#|a3h_$JgLh%<&WdPL|R z@FIv(S^9a1a0dlR5YZbfdKMyB5WLu?=kV}55aAAf9SafO0-=gdpc4YVJ_HdwB7Mpr z(tnd@h};K}0uuEQ*$qf{0+EJOpum(yh;)US7a-CVO22_f2}FLQysq?zNC9g{K%^}i zk3yszt@#is$L41ta(e-XUv7s;iai+7$It;0M1CW?ez621ZE-XMBE1bl75+7Jz(D%i zcvQ+hZ~@|q={~RYCPeiJ#6`izYY^4fAf6gHumhsJ2+|v6LjsGSmmob?Fi8(X1Welj zLwW=}|8c9}>gzD1FF^W2sRueqpVZ2I2eAF!7w!XD;<#OhX3TvxOCtiufApHm z?qLJg%G)44QTUr@AX>l+uR^pVymkSi-2jO`e;o!81cnEk8bILt9|P(D8PM9F0y3br z4>Z1JmS=|elU)wzxf)!KOO0P$`(J$8V2xjj8~pvUb$ zYT_F30*E)1^g;*mN-dNQJeCim+y!x0u#e=3+n)A~1K9q3qu5QoBp+g@&Ko$8fi#Y` ziObqQ{|v->inlgFtotCI2={?3KL7W?Tkp#fC!rcW?*jA(h-hS+9!B>ietiT+AKhUK zVoOlopUH>OeF_}^eQTf_{iIK8*Nt(sO$M~~XYlu5ah4qe2z>tMH3yD73vr%;cv`^A z^2B409XJpl@FDaNq^AYFRF3r6bMH7ndLBA^2llRkcw4-18RA`lxMKDx@9Is6zj_nf zpS$SQcfyGC&@J*tK!P2JBO*_`;}#@1LvtA)JHO7hsFY-A5Jmm8jN*? z$#=on-huR1fmD8X8H{y>|2_d@?LZt6k#=fm_qdb~V?9KY-#4HDkrN`eLsCD3^vYoE zAxLtDd-g$6_aKtc0W8oRet#5_Ji$NokmM5h`#;wLz2}dMPXMPNu9*G6Bcf;Z5irgf zwl9Hkp5oaxFs^$LrO=-)!#HR7d>)MRI!MoyCTEp^$0)6YWLpqhg8cr!3Lx1T9y|!i zp5RCVBs&0cMD!Z%-}@lhHHbnWCGrIHFL3^M+aMlPq<9;|6NOJCK#He0nFJ{=KordX z-3KZC3(~E@@nh=1Aq=-*e6K;gp#*hoIN=`dx(?&zAo805xF!m3`riSf42O*aseU7% zZ-M)Nw+$4Xhg5Hacw3=|`iNMgd)7c||ARO;`kFtaQhb&m;i?W&dw{f2gLJn+JP}4&ZBg$qV<@D{LF6~yxW4-?NcRB56Jdqy zp{F3dJDfH`x+An-g>()?xN!Xak61|W17r++6*%DepLFA;>$GPeBl{=^!!^iohWQ5} zgU}CGC_f7stFJ0i=MNd(Ve<~iaD@lvK?Z`*k8ZJl4`fi_OXpq&@wP$_^%1Yv$TJ5B zAJPdkZvl&Wn_xmeg7l{`2ewGR*4EwueE)+bezy-M3o)q$88RD_WUNnxjiRU46?tpH;KXi*1 zZh=k$k>B+1^TdL6!oz{vB{JHur?WVs9SBZkOJ$WE*SPeD8_;AMHjd3^g# z$Q}@ofile7B?D4xsnTR%!Y(?1?LVLq`2S-2=d523?t-{0=umEN5#&6!9de%B(NmBf z71aCg0}%mRKu@7L-2)I03+13;Z-P|Ufqvb=?y-G5=zD^v{Xy>n#1&KDo&hfL1$ZX#D50X&Fsq5O{afm~NeM81GK-+^2?$`3(qcW4+7xh(MfpS$3{H*SL5EvF#& zt^|8L*a*4a2I;NB7q3BXFF?92{Qhak?K@!myHftmCCK#-!mAg?F5?+D~|hsQsJJOrU1J;E!2kSE~vTaYJ5`%%bq55!%;K9a+K|Jj+RhL{V` z=OB)Z%#Q^_Z&5Z23~qq9Bh-g7#4Rtob>KA}7~I8~1TYBrg!qHu6Yn5D^(rWka~|@$ z192rVCj;`mfr`tJPf>f+4#W|$A8EwSBd5mSse^oH_iO?o`Qnj;`3LbK#rT2py1{uLO*(i$(jtXgJBO$ z7BDj(CQ~d4bO3_HyHDHW(L*qq;>i&(`57m8@l}}YDL&G{WH|`E`KrKUObMt1kCEUH zQ*1zN33m5|fiT4p=8S+T-Qm6qFy-2L$GCM1rrf$k=*Iv8-~Y9Bpzy#R5Kt6x0qhWm zG;e`;OHmK?5UHT*KzVZ9x|4r&CrtGK#1r8@kj3`*z+0EH|C<0)@oxvZ#J4D;0I?--_tOUHpkF}x z+R*Gkm?og)8JK1RVoT`fdt&ENpF6N0BO(Ilf9a-|*Kb~fX`X_3TENTl#AA=W>j1XD z1BFI?CG-zSKN)J71x808j);zE_w4{B#~x%JKdwFuDigu3#U@5w|_{iUZSA zlRyC?C*+-i>D{4l2Tb=Oh&Pq>Ko{|9Z9I1X|NXD&S3>R4`6Wzu7q^~*=`JuM=q^w| za}#C^$>2bQ3;I3kDVPzz$sXC`VMbn(J!Yc((h`_)2O8)hNKXrTsT^_N^XI;V8LsdW zM#*E~^MB6^d9e&}*W+8yzzjDqGhiQh0x~n^CUlD=l<@@mMwsaglXt>Q2}FM5+4b#7 zFtgVnHcB>p2s3+wU7;|OVsD9iAnpkMHUegP6YrygJcw}7>+dfgftj8I+uyd(j|nhK zb(iNDnh&!)2LAh>c7;;Efms4{YhYGig7l?wH*}Let)1L~N3O#xdk{xNCGEg7Fw0wb z1DjI;{P(|=gl_K7uZLOQ1o5UaUe|0@3C#8%p+x9-m>ub32jYmRprsmNcHe>YPWhb) zFxwNX!Kf&J&wrJKKE8htn?VjDzj^#R%oec!Cd{_Q!3da5@nWFYKoVPj+a4tqi}B68gLsU-+{UIAdZNALo0d}=Gp=O{RexZj8@VJ zb3K767UsG_B}PFGBEOMeH|b!mxA7oW#sya39DLkG%DY1CLyWc_N7XW&o~<=*a*WN83aSMeiM$Kja#C2;yl0FUu2; zJ@&2x#Pg6T9l$ps=l24nH-)`W7TdoU-m_(|?tu9{2A==-ys-1K3r1Z7w?Nz#>?1ki zmY251Ya3yKcR;+QsE2y+?>~E~COy+byc5Qr8Asd1o3&p!HUm5a@w5OeoPENJz<>YO zy9yoXyWa;EIsEGYE=i&V3~eGpHCJ&?`Jhefu~UxGyf zCKte>;^nZ2&<{tLcL)|OiIq^k5*BrbhO4khz!og;28bxM_Y^D=@bpkvB*($)u*e;} zx&;mX;1Wb3@YWhwBH)kMEOPu6o4^q|4#JXux`A6|u*4qN{`SOvq!EW+^`8S|KxlXO_Z}&nDWLolJnKwXODcRcy%la6^&cN|! zU|IhG+ut2y9qVCPpMcmaUhZpzK0{0>ESH1GZ+db)X*n$K1&GVSOV-13Z{f%YST5j% z4=m?Ego^?CCZZ<;;{cID;kE;JByR$5fw)w39~$agke(ZOX9V2QYvB6tsggUFKMP(1 z@uo7W>yfh_fhY<*dll~NYn;r7J0%eL%>Z2E?>}VTaMxEbi~_zN0e5;CD@N}G5k!77 z0M|tH#MXGzWmwT0?2LsK-GgvKzgi9}`V;35!3q}m@BeWZ1N2QqPb3Fcj=BYQz<-!# zWgmd_g;Ec668CGhsu5Ot9r*r-OQjF(fR%j-;!OG5NwBgfIR7QA^Z-N@{&Fa+^cKE9 z1uLDvMIa0DqfWm3!Z{_TEMIFE0YMUTAAcMH0*>`-C?s1R*4|; zn*q2cq9+4j9BmUR6a(PErAlo7OO-vtwLP%P4VXigfO8OJj-JNM9&*qO)w;U0@5s66W55vi`v4p-`p- zu_g4){R;_DMsXy=2KfGmJ<-dwu69GMvZ|`PBB~O9o*pq z(oOF`MIV6lh0=;&=)p}8cLhC@J8~8(+yd_Z zoC==24i!DY|JFf;yCCigI+3$Pgn~zizXTQ;i2SC<*OMLrOV2=hTCjKJ)?Nb(3;g{j zchQI6PoDw{{>4gsBm0I-N0n+;rx-fp%c3ABiq&tB==HuUg7d?FS6s+!VkUlV2r6~hcS3=c4DkXfg9IE8_emhhNxb+TH$v}jg>VSD5 zBJ?h(j%e%;5U8GhQ^MRpsO||?T!ZQ!0rS6}74%X$LcP8}!8!J3K(&B<*essn(0Zu0 z#qTi6Jcw{HK;PK@GH=|v{s(&R2;W_WY8$Na847FszjOg&!yH-(Yiu$4D6F9v^DL}M zsZ%0X4{PL@br#mhfq!mejVlm2vvCcq@dobO32Wqd2=8t2)OJ{dAoRl{yo{0X9*FzO z{x1~P@K_6#pupfQuvS3$P+03Wh$q6l?3!3uOVO~t_aL4sdGH{t^&*HjmGwXu@oH^6 zb)aS>uKzV79blXuYMdc!3)BcOdk6JCN=K`hx$*>rk7bV?l%q_Pe+M zYANP_*CAPsXzfZM2e6&k8`cn9}KK*RkJ1lIrOI*SdXu0o%q@B(a5 zfFNP+iGc$dNaJXm3~24=o*)AkdN%U-{?C9#py51hAoQbkixR)UdjSu<3LCn^)3LDO ze~!S0gYUqG7yY}(JGWrN`^#An;bMTkvHf{Z-1%-*Ee96}M=>@8+I0~;w8exn4jC3x$8dn{}e zu(JR*I>Bwu7z+BY0%4;)?tcG^d*A;;h44Z6THpV|FSK=JYjcySx~{qzYRfDY%{5IX zv!%&IiIt5O=FpplJb#YBytq?0+^4mfX@Ar3!b}uU6ew@p*wAb$uPoE*@*Fc9k?SkV znEO_$<0dzjXWKYIDd>SkQbs9FmgbfQC5c*Q7Jg!gWQP5(VS_ca*=cO+2%?QDl{yYb`Z3)n=uaB30p~KxGc^)I|*z?^OS~EhZl1z zUAZJiy%rc17JEjPvl1-Bri6ngpk9|VHkFdlMzI4MZxcYHcEjghq?Gf(FZ6 zD~($!SZiKuaYU!FUENqO8*EgX)6!B_Q!T5asD+~k3G)aRU_L!Dd5D3QR5mga(3d8Q z30YDQ<w>+SFLxV5zOp>NByLmGxrz+KL=U z1li0+B@~WOLU~PnoixiJh1r@hIm(w_{OV!#@Kh?(&{$t?X_6x6gvM-Zn-n#aGFuud z%*{%zyM|ASN}{|<905&L3bz|AvKa~un?5T{vF6^V-lYm`SXv&>LJV@ zcBo6jEVZT$*zYZ-vX;t9OCz&2u3)^?aKHK$6=9_-EREIc&CS*Ib)p$bkEyB3tToZu zR6bWrd_@tgd)eBGN}Z{y)-1I-6{Z{u{>2laxf|A+YU<6*+17$V%!`wY1~a(@MKR3C z2h_h~?tMTV>Sw}6W7-~25A~%NyQfZzW3E1+K0Z&@n6jpl+E~$G5?R@7BAso#0O^)C z;Uw|at|8svu#K7^3EDKR$Y5v#=ZUwr%`7qGjV)4{uI~#HtxxY(|1xZBMHM$9#n3i2 z)tJib>nd@$a2!)vHFI)VVPvXEC~t0cB#r~Tx(=nAYb6}i7KSs!o>AX1*vzi5Ee*`%C51zo70U}_gPI##>dLVvSD31pxaEaI!pqCbaTX}A zZ>%siHPlo$V>ua3%SYE(|20#`Y82vp{cgX-bKu?#z*DeY60 zT?f_CYSusIUnPY@`OAXes)rKJ>+;5Cw$AGqe>x=Oc5CjT%BHFtPULn(7MqN>1ae^jmC48$EJ0 zW#*>paynM9if3W|Af60pw+b01{^rL^&rBM2XQ|WDZ+o)nDuKGXmw3EE!K0R zwRwRy*V1aDl(PDI+(b3EnwYi-|7d2b#$V0MUOH_QGbF-)DDy_qv_IebM5I4r5Mr?P ziO7I8p=A03Q>mo}$2}C*)YQ}2x^ThN#YJpp07l$G$!<$6&4mpWEi*71#QxS)OK%D* z%ni+R$`yAO#a;Ov@xGzKQdd!2TQSw#Y(|;smS$4AffvS`5=&D94n9j!eZ@wJTG-fV z-dMD;8K-*ABuXx7Eom(_H(8)`uBl{Ad2?}nT^+3h-pVd#>WXD|#WnR@fl_pW)(VQN zETnwxyn4Yd>lPAiX(eXrB;DZEHCIAiYiaR<%q-KiIxdecuCJ{%^BU_~8#w07x^nb{ zWfa%9)HP$gMBY>jSCE<|w7#q}BD>gJQ{Ga84Kdd&>fj{i)UP(pq?_$JdNtJ|UULL< zOCBE9FEH0k!`!%9hcg*lV+E-mTfl_gvKc}3>K4*yQI?@ex{|`q3P_sQ+JK4|G}brQ z=jLhkrYzGEb0e&_G|x4+mbNrB)HmWvPh&gNh#Lh_lnAE<&G>>f)J!!ooA z5~0>otI$(TXm=7zS8!cQyhri!hK&+`Dcv@(tt-)JkCN`N1g3}eGL!7wC~6eCB-brW zs|gpzrdk{@fuHtTAuIX`;?tgZ#P6CPq`aPdBRU8RKMp#s0Z@371LxK$=F0VJ>kZ%xwOV&X`nYv!bJ;rWp2glu%TeD7Fil=fxTjz zl)I$;2~5kixlNYLoK_R2LJjp87gK%RdP>e~vJfS`vXW(Fi}F}mOEdln3buUVf|;gb zoKBi8#Vw8N@tlAjr)dqk^;#zaO_uTooi4l4IiHj_WaT**U@ho!^e!#r=(J8Pl+m=W zp}xLm0iF*ykRn`76k^TJ+?7cgbPkl+=`!fL(?!rTR}qp-qEvUvsIDBn8;+qAuZy&r zY+F?_nWb|SGTU0BlpBsYX=TE8B$>%PcWRlVbtn8N<}L&t)|8_6Q>S5vcVOT8+y3C`q_s z9avD0r+ga)63e&MuOOOef>&BqUD>QCW2(gYqXnlGN}X;Ya_?tbHcFMk9Hg+h*;3oU zOEzOxTaE?ivsv;Yx^rSRpaQPaxPF^Nx9LrZrKzQcwNCFab}hIVR#;kva*J^GBBjmd z+6I_fPxG-wn01?I5}G9vN(7S5o|Nr?#6DaQw3V=?XbZ7^nQ+3M3*6MoE`XKwjii<* zOtlo#Mdmsr-d;EJl`7dA9t_cjVW z0Lv0wmgoe;E?U!yu?NUXu*8zmLI>2+jkUE7$VJt4=0-aeb~WG^F-+qL&Epky;FEi{ zyT~}0{tIcpB+fdxpt!`ew7R*9?UMF9xsF(>%pamdrFwYqj%Auxe8!s)S9RrCL(b%&Bv#73SFu7w7S`R%A8F z9N{K7aVQgZk7tuz2y>BS2D=@D6DrF zZgzn3EQdA|+(QprvJuB< zjUY^DO3A92Uxz-|%eBlcr@AY&0pokQj_XGCgmb zYpJbQEJ{chLPEr;Pt5#e3fPL$0~nAW2(tTgTLSLsOw~%cN^^NL8s<+L_yTL`gK{KW z*fXPg!kszNou*);iOVkdvnD$`RrO8u0R@+V$hmmRPEYK(hdF{W_5`!KsgynNUx2IM zJo@}VDu($Vaxt60BP4q+WzMkFG{EYnO>{=LG)}ctnrTvp1gVsaSUi6&)gw?OL)2%w z*R=^A+L!1whPaAQLMH9k7%Rb5PN<>L(ty*diN?S=hwkT_=rNk9iuIX|G(K}P&9T(2 zZkC?(($fNF<^5c7nj{C+h!Z9(;YGKV#ae{x3X9u%6tio~@!s z3SHaOd4q62V=`A%Fok#FIrGH3)L$|4?otn8R(>#XF!SR1g2Bw1*CvMHX#@WlpY|1c z!Yn+k#b-6!44+fxZP1Q2+yJCs&Wo@ zh9##|u=_Ap2%Qm*=GkFF#bh-0aEt~Hr_c&~Nx_EAb_0P!6eXLekC$i-zx}K%r3qPVbzGY$J$uepa_8lCCj#w2{wps;?qBpczxXDdmDO#+Fa1$T@ zSVRmiSER{|du<_V90^}w;D(8$n6?1k*$Cn(9-DPJWJv{xq=$A}2hy}Eo7i~TSU~l7 z(rj;8sHhkNa}#cjEcis7eeS7j5h7#a`%2t~6I)S6#&?e#k?~o2ovDIdR$0enB`^iT z49E#n=^mj&*|~e=Y$7Ocex4$>B7e`nb3q%6r|>V)$S7VjA(;vITH~WqAs2xGsRPEC1eJ937JivB4`)QHsV_y0+A{tY+NXnPA&LMh^B?K z&E$e&>E;$pDA+e$lr6*2*>W}_Vo}V*np?21ZDOVPKGM9AG~g*dM{8-WuEBm^hi^XN zi90t5vhT4`cO)h*X=aX1M*w?r1z5_Y<=*eW*IU-JCZrNn9VQ7lSn=>0U%KMv6pl{> zdkO)3ivwRR#r9oKkN3ne?ocK7tfH=-etT5`*hI@l+Jes^I0xx`Sk0cviT;Sfk}Rep zG%B`|jg{qj+1gC56{(9(Ca**TJ@GsHvTwIklr`XKwPOaJoI7FYG95GUNZB!i z;EAct-{Boyg_}e6r(|=Oip_ zIVSjqlWjdhJ zX9>10mC*|GR3cTStO4ulKp5M@j!GNbo`@}NN2JYcPsAqXh&2BbVoBqT?Q17Z>5l45 z>5l5h(#0Ao^|MvPxh;F`f|jxw7BjUEtC5h!6NG!6&AnEeqvMJQ5?UJx9Ilc8J7bvE zYjfyZ;Pn;wk^_B9S4J?^)#Lu4iEt@w?dnQ=(Yk4^sS@9&1bl#R7Rs^Ln1Z1W{+*6m zy5WSinCRd^2i@c2GHR+cHv>+HeBN4RuE6EPh;y^fw5Z;c<&c#{StJ{(o7jg)vn?A- zX)=t*gjiUnpU-Jn3!>3RJi)*$pAzXjE$rchEf}6L3hSILOWd8Y41zD*3x({qX|_d0 z0b#dhD-B*er@;Nh@vy6$6xc-K)3C`lnu3HRpxkiU^M&Br#b35H6l8=3AY$*63CTC2f*BcG zz9DtMw%wRI5Ro>h)%1y^eBjIM2)^3Y$Hj(KFvf2%WL=qQUtAdFM@=!BKi)PpR&LaO z%gU_UsE#7yW>rvYZ`sZ{cF!reE`(W%vdtb=P^{d`@>GJq^uztB&8AjSM79Z3&}Cae z1zm8=&TaW7Rq$Hs9F!}IrJ$0M1!1v@l<2@MN_OBCB|CG9@JAS;fSoP-&9dN{?WWm= z?!ZC&O|&>UIonMOO68knJ0Bfvt{s(QTLiNTfrsN>T$~&%=X6@&Pj!U}Q@%=ar{luP zE-SBOh{*s)ZscA|5HbSpa6nl?%mJjcTzZHvSQ6Pnil8hlB?wBoEIr^DZ1v=iLg;Xn zvABibdCg_vvB@9olqj+X1(!YwN2AKqScQZjAX}>)^6l~lJ1Irhz;p5UA3_^bwwN?H z3I!E#<%KxlIo-0AOBj7(#}y@rkWlbzzQ_>hLQxy#H26-|d%k9(fY5^M8eq#L;#zOZ z5m$PS!S!zwzKn!9adoAs&SIfYij{qa^GKcu*lJZ|0r=>Ku%`|D=?V=n-CH)AH<<9J zgZOT}q8aRy1bgjl0%0<bM~2uLXFLlI{Q4;-ZdNF9cL(fSmgN$ z`*48OsZ38~qMXO#fx8_?9#yJZmI26Qh0bH+D3K=zHW8yNSw_MsqeS+|mOlM+$aSE_ zCg}LsQ^-{K!vRUR6F+Uz0~;H*nFyzjr`j3k>1>=7_HB&VgvwzC!dY^Ve@F}`HR4Y3 zG5@uF2E&zMdsD`qayY-NR#Zv8Vh{~2Oov--r{6F+p>|qn};tH zEUIVU+f}^$HVuC@K^Ld#_+t^_4JP{QAv|-!*KAD9t-?!ZGNQSe;Hw)fPg*Sa0P>k% z1N#Or{~L2zJb5WGDN~5yZ>!21@V8aMyFmCBFZ=2U)`0%*isfO0Otm!P`p^DEoqc&# zV9mfcE%0Si{0W8lBPvQNX5Z3VjXyUMl}M6H*awou=Ee#KVvfRE)>w|e1+xYx1dLDj zg$Waw!ubJXnFaF$0{rsu?RM*$`2m+l5#bjv_;W1!Tda)w34tO>`Uw>!bM1_;7;-s6 z6Q#-DM8SS8y(uGO;=8^WDKox#A}4ZFVhiD^iWusgezVE0g4V(ona>Or=|2X+Olvm*|FG+?t`@wP(&ZGpDM zHy;c5OOh?I_LG1w!t98h0S~AZ#KE*4dP8Q2YU< zBx^*Qlci^#-mXR0&IENyJ&v!C`OiT)QrG5*ZC8Tco2Jn3&vqLf6Z>euc6TP$vN8A_WqtS#@af^4RA%DO!ZeTk z+vsPVvnaUEuD!9FRj8~6Q*gU9D@YN}%+WDVYZI~Z=HTxfH9>Zco;jC_(b-!ae4kP| z>w}&N-?S*zTGbSsFhWr~ZnS3QWioM(1|(ZQcp&&vv_b%5a^~6KNmCU>wp4aDHVIp5 z(O1F7aD@Onnd$Y}%!7l<##_JmPw*GR6?~PR+5brB1Z&i=kjjw?4y!uHpvz;<8FNys zZ)b%JAEprCW4bO&j}f08veRzFwl5C(OOT=n9q{ImLc7KuwI*b4utJixo~76E;dps{ z$k0%Q0B?QUu>c%})2C~!V}2e|U}tUfu8{X46y?wb^M8l@C=F?`aq|p$dCZh!8XP{q z3kgZIE!F&%!p^8QZ@-Y?87=v8r^LIEB9X{;(8l%7bAimEK^( z9iP5>f;F27E0FZ@^?hJ}*j!s8gKadyI_9@wm!u)hi;p@QRw&Jal*ooBn_2kL>{RQ4 z*TObQorW(m=}cI)6nma{@=BOWn&^4rMSsmSX;Bf1kI-zkB{C-;SvSGzm!Y|3?_i#0 zg|x(TI+&B!j1!oj5gaxjEZ1C>!bjO`__8zg{9p*E(ELSOO+|sMTzw`pr70NW+pO6y zjZG@RMj(f2zceMyI^=H6&!q)kxA*Nvp@XmF*la zAJMFlW`Dkv;h5&TII+iYLR%@)kxS+YER7!`&Wz7m{5Q)xZG3z=5Qmr$R z!ZV~H%$wPr6&`M@huQYs;tAG&=7%4WCLk)#PQH1VNsfLrAjSH*F?{7{8waf`D#O3i z*b-|ugm1L#3#z^0Id+v^_;`4=veMi*GGy};r{C-0*QIepo#L8TE6l7@{}vu->j3jY zMb-r7@X$0&l)eg2lGbxR23J%OEolm;`99xP6pwvABf_ZcpFB5y+=5hVUQtA-tv#!` zB%;=C;<>Um;_D2B6>PDteG!i-=R#Jwf!VfdbSiUT>1qwL_4^Dz>-$WJM#X5%fg0wM z?^kJ2#Wy2zq}iIU`~Dx&Eh_7tvk~u0`2ojb z)=j|0;J~?vB4xl>2f4h3dHu7+8tc@Kh$YIFWJPq$y0VFB)-S$}7-c_*zmNFAj;K{d z{-~T>cvFRE!Z1aOj65xETzKzSL`QD3?Y-6?Mn_gFr!Wlk=CP3rl|;7V=(Ix5icXE3 zr<^#j)V8e1bY<1Jp_`4Rw!RjYV*SAoxm&3gCu7_sO|X72IkL#kHSP4snGR+TjAmLv zs`dAGM(&ZUnd<`R?6Iyq@@;8Igl`R^#D(`nt}786otM1$VdS*&w!}%QsEg8op~bni zD@%{_UHqc~EA>Ak_{-vh|B)Ltk01kl@FT z_Dn>o_49K>Py6y*J<}D;S3FBk6MnYhH$E78aHpa?M)r95u-#J6q`t69^BB6>vOZcn zY^Bf`oKh?jzH`_E1)?6lF^;`IEI^t)g%76RjaI_mxswlAhpW{JX5dB z=G-0g`LM6l$iNs9H0i0H9W2Neaf@Le}PGl`C#CCm!4 zIB9h{Y)H1HuZ)TQbb`V#XM=9)*!3%Far9Zih8UF}mq)9GWmF`Ns*Y9(37yl54;n zNIa96Y&AR?Gs-ARPt^Gq9}e0QcXy34 ztQLvXH*V)6EWT08Vs}b`xyLS@KteNEU}l!$}(UwwR=!mvUR34Ztp#!1m88b z-Is#BV8x{Pi&8J(S?zP<8&%dnOo{)a#Nyp~p(y^iFolcp*?%+@Rb81Ke@2q$HDZ}=(M^`PYS~tu06eZr@QFLv*?_)*xGQ*#UkI&lhqGi_k8z05N_$i&t z)_P>lLOtJ}ThlTB`Z#osd|UaVPdqw3g%*b7$=|MIYO$bdF7x0M@rINM9V3j_Itpe( zLeY#74OAwnBOmW3^LL{=3Rr()n64+{W5Pl@4sOhxefN#mP@Ie^S^U;53vM!*3Jmfk(soG(6ON zH~vRqE5!-mP+9Rs{CkOFd(%=#EDT7PDIBP9l3X{@(Sg8rlMmt(c1ok0FSdD6!WpeX z7rVUS4q-!hs`cUR2?wQ-E&7*}D;&uD;^Bnl(op6PEq^?iux-1f6AwaJojKg$)w|ln zM}(9I9Yrp?dgu+p3iaIdM73~`$O+Jch;gO~%$+1%!@QZC>}L%wPdqE+;G)dMr<12! zCvHeQCG0{3j&(Sb7&2Dj5sldEiQ%%!vFEi6CS((=PrR2nLUNJcoVQ;}JafCKgA#>t zn2R&pc5SltO758Vq;bd>JJUR7<2*$%G;Mxs%rR*#q>@|=aTBlRynM^-HyJ4wg@ zIpu88TrIA0yDUpntoPNA{a9)MzSQRX$3B*%Fo^Zg9vQn?3Zdj@mJVaWgBQVNBYQ8aY%mnp}lDhy%u+S*fE zgaMt)W_Cy{>`3|bB-`ky#*QB)r0JX_8;GnddfayMyF5%tGsl0tRW!h_+$-9~KPjaA zxl)#@)#u`@_GwdQvUOVL__RPKUd$6C#A`v&a+NVP8*)C@Q1ac%c2LC^hxO0 z+O!lq->TQA9TzqTqQiwd(^90)MD??(vgz(?YsTml>njhZEfdyRt`uiWm&u>q-+mx% zkFbN431sEcvrGmbB;~ZFJt>8hufo@Fr2R!$H$-PHo=JN^I632p>=q{{H;*y-mX5c+ zaw+XTVH%c?u^jw;61P{p@4K}4+r-Gw=Hq6uOoOmQf0vowE*y!71Mbs1(jO4kJAue7 zEG@$mDw|CP9X8ex6;o@J%j65%rf=r zVr%k+^rK3}Y=rU84`ec$la+YB<8+I7oW5%^9N-$(1nG+&J>?AiBV`f znfbBgml(U890M+9gUV8@e|aaq%(7y)O?i4FChz;pt6syXO57%oKWOe=6lloz!STMXvGaI*D_o; z$P@B^Tx`CPMmJw-Te3FY&ZUz@THGe5r)%GqmI+=S=Q>;_8Z))BWkSI^k>!AeR#0I; zuJ%1Ug&b>Pz5^EL#$%HlxWSdWIK^?P6uTO6^3~HF$aAc=Sq@m713%1l;6Qw-7UNK` zQ2VZ3jgVy@Qf`envs5cvBc!-taE9OEfTddDKot_JRMs}L1Fv?MYg42_tTeR}5gxk}$vuAbYZCdfDitB`QKZlF3PO2;#MTS zp|UoYX2pivXtLsCIEyp|^GeeHD@!X)w9?*~?giK|9C$G6tgsizW%zCO?t@wCBvC(4 zY&(~=E=MGC`^;E z{xHl%igJFCCIsH|_l!AL?1*P(<$Pxmec&Z89?p4BT48wN$)h=1XrYF$uBZ_A{+V&i!m3m}|9wi|C8e-bg3F(B@ogA(Z~5~h`d>@ERus^&DJvhkwE zOO-2YRlXEEc{8I1=LT6n@XM8L4kf4XPnVtb%k{S=56+cM%aqSHkv3P@W#k3sJ|*Qd zyn-%Gu34H6d1CFT+#IPt@WkUux#`ky5s~zL<-_|LKKXS!dwoktG}4{9#%8OSx}Ldmx?|@~_-lY1=DjD4O2H|1%BWnGCz~>O*4(nZkEIEYCl;>B zTV_Y(CYRVIxe~rAT(>&DF)zfretn*-+sXM>s>}CiCg* zcO)}EM#P0#^GM$5nPOw`Cr+c@%iES_OXRYYQQylg^78x`_#U0za?{o8!>4cxg(Q_2nvqQA)r0YH|tH##VzY zp%NA7ba)^|UwC9vepM32z0G`Jli?9*53kU2{2sX$1uNtiPFXANw`K7m&cRpy3Y&tH z$z*&40-(-jzmnlL$cN5X+OPQN+ONQz_OSQhWY=Kzz40l9V~5Yb`ss!_Uj?hTU7hOp zx9EGXs#PV0#aI8{6cVah=eO$Zbs@n%O+Q~35*QwO_o`{@PBw)HZ)*wCSNx30^l^;ecfV{n{tpd(e)I+<=C#>Tk6Zue0mC^T5@~$t zyR9Vml@Oz!asJg3pZQlK!+p-Z^c|4U_LQkqk!lYuJmZ*ZUy3o#=zIA1KQdXx^_`=^ z_i*O%UTILXDy+@B46hC%o%8QAMj3}2HTm;rKX~{qUIWSNm-%#;+)yGWdpH zrYc*L_I-P?vB)^nxPUbd$qU<6lMKe_8>-ueVByj!sN%L|)2_E?8pALwoews*QKLca z@c8UwAzjhId;bvzzeJ=MlUWTu2hkaHQ{%hLs4=ScMBY&SNpnM$`dZOlSA%^Bs!RQ@ zJ@9#Ia0FZ6-D3w(SoLTOa!@d4))dt)Uo>4j?b~*$ba0nuuqKyAW=n_v3p+aMJLCO- z*WqtG+R^#bPmq44bNa}tZN^897jGm#9hP?S%HSobA6cWrUpi5gaBj@8@x~P64AxHS zilMarrBed2MyZQc*)+WW?64EzCC2j-CyKsqhq!ldz!a?gz4e`OaI*uA&cFBYR%57f zq|vua6ByDpB};OQ-psA`cs{w#oNPQxlj4&rTeyDq&8Z3>d~NcyyVD*)lsakeT;#pg(h%-fry( z4D}6wK}=h0$Y|9dX4|&uqnU=smTA=SI2#;h!n+p6Fo*G870*m!vPLtX;5D=0v0)k% zZp)oLDtZVEV&@IvV+hcaGklp_Zv~7%q4@mN(Mg4eShe%kV%3j*3a;dLT&xjL7^bRDh=NdWh;^e(-b0Y zMMG>wvSFq|e{E<$}bN7)D&)?taOUn;|0{$Mu zf%n6pgu5RPRjj~ps8IhK!xSw0%3oyKPlz$*Gpredqn3;NavEx3xWIVzyN zmEO<8??C*1ntqo7#L;i$Kf&K$qTe_Xg<_2;KaYOneG)G>ga1ZTY`Fsdo6ah}sEFzM z`^?-h`uFQ)y@csHkN?_s=P839bK;ai?~8x6p4oQzwrG~b-gOn{vv)--DTMyrd;E1O z{xA{$g*Ik)#KdShslq}@QOwtwlLMHzlc;s_TZTWVTA9p0PaMLT`Q$CbAT|3Z(V6zo z3{lL*w+w;4m1TL{-SM{!0lxH)-m|B2#4HH6uH2u)>X=lLav_exnEkPdG3uXTw5m8oX?N0>%*QYE3lKC7XLkQ_L5%8iX5Al#3}enc8l(xi zU8W+23Hc~IM)eQIyg6tXvn$wu(M7fp-BHY$vvXq9en9}|xElZL%TUdb2ARlcbeC(Y zZI{a<)gPef0%rf2tSIK!Kbwp}M$u%xR`JZqpG}Tr7PO8YtR52r(9Ef9XdSI#4wn}B z1qfynnYPBz81%b!BUABksfz3z>oReKW7K4-^IWtGi?V0 zB8LEWB)Mm}PZ2x|wq?Z$s)j_{vc?E393vHe;R=nkiP#Da$+Rs-XC|($aVwJt2hxs3 z|Le?TF0Bg~%IwNm=ogA*8aOh*8ZA?h6q*$9gce{IE*J)8;pLps>NM=v@l5-Qz(n;q zY=Onhr&&12^8RR$&hz*^D?X9Illjx{8*EMt_~&9Lr>{;`1v71V!I5PCxA(}ljrZ`| z#?DvX9tDZeHF!{(@y#oc<#$6hS(Qb%g+H_-{n{YSNFyfUf7(~{=o^q&G4<@72a0^V zRKD3$KR;5iBBNo@4ZkYvz@i5+*GFB8Ag=ScD(CAXBX6izWskuE zBX9V95`06A@LRQhYQ&8}pIk?p|Eld*L;Wu;R^?u1c0Zo_8gpW0WCJtL6dA|tG(|=* zTZiJWLw1!;jAd5-IzEDln;GOciZ%$BNcq7iA)5G2N5vQ>{-P$58F@1^7#}r<4W2Lq zi4iyxl;JlmNSCY#2*7Lu|N6Ny-Jld^_fLgG{J5((4aw<9q6>uVF9WlGHJ$yJQcx3@ z0H9%PKZs>MwFDcO*ueb3oCdn|a94---xig?mgJOW(0}ndL;Q6;wL(=gyK{nznLqvB z(59NhbUj%-jL}r#kCij6*x7&kHZCupJQb!}QNP7xgz)D&2g>t;&48VY*MMfBXGa zF;%{uDqmXa+m6iFaS#1QeP41p^hs<@60cmu4jBf*TgLG%E z1Z17L5`@gW88gV`%e&1=_+ce`F2Wb}FbS4A1;=6A*g z&hPx`w(6?cc%%_};6C6So6QTWGU`!tXFbZwoZ%CEm#6cOC@ z(?reGg*VdTf^NdU6R!ID7T!q9e6>pz7)9&k$Cc!q2x7HyI>XuPIO7m@*ROt#qeAj) z7gX{5HA#NuV)*l+&ka5Z4-Gb^vU`6>&TSWj2Om@AKG`9PCx4H1Q3VRzBhzBeXC9Nd z|7f>%gdPk!5YFm(8qYX_c%u!Xl%_2Z9lzMY=?J3jbLrd@9e&0qtg}<{kNJ?!S7Nb! zi>p-Qf{hUG^Ux6E-BqdsD#rIA8nk!Y3`P}OuczC5;<>BjHtsvF?RQ0h9Zh|>^LUnV zJRW9n^y}EILg3#Wk;Xt{GJ9}G&q;#uXvWtt<@%3J_a0UoA1k_eW6INT?K;^S)j4|5 z{7&%2nyRATP>tI)Nd3^DuNDnEbHz6jx*pm(oIJYFr#qE`p->b^vJ^_#6P zfA=EU+WGv}AJX93Q(O0@{ql{7q?n}tQq8}5ZxB56`>&=C^TD3~e3xH<>Y-BX4a@lB zDPQb8Q#zmAN}jK}b5`k%fXs)A{`E0D{zTE6o%e4&SQS}SjP8W5QauJK(D~5T;!a=R z6r<09$W^`xG%mFGmUbWP=Tka&Z5^B-oO)4uBOX_AV}ahSZCAxhcNOj2>6owaz%iCe zP}SCB)HAK<*%ba>DmL?6WLIdIu{~H}sG!~VIsb&gZ0n!vm~!noj8p7KQ?6|;exhjP zM=yW3iNu`eVm2J9Ut`3EA@wF1dj5yBp&!v$B`1-rr0Nczq}3h1NtTY_r1B2GBy)#4 z$<*PWw4!5B(j6Uxla_UaBrWY2nY6gWAi7B3)USQf_W-cH1Rjqza%WxgifGVfU*qI& zr@eT!LzPOtZF$izVJ-FzUtc;SWc}Ok6`X_#9t{9{5`@_yZt(%a5j0Pt84+FUXht&@ zK@+n7N7{RUHL*1T!<&#m5?Tl#orEgATOf#`1r!tzu%dJXMFqrO0`@M5dK47Fa_tH# z_JX~kg6-PHaxGv1D~jctv%3KjeZT*Eo_`;P$&@o^PT6+KtRsLc0DgUgCk3JhKp+6V zc=iH-*Eb>>U=TneKq|m+fRO;B0I~sO05bvR11!YU3iyEl)>**bJ}}U@t%wzzKkp z0A~Tt1Ka?34Dbx#KY-T&?*W;%}WA|!}I@Z&td zWq>+>e*qo?{0Ff50K?u>8@A{=``lspA)N@G0ZMqU%}0xZayX0!D5~FJ10-_sF-Px? zYYUKDcoH9pPJldo9T$c>o8Z^z@7*+3&g1K$9YydwQg%Yy9QlRy%tL*vwI!(3)klQ( zyJ%UWT4R`=&hk#xLcffA3sCq9Pm8E3=c!e|)qv|vDDv5Jm? zY&=Qw2`kXYNd}U%fbgPe{8l9(^oU@ZP9bT1B8jGFkhB3Yji&LafPgR}me8~%Nt+Ps zX}TXtn-cpeT1I%040GZft$;_=1aO_bOVd=DL_`Bkr;~C^f{iNxerJ-jHF?Rv^k|Z{ zB`+E6v>nlp)-NUH4n!JB!xcA|WH=F%X@xYBb|IF~^c<3QCDzk)0ZF?N2WgtBA$OvN zruUF?Pokct@rauMZW5npI*6pZ5ga(98F4^RuSDL2DP{mo859%pH(ZMDK?KqA3#5Ub zNd<-9@Y4v*7>hql zG%A(+QnmaI6K5qC5FMEiq?S^LA{hekptpr%JQtOUeT1?FFy@TOg#=-V@nVATCB+00 zgfYl_({kKCSWYD;2z;VrIqqUOy)|I-MfBJ=Ja6C=j|Vh4_3C56)ltYGTn1*+FJB+~*xqS`% zc!Ujm&h_qm<9*P8eK=**+`9M@&JN;}NDCTh`a8zkz!02^yvbKKXy`G*efD)4qg2Pj>9ylzULH{5f0LBuUUWxGndU^p$T!Cr8XJ~v6 zV<^chjKSa+nr31Lp-GJ~hG$#{8VAvMAjW0TWEhu1{jb44!0>U3L0qNj2N;9rs!YJp z1miJ=jMiWbHL?X`Fodrqm_COwWQd1dus*&z*?j^x=sGW_pt8UJh+Zc0%YmWJb`I;n)D+5f~q!+YIn3OhZS3{z@>1Lru`w z8uP(X(hg*d(=+qwvjO;SwA>eCaJV;M8UC>dGr)mmwBR_#z`RQ1dK#0R5lUu`O8`yb zhA~uW0LFXZ>Wpz2LFCXhenjBGxwaBxNOzQ`@#P%zyW+j~KWn^5}F6=yYU_g5DaM#!ZIPlV?*Ibb9jq2ks?W za2sQA1#c71PP|)jzU2OVj41>jPVhIfL12ko;=N= z>17u%12QDr8t_e;CeLr6>uI_P<1&KyfiaYrydWK-FG#>A&vW4W;5G(26l0*t^L;B! zd|(>-$Y`2Bozjz$gUVQOFgAR+y-G=sApu#HP!h7&1O5l=0frNWtdUbRuBGuK8vnw$ zjGq65L}aH0OrC~-Nk`X1{Yz<&@Z%0nK=xwDfb4CVMf|2zkK*ydLubZ=vxn z8t#$c!`jl(g9ba6DkfH4$|EHTv7J4{1E}C$~SDzz)K111)eGN#V8qGq92YcuX!9@GhnoG_Y{Mi7P_J_a~C;bA+*=5A) z?Xw8I84Ga*%6dcoXZjfEK~${}KBEGa_x6Fw&E{Tw&6IA`WdvU$xTyRIOq$frgbmzH z&jg03z;Or{nJv>&W2{2?Nje6|O>D>4Tm(trTqdt78YpTfyg(jBI!A*H(cP}<+T1lD z7GW{+*Y_2&1uVEJQqzfxY=`kRk9NqAkD^rkOxW{4Wgw*zxzUk@j!yU0;686NbLChM zA-f)QoRH4AAUzaouC9&vds0~pdYUp+SCbDRoT(?n5h!~Eysl@Vx^O6Cy>A!3rUr=Q z4jZ7#e>F`QACN^KAA^;=AQsAOjn~jL?Vw_W7`dC3 zP;(aQ?$%F3GY0hV9RW9`HF~&F&jj)3B(WHR zU>STtlnL8S1Fn~-ve!UUw6h>eP5%t2h-ei&stSD%mR3BeNYQ1~pgL?xqY^6Vc?Y#_ z$oYq^37Zd3(^8bbI8hI+UOZS^ljYrR$s3jL8DhfdkFxuLg`0bZ@a?TZ4An~df`@L& zi~t+JkB&7kgHFRSgpSuCO%G&Y3Cj_7A)RP2$+?Sr6o|nu(qvEc#9nB^7>^RM_{VcS zzGh~J)c&we(LoRAkB46jJxJq5`x1uoC&S2>L=Wz(RQKCAS&Q!+)WK|@4rV*EsaEg+ z9zG^RIvw-`=0|m+X%U?9h=xM<;pG8qbFGHhtPq~ zex*+kJIDnKsQOwG3rXG@vyrpNK}~-V7zm{eL<1(P9Jw>nblJ;0VViiBgV`Z)p<_ec zgjDi=9g9vbF)>kn4%$vEbnbABrREzD+tF1!0F6qFgU)IK4@&e&&vD{p?xn zVE+dJkl6z^fWmg{lp3Zm>P02z)J4FF1?fbfhtmx~iRr<*D7|Q~24fM@5$Winfs>&% zYCz{8tuqu2o!uW6%a{WTC7Kw+@}Svpe$MivUOKRuc+|(q(S&_e1P@+RP6Ka;^PO+@ zZ0}!*peFZlg_4JzEZ|N~rJJ}M&W#_CPTqf#k;Nkq6Q;-lncp|-guH47@ts)`>eUlx zo!Y@}Ep3+xJbZXr!5b%PzBouvhnC4-SV?tn8N)dC|L^wLy5&mXJWEKrSXv2u%Su}$y{0*S5a z2Z1f7W;Up*yx0R&S4uXsK||$19XnH!IZ_fN(MZruXgcQqA(TmPHjq^U!GOs=*lhsM zmdzrSy`O7kUtv0Y$en1lL3OOp>-%5lIQJnw&rjfVE&H68>?$45!nzy?Ff-s=oyzCD z1or2=)QW(ny2mZct8Im><{&LtWFituSvEwyP|EPUHk4Xu!srpwK!`rq#kH`eOq57l zSlZ)*Wes(;Plv5ajQFxO5_VV4B8*tjuDr0}2FMc~{FPUNMrK9>#n2Qs4cI9(`B z2xnF@GG$l5$2wKep;oUm>c=#}k|CI{B`3AW>it?}Ce=%iPFIy$A2vBmEN2uE_C4!} z<{%l9<<_r-Wh9j5H?UM@1f2e;76dyc5?P<;=Q5fFjQ%awlKw3ge2pNGSTH^aEHE{z zfx)`F2Pk(+HmgC6b-ykrJx1b@9xZ|5co8Lp$XKf}%OT5HV?>rQk5RHM3+QZzY@oA^ zdE2tFgN$vm46@8GVX6Da5OZm?nwoTh^xaA+N?k;x(K{p-}a1O;zuR#U;t9hi95 zeXb~dgfuZ-q1`xkU+cnT(%#Z2+Q?mCb9_A$?!sn?u?brmS&S3B zlA9G2b|R>;jt9Jf^0x0p&?k2yv_$Bo&yW^Kg;Ja??~v^sZX-jrGMLq-+p=`(As^`w zaDdw5q1Mb{3R)OL@tP(5EX_kG;A@>p3rocCGJ@?F8nO~rlNzhH1omJ!Y82gr66zBV zUJ}H-5k0MMa5l_#Szx3aG&W1cvO9NUt@}FrRo`7W^E3Otd0}A}JVCd%`?a)~h5(rsvfVppYzl8z+>aux4WMlTshr# zL~y~>!>eUZ&9acy<<#z~FTHv1IlgQATn`-vQYhehu6>y+_ffrMW9K2ku{z zGw{m7?03EOXP9k_nNl@q@G0+GZfkTCJ~&ua)SYdbonU7;$^X*(?)MK?JeagZ%g`rb zp;l?8-vaZBlN0p+?HuNQ?4IlHi3xEDu^(+>Uo77qyDe!|=m3e{D_Qag?@O`!`P&`5 z;%fF?edVvSdrnMw(d(S4I(qN+IvgF7JoM~V$1m=Nxt;vtu9_FkE%7{jdw1M5>&*OU zkI56}tgu@Zx>UUTP}oS5S0~OCS=go3aPK4*ZnbDl*fBNKBk#@7p+jfAuN*h~HPg!W z!90`H#(cl|R%dstyzz0&C~a>DjW=^fkh%*?G;3q;rVAOvN`$2W>E|qpGhcs6T%$3( zY2JV@a)W2o_DuEnqo0c>>qa(-53h1)oo<%eTt1$$+uLu@rL=ik zfisNeyj!$y-I(Chn`TWrK5U`*&bTr4V?`%tuM0Ak{4?TY|D$1-#lD4chlhs+)UV%!yW;VzN5#&ZL_*Umv~tVjTJFnK*pX{$ur-=&))v zYk$PnlV=jvNlul<4NJBjVYGWpYkF05reEV8Z{0C(`iX^6KSnvNa4QK4&adGf8@8KO z`|SA7-ky)t?6lMNhPfCG*mAjAJNH7ccf9&_+5OfVhmKWGisgAE7@s4`Z%@i`lKiq+ zH@s$pu(jp&rX?+w9`_%28t1D&GV$jH^GMh2{n$IdSM~5nm}~Vjbc%cQjK_rEkpXd~ zWsAmKa_K+U_)=>^&WDg&Uw=F=;GAimi>} zBYZ;FU!~J)_X(RF``o*~VpUxc5uAyAWT&P`B_TQ`A zF;%xe?l4^abpF-)h%NgL)a(At7oVAWcgxP}Y3t)Vu_vs^(;Hh;G(peUB2~2W#hmX| z6FvvToWIs(ZL7xaD~)CI{ifV7@xR?`y7?|=EgNFk-fYnkBHeO#{lNhxT~n;h4{@8! z3X@~E{quOx{J@hFWzmE0u9pp&COUiQKjwH9+nHOhtw>5Yx}f9Vdu-oJ&LMkyZ`GU9 zkBBnSw~sFFIY9gN^K&If$8Stvu~3*=L73S45XDUAJ|0$YIV1wb`RzXH5o(H&Ig=VSQ1cvVc#)U^RaZa-f- z@^;U!tJT(AFaPZJ>ivuE&V5b}wP~6odKhlom^JI%>lw+zYRs8EN2YTxzCY}zXNY{u zvqp@Z)kT&*=V@6#cJ!J9-P9ttna)!4i`(@`CVLY!ZOOq8od$Hf=To7n5!u8Nnl}C3 z3%8HY8oT!7R{0K`Jk#cw1^2->-NL#ru3M*$4e?mc2>EQ8|KEQ;5AL1n<~6?R!sdq` zi=~M{TeVbbwf)Xtc;jzAZsY1J-JiN@HHgcP{_SnKSOE-xM$N6x)6Yn@@p zz{v*pIJrlQ*BxCnE$p?=o5^p!o6WwT7RXJ$emdn$h@t6w&Ru7sWIgEZi=`jF zw>BfE6NgJj`|6u#1wWfpIp%c(Zdu_9qt8dTu%d@$V z)^Fm)aF-E#`D+eq>7Sd}@N{{!?~hHNoO$M(`+oh^7VMXxKXR?_WruoMt9}0#76U9UMkm;Rkjtxjji%tpB1iN zT6#{U|ddj$wxA#hnn@jZb(7Q|R+>efW|DkbU!|!umiEr(G zjrE=S?yg?%q0bJaywV%W52)Am6YYO0dl%fWecJ~8h|K%75tqLQd&uqqUd~WoFe_yC zo@M=s6GOObLydOkRwn5YS~IL176%M$_#CU@_i3kDVpdP9WlcGr{?m&VH@}I$eP3*u zIY`#+(bR<8cb7MRm@OIYG2!a0JhgvHBU_AO@4SE21>H^DwmD<#DOHWLKen?5Ke(ix z=Q25{be31}Y4-42KQES=Yu&g%_WqT5vHVH*;)hEDhd)d8I&=0;cfah?7P}sz-=mse zTKMVr?oqMSaow{QUw6*DpFX(9>#vgh<)*gbU%c!ymdn11^!>lyWR7?;s|{eID`zu~Ab_p}YRd(g9n-0!1(JOYP2{QA;Ay;U^vQs2+KRi#e_hnC3_wViS&o>+Q zo~F}34V&t2U%-6T@-xe|Gb>L2NZvCiJ9eo4$rYBP&OPs`douLF9PRV(E`C$f7P9;| zP70A2jGi~NF)H4puDayb(vwF&q;%2o_nJ7xCSi?3!iHBZk4-X@g{Srjv`RgmFzX`H zcI)TYU8-MUHS)-WrFt$FyxB8{9!c3;;!2Tv5#{#<@wMG|LP zO4H|>mt!{ciuoQoZEokEYfqam_WS6c9Ky@}?Xr6N=rKOseztr{cp%u)^02Wy{E5kG z&5@(;^JAx+>*h3kl=x<9XV$CQ2j?~In>YL>YL;nxSE;|%&S+gXC2h^L`&ZSk6_&|1 z4AZ|m&sFz`_0AztCnhbQ(s)}uey@vnw@HI^YS2^LJZE>8Pn&lJq>CL#oT~{RCopYx znb<8rFydv@vI8%Ul&eN2w}u(=M;d>Bdr9ZcF`FJ2Pd|A&s8c}D99;o#^c#)44h`FH z^&P%DC4S4Cd-GnOIR5MO^OOO3N7v4&{@T_P8D&mI`zQ+fYO|ahe>e%W4X>6j)z!OV94eY!A=fe-(-{*chb!`6J z)8EpfbC>MB5c^@=zC(9^NE2-vC(n9pws4Zxh*?ip#1}3ZG+LT9V4tWk_ST~CN6d>) zcBmh!WzRSgnk3tzQ@S;G+F`P(JNP<9M?{SGmvGW9BiYhV|g(cw0|hHZ?xy*_=ab`{e8!a?<$6!O|NOV`JV{ zZTi8vF}25?Guk`*40|7G-tr=`@~+@Z8gr)alm1svICSlH;oL(nkK%s? zGm@7r`K~p*o=A{%yXx(8?eq5=vThSjZ8vc~JGgXsMO;9)4H1&gGj1F&Il6l75}jN6 zW3^9AH+8-}XrJgMLT-h zqs3A)-q>5``qYNsKjLj4DLuUPmFg=4SO}%EbPFQmA!_J(2w+DxRo;NsqhkgBvO){hUpF1i-O1>ApU3})otC|5~ zJNvX-Ep{%tlL{H}6Jry`y$#Y@`E}8-8_#ZzV(T9s^=Y0>V!6t(rWCe*Y2)ej0}6cK z7{lh2c6U9;ef}9+Im4^J$`Rkg3v?z#*|pr|of;lh zvps&<&YCELSACYq9=LT+8o0Jw;Wtsyse;K3SEu;3rd+j%@;DwbVfwTETckbgPiI6w z3e9_=o5JVpT5r8))We_7voq2x)VMrp@!p5k!70}sWe(hRL1g;y>+vCy#RE-bjO#T= zp6weseZ=~Q!M_Lj1o67~-MX^x=$5MuIY(xteBUKVTO2aR_eApZlIyb4p{_9|6He{Q zO78n*v8Gn;0No)kvpeOq44oFen{!zrsd>7u?+EF2uUWhG8Fs9SCuTmYR_t4MP&Kq{ z^wk;So?~Wg7j+3UGiJ1O&gop4pr81lXVFW?Nj^u8*#vt%@t#)}HtA~Afr}ol7Y_@| zre83v|5A7U=xH6swe#CvmG_!kATusL7IE|PqkFa8@9}Oqoc2~3-nH=DRQGR-BOEL1 z4-6{(>T~3C;BTW_AJzol?d)WUPB{E{p`ZPuP}@d-c}Zf?f8QI|?7uoFWy`6$Er$ie z)K2c#7{Pv)8hM=`uuNf9 z#xq&uwINKDef;blkMXA$uj}&I#dUQ_$Qbn(X3fvEWA26jS9s^1`L#(&SI12EyOLIE z*okfC^z-cXrL$IBwtgA#(dx6+c#nVFyKE_9Ua9Gyl;5DRO6yC)C!7ALMya?n6^B5}HJ}q2f&dLG^AiYRbe58w4R}aa`{Ib!T&CVi}009WNFjPt&p{VjMtmln;YXD1iaR}zCQ>_JD z81N*=etGChd=`w@SE{qv4B%;?p>9q{cYwxQs^-$VWhAXmz??3bb{k1+wryaa zNYdKGJzAbl(y-D!DRaz(w2ZOo)B-v=1v_(LS2%p<7N#TQOV`?D@O5Og;&Dtrv&AFW_%5^JQZ*lS5e{6P}ny2RKRDa zkP7)&p~9;t?3)|k4R+Zb8K8%%e|z)Uxnu@)AlAWK7x4KYpCN!)ANL?gNc|;kmY^fQ z1ttX`&(Z|nPFk3c+Y}!yy5zjU$^w5D;)tU)7&(ZMY|xpz5vH8-z$omoer_RTTN}Vu z0BW<|RLDF9`HzN)<+Ve6+5=cod+QKm{Qy^40?hxw(KcCN1q*c4(|e^iRk6|~>B$n~ z@KA|yA3RcR9HH03s5a6X9d~yR(1DZU{2Npg_4|GVtm0q&QO)XioQjrzgNDVIxYK)p zmNdqR;sP5~lLH%wKz@2)gPK)-gJdcE}y`+{Uwp*el z!eZMZtCDDmsJL^HHDH@!yCMs~cH8X9GTUxrZM7rK6IM|$A;N2B@pvOxj@WCPhaZF45G zaoDD@)rmA=UJ}uuYV^3}V0lE7wuVcQu!PsBYVKMjDscnH+>2bc8%xb$_*-YM2JEGF zUF)*Cx>=-_FR}Tq)|%g-&d^D8TkE=-q$HS*N_1Q8zP4RnnCQMbUm|l^CHk)Rb&{km zQKMN~gYR*)IZXRTT|`r)R-aJ9LbLgxhE}WUudE>cH^!7{riLftS}a72W(LFb1Y>P* zOJ|XueREwNY-wAVXIo4oU7yw`KOl?#p`g<~A~U#!?9G^LIyO|IeQO-BIh_ zTFr1##*Xs%LCd9bHwXU@H|OLTh3Q$kiI}ab9x%hzDpQ>^tE=D}!z9$y`~+iFBuorR zTdepDPd&$vFdq>}?vP|zG06VB`h`)83jbRS!*k^e!8XDQ<|IrQo)-f-j&<2Bb<19~ z&sA~AbDa8TN!N=N)QdILiw)EZx0%IU76kPo`(G9F|Fd44=*FWOZu0+VINO&phhlA! z%Q8ps%?W&S2H%9e3xi-@#qnt+(IjNJ6uYiF*(_o$ki3*kmKZ0x7Q3yZeh*G`D|V-U z7bm(GyTI?x-&voMB=-`v-T0nicK7SFntfp+(Pit4AoFhw#~5%Us>O=H`_!TTtO;td zlo5Im;HxXl*;o<1Uc!ZyTua+jb+JMfwkEbEX??ra5=*>QMK7rWl1`t zJHFn4lo8m%&y@Ae2yD^F{0RGH)l`_x`V5s;=2%waNicNKX^VJ4LUfCU(wnCi^`?$_8JUC7X-sFVtcd=KkTf!@jp+zFWm|m+T$)`@a?Gn znSB;&7N@n=R5<4f97Ro)vsOP2zkJGT`gr!J16$qe3|Rl_4fIKTWTIp0p}nS4wBZNK zUqRRQoUWQ&Xw7-GCE-U#zk8gKg;1L!eyKh>$#^;jF6wT~-VavaMYo{h0I(~FvC$B!I zb5?9$a(MDy=DwZlcibs9Fz!z4SJwR{Pm;NwCsv`^=|A4^?v05~+Tg<3ZC8R4CH?kVQpPXD<57xZ)9y41NNKUszH>!PZ^T`!9*_x~QKd&YIkeqYCvzb|YO%_j;% z-Z#h&=&N3-5==j0uYFLBRkGY7?Zwr%FU7xPXE%1M3@;qLc)W`9qm{PP&c)sM5Mk8w z!6dVOjUPu1Yt7ixHQ#S+Bgv&0i)I z&6(+Ne#q;0OBp@7`*#|DwGdcu?%(r% zpO+378jjxW`gFEtbkmyDh7G$)-{d)u+~U~vpR;rNc>YWqxYCEaf#q+d`=Jr+Jsxe7NX8Cf^lY2cb2w1r>ZqxVK#imCduRY^_ z*UP3Y=Fd#8N6dg5`m{gq7Jl#=AN z)nNxV&5y4%_;mD!^jf!JAfE~}Bjo8Cs4Et|7@s!-G?d;@mLf6;n%g(ldWGRWNa%dPl_?GPvH|A z#w~ckeK>dKm4dNf)}H8h=fb)CF}lgGH?KQt|IKyZMAetsH@DAQoO7sUM^^{mX332s zf%-cq_%xh^(D99}QXY`}&#CulH5%^;{mu?Cm-HqwHykZ8!1C zu;VV17L8u=dH>Hrt42r<+XSrtt`_@_*DJmIM!P8&Pd@u}zO<|~O(w1>Sh#=ktAXL$ z#_l=y-lLoA>xdc0V}3_(YQ8bXl>cAn?~l@*%_{oOJGJ-4$)5y+slws%)NMOk+ZgES zcQX0?+ZYvo^VQR1u~pSHG_|z(Is)C_hDN`Ire@}(M26G!@ayUO8x9jgBV#L(g(d!t z?U35=8_d~a9=6~k?(U6KV;Wn9@Ej7z$^g@jcJ>YoIPlX@8>W7dBuE&bs)uz2x_ljV z4p)b#4OWeeO$^PdB~5aqq-B|_Di8g8~C z5a7*`)WIVkC-9yQIW2-8nGk}kwbx-yJb*$T;2Q%m1Q6n|AkLD@B1v~3+v6mXtSHQK zS4fmyjX(NAv)m9vP1k@MK$B(29h1FjQiPuP#2Rp;XwnYph+{i*qVt zl63o?-E@+M2d(79QK^}k8Hv<@j+}~5OU)RYo0^FSb)?ZrL@@mGz`s24KQAJ>S4bcK z_`p#Ae$hn6=#rFbj|*9TKX?TBK+a9kdyVMJ&a#<1!U z)(8^jt~7?WhBtbG2Q-ZNka$0hc~H4L84Mli;U9pz)0o`R1auZnPo^>MluWSVg)uBS z?2fS=><_}&fgmI_oynr)Sr~&HRwfcW*oT3K4S29N5jI5-IDi$b$RzsUjB)?MxIc}P zXgr$6lW81@u@@{5q%qhgX>uqF_--hBKxhwsTb0s10X@<2)l;K83y#=l)JEWuEJ2$- zL{Dmu)u;CdpAOj9-qPe)mpnDXV_o`kO5R{p@ID0xexLRhCE`9QAL=6eW(UHnP13Qi z$`#~&R!-A>S5C_NFgkhDHwb0ra~GkFH7R;1YjdOy3%0k2U{k)P70SwiF()!EVD(vV z2<9#y(AmxVJ+c0>Q=W(4%HeEjT*D4A`f@K~Y%F&(-FyjMHE-U`;+5d#x)U z2Ccw!9xBK3qdT~K>21Si)hl=9iVIXEOAwYg$)XFfAd54r5u?1XBxyS9gY+XG5;fVuI|(c!OcxNQ$! z2u;PFo2e|~wTTLpMe1@9GTg@J!%}k{fxQ9R*GrSnehTM885s*pA4d-9nAr?i<1eDZ zWG#>F$!D(z+K!@YFM4y(8lQL$;}SaA!^Qv|^@-;*f)L|zcxS}-vthCG;MB7~l{MNz z_9qzXjzEn6cvdKKFrUTvL5=3U9;P&!M+fXrG}LuG5ESoY+5W{EYOHT={%D^A`J=@) z?P2ig09z+liQB$jOhw%y!*Y4Kdv#yAz}p@zPSepoFz_F7r}ohNZPC=-;cMKeX{5kj zAcR`#Fo@_!^gx&Qi?d~UR`ZSBs%FLz)(oqK0mKcrV`mK+o;zah@A>*NtBPT@*qE^0 z9-wlA5d?9q;g4hQ~L^vM|!W3IzB})bc>ZTh7T1j;h?4@sCGT5PS!AG?5p!gKyJ{o>V+(pY|MD<9wqlO{6 zhc;vk8G*JP62Eg@4RN|9dF(>tLyJSH&_RR+3~urVWI%wQCSHEjM25X~-7y&ERLx(O zaRHq_EVht=LL{ji0q>G0_!E2CaqHL+s=a=sqJ&)%7R;$j9zi&ss;g@K`cbV_H=1xf zTF11XT(|ri$L(f|b=ks0Pt!Ly@>CX7ZV%A8!E4qd9Hi{kq9FX1nl!>8C@F~$ZG^Z* zDs@xwei#aCK51&n2&#f0MViDeGbN07!^ zrG6y#OZLfW_luV-dri=_mtt*J0Rh_9O!EwE8EZAZWZU!GC;;gZ$b1&8G)oD|YGs2*C4u%|ksS^77g-Ym4fd5{gtfS&b zy;b%OnaFfBt7F-l-Ff_q(WJuF)X^t2!%in?hN&dNi4dXzzcs>IUQ+lIjo}=y(&&9U zftmQ`rFv*qhdFjYf2|o2EoWRuF35gB_j@$9TSJEFicTpUzqTl zIzorf#rJ1?sk1~+Ft6-5gzBjuHJqav1576Doq(qkA{>=ha3MMkMEv3A0gV%Ap{O4a z5VaZ-=q#goaE*sFJi-+{S(7A0WuUKLPRq(jnL2526>1)# zA)t}mkxESC*hZv$7IGi1ZGs~lQFJIu#B{xzPb4XqAonH%6C`n`X#22Px4OVLuI&HPDla6pDMJfDjRSa0A9YHie`u2xrtBtu92huVI$5qSS!H zjRR`}7_VP~Ce45l{Y_m0Sv_!q8ZvL~{wIK0TUDr7ESHe910h7^ z4!wl&;WT>@$#x=AX&Rq$0@(aKnWg~&?MAFrpgo8^G#y0By@=~HP1Q|TWOYI88K0Pv z5m3BLd2X1 zuRfqJ$Gj=D9`LPcKGX(bKAnDr$-`9$_VcOm7cz5TcwxpY*qw>-Y&ui{cq75|d@5Fo z`2vEdrseNwJQ&&%>!$&Y!`9?syco8q0cOHuZ4Ab6&J4s@iwbkY>`WDy2~T(_IC=~d z+)u{}hE$*^rX#gC46g&w06q^q7h$}V3hrPI*H9;*+oH?>Js8W2X#JUV0U(|Z?f|?c z@DC1i>RF92x1!SXfEE$R!#LX$Rg^ihQKze77a4BXzc(NikG8$tmHP@MZ*S(m%iGh- z`&fIr(PQFK*i~_?CmH$ne|M$!6z%;O)&219gsxo`s~tFaRs2Z>x$V%>KoU!cZCkq^ zBFmLEXu_+|a7~z=|1?|&H9zhK`$n(zWT8c#CK@PmJ}f~9Y8L9D=i5`@MM><*LQVs+ zG*Ep%J_N_@1fj!2|8W96cw<7j|3bX?>P@gMGYfd^S|fZ-j8f6oMY(oPeAKiabgZ|) zQU$k*NwAfZ6qjSM?{;v+?GhxM6$x3z2;AY~xDd3x{uAh-P^}KFj^B})Mn9tT6|5BF}z+u zdy4_|(WsxEaKGA=#X`#`Xu}JnV-#Q04K(nT6l)kDceWqgDEdQG_zSOKTlu2kBtEmd zF`CW>+Tfy(8Ei|R<;rJEAT=yGV1r*%uYg|#S?W+HSNcOhd8a5AT2&LO z0g;KbyTcofVU#w6Nblf}Ir5*<75vGDBxfdpKQWhw>#*SbOrh3pWC;Ud(|u_#4R$)2 z%Slzpr64*CK54SO3yTqlEbg1>qJzL-=Yax@U8#Y>qN!c^jH#%+HQqqKmA>AqLfP;U z3I&}?89#U#Hll8UWTC*vWw%8;hsME1_*iX2GYhy<;}=B<06v;Jcx{I?*QmqII2P(5 zCNMt%cqOS&fHL8bS_hKxMa?BZvjff*RE0x3YVK&r~d&%Y;7&3&;5 z9aLg47GRs5QQlia7FrK^vG8tJ^zOdc7L%RCv$7c?NDjf5Ipi0$L{dIHw(_e4uqlvL zcb$V}n8yhHf!|5t!5e4BuZsAjfi0Vuy6t=TniUUzYc^n09LTI%K`%1iQvEhA}Bc8IXEcT(>V|%LBTSb>L8*eq`+Cur?i0wCIbEY z1c!(B@^|*=($zUIuunU~-P=Qn;n7`@fs=%ENFsB_X*zOn*%TRMHc-a4e93GS7&x1b z3^Iu{09TV@DrKGwr&MB+iJ^8BQz|fUs*VhtM4@W1i;4_Lf*Jl$|6~SG3Gf^FJrMhA z4~&T>1-R(&8;yS;b`Fh@Qrg&5+iy^i|L#ymY?Q1Nsw5)nGSTFRV&neL{^CCu{Kq;tqNdy# zIo5yyPAm)ji%bP!)Idks@gQ&<>kOBtN6k<-{ddSo5XrN0#ur&I`R`v` z#9`mCO!k*_n&2Xqbz>sGM`B}UEfWm}?BDtqJNR0Tb%*@LP6)0?;0xt4H0_bt6*XmX zHMkD&M4Ja<6KXtDdWx%shDF<0W^@K+ERXWtlxVjb+wS8h zSk?ysAEZsRZah~Xtuqx{*b+DbTOJ6CKv7@@YC!i*94cC_BFDyZ zAO0fKp?$z%ujGe3otY|?MKhU&jXro&4LURaV#XD`!LpsCY7hJ^5lr^_i>e9T({%qL z!)ryWQB;ket|p`=%)tR{rk--36Rsf8$o@-8H(c?+Uqe-g5#5iv{6*E2?nn3>l^0cx zu~XR0MvUo0E)#+`Sayxf0@=CyxuJr5h!s`vNNh@WA2c;gR|CaG+gPL8M`CM=_vw*X zLjCf3EH<^VfI>*X&>{frGd|>41lA=$FGuA|qjYWXP(d}2g8}3!a%>H%ST>wgMFRsJ z+-$5sKM#1h0CGJ!wgi1FgQ*WNjcy(s54Ge0k6QQ`K}L$izs&GIILs;3wjscUrsV@gZZs{Tu_cYIX>37b zD;nF-I24V^>WNPb&xzgP{S2?t`JeG_Mm%e3k@T8lH>! z@G_GBTe9%8USukZ9e0`8+WUjBf=1}h&%@VOt_%oSp_M_BDQ&4UR#mIl-m*2CXL0yaE- zTd;u_ZsE=6+P3kcFs}mZ`OrK8%E!D~8Psw(%`-%mn8$wvdN`0hw#PzGFwZTo51%=a ziAp~inxjZi&@7ZIfD#jx^Fpi`ThY%?hC)<<#W?&WnVu9s0WlNqoWnjt@|x8`zUC)d zjypON>1+$O;;O>s3MVl{I+t9b2*pA^7hl3CH>Pb1?yTt|C&^TmIF(e+LWMY0eSRPK z8kd|$sx^a}=0pXS&UQ#yK(nCzFXQ}5z^zi6htDS_iUKwLoiq#P?&0Q?K*m&s_puV8 zqb82k*Z1k4g0D58_1no7Wk3jRKf?6}EY5rDVWlz=9MUt6)`1fTcpG1O!@% z(;#!vET}dI1-{Ns@Uw>k%OA5M6jQtV+yUM6>X<3nI}^hirXUxbS8D z$O6g#U;R7?2oN_e#&n%V_?j2Q#r9^;27F?w)3YD@bBqBPdM|F^eQe6}g z2?{FBf2yn?vK3SqA3G^qLBwnY6$?;N>KLnul^s=x)$Mfyzf>T2l4A9i5StbBOO*82 zD(SB!4l3xcmERJnbSlI;r3CAUiyaf7%8Fp+VwDs36jYvoijkt58;C}^3aY#ouP@xB zl+7mMw_E`{VW8|!f7IS)g0D(>N%e%nKUKC8778jS|5Vvdcqphm0Tm@@cM^ee6$rE+ zq_47@=!c>Nre=YaN?unIF>+1pHBm_<(KOY$_fr1S|5f0VGX0PoTRZ{t6BbAd1aapOPmxHn*w|1Z(1ppPGZ+Yc4uu9Cj?T|$R`E1?>=uInESe4ps7prX_550!_6 zL_x*(ewG~s$hwCH*Y6;-$N z=UeFG#enpIvvO3TebL&Xo#Cs<6JlXnYgMQzV+L|}9wbCTs5_r=5>#NIWheAFkH-t?16zNtME_QzjWv;0nUy)>u=?;BQONymUtN^) z&cYPzxv#JhTAXbw2URh*mFSn~kVlYErVkU+@`Egt678=<4_2bHl;}B1bP3S-S@!{e z4)NjlK3aYdT383Z_r^f=4dRWml+>}Fuswcad|FOwD$z#4XKltLQzR_t^~5WBQ&N-T zC*&k%DRN=we+MqTIX&r59xUGOpa(WRNSiWcqa?edQ3dBnqRlt?cfmV)Cg&-dfDgAq z5P%MD$(NKflatW&MzM`v+nQr~{W2~oDs2>d$^IrGh9{4TPfTt5GC5f!w#Z6N_*65{V7dC8TMv^7e53;}shXyeFmX(->@ zcpd7fEh2=ncWugT-gWh&oKu#_om1k|&cO;5>U+L&&)O);DfuURad#q{fs&IgJ~lTe zHE|Th#@~_0E!JKfIY+rA6#2;HjaZNTFum}N*h&bWil?)|wy1tZu1}}9NawRy7lpkM z>+r(}Km8!NN`6Qa$<~L~`O^_(xj;l1NE~+lIVJ+c@pYSgxGnj|3fzr@+_Hpx>~t z1(Y~}4a;oaiq{VY%bwJ&Nxqqg($l`$lJ2K>}^~H!*VXdo2J?~*5D0Q{&Jc8QU!aT{xH_@D)xu;uN$m7R#n@zLc!BE zu7am+TWMy(BMy3LcUi1@A}>c=q=%$;+z^ zUu>!CYKOKZnXs3quG(8)mC``Fmv{)t`$mMNuQ7W2P8@Fv7w@(*W37%gkG$WDyJ*O* zV^`6eN$f5%@*$45f&rWRV18&NgTTWLFg-!iyj2WxI*kXP*ToNeyyE|%S3>K-r-xvO zAHKOo>zB6ch)=}>P=4CSaM>&nxQwhyC&@??8X}*az_)oh*1xGj2`detc zmBuhJgB>^DPN(0YlwKw;=}xNT=DXT4S>oO82^30DLF-kvV^V+5|Ipt{JA^;JgdM7) zu*`fv&A`(|Sb!g(F+N0l3}0!IH;sY=_{+vv?3et|Z8@vnvn-X%KSWg6Ge7=MNt+q;S}45yf1 zqZzd{uA{1ycb)1ixKrYiGtW>9=$Kkcbb=DCEdRgJcsPf-@c+X=;r}7-UErcB^Z)U4 z<^sboz;F?e>u^!Isl!DDVPt@DL_op2c>@#@^M;qqT5CY9Ol=p#d@Rk>+}7N-ATzZx zvD((Q%R;r~RwjPCm{=_&C|j1l_vblhW)4&P+u!g1{lC7yqYt0Y^SM2r=W?Do=Q+>i zKk)w>4mkKXr~l-DXAb@w33{aG;ByjxQKZN*wPsbD^f_IHsc!U|s(Mj+=Tse+r)57c z2qvPp%G0r*k*9C}QJ%hiSk`w|9hR}uaD{5OthW>8pGbtAvf>U|@wXm|2_9AOe-P&x z*e2WAB4^-U+3}6C0}iJHfJx-Y2HAl-Jseoz;lM(VxF`QV#UGUP9j;dGsqp_(0{_82 zCa62>#?yiS6h{tt5wDX=YK>gP^>Ps}my7r|xr!IdC0rwya5eE!>?#ZqB~sA?@+v5k z1t!V{%4I&FC!aSaOm{GmewZu=$mKA7B8}*nUZErC%xH}$$z$Lo5$OvmAY1{nJGcS{ zWCtkR=26!V{D=5G9(=@kNsW;0rpgW@Q3ucY5ZQrv*@0LO2k!SUi1@D>%#uqW{g?K* zyj`|iBs*Y5`Ev&>vcg!|fibec0@)xSFQM5oe}>GTEAs(8`8>h*uH+$L1={r_iK z?;^^d7x^`5nTF~eX?=+5l61V|wu=*RMM3yiDIqbk#hw7f!4wacq2x}>>3s+;nf z`}6WzdtZ@HH&T6wsYN8;Egf~K!ql!HDQ*<`W(X>i$d~`9 zLPcrY#t4xQd8wjBehQ%~Qxv`-dArEZQ&r6t`3aP&A*dn|^s%B~AXtWtHwg|$2@tf3 zSj>w0S4|a#G$NQqe&V^RNEGrYK0_321V@VkbOqH!QJ79}uE>usR3)PXC~gsjWdzGb zVJ$)Y*+6i!DB!=K`VC5eV7-XLYycZXen6z^4wL|r!~w0M@H8=&i_&ia%Ed%EIw054 zKDlo9$W`?k&arY7#MOV;e35! zFZJd|y7m5nn0s8%_0r;*bEmd53yN`~Unb!c`ei;n%pkLrP)I#?IB?dU^Ua4BOtM|gf!{TCc( zyJeLq41+U9!<;M-cGHy<45PV6uaxGMLX6xgQ&QYRO#e>DJ+k&|6094px$kSgYq=2$ zxA^GZe{w4a{n|jcp!TaJ<#t>-;P#p}5v!l>_+?;vOQAdOwpKFjUJAuW0{ z9@=Oy#ZP1_zRZc)^{?C{z12=9$fg7{9NZ&BF6OvU@nSPTDSF4j#Z z7_dmOpu*_4TOkp`E*9U4)$S*!X;|HVg@mxCyir(v`C+}m@310)P}Z8`ANg=QmNIsZ zND0BFj5t-YMInHhvF25XjYG|fBWjDG7CiHu`$ z>u|dE$EK!M3ueo|qBIOp~x$G3l@=1lyo5!cC>HU&t<+(A2LIx14bKAk$&FzB#C1MiMf>9f{_vw~UurkUYvcUc&2 zL4^>G5cs4%lC^D`iOtOajy1*YmA4p^PbefxoMr$kQJZ-4;6u&;f)_im4(ptYE9V)L z+Y~xw;5jS4(L+biT3?tR9tEnhg3m(R*)S)w1D%Cv)F;sFH!v))uCKbq=yy&bQNaqH zMAwyl*EDPdu`U2>%CE%+8WaxT^luU{X(}|k4xwY|pM{mr-3kF5XWUyADdzDE>{4YJ z{rVN$nQZyNiIJjJ%HIBiIDB2mci)$@S;6`GNbD6wxsSGB-lsAvI)&sMcCmF)BsT66 zy|zg{7~LLt8aa&mT7{CQGL z^m-4yEebE{*@I7{&~MI^Y}zL0i4-7 zXpx){{anyRTO#(df`@{Feb&h=6?=2iq*(U)8)3%ec7>Tnh&!{}?3Cq3@QcJcCQZV+ zn^S{aCDo}=-K0=$@lc&7sW$x(YfSD|=-jK&Y4^}s&vkO%23c9U^uy@P^!*C;Z#~p^ zN=fFuo9yz|s8D@Cp{mF80o5yhk@?jksTz0V*ld&4o!mBdCO#$D$0_!<*>+&U_Dz3WWx~9=H;`$0I?U7Xo#* zJI!EBu2SeUD|GgF=wKTI=tMJ*BSpVxN|D&iW-AlUo!zk12FUdgz>$ zbXs)CPn$yLafMEqht3yVXGk%~_%A?oA&& zwDCuDD86by(NzsrXcZ&wCkn!|Y)8&4cjG2hB7$V9h7_a%kyXHH#80M|~| zIs;E{AA6_^g;L2=X`f<`rB99&U*`@+_j*WLA?dt5PP3f$nB=ad;%%pfK?lg^AyLn5b}>h(6$9qDf)mO?KddqR}toTC0-dLfEJmX9Nu2uMmAp zk=kXC)V8=%vwZ21T8qL2K25ob+Sf3!s1LbKc!Q<9-`W%=XmyISw#*(Ts4=2vOH2>R z^RUpau+X8fFxA7tr`$sNAM1Z%p;KW2pX6LVto5+a@6JZOhZEfj6SStqnT=f@CPGkx zSi4HK|B#0Xp~&6BKT?=D;bFq;Hu1cN38TWqKNKcD_ApV#O;o>~`HP}3DJ*=Vut3xB zl{ZhF+le1NoG>d)oL88L^BZVlv)e>8Sjt9WRhYP-Fj3@TVm~)=rZP1o&%;86!oo#` zg<1~_FT;ZLOJJ$?Fi`~)R;W_n^tr->!^6ZkE)%NX__3J3ObU%7l`j=4yFFC!o_RAC z4_gQENYjR7OmZ@p6gn?>=#+6C%X1!Hc0%3xD{@(({&x@c4X7ol;pKFAn9$kW4eyG= z#6LYu?3O&Z;-MZ6braMm)88u8js64c`>e|YivcWUeP=5?_@}}|nuiHm93p2T$-_jk z!bFe4#CQ)A0!tsZC@hE8cPKrWtx(5Dbl3g6z(YMsQm5r0O7%L0dY?jlgNJ%HS7+^i z9%LN8UZHbcq4TJR&UBQwyi3{sogT-19dz}2~kc};B-a7JNfnv_b`zS6DEjIF{u?MMtPVhbDK!_Ffm(U z0y839UQF{aLA88>br|%)IprQE*26>#RLKi(g^9a7Ok}Yhe@j@-IuG@v3GTbwN1^^Z zS)JMeUD!czgdr?&H^^$mwsW7cg4c!*^D_owSI%gBn}7wpkoiVp>$?%OUCqVCsR`N& zq;Z(FMhp$!<()Th=Q(jS6F=0CJU-7mFUGyOI_*ivw_YF3R$X75di?d!ysmKXQRx{u zqs?QOf_rg)QtI*kk$KN}g*9cVcVbVCozk{$&m-nlcKy=1=-TZrJv}=s zo5k(+8Rlq9p37o zwFls+$!iU7`4@E+i0}JTaz$N*s`4%|hNOJG{kx3|%DWnq)!hx#%DW!Q`$#vrOYN`f zZCF#@RZvX$Hnpz1VYa$kSj1x*b+>8_$3*A=bEy4GRq9?Ln24o1b#DX5e0m!ae7c1t zTvPx*lVf`DIX2A~v}r^O_5qD!%_3+#nQ3H)V}@Q~jiJlSK$6pZ)ZHdEVaJ?Yx&)x>1hzW zaIzk4{}_im==VJhnpC^qe(y?Mwk};a7AK3&(`B~zZ?4#1h|@slz1J^Hd2I1}{hBG~ z7vs3Ud9U?5`YUkeACMarQ$RS=-w&t(yixIKNByb#W1-l-U4sNE2}(+fBnj8_HPqus zJD#-3o@{T(Q`=MQ?fvVgcqBc=GvW6Bh6+lD+}i9Yq@+GaQo3VgRxs&K86~X8s#4qc zuGE<;aQvPw*V?Zud%u6P^|k&6V+9V!v-WGsnhIa*-)#JbcPhfMi!FNl67Fc79UT^R zQm|LuGQVH*qr??)Bq34Ve8)h6|66sZ_VCNs%MIwD5?{Q~fA(VJi%Tb8=zqO&Q&&jf zh5oiPOUkLcDz$Fz5(77N1==njIQVcV<>Kda}*x#;)K*P4~?ZifM4F z?bWrK?jzuB#<7D!k5SWPF7N7DB{og(HyVstGbU~767By8&vguh(s>f@3%qKUB;)IN^QzV~1Chc>Q1L|!ryZIEt20(b zv9UZhy+7PQhpaa8WJ3&;WJ6c_V3;#eva=ycNflW^vCcz`V?3!MD>+Aw6at`yfI*6KcBA>dVQ3+{Zp>1;qH-*^MIArpBoFbYo z^x@}|4lmwmFRjz#XwJwNseJ^!`1eT{`s+X6)D;x?LHP%hsnK2NpLbN%REnc3#URiN z9(a!9aIqP`nwk7Jv{8*;)Ht#GW?+fcfuGa_oO8KK>^=e}8XUG`uVnu(-{*%Qs@N>JhOB7L=DGNZsvEhW5%#v_D@amb8 zjQ;FZZQNWpUVxKn9mXTYP$yQk%1%esQcQe=%!oV0-DreS4LtFXC`!1o%N)L^7)IkL z`2~=Fq?lw&sWlbMLY!kf$xWHeTiXcNh52_ILpHeJGxlhBKG42#`s4e(XTX>Ah;$EJ3NECHOja{RtGm4Ws zqc|hUl~QNKOEa{D<2=Dq>W)NehP-veQTZCcfAeaTB&KW|w^#h8u7~*TMX^Q|ZZF(;{BgC&`S1#x!6nwg{@eT2 z=I#C7rtLUxXRu*=zi1q+4+d3b+>UM_7!<8JSiimB%dD09DaYyIm#t}e>wf7?a9i7x6*xr>@Me{jDRC9_8EqB891_H4T@kA68b z>l_d@uc?Eu`7pYuBUdzDLfRMTrc~tL{k)sf_qe(#dTzmc5&uK4nuO3l+S9~!V4_SU z5;2HFfG*O&MRWq9;NTE3;>i*mBa%#z)uoumX#{iPfonhohl|&f{sy!lXySqzFB3gc2i^~LsW8#5~BZ-BSe#& zCKWh|{PToJh!WtQlQgBmjY>dDoN&?9U~CYie*$m_8wC^ongnBm33T9qB!d8)|5M0- zPO{Jiht|x)94<%@ah?DtnaKqO-#U;}43 zaRC?M4fsnJ{+jR?aVQ{A`5=fwAulwd34&Fk=?Ib>_`oHZLg2CtuOutdCqY~y6h$2g zAaEu@i6@FXP}2bpxF1R*Qwl03J;6C|8uNR|@hPLOj}M94lt2N7_=J8q10Tuk8PHFuDc zxh&+IG?SnbOd8x18e&WLjexibIMGd@1IML8pNc>iAn|}f&q2Z<@CXS(LBo}~BH>Wx zfz!zlT_mG`umNK{kZ~R;QKt;#c^Xo}ZU@o-a?d1Bokn>glJ}H28Ic{~2~*;dajOvp zMD+!d)u`b$M>H#uPT|vC|8Jr|cRXjC1y`S7D1Xj!pK%+{-8PFsCwfu|NCl$-JOltvKq{_=h~BsDC)n zH=0fULtc=mXX&Q{aK;+QT0N>Gku}ziP4y!52F{`T){^3bZxw=wutM5xd)(o?AZEN! zprLVo;WlZz?fSz=$%y0bSPNm+&12vUVfB}1`ZNEhpz`T{oN8o!3N*t3VD*I6=hXVM zec z)`8@e`%34B@$fh|8Fgus==MW8M*2=`V43;dT~Fnxp(D33vyQ@xw5nq&y0 z`8tT|gx3IxjW3Ld>jnCVPjOm8O-Frq%ke}W_ZI@eBz_W)8-+C1aV8+#fhrBcKP-3U zT*-R4Fkg<3=F$;-DJp5l@OYH)pv*V%c#QC*9GCbe;q(B0yl_sAcLD|piNbes-0>tg zFcclP>;O74I(sitjvwLt6nrtNT_YVjjx)xAXF9jlaYbl9AEB&xjW88qT46du20|tR zP9QHFg)kan3_`ZB5(lT%SFc`@u=dW%wbcuk)e3jiRxhojUBRTNbN?13#m^zf64T$c zy_@>NP?y4QW8a_Pq_X08n9ON$36j%m+A4C3K{s_BAYk|91_3i?IpA}KzT z`bR)&rfA8k9O-t^*WgDjlmu&B1Xny>rbCbOose!leI&I$KqO4J0>wk*IOn5%58xy2 zz9fJAzQN@NTf~pwDO%f~=gm!{?g75*sDFVMIROm52r8qvj;tQvsUn(tp zCrI5b8LTG={#t_Q%4ipS(%(Q3b{h!7?q-5WZwtX780H3-OQ+ZCm&?n%zujyJapKhdxN-Nf^VA)=>54<=(LK58qZRlV zj;B|ztsX)BmQ%>tf4RCZC&Sr|vDi7Q&#?MCEQ8pji2MYfZ(^k%m$7VB5{}O`CE|EO zw)@jQ&_}p+==+Lji0ldp% zG^~4!9SiE}{ER*tlhc0dC>+AtaQE6*4Q@*F;@}hBeL}9?WLj@TjpLEG@RS5Q5m5$wNZe z^55ipV*w)!hm=gh8l@>kMxQ(+OHZ$3*~Qy&Li=dgxQ(q!#F2^1n}-JYm4Qt?3t7R+ zg`b9nu=z2*-XbQE{D`H5#lgr@4P>M;nRFEyUiL`_7KkNbncOlb1IiIBaHO85b_OOx zZ~sSuM!&US^Q6I!V*mJEd8GI=20F1?G9$$pmfnDQv29wcB-*K9 zo1|rhdF;$;X!B)-hZO91HoR?kq;{SbQ)2mS4p!AR+&JiYh*$+FZ`4at@#$DW^6X%3 z9v<7CWII;*V8PekLLA^>a=SW|iRP(M8b}z}fzLnjuM?~HuI-$`u_D}G_0j& zyvD_h@`Jmq$P=JAoiprsizh-0n_YyZ?oLys{6b=h>$>>7zT=qu0$u*e}vtpe-7 zv{9H+BFDSu=4jYnZkzgYS?Gsq&8{crDf|d_@&<*XLmgn7x_quSDBhDb2>mfXacfYn z2Wzj36*yI9nPG>nC>A$oQ5ef=OEQYPa3*)kFrTyd`Rc}RU@n{Dh5NO$%b>x2#5+p- z5~(tlvWuB0kgQUV`7eBy%NTYbV{R(TyK9WmF$BMp*~fhA{OlbOVzT(DzBv2TV0(JM zs)pe=iZ#Qq&AG@zbYxkGG@~RKh zh_xzC`sS;#?>?!*JQInku~(g3BF{MylC+NZj+T;<#_u)u_LGGeh1d2NrH}9Srjy#9EFYp3 z^JFyk;*&WpJp81jmsBM=BYiFOj=sM|V}Af+`9fTiUDHhN2}!rN8-{9nqO=q3Ne+Ba zFeXUk6&*RQ;;H;t99Prsj$iK3^pvS_SiN4;WAw$hkmd?|uKgD7h>$b|niVph-yu1o zwa?}hd|BmC*P~K5V!ps&IHQ&w8P(xX?@7_mwr}YdD^hJ+`UO*l{qZPma}HNAzog!i zq4&Px!H4x(@pmN zQ_iC8zl46|SV^mi$c<0I#TQfu2@_9{=SlmQ zIuk{gqliyNf!Bz7I3P7Ra>3T2e#Gh0!AqIw1(IDFEiXxNsXWy7`j?>Z<$WYa{@$;) zC%u${+t=w%_sJBy!yP?w())-z)&QnER(z83J%>|-W@nDQ4@)v>Cu zveXsHbqSZ`xK)N(GE9n&oC)-T6VpB!IRGjBJef-pE zoGS3Yh2tkoocwEC-oq9Aw#6IMm2`)-50P>0p61q68>VICtvRVZA~X-5s5|`5Wicbw zo?0T^;`Jwe_UIndHftX-CwLw4b{tN&c|T072HeM!r>i=ReVZ%0+jYE6hqOvf#bo!V zf^0m0*=vw@k4EQx*w02aFPY3f>D^;gCEKNX*Vv8dHzrR%f605#9}7d;eYqvyBTl}T zU801xJ_#wuU%8mrt}XlXB`Y_WUDbAp#z^Rjc>Ctf)eDscA?4Z|jWT&6&#}F#RV7W{ zyea+s6h&$5nhpt%n`G=1;x#>@E=iuyRbZEn74|}Bmt>D{Od=ym`2Ff`Otr_`MVkG2 zb8}&m-KU)}GddFq(%+9R(O)6Kf1=r*IfLU#;iqkALD|rycpRpwN$p$u+aXV6Yk2GC zO#zv~bA=#GC@LCjN}4cvhH3gA+JDrG%=%8$f~Ek+4x#FDM}VGPb* ze>o?FSy~U`F zK(gmp;8$s>%!q+U9>>Df{n)+2_(y|L9LG+6kM|PO_X}{e`Xr1r8gw|!+&CIfk5!ol zr2e%YXPbvvK0GNy?`Qe}b?ZYYFCc z<6!c#vpxo98ig~>jlE&?wDqSgB{*>J&T?I{3DPu7Mw`2m=F>bLBD^cdqww?@gb{|X z*yYB|Sa#!%@y5V-`H8fO%Z3Y??988yVLo5*Xr!=^Rrev$orMKataD5(j<#Pu&cM>v z4KcE1aeCe0HZB(9B{sCLsa&{Z@rv7*3p8*BlJwfXx_ZT89N<7A)hlXNF0WizyKLnhZ2!w>D*tRB z=fnQ`-Z-4W*gr0iy3t?LqY6IE3x8(V;+j7T7vF{dXy;#G^Jb$*qK32y} z{o{0MSmfhn!(6FjfUA1>8utJYl3ZTBw3bH3KxdZRv2pC3@nij%qfx8#BQ+XtSiE}W z?e*;0_HhxJZcDc>T((3pXyvl>3p%^_O8y|0a568A{q|&@QSz!SXBan+gt3=BtUmnD z!VLENmB^>}He@Vz6|(*8+C0NRDfaoQajC&L8vy@N{(Rs`kD(PkJ1_@jGW>-k-zgcO z>+xrt3`+=N9J@k>RB`$&X>e9QN*3`9y0hG?*v@*YnRj&T3sNFl}H$W($zcm+W?vR;ngM-U0^CWr*MKIF_4 z$9Djp0l>)=hn+bDX$)-{A&|O9h7S=e!l||dZ5V7Lh=k4&go9rZL_*gH!a<%R$Olo* zAU~8K;@E|e$87}h7CBvpx61sr1RYS=NXU3WXp$NG2!j4RK_vVNLDV$$1O&e#h!X21 zh=gcdo8)OAf%v>70EWwPlMIt&$V&wLY{VU;V3irXi6G942#|^>2A?GSi9bx36yUG$xT8=WcVaO6nTprKS2<7+XAWpWlN|+p0nw)mLLEWG>j}c~bp&Tf`+E|73&m&3Z3MYEC}8lF1P{xC z2p3}`c+v!Z%C+y6~*%dY$i zX;d$sRX>c+i|tPZXjuD8<`8B)iw$pzF(hI|nZ_e{u`_?f9$3aujKL*7O`Gb(#v6UM zKmrAh?XAvC!5~D#TR|GuIXW$bnRlh)E26bRY>3nE$7Teo5eaT~TCd-)4wqY4sEFM`;qsdnrXH7P(NKFwNnb3@pJfx!WOb&#>j zo`$f3o!B<3X~$@dh=G?+qJx>CAESDQA=53(gtDLh8W5>{9V2U1QfAC=A*tQLf-qYa z!R}DOQKwf*O63F$C09j`7VO@qpDP4V=vb!Ebhmbl*}T#IV*s;i+iLwZ-A=i$CEL zZp*dBY1(>tn!sA$#!#mjJ%S&N4<)F+4q+>v@d;(?Cwq(&iKCAm7&*&_ZDLuz*&f<%@RLdr?YeOyN?3QtsL{>V?Qp=|2S~A%_i)9EK zmt>jCI!0Qiv*(g6i4I%wB-3!yr0S(hRxCEHyw$X}uGUn~pHNKes+ZkfYr3_1$+FrS z;n(Dd#-EF7*Ve9HGf;9m>=aC!JR;pxgRcQNeaQ2 z)@CicQ#L&n-P6DE!DYIl6uwrJGBLvv?IU@FzdWiYq@PLbrDNvg)-hO7Hayi5$$HZf zeL3BtXWLUO8`R^AD%jr&E%_Ybnx7C@q?no&o14ELm5( z!c@=VMp#1F_i2`)tUk>$o_Sf3;2~WzV#kDJHS68oHxth&Pw^-TJ zR!cE^r_fSBhHX*2JZG#}b9;UL%GFdW_+VvPhq^?mu?zW@_~A~!D+prYDwa?Q8~^M9x{8BIS2WkxT5~{wWcL2(59BuuxTSLDUrw!7&BHl zjVSE1(dm{XHp^_ei>XFf2D2e%OGY$zcA{i~JG!)-Wm}ddjYVZbq%Q-d`sYl`9=0RH zlF#nUL}^XUgW<#sysK>=WeH^uWLd_r!=o+Oe`*wj3p1r?G}}BHb$$03i!WQ5joRxT z1CbX;L*&9J%WQVf7_^tuqfpCfV=PnIn9)c#EgP1B6|%N5mfx_59B9CDIQxmzc4b@2 zNX;x2!T21@a2At+yEtYP{@iYXftzD3GbCS*<)BS|m~5HEF63B>*r{C0SoYFbi;Zo| zv)spG@+?{GdM>=WWvpc$^DjcWEyLh=W3DBSC5(gPz7}|OX_#ded(8qB$pWitCifn^k%U4R}A_d$}M z)RH`Jt>HL2+7gjVxuAwNwRY9*wQH!6D;!7jsadiZWK;FB#k_~AUWcxMPq9Ep@Zc~@ zf>gk_6rryal1`kq7Mi;8q^}VSEq#xa3*B=!30L20Z0WOA3f;4SzuwT&=MQ|^riGuj z^mPNP*favzPGFNZg#gj9*z?MO$zw!x}oT~DG3)h3cfJ=G-n+r)@=nG6Gm8B%>EJuQ<)RfpyC6EXa;}R#v+@=fz6|_N zH&RX40s9BnsR8yObZ)JzaLL_PIoXA;2LCLVTmkIQkgTsPc5&BM+6i~?267)7-SLf7 z6^+22=Lv0qQY%+q59}GJ-&Hx*rG8IkwhP}3o&8*LBe2IHxv4zE#l5%O?83K!|2uB| z0btvq<7nx-ALs*6+EPBuCAhVGhzn=n{|5ZsfOi7!Dvy6Adk^6NUX~Uh z;1{>nml!$%PM5P}i9zzo7S z*uj9W;(fmp;XA~SBCOZo!!O?dTKfJ0cd|B0H|HC`%^T_FJOpewFUfttQg~kX0vpE5 z=TTsZ$iklTQ*suN|HsN-a^>|P1VXv!N4A92aGl^=HDuY=#yNKNxqVBbOVHAlJo-u-j=<1W#52y`}5i+Bsz`9^AbZvy+6 ztN#VqM^HaozSE`g*Yby4_`Bf0$tB+g_68*1DRwE!h33R?J zpXHLfR6fInUjctEBvJpDfzF0#SGoJ%{ieLkC3+qF5}uFmflc5Ebpx~UguVk-0PTO4 z7q~Qf%JW@#ANZME@+vShBzw!%7?q;ek@OQ z;Xi}#5B^O+1K>~cjmyTBT4EfBaAz&Xd)Z$Q?!;|(Btj78;tlRGguZY=NJhMNFy62c zo(mI%ZxFH&ju-{u_#lk-;YF?#VLryE#vmksz7U}wFRFLrwRs)jO9&3U9mXU4h_D;! zyo2}8XQMEB^8oJmpU_79QdBf;I!;DsUP={Rj6VmKIqCls-`Tubc${yXWeIi+YP>T^_&%ud!q>*`kA+=0 zOlda;;~y2i7WN8V!aj_w?H8WInC|l!x_?3VOz0H;OE8L03P&)!yAhcCUy!%~A1>~} zH?{`h84OPwuyo@gNbE%T4u>;+FZ_%noZh9OfAI}LBc2s>;$IzLwhJE$?_u2fg8}B; zhTYf+NW3V#f|H@z1gsJke?Yk5(%KB{K7=g@TM@P+{1%}J;ZuZOglqV+;Du%MPMeNb zG4;HD!vC{Co!$Sl#F4h+|2A=YH!Fo=0{SF$AwmYidW3xlZy@}Hkc2*FDZ*n2^u6T+ z1b=jXBN3({>_TWm_)&$M2u~x>gZ2%C1oW^K2%8c9fN+Y|5dIes9lGHW2zMhq zhwvqW9$mB@Z1j7yi6Z%@{uh{J^NH8Q2-Z$M_8apHf9 zuej;sLYZ|9j_qi;A8VQV=UEc5L4Eb6)KqrkHV|gdw`2$A!S^6RDA zhKUkHqm&70GBnFDONQAp%#)#2hBg@%%aFEYCPyk{I9-ObWjIfURWhvM5RI}vS$gn|%n`O8~hTCP>B*UFD+%3bsGTbl2Lj)c0_^?cPT81q$d|rkpWcacS z+hq8<4A08&Z5g)9@BV;I!NRkO@GNitM6lh;vg4rA%S1qz^6dgKh;ph?#GBnCC zM26uqjFO>AhKVwyUXb+DWN4Nlz2y^~-=To~4h7_QC?LN>{qRwl-=ZM!TNIGrqJaDs z1?0CVAiqTc`7H{_Z&5&givsdn6p-JdfNPK6U1Ld5soslalYbr;uhp601Uqoos$gb4 z7-H1EJ&q;-_1tPn@Uo@gnb(hv_(xqRGcUFnv|Gkd4^yxhyhBAuQpIjtY>C&>YQH#k zktVYrT5K_D6A|ApPd7(grLnWm7F&jDUkCjz7I!@c8z0wM0#xJj*tntoLw)M;`Mw*y zmyu0L9~!Hzf(KY4P@bNkoo>fRM>+)yT+s*4_{(Q`Q;}i`mlEV%m$0c zhc5mtDuapVSEjOW7KLFRQ+}Q1_}BMXhWZTnAf}^FPou_UXYbmYlYIP^EtUsE2k@m& zQ|X!6(td-y}e!S#g_Ai9% z2z>}w5qd6>JNW4hb{!Nh9S*=^5xF>${oF24S#x^B@?Yh8V7 zTYccRNgc?%>gSwx8ZbVu!3@nndxSmeXaX;3xl#?rL19rk0sGUHQudsXMI5vw z>cnD-*H1WJe9%&*%KPu+f}J~r&q&?%KDtS2qm|mV;1goyO;KIxk;Bl z=MQy8QPRXub;XUGPvt9JQugV^Lb^g6TmWMaP69XJ76|p=qhuiI=7)RmQ9|Hjv_`%n zIN#)q3K1Uq-pP^yDyqRupE5Ft?f;`CTzsBQ89zUawg1tQ~gkgv~FAT*9 z3Ximb7^y(i|0J-1Qvh{dOl$)Okx1 z;jD6HUL5OIrD}HdCKy;1@y}kYHpab$ClX4xid%{hK1AGkQMzBTr+!S1WuGQvd7|dY zVX(R{OgDHhI6*?RP(-(!e3A4-_SEblvFz>lr|Ep!5D!AtEN6lBd0`VxJQ^o#g9;@$ zoyQY|gL0f2O%R&e2{}HG$A<}L<+zo{lZ8*%-P4xDvMqOEYH^zt^Pf%tbKHshm#j*~ znJPRuAf6^17!V&W97CKgym1JD*ctfE0r9a|D#h6{KU?S-5FagQDIr{vepav$Hh_So zre3V@S<4ai@|sa>2d2FGtX@)IySxU2KFqfTUw>!r#BARD7E53xBq|pzTe+gvH8!2AA9c>)lgjee zl~T8_LUY3lfS_L^Pwxe!-kst}GNiE)isN~eL%R$sWJu#C*!M=*Aj1X@+0X3-BOP<( z1JWns*_g=CIYe-(G_O*HyWwey&%}=fL5$jl5G9 zNx#35X2$8^!vdn;EzLxA#6SVh^O#I48)(2w2gMr&p@iT@>5kNIl4k?oD<^QD%txH= zSpEI7VZ`ewzC{pL6GWWyt$zTc?sB||;8p>nj~EvsfhUQu4!Hu1*(^<6jd@VYVa#u( z9LD@kav%oURM0UyWVvQpZl^5wur${;W*1)JNRG*JkH~UJl`1Y~56L0dF?(gf$E3OA zF^@|JugC0{=?A2F<1q)NB8_>1`Xe~}d*~9pU9JK+&RfEEysi-)xk9Z8`rY^}L=Yv- zOXd&q{A* zXj|l>ZI!FwIk^OnLI{`YlzdOUB=wJ~7x61#AjU~4Vbuw_bsv`;P`%9l`T|C<&%c0) zHTa`D{_P9c9f5Z*IJGxI(N|IQ_|GRTyF{OF2217(SnGn=SS=MH)^@xEJA8s|ufZQ{ z&~2lQ+Fl4^oBeiUFk5C0#DrPjRT}gjmHcjG@fXrVnAu&S6?^=SQ=! z9%h*@rni1L90PDxoUHqNgj5&>NXEb#|Bgwv-Or5Hu>P+DVJ8$T>~BDVT3i7eehM>t z+J9rmFZE-EnB`lQXY@;qlzwAL-^dEi;6bfo24?wY6(vLejbNkCW=QC`{yU^!|6!np z9kLa}r>H8U&vtMn>(%z!Sj?C`bH^AQn>Q7!$Denypd3omVXP<-UG-j8U5g6&$qr0m`IUz* zM(u1ba_VAmKnR<3#uA{-0zZkxeF*+CdyP@t%{m4R3uAlFz|KAi-+vCyb=xX5?1Mqr zsi4W%rgNR!_q2Sx-}q1;cK2F;Z=ZRvmn}7iS1qwPk+$(094?AQ@7P-aEMC)Kn^{5n z)L=I6?$J87JEbU`eVU;+Cht{9WIzg~$~6k{bS46)9+a+glGXiRk1_fja_X??*N|YR z#44UL*62f@H>IYvoLFB=thA3upz%0au$IjlO$k_lHE6U>#HEU6jn`-uhZb`1rS6arhie3CdAE|vh7#~wv_2!HO?b|ROz*>g{Vl?P=kI^7ZAzt;C zpJ?ejHTJHc^j~hHdV8K^IO2891ZH`fM(w%@AR9SG|k55ZNO}8+UB5U-`n2lFKh5> z4rwmE&AWL}^S0Y`&7sY2-R9FA)?B)@qd&V--#obat)&4=eVZej#U+}(+I`{do&LJc z_RE@#Ohe{qu{HCyF1>b|wWCCDQ$3=$oq?IZmFTZr&D7h}k3?Jbwyij@ z;@&P_?I7DVwr%Rts%mVsdG$ftEjI0yRn>Ycwl~(yu}-yN8}BE? zD;ZOtvw1o8g;=M7Q1Qev>#MdXD5%skY^p20Sqa!|SmRr2O|`u+Npt0B!YG@5ALS?6 zwz*5K_kN6WwawNtk#du4(|2L_bDQpwtz8=Zfxg6ohv0y(syv6XVz3>asOr+IC@XWU z@iw2m`YYdO#Mz!G8)S9(A_pol%SL(d-4|_pyi|o;8~6u%ChRuZ$W+g-Wpu*4t)Iq(Tp|MWf_=wL@%PDEedL<81o9 zTj8Rwt=xf{@m0myCYNob8nR{CB5Yp!v{y1R;4yE22W?BObI~HME~2whlC4vC9QJW<6?cn=)s?&?A3&;qrXr z$PcH5*i>J=b208i?=i34@AvoKZ$svc*Ixeoss1Pac_Y61vE_#BFMqOiy>jTOzkOC3 zY&RbkAGZJW+oC(4jMF_ovGJ<|=g$84{-uAYRxaLJmhxcZwN>{wl{hG`g*GXtC`{E8 zw(Vu&mE6)a+qOvuaR>OSu<^KNlx-@SS}Gdj>iFqa+oVafIiNq-izwd zZnZVwhP-P|oK3q|YLItNoR3P<`=ZXTj2f@Ec|Sr0kJ{HX+wLgQI$Q8VPFD)N*?dXyEQ&ZT#>F)pT35ZAqyJvzfNraJy1V zUmd>?+nX=7CfI7=-qA%i+oCS5Pn_+6E|t#%wkkMx@|IP$C0#0=pKbocEjTeoS8Y3N z)7yNmtS_$XQfoGM`Dj9HvrBYWdK1UmYPx*1!8Y}y_jc*D(Y9%&nk&a@gKfG;YrAyb zkJt|OH3W)}F18-Hwkf^bw#8O9QG4b1tUz07$znKcuz5YQ6gO>=&HKulBDmo-$Yw9O z$2!#JyH|bX+R%90tzF&@Lzu0wWP6v|@HDyxuPZMvOR+6OI}f($A6;e5u^FzkPO0wl zf?Ebnlr0;%U26-rjVY<=GH7FLnmv=O5w=mbowlqJ&6U0(wOyk3V(Vg*!|}yYjGXY< zx73CDxdovG^4jWV^qL zj7C2kZBsA#b5)eBXvtukrn;coaJYi6r58+b>|aaL6Ab+u4#s}@$R}Ub&V2fHmUdfu zw#F8p+{+Bc{46Y1FEHj?0362rxPWl4^6myvV;{WE>xxPk&02@$N9td{9Fl?G%A4UY zv9U|ji@mWwP28(JRu*W_556@!-fVxFJ}jKBKeh|odHCB0$vff*332ue;P2o^7w7&o zt9!O&s_{3u=!w2v!B1SSDe-V14WN_r2aXD@OnNbnW#CdlJ?a5G5o z6Yz$o;0L&Nx4etX2l5rlZv9|>ZXd;;;rv0E2Bg#v6T+l;x-gFm3>JnB5Wp)5hGAU$ zNh*eB_~Lc`0!V{rQ8ZX1kC9;)#(MWgj$kkv&f=nv@6--XB~i~oq<=$WG|UxB%-icR zVaq)LM^^D+VtC^aicRdpdu&hn}6{pid^4B(Q+;{0Y1m z_~Kb|tK+yOVz9H|M)1x4ltuikIX{Lg+ziZ%VBebaeRwRcB0q8HM<uWi09C%(*3Au^YSM)^~hRko(Hu>W{gtdlF#EW1OHkTW?{hf9s(nlF#b%VRMwREy#=RL3uWjK;#eJU^%${z@)v@mJqkY&d&yEUU4O#iRT^r*y z>|8^x;eWCAE^tv+`TzLy40C4&hC3?C0A5f)!7E;v0URbYl8dOQsGy*jH#93Mw}Eoa z(n`fV%9vqUKedZ!DuQNO{Mxpymf70xc5~I%qK0ar)Y!gl{@?FkIbr~=&fQbpO)~eI ze-&QyR{QG>zR^}5+y0j_447X`u*mPRQaNClfwo+fU{Gddoey9lr5M`;#xVISW1J=x zfxN|PN-@#8<-@eTn*1=X^2~|B5_`Yaw7=dmsAhzg>wC6*V(6HHL zc^S=h)3$(J7t%IG4fezR2%vS(REy05Nwiw9@j_a9m@MIZXJyL7(d$z9)9BG-*QKyC z7qA*k4&z3r2nVpN=w|UfjT?`rguzfMrBVqm?;T{ z8A3Z7B3#jUByv2E47m7@ypM*R4F04k_(yzMKr;9`_|g*b<-$&el0%;QL<%Z}+?w0K$C5(XEEwuF%v zD{vGHSR@;eqN8nHw3CZSPf$Zc{`BeaRcf29tHRwkiz>A_zeuDSNvFerNQj_w_uRr5)3m4CI*Hl0yqJN z4u50_S{ASnW&zA1L0bY`19LA-m7r|^*22`oJTGW30pEssALh?6NUTfx6c1m+5MG0! zi2nsN!L>ikFc_jG0PQd{V2TB;1h^K4wnfv9QsUbRtb=(T=0!m}1Z;w#&7Xe|v_Anq zGhqDi4?NH&PV!8fIB8#XG|U(nqD=r!g`pera|LZCupH(Q7}|GDd^>>8!@L4RM`-XT zoyWhAVZMU-28Q^)BgBUiMjs2iQfUZnT+p8O-+ru~E+`uY;#gLy9+VJxk3qGa!1-Qc`6&;kv7UuAbfVPQcw-F3`f6eww-nWg zSWDx-t@tlv?max@CKfvmN+>_N14%}gDJf3&u>J9=AuL&+qIS_LC@CnQ`U@Od|)g&oUR@E;&OB1NLwQ9E5_Va0hH#16WBiE( zL`uI2yW-woqFdT}+@qukee8pz8N#mcTcwIV?y*v}u+spGlo&k6?I<2t8U|sQbQZVN zrM+mZT(RVyl+laO0c@Q0Q(A}Ii@>U%(1fu+JfR6Jx@UFeI&3mniq8k$jU~!}Of^es zpUF;LXVv_h>_s=(oj2Lj*lX9)B3w5IldE)RR6xFF>kEFWpac8R({Hj*6MVovd^wV2 zMKUS5R1Q=q(6K<5ah+J72U5{eO%RLFK>E>z^{720)nujrK}bKso9Ur~j&(ThZWRdl zPyD#L3K87wfijjN;DQD66a&G^`5nSNTOfT|6b@w0{S^x=6ZDnBUMa9j(5q>_gCg1} z9JmA!5ET@n?-p1u@Swm~1RfW7M&LPt?+R=c__06$4_7bHg!nnZA}~^5lt8P%c!7xm zlLe*oF_<_OFaSR}AmpsPeYR0v!t5YRWJ!X7H{KPAwYu(5*Am$2Jr*<{H7 z<`nTfgXnz;sT2WK39J_A%Q9I19})`r{~xCGmW2MlMJ(cV;Z6T<1Ny(^_m!R7WsQqU z`G3fpTi*EpHfy#br4;^7fx89P3p_}T0x`TI2*(AU5qM7Ey8>GUek||{fmZ~6Bd|kY zm%v{I0&XfR;`T{`~O37RR7$RBE@bI^#7Ew!T*~CrV95d0&mXZ96@*G ziH9PA#R5wN{--=&FWjpHRtwxHaI?VwR0j4c?k=fbFdh`>D+>+6eq7)gf#(Fa2z*yy ztH6&1ej@M-fmZ~6Bk((pkbj3DbP4=bAay|~k7?{gXc9<6KC*`jj1*`UNW(yKr&E!H zi2}z8OcgkVZ~++71tD8tj=(&Dg#wEOmIy2pSRt@d;Cg{oGW#vaGNti{U(*(-*vcmK zZrA)fO&`$H?OBAoe;TuIq)qPK^?Al_3p??sEk!nLv?|-Nrm~uEr(vJ-oRCOXIS)IT zc6K|MRkk|}2fD2b$a=inD$kx4!4l^g_1H~xXS|`M+u`5D_c5$`34;Mv^Du3Uuf#^4 zNyu<9tqY3l1z6dJ2e4ITDofJfxq5FV zJ^v2RhQw~R56C(NRwXF|wYEFD6=k5ag*z2vMvWdIhq9Efg0TzMRA4a|`aHvVFgrgd zDa1S)kMyHKJg!)zvrZpBUyMyeul?Hx;UZ?>q>BNU$8A7oFDUxBV6k1cp`9k>) zzJ}6pM*L(T87t_72#NoKG5tE6tvwgfy=TVfGKI+j*xy@O8ASnHh)hE)4tn~hX9@baD8mU~i+4^IV#T+^WGao{BliAS&#vaxd z?04F#gnH$G(PGXSs`S?>0cq^~`RO6dqMoAHeND8 zhjM@WVti*Q3-)&=`+aiE5U=@ke`kiDCc*N_{>}-0mvy<`LJ4=ftBc+oAP+BoK65Ho z^%Dxe{)A3!?e8oFrwW{N{Jw3IpaDbrfs~na+);-c^GThFOMMXP#Je`v)2g!i;3|Fw zOAWOn1yGuxKFFz1prVh>=(d$$aoFdQ++-OU_{r#Q{Rav?-f7{h-d1OSt{eQBZvv&q zV0^x$c(2D2JKSk*SGgo53Mu}wr+1W6{HLDYkxKC%PfxT`{CghjNL;25y(pn?zJ!bS zEwOL5b)0DDT3{laMxhg-vd+&P86)jb9~>cGtg=ac$S7Vby-9Yu5}cF3j)n21NsP zfYq7T@P-*z?n`lgB~wctEvdYNrR> zH(66gr_z$m&0JXXxE&d*848*9-M!in=&W_tq0n9UcKqX*s_0mkT@xu}M%Gm|bA=iZ zjg#!LJ5kY*!nbU7hB@ zhc5)gZtCT+xic*Az6;^8k95u^nmtMd5br#2ZF3>{eV{EUA?!kM>|BwoswQJ+2!H#U3q5b{y86%&V`rQ? zW>`&|G|bhe8TP!ZO*^ckB9C9gURJ_M@Q1cwwr#khA^)cFB?v+j2L#FQUOaJmD)M6%lUM`7i zicmWhNAko2d|i3NfHuu2B*HxcH3z=M#}&;Re`wQ=(r{`dr~cHY8>RDDV~Ee(E=$De zZPV;g4cB~{P?emZ@~o(OG(q=iyfc))gcA0puQhHdXYja^drCh4Ixy!`n7_gN73QO_ zdF}hp8#f~80d-?0ARndzhDIl&V5+~zVN{sv?_kb-^?HMLGiAyEAp4THI?ohU+3rQk@!J z$SF^Bt@%#n3@#RNn}+6gw9Rr#Yz#uq7pj?b&d8%K$YapzWOc^BncIb*74X^mrJ?3fe-J|H*jl)FHhcQ0W1k#G|8wxn2)#7+6ex?9wCH zc>mg3Tw$7*Fb0DZmNC#cU{^iP_Nhl&nf38v?2n*BiPo{uGhDJ5dN-2CPQuB=dxx0V zw)j*`b;sh|;a#;JD^ykR4LXtQp_rBSpY%B;M=Q_OzD+{3=f^}W%D$dO>z+BE7NP>$n{M8K4jwAINTRH1~Eu&hRi z2(}R-fR_j{L?OM1ME_3EP58uA=)=?MF(D1F2x$mN$S)EB;vx~uq2VD>I2cJ12#AXu z5rmT+7z-Q(dKB5y6g!EOix{|&=#a#H!o8Xh{+=L&`%XfXnL1%VDDW6p{{V+mg76nY z6vpoe8TP~{vkTk&4WoN~zdZ^bdVR)yiS$*m{cleU(Gd&2W_EV4Et0(*Vq3+!rcMgd z6PZ2*_Q9ihu`KVehIqER#_$x&o3s!osuIl>)nM!dYbgk4l|hkEH?$dw8UIV!R@Hi7 zF%AO_9dFVkBIhdD{uUgtv1(|qW&8rQTqHJMb>g_vPB0|1loFhJ`EEQk871$-p{7IPvp(F!qA9$Hw+8)*YHW3?#ctY&*YG$sU$ z4AkU+rIOXWgEu(yyO5r3T&eufOc1G1Lcyp+0Q`519ldB6X1Ic)duB-!_sH8*_ek4) z+QbwsVpiuk_P{9H5Hu{$fq%e+J(`2^_VK;=G`tsOb&hHLbd)VCw$BYLNMp?`+j6<_ z`I)wszGF~+$;%jaG&3f_)nekJ=^lXw;oG5}P4#fI)9p<9UbW@bYZ1TG|6mz$p=;~& zxL)qZw(9f*>BlS8&7J9i(vO#_pY7VFqV54ktQZ-5R_(_VC3WlEl;R)sD2l*h;;Ws{ zcI^xv`)2y!>cQa$W1ah5ymvDG<@d7YI3u0U??ImfBQgrEsa>X`euJzaEc zmB>?_X2|Z1?^Ii$TJ34=%b8G%){pb+AgeDthECaKc&F_?yr0|oZq^-mKkcDg->%bh z-^(%1I8tesC{L6}|K*q;o`Rd?$Mnd+BuhKYhbe^mCK|{D zwKm~@K&zo{np5XacdB=&Vte>~yt%xqt;+rduk7k->yNjkw;lwnJn=qu&SRhYLG7y_ z;B**IT#VHz?~`8_QRSmqPJhy6vJUU&X>Ibk9BeXoM(QWS1w*>( z3*U}Z?nojnvf4eFAWwAA8yoLb4~l#<%4rpfN_`VLN-$REU_Py*!u?6OVCYMwy!09e zH2i?g_Fe3}eo_K!_}Q#BqZ*d3!jLLIY{(yrqmlJz1INlAv(C|`gdlX8crO_4=mV=U zC4Mv){pd^MCQzG%zIrnCs9WoBw@1TfoH6CP^eWXOvBjA>@$bju_Lg_4>t6k30s8du z)4-QzHnB=lvR5(|2U0uI%xc3tL_<41aCEkXl#9O^fboFU7{!(68NT4IM(HRU_;G3+ zi^>{f61{fTurL-;(bXcAZHXpUKOq|Z`?6`4Oi5Wx=-#2vGNEFw+t=(79v zl?w*$$aR#kl*csV*#{p%f!$q?LRCclgh}D-<;OJR*vcJgQS9vWbhBzz8QZ(YHi)hG zGQ+_3R@zLiUh&*hQJS)7-IB43F#FRTO(_xj^r|@p!+?7$`!Xp*24C_x7gqx1qx8ho z?Qh9)_Df-Q4s%^g@6YyDX_8pr`ZNPu^dRog__0cZ9>UjyAr7G*5Xiey=mWn)_5s-PB=AdtKM>;>tQy@A8yyK7lBj3+8mJofu zbV3Xu_=_Q)JhFoc?>vtW2+-r@9(V*Op3($8T;(g3lMFo>hk;;sQDl{uY+(_-+^wPrF(3f9sQk@fP^0(tg))zy{5NQaN_RlbRS64X zVEXPlR?L!@oAqqvsG>-gw;Z4N&QV2)8af#r$ZFmg7p=kVS<(YamyOiCf5a}|n-a>N zEwcIaFeyDU(a({eu_d_5kaqmK`#AwP&qMv37f~Zi6?^DxRLq5Mlb_%t zXAW~`psbGduad`nehh8-L@D8zN1k-ubEJ**`S!&3vM0sq>aiZ^72!Tl=;1dqRbTjb z%Kq=R1yyw{kSAoMtGeU?KedV7{Tk{ZLQ+$soo_TqapBI)3iV)pt=aixS8)0V-)hD@ zigVH`y{^^|Eq|0J@MXi{450>>bhS?@{Np8KoxwFiZe5zwa>;+s(rhkb%+Ch7Ep>6V z@N5WlCnw0QB{|10#W}+dPjkj`u}bk(P+dKxP)bbiIEZd$aQ9-tr>(&+o4TWs;{W6^ zcZSHy+#)RwJlhq*d8uW68!hYSdY85~*saE#^yccfD?;k(GSfRAt&Zf;B=G-nXum^v zF2*?JSjB~!++>f|ZSGuYm;{lkY9kM7+#htAa6moWE!9SdssE0q45t!`+Ig-?Tesra zG}!+ll3UfJe>uce7k4NDs+pZ`xi$-49o*{>(a`oz$e2rU?rF~Oy10W8=ptzj$MHjX zQoQTxgGb`rd$R19-PLx>DDtSKb8(>S>Pq3Z>PSMj8~G_YV(tu<6An&Ngzma(6O40@ z=rFaOM&>J|CR{#oX?vh)*J>O};wo@WHx}p(UBoQur1x1y z^{^0DKYbnU9ESIKNl4_fx) zrmOFu%9d@5Lrw9@Y>ZQ@D`G71ym7wu^c+=wI08qLXQLNYtSVi?G9Jb4aa(tw4QtKA zjZpJno7|6$%+JuXi+LHtS;CGq)40B;>U=?z-!r(HS(TbC83X)#Whdi@ z@uGh!-NT}+L1?QUK?7Eg#-@TD&B8I#Z8OH`4I~Qs;jGx^ArUO+IwqI%iZQ{`MJvuY zZ}!HJKvwd{K((d;T>h-{$Hfud2h0kYXT*X?wx_}r$PO-yhfYK^q$cKx2#MZRfVmOe z!GgtQb}6x3Egx2zwXf#i)U1iSRmYDT&DH*eT*X`C*WI*@z_y5)#kT+HLJj_5nk-9x z721Rj+yVMOF`Bb@WU)Y&-ceYSQ1xt=+9IJ|oK~YOD5#zHT~hHH@ui9-6>*29T@}tj zjubwUlj0YkLSBywd7($CqN!HVIwv^g@sq2hgp5{&8r~&G;mHL@szN7tBI_o)>oVIt z{puzG+dPBCpqrL`haFPZf~5G*JtGboM9u$K&-g=O;`z^>B(bO@#sASW=1{PpzwMD? z0{JsyiAm;98#7ONq`^uuT$8Jw>{2J^G_9L1VO28JsYcZ*PgW%uK3$!oyrYz8zxwbI zt1}DByvcF$;gs%k&om^J4_9D8RJteHp^cl!B|xup*(2BKMx=Kfsh0LG=w2U8@Ax0p zy0LzTCn5xCC$DW?sDGCq@l#Ukj@Ga0E0}47~ zI;5hYIDg*j7AQY*U9C7Gxd&9KCd&!->x;!J$?nXkx=h#Ac}Ju@DlF{DDZYf}gFEnG zzhzabi9S;H5jn<}Z?3BuM<`k)DPc&QkL#n?lsxaZ&GWTBXJnf`C$Viyrv2*i*Zgvl z+O#(%$fJEJm9Zyvyx zs^$x!^V?_B`?@|a1XaU@Z;dG?Q2RLoU)F7>Wa#!t@&Cl< z?co%_7N5p6wdO#}eP*ojVqN z=oy&(ew(?@IAVY&V2^U+wTv>8n4g${;O?< z5#jJ_&ZeZv&T2&4*JnIANbz5_TCSxodZ$gDy%T0fTXl=_9bpWG^Gx(DHGWxYt0X15 zGnd$YWF1RvYID{Mhc#=))PlKrg;@?(zr;3hLATYKS1@gMMq!rq&aAmf^g}o_s(PI7 z#MzClMcLaToLFY*@K)xAk{@=&7hcdE=Gl zJMgi0(Vy|syBB?o{~H&*$9=CjE!Aoc-ZlNMY4A5mkt^oxP!@eY5AnEO=iIM15%<*T zjy~M!O;b?+haKTne%*P=b1iB4tt9@jrNrRHpJqoD)Ie=26SV}vKNPjps`3{(bZ zG^~`-dR4V4AGq>A^4jV}_N%LpP$&vTivO;)H-{3N%w1i--Pm@tx1(~!w&M8PjS}G& zlH=sbs;CeJ!}E3@`a$jAm==ZJ3&y zhNU7)XMi$uh|V4y{o#0dkU4snC(#l%OZcOi92Exg6y|ys)R{kkrJF34u$97nCwC9z z?$s=VjlnI`2s`W%;ZB`W6>hjC|E(67`53A@?$ zgun#;*ugyRxCCZO$D7uhEovE;7q%1+V8ulEq8?KlmX|T=S(zAU;rzJ8{}3)9%=skP z$}Uy*x5)3XpuCW17IiYw%Bo+%*g$MQIR7NBOtJnQ+Y^dy7}l)h!?(xxTfd!b*_AyNe#XaH zuIjaFCC}4Q9)htTyNPXI6dS^-CS;nR<9LjPC1xRkjt4R=_P+_%JnnT66nWx7{4Btq zg*(ms1xqnfh(-yTid8T)jsLvb_EJdY3ZZwN=3=R@pSp-Wy~ehW-F|B*CjD54#c2vWMzO346i(;>@v*o*# z?GIDLE(RcF4lSwQO$hr|Vc$oHI)g8j+r^T6I{IQn&k!TZOfh1eDz;_7K9AfTVtP1B zEXjkPsvM)!g&9cxpq!gAI>pcx*dpky0_o#6-XTVuz#qwu07Fq)2>E<566_#5kWUY1 zV`xkEX&5RKP8TChxW7Vn7aq>g!=1ROh!FN~gk6OaO?In5x-P+p0W+Q0G~Ok4MZn*E zWXD|aMuB??5#d2XMA!;c8K?-uo{I@?LWmiq9TVGNq_S_!SB@ka3&e&IL_D785G5a^ zhl+XTnPQ$9_9w_4_Buk?j|ux*!v2Y{eCyza;P^p-Ga?5yJhdpzCGizj2P3 z^T%tBq=*n276K*XToEx!P^9oMmJkwwwE48iLP6)#A!y7tkiA$GE_kXZ`vRqH>rOya zukcEU0eRve#GCOqL8w(^UxdO!h(h!VVTpJHt8%3R(Z42oDgGhBs#s;q4xygtOHer3 z_J z`FKK05Kp_&JsfQ?-Ant2N6P`>4a;|S+41i+Lhzp=1phfg#M_Ga`2x?cf`J!5D>my;Cc}e`aEK^vkPM$9T8lX@ zL9Zf&L>?wYtWOalV(JahiQkt95nh9!pA>ZdT_Yhayp$m&?+b>%2nPPagW(d{;m$vN z1bm(BctfoU7=`Z>NcUKW3Zx2w?1Kfy3rrN4ERYseh%W%8Trw^e+mu#`l`6c^Xrkkd zG6~m!# zq6~Bp;!SZAk7R@g-ZMf8rMgrFj1p)SXe55T0EEIX(vBs>3&az$?f(p!$lki&781IK zG(nC;6MgSJ<%@7tPwBeSRqS%>$Pjkne%l*^Zqs%PE$-!Ii^|ykKaUKJ`d{%ddFA9V z_HLEU)c9JJZMCdyk~;VxTGskElGJi4ySxp$ovNS2YEx9lT0JX^FT%957MDN2@`rr% zf(p>3yQD0D)qjfKQhjKuT0^zoFqXe=0$n3qx;H+8Szn|*Rh1T#Avs#9o`7xoX?5@9B zbebp=3a%pKa|dv9*d_8zB1QmFY*kax08McKNXo{v4tbI#DLGClO2k6d4@AjpP~Y7M z^qtV}75J-Uo$u$xX`%x08L|AYux&W$gSK<1!sQ+J^MmHKv>g8jWkc=$7T-=MX)9-E+ChfuNTfevc(di&OoY6l-$I zwNmG{#^u$vMm5{8)D~G`l=#>?GwY6NGpu>DGIOR)?H-WRmw4&KtJgNKlH$y`7)*O8 z{l}r1%1w__yyl4M^K;iWF2*h>r}T_=v?kl=(9k%Su4KMphObL+NN@J%X~O*?=f+GP zh-(y&F0onZen(6N09?;Zigr;n82D$rdObT$iVMJYAw+b2)MyR1x=>K+LFUd-eZ=R= z&{U3(5F=Pse3-|7nkl>G+UUh`PVFnwuE5cVzABb)M8Q>*PBTKpB2|rgnmW6^O$}vT z>4*zWF8|?^kgDIgA@^RTviMsfnPZdf6FwNkwR8KQh4P@*OUd|tF?s}{^QUpqv{_tE zV?m_ECYd&fTLY%38}lBsMM1UE!0CEJHi8b80;K|$k~Ahlw}D%O8&_<$O;F)B^@)16 z=}ArCfJNAg+0%(G@4ZEt9eGj{=_2yA)2}(VP7ijyh0x;I!-9U+lU@7I@<{3B-v36t-LM82gL&dV}W2K`O&h`c0D=Fk;O8#@{zS4PfvJR;?U_!91oH4;UoGs_!hIXsa?bD)5%3A{l)=M? z!v1$c*slw_8ecxysYM}v-sr=gF6_LE3Hv;jfj`()STS=5 zoQNub@A5!md5RDQ#~Fn1Pytkl{V;@;!oHq$o-44i*SFgCGu_I`f$W#9wm?4=Hx^TR zX9x|^{8{vq7%m1^P7V!3GpOv1=fm8ac(gi&x{4OKGFfGfVJovfg;p^AHx%QlQjEIu zQZQOy`IIf5ZToE^CJnA&=HNg}0b0WuaILI`GKO>Tp@}l1G%9<7x5Y2Os%vMonpvKP z%X+wEGrk=-=V@E2;SB5;F<@)&lTX_sx|hu)=J`twZfVSk#kLU*c{zF*+dfV`j(HL* zS_ZU1FXleckesuEMMB8ZK;;JgD&+V^ChuA>Sd9i^E8qLek{+F? zV=K4WjD2cqY^dG7&6cmenfULWwy$m_?y>#e+=r8IMw!ThMlDDPpoTMHm z+vmDYH27EGj`y$BwS#N#tO(tvsU3og@U^u=aS6Vzb{Ouz*Vo3^-nraRI~+IQ8*4|@ z{%N^?Z36DVH`ONM{(Ez667Ihbs2z#>?*nT`)%vfn)F$H={Gi&D+AS-BYe(ZA{E*r) zwU1Wxt9`oycK|OBtDU+$tS-Fv(dCh~el9nzyH|(1i__KaeszXDArAAiQI1HrU;FyP z3*Ux~UV{6q`{7Wfs&juP-DbVf`+BkJnlV^){p-<2N7$Ynj>x)4y+?~8_o&(@-L0wH z>{aWDez*7a+1ni9bxXWQ=Lf^>RCZ(??mPFVaJG8&rp?~tb0{2_5>WV_S}?2H|9if+ z&gj_W_1CWOHs|ehgw^GGH{_Vwj}^=C=)Z@&Jmxj&e9?zzs{q3Af0?#a7}ftw=xg6V7m&W_Sf?goPN&+;m+yP1-PewmcgBw zp6l%_)pYL9D)FA2i_6mUHP?(`e(lE#wQkMzug8sWJmx(!>n?Epm^sAp6|U26E{N)v z>m654muVZ_>h|V&n)Xw(YP^kw9$Y(rswmLC65J0=TkLI^w+}aJpPuV*1hk)?@A7v) z;WZd@z3a<)NkVpqh?2*pTX0aV!it*uR0*t`{4B54wKv1esbQ|xS#u2vA+G} z?2BF2N4I*7rd;oD3y&kH#)TWbCuaN6CEM;z-T-Z`_t%xX9cH(wy`k9VxZB$_N8jF% zcd_fcM@W9T-uq_j9NPAyuGvp{kLUT}@@u2J5-GfY*=|PwF2g=HM~}<4oAdSU#|kcX zoqFT}xOJpsy`=p_-X`x^E~gMKr?sWKakNctZ^|FxSO%%+ag8`h=2&L6_hgZ({dmD$ zc$wpc7rQEVnB1Fjy*SBfkE0$}aW~I$S=^-%k^ut4SFnSGRF(aRw_(1%{cKSoJf2;s zac}YJ{UM>kJ&quV_DtbVj&jJ#00~{}irS&b==6%OaRvLy`I{jhKgcJ*z18av>71Rh z#}Vu%`5ebJ-X~@oAfbz0-)vW8w86E~hKs}-inn-A&GCbPbZ$jFC!Kp7A#N_B*{dO; zT<_0w43JV~I?2WlQn9%8j;-F)`F@@Ir!MuLol6o*&hxv5y%Ug8ki+l#*JDbjKkk(b zx!#mgl&hI?`>A{?H+vlZZZo)>pjpCYXg@xe3W(ADdpK32EM(y}_q-aT_vF0Yj$H4( zU=jcPHu0`e;jUFs22Eo%kz1A9(ZKlV9#B}{wQaM z@bStT6wdh??-|#uT<^c;{w|%efpk--jQ(DOzrjsq)W}P%{w4a7w}8FQp>w|g(QDL3 zWEk&}!+rK7^sU^j5d~0XJnq;Cp@+D& z5H)Jal}po=Z+)}(^c*Aq*7IJ}Dc}0iI@AOt^2fN_(R}hx;@9FZom=ANdjdorAd%=v z+^6!55dK7DNo7e5Y>K!qcKy0@6N=*=6t1-yM(^2q2Dbs?f5NLZ%I)|Tu(QwNKFn)J z)N%8vluw#R1sk%Qw*ZCn%<*ck(Ljas+AIU=R+ko~^LQbBCM0GA;IDV@=jGcULcZ9w z^*ELA2bR0>6&u>m&ZUx0<(W7gD4GVn*-fRK>W9rJ_f*EaOE(I4&T*x1pQ>=9n!2TM zyO3jglLn=`8KwJSly1W&l|ASYj;RSF$WfvqlpM<>vSwxkt%J2kg5y~Q}ey7xu(4Tkg zLB)G&Rxpa~FVo9iP!eLG>IanviS}-)86M6URmn7VMNJ`W4 zGOtFjN5CiN2A~?=j2^&puQA{f`7}M{J-tu|Ih{nYtja#=I66b$-dMB`?c>9%E4*rx z8AZ8ap%yjAR?zG&>mbI6WWj{j!BfX3;TS`-wSJ#IDa?hMK~Jl8=xfH!3q! zn2jiN&GUw%!IxZ`T<_7+-+Rx_qE?>Nr9?gtq59WR3C*IW=gfRfdlQvksydBk)BxpB zIzi$_W4eE%x1liCdwNBkBga8S`4p0|-m$_f8>o&@x1Z&{9``oR4MYQecHwz6LK@Tx zO;E6LvdGZxIy1Keksi3b9ExH{w5PJEM{sl=TI(VbEd&5dD z?^x;b8nqHcN+KgsE<+s<0I^nkPoZqf5L)Im2y$t>V{W9j{q*c06q|;UrBJa!BA42a z=l$N>JgWr7cL605;ys%mz&~l!fDO4`(rANL1riK|&(2bk9aZbp77{;{%$zAyli={J z*Ei&#L`$e13~mw`Do@9G2Rc&_@x-|#ILbGw1xR?yp@OEBA~kNI{sI>-)F;*Fdb_fJ z!ndJsKT~8uqz|ni85$u=G*q7iR`MO^u1X109W-ROymnw|Gt3XtbYN zNRd9*pO;ZLmiH+jTP>nJg^aszc4|6`@J!P_l5j+=>++r2c0Z$epQ;w>e`Z1Rhtaq% z-VyPv5t%|RTfG_-QS@r}X}qUrDFQcXs5qKY&7RGdQ9F)9NAqkx2|30Qv6uQ#ouz8X zm4v)LJ#Zg|s)yR0rn%ML#(5~H?S2NMS2hOh%XN8=J0kEMQ&~M-_ynBME*ahei%M_s zzCKs8kGdHuWQPX*m`QinDDB(4Pbm<8^*%kSTkC!ruN^I>Ku!B1P#zlRP;jccGpL{g zbpGwH&kjTfg39li94a`Ec?~)XuZ-oo3Fu(Z7p`4T4wI@p?sk{ge$l zNslJ4DNn{2;H1k*tsXUv@zmV5 zD1RWGda^O-jGRH!)I5*+dx_~(MN{FfMlq$1EcGlJ=NnK=o93!87Lw4VJ??P*9yRoz zP{vPDMPbmPy#DumQWhoGQKnF*g6i-ZRLgHsAjp)4x#)UA+^V|AQO)Ffo9{+Ptf&)8 zgwD(ZM}R-VXqrYDBiB(4f*vovmlH)>kP%7+O??h6WY;)H<*Iwi>yIHuSJ4yR2B2U2WE%f3HdOa#58l-JT1x1;#4Q2jl0Vx^F^`;g*0%5D_sMPm| zs;)CLmwQhX1ho5^^zMsY4gYXG;?;v~%F2D{BvMs^ULLvyyZ=EIhuR&159N5lKJ;iG z@tVN*^BfCQCY_v9;cY@7)JLrR$Afs+_~x*yH#S?{=y{<1Y7}#K7znzH}8z)i3iFdrzQia%SE;Bop+R&!AbN zZW_M*)h%fFTn&#g$ekSn=yDfil)ek#Q%IpietwNstu?&aWvy`ug>64a+xK&(CQy@ zKnCa>94`!p(kN$_xhQM+@$QQ|HDTql4Kze@;5S4&-F>yvI=~-GPidTNvW@04FTNSh5-d&R>jr zo{A}D>%XR*hXp{PzMB%9D?}7hwG%{h0a%}V!EKE|BE z^6*j`Ll`I*Ll^#-V=hXG#X4R@3^`mhz2r)^U7`;*5XKJe2fp*Hpg>4X#xSb^3MKb?!*N zlGrz=R>)(fmOOX#51r|T?OB1JFq_35KE0tSeaZ~S6o<|^)SW>0*nT`gb# z#Bo&9870L!Q~4^0WPRhCu1BrT|K`fQj7Jgkn-*x!BxI@;De;j5r}5OpkHMvB%f+5T zDL&D|wS@J5VR^#(7nTn&u2{ch%ggKk@o@WkzlP*DXabTI2HBl*HOrqlB%P)G;@`y1 zEey$H)&EFJ#=NgNUB-U3^3;KB(4!MZFSWo!F(zS^pBdZkFn8U{PVT$0%BTDk_k+Fc zW%`NVY^a^K53Cz~HKOi;qWr0@1g zQ-%dj6Wn?r4iK}z9~XwP`acAzHJIJSiKLpSCAb*yLWmx#Rr@bv)_B`|yP9qDMEI_S zH%cFgAk;hve|~=l%|7o&N=WrrpqPzT+=Hay!pYyc z-lTY}+kvYe>!rH>CM9Iue0@}rbyJZIJRb%n3&e6UA7S`xDXtG!V#IjN_>~!;tl@R=V zfer3_1rWCTPf)&FrOMg%i?*;H zHqwk{>S2S@G;)vi1%rdl%1)6U7E!#F1+8=a>DiJeJP>=> zoS}vo)QM9p^7Bdv4WB3C^0CAzCQUVG@PJ`g3}QTp6o_kNx256+pUrTNWHDRefA4@G zizYh^UxJdtPd+tR%=P4*L<-Z7$<1*CG&x|gv6`m`gtG7dxGd0o5G?V6WdO?vfDX4O zdP4c;2VCgd+AEZSY`c9y&xNi}fi<0F(2c>_&RG`KhstfNtP&PETe*U@DjfTduxb~_ zJcljOnhLC$zrhu-v1-F|y0B>NYlcwv#^IYz$zi$fd}d0S?6>ZoQmD5#RyI~{8LpO@ z#hx;S4gR6~#@1ffvW`tn8PCpLOC8P@JTxY-aoZ2JfBL!Z*wj$t+{|@p4#Ihc^!f|m z2CS#%Rvhd~%;R?`&T5_MjCGEVNf)Oy?rL3}Q^B7VzQIRBuWihgTMt~@=&(Aq)NOcd zgfj!jpeQUlBh==RW3q+sOBbdI7hKTtnP(`!-DE7z2K*J5ICizl;$jXd{{0JbjB*L5 z6#ou9Dd)ze_;a64bNc9)K5uHHvjtM?@0;j;l)rgCYm<`xB@(RkKBV~n;US(M_zfz@ zaG%b*tyJHohD#6}$OR$b!!P>8uADPrBU$xm) z^1F>0*KLo={oY4oOA0@SfWcudgG z3cNyy@bpL@x$`Z{Kz>NJpLB;rH(SvuTYj|#u#oK7mcdWSf^j|B5%DI$w_D(0!N+fS z3vV3#t8J-@S-uRWU2Z|wac;ZeH(RP^r-^TynzS%v*9}`LtFEt9qmx+r9Jb2k-LQqq z?<+gTs%}8*>PB<}-(^qUu*J#Wu%kC@!&Er|?6VuTp>pLjvVEBB z`=4`K)dp;y`A-7KcaJ_JrxuS<2E{GiN3t1qo~SHPLgFS6SaqPxgG0MH0V!(M)s(Z^l8 z8^0>DpV!}4C&UnJ9`zkX`QU0FFf(=u3cnSDr)t-6n`sE_R+*+^MqQkEl&1(w+d z=?bQfO~P$4tft&PjJ>wZ?$5TB+s({W20fN|+QEJ;w+Hrwj=1`>FUswP9ugwFneCn*)?%uHgxmD>kv@a{;wa3UJLr^BHasg$APP`v`y4>DR%Y!0% z6fd!q2jft5dj#B9{(YQ!%f5iiJ*eB=_lkZEaeXj;p5=q@kgdupQ z&n8ZxMX;@9b`#INaPrd=S8t(42H%E`Z#vR-E1hZz-|P9LefyAkzT6~;zMQv}MsJq> zNU%~l`3hnZcg8=qy&S58>FwFtGW!5?w^)dS9OKxuGSp{qnRhDRSMQezy$u;}ay#_f;d`V${#s?hID@rb6)MP9Ml>u*^GJFrEzK0s$!~UhvmQBo{^urx%sM&=r zg#ED8uJgHtn0i;p3;~50d+K0rXOq#`@M`$>Z~Gsd=#6;|eT%Q#WggYgw=&))=lU@E zWYxQ_r1$g%W$sge+5ROMeLlC$9>}JY*#lVRGW%loJZQRJ?RbA8-`uvovczt%+#DGX z?v@NfU87_WJ!DXJ&;#VEJRm!ihy9d6L3_>TPx zpbAy7{>#BMPQ@k>7OB`gpymN|auZnEa(jev-8oGAz#6J$3n~74VE-fR;W}>j-vs-0 z*avFW?BX(enEzuS#9^cxty2gFJqWa6bqHHfVUHN9gY`aGM?kSGfX|Q;lA#H#kaLiS zAFHGEH2bk;!V7-vGeSQ#`-O10n)SciK1iDj4;CH!`!ajD|9$XxFYKXOKeng>3ArDH zdJw{O3c>IM2!8@$AiJ;(Z?*;2>##ia<03_<`hkjr8j2(N&k@ex*lK#H1mKEfCft`dhDUhYP!F?%M3X-RdiAUt;t z^KT#|`MkUU!c0N1FNc?XAglu+!N>7D2u}+F=b$0kYaoRBI9fpX8wlY(LKX-(*Di(n zqTLMpP!Pg>gbn8~aR|adpO@c(a4!hazSqZ)P1*;-5TBQ4K{yA3MJFrr*bBlX5CXJ< zFa-pfoYD9QX|P*C&=G;kH|*)efJqN7pK&0Nrd^$n@a#F9<_96k7sP%LNY5@2_}lLV z;WZEvd>r*4{6P>nN3(=uEg*#YIKUw3Fun`-5i&qX1R>NH?M4tt@ou<}@F4tDf-unM z9j-gf~F2_y|=Xd|PK)2O%6BoUj=L9VQ0``T~6%gfSpQ`@--8VG#&JM8bxuK%n`A5x8jbcCU6&lB5G> zHV^fes>RG6B)no~b%g2w)=Y?d&p#u~2w=YuE(~D(R{-x1z+xD1M*y1#)V+)|0|{D< zQp|TE;&(s@1%W6284%h*2-gY1Qy^FZ>1{NM%$^2e90<|ipbE>dMM4t$CeW2;n+G7z@HnAPf;+ z62^e=9tb1UdLFkd_05=9VE-2G0q7Ropk^C(a|mUOP7%>b5K=(UfPu%^2*NB7bl~8G zogh3w9BM&$2824|@DX;Olcduig!;nR1Hu&$!hK=v0KpteQWeqGf-oM0XkR*NC44?0 z3=x42-2p-k2qV&JmnyJoN|a=WmT5ZRB%M^hr6SINh*|WZckFa5LL8t^#LLG4=f`-;6{N5 z1hxpg0(21r9V6ob2y_Uf2~r+_zyktX1YQxSMoPGUfewLX0yhdgAh1Q?6%`J=@dV&Q z=K%Eu-FVG>dOyEX=2L!eVyrOm~9!ZfqPk=y&KS(2)yDF4=9C700JEX%LHx|ctBu_z$*greJcJ1Is}#p z+$ivXz!rh7E8>A>nYjc6Is}#p+$ivXz!rg51fmsE{0nplEEBj<-~oXx3c92#f}lpL z%M&2bA+Su~Mu7(ewg|i;P>uGK`xodCSSE0zzyktXI3oYA2!a}oDGxxPLtvReYHZ2< zfWQ`kR|Klj1akiZ9RkY)ZWMSxU<;uO0bUUVI#kC45a!(zEX#uxA@KrYOs&1K9qWnYi=5aVe_J?+v(D6bJq_Tj7ec zj+=%<{mSGqdUoJJdy(pu6!zPL_8F=(DQw0=_V-lJg|ZLFV`4segWaUL8b-(9`E}eK z3)iV}@LUkp${EUYD;B6(HHcc`tPW;B%nJ!;2Z_*v$m-Rsd4oMxwLYHxeS>`{RFVY! zQWU|e6U!~Ck%`PUG+?NqBoSS4R6$W}`|71u^(d4LzD}bl8!t&~*!i77SZe*9z2~0o z{jK34{6f;v<5N>cv$gjn#t$n)EsWN0EQfgPc8QcSSNb`FkN&0WUD?t!pyHF&($Vw^ z*05`6KlaAM_I~peg-+J>Yt~rrSyj4nrFH3=b=K~y9;}tC?va)*T8G^%_f)L8cV(G% zb@_ee>;6B!-UJ}3s*M}JcNUgmfDurU&4F=2aTyu6+~%@4Drn#uE*U!7J0vQK8JRT* zYFJk4ml>O37j&%BYYduOFV8ewmjl0zth!a4Wjt@sl;iDVB#&}C!8R;| zJ_;o|bo_Iz775~^Ze$*alRF+%UiuI!UZyF@Ct zZMI$+G7gVuzJp!aYU`Z&)`a7}S)DBT56^qJsvDB&l3~WlamsDG?TuSC!zrnM)t&0s z@`W|KDjs2CMVJg*$1xP*U|oW1M!q-itnZXnyC%`GE-y1(v+iHFic_(h_vY3@wx>dz|^j zHVU(thxwr{tG>D4cMzBa#Ez@Y1oSh#Z^XuXvf1>3oVPLckJ{2aPiE?!?<_74B;V+- zIj3=t^Z)JaR6or*?UL?E*S!40Ut*ot;yUBoVwSr9q3Y}^vm<5n=+u<7%mcfM?LTQk7A<^y9@WEH>ekZrrS`Ueb33r0)b6hd z{>o~ZvDWvs)rr5S*oqbQj&846=h4}yVy#65BcXH^Q<3*qW2Zi8#@^$)is&b0&ot6g zWBWAnx435KQ>I=+rq1~;^>H4S%;f%HhBjn{Z;oz-&(&9JT;a>>t2M0fJ=XWZOq^jN zV*}IptR`ony6K?BrEknniAi{kSytLR`@Jwzduy$eJ-E_7NOP(Sdv2wDO0?Nw%AiO} zzui-k1>kO`6abe{)uU^jlXJXFy zE-j-;2TFaH(waZ+w6}_8kzrFaqx1;4G_w9x6*&LG+0vhB1 ztq)VN5*8N3IkK+Rgk#TrOq?GXusvgNfj0ilOta%zpInTcL7?d0(!TWR)=-YOW>%mu zB#+sV)%2=UX5>cPM@$F%%;E0aY47cE1o$)+!-qdn(A+fSy*I80XvuxRd$w4A&spCM z?0G5GYf5FP@+Blv2Bqflx@?PmJ5_4@PYJ?sgJO%tyNkfbDGD5Q+7jG%=HY%Yg6Wx`699T%qWo_r~=&t`BjI zz(ejkTo%_pH`XRaH|0KM_EO?UGC#PlW2G_nzLp0-1RNmHXe*H|QbJa}K4?(EQw4_# z{wx3sw1wk0KMo(fz~cHM-Sc}jin_S5S4j}~?aJKQil6;HzxLp#1;6kTw`9qx*BJ&E zpxSLY%o(0Z_xP&Ubg0(_cJz9DU#_8PJ5gR@SDyKDD|XZGv-@+I%I*%%6K)6bbb*5l zmK3PmAQI;m@PBYyky(de7vnMdy-%2rF;y0>*KmDUweQ90i`umdO72DlSv);*v=JI*_uII{rY|NZY z`DF^d*&TFN(>px3y$+LTveiF*0Gsg=9~8wU=Wz*W7&PnM2aihft=|VPvQuwGG%fgb4hKw>CF-g4HR;6^5Fz9XJT+!S!!kR#c7^ zxQ^pWMCEu9*RBKcYwQKOpjLeg_Ud|j^j{qd^T;tNX$Oke+h5f94;gAMoRe3;f;ZZu zqYG!FTegsQis#K=WLCRsGYV$R%%9E1Odir9W#)`oW)Y}$FFNtBPF**turQx*H9Ffl z%Y|9x*rAQiWSu|v5sJYUFw8{g$?Rq6vs`mA-+IO@5k^WMImXOq(5c;e*ZhTx&_kSM z9)dsQImn!CR&hiNPG)(@P-nvd;=>eoIido=O8GT&x%Hru1ec&!!w=Ce+h zF-c$T%s=C+?H^Rx#^TI%y4obkjk(YMcs0B}4xNV{(pbNT{MH0k8QKNK1f>RNhKvnS zLLH%_Lnnt$4}B=v)P{H);pT&R-!5`SF6(PP%W>$eCTkmnT8bZ`&Cf69id&q zpNkjj&iab2?UMR>x4PtR@zn{gf4ffm4w_|~)cxPNLEm{&1HWGg<2esaQ@PzqTfoN; zN9*Q;SDr|z8>KXj>bHcaBT3PoPJZB2eK3oh#f(C-j;E}i1SzK?sRdU^%LQh!LGkz@0c!`l#|`uFuf$o~P3II~RE8mHXmAu;ac< zV@rKk$C~*Z#k0O0W~rfzc2lb6jIBtM6zW|8=}J}UZfEh*QT1NTr7XSTm%h}E$E~XP zrKI@VGkLIhhpxdSjrBzghVsoe2aQcgEQ>24&*S?_nvqw6r{b5{f!}$2Umx@MP8G}; zuKn&%s$9D>wZr#*FT*8UyKZ&{PEu@(5LP+<(J|1ccDDLRzdeViLgginry6#ppJOr? zWui}Gk3J-ZJGYUM{OhimU1v>D8s%(Yy427Ws_V#hZn1Y9*~yEse0*;a_vKb` zd+@jyE_bn(q=tICB2;G)YJ00t2|Uzim)WH)cC$MU*>209lSU^c)|*$D3!s5TX^Y;N{~E?(Q* zd<96mnT^9WSA$J>i!mm92?UMJFbBQC5=05Uk@*H!o#c_3a=V6$zb$hMdul7@L|_cK zVXM8nX_9xQOHQ7dDB0JBoN&>A1VaH8YP!e!9Wq(KQ@+cp-BCn9yn{520#oF3IigghAQr61A71t+#5;I0j*P$xyB{v$HpUU(}B$naE3-L|u64 zi85Q6`_R-wNB36j9Tb~7+^{b6Jj|Fo-XbI(&y!KBbr&8z=TbY2>!vK5P#Xk%Yguru z4D?^7!{4N3vM0k44?9O9UJw8CCsWd`>NwCDFu&whqh^Tu>RjZ8W$mFKe>JtnJG^ic z6WsJh2J@#xRw0Sy-C0|3fDIHQSJN{o_U~O#N|TwCI#1ZGL%3IgzLF1 z>$bemliJzaKI!f1_wNgp)fB~(CEZn9JNWC)Io)~Tl{EScUA7z2?H1A%3h6WuZU+~x z`OcZcZ)IliPBi82VV=9~E-C3BUJRY(G-*lQ-AlIaYV83_b(RebPOtiSQeU@t~K^ z_A~6bj&JG}Z#C!w^!B)PO>g_{o9~t&*{4N8Hia)0i7h!CKItM@N6YL z_0t3c|5im~7YwAsmV7zk!awHJrNKT@AyE-|TKJ%>b1-ys=4mURtsDYgR>5m>>q@Aa zDGay1JEs?S+7Q4yl}K zyF}G>Y{lsa=hTtC_J-Zxo$L((8`V~4HJ#&Z)aIxcY*rt-g${m<=n_y%IDii~kI zTfj*855e^hTq|+y#`Ptx48+O9^%Aayu_i}p)n264@}BEBrR5ei^<9zJq(fmi!%^-Q zQsd0efWe;CMi;Lwl09#cxote`R67=XugHVHt<(1QuTe#PRm2`}XkXc(xT%LK_Igqq zsyF!j_Q-=PhTo_T>KN#`8H=;P2L)EZM1xvZ<$)+KW#IWujC&OR)o7j<%-S3Za0Kx) zb4rH?ZTz`<3Z3C?pm0GrL+3*E317Ww-jyvbIni7#cMGVd7e~?6^yHv=5NIj9ytPWT zm*Mr+P+j$t{D~1}nSGf;`gs>;j&;m;^S~V}4_{t{{-!#HRcqW$sx!^Jys`P^wZ;mlt?dDvYH;^ESm3V ztE8jVty=}|WAH3^8P{=KmvEg&3kkz#;oi6=<9;V_EH3&cF&DVPO$3@0b+SLBdvvmY z#b?}Yka?TP`v9JIRpyqO{>j1non~utq&7Y>DlWY|)3}ZbZWO)jHhU18G=waf$9L2w z^{O#eG(^eWI@G?z>y6Ly910rs{{^n@)tS%oXE-q!&l6PpENZ#Gcrda^W5YS_F-A|y zH7UM6sw`D^;c3oDwq2+TN;i5mTyN98n)*NeH5gs3D9+7Kb{Kc+cs=k|KAws5h4|YD z<#vi?4lkzpG(Kz@)8)5H*2RTtzBBHiGe5yK8RNr~=9ALi>mP*%ou7p`$e~89xFal+ zIji$^0k%oJ)7H}Y9%JEkCVwnkBW%?Fd58=Apm3*-w|gM>7{@)bxChk%&0q}lX#=Tc_t$2Cd51Gvkn zw6`vviIbD$^8wwh)v8w1*5P$m_D617)N;nsh3BO^+&YQUU*AeA7Os_hcTOHv%T`L< z!MpGsMA+|n27auwAbx~!+nZ(0@rq2Z{zv{*FIdQa8b>t z4_y{i?6J6}7HQ)5Ks?#A$IX-2#*L4$;%#(8ql?JnZSMZMa911}n~@ho_V9MzH@II- z+Lrrj?w!!#q9&v0`tWCpG3gyf z>gTw3C+_GP1j=g4a<1ZmUVM;z8tQC5&GY4dl>3aHj(?Q--n<^*w=Y%aE#(aT#(z`y z{V#!3AqN`LOVH~xJKn-BNs^}>tZK;kCo)3bBQErkH?F!9j)tQ*1;L*2TvR_dD$hsN z!4=y0xljn06c%!}$>S-KC4c(7c~x_`%b@Z5>uio-oPS5*q_@fc$GTJfM~S7gMOBZW z)TfG4AI{^ey}(C!HeRfgELI%kHJMT=#de9FU>xNO`{xG{>`iOlvEA>tPsq$b{?+C+ zZM?jJlA4chiH46x@%WiFhKsb8C$eveE-9>Ld!>BeBwwtgk!wq(-aNiPuhjSM%>R%c zLD%r5S`*(#6;!$XGH0S%_Ir1xf7oKR2Y^M3_20(Bs1`6;)aFqiI$hd$D~sK2Z|_dZ zjKnxDGDG%sB#0bni|_B(}q>8q$)~H|GzkX@^9` zVBz*z&O_~Bv=fQ?(X48z6m|FwT-;!z4NP{ED=PTMa6E;J%zG^`2=i&kvePjG8MvtN zU=+cBkAdEUs~8LhOdFV9iZdxqH3uNT0U_qqRs!r30(|Gs%>w(&ejPl_Yc6qnm z;{iPNnHuF>=y9{ za98<$t;nfd3hphnVzBdZQ7guLz>D0S6y$vz0SZL)6z4)A_0SIzTqfRJP+Zp1RBiS4 z`O!roNhWU|!p{=nN464owuou|K&@BnFh;1j{~d*1`b`qCCh}PK?gV{+Cn41eJ?wz~ z1FGu}A_&#>3A{!*dBA;3G#K~3SM1EE*$7iz9Sk9!HVf!}{DRr}`i20BcvxJrgWPKJ z{F3E0iLn)Vk|zX>P3^9vw9>*8&b~qmU$~Dr^R>KLm~FD>0iNhnJW*$U5}s5&_=Bo1 zcVEigEw0@B3whG5muJZ9vYG-HQZiEGtTgq3OFbj%`Lrl}xid;6wE-#lb!`Wp>6~Xg z=jkrvOhYP631&yf^mb@9UYcov1;u9zq6%8NUX%ySj;w!X8NK6aVcuA%70g{nctuAQ zr;7b0DmXQOtD^E3FK=%4!z8hIT*Gip!ZjV&qd}N`_zZ67!_o=_z7QvO*PJJFF}B9S zr+%Ez%gxs%%WFe+R^%01$xJUPR8=ak$*%k-g!!i^Q<=NpyJO)Rt%R#O|00mP3#~QI zN|Dz=cQaeKxh26ar}B+fIg2gaDsp!Bu*UK#ltz!ImMI;bc^qBWS#>S@7fAKr7AK&) zvW0&%zf*kL_d373g}ZXRl91|e;%+l$XGrx8#hYS7JbN*FC+Pet>ItpnIml{S-- zb+B-*$j-}${gVvU8cPU&qVOjHmFz|Dy*p)x{gUkXMljX2F($vIm+8PF>|GhO(2PR7u4^KjLJxdB5LO#dgfTS+f zU(kFZGlmqNLFvz<+(ULsp3iO-r~Os(43-x5r-2*SC$A-i<x+tRF#9a@RjLBH342k9Q4=*&hO%!PYuN-dqN6u3>tMX#&q(HvcKy^IA+@6AR6Pfw%S4zIZJAK)qlc<}6Z!`43fXCPl#jrhkfc6dHHI#paxEpMdxI-< zox^rYT}n`MJ*X@Pr)Od_<%b0~i70cl02E9(2lV$^4esw@a6cHK`-;$?^U(7BnwV2bAB$Qt`jxi3NaMY# zvu^$+&E)Nc0P2hUl*Y3>y4qXnCW>NH)z>Y-Qn#{5xwb5m+JFV)ik_5Ddoqpwx8U=eKw#>Y!g z5$RV!_*`@Ihd?s%UjebHCVw{gVa_gfjHGqV&6(&wX9_Lc)2cmB`c70k$!KxrO1*|P z_22pLIa4cZ=8dfEFdqf!ZvOY2nt4>B|DJRFm*|O>eEQ0M=9g&t;)VXR>UY+s?4b`| zU;Glii`~M>pu?~U{CfP48-3(oey><_2D;wa2ZqxEWouI z*Jg6VHxpLrA9k1>ogO}x)pt*^vf2+*aNcP~NI>vNd}`6)4fY@eOk`vC_lRcRkvMo{ zDElDV(2*6Vh2t=>AFZagQxO1RrD9wf$-pBNu(iWXNr6SeYdTxIGq^oFCMRLGFix{| zmkWPjE`{8X`@5tO0?pj#Q>$(q^{xouN2jXrs-jo)LVE zjttJ}hj3TlpJHN0obbyIe$&mwI#tw7|hgbEtL*@@jD;f9eqRvy|jhAsLm!n9#Ob~~$K|Ly%~Z)RSAy}~B3SMK7(0i3Sc&N-MZLK9?g^5FfcEfVvd!i<&^hp^qm z%ppS}*u{~MBeX*A$9@})yT^tMF|z6O=Z_(&ZP}Oc(EKj9-oU0G!g0dAkJzz;<&2aF zcIX3p95X(F-8ecj9Pr!cu)PDDdDvdX4sTN;SdTG^@xb&WcB{;$P972-&@y+1&HY@7 zW_#>7PWY>(h<5e^dn{W;f1X~2BbBGVr8ly;QHmdn+o5mEdVFXf>`$3llwZh-cj&FG z>_hty_W9%?ZKD4^ai(SSNVv0~KD4)G*PhnL(ae~EthCdxHteF84XS?PQD&ol06!ohGxxY*9sp9xu&^L%q<7V)5O4mN=WEs(f@s#4n z`X&$}*f4<(!r|gLQxF9>{xK!OjpZ9O5uMKOrRGO5dI`)GxP(v zL=H9!dW*o<1?~_?>**={9)bG>9u#;);4!^h4M=OjD51W7DwYWJ3N+%aCHe0Xcu$}a z!jRwzgz%qEI2z0M2*=<^Swa-aK|+M1rx6K8Z#gL=Ubk>KE3igjt-y-{`BE=LyejA$ z0_z3RV~vhl_QP8w+IX!yAq27#X5m>O=>3G*>RTs5_Z4zT$NN_ipce+yL~kQRS?v~h zj1W1vM>rOBAqbd)%1VfY=s8L`8zL}W;7Ea^2_fVJLFcIGmZk}ZT!FI$x&-D6ED*Rz zV3EM30*eJM7ua324&J)3zGEHH5S+IjJg81`e>Xpdm!IW)l^l?xI5Z2&5#M?a$PeNJ z@`Ly$;;}0HHwfHJh-F+fJB8xWUVB8J74$_y#QTGA6xQ2PE13ktKXsxN25UM>ZXljP!UMmnwH937lV7@#H|lDaa5Z1e`<&!5<}rMxGPy8wio%J-q!RhbPGa zDrqO$y_paJh6#EhA;OgjdcE-9LI}pS!u_gn*NEmELI^&JphpXO5+Pbk5w(Akbh+@L zJ{#qH4Ixy@4G(B;aDd#<0J)(7azg{;h6czD4DeIphc561Lh!FALo=k&fBpiuF zZnTD!RJceOn&$*=6L>-(H$=!uEzu8SQxd`y)L1e^a1S9wj-m+B{;k454H5pif?gu< zU4ia{A^>f;YdR+LFWrB5V%NSk-((_iv^ac*j`#K z9M%Y2&yl@)PKk1#z�ZP2g=p2w@CV-MMvx{}7_#zC*a*6&OIq3htc<5iVQcG~vEb z&}#&47Vd{s+AY-z4|*R-jKW}Ch>=wwSvztkBS!9IlnBWPk^5>OuTKKk6Cx9v1-(V! z>jHNO+|ALAiX|NO3p^)6a zhJXg&IKl~NAwV|;oFF`M3Bh=SplS3&s^v>^p;9^mndm(N_X|8I@QA=;0{IeNgg+_h zQ-t8-74+E8fyIOf zM@xYXxv&+4$nXu}?+bOS0Xmt0h&Y6B1~eitUtkF#B5fj^2_r;^@HK=^yxAiJV+rFw zayJqp;dX>5f*!&>Rp5h!v#^+hwz4qHRtJ)l!!ppMqBVq|*9+V%aErj#1?~{ITi_mn z`vo2pctqeaLhwH+X!j{`^D~en|3jc379|@Vg^CH`-d)h+1U;P)IV=+NhlD7CvxNV^ zG6g}0A@>FsDjgvzYce7D4I`Y0@}EREd9ZS-gS3h#onBOPGEpQqd*fOt_VR70~+R` zS40Sn%p-KbViL|r5exTY!u|6|ls}CNBRc@0x{@x1jLwaF{h%fC1W9!#hY^@t_ znf9NuN5rc~Bm6&JYN;#=o=DNR|NnXGb>Ndz_QP^;GMi_7aV^<6D za&F6+HahIdUv0!T;n`^uP5N15@dRL7PmIGk2y5|*@nqh^k<5Gm`&-n`>k@#VGv177 zFaMjRyle_*%dNo?%;e~A(w{;!oYtLd31>q-z$;5D!`b4mmnK9o<@a!t-Z&0wX4T|f zVC@pXmYy6N;76}aj`^`aoS6xJzCb*3gVS%Y?1ct}egirZqJ zv|!f%)$s{_R+NmZBb$!<;AtrCGW4z}N*Md-Ke^#_syqLcr?MXw1hxzNUgldu!Ir4M zurzgZjPx{E1GKmHtWT}Aqy8+^^dg(FJlUeZg#N{U*n&ye2qJ)r%`-c4pHKidab zv5Q81)?0gmal(-%-r(_fU{M@RyltFlA^sDqcF+`v#>tj9Fz;!g<4yJ!7_@nfJI=OT zt&?zK-7A^p?A*^-weNY5!eA0r^196DIhTc;i`CJUpQ*ITQCBxJ?@)t(D9&RGwB%u$ zO`yN`P=f~B1*|W=o-bhr$)si1U75oT=Sz4JpIM&d=@#>eS{Lfh`D!p{VAS^sm^~S? zBe=oEm%Hd2uqVQ%5ckeFM9}yP@ROZCGVPRvP0oVFkN>!Gj#D9&p^la zytH&#oip6{D;M~hYdaS+Jbn9&NbgPvD_agV_=N^~bY24{a|S@rKZ=v`GKUX3pTh<1 zV%t^cp3HBrS;o|1iGla^D%EdZmcqG**y1o+#4I&8$+P+@_4=J1H40T#)^{nL6PiL9n^h2(Fnh;E6u zJ&`A!$>UA+McUh9vWE=KS-ATc?w*v#R$sE4qiFt|n8N4C-Pcy#ucYx|+p~3S*kyZv z_aL;yEL<~j72%?nOSHVHd!8W1kDh1H)X&3m@8=Gj_Vpe$7v2G-;K;bMm*c|zVsRQAbgPQ8HM;+O>=o> zg5Q1&)sSicO*q_+$w_Iv(EJ>U?n*^y?5OSVmF;=Kn~=D7AW!@g+fSF#08EczZD@F{ zzM)9Y;n66!qpJfOnjg6C+Iihz7(d*2zB`X`&1Swb1BZ}9w18Dn+h@#}akUN=CXi|e z8jasb9=}s&EXs2rpYHE&;Du?dh-@i*PaJ2}sJd@znN;~#6N}oZHm<*#Skz9niET%7 zqb3xBZ@M~Ygo-UJP3l6`>z`QVMh1~y+3x^e$JH$3Q&o2j`hRdN0@BL1*A7gqv;RZ( zUy<3)5$ssOj$gGW1wX}Q>M(xEXgU4~_UBc5#|Jl*j4Sf*o=_dSiyBuaISmS4PYN!1 zj4z_pp^0Hu9Bt#%*l)b^eiQqqZf{;FZ(>VIW^%TJ$A4PK;(oE41J$-YdHh&5;uq|m zpT+WivG>Uta$hxSlPnoe8Jgqj-{PJ&g!6fxyC>yY;ZAmDAGb68x!-Ex7rKk2^z-P~ zHM&^iFZM1E(85D`jjF7T<2&#P4H36K&2l%Tz862*eqY*NCG9w;H^%p_(_q(+Z`jyt z*mxuHG<_Wpqitc#5)xG!&y3e_CTHtN-}FN_j!()YHIv?l;L62C&G9K<3i!?dZ#Zq+vJg`HOK;svVIb=R){(V6-Xy36BVcWuAVcRS~MkGt>9lPu?atnYPu zSa=0=xIu`icak*OZ1Qz`Omg79ynNTbKb!v0{TVe#U2K9H()W4Jr>*nw6?(v+_5{gE zLEop~^q(Boa2>N~skQRTRJ!keYsGFzl~0Na)!Vt?idv0yn5s!ttiRLFnaN4|TC({^ zL}T5XN18-3il(927D?;Dj$U`2iPD0SdThTgYqPGMDFkILt(Ud(HA$8mWVfW;+*OR} zaPE&A-B%Z9;1ndaBvqHv;!H>2rcJ4nPXFav zR2}*2n(oGmY)5!{2X2Qb>|D5-x|_wbi(F<^3(C!pRC>6&g+rXhXDY};%#RhtPL3y`jJt&0=!8CYJ4=VmX<)1OS783 zb&kC(TMV8_bz>bln2}BuNatX_|JXz1Am;xo&YCG>oqxq16y{8MJ*Cj>9DaE}tX&`; zQ_-idx+F`F-R5^*@TFrVVJub)rlZ&5Zu5F&5VG+Yc1x?3iY)V1CoaqR- z9w_(NA*~N=kORr>o4TK-{W^_S3#OYFD702E-F&W2!*gXU{5kXzHD3~*KHXs9`NzN7 zNBZxvhQI%@?*?o08+Q7+!Fm$Zvr)gfZ9P`w~XD_L<*e=GG z`Xa_1_elxIe|ee>zGJt@^#>lg!-KQWeD>L3((`xw^MI<~?T>>;??3F-GISx|wZ|qk zVP=vqKFnoIKJL34PdU~*T$mmyCzSf?+Eo8DjV@wqs1%G@*Z=QMz_vKZ}kNW-6X_VYtSsALoG2@JHH+xT3W~A(~ZcGjK zW;NX_)L`n{Hs6F~+0!?(6Yp5I2`ABK!)*Tqjk%0me8fKeGATiYkv5WZk0&HuKZ_SMEu z!9B2#Z2Q<(%XS)-Zo%1o;b|%#!59CrAC1bF{!M+}uKL*5bYNew(pk&ev{B}{@kZDT7U*?_n>B!jjkiwRc(pcxz@X96i zoa#-&`s5sMOZvH$JwzhEIlJA@li8u&Q~$vnmnq3`KV)Jha*v)1rV~1UsiXW>TPyqw z=j7f2=jY^MhOWN$dVciW@Jg&7!tM}sh+9h{?f85;RVCU&QpQ(xFaLhUnpq_$+z%CZ z{d?K6!gs~GByK^Bh#B`W9wTyJa;>e?kKT7*0~o7I7F-YDB2CEMO$R;;Q;t%ze>OrH z3pgL4q=bKIT8ou%)bCYpuXO&qj&}R#*;b);xV^1XNNu`(d!@mE@PP@+U`<3ab0jDe z2sbAv^8zCis{O;U3Eo8(Zc%!gB9pcCdMrOw>Ypn<=Zi^Z*%qZoXEI?u&N=hP?>plg zIdj;)v%WIZS>GD-+SK@(2Qc{%vt57ju&ov)1JSsQW&R1w5k2AC zk$b|ooX>fU#Q^gnb9PedwAg}=jp?jJ2aHVKUiFR7l)wr)E2H8313TJT`J~I}g`fJe z`563D-$)J3h<4+syO52fVG2Gd{ZopxtBdkg8-LFpK2jKhk_l*tl>OPNuFBBh0M9Ev zGj`mH(fqMEfSu{8#LEHfR#(La=$5F&0!Ab%GxT0-=*CyrJBi91t=GJcMR!xagB<1T z_ijqhSS<0b*I;`Kzw=|`w#-Yzv*NqGX%i|c)h3qKT}eXNjch@8B`oi|hb{43CP$XbC=*rV_5^LR_K?-sVnI{yOaaREF& zKO`qcR=2PB*ZXgZJSunAT>nil21QCEzrTO_8u{>GDE znn@eAXs}(`Tm-k6l8@h#(q2I)=>6h_nRzgWDUFY7DGwy;d_h3W1Q3pX3 za-+Y}aIe_E!mr+6E>Hic0n-hz+~H*LE2&x6zR_TRzT$_YQ`2Sh+o?+Zo5jBeq@g45 zt!5Lb)5Vg-zuw>fFm~HJi+f{&Y}5Q1v~Ha*GR%3iL@oguu{M%2t^G4-<3!n!SS#<$Jhd0T47K&Bi}cCn;|>0jCgrsMt#h)iV_jOk&QJRs zbdh-A>E6oMWNgOtQGO&F)zhYwq7P7MQ=IZ{*0wK9k(aINi)QC#AM{nCwbkZv?7P0o zD)}Ir-A~zxsGCL_{H+D6I#*a zpO0x0>QD8jX&5au`4{=IujUNPIIwz8qB#oTs+;KXOfNssZ6N7zT7_K9XODM}~#2wVGm zWHhVAy_+V-sJ{X=53OjDG5fyEsy|IFX$epM50A%{EUAG4=o7TrcK%*>hjdi@D4+;Ya>mzX{R#t*Zu0^|p@$&ljekS=dmZHZy`eToG)^!~S24PZ! zbW7-tUgU;J?WJJwrc%j4zQd#_mi5lic$~J5>A6Zzn~v>oGdzYF^=&Y}SC1F&m%2to z1eWnAq4~If&A{E$-+~#qZ^oP0 zsW#aG^sx$DI!Yg+K)3*$PLM7N8eg>G-$~NxRDXQ72i*m0M^w6u(_JM+(4TTTQF=ts zIh^h$xdokwM8fb!tz4xu_`J<9%;r2G0#Ip&NqwaAf>sl>Nwhr%3Aly(_me`QDWY>Z zJwURutpyWf-Gin1_p1&*;=!|21jIKQFdizsD(D9}ZI_PykADiEeMF3DVp*7!CfyYN zH0BGF9N1JsO<3XaM@b2S-Vcpo)4tKtAok?b4|a@q3iqo#$5|4U7xCTC>2cByR=GYd z{9$rB$yra7?jT6Zk3_#GqR^*?FewM-TV?S&r>9D(f`%1^|HIN8L92z5D=lZsJe|YG zP!jb#$fME+2-5PSB+iH^-Eki#x%f;b3SZ0Vxso2diQbHI2t(tFWtE=J9ph7lGx>!{ zh0;F+J(`ptEtZN7#EwvMWP>`<8vFj`A1D~943*jZC-ot%W=a1rO7Uk~p498v^izW) z*gxATrUTjxWtWb{w!u{A`Uf#f{hbGuM0WQ3q*kQ)5XUMJ zeH@?52~Uu1RgvnD;S-Wg*#0`@qix+fP|9knT^_Wiy)2u*C?a!B=6< z4emr6fcQu(8NQIDazS4d=p)2?u>k0XP8ACi7)AJ{B$)}n0)IkCHIfi~wh)3ZO@*9k z_*#9HZSaDT1|E@ML7%_kp&6*Y5`sS6=k@wtQ$Wsz{-PY4k{75+aEA|9VZh`cru4g7-;d6o1) zeFD$Gs4j#xP@%vk!t=PG zdUB5u*q!hKCZQ2RpnM={q<|1*y-3hSgvjtxfyH{7GXe*C=o6NSfU5<*2{e3%oD(8} zlZ0lhlp%xwjf5~*iXRX;oI-66Ea)!6zZWp>GA6|k4S`bylAxMNDF4-TgNSQ{ z!+L?`0yhgJMqI^2L$x`Ch^Hg>Yr-Pqk;23Mf*g|j4fR1x$OS-AnaLf<1v?J?8_1!p zSk3|c^0N6}F#L~djHyUkjBqlA|4l6K0PZLHb5vGBsQMBia+(3n5zZn+t0*Rf#{MbX zPZ0W}{A=mv5p|u10kI>g86hIIYeL?BU8rQBDaXA1g68cPn&8bBH1*Ckz#M_O0%r+y z38ZFD;UY*-dfZrr#3KnGl+d9DLJ%qv65w@02v{R%ZqX2~NrdB%n@_~d`+Cf1pbSA1 z%Lx(gV?yxZh76kM1Odn{kl=1oEtfbS({)HP6zCOr)=f7Ls5YD!UKAcQY~p1`h#XV*is60js%|({;vz%1Jo>0 zJGGSX5kVglNX?7AZO0Jm_rRf|US8sU!O<^ER%>JX3o z`EwmOPSB4L`cO%U?=z^Rgb;A4pvex9dl^TR{~F=2USPSvEdqB4+$}Il2ry9KhQA30 z*?HyV%@2a{{sfxcF2pzdfzB8q+%FKOK(&p+!+^3U4-?@DwZlQ})FIrb2;`NuUR2f+ z9Oi>wYYD0Vyfr{xH-Wrv0(sp8^12D+brN_?qlV{o6Lgr!2d^@}i$?{-n-w1iDyYcVHYUx&dft7LOJ%7)>-7Jm)pSDMg6gUv_1e!2gmuLt; z49WcmfqoE_=)MB^aNv%xcW@`okpEqQv|%#Q4+_i`$Q$ELD;CU=1H^e(c#x^5gnuSP zrMfHJ$+By9uotJJ)$Ty$<|G=sK(oM30uu%H5NH+HS0F7S(}2$qfr`L%fg=Ud1BAk5 z3!DjbQ-)UJhHw)hVnShxzM72>uwyq18enK9EBZ(;F~)w&oJTeU?C%ztfp!x@@RNiPkRdj}-Jgfh!4r#sfgmR|VqyA}(Nnn{JSETAxKZHW9jDPY6dq)xy1#z#al=9T$b~ zE0ET65v>SJ7dTR2w!jGja|F6);)cp{KOu6$SGNL_VJV5`3%`K*Lm2lVLp8Uy; z>PUA%(?&Vu?jS^2|19W6!cWlJjjI1972VP{x(P!w2T~6BNrlkJNkN|y=q2n1J0$2D zfwclJ3gibIg3nb!-w;?Yut}hgBg&uFYf-{du!=f?J%E&xVFD)*ehf_r`Ya)A$eF0f4C8bWIS>xDzPK$Eafk%Z{uSP4=2vW5FJLR7*6LGKax zAt8$Lte|Uw8a${j5<;Vw1btOtJtsQV1b+1MG{+kx?L~!-#R7uz@}Ns{6OPh^Ys_bW^I&-ZP^b+DSD=x?)R+cJMs8K z!E7w%!?S4%l^lHl-0}YW6-?bfwNNS341Amod)3g6*RM?%DS*{Z1ht=BBiU} zG&Hp`Klb1kGuyE}ixgvU4i-*WpC^#`LLN9vuzDfP--f#Ix2M1NCYIf9!>V)g=p%S&0qghB0@`KNxSz=QA# z;9lPor;CUg!qzT8%z_S&nDoDbE>r0ti@|wu1YUKjwDs)=1KHfgiobqHTb@~pbnNG} zfZ$~Cqu+YCA63QLPmw2}_mikDh&c9TmMQQU(k?={r`WBDUM<+=C&0cK z-Xd!kZ|CTkxd^rG#YonxNa>>A+yR4FRb%-@iYd4VaTO8`S3mZ`fX>nSAyIe+vyUE0 z!ikM5aD7!t zr#-2d09_7iDJ^c9?hmNL3WS9fEB1GqsAB`O@RZ!0yYW)yuSn~&?=p? zYDwInXgV`aSyj3O1}ufy;K6!6g@>r>z=J*~c*d5Xm@RXS?!c4fnsLdMlFL08qyLmgQ0v7d3cjUS)C=}s;@ZQ;;+_H5A{#o0 zYOvK0Sxtc#5iFZ?ef$}4jp<7z!i!<|GvH!f*3#%cA@5G`&SY)=J3oT`_ZjH10CXAq zDLgcSb#_CK0}*^A=Qh-h;68ZIWAS;`2sZrGm{7f|AB;RteCSbhSn!`$U4T@Km^l;^ zmlGGS8o(L^l7THPwNrnLYk9WY{#SVU!JB?Ac-6BR&kt_jp*80kaCX6)I6un9E*KrH z&l!Lo55As+MMR)K)S7(>d{*(YYWs-rYGH4D0FPQ;Y(uBQt924ei6}uN@ffZa;h+8+ zcWE%5!m98)|Hi!tUbU?Hm7x(2{EhilFfS1D&uzv0$B0MaY}O`pmaf(5Uc3hQc8UqF1s78IId zbouBpu{OQJEc%*N&=89+RXYEl3%!yD^yxd0#g_+mOkv%J63D^`m6f1i>Zt}k4; zxR;Z)S+2ypTW#kg4qa)ST^L~h9V~pOhHZ|xxt;@)2%6G(=StSr z*|2~m5VI%;r`vMp@?u-p@s(a| z^Ew!R%dHmt-E5TxW3rbe(orx%w)|Q551d>#Z$6Hao87a}HDlrISvb#5ev6<>!fh1jleV_jQ^9vfVj57&8V zc9(KHuJENgIo`@MmtAGTB-#)@?M}I!no=0Tm)@zMxF-m)nW;kf?QL9Dv_`fZA zBKUsmevUm||dQIdu7v z@oD2HNqO^T6fB&NGNmGY6o-e;oZ*~v;IrqI$7Jn7XJ5A91tsc0-xriC8h={9xFhob zv#e1@VFK6OHCR72fK{zghJ$KegE^IGxNDWCg0lP4R;%i?$hX!i1K|GSTBS2UzfSoF zVD38Q0r?_(Yn?I~AbS*>KTTdfg&C5AJ<0LQKZV;b+1DPWpXP;`%x}HYOP8F`=OP=pUKxUP9$&AlYI8OIshDe#zf2of zlzL50kh=%4(3h2d@>Mn*;P3AVsL*))*|L|FPuy>2zKP{oe9!sD`E+>QLsZoy%a^|d z+N9o&YX41x9dfe&#xJK$>Z#PfUs^p)>Za6JmeK~c<)R$>@#&Lv8W#?Cvu;W~*7$O% zp<;ZMPRx~*5`#A8<_8>Acc1mIkZt~(PCqPRS<##B(hCna<7QjwvsnDITrix$8PX|* zN_|NwUy*lvwsvX8fs5MSx|(OGS~V^%^jw)&mQ=PF$6Wmr$6O`H9!fQ?)17|;zFAH6 z&gECyV-Mc;N#+_lV6iJ+rgy}ora%q-RsTIKe<-^ZK!?XJ$^LDe<>sv?qSbg|L%VVH;QRdC%C|_c1By8SfPMjN?8JSxA#|FKx{@h&0tQ z^`5NmJ3vA3)?Io{#*^(dC+92+4e4)zX0GwYKf z^J71r;(`<;^t*CAYG!(e^pkZq2-%GbnWQwX=kjmId$`xDC#dlSc-&y-1TTrf8l1vDB&T^s-M@8iZZa5DEP6KcHy@sdxDO@*kO$S}X zelJ&|9s7~`exbarJaJpB+$$;F;L+B+2WJ1Z6kUEBd)`*;-4wGSRjxjdqq}y(J*%m- zaL#3YgI~apzV+Lfd7~01zsl?zmCpazz`fTMUaymJOatkCP1O{~C`T?oA@8Nkar~4h zI*EG&)p5R&aX^D6;8@)%I(cmmG2d8ts*WmQu@LP&E}Gm+SF;q{mBta_ZP*tZmFPIE z^F;6+h0T{RUwF#}-;q8RoTNoTCWqg;#B`f5uFm7T**4$leE4(U5!P>$@_;P|yt4%F z|BtXQ0f?$<`@eS<7zWT`2ib;2L_r!9%>{HW;6UJlYi2GeXjrJIRBG1XQkiMFAGci6 z%G?sO&~m}jUMn*&>m{|)GSRdGL!GZI|G($lGce5ie&2ue^1IJ@&Uwyr_H*w&=R8$h z_W06TM_uhn7aWw*AMSp+mwg~IZ!#*7MfCw9ouwzBoQG02R%*T#P3B#^Fjj5DGlUu4h z8$n#gm5BM?6S&@?c^}T*<*NemvLPH-UtD8x*>UYd#QT_igEicqus3`P=@rXmYtgiD zvT?#2`PU}ZMw89QuC`8*fp6D1hE-Hd zsm`geHB<)fpm3qLe;TB#UCGn5BJN6k=*Ip)1JM$}8_8jM`>ibr;2`k=XNRiEesOQzxE{YBrt5x=TvTfuG6H z_B1t?J6@tghBZF3)M;GbrZ@L!Q|x!jckNnK$<1`VoM~^GvI|YgyK7{f?Ru!v&$IS* z)i`(b^h2{^@84bVA(lP&-g?6zEr6})hj&r_CGA<8eZAgb^IiTeSJQW$#&)XT71sAP zOfVi|#5My9 zOdA?&70SjtPiqr?);wrf{{cc2?7m)4#=at9?8~FpYs2SGy9U7hihSJqmzBGXZpEO9-dz(&FPe+tEG<7dMhQXzFysU zQ&35hxx=Y+3Vqxms-)IiSy^?0Ypqm`vY2tOJaGnPeO^ClvNk2URt@cGgW)7u^r|}! z&CgG@JtGo7HcMudbUBv#RnH9u>{!=oHNC0O3*NDa2#QMQ;T-;&@oi9W-%q8Dqy1}U zpyEC*q`cdeWK2CY6>bxSTNQVEoGUavD|G>x5;u+=gk7j;oV{#;E4!A+D~mb%DEDe9 zdB~&o2_vHQ9MHdIEOFvcQv94k8hEPVq|NwV_=} zT*kbL_8+OxZr}v#7w8?p?V!-K%36VOcTJQX#mD*E6{<(Yj zSl})>wxi9$cZr)TE$p2w=#dVma+{^mF^3Yl;upF;U+*<*US?Bm(PT~1%P>})o2pBC zu_h*;w%i(y?N|HWt~2V%wzyHvnLEc_DsY%MK7IBv7~bT{UD3W#PZjV-)Fas-Nzu4^ z;wmv<$ugZ1NN1z|jjIhRTnL`9t+>9xbsN_!aJz?V9Pa(`P`e6PMiq0({revRwY0&r z>e;PUi`ISKJ@^f)xoXdLYnc51H7DL|e7xpOYxo2_vt{R+xxw&>-re9?a~5)Px|fvnAQ`endv*J+Gd-u9JK76a1f*c|&V0EykLI>Gu!H&Su?E;L zc0YMtlFc{{1}os_O9|%KK#LW}3~eAON{xlHN`Wkyiyic0NJjSLXhDkXQ~J}9&Q&(sQ)VA zy_#zM34?2ajOVpC<`pAXMvDGoTfqIh4`OtRTjcO4Sme+nI-~aW64aQ6#q+R#FfZ z%W>EM;V_z?DBD?fqfGUmG+iIJAv>=0yJ>qWdqSfmq0v3wgF%uWCUS4+jWdVq+Al_$ z7dzyF#SSgfJ_cK#D=>+%HguUc$c~=BsB|ZsE{%Ava^mDSFmp9FYP>_6)tC-7ytx`u zTnNXf|k1*cNVP2*%Mp9jhi{oKb6|@#z927B|FR6!# zbd%ZQcd!Sq29Gx>n28qSibSH+;-T>7cd6Rdbq~OlKC-5g$5YuH&o3_Vc#C*svnE!= zW|ncMw|F2F7OJ@t5LWKNJUb$)Gf7n{d;XMfSR>90MjuTV8c^@Yw}=4DqgW$=FW z>V(Nsr@l>}?Ntkm#GlwJ&7sKX{^;H;>~FR=eXuv57hG0zUOenlaKW*5%5tg~&RPO% zhsLc}H`vArGmb;9NO5U=&!h(oR*~7E9=zx4UPMv7J7-jsSEmHLmC!Wk+qZA8r+<1f z`O~&eeb`WUbeDYygWWN)qTE+xQCL1%NVt<*6v@StlR7tvx}rv;!_@km<=r_RNqyMA zDy`9W%OzE2QK?BGqX;ZBgYeF@K31`d0JXhoIY^4Z2eM2G7Px zMPshG+k87`{(%fuNixIB!|cRJX{CX`IJE0=jLJG8umem+o^zZtYhw%>%w#C8EFe21 z`;|OW1!q3sP4ufgg4CfrV@nsI0vNhd*SeUytF|GFO6S8}wQKr3cke3v&xN~cEv|yQ zrw!$8m5f0J*J+Z1zl|%A+FzJvSS|O)7Srf?A4;8j);^8gnJNl-*wAu5iz}-)Bwa(c zk~LK6R>V9y^S}ay&zS?VzYBN1XD*sN&!$C||5PC*j;nnPaz+a|>xZfay!+SN>5zoO zF+n&Q150xfKdzBxEy}!GOD6?q7UwR=SuN=ko9m&&?g!j*3vz$hR6Dx;_+#55r z2O1nH@f~HgNnTx8s@ib-2zJ4Y*@m|%*C@YpMTp0SM%$Y+T+MEISx7eTJdok3d8(1H z={(v+cypt^t)Ww|*5XhqZL=B5O4!2mZ8RGw0x6{o);xRR2pF@?b7c}AwAER{?|bp+ z#tn000AA3MCy5f_p=rtw9pb;+$)rDO9^mFctrs`?D~3=eF3 zfG2T%f$M8r-{JZh7fpfb*^CTN%JAohD-oB1iMVaX3J;`A5}@-e#$c5h>eBDHD(I z8*uK2>cay*aPkd*hIt!4rX8YhQPw+qabGU%c-_Cd0|tsUF+OT8ln1l%Rd`dzt+*ke za!aSZf440RVZBI&f!|T!=fKZ_*Kl>fgZEHedR#VKWw>sD|1$7RTx3W(wq)BhSg^zl zsG`unLDLpT7)UCGW=3!#BU!%$WU&ba2 zD_`b0rQAx^K2Ju)F*_B}2P1>jmzmk<*%oqv7DT~~-tm?yB}xs0=RGF`m;&zKefr=Z zFqf?T_RU5wt(=qzTkx6T&M~79hNP)b1~tte`Z!Oh(@yB+V;I5PPt3!9{|YwvAdIv9 zhml9s#$#gT1QFQ)?Us5?+;DW5)cq8dQcs}V8qC#ut6rZH{~x(DT!b78KM^9A=w-Qb zt61B+{*a65#TRSr>S2eCzS=sv zxOdQF@l1bV=s$P29y6p2bBoUWZd)PmbI4nEj6Rd8pEdC*^8#uySva7DtP;MWCID$9 zPXW?b)f`|UuIF%V#$~`~nj!7fzCW>&3BhNz5{wYb39C?C6*L}lD{L2eVYOEG^xh>D zW&%p(M`)9GOipQo^PQYoOS7yG_bwD-e}#{p$L6E=c@C|ZO45ib_|N_4U|(%Nj0}_I zcY5=#+zJl(=k61zWSW?nqSt$x9Xn(V>oJ3~A40GaZZz?aZ>Mk<1uo-0kWjfuAT_cQ z5$Pz1x_y+HK0qxkwlH^K>wi;dgK@EXkzKs@x2OfvWPVV}C+27`I$)5+**2C3{jy}ojr#nmU?v-0B z0zRoN-bd`y3;=d7|nBKHOzRdZFXve)3URJiQ)sl=a6|3_y2<{COmG%6-j4B>7ZXRyMDTRB$GxUm#qP~2rXC4` zT$8AKo8m}DTm1DBW6VEy+aICR4t-z?(1V};@)q|)_WweU(BGgV^a@SFB0tH28ya8y z@SdzQt_-iL-ws<-WOn)hj`(e{`?m#t$nIYTa1l#|89z4qgug*fWPXE;Aue|RutJ3| zh@n4Z_m2WxVU1mUlGfBFTPpq>I)nNnu!&1&Yxo0$1* zvdK=4dCoxC{6P_xxzNP#(VPt`zubi;{*vZwQ2D1_XySV`r%L6UT4*~@=DrpOHJ@E* z5^%0L8&m;_&Djvl!LmZE9{Rh`TtG03`q`_K zyq)<@@r!0P6~lC_KbZ(@xI0A04xjYJU1ATM3bLzE$4qNMR%ErunIYfzgvG$7wy^8> zEX?rXC=-6D$r>`@SD;TZvE3uc;9%Gc9c$==Ky?#}P3&Hq5eRu3fo8>YfR`qmS+XTl zF|orN3t-dl^mMFb#t9^AdPKwhPl(jPNFXzpbjRZ6S^a!iH9x%ME(EIwm5`~xk|9|C zT+J;9{x}FSpMr85U&Apb)i+{vtmfbCbv<*Dd@@dWzqxSLHKZ?K3Xe7=QIXKOE87LV z2qAN(=l`mMR8skDzL zdvi=e6x(+*hK^-{8Y3?!nB-TP+#@b}&1xJeWBnN#-Gc&b%?-^gp84Xx_&iFK@o8Q1F**qKw-Z&}$;r49S?Q|pV| zo}n*A(ENIz9e*Uf9goxH-9F3x%=%cf@xn`mN=LSIhdz#-|IGTLw%JJGp=b5p^k%*T zyMveVY<5f^fA-1e)(>K_SPqNxQ7LSM4`JRzh@PT?FrRv3zgi`v`$mu&)D3D;bQVGa zA%fvQ$2Elg@uiM%fY?4^VtY?x*A@zr$AVrFD^&RwYb+V$!O95-VX#BhGZtX=At7Xz z5)MZ94Wwx23alVRqjhSXNa2T|zaxa!C4^98E+OQs0@~^31L5$Ez+VW5s%sj_0z)=M z2!F!}hpQ2jAllGJ5tz_ih@UBNi$EGWH0{LZQQ$tJ4PvteXsr3bt}WbD3y*x41!%s@ z0(e@u)7w+>$9G!*>jZsK;GaOUVP?YHCsKs=sgZ((gh&Xj10eS|2~hy&1wT-SX)iIl zpg~grD4PwZix-#+b{x1o&{u6}5CV@2HAcblOp(PExMAr$tDDaZND*~?xY!KKa&>`@iKsuCyAA=8_KesgvFSW5kdgXtawfkQceiEP9V3=g#>WxT)->B{hGj=0viN233Ld& z$IW~pAf5lsvqYeez<3}jk}a@|a3a1m6HY>k2yyKtd<-cgEJ4u`BHV9;ld%U9y)4m* z0*4SjjxC9_-+{W;8G^AJ)95`aC2UW;1J}2rt!@FU$;=m}{DeSmehW0Wz6B(^(ZoL|uukAbftLhc5qM4DO@R#p zn*=%p-Vf6B&C4?ZpcN$0&a*YK` zUkDB8x&@srFjruIfdvAG2^`50T^0OZ z7)(g;RDtv;LOHUG5IM9;;97wj1#SV_$ph`XBcxG_aJRsH0uKm0DDberYJn#No)UN# zNd3q+gcI=*h!6_)5rfbu!XoT)_n=*yNYM_#I7^7KCwo&Az)biw=39gixP)*PazOCw z2xsGcm7qhBY6{CYQ5T@D5Dhum0v8HCHw`=objb9i4(h{TyO=ol+7tP_?@P+?)SXx{x?K_IkHLoO6dARo z1ZERHkJdyu5?S;*-9W$xgh(lkX2usFkPrb4G>D)hN+x^}Sx5+f1%!(*tp<{UrG&^C z8l;FW7dT7cT!9q=7ZTdxaglIXB5;|&RRY%v+$eC1z>7dqgdPTs$o5Ramn3NvVIJxR zVLrNQLbRgYgo{y$1^*JzZbaqyha6tUWD&Cln^rANGT2!bf~}xLX5KUf=(2eY!^2cfoTG1cQ6UG3d|Om zE3ggVNjDPp_6wLah4oE%x1gD0bJ zs|9UUk>|0`g;{6#ZCR6#SCm~)rRj%cVfP>3+I%3}h&Mhn9@MdgW1|CE#ZiCQa2tl~ zVVCRuu(SD9yf-Nr?W1GWx_*J|(vXA}DGM==NMg0a`v#)SBoGn?8UEWxgu3~a+l=cE zfw^qnHNSu$Pq2vVRE3^gLsV53jn6?`!%aF^+~8*F_Q65F3SkS_);1{t!3Az%3ouMS z=*w5)3EYJnjLNc-A9VUe9SH+M9d<(iopKQ_uKFW?>_X}oA zQo5Kl7h~9SuZD*Nx{1GnFaud*1vUs<7sQ%8(vr}l1hbTJuw0jnD(pZfPEiE2<=^@S zc%jVs?=Ty@c~pr1AS4Xak22vZbbui<&%q^m{^`N?E$mdocdt5)Gj@{TY9iYAMXIUd({`;TYqjbRo85cuG@n> z9_+$m9_o=8QN`nK-lEt>_LVbBwKo6CvyM|N>{n}2l36) zQi2DL=iZ!I!p6gkJd7><6`S;*WP5(K4z(xdZqAH9whD{RWGqPcz?Vs5cXIh@8qrm_ z!}nQ>cUcvzQDANLhNwcv5kK3``fVkeMju(%m?nk$2h7-3GIYjIB`asdP5x?zt}#$M z6pIHJWGZ|Kp{6kz{)#16w^fcOESknbc|M!=n>9>7yFSdev});Z){kX7t;bxtFT}RN z_MKzo7Ts=q0GEx8fd=){hx$#XB3m{q;`0f8X05B}0UJMo-0F&lO=Ih6%jH~;#z5&2 z+YnnKHyWqqiy~#)+Cx7$7FO!`?gB;FS_q8s?+w@L}fWZ`DY|7lDX1J zCo+43^;bEIO=+}dXhv^myBn?5MBcLgOCHO*{bB7(u2218T?5j$$vTu(-@+0GY0~7W zlV_G-)2ew&aX0hKa%@s;al?MrRN=-qqGoxN9@$45QA2DVhdz0N)}Z&~AGEA@^jV}z zTV83}^S|Ru+wOpc0fT%ycslXMm$u&_-%jTDCVZsrl&4u~_uHj|@jZ3*OduB#2v$5; z9XKZr-_)#k!Z;@;KQ_RkH38IaR{K_$U zmB+4AIl=iR{@tJCbfD!UBV82j#Wn3|^Wf-{?}3GG>Vm`+9%TmAddwIxAHaq2jGrk9 zpl}pWn8I`|YBQXZ+LtxS4Mcl4IUxcW+zcVqA52N|b|{$akX5 zVPD;`#_Kxx#MHCD?pWizyI%6_q^Z$hk?!BD<6Ue98j~+G68u}&!T7kYZXUUCNj2{^ zY=fswPBI=d#$77>sj$xBW4T;XRJhh5n>``m?TVPfpRnsC3tPl>E4^;y7>i1@E8|L# z@hfw=MhdS8hFx!#tk2fo$kBRWt)KRWr}s!$zp^%bP~mZClC`9Z%?M*x=;?U_^}u}> zo31fl8q7P|M{W2>?)~t3EGz!wP{p*$UbaWTO_S6O+@2eHvA^%)eSUA7VJEV?9hPma zu}-anRV%Ex+V>%LWJJ`AoH}B|@O9cov&Nji4i+?5R77)JRuKinq5+t_)UBk@BQ{WY zSj>wfd38Cu#sUwg0Z~tM+q1Awn!Z|FZ#8C(tEZ|=E78oD&b;doTh#x8o5$KZM_{3x z=y5~VL>;UA>rR8mUnajH?H*nycZ@Bx-^qDL(^Kv!*9ByI*YjOex6-n#s8?2GB$Ydg zaJqq4&C;tqQD=I=og&T1dTkFqBSo6yht|L- zgf+7F@vEo;7ERLTTAkP|PTtxGZ{3GhUe$^99F%EGY7BytF?2h-{y)~vA?5R|wj2Ct%+cgF94^bj2}7svSufh>=V4}|(3-%t`zrEvDBM9!pYTqqX!68TO;Xv# zx%np@qtl+j-(mdk$TVwQhf>d#Fih1w?Lk^>zM$eMEbc2)hY;9yBqb-78usdMFP-q9 zO@Dj!!~mPA#LxxHNh1!}c4qFrrj;hyZr7S%I63JboCmYKi1q)+8fDk7!u}vj;S{nI zc<#E%U$?SovUa8B_R=EF%Ck^HZcNk2D?gtmt*k{6yi`IF(ZbJJHF=_3A1i8iNt@(f zJ9Ca_l4q@rtKN^R-Y88?%jR@;enowDe)d30@V|=WHEDUWT~rl|EtCd~c`&@x zT~3OrK{|?h=UHNq66#T=d#&__#U}d@X!6Ow)T0S!QxXfP6nU>4;~i8 z@+K3_3uRD~*K{jyEZyr1ORX`|?WKj33+?iC&N1(no%`H~D#=#ehslG6GA|!?_`Wqc zgua*lx1CATKgSq|+S~d1{haJlJr)gDFW22VT|!&!blBc~V!HHzwP9BUb!BT|c9UGc za%?Ok*DV!~aQ*UUuDn!W`yjiQP2#r2cHA&xHK6s6O%+3Jy^LCiCTVRytbZ@7ZdhG` zO@4-h{i++5RrG>&%t5*7>}JjvZ;1 zxP^|l)4riGCrdAyLP*8~lKfG_8KNH0&Mv_sN zwCk}t*cM=focI;low?K}N@<~EQodwIL8+VaU#~ZG>?ESlzO8Glkj_t*R}8@k6I7V7 zacZqgtc(_sFl+(Wu1mCq<$06nz{S}(lK={9a2mxEe37E{*5;WM>dE>xJg?rE*@mlS z;^$bjxuoy-Qf(Nes5c2HN7iXbzz3PfnjU@!$1uoBkQ~Y)Wu>?GL9^5;;63m2UtLdT zMY8gPrf?X`)+oua2sB-zJR=XyoSapv>7>1=%lp_-5MP#)H^;M+&oND&Chv|qOz?gR zGaud+wRA(&1(A-0r4nkDvu}}cKbA%7l&Us0=Au$vss`q#zH*FAV^?%acW>G&rKp>6 zS$n+_7r|G+X_B#0_;Tq-4xN8k$wx4&_z3>up|@DCjKrR=BYFi!6xpwOrcWL z&~ciDdnu`@YbEo$u~N;mUN@&D2&JYX1jX-N0>G? zU8)GxK@Env?EfBBwc`|)xEPfc@(#AmsI(t`+En5A!d#Y9;W&f4FLAfbaTdivg>#k{ z6;bn>DJm+WsHm3V@AyAHZleLy;eKX%8Nu3hOIOjOb zs}wqHxd)yw)v896%B>mP9;PMt@PYDwu&d&Va92&1s`Dy3-{QORn0>I`ZIv9hu&q)S zvM9!>sp-hf_k3+0e8^eEyiLlpfi;#3o}T9@g3v?GU07_RNoj|4RGE|)EvHB5Y{{4r zB-2CGoyIKkx~=5W6Eb!cXkzKPR}+_uBbX}8acE){X7;$B(#xC7CPu+*;#ZC)_Ku&j z+R#8f)RgD+x1?LT$U2F%SclxM!S|!j~rKBWZ@E&pBR}^cG6Lh zHkEgkdQl46xRcm3!OIgCXf@KF8rsTtIlOcN_NIkmojCP`skZr!hEx)4vAtGbH7r0$ zAj@yh1S( zCEcyn(k5*43eQ_#uXLO?YdZb*?MlZPv$oSObvTCy^i|Mbg8mV7t>qDq@6XN3*Tu|Y zm&27H-|~mljHF5Od8Um}2H7t?F=pVr5(!f?l&Gb~F?X54=C#7G(sMZ_cA3MgdPJ^% z)!{}@>`1rR5=uPRt#Q;8dNjx$x;5GaJmoCIQ_hI*t{b|j6C0Y)*_&p+12fLrzuIY& z?006olT;f1!M5@G#%#E>h0El3o+#Z3H~$Y#uumhD5E+LLMkoQ11K;`DF&r6p(ekz9 z5#S|@zHtn~z#QovEAxv~!h*WKv)VCki@veYi#EweVDQ3u7p!k2hS*3pJW?5KzrELD zGtva`MUR2MUv+NqF^h4t88F2^C&s3R_kwIuHX0gb6#PlNTgmz*Q;U(w+}0M`pw$Fq zQUCJ@&LOLj%uN**GY$~801Ma2)~Z?j`}PK_n2>BYFLrbR`x zS#sc=LbRFWxIqmj?Fq+03!Xc)+tF!}p}`Z5qn7QCk1T$*cvPEVen@@)r->s<_x4ge zC*uv+E{UJAu;`E`1^ybe2zA;LoR4VwPTY#={ ziRiD^O8?iJFyd`DQDpR9jF5VZ#IBd7CSrZ{Id(rvdD$;3N}sg;n8s4QpT>fZqx5V; zv@%?ls(z1FmTTIcp8gUF07pI@<29YV8mok83e(t*ScObDpNv%=0Yt|sKLGB>DQ^MZ zipMA>vtI3$S2TqS*=OyQST8KN=vZEJ)=|f9x2J|#H9J8WD(Cps>N@(==sSAW;Pj>1 ztWqrUHh=6GhM87YsV>h^Pk(RM>sm%AXKt*&f8TkW9^TQhij=;ATDqB6nW5e+3(E*$ zb3^+Yn5i-YmiH<%LfQ9~8NTYwyg}KwuLAGvf^FIz(Y!kjh73JlPiA}V&L|Qq z6Zn)@x%2SQFX}r&5oZu}Z`dxYcy{9IOeeRQ{{+ZX`eDK#Nyzh^GzsaNO*WY?P z@zB~BWA^U9+cA4zi$ZY?@y*RMUF+dX3VSL-JS_ucV#{Fmbv zOdJz;aoe6X5flCxVSawdhnv3c=vlUA&6LM{x(&=byjIs(UTXL(G-hs>Wn*nA-Ou#? zY17lmp>1B!Zs@S!^_!lrzxv+EF%8rD5Bc=_q|fiH9vKqabM-@We_8$b&p~GsLf8JO zHwDdjWz^!`J4@7b>-kPamh?tO7~9fOG5e!pwV}hjff_75G2m_J*bYI#RTn!d=j7n? z_@+xuxeR|alBd)Q_a!oWZlGT$){vxJ^KIe`KhC(xuoF4SYcu>%m@e${rZyoh3+#j5 z6^uHd25(?V*kLyQ-~PRWY6OcGrD~)w&ceyo8{(3fkJV%fx*_;#&d!VBqS~-C zT@@=!8R%`+j>ggBkqah9v(tTXV9LNWrI5V>ceXc8v1*IK+_ND%TJ~m2!&n$D?WS0` zRarR1EEo{YD#*<2;m!}3;4mexcQi{@tk|6JGM2$t4Dya*zbJ^&6azi`bXU5|bJ^g3 z!Q||+?uwd_(X4S}bU200N7#n$N)(GK@GfLWA5?~L?Tc|jF09#Fdngu8C$pG)p%ftF zUMOibMuleqtfmKa*?ljRbUC8Be+ST04MNuZ4g0p1p763{KyP=`xl4I*CbQ|EriKgu zTXD-OdMai}d+l$C-$!9j|INjJ2M4(StwQR=;gKw=mtxj3a7O+Zq z6zRIWB|1#IQ}SLtB`lJi>8tX-yml(gt8sQu>Rk48GlrS_27(I+C?v5RRBV1r8^A$ub`4q@#@ z_Hxi-YglW6pK}2VnbHkvo#+oX;?9kS)fc2uh^R`d}%bbH@CKyFKQ zVN^HwsPKgf1Kx;^^sHBJ+$Yuj8h(J}grE3vQN@%MIKNAeWoC*+U_J z6(Q##B=e|yz`tATT>G8t722%)@7#Z^3r+oBDchB4d(9KHflcWh6ymj6kb3qSNH>*q@{wlWUw}QPwQ#*m zyFOIm)NWuy$K|J$JmuE@J>{>2e-r%4;JbK7&Kyq<3Xs2Nm$&*yvue*obp5m^%$$X; zGGgdt6H8kRv)F~%?R9MQ!iRiV8EqCTq<+D+JG6;bn`5BAJ8zJmQ- z*|RgTc4$@t)-q*7k9)KQZP`79UNXnuCnj0%i~$2OZu_{=W7z=OWwtD>pN{2Lm-(!r z-D2j0HXZYM#@`1g1W&$`6&>S=B}L93Nr`l$d$5<_jV*cxyUgaZPygL9TCQZr4T%9M zl!58E{H31K&j>{{6}UfK{}%K?IQmO{r6^A}DkdRH&R|FUkioRkj8)GVZV1DoCV0q{ z-u6@l9N+=^N&jNYVMIETWF~SiInv+4OB$yiLQNg~^Pp%}UVvOHn@s|D#OQd4ja*27 zX$=;tIe(P4_gTzS=IFsqa3;YtvGT|9Gi|YO$@wF19o%S}8(jjL!qaLme`&C^fXN<7 z0W>8OJN|}B`-B%G_cB~MF6cI#eptHDiXJK5X+=LGg(4uyqr&i)MoGN|P0i0=dXyVS zYT=K@x=hT=$w7@^jI^$mfU#0#D|(#tNh`Wgy3i_u@%)JWmIx+DTJ$q5bdeMzXn(Fy zvDC|(9z4a5GO<8-pd#>x(YR@XMm(S&la>lvRk%cQ9(Rw)Gx(FGuLWPtfybraThXPG z7qWsBQsqsN+S`SL8sRiaX+@VwV+5@VoGz6MdLfT+hV+u4i#c5`ZE5BIDZZVCBJ9EW zPfKUPcm62B>{MBz$^MrJrB>3}Qdo00pf=J}&?KchE`L}6805w;6ns_7XQc{3tJ(6L zw6PU!mktQJl*_BIOJB4SFkkvn&=&4tfuuo(w-n^_l3CDdKE5Djw4z^>MhO}Kg%?TX zt>~AeHLYm-V(DNjhnM;KXo^r3utfSt@YNhzDn($8V+;RPDZLeqlO9^p%lY!>7XK@x zw*;T(m|a>aec39&D(QABdbJdc(jozBMOh>D611A-jIW0#zDlo^o)i2)o&)P7+Vn$w z0CHr#bWqUQpojZQuSqq+VHWqWS^7iJg`D0hg@|WmwM@71_0uF!?N8p23Iu;N_y3mk zH2ZaLbO@R_#rL+fU$9mEc1mXjt?IW+x*=#agZD@t)JDaRbWU`m^FUMd3vu~N`=mla zFX8ll=^53(+P+D^5;p;x-01h+=vvSeftsH8Bnc0@&L7DO7Z1N?-1|#aQktOE{5vEK z;B;?1J#!BqN)v^LcupUYo)vTrr>mv)f{x(yN7B1&%(>KP`!~XQ2X{UtT?6g>kse0m zAnCaZmp|syom$anq)gDxANhY&@XzDkAEtd~yYZRes|9t|U#b)icAG8hzXYGs>M#8)gRerrRSkUdb|7+4zL93Z^ zU0M;0iq#_E7wMf=0&hsC1+5n5P3cN2`d5jJX;Aob9>MQY1ijl6Kgy8|H~KNq3O@Ghqr|XD?It*=>AiJPD3bv>8{iu=qAqpQwnK$THt*`M>o2+8_jpnV+~VD*^2KKxKj_-u=?T%r%3QVAg+- z@@HsT7b$D#!^5(2Q&M}RI&ZslORXAOpnNGC;C~!ed6u)wL45;_6DAfz{y2JpJYru) zEPs>CUm)X+aS*4x_hrN|uc!Nlus&<_2Id%+8&y>}MDdWFZ=G>)NM%Ma+xWUQjx8Rl z6twJze>^?ihxX|Eu=7KekGX%mu5Nibt*{NRW5<5TRcJU%l5vh_iQtXAC*g-aT6v_Wm^v81c2Xb`gjG=K>|h7rn>Np%4e~6YWlPb zc418!H)Zlvge)(eh&}$uzT~a?^Pa*42a~tz1K9cs#gB!&u7A`p9=15f&3v+q^&NqH z9WzRa@-Cn8^`aTy`$GAgQt*Zk| zP_;B0Wd3wzd>i%)iH{wQROgMmWIhEp?iL0a_sBTq8}9HokP!4JLXsnJ2H{>|`}ZAL zT0`_cS=vO1Vf0AeCf{u!^J|?Ssg2C7V z0hCp|QbM8snzF9gO-T_UVxBV4%_$S^JYi6vRl=YEPZ;d6{P&bW5uUOh|9i^Jq#zVa zAgq?v&CSQvT5bGDRO*jK(IG)|$sce9;RzXYMc_$1C{hZDafa{{Sv8#cFVWnP1HX|w zB60vV8Q29$h!oSnMYK*JYO`9D0!;z~1@cMIR~AY%FmL)b;&VnVcI`p7|uCN3Ef9`#hBo)K?Mc|^&C=vQc)HzBuM zk9JQlCaC>?LuZH>Ps{wvj3x&gPQjoQI0!-C6G*SMh}H=-2=ozX5*R3u+tP;r2tk_( z(G=ndV=(I`M2$?=qWzKJQaDi7JVl5yUn1x&gwTASz&b)Ge24H0Sqjvt$hUi+L6H#+ zECzD9gh)`CplLfexz7@4ruJ|AQkG5-qE9|cSR*Q5tt?$7`YdvY5FJ%4WikBmqJUxx zDYr3Ld4M1FmB4c{p8*=bR{Q*@Z(3+x`9Smj1^(^n6c7PS6ajL8H>ZD#Q4M7}Lb#6x zYQ|ztONbN|3%W$00Z59rA%vo7 z;fE5SQc!Kxq)O_c1j*P}N;D$qPl&RkrvbuY!kr&R0RCt}7YgKO5x_l{QhGs*o+z?v zqA$u)9ibg5rjEq;9R?vnBzqL$4>JFJODUyMj3PvCN}4IyH%izMJMRU}TO8aoNg(`F zzoD59MG4`L$~tPim=Az&1x?$-hXL&rfXa~Y6@gm_;o$(`k77as`VP_m7Q;0ZPlo~& zu9OhkydY>QN{VJzm5QeT4j8I=0IH=LjJ;;Uhf#)vP}c}F z{)}cvcvZ}3>eZ=O6e^0d5{DB17t!NEG3p^n(O(1xA|B%nR8EXPJVm@YAw|40-o!9V z9zf3^M8LT~&2!l7Oo)^%6!ap2Jf%p;DnYLm$Q4ESG>Z5)(WOIfsZeAVZ~woy9%hZ8 z6Cl9YAWJ<6At09o&POFAgaQSE9wx9*AkQIGHh+rXmS}#!SfY2TV@(uL2RaJ==nNx% zL+v&SU%fPh!RiYaLf)Pe)kje3cz8;XrMy;y<})PFybi%16&*EK-jARk=s`66Z{jb(lwy7J#p@`(ZXqHz-rCISP(vVP6fOzen{EDMWxi zBoH`|Fhirx3qY4q_$XPO`$5iJL01UmIg0rLR|NBgD7e$yk#g2<#8iuCZKg&o+bj)# zFrcjBWrnO9LIFS*3VdAP3_^5|vk3cXq!)lu@Xw0~itz{)QIrVJiz-K>PIy4)(gGGr z5zmVFmYf&~K^o9h6m$p)PXPk76A^fjd#fC{tbsYQ#(mqbDzGgrlONGUv?> z{<&fgQPH6NMe!SWfFj+6;B-O+EFpyZd_uI2Rf66v@O?s?Mx7mZRr_`-$`f$cfIcPg zv_M|ONNpg6LjvfS56OruL9ufOUiQecPDDdvXY-*tLW=O_2E_`A22K+A93lKKBm6@= zpfrj{Gqm&lp>WQeg~EM^2J$-eHu_(xG{(UiwU5S#vJteV zkNP-H0!=~yFEjA_6K&O~vsiSca|M4Ph09bQvnkvXK~s*9yN&z}(Wp;Q2*-=oYS-{- zw8r+I0h19R3WGe=2^v0qNC2gn5DMoJj?k!e16j=L29Od!Mfy4+Qo5HAWqm-)Low6GEI6Tth`VvCa;@yOpmLDKQ_`^WWKvY6P zdl=1ct4^N4JyevUeSyGlQ7Vc{Zk@8K1i1$ z(+M1hK?D(MjQBo6*anr5aH%>4(=3MqL>FSLAY6loOTty^Tv9V0V+YZ%sLut>qbo+y z2$GK+vB%R5X)YYBf*vh!1dy`MgXm(>Qiw@LCD>KG$_$Z&c=%mJ;+|O zD+adzN#$(w2aKxOPbt%6W_ubh*?+7_@n>aEWA)pTro40e%N3c zvlMgHTeFnUJ=jlmeM7um-t)7|b$!FyxH#bTJ{!M431x#S6ul3fAjCfx(C2{hi9U)fV=F<@68_t2HU~IM}ZQSwh&5_(3UR)rXTu*u!bpC zJxMh%^E}1e>KnnA6-xMj`9|>STqV59I!{SAdeFy-@=`{J8L@`>SjV&ZGpnijvq0@6 zE0)nNP;}%RTs8k?B}r!YHV1~tJy>eAf3T)oD)U?Z;7{z*48K6OtYfYZyR^Ekfz>Qk z(&aMsNFnnpipjV1MfGvp8x_ryO<&R#tNMI0aKQDqWr3{lvcJi9A$(9Fk`FJo^|C2| z)hzJB27-Awoye++vVPguX6++cuHhm>@iMXj4^vRxB z5XH9sJ|vJm`()>~aw)6K%n4zZCyPzKHxXu}2ona2eO>|0XGmQ`u&(OCO~w5tnB)l7 z_}91)Hu9ZNQ|D|<4V+O?_d@N3vNIW-Fp|L=Fo2&>8_a62d55rr{|@)j`*`8`NIj*g ze_ff$_XOlPqmO1=J5Fecei6L(;n4?e7gA{uq~9s9Le(+~-8slib8Erw$BZ`+V}fsBfg-X^5Hyq{3(qbc&KOD7cDRh9x*QHoe>$ z5R@cXPVMT@Da>VCe?k?%^igLN{}Q|lMpzP=$WjOO3D*z9vV>J?0`9GjGx=Uzs=lWp zFP&KD@4dqH*D&KWvgHA716f96p~>f!mU@=V27g(AvVF>G(BD$MP4^05_r7?{kHv!pqh8_e}|d$`#_^2?S#}GuZ%MJ79)sN1nGvQ$q(abu`{^_eMBIY6_0)6nOu|a zc9+;6WP>-24DfYkTpGNlvw4T&0@?7Vt!;e|z$;ZMQnV+lJ(3fyFN2peqE1fgXVTLd zZzU||LSz7&r7tjbK8zq#P85U&4`=b6#todB>*Wr7x9+LR*xE)Y+Di}Z76qF5FJA_XCoU&NVkVygZXtw;*o}o11K+E980FZ7X z0FA7a89D5DN_-$YQWxo|Ux*fqT?|wqF4jewI_s9VDESclJ2NdF1>>67g9x{XD=80Q zgIA3TkTUL3bFDi`!i*iv86p<#4tLThYs2*1Un1f5{(zyBKNPP zn>rqVlrkY@kc&c}xP@EArf);%S9Ul^7v`Gq_!a6(NlN%&_Uz8UaQ!D{)Fr0O3kalR zz+FA}hi7Lk8_Fs#rG(38nBR8Dy>cl9-LDIKI9vWj$3XH-zdAN}{R4>oqX?6HRlV>3 z=>Y0g$UW#4bf1)a&P3AlhX>E~AhOTm$})iEqZUYy;0`8zV2f8z#OCU?9awEtDIMHc zi7lb}xv^53S*#$WgU-)YVp=mV=oz;Pvhh&Lyu6TB!uoUPc}vF!vXhm= z+vJ{ox@j_g9;b{!LEvhT3Bj_B-rtj+|{z zh%@OAfL^HfHm5=RmLnbu+i;BftU_*DCxNE(G*^|<2Vdp3K! zN0)GYn>f67;c_Dl7-(I6>sGdC{S2#o#1gL0hHs(Z2>5o@Jr69kGB9(y4mx(~%m5$# zz-Gsw^=|%$fu)XWk#wrBYsB%0*qON%?D$Vz!dd@>cA=|l%sOA!C{MA=Zz>@fbm*^Z z@L>p!HpI(j0nk~&{&Ca50S!cAVlk0$mHZD_q9ycmV;SO|EOyPO(4_YVEn3FCQ5ISs z%zx%)=b(LV5>lF3tpB4HlRmwLF1Ey&^m&|)>E0zU(6_Z(Bf&{ysh@@fri0^}=Fu)` z#tf%9%|qNIENPA_XqFpmeG6;58*4`ktHzD>ehcfi8|wsEYW}j~j4meqXDwa_wP~HO zx@H#J{#%Mke-*TW4W48P40QAPTeHxhPuy5d%`8^%X+-O;_fPNw)vhX3EX;LwCT-ed zlE##+zJatR*fmp&T{3k&tL+pQu8)G}j_S}l(M?V+SlMd(AMYlp6oL{_D%4xN=2AK@ zx`|i<5wlbg3*1Dka?xe8i--emB6JD(a;=Kk=O$vKi-@f*B7SreQ4A4kOV0S-O~iH= z5!+lu=uNH5vjif#sM*~?u)4rI{nmpOqvqgvw@`<{8qKyI$q9@A$F(GOBVG#vQwF}p z_Iwr*t`F_tY==R6-Q>iAB^q{}8!HhkwH{=gbBp7mOWJlJE*&oFM*eaWkq!}QY7XCZ z6LAG1;KbG3<02vg4SfRxW=|$cP5ZHIGk2dL2TOf+vAa1=EEHr}WUyk~obz zXuO+r3s^gNL#IHl!nfl^sIwNGauGh;O?Vw7q^YX!b`$QCLQnjB9=5|x`b`(n42*M3`0Sf4fPq=F-Q%+&j=+^)%K}_s+NokH%chwE+!#0AE?uf(r-BHTC5XF%m&3 zYinFYQldI#^fK(m4xOtJJSmYdoc%Dwwlk{VGH>>)x$d zdRS2Fyv+uyKz&J(Y>8`r)s(glkJCc$3oerB{Cd}-S@j@IJLoAOqX$^7${mIXXU2Z# zB4VtYh>Z}DtTvocZX!-VM2XPi2Nw|w-9((~K@Sq7MP!AWh~)Jxb?h=r%|ZW`+!ISy zxNlaRgZ`})UYw2pCzn`GxWzIM;lzySsvBzpSmMdofG-=aIaJ0&DL?lN40Pix1g9O> zBWREtYZF*vJf7{w+TIe?MmN@e&Wb5}=s%*W21o7s*g``$lm22e9rTY7;;btUu>94U zm=e-DDL%chh*+IWgX3D(bCHE+QBc3TWZ_^T!701~6523jg?~WMd^h3C@JehLTmEF{ zfQ;wdq;G`uOUP5I=C@p=?{pJ!MWHd6_hWCmiI}^wWu$C!5%HxE;Z!g_Q<9ddsV74d zh_HDWKLA!5o40&$U^+Oisb2-*JK&S_yXzvnhmhbDel1JF9x>j?XSfM3%*Oj@RrRTE z($g{jT_&Xe=^}lzoAhD*PzI{>y@I8IclwosrDO6##(<#r1xu@Pq**q41v>t8*T6tG z&N6U(xJp5Pxv@5arG+I+^j7V{)Le4P+tL!MryFZGSa{7vp~kqe4uGXsS@Q(Tsrv^! z6o19C){S+dIj)RVV7V5_X=ECd=0&1Mu{e9icicqOK!l0a{+tq+?k3?1B$$N+PZtRv z2?-bu`0o-V%wdCX<_G$LgKQ`h3~5vjx4Gc8BnJhENvaQ%F9bz%Hwe|fZur60AU;GDaUScX(oj+7Q{STJk z5#$*DtHUjn2*; zm(y?HxPt#j+MB>tU8VoypS!`mm+i7BAlqeA5SPm;xNOzmmDOYV%xc^&(q&3CD-|@t+)7Y@17@ zVH!EK@0fYsq|}_W^3-bET(hOvW_2Y%<*=4kR{*A^Ww;4g)a&N*3PNY5rMl5qiwDL< z{~KdB0Wl7ZaQjDcv@p}_=4ge5l>vBLO3?$#Q`z;eo1<9k>*i-z@*Cz9Ht`K}tO`xS zCcI&e<3CJq;1-Zl3afm>JcEsS!yM>^MzVqiL2=`%sR2h8zO<;i6s5F*u-dku(l*!1 zHoaj^(xM$p%M0h&9FM?3TZo=SNtIOXk}P zD+)XU^UQN>#l?kYJSc147HAz7(ONKvEqL3!WA+?trbm>LLaT?b)NCy-LHXUOm)hot zsvC}*UtUl$gRukhZ11id|45+l3!GQj-HI(Av(%}eG4c7*Txk-8kj#lsgg!?yK zFvhbKGO#Ydk2P@j!#xcL`$%aJ4o0|AI$R~(2Dt5T4mh%7`5BH5QA~lG2e%P!2i((e z@4)rLX))eTgsX(R9_}HySKz*a3(z1g+)@p)cLRPfIC`S)IXHS^?mM{4aDiUfhr$)Z zt%bV_?kTvp;J$|Q@rD`{&IY#xZUY=CHXet24({)8gK(r2p%>%k!mWh618xu8OKte? zGdP+#jBqBnnQ(L9mc#uHjx@aw!aWK13fy~er{D(QGAH#hOM~|*~ zLqJq`CNTp!#;I6pu15jc{CR{7y-#rMpO3QaZ|RKa=; zKJkwB4{%_#Z8ds;67|v~V5@)|1-wzfb^&26!|7qP!Xa!=INU5CY|gl!6wSnUmw=rD z?h$aW4BKRze-IuN0WjU-5f2OaqJZ539ux2_0pAsnx-%tsT)-0oo)qx3fM*3f$054q zw*oOB;6(w41pHM%2~|f4s0Gvt=qsQ>Kv?f_x-bDF1vCnnAYc+fKQJU)1!8PcvU{tV zrn6}MRIS7R@8(Gg<+(sM^SF7uvd)iPbKD%Kc@d47E$`rJynPH_^b}}=nmvy&sQVNP zqC;8db9l*p=(yQev6h)%n>bF{X<(B+GLO}Cg0_G)m!!sPYOoL3!k1v|^dPKUc6?;^ zzjCcGWr|oUFyDD&4XPAa1gJhXKi)QeQ^BU6{1ggg8TZW(n4|3K_KeSw&KHxjlNHq zaVMtFRxf@8S=t`#`O~n(=k$(8iBOJOe`~5J$8L~5W7)$a zbo4wnjDA|Lk6i9DKWnm}zXO!}EqC|&>{O&A^H{Sku6+8|e$~!YyYE9jd;PWsTlq6c zm!;~YL%phfSvUF)aA?NUtGTI*!!`0uacg-GM^d>Ymc(~zeN!MWybfj$bN(t%J#>%%lYwSH;swjHuO1`97Z4bi*))cG1|E(dZ^lX26 zgC<4lDLT^9ped5ZhrJSM|EynKd;;#{ens(dx)Jo$W$(+pwFV zsQI11s-3a+=-G0}V1K9O!iR?ky#n@pBY7qEK0IXNm)5r19~_eJ$GzEpcu*=27}FzP z$J%bEONU4Ilyb(O4yjFOpxL+sS(Rts7%nIFcHcqETOVeP>5O=T9+PVSvR_efUR-qA z{_*9@P#Z{U$CrKPe=Ar`OeAia@|$j82Papn6^B`DJ8o)hBE)GzTx8})brGzS5C&7V zI_^J+EdLp}$VHFg$>|@19}5($?2K+S>kRZ!vyBytz#Y+GxVC$%Z-he2Vq0bf!fXEzaTGx|j`<9=KzX*do2FQsE- zfe-jbu-mJULh<$(1FQRBfq|{2U%UKp1y}BAbAyfs8$)-R(dH!3cdDGspV{ zvvZvW-`FleTFk>nORy^CQPGH?4ad%_BhZFR#8zhEBCxzf`AVuz9vI1w22wgNa(@h2 zd;OeA57E`$P!f!_ldPT!lH#O4W2h!SmNsCUz)kGk{zUe{8T0djE$eI7udl6cTEAYl zfn3jat(zImaxTyCVV5t?&}iz{tXR{;zF4M-eqf%(-wW?~tX{W*Et_eHd0@3g$2#}n z+J;mAFc+#ZMoZk%R`VzZvmOp=Yar(+gD zw)8Uv%#{ss^%hA!qA&vs77EXkq;`V9?;tn}3m$@2S*}Rh?59{4eiGX#t}ps~3jY9L8wHTK zh~QK}Vz^qsy9tlsX0w1)apd16ATM{7$PnV8h&+BJ!FiH=@&S)@b@BzOQq-C4` z6JXF~2gw;pVoT4P^EJ8TWoMELg4v7b&DqL=AU0`y0baN~U8dEgA*1wnf;GPxAIgT# zRDs=i*s}I;u`e_Jqsrh{3Jy&mN`mucgWY=Eo%;52HAW}?8t1p00}X!NpfL#=f7W$V zFz)fp#*kL**Bruff2=k54S*tBP#9o-YR53SG+WI=j>W<#*L#^kmjv|$)nF1kQ#>iu zW#6|%L-u2}tzgu+d~v|`o9C-_M!_hAl}+`JP@H934upiVB@RF27F-M>cr;V&O?TUp z(UwIPpt2_0bc4nU{}7j>vG%{^sM+Z+{e8K`;sVw+0rmCn_zCVRf{CF|awtofFx#Lh z#@?kREV|ZKBU+_rMGnd-il6s{0h|?3s_xCQ~ObD;U^K#PG0(%9= zG2OKf56jLcVhikf``r?Jz~KNnqpNJt?e`6-AvghCFS*5t!k^$uH-AEX?T>$WdG#6 z;sI&v?;C$~-*vic}8a_ng}CTh1K z#fucKi9X$@igT_?4-QItzrG^7g|AcJ8X z#wu&X#zgD1E`>;EwrvpO=eX89k=2iqj`r+eW#n_E}UtMQ~Q_ zlYMpJPaN;GKG*m-s`c^yO8aB|A@<$Z4`vXKzmDAtJLDkrRy>4jyK3#L7hS>sY0NS#FqVYMrd0_ zB|KV*KVn+aQrfcay2iCD>N)HBHMNba&2@Dx_3PJ5>+4$@YgfOl}F)vYbtfYetu@(7cpR=QIPA->Z34J|x@Dz$pDR54dt)p%XKT)ryx zcqxCbL^p3Cwe_G*k($=mZ>U?h_WCvOnOVl`56GS*Idwk)>!_mw_ ze!41C!r>{-0Bbc)fVB^wz?^=pk$8A9AgwvDq~MFbg@6=)DIDRQ{#N{^4F3*}!ha7( z8FTvY6L|1z;}K~=LxlU_i0}ZMAKVMV{|X?L_-)~T9}og6evFUkKZnBz&kr~epL1|j zO9OD^zX(Sea{7P5Z_Emkf^J|S0#e`*fdY{Hv_HUvC6RS6`9}d#gc#wE2c(3j2>&!d z+Fum`@)`mpeojAry8bAmQhr|ERAW;9T!-K3X`u>C{E8L0{Jt|ROU-Uv;X8q~k6z`^ zo_gNL!nzeHSj(tjiw%u1|D){5+KS?{TwU}ku3f-f6b77by{(Oh5Fe#`(P<+J$JiJej+ zalVsB(DRek_{smM^Uz|P!rx~dF*psh@ku{Jp0tsK?kigAacP=-rCmaujH_*JZCQ^C z?&QnoINAEvmd3TKs$17puf=eHud=meb^Th_aXKf;uX=Uk`c}fMr7cVIP)^L$;c>A5 zt>4&Mzji$a326;>Hci(L=l;8v#@2e7GwZFJLBsl}>HuO-? zRT9Krbq7JQP#^6MqUXs!rYA_!Xuf-7f?k3CC-TSYjh8z=TJ2>*i!zgvWN3jaaj2auG3@`pjt zkS!1>Bo8nOm?WS{Kqp->P+lmdmXr0o4^GL=E5^7udkKMai2@o$Gdc~*8@pT{Owtmwi68#=YZ z#LS<~!a1z-h1lr%G^<&|V3jX3rWmxWX;HR;b>0dh1KUDG6P{_tW!_KvkaUWl0WdCF zqGm6C+vLk?{t-l{6jRHV2eYOQKZAyZ;dips`0*iZ%|HADbiZP9FrpEISw~?kPPiTN z(P~J+^uElg=Mdf;iNtpZYdYew+N>84|1YDZpR=ksGw zjOIm5E8T3%y#Wbof2dBl2?gy%hU@Azq(#qUvF5xKMS^3-1#`N}*Z7PY53YX81&6Hl zlG&*E+VQ|8vyT>Xw(llS!j9^;DX3u@*L(a8T1U@s=ILrXAAK;YQ1$5J<>>#0cu%m?D3$&3bDtv>tYk_^61!^th zaBP)!gLt>27CsH>sw$ZI?#cw#rL`ox_I$g0MhEMtveQgca&QL2dwG&0QD^B3G34~9 z@oM+Gyt&!48Eqai}&Ifu7CP6QDrXx6BVPws~fX#yho@7S>l-gYO^?b`%#k(wU0k8&^L*N{% z1<<^WzN?p&QJo9G^Em6GP?$k3u;7$8p`hAY2ud~P&%LscBzGaucx(V@<&z2Q^JYlA zHxq6w+YKCE6a1SD1}Wm;`;R)mS0o9qSZ)iCc<)DRiNWL+{Z0He^?hW*}B-C z=2BzO4)goIKiR(haL+e-^?a+>V3N|Q;y{@0bl+~<=LplOOAs&7GoJRtzD`@uhu+_4 zReQeCs=WqFmCCKL_8-5>*4fTHPaL>S-JE{6Ie7SCWyHOd{?d|NLi?dt2aJoI6eb)WSuYrZwx`anNbD5*YZ z<(v#h8=5BZ_98u(KGaoUy4;3c^69m-S592L=16BlQdcb(J#_N_jrJzIX)3?4o@9Tj z(HKjVvT7;Q{#Ad|O9O|b_`41UV5_dN>$bjk-a8$G;=s%8NO9nWcI>tW4!2Vrdhb`W zoqnn9UYm*Lsdjqxmp^m5JKPkndBSV2YRl{A6?H_UdeGEWS}Z4IwEN&~MX#Njhu#{q z8G6Yi`|M((xzK-Yt>y_+JPbL1GzYhx?LT#1lcgC9Q+n-+Uc21Hr9F7rJ?Xt(4cgob z%0^9UxGX~f_Mg4iTm$NzUVC?r(F_(SQ`(lxg_Dv#?(Gz;oR}xUqSTwSh!4hF-(Fik zIYyM$sh@Y|CR#s)JsGLZD>~#9H z(6(VHi3h-V$vD?G-ZOWGCdTUg*_yb209{<1lZt?M`Yu=dNi&AefnC6)bUswG0XVm%9d zd)jENE5_~_meI^~mj)`f?wl|;{?ui2C6pn4Y|2ba0;}Gq8TEkOf)^I|X#!P9>4Ec> z5=vRD|Qz&06fbJsv zN=PAo6;MLml3(qFz(*V9eI6|ZX?ns^kA0DA_adbqbsSpyWfO$oxpbTae>D8~$2X|t z*JELlOAz}^p5G*)mWq|+d$#~@rEuWyCkX$O1TkE{D*QbHeg)V@gp_gpch?UUw#0g^Zy|*)8{Aq24U{wPD|0L{MDC-pe9BsD^F!E@csxVZ9T9+) z_U~qdFryci&@~6L)L2BN(jxoYEQB|8tiT@Xu@JmkmEfyo-7!UB?AEW!4eZAI?9j4n zq3P-xf6v81H_z6ovC zvyhj|mMsRXObX;xig>nN86RI`c!}_8zE)BXhVgxfdN5KzD~CpVf$ITwMNLzF`;ZYY z)hlY7^38Bz6!(=#{y*pQ3ax>(u(TOvZ=<=wKPj|VUJLjq1@#8RrDDSq%NYm6CF6H0 z|Gg+)GTu5g*>vmBEK}11--8=rpiuNJR9)jp*>iARs^8*5jz#kmpDePgX@u&QwqjE0WE=~G3I?%N%%io=uM z(vmRMeqEtr+p$5NI?@W$)NS&FXS91AY6>6}Q^n~$@;v>jd7gkgN7{c9)mar4AjMvk^5O?BtEg*kI@osv?X5a6q%|m?Q163< z+g=@CLrO`$eXm6;Q~XY-cB{kV!|dKW zRrp`Gv%tE~ZnWNF{mlB1^?vKrhPS(%DX61=hjEd7oo%8@*7bF|s!bK$*7vHFY6Gu# z>dQe`AgGq0|2lnCYmI$!ouRS#5M|hJv41)wxf;&e`@~Ma!RdPA0mBojt=gT`sLHJ> z`+Gy`&W(){zMD2`;oD!3qsi)N%}%dxvLOeBx&;!uF%tlC31?MkFdTNxb=@nd`BQ9>HEfy(d^e0 z##yCp*e6t|?5YB4B^nGdLgO#OVcroiPNCSu1_v;k_SD$h+2+F1Xf|okKZuo1n(EJ% zy_b?EukN`eU#_(xn)y%94ua^m*;EZ%x}!x#+&^c;+Tw!0L4!q&CFnCy+w-&|;$K zJ+wTA{R-ngMLOHE2C}}*H(^&`@F(NN*`;dM?Ny=H(F%;zTo19b<@y-bq@JWEot`v_ zZFxI0l$|~Wvly=I>W-X^n{wXH#P+2kTU&^A3F7G`Qs5E27x()}ON3tz_vJQc6fXPy zq`wTK_lIP;Yh@PXJTF_+;W7_{6sYv%83Ym5U`J&rUctWS>_S+u{OAv9=93eBQ|b7F zJMGcZgYY~5u-N2RgHkxHvdF6NG#lI<6cZSLwGW|5gctWlKzKqd-5)(J|64 z;a|f2aS%3lM9-F=)11yxiIN_rB2L{%I7k|YBld&zMCp|!q=VHRPT*j@EZ+|#5a0LFQ z1=C|#O!G_)yYF;P0E?>8__MoOXN0#=g0AS*>!APZ)s3ulgSdgk-Mz z+WO(D$l+`nA;D{_Z~0%SoV-ZNH!R6&PbCg%O+D43SEhu7u3+)ImLO7%qV{>oWn&2b zcGlJE1y&DrWOadbp`DdgvLke@!;^LCf`(;{Cw288cl1%z63c7XH?E+^y^tczB3iMV zuGOS4zgmr7)Rpb#tSD6a_B&@rvHR}P1hBBb&IpXTlD2k3Yr{IIg|DZ|2X#oql{5&c z-mt!QRXrR0F=rIp^=nQ*?tic1wd<=_)T16-uWuUOOztw()nn&2-GbM@??le3FU~Oh z7tQib_h`b{fqOK52Fg{n%z{6BM7?9fXW!LSI-rD^#wwTu~4Yp5f3be#k-y2#k=FR#Sy{( z5b+uc2cwOG(GG&hz(GJI#2`HW5+N1=9)**XkYbD`I^a!$KAZ3mD)1VshB-9ht5N^C z^rJ?o=xT-d0twzoc$ApSQQ-fR@V`iKInF2%Tp?S>&;u*KkRQ+=12$zCk2vu7CW4^D zwe_-{GeNXB8OY0bR?`nu`JV_PBB`Az;kSgJ?nWm6*92GMMS}Wzk6>*20OLcM;GAnxzOyvYRe{uvX>)g zXh+NjBxMA!#eVoLbm$UMfVtFRp99xG`0qxk`&HtX3v zZFJc1FP4I3UTo5DGs3SDDo19Mf144;tHpygJN2d6I3lg<+r~ZXDX!jrXv+!D;N_q&W?BvTVMqcvmO^aE3jRF77aNw?3PUK{c2gQ2v{&20 zSi!TEknc5>tJ$~j28XbrAjscq{uzt4a9&*q`&Bg)QpyUjo&Fv|O*?!H%FQ9{sl2+; zZ1oweGB-!(;n8~v%RN~h=!?>5F-p)h6~tnj{c+PZB4dqhZuXD&>qM|o1c$Jrn#Bmd z*-zy0Y)K;Q{XH0rW@VpDieRmuL_lBhQ7Cp6Ig>Q(qwX02uv;)cofXP{?Ve%qdy8sN zFb!v^-xfvS`A_T&WV`r_@2o-rJ~JVa`9(O`a8hTOID{B9no}+#;nZ-H>rpCsu?$f& z|J&nY6S!Ce(O!c7a5GczIGha7&NL*Opw27+j@V&BbFtetg544pIC@E_;vLp;%lu$= z>%puLR`6l5L9-F@aes6}WALa;Bci+rzn&K)a58dAALRe_d zKA?4AkPAnDotP($fRr{ZBAkrh6Va(@=r4mQD#JnpKL#3wYLbyS=qy{|oW{J@gQO?3 z-ul28%|U;tQCM$VSiGhi{J&ydiGf0T+*30`dMs>l0$Z9-4rq(P6m1Y%WltHc zFBb?H?FP3@wgu8y$Yo{eYw#iUE?*Ob3K_Cty%K^j5~}^rvM#R^(q_m%cfx93mU6Wr zn!LaNzYENWiO!RWi-$O7t3!ow!P&zHz3qN>g|XzK)V#&6;ZmM<$ik$7fDS4Cmxg3} zn{KamtL7V>O1)JU0+DR#T>DtNxhD>4O`Q<)c3=1$@+PNWf=ud6dj?LTdWGxurnv-S z@3yD9Xk?MpyY0I8wX;3rz0Tt;v63)Nx3}CWIwD!r@C3TrE3IDPX|7Dj60N=Mot{bP zNMfaX2>RECa+k2}j&|M7Wcv*by1fw*j|th9I{KzQ$rY0%UAMK*Ljl_6TAzWG%12Uu zBl+m|F5+eJioOBDA7`%B(KUU`tl2k^IL3GXSgY_>07 zMP<*qA-jQSN$8l@tB93-Qj)b-?fPBZqc&>ydq0uW#@VXv8(&DX>mC$Bz@7WT^?UVO zeRdMVQ|G;f%qpr+zk}+dJz}g?&&8+Y(~BnZ=UJA0-Z)i}Vbwn*#U|OOTjiRO&!QUb zQQTHUVSEL`s*C-T)bBg4XR5K#TNI7DexvPZUN&IGRG_kO_bT`J3saMEl+A#S%mr^l(N%@fqRXnYSO zV5($g#js8+U4=={c+8+prtya?st*Fvcq#jJ{6Sae_(>9`ORP38F_=C1V3VGWeq(VE zGku;TYtCtE2!i?e26pt{v$2dJ8Ip_(lJGtn=UR%XAxIh}eaenr42WS*&Vw?qbM174 zVggIOp#%c2AAyK$ff8@??y(5+PBO3;*DuFJ#>GspjrUc24Ev|V7#6vBoPmXn_BTwT z_ev>;(|P(~(j@que+K&Dv8;ir5t{E&!Uk06xP3hdn4x(l%&h;bqy=hBTEYHzIf@{_ z%E`4c_2e%{cP!0XzX0ozD% ze^MX@2*PMmi|;{?Z;x9RS3C|Yba0DP!uhhc6SBL z;MU!q8w6oZFakyU+?*>vga2*+Dmw5Ldr^V+*o%5f(nP4M*YXXYbK@ieueNdW2)bh9 zB*HvCCBAX;6bN30Z0H3}!Uo7KS7cci%TIWcy&gL6eOy23K$26b74$#YtLa zn#8_;DseRXwi$2s_}0c7U}hWJibJ$Fep6{k&INTC`VDP00^sPgr0qrr`WpVZZah9L zAC^9@LZVH^Qe>_b&#f5W4L}|i>$S}K2Lw#NZZ;jd<;SY|nPK`w#C4wTGs8_tlD;8I z680FK9uHqEz^qb0TZ#~-`7|v+(JAjEk{0I}G&MNnWn`&sD3`DIVl69PsyDKOcGw6v zE!Agha*^{W*710X5y$%Qh6m2+#%tOUXD93U9tRbo>MVgS%k4p5pJ2W;Ph)2~lTs9W z*gQd8hB$J&!()Pn|P(MEM@;E=jFLY?=udPU%nqBuS; za7bBvrv?7_+#&U>?|QReLMaa^l0zEG8xo!$TNw2G#9k@!i=iFengNy9d|m0#*qYnE zR)$WphFa^bf5^SZlF?>;{fDDtOTMlQl>^lX9B1A1wYOKA^=xmfzhpew6y6l;`&skC zrda)hO@aR5&4IoPn*;R^HV?eyUvl(^qlqiQII(oo*Xq%J*0I(c>xSI&2*rR(Gf&`^ zz>fyDE<#HFs+VpuF;4l{8~K~wsy%Xj+muIesx>d#Ug1s0Nl%^E+ibmR+&m*C&+PTi zwAvmY^j6VDIsAm{Eyjjx?6nQ5SEblEVUPIupjOo!4O7L*sFQ&GmYctplw+EH?7h~m z&Cq75-Z9lQ*Yx${sPmH1LsIw6U;8S@R4Po`q#t|7*l{p)tX(^uRmjySmxz)i&c5iiXkbDNt-*0-5#s}SM z4?A-ZSCSm8fZlI&N4}A59tD%36Cty#77W0A304nC9sD5o>$yOb{Cl_`OmJkZ)^#w= zHDv=yI;7Dm{-Zl*Ts6_ra$rM~dqO7Eik9n}aPn-$@~fd&EMFmiYtg|1j>6cDr1kJ) z&XDw>lGIL+ow+wIm3@Ef41=0d;s#*yuR&OUMR}w?Lbgc6ue_EM<^fV6iefzT=3epA$Rxmn2?^%w+^QB?7K=$*~6MWcoA~9yt0CgZt&9)tl4Pgfp zaHyqw)JzcHmak<4*G`R;ZON?nri8GK@2rF@=+knwVvlU&-<>oGGMou@S{BxbRCY!B zXxZKMb_^M}%^)!l&J!N2M;=z+He&*e!R~3mzM3AZ-zr}O)q|gSKBk~Cgw?O|_=IDP zA;F3)$Cg!=##yfKnvn8|jGQ!+k(D*1Br)4xEU*NrIX0Bbw)op(70)~F`->&OeR5wg zI`UUbx*}?NCVlr(LsNdwPxNMpYZdyvugye{g-9}Q)XA}GcG5gekAygrm&?+w#zjtkd-U+p2w ze08?%oqlHezBrD3e#mlrxSXoY;kb(fl45PoA%}a}7az>Mh7B~~c*~4md_HCG-7(M#D$jw4@M3hl!vP?u2?@_ti|Kr+Sl zRg)ccro2ZCBSIWe=DbVpg9@S=CsyXI$sI{4UmY609oy4kL3{{KWvSlNQydvP^5%LE z3q_6|el%~+++j$5MQC;^%0X9zIx@b`dnCq1aHc$l`owpB)`c5f$ieIgLe}15{o70z zk|;T=jI=58ZKICXSFL|`mr<~ibN=9Qt4Gd>A@5|V8EGaH?n~7tISzenZJgrbP84E# zsSOKGVGaJa1kHrfV?z_Fd1wux?xe}9-NVC%3!fObmM~0kpR!* z%*XB0ZR~QmEnHIvEVPfSa9C#J*O9*L$<91q)-cBA%OY!yzU&0yN}Hpz*^awxMs{M1 zZJr{8O^&do04xTW5u!14sTy`(6P7O(H09@AynI>JP-uy`HVoY#Vb3OYsT=lOyT`tC zNL^HuuP7iW(;=L_7GayBOUjJ!R)0iZRirJkEhJN8S3R?NC@FJ{_iI0Nt92h~P1NBZ z07h+J_rq(dKjIhpc6xh%^bt})`VBksr3u(TLF&^B~)d<#C&Va5$x~Lw!n!ARcgEKh0wy|MvA7wu!D%t&~J)1 z9x|D{fm{`_Lv$7xW1FZ*V6$Ru5wna)bTdzMrA8aC7V^vj` zQ5LRU+SYP>$jBayvE9Tg$*9@{)-gugtTvML{a{wZJPur%jD?%+F+7gOewgQpY?@@b zQVot`gwLgPC_NcxlCSURP+!{Cq~J289J^u%(ZHB7>8svkn6)}{W<sXpiLE( zhkC104{9}>-=*j#8SdgRN!azF5eOaAl_Q!=wkf9dKTUlU28r}bVMT^Rsv7FWA(=jW zYE!!zvd80WnL0VY>PwHX58~oNRe!EEvf9YWiL5gy!=IVrZ8v&7QiD=evcJaLI@@w* zQ~yyPP!1Y=Q|yKYZCd$|I&!joxlQ%v4EvA0$A>}^rST0tC{1Fyx8@_cPxz4}@fJgz z`qHiqrb6ldBs;RvLYdTdO)U6VzY$i)T5s}?w~yz&MUJNst5Xen*w@56Qj=^~HS}Gx zBOjhW#^P)k-5sdi`*+;T7sb9yu!WW!A2J0dcO4(fhz;sGy_$GR@!9rZkV;#FipWnj zO+8fY>Y>u4$9sH>c38Z66w`KCw693Uhx>H}JK-K=vl4BSy+bsI>0@LY5^Xa^g=99N ziZ>m6rb`m7jm)q&6KxMGQ@UC2uArA$_p;zva*P6z9-ng zCj5ls12&KF$j6@;h30mss{Jp%@Pbf z_#YOESeM-_9TI*g_QWv1mLF+xqjZu1R~-H_WenR}JS~pRe68qa)}Dt_)f|GQX&JTz zv@0NKR2(+STZBIdelo8+Cj2D53WDs)d0$lm_eV&1h)D6}@JQ)C;fMSR^ieKzJ=q^E zeI~*~cz8^ko4kuQopcaW=B@b7PldABPZDugt%FNAbf*@VmDriV_7bm4i&yDbZD*ONl zpTN%xQGD$C;h!j_z|N2SwBLz?ZmvT3iC>U3S^7Qe$gqX#+POECj1X^G9Lj1+leKL_ zf^;(vOP9hZj`*V@kB6UF?}7`GGNr;1;fq8#wP%ntMY>b?i7W_u*Mr0SInu|%54j-1 zrz)X1Ht&s%VZNWv*6Lb0a)z{s6`mOz!v=0FftLH*SOe4klxJWYd*ciN$Dul;{FHOj zS?r5UTWsufG$tYM=18;DM2#!{s1Tc2?W%b2>lkM+zba@+rWb^JkS>m({kI73IjmP@Kbi`czB_tL%Wb)?jl7}rtl~5@HtZbu<#OT zoAB50@G|Lj*0C)ycn-0k9uOo|NP6t2$q!2SE2SLamwO%VWg6jc7XD67KVN#11^zrQ zm>u7i7|G7@5^Nt9o7LJovO6UAAY*2!6a6!nb7u)^3J-Cffq+yD~MFHzjgXEXX zd9C!4@YDDaC#{hpNT!EB3XjF5Ep6}S|@dn@GFoJ3MY|ZoYXAM6Mi!D3c`g1 zZ3cdV525&@Og}*Xi9h=J#0dY3BmAGSFO!Wi>@BZELrDar_mo%xTo7#UiiF?F{Trn} z2)|q*H%NoS{5MMU;urnVSQRL>vsZF#mF!HA*Co4W|YTrE%ZBk^a1Ehg~PL-b$CJwcC! zDt(Ij^Mdc!vhqOxjX1FRB`gVxiQrptGV`3ca_Bqx6H<|S17J|s|MuPtq#-MFTa0d{|$FD3QXNU-Pgh&78u1Xph z^eCZ`AWAraATmIc31z@S@K?DesX$ut56K^2^nXM_5YHF*HbM*|z^6k2)MmUbkr0j8 zdX<7-)HA#P5v^8$V<28p@Wv(GSZfoW>;G>XLW4;Qh9qHpT zLWOiY5unQMCx}kC3sCu(JkIM+h?4gTom`MYHb=$t4r7TvM8WNF^td05*8r*-S}&e4 zsyY3aqRpXCqm1ee3TX+!Pz9zYw7)B%FooP(Q8L~KkZ=$YegYbTABzk{C}ez;f{$l< zR7VoRmF;p7xbm8cRY(TVO3DOP9Z%@bSU8)1ScruJ6a|x_-%B0@FUHMax2=N;3Pbb zf!c$GFG@lXSIZ&OlJYHdE`o0Yf>Cr5a!L%xC}brd65>^jgmQtWc)Y}M0;VA{;nNj- zs#f;MeN6ePfJlt`m@*u9-w|Ua+BSqB=7TVTpUa(2d0NhZ@-_K;R=zH(`k1I{6ce>C zDgP$4l5fkOq4Mu?=TxSO488+xCeghs&kD--F?w>%r zcR20)cSOjv=<%Mkj}R@s22b37!sAD?vwLus4GDiw1p9^)Jk^&WGkanl%>YIQ;=*aG*jfuh3{1q`!97TLI1SiIoctns$(7voes4 z${s;>7KujU%C(>n3c;t#M;~Hv7?F69@w*6)+6E-j+7TQiHh8^HDBE>0TZgjozqdT1 z&H=_5b?=C%3GmC03nuQtPtVj(c(5pOvS7WNp&-a*u@Uyrs8b_ioTEa5l0M!tc4R?G z1S*y;l@81YV{{@uLjXYK*zB7eI;!1?rg0X3Pl2KQ6l2hh2;#XBLB=dL>1lMOu;S4M z&5NKDP4*`zoy!Vq4-I-W**d^3Xk5?1D)92(T`j3GETWwH0cc~l^#N6$PqfUbd= zPep`GM+iKwcG-wDYT&1GE{1bfu5<6_>;OH8G@9%6a#BaIH~|*Urd{g6Vxcn=B6DA{ zX4LekDraD1w~bWCDV47}poK zYBU`fZ}4kCId4ZaDrYO}7_f)XvV#7W;70);s%FrB*|Ty6JSz7(kUIM$?VCM&^&YUW zauzv%9l>G2CC3@q?3vDEc|pT$dA?^Dk#~feyo`?`+;1Jfb)G5APuZJo?nt zKzsHMqet``J)&O_(Ul^ZAzwB($|rRCi0Da(9)@U?`9F9>UmhT*E@De+<}#4Jy>*%V6lLiSLK8Tekaf-kka20c63H!XwZ*9t31r&KlbAIsxGvPO?M~bGkGUyi-LCxpq{3wPcz;sn$PQRy^Bfb>>^Hb|%R;q# zG{^q1I|GE|D%*5selH-!u{YoTkgqEp5oKwmeW_*`lIxIDO{rPijlszd%_94Gw*uY8 zGL3cYSf1j@US=QbE}UR_{Yv}Mt3=6QQ9E=gj$5y>uXNWOMd1nNWWl&W)_>n*|LgGR zP<1Oh>`UFYPOfaE!zd;bCA;5#&G2#~%EV6lD7C9(RPjJA-D59wYu`n?9lc;rzKXgU z4^d{}fPVYZBuD12_K8JqUUC!Nl%Ib}KMd(jH)m#KWw86amydTmUY&kb|O zl8dd_o&SK_ra;t1S9gBY6_n>s@;$1wm#;4(g6vsUg2quU3d*S5 zakF5*!28iqYeAa(E!Hiual(uyGYcPHuRSx#vElax<~kP(k#g@B1zX%bO(1U?EI8oK zI3amr8QG~$OABq`tM0a@#L!k{5rs!5jpRRZcHx2H#T8~1N2dm+uybk621iCo;dAb9 z+m%`>j9r*%TWzu-nViK3$9w{gGwN1?~txFV?cY~gu# z&+_1#+G$5;|EBPLcbP@*zq?R)YIr$C7Ym%cG{q4zRG1d-%4qFc9o2bl;OsxTd!^u` zNS&SN&Z?j^Pn~U>?TRiaci%cY(``p3CyVgydZ)GYex3@2?>NMgHzSCSuJ02U-W6BD}PjS{&A(}fVDg@y?$5G8u!p6>SoT) zqAl+EgOI#6QW+nulJ*uYb2p&K{_dxX%G^-`+kL2s{9Y_djC3V0kaJEHZE=6j0{QcI zMPF_nMk(xwrlh7Z^LpPTM{-;7^)>8Th}$ZE;4Eq!iu`Y;|y?Y)(A>q~}319HxDb9XyNQtH;0Y#2L? zQcfT%6@xcV;H_;Xzc?+rIcxmA3kvX4{TXxDh4#<>pL!@TlLb}-FtCAe`_Oh-DS2Ri<1x|gatk4~ekn(t+ zfwzhH_jBygvNx_mkTE6A#0D^{IX-&4tkyY3%cTO_vcqNX1rJM03^C0ESgbU>TlST6 zOm#(R{IcvoiYp5B6Uts-`FGBtDu>ZZjq{np6pt5z&*<{GQ6r=DrkCfqtKL=187%OE zImJ;qrTjT}Zi%7XSyFSH{k3v-`JbKBi<~*poic=-sKa)B`9kLuC{yqiN*YWJV|M70 z9p~E0M?05q&f>Aaz)6!G1-F-fI6QB>w$rlFMpWDET<%hXqxJ6cU!3a~IX*8mTD7h^ z#c`OGe>|KA>Z$8PeWSt=^lan$>Ub?qva1eM{H-#936KgW5_i>QGRN8 zT(He~vb@>Zw>_#qo$;CC;*s(jt`eHbI_^qDKHn^V+d1&cal!E6&&zY%MH6fJ!E@ys zoMW7evSXm!;|mg$y+4#kIR`#h{^hc_C@MV4F0Ywc*HgO5j@wlgHxEyfS0^M=>Z#}u z{uRHtKW4qPxa80^06W)7ra?&zzZa+TRk@H5yA@@Kl80x;O z`0a)(>Y$<0?EXRoERy(@@E25VxpL2hl6e_-vbeK8S&&Ss6&C2F0 z8emIL&PocY>Tq{^Lh?ML&xl3N31ij$?)H~svER1Moa}hkRP~&@hTKszoW{)0 zW>&3rF3iy?^2TOHe$|oRxf)d<17E4SX=EbKfv2a+2b_GC-fh^V_rlOZZ^k%`GmzVq zEuS@D1!DtoM0(yVwIloA3+{AxL=pd#*TSXO42v%}NO}%62rbqA*u1cD=`aeEWp_kY zy~44!XQ9WZMjYkkNoEE*T-hvNylYyS7vR|T;X?a#7Y7$vI+pku%zVUv_eTO2U2^UM za+s)YIgN*QFY-vkwW&(YOwYg}o}gq$*JF!zdWQwfRu7(#;%eH{mUCldx?Na3c(=r^ z+rKEu(Yb$7q!!ko+zK`K+hqpFxn~xgqx+eA4=&S;mdR%Eh@ng^@RkA***fR+0O*-W`!Rw zDq)*zaENQy$BT*;C)s%*6l#|92|xn7gMgKNN}!Gfg-=f+G=wFeT9m>vDsU*W;nX6$7?emid*5_w5ww_W_o+qnrp(_6bhAMMx3cih z0Vc3!KY%@~k$es8DEUsZBjg+6FO{;P&ledKEv)vfY@$p3V$nEeOju_gYm2&crk<)>V#7;L{fu#|}?b&T4uli#fh( zyun1|TBs&sU zEji|XE+`iX0nn%$EcA^A|B$;u|y zWAA-{9S#_-?6H)`kgDPbI!c#RQC)fILRHwXGQgY z=_u^C<<&us6)RogqCC86r^q|;)`se}Le%0e?Qff^AHGX2t!ETG(^NSRtLLDaJ4H`+ zN4X=a=A))zQRM!gimt@_|K59R(!`2i#FCpUH5I#VnlT-TtY$;X$U63@m~qEyoE76v z*YAy*!O2&qo0>*Td4F57qwvR?qhjejEZr<>@QxP(k{nh4u8EyBj0GBG%hcL0CtQJC zRa+(YH0~TI?yL0^->@5*ysh?-7)S(?S4S2Wta5cE?Wz5q_98F0%jcm!nP6wEgvfmI7_sfb;^=mZLx^>A{b3mx79jwxw54Xag-; zUEQRJD|l^@W6tf;9$JWNQWh2Gvtk2V@E~~nt z!7o_2Y=c7(tzU&7v^9WBdG>TKWFYjNLaz%U6 zl4{x7KPf@)?rqCPim{?EkwZI|T{|!lRN`pgvcMoDFnI}O@wfK&pa1W&Ps9|{N9W&` zikpNmOL%I{G;BfS|>3>5=tlByLnkObpsT>&A-MzLFK} z_iNGLxGMU!=w2b&M7F9ELJGsJ6}5epC1OAHn~FRk7wcpC%-)K9VxSYAV)Tso$&t4I z^qGptz8*kyv@DHtV6CbRl>e#tWI}Ia*HU8Je-mD?-#fDMVqY_$5Um~KfelUW_@~j8 zXT27jqx9EBg!Yu6#pG$9?%qe4z5~ftAWr z&vxJx^2i13>dw4exk_wS5UW>glrcUVotv+(pLxIX!qfp-<0LX@W5^E?zKp0ci~X)h zn3vsnwmtL4H1^=AQrv(VoNm}ZC${R880T{{3nFtY0Qh_wCdZ>YXg%+-C#53j5KUti`ZC9NrD1y1fN zU#vdW*8qDFGA0Bhoj6BS_CNh<^{l=kAS}^Mc=O3VTK$=rdPK^iaUK2Gk;byO<4mvN z?dpGCg+K;7`f_9%bNsd(%5fJ~8TRiyR(-CoC5ni@gKv#Gl}rEd%+OkOQ0z<`+f zg1>s^z#>Gw-(alyp|4vE$jC=wHJ4=s_(zqR55zi5@XsqMGh>{%7yreGn(GGg!4W2r z_>&JROIuZ3*NYfq*uQOb&F(95d{aiv2Ulcn!Ni&fA@e}0LNa!@vu0!;>%#NUjGC2w zLvU~DL;mNPk+#2~q~>g2wNVs}xpCPx<~S3UvVYh0HP7_1L7uA$zu@h@(Y=pW29{OYXchZh&8hSOw0MKeWW1vk9jkd`V5UWL zEq@*-_lrKMvGkRb#s@>~jNQNU^P1g#RU|lE`F+hD1Bnrbvg^yfC5OP2GhBb_8^46- z$z0dIzFHNY?K50s^+Re_)GaGtQR-e%-cUWJZmcb1BH!7GdJ-&09Gsno-Q}w9$3*cP z$S+=aYNc0=R)?!6{K-}N-#gZ4m({=gQ)>G0*x80nlV1)RC*I_-J-vtSyc(XDk_@|? zs=ZL}m($bKBvs=3TZ{`34hsC zQy>!CINn;oRyLV`%Up9xqhX>XRFU1xw*;pAl(dNoUNcSH3T4;sJ$Tt5leK?i9%ZbA z-dP7*uw{`QinH5`lkjBf{ETSUeQLCUy_q&KdPx1s(sFm@8ma;Qxk@!;@goC>1M&`E z3zI|pjVDe}OBi@CLWeu3w|S z`;GhK3g1|(+YnW#Z&D69&;74(NB+g*g|5#8p2f1nt;KlMt+#*K_40+*y0h;Ux=t?A zt@*S|*%#ZcyQ|<=mIL>+D~Iaa4W3{9ZBK#gXj4wRG{S5dwyMB&1HO-~>h6kL^`9=u zu5b9N3p#M^y4eL~k_~1S4nvT`FNc@4J6*-?%Qi@fdyqu(;rZuVmudH;D}bpSYHcrY z=^EqQ1+M(YCHTL#@iF{=qwzzxWS8p;>i^iJUu&>?{Ysx+}<6NTjUzEU+_5SVVqb&G%$eb)!@K@8N=ktxnWt-e7*&Jnu zPW$gMePzT`tGo)5&!3RTqvCAmPD_Lv1RFQ(+7qWoiEufSKIWR zM*Ng*$?on$@cFJQ7`Qrnn)|b^pp?jt z+wW+*L;5P%_Gcc)0E}S7i7k7-OX@KPJ)AH5f)dZ;UcPTXOg0UbnJq*y$+fKfzagWx z=D?`4EgOpJ&_IWqd7p(PufhpYuqE_OWG;)J84^jRo0P4-blh$qJhhDdl%9u&XVyo- zn$RX(CU?G7z`soqt-x~eh{LruQ+3PawC6?GN3ZkShGc&+eKS6B6S;^hZesUi{-t*EM;EJ@a{ zBu8Flxtj=+%M)-`4Gcu;0@>}Zs;w+oSy_l{GJON@jH-r(w+j^fE~%<_<6Vxb{JKg! z2*Oi=Z{F(F<#*)Y(SXND0*{2$SCrRQ_hBr$v9YAFpuCsM-Je>v{uwJ=89 zY$B$@D%bR{4tBC*Ow^RCRZ}1d${u1Y3e?V+W%c!A`dT47X;@aooU0=qWJgX^M6=T& zQ(-}&G{V3Z-Ijp4bw?VUqhU?`V`qw$IbC>9(or};F*>1M4c+=@v!d9ME#W5CTptQq z{9pwKEw{o>SnH$+#aP5~P7;poVOS937jzb#PK6~h%Opjf%o4rISa~?h8%u%`ztyAjTgEU?1b;ffT^*rNOtYdQ|&>Yd)jW_IG~DZ%n5Y(YdQ-m?4~ zY@Ig}t4NNLjAn2DHgBjg7i!u;+I@r{$6T*$u`S2J#|^M|)?A!mV#VK>agzp7Vp+sW za8dMU3~x5ewFY^uW<9Mezt|8#B%y%KKZEIq_E31^Z4rt*m?c`F)!$0Ln_2sMtWu5u z#mg3av&3$6qFel=8B*H@Dlf2A*G-F#T}f}|)MDMFty2arQsfD2IRqo#kdWjJ(i%BJ1uOYSO2F;YN|J6=Z{IxbNe$=`m7Fm+jvIDtN35oF*d(u6kuyG!+nvuKTJRBOCDn%+Dk+hcw6&wJ~$ygPm+rw#T^^k%J(OOR9L4}#M| ze24tWjvHTnY|j(^R7b&CoqecoN10^b(S!%>$cD^)c$H7JJTGkxJ{*F_50#{#U6hLY z-C8^BwscTB|LX9}IHxn7qKV)5d6!W=8L&((>Gc!$g{nc18t6rF{?Mnk_)USqL@6`< zfK4Uyhz=*MW^68hm%hz$D0m+wpcy=px9QtpN9(@{`-Z9B_B-3_+lQ{l^M}vVE9(|j zRwWzZ>Qh_1d+c5VY^~GU<6>7Un!wgY3sLzpZwl|>RPA2Jtb+N?de$Bs$qgcwFr^$9 z$J}4xkyhnCcQjsSF3(Gzvh{;S@$9D~i!#{}IZa87CK~us{YGLCwF~!;+-<}&X!1)6 z>>toGXwITYE9;zNHJRzw2ff04Gb=x##F&W)y};baBF0TlV9JRolSi98L!=!D3w&s@ z#pvGK-~vncg>y?wZmDP}(AuE{XW*xpr}$ESQAXX&%!1PSm~r|o_JIuF0Ddo`2beQ! zmt%?pu@!ZgLVAM`($A-~uquGJ5K|dVnHuWlJBL}|-7-jA<{gZsKe=PXqsYh^pI|Uk zUjzU6X#Ain8T6_$by#{;nU*JbO&JGygR?3x%W~gv-7oV4Jo{yGfWMZN0bYT8u(rae zS*)Wny>+W1Ogh3KE8PTS%|F3btM_HR`Ro1K63rf`Cw_}JU~JnPISP+w^vqP)ifbmA z*rM)hG1P4wjnL$q46O3Ei5O@TFq|Kx(8>oE!ghEnZVvvMEjXQur|FJ{D8{8&Zkbs5 zyNjaOiWkC6W-15zyuk8ah>VGN5EfIraN~>0{u3KF%HdR-QR_%i)6c*Zp_dVnfb`)W0uS+xgLVJQ` z-i>%yqcu9M;ghh2&u-VHn0)$1CszD=toYqCD3tyu?e~3M87?#L=c660b6#i|duNp` za_fgtnw9rd*4~PN_T$)9rn&LR1T7({Weetb!!B@DRoptSF0lCFE2O~me3dZ1J&oqu zQpZ(-#S1`J2|+~7j;FiH{2=>rbI1tY937jN88w)>x1gFe^T8wV@JU(LP!oIQ(-@dQ zjltBCo*I?THeW0oVWeAM1zJ%r!cVU#YWHfqqsAo&*uP#;)X>KtE5E=_9(6>GABi<_ z*j{Phix-+!Vkj=h)3*ik&V_zMn#3P|karo1s0u<6j`8j*eH&(u{YU?6Nsw9FJT%VY zE{j2S;8B#AG}aLtZm6OrLbp95v3l=a$iq!z2zp=dhul>1g4e*1((5DLR$r@yiM1p8 zsSQyqxG3dddF$O%OaWY$aWN*U&sBc!)B={yJx?^W5S`DmlRr02524;g524;SzkA8Jz_Y?w z+vh0z7Pm`1@5|wKX#~s;r(8-kbi@|QnO^^!5JSjQ=D5H0UF^~xC>gB2c<$r7r6gq( zncW+%2C=u#1Sh?H#+(#&V8*$8$$C;szStp+@plY$nbVx-KK5o6HhJo#o1z5tJ=MH&y^;mT6cq(`TPks^@4F5f` zST?(V%}?evAA_0??P)d}P+f+eW7hdc(%Jh;!*l+|-=kevLVMCfW~<@5N??DF z9?wPHw^0e`n>90>`j(ebUY_%XzfW}O>`8bDSK8E{O7`#5TqWuas;5Y`OreG`p|@dp z&Zqvqh|4xUr=F}WY>P=g_@8Fk}$;yE7x37Mh%o+iVs&ew>7KruqBR1S~{e(ypE%{ zq8;_*==3`;Z%qbuj8EU&o(yW`DBs@kN|JtO3eU0DF^2o{@w9w@v}j-4V;KW{LIjyC zH3&w_F$N6Xls_H+fAHDVXj%w2$#d|EHWv!fz))9WKLAOH39-dc}Y9zTwDwI}3wmAIB z-HqXR^6S8ONNhgCy0mP2u4xD@m}vfd4Ul3rV1T5>qOTNHDv!B(b`a4#xtZG=joIff`FZz`(rv+tyD@_&4-7Y-3S65qAT2qG*PoK@F zD`Qtf1QQUE)Hb>`US`%-(C|-u6x6M$ZGaf2H>|Kq<1?^=(AK8?I9yqN8E>Bc%u(nS z9Fyl7H;kHKL3|mdY9QCUuJFe0kY~P^{gv)M77NN(RII@-iOc zIxv(>bivRBf?$Ym48Xur39>=rtd;`e*<j01av*1b?|<-(7`u_PQ>vJ@RI zah^eL&|Yb?{Tt@Sn~#mLZv7h~HM2a}LS=V7n5AIhzHxdLj5D5$#AA2pgbox0$>YpS zzBfE76y?W1o3XH0_zGz2yAw=i!lKX9%=cewOvDHHiA^n4GylZ1RZ~Jn8H=$6u(76T zH`sz)z+!4nT}|&<%T?B^Q{$Aep3PYH;nOR~7zsm`LvM6U$;yCz zJc3yQjuSAG!<7^%eD+WmnZn)XqA7yD+uFw?W8rlLcq6~5UID*B-- zsOWoqFW~!amw0K7)8RWpG$ekZ-v(&f7Yx#UWNqyR5HfK>Chh`S0h3zw+ zzm%A%>UPR}SEAb$!dW7=EF3GXQL|}WKr^CKN4u1MA2c>8z`)3QTk@Q$+NmQ~RHjJS z9!Vn|nTu_-vi!avX>PnqOrR-`3qzLOF zFR@WLJ;c|aosZi2`x*uCJDe13^=WKotLX;_ORSwb>GzJ{?>jPXDpKWf6r z>F}gL1~ByT4~8;ndP&Lr66yN9l6f|1<~()2O)8w8f322T5(SYkBU0?o(zA+`@#KMV zQCf_z4qGx3X3)l0`xv>QiKKv2ggaS#N;nJ+-;$#Y!m!BW)8MJY?kePI6731G&2<6(6vklB)$}pIV5IYi^+Rxa=3rl0-Y}^?s z{ST0eyMen0NjjOO-f50!k53*ISma=4s%@kpk1ua<$i18%9x13>QMZ~7g}BG+Dja8M zUbR3i)drBNIdv7cj&YZ-ZW!Z`xW6_;4Dhc3J`FKANxD_)?`W2E@0nv|4Y=OTO^!ZG_xI`k`A z0aG}&YKv3Y-<%9Pg-BD

2aEkAN_|f}>r5&|%^;!F>fm_!B{T{e=?*5@m#*4bP&fYdO_y;i_xK+4c&f=F*0!EqynRY<^A@&F_b5yNIVx}Eeavz{(ZKssV;R3*5C4x-}LzvHBA-S`m5hU>AIJhFQtW5cb`SB zk5SE7#{FxRowd;s;L=6cM6-kcS`~r!HF&p7V!pqJ#Dr#2`@qL0OOjn!V@jFAW)t-j4UDJ66Oiag`RWixUR*L<7FmK8t1ch&kmNT+KOo z7PoDpCnCqLWjCS#7F=gw9S@{OvpHk0@5?Oh7!p{-2zxZU*FQR(b>0u@;kuF}yxg`c zNeTTJ$#_AQlEJger$X>J_K=w-qXWxdJO@WF8zc9WFg*CDh-FNHc0$hPRSGJ=_s^Lz zTZbX#)0@Mr#v&led?_69A4J0+=E^`cLS;pB@GM*Bf&zot27gL5o|Qidvs_0?M%mu?Jzu8oM5a((!;fN_FYh!iecLm-GgE#jLYQOOxnMJB1^8imw^j{T#4L6 z<<@Vl9YMld{+8OreUcq=!IAQ&M3=mi)+^RzYe!JB(I-#UcgTDx)&q^BAlv6218O z#yY<*Lm^)%Dbr*jj)rmrjOvO5Hg@tY6t~k~W|FhnLlYukU~N7+OzQ&lpVq%kFc@b6 zGm`mMr$lW%V=-{+-X-LPX>JQ(;Dd6+Q0|)7=$>9*RSZ?X<(U=QI>7CM6Q1N#TEP## z${TTZw5V$JO2p_FSch}8QivVsG_HDi4W?;{WAf1oBJuhaRh}yMz&Kd@V`V|~O6b=B zdi-TXE%5r)%OPK&))x;>F`GyhbR!!<%xTo42&NOnwv(kWbbD%d8U3QOv}`m3P@r z`*o#y4eR^^cEx)S!ngU~MG@@o9U&pCajO~n4cBAE>CG#Gu7Rl{dh0zn$o|BN)DJC?e0 zTCHpw;z}$WQszDstNz%98k9`4W!olywat>s4u>a6N%#0~wmHv*M?QY|!~2YIRgy{} zK8}5IArARH^+o4Qh3oV6zT*YXSG{{2hZMh@w$N!x(nAIAMpI~eg|lUkJo$Uy*C1by z5#_IYO+3nk%Ir)IlbxQ;zO=QjIlR9h#)}qPN>=#*XsP5j!X-r2Z<=FUPxfzxeeh`?uoPU+n+!h@XG9 zpW($9KU*sRAZtI4C}dHn_x;gq@N|t9X3f_r?iVZzR(|R%x4AjivmyLmr5vZ7L3HsG6jo&^X-t zqUYR&@!h6ATU%8}WPVD7R%()LJGty61oqzYXRE7f*7>K|DwchAdqo*uJ(AY>izM6X z&#RyIyOkXXgE2z_ibovQkSY@)D~cPh8{>(%`~n2R-R%` zTLB@DzT3EH{&mZ$T&1@z-Ek`&QP^)?cFShJO(ABCsyy1+{an+h{?2u#9$RquyE{*Z zOAO!j_y+F|+Es)@v7lpN>}k3VTbi?b%GzURhG#yO@9mCSTco{C zueWdZ7umqKLuZ##kvDKY)nPiUB&`FFv4^Fk9d&qi&?aZ?s5y92PSg%U4s_`ff51d1 z$(p+zzwNRg|AXWU_#ZBx!+)dv4gLqqUw464S!-ADlk5C$N#BfDSGxB%c~1CaTeH>O zJvv#pk$BcU8vK<-r*FAqX(W_d^UumjYxAAmJDPUX3{mfFH15=GddMGROXaOSRSoTl zk&S$6f8vK|RbKn~th!caKpH?$M*lsvXu2 zod-FbirhMjsYZzby`A!$32vPzkxK5D)}`lgGa{MOEXQ?-H4ULtIfk4?#D;WHY{K}i zOV@ow_NF+yw|YOX*4ZPw^})o%8{bM%L)3Ntr4GB#e&;&>P3}kYJ&5X_cK*kg(3$Y8 z(=<1d1S`poV`udCsKU>d*()ks70W7?KbAl3a7)}ezpePGii(O6hw;n3qvF$3`mysm zH0F?d2a@m9ckA`Kv{38*$3OS99C&{Ib3HceL9~+azdVlr_u(shklSfx zl;f}-ISkBn{^1lN`;zY5>|d&E%-@W$E!Zcec6R6p6D2j(5!9(m{oY3|DyykH_NQHP z+6mvLt0eJWm)7NoHDYMmcPoCs6NkibmZVuftH}Pj0;^))o#i+`NHj|swpi@M^T^O zXSDz0l-|ZqnyDDc+YWDw{phLJ8l&2^LZjB|=VKX?c39H%AE2trq>*2KNlA>gZ|@q( zQf$^%{3*iUt#|Jyg^4|-2d)bsXFT}45G+jL1%3hLEnJ**^3 ziPZYh>lNztFMj!K&C#xBYbbg2-?BqpCk|-C$ocoQ-Y+Nd)?mAQBmpflP1ldvd zuin1oE|x}n{^<*zFWaeQf~;d;>#YA0Zv~@H>Enh@zLb*LA*DJxhRoUQud+$0X};O6 zG3Xs3uEaYlDw?`wIjMr!NB>bUi$;vBe%fEDoV+Eq?1B8I!*bG%aoZ7YvpsycqGAXC z#pTAf_B7Ya`Rfi#w&XGiMOQ^*w(UnTC!nBlMIdC3gfX(J*j~Nnfb*O&>PysQb@Au- zInM>zkqDpX5VJVDcOl}&+pHVgEpw>0rE3V&7?ns2Il{`Q@{;)whW=lL)r(22UX*?F z&)-uYH0SgC=AU0zA0VtT1@SbWq~zJhm&sxklf7?wdoYp+j*>=xejni{R)=!(8Z!a9 zqt9H*GpdH2mfvBxHVvC2oe7hO33+A96MmC>N437?n(B(0KVviUuXZCJ>ooo_-_<9p z#Ln7YcI0Fb_eT2Y)kOnMU3pYSSHlFJn`1Ol6)y2I=;H84=89R_7dOYUa-AfDp4F0vODpK;)#z7I7N6d z#w_ilg*W$e6XkRx)Nb#Lk7BhA(Svzf4O^Nf&E~%xTaHdjlS`TJ!$o*RD&}SdzY~+E z4`=gs-4u!6c_oVzm@}69uR03lO6O_*JFj8_Ub=I~*<{E-eh7^U#Tdz7qK=TxU7E#u zj)un!Aukda-zD<2n7bpSCt2bT;}e*-X%Tjl)f1xGku@U?9x9tiX^`}zz}8~NNYU7u z@e<+TL!|Tp?x9kVaF5{O!=*~$Ch=*clpw7YZmRi6DN$+>?seR44{S|6*qg4dYp9zD zW3Q!If&Ho2wDtzzK(ns0YN5Kid}S5ak?Y;pLeEc&yRaO$w;HQ^F(BUVha?gx0iD~b zR^PF(p~_v)!##X=+?x=N*&#r#Dkv!svTtnbYU>-^tLxkl-d#zM)F?H!t`b;}z!J{U zRRSsI%<9!1(D`qkwi-**iSMN&~!uW?8Wl6JD%J%3mLg5wuA3>|uK}d-L5GD(HizuytdzLHK;wRM1T5CV zCYMCTdA#^dGLOdzLa0MxPol@=_wXlN^1qAxr)y$B3NIvo5S~X6csC2Y2Es!)m!-@V zk2k@cPvHqdERRTA$vq!yr+?6op+flqLKYkPI}w~i5Cj$zL_)0uEt0fXz=H(A-6sT* z+G2EVa(^cv4U9TSXch^$Siq$MmT~Bjq)Or85^#lpZUGwvY!vV=0lfmQ6L7tN4+{7N zATbt(!HgIq;f5s`4-pVVMpS|x)X7p2P%B`gKzNVfeB=Vt0TIAZ&WqL|ARSOxlC`5Z zDsuY7gI*FK`8xo~e;Bzz=W>4(vUDRM+61CWKrY{c{|MoZ2DE_i7=mDg+87ZmA_%6iR2Z7Wgl|iAcvuY5957dR~8Ad*{YH0QJyO* zOB=p^DemQZ{Z~@&8zO&^4hBo8fY2EKOKAPa&0oS31L!ZI@S#*3Y)M>n%3d#w`U7j8 zoNQyQ$xxfNuE7fBi*YzTaXuBTg#L&wqo8r4%}YiWkveNAbBu>Xykj~JPHYe7DMl-X zUK2Z+QWUlIQZB^nH8@AvynZ@vD$K@_M(Z5tA$4jO8@!823E=HYgV`-8T3{tJb0{l* zbhd#ttidUe!!T0`T?dLbfnjAC&zpy`Rx{GvTLTGh=Wmwa*yx^8?VyC%3S&pNhYn@U zTX9ZQHWHU0x}7u4?1@nc!SX?N@_s9no<4wJ_f1e$SoyGY$(6c)+m_&D{k3zeu=}J5g4)+w%~OTYAk@(!1@oS;N)uj zG~9xNbI>>hn*{f?cE*r~@@e|4A_^Aj67Rh}X6ubn2DbCAX;#+yY6M+tYfmqVV*hA^ z?quhOxLZ5o-s`bO454F(Z_};DIiME{4NfFy-4FwD^+&*Y`a0OJb0=gey2?R#Qo3j` zGu?B&Vk|b}9G&wU*@Q^}F3E{6eHsR_PYycoiZKfxPw164c!+{dltF~_G%4CZEx?J4jr(jF!$LTlT@d^bUX>`kN>#^i_7qhm!U zEzNT;CpEHxCtKVw-S}+S(1ZDBj|l|u>D3}jm(rx{eGzk{XM-U4FcBtoEGgM^ zIF|23CE#DONj9j0;gh{D7}Fb1h{#FF(BH+A@0UiBD_PCvNKl&!MCSy9XJebVTH5!= zHqBq&<#Z8#0lyNXB?>XISGK#~wDS5eF{Wu!X!&O1;=&#Jz&~=Px#JDv2Ja zTFawr$6&goJXI5Nr{1|%eI_-(|}4Qa<$2Wxju%knw`O=_@_I zjdSarFWhN_y0*Uiu->8W=&|YO{rcgvqRO7)VihU*@JA?M+h1{!;V;k55iA_E_-73*}*p-_lBi9IB;9r_;(L^dn1;(IVS}J2e*N9CJq+Br(tW;?zHM z$#$IBO^#FByX-2=Pw*0=qBZfGc~sD#0^ja^_q9dfd?QBHzoeCkl^-v1(U8u5a*xD} zn@}wE?H8MRlA-c8)BKQMQMR7ew(x;^3vTNc0s>`Uu&BB+UVih>8&^w^XLF`;L4lZ{ zq}}_%=Y*;eydn&0D&Drg?=~&7_Qt3ER?mWv0}(d&q1}5jVB>%y7Yx&P=p5%eB-^)L zmuxsX#mBwxH*JHVWDaS(VtW}$@#bexwL~dadRb!QhS$h#Qzb6rl^#`+bUP_bw^O&3 zp!BFw&2BGqZ95>@FO9Ujt(~EBJh%keA}1NnMcOLL4E9jesMfZV)gT;jXry>Dk7{{4 z*;O~Pn==KHhfSoXci256d!HfRGB@_{NGQtHx4Zh4h$i7c!zRp2k}dmC21$MJ;Z{CxS$Va$8W!f3WACwth|kD?r`8~%6}ZdEJh3Fk*q ziV@?u)XXv-9FxXYJcx+a?YQvMeCxt!*@0({teC-e4~=KPo{|=+8!WLg=NH7Y7eXTy zb3o5+4r_WkJZ3np>1gn#9XW0DZ^dsK9%*qI$(n{$K>r!nHZ3 zAvFBZnef*FotBi55Re$z$!l|B%tRs*dxdJ;O3I63AA6v5eWkpIhX*|oToTM1R_A`-UW19sz=@4p8eaSz<8 zbJrF7bJ7W<4e?cS;OW2S>n&b!5u(?$%)zpS{>i;Yyu$@oPt$EEz*LT`9~rXZdw#V+CM@&K{U6-JA( z?Jq)W)IoKSx{zgxrXSSno~pS?lg}pbtO8P-kH@y3@AmTg!pG1n#-z%}w|(eMh$~ru zaEpNV3%EzXHwFABLE!rViGd#pX5vf!D*oXU54y2{mKj2`ZzgvBa1%Z;W|@s}q|Xs- zA^<>&hiHKBQ-PfhH|U3H?UkH3JeI z`ox3ISmHSTT5au5h&z(*~Cs#JQEQA6?ALA;BR~@j~QMb8()is$PVvgTT z9bsOCCQ4&|3OhP31mb?$3vRv@yF~@MF{~pF8gI_ClW;lxg^*#)y$M^gain{A^$@>5_-8;23CXQ5*_&SgbhTuL!N*h~5Cp<&R~{+Ai=^wJZ*U%!RDj^kfuWvhOs zNlsyNy;EYC?a*iwvrRzi<34s`Cwdr)+{OBt26HhbfNvNp|7+M#7*<%d5SriIN{I6( zY~hZ49)`Q}2WQ}#{HYri`6rf0;bk8}mD1blHZbK2gzu&Bwp3U*Y36Ey#W0QH`0Fxk z&tpXq!xMPf0-uM@Kh+I4C}EPd-|!+bZGgn+J3#=*lDIq*L=tK zF_=qZM>oTk07O_R%RsiMcaS7G*0{eEBk^5Ty%jV3${M=)wTfvO#i-+`37hy zPI1+*Y&Xw?b|YUW+u)I+Zku6H18zTTgA6jz_^_=x`0?}#E0)IhVF8Su zg!}WWvWn99PbbT`GjuFFW?eoEHkBZwv3-(fz^)rTnUxo0#jxVyYy}<5Hx6fq&2ys^ zGv-kKF|b4%Z0NKl3{!Z=LfvAYo_N@f3S9|XBgt^n_0ZeNxJXne1!r?Flhnf6k1mSw z6mcgeW^Up`J7>ZXQO!a!0I1zx=>5sHq21g$V0C!84_RZV=LQ7%%I2~=3R;NJ;bzNl zpCSA*V}tyB&}EyOv6-CGZkYFnx&1EKLUe|&Fy5wVJ&6>k|DB1?ZECn zI3D(*4vn-zg0*S_#%;IDY6zuaCotTMU>X06fz_wU$(Q?YUkXX!wtt%yJVU{8TAv$# zIS%)4`-|PcthCy0J`0GC|)Li3vsrvi63iym=S6y`^TG&qE0$mJLI=SVG@Y(L|Ut&PBrT5M6&%4p4lBWF(htP`&0`^yKp$ zgz;^cMK$d+wPQ5%l+B0!nHESv+Ff{(VNKi@^aP|D>%p8|IUsWax2S}z5lcpNijn3e z-EW*O&rI{`iii?~HR1z(&ugMFEP_UL1k5!=OW~a)s9MgcEj}PUHaf{GrJn1M9}TEW zD0H9i&^6xET|&;2+>b3yj_^+S^lH}e1XO3!Sx-0W5;xuz{J!aW>u~l?TS$o!3u`Hd zolKl?1B?HcEmBsuEC`7)qi>-%nxqwM`>bLd=+8xqp@GWA{Vh12FURS<*fU$Pk6v{G zx&aT?Of;FP^V43vhneqG5L;H^l*$ssz2v_Ksgy zgh>5P&--^dPRAqAFWcSrt*d)i-r91nf8t^bs2w$x^0j6EV16vn8=bFmd9Y@tNnm=o ziKo2U`rE5kFRB~3aSkjb#ZIz6ZS;)GaK&mF1;$57EP430CRpr$FbGl!(+Mfg68Wud zDqYJs44Hh?Oc3|GZDM#vL?;k*m}L-`kEZDa?eJrB|1f*1Hj-XZ+Efphji6WH{0xFt z2Um~G%X&c2yujd~8ORzC)*CdiV6Tp&l_g8ODQ7z47KNIp;}*EG7AvZ5*yu%6#R0E|3?~ouIErjmEk>VRi&91r&C4ffeT< z-{AseM-onOa*`41eG=o}T|Yv`6CWZZoKZF}MZqH1d1OgIn0R`8m$A1mNm62R|-v4ifk@GSisM>GiDR znq!8ZW&!sKcwE5K8ocluO%i-z8;6qpP5&1TT6MC6^K;@Ro_26*mtko`v*G8{V4=l1 z!$ZGlw!a+OBK0(zq@HzbVsXwY&t44c-^OXVb03n6uogb-ZNGF$PK5v%xitEkGxj&p zw;?w9H0Se7_a~+y$VF~JjIL~ls!b~gs|i>wclf_(K5@o^^)k=JBb1N41v!)O1k|q< zcd_1qa+ikn3XeubrY^btt8kIajTrp?@DYZ@B- z6Rl?G=WVts#&C>XmCQ%tY`U-AB+G5UCF}BKE2>KC*z2ourm`j1 z=Y)?at<&OGXbNein&s5X(DRy%QLNN!j9@3ON5to^&k56kO4;4U;jGqc9K>=L=QOjW z*XP8suNUW7SnZ*lNcy!bPO#BXiW}Zg^@0r;Se2>8C9yj8q1QN!ExsWqlt`7omJ`K( z@*2b0*LNH7#@h8cL)hPL$cbQe2XhpUHb0IQVnFDqVCIu7C>TCpW{5k^@OO}ZrjRpc z2{GU}frmg0s*+`*n0K*rfM|{>~A;bgpNVe>6^8AMgL+W;t{{TF(-oRn>!+x=4||>7Q&HUT&lGY?s#`;&Ngi! z5c}ExN9L<4LOtDy+j_UWJo4+LN9C zbRy(aZ;>fN%-qIgWIu^5h|YnfP?EhF{t2m&H{Fey`!-m?eT!&VGho5?6q9RbV4t-) zQwcq8)fQk$h-_sMXCPAQejgTvJN}jheT@&tE9O`sbOPy=F_1B=7y*Hkeo6G!=O;pj z^-+m7R#1G{o;hm4z_&<=WgkBRm58>FN=!xyLI19a9LmZTfvvC0=7Fs(nab9WOAJP8 zY)S0x=P`g5lb*;I2MQsRi&B-)W~9qQfdTuwzrG0)wJnJMbYW36`^T6PC3Gh+Y!n|~ zSkel$429Cj_QIkVW`!l;(6^Dhhq0qwuw3j+ znu-Gdor<;9db|hN$xeQYavF9zr0=HSglHmK~I}%uWwA8gx5tjdT&aOM32FzR~2HW zRJ1?s`P@779s?#plj+_zdNDHH=!7A>>>$3fz|{;XaV;i6%@u8y67|j6@iwGt!XTWK zcn^%g5eA8r9;->lxiXcqip}2>-9}|C(Vy&17N%_gMx5f(HIe z4+Q~d_uM8!k15EoGegkxo~vsz?9yUr7&*Www4gA|(rBr>*?Y|2>VU>d_kX;2%TvaV zUDea+zvq&MKC(&wXeK;~70qWD2yE*^6uuEx;F*vxNb35>{mEnNcB>!}kc&{OzWtUd6 zTD(2pA-iVvkLT&$7&qMqxF;Fk-r?L^bS^HYqy``jy636q^^J*}=1TXw=Rr z{X*~aM(tL1^;OWXeQ1(8!!E5lDd{yZ*Vi9oC0U6?xOU?R2vt61cT_(TH~FN|vq8p% zM593}0cHZTdXt>z8wMY$EGfCsx6EbOnf|C&b$OjuJ1Q;&Rbqlw=@xm4ep6LPxr<75 zu_{l}u-va@!muJ5wujeuHhM{*m4E3IK|G}6K!Alj>LURbx~R^#_11azfr0hCqa%2y zo^NBcsuh*lGJZf~*S8pUIyJQZ?Ow~5Xv-}j?K>{~rXW_e^KMs%+jPDz-RyVqeH-6% zU94??ZnP&@-GnD>%DlRb`b{QZhyQ63 ztrs>FzT0K~%BU}fy{9v{eZupL0WkSZ-{2NG@m!ptMK?LM@Vz)=%eL4@7s-wjX9g!y zl3E`~QWs#eM{a}q3N|jXMa~U=ewO-1;cY{uO=%dRih0ro)p;QJ`4Wsnboo?k0tOLN zN`Kg=Z^=5~$%pY&?Y@~oy|=4CU83q9?XzZZo_1e{FI~c>XZ|)d2wRzr>MK2Rc-Rvs z&RBQosl0H1>t>%cb}39#F6od)FYbuzv4%Ie79F?rgy^2iFFyYCR~7@dI7#{(*{@3@ z`=Fy?#5B6_7I%8#gP#0Ip9z6OR0;RBOE}+zlIBYV-wtjNy?Z|LdU$?!Wr&;vi&dMX zjjzm*9+g`xjY+S))+2||DB6P&c7u~!vHGoyYo$=xvg-VDxGgrha4lXFNi6((7u@gq zyV5X*PXcA@7Q&9!i0g}Br9JtCPtN!Qa?Fk$$Xz1ez{b9s`@JXreO*gvp=A3kZY(aX zrxw1NKiqfA(zUoVJ?E@W7ukI&+=gheyPs=GDZD@Kskq1TG@|(x;MT(5=j}FaaI@nmmW!%e>S++ z&!ZHcIt~N;y1Zc#g^^363WAfj9WDUZ^{?GO^nsS$$Zy*5^)2^{{KCxtDs6Hmv%5O7 zc-o}RkL_K!*at>rFac(CAML@#;CJPWgFTnRV-L^hmV+OjeqXn2Ex!0*chB)Zb?N3D z$M>J1`1b+oL@N@Ob11ji)6!=8kCOU?f18x@1oc~s@1MNi26fytJ60XqcIa!}19TIc z`tF5}+g%P#F)aC;4yuw-&09rpZbE5&$^8n38Pxq>6@H@kmtU#Sd7h!d3!bDqO)a}p;^}>V<~I&TWp~{!z@W+_SgENv1KND zWgN$+QGJ$A^QYg1KGRnQvni<I2#)nBAbqnwGdBRJ2pGsbx^ zX{_6X8`nh7&=S1UpbbYTJJ0zWeouph))lq%=69tJ*G1$pI5A zo=aN9&0Za5swwE|0oyE^|9WqVnyG5H&B@2((|+q)w&j2Dff4!Ee;8QgrKmCp6N7|# z3$9AaNseCkGT%T-OMDAd<8F_Z7m85glM^);nO`R4zA)7K^Typ;jtMshQ?|{#Kn>Yl zBof&6n)VBgFaMzr`m^GAtv@4v%(SLpqRt0$%75DdF{WdE3$4#GZE-sbOV_>yuB^t2 z^B5VWq21c=Uk$oPQ`&8u72TuTFWi%7Qp5R-D9oSz!vOHAIdt4 zps zf>o(JUNYMl3>K8JxMx5te9bcQL}W&x5t>tNH3jUZDD!#&?t7g6&9M^b_fj}>vN%VinJnr0tz*c zXpX8t*q(SH99Cuv6~hh3IkiYBPp9E*=I&^I>x|-PBE-ScauFWH!(*i;;l@T5$q$jX z2seZ>aK}k6vBasfadjf0#LC)+&oY@SdB8B~8+NiCatE7hf@w%L_luXN;aryz^K!RM zDq)k}g8bB(onSK4?KDzPeVlE7HWA{CM@Aah<7>05^2coI!sQ7%gMq#J-<0@Bx`jqG z(s?FFNHYxVwy>mlcH}D<(y1pl#fLWf_Xy-}{En2ak)9K7k_$!RYRFOHevlJOl{$r6 zE5US$4pS&GC&wQn#S3>U$9G7Rh5Hx}&(ujv*^5eKf~P|GYtqee(wzh1O^_akJMbYs zcZhJ3TSY?Y;;3-{gS#h7UkbNIFGu=GxNCWMt`v^yB0j(1d^vRxI?TO&WP&`4{acC5 zVjZ7k859E#%ZGN3CUn@}_-<~itgl$zz{@9Y{mPzBiNED zlcU+gL?-1}ZutHu-_QM64kn@7tyOoh?f%?^IFjA2UcM4$x|dZ|Hmra(Z#S%J-d+w% zOGjoP@+Ci7^(#d6_W#Qb^HfTb4f(TF387)NrdnaC(Jp9OT#^JYiC_c4<>K)079l&l zRU9%Rej|m0-ope}NZS2Pz|+EgksyeL5nQPWi#!&T^ceD}6Vg(+i^&bRRQQ7ick={* z_poq3F5qqflL>+_1g4T@m9T0JxJ0Wo|xJbZef@{RpSVkY0>QNc z(TgG?HzII*pH@MeNwU^PK7;3c>U<^K}>Kw~&U@IguX zr*NMZ?jMCa40TK4NdzB4i3m80;KS%G1VN{k;BSSEc=&G?{?7{ke-PXtNoNUq@PkY% zSkPp{bbufbPY?->5$;@qAh?tu@acexa?nT+CHFgmNazKE8(|%vU@aOc!AEcpn;_zS zO%U`i5(Iq{CMFLRc^G~Wj219nz!3tD5pbMyqA zI1;~2(~2WT@`(-@sU`?~H$fzfLgVSK;|lah2&Kn|M)1Pnvjjo-O@d(TV*$?+1papf zk)t`p7#JEuZY1y$LAYNbh*aMq2s+~kKBhJ1_!dz@U{K}#9~>4F0z8%wgqycglpklP z3F}?*2jN!}{}CpDwp7QkiX-zr8#;H@J!;yq3f3_c~ocM3>VKvfk-@OPpFo)DAV zeJKAjLPXBNY+ugdzDu|tBnXZJIp5ig?qksFW~J?QY)Gge~Yl4<_OJiU_;?!kpxg2>4$0=_QbTLhmIvleDG zUSfdR#1P;t0hbC0-nhS4K;)6TTLo+r@Q4KEEh5k%JURvBIb|DvxWTdiiBEEi4F+1` zv5xIi2D7rxTqFC>XSph?Z8AR$J^kDfW*6EF@uD){BsWX7_)gZ2rO*xyk12(b^!UvIPxLQ23GjT)lqfe~(Ns?!+LAlfN%>?dEL= z(a5wTL_WeY?oGl?gcD9Bv>QRilmfmA%Q!T3sPULll8$TFqm?q4$#;(FLy2SypuUe6 z*viMI#W4Rxt72|Ou#@xnL=BR4qKggI%!)eJOj1HS5Nr|&3}(KK5krmF0VRl|Y$<~w ze5kyRn+9cV9S$&UUAb0c8N!P+1{}t8oJN8~vLF%15^)*{VSsNTw7wQ~!Eh-|2ST^@ z&}(IO8K<<@!aMy`m}0h(H|OhrUAZ{+?Wi=!UbbokZsQNnoNZ!LPv-`koj}qmV(#hO z1mm0Fv=M43xpr1OAGZalU8(E|1Tn9_oHR6#BFyZ_(3T%6`!~gMh2nfu;v}7iq&9xhoGbyhdDJbV`uA&LaR%Ym8$dETN|KIgESIIj?MHYqYohS<9TvrS8sX_IFB0na*Y2={ z>x#12J7*RSW_NvsM5D2z`3i|H&ca~E63-&iKj3fNJBUtmH{z8!=DLue7&{SeVyh^8 z*w?v=e3~^K##1fDbt8}f!iv~Y3R{6N<6ew%=^8_u;nq3Ev9Pa@;L^r05JF%r^Zlpn z|B3q&xGIbF|M$Q-?8{+MP!{fcXGBft`1m7~r#6ZT+hM4d&yk>*D!u4Ac#7f-nS)s$hBJ z*kE-h5~JiVjKx7VFz#h_oqYV-;W=bEwsWP*D-RoYrej$C6rb+Fw7$Zh=@{D!W+uqS zJp_dZcAq${g()j;NmaLgP$H{L!Q0{5x82qJb}lHy_E^pDkD!g>7x^_pC)}{{b zFOAWuX0fF&>j!9bV3P+k2KaT*cmOg>y6IkwpCa9K_YW+L?p?ukT0;*5{>;_Z_*S5w zeAPW>y}mmJnZ|riKT*5u78iDp3|H&3xrCkU%cwJg`H77Oy{tb#TuDs!793&dMqB4t z^mS3-5GWkx;m*5!^v>z+^)P>1v%g6jE%4(&dSvdQ^VCTudMUjfI8Q6U-CFN7Xo}ZW z4T)CaLdk?sD9fX32_Te-&JLNGgke!R|pjAb%?T^D=^@%1Z1J_N$ z{aD?#iE6g~BOi4;e`HG+?`FfL)39IeJMWJ9M1irvY)?3d4OYXcDLC~hq-;4 zDYCc@Wg<(mc3@RlGLV`gP5RZUK^--LAR2E#{9(bM;RU;95UlaZQa{x^7Pc<| zuk>NRQKE;-mTFG?8Ak;LkL8`9q7LQ>OFK&zhD&QS5I<&CsPqzC~_O zk(^jMJ|B&~z+s%=C{$7+=b(EQcTuSi(y0CM3nXCi_&o zocuC_p%x>MA1nyrd0`Z_``P6_?NzuC=H<`g-L=6hGP0ra$G;RB8u}+hvx9A?nqNpb zK*a3NM)t}LVc(pZs$+u!ruw?l0+{}SS>x*2UAkuBr@8s7`L2-sSd{VZL90sg`?LM0 zVVGBU6FmvfFmR92l9Lu)VaTwodGng>sr@~}|m%oXVu8t`JZJ5Izqf<)3IN8OfO40+tP91WKA z7=fA>Sx3Rt#`_Ao3x~s`D};vNKm2uONhjR8H@~zLN*4GNt>!#pVdG1O$o=d--;S)I0S{JP*vMQQ4n!Zt`&n*EWZ+j&(h;5N zqt#r;!WdnNqHlGaD8Cxer4RC0G0qQfZ*REb>OPE)=iQ2SVb^m}r~LH*?{x>)=lip$ zG_t02E1Dk6Cgpkhxqb)+(Le+{=zDSkSoDv0yJ{%Jv(?m(u?~$w|0Gu9p+d$(e(dlP zykel2#j2}pX-!lY)eY7o&0~P(99ojE^d?{!2z*hRpW=~N!}6c>h7F8_c$$~wKa1%} zxgQrB+cz#2Ydo(=zhTJFqHm7G5})agmH2D!;7|G~;@2&qAWYNlyS0_|-mhKSTG}x> z2sAJ^?X85zS5Ww+L*W%66}TO1n$J=&V=xCW4&*N^(c z&g-C|?mHYB1HH6GF0rFv`*)wdG;P~OM`5b|hB0BN58}i?uebHKqGN`JAUfJ>kIh)$ zip5O=PR1vAL=K&*M;5LMj_>tD(_Tjw*OA4gH+0hVvOBdmv{`@CJFary+QS&wNfk~H zBIqD?+_bbR1Vj8#bL)+y*syI^| zquZ$@ZBf{c_@R4bm;{>@snkW0N4LAwg|_I@8=p2oZqmF;JWwUUmQ`|>8tL~3Y9vOg zkpnSQ5j20&ST-CV4fE{av6AS?f_lqSN5kKJM$`A%x{pGC(rquF88TqfGq0^#`M@tp z=N63amN3TQ+CvA%bS>^bdSXK9!*09#1bj1eMdzql552JR!1K?a>DqKXWPjvp|GAe= z$N24P*mKY=ukO>3`Bm#4O9`167V$UKQ;TVCq$EsaJg%i@4~_5FS@;BQ8I@TSjkw@u6#GSAy~~ z_seDaGW0&tQJB=CZ%`-bX^ieP09O)}zLB2h%)3U4Mc3GqOr4;eF<-8T-rN*&B8T)s zM=*DdJ;~HHG+WJGBa15HZ%@)Z^ATxA*{q+s~(oU^>Z$;LHNpNjUq@CnaI%hn!tW$(=6O(vu?G%E?e~dZIH8irw^G zGTQKRcGGvt=*)k`>N{qn%VFUeefck){^lF}_AVb@sj);E+iW#AAgQs08#`|`kF8Qu z2^5XOiuA2Cyi$gHlAVy)%h-3Tx&74g_M^6FKhvpA zIFt9UkG3y=^OWE6Hj})Cc(2F5eW~(F`M2-pzkRy=A$IYX_l3}LtDjh&9PjHVW^L)Q z|LXE1r>0IEC#c{3Vn^G{gQsUrs#&a$xibEj{rkRtzwOjdhCJ5(+4mD}4oRA_mQ8MZ zdUBXWMh`6gJiBY+3wgI(i69!0U$GdGwKf}`G$OlUMAnKnM^bH(x5bF8wFA@6VnmL# z38Re2+46|2Z81BFG(Ac~a?26f4I{FDD@Ww6e_%xJ#4W5mC+&YBEaD1H2Ei@DXQM7X zgvZ9rD0w~S!N*7b5H)<>mdD&DjQOcjP}i-h8?Yw+KZp9wFL?WkX4`v(P;j{YpR=Et zJGWha!>XW#9aA0&8};$I?KY}MG>?kr{%uh|Hre_oR*%S6FZS!_udW`^+|gRDVNgG~ z?l^w#3!zg%_62c<^GQ z!|KD^4)OZ>GZvTj*Oub{$>P%fN=E#X7MG-?lopqEs%4qr_r7keq4MMiD=aNYuRj<%OZv!Wt94#*YNh)Y?sS-ZU5#qJeb7S@pP0TVAlJ^5ma(5dq0f&ch-Qo>Wtes!B8rim8@h4nr;dBCtQzr ziFjkvybl+@FziCWu+W+R{n7W}ym4E`{!)6dbXLa?_q;IT__mI{GhbMB^yQyFd)VLM zxHUy5ep_j5yDzikn|&|8@>dW5zPr@@Eg>^*UQLqv_~ZZS67;jj51}VLHw<%m^PPgmzvnGl zBB-a=T}b`3)18DB$s@$u{tx&3BtvX^{_h7r%ImuGi%Q4xOE>%nja__l@ZjNdJu^d- zjvVt0p1wb~z5eTAyo=hZzyG!R#FqQDHx9W9&6PJ|E9Po3*7oByHI=}Rg4l{Ee5$26|opUQH`u-n(o)ew)*q!>{ zD#sk^d}c!NrJl$zf5e>xA)Hv`S`s@()@b- z@a*UbA)`O)rJlx`k-22{;(m|4yet3JU#dgB7O?cOuc0Iuw*TlZ$F#{2|NrcAOq(3> zf7<0x<Gvwfp?Q ziisyx=L&B=_m5Y9zV7*-tmpS$t*E&gdFylEy2dwqb`b_$a3A~J+qF%9J9g#slEDM^ zy!2XczZ+K`Jw2tJSM3vbHeY}Kr#YMFJ?XVm7$v&=ZP~j2?o0k`d%GtSi~c_A{NSYc z<)e45J{EK4_@cCaRkJ4U-1b~u8&TK*8J|M#@{X9v1Qh@m_LF zSi$511!@dk@r}awIKJcfTG<{t3a{PBKbLSN^ozVVjYGb!(D^wHYj8_o(uZPDw;^E`-4_^9Bwd2Fzh7X#TQLXZ>ig($nEzWZNWd6B|qGNuu?!?{y zbH|s0ei$|R?f#E-Ngs4z%IvTI^VmDlSAKLEF>ZbBBioZ-S-)~!Xnj!7nuBS%wI|=d zN7adng!&KE-Jel)cp+|*v$Yfk-M#L9Pt~EeOw~tK_xSq@KD=*n8xL_{sf*jEnjP!k zd-tVhv)<_Pl;6_A|Gd5QruW}psT!Ky|MM&AO&^^N|1`3*p!|5I->%VZ8&c=?+CA^Q z^O=*c_FUxk%AhNgzL>kSpTqL6KVH^<_meAr%^v0>s6&Da8jAjrcITy6`&aEgG2Co_pZ0Ejw?97R+DveY1c?Ey*})brBy!33mlU=56o#JEZ!Ts;N^spNbiSc&CmWm z>0fPn&364^^w>8$w4GVJP2K6WfAoKA#|-g(?SMtG4wux0g~SDPWecIJ_RZ6+BM zxybDQPU>2Vp`89m;5rGPc$oeh`NHcDSS*7n%@veUI4$4h(v(yeMuoXxa4K(Wg#q>6Ns|^*fJM8|XIutNU747@d*a*QosD$eKe@8)FA*RD-6v^a z=JzHR z=*Z)PZa{t0>LicOAbJ`TJ6Q^wCBbrpv6F?cSvjq!l4rm)(`g0PKleJWm?DXr4`^`= zOMglDpwdGy;v;ShxCb}lWp1oAog|n!)l+QF5DR`p%KYfPrAww+OxZ@C@+a~_6l%=O zXe}>@6FyibkHohWA92F!pz_Y0+js74D-+ZMh9yK@cx=P-8&xkn9Np*ojkCk&zf-gL zX78Bi&ipXry#-I^hyii$Hw?`Bk+Tw_^Wpr=MveNnCpu5VVWumI&h3b1y><*Ton_jC zX}6<~e3mIXV6mkf8C#x8D?+JZ9#Q--v!&=<5zYEO`Y8@hb^2$U)H?Gi2puxJZtZD9 ze%{gYjQPPk(jjwuqb&itx3NtG7tq#7+C5qdDlA2`zPN(Z86Syh>HQrYHTsFDi68q4 z>aVjJy$;@g>GjUF^BgL7Uyl!Y#aMUwT=Bd$y?T|b9UJ-D!lcP3+PwQ@eBy#Fi@uuJ zYn^3<-tK(uR)F_3{q*v0{=0ozYTLXd(SWQ zdTaN_3G-cE{6Ty>K6$~>-~Rc_g?7Ijtlj^>w?{L-9#fM4iquK!EINtp+ZKUE)Ja<2 zxDb^q7uq6Ui(X>;S_X-MlwRV{c=r?k0=bjezI{Q*OT3f7oVJZ#;*MU@^4#C5mzX+< zEn$$iG2|YdM3LsvJw`!9#jL?cGNIjYsh0#%&D`oGs2_cI%KV#W-q|*0{iNleKIQK0 zu;$j+JwA>6>Va!j54LRzSef4c^dp^LK3w?F#@}vv`M7NQZ@|vLG^^c=kAP} z7xdN28>t!huSqQm*s(vL%b+Py?8nko6R&qp{2+U;YVdaF{N4i%Prg+8UgDy6#bpn_ zXq=L*KDfSM{+72kK9y4&_d#)OL$zD43F$d~bN}i8R`rw9_dmGjncVcqLm7g@_m2#I z>DR7no>TX~^xfhGKM#zK?Af9Io$G^Ni%OmT^Y#3yuCDW=#!h`Nynl7KT}M;b2@7|B z_vSZqkEuRZzkKn^z(fD2-(42&_eTH1{EQtNk`F(&L)_Q>(G5$-_Vm+S@3E?QL43at zO2o&*&+Ai@=1<%A);Il5bP+4U_ESRy zzZmDMIjw>h%?Yx%oL#r)>r0298T|S8ug86S%lVV&C2zj@@ky_LPF{P|5a%*`-taZT znh%STUq8N~+xIV5ejizNr&o^!A3hPeC2#Dw{^>udt6u;2{!=}_Di|LY+jH%(=`~OM z@SnB{Fy)&Rg#kVIuUy^Msdc0=uyxh4Z+2WAI=@W~d=^gI6Z*Noh zyl)a78ap}m>cPtgHvgj{{J+;+e-S#q@_768!Uqp7>QLqL#+h$2hUTVEeDG-IslRub z{JQaI_g)8ldNRMAxJ^4Gq)z;-%H^TcXLmid zV!_(Y!nAuJxEBi==DxGHff}$%E7dUY}0zt#~S6@1eJyK6&re+iyRy zu;aK7O1@cFH)jdX*za5L_Q2YRe<9{c~CWf?r;~miz52r(Ho?I#K?pt@zY4$lzchWe}G*#;*sD8+mQmt||? zVAb>>G`?WeIDfxKca|71Rja|}f6V1vlM9*gz-th^oT9*;Eary*0NpoA^2f80tFxhN zr6v?u0OUkK@hbM?jJR%W-~(fk^p^+K4#6rGdb~$Bw$`aY0ztrtk#61CEhPYH-tFlH zh|NP3%*Mq%VP?kA9?D^y3ly4?xS|#q-ecO*snCToU5CfD?4i@0yEDVD-4rOU&ZRmG zl&=SrDuA6|`#>*t;^}k=;1<{9!sdDbO>~)D-dil`WT)=z#LWjKpe9!LEC?v7FOvM% zSzXs&-B|?A;g2UE*>)@LzwIcJzXiUWhCKZ>inTGh$yn z#o5k`aoK(>?~yc($b-CuFJzD-aD4?I;fCy&Q1}Z$fFl%=KR`&5{n0#qdts`TKSWp} z`z3gt@TQeNLikGdi;^mn&cYozK=OBm`9LW{$sZ+TTKRhkvt_?jrdWYl`FjidWk0=g zC6y%?WWNjd_ZM8TTgFe38{zd8?i0F70fJPbL?J`=XY&Lp!Zg`05u_KMw(@7-1s8u$ zla`W_J9$p&!-Zug^D{X-A}Ko~HwEvv$_rB{T2e0(Ble4ZI7Vm=0VD)t5e^G|a$q*; za<+)E#93B2*$^8WU)mC*lqbchEorLe+im^G_7 zJEl+c-JnD>Sh+o_Es*t#y&EzGSHIX+;F9TRr>mAb?_5;c;E^2^i5i?9xEjH^F9H3vU z8Nfz7s^sqRz5CdWFE^CrPAbVYpeh7m3-y1}Ht-%sHqtKePuaaHyEH;jxUcL6!*#%h zNhiCcwSfGQ4EoDGkgw+Cwy&XH>& z#e(p6IfIwv4Cn?o;W;L|=VbSq?B0S)1X6*>#oQ-2V7KN%<3IhNVUk>ep$rz2ixO-k z7l`-B?x(W*t?XWxT`R;uLc=UQ_2YQq(lAXK)8?P>RRb9kuNt_# zYT)v!fy=7~ZZpKK#Ebgph#?2zh~aX?a23S7gy6*QYNTO;)JWlWB-X>VYNYUUyy724 z+(||Zw>je9!wHdC&sp46<^){M3AmgSa5*R7{vO0F@b-}L!sU430%QPtE`?F9BSh z0bHH|T>B-sM+U?hq~`^IG=t-Z%kje%l??urku6Ei2rkbEF3$+A9sHuC#%S8_96HnF z4B#pmOqAQuLUPfo){+anwX*x6?4Fk0tK3EXH{l13RJX{@z<(;q zfLvs-np|Y?y6hg7-BYrAS$1iNCj3_Uz|Zp`&2>sfoI)V}Moy?q9z+0T6e_#Xvdg<^ zw%nb7CzS|?n@%pmhsplC4Pd^)igU=kVY^d>?k9OBp2aPvipY!9%n@``oBUk zA{2@d^vA~o%vcIXm8#=y1mV1~!!_d{gN(rPjWWyk$gbV~N+r*;lL4^u4DujNKiRe? z%l@*+S!a9c$8{UV(B6YJjxqS_ZLNXLFnIAht02ETzo%_vrdb8gYapZ6Rz1cn=D#pv$Fd zy*FAc)LTt0?Y&w>E#IX54z#VLmhb9Xi9Gt9-7Ugg0w5Yd+GS*n|9|t%gRgHjWGtT-N9Vi#J2(+?d5rS?4#n_{d=QA zm%0}!4swrP$EPBa5OAu7*y6GYF)^E0Qa-=q|j?$S_Bl4 zIgrvWuBc3VCDF%4Ny+Mx(gRGXiXg5$ETxK09jMii0t~H`Y8?EYSCK3a*eOGImfz3I zoFOTdnJgt8{R(8~=^LQBrm}E^3!4kC=dc0hlwPc{JybkRnA5{Wv(rfsK9-WDKH5jC zse}T#BW!lpFn{(ykiWOaV1ok!B&5k$!)UGD;W zSy2PcOoG~&^=@XGwQkV7EM;D+M{x__my@1wE7bN_XpxkT9>5K*4`jETrNZoOP+V0Y z;YoDus?}&cpyE$rTM_xs5FVyFo9x#nSQZE?NfRMXiDgwIq0Q&xZN0rUw)7843kPL-y^rKl22t5lpppik|{~#C5#3$1Q?JcEpA#d+JjqP-r%oXr6rxS>HMx1Wiuu1mOnTFzJ4OI?uP{U3z;{ z7y5Tus@8KKrIg8tWj;|If;8ix$)|?-xCZ*O9$$rcYp%kth5E-(f42AGQQkd*6U|Am ztv6A=Sq)$&f7;cr z4Qqy`W00Kr*ni(iiUgtQnS#gar(xMw(&4*gG;x2ZYgIb{9dI!&IV|pN})BP$4Lq zM+m|PtmoqvR3WiV&UqK%G%c?>?-aXg`sz8g9SlKV0aNb-i-3M(?=oUrl>z zmo&K>BJw;NwJx5G?v8iD`@sN-YMEk=g*5!MH+ETcNUtY*?ryrFVMQa;+MHU~qAOh0Nh2={`3)7Sl-i1<%R-oo zhoByp=5?Yv+2e$&!H`(nXvlIt5d#Zgg0bCR38iMJTcg@d-RFb)c1@1Kk$QC>Qfu*P zJ+y7k!yQ?1cV)eAN0sUbTdMc%$3C5{^JOqyBdH-f0hUU3Z#VRY5?I*1#o@OX-J6-x zA2u^?!lH%27@)@e7=lBKH!)N({%T%{r4|+!mKP=!7w2Zc@M?bfG^-=MQPAa>kveQz zS-Hh&9tEb9K58hRl{IO4;pFmW(Gtd-!pRfolom=57Kx=;%j9xoMp?$pvH8W*3P$D6 zoLZPQWlTn@q-`5h(s&evRKss07xT+|T?$JVoDcQ`?IfFwZuY2WO?z!a*Hf{)|^G2@daY|hjZg7lOH#tmDH>n1?7pe0EonxGPUiAJ* z{jGW}VAUMbn?pK;UofZv?HJYG4QZkzcs1a)`&Bx??+mJYs7alP=64`a|4@^t&NK`m zBu*Sj8;(RBK6$nikZ7XXd#Rh$QSCjNBXlw$q^`KXDJt5d=*8fHsYLSGORmrM1fH{R zbk;k;2HW(|H}r*utX~)0nxy{>iXuEt!wA>lZ3ntTrDdF$>WK2V7Y#^t&!ZmpexuI) zWmqPP{MGTgs=wE-?!Wc?)%E76H(Um!UUpZfUUpTxHK{Vs)T?y$Ey_YgY1pM%D@J*K zwev=$7=OT_lVhhT!97zwi+ZQ-0%?w4sdNqdRh_QaYl_6EZU(PY;+EiILsVTv-I&l0 z?cPZaFovhP7lo#Jzm^4qL z_k!`wi)+{F)o=PYsJtDGlIeBLIW??(?Li6DpQ&`7fCR6qgoto`K1{873QL+ixLIblNEj`-77uhj2m{Hy`-5d z^h!9f4_5v(Cx~SAS3(3dnnkO0?apc1iG=89 zqzZ!RzYZ7cDa&Igj?_zqa!*usbX?}RO|=Y@lc{j-qN#KS&d_$JoOs#V7!4I-q|+&f zcuXsK%ML*DtTXJdigYm6BHQcr3nJCVvPG2X$~S&MZ)iX^9>}0LRkh4%t;9RxnPFGr zwfXVeZ%mn|S*F>po|alCbUuDbHP&gnuzdXx&l}>Dd4~O2Ki@IjM2)JaJy8pQP7cdm z*Qu7ftRoOjZ8VSnwVs9y1x95DreRm8{;66a!b7h?Pk@@+Egml(zod@46M<@tMzzA^ zt%g6cX{bZhMmve!+n@T^MaKp;{=C)R!r4peh%n5<;i<4yKb0m)XEeB$p+D6V(G6(d znzf!q-v?9wUL>l}I~w+Dim0P@Gc=tHccZSmu1)LGxIf29@T) z6GE^4CvNxZe+pyT0ab)!#C;(lsg)6N22F(6qs)LshU1%tpWtd8Bk;eA<79(l(P7|8 z!T(OtSq({!FN>uir#y7um7>u_YeFKjXVu;ArM{wZ`t1#&QKJbz<@QdTA+Ozisr|Vg zESEJ|*R_cuc}@EV=#SJpMtoR*rw0b82v1$7vJ0hW>UW{s0}d>R@Y1>K3d;r^xKP^N zEu!p1y$~L2=37RuO=c@?Cx1p_|==ze1J;ws?ml!uW_$wZ*U18ZxCaP z-bdn6{O_bo3SV97wOZ9J+vvIabg4&po0X1N96bD1`G*{D8hB8Zs*cev^;zXwv?_bm zgro+wYSn1Jl?ipKNXIK`l|!ROoniD{?PdsUcNS(=sSw_4+N^F{Khun@oJ+b;J>4d5m0n%A|0O4!wK zv`*FSt2crU2;o6)Sq&Q3tOjRS?*ma!Zut_^JIn(psNmiekjc+O|9*SjUN=q%4r_QKcw*0Y)0Vs&ihj7%Ntxv*~@8-F0i zmz`PfioN&3zM(9%I5Uy`xUjE|wIAW-%Lb0{(y?tTI$(A7L|+I!ux3hNhYrScXTc1C z*{{bAVm(VTecMnBcD?dnB&kY=jku-DJ=(EuD?EHfhz11O!O*UpR@EW0KbreBT>CA> zLmt3a(+~-9ct};?cM__R>h+o}Z7B zpEifSPy*i-9`Y~b{t#}xh5XnfB0iL#my$n``*p%t34Xk6>@Li7sj?dfh~SntD1naq zI||Q83HTn}SLj5RICzFqd>3Jt>^E@uNZ}w05u*dT4&&Z#+!`Aoga+>KE?k$v$8vuU z!GSH^6$|D3y^}py^)cBJpc?yBUl@1DX6-sebx@Ql)AC!{|KK-nE9Q<#5R_jreJp-v z8Oo>4nwej03W|$0{p=H;TQ=>nLdCCKgOu^iNtiTeiW0|nS=r*O;%So~Rl+zxbNp6; zxyg@~7v>aAn^LaafV9M&I|bJ>v9T(n$g;w6!aKyOD4B(iV(TQQ8J=GuCY6^LmKe$u zNbJl^8?(`m8hA-K28jjq(^Lxbj4CXfQ*6oyTeLZa88ZtCD-?XAVY48oJio*sq|Qpp zP8~D4BDX9zCBLjNP6`kaGD-=HH36A|;%x-wV$Ws~3?l+bhJrbuhENf1rF@*y+>F?i z;qoSTbZP#~GT0p`k^QNKBHwHZGb;=^DcR9+xv7PdY4b|uGR&G;R!B6PV>4z>&P|zB zQj$NjAZ6B^nb;FIN1R(W*#LM6S=vkqnViHLS4w{IL&jgDp=pmetuIFybjgNss+mRfELV5uic9kE5E zRqty_tW~r{=d{KnD&5B1K}`kWy$gIPEi5*L(eNYn)E2?$vr3n>iX${FI4<^6bW-mhVTP8ZUFLzHc}!}dG$J$)H>E%iXGxulQrMtUpJ!Qh8VoJmnm0+Z#ssdU$T~mAYgcdW{pyKj0R`qDR5{@A^YwE-W#% z5J+Y~mUOkz--E5CqqPR-$q1{;RkMQU!u(gPaM!xlDma+&=70{GndoSbNyc%iXLJOr z39ydqzun!RH6-G6XAeO$L(il3*d*`gtC z9-a+K(Eu9A!nU~vG5;Al(B}b>h9g=&avJO=J=|BVlC1(&hNgh_5#DOmLWvVm zE0Eya(mrZ7IxEnB#ll>zCl*J1R3tJ&SzWt~AXPZ?X`2gsRR?>hA+MY0!F2wRjmEFf zfOUr~SQgez_JOAU@4V<0PPmqx*wP!ZyJ6>P{h27O>Lt8Af^~+#Cvvr__gK|$C~#8{ z%sCq<)iPL$V%wIC)T(ggL}1#y5n9dnYO)W+4H?z$8m(pn^G3k1FyJ*rRU`}R6$>j? z8VutcXvG?|g)_fQ^3c45Ff5O8V7lT6%=Kssd_ZwM%u!5uf4Eljyc3MWNoW_s&-Tsi z?7}{;2L$RX9(Q1|-)E;IF;AeSAtwLrOA)o&*)O14G%F#tuVnkr-XEa}M7wyFg;hS(Q4PknB_X{cnWrgCl4P0%nT?7ufw=hC zm{_Lzd%s9=8b@t1^zo+f27h_GQm@P0e&a$(71Ue^5l-7Y8+C5#nyl-&WscPW`iQ)w zaCaC4S8qPvAczA@Q;UL}eFBurGazNXwQc1i?4cuuHAqe&gE` zPSAE?sUs)Hq1tharbfLvDZ)Kn^SWA6K)Cn2t=;qvo1yZ&Mzz9m4Q1(xl#0v*4S@d{ zW)+LH>=V2*qjzn;Q8-V{ORE8LLhA^$J`t|z64J!Ij%y^O61u{9l8A*2ol}RPKkY6b zXuQ~dBX3?{QACkY?Y?(%(bl?%$G&#<{X&RPZJ7q)3Z*8#I2j=cd`z7Dli+apk`NbO z>WO4pS*qg!WbS(J423M0B8URF3(q@LCxtsMRc~_Kd~c#?%rNX~qxT(3LP|9ZE(qa{ zueRrBzO%5n+xVu zMra^P^>@+fArFoAhD2mvTw4fIwUsH@jFYHzUDLrh>9sv||lbL8Me@5lBb` z;uGPxMZGyVU0@U`L^eR{y>B?!EOX+bF+va4oBZdD>zX#jC0m4iX}r27h5Ln?E4;}G zk;jccu1S@{evrf7H#)9KM&p!@n8bJMQ6ORTEZw9+T}n~mfilxBI*il6WB-X*nz5Y9~}Yi^4AHuqqs)^}!g7i%_LB?0GhJbP+X6ovK~*&d(oj(p8?l^dlFZ zYt|@CEaHPxQn>SG7t@eDIn=rPe@>0P?Cj`dbVl}0@=#J=pTglBmMKDbA@au)r|XFT zpP|Z3LK$net1!X2=pCO|OB#DsYs|w#^nS~6?kBL*JnQ|)ku~h1!IuW3qz08rvqQs& zBi9HW+5lB24YRIV%$|HKHDgu=9{+SrAkW@??h>hmreP_@rnf> zt@69ntfId^@eL@51fLDNLPUKaZ)oyb;&qy|{mdEik}EtZz>IrwjlVpYb(b@100B}R z2sM}F0q%Pc5X+Y|RJil?BwM6r9is1!+%A+jo7QQf&P7_NwbeUTTP@W1h#@V#`kbQy zUcFf(x2o%C+9@W#lU|6tVx;9f?4wJrOBVElQneQR=fz!*~pFBfYO6)+C$Q@hXyK^GKMRGKH=|=r~i7 z(Lj}Iid%xXyuS6@oK`z;R@LZm5HkVsX%SL?5wFkRaki-lX`NQ<^ps%%V)drjSv#nmHuRp;4!S`hUIuYzoH8Go*`mG(NQd3Icd~jYtWr??7 zsu1}R1~;iCy=Su}ncLAMUJz+uciJXmt0MOR9G%bCM9Y?S z8ZZe~Ez4*;D>fxsG_8TWX=%WP!^Zlp)SaSfQ?g9W`!($Y@_;rST&UmVyqvg@YQ=@k zh@}=(zlq|8Aos2z>wZJ~Y>wJ*7iR3mtT988JEAyKLvxd3qm7IArqGdHesG_GQc z*doN58&@G3m(sR!chqm8)^)O3>k7ehNx&2!3yh_u^q;r)9Cd|0j)lyBA zO9NBXIog3J0~58LpLpvT3eF{34MYJbiqd*8;guVGZC)Q z=e<+ERU!~oD_YcTuu)({msGn1yl1blf@+XL$X~HnY2|LlW-OJ7rJZsU9nPi%=sOIR zI7*W^-;=wlpU0lO6jNDscpf&v;hIe%(M_nG^y~SSyd~?}n#iJUIl-DY(*k@NwBJ0>JzA2-X{{8^@#}Bk+SBS5P25$O%spQ6KL8o_k@3# zD*UKXY{o`OmVk*TQLgjWvGEUcQRH%syRk79g#0gi==8g$7nAO}38#a*hFu~00Mw#M z=&_^iJyu56Tf%D=t0ZONa*R z!T(DgPv8WTjHRtUMBip8$lIaTJ8W`bASJ>b`w$f$e3X^sWaLT}q}nW+g*R8;NU;#+ zT!t{GzeyB3+GDS|HzdBq?cB`_6DG~da>E$Vle>qYq5Hv zwW74{6>6kbOjFLqKeS*uE)7B=7GFoKryY3+DgyNwY!65!h_y3>-fh{Q)`|jP{=3Ad zMrjd7>)UwK`u5CSN|uPhmF5FlGYrJ=s!XUttSyQB|S(E_SM_#X^SKnkY}Ez0L_M zny+Q9-G%-3H&tJn$USM3T!U4w5G^-@tzrM4+$+Rp>v*|aw6a&&@7JyE)@c9NQSX0x zzqVU|ax3;<5H0rN{~y@jBwBBy?#2EJP)}29yGn~BI%b~DmWpfwYXG9)*fXGAVY`D-Q`I?kfQEEKO)jm?@P3a}mbD?M?r zrK(wiE1~XstbgeM3ujvvZL}3fTO_;F`(mUoP>un)=*~h`XoZnPcQm}4kA$vCB03Sr zj+FHe^$SgP(!{hipBg# z0v2Wdqgg${YF0mHnpQrtIjsl>7MTk0JBDS^RDwTwVrk{PBFd-7Rf|p3|5ZyZr3Y9o zN~ru)D}PN7s5TXiETmVi+)KeK9lSbI_VNv=hW z&z{Ish}>gpd~e!me9PpL2J44gl++=rTCc8g+3Hx0i}(&2eg#0Y3BBQdry7p~y&`%< zK>j;yDvfQ{Bii6|DHehy>P|wBejqVX7FN=dQWDk)k>8`7=@#Xrk_$bePw4kjktDe> zbv_}|Xmr|MzfHZyWeb;+FUJ!OrTosuZbhN*ICMK`jHt+~NWAQ*Tx+OuhNRDA!$3-to-Q0Vl|ATqlzc7T(UWP#pN@Ua`;aV_S2{C0vU-Jv*w z{hh+XP<^xo3#D1XjwsGz07^0qK+18=PvDEPu9C`s86ol3;$AWGT=OPj(IV^*M<1A4 z#6g=aVkO!`YlIe1zHVn_A}>sovm|>9leKcgyVsm=aRtVLYrVw(vvvP^n}mw3t>3?B zgCe%P$WygZq7*XWFgr5g7BitN!rWs=glTzpU@868)``m1qPvOUHi4l3^?uDZ;IJV* z5&sII5|^IT%Jm(hkGIpEY3LX2o%yA=82c^H{A{0itV8d%9`C=pSLYUG5rXw%<6Tql z-fOdW3kP+ai&%MH+DK&7E&nZUbLvU-tNCo z=ikyKYkB0n$FvxuBy@UhK62iIII9zEoCqrC`D+nJM~qO(z?U9$9;n1Ui!Lpl2R?0i zbS0WEa8?~bqp>dqPrm0t#WCLEL-l@OzWJb{4ca<3UUsf9&Z} zmak%EbV6>;_nPA^_Vt!?JfGt22p~io&F_!P_C9YVq2|SiXt{~}i{^M6Q~W7jRX9r! z|N0{qJ{z9l8RBve@^iL0(h=!Q$7xGMp5taA!g?eKz=@8qLbEx%NK+H3mzL1V$*0}( z9G=-ZsTx{y1S{eU_75K(TAgIsI>`FBM92{P_p@>S@n>Gpwz-Ou4m6&+2x3~yl47%I z@~X@_TWddQ|K?b&mZcyXE(OtAto<}=S{`59U;EM0Po!(*HmR1+0vkY3rCJEW*8yKB zzF>S&_y*w{g>P`B%1NkHx!@B5D{*tb5;ycK!@1iIzn$@Q0$dk-k(DZUHNM132lqbs zL`1kpRyt_mY9lKhJzVj*RXVD?D;*vB;!CJ>^zy*xS?TBr*OS~deELd9p$ER6__X+P z@Qudji_Z_AKfX5j+TshSbo9=^H?%TBh=$)CA8-l4)n4!dRXTk4;S0x?fv+1PqgkD^ z?>p?kM8A zRDNbNpI3cggXQ5YHM>3_A()-Z&(NxTnDMpy=tW4Dzv>vv|I)WRTYq}Agf*HSA}cK? z4r&SReB06vD-LO;sI_c%C_TVY{2SQ@@>k#N#!>1#@!|z>NY*$xtOKi6;L=&$Ycgre z*!kCdGC7sSY~+-_$oSW8YE=;O!a@5wpsWIiiAg4lY+U%_UJg+VO)H&|_In8f6TEJ^uU%w{V;2ePHg&pc*S zeipOFkw7!hc^G9;wS8a*HW$Bn7JFEg^RRyGw6jd=3D)R5tUHUo4YnL(J}$!~Zf#^q zIY6=4#guHR3&4)K4AZf51iObFB7k656F`_N@E(ozmRPWn`P>W)Vz*+wrF`Lc3k_mX zaZv16{S2(kMBd4XSE0T93aFxmG6VLpr3AH7@$X?vDgKD!Kf#QMUw&$&g!JFc=Ql)0 zszz#^h_|qN6FMcN{qhQ!7J}*}#4X<>x3dD4bR;H-Z2~Cg!$zjMg`}s<{xI^pILPsf znXy+dRGYh8zC>2#E>}e{+o1eB#f-|&MXXWz2|ZXICfFF|X9XMSF)WkQnV@2~^TxMl z`#faq1KA-3Y&1Ks`~;1jGMRDKPc7W?>?$ru@tWMoCpj{&O!UPUL30m^|3lA`3 zTHgRyT5|c~N%}&z;n6HVRz$DC8z$qGm#$B`+LcuI`@+QL7i?+S{TM|wJ@K|G6=cy) z%vT7)Yq8mVJNWe=#3W7dg$jTq`PtMa?(ZPnFZ&mAf0!_fscNGGTI)M6rsNfI8BVI+Tw@SN-~ z;_+$1W-A;+goCnQ;z5RR+A4jfa833X@btr>tVg0jg3l6q!jC`ZJU7deECdLN_c=qLNjIl`&J2-z=XFij}5^3M<+m;L8Be2Gva`z8Gl zvxHZia4(WFlse69VXq8ukS8b;j>&$BpgFm}%wzo3KpwS91hU2)ku}D)&DnoR$4j-99bcl>KLT z{4)Y+JEQ_G=Kdu@FWKLb`=1lU5psZpV5u-&_Rr-2HA1!QzsCK`g-x=b%mereO!!## zC-V4J!Z)&i9QUsgZpi*k+`mq6ca;c|{4a_^gd89dut7+W{Zfy9S;&(8i#UQ;gsHM$ zD$#4gzr0kGSeTXgLB#Wg42khF$t*X+%68gh zy%%QEtl2B;#o+n^B>F|DQc)B&n6W{XhN42l9LO`yP8pSZ|FrTVu70FtoJDpSC5Bn0 zx%cNn3j>-C*gz^1 z%qkG9p;3>5g@rakfFM(9GjLjk&7x2OOEoMlG(5=pL$QV#7bVJ(wa|b#F?S3UKUhb% zP}|90fJ%HwtAIvNlR_9-8H72xNrR_JPmBd_sf}1SYLS{0I+h&T-25LXlw&dqEHF_a z&g0un~ zVJWF%QVT#zERAo?leY{_NlhP8II|GiSE2VOzqGIbZJ-pYeatn27S)UrgqRVDvUxxR z$_i<$)56)#!nBY!T92+&Pr*~+q$5n)y7`cx>nEiJ>; zV;<6}!c+B0bIOYfXO>T!3`|sF0)I(M6KV+Rr(j=HQn7?F!y;kow5gb@ zn>8LOutockg5@S;wh$@>%gx9FHHIK`7rr_&mlc6Ds+V!)RaU|J(!#>wg(b7B=1hRM zV2Lz>h|r&Gkr^*&4jQ7QcEjzKtX=89f-n*5KeyY0KaYN9f?XX<8=W;jqk{K=E)1o)GekfRMJP z6domq6G4;_4|i)Bo=9-888v}i+W!>O4{TZIl6wofL&)_~2``Zgg5Hwd56MNw$KX;4 z29Y0##*qs=MdTuV1-Z~PvzS~Tm9SoRcgpS&**ybSB!C7AKt^QPiu{4HOBT5(!)Uk; z;gInVT=NV;IL{CnFQRxqm1G@gMlSGjP6E#h0KTXKpRj3 zEFu>a&y`(XhsaPI5)zXZjJL zlFY*)f*KnEjF8<5YJ4b(Jpy@#$Y?&{K?W~Kh=s#&@0||)pHqsG|D6&7(M#ll;#MSj59y*X{#cdJs*wR9=L|~1SqZ|PC&VC3VI{mmXg`dQ z6s}ZJ^K?kh+ZNJqk<*`m%d3v}|5ha2NC{Cz$K-@?giy#}l#KNhudp0-KcD;{l+y8x z$ZsPbk(Ue!Y?jO-gH%G$yks`gDFn3=UgY{ziL#-T0qSHTxhTm@a#4pIA;PUn2v*uG zp#q1Ij^nYxiA2JS{P+OpjQ&4e&TxV3t|k`=-zFC<b?pwT;GiS61Jx(NV^7K4ObHMZ$#y0E*X= zi;Rgt;>5q+F|2?^g2MV69y*yH)dBH*_5Go~6 z>X`RmAmUX6mm>zEmk0r{&?G|X!exZK3Xq|_fu}kCiIfib=JWm!gd1gq_5r1gt>921 zPB0KnB80%RSjM9xKjQg_hc=NYhqoAzsQ;TdfTdF^CA47e6!N1jRLE{MxyZ1VTx56( zt|`3*K@%t*BkLkLp067~h)(t^gow!m2t>+I+nM|zV4&=Bmcq|Vhz$660YpR)Wt=F( zDQ%&7Z{n>SRk)4d(5sG-i~KmJHL#Gblz1#fprpLtBcmtDkCMJBC)h_W)(KQ%LU3Jn zu}0zk1bNyGrEp{zMJ@=Xf|%M0!g;~aEr;=V^naq<#6ke*DFOf!$>og%E;6*Ldk}gr zIEBSFIowxXl8Go$kxT$@EI`aTf{e!#0XF7&o-tU-2?SyG>X@?_1ySI66#{;-oS)FM z>`}JjWZSN+WT1z8U&R!RwM4w7<-TU(ZuXCx0c{7E_khi!xiq{b5(^PHJG66D8!I`W zNjgp&Y_qOWa~@Vwaa#bAfX7-sZVS#N6we^RjU5OZLUB8gBpzo=Mb9?TW?C&|;4Rs} zBO!arWL1w2^0#1uDFT9STbc2A5@3@c#x8&?ytW%Ji?Nk>QL*-8Au*IC+6ssz1ej+f z(6$9*A<4EC&5L1@X^W&&`)*)1BdrA8wo*3}c}o&+TYw_TL1lTjt$1^^Nl0xE40URg zSVDm~+vycyq?NqeUJhLHZ7-5bxa~#C^6i$ylo+} zmVApPHqlrK!EIq7rdo=_ZNW$+D}r%b5GfGGVHB{GgWDvBaTlNfE@`LN1Bfx%AV1v@8d;51^kWlAPW?fFc{U1p!gJ-TV=Em&_3>$zpq= z{k7nXg$RF$P0}m?#@Ynn(tcYcTZ{b(LX=dLo2y?w0kD-i)%q;JHi(6+-11bw9{AffS~|bt$zSvah9QgSgwBnA)jj4ij_uxI^M7qYd+|Z7llI4$+OtLRKG#Y zQ02OqElTt2=vtgD@C{onI~4D3wxN6w>vw0#wrS!AqoMLVu`90p{;Myv>A$AcdM;K{ zaWELQ^K*^GPx=dH8+yk0v4+{MYUa_to0cWI&sMX4e-6FviRJyYuG^HPEProK2bTTh zcxa!W`;Z5l5aJ%_c?_{yV5!CD!Ky;sgI2r*h5FZD^6+Qe%Jdlk1j+zjtWJ-6z6}J? z@zqJti+>?Z>vvAMFk`@1wsM;J?BF zC5y5E@MmYAgbsYeKcVhjyS)Hqe<4TPBNY(oGJe|fs`0tt`v{vu{NutVIKq0|<_ncr zxX=mLV$VH=l5QN*)}K}Oa|a87#sDxXX**W8C?JR>PK$!=fZ;IhdvN0vt>-O3B+3v$ z?Ci!VL7Hv2-L{d{ZE^Ku+E)NFaFm&r5LS259oPOgjdjsvI|;%jR(HEgM-M)A2K%<@jmrvfb3o+v=21a2ytc)6p7WRMuPZn%Gt#>0cGlN;CF*8*QTfR)0>v8o0T~b# zaa2GUSu}CUT>%Bd6vd^o-f9Nhe9H>8yed|pR)VQen&OgL*4rLa)@z!jE#e+yRFszg z&$-VtFra<^?~fYKbM8Io+;h*}_uZ3`Khl&I!@3;Sg@yes~g=&=5XZWUD(2@8d1d(x6TS? zs?YNc-g->^xNMchcKkLaRK38zJ=#+?BNHcs#3%_=zBK zX_Vtq9&jj%B^7;F)+!F5n5_P@B#_l^?&s^hz>P1Dd2h)HRc{4Ju_QWe3nKfdTj*oh z>A}52)tbQe(A%~J8sfLQNg3-F`i?H4F9)Aw$FN#>b+W#jh;c04*bi?~vOt7il5qt%xLKgykST&Z8NohjrX_ z(SyrXDkd|(!=pmgqq_-06HELc7)Ac@C|~bPH4!h}SPrO&|7B=2Z zYA@{z5t@6F7{P}ckutgJ+a%ZJlO6T%6RLh6By#?4bD$i&1`=1y3)m;mjto^l ziqw}wU-n}!L;N=&(IC`%{EFN{|FTQyE5Rp=PD>eQi2u<|^c*+7)-HURcsgF@Gabw{ z#0O64P^rX?FF@Xs3wG(Rhky;}{H2q9&*OdjOz;`uLweqYpQ}!E?G<+MEd!rqrD6Rc z(mlC~A;M*_d2S*mbP2j=s7plH*e)Vgxrvz1y#K`W_QybdMp88G&v1kHZnp@Qu?>SJ zqonl2G^IrH@u11D9Y{jtxGZv0q@jx<^i<$PDeLX%qR0)1Fv=npvx?){q3VgCJ|g9h z{AN7Xz3+Io-n-}24s$PMf9$xkr>a+bf~=f7)!;qajp815=;eN)>L!p#S$-HjyyI@e z2SJ@8hkKu!>it3Io>{ks3&MF`4tjQxup1K6WC`~(?^h7sDkBy5ic|dqyArp8IA13I z7n?W99IE~}LJ&S?6^(cn>4iyVlrT&HyEJ-;O`V?=s$L(7Edr7yR?W{s2?L2M;b|$s zm3Ln4qBIU#xbn`HE?RGO6H(zN;&>Mk+d4!vbrJEgn}|o;M5th2chluZ3qmE=ei)hF z-TJK%VFW7`g2&uMBz6&T1|l*g156n{4t++{E3ORp1Y3MMG!QL4|BLQTHFV9PQGq?X zgcaw;^KaG=)i1!?RmPqJ(>Id%AEWvif-*sx263d;Q}}WFvc+dndzSa1^EaR)(DV-SN{~Ou8Z^@bE$A1y+xTPfnB^eW0=hCwKIq(&NpBK_Ys_)A zFp$mD75c{C0G}%#KJUi2qzj)AgJmO}V~Y%Ad+cex@yRm;zBh@Y#N7B^=)z~|=V}vs zZ-AG(%Bvv4mAo5VBA8f#p3#Hgnj+aTt|ARBFi4Fcq0p*aq=2WpgmxT!QZ*X(b(heN zK?LH?MZCZk??aUmOTgPbcfJF?S8EEN39Op*7#Vx#oF5wC2Ot0j|7&g6&h)jqu%8`26O+-Z(5i21= z&d0{eEcwwwQXxGRwolB*yLGPB`*eEMih zL0E|XOap5eF)m#FzEu#mFu#j|QR>|YuZ=~#6CKdK1TSwcU0P5wXHM4_yUvae4-g0K zt$8!HSk$(YvGj3?OZM9L#iofa-laORaAP%ij^#}cfSA|?y)#bKg}MMneMcpo4yp;n!{sTrkORk_Za2UV%Q@% zEh^FV))gL1Ry&N=e@7fTZ%89v!y)BL10M5=Y9I;Hr3}a0HYMgYgp{Tqu?x7_ppv_wJ#QM+MlTD z?Pi0cIyuHoHH{FlUX0D!?t;Fl;6cOpX^k=?VMeNM)g?LnMzn59`XJ@m$ za1eRFS3YY>9*mdzULDqx)ra@Q+jLiwR9H_&ea9loQi9nx*Mc=#s{8ygCYZ>?F?#86 zU{CI(5uReJ$ERSD4Xni*)W`WHYew6v}mc|rWbCqbib@{_S*Y?26klf z0K+vM&w~xC@_KG-nw$=oa7*Qs-U7d|3xmRs}iOo?NsHo4s9p z^Goh8SPG_+0&HzASj5-R3g*!!cq$_uzH=5Wq~|PUFIy+Sq6G^U(f)9k%%wR0gcaU` zIdsN}%W=6Bb49q*vU?UTELl+Cl8dEbiL`8XN%67;w+q^h#3s?W#C8O9tHPYi-ALTB zrHhs>gXyKiVH8uBD4q~JL3^Pdp}$^erzltHdf-P8`RPu|Q@z5Zafl8bM<4PqN)gqPl*wstUARY6N?gX7P z!!0x&mg=1FS?=@5vOJe@BsE5G-OR^a8&7vuYNV|Ei> z{y;4l%INNdX!bxCReR9$AXnI%9Nzik*4HSI?^FdudqtWq-V4?g1;aqBW5L ztbXe_ycoLMSF`RT%pM-U3zJlZyTKNh&`;0yt%=k#{Sj<&eSnGoHRG(cG0&hjfjfnX zYr%cldk`MXEKkAY=tuqNMuxr4mEfIPyPuY?g){{MBq^%Rd9<T z{o%&|)HLz&r6mi>g{&zB6DCY3$QV0zBLB!AJAR@dno@B2s^Rqg4T962CZ>#QGp3Dh zh_LFisbQer#vz3_4wz1+P>tnzqwvot%^q`u zXjO8C`akV0Xy^RV@l+uWaB1HL`yoOJ7+&G~hPz zXJhvc3+YtPbdI&OTIkMrOKfjT(mBqzuO{X#<+1O-WYi*@sVeG^NOy^!Ycow}1Hlw- z9&UDGXAZ<=vteiMe3sq#W|W@gPeGMZ`1f!W^98-|cI`+0n7Q2?Xu$0%4_(#;Gy6w) z^S6Ah0ShI&;_$3(*(lt{qDSK%z1DzLg6=bscL$<+sSL$1$&TlPnYqwq+7d?eba#cVG( zei}>9iU?kJ)YqV;nNmuROjfhi7f(W$>G38Ya6c+GF7xon^Uj-l8Mw8hCb^U^DJjPZ zMc(#x>g?Ror|XbF4Y#ZBmO-5l>I1q9qMp}Mf!xis)(#9xQm0ktEsfcA=y9O`fFm6= zHg^V$A2#kEl)Zg9yhRsR>2eE`9WB?6WD6^_&oHC!;Api8InTfvvH}8F+TOW=Eb}fb z5Vk+`txn(X#>B|94&63mYLiZ{Kp@v8P+!PE#3ynQ1~uP^ibIw%ql%+$Ji)8 zxV6E(Fj+}sm!S61iq?@FrHG{Q3NATK!lu+nYHewJ5`Up(?CSbJYfherRaNJ0RXPp& zwYUyaGhjlSs%NluPL}dNsn*{d8F{#y7=CMR<7czv>AB~vYzbDcD7AB+W?*4*ZiMx{ zHkIA8O*J&7U9pJ{q0iVByVejj%{qkCYZEFzxggGU4YM*GYG;~fAMkeYq&f^y+5bOyqm)xlxgkC_&9ultDUWUOh}_VwL?!XzpgJQh5RtKYk8JT zjl3xs@q1hpeqN0&!9Q=p$E*0ghF=4I<~@(q2U%5k6Vw$G~1W$xSQ&bEO zSdBy&yvN(>2Wl6s1}ckg$wltcU^4!~%~7IrpH_6LbYh{m^+=nlGT&xR%n7uHx3f={ zjH)q2rCP^HMzy;ebrcy@7io>o$#3Twh9GZGZ6=$7x`!KepH9>^cj4U~kyb-acDrCd z;NCgzM%BPYmqSKXkwHfxc8B@b6Fn8e&wcSr!fzOU8TgID51Dl2*cL(aY<;k`XQbMy zw|ZYv2e zDq4{zm_iQsw9<1(G~_3Z^(cU%v&G}F`fw|04;Akh3sq4uxiMC2p)_CdB#cgK%K4rL z9GSO1V^|ZWBRo}6M$k$*f21`R!F5C^&Y_6v0biAKxvf3FMmoB2r`_!?-5mjNksg+% z*!npPMDgo7o}k_T67KW6D-mk1o!MhCxvzqQNxA7U7%Y1xL zQh2_Z(naOea2q(ApNtI1Q6iO4gtoi;{MhW1>+RI*6;6X@4j$6gB#lRncg~uTwe!4E zXtn;z)7K^ElV)YM^a?Q5@ECmI&tl;gP}_uyvsKw%zjpua?Y*}BPsL9*(`B!?rTT+< zJh+V4Y$>ii@HSlq-r-EE=*U7L4$6=nxWVyRggdTrEG<>Vs$e%|i>i-iRJ@Qf+Gx$; znR0O6UTz6R<CJ5w-7e!jNAK^k@-$LP~8? zV=>#hG)wvRb7(ArVc6%$uv&M+=C&KwkXxChZ89WPX03O)i{8maOC^X~82{ij@Iz$s z{rD;IO{S;8p90_8KjHt`B=CtK$__4E(FIqUE1tjs3v+;nXTQg@KOLqJJv977DSE2P z%<~nZs4|u%j7)ekA?xy&D;|CL$Rh_Xy*(nVwdHibMf-Y0H^2GiXj@IDGDA>VUL19$ zW!#o2FWqI1w?$5Ruzzsmiz^=)@XR}VzwGLd-XnaJr_*}fcXRu;J@=n_vQ_)9sdt>O-q-Wewh8Or3s^TPU{>ipjTi2ZF|B&2 z=GyXq&3*ji7w7+`eEaXIq1$uQqRW4LN}8X1Y22(L)>NFLVVR5Ky0I4{1N~Xti&~BM zM08Xz&%uv_nc2AAak$*@(s+Zm0I2{kp+7r%qNuO-AsIEXaVG`^uZs#a1l7n+t$+%Q zX=eapv1;bb*r1POuX^s~!@XW(eo>QRgD%TnKXNYv_d15DkLXyIA28DpL{c!bB>x3) z{}ZfcQ(P>w|E)9lkw5kq$$#C18SJko;=>1$bA-!P2oSKBfOkA4CrQlYcK>eNe+u)f z)^=wf>izv`HYGVfoRz*z^EotWTAz`I3ETT|dnGQR!<0|5zn&TAMrpL?A;ljde9y`T zVj5taXHab(?T6vZoGJ=sJRl@)2L)$7KA3?0-$hQDbuY zKpFOtp&3wN5`<(K^7CxK`CKvr zjkvuZ)@Ir#`~H!FY7}<1seeGP|C3}XtIrI`l~y7QtK*|t%k?BZb}9ND#x7*T+;TPh z^^O79yEp-Bd}%kZpje1J63S{SCWMRiY~1;NAuOz4wl6DOinT}M<1v9u|IwWW@mtnV zqYq~Jy$2iCErU-v`E0{%p<07!k5*~>LKATBdS7X3HWYI8>}(zOHlG>et713W3iK?^ z?2ToP>@f)Yp1~^7jQfVM67gV-HzpxpE)QY(E9PJg!vF~^!V^B0w{;qC6lMNbiP^tk zX|Hqjz1S_iUhS(Fx3P#s?_hRNjmEUe+(#u&VTu1X2lyRCPR9T38>O)<|JuM{*7V<4 z6)PT9Vi1d&`0ThqmNPoU*ZX~hxE#c!b2nUfo7=HCuSdDgWMYmkfIW9_yg|%o&i%O9 z_8`7l$dbf3^%2bD^kj}YL%8~&UJ&LmM^aw23e`|DTf9??)%Q8Yr3FO`mK7B72}ZXW zMw+qVYv2Q!^Ke|Ot=OMOvwh7Z5PbzPMQ@sgj=s?1>DN6nHaW#IE-Pouoq}IOY+h)o zSD~(v7CMeZ1r+|-?AOqjy9xbTo6bc23OriIFE?S3x%4tzjIzrQa5=K{2e^dEE+?lq zrCrlToop6j&NX$<`yTL8Q%GJjNP=aO55OcW{Qy4iGzH`x2K=DOKkr?@Pn!Jl$o+#R zA?m$mZ3EsAE)@DTfd0(VhGx;o><1?Fx3%mM`hHNa!q_he1C1Mz+HD%VEkffQsJBGT zJa;LpJn-VUFgvyI`$ZXzcWg|=U|U$zkB^0N>RS#?z_>?j5{+%mYfHB{O$xD};_IZL zir8OI2$AYq<8qQEn65gcQR3M}0`u6esneA5v6Ky?+OrM~9=bYxK^;}qLzfw2_29uf znvK-%Qr+U#sW9UHDkBywuzFmKN<%tNX|xv2TToKmzkh#$^GN=j)xD9v9hvRk5>8iK z+SQi=?$pU}Bj68&z&^`&{5t5NK&ud`-KDl_*7#V34MI)*Rd@*w#dHL(&X}H-ypPc}=M)Rp0OYiS%pAkzb^p z8X3?cD$Y6v)p}IX4F?%%BukSX@kf!MPvuHFs;@O0XgU3sX-K1uU zspLZbVpGQGtIbsEGBC^^>ld<3SZj;oCgph%B;Vq>h(UEBwO|x5ximmi1w&W4e7|#C zT%?Zj+UAGJr?hK|3EEPZkJuESJ+rwlIK5=UQgAWZ6Pk6~@2%_0oM5cxyS0yTK>{WTVT-Q46_C^gNnAQT$_bOt1)_v zrfP<(*6E7%%pQzkRg-<9ijBV8fYtTWI9+t+PK$xfsKEkP3*AayJ$Rnp_YS$0*obhj zi-slaNeaRNoc>tpI-3p&*K=_y>0PXyond-CE1zW1Xq(X9(ZcL`R`D|~?a#*mPK;yD zEmOl;^~Z}1>oR*ASkEO^1FJ62LkpUP;5Us-gRBe)G){&NM?6jN{d1s!-S8@g=9~Qu zEbtwWlrMsB%L8K(k&+w@%P$+CVb!lh08I%;1NvPbh|+`O$dmyFKRsGQ*B_cMA(mBa zijg(|krn;17F@s*ml=cQrDm+7xHmegg;D{?T(l%0Dv>OiH{R-|X_FfrD=E@ek5wPc9#r zcw6NWr}?)Nh4|dwec&K>cQ$UarH7i280j-4reKla8a0-c&nsx(zH>|M&eAK?A?%LD z!~NK{$(Ek zmKx9)x_K6tvg(7D5F7RdAU{yr%Q=R!2CR5ncUbZE?gIzi)*Z=rTX$px+1=I=FwX|J zkk2l^osij-{t^Hd3&Jk`>jO_^%(wjrzW!c3(Xi?KyzOR-T+x(OL&|9$)v=*xag5W~MF zg4n!uoFImOCkSHG);9!=@-Q<(z7{DGrvk_w!$X>JQ$*t#LV~^JJNx=#V2#1Lpu=!+ zHo+e905?XEt}DbS_&IWql`m+6|7gOoE%#A^{iS`$H1vO)aI-W3rh&Hys$+6blHn{F zK1nbMO$tGb+-)z)A9VyF;A5HKB0;oeDpb-mat|Rm2m%R0F)Klg(DMPwLK6w5VBAX( zn`dSagvAO8Vt`#t5SA+?h=KJ2g1s28bg9v zIAll=6As4+A|~(4@M9Tj1jIa>&3bxqTK9jf^V#ChEJ5tU=@x^U?^a=Fr=xmO=&+&b z@^niKtDj*B^6irG*w|KG(5Qo8B37 z2AbO-VI`c(NXou794902CY77Q%tX-_3$8jp=gp0$mskR#y(ytHDvMV?G zdU~gTi7Z0A-fY}Q7!lXMGF&5OFtHm(lZH>?4B|nyc&Jxj?PWDmLxl#FtrmU4)vM3} zTEiN8`$ehKz#Sp)Mj1Tt|93Zv0ft*zRB$f_6m##V5#e5JM!8R9`5uF@4`og{IY}F| zA*y2^3XKxAd~;p$pp+Dr{@Qp`-?32JZDD^AW~h|ds{GD;Ay$7_VH7bW46&AvV#X&d zR+QDeh18|nE66 zntp4ZztCu1Kgt77F*_Zqfl=U5ofNQEO%$b#uC303>HAatuwp5>3#MyL9%p3S#zlSK zt^~JzM3JUx9Orx7hxln0ME-5U=D&Z>Y`v>l}&a+DHDr@C| z#P;vP14^vmOADbYs|h}?@3uz$V9Ag6lw;9$Ut@>o%Er4f{&bP%yZIO!MR}!7B?m7B zi?@+6`lL+}PuJ7hoNda8550P;au7Q?%oyWHE*b>ko=8QePlTs(_VuTb&Nr5JN zS0xK7JnCGlmJ-cdkO9?f-24>qn-Joz>rN;l;iO0o1ZcOp+v-IKaF6vm@Vn#BfM3Fi zKcRwhNr#dTW9e94g(rRPb9mJDvufJoxX9tbP1vKNv-=#`JrwF-alf5@G9G!9Onx_Q z321lELogj!rbF9_%i`E>vr3HKJUfhQkJ0i29kI(k&=Iqc1Maa>LOp3RLuIXRRMvVp zv0tBCba|r|Scr^i&UnzSRUTuGaxoqG<&@SoO-pA}?t3Z@aQr*~@G1$=rg z6{eKf&z;Lf2JML9@lNsm#L+o-z3Y(jg~W?OeNtm{8gxQLKG%f;`fw*N7H*|tdnb`w zvGj|18D5kq;Wo+XD3y=r9pkO;IsWNRypMy|r8x20S|8qJ>&Wdle_OS)BW72dJHCl{ zYtvoLU5&VU=S)z!();Ce9X2|APLN9kMe4hq9h{C%KHu8hyqe%8nNl)&hv?7XGo{@| zm!alVtAvwk6hQapj=-;+6Z=tR08+-0sezuQo z(Q8&%E3BI9>Nd?KK`E@wwxZ-~DKiOGdF-PnE#Wq$wf=z0sq*rKhw9Q}s_AX2*jlGv z%(jLk5uws*Mje~YB`dAMff-pO;*w(xdE?cF1WDNa3iL;v$%K$Rzs2 z4slz^O`mAh^J7ZHwUJYK)VWht-a_?+qoLGYwyo8+i|~e0NQ&Vmrfhr9F0m5M-XUDP zSS7@dXq~@H95%IC%u`@55i_o`tYj0PwN$fJt1P`(pGr%v_ED)Wa8|PWD=j&=eB+%; z%fO!Pu5PE8G;{>&FgghO)s}*RqZG~%?YeqT^boSGLPR&~dTzC}#*UiJXzfNd#uF#n zust4aTTTVbUt{TKqq;$CFRE!R<12=A!gDKftzxapjUpWs?)Z=ju{Oi4;!0~VcadSL zP}ORjdWB?sDh_Eay(B3%UK5f-H;75z3gISX)8{3o)L>{m3Hr1k!NwK7PUFN zd8`k@UFYV$RCYfEwY=Tj@4{QmWXHGQu5xp?O?SA*c%nnsDJ@6Cw!K>^P#ecBd$JNvW>f zyfb6;I@G6<(a1%yt8*qB(faF7DFc^-PRfo%cV(xlcD!3IqE_@ov*d4XOhQB8>NI}R zEUElQbLV_FqBUX{7Dgf@>yyl3yS&?zIH8k|WtX?D-K#&mq`X5+Lw9xLi+K1*RwJJ& zyA16-xx7P74MF@B#ZzC`Ypxnn)##nR&{mn~?KElB&e5K$t(vQqsV}rWmzZW%@%mF% zErOzg8c#HNG}U7J*wp$%mlaP*-GXeM95^!bOAhwIPS;9{G%Bm%KrTAYuAFtEQMu8( zHcd{t>c(!n=2q2MMeBa+w4U8~GS98b%SvlGipEFq8QUW2=T^PC~(`rT4jF78_e!|)iXik-|R9w&7(cRIC5t4F}+qd?+kcWhpuk72)Ja?hV z(W$BV8jxZgd+`em@k;qG9SL{(!d-m&o+|4Jj;TB;5r67CK4;(W6m>!i3M@AZx&CxI z6_uM57_p=}V%o9l1F5isBwA@LJrL9WopL~j&4^Nu4P5YXeK$4g+B;ZE>v{~G* ztGZ`C*@iigs;aEZUud18R)@%?Hs{c8Q?Fl|moL{lMSbdW`$ZomwkY}tUyq#ry4WI$ z{@2B8<6l=^RA?rodA5lovM&lg!EK_Y;Lm6N9(nPoAKZF|H@hq}qj_#sl9ewm4V}v~ zR%PSdDoQvi&ZlN}B%is_8#^qClGHUcVEgkK$}2+b>A`Z!3vssABRiFRt;&_+w${Bn zT}PoIkCu;ykir}6LuPr%HqytcMuSy}J&PeiI1*TsL(JKYjZVQ=;Rwq=-GC12$w0Exi0igjE%#Kq`rC;!vUxOg}j0_3Q_kdLbec z5=O%H@II&L>+2ZVlXyP=0$o4&@{whPRblQ&%wA?I^fO{LwBhE>wmsA>3%7bT24}Y& z3Rpg%QB3&5p~2X@jgP&h)6KEVvAI6B2Uq5$j0+BhbzV=`2>J)d;+{#^uBsPec&AD* zoph)WO%dmuB^jb3+rfU>VEG{M)&(2fQ*dyjB_%5W<9;k$B~rvhlQ+&up9UuIe3Q~B zY%p3CXxF84(_*%w-hg9tcIb~fC4Hs!aSYPM2n`dfEJ1lvIsc{1b3py2FMNfsC!o&o zpiV)Bi1v4r-L+#L69uQxT&pAG^cGAPP7MxALwS*``~Arwtf|sa$yorc89Y zIQF~VooXD+Mg3>BV3aP+xXC_ zXL}!_v~dW=WxS3OObI8IwNlVM@>IQOyS9W${*R#gby0rSq--z4$C_z0W@r~l`DRGF z%>7WsH6CjLrR)1>vtsl#%EoW7ew!?h+BR6J>i&SL?tVOxP}AIl?Y~ks@TjD|&4foJ zOo8tuD`L3T($Zg!Rf5!K84E7SkFacqC~uV}EZu<;qW0Ke;^rck6i44M?|Ryq)VcsK`-?r%@%&)fk6X==6n&y!sZc zX&50(xlu6nJ9z+=p3rh}g&5&-Yd#&*o()9nN~q_u%aq0hHy>kTgw2}3%_&;@$hwhM z_NF>ibCS6KG^bl#)`+Ps_|yKU**d=6jO!c;=rDAc^%;i`m*>a-4dnj@^M8Brf5Z5{ zM*eRU{zd!Kha>$^KT51*sr;-p+h4k}{=T zxwMw=?SV+nBiFiD1l9$2;{Ou-P|Qa40uS&L2q^UmuJfyP7x1>d2N&Q`;q6@Jl~5Pc z$@dL(GbL(LQUs0t7MdEnkxOW^8*6>)D9)}BpMwfEcZXH>u-d>n$sUqYkAS2D|Cb}G zwojcaEd|q3M@PyErUj0eIzOv4>Lu>tPQEi8ed?lWU5PE2?sO!OTDEKZ?FpUOa=_L> zmf=XK^Q!F-n(F3TeZa3axK3)`MRWo>N`-*4<^4VL@6qSaQ} z=spKlVef%SDiThB=CGYSiA>I!#EO3)lfhtDr=K0jja$Tf9wr4yC7tHb9Se8|eY|23j@#IA() zKoi|2ToyI2$idVruQWuHr`2(I&+uz{tU-v5?(2D7l`kfH@Z|X6bHV&R>|LEL#8iQ54M!a-Xq!?2KwHwJkpEiBbO#RaG=G5p&qgA_B zab4%UJES}B=xD2m%;7+@i^mJwd-&kD5VH8l}I~(5$oYXi2I0Zj1A&`I1#iEUEJoscbuD@?AJF-5;z&7>wHE_rEtO1Tt zCL#_u3*B%z$1yRXUF!(fr-hBfCtH;O?GEA}uqEyY#U({a>5{Z$=4bYe^&r*kBD-qW z^EaTj!Onc zqzz@?B+`;G99dkF?1RgyC-{Ui)6IN?-z9L;pB_I^n2Re`(pzSQhjC+Z5BldWDedqD zTM8mOdp#(iM`w~!!9dB6ze<5Ed@!&ZyR7YH5PRdG_b{xKV@n!q85m_)_ck_6kA7c^ zZD_-Bf6Hj2&gl1s%t*`z{Qkont9ysDGp$g(auPO!KsppT9QYYgf91j*gk#Uqo_;(j5^@%=?n1u}u8P?T`5jL+r_y@jXQA;0|KsYZ_W z73ltAk}r|R2q$G+(kE89B;y{OK3-5z63Bm~Uw7cdZ^F-CNWkH=smk8rVh%fdV|q9% z+}uYMPu|kbxq-sJWpc?pgN2u5TncW8aELV&L`s|OHgUG0*aN@gg{W}9Uf3=`lFGUB zFu}rV%I^%enK?Q_SR{K(c)IYEjAwHHkpkVNOYD*zvxN6#TvBY5a8|}8#d3tdI^lVO z8U`SK+8E(4j1hW~L8Ox@QnpEw36{atUl=Qlmhlu%!pGrK&O_f02p)nu73c(Et?a#= z=ehrM;WQIt0)uT-G5ZTM1s_NybwW5^AoP)ODH)1{R2kpR{pZjY zMQI;|bQ=W_+N-jRp3@9g%c@5Dswj7OY(WHYC$?yh3%|dFz`YU&@~}c zh@`g06@Gc2xjn4X=AvOWg_zXc{p<^MwRA$uBq} z6c~ZiZ6gS}{R9!}hcex_vj0`t|8Ig@U;z{nk`qa=THgK!{tUw5KOR>}aDv$~!4iTX zSRoUvAqWARW&e8F{|G@Sc0z_NGSn#Gj)1xmgq%JEL5GVKxceQl`!s@3V6Kfm5CCm= z(``k-GNf&6guh4-X-eDE$fU2!kandJ{+0|sC5SZsmLM#6ks$bfBM605Np}2Eq(5CTPY%hFgD_mi?~w5+GF~d<4-$kR%H29_6pJSKvYdyI$#~`k6RKn#TY0P1!~Z93s3fK2GBsJLL@2$Q?>qyXMS z#v=*tl#gw~o%8SN!ViDsO`FiGmmDB8?M94%aN@8J!3KG|E8Ka^f%7zm>4(F=*BkPY z+t)kfkRrW6hX90LyJdf*Jw=rA0LkqIs6hBauYEE>jhv|fDF(d&xkAXCMq+$Zt|<|t zG{OO`G8`?#@iLqu!&x#cC0H$;0-?MB>vMb~!snUeHQC{yj5o>n85zGua2;YGO3+LY zit(DPnrbph4jp!n~I!W)qU1YdytH^~IA5d_1V zGX9>7H_14!(cphk#{ZQ4;{@;_FC@t@mEe9klL8hKju&xE$y`?gbYX#9mp}PTl0gogc z{uYAo$>+`idy+rWzK|f~8F~4CS1$K&%L;6lMnk#}@VU2Lv6VoHkB z33&q`#jFQG_(v0jB39Xbk_?LpBEsdo{Nv*RazL8eW%wk)YPsiwB-ke7ZxRF!T?E}{ zXzykBi?aKl1d&PkhJVQQ7l8vB2_gym$k0`P*oKn>7)Hx*8bL6W5=1l0D-u8t5{ww} zDio$hvT~F6A&5?Cs*LlR5Eht5IOKFAh}w)>;#0YlK+bS--wFF?(g$MB8Mn%eh-N9d z*T|Lu)Uk=T$4@tdjXQ%IhxlQy=1=Qa!m;SXmUR&^P`>^L^z<8;31^{c>4ISJcA^j(j17bLX;4V2P zd*!|w1X4i6@Qe)C%aALG7}pUFEj54&TuVtcBtfGL$#R5Kzyvd8NETEW;XnbC2i154 z$pQrJ1exC*@dNcVwcwhtVM9K##Ax^|3ub7T&!?7H_Ti_POzHlq#gAD(wM=9AO?U&R z|7R8t=KR#MgAMv?n4jeKtOIVCA5pWfKeKG3nF}0D!m*qti-tYaWO>G?%Y@CDRl|Eo zoTn#)WV6H4bMF|3B~T>RqR%a%Ea4F5OrH20Le4l4Xv-7?u<($@!{Bzg2b3==X62t* zy6=7IbIbiAd+~FNmK7ei3|I5XAh!9qrI-~yI&Js!$8mLT%dv@g2XL^|sxE*L)XecQ zF4<^#qPI$1#UE^8JJxA^y?er>WL2W^WPbl$9LkJ#oGEUdkqs$r0S4_vcrPak=8W?W z_n;2V3KhF!w{N8P$MBkh8jzU1n21wOEUi~DUE=|a`z zNaj-MxK(}2D1)}AMd}6MRqt-Nsp15@d&=IU!&U1(H|V{ST_lj?$NqXQDOAL(6enRa zvnt1+9Sv{FJJ4~PAzZw{{OmHkHnI*LQZ&)MR?!m(2I{Ybn+^_E%hy}(UQ0;_=>^$lpGVl_YXhejgO z@llW%<;_lNreF`K!d& z`*>PMlm@cJ?_lMlGA>@DR{5ix$PeM1?2o7UKo)A?pkwFPu>lAVl7 zBxpcTBuEZF@oSG24g!w97wxf6U%>3OOwkK)4Z&0xt9X{nmcJ?m~ zP#*`W{O*(KHP~x`8|g?^^xo7^bqK0vxo|!>s0gS3f1RT0W7!Za8`w;5{jG8%$$Mm2lfjn)dJ=sn+hL6fRog*=f=h4tow3Fsq1;F&vta{~_uD`s zg&uYW0iYt`B_BZ8>ZZt47V#mH)euhat&zZWzvSZKKTwo{l7gJhzIMQfZJd5G0uqekYZzwi`6EBl>VZ@?lMLJa2NZ6F6@~`6b{ZF zRthioXvDc`P{dYmN6WGR)Vo=_e?TC6df;T=cne4hA)Vqe2R~OR+vQM_;6{JO2tly( zgS|of;YEreE%{$Hy!8A5q@d%s@ltW41znK^qW)>;k{?^T055m7H$kT7Ev(?!tJyqbnlO;YkHcH(J z!BNcdbZ}tE;K4%%;-IeU?{)`v2c(#>0={0`ceHUd52pQUrv<`%!K)On6qQD0Dhu_c zTQWwL#vK--#puxPBMV2vb!1`OVbLfU150yCjhRnn#2r>zNA?UTG#uJ{;=E)|9HY`NxWDL}!|)tXz56KT5Gyv2hLGC8d?mLX)38EuAEM9ixkA9YuL#AdvnU30PFbDoD7v!;k0MGP%5TowM7~f z*6y^m#OtP^acs-Y0a1l1hgkVVOPsiyy>QVoS@F~g*8dkANqX%vR-X#4SbW&9Yxrlx zB};@jl@(pG%oO{x!$-wX3$mqqi+S@cbCv-gM`tF4HYcy zXGxq7>vP3YDvoE*Ua>rZhmwM?TIPG4v2!73h@tNli#MykYB7s@*x9QH=t(x>XUlX& z!AVwm1u`yEAhUk9_}a>77mir9x%7oUl!h;6M_fF+w6HW_ju0iT)klc~)@LN25Mq=k z6?M{fACuJ|m+njFNtXR2!B=GHkfGl>$$hR2cgPTD_4uYo?40K?7chu|zejd>sabq6 zqb;iN9ri?vC0-0=ds-|@J${so({jyXWOq0%6Fs&|4i+b@Ro#k+G&wE9#rv7>HOuoJ zNs_1enq?3>a}8#@W~Wqm+~al0Ja_y8kCtC7Qxx-0vLlyZ3m`tyKRrlTwiEwAY_v_b zNs(-m*<=$9w@GvtoA|WbBvg*$L>WFV!%t-BEk|{X4A;t0{-U{j&olLq9*I*pIKcOG zo2Sj7#!c_aC?mg$-X}sz0NR6>*7BEqOQ~X8kJ7K_Db{#9Jr!idEv59O*!K0^gef*| zDeX~6E-(DyX_#Ir#6V=eVy*q!_b`NXnX!wbJLhP}=1csxEyxp|hG|?#RjFdF5Vau# zLd^DS@7^L}Y9|p>Wf78uja`lw&U07k(OU#c zJT3{{JBjb!Nx>dPWT)wF@(NGpWZ1eGiLNPkYBic-dvF^%Fm zCBIDTt2RybW+BC@NY-6?%u9Fa-`c5si``T!)O{`|Yp4SU9ox^w*$;^A=YUk!>;qpR zV3Es3pvvtT&mBhX{5)m3(`}mi6e~#|d+{lS&UQ(|cS@?Ore`YF)@B8qa2IQ8bQf#1 z2GG90XVdX^!duO`ZN1aPfw*Zt`dYI`q)10$4pXb+>GrL0`^Ig2QIFN@Bh>P11a!y4 zREJGj_vHm~8IGEWQqil$ZFR~zQ=;n96P~2+mQv+Ly8XPiv?}ELQrzVrij`Zav5FF+ zszQ`?Kgi$GnX%eZWu3U*m`I$`w~2p8%_AuWNa>ke6*93+6DK;2kd&F$rnhtm%WTug zn7cShgt98LO=THieKkXI!faLJeg@z}e`jNUwal}5%g-kCF2_cUc;Q;jito+`wRj6d z(Jxqr%~yX3!D6C#M%;!8o3p|Ih1mPW+?Vo>T~Gqfnd=dC?1D${7jowm&7Qp}H){6m zk}Y$pa*tgQCmg#FfS+!{2GHtzAG_c?kmVV}N{Y7>Qw*z1RL;@V;@WU=TCiH^ZL+GU zlI;C#UM0k8xY%d7pxLvZ&Z95oz}Y39QL7MC)a)&DT;fUi%Dm5-#ojA(S8}yhw(~#E z)q0$(^;jz($v@FjC1()S6%PT1&oAu@qQ1)J&d&~y&EzX@i8^02uT{JAq zn*+wO+%nGS$r*ntCga}?T94lIz^REuKLy;SGPe#v>wC}5vx2iEcP{7Dv=%28QkvH62 z9(HIWu$^AujSvaA7pI6+&NSYKBzz&Z4kvT$@2DS2ROg1~iQ6O<4G}}2u1nd8j?Su% zcARkwCJQfaxT`tL&3E4c^0P@t71UPy0r@L}iWW5E)-d6^j1IM0a0Fnqhf6Ura%}5& zi`)4d19J^>=T~jbcB?(rRzqXjwZj2Flt|q&I${694ynpp@AVT-9gLyC*8apyZI+(4 z4={&8Lv*(;j-$ zbJfj|Z$6&?>Dk|B#B_V~`NI$X_kcUk?4(aO9-5Gu`gYWzAI|puwsF_qiW>>pd2t_2 ze)yxtou5C&=BaE6|CtyzW8yPc;sdhod;5d1qQD;3Hul%ClkW^{dwAljld{4e=b=a@I>F&$3C<9t+%Up+0>uvG)pY{pjE@(Tk+1n{6^>h zx$g13sn30I>UqVG-4A{_`_k~2eOC5=<@0Ym&pxy_;la$7ZWH$mdCDcY*RJEEzJL9R zpX;n&4N5-K=lprYA^qPU+D`p2*7<7Bs=qCtbNB z!>?lXeGyixkI5FZ`j4^dO=pXzT>d-8YwzswUw-!dGnX1>Y<>F=<2_+-Jy}wsx}Zo} zIn?luZT_w|Q$KsPx9YV83%iBCF=^rz?c#)>@6ylZKfGwBuc<6$%Zgr&t0r9bObif4 zJ+Zh)SY^zsU%VFOx7XJFWP|_if1tO0_}q>A#=Lg4x$!^OVqXpRv+a3*<5M3v`|D~_ zdvBXI^Gf`|IqNTen4Y}N(Cv?5PoMtixpzlLy_U5&>HB{VEqp3*i+Op}@7?Tk4rxuN zf7(B5Z+_bPyM}AN`G1gU8y4Btcu*TT@Tt;Scc+cYFMF`yp~kiUDs|*PeZ1-W<>5nb zKBH}Fy*hj7?xWql-c$b4mB-fJJ$h6Bq=;$7U-v(8=*OKEYcwZPeS3Yf++$+PwuIOZ z9Xsdreey)!htp?e7v$!A`_1cq72zwVzbjPt_}9zP!tdH^e?>0;toHE5BbSrrOq!Wu z`}U!ELhYs%>z>$i`s7Sa#TN}>qYSUvx)(j3-n~!l==2%G?=060DF1NNoUeR7|KN=` zo;H8vdEr9Wmw<12_W`*gTeapFiHJ|LvD1EO= zs2cOo;{S_(3Iw2}@fm}M7M!`*;CMMKxpl8y@lbuAofjq_@o|nl^+Lj|uUFQsNK1bF zt)Qkk>5sl@nzX4bA))H&zrJ0DtATujZ(Qs1_sx#K!B=nI{F|-*!xFIIhV1I@O->Ds z)}xod-S>BnIeN+V3$OY%+c*8xT^&*EZ@9VQFWt>nVP(z8OUAo zy=w0JW9gTlM9;tCXPC46fkF&q2_KiKZE~mtC~}xW z5@u}O`=(FH!@jlml>d0)uC4QGOgGHmZD<)YV0u=~%SB~(p33|1`>BWOkNn>Khu^=t z{^5#@v*-NK_!R{aMSOWZZ-O0oOq zolzr)c=g?X;_!d>)@SBVN=pBA`x`3#V>cafv7NBzEM<($EXhV`2J zdAMQdp(EqF{cG*Rm&Xn1KIyF1`ONBn@80)I&>I`3FFCpSYT9FOR!3}H6TY$MGewQV zpC5;)%suqe+ldc9{6|&B-H#o8BYVKN+iq^|do=8C)70jl@0*oZvwzr_`GvboZ4rA$ zsE1S(Z_3#HeAL{JhQEk+t5jusJ)U{&JqXF4>v-wj=iXYG_V$v^kC$5p7J2R%AvWf} zo7Sgw)`lflS=`*=eS;6}3NFp8nw*pQ>-w)lABx*u@Z=2Dk)a!x-yJg~1bIPQoU*#t z-bDv?j@tC^eIM)@+Vrya_iXWF+x&G2haY+3@o|5$h)>FlN>I|r0Cwi1G9OW7j!ph= zvHJDqQWm`%@4yUK^!MjSWY~H=HbNI}FdNu{$A@d!l(R#-u}?22`7<*v>*eQV&O>tr z&dbomOzRV+v&l|#ab)FhZ8ui^RHi|@N_M=+R{xDt zHPhyY`}=K^-SmJ8oG(gd6(=X+5X!1dLlBl(dGL~7cdo65Ie&_a^`lfF%_Of-u%+8) zgs~^z9N@40Quh0bHK=ij$i5CoWLhB4N`?r*Px>?RO`@)OQb90s`EfYJCk3iXj{*27|xKGgY!@YbkW!hH=YIi=mzC1XrGnYx|>+%Mt$kHFy z2Xqk}Bc!@W*lG{&pzwa&7Cb2aPd{Odi-60B$O!5xBUUJIk+5+!KEYjrh!Yme-e%Si zGOw$5yzof7_t{&$`wP#vdpFeh1cfGaQ7}QEy^HjRhl5*&1qGP95SWDn?1LJg@Gfd4 z3ZJy|IgTObNnQAogzsd6Gzb@&-+h5yV?ID|x=7ejgdLvTMMkoqlyj9N zBLpFhIZ4K#E;0rQF`ZstC62d0oPJmA?dJ?rQT2v5a5KzHe0TqHp>jea>wQ9A^qP0P>1xt+zuT3o2Xl?y}pE+}O z&z{{-+Ryv@?*8IF-?TEvQfq|>yqB`vG=78 zO)@;iQ>5RU*ouEypXN;d`>nJJA45b@3&Y4q|e zX^JMoUQMYndU>`~;bWf*X3vq9`q*-6Q0TeRO2Kxpj9_+!v|g|=-`)o|t=zwSo-Lx) zM|%}CL!p>2-R;xZ3XSX%g2d3GHu^a5m09b1ImT2jlzyg(u+}H$8nrHxe(q!M1KUt$ zu8~e?Y;M2{0|t?6rQZaIY`Z0>qFOBdK@-8@yJL)TxK29nW3L0-U|@;Vt+9C=UY#}4 z7>Dbne+G!0`!=ZDR!R|6?D0W65FCf4QlgK2?l)r+({C_TL^oi{LWBp9S@-N=##mJG zm4Ms?7qQO{Ds$D+1WgO`UbD{Vi5h8|k1byt#9k&X5bQEm0JgzVwNjPF=Jt==)Xx~j zI%!pa$Uf{@HE5}qHU@}v2Wwd_{U|`Bb@s?Cc^fgGYw>~$CJ&-w0V+?5c10QVh?`~X)Xcs2~S*(=bSqeg5KU>r*E3brzHNIJ{=0Ytlg zj%}_j|GeJ8sy87}-B_1x0N=+~yT0+}`X+vWGT%5@Q&)#OyDxoTT$Dt|$1h*Gp=wS2 zikfEJ4wN`N^*(wkFBdUGm8Z;qcQ5MXVTLPrb)m{WxU%n6d- zoJ!K0Qz^KU55DJF1VjGc%XGh?+s9CTg7f%Abk|RRU2Xr6Q^-^|wzI)T-$N9lzD|slWZ2zz~sAIX+FkNX_G? zHfXA->}sm`Z%vhoh)8insN%mxr067ws+tE%CQg@Y9=LVl*Siv^YPSv?G)`?=jt&QFIGG_g;VK$5% zZ?VR(!KWrAv3KN&E0kfVL9ppvDj|q>(8UC?$$&48jhCfe0>^q7^Hm;EEjtp(tO#g#z-e zq%i0aa(vqW@GS!0CFJ-{EQEhv;AaHc!a_Xzoe0`lzu2=|7--xu%`0qJA{^5DM+LSHr-e!g9Z@4Nz|1OyV8BVeU~ zHww5xz#kKY0=~ft@FhWiQ@{@dq`nF1`-&js`09Va!Ds@Bj#dBIE`T2{L8u@Iftv-q zL(uONaIb)e1pj>jKN0jU0r~2E=#56xNcx-tP9g~UECH9`=4no75CZoROu;T)A@HPt zhXj0Hz*hvMLkCFVZw357z&{H3seoS!7*x1v(1jGt5RjK{#8@lc&7!p4CLk}};0Kg$ zgx5;{fa8nkD!WU4uBPI58^F+IHvnY|;1{YqU5$HcH(b1xy@dAzTS6QGHiI-@k>VBbs zZ-#~fzQG0XeNmFJ!G&j6mw^8gkgk}bg2p#N1Lg>Pw1CwFQLd;9N!i^jAm95;m5^4_ zw+P1l0`3tosNjfvogv^F0XGSFmw;^oz9Qf|0)8bR^&le^#JDg0K+IAFm4~s&dW8&^hyqeBV1@=M5G3Zxaqa4fL5NtE(>4hN#ObO)ie-OFqI>zW|L> zMxp`AB#0q)8g?XD%_iRFOj3A*2=paE4kHNf@h5hmEZs^tU>o9ZdK6DA!O`OSneDiF zmhc@|K}qltaUBh|G|^@*(;jRfB3OUOn1QQD34VnA4+K$9d`GYou|yd*okO|_o`+)yeuv7FU>erd68v9m zgCW?3TAbiFD6^^b<8Kn*&}%}oO6`d$3Qau0WUM?V_&u_kU^u!41WmFumY@|aJHf3I ze@acmu-KdMR_v)Fcn4}}f_I|`68s4^hZ4LCJph6VYCvkAO!>$Wf=^(h4?*OA1HmJB z+6ZFvr-vZ&tC?U27Aq4(c5Wj078ctQ#FKFcK@3H2Cipvb`SB zTrtg2cN&|n#fEOQ+PS-J#9WV$R_EP&{h^&{v&77#??Lko*dTAg_lqWVQOqM6XZCKP>o96NKJl1flnBfp_qIb|CPU7lytR0lpKEx4clC zObs6l^L=xO$VkGoWT}iG`1BG>Pt6hms{u_3$V!5k`k;oH;3|SPWTn8HE%bxUi;j1) zw!OJltNJ3lHe%wE{^%O(ZY|cm(z3G~>4=($iP`z}tMciZ@O<>W{V%qGJDli!SG?k~ znt8*MhWKRFciUiT^&N#h95Jz97M=1ILW16O^BehzE(+s9L&1hOB8ccJd!8E6lWxGHB zMfJhPMNZr(*RbwLY(aZAa^j+DQHN3V)S-yLsHikUR0J_FDk?EBDxfhrYT|p$(J(fe zojjHo&OVF6J+;o(7z?v}5P_|b&*OGl=bcjpS`obhyT5GUmW?k;*pXL^XMx@g znp^B8-S<#sirm81t;dbzC;ymai}?&}r(j30SL0)G=X)!*n!f*gdje}~h_S^aqsNI} z3|A1v3dTgI$jh1cW!#R});Pu%;{==fl%zj~73_^k38NSD?=acyn3x$e7HsOO5j&RI zx4Kip?t=J13w!v5#C|*0=S9cZCL)GH#Lnzv@=`76a4%;yDFblHo&(#*D$rk*WK~H# zn|EDdigg!u5n?i)wmw$7M?<8A1eqW<3uao6Xh_kKa*QX&Ww; zs(m-|p#xt{&98+Tbbk1!Itl94{bH%ts0%4HRs(0f`rM)f^kTSejpOkJO6)eUHh`sW zrD9vnHdP_=iGMbM=TMznQq^c-<+*v$);)gW-pb1G7)|(?kDfReG?x&tatpZa5zoR`p(bF zG_dmeYtdki8**&cO5i1`zcxFHY}P$~-0@t!-&JQg{akE*LV`hK>HwdHmLa(o*74_g z(bh^%T-P!oNPLe^Jn=(=rZZq!*t~&JL4nS4j=F_$dYUChpV;%P^x1?YdlE{Yp8TCk z&NGk`SnJOrU1A{TaWb=A922O#Ocif1h*zp)8XnNwY*xwJ4CE~;`AGx$aZYBQx;cS1 zk8ye;9f6@&{yyHyEv(csAR)oP=}5T1dIor^TGXP@4c9B_@v&HSb!DL4 z1eURVNpgZA#K=^iGCE8{udKq)sx+`x`B<#yqiCCTvky=FkwNrvKWmqPb<)SO(+Hp5 z_8E$7QsOTSf!-db zB_U$ZF_7z2a&%%cWYwx9L9fmH^U zsD9oyu$uj>KN?t%bJo0D`X(6t@xDJ$I7V6YuCk-7D8-X^S!wqEq%iE9jMoDNb`Q?@L~b~ESjDx_uEI17!Z@eT%n^nyd(O546; zN#Iu6!VGmQZCwWHxH$E^D;q0_N=dOkUPR?dK2Vu$DU+nbto2Z2e1E#sT-=<_FTf4l zOB+s?-;N%Qt+bAv5jlzz@6q`9w$f%xSyC%5yp`}ZjWy+LIe}B8@LRj%4y*W2IG-En z-rhF%QcGryZ&;mIm^}{ZI{3LXO@f|w6x~Gt$WGjzk1D2(FL}a z{nGY+yEW>0Z<4YbBSX6eRG;l6rBUhI+7fVw52>?rbrzjEb%&a&E^#-h!#K|N1WlbY z`GoBFbEiJiu`{HsuIKJ|-{VeP^~90&Q)9jT+*0;6J(mBe=*hO->+0iG=^7O4&U8x|>g7?Rs@GS) z+;DeKY{_HYIVO3S`SfGmg(lOm^p3)rM>AwcQ8lGBraRX3>lGGv_RE4&#@1?KW@pgYUeS)0Z)j=+f!G)h~P-b}`rrQzT2miApA|80NN2+-D zbL*)7GgTued!F{Z+k=~x-PWfD(9Ks3nv>u4_IWDop!LB4`*Cy8okZ>94%=xvLchWu zP&#_hE#k;85U*e0X1b50+G@$sTpfcH(knjOr* zYv23=Ht<)a{n;e^Q$oq$r6@SCs{(Imp~x812t~#yLoiuHZKf}3c73D~x0yU{Nh2Up zx?$>+D$n|5H`Q-cf6uJn=&4!R2+vWChdv}9znwS)hM#6xt&Z6=w!5>b1`qt_A+4xO*=u1hV7d%RqFpM2%(QNChnU1& zM!BL{NmZKTf#^lyeN@>5Hu;%}i3$ZS=gRs?Q>aYia|R{Ij=KsZeSdF~tvZlGd z3Mu4HTV21pslHjNty#5dt?HEZ%_~MBHL?y?)XI_{n3wT<;$ z0vMZw{@wX#<4gT^MMM%Y%pK#2^9ACI2u;J|=2!t305p@Y@e)-}{N zZ;;k5yRp6&UaYHM)4X!|%KFBpsuefaph-Y+!+Fr?$kHbb14WqSlOjjrVIw$7t;Gl* zPdFw=iEbJy&Hx-I&U*!O7V#&D#Xr!uobWN2cq0h@^8|}AVMcHw2BZi=?i1MOKj;}U z<)X46IO*yQ>=6cD5C(oL40H$s=LO{YF%`-6m(ZgMyGTGL?DLpYD@8G;N70m{*5w4x z3OtV@27H5nw7!CH8+=HxQo#KJ^4VO_OYkTYe~W+?p)Z^u8jYz`L7OnHm_V?fBsmD8 z)<+mVqh<`i%VFBDfqYJs71J7Di zFiLpVE7bGQ)gVR*{{%Y71vAuSVe{Jf}UHwKU;sofm%ZL60XhI-He!gJG7DC>7z%o*EU; zR=HzrtYlT1g*`nZKY_Ks5@%tXQYOb(RFNe(-^|up3#}ue@aS)GwMWVE;Wld-*fv%} z?6&tNfW0CbWB6;PC9ti;UdY);h+X+iUmM%|p54NVA4Md1>`s0^4%hvZ&&K6HH)UH` z^LCsr=_#LWi>V{4D6tv%+HiRqpwb*8* zWdMWOy5^Gj#KU-6@yB~+Bzh80)fv{hcsRD|+&l)UM$l@utrE$)_~jD+sOKKUSsgWD z70agCtdB#^$m_kE>pPrJ<0I^!Lsy1tF?k7zm1BLS>D>bWVLgQWy8w51qD%ANz#)rqAeG zL3>!xu2H+VC7(rFSjnx<=m;!&;nrrTx1{~{tTWDf5;TeJ+m89HldN=ed^)pj$IV)= zvC=8HC2Q-)3sEtAGT+9ccgBSC+nDTVJ4RES@u8Atr`AnhkD&*W@9RARp*ooAPu$6) zbsq&)*DjC(m8x$N1XZh*6@Rxx~V&AkvefWB9^!+aO7l2?b+B-%_4lfkUcFI05Au#XMhMl*n$^KT=Z;^8D z7d7*TK|KPI3dy$P?fEt94svtlQva%p^<8Ymhl=)-EvAR~#ZZToK0WxR@HyBBy4a1La})dc&`i`rxwddR zw%AHHpJ9(~77lTZo`&XziYI-_m_649Im`@OH$et_&PnDw=Q@9rgj)nJMe%YvWdpG1Dl@+8s07( zGkVl$epIC5T)<=D8{d9JdRRJgxkZU>KXO@G8{J;=wb}fjE4?jJa`2mks=KJY!x!fZPqvz=Ho`edN9fb;yFQC;BP{Tt6{4c`U$Y4M?%L7Va zOf4b;euFlYaPxmt`0%(@AY^E7YJU7i(K%9*YK}yaFRu8=d7$)a9?h$hQ;LhPPO!Mx zi3-Z{A3Wz*C9jp_j+x zKlR9eF0cGQ$WvVw{aa5dygK>jYFzby>M8B9R(KotA2cfexr?vpVMVms|NT?&Z(V#v z4=Yz+Xa66kTur$C`PcH~|IaK@uD0t`@$c*M|E3Vr^Y3qL{!5RF z^S#J^5@YTX!vP;=YMuIfe5V61#Nj0z@*9Ru+Ob zWp?S5Ai?rb#85PhE~|5@oU;r<~MPtXzW;taFb< zB(X0&5ph-;)S5_3BeEjqX}?cdW~0UHHwK|9*WcD*?-jp*@-y*pi-tNho9`s-T4kVp4I#~4RZ-v zuxys$vcbyN7!sn$0FSLuBa_YMbtR>+J@@3RtUPw)9-%Rho%8?nl2qQkLModTe3_NP zKI@*PDV#@m_*Z_s8}d&>o)y13%*L7@o}o&@p?%U)5^2cG|G^1bK=POufefq}f+fE{ zD1~)s`tw-9Utur#Z?kMj?73%_4rJH-ZB`+EFWr@%&US*%6N&}iyV6tG3mOi8g{MK! z-)1GqxPpm(hhOr^+IOcL%~uNZ1z^cGHhXt^x*>wqT*ArLL4vKi&*#S0`+ROZqWv7n zyd;%;nVa`UzLo3_Jc-@Q>_V^8CkC=;)4&rf0dFZ&`|@auvU_NIm- z3km;B!$-32J+Kn~wU8gl><{tSua2CR&ff3pr>e!3Igz-H>yn1U9}r{F5BT!<2yjDc zTX<@b4iatd7OG&8@Z`VG8Yw$i&BOTJ@OPi}R>C)HcsAQd_{gtB*aTd%m5idYLzu-n zZo+#Y&$j$C*~ZTAm}N7>;yxY=+)eWcG`;^-KL__y0$Uf21mzWsunna0($kjatQq<1FuV`IZ(Y<6ug4HjWQ$Oe6{(lk(4R*YsNPMXE~r|01z z_sk5Ji&@5xur90X>%JCN{n{{0#NLppE_SE3Hx9}Fo)!GU9nbcUpA>DUW8x@UDlb`D z%36mP#bcsE{m`@dh!9Z|G(bAR>>CEB+hZ_AK_OLgsx*il*cgX6>=~+BQ|W2att{rc zzUlT~28cT_`Fgn$TGFsY&2K+bDrE2ODoW3wUByIJ6P+#H0bKh~oStO%7u-pG#^Prj zrg;DK=eZg7z8K)9Fe)(zHQVohosiC|*E_-^RN63UBTIZUA>DpFKr~PK9oyDAB;77! zVum!($a@@mCIgxEXE?B{;$PQ?M`UxF6UjMue;Se_M5)P&Lx9ul?#o%}_C(AekOq}J z5>@^1iO|r(%EQO0w9(R9$Y>u*%Vq=q7;w_z#5WG9d6C5wk4R^2f0^rFvmS>9IejD8 zoDGB0?DH{e?3XXbEm1K`VY6-hqVNdS<|ODS_{b5@N|p|ZwqF+VDz8N9%kDJIPPfm& zk`sT_UD)<@UDLqyjK>98^+}m@0=V{}*q>#k`;wAYsu|^$(rG!O_z=6)fY$@}N48wr zWZ*w&z+VWEpMjiOJ#j>OMpU$3%`9m!aP328r?DS?I4EhH>cTnFPYmpX2K;wIotnrB z=>n4<7?f@=zyuvdR!!V|JZ9^Da(%jet01e|7fO$^g0kFn`}=~dmbGheJn+ZA9+qAj z*H<6a#ZoqK?L$#5HsIF;$S*;54xcbMUD*{tu9OZNg1v3PJB7TOq#Gm?wk2vGGMi<< z-N5~6t(GbS`SYa>fdpxX2%vglne?QAf6RctA0S^ReZoGzVMzMCXheqWs$N?zIVf`C zLqEqG@N0y;6TCR7L0WF$Z(`mN*TwVwVXDZD(&Oy+Lmlb%QzE45kyW_BZriT%_}O}6 znOJ7wcfuNJ3~=p3cIF%KwL)ICyv@r*Db9QRDqCQ@Y(k~2Q-ZtQW5;{}|G)rF^ z_~tk*2I>Uj0N{Ry-7F0?@F%G_O-!o+7Ks3bz~gW?>y3s0KQiEt3i&)Pe~a{zf!|@k zdxX5|giSa!j4Z46`IKj-t_3D976Ydgs2;jinq}ZGGvK!fdDTNL(iQ`suB_BPr2iF? zrzczuaGTW5>JJV{SLoOZvRjC6oOFjY0J!#{aAOVlVj-_q{Xdpg8~B?I_!B~2HM?1Q zA&}3mk598J7ln|T_`4*TUV_DkB9Usq#{s8EC*vC@ZIR{~_-h3}ob&IIZVABemF^3a zSEM!}u#gA1PkKe*SX2N558$;+KgY{gjbJIplm*u=oKl`YW+Y!%(uA>qm21~j)i&1C z8zLWl5Tvypu^zdp-Z^SRl_sf?72o1kBgZG|XBCoqB^s#epS72CM}E6))#6kpH+W` z;%K@<@pLr4q*Q?FFYm_nwg)qRC8N_s2$jKqCC?Z(~fe;o95<2Brpk1{d zBM7=I?2Q|wS7}B$(*-vK^sI061ZL$G1cH>Sy7f8?p=)XtK8&V5FjP{41bqBnwAZKu zaiqZzw!XG@#d173w9>s-*C<#TY!K_kP>`I?9OX^#IS{}#Xjf<*dVqjIt=@Y1)rKqLWA5^EX33Wr2E@V*bi~@nG zxn`q?PJLYio(ilN3{uM({#_TwAWc;|inbxemv2GZf+PZBDf}NKL?x+-?;+7xzAZ1R zg)0bX2Cg9DV<|XU8arG3t+rMPsm24C!FmJOKAlxfH8&eu6IGp$;ZsGseGELmo>gmW z)D1euB>NaXJw7!)mR}83@W2dpplTKEub&yLP0#f!Tv5NKzL6Tc-n0e@1Zx%|YX0-6 z>Gk{LWK23$d79Z!TK!zVKI&}w0tG6B{Qz#T$^f=sCl&ZxdiQ{V9jsOeC|X+ln&Db( zjne3W(XFov3H>P zY8y9t)ZJ~WUwUC`G4F+~BP(_FSJ0_vhR~^J>vS47;sr%jC!p}6A40cIhKuO*2kz$c z_nodN62b)OQI>Diwgr+RoeC{KeZ?Ut89@>uYy`;|_A)B^&5WuAgM?l{GjIhFF<%B6lEioc^8!?FrC?cGoc?}pDuXIVWf##Vyz(# zrfaDV<_HQe!Bw@*`Zs`(ETM_5*l3MW`~iZtmm2as*xfz>EpAs3sj0823(<#D`1^2Z zrlvJCms5i>*hme~p_ArvaJmvuk5C+a*&PtnN96(4EUu~vXqZEB0(2Ncad{=EwCL0X z)(R9koivvVDmO-IKm>HsTn>+=!Z#B8GEzL<`n>Y-0#pS((W`4h>`PYFg=7hB82Jbl zkchh6^6SwNwfGoh3H9ZcKcJ7K54LiRB6d(yD4lct;dDfONIe-rb)NMH)e-eU_2e4G z?=_#J{ThP3jF%;9Dk-`_Om)|{kM2vcsxLGbJ%253p#{*-=bOocvm=;p(4@;NAsZYe z1^d+f*=11R6BogCP7g?vj&9JP;|Lu(?~@K?gO)xW!=OaR5lVtw9}t}&u0fxkueSV+ zYgY7@Z6R5j!jMcNQvbLS<5_E0>)MnMjMa)LP$77F<%Y5uk`*dazHrU!*Q}{u6`V-C zdCh~|(lqXG#Z#esimpQy80X@91{Uf_ShZc~Dv zs&fTtpW!#*pR0J}1?-?D{G#Ch6(iJycc~-NX8y|6tFXByyWYl3#1v%w>Pt50YSJ`KlBavWEma9rGQl7<82IgXR*xdNPh%@yDb zZ8AuQbLUfdhs-zerDdvy({N@sjo+sYl2s33!k^ z@mT_&E%3Pl$H^z$BlCqv76|=|g#K%UJZ`Q)8N)dfSf0gQdc6>+6aqI0g;fHt5%@BJ z*9p8{#Uob;gAGF8jY8i|LVmT7Un6i2;h2z0TPFfEi2%();ARov2Lj(H@LN`3I*F_^)b9p z7`R^;ctG%(FtAhT+a>hv7WhK~e^}_>D@zJ5wfjV=eN2?v$3=iAMS!0P0|$hGgF^mk zS>5xBee@+r2pzg#CSbXMvjnUVkP=4M8PH>C`anzwnm!bJTR#wcVS&?B9R&E}LXZap z6ao3;M0AIcqxm?(X$p<>^d1M-+d;X;xF zTr6Ov2v;p&oq!Djt`g8AV6%W52tv;$f(m}L2*w=(ZWeHhfLjH;U%;IL?h$Y=LFjp0 z!2JR~Enpi#B;=@oF9>)HP$9-iL3mxjHwAo0z;*%O7qCOXGXkC!@VtPZ33yS!E`o^Q zB>{T`{El*!7?P|Cpjs!KZ9CPkh`%2C=Ec-0#lTI#8k5f=hGqrK`u!Ubn!eMCWbk)U zF{8<6^8CA_Rm-gO_oL!@G->!qKQpIO11&nPHdLxjgY_y%9T+iH)~gJkvO))bIlx}i(0aP_K&54;D)#BYNS znfJ!jM!|vT*2ib zM*c$hTqjkZE=FSmjrk?mzSqX7m4u(hPfgPX9D55WPQ3WHVpm9wZ#W90T>2x^0!@mS zf{;aB@Iv@NaKsB{NR8sX5j>XPKB13(yw5*Y7Z}nPV_$^%n@pgPHg@Ab11CjL?}d*_3z!M5Gdn1suni^5sk7$~|w2B(90a&e>iR!szcO=UIl*s9U;IFiOC?vKY=sCzXD z_U_^9vsA|3@S(WaLt`MQgALD{mxApT-E)(YSWilVE#{<-oyp!hIWc9&(nO$diU`n<^s{t}nO z+P|M*i|Nuy<*=CAY1q7CUWo$In2i$j16=MxZ-+L7qBoae?1xVzq+o;8HuK6MF*Y41 zkL|0j!4{|6uZ6px$4NOKIZ;A%0{N`#@P+A;cUaDbX!b`POOmqb87~Uh;2lUyuTqff$e=~8IH1jdv>_Ihqa!l zPM4F}t51zeVrMJy1XSxnj%G`j&B19vO$b@$or^;8)neOFk4|DNQfa}LeC0K(3pT^> zn?4>^>c!Rc?}Chl_xv4{$SqoMwr~FUba^kAVjc6xqm*bYh!wMq=i$3{HEK_vM;7hX zu_v*KbHMK5?EXcFgWg7)Cdp=Z)?!CM7_w+#Sp^=C-_Avm(YP?aSoFZ>x^1N7_1AMmFmT^|cc0-E=Uvj~(@dNL7QWzV)3q_`4KJw$F zwb+)}r3+B51z-i~!{TM^BbX1pmFdG!c&7Rb&kR<2q?YzuZEKs8G|q~BAo>*Abds|) zg@E~x<1xT*`jqhCEd13}TcSf3W)65f*6h`vEsD2#u&YC)-}!Q)rN7>kQx^P6^-2?Lbt21p_b~{m=>ML5_b1*;!~`9 z{aUK6i%}GHB9-h#$1ogr{Q;h{*Za5<*hL5OYOhY>1|~O`rC2RUIgv6mqwS}EFs!l?H{gBs?{uVzHBLBlg*tyH(vvDrtH zQ{IPtd58#-RY}B^^4+H9BLX z#P%a7=AWIuNKPy;sBr33cyub}7*xCo6*wOZS9469VNg+`Q_-kXQEyPu1r^9yQc+`2 zQK3`OtW$BTK}8Ps`=~0$-C|Htty6KcP6aclsAk^&l}T*X5(nR$2T94J3%WrU^m#+j z`(YisUXcJ6o*Qk;XwikcMHj9^3&-{q&cU&d2P4AAy>E!_R$bUly0DkDu%OYWi|u%rNSjWwg}wMmehSV;B}sPilYCV3I`(bs z^fhx+tea73@S>S8)}X6hCwvDYr#*`ekkdbl$Jn;F6S2u~+#qxrbYXtXHeNe71(iA3 zpLn}LdzVgfvrhZt2JOk%Nrj@Q6kUwT{GHx-hR9!jvFPGS9j}Ck$q7)6`~( z>WeL!3g+FK5^r6MP~ohUE>4>IL3ylP%?cK!q3nE6ZX2Gg3wEy-3@`!CCtnoeOP>bl zSj)WL$OMfOrZS`sa2Bf1LjeNmGtB|zIS`{b-G{H{=;;RKd3`ZY#?H0I2PrQHCzZ|n zC2oI>V23tV_ZvjIuz$m+YqLRD9YUN^kHg(9SSEV~YwM{!fTw1`9?z3&-ND-@!SGni0NJ24~?y ziQ%93OzG<$=(gjQkdHqP{|S8E^;8Qc?z;B3V0y3XiIx|-rC6zJUrV2Ehq)M=N-vS zBnOyC**v#vKy-XdYnG)a+8Nz#GCy9nr3bhAc5WRW>CFid;xC=gDL5gqpEr{;Qv=m) zi1!T4x-E0=7q+}l7Jia!F1oEpKDpKNSm$$>Pb!h#ej&n~2M_msdu<_jA9UWDBX>xd zt)2hMF?G!ClA;fGN?FQpJHyKF@1)$uy?9aqzBBP{!1qV^q7Pf_d@lUOq;ltRY3M)N zrD5N+?->}=@PzB~dnLKi)n9p?S*C7>Z1$98P4SqrZudB{Uh|j-&c|7dce$qE|2JM! z)?g>D#V&SaNj-A$d&%IX>~fXh|2N*b3f$`D_XQOf$2ZuXdp-HJ%CKB>dlU{SG37>f z)NW96BRZn0;~Pvxk|Vy_cHEhJsair~n{swuN*uY~uwN~1M{d%LPHc9*SM%Gtv8-6`}bKhi0TybuM2rUT}K znnLB$&4Metz=;M zVR?dFi0g}-=KJEg$?U_pfoN+vHyJNX4meEFo_whvnQYk)llH?iU^1LrjJOcaEh>KJ zDVJoVRT?36$vmas9@0|!cT_u*FMV~0QaZlcygiW{{o>FcdZd;TZZuICJ$r~EJo(a@ zL*_>gyG~r{ICQT6v@#c$F*AKuDVN?pl)TG~YrIgSwYQLKf9W&$D{k;57)*XpE{cRn zoWzZkA32n~JH0`@4J%2Q{MjLC#NX{fr?bQ+CrJv3k!5(%3Rahu9! zpV9lc(H0mTAdL3sMt^WPd|OD zN0A&)3gWAuQjzNTlmsq)I=(ulQxzW6nY?>I^<;r9?i>KDQD8sqEUMnudF4uGz$3la zF;6M3uML&Um!ficgI6w{|E6;JgRgRV1BJHTSGgR+!}*q>Zh1ARZh4_yp~~esQ5hW3 z)dj(o%cHu=<$hn~!bIgl)l=-QgHvtQ_nh)qGXBacRNZpRVU&Nha%tp`T%)gYS-~rp z8-psBnh=%CwW4xa;HzBbsFh2vb;~3?=xWWPOyq_~`wSOy!};7W$^)upwTc-OqKZio zRZNnviirzR#pr7o)8T&N@e5b$7{&Ma{nJ;;^b?PtTFrcZsNe4Qe6^ca(fsj{TDyJd zdjx-fD7bdhoBkD5H~h&z#h?7++_FN|>aV%!=Yp!6r%~O&w5a2>3TL0F;~pZ@ye{8) z$VGKIcXxP*s(kYywO-xB4Y&G|j2cJ5lfBVbv8ol$x2+6{kgGZD3oVyte8M0JA-gjYAYy6R?7P<4|ks++;S>L!C%H>te3 znI>wM8+dhd8>$=0@sOasK(&qIlp@go{j?vdl|G_c$>LScM1ft`Io?;{+=U8fFDjhB zO-ti_nk3#wj@*eW3X76o99?dr4$M!en$OwoDy3Z+FG|B+ zX@}%^d3#aAcGnB<6;?~bsBW>K<8tH_bz9V?tEhprE+})jWks#IccJ}uZg)NM9yvuC zw!2-1^LL)gC{x>X>U`ga-du4prFm+dWEdO3BU>rd|yXNFfAQPwWyb+jLFeQ-K$gOvYX`?RGwgYixnEf@dd zA7B4Hse0N{z{_F(NL+6k{J+mGs^0XXLPaahbE5OMybrzWr@nORj{f)em|M!0jv9zA zR5s!{XoS0F>Y>xWzVPe5@)+y4eJ|U3qR&P{Y2Pj-JguuGw)_jL^?$wRQ_?s5!nN!4 z4^mw{gDd{^thaMe*#Xym@5w{*-Md6;yPlJV{HiU?9qmqZk8^*QY29y87&&k5rItq1 zQzmA<@8Ki&AG!O8wB2&h{8WM4>AQ^7>dnRdspbdOn_;J-EJ)@5;AI6$bLQa1Y!-Ys zqg@&d-xc5EntJLdOV_75M?|!Tjp);UEX|Z>Io+qb+H(F`Id4qI0oSP0Q`sp9_f1t;F*1B}$Ko|EDQ9hwQ#$8iB{=CnxB_*c;abJ$O*CBtU*qU}}L{+;q2&ou*w`<8M_fq6v zUuQnjk>98NC{IV2NXN{MbyKIKg!C=3cAFwv^ZI$GPb~!=0o)w1#WkVBl0U#3alvA} z+ZERSG}_SO>RDx5khp#B+3w#V%P)GBH>c*DE~7j@s|K`0lzq`R`)sE<|8sBpw|8E? zb82EsYIVO;;7W3ixkDZ$7ZW9J^Ifhek-k11$54I!6zLt`5MTCFm+7>b3iR!i;%@^} zd{N3-g#_P-1UIz5(k&^m^*r6n)SMf4k83G%F05M)caDfc-bL`d3-jfje7beSEN|)5 z8AxY%2|WcV-UF^Fr|C)9;+ouH8IkUl^Cp~jFSX>4^}73;if`U<)K%m)jXH#jZ{O*W zO7i>P;|f2K?|uvE|BF{SFm=%Bz%u_)XX}WI-b2scjohV_mmqJE?$L5F;gs%Zk?!!0 zS9rQDr_P|-?k(ly1?^G@XQeYHEMnM?%YXd$7+IFB(s=Vs$ysi4wmxEDm|O3boUM0) zb2y0e5I7H-*yKy&2P)3n7GInD~R)l%Jnu=da0? zQ`x@m%7N_RWf^g-EgCnzRj?xyu;k>O`ti}M`T%DB&l0tb$*XWD+}ULrs=|wGp9yDT zp7dOcBUxi0aEZN2gp1!yOJk=FTZ?4B4~9P@mBjcvy+V6PB%>{qxx zuPeru#%{Ui+7k9gezJqzuq!E!VK+e$u}Lu9{7fhM~Fx3GpX2$MbZ?VfE_bj*9n}OD?5hv z*972B>GlA8gtRjN&zGJNIJIzgocsMNKVJc1lJv14P+Mr1CQ6t60>F!<7%`Wo@+U}x z1g?5usx&G9FO#MQ;8UbU0pUxf6+RsMLF~A$?FWLOrqJy_{>*=WFIJGNx98y;G+OZK z=ir(#z5x*zq|v>;xIDPlW4!$rcktGzQgp-tj%aVJmvEhMl~N!s1#Vt-a|pHK!eAT< zq;0VeG#kL@hr0X#D>C^B?!L1$LWbZ`ty;5IS5Z z^-cdKpn*+m{C#&PH(_+k^7Nm1s{`Ko52+VK6b5m{8SpOZ( z^|j)nWxgL{<(j(s4IyOVe^NxkbU!w!H;6VauN^zGz!|8x7g<`+-h_kmuzRJhisDnC zo?XY2r!jxfxDx&oT%5$wNQZG%HUD5`Q*(V?75)lGjVc&d#og0bMK?2QGOMwuyQ;3? z-wTW!IW|=IWu8$5g@Fu3wZ6<#G?*;|g zyMlZ`c`UNrSQLT;0?I+JToi&J9xnlUs)A>*5gCB&*ON7Bp)&*(=?+CL45a~S4Izu{ z7F5NbY|88)*+S%W5RtMun20s5$-MmOd`|&FrH|7?q>$)5jc5c$-c+%E zSvl2ejnWF>MFzakfEN^uDpUf46c|MCy!r)bxl<&TO>Gqr8(Jk3Cfc!omBS4JVxKC< zTLipAz`+y_N;V1jJfIS}L0rQQ#h(fWbz6x(m>}q*2_hgFAUgJwa{3`b|3c7dfe6Vv z2txh_f{?#W(C-oSc0vEzg#Dltz=SRo1t=qk05=i@{boTwBEN6U15cIwx=4m44%S6mK3;Iq$KO^Wo zAut>#A~;7xyjeuNMbKXm^bSQZz7ULJ5#t#GRtu=5@HT0I@L>X$2)IzdWdd#{2oF6<5E0?7M>rla(BBvI1cLA~EzgN;QTGc+{t!q$ z_Wm^2um?}|8_fRMSrUblIsCl=_2zF!U*d1@zrf>IoSo0y;WZii{>`==d7-QET0sYkWO%E)?XRz{IOES9TDW z`8O`$GHU-*?TPuzgFm~C{lQR@sH->E+T#Jj;J0ff`tA+}@P!Y|}&96wYj>Q1pdA`t_u49jQ zT9aT$!j`66Q?U&EGuC?3pak~T?J==27s0L&aj-Et1}mX0eI@Cly78bQ8Cw@U`zoWY zT_CE<$64xjyDg#^J+ovA$F_OP(ye8&IOszSv-75;B(`bKVhnNrPhB#rcyhUgy*V^4+IkTePdv&>*G0tJ-!Z8}y#V~P zm7RM(G0A?>K)#=CJDr$pLkAX}W=Rv?$%UCM|9bTzAdS99rJtNK6#MiZ$co0EH?DQH zAv|_f!5FJB6=T0@!suvuzbbdwAcyztl^ zOeNEZyqE}JiNic1&oGvJoy%tZn;$Pf6K%87MI3@({mo*VHN%G|{=uMr zELbUARU(bR>Mbwuv*N=7S!?{P0t4$#KWnamMb~u*TdNJM6MoiD4Xh8r8mPwbfPwXQ zu%cDg?+h$6UP1)xZw6K@SOe5h@qGf*H54q>afw9+R*65<0t0Ia4`ttNPe?Fu)`8Ps zHMQNqx(h53!D9y24!@}n46HUk>q`UcZLkJ1d01Qm?cCL8WGCm)^PQMxU|AA<&K+%F zWq_snB5tl=IYq57Hj({tT|__oV$ksrdIVW|mbGTr4T(9AkPd99ngM!~y5Yl;f$OeV z%^ihV)`h6d8d&#(^Jufjs4@P%9*)4x9(_iSbU2E}jb!ONBZevtnkkVa-(HVI94kai zXSce4(pEmh;=a?p%WZ2gJvFZ(?iSla=GO*zuxh_M%=B)L-T6#UnA5ub{m&)y=?06F z*37hBw#_xS%Z@&L$$r+I$9uv&k9}oovgBUs_|s?RE^}o~ZM{@9)0%DCJ|OGvo@m91 z6+P1J17CKX@5pU<*>&zcsXN>}qFTv4(;;<7nqPKxbc`La7r!EN-#fjxJI1=eEe)RA zB}WZ&f1hFQG2N8xzN<%WBjc|A?nPDKZocfyxPP4$TIPAO%Df)af$g5Gf${6YvKFj+ zZ(t^FRV7(#hN-_LOJ1Z*cW?K+mwb)q_nu_8i?bpx^f9%Rxu)9M$GZ#M>XP{#otCVK z?7Mqx&YyM4S>JS;vi{y_&br*`bl=rU?#u0KHVyy$?^Cb}E_*Yr5QB$4?#bB-50$hV z{FCK{SE`@vjzZ!FD(_)kzT;U}|M$Mn$l>PYNnlHI*4HU{o|7pzd1&uTPTA9oDAwRO z9d4{xbehS*x6_sjWL9aCdv9AwW}18MC8^1Zl}s@gP@`p-)D>=7Lmo8mm$!#y9q-xc zi1005DnvFp+7w#jb<}0vzt^2}qK!v@uAA-l7Gg1!c|Xrn;GcUfndbda%a@aq#96QD zpzVNPqQh%DXvO;WyInEfhkE)rAHNW8k&EueFDdW0URBQFexoz7M~;f?kta+kv0~#% zr$X_cCS@ON>*Kx)E3h)$#hEGlce)4MPo^n7G2MMl&tN%`W&0ltj+Bvto6k)D zqfkE2?U#6(8}s9jdo2ftYJ3I8_Xu_C(z4vc+z}}yw7ifnL6dUs@$RJD?o!N~0gq+n zE*i!cla}PSo-X;yJkF7QZ)Zuq^7a25o_ncuqceMRXA7|A!zEu?$CYHacH%ncaS7Q! z{E0+z;|na^KVUxlP-}QqvcD!Ykm!+6&3MpS9##PRouMh@xctB(nSaf@PJ* zhF$i)-7SX|&G=gSL#31@PkQ%rb5YoZUx#IFC@SsrzMQ&X>iLc*F7K^>D`f(ftUmMX z@?<1oaUu7Kl=Fc%YeQoiB_hj{fV{6s+vbu_(W*jO$$irsmNm?crKUE@4>dbp@%n$i z;0@0-^Sn}dZQhT28U{~y`z3znElkPK;g6tb#_2*Zp>4c7?tr>_QW~3lLUwGyql+56 z`p4yRz1gDm0i*=%0sQj~udtIh#8)fVTGkJ?aXf)#wAfSl&j{8!EEWq!T!X?V($uVsU2_zq3SaeO zk<#&_T3|FgPyFkAcqHd9VdvT+`m;mnsd4rZ;8DXg694F;%@THG6t2$fDq0ZzKsC-- z=vucdnpMw7H@GDs+0q|Fix3NwZV|y=;dr>Tg=NfM7SEjFeWTggq6)0wSX7LEIb-oJ zX`wk+cJUP-{G%a4ekMI(O}_bGaSv8e zk;JF*s%|bARfS{v*Vffb3;6l2r4`e0=XOoqf|a+_YtxrvURVvG_=8{;7DvB{)6iG1 zSdJ5anr^CEzJ5(DpRY8Wio?&Pq4{S)H{#;d9i4qs5+t^ylRG zv>Q&=;bCwQ08(6qV|V$mWDTaYDUGW=m@$AOBhw`5S%N4Td?4O|Hxa@Cqj7d7XW;l# z$%LL8Xgq+6AOhS#5JWy44ctk1mU>8IWVR$#5P>!y!or2}1Gn1flp%f>7Kc;AaBzn8N@aSx5%@5kwiMS25B<<&*Ho z2|`~RLFhY45c*CD_=yTrq_5})6#k1K6o!++JUrbp>pLK}SP3dw{*hiI%U6Q@B9xJV zWy#OeXSjjt&(cg^o{Bed-(Y~R@T&(A9eR1xz5G?2ZGF-f&K@6*%bi za`IQ>Z0zilbWYBFnF(xDeVonuN3dUE_QqKW?3vB;Vp&^HG~J|Kb6;jWJElwsXVw22 zhZ7h~bhv}vVaMq&{~Bkru8O4o;t>)m8CYkt(kh^2wrxvM7TdZw-Xbq%@^(5+sRzjj2ZUTxv%kxa=?AExvnv;IzP zJgO|SJKSxV{$a~0seiR4V`ue)Em8*Bn-lWu>mt#0oBP^kDO1k244T_j6g{`AuQLJ_@#M3`}UqbZ4YiN{UR!3dyl0p;@OwG z?Xgojls|nI)zvq`mXMt4$j-^jcNUHuJ$8KY+^%U+xA%m#on9vwe$Y9$D>5o|-PeH8 zfL{S70Djq-z78^5FRHNRGZmgaufmgOJJTSOwyq1`ukgLpIdI*l_mFxqQ(5E)!3M^SGLVKJEQC4m~0dwR#`iIBjV7iH8uii=A@$ zmtuvq?Kz8k^AS@+^vqr8*xkO_k{jJ_$_?{UOYLwU|IAiGJ~Zck({3%do_%ezxm?Ok zKEW68+m4fK)rI9fb6e28>xa(ALp?cd$9tR=T2o)tfyJ?(ysXVT!$4~b9QJaIc6irExkFi&W%*RP>bpkF|FJZ>q}r#?Q&6xwN6_jh0^1q=mF8n3jtL3bvsfT0j9s2Nfl4 z0R!Gj;hh%|=M+JQi!+u6IY32090yu~21G$+z)@%Pb#M~VF{q3M)Ci2)V!?R%hVQrb zIcd{^&i6k5fBKy6vu|s!z4luBvd-RXOWEJnJT6`Dy4j{JiXjDTSA87%_q$*;uKXUD zdhd|cmF|@B(1zV~ZJady&6#P^RCBRe+V z-aVr<{81_J`LJYZoH{;Us-Gcfc)fIrQe-v>W@(eVEKOQ^dAwOWm6cuGfS6Z*8lso# zKg+d9FW3QP+h@5&S_``O1gY!w*c>h0JN}%sXj-vNs?WGX!>gp4N8?jcOG`_CR$;-9 zdMWU$+_`*wPgBUBA*JoxZ(ID*{p$*}yfi)L+OpmeqP~s>h<+mkz-)ifF_$;?fPo>g z8O4iUY6^`i=LcPL?P%xE<6t1ANl9t(@Dgdpb#eA$c{bjoHF*S=-wvgpYvQEp8!Xdr zc1^9GV3{)URu*W?Uu=|?&mTWXWU3XdQ101%>9dCh2r7HBuu0%L4>W3mJPc~AYFu~y z@(y(=Z~r0K=GnWj1ojM`YE)UMv*ZQ&oE~TYSKuHFRD2lLG%XDna^=H#T7k271b8SO zj7C$JIkwEYJFMqS7k|1--K1@54RaihT61CyTVfSpk!`y0S^YS6FihR1YRwg#wCHS$ z^vYV{<$!vVcGuys-ZCLOsq#WvM*47A^bi8DgkUKZUdEY~8QF1_!v{T^KDctf>pF(g zgR{#6woaY;!I@*1(rRx)XSsT`VCY)KjjbohI9T*}K)pq~%h1)tu>kvT1AMNbYp3FC z4A=z|D1)Wv<99Fcx-NGw-J9UsxscMnc{ZjB1Hs6zLI*E)h+_BMdri43LQo|bc&HS7 zp`339NIb#i z(R#li2u(+>$3r!<2&IR&T~Ifu3)7)UQFSJzq-JOe&<m_=FU0%RWuv>7d5Z!4xe9 zwN@9)Y4bh`#pDG;y1ajcGN=pH6#j z;Y%)kFpZs8JiU-+RfUzOYr}`re2gn>b+vrecS_ADwtf=FeRm*B7$BIfT&_mYKTYXI zzM}Jm+|#@ zq7>1Y?=Hn5!JpWiECRSGobUWNMmWOP5+XbmcZ3Rzgg1us%oNi9DgL{v-VGk3;Hqn55y%2i(3} zeK-0xEUfgYS8T;>?&w)Aab*KDEQ4tw)t}XnSeBH{1BDaqE>9ygmz%*X-i2vg~*aQE^~e)vZi-{mccGi=^be z6MqZoET4w-mXjfk<>L^STV^%vRC)F5i3YNESk)4DC`QmfpDUC=Up#IqdeUD}EN7oC z=#QWYMv(7?uG_@xo(pJ&zlP*&G3c|O@{gGE%8#Aj(V=kt5!C+2)ctB7f9>UKUJh!X zmo2{V))`Q$5s0OSp!qhc(HZI6e>E}gJvp?lg@3zX|YGQ&$o%gW&9;KyS)Z0aZ&ma<*6gYGT@v z;exS?H>NX`R4pwTD(`UNC8bH3#DL`H1FM!j+HNSC*2!t0Ev!5owwLS0Bb-&W!SE!% zLH{JjG`unGW-ttRV8RM~a7clK=c10cIoSt;0Y*$4i0Mg%+W0LHqfe;(hP&V-sd) zq#vK1G_!31KQ<$scLrv5LY(P`KEkGUPjIha4_?9Z)s)c1f$Z`3zI`s#4z={*9afGj;H@SntG5m^T;h@jw zdwk&^eWnLALp6Sa&dd+2_`Syu!zzuX!livw|AJxK;E-XuV9v1F{_?7?LM6j^|A=8Q z3}vC%-chkLU>}wkcmWbK#;*+?EgJ3bDEcCx$}i}60T!juFF* zNO@E&@V@|yS9bhw6#api{G^V8VfsKvQLe~>EdHZKZw8F{`i_!euQAYr5Z)oa5-{b{ zdd)6mO@2V>oS*i$ht&DshWPxhkS_n5kUsybP;CDBP#n%X8}dUTz8|`q0gn^o{CS;? z>iriR@7MYBx*O~EU*zsrp$xHc&KmUge3G`B^V*uy{; z)@`3s=*jeGU{Gy~>y6`ig{v@djT7`H-YQR%B1!WZ%-DvA-gZGx)-Vfc8Gpjx7c9VnJwre z=jiKVygQZ|945c6P2XBU%6^XX#`MfKRsPs2b4QHC*|44u{J|sJyTXHUhnA zor7UzLK#FlxvgZuQRHf=Z;>w+gV}mCONLJWLF{sEmAVsO<)Dp_6ZVd)G>1Tyk2nuB z`j+{UJ$at|)tDb8|G}jX&~OzO8Ll8Z&ZyCfdZ|sq1W&5)NV_+jZy6xOZM{*)zi+7$ zogIFhWPfsD`6X=c1dMc+w(A2;yMT03yaDx@fd5rfC3>wpb5#p zFP{Lz(|1NSKE}jPQF$F6)c2+dtiGH*5UBGI`nP)=Ze|8;rN+wVo(gHLKZatg--mS8 z??QU(MX@jYPRIe40~IVyU|nb9jXKTy1V{#QHDq%YWOEp@xwiZvGO{WCkS!4k7_zZI z77ghHx+}%83cknux~gL#!tsm#IQI0BL(g8W$OeKb819LTH|kP8czPjFY8)+aYltS) z3GifD!CNZmQH-&rmj}{(nko&A&?~4q-?NIdn~=)N$UsLl*Z}~`tr^Ww)3*@7Qd;CF z%w+bdHJ1zx{JErG*)(CR$xQ={E#<^nEIfmXrzWB>+7`#aX?sGgKVhT~Tp=2~klzEFQ$PX`8g@6*%u$ z&vZ;=cAAFL#}2AKbHTzBdEy>j8dW6eb?ib@D!s&H8ZsXH*&zXRmp9m7!L zj~5(u4EAFL5cB5$w&HJ-H#-s9FRlwNinAOH znJh2DjLAy?b}mrkQ44Dq{0VB;&qMP3iEQe0PFvUR4_n$XgED~WysL%emQ;c3G8>PD zlbfPm}KcbNyIdGy0!?K87hSUgev=MBQ8 zK>W}cprC!ibRtsBl*&j!X@|5eU!`xZ{2LbR$y-!aN$yxS510FTq6U|@zP(w95!MNr z)?C4`bF+~Cw4O~O&7zI0{;4)>nW*+2JFBS#Q7Sbj%G{2s1O{Z}!jZm00fqB=CVnGo z$?{>0U*C44aH}wD(9LW>gHl;L)?*&o<~n_R=>CIU@$r~vH-2(L_52hp@ASJmJ@TBD zv%iPwuzBcM_s;Wbwb>u<5LMo{PZ+w)YO^&iD%p|1SPz-28|zlLY7kBYmH$^_2#WSo zGwotr-Fe_0bTPEl)$9akBL`R%os8;)xoQe5%#gT!5BAeU^&FUMbp~d%6bLtN(d^{B z)6re>cgd~ySwJ>ULj`=w3dmDNKU&7>4<%G#{;k*$)i~5EXrYD$o8{pKQveeJwu&an zI_KwX1mjFiU2R>>XCbZQRG^a0y(~4~ghc8-sg02h+pb18)Ce^MD~zXSCKV6vm~ zo%Pw)h#E&$pu_XWWml`2=g`vZ3fKE*wYG{12-aC{9;Gs~We(S2WP^~_@m;{OAd=g% zAet^;1>QKTn-}?dKvdogDnHWB4c0oeLcHJ=PKx2uMgX1MVV-wl|{##fq$%&v?t(nIG%JEs7KF;LOmAbR_MkpNz$ zS1_E{sbx^+GV>^+0cZbXz%mj2(J(2H`%G(&pkIITY{r(4BAt|2RP9gk z9fV9zgsGwl%*0wb#saOQG(e$Qfem3}Ba(L<#L#J3uzlhC;k={NB=4Wq-I5hRpFtL9 z|4M@vYn)ehkQQZR`j#ZOv4b1>DY&9SStt`#wZcE3Rg(J_$}2`^?g*KOYEE!A%A9xo z`Ox5dhWSbau#wXFjP&W-2;8PY!&tX7R?xRbhMV*jEzEV1={F#2F$+3ob(0hYC;YlC z@*bnxdIqPR7`|>3ct@-lC>E+%3lY{ZQQI!B5_X5GF=3ZU+U4i3|5hO>$^Mr<^%{*s z7dYx!&A3G#>0&#y4t(EQP|Ct&mUJ(q1+hh-PAj6~G9M-wO};h0hoRyTd%F$J`e!#r zeU}$ZCwCAX?&*hO(9K{U-~{Y03dSkj#<%oc&v}7~D1Cs%G<6&G8k?Xw)5H4MxQ+=P z=w+HnHS(Q*>jHwRUgLF@2EO8s4lVYR7RTvt9C|jO5*f&qAk!JYT#s9o@td=M6etv` zdwjWY38$3Cizwnjo!#+@CPBSE@kgcbOF@qHZ(W$>bg_&y z(rhqom2Rv^Z?ftr_~5@-M6hq(TiVC!{_** z+IduDDji;lOgj`Ip$a6F8$q5%=?}y?W$sW_F~y`)5A9o7*~-;sGz5JbpgojvGFL#| zpTs5G;+!@&<(b70Cqd4%b%!jr3n8biGgNN-8fZeVjIITM(m*mKK4Lx)2N{l6CKu~G z(1IO`DC)PNf9vuS$T|;&_NwZ?V4;NY>E6D-A_ikzvcTnMvJsP3e$Xr3zfBnK(Vf@w z_9IZ0h@MRzdGl`Cp^25W_4G@y*;xe$Ddh+#X~{|tXxLm}VAbG`qi1=WwuLWz&8@~q zD}MRJnrY`IsB=5x`3ar8dcrwgtzI&%Ge-?QyVLAfjZqbz3F`Be2Ebh5lb*T4L;{b= z#n9vaZhxovJu3EMVh^i&QglPKIRh;hLq#GK~6h8xW}CbS!c*-sPW;eeAv= z;#J~r>E~Z4)qH%rBjF|l(}(?1JStpMaE-(lRp4eLDx+z|Bv@wZnw_Yn(mfLYv>`)s zcFi{P*GMa-&%*A%t{L?1qj%>%z&O}EBmT|7y-}Urvj<4;KB^#wb5@(`rm(_`q~dSWGNgNs z7RnVJ-&3(MtfH!*Hs!f)bh6WXnJ{ zNHtqP{)5P*puGbAepzo}S(iwQ^kn5MlJ#HGdiXc4&6XQ#DlhGM%bJdxUxv1TDcuNX z5UZpaEhu3d{EUV#^kC&?G&~sPr`mQ)i;zCQFY>hvgNJ*P%6{DJf~5VBoy(GrkbGB0 z&1X?)8A53FTr|R8=4Q!^iz{4)UXvk(=VqBx2n*W7BLD7TnQ;8$FSr3OZJt7>a_Kei zunegx;!l=}|B84I{QdGbu>6(M42thu2Ojw8N!V=L8Od2GC2R#c<&R|(JJ0y=2GH)Y z>})A!zJl6ZDK{2$FP*OxZIRahn3f^lui!^}ns8$}E9G`240k0m+S2}0`6u^ekvx(3 z`bf0Wll`{GU(52Zj`9;#$TXJxyJs*uTQw4RSnHdyq8diD8NSGKqhF9J;0N zO}Mz~UYNXdzUwecZxuCwU2noh==$ln^wGaEAx^3fk2Fi}5!fc(InoA`diP#$uzf90VuCb5b z!L=xUY)1w=Y-W1t#0#LS1JQx6Qz z$&Duf%8xJ^+|OSot=N^DgLBE%i?ed1i=N7DRC3FN zzJWWW_@}e@>D-5ke-rcH$bHif94BQB8=b>rZ}r!?Nm+!)OqOycHyffyewhVs;g(99 zpP!bK`y@%E@+0*3D#<$Wo`|;jtCaif;3TqF#7*a=@wXNZR1GjmF~!#G+%Y(B9r;n# z3iv5qC7wi_ADAQMK9Qf3yFv+`%7X9Yo>Kf_=67=kq`=*|IpX<#&|+{Zo1h(K$!fU_ z#b3t!bGZ`5FSE~lu3GWa!H7hd0G+S+i1f0F zyz3&iR3g?P{-a^PzUE7$VUKGEjp<8_#fukUr*a)^*}z)S)uL#dDJL6ilnz(ov{TkC zRk+pnmMW99)>bx9`eCKkBwrieLtq(ZeZ&3rjFSH~TsB(ROX+?IYW}PAszuk`bN}M2 zBQ;o@(jHM8Bi;FO znNhmt)$8J=wQz4UVRL~|cjyh<(DmFm%jQWcdWH9uF;-XzSnX@5!Sjb2>y z>pQMwD;fGd_t(gFUZZ(Ijv{6OkSjPqj=gK%ee)W~LKu=rjh69)q>mof#+GmqICP{C zX?_s`gD*YwJ8hb@`*&Ki)H=o$EB>-&nxBg$i!{;ni=y#jh~J#6v}-Scs56NmD$a@2 zpf{dcXBn$$pE7zAfD(&;DL%riS2S}Cti#l@#Zb7{VhRBq5i?qqyd5h(wJpt05-1grB{Dn5+@x$Iyy<3 zWi3m9$#?(J(F5Vkd2KW_Ja=lXc&~nKv_;x_r#99^pn4FK0ykG=O8<^8(@B?SR%J`u zZbY~7Nn=jS>eXLgYx*yOc-!Z3dN#9=i%IftL6v0~_wtr5v zS*%=jY46u#hf1@SjB^zCX>>BZ+jDHS4^-ulN=?mNY40j+rnK_wv6<%nd8O=k#%84U z51k_)qLrr2*A_@7&lr=G{q|V>HFsfpp&YMOPQG4|F`C1rr@kJWUPg10E2@2OO)pnm zfjvbkm0q+=o3b$xtx>j2JE{*SQ=+TpROUa?m{HoOW5E$BMI&(qhF3X<+^=U@aM!%W zu-y;n7_U%PwC{mz(Tv1{)MoRc=E5{`bx(dQdbgqAVl6V!w`{8y4?pHn1 z9I17`qs`G+MdxEcaimF%wGkLCoT&!^$6_->2+JXcN#DR3ebB}BJT zx^B?_d3r&?pcbpazsViWb7lenC_tKpv$OqR9+btYM)J(k12Iu4`A5l!QUPNqe+kdc zCl?gZz@;XgPJUoVYhvSgo*|$b0{T;%QpB&x1-hHy62`@Ury$ikIbo7SFUG##?#LP4TxWl(=0<2huZMfIAoQ zBDKZCl<*E-wq5}LImJ&}Vid^sEU`Aj=1L zppuWlL%uTd->p#Q9-h_QcrT<*mVeo{3Ds~ZC4{?5ahu4!U#Tg=|Ec&HZ=j(2$iIl^ z){>i~*nfbmGD;vlqX675lzdD&fG}%X7pnjYVoiw-i!}|(E2a2s zSj=|O3koul>sB(LW>)gUB?PF3iR6dN+7ty*xN)VD4+yX(K{$(lM3D}NjE2&!<~a+w zYkPT(i7_`C9SlWaFk#{Z(lN|1s1#8+Q9{nb#tmWLzr2<1!q98sA?Tpdm%71QthJdi$G zod1Vpq{~qX9JzGKu)dX4lub;n^K-DIiVsF6^&wr<%!kcKugn>hB1*mUi|MF6m|Eqk zsl>=cjFLr^D_2b!olsG+{Ks^C)IL{D-BW&#_UEd}B85|`|0gV?6hT+#3Wbt4krs_j zP_HaEYQY~_i^$E=Ae%IfZt|$KcS*U&4YXG7S@uUq-XCF_emoPEMp*}39q*`gb3IX} z$s;lmi5H_3T0c`iBEeM@LRS)^H(_K#ewBiI6G1sNj}w0h3{w$Zy?#+(6lKwWN*Ap* z>Lsq&MGm2B`YWE)%yIW zT1PnYXWF*LeWk`gVcvQ7T!}%HW(L-{Na6D{1nNyFZGU}q-|nk7PPY6duPy&0pgDbY zLBEJx|60%LCq@6OO83UgnnwpYXRbL~Y?6#c@_!x1COk)Kb}Q>$O7eY85| z7b;K5dh1SAAJ&f_D8(-Tka82tQu++RltEFGT)hg>sQp3>`sr1E0f)I_AMMZ8OI5)A z5*QiEFSd{ZrCNCWi&TVv{^ihIUj&)|UsjWpu( z#AIpu5|i1~ffQyXg+bbW%AADVMFu^;Nh%%^m%1@jXrTP`+a?vaj{;m_l-baUT;&LR zSTao%ain_P`|jWXboDAys;-a2~cVO@#UEqmzuu(%+VjGMlQ9I#Q1$Y3qMu zE7;L#*xSU)C|AQ8UGPv|oMb6R8Od$Q$*HZLS`8(6h z{3lZJYbmL`T3V!8ki_4~?BQiy2F0;Kgi!+yH$AFeS<>!1W@o@A)@yCp@RK|=&#bM7 zzKw?oBba1gu53(-p=|gqk+!GKPL+SYs=yqple*$64Bp{=rL3}9IUsFxOQcoza#)GPf0U7dD`{tB&Ph#JM2!F# zk$S(#f>Y?K%jn=&0lP>hq$hKZng3Gq{cT{XRIVOj9_j>eRDhv!EnHSHxaa%9=mZQW zgOM@_#YKZB%h%6J2`5a+($FM)*S{liur8%E3Te_N$OQA9EJ@P7f%Mzts*VS!=&DYS z%2g)$?77KE%YJiBP@Bqi*cq4x#)?WgUb>@pc82yL;Xk+VTv1&EK;MN`qiid`EX}4a2XfwS4t2dBE+8_1tJe{ zqv`5|x(oZLsXCtDpvGTDVRxf+;+AO{=mWam&rFr#el;z@KBZR_NEa1BY<@qenbL|_ zORA(70nvgycBG~H-Xd*J9-L%~$jb(_L#H&uwIDeY0HWKp3YkcQLz!ktU;UVqpDGNWXK2%Kuj^E~=5J*R z=Aq`Py%f6>&?0rq0bbD*n~Qv5ndljaipJUk5LF5y?kEuD{Xooy)(U&~iReGITY9+B zgY4x>_F8GisFDnACiVbB5Gm!VQ6=V~JEM@C8&yJMzY=C4pDeCf%ljdD5FkivMx>oD zRfy%i?a_{0qa`ODUVy{3T998jqq96=3_HCU;K)`75*o@>%!~i^_C>&0IeQy=+lTM`! z&fwpWD)wPqPaZhfJk*Zp2#VC3L{OaFuYgZb0E|<9yC}J|Ujfc22n|sX8v8-W!xsID z)U4(GvX@3>Um_Kc`BjFt2$wHc$*n(k%&*L*@~A5OS{i!ytr^-SNKz>$ao>Hb+2oFb zvQ(pcai#!-rrSg6diZY?oW>}2t z4`OK)LJviOxK{z8LKyv~1B7gmSGwonax-SA+h0W6Y@qj#q*FtMA*Q%2Bmsl1MDnks z_4x^zno%70gB1AqdYiTp5u=BfSbBebZ;c=$jMu{mV^YMXH)%QOnm24U zloo9&ju>L>NGmQQTZ$t`^+Jj^#Q0)bl9p^Kj*u!gh&mKCJ_WW(z_r4bDg84z%S1?1arQ z83RD~pA5q4%5YQFW|w?EuYMBzH*I$PJz%k`JLFSr$#$)Bdar&`rac^T+AoF5?cK`3 zGeT>VYXA(;kcBjZrGC=33o57DP6qwBPE|%$PCmkL)(__SR*EBp`V%9xI-~c*wZmCRYNP6ojh|atKSo1G|CsYI}iPOnPSa5QM>Y z2Ni=-&ZCsGN-5kCj7i)gJmNh3TY%?YJa%L#z*C5)2+vSF!|*up81bm>31o4_jRO9DzZ_3<0Q&nx<36Ed8}eRRy;gd)K;zvZmD{2hy|i%N{Oi#~)!oWYAe3K4t% zwmlODg_E8Vw}z)Tojhw^I%t0&%x(K9Y&ILaG_icazyO!KlO1kNY{?bIz&Oe*VFHd8 z^9w!-C%fAxX#_deBFI;*a0Ma%v`d$lTnh1p=D=`I&JU|Ej25(BZ5!uJY$4QE?Rx<- z@I^q|GTeP8q(BwDGEhpO5rQy5nRI~5BQv5pRhod?JIX1BgeQh>_24FC6NyzgyJ~@% zWOOTbQ*fzIRXV_)#@an2XNbd`nvr80at%3LIZT-j!CClZvghHhpOkD%au+Z|668y> ziAnBaT&0qU;L)~kajG=QU19qsWQRM$b{;28liW47P{;-M5gQK1!d+qel%@Lw#h1aP zwtTLWi25mv1gymYat>A-VsVFvXDcC}c_^o94l_Pcio>ZEb|9M@+U-9Oe#5C39i#la z!$r=y)+fS#+-Fl}*{suiaJNVO3Xj`q#yCF+zvawsjon2?AUJQlY_ST|SSgqS$YDxvIr?xsSuRd0rP$EN|64Hg5B(1GO3mpQCAf$*iv58mz3IEn(M z&4yP*7&F+Jy`HjIZ1JtxyW+hcgpWGYqOQ|fDFji#*6>n`>zvxUHT-~c!Z{V(W#rm2 zR3`5WlTDk?d)B)iJCbbGSYHnZEkMn(w@THiQthq2+cWE&O0`CC*W}i!nskBThuUCO z)I7yj^GwYyaq{UJ-l6Hz#8_Y`K?Oqz&rZhGIlQgLDLhm2%w)CqbPeMG7(Gz83<#Ju zQP!>1=RB)jtB%4h|zU%UE-oag%zCtGd z`(bB0LF8<2;7!ze?}p*D^3K1({30J;-Z^-Ms^x?5t6UueMwV&xJpjvnT2Ls0PI;$! zMfOf@i=oM=z<9m!zb4Zd0Go%-GTSpX4XB*n3R^I?Y2BTR>DHV@Q=WE}cW!MY3pk_6 zGJ*(9h`Sqw`~WP`G{v{>^1wzJ6Fl7(bz%91jg4gRp}e!X(e_|Gt`DK3!M4Q=36{?g zFtpt5Ga#lnOzXEjD5q1|Y&9RiQ178GO}s5|{SXb7zDsY%+aq4aH%sQ=% zMgqjl;#4`7`{N@x_Mm8c@Mi!0-*PA(3<{b(+c+9TAFY6rA&o{27X|v~T@tW8s2)NM zD_3AhjZy`=erA5)ya!BEf2Oto;EXMtqai?TL!$L8I;FZV)UZEu-K7zGi9?2kU?Wn+ zh}VPIY9O5iq{Z%;d%@pJ8$Y?)Mt0uzQDc_=cLhV)U zvSdXNxxfrBz$PTKC}=!n!puNjkO=FE{Aj+wfZj04-5t^t#QJ?*Vx#z709Raes9C3& zgieve^-_uG6RERs!shLo_GH0$XmC|h2j}?FuPR6gWOx!Bmrf+wtkoK_zLw8fBSoKQ zMH_&YuZt5uLrR0=)Ct^%V@pL^zFFO>@^a0+>5q#b+5o4merq`1S%?40&K>xl;yi=@ z1D&=-Tf?c&I{Z&_?!f;+&NKL*?zA;*4QDv(8jLoF`!5X97&Hf&T#(Hr)GSOmBoiC< zgwg3njE0b1Tr#B3jQBD`1R^mR*~CpcAfLwP@?LY(;KMs;@KGI^u$-O6U!wLz_las{ z{zC(iOlGym36r~nJdcp^pyV>=QuAk>JIJPI%ZMw~4iiiKN+ zRB>j!j+K#dIi5U6<2%xgkhPc>_+8sug1lqVMC0UCQSOa-Qj`dneM@dMpc=Rh0Hu~L&LD< zbIH$njjb_l1%hnsgSz9d0&Sj{%_ALo0mFLAcQ`!IGWmH!%RkO?ym8O5u%?mQpmCN| zzRfyvYP#ddQQ|1_)3lAVjuuK`h>5p;gbk3*RwmPLgbZz_u7N7q!WdJ()q{?R}zUenEHD0x@ll%A{~gnac5%pC4x)ItMJN?KBKXO3ShiDJmW{wtV8` zX)|x-cx4XsNl2Az5n0_o45^jC_d*)w?N~^wyuB5QQQlq;>6EuWh4jkXp^!m&dm&_0 z-u8xKmABSVobvXEkV$#l78;fY<#l7oth}ucB`9x?(Kt}QhE14vUo<>KH`{T! zsX{d@L(>d?>cgq)s~CN>`+xE^x2Sy~-}_;G6IpyR_)}Y}c9r*Z*YPmK-n4Yi4{N@) zILd?Bn2>zb80X-`PVJ+(!o$IJc0cm!4T-0cG1C1ItXp2-N$TX|VU4Uy!^4W%wqzI) zmCcib$mq^i>|VUriav6=bBjytzIQKB z)pMPhuTEmKf_WJ6|GoGr*L9cNdkZ`r9!)Xm#n9vJ$wx{c5ijm*-UnK(p(d-F0}pYH za{Wy!X=&RZVKqbgv}ce!Rgw8$?7p}Mo$sg%Uswvo?r-+kQU9fSQ`ZuMsjJ>Nz?;)X zv@m%GqfLt%5m*}LKPjphD zod@8F!(+sw#}hNZmtHIOq_h-6^fVh!qX&TD(D=H%2(ut*ES_FgQF|H28&RXW;c{2X zh(1RF5+efvjQp#@(6YwlkY5c(T+}(Ej=!AcL;}qGJ|@34j&=)Qpq)p4#XH zu{#}L>>eXh#Mjwd4BnhRF!V4?f7(-wwk9eNjbsXO48}p1TEskD><;h7m0IhFOy+A*Skj1cMtSP1+sd|B4qrc;@zqR&0-08URSgkm((i2u9UJLSq_W$b*vp zib09`nc-iEnDaEkm@TFrZH=5Quhp_E-@7}!$_aI0BTY(F4%>1z`7%!HbQ=>K$yf!+ z@%dis^26aqcSYgh@G9;m{{)Qik2IDSj;}25T-j*Joz*eHq4Jkwk}@=y*Om(to23E? zGY7_H)TYi^>>ki&YqjpOEbj^G*0!BIYfD<^$_V7QSU0b8z2ip#mV>kDE}-vPVT-q9 zvkNF#^1T=z>+(-Bfl+=5w4dy|J~Z3UiY=ibUFz-H7WI;+f(l*MyJ`W?}kcq z^IQ0_NtHR3rERQo1&_N#ES+G^7`1ERtakKRTGUIu7Kj%&4`I8E#2?{qJ#p<2m*`9G}(?grweYt_Dw zG2_=*G5gzfh6dN3IltzHNb|6dI%u48FOzy_=vlF|VxSOg=d5vpR!C_M`?`D+d?~GI zyX0HSX#$ZFNNXF2(LU8H&-d#*SYixm9HMdP1KT_Wc3p6Y-4NW?m4nsch!e$C*K};_ zDpA8obkMfkcBoi5%4|c*tATH#Rs(FZF0$FE+sfPRo`JiPkJy&WDiT_;Xd8&V)Oh$F z1=HV|f@v11(^nLDa_sU7DGtkzX}Bzt(^Ea&HW`}!2sfBbGQw4u%$XO{*f0RIqc}W9 zJbFB04E|~GsPJ&Z_cL50mvMxl{Te95w2+dO{Z?)LFe9S|EMknx0TkDT0ftH$oGo4>)>) z??7ll^*ZRO^Z|QM=#2=?uWp2_INg(_uJ6jOliWAu&xGDj^`vKi?f%>MtBbUOp;Plb zkGb;Svs7kxXo~ni;Z%H*f?F{4LP!PIKK1L67VeO#=Rz@X2T%PXq=TD3^>j#IWDMl7 z{Mz@p46{4klbF%GFWqfEY($Fesew=|+^ng`LI${*Q{N8774fb>#?&`MW(1^9eJx~y zJ80_R&;Yn;QxApW;igVK5Gsc|aH=m<0XJpp?$89d$y0ZQ%x=#5u3VYUdV^V{??}5Z z0fufvsk<@jo+$D&DhGx4d-qu)~MX-O}{Y}Dq~weTA_uS4kSS>*-;!Bnxfzlo-PES4>a=I%9t#!vOoNn{9xh{84 z-ka~9DR4ut>;CoL1JEF}LW!q8uaOl9%d8+P<^98Xqn6CSWA)v%dtWq4g?ndKKD+Oq zOy4Ot^UUj;Vd__hW?r5*K)|T25xt(1;m0Zq(9T2fWC$4tnF{aKv!Q*NNLfzp>s&p_F zXlsYyn8(;!yi~XMNil>O!j>K9W7Ub_So87Os&K3miMQ}$DJ-^&j}6RpcwWIxT<4Al zLr{=|Ymc2xv~idex}03+kLp6`@*Zg<;?up#rTErlX^&?OK(d0Wp#g|DsCs#^miK51k^{OpQgh+iS}JVG{)D~p&G5NQ zT~lMbJOi3F7wZ~`57OFAc)znjE5*URwSka`#oNsdM*P36!GQl8#9BR^xedBz6q={O z|5bS?^kLr0K@h3sREz_Nh+?;n30X30UGxWwkU#GXI#i)(%ws((U3}nHH$IT{yO&XaKz~SArI)X>@Srp4sqeRJ z)&i^J?28mK791&~aaZu_(qLSETWaMqETyQl>8YA&9M!-XsBE5Ujm` zuKezFH6Z_67*QWj#0L2z0CvV4ND(w^ur(-ggDZ_T1;Nb-W(MM|`ltM7=}tX<6!%0d zTJ=;Lz^SiUgzZ~9l?;jKYhd$m?_d8Hft=WAs0eibvqPn_rn@&i_tqrIEwuhL5stI0r1cd@`%FO{}Ff}ABaG?2bdAYH_gN9f0gnC0a_z5sypCEh`?uEK0;P6<5Y7vW6Do88HQY`Mpg}5LR4VAc&axw0g z`(M=fQM!L=@fH`Z@cMtG5-#$&Cxp5UCslt1srqAO^4^L8wVd?}7LUG_FxOzaj3uh4 zD8x{0*>=ms>n`Q*<%V6?ZQYB8Xt-4{@1zQu+gi`Za22>9Q@-^z(h$@*W%4IT;tLU1 zti=lzo=jW@xz3}-6l}m#7KavXUJ@K#C0`0T91BJj?n%%B$y)=Q2e(FHQM^MYD+w%$ zmhxk6On+v!7K_gk4~3AQFaG09 z@jNC+?f8a-uZm9E=(c&{AV1soH!;OurEtbr;RBhCSizWf^ax;rB7m(SJ38Hgst9vY zr~7mO9~05#ejM1szH9BqP`7<{OZu7FJ7ylAFw(=9sL$Uls!z>)CTfOKbUnnxN+P1c zRh~H(Q&&!`Y7L1CV@Jq}PSCXQ{wJncPt|xd>(_V+3Wf)V;K{*WgKu%$FIO`oO;b>* zaLu}%__+FjsmpHEde<^(v3RJNPKKwC&}`N?MSN>*j^%r`9_Iw6t$y`*BEqX9yIr4xhU0&*<^NKF>%+P>cnHwHrvX^}DIaI4j}J zp-7U3zm@w-K>uO z;+U<7W4a=alwBn#+56=tvD+7*{Vcp=51Ru#A0qzgE126A!Td+y$&lEL{wOodABNWL zmB;YDBV=3(4c#$(#D6EfUKUMx0kz(qH$xAH_MXsz1Y*0M5Y>grfZRBF4PPw zm+iige7$zfYTWw+7UDJ7S)tuY>p9ZGxUiI(V9+qhRu7%%*9ZBbiGJ14GXFJICgh`W zgtp9Xb&X|PX1BU%w~{s{#>RIHuw@IP#iMRL(=ZKprfQ&7R5R>PEz|5g8IJ4VZPXUK!wD5=w7nf_ z!aYTrlBO_!RO6g_F1G0OM7ki@_Ac6JIQ4o?;&p1nxBT0bnF~>XwuZlh+pjdZ7bFFD zAjVBX3vL@!1RC-Bc0toD2((S$ zzCe6od{EOB#}#5jU|J=+Ao%oxTUu}*c@1v4Yor!+cOZe9cB5-rbmwDY-^WKkx>=CE zTsJPZb;hgd%ljn%jkN1Ly-J8-REuf3RWO`4ay!l&RXThcd`F0BKEpOsp2UvCft8vq z)UCaju4z_p+2S%Z7aZ4av4|d5CCH7=Q?re0?wt!~(0x$OKb(&-s<&*ad>L2MJ#${I zx}`x%L>k*pIK$fZflxiJ z#hrT90xn3-A)QAfbfnZ9T{aKXp1|&$ra@IkV#DA5YeAXMDrmdncopkX-VA3pjq<6m zQ*nlnHfRL9&Z=+?Kc;yfU#Jb{`E0t(BYBB)hi_Hw!up5m z%|E5WexpL+_t@q>22s=`6i&D%1uSeIu?gTnlX8R~$yur?p0!jn{PShy=X91wuy>!g zc7!Me6;FLbdXB2_X=R%fE<#6bS0CxWfPo(uL<8HaM6mEkheH5mAoY{P1DZAWcQ?)} zf^I`wln{))zUYo6J~oZlVniIpHOJ!O)3Z_IgvzhR?L+nKVj#NslzwGp^#@dWtJ}rj zg)_?eJlzKKq2ww(5=8^Q7&HSoSJdU#?ZFa6tJ!Gk%7`J|k9wn3h{FwP{HRzI6`|Bg zbiEnqdQY&{#qKtF`Gw*-4^U&!9w%xJG=?&9ZxriLms;LyTa#3&bxdKq>ePcL7Y-|# z)>*7g!*rTj=?oUsRLH4i{L`w|#{}NSS$^xX1aEppZ9Bb;x}wPVK@DbS#mkK`tusxV zj170wItOV}u;Ff6XS#Nv?Ks>FZL00>tpD%OIB!|1DG|;M82rLS^lj+5EFOoTj_Q!! z@pD!GVAC{gdi1=$tatNggz+N#5_1rbzCDpt>2&Gu)zZ>cP}BtG1Fwn8G`IkrZiuRL z?||Nui)y!T{m`VkA8uT^NFHW>fsCMHc?0j=v6`-Pnj}-vI=FBc$J?^7upt`SpqwHa z<~|rrLoq8j_7#gK_rYF%?@KhV$3d$$kuk_4l`Kd4YpM0@ooAxrP-h@%<*d|a$KK?B zt8o8Wk3u2RBsm9+Q#1na=5keDvkiOnEVOxsOCVBn_HAx;m3$wy+~%_AMZ_JvBnpj8 ze0n)Re;^`G5xPLbf!gMPD!aoPv)Y?>C?DHgaSi;BTf-XXN4mHVc$*4?_in73BYD4K zGH^b$S;v2%!uPJ*;A(KdVh~(C4p@8?!+&7L&Qx(TUM$#}dK=tw2ucRrMhME*u-17( zr}_XL=3;+n3wz@hzZ1Gu4y*f1C|wS#do9!w^CHr5H@(Uvr0;noIxN)xJd#chE5|V* z(eX9T3H__*oDiKyipLXu9*IYC4IVn)6N3kH0vz#~k0UKDjC5?@1+YYH8_Q2 zV$-!PKyc>F*u8O)zOT-*CQjTlmd#-9@SXF}jp=bmR5sq`Jd_4}AHA1`;6mX-2q?XF zI6RB)&c&BCZ64MNc^veF>Syq=;VzXB*QMcr%m#V2KuG>GaITU#-XN zDfBeCN&=QOv1~3B+fq(d0A!kg76_k(_6wg=HD(_U&jso#%z?GEyG>lG66{&12|fdJ zm7hc@NInhR_kUY^`}nAe>wo;-eMojUyUERFfj|Om5*|Vl!sY=85Onjjf`EiaBSw=D zf&n4fgrGreH&JS_RvQR1NKm1rZ6JVPQ7EMnT5YMKCDvM6wT0FepW0u-2X%|ue&1*A z-QBx48|)vy`(innIcLtCIWu>j?>Wb45|I-u0}izKyYjm$`Z;~P9B*)S)7Lf|Fo$T{ zI@%NU3{__Rv2pdhoAEfoTXykDTEX{RX?fMUIlACzh_B@_{Nl+;6h@9pV#lKGr&zi3 zu4-0&X|c(+3m6?fah(XbgSF>3WwHy7X48WGJU)uYXW?)8iQ?w|@ZnG}OzFx4L6|=v zbAZcLVZ!faMZ>Byi`@8A#IG7Za`8qeGV&)s(L8BtAgJKEEW31Ru~b%x zIO5fcANhDAUgPkSA2a8b9tbMzUs@E5v)4pF3C(E zNK)K(w(WooMjDRRNak)OZZ|u-$uf-HHhrGm{E`xv&Gvm2GmJfRw8lQZPl;;-)WOst z$tU3_KXUj%R+F}R2D>fwE<3CKkHwI?CxC}ZLK2WNlOG3Xa9$q@6aEuD`_J&24Az0f zY~0GZ$*g>14V*P0C>F4s_V^^`Etn@6Df9j8^1?OqSoPuDSoW`tHMy+qzo05)@fY(l zhY`V+0B_h&q;LVdd;wn0+#fBM#EGnCQrQ%Mvkxv9&5leevvZyX*1nTGjLlH;FtB|T z?nM#>pEG`Srt;?ip$=Wl3!viReQxJWSfO$MVpS}ABBLxfiYrNEw~eg1mF=Au6U#FG znCE0iK3?u-w`D4M-p2MVj7?&vC#;qx5Pd~ZC)2skDpg^^pSH5Qe?29G^G+1m6F*p( z!7kLL7{om+ryPvZ&rOjfdYRQwxIPfR^kfe7SDjS`30J2Wbo=!zcK^Z*UYbO9EDD~% zF3rvil%|iu(oITu91|CTSL>guU99@)5eCuCw*4tj)&%Tg{3#E$K3OSH1v^W$4^CPw z^QvG?nNu>E^snU-7uu?0*{@E?h^E3A;E+z#tr*5S)(&@Y>=qq+>Hp@BVqa#gmdQ=< z2KVZe0`|@9GAEmvxmvENrK~7ZsfjOH4gTcpVCxo!Fm4CCBP9-AFc|s?(3P{ZnXBjV z*km?9j@um1l>~}gv=ky|eO??0H&OWLl(Im0(XF$RSY?({Bm--r@UHWUsts%#g**C} z!`)G5b}W1G{1iK@w2X-z;pLTxqAHJ?PUuFY)Ab&?7c{1ak-%h@+$dk^REb~#FE~u>FjVUhvK7^QlgEN88J9vL%yWUU| zIa$%UoTQysm9~y5{}SknK(nkb6D3yg+bJ%ty;4^5403P%Eii`&bG%`=tfwrtXlHiP zFnX0k&tp6{c$EB#*aet4*kxjpenH87KRj0=T!C;7sUXykZs#fp^`qN4zfeC4JUcrB z{xG)&cBmw8f5>N>AUNd!{+D~pCxhWsj^7yyPvZ=#f)P_WLA5GO z8RP`R-{AOMs?d?_I}2yo#b|cyy`^vwns%3gx#rrf?A_ULme+fG9=zj`i@c7Bj@X0* zVGD)>8WH9gNGgZW#qL@j3m*xqr%B?knOFhOZM|toxNh+pY3KeskZzwHZU;*xi5>k6 zhM!LFfor|fSF$8_X`kHyL(8&}5GwHdx}bP`p!f=5!c)bOkGf>^YZN}j!y|=R!G2C2 zSjrVVRXq8qt7n&WnImQpSGzD;*rlKod3cQQyb^Zvuv7Sh5-vm@SlJ1mvwiO+B(SYN zz1iwZMQJH(6Q>;~xWmHZg_^MN1R-G5Nv5AD{5TAsF1!*Jo+SJuESw=k8P)k^rV36a z0yb_S+~lD9I|mmwTUf#3KS>$OF1`+*h5bK)kHJr-tTx>t7u_X%uB5i|)Hy;TS{)UK z8lN4Orl*F5^Mu>N!ui5IN|@}I+l8sZR`&CyYf#Z2-ezFc@%Ch$A)5W@t_fpU@6(eE z%spcQT2H*4Ooe@;a^hI=UG~!l?PKH9NgK*Tuf=U_Ho1Ij+cW_UNzQOr?hMvVE))s-*s@-@)are9 zlKgHbgU&9L2%jP?v6o+nQo(`sABEF7zD&ra^`P=_-U?o(zeVsW;Zo4pVOHpSEM;8s z2%j9hRd_{{{9T1yeqH7Z|53t~Joy4#LknakE5wB`i6i3|3JWy&l?vX$o5*6}VHq#C z0Q&oTEWXv5upq#dqE5&(Jc|DOqbB^3CajNFRK(T2R2a=RU0(o)ta~RJxSz$XJn!W& zQ}pk=Qna(GiIT5NNh3QetPoBh9C(QR>zeRog`Nbr3o8UY6h!5w(Z(*^DU4IX6+B!i z6p{j!hxjd3@RZ0d++8fJ)etI;~PL8h^9#_J0Gg>43AS}FAI3b69O1r#Q=nErQ zCtL{&uNS^j!g9~rAdH03E)tN6X%`xWd?h@GhrPmFgaZ#1s9M3V!{2tHS@1P~%h{5+GN>%WZh8us{jt17{Z=74Fs0KcL`E9RHZ`m=Y$%*oE&32Zo~* zl%YH^ctUtpA?W4=9l|9I!!H$lHOFrk;$Q=f((mQr9l}I}0}ly2O~K3jb_$C%__ZUT ze`0VBKRdh)JfReM>$ySrfEuwxP!alBd zV@uUKI6st0$U=5qEjQupgW=Q-^;PQ|SHamEPeMrY!^T~HMM5e@mE|O`fi5Sjg(Jd- zx^-18tqqH7?&sdU1|ftJ5@+t}d3BrSt}1I?v!P`}g@F9ZYHQ2kqpy79N?_*KHDr5h znp?76g2HotBgz0DQbNg++n1Ki$(1(hT1wf`-24R z=!535Z2g|8Cf^cXuA=g}RXqQN+_9pZy-Lo269JXKBDnwo1otkmWI@&3+>(+;l(n`+ zK&XU!00?DqOI^!yc+-R@N}-{3Nv+qF=c_8(*iv8D(6Xi$uJ1}@J*hI5GlUuySCWnE z*3@pQTDfucYWQsoF)rbLEtkktVcyfo9Ik9!oazoCRVv8hgBvy_*)q6-oLj0wm$j0P z@2OMpr8O-z5WB1d^$=NVu1c=x)s4;Tl_pbKSHca7%lZmpt2We?T!j-}#ZY4;UzpNJaIgIPwh1L((tZxh6ir-P6Qdue~2pw?pFl720Nx^MM zhf=DH`iEIm=M+BPW>qBcsz3;mXQS?@;QO1#iKw>1r`>RMGTQ6*DAY)!#JG6o1DG&Q*p0ZZ5_ z{&H$xV{=^<_t+3pScq@Xm#19QN@r9{t*mOz>Z*pix>a?nR85dtWmySth4ayYt1xm0 z#W7Xz^t-+;XGZRQIl>ZI|GfL8IY!gCI}Q>PJ!hy=tSuV82f zgrAz5)12cQg2Bq>8Vrn$jqA#Drn!ccLq#PixwbU(v!_;~7p7NH2*8lx08AF87Nn)-$` zs@h)ZMW1qG?jQ*1A8GHs5jo+5vQT$)BVxjbh|xCOeDdBewQL4X`-ZZudS6TRP>x z&03w7@yG~leSvA_n)MNq&E=7UlBql`1;o+J{8SVHhfbmXAF3@=ygaG;e^nC2>9=b9 zLXuM16Szt#suXG$;8=XuR3TT|H3(&jN%NATC2Q_!2#@m>$&plx!9fwNdQ}ZMdvD6upt>yN-kljNvVn$?xu9?aL)4Q5{3?1Qhfptto6@(d93!Mc`aEXx8f z7uRWsrQA~tA$DXp>@sJS6ZU{CKH8{*?m`~ORitv+t7>Z0%XyW*t^kt&52f&`_CcJ( zN)f`zo~(QgEp@Fe+T01Jc-9IPdqGi&(i*C6QRPgu_tmUhL-ldPM9VdacnebPzkxq* zAmJhos(+9Ts(g}RP|br-TkUe03N@)J8aeT$43yGp&d2C1}rQGY5Mrwt0kl-@0 zMs{Col|nyAewkid1ciEtN*&~rD^voFA11kJGH5Sb@B!ntrNnJ~k z*NXw%BcnE`_NzD4*HqQ4yQfjb1QR7}1k>WkR|Q0f&zyOso``gVTQ-qam9@6iVc$mm zeuj95`H&2$R;fYx{Zj8g$Q2&wab+jH@cz96+yA<8vRh&u4(i+#2Bbqyf^!r&UmcG_ z3my;1;{nSF54co;bkt+JpH|{85WE@Q$8nfJUdIm-1pPk%eU>8lwALX4ZpUvWSOP%^;tJL` z36{a*J3(al7D3QSI8`Q?MGy?v5d?lWL60cBL=fpN0P3Oz;Vpu==yH+ZEu!!)K^!%{ zug4LO4t~t9B7zuL41kbq3_+A2T?ywB1Vd;~-~tnbckgt9aBE(nK-`DmZq4aNoJVCOOU@^fOQFhY3Qsnm@Ew!TXBE_## z7=dv%h2iyk6+w9YZXgJ+->n22MDA0DoO^$l!d_9>Nf6Gw_tFuc1zx-l5`=T^;{;ov zLV_Dbe)dF8x!6$L1Rs|vDkr`$&gg26R{?eO+ZZQ&t!`&MA30#_+;odR1F z_@Dx}DDXvs595gQRr&*rhf^Ea0@V)QG03IR;{J#hSUw}(A6#t+C zdlhIvW1#ps3fw^u>0Ty?bapgM%ND5O5d8rJopcgnK0zexP~e*ibm0C9#aAeBj{HI8Ts40D`;F9}s*B4%`XuM&l&dB?^}a zLYnspJ}n9#5PU`yJ|Xxl8ZALciME9If1fD$DdPL0@Fl??(0}*`@eKrjC<-QmKf-%V z@W*)V2%=bY??ZP0{Q^OBYsmzAM8QcA#T`fRF!~9CM^GSWiZpbNAT)EH-hWaFsgyMF z7C~s>B0-d#UN(f&szK;r%C7Sbif4qX@o=_mv=erfPz(;k{PEI|!l$ zLMD#?6+r|(Qo`2>PE*>(etCGdKrPQuhR_J_vVW`eq)6wa_!!jxD*6K%ZXt-0@V>bZ zuM34C>3M>0%5_V0u}X%>i_>#~AtuObwHT0ilj#%u8*!wHJY z`S1%w1%<(VB|$K3Apw4`2!@jII(=JitfT?l;Sww<@`X&xpF;D2W{Q7T>HC5I5ryAF z&q?sla=+o@s-_5J$O!;@l`to~1VWM+@lJ||fNll9RDoP`e^o|9l^_m<9(@%Tq?q8} zp(#KbmJ#n0EdQU(P&Ww^5F!{5xuZM^^F{|ko)9JBRrP<$@QV_lXBI4;(jE)bpIt-<5gb9`^aE=1!D=-z1G+0g$z1e+t(;u-qxzW{zRGh64JU|fL9dDGt z2N-bGgTZzMf0Q8b79|}Y{}Xg<+nd9)*;iNGF~Ng=x`LuO0p`nX?JX3QS6_~&T_EK? zit0K_B&rA(Q$iVGp+%gOZ32EjMa3hy?on=)1a7K)4T;KG_TbwqN-2>mU19M>y2GM~ z7tCF`{7@yYeN@~-tA_vyzi<*sJncmaC6CZTH^3q6+C(Hyg9zyY#f=E%OB0a`#fpAE zRrVLZfmbUn^cwkP8+r2~5?>Wf-~c;t6XI*gsj8Jb6KZjMbT3N9l@^oyCW4wM0!`pL z!q<=~mlB4iqT3F9&;Fj(-l}_=8#j6buR^d1sHCGpe4TVe^FK&OWRT8>3qlcVP?alR zkZX&eTGWQE`y*9@iWZkC!Z^`xmkJ$V6){T^Nxr-gAmcj?Vf>WZ)ZB3xn#9L%It-2H z_Z=dYNxd1Ny7>@^G$c3GH9{(db6@kJ_8+)l(ook-n`hy)nuFI+R#caCA{#vR386yW zL`VuE4{-JkU37&^IjI?%E_m)TGznFwa{8hXO}_0Bk`3j?X*rjUwjr}4$seeFxsf#2 zts6RH)zOP4W2MW9blRe27u=c;?f=RRFGAKT+Q2bOq>O`PQ|Pd_mS2Yp_@WOLIY=d6 zzNCFYCO%L!Ox0*2kksK^?S^^E+`f(`{B$FXVc?3EDs!1S{N1Ka=)tEA5nt`WWJ78g z<8^gCPFqNh zHNr%!3fiWJ8I^|6AxPiE9dBqF| ztFN?5Hh%yM3NyR>mJJ`$K3XENwgn?h%=O+qCiZ1nfr<6U+YBN;{%?ZIb#GLifn}Lu ztTyKc`D2NFNNi>MdM!y}EIYQPVg$SJN`ho70NP18;}^?{{vLzxj<-!Suxkqw9n6`A zZw9lbgG&X-XkATY5S^~YeBgclz}piVV8|%Nk#`&&iDYHoY)`DS|r&zR3uJz_#JbSaVba& zS)bLCz%IRGmTbFJ`K7Y6w@*$oc3|hrBy*{F_;!g&`|dV~CKms3k%K)o`OY}zyf=#? zcs{-FnGNwGgpI{&3d_=G>lQVAac=R%p4Ya>R)EZ-GW#oG6wfI!CaMg3*#_<$v$oxY$g3 zr^ha1ca-B({6rhIwW9o7M>2Sz&iO_PQC)%1MD+595pD zb@n+XqahiMlBK*eI)SBU+$K$~23Q{x$@C0oiGP72lSNR&Fs;u1xdznDQG#Yy<&0#JAJi4vekp6LLn()zuDwY zGM*ntrQ?k*Yjcyy7HDuEAYN`n!}1Y_as=CAKTzpB$!r%;YMu5XgTUKUh9rS9S7=xy zjwkNzJ*ylJ4aNyfDQ7;~r(u3h#e5EX@3n*^ENSm<_RlY1 z+MySH(Htfo8}CTg5O;vsr4U!MyPix*GMW(HB{%zyCsQO_ud4hjS>Jc6lZ<;ovXm_v z9phljURw}ny9APe)T`LPpI??_yatj7@ZBB9@V4x|T)D)v0>9Tk( zvyW?XsZg;%*BfN<2MvoIV3Eo-G5dEK7S$>iv@IWy!mnZRB3M}2*G0=@5c6^lz67B7RvUYW(a8WsZDvJ*-7;kQG@LT3xFpH-Ne zVG8rtF^*&n2d9d|PIfGDf&&Enu@(fnl-c9JPF<;PRia(0Y?o-VeG4q)MaS%g8Wz=H z5opJ|RV<#J0V%m}96l2GS5FiWOnTVBe>( z!w|!tQ8U<|(Lvh}A|8yqO0=+J2D@oO>;&7(Na{`zgzp0}mF2{svozc(2tQ+srjJWA zdLi^Fw&?tbgppIG&zN4|3_Us1@v+B@X*n)7P>_^hoR;r&=Ch_p&6&P+R7^oI;)TSM zj?-itOvYO4qn`^68E_4(H7{Q5n`*M8SoeDz{p zwWWSkslL=wZG=O;hl`~?!TG_JcDPGVAN_HwA^(Fb4`u$P?*+f!RX^I8f9I*L=l^m= z@{36@`#tuG?@A9mxWa1V!c}R9uYPiuW1xwOm^wr@T-s}r`ppUmcF z7|G_L?SgS$BFwvgau=CmB>n!#@UX7!)ibEV!onRr+05p9E*oyEuXl^=me1yH$dC<^ zrvI()6kKT-I9iqeb;-QshGzD7n#&G-pciUApZ3LXwO!S_x3?bhqjjfz*RON>mT`Y` zwyU~gF>S{IG4JVOcYoJI#(_lL^#iu6i=Cty;{a}FjYlYTRyB;0-ftRcg@HC$w_JA7 z->OpYqkVHe+oE@-yhj%ExxGw#Lf5=eTf15h`;(oI`^UJRng{Q68%G}wR-G@b?pCEO z?3ZE|rp6v{bQXQ~qa|^0N+29P?EfHFm*#lx)Zy4p+trWK;@}3A#3Cn=< zJw*p&%bwes*2ZH4bcN5|>1hv($$KuYYwiKxisZQMzSL3P*e)?Iwll7a!gDp@TRjhx ztER5FT|`4HW4qi}^|`Q-DP?!hD>c{0qUI@HZf3q~QP0^1=9nk+#O|Kt$)-YdsIi|P z$?m2w()%QRTCryqqzA)1Gq3*ullPBo?h)981F(7OoW&CaFn>5Ahu?$u*{al=>y00q z^qUVD{U+!1)Qic_dRKU7dg6GNrjMib*AGh1B^=P_3EN$;vn?{Y2-HA**L=s0r1V&h z#Pf#stu%4xOr;6>uI)b((?juM=P)?(d?YP|VMpS3&*F{HcWv8|!OhTj?U5tn>o-5Q zx#N2GfyPkDr@^79F4cYYtN82Punn4PNfUjtyF>nVPVD>eUSpbZpip;;>qECht&haM z>j#Z!c&AjFi0!+6z}hqGpukMrNr&EJyd?K$g3yN7?G%jFQ})++8e`W_kdN=$j3cXH zReWx@F#f-v!wCxoR&s)J&Sa9OI`xb0x6yvB&tB)2%bjU6J+lsEcfyEj?eF{-U5-p0 zIf36`7=OLQ3mSvXar9SM}x2^DQP2KH{ zO3SII_JiX2RE_3e@cni&W^+%*=<5eg@s=M_o$uOT4h!SkCd#FM4Z^`=4%>V%YT!6I z*;)3s|G4T!^j$l5c=Qo5ZF-v_HOB*G`**cLc=R;0JeGmu7D_?9C-nHPA0TgKcY1QS zsxv!qnAorIz*z=J(E!7k?>;Q1MRCT&FvLvewYevp*TbCG=7Z*eLN4kb)m^d=u4^}d zUG$LbPHEUxa(1V{u2o^D?t*;R<{vh6jYJ3YvM$qO%GJO2lj35($y$tlW;A+0DYY$a z^Wp3Ro3{(8*Sin<8&0~Qm{ll4stCVdCf*!R_59p_(s}&=lnc{8YQ2m(eCn`a;JEIk zBU!}!{P7_3@nD_@|0wPLx15&0SHPQ^7*qLo>ho2P$lRxAj$(_Kj9+fsiy?mJ(j~x( zdf~*`FD!8)^JZ5$*}Am}61y<$ZfyJhsL+u6elUHMFam#HQ-w$2?^0Tb@JGg%8`v}V znMWB3m&x`WHDd#}Btc3UjWA6^*5PNz@?f$OK96k!JNA9%vcCD&1Xh`_*viUB%!Vnq zpH7unHT~6=4oidHl@9d;#M55R+ZowJfDAe zFgRi07D3Cp`<4WR5tP8Pg0MuI6C-{`qn1X&D~A~h#>WNKB<065>ZB2lb_cOn(Wt)% z{2Dg$7a%CmEy2>MQ_y*k`kv4bIPLu)HJR!hC+w(9rt!%&r6N*HfCQ>Sg$X1dq#l)& zL7X;DvG_w*fJ*7esHO#WfJ$+EMOJmVF(7=2qg(}9B3tsAhub5v5m$=?TTuAhGE5#= zEW-ui4GQCpq!(0&{b+uZ)sFoGyk!ng13pSL;5X1&?HbE!8Fd>L^YY9TIM+l~1b*8|# z38tb4A()1@9zBP}Hx7$=`U6|0g#=MT>QbmgWKEPl;Fzz3ml7WPoht}V#QKCFO89^R z+X!OKxLpaKBnW|irNDlIC{U~s5CuvFtf3MWQUp}9mf$2XB$xr!De*5V@xM~y|DnY5 zOa7pz4Q8UJU2Nj>O@fH;Ajr<%y~f3k?#(pjYP*xbDc{g$mDs+uO$kXu$sk*asW3tgH>Egu3%l?52`ssjT?oSR@nHS@;{)pziPBD>U-BVo!t(3CS#d;oTmOD38RVYNxOx2+sj zPI5n>$1mVRfKm;Em!#fF4oY=lFHcEc1t_I2_QEmvgRtTMy*^@T0m6(Qc`PvD7lWS_ zze|&B$a?Q2>jf|ZT`b~=HT^B&?>PKyN}TCTkuwqTGKJ}k+xhtwqBWg~cV4|h@d+Rrdj0O=s0-kHKOBI8 ztB;n5*0g-jbWg$;=30HHzU$fI_&(jPOpkH*9dJE~MZ{h{6~Vkc+Veh~OrXa}$@Ju3 zn%OF5nEPgJdfYF$Hsk+zmo5z+g?kK_^cfb!3!Oi!Hy&{F$*qw7N}qN5g)4@PzP_Jr zz4O#zq`7is2Noi|rw7Ei^gc0Tc;DK}?>BuXnH(#a21JuJ|DocW&WJhpCdPZtl~rBe z+Hbrts`bAa@AutXnd(hzDoPeoUwdBvaful9al1ILOoYp#C*KtFM87rbo##Kha(X}? zXXw*sd<4ELo8Cm&5chtcA>*$IugLg*({K930bPu5ZKAGoJN#1(^T#;J0h8`yYwB^o zp?CZ9JIc16`F`8?x9UEQvF<7R^_%(}_+sai?0s8xU3Zio;8i1xJN#+VH`+Y0a8xB% zPC|FwbGFW>{U_mNd5*=ds-)Yy3#*qa;kbm8SjM@1pXqhvTtVuL@7Y!iPfvS8wUfks zLc+(bWrioqlkFMxg?YtT&+@X#eLwE9V$Z;BS$##O;phv~|I)(_TyG z;VyBfx${t$sk5gmy7ORHROf*%V`n#<`2MI%57Bny(%hS>)ko{GXwR>edd)+<=JI;Y zLyZ==HsJpmyk29Kdd)+<{-j=ZVHtNoNbl~mPJ03M`a<7Nc)b?L^~$St60g?gh}F75 zu2!F_UN`W1Elw6ven<7HGk*M#ZeE#gz^XfQt@SxEPv^HLzw`X3!J7TBuNgJl$7}X) zsM*U1Q_Y^^HQStM;}tvnh7~((PuZ_{&E_aIYeUU;pV-!w86&bb@68Sy_Su!kfW6nV zFG-`B<;S-;S;NJ9a#`;fOg5{>CQB(a??rzq{1rc%=VEV>hcP@LY=nK>ZHr3V#?%3>%D zY#%PDT7vIk1JhG^;!M#2TZ}TXiV-&q!r5u~l(oVV2aE$Wu3ul%a3?IRwa6Qy^hFFt zZaz(LDexhJG+!ZzdB=C5EgFR|LRWc0 zLWV0&OQ9+uspou4|KbliuVEOBCKG^Tgk#yIh z+1+PW4`-iD!(!%AOp`&}#p0duIA$*O#2LTDfSu0z9+{oMtd}LpcoD<%+l0rhg^_nj z#&H<3(^<;5f&avoZ8DPr={dsszOasnC;eb*=H+qtFP$yg9G7Xt=V7?8Q}bdB?78Pm zFo++sriD3aM*2?ijld|MJM<{eH+yqgk$X|*&TES$A8qi)w3d7%)y8<|5iFVKeT-n* zW8T+V6HCr{xtpJb!nmi8M!^~C2=u0zsqx(s?=Ouz4*L_`xDwJ|(oRnOg#Me`g(*UR zVf#en=S|` z74^m*i)Xn%6&;lj7j@xXbotd~28=g)c#IWupDgb0d+m7)c4pf^k*Moj*l*Im>UrGn z<|DNZy{NuxcUjUqPy5~F(gCqcoND@54-bRXr_QR^?G{opOQr5v)k0T7>6FxWo`=^} zu`9Dw+;=yHFiYgDUlW^{&d^=EB=`9RlinEl$BGiUC5WYnYfelhNM z&(jvB6>|w}{FFZ#J?D(OU#PxAhTc&ewt3%+Li{yBc#6X|VTBB((NRzPN4q%A=lmlP zUu$#k=1?fV6Mmr(F1HPoi6r&rOaFglnH0*>`JS9(`BQ*CcYj;;3OQ?Obo9%}T5zAe zlJr1Azb=lK?^>HIV!u$nBKkPtUB|AFaHv_Xbm;0*^x@b6llAlmaYEcH^8fE*%>J|A zBxF|G2IlHbhxH$ud2y0^FhE-8m8Q+g@R;)SZ0dj9aX!?R%RDg7JT8xFQb@yBUltFl zU|5(Sg7l6oxwH=PBtinJ!a=SeCBeB0Zox*At3-UjSy%5aT#rKP%{X(&?b!ER#SL{uxpR(1H=&p2sG{RZ26x;em&8;&_ zn!Ty@y4=+2j7=TUj^D3nExOiLRQyqV>I$#3{sq6TcTDBjM9)Xb6UHokptblTtL}jy z{o-ij@68sZ=y!_oC3hg6Tt102M|u4}7v_9$Cr4f5DRW;4c zHJfNpMn%+2<`V<^1L0==l-(F*zXfU51~|)!f?qd<83*Jh&uNVDKv;tN2}0&y5X4gR zuS)!VC@RGdM`;Q2#WWy|${14)#>gwaTUEjiQKHb`prVaXFm~*uD`8AXL6M5V-gvk? zg_Zx_oX$rQ*3pN7qocxuu_8alAfA+Oj_qBNE$J$w*f$q?hqHClv6&|Q_a*~7K0n*R zq|5N6P~E!Jz%R9$%pVtOleU383L@Q_n8U7w!sygNM(?t9n! z!Y`UfS$+8E<` z6`8{Qut&}`qesp(84i4H0}c~qt$#VaKI_n$di~4Dq)<##GVP>Hqu{Pm-gl0|zB6TA z;K5?AEqFFy@R<5c*dLGLsxr(I(i6`l!{PR=8h6EK=l%U?JJvteLpWZu;>2`g;B++A zQ(LD0g~Rh%-{yKDQ|N!TedaoRe%s&Ge!Y<(YtN`B*xCNky#&A4eh~3Kq5rY=k@d+u zTUiJ0{%^KpeQPqMCU+O{+BA4%{BhK&yT7sBambxIt2MRykAACD%&?rnC#z|{!QTt7 z?JIuVzY{sq4FwED4`x(lh9 z?*3ca-}8?aO>otn60iS-1#rCho_`YlUUe{`G{OH+R)W91Q2((mt?PL@33c~pw@3Au z4q~)6NfSGfMQIOOM4OR4jK8RpX}ne?zcY_dc;n+b7VqiiM%8;^7qu-9!`S{nVVel9{Nw~&LnkN1b$c7m z-b@x~EsF0J;A|{V+HbWvg3*E42l^(?E5=N0hj(13)amFkGW~0>f0(%Xb^nt>blU6w zr=(Jx@{L;k;k|=lCE*;-#T751u>5}X2+;1p;C4r&s6q$9S0Cw2PQBnbMn zFb6N(J}HN1PK__VFE7n{Fze;1nJoz((^NV{Dns%zBp-$3PEVaY@0kDZfLl`G#CK*+ z9>q^^#;`Yr-R)*?Y+Y?<+17L#~4dwfdv2zKtO6{E=1=@N5dZEB;Dz7Rh;xq(}(1vt66^ordOPm2dT zE~5M%kZ88D_W#Ts!Ftcenar)o%Z`uV$FgI$!y#1vOR)xKJ!G>oDa~eJZO>%m;O8>F zTky6o#Te93DDA9(o2iqx$_p-dZ?uO_18ZPApS}?a?BfqQ!XRY$ z@d!U1k<%!)()b2{AUDlsKKAmJ2}ginPUD6aeAH314u?GJYB#RKe1)Q9>v8uq*Q^h2 z{)Z@KJAWlL&5B7qPPV?zx4sre1OtqR@*5B+r~0d&LFLqZ5v10SIvp=+@Tdx((Eo2o zRcdymI-b2UAJgKLPo%Wb%6CzLym`i0r02{$heS%*ZE*t^HDhXvj+m zVo%^!C0wb58wld;f`^@G?-WiE;Nb)?Rd%*PXA`hx!uhNu2tHfLRt#CcI;bGHSq&gy z&Vk3%^(xBPP7v|=1VMir!O<}DK`XVL zh6-raV=_jLaNHEZEa}8E7?w+v{MOP(vK5$*R-bDj!{i5=Csi z>J)N<2jW%iLj$E9Opn1gOXJt+0_RtB58&h0-ID)L=%}9lR z{0=yPP|n2Rwh{3##u2us@+xbZ6*JNNB@$9gz^&)$(pcjj?4{rmIvt+uM>VIinn&X3 z@MPN1cj&}vCv5ZT-+BU6Go}qWp(d(7)jvHYI(Yr=#l!?Y%g)Wo$z|30C6i8kYF?9L z3KGQMnUa81MfNqXj0#2$AQd80Ca?L{2yNuq(lz__i3K@1k)=@hZJV=ZeQGeN9Qo~$ z_pZTjEq?dnw+_Gc_%)mud2i#%Ca}zl%#yAULYlAMZ9L}$)zl%VWSIxPYJ52jRMTeTiGhC$C>1|yoSKu*e!C@i#)n4~@t}8#Eb+E;g zPJEc#^v`fPkj=o%reQ_eyi*=*`c~-0Q8aaSXH&8zu^`VCxiJJYL@Ra4Ra3C9>7^(w z@A&Sf9KAO3uAZh8vo`Xn<4xZRmzQtD7BF%5O_^-Z%0lTx>*=O9oZ56X?=`&=s!~Pz zqEDM14Ydf0O^mFPeT78|1SsB~`{wXN#6sWu7otn!ht9hz%Ar7nbOmb8f+; z6Msx^7DM7wax-rLd3mVflwIbDC&uMA|06HRf+*w;%tb7CGhW^NcBrsH32@{7^|;Iv TEe*{NNny!Rb@9IDznT6YlVssC diff --git a/variants/NICLA_VISION/mbed_config.h b/variants/NICLA_VISION/mbed_config.h index d4ec859a3..afe4586a9 100644 --- a/variants/NICLA_VISION/mbed_config.h +++ b/variants/NICLA_VISION/mbed_config.h @@ -431,7 +431,6 @@ #define WSF_TRACE_ENABLED 0 // set by library:cordio // Macros #define MBEDTLS_CIPHER_MODE_CTR // defined by library:SecureStore -#define MBEDTLS_USER_CONFIG_FILE "conf/custom_mbedtls_config.h" // defined by application #define NSAPI_PPP_AVAILABLE (MBED_CONF_PPP_ENABLED || MBED_CONF_LWIP_PPP_ENABLED) // defined by library:ppp #define NSDYNMEM_TRACKER_ENABLED MBED_CONF_NANOSTACK_LIBSERVICE_NSDYNMEM_TRACKER_ENABLED // defined by library:nanostack-libservice #define UNITY_INCLUDE_CONFIG_H // defined by library:utest diff --git a/variants/OPTA/defines.txt b/variants/OPTA/defines.txt index e2efa0d9a..44aa91907 100644 --- a/variants/OPTA/defines.txt +++ b/variants/OPTA/defines.txt @@ -44,7 +44,7 @@ -DFEATURE_BLE=1 -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751296112.1474662 +-DMBED_BUILD_TIMESTAMP=1779181573.8570766 -D__MBED_CMSIS_RTOS_CM -DMBED_TICKLESS -DMBEDTLS_FS_IO diff --git a/variants/OPTA/libs/libmbed.a b/variants/OPTA/libs/libmbed.a index bf46290988c559a9eb0e6184f5c876a3196574d7..6e8f95fcb6c1bd874cc7dcd7340a3560b622cb76 100644 GIT binary patch delta 48742 zcmc(Id0W-R9 zt20{CN>QFsQ%a}l(4sPJr)pF&Xq#V~(veyQzjN<=HECd<~amv`}LT>g$Y85QfcajFzBl`C#L@pl8hx7hSGTyZ)t z{_{U1{%(Xnv7RfwmsI1y@x}0uDy`eh72iLC`oDk7+rXQ@ucgygfWMp4|MyF-_!m-% zzZZuQ|Fa)s4s#`HG@yYixp&0h&a7Y|SMorKf6xN&kjFpJ(%vB)Wbb|bGg!cMZ6lLbt|~i`%FA4;KLWVQjtF1c)yANnSe6C z0PevN{|ki;famT7@%MtsojfKj=E_8>+^k7_TR>&=9_Q{EJvWsrYbE~HFaLwTdC=yQ zCAZTFFRtu9(nMVV$B4i6%iaFnE1R3x7K&=*CW>Sa`x)`rkN54j5*s)1cH-~+ftxt} z#;>P^N!-LX5#LteeZujgmK(SH&xn_VA5G&X{#yEK1~>8U3F`m)xd%p*3`@A%iNEuQ zJHDsnag**f6?En%QR3+z|D#WyX`-gUvZ>sp`$PQC8ShQxCcU@j0TImqQDIm2aFcGK z$?bx;`$D|PxKGCYr|c!%WQ6#i{aCVroBW_?X(G=}UYdCC=(QGZ@?8;sw+|rr^EPfW zrSFz;lkbLj1U$vWFa>NAs+kj0sh9LT0J-gVE+H$gdwu{TkGVd8{Cu!O#Ckv zcr1~d^6Lre|JO756+HMvt~~yWUrvM9bLGE=_`7|0@lLK>i)zks<#*DWWn4Kz{Lg;e z00Jm&0!Ea!0fU_{aOH19i7CAsz?D;KaO27;9ZuuQ+eSQB{sowy(z#Tw{C?0?8&@t< zh1+Lbg~yjN@$g5d#@ngu4X%Px?P{NuEOx`FC+eLADmLnRZyC?n5+0D z^u$!ILMER6@jv?HnI>&kVABg+g%WMw$W>7K3sj3H@pphe`kt$}lRg78-!J0t7h{=k zrN?3pr7mS$B@i$E!zg40S9vSd!}t43{M`$HmCwpM>HL1K@)r?*`-4;6HgIjG9%0_)aOafveJ@aeA(*U=LSS*2q{to{C4vlXAo^z3_z85rOHCIjPu`jr4O8jr*x$0YKMH*L)(evlH>R&>nGgqxb zJo=x9zvrqceFB~8rp-KJ#@7A&o88L=eXHF zr{@;_C-k?+&OdYPybj0>s2xyyAa@`Spbq5N`HnxX?J4a;x7sZsAx4A2aLd0oi;!8K zJBa8Pdw$<8REAk^0l2_63p@(X3#;lpqe5G{1jdfse8sa$9kIO5 zbAhT9!S`5B0?FR*x!6lpRP#rkpGHswW&(2ZN6)jq6oIOHvYpqn?i%*7Ic59o^z;ho zsR4F4Y(i;Lpq>Qw^?Ei;Rrc<5uM=I=5CR~^lTL+RPpQI4U6og*ry3)YFyHH&G!4zI zR=cq3-3&dMxZi6>R}HYqW)n_b_JTI^xmTV>HO&s5q$Bo!dmYuO>R4QrQ>i1rJMZ<8 zDo&`~)IWi2_{OV`dd(ic?A6;-s}vTKurJ*!S~%yC=|{5Nyo=P$_@TG=sxFkL9q&yR zr&-uq1w8xw$;XfE4Dr?nsuug2*?VbERYYx;_lZFv>V4R56~4Ocr6&!~c_;N&DIoG|{4$-i&$t0|-^VAdDpiUb) zYG92v;ms=hYF@#&^1;ZpQiLowlmC+?vYR$vX0Sb*GPY8s;_` zWD7R@rc+A?EwIHZHFn~$pwlv@0cLJex1`hP9vbXyW{1mproY_jM0ZuQCBNNiz+lP_ z69_HGVlfLGJ1~IB0QQ`p4K96-k3Z|H7?{*7 z@EOrbgPqxCayk8oWj;ZjX%E2IiL#x-yXnvami)nIq_=9Zn_uxc5TGI2YPJaeDYNyY z9q~EDMngauIPcK$Q#s;G8Z;hm3Z z+1X^Z2&2nK>&a|G=M(C^YFc9FXW58^2^1Zu-6R|p;-X1vR_DAyT7`w?8tPx-Bo|kA z_UNWj$H4f>>4Rg)pv|2pYxM)W$>8cV7aKYUX@PAPIlRa|(>eYj)z-7_znw3Isv_$8 z_`cz#Q4*uWHGXc0_PxryF=kIf48HFtYZ%e)pgwe#@A^Kf%JDV6^H}_Z2^5Z8oivE# zz2JM5joKKDOxxglK@}ln^{z-D8#ntVsmdca-|`*7ybvZz?A*{orSNafUf(a(TWHMz z-+}I`CTKeByUAY_QU8^1rB;)%o1MaiGXdc1uKOPCrOGa=hu;tulwl<#^>Ka+0yQex z1o5&IYRnzzcSFMlnSO;~TI|e57dzVwzpLuLI`dIKcR$qXB5MoHHF*>Ki-J|PJ2KDz5^Dt*J92WF|GeH>`dj4)Zo_N-9v&2o zv4d9NFxg}uzQsQ=L<4MxX|v=b<{t5H>7xO*80FAn=lA|zs-+TwJ6IBk*G+#LOCn&6 zjO2F>m=jA4h?R#l4GfsW+yIK0pBpg1kB%G|0&D`A7Aewqn-Y-3Mk)+T^7(-8;x+6b z#u^Z@Imw1C0Ta4th;}*zzqpD-vT%A%7oD(Y>+n9pSNnSgkQe?I@VJ|5(GxxhaA$D} zs%+LL0oG2cJZirRFt$@gG@S{k3eqUB=m`ey%5##PR|E32+MfxcKykiK@^pcHn9D`= zuki}J!lwTiLUd}>gEw{wJj_NQ3`}-M1YT*cTG%5ofs5Gqi}ILe4yom&L+=aY_kGav-)=66Lg1Jc1{702CiZL#)*SXMuT8LFO?q-lX5xLC025{V;YU;n8lZSkFfh$Di!>YzXz7m=vjt2qiqkirZf9 zR+OYFFXpRmo^1Mx%FAl%_J(@BxH6khUh4J{OTH-SWv~hRnr+c!%}?E`qiG>9v0@?Q zd{lO5_qW??Va>u16T)N2*of|ZSq@EsuNjh8(!kvi(>;TY0hq=l#?js1Kt*E+m#wAL z?p?(UswZJ>ynC%Wrc4h2QjJ=cA!O>Vyq6YeRTPCLwUPp%D%dgj%G z-N~y5AKLe{+=d-S{1Gdpe00W&XtHfokD|k>I?fC;LB6{tr01tJkL|d1Wri-i5I(Hu ziD(V6CWy`?u^Wf?e0!oS7H2pA&7LD@ieIVVHoMD3J`?a$PZID`uZy%kaF)T>d+jKo zLNUXT=JCC+Y^K)65K#Xnn;ER#yvQ?>nB4n#m1`8)MkC-QkMvnV>l&>VlJHcY3(vHn zE^2*(Tk8VTlGOMH52W4~m(?^dxb$J_=&+UtB{f^*6vvt=!AUH7jCb&8^;9#4FDR(aoia<;mJc?!g`B;C%|t5 zFM7JIN`2$#Luvfbn?K#SDbhwEvpzJs+p448E5=t;WwhHb{P3CKwW&*l<@KSV z=DGEgGa4^{9>VEUeh{9V0sol+eE#!s<@v0ZNKk?Q&*XZyP*5#Je3*+${!gKB5+2kI z7j$oiI&mqkonuoe+?18xeL#}85%RF`5YJa+sg-}pT0R)`FPCZ-_Cn&9y}h( zHMxZ>-S*@*5&W-n4-Neo)DPI&J#A(Br{`X}d@$st%O6Qk9Tu*=8EWsa?VJd#C(f;* zmEAlCgT1`UIc_DX`+Mjoiw|g2|D~p$BL-8%03du|f7y zTEIWuE38L%c{p~6jq1)#0pf2EH5?4llQe7C3g+_AcGg@TcF0J*HHH9gW~-dF@^~R^ zGj(~Wp5((>2fM+0-^c8#RC|L@^>BWXQj2(g~+@*=F;KObI3 zGmEI^0Jgz~l2a%0^yHssA09&2{FJ~Z155}9>7#c{>APmMh87k`wn&j_T6W)n0BUdr zl_4=FEkJFU)VDLu!J|r$4;T0KWW5mMMw-|6T^pgHoEbI~NXj+7-*+VI3TSSs-#_~L z!wilKMM|FCBR#XRJ&-0PJh1%g!fx`FCM;3^GbrD|L7u89q2@eYw_IR}K zBEdqQ2=6R>9}?A7`u6UUaCc$E6XE_sNT~EvN8#Nk!cD@V=7)z0Gv`Elx;UmpgxQ5G z&-Q&u%?}TE?I3*B6y8TT5*HRp-pGg&*dzfhd-13!wzi>UN~6s#obra%+YYm%;s&ak z5vKvchUU|4h$hSSGEdzHad+a)|9|TNM@FH1*4q48a;P_ zMv+YpdD!0I(0@;t1D$AeUpGkaxkxTDjyUo+{fkMmXFw66XRz5}tBo`X+}SQ>By9sI zoCFVvS!7ccxqE($E=r?}Mi_;p&hGK2m>ix?#*{K;7+dA37${@}tVU7j34&-!B zZ0j5g1@lLZupKCNY%JSrhZoj`du)OhuDBqUtp(tmT*dG$)hdQOx0}>9+^gkUIN12a zCfaxvoO~pgp?%X6BbK=(17JZ~{s9pnXH$b!sF}eUTx-VIMBW@&} zHQ@?ednkS>&C1}2+R*ri=xQI@kEHhHaIMj}IpVY9RbBkdDe;GBFF^$gO<$A`A}>4< zzf)bWX-~z6(w2lW5?d0iLh3BuFk@L79~z*l7dR;BOpm=7&s-;3SW;XY?@2d{p$Oqf zA#8KswmrU)_Ffc5YDv6~ZY;nNyWfegq?@5}MDn5dO}?~6U_MT4jgT3T#!J(Q_^WjD z3(8KcNQ+b6{Bj|_!JQ8NSUyj*uF)#47uoDlmpE3|HaOE(7f zlH(C2Fw})KdCi_=+}vKnURJ9-jY_LD9%fwzEo%aAyw1Ws3?U>>hekPfnej7vYD7sx zrvtjOxT?2ih4HX@3+7iF7pb@4o@68pT)KOIrKP(|V%8Zgi7tM^IW2yBn~YO*MGZf71xa{7RPat+#UZkX;&#!eQg7K?v zuow8O^$P3qs6qODWBo=Qk^G(Y(qyVQ$|EbscEFuRUl>AENzT2Ojkme6umrOi;Y(~g zXvz>bLDti@U1n-`C3$c*;#BuIJ;~W+`?Gq)J9D{xs*Wt!Yik`pQN@b)+1R-PT(RU@ zkyGIzEl$ZtY^}Z;l~vQIg*f@CZ4PVeD36){&(`Wyu@*;mH`{#ZawJ+J;45ZKS2a1D z1a{jevQQWkD8L3$I1OR5AEZeOlqXr9Vh?4JJ;n%rv%oxF8gN_2*f-L(Uz8nyO>&k& zSlAnOthbcgH`2ovN>5nC#F2Q`_FT37Gv-q;T?kka;>eUG_SVQ%1^2t9nz-fm)>^?i zN$s)kO1nmTbhX>6=d^Ip+Mon~U1M*ZUZbtSh3oW!7S3gnf){ToDbBCc|&I?5A1Cf#F2O=-zFQM!N?+ zRe>r7VDX@Vbc%lLNjva!o!nFc!_u^LF88yW_7!xM6U7p~m*Yw(9WE90vMBs2v1a2^$_?yI z!Vz!p7~#v`Ybo16izvBD_~5uBE5z zajo}mOx)FxW_1;6$mle|l5TKKaTIy4KG8puHe^&}^VP)G?t&s*ON}qxgr-4T9)=TJ z9%LS+aBHWoUzjh|QUPqYndIHa&xHB+BVqpiTj(wkwCEy#dg`RCU;oZ*l?UTbmJjWp z%SH*zPUPCS{ukKv6XO8_jWA}fItT|zYzz92RCfq)`N;^D$j1Z%JJ@e6pCsMY|65ki z7?|{H?C)d=`>7AR&l$or$yF7#i>*6T1ZIoW=|JM`42 z6Gga^Cp{wvwC2rF+|8%~-<8r9g(1WWfUQ2#-U-|C0c+?69aJoUEe-=*MUd_!5!(lB zWPTLm>{^p2nI8-|s%07@cvC5ZGUdR4F9y=Cgfh+dPHN4dpok;AlUjWVh7jP!ph09p zXi@}=|1cO?r%!r^E$LwhFozTN1~eoI5GFlEn7aqrHZ> zN?ZHiTbN>Dg#cR_VM+8x(#~)i^J6fv6B>n=hQ-E^?P1AQw#=@8H5%+vf=Pe`lP^g% zCkL<;3-$z=X-__@f#{$7G#eODJNsrNw~lwHl>8CNBL>l`#}HyE>0!x>E0Z%=VnG3H zhby_HVR6YT$>&&F4g(9pMMD$F&V9)vneWG7B>0QuZ&>yYLx74V*k&u;f{=YBxq)Re z6u>OcTGl?LHP4FeMIreiDMzz4%wvYMv+m1bdh+P(lvCa`5Wv`pwlrBGT=9M197SH? zQ@U=XycOUk*sm>}ymE^e7?w|a3|20ZylCKA)*3K&B)MkbkOoyAwYjOSlP6S4^SD%v z7A1GG!qirmf^h;{7->`4R-8JQZjEy)fZ>X#kG)}QMD>)^jr6JW%Bje^Viy^5W{$)^HY6fbhRhJ;cT!%(`MDgdQ#(o>^0u+J|lkMRg<~R>O?0*q_%8 zYK{F-#pF3cdo7%+T7o+cqSa!%EsIaj14`8bS5v@Ncw+Jzl$h-DfQn$aUuk8EJ%*5B zgT~7TRBL*634KWK1+ z?9UXzMhGmVhW2Aae%y8L29E z{(FOc`EnD`ScrgVyT%AA`k4;-B&;N1xq-RN5??2JH!h{mnsy%T}rx6}5kkocaf2RXg zAKMTu)+uc7&F&OKUiD3%uBtvs=$(E*UOdI+0XL)UGlhuFbt@%M;Qc zlEV`P#9niHF0&U_29nS}eV;t5Q{ds9lK#9rxlusu&Q3oi=bZ2s2xYTCoF+vF=kn6y zf`A>x%VEGCr zSJvsv`q*(g()nQeYB}h}pCh}ErWa;vbZnEn7hQnc@L*qU@1g7EU0Ar~NKDkwAdB1q7cltW@5ShYKXvMh&Z)L_I22SfRFk z5lkX>3@ej^LR^$&6M2eI_Q9})a%K_-lWQl2U0`v6f+37Xr!esAAjp79j$7z!47)K^xcE6E9uZ&h`0LdgH zj=6V?hxnUCUYXwccE;Om)WX1I`MVj{S?Gl!#NSME=V|f zE*)H}{c9#*W;q+F(7-cGhrh_iM}_J$LtU48C&BH0Rl`f=)pP}R^$UhS z%Nn?Xc4ioCBy%izdUzO%3o&zmK6az*HZQIk-XdQ+uUKzZ=!vd9pIe5PG2f4ICiU+P zKf98)D;zOq#HJG3u(9+OXlDl3B{kCxJ4Q4tq+pDl1ePZU+bko)7O2W@-a68MEJa|l zNl(wL5oX%z6$F|L;;IjS7)~5)@1JGOqWWPBK|e9iCT)i_{VuDTs7l{EXw)1zfoe0L zd4a5{qoUd5T|po$_(%r?_iq~2V9`*H<@FlB9Cc1!(N}B-VmKp>ckQl^dV_^CsGcA8 z8a-O0OG>w#tcw{CID23`X!r>$-5psIb z=!228t`%gP>^6F|v}M!i)6?kWO^G+$*XRy+7KaCAzrltqj5TTMnSCmURt{DcXgNj@ zE%oT2S=l`pI}A)R=VV_}N951XUd5sxj0Xs`(m~C(B742OhNjREn_tfED&I(HGhmrB z61+S6jTmY#%m!i!O~R-kV+`qbKKmUuCZpV%o3aX9d{3kw#9y?dSH80AkVx1nf?EIRXP3nl`7jv$#fgj@m zt;Pg9i=9znl6DC(rjguZLGxP_?et&dA(Y}^1uz=bM%_rw;HJK#i~H)yk6F2+sVhXma27fDD048Fo&??mWu)^~lm`eDQ)^N@*Dx)2 zbEF&sp@EnESF;bAlTvq!W&FH|DOVfeKy`2@Sc-KjH}fK<)uLS2ZeR zq^$J)1FH|^rpY_HZ74g@8t@Vyco!0!)jyp(gElx6Om=^hyNHJJO0q4Gg}hLj16QrL z9@*850O36 z#l3m^)hh|MDG#CfZj>8I_%QDT9VT#uyqDy2t+IhEIH-5>c-|@Ifl!+sKam$FzhDEm z0hAC%QORXwU&?!d4!LN%5v>8fNDM`VJ#Mr8NLr_{r{xql1N7>EnHtvmZ*_Wfe1VlJo*8oM6DgDMZ(q%m*u=q~6(z#>wuf`DO$Ps+_>+VH$;naZTq;cQL2TF`PaBz(G-Dp_?zzI zcc?3UBy{{6G<&IJe+RrtL7MwCILEumueVUFdK=smB9$BuVCF4%es)|{~BL7l~z3_PvizWCZ(2SN}n*bkeUuPKkWL4 z_@dXw2`mCNVq!%>5THrx*QVDd01{P%#gi+G*@G#L75ej7A^ zgZO&3Gc2g(UZkX^S^Gdnn?owIv^ZE&o|&>oG?xNcud$We*8i3-U1(g z5%R^4&xJbiJTRh2!GK=R(X@5I(~q zirkt%)Q#&ae6%%xq?=z~q1QIhyt^=M8{ndZ-P`hGgw@-oC`f{8>@ZFvt z?$)KFFsr#|kdU!G-w(=`zdb)v_la=i^n`B03*t{N33cL6DMIj>36Z*Yg=^xsCxn^e zx64B2TltZ0oxFrmPkROl%ihZOb6esie7xB+!t*a)9QUp_$7Kt(C%XlEJQl=p4sXFQ z%Qp-j3*3<}?`?)v2&890qqM-Z2oA_WB(fv_s4tE96~M4dNP4x!hWGP5ddOKACB~4l zfo<919UnsezsC6r@t(sSB=M{KFIX&z^*xf%v0yx#6)C78W`jycBu5J#h0%WGbk~9& z^3`98r8L1JjMSggk_x=W(Eg0EC(~9Jgwk}BQrRrxhVV@la68QF1sCWZ7bUP!+z26F zP8YDJz)L>(X)`J%qaaJE;|t-+o(l!;neq~a64)#xG+1K^>0fwCzJU{WprWBc2`QRC zomqIpq-ua`3k$ECsCU9lB(j6!Skk_f)NO^?Mpbt8XA0>X(D3RZGcOdr!=g=0pm>u< zwT|p^EBcT{P$&*oAXl;27e!cS(BdU^`E zF-5b;4SiyJosjod5#9f!pxj$U3-pvRrknt8q(~r3P8Nl+@Bo8}ehDt%^B)op^Icu> zbh@tzmpVV7_#M^;F?QspRAc*w6l>Om5qkE8UU~2ekM!a_@)d6iR;+)bcmz$(qKZK& z%;J)b_*$#|&l#SfLL*^a&bgkX(?SY zMpY6Ws8I;%5~U|QA1R$1qsq-y3A@&owpIeFSM9pe3kj4Him3ar^a9KJUmwMAN}MR$Azc zxG^!$M6IR(hTVx`!e3bUNq`^u%rL1B8)2{qi0^<&t$r0lfP6b$OQX$H#(U|mmkIcQ31~Qj~Aw-kFOH^EM)p~Ezmp1C*Fff4^KMs&D^@LX- zhz;@Q+vaRe`OINnyUE|u4J{~`7kNVI#k%DZa!Aw`C zPnS#{sowfBmrj0}WxTL7zGxfB2fD6p+BCUkfJSpMTGzx6hdy?GvL{^!MN382eK$Fp zMWI+x$Vs;;&(oD%Bc>a??r6&7CuwD&2;Y~dggR6ana8F)ol6m@9!>G(o0z7kl={Kt z*X7HvZK$SV9YRNv_6W5sE7$f1;vmoa}&bMBS!}3v^WlMTpu#?nT=AaBh2r7wxhr zn0W81I7TOMIO66<74zsyDvFTIvF5FDdb0nsik%6v<&>ai`PyFL``_pJkw%ZoB{cb_ z^n?j^TT2~tLzl`Wv^Ak%;@X4qYM)BB2L(=( zCK?5pu;mUgk&PZabNjk-O%HkCL`wl+xK4Lv;?Nj!#%-#Vu7N0Fo#2Y3TX4&IOkF}} zu}WGv!0$^Q(bQ*ZlKi4hn+aPSd}evdRG?`vngKKut|Oaupi0$tGq=q;Mpv(t zv}TH|{>Q9VMKIfurc1MSsrT5uS7zy`6GjD+~h!pWvH<$~=YEYC9C(NY#MK(TFwb-H| zAEvz0*}UpqRrIZ*$_0a-Qs=2BbN5uurHAHFT|o(_)wPsuYpCknm$qQc2Bf&D>JS}s zl(<=8kR2Flc9JD6Racn{McJ+Ms_w1jAH)OE(t?3oVD-5a>O?ViVhzC!e$w09%wwu^ z=`>zRQ4_qDWz}X#Z2n_L^>w<34|Ncv>9OkXXmE+LlMgYDT~y5uG2)z(e_MTB%YtIc zKsrlzV~?L7T;g4wM#C537`14?LeWxt%nHh%V>I{tsnq<4t` delta 48718 zcmc&-dtgmh);~80dC5ycJ@O=vo5#(4=LSi{BP0lk#3PZnJg7%vFes)wfwsLt7iTGAAy5h>^JsN`g z|CNl#_Zi3ig3=dp<6A|1Yk`jl$G1w$2M|905I4RR#J2|2YRtw)Zv6cbf4@J#@#hzE z;~#{s@G0E*EB8j&k{wVw}1BhfI8a%1Z8`Q1&G*|Ne=`e>CY3 zm;YFZe_VoON2y{!yeg%ejI_M^OKdj(ID1^N+N2>I(4pQ~Lkz;R+s*3cW6I z81cXOGHMf7s6>6&afJ_$_@6V&E9MFxEAfw8;63vA$6DHZgoA9p)#m=DD_7WBx(d$L zI)eId9qQ{Q-i%*p-_=>H8_% zg!>^L0hc*#;vPB$6?0_>@z|G-@jD*X>hUQ6^Z&;u43Wj(T_>-dj~=r*E9JQJoo^vJa*@U(}0Cs`L7}Vet*31Wv*O}YW8#G_tL5z_(sJdkBc3b&0?bdTF^nsJ6m+vISMHz+rw_Oa z=RFSM;Scw%KPSI)Tm_{bAzTGU;p?~xO3|meinv1$M*RK$uq=nGpfstBt9TH4YB*Qn zAfEp5KYH>^lU6J6_I$2Fj^1C&RZ#j1REsL{_kcb*%2nJ;$HB~xiugyx*ul5bxr{@p z(;%)Ah!_816jaSs-c9xJ`Oy-8{{mp;v+`cLSjSa95b;0%;Y6oJT&t<8GdHov@n1(g zWsscDO$3^@DaB6zuyE5JHC@}u@zZXs%2ky$D-h)WCBXbkT-CE_ zkDvHoD|DMbS0&QUu0N-}UvO2eAig!AUtpRHT-CkQ3<}&s)vi;xpOH@;SN(J1@BQL2 ze}?}59*utfIqNuA{V-_COs<;JZ+CLll=x?SxazxUxt6QO=%xK!^@GsXt6a4L@#udZ zI?7d3`V2J3=zJMh{VQp@Q!&rMKiqV;4UdPCPIJ>KrT)ZCPaP@#^MEvFKR5lC^y2*g z1V3});^Gq*H9$^4ZGhSWwF7bnYEMpF?C|f^-R%3&^~RteeOz4JUH@7vLV9_2f1+LJ za;Z(Q0?ZT?WVV`w73*ChN%10=Vt*x`GC~T|( zo&kUI@FH7-+_b)m#lB^9ThfgpFg;0ahTEzBL5?cc!S@`O@tClpp=$6<+kz3$K zw~efUV%$j6U)(l!P~st6{@krUxw+ddO%X;4_PfpSP+~-Y(eoWt45~NV4N4lma=Xgf zDyBJnXSSGyBW`Yy#Ob1&vwx_v(e&1Mqd}VsJDW?d5Ud2^GFpL%e;!T%`3V>#hPe+w6S|v7~x*?W|a) zN%ae{D#Lq9~IGNqscDXiFh1hqaoG_kfsA3eM42)nM@9L)t5ce zyj8$vgJb-6)^wbrEW5_9eNS=J}4XPbhlOn*VmZ7OaR^AK>|}t4c}q@%AxvZKUT-XNol=;gslh7Gc`_ z5-n+r^IVmr;y>1S+M`bMd^JE(O}@r+HjAb(?-rVFmi8w(FMHlp9>XWC^}M3md0QL< zYu!4}L`A9O&SuYHt|}d_Dv(K|%J4G`z9rAqJnKo+K9>_~l#*F1*6cnG_uRO`sheqKMZ7K<{f zN%tBbqT(?Iquw6HSf+U0Wc@bEE`63)J1<%`6ftSB*O87?Acla_n9T-ZV^4_v7q9Yq zj>Y~mV3SpEAA)k;@yhp6lzn)omj`o08Fp}tS~&7%h?aymcvZ4U2m_P#pLkshQWUuT zd#}DMpu~8HRR>+x#t1*?51YMW`zx|rX7e8Jq1F{x?V+9_)%%>X`nuuXr`V7!qg;HP zW3b5?=bay@sNCV%-q)0?{>)PE**#RMUT=1UaBJW4c6L?)#~Un;4t#@mLXZmB3iD=Z zjyUtMcXNOW*ra#F7F#cQyDFAS2yAcC5!XB37M4Z8Y)Nwcd}c%|8nCIK&kWY4Q66)% zefoN-)W5}KuYad9pF}oHq1>vgk5VG0G+6_MA*vO8t15dWa#|!$vZjofr zM?QzzD3(?Cu}?b|nPBWl#%DfecSRnxU-{^jr8J%Qsq$ATq1fL0ZOgHdtv7vg)Ev$L zai2ItCpjA50F{o_)%OOQ@M9$egP9=5Ax#gDcJe)>Ji=@b^S#kl(Hw`Pd>61$7!yb) z8GS3+NQWXW$NP>{M&u^?&QtBtAYfc!^VX8kRNvdm?0OIL-K~faAcLnPgR*>66w4-@ z`7%^Tj*j!~sy1BcEshzBWt#6wR^Jvpu8KE0dLy4%zN=UVW5vM+eVm|=?-EI_3ce|s zw5~ADB;z~Zfm%gGeWy;RSSKYTP;Z3f-t?eIa@^QyxLJ{1Qe~%CiWCt)?(cNMponO? z-O0vAf3#Rh&VD0Vk`YsytdH=sHBc!i;?5;MkNGrHf+3*Y7~@PZE(QLla|9VZ*?-GS z+Qenxws@1hU&{H~e?RLnFfi%;jsJ<|iu&nhbzZ?*KFZ_d)19A(7)H92MUNrGLEkJC z@(>GddcAXgB9({QH0rC)E^NYzA~KpfzpGp?_FU%E*E)Z~(k*g&#aV>imo1TG)sLO4 zBb5{r3bs|Hk||+byfi}o!K7p%cD}C{*&os+r421Rrma|ZqwvGH&?quGtV=JJK$FqO z2s0aL&~Aw8lE#Ju3{0ZpyLiV@(HO#Rb}28psG`du*6m0gY@nt57w+Byw@x{w}0${}X$jqeZYGLg5Dx8h^Dp zA3SG7*Zf0NLA(ed2FP^R1a&*cGT5k^d`P!bk+ccPNHsuMc6M`qB&i$P?Sm3376X&H z?{ynSllyX|wpi_56h?X^mB7fr%{0!ocM6^guJ~5YgI9nicpG4Qvg1#3jk)=L5}ua1qjGmIio z9=X$l{6;GxmhBJP`z$pws%b%wN^tkXBZ5yccSmt+N`tF4#5OAU0L9_u3d{-K!D0@S z69k|jF}EQ2AmyY-ags#g`!bjIemO?JNfoF;xfDGw=Z0e3u@D(30=KueGea@YD2JJ zTkg}JE(*Wf5Nzr(@Shv6aRuK0Om3c>vLc21;V)0?;crd<)$sQ=;lzgEz>#iF9Onzv z7buaGR{eyuqu2i##A%a%5T2e2|Ct7S{`2X?iy6(~pdA07vU;ar zP&!%sF&B~apM2pA{7^GY(7YFH%hFx!I_T=f#B?qsWpLMNA|~u&0(?qxdCasMYmoTKS$O`v;HdsTG;$%&T;C^s z^<87-oTxe9&3FG@(_*CN)gFglJeKvL(^g`riUR%x)tgu9}`+F}fAt!@x(;O8F zCWo&F@1uEb6aju^fgGl^lz*;!NY^foflUq!Gwv7m2WiP5bI5Ym2^!EIr#$4K-q8sf zFof6%njJYS=a)m)(M}KrlLK#tEMZ+7x)wZjXUKv@v{_&RiQB-?y?zvd@@N_tYNiXT z1{BeIW~evK=c5QAV{=3**|0Qp56#4&FtTi2s7EhqZA_GC9|*$E`$UoRheOZOxC-Y6 zGpiwrMHB99wCPCo)zDYRPz#8C%Dp>4NK|^y8?19d5lO%6IeR#*SPUU5Zgr%Ioj&im zlqM1lGGGhrB{_R4M@v4x&~qSN?vn!>;$UXjUmLlltk5ak3drH=-yt#neSs@()%C1 zJaVb}7y{Utczdkpd@ihRm%woc5@MW*TWa_X*7#6FV0rj>8ciE8glJKi)ktZi zh8My^XjaXD1@Qnj#6f=hMMx_c{v7_naB5u)ENb_@lh9XJ=`MVk>D5sPxaGfwO#Lx@ z1v5GNvu>Rtc7#(KVTgNFzR*@!78v3F(zJ;7!p@h%dkD2dBYcHRFNNoce{~XG+a2L9 z)P#nF3Ok+Kc9LL0Pla|AE(JySNuNGk6xvQ0_Ef015ELwZ)j|01sZfJ(@N&<=!qgez zE_RN|VIfu_!=-I6Qu9MkzxKjcO`!q8;h2zc@@`s$K&K3--AKWR2)3?)B19*#SfvI} zoTo>`_EWSh^t>)K|6{;HX{n-Md0UL4)_xYTa3p1ifk{$W|=0sczBew=C$~d_o@^)8>z#Ng-Bj(YsMzV+*EgH#qEpi*( z+<+oP|A6JuqGzhLBy+nI(IX2W?vQ0GsHVa^0o2WOLSe(fJVIQ z`)gem&?2LV!++DhlIX}Tp*-wv0sC++FK`JbTiZkpXO4j~3>+A>z@jK}``jo^1TCXX zUF%_-k~#$EKSedr#a=nDXtr#CbFvr1vq-HNj`?3{>u_(DtKnc*6q}8s&PmQZ8SO{2QfP$| z&$-bvOp5lbt&g_Rg$cC$Vrzym|LjlRHe%Qoy@3UPX!YDW6zxHGkjSyKK{7>J7|J{u zJ%>$hQ75a_8KAa@eg(Bi+YE*in3M$vIA{RHph@3W{nv~SNTvdS(6sCn=Y}S2w-P~ z9hTy@PEwZ@^D6ZS6if<=V~(*P5VIx8m=^QAmr7yHR>xE>Y(dOY8YAH@ctD65+1tSm zMTnILv9>`;0pud8)_1jlsSx<^GB?YyyE_5P_B80=^VN3j` z_hXOJ#*D&9Es538JqS2r`;OR3x^WsuBpr->+f&6sV6DYId>T&0-t<)g>rFQMqU+2n zu?_7Uv49avOF~_l^k(S0c#AcHEdDXpd#xI8*x@LRi|H}?A#}{f?OSiq-=I?v6aiLf*(jH)_wTOa-cT2kduNvF z*R@r#ml^i=N!{3>O8p@^&Y)Tl9k0JlqdycOBuxgVoViqgoSra2VNe{lPhr(^J=>>% zf(gG;zd+f8yRFs_VXYYRBEr9>-$z#va4C==hK%mV+w>=BD1_s-Z`b!wZY_aT3DCsH ze4_umGN+pF`hdjR!}`6-I0&j(u!QRb2skHUI<6+M;G`ZT&OM>urz{b0G0MG)U3a&y z)O5E?%s8(m(auk3yo(=NkGq=mWg2qoTm8qZ1ai2R5}*jX#7RG>Nwk-s{@-_%0Oe=L z{n)IAvj?n6H}xz&NBcbjL0GwlEWfR1p*fC|IJq19PJM<9JEX$tkg^W zr@`59lZG|8Y`cyd{0%BP+HL*g6NVN~$AlBR4SV;vt1xJ<92jU|K|0>E!@7%&d9Z@4 z@bJ52p*VXPtF>xnwClb-rWO2JS~Duq&MCvB#>tKotgXYHNl?StYbiVtYKgjtOyb%E ziG7G1BZ(#1F!4P)Jfc;#{RhJ-IyFJ73Or5^=S!s6?%ZudBHi$Sf=Tai<5(78p#tk| zM%xIgKZXE-X2?uRvj)RbVJ_Wc+RrTNbQdC5Pt=;nX_GDAn&)$@@E$DqU@$Fvrg2IdAlqv<0pzM*ll5_ z4p7e^Nwp%U@dwp7B^|c3^wp@WnxkrnGsi45n6INervA&)(yO9~?UyYcbiooW5&TL_ zpsr|&w~>%wYXS>}F?K?YtFMmKS*-hM4g=*$mL*$*S!9nfg6~W)t(OMe=26xRpXlJ|;QNueRAmGoa0Xe!s< zP%DA7SwyH=XLTck-n6#FROl+6R16{cO{+6`d7ZU^g~KR#?mO0lG^K6C5MU`dVDjk) z0t$&nccCbjfih)Y8XpLll*Iz8m=}wes6C&h@hPK74effQN&b@t!0Ej5xd&jPS7($aw_TR zwB?+;P0L1Il%2f?c)`!s(o>)~dwbM%w|S6ny4cieOWI!uV79*y)szGV*jl;^Y@wG- z3bwhV(fULYHIr-$q7@PR8e5fy{BiYNTBDo*XJe@v3?WuFShnBMK3dYI)^?T!uNauX zE|h~~XcNT{z|LrimkyQ*Qy28}Bw=m|gV-b!tp)o+6|4lcBR_Oa_(VgSp$vP2aM;Z) zN;v(SEHC2UBjIJbI%hihK9zNY{E$Fj+RZPc|DO zF!AKpm_Aq7tP?|sW`sTbEB3?56U)3l!&z^DfeGA?GK}T#F$A!)z|mOg9F%2SpYK>D zV~vdTKHA5|5EwfGsf0*2(~?6#!;8P%=WndmFj=6OInJ?_deD_V^XaOc5d)JmZTs$^ zhe2_KJ!jG_yl+do4CQnuqVM-b)SWPdSOKspNZLVRS=M(I-MfQ|1+XbTPVi1nwUMy* z`_?IUqV_%{{o}qz)J&s?u2f2#lI^&$)@O8x(C}=cKC#PAbl6 zh%*XT{^DjMnHv+2vTz7hFKJt%nMG(QqUKPdCae{Tc{ZyRQ7V7{xOOD(Mk3pWkG2{| zI=J?~Doh2~@(3%TKP7GrrF}Y93b7IDh1Z5eN0IkKlFW3m9ThFLZmX165+JYSNm7hS zJ}k3>aVJx)Nf%TQeUhGI0|Uy#GcBoQutRrxB(o^XuyK)%mA>-V5XbV z*7C{zbt=3Ku&-M>r{xsZFC>>X8%zr|e;e|C<6yl~-1#v_!QSXTtwq%0V_7VF=L^<6tkOxNCIP`jh~=YZO(KfLIk< z+J|pm)4yd3fQc2)eZgYv;kIfxd))+f=-*N|n5Rf}1GiYf=6Pap?VpfD`$8EoT*mZ5 zvNej3A^peFv#mx9OQN#-Z=u7I3Ecy6YjOYCgQ%0DJZcX0*I1PhLj9x)9r>c&fLCe9 zjEWLlW4vQ${T}}T4YX&I1M4Bqkd9{`jU14e>`(v&JL;om(g0R(IBxFb0rOZg0xPWK zP;rj?L}m;K7_L-qGWVka9&}eTDiGKiAq3t%H!6}GJwHG@!_obiu*E~k3*v;}P7!be z#Mpr^(>W%}ncNZv9-|Wxl%2yU8S4hN7zGncdcQMpHLYJ6PUi;sEeSbw6EQh zcBw4jLj{uB_NhDCQ}wYHBi1SG`OS2XB5!)8PF7T(=z65?qf4l$Jh9Sg?|Hhk7_P0< zrUuaTEBXtvOqcoujaG2PE@NsovlmtdqU)2on@;j@9&X90FVVRUj@X`=dY0y&Pz03C z1Yw&LCp6}y#?oXX>J>y+k-D0uh*5-SDwwuO?0jaXHZs|mM*!GBTVBeX)UNbclpJSz zN0UAIbh38l2QtHB ztA=D*!r%+aJeCa{Jf0>EP${B$4E7LCfLp1&gbh==bRcQjgFj$?gNlX_a$Xl&U>Uo| z(<>(%XAUk4Q~_IH{oTH&c-7!bbU7bYnbd9=97%U`q6jFI8B#wBvf*L~-_3(((9l5+ z98b4B9^F596FrrLf=TUngD2DTZzw{N?QqVVc0*FsWb5Ig2&vrXx()HC+x$$xHSM6JCT8S|An}` z?i-Xgk9C@;<<|F1yT)2Oir5~VwnMF|EU>Fy>Y?`N({9oo@FpxdE@~&<4kd27a865G z8An@+Ou5Aqxzb+Gb92%*uu%sCll8w#yVjGAhA3kDyJ_r>Y1|2tNLmc*VKE-!cP3b) zzA+7sJAaV2jSX5Dm@NA+?KX|PP=VsF42}kL^zUgKSY@H?)*MVLqW8MWSvMZiDE7^< z7t?YAsXt@v;5&n`E7diMz|GOk^fF)*mi!cd9&f*UCd@0{KaEBTGBpfW%TDW2kw8|B zOK+yrWLdtjiYFaZJU$^k(MGEeV@!0l>9#hGnXg>&#g4=z6jXGHAn&hDZ%31ya&U{) zv6a|qfBJlS?hOT#HD9OqW&Inb9~j99_pC_$Tga{SP0U*{i;~M7hF)Rbim@ZNVuto( zp#g>ffi~F3FV*&<-b2^XtR${~deP8V*yt$3&Iq+!Q=Z2xhtmnr#llqT_UU-4} z6^OGZn}2Mu!i}nV8^UrlWBO!JSrRGOfGL6?mb!&(aj}en31+) zj0YInAWWTK5=A!k$*^Ro=qBdcq@9q4-)B@4MajGRkC;J|s3uG@$(T4Il1|%ASk3@+ zgGC?dsNkNrM>LqIaxz$!);oH7L?d0&m-7KJkda2YHn&H-%K{mUGda+GV$;h<4rB2XCRQ{L98;1~Am?8h9yniGS6nIRE{1*ORd>|T4qa*0MnT1P-a=4`6^vUL#u^cem&EV-dkzHQXC|3d*-`Q)Lt?I!J$U@ z>!V2Li|+wrk!z(>`O9Du32nJ2G{GPd)5Uu@j+#s49q%4&yV4<4h+v) z!h&0@Y-DP7)<8DLK@o5`OT)^HBASY_Y&7qNmj%w!v{U8*cgnHUFV3U>H(C4WY8{TS zA3*<+&teDAaoptvSyimjqn4dpll8VTBI%W^8*I?Wc!-@ZY%P*j1{ZG5a;5ikqbiBb zJ>GuN>hYafgIL^+F?PI4K6XtF!M)g%L32cRe9SNVV9`zYrXEtNyA-mR$xxL zKSa61(d6tSw3opV@YX0jowA|`u{iXCl!i&!>%tvz5UL$n_G0!0+Igbv$g)3Xzpmy} za3O_s!f|F@_Nz2n!R6^1vRNmIBlvyU`{*q{+1E z4+9fOwOdX;O{tpEghf;LoNcpcg<=YlUH_Lek7BcqE9mqLF#|j+b z*i`aQwX%UMSQb2UGUqJohES`YJe3neU&MjhKy+Hi>nk#^<-APCT{)})I;4$G(`{ss z`{;A@ZVEZD8Pc7zr?+% zeoIg!DeFDvC|%2w1B@$d%9n zH-<lT8M}nuq$bBsT=%wlCy;ZWj$O`LESA6_%f1{tej=@U%%bp} z0d`GFo@7WJH*vh8>0sMG#24M`#<2+0jENNmL4YPLS{vRPm(xc@10%e8L%J>c=-1<# zX=Vm3ym+7hG#ET9w-p)~r8Q*DC!}C@?wa;pJk#1<`6m}r__U$8P`ui5a0nON_R8-$ zq343!2r_&@ZubtFp#uM+Yd7K0LfCb*YDw-lZ8akVetE7=GlJAF&;8i*i7w(jnCm#M zr}&)7aRVIpVh$z3tGT?J=8r<>b-5W%{|Xi=*5wY@xC;b6YNCbq>)|m}7%e`Y6y6jc zzZZTKAMXgM@4(|rK@cBpg^S{&r(k^-9s`8M;-ggfTzot$gl~YypM+WB<8Q*p;^S+f zb3Hsd3FYFWk3irdBrfRKLFo8i?qJPR!sz$l`#%bAijU30kK*HRLh43%d@Ts@aQatI z;hT-Q!=3)yQ;6RLI=2-TZvr0kUmwvyIK3&ir?6?OYbT+hwzF5e?!7oJLWp`lH&nw3 z8Sm$YgNC!j$A?0#_;^0;is`%+kp&ULrU3U>iJm=ys)NRi7 za;kO}K3(S$2FNq;f6k@;92f5<#7*-I0l02UF5R#!=Vd0C=fGh%EqP;0?h!VAV=hT* z_U4*tIu~U}&YZ~|$@&(QM|y|6v2=Eb^VsE=H)PQP}`C!TxP&(dFtpc~|MC2viMnXGflmp2;+02_Ufz!#m!pf^Csx z;gvk+bVtGwWd~rRpldKklYjIXf0l(cSeeM-^zkuFvW$uJu!%yFJcu8E$UwU!3`}&J z#xKxQ1SU{`x0mV2&GX}DDp%dIE8}-C7eYm?NhpLHpN~1^vm2jLW037_^HqUZK0XP=r_p*hwHIZX0|G zmNTD33jsC8&Me6`KWNQYy63=qKvD~K(!1DD+2p`e1;c3W6h(k`MsYPod?8gyO~F_; zUBj#fV1u}tBEG-D`HuzP6;cCYVB&VWz?)4bF$AzP!+l0lLJZ!&cZkK>7?@=ADrC1_ zpq8;a0P)inwlqVO)2*mNJ&TS|guUHti!W?xHz*EVt}mNhV+bgs)qXevURIM>IGNtg zYev(i>+=d4fZPi$JxOQ!J@t@iFE(4Y}E{l688(u6vnygyS_6dprw-kB_+FPY@B;;7} zO}avhx+Z9EgPkJ!h{159-l^gpq12$5LL^C3(u+-`Pz2w-WCC3@MgmXlmtifr5kaTw7(#4N7U2b5Dx4!PEQw@;GlnI0?S?$5rd`yO zl3pw#Lpe>FUy{wjPZV*ou4JB;);fj|olo3Z{1d!0>y0BNr&u6{fytV$O2*R_RkK`* z7p9uhke2dONsd9qYU1g8*eWl~|I7zovKm(!pj`D)eM?(ZAvbkqU>wE z^Gf^CZBVksfi0%eth8Zi=^~SgDa9*&q@5J2c9r_Den`$x@Uj$%^VN?^Pg@k54ZQ1= zz06TgQH#xSV6eK)gzxBru^dRR5syhT7j5uB!{=pijpZlkgbzhXKJU0gY~{`J92!~5f#H2+ zae>{m#L%WU9!Rx0T z4KaR1#kX`skOSLb3MKhlPE17|oju5b#cRi;^LB&u6^UlWny4+SxJKIq%8tM>q=R&> ziXz0KKoUwij??f|MPsz1Ly-d;X#dpwcEujLt|A8(b2rk6;Iz5IRk7ZLsg312lC!O1 z9i0-QJW02M6|-6OVhdrU{&>X&oubw1oh$d!(GHhV)2VU`UDL%8u+5~Ova4@;x#Jx_omGP+LO!it4T z2@IGxIi#n3b<2VwKxvZ!j*b|F_fG4>7k{2S5oi+7lR%S!rT|SPpC?aSU8QKAWt*m* zpgT!$ZTWvpn@pEmrk|K$b(8tJz>sO`)Qg8 z*Ul}nY6a_OFoD9Ef5Urd8{?|B(wQO3Nb~~O9w3e4jmcG4SO+QBb!Fv| z0qZGv(U__<)|Fsj(v(+qgSBB4ai_Sdmokr}@~Tsc9w^l8^XyON@KrytK2^ra#3N$T zeIa|Ety)M^VyFQLyjJvEx`9B>Pv8WFbo_4R&Z?R8teYIxX11@iXEs!I>_vSTQa#ROh$GfJP1m!57UKbBlcs&*QRy)E>5X*Shq42(L45atc#UFC p^7P}(YBHQnu(e$?7S{J?4W7P$MG`V#10+j;Gu+ZKcKV+>{69&ojllo_ diff --git a/variants/OPTA/linker_script.ld b/variants/OPTA/linker_script.ld index a0fdb9fcd..06446aa41 100644 --- a/variants/OPTA/linker_script.ld +++ b/variants/OPTA/linker_script.ld @@ -103,6 +103,12 @@ SECTIONS *(.dtcm*) _edtcm = .; } > DTCMRAM + .plc_d3_section 0x3800F000 (NOLOAD): { + *(.plc_buffer) + } > RAM_D3 + .plc_d2_section 0x30000000 (NOLOAD): { + *(.plc_code) + } > RAM_D2 .heap (COPY): { __end__ = .; diff --git a/variants/PORTENTA_H7_M7/defines.txt b/variants/PORTENTA_H7_M7/defines.txt index 6296cba65..bc6be7493 100644 --- a/variants/PORTENTA_H7_M7/defines.txt +++ b/variants/PORTENTA_H7_M7/defines.txt @@ -46,7 +46,7 @@ -D__FPU_PRESENT=1 -DLSE_STARTUP_TIMEOUT=200 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751295869.6783228 +-DMBED_BUILD_TIMESTAMP=1779181635.7633138 -D__MBED_CMSIS_RTOS_CM -DMBED_TICKLESS -DMBEDTLS_FS_IO diff --git a/variants/PORTENTA_H7_M7/libs/libmbed.a b/variants/PORTENTA_H7_M7/libs/libmbed.a index 29612e1b2ac15a4be4bc97a695aaa2c17d0687e4..85d1f875b53043682d5f01132647c099fa1cc3a4 100644 GIT binary patch delta 77229 zcmeHwdq7mx_WuSG738h>egKIwD8mdh0|P38Ndf{s5-p+|sg}mbc98TmIHLGkb%$&N%}N@Xzm$&zzYvpR?B5 z@4eT4oDKi}w9RtBs_yOM?522=Ek15{*yv0;@EnP53=)@+Xg7emLr4>3P`8Al@di+p zXne<$M9a94>Kd+AlIX^OHs&FnXN-fqh$d_kiO~tlzclJPs+bt{kozbx7H+7;<41|H z7S!=$T?#R3VP|(@1-y=0V;%!-b`Xz0*m*Om|D=fKWe{A#Uuv97B3Rx3SLeiF)o3+N_6u6bCSfk6SS_d zU-uD{#|a18`4N*EdLAMsJ;YofCac$tNDL#UdZ6`hn9{cqO-w8$CRZ_MCo#!b2m!-E z)&6Lq`&8AkmN9_h(c-dlbC>Q!L63FB+z8OdJmkh_Xrrulp8>RS(IyNyc$S!(0@{>^ z-S8}JlJ!kD0MftdLYg3hHZlD)jE|KLkek59lGxX4YC-G%_gXu5uotn--}ugv^AB3 zZrZA$|MwzDf3U*(RIxs`P9#>hgEm6wdtSuq3O<8?>4EAIn)!dKYhm*mK+!0&4LVA6 zF`|^%nt~Z8h;0UyKU}~=*N6>+beY&NY`;Kk7~TY<>w?z(@o_b=xr!ekhTH%u3yBN4 z*jk`XQ#@)BiE9#QQw22fdDR`r{XzAT5G5n@Rk- z8WO+Z9F;#>40dvb2zZ?)b}tGaei6+NGbqMDv74^kD>*{!bG`KO;BsQu09E~SQ!%kO z7Dpc?b}f9>o7f$o#D3B2G7>!J5KVM0APHLN3;%OW3?m5>sr=zYkvB=u!|dfG0Yl|U zl5lTtl0cW-4Dfa*sDY~e(cJf6%pwT@Dt|N!jzo|IeNb0O4d?tffh4#DT1!l9lS*0~ z)LlxGB1j^~%$+3BMbI0FEBr{J9@d*lVpFiEgd}q8ok&UI-ift17DN(T6x96+2Y0g( zmq8ms*5g7`KDdFPH$70ejSOx%(3Vtov#wX@lVtEKF5<`%GMMADVlvo84C$9cR6(`= z;Z;k>piH+y=^p8FrE+852@*l)!(D0j(iP8lXv= z_mKu+&vKH~7@XWjl5PgYZnoe(x{VBr-${l|eo`BiXUQ;*S3SuvEgaoPhH;!qA;Yvl z)&9KHoeXOMP+3Xxfa<29U@uALC^<)xT?bVs-)keu_3?s%BxCpx?sI&xog~ZnI)o%& zP{D7WBv}FFUz-1#GPIQ31UmW;lG0GjjV37##fn2D1p&owihJ9RkQ5BNPm>fq9Q7o_ z`(DH`s5=?%0Oem==}Ltq4g>zRhzxh)w&-)@CJcsq?gVwGutvzDZVgSt4WRCgPNxAQ zd<{e(_yQTx@3ab_{a61J{!59#k>^K7xC4|6VcW@wRsd~QrN2az5p|I2d4kjft$(BW ze_N|assOF~qZPhWVMz-pzt4-L)&s47quGAH6h=~S2Bbf~dC;4rx`I>PNvhib^}qXs zHB8p+JuZ{msr(@${LxkcZ7s!4z4XRVmqSc62i9~ax1)gc$Ny-d`xLdRg_MJC+R)IC zZ1*H_Bd9xtH9{8n|3;?HZyF}r`WDL3N^2)g#Q@;1JpDr?pA88Q$my?Wo zpyEc?Dw5$2m=Z{a>!7ZYM_(WrO~K4Ck|ASGNj=c|HyZGJSp>;wDrj8+&x3{T#{TUj zLjzRn&l~`Y^M?OMd8HD8jt9snw}84!P$T6~w}hgR%0V|B zRh~r}1*r2!H67F;WIcqSDR|*18PzDz#y;4H=gw>=qrRAbBj`5|kWt@HY%nt0ZYJ&k zb%&6fWY`vwOxHji#M|bR%vJ$)DxUcO$y7sS7RltecPz=QkB3T0ri@358xHE~Lse%< zW;1{)LJuq)>T;(+!4Ew8kWPTCS7{vn-=RsmJ}qlNB6`m0#h zGWV%^)HKC_F|(_QOQ5b2n~6tVva&JC->xBJ^g&%AxsP)-os78wkp4H`XyM=V25Xw8 zeC+KkkWV}0(c8!deLHU>Z*GV;Gd_!#Rzcl#z?ol$nAvgp4n?bRg z&2}%xdmp(G;Q!4DEUrbj10<){S#?C3Nlr{vEr!&P96e;rAvqj*@O)j+x<9b*^HNC; z$D$1+r!JN)A~~*LttZLBu;nPBIq>0Dyb(ll^zZ=~?f~UqTK4+O5t5?-`hSiuu3aa< znjaLME|LitdOu1gXn|_|Y0e@O8j6(eWP%n(og@?LfY$vnVZt8L!l14zTmr_q9ke-w zHb5qIdx%_6{_7Dk!3oO01B-dS72J&IrSAjhLD}Jbb-*lPeay-A6H=v+K>D|; z0kHnJRSlqS2z}n@eFR0xHIi2!6$vDdV==7%$%Bs@up*k|tv}s(><%M&u7j$R-}NGS z^>HGFEudg8jhZm7MTNbpX71q-S=fAou#FJt#lLmt}=AoxSk()r>B}m9QzJ^S4 z9kd~2O>RL+Z_;qk#yr%BXR3-x0S1cQtbcFM5>n7iphEEbM@d1;gSxKt=LAyVMBy!) ziF-in2(qjpg)I%*P=(SVQrHyi@g#+HKHAwlNn!JX-l*UTBteUUx~_0?at*l& zWBkbErhqo(VK+QWn`FIgz(YAr0d3sFYz~?17SIL?`qrCFZVav*A(Jss>}H*NMIEjY zx1q;2QdAFA+=!S+ia5+qk|K9wWOq_@Gbnab`(Az}DRLLeX$~nWZ$;3SRK6FIpdM)b z8#ny^Y7Z%DUO@V*C@5~%n`olTNmAToP18slE@~>tG%9~I6H2_65Is;m zg7SapK2qWeqKA?a8H1m671UK?!+6uGNQoX6l#-GKRQ_lJ9^6h!ngZICha39r3*AXc zJ<$3$n)Ua|J*4DDK>FW!L;v^Jr%6d8FuhGWxf!tk>*kwoxMw{_rn>^lNh7Msba$g@ z4wUvbUPx-b2GSdmlzqHa7(!Y*1==ZZ5$joK~l>g=v zexvMCO9HtG6uXJtOZ$VAHUp@t(1$}vsUFs*lG6Ivc!89_NzlKoxgOu(9K^zPO zympP0?uQU_9Gp)|Io>NKr5yj-MoL}97ZCj%-&K)P1+f0p@x@Ko>+49V6J_mfq^#r6 zS_GL%SzYufAZ1kkkP)^S$DjyO#$ldF%53Rw1yvPTc7l{~%&Q?~jlt3*q)Z!BkI>Bj z!~QQ-3wK^4WomfUi=+;xdF4=dlChdf6==3d4S9gAL|~BI89~)7O;H^=z>#w zNVDU&1hSwG7Pc`HCn*0y7WxOZ0%&U}t)r8+N~miMpsf?_!T?DBR*eBU{ml^$*iVp! zb&&?YImY{ug?cEOPZpMVk%hCmlZEpp>f_GU6@g5wLY9K)qGq@sza^m~#h=mPKmtL)MO z80AeWIqoo!N{)2?r6Jd;S4ic}cq;wp&R&pX^wJV1Wlst=vXY%0QrdBum|Y;#8fSLMy!>*9tPo9^g==$+?9ul-JmB3|Bdj3P zZkK*2@iwrWPdaRi(9v&+iIq$_9U)AAbg1^%5p0T;0?PBF*zJDaliF(8%Jv6)C->lt zcqBSm52N?%VVr?Qj`UrLcODxx*88DOS~Lc<&omj*=QA^hvxs}WBRcTNz$}szINl_g zPDe(vb<4c>rfO;}d*A!(&f1I`?`7Va47#}ER1Y@yqW5tRP2R3SIWs-j+dq20FL+o0 z*pB~sXZq^|(Ht8ig&MshrIKlt0c>m=pR?_`Zd7JQN1si4(PlNrO6Bi+M>2DWPq9b} zJC^FZ3_df1wG>L9oBJDC@lc0vW|@vP-*rb+)tOw|wSnN8qLRe4c2pqdV4Ok^<+N4APc2a{SrJk9=&t zTH%pE=5SV8KvvG%?dftrlM?!KM1OA(#f&H?=w^v6^amJ^8NBC(nR#y4m=fj&#%xI`B zEOAmyPDg`u*5DHWodVxSgEU3@yy^RUC!I)(x5q0PnvFf_>ldymZt<_a_h_fIzmMN0 zJ%zCrn`By60g=|nuR^c5#hR^-B&{Cgw_P)ar7eg3jcj{@-&wt)Vl|r`AwF@NUx9Wb zlac4QOuIq&?oWOrx@g6k1bN%Y7QN(GqMgBi`_ONMHY5Lgze(MA2Ep1y$RP1Hsjm?_ zY@Y4>4~6QaycwztxdCTEk^W1xi_4B!|HyVcl$dIEDZ&3>k|yKWBL5G1>zQP8)UFI_ z*K|#j))vkf&Yt|U|21J2R%E0;_vRVdi5L722pVeru9y60dvn_`hTKxyoHcC8e*fOW zHjK<5EBfk*GsT*urKTxR4F2UG*j7ik#R7%Y5M^NFKJ~vRP=_36wm8x?W z%i0Bai0%x=kn0?~Gn-W38W0k!quXM4me-K@fGp8H!z44B5im$I8l__g4Muild_c75 z-J^n%?hc3)WgcV5frzm=%KVq1=O{!cRtHpxIveA%m0JT|7JYY=QCJ=D zM37FQHN{Eu-iJbKI~;IU^lngT#t#G5i|!1@kgEU-?+JVoaHy|Vk%Tg2l#cc&3t;A} z0e|okVyQdgDGXf_K*Gc=>*m%h_CfFeL*>|Tu^Smvvx9EFfrn1B_fq|lXj4>cE zu`$lTtji7DDH?2y%nGLlKGCO-b3BVNP~7>}f` z4NUK)6_;$soz^UeIjOEmbwtE|uqv z07D-M+83=UZsRLK>$MyA><@x|Z=(~~SQzBK**C$!q~k#!chn=tfOYcdwfbz3m*}iu zL19}~hQok8@xMVIc<2bVLZ`O8T>w=57lV?;2n!VoW1qF!S+LM2I8(2xG+WJ%=Hp7I z;3HyigDO1JJNS3K*2n~{k!fp=frXob58t8_SW~>SGitL1kJYOiOtDs_1(l!$^=CCh zf(?4js43Rj^UE0?9HvJ$o0MkMz}^}eoGAuqXgoxX2_B?ZEt_EAsPwj~CIqkHE-$pM zW#IBF=e2Pxrcf#jk1#UtX~EsK8=s^_!Ef>mfvf7VH25H|lPo68&+^-|!R2F}$%ZnZ zS~bPQNvqFyfsFrCaEO7Ev33N=anMJVN6;*!Pp6%|on;u6%swB|={~EDI5T9KC2@p`|`V|e$(V#Xq{ zY-H!3k8v$1V{z9I-!0s7i~*L%!cbEgke^^7YwqFVuwXK3>hdeE*HDu{oCWH&FaHz; z6{)q0=U+9&eg0XO)w~+Ozg@v?h2OlmD3nAEV zHaRPbJ&$%>qMbq+Pj#Km3nyy7oG+kzs6>b7hOYA?HLY9uR@ZNNHKr;q*6GGP@NU-# zUeBnJV@)<`>94*97JIa78gF9M(#-^8SC6XTNOtIS*BYZvB$=$v#_NCH-98Xi4wk{# znSgF>c~=+J&3^0M&7+I6Ba1TRXtYaj{4~hGQf=L?rSn*{B86f_{?cwNe`)vEf8jxh zMOYxw2L4Q?bQj;#W5YEr63Y}UX}<-U)WsD&Kjyw|3nrA6-PQBHcpbH|P@(Pq=Roj7 z|GnqgySQ3ZT-1PG6=|HIWTkpjMk`(`@5Np#@BJ**QEG;9hoW@bkG+@Q$;p^VxM#7& zN?#^MN3zPSK3*?}JG#Bf)KdK^DKVzFujpI+Fc*jBEJw0T4-Ea7_jJ^R^2(Vl4-UN`>SZka?6FayMYr-8!qmc3 zv3wk4D-RvYMWhsxP@b|P!s)P5kq{nm2eqG-XE@r=Q%N$uTdvkbg z4S@xeC2bA=Y%q^mj3Fnl+^v-zi{u z@Xns?k4uZb2)Fb~J+=F1QW$t@*p=BSt5e7iYwkD0caP!g;rmn4dtZe2=|uLw?m@^w zz$HK$A!MzmH1B+;?$VO;ojP{=5^g46?%=sP<;COOQfH04{>vZNWo(lYzYLG;vif+} z8F@1b(%T%6Z$5fH<+7p8`jq9;;xEHPY2~i5=_jt9>Prmsj?aa^(m~44AC{iazS18o zpg)!D@(cybhRKhT0ZBgQ&+bxyEgxUDffA)`J zaelXc&qw(dZ0epR4ZQVmIL{gw1G0t<`XxX=3Pt$~beW-;fAy62_1t4BW8t@LHOX zJHwyN4~aOz2ky957+$ zKcqJ=d6*#33eJsrt2!9ifgk#x*0aza&nE{u4k(S#vXGU<4!Dm`Em^P;v>agQS}I*> zbMkoiNaS?14vYihm zYOV|@5uF|tGW4O=jtPupYkEXh@h+4V9olB!5jiu97Y-F^)_A*P_RaIT$ZOn*h>C;w zj5k@GzS6ysN4OUgjeHh$I`XiA$2g{&`L{KU;l&?S$QE}qEX{V>k1}pBX{JG#gpyg* zBZgiBoF?H6FsV~psawD;9i{s#4DFnhG<1;jogu0Nuk@@a!#^Wx_ZUqXXZ{qmJC4U3CIc+8!(uYUYxl`VQQ!8{ z7I!V`_wG6wN%TX*LI#R{s1@tDv+QmIU%idTmx^`J<|wnAV+#hR^2!*MCdaKc&f(jx zSun722oE+^B!Fy&Wm{kN4mPmob`SiXPfl6UPVA0<4(za$M+_R0V?zdQ8p;)7GGyy) zaZ*t`Sh7%k@1U$?O>uqp4O(i`WW4s%Addk&>Qq7qS?vp&5XIW{iayA_B4|dEW5eul zvfTQO7j&lxX=_m~1Bfr_NIYk(%Gi)H=-VHLKlS%vKXh5jhTa5ii3-E zq*rcNsd8X+fRy!r2?N`X27`Pg`h!oOwzt3|Od6BXEm%4`#3#UGmUMk!bR^GPDoGs+ zd24m9#m*iW6g`x85b(@=CNX;EW14xZ@SW%i?m|NI3%m4wv>5l{497Ta%kgM2PQ!WG zb1c(5*bg5?i&ctRyuqjRc#g@I6=$M9;NwkP-rUdhLg0|pr$$ebgID&o9EHys#RmL(%kpGqu7ZH(dT%_22D!2PLaExZKg*u&tIccEj*K`RHbH^5?Q@# zh=Dyd$k>5T4WZEklC9QwM`s^q7WeU~2b9eAk23mlXC}%3adsFEDBg*XJmVtnGC;{} z?)!3<2q-YV&%H=$5oIztdO#7AjTZ*;ER6-8MLl86)JlE2!?uA+lj#JXT~d=NPdvyT5NT&eSX@$NH673n z4^1@91Saa<{n}_ zDon{$I_YnUaZX2V>tZ(Z*&!?Dc7c#spnNKQzObI=KmNvx3r1#%hs=kMa|V_stj{yC z6@0LTCI{QaVk`J0FdAVjX`y>tJ@sPnjLHPMC*fyNCi6uGQ+y zbRk}rquS-=dJoI*q9=|SC#{TxY?<2Ma#A!Qm{tjvd%#ATD9cen!=$lnqh+afbbV*F zq=^!Y%NSxg%ol~?i2|-|n5>d=ET4)l2`cHaTuU!8zC;Zuz<^C8w=A%{t1Zc4Sw^LvWxyMxohA<3&)lnLyF+82`}H(BtRQZTaI2?QgT{6o)3NAkW? ztryu2BRlS`6Bx7>zVwjAqmQg^m zIR>1dBRj)Zva?oi?zTq-v#4m>Qof)9Wq>$Xdi}%XVNufcg9d-*m1+|kG|&f_ai-0e zFZjk8+0WSad$5odw%&Xrhbr$g5muF0O`B&Y-jz@x z+u|L4y_A!-qkQ9#6`enc`q9>wPX*wNj4pBIR-S5Vvk+FR;v-z)l^MspGUNUF^DKrc zH7<7-u9&@!yJWv`RF{I}Vh^FY`CXADYI)phA|{7s`EJY3Iz0 z0Cut>ucrsw>1m&Hi%wj_Fh?0Imb9~bilLN>4tp#t-TRZDf&IhJzU)>#!LiC>AkX^; zNUMHJ?!=ynwJ(g-3j`mH=1jM56A_46!}bqODD_}VXWQQqEeyt!%Ou}avSzMbY$`$P z8d)fGZ6+_a*LH0%q0Bfz=Do1QUhARK;QilH;PH@SISP!Fm-#B?Bj_P}su*QsWVUj& z9P-aLLdZ3<>HbZ2U%o64EgQ00*o>u&)b_1U3}6w*>o!Utly0%Jg4j^$0vx}pTL@I9)KWxuDgNF!)Yf|u}ns*vSH z8p^`{;=2<55Y-Y!W{dAl7$JIsDB}!Gu=14|R+JI-M1ok^fHQWynDBZ}UZY?#AUfi0 z&NC+V97#A5szbK$$=gH!O)v;IAST&aM=tzBFMBw$+Z!H*LkH@kVi5)~Wf`)eG`ozPcN<(3jO=WYo_-6g;Ee*xgCbe( z!Tx&)Qib!-xC378hz4ai()aNXY9-lFH~ZXUi5=3NiHb7hn1Q0JtPVfWZSYv`wYOpO zTFjU_SQw_tfFS;qK3HTtHMJHVzh0SxYj}58jchjaHNleyZ{|xgQ8N4PmBGuzP!>%F z$5hy*cL$59Fgz@0jtu@(ObDRKaO_`$b?Q!-WU6JLGUlGvW99!+VWPfSSaEnJ|eLZ9hL-MVQiOu9eG-c^&~^hT^ts&$W|x*WX3 zO?tc@TasSnn_BrOq3dr;kuBG%{QBvB;PvZWa&V3gI#=1-FL z6*&Wrl9`Wv*g-zr#TnmC9`-eFByonLHp{LUrc;|G-ZiWPU*CjF0&h#6wk}5`#C$zFU8SB-49Imrj^O+KNWa=WU) zP|ctKL-q~)CHZabluP=Xevs|Z-BvFt4PP1W_}f9nJhPDV@1n4%I4M@0wv`d*`NPb#?aC zQ5vX@i)EP_6{-S(t&`lX8|XYCvhM@My~M zu{@o{Hr0h4&ROPdgNBD}<58_bmRGD7?JWYg^+&_Q@;MpPEoTQ9uKoDR zU|3gXyiKexQ8U8|`BB+fIe*A)A%`?W1+56oEwyhuLU;@C_;Gfm+K`A zu$Z9lsH_yI_8n2l9So>iIYU~V+d3;djo8Nby{nOJ(6}qz$dZT=)x7V4lAVQS<1h%2 zPQHZoSF2X!MX`URjM&6`x@gR^vb+(Qd>OEo*0>k+qOs4;5n}j&OPae|kFo!yI!S@e z&O_{)V4aS#{n7Tyh=e4bQ!p}n?3WRb@WViCD8tw$^<~jAp^WR+)U?}qPRAIsNw9@b zITvHieW@pGnkLbgQa=dbsiz_i4)K{6J0OZl2U8D<(WVO51Ws#tL@X^?I|+8GpGu7$ zrm6pW*V}7T36sgPd)|JZXk9S|1lSxCqii1tx%KwmSzI4hXRz$~xBK?hi9Y%8mN$PI z1Y7gh+-|7g;^cU(zekmQ*KXutKEA|L^jPZ1kNLR6hRWDKVPtI-pbY=~k?Z-&cT|QP z1u*VVYJ|&cMkerW=r)xpFnL$IvXrNC^GL4}9vv!Vxfxa3@k6(yjpgg|(7?)O@D1+8 zL1|)xyA7RW_^o?duRrtH#dI_1{6Wq7%o}OKIfSZZu*36py(|(7M<|SWs;hymIFdG7 zbOx~e#QaaC9Tv?L#*h=qSxrg>rPJUXqOa3>^VL|miDehkx`}QLCX;Qsm^PlfOmG?g zzofk>`g*90@2;h-6`c)~vC%jEOVP2#G8^2pzz!qDZG0#&J(|zAqWO;bho`UC%Mzv- zhd60ldstQHX-YpS48T%d&P2QbhFR0Qi}H+FE5RXJMk(5q6TsFzn0`UTA10V>d^~+p z2G8u6G+8wqAgN48?yK^JLx@hLZx($c>$HQ^Hq_1mSybWYX(s=qt9o|=6iZj zhN9br0TV$0j$PrR2X00XTuC&eSAliPvzAqCX?+bAGJD=xAho9i5^n$MT3MgcHNu#yJ#~phMYKNXHmKGQ07jNI2f7j zeGh1DX9q@KG5(-p?G7t{H`kL$a)*i;c>7FEnemT~mg` zH^uJE5=VcaA(A6VKITteHg&Qf%d0=nDwtXz+v4m};JhF^vn|h>!l0jvPCm=|q4Xwz$gOm6wCYrABbB zs&~YB=vY<6xNCeXYn&Pxwlyf8o^#X29pc;0)J%@!ewQm7#+~CQ(5mGex#OY?oFZNw zx06?Ws2S|isc~aOp~JEZbIeujKR-^)RiHMq9p8@o8?WAQU30_l$P}F3r3@!f(|ECE29KE?apPBW2M5Z4z*@oUAG#E_TCYeSzlrbBLCGwsV0>rZ zCdQ%Oh`D!-f01u1L*qbB3V!T&$#diP@kSUIm-N^1_wj`zs5s|gV~OvK7t=1d=~0Kr zi@7sgSJc19e;mzg3pBoa_~bmoyR5jD{ed|n_&^3{z}77f5oT0NV(%O~Z}4#$u+OHg zwhVZ^i15JRGOowu9OkR7PzEHFI4mG2F-II0fRb6#(42B!-0|prFC*t~+KiQXIluBg z0;)wWnc#SJOh(Vk@#ZhhK^4jw&AECxVsTC?Z(>m{bG(k_hX-@S@=%lqGGpO@!lGFV zp?kbM=X>pB@?TRY5m4U+y#8l5AC035S=82?NIn;h#tEDIMouR0EX843ce$!^qsI)L@cJ8WptjfRAe)ZAuEJFr_%2W=`&%G zsDLms+hLxtn|H(Flz`Pc;}7ncVbQu$A8$*UFrOd(u0}RF&OkM=DVY<7h@hZV8?1K% z-(BCF2_NxkM^q^D&zbB}k~=NQzvkK5$>Q7%qSJzkb5sLA zJ(w%pvuIG*nPs_$x!)2`;{A{0R`A8wxQy)0xi9kJDk=jaOg@oR$;zqQa>w!!MVyLf z#{$JDxi_5e{GUC!tNA(|l+0kl`D>A;O2X7DMr`FfxtqA76qj-Pr@624137U3Khkx=|(COfYjG zcf+N#w*)KOHKIimkJ?!3d?nTRsLZg?k*eEg5}hhHV^ z%6d1ihC4fOJGY$3`;0HeQWI%`k*vdsdoFLHsF|>|V~M}!-6PsYlyR)v#9pGWk9lYy z3}Q@UOP*LeroqVU`s9h5p5pa3#sG14aIh+k*}0!4E(zz=8)_Zxn(q;+#gO2Ydq#G| zo*%@A^lGsd2X$QNwHO2IKR*93U(^tXnaF&~^Lz36LX@H8M;Pbb)ziQhtj_5OX03>2#z!00iRonKt=j(=!R z`B0}yIQ+?ZRStdHPKbQSlYFq~WcJQu1=Ppm@6zp3LAECelb(?ZvOM}q=i#TvFe&aC zxJ;H-$d~)2Pvpy1ssH+dY^mUH1KUeW))$PFcFNz5!Z(kuQkMW(&>uqe7y0s$bWFZ%m41;g!=ygX!sQL=cKLFzG*`Y{l_a=$cJ!9M zc&S5(bn@AP0MF&#(&T9G2ndgVRY8BRyF&0zx*a2$55=Q z;Dl)BF*4h~r@+en!+4(c|Da&Z0G=aJ8H;}|NE2GH;>JF|rSMZDHyUHe1rqYCvL4sd zT6m#YhitQ1rQ|Vz1{U{B;g9@{C~+#1<-bwS$VpUPM$aQvv`B`#ZE}Ym=w^!$bNrtfbV8 zwqxd^axwVE@(9ZxS(F^ieb<wGs7+ewJ7NG^kXih?MJpIAdm@}c($YvOz znVvA(*KVE>!>UeCyT)BVY7f{UCIkPIZeZtYroGO`ktmt%_bTbf$9y>BdT7bCj+&`K zqe~v)UJYD^v#Em^f@AP zVY=C_qUp(e-V7DTd{#|=nYW-g`Svru~7eyy8J~&z5a7L;3mmXaL!nvon{C*Oal?Qu;SxDQZVj zdg<@{$Z<3*auUJ|D3mO}{Nd7bqKAeVEyuaMD?ol_GpuEtDB=;-9rdSDu}4Tvw+Z$+ z!K=9KY~5c=Px9FwG&*G6Fg%lWJ638R+Esdm`|{Bz*vfB8VH^I)>QZsi0M3hgrSxY$ ztAR2kI4fy5Tk_A+ZJIQe^hRl3Tb>WGIFSS4JUPDRVCgo|gsX7nv%Hj)Iq_a;ZNsTT zmgh`X|1tu`cOR7|h>8#+v&CPOiW6Yb0LxKl7gZ%D143ej!;=-qWYB+0xAR^&Dh|l< zyDVk$%U)$UqKZ-xEFb-^oXQN#%=c->IPF;WsctMf50Ph8L1i_3S`D?6ZRt_gPxJ;b z>)7XEWwZJ8J1Rp?V#gA1wr)__1??QV(OmYi2p~E$_n570wv{)5m_>>{coW;Deg-yt zR@p(J5ECcCCLtpmTVA$V^aU^)^Le1G^B`XJpp3*_Wk2!>$ast)+XdxSagnAlM+W7LUO?p8w^U+ku*R#ZE zDjxHtL%40u9-0K(0t2K!_7uQr)Zfoq(w)~^DuIIYa_9Y=9>o^4pKawY=TnPXr4KK^ z^zCw=*~>*WqGC@xGyzJBav*&6Q0@H>#e_QaG7{{o@ml=j%O0cThEL_K@ zOH@^Z(^DZo;J@%l7%%QBlI0b&%4s8#d0~+-1B)=YXMrwP`Oh$%8lJH5Wq%#X^20$tliIa`DNRvkvMX|d|79JLL1r{il zKWkw>QOlu>jq?_MCh{o8kncgSXQ^q5L4J30FgyA1LUF7XT5#B2m}Ib!62ktLb| z@AnE?T=55=SI13^T2}GB=!0T{oEw{^Co05FZ9H}9%8K8GgG(*2@GdGPJ0IFmkt32# zg&faMEP#_$&hp86TzBDH6$kmeF3w0gQ}KxC<)|o(64DZ&iqNqik*L}A|`it2RaTXCNP1Xe+pUNnM@$Vs8(uJ_9VeQYyn&dU#oW`xB%%@m zhJ&izXr=2^)w0$xfZ}d(TDiG<8j;ZZATc)qv?&j{@EO`9t6gURZJOH@0}lEUb8|qO z^RNq^rOmRw`36AzH(y9IWYA{DpN8?#!WD8G*fJ8mH?R)0{>hn5B-+KWkb^`*hdsoC zfMOS2a;VhnM>x|diu65v`>kXJ}7^|56uu_&N$^5wR+18qy? zpqsX7=)c?s@efv5pIobt=N}RQ;c22j*RwxKtO zE>boSTXQhWo!Dkk@t+e|VIVdP&x8;ghV8wG4a3`DbbZkJC!d`sHfQk@c*q5yqL7&G zecKAOd5SZ(k(g$IHdjD1pQp{TzM0BFH*KE#nr#5Yf17&X|BwHA?vJf>C#{0DACXug zkigaTxCL zAaVC)kvO{Jc0g};oEoUwjh4Rt@)8mUpyIz4!QosIrw{53sqviul#@880R6w57~ig% zv^uD(lqTkqc#c`8NxYMww-8qiC-Hh%Uqa%WgI()LJjb3#D2d-Iguo}v6xp#k{gRvS4lDgid|H$ZM{a4G3@dr$$I$6 zOhyLx#W6IEjC6qVA8mA`iX{#MKG{Y_%DB@QL~cU@TyrI;D}^;d7IkT88gBq~tvh7{ zQhX*81zmfQlrT>fK>4qJ6YeGF;>aIPQd|Mbg|L$(r42w^ROzpUB&8lw+qshlpbamy z{JFK3q$;5GPuk!&RV--*<@ei2Y6H-Q7h3H6)o~>Cc0l~|iwELJsxvr|Mp9h{$p2j@ ztZ}kN-4Q}YQSqOM&^>Je+E$8Xz4X>lF9c7t1lFdJQ79n(@f)plouXE?l5)^Z8you3 z9rqF!g1S;z6J$aE-{{mW&BNq#WOP$OoBE)$&#hfYM%TxtUSxDV(E2BB@EhX4o;9ui zn>ySvrhPe4MW6>6qlaD}kugmHZOTI~e17NVl%PIywHgA6}cq6xuEq0{1q&8HTIn( z=^CI~H*dLjyo{uuJlJ^rw4bD_1L9x(<}LR!JgSKT?<*w3C7`Yn)I>SdC821da?njP z7Azr60_6D_%?EV|Sq~v-4qm!JGMWV1)CZgJ+^Lf!x8!?ulNItS_?-noTjwh5@Lc-AhGsfOw$B$MO5WhAp99^61OMLfK=@u1E=^rA1x zYynV7=>8ofQ^W_CS{o4mt*^A6PFVk&6_llq;7uf}B|uw3D3@8dh-B%2>JgfJf5l;v zr4Q;1>2}WZYe|+%Kve|QTp(G_;@$HktEr$(eNgMUAFhxrCqc7*h1B16pd`Cba^o@N z8p&=9>|04T3RwRs-AKwJ+0Gzy56N~Vs3>d}gr+$V1JOj#ratJR=OF%@Xt`^iYbE7l z{kIYnRP9D9U8ks3t)v`u(>k{-C?{iE9WejD^_AAsNn0btKP@6-RY28lw9<8me-+DG z=Q>q)O>+#$nRA{v1?nuZg?Q8{E1RPHKp@G{2X%(zI?iv4NX{*Q_`mf+E1%O_tZAO| zaigx0#)3BX0T=UWqb+u=0krWhbEyHe331kF18&xkaVnr{HyV3=d{`=J0%%hna?LZP zkC5@Du>Z$+=|>wKsk6#AY#`%X02CGa+F>%jC2(Rt8GkDv{%^hDIR9Y@8Q&_P&MBG@ znoMp%!ZtF&6`*=TN-vNJEeP6@!cp0^L1Y5Q313PkobYW!!2Vwi4VXB@lSnYlB@;Pf zmXL|AM4Ew26hZlqhR4D{GO;nZCz(ui7B4~o{|@p2l>cb-@%%7hCLF zuID9kE1>^3H(+fYdR`&9eSOstUP5xCYU?mOkmTwieG|#$$cN|agVsO6e$THaxg3iQ zlid1Pv5n+9gQv|T7sKWogyzCOm*TBtlB9l zE)S6t%74E`Cdr`uM;^%~x4`Q>$US#eb7bEQLsFF$F0bN^M)uX zCwZ>I3Xl)Oz7oXoU*$yY_ofh%$MM$-B(FYptt5FE_Lq>n_w+&YzUW2T5D@=uY5>gt zZBqlN3qqei_7Xuc!$9&IqN<$ab1a7WKl$+Q7OW~H`5Qc&j-BI3zVo2!z>k7aLsr-IwIM2$OqmA-8}wywDQoBTkaZDxhjN8g+eYEt%Xj(561< zqUT`!UlT1?f9`*ekjc)1I!kQ8E9fzfxB?UvVxLP2S_%^mlY%5y+}dx0P*jvfEyP`fy+T1LhlONMO=z8?&L0KK%F5q zTAv?&iY;h8Pfq!0teE;hWjYb_~kAy7r|hv!IP>w`M4^cQfujH33t zh-*OW39@V@MXe3mScSq#Qq&ym3L-`IKo~6yQUNqpr^5%dx?P2(g&QzCxHd4?JeaY0O;Oc2I6$8aC*1J~h z=}TOO-g`)K15o8c*j!S~VctTDU5(L^r1*AF?4tIyf=5WPtFQq2e~MuWW}88r|JiEF z_dpah0Bv~TmUCDcU)-{Q_*YR-($P#b(ftA`X*Qt!*L)#5GBSfmi5jTdjaIr&QOlO~ zB_*!JQ!7ac4qA8P1p_H*bu7zd>Sa7GVBo^8_^W zc?#A~pS1|bf~#bD3xi4uUhpN;+XBaWQ8N8lFEagjSgWJ7+geiE4c31;ezeh%N>*qn zPlkIf2-+;+`RfPtO01l3oUwn{2(d26%hZoUeG`P_7W*;0%o);B)5ZN7hQ18dX3C*29%Rh z4wD(KM)5K-LkCok(8BlWtro66O=h$f-rYfF9HO4^ukA1szJE?;)<>sD$jp{P=w33j z0cgVu%|4%Wjm&fgWkFJ(oJ~D%UCBx{%D0LHUn1Izs%{vj+Wr zdIy=+Vu1I*<%HiVyWEmRZUefd9Ok*C!dB=~P*s5y=Sc;}{Hvs*DOh@% zRA__h5nA{@%>Pui@D*QDp@!FckqVBz5G{>GZ3(FmLHQ5ycnaLy%Al@NINR$gLDBO# zncWa!?qs$D)bV3CTxb(e4aMK=A+sCeM;n>#0?g?YL?lrDL+jXY9hnna<{G42B69$D zvswxC?h^+|i{pA0xw{@J+ocj2l>Z==eqn6@+7?Rd>7;EE>N*2x+qhjZ0OG$*Js`%v zInDw5c~V&)W8j=)VhE|!L-9&dS=NhG&Ww1Q{<`osRJl(kw;^Z;sj82@=SdX`s&=E5u2a-1P(C%tHCR+bsyH6J zL8>@bk0Vt8D*ltOp`27<*y2g5nu2%Cq)H$3R??|JQpIr=EXQzpE2(NGs(rT*3Eg4; zhwARFfQ-JRnq$InQq7UZe>CP;>Pf0^$CGKl1TX*V_pAQ;y&J$C&<@ZZ&;j59=*a&1 zeW#)qds|IryEQf@s(*h|R8;-{HXG~rSZ7mvO-98No!0~fYsj#G+!&j%;EB%REcI`l zk9%-&CPbl-J*A70mF?)9+>y(~Xdu%XV|K{Avb%Fu5SLlse8+E_O)x&4Yh;gn*m;>} zf7wnInRdJIQ<5USd(Bn86M8o zt?=BFs;RZ&L(gx!X*14wuJF`k(8b=<-PpWKp2ys@c|&t&xv_VD_WV$rxBb7KnSMG! zG)G4X!A8$;mfX(kQYTHd>E2!&^*m-ZM+*x+1aamduM#B|%*e~YUNLyh>Y}AkIAb1U zWF^DBCim6}gefLkc)R21aON@DYsW|}ne6CBuQ`46#Mz?-Q?7S7Tlt39GQC&TY_bbG z`*gFjl6SloYCG`q2VQ^fq@z39ViLZdYcdG)-pci3$3OM5`Dlel0GT6M`8lsNZPiCF zcm-?bP0Z_OFRPN%pzm-&NAE)^TE?)%Oz&gbc0}ZQzpQD8@JjnGMq$yDJ^Y38T<^hb z@)Yk#4?Uk*Esiu?JI(u`j}F;vu?Rnxd4>z;*ZcXiD+|0AcGe6Nyp+~w0gFEhfs50v`S+xo7z@12_Bj&|~?3eaQ} z_44VaZPIFs&(n8k%1F%d8Pi?IXmbqYx8jReJJaWJ?YwgF-9DdrX)3IsK1sT7o5>^u zyqIZVzpnD>O>bp(T!NTT4enz$}&iAzPrl`oYn$3;?*WT${s9naS=liZu$^%Rs zyZD@MN_Q=%36QjnY|*Q}WlH)+1zrExH$|IK@T2dPo;tpbwK;t2-qG)1uujCAA;*x4 z?!a)rCCb}^8n->#FTA5xDB0yWzXOSyjH8SEj`Yzvh8Dy?$+9sv{#VGB7s4zgrg_-4?t2mIlT8 zXDM|uOfsYC{zJ9hbM%10$gWQGk5p>&sG!6@`G@Ph>6R#)<4xbS)c?5B7{SDeSxt=N z)u~tq>yu-2Y&Io%k|G#RzM9SJ;{PH~$;T+Yyb_vUjHkOc|*oEjl_@Fy(YH2$$cy%a6I= z8PHd$a$?4^_?&bv%`pIoqj3K6G;c}U0gz)&) z;r=Z3!GIcnogl?nO~TUJ3IiMUbikNCn%Ua+T>)0@=)3+}z^wk7GUyip1N&(*_Wc%M z*E8BG=jTF=&FIg@bq)+ux*k;AVuA*EaQB#Sw!dFs>JS~DSnP7%JT4$MB@>?47Hw9^S}G&F11^p7(z z;aK2j-g@LHyQ9%sb2`vNvy#F#uMUMKdi;L^kGSawwL)EXK}Ubc{4WJ2DGe*kKMa~Y zPirT^BCjr)dYPr!YIalyu6FHmSZULs3QzUz@`qk|WPoo1}u&z}^|%B~!D8!6I_H z4Ask+P0(JHYFS$*by=%)a-nX8?!5&{Zj3R6qR=oS^DOPsOS||I_tf( z%K;@%f(-KZ&duvDbXhQt`xTQRJq6{+ciqET&HuUt8Fa`oP&XAD&Mc^3*ByQNJB;c+ zlhE~ktByD`B$*e2v!H=`ch{QvoQ#PRuUV|Z(jGzKg6GBve^&EN*ORf_04!*1J9Nk> zQIE-FHwSjhQ7R}XqhfToUygDuR?NkVdj$Dx*0DSqT9{Hhyp{#6y_bta6;f08-<5m~ zQwUF4AYc3Xxd_Net=--Kt|{)!SKZer*#N5W(eJuvnz;Qc3e7f?5d2A4I1B07Bcx1I zVG-@o*^7(A6v8#LNzN#CJ*e3&S<7Tm4RtACzoN zODTL>qKtN^f_`y}dVF<03InGQWKmC{hs>=JxI$%-*Ddo&}scmQ__77B1mG;jRa76cDh8Xp*$ ztzHsb*V&3Pj;;)TTB&bgiI~xi!AD-;CSeRPNo-FJ$&~HzE6}P+zuUS?E#iH(}m`p$STtG-i^Jy?+dJQ9Km7NU4sXaRaqk zlOhOZfU1RVY|2xiA1Eei@OBG&JjW2%%?+V-LtLmlN2ZXyDYPzAzyit=pAY?Nm`+rR zHCd?$F8eCyv!R0VTxi6|?%$D+<-Z-0E(LryYf;3a3-|v0UU)v3 zTy*dM@U91TiRAX*^&I^%*dMsFN9q%!{y6{qZ-@Io|J#SsQ&)wJ=R#vTo;)uSKWC@T zh3@O#ITf7gIfIb3?8R%LW4iEC%#P&N@XEqC{Mf(vMX(s(0Y55jevHc!hYUCr%2N%- z0BJU;sYt{6)QvHQm>)v-g*1wK{Nn-J zl>87Qvu95ac$nvQvDgFwmiWs6`%^mhTVVt(r(+4UnI0babT^rdiWB`D#al$12QK7; z`Y4$h-xwIc8}m4$;OM|o-jKl=r!Egn2-7hsI$CaQPYVkBnz!I_anJ-Cql6F}=Y$ZN zp&lr;i>}0mWfjQL8H9j?jf{Yltoya2&vcnuizIXQ2m=A)-Vl7M2 zXlPK0Z6vlUYtX^@S|$n5y=i3o_YErKqffZj_}W1UyvJWnYYeouO{bur`JJBzeW7Qf zJ(dp-cn>ZQ<0fL^VHMGX@8^R{YP!u($&@P9=A^-eg_`2FZytOsNX|dh#Mw>4S^u69 z?7f=7yLs-Q#*Gns-hxLO*n1}jA5(&jwM8Lj?7UfV?&{z&UKfg0Aw$*b>70OYwzhZp z7GASLxh#7^_^d4cVyH;7#@Zd@Z|*OKU*p}0s5r1Q*5v4zVX1q<5A*&^l*}Sdh95F; zk7K%-Uk5{u^6G=|+j}S$_cScc=JsQZTTGf|s51#8vxtWceFk%rPzIRPwS&;pzrDBc zK$W4R5cSr;u543{A;?ejF&NO862j9CCRn@{BmDEb?g&)fcK4{F#*Pjg_t;*VsMX+P>mv_gGD+FCO*WQxX)aZ zz9D(&4?m53@}DDq>bX>`b+Nbsk>9j)8!hx3968N>y1NkdYgv$RwX@ydZK}|5w~tYX zEU5Gk+y-Kx5=$xpfy9ISn+WsAPYV*xe#a^(N&lm>+9d)n+}9LBfJq28S3_oa3&&h zklTGi$03n}+`ZcgXJ73cB%}_B^mkv`PWUMK|*+uZ( zX$TOG4v7rsX-_37M2l%J&thlehDHuoY7b~*YI}U-tVcD|p7FiND&EnArYE-V!$_s6 zh%@Bbi^n3BrX9}fH`h|?#@_lgQklJ|#q&O)$8!wHOga^LL_2Rv{7Nqb4oR24){`U; z0)4B;yL^1u3^(@3_mLmD$>W=7W(4nQv@q{O&j_~VLgaa$P{&YcEEbhwo)aByw+ZtW zj2+BA`7JWVqLWO_FmzJ+H z^A2!S8k@JysPvzq4AI}vG;)iy8Q48LjK3@I2v#7lM_)BQ%x6!a;+XM$slvj;zA9nEAYdOU6Pzkc+E+^oH?ur74M}K33E%Dkq-% z9A$hkHp(r6CrOL}=Ep>tg|BDD+hGcJRF=|y#O!CQg{X)5aH84^VYNAis)fQg2Koz2 z`eb)vi#A8qDm4ogD@@S7ml_Z2c1Mki)G=9XA4_9j=5L}lDK7>lnO*!n>UZAjhMLT7 zx|xENgoMh7?`XP|KWTDlxUppw-@updP=8l@UXuC8ilDVgw7V-J&YFx-19Wilmvgw*; zaM-E2re74}(B8v~m8PUEI#F+ml1HqnyPM5?04Wyhived_;MJ5Wgjaf-Z~TM5DHxe~ z9W)<0#u-?2u**VpmC_1B8I(m=@o{3*Va#uD^nzebEzh2b_6g=04yFZy1wI!uoZVL} z+Y}F|P_0%uxt;G|`AGXsIojLuhf+(�f>=kRXEwS&l1(2TFqpAx374uzaLRWBrVl zrP|(l!)h6${qFWlupHvkMRAWqk2wry&B(QUp;SjOqgg?orH|6?L>V{l5eLS8ooP9w zEy>s|33!RKEeEuDQ1Pm(!l4?00Sik$U1)h_wN1N+lPy|{Pq-g+K*Jm(D?d2e6s7Rxp57K+2jtbgel z>4;vTM$g#}BfosTUSQBnc;6cqWpM|Zr;B5vcI_nW(DnX1^>k@OMBsaRVRXp5>#!5@ zbY5qNq@O<4ljKNpF`w!sIR}q^uE%r4(t9T%mUv?Z^S)SK+G1eFc)t~v!R+%dEgNfi zNrlnb>L;yVDSi7WW7YH4HA=4}mMR6~>my)E*#}lbAWyuQAh66F1%08TyM?pkUs*ks z?t6^Pt`D^>17E6M=l_{39|y4_~uoy4kS==qlFlLz0nx$~tWYGhliqh=R)-1ZUg zVMMv?`cJkFd_(|e^zI(Bz$(X@9UF^*ki=N6Qg`91;~6pRct))6AUQ?hB5&RuyOYmk z!z1E@wXxxRi7?La6Jmeh^<`9xn3!x)j@dBD&&D1sJgtQh*2 zpM}u#q>80&wtA!8htJhhOZ`&MI;=z&9$z2t&#r!CkK+|^^a+;!js17tL4q@iF4=?m zAP&xW);;bs-c-dIk9LduR*5GxY>)Pj>!2;e5tCgladk0?N^cA|JbJ8c=;+0B28WynB z1gj9FiJx2A#jlIku~h6^ktW$KON<}RD{iP{c4}693ZK-2GvZgpcUE!{G!#Ya;}0o0 zBFb>QeJ}kpzAlHycw#smeOAI=AuwwcJDh}Xoa5#o&TwLOQ8 z<303tjLdGP468FtjR8S?H*Hv5!oy}8z_S+a-{Tp>&M7rsOekD4o8>9H?o)?t;&V4~ z8{c?s*b3fw#hvFE_}cgWFlFG&j@ihzA0GAv@BGIlZT@6fUDk<4ISeW3FcMGdF;;&y z%#BZ3!tHQ0^!)lHC_PVFyh;6?<82NF9#1@2=pbUOkkKtQPcpE74NM47YEBrLorzCa z&*$Z#=1K7^FOl9qA>k3e82}nPVnVUQP?elI1| zm8xi>D0n3yhj#;_GFH8}H-WvkclbbqJcg)dezeeUX_p}^=7-@vN|A)BEV?>;qEalN zjH4cjKZkM$po~+7#QTTvxWpLX&uEyCCKXy+CMEV&!ibUCsj|eLJv9~jJ&XAxPsw=XNDN&S&+YWafCME`OR>_YR0@ zu3;7n*UT`wBF$HJ|2%PTv1XW0#f~_jG;vYSzA<&gw@RsqG91}gzp4>B*_YQnBRcb` zO?VKYb0uF}m%|AikBq3xSTLI$J2XWe9TBE9PcUDxc_&7^$!GPUxi>rogXQy|=nONn zE|1tWP}7-^Fv6AU9%h!9bfDMxi=IjECl1uAV5%uu0df1Z&o z{5GkE56G#>jJC)FrVB456108Lua0j^vp?#(--Uh`qPX#ddal zcygSQDWLN-B659EJ$yyUDNyw#|pH6~V=Pkka-=tIe`_toJ-6;Rs0 zA?$C-2bKN_Os)XEu`s^4EBQ2^tYAmOVf-lh*f`Bp*gJS+fYO-7WQdM~9do2wNcGT> zL0h>vjLiP_$;g}nop^|b_SoC64TEW7#ygeCBB=eK+Y0GVT27gqaA(j#t{d|SgHi*A zi%zspsp}0ud5&SKL7h@`(v+WPif&$Gg36&(+OG6Tspiuk(G(;4(JHUyOzoPol`nQz zBio=H7Z-U8OMaXUJ4}S7Y*p$S8lkEf0in`KWiX>^>Z<$*wmdmyqf(zmV>3QKC6iD4 zMeUT|&yFwY`SSA1DRqqm)c(YsdW_Yt){75pZjLAyX5L5(A3a`6iQ}6G*)cLJ_%-EW zz6}V@xapp{TPcoE8Aq+DV@C1hjxj`&U?rinBSy*nskJtqf-y47el_)oKaV|(0pef- zpZU>)p%>~v>H(!qslqkENS4^{6|$b5;?Gu|NR1q!ssCt?QFXC|$z=WR7R&dEf+W+I;wA$roMg)NBQuLW$f4pB}fyuZF&2DLt%C5+EIooE)FBJH#&|!q_iSY z#^%(~pDFDOl(Bl!=sFjmj5Cu*ujez})r=MwzDU`^{i z(H>G0R?iY2X= z@)lzWLx63wjKYnmT-ZHudD;cVbr_dbJeD>kohNaOA*zObBE?iI?A_wy&q7Y5ZBpt& z*b}fYGc84NHWnNf|4Ulkcn>CHcYOL3J|z%+KSZ<4QsqpT`zL?cq|+~bzYQnoL)SBF@~gDPKO?Er6((GWfih1%CUvo z+T-a#a=XHQ%cj|U*J)9(Rj!O(Ihnpo?p4RhY~N4m>y_4?nrav#cWkrckztl+>8Xgj z?47Y-I?p{ZacuE|j5PtgXvY|mV;t50+~pZdl!_U~WtZ1y{46JV6^pLFl<_v7LX1Wg z=ri$#pvRXPOO#9zRk-o4I`~J*< zO7PLn?Ta5|rlfHfqH&fUlx3A`)b=P;#qt*?AcS~OaKooOHazq@pj~LI0JOUCUjCK$N9|ctMW2sRjyUsu2kIM zE37=bM9!~O$z%;4Ip=cui-DQJ{0`(~Mmy#%+M_TA7;26(!+_D{#ZiOV z-+s%n$}5>w=~9Q-f(4Q>*~DwGLP6@{sVNmuzs7BggGPemL?W)-H1eEka^!)$TP#5Hoa2F?JvR_NdlUJ8q7d9!?Vv+*dB2NFXpcta9#U#3s20bLRr`MS?7;3AmU}`TR#6e>H#~QN^1`Fyo=wmF zhc=@qKlgW~s({IWpqin()iLBeKi5(HlVmTAX_bRzk1kjxdx@(hq|r8XVTM(V=>*VcehDP~Os67YMzooy}2 z+o04~FtVHjyt_P)_s8N6WZPHd9g=%1RT!%u&a0BARO9Yo{Wj&jtTb3LYrtXR=A%+7 z4%(VGPH9u9^n6+14GQQBTRH!0SKbz+Ijafk|kcO4!e=N^5!(&0T5sHcz z&O}4KW=8%mN)CxRMNFSi#TM)1!s+&1q%|3lN44E z|6ZkZL>ZfVPVS@B_OYHeP^h$PJd!5YwQDdkJ34jp#wU5sjWIx+9XeU1;;iO>lb3|@ zTn;0%>>dSf!CDLfKC5SB8|(#vO4}Y21X^RnUgh7T;6q0f3J%HB80=9PnVp(n&_^C8 z#2FwC8cgEEZ37#*rr_H_ybl5sCy|Bz-D3=b;Ygvs&^K?Azp(E4P=Dc4MzA;A@p?g4 zIDa0CBGGoaS333o3Rdcc(*}k)^2M74OO#Ge%rN#!&|OxumUr3B(RaD=_Kc~1OPY6s zv)(0lJzStEW8a&19r2QzpQsE7Abj?UZ|U;+p}U5b%K}k4>t~s=eu}2bnC1;U!_3c=%HImw0F|wA%oO0m69k zaHsI1c$hByS3Eo@jC>Xje-WM(5AO>9Cmy~LqMw69S7Et$7$$ro9;OSS8{u%DaJP7P zPIyN=yef3r1c!HpY2x7<;a_lY|IYxS{pP|f_y2EzFaeIB|HaL4x2y2q&4m%dvOjrt z?Y7H7Dhc^80tC`wHi=84pq zorS1B^$ZHw!l@z;{=O8Jzfd^H{kP82rdNT-;Wq4bHQ#ZQkcFN?|M>-jgzG@^m>vXT zy@UrAM}>gv)3+3cYbMFnTMFIeNd)27ky#mHe;^<+h-~2IZZAWP#K`lX0r-OIRWswjc1B}Rx%w_oN-rC zuslF*H=+I374H<;qq#{aW8c*xYq}=GFL`Q!cEICvrVfqP36=@IS0H^sb=QMaKjOJ9 z>I3#Ho4V8_7X>Ioj1~FQb7enF<)5BYk3sn0?brT2?acP;)Fs*>IqFfIpqGnT#BB@3 z&-~_k7MJh}u$rA>BNJ-eb{2R?@nqh}R3nRBveK;Bny}*Gyh{&{Sid2~e8CJJZU#ZQ z+fC@dv~x%HRa7ybr>v4r-Y^$0;2r&_LU6f-?;u(|x;U_lV+{f>4#-x4#`z9mpA;1H zU4&JsrWnVVz^(U>Ehw^b)?@6c@^jnI%8+K6%ynfQ&+_|CTK) z>C5ZCD4A`3s^nqbHZ);9&JYSS4Ejjp0SjL!xiD2L6asAKY-C&Ar=8I%JxTXZ#|k)xDuAX}}yS_e`xbO>^fhCoQ!DhwG_@w`rl9 zaC2GbPD1-TXDncS@3*vf6AD*_4in5HrzzgYe9MYPPTMH&o@`h1el#o;m*(50mQ0)b zDEB@p?&y!xURQDwj3GuQ%!JFy_k}^Z-==My&$DJVGJKgvN=W->O*iw-6x2}Ww{ZGj zBe->#_u;e3)9d0#MWNWSFMXvs_l4>EjXKtu_=luRj!oasdn9n{5|2;MN#xdHy4m(_ zrQgac5%H*C+mlNt@-8P_OYibhA9ygHh&lrEl^^C~7F%?ol?7 zHyClo#o)41d0!S>p#a}4H$iA_Z`!;u ztnBx}nn~hlX<0t+TUW70%CvVcDC7H5;JQG+#nGgP&A{(2`^Ar!RG4AXHF4ND`=zqM ztmA`a0~ISVIve#;+5JjchBD3^FY}Qn)2Z4AQ~cng!|-8*^JN43=$U7Zg|_I?cW1z; zcDorlX8xLD%HdixEcTT;#^BR=@XbQojJ`@rz@8ARCr}dpF>=NSycY_MKzKF=#vP?v zQDEwfxk>^=g+5z6BT1fqrRoD|)~YyPA?%46E0r=96DM7hYh+j7oe{|AS*aN+O*t1O zk2^Huv^?b;H)D7D%mn4lR8eh%&NsK$p&jr^rTT#i*p}#?U;Er zf!Fa>425ZH(&weG{AZ>oAK5_dgy*f$Op_|*ssEjMjrXdfWLD5=*3*2f*o4{1yuxOc zKEN{#l=0}+S;6urs9+HolJS5^;xuq+V$9XkvvMcuIL699^s&xTzK9Q|p^{ldTKOOH z2I#7~#m`_!@65u7%Fin`KNUlz^$M`&g>8Ade6r$b6>>C8o|Po0K39H@k0GIkim?jI zu*8y0NL^9o&zAkY{J5TYv6(2%Dc|)<`BkN~$7~U6jC0+XsiwRx2f=t?hCLRBJ;d#Y zQ(r4T$OmOmn+4d!X(TKEcllOL8jEd z#8m8FDt%PI@)lC_v`~o(S|ZE_nf_3Y3ra2nAeh| z9ecgQW`FxQk3CdI@7=REDh(WrA-zR%^UM9)*>%k?YzTy9|2X@A(xZuqW5!N%O8IC9 z8fEO2esgv!!9oY$Xy}|d@)uF?*DxHj&ICgVPWw5qM@e?b@D7ifuky-Ix)vqLl*KKLjV)g@(> zhm{tq8kvumRnM-x+K$)ERLHPI1KJS=Rx`hHhmzVbE~5`sCMmfB7MtwUpDXW;;b{hy zG4DVn|6nVg9;FC^;l53Y@Wq$Il~sJs1e$n(Y=?a{q~udlTj@JcQ}?64RvuBx2h2JU z2ic{xvBVblD$lMw<*IPa@FfITg>4Xyp3U%M9^I=>E2#?X`;0rvBTR{rX$j})yKP1Fiq z%2K1zb_iB??cY$9szja26R~^~gK=A`PAeG+MrP^nR2@(fC(4L8RrRoT;yik`>N8*N zepJT3%T-^?dlul{U~l+Vo0L)%lOZ|+KG7pBptkj>KCd+3RLC&jTnKm@zBfE0qxv&F khgo12eQ-C}M`_iB>ZS53XWURQ1N!Bp7T37a>Q_7cKT`&#cmMzZ diff --git a/variants/PORTENTA_X8/defines.txt b/variants/PORTENTA_X8/defines.txt index c8bf9be16..0555d8a95 100644 --- a/variants/PORTENTA_X8/defines.txt +++ b/variants/PORTENTA_X8/defines.txt @@ -34,7 +34,7 @@ -DEXTRA_IDLE_STACK_REQUIRED -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751296223.5654757 +-DMBED_BUILD_TIMESTAMP=1779181699.2134275 -D__MBED_CMSIS_RTOS_CM -DMBED_MPU_CUSTOM -DMBED_TICKLESS diff --git a/variants/PORTENTA_X8/libs/libmbed.a b/variants/PORTENTA_X8/libs/libmbed.a index 6dc74d033f00cb57e32018e994ebbcd15ac13e57..cefc01312e3d79a9feb2bd64b2f0fed341209243 100644 GIT binary patch delta 39660 zcmc(Id3;qxvj0hdY=mrNBYQ4MNN%>fCZHxWb+iufm|H&lavXiSIG< z3=LOA$+nCux<2C7zc9&J^Vi3Qw?4`$rbm2_#682?z3F+%^~Rj>tS?x9#?z=RMLMK zhZ8UN2iNCu4P431B3%ksaxL-ngWSVh38jiCuH&8{fN(E4h~VYd^U9-xtAQdYO2+21=tBa*C8u%$4?>_?y8*na9K_T&XNU z{FndZAMiIGlWf^MuJmTo>)&yuGQ_h#Y<`w2{o@Jx|Br9Y5&vKP&^wfB+@~QE>_~XXu z#g$xTkBILngX{SIHb1WNTH>$$pf~@08vN)Q;;;Qc_1~BFa+NngRgt+ILOk|i&p)d^ z$yIfWco*=_cetvXO%0E5Rcgem0eboG{BI;&eVD8Iqv+7zxvHZVp#P6vxMfrw#uszd zVOLRXGgsYPWIfJRUrYS8AN2I!GrYL!?$F#6t{R9JfAl)N@(x#x6EF7%<|Au#Mm7V)N!TSIAA0nUChj6vMLA)H(6ov?PjYpXVjH=-#An?!WC2%qHR)QpIvp?m0J5CLsrV7Dj#9;XuC8X~ z%_Uxr;bR7_j#6VeS9c>M01p-7)d0Qxcj$jP33rU=>f~teB(9Fqr(3wX>!okjaCH*# z^cQ%Z8TQ8$f0G)uCmJ}EvO_rgwUpb)*e0M;-h~c{>W$y{VtDC6z z8i%&|ZuC)a3eXGvKR<=Di`2OAx3moYO=;Cm&Mpy8e?gxAyPdOdx|6e$nVh|?Rh>R< z;p|_GcG5BU-qmy}jpM9IFaEfe&Q^1d9@6mO zVVp!!jofer;+6h*U4OH;aKkB$-p&p09%bObsrPcje@{aEzr7M4-?R3~J!?IHJc0TE z^#$rj_N?`~%N*^j?bYcL67;&?{50o~n&V#jzKIHmoP-3EB}aHpg86QLzT=v@Km7vUCZxvqF_-M(pzTU;&D%?#LgYdxD4lNn%?_C$JsM#Wo z_a;A;rfoJMVXL>6G-i6Yq^MwXbVAS@{#w%TU*1~+Rm9XAt&$N)!`U{_K%j@2M4OM~>fE`st2wnH;%E;{<-bub{3R?BTb8R)?5=Xq> zE>~=IxyI*2m@>lZ^Ms!wVsW|8Js#whQlI@EYB*aT7151WtJ9l9s(s=D71`C?;d9&kANMJu<+=;bSlgt291or1(CcNzDEjn6%ILnLLm-Xh7JJg1`A(Ttht-LqLND zv#`WBOiLCN_y$Z>e`ajFvIp3NrsYF3 z$m2WxUmC2^LuQ!Vq^Wbtcm7e4)OJ{RlI5NQwi;B}=?xZP+x=l_q}ep!?|K!m(WH0A zoyMsH*07<1wp}x4z|(9t1;_gRI-zUPfX5mY0X8<(p@{a9fM6CO zQN-yn0lo=T4ipjiP{4p>Y8ngypBat%7tYja$?J?LF}MCfobGId%()u73JIz8F(>Yjh#*>tnwU?M$V23thUpzFVnWs;#{CKt`1xn zK%2&}B>m06IZ=v;wmpIGk5EJ`j}IyeQIW`EaW1b?3_$^LirgH-gM4GCG0eDaZPpxN z+l(wNdF8&KX(<$pDJb@EjzJi4+$)WYem=;~oFC&%+FuSDFjhqqlhvt7`2PhpvlTGL z4Vt#;O-_gL92mTX1qd0iMQ;>>2U)eGk0p3N8ypyzbd3z2JeXP$Ma*gl-fvYzjNK4? zpiU7{b2&IIf+8$PPmsl-As6GR`7s38K(8}79k(MVBr8pkUG(^n5utQmlwoJk>CIN> zytrj{$lG>Bh9KXYo@CgLkn&hXT+^|TtwR(MAX;cYA@KVUe__cf4{zb!%79Q|?kSHL zVfcj5kt88-;OhY@hOmm;p(`0$GB9pnCR@c@F}sc}95}8>Nge@$Uj>O;FmO9FKgLK5 zLprN-&6d(U@DVnSF)(R6H}Fw2RRTkZ9_1$Lt*R9j&3|EL6+*lo32iiV%}N3?0eh zB?cz@4u-my7bpUjSNC`bokb=6$dV(WpR-jB3U;oNPJbEdUL~P8Sk+APAo<5bKT+ie zxFsh-Kkg3ht8cr3gH>Gi|5KCCsR!THJ>0&t-NVISP{ToYfWG%%yvi<^ z#axCg@(r7lqcr45^sq3SuOebrMcDVMz6Rk?T0^vq3p?JQdNJ1N;%I}xTT}x3#g1uV z^Vq5u1C#jakzk3>W`?NwvojUAedQ~BY3PdYl-k$*fVU7 zz`&%SJuJWLwMT@LJww(U#Sk~iNEyJMgWte4rM<-o$~xy|J;pC1Z4*`fkA86jaM zf*a?Dw|=4`hRJFWj>W}k$>Sp;HnX{1MrJ*1{m$f;*vQg*BK-Q%MS~33WOOdbPR@wf z#a6W#mh4^-Q5K`vKj}>ohx#fa;#WspW`2mZ0wys$!@wp$43MDf`w_eP z&^?h1XPZz^;*(BVK8omI2^blu-t5YUY~K?x(o0dN?9U?VSV~Zaof*c~11Y&$^1+da z7nHpcww(~zI{y=K$U~*;Ab%$%`#gV&_<@BGOaRg~Edhq$pS>eLWWg83O;3=v#(t6S zE8`%jn%JO6Idui9AqoaY>Xmr_0xWSZBJv|;X`E6QM5{?1AFI|PaLQDc=}JoEy^s`0 zj{HDbCcvp^SEE&Ht5YWi&i~6&>ovfswB?)xpEpIiCv&vdAXHEHASbPnyOgyn7!!G) z2eIUm7R+IFj-B}Su@4nD43?EDDZQSTC5)k zaAKy=p&sHKlY{^JsxgUja^hw+sNtNQ)b_Ajc0HOJTRt~(#YUAG)d)FdX|cQ@W6*kk zSIovcsm3;FMw*IC=9ry_M8xy1L0KWn?B)#e7@;Da$>y5YmhBugGQt(wQR!ef*mTaV zyy441n!$=q&+>>0rn552jVzCiI;t!_Alg01NJCUyuwq+_N}?vy3>@A~{qKy@hf+ge z9SOR*cU&{0*p3TlH|yyrUz$YGW9eRCr#G6N`Q_~!qKZvaek_CdWc-OJ5`Q9kMy!g2 z7Fcab3DJX|F$>}-SZ2|u*BOOPsmV6dni%r~9r$=pv?a%!VhGGSq&+R>VI6G{Lx>9J zNGT>*^4uA-kS^~~`-xyzPH4)67*D!Lk;B@+l2QzAof@-{?wjSndILxyW_cU`CuXLO znjI6F1a6HvK$nFmJ91@P42w)S!ts90qxAR~>27I3RSi*d(s zRB9*g=YOf;IuFInQ63bte!NOM%!^6;xfowP4GEYu(37SdVZx!pbTTkGwu&yHQ4IlW zFu4+oExEC~=*|!YlSQSmiEPAT!U4M+i&1!BlU+-Gx;^%R5bB;XV1os+YT`*^>-5-G z)@2x&@C~v3SY*P~CQVPpx*Y@M(X~hoQLtDIv3RK(qVokc1h@-Jzo4Ot0OA1;@}Cv4 zZU;p*ayoM9s_x=^(1y8o2*fT9CEc94@ z_SdoR(8B_}!5YuFIc#3WW+QSWF79$74V(6*;sZJ4sB85x1|bTR8I^h z&KhF;5RcPCYU2K$rv?^NK^wE-IH@tNT&n`Mz(Ku~WNO?Lm%`>@88LF;L_?Z~FYJvw z%$6n?n4JD9Za+QP)1wGyJTLt@&K>trT>7QBL-YU{=M?W5e}^(cYHLgXc$KDL#Le*_ ze+r0q_b)0E;MkS|7s=@+E!B%m8=S!E5^$!D~s(k?^UInzS#-kqT0e}IFe$AEhh+%t$AKem0uWy+h8 zFqEb*Q3M#;4BI%VI1dV4f=I{X3FB!^0{RV7^N)meKGc)3juJn!8E8FB@v8|THHv1L z^<#p2(Sa)3eohS$_*23tTDOIY{Uq;|NO&(zvQ|-+cAX}c%}SUopj-}|>s>4YU3D5h*ZshLNM*l=z&mo(dG5eJTdd?LuT zBxbOCK9y zr}*RV3_e_>B$BXrS!p)$@<`Gsx9Uv!tPM?K=~`U=#o{2~v?p0feiA()3BuRV@k#F~`w!q)_7@e*#c9voYMkna<%4I0-jnp1a*Orv zWdQEJ=}9UxjnlMkGu2Gnbbrz+gQ6`U_XsWSSe@ivC}38F&kU|o;)5+oCt2n|25S;) z{KWDjuMJ6FY;!6DwwYbv(L0hllzVRR_eroN*?2lhW#j|SJ@H`856ia=ef<AGA;<-qB)v~oEVCEy#Y`>soX+B`jrLlV8b`~N zP=yFI>s~mb4K6;P>dq3$A^zKgjJ}l04u@pgk`70kE??CnSoMX}BXAAE7c#Z2S5nOd zbePG24K`s(X>7U>ajG^@$a*C`l#DJ&Gt+7iz09}t@HMH%`(SliBdrgX1zUAO;-sQ9 z((-6pbvbooj5F!KBkeNVD`E&x&zR#XTN(Lb+H5v%Ffi#nkanI0HWbnIZQA5QMUiHu zY29lpjE87(nkG7%p|!J20p?$1Y>u{$*36<23fRFl7U=@e*#+8_@l-hUbZ%|4cElVy zj4*`c4mxMLraUrz*)R&0(L}6hktX((G3hOAs>3)t4@rq*TDp6$i{kR8r@v%T)S|07 zeH!yP>~s;dFc@`Ck856^e(4UXg$!7%vz78lCw($TvfY%7$_B`gNK4NJ;TiMT_8#L* zqT@5tR#R0_1T65}5dmwEY}lExl`XF@1Sl)IxET3_Uz2S?War+D@ydQ)@I}T){wf0< zHhII3duhqYQyEz-b&9o5mj943h^oM8Pi^+gSP)MMPi8ctLq=?hej8 zrWOoxpa@i&BQAtxX0ePR+F-$u%$L-BL9cVN6L!Yd1rdWO^B@xd>u%96p&m&(78_~H zjI&eUKnKF2Co|L7*$l>x>|2sKu7>(H#zSln?mbHG+VDl@dUo7`fl0wPnPtqxXoF1` zGfybS!MRi`56$ZEabXQIr>ACvvxaF>Y?htP>8NbGO<6Co=!YWs zQCW$~JlbYtr7>qmd0d&D^(xzMqKNjVvyLgt(e_5x3|dL7$9M>EW|&Q8@5m}=iw_J2 zrqt`q!o<9xPFlk2 zsqf46m)RMDFZ`H&iJo2HI`sF}ZKGuYXnUZ8c#}$+s>7|i^>lu~*>#rb&L`3S!Gt4l z$95WxO=yF}xg$6-N5`@~cw6lc>b~zs&5yMOqQlJzL0?e<=gW`k_S4A_WheHP!KG(N zqpp>86ULczF4Rq?$w!nOsb8&Qi342EwXf-tnI+Iuy3-qVWz~w-tocP}>rW9Vk0vku z92-TTx?~sX*|CWM;~|05tFXUeh?bN%3=>({z&MlkyA9tjQDJ9*1KDlo2Eys>dBeO3)CIAV2C{gx@yt9$ z#PS2i5s$i#Vhk7$u#9+pSSKuwD}h7B+j35frt*mvzV?Vs{0tWQ((ZN2nw%)3a_dKP zra34AV@KjMO|KG)z~m#H|292LE6xlU5AicIY^cS`{pSAWUx!h47?`wGo6pm`8z?)n zn>UBiN&?hm19q~>j zU+*+`byil33Q$)g5li=&hCq)E&+h$PNy)Mlp7np-BHh){DxB_;~AcY*3@Q`U1zQ1*-{ki7tw{FCPmuu z&%S64_n{6X1Gd2(AMq}eP#$axB_};>+vzS3RYznG^$Eex1De_Q_^zZ zpluLn;~?D$<5q=3ez8C?+{O-tP^M&2r0pZNGC_NAmd3^|EaE)iY+()y7buT$XUgq1Kf2k(rR$t*o9#g^-(_QITv;5;$)N~W zmq{KmX__s7Eygez$)Z2o*0G_1d8z=f?a3w!9=0t|mOuWlw#)?Td{|Q;mr*Rb74O~( zt8HNe=m^I$768`kEO1p<8sQf<+5EJ0uwX)x=r3${u=N4fI$3#r;up%JDLi)*TYaHCrl;h-$}EW@()GDBlqH4oBRJTM$<1X)t_GA-|NPt& zDb#K_;;!6_k5B|^xA-q}i)c}!0o8f#zjNm>C&OF$G51mWY66sp*xjzgZ--}Ixw1pT z8?s7BgLfV)Ku1{;zJJ~!wlBa07Y7Pt5mqgSl*22=ynnLLDF@DRoyoN1=gp>v`l#W7 zvla9a7b(K8uT%$-+2wi5XdVTZ))@$wOwIe49y-Z!w!wR^q}!-1)AClb=!&JMNd1hw zIV?AVX+^po%Uj2M4edLKOHj$1x+ss;O&PGZ1V{gpY?Av--ctH1E)*tqG^EU=n=9cf z^0u%v57st-b7%==cyr!NmPEmlIHc*#ynjAO0}v)6uru0RUD%wSZ&x0t&JKAfKi@qw zVKNdZe{k|j4F>9aI?=z115FfbXLH+0=#6{ok-_vMVNAKIZT zUBUdJ?A>>$vSj)4p%-bD0gl)}h9mZf4C@%FgS_Ss+e@?XC}-03 z;;^U3s<1P_TMwlXzx_YMn(0_HVwthce8C;}s&Rw*q%&21X+$%R9+1e`n~_Qee_Sw%z9tFP8Q?~^5+P*`w)+%%J=YBxYL^$f zWsuwZn#4DRhzmlGZ^>ON3YUAQg;r}O%r{J$z$HGU>3b%WyYkboS1L7JV&60WBmK?| z-tqHiy1r*V7s6gGO!MU0$*@-oV|+X&2wew!qlJL{iXhUsuJGHw9(N0~S_`v1?j}vG zg&zba#&8_x*T8Y9uBTaiuHm@R;&Up;O(6XCLcYJpM&ZhyLWd`(5r*$Aw0k57O?wL+ z9)&`e_?RFR?1RUAVX^plS?ClW?+V$Uz~e`O7ax(rKJj4{;`hVjc43zIct~g$A1?}l z9q@Qds23lf3me48&%zb)kt#Sog~xEANqjscbcv58LcwS7*eEO(A0G;x;^T86`v5$C z7I=7ga>>Fc2MX<;LCHeGK@d1nm~{~Tnkuv(EKCqUxh)S-v;rcLLtx_9`6cQ#DD!o zs2BhBv*7r=aEPbBpRi<4U4*ds^TI&SMnB<`MDG;P?*sUosDt?US%^4PNC!MR2FTb$ zg&sk!L4YE_0nKJtj;Q5Sp%=~4pkQIci}#Ma8bo8k5txB@fWN9LkQw zk1vIHJAPkO!ZHgu4zytJo5b5nuPAwdo}{7((fh2z{hRFRSpo% zB@5{G9R-ulCrUugA)}>9?@W>l0SD89$ieWky>yX{ zx7w~PyQqwCI&oEDncIo6wu#dVR+W^gdVv8hzDud}EoEiDDvz;!!^_y6G+Y5^vnxia zH*0|kH)*lgI;N~4j(Q7bY0%GTve2tMvm4497pa)tKyRWJdzLTsQ{io}TEz=*Gr(~o z29$5QUyU~;G|qelZ)F-duUtHJ<6g?cUxQ1u3w&ERnBM4 zDn0pA#bvs^lw)SL>4g!OG+OdnbmbYgHo;U89U7|DANzN%jhr=CrqH8eInH{k>(qWy zN#&h1&w+wnb6j0*r8_)e5|C_rrJCc7sJzHlX(*4TM=Hm$c!46E!RnbtHECu&Rhdi+ zO>w^d)1j-Ur&IHD%9>Nx}T zdQ5!*Zn>9{{F$iGU5^yV+CJS{Y8V(i3`24{2IUWOI(<6+fdG{G##SsY2y z!S?ak>I+eH$jfks7vIr^gvM5Vm@S`W;6{^FIj$uYGpY~JqZc_r;59Gen&Q3cR5EpL zb)B*U?t7(r9Zgc942kewbr>zaMiHV_A%`cW&@On?_|dE<3MSD$HEC?Ih^b5JV{6vY z`}RgGb1IGr$k|EziP3pAQS+%kV_>qVttQy2h#==`o*6|ExJXsCZ_vwPaw6%)G_hD~ zF|xk4gWhJwZBVeHHjM3B&<5f7_!)X~jPej|07*6}k5#^@_B)n%LfO@9tsTTdFpA)J z)Ux+dpbd&a8jd)J?yhyO%`kg|U^cimA)RrI+*7-go^haN6W~2Va2m9~wuRn?MPZ_c z8HFVw0qJDwf!a(qCu8lC4TozFC?lG_s?B7h8RH=u7uFrmmBwlbTra6&kq`rux#w#y zGvlHNr|J4#0n<@8!*H8V*PUUTE(`#28R&(vl(4$dv}9S%Xf}&bSOWhQ4Ag|bqu39m zDY5Plt$mc^W`L_R;@Vf3_kIlAb{|rAP|b*XXW^b!sQ)YiiVyU4Cz(&nsRu8!gjZB) ziP2g&lugqZm@F!;8>HON?G<$gnA&J=c|%Rz!zNeltDM@9&X=wq%zmtH7h9}i+@N=$ zSWvq9*VtIs%yKs}SSW!JM$Cb0&9jBN<7}ylsyb^&-6>x+F=2p+HPG+OgRE%l-nvU{ zCX{L41h1bx_8xfnPoLJYb8#aECT-u;JxtHmafIVc-Jxtcn_@h~A(i7wl+RAIFJsvy z8L)IaL42F-ZQ1sZlt-8JvS`v|wI5}v0~w}P`o7kkx%OfW6&Eu(h--y(nKY-39B1Ff zz%rcmCX0A3Wg`vq?d}N>1C!;A_7iN+fFqXK6X~rY)ZAhmpzp5oYPPr1k{&rQlv_EM zCZ6l;c6vOIg30tvc2+2cBY0v@QyT}cosq`D**5zcc6Nj53Yv&{L}^QX@>6>V8_*co zb#ZI%VLSUTXiyPFrf^Ix&5g^xu)nRM@iF@w%)!uRvrpOA(fN1M|0h#1Z7mhmaWIl??NTz@7 zIKVb(C}Qkc$01rri;M0E9-hhKEy_cP8s0C51~3dE8W!#u&XRKqDCdF9ImvA z$PzggSOnq^-mdu|a)=57!U~EA2nxH%N(2Q37Wq~8%zKk%tGfds@<&Z4o$u7ESFc{Z zdiAP1SHIZic^qhdw2xVDuvrWi^G1z%HlM{69l1?9Tf-G~m3S2f#rM3zbtmy%W}e~2 z6;rZ3$`#)l@##}DU9?-c3$xYC=6r#Eun=1M75{KS>sY5MhCt`s32yQz3@>KU%|PSI1XJXiWu z>s=)NXKZ}mqg?6D#NT|Q&1!2iqt z@n`rOk4d&@ELV0X=`Z`ZG8y98A2v3Q)Sv24u}^&?jrFj zjSo4`Rdy%wU19#%Sgul}C!W7;;{WT*F95SUMeBxemFfiJuMWC1nDZ;S%8vAdfvfz1 z7eBg(s$yz5RpL7XvNUm3ouN`Mu1cgqqdHCet$;g?eRLXErAE(`a8=Kg@Z!hq(@S%> zsxA@VRR*{4{ddlDRW}oV^NsHO{T$fQO~l`PL-qHotz6Y@P<2#1hY*k5?E1Z$-CT92 zh<5>pw{X>Wnr4jRs?~^B19bD>`Tvq|`P*Fe&qYTb z>+uT5$oo83+f|A)aJ9VnaVIJFDpz|8#NP_I8?gK>Nqgr7;BQS`cSL};QCux0p8jx` zt~`@OPJr*`a<$z@F#g@g{J(hDRU5efC5Zq3_a<_0)Mc)&JBXKKx+IjVQ=>H{T;0vI z;cKq0Gqfe1s{`W2kGh==Zu$^5`qRb5T9_ zHs>Oq{%~imVY|6{N^ujp`o7cL)PFoz-;s2SxOyEgegNeh#;If!S5K*OAy;2J=gtx@ z$MEq8uAWkpmaD%V5`c#a@oIo>{yU7noP;||xOzF-SHaa&`o}9={jJhJpXcf&;^_}? zy`cH|iN8aQ+WSUuC}myd>^D>HM9%Iap8jyhufK+d)rs#6s2eeSr=;vY0eE#4bzkGq zHs6Uc>P`W=Vf<(NadwfKru;W8g5N1ETf^BU;^_~_^{*>A`^Ey!P8v9S+ah)P$6U_- zd9IUA!uLATSx?T65s%%x#e0sx-Q53BpH|LsGi7;kj*eu><#-2t+(qJVt?}QD;v9E^ z7W~9HB;w(RS4-TqVl(IHNE<-482xPu=eQj@_6p~q^ko6(;Kh%d>0%b==pqda(Qpz) zPvizF5U=#dTl$-QE;o?Ukd@rP&QS&qyx-0Z{9h6hzVhn(#NM?}?_KKws_DWP{ueS<+*7#`2q8{EQ-YVS9IR>XFngDNmgksN{HQpQjRGPNg zgv2f0TGEv1y)s1wYtjk9s{^!T#xK1$2dRjuH(DhnkQw)RkLsx?X8Q#1;uu9l?Ni=c zG)f2|W{dYQ@`t~8KN+S3BLF+5h!EN*>dMKl4tgi~Dl!s|dY`ROL@d_$oDNq;Sbd)I zQ$)i!k3eTubH@`Uc*w z$ZhRP-z||;d>L*=Q;smm)+dd$zU{l~Y03`uASXsf!7yE`^gG0c31dpmRr}ctloN_5 z{Da?^B#J=WYWuU_VHkGB3Q|tV{9zwxb+rZgqvNO&%wm?5wR$;|ly+q@NdEDaDxeCx{rd)bJi(m-1?JV@M7ykN&FzGUF0l%MykFwcCWHiw9(oCw2wA+)rhMEU<)0 z3*`8(1EQm-?l8V&v1hL>1{HRCLyoZRq3|@)V(#^do`S82Ws25e);k?d)BU~Hu(^SO zN$vDr&oV+Vd0;9uKzy@)I_6DVq%Uc6q`<0@g z>!X6M4asTz0%0V!9g{4>geTqmE(*R~ z?+#K#EKUe64s}U{@&G;O`BCbf?H^yi*f_3O>cG@jA!qV z&D2B4fphdmA*7F0OYX@DIY4Iz3MTChA>;Z{En;$#sWUk%sq939p`5`%jGC6M+V6Bhbz z6*oFJGPI<3eD6#epW{6nQPg{6F_p)NXh#5tS4pDh^xn=ij=`W+gU;#<%u-rMf(OYz750%TKfujD9rj^o za9{kZ6F7+6vj43npR*r)d*^WbFLn->a9Irp!vXz$=t>8@pe8foT39$6Sj=Qdvv2rx z6POe#)O(u?*M-lef4OHiZW#gg-_j zS-kCpNl~DQkEevYM;>EJ+8zq;lS%uDBHEXPkEFX*v@Pg`MQ0K`UbAS4uqymHwk)9R z3b%%*d8zc%1bd-v`;)cg&3D6x_3r14vyIpu0opbhav-(RnCac03^@{hW~B<;Y%~G< z#$tUcd3tul#*b7)FIs*a97`0Pm@lq4$49);$8v?C>mRrU~?NZjVv!mz7sdaSf6mc{PC#ZE4 z__=2-HVyDpbYB=X0wLQ{7c2uj2XGSgAKy3&^h&BWnWGQN% zlhNmm0P3?bFsZfmnVd%1VI6>bCX4eNhlgD5+!L11ULxt6s>yZSUl zQr9j6w&|SPc*F5NntqB+PxXinVXHF6jVz9fKE}jHla7Gc>OmR|(eWX)Efm*W8a{fFi`L*TW$LwdCn3(Rp>&qn*Q1PX=_ht6n`lFPzt8D+ub z;QDBTnRWupUp}31I+`S$j+q>%B4!T6T~bQ)uxIR?cnZceEDE7B3L8_CZKSnt?0Gi( zF|gn`P*+NRN{(I0U|7e<*0k71bhK3rA+~Cg5={{N43C}50zEmfD>F2HbgU-}S7fj@ z(5d8&TknsZ%eK-oV7&pP5R<)4e~g`?qq@hyBxpH_h#T8t-98FMINpt&MUUNZ zBLp6kJ;*N)#JZy$lvDQ0ae!O?aje^;E8u?oqyrAKEOO#V>~!VnG4ISsjNS?6$nTCRoz^PA#9POpk{2d`+mg~16hF-&XY z+{qmjm#_|cs$vBC9M=&>%Z9iXwvj^FHIle7Y}rN;M|Z@zGae`+dvBbcmMft1hs-<} zSIt~6dUkW-P+WB{+ARzL^B{*F$4~n*?rnBtfPqP^XZ&=wLZgVI@$uLDQpbsQ%V`Ot zOX53aF&oM|;LsK&ew(WSrqWNn=sv__^w8S)SMt=rVs>alHXJH7#aC!mz&YSbq`Xtp z#`qMr7-Q0kZU@daB$s!2U;Jk*NWsA5+!yf&==q)zML7L_*^lvVzmMY5uf`vt=g2sx z1kZ$F$_S~g&Hf20O~H(t?m>PXnBX2?R3yN;Hy0?vX(>Izfs@OXo3Mj3&?y}GzVlsg zEs2OsI9%--ELkj^{z%9DmN5xKGN`Fy=X>PFe6cIB^Ez}z4mW^054mPd^d#-+KP8-` z%Z(hE9ci|%N?=EtD0tJP#HZLE6V;+~#|P=-p5*tziSEHed(s%1c!bv5;CAAy>1c~h zWQ9OD&Y3+9PE2$=UIp=jev#@$CiF{W#R)i5M{?pf1L%;U?40SLckWA6u|B{-@}t)S ziSG47j-PuQi6ZhQCk|k_Obh|`2`}?>*5N^U3k3F0B#xqm33xwiUrk)+Lvyd#K#4YQ zGeCxPeQ#?jDP55mQmd$zsoy5LLk>(xvh}+T2&_pG^h4rcTCIhO{WR~@m+)SiWG$5i z<+D|%iDPRLh7g@3oaagvTPXz^ZLlJ{Np{UQ?8H}wogU`Abf(`jO=DM{^ZrXU)vT8o zJ2LeRO?V$gk(R!vv9SS0dE|YmfqdAnPil6uyonqx^Bx+v~ zbj^riN$pk5Hd@JnBOtE`a?OwJ_r8bA{7|n0ts2ZadQ#95-*5XEMTPLQ`@PG~fKkyJ z|I+U?i<)snTR(S%h9Sf`As#l0OZ=&~`+ZhSS8W-v$>KUK^72U1D7WoQ6|D_Ra;I-G zret13(gb?EBd0hsoC!!9(vrla=jk2`1(S1@q`k?Cij5ha1a54=sH7d#j&M$ZW7%L? z1aR7WpBksef_$)$um_SpR&KFzM+V>?oRq{?9K2npYTKr`Rg2@6K9sb~;L-(-fLtWB zxN~`uYPeu=Fz9#8M=$^+{fIhbjlQSzO>DJChF5kwd{`-Zx3G zG1+h~iFp8799w{75s)*jyqLr?(V6d8k>@*)2VL4>S##& zOUZFGMTWKldbB`2@q$+!S~8R*S5rrif=S!{L zqyJep*ysT4f3km{U5Y%Mq2+^hsVuZawMCp}v(=HRVm3|}1R>}LbPI{{gRbgn9$hmy zbp}0nmjj#NJX(rjPK`)i8KSZ)u^3(8gOgL=P&TQ;i>Z+M@O>tgg|4Uss4kLnTQ|X0RZ7b!G&iG_B(EXI0whfRWk%G=S5gCus4ZaBzgTy3c zq%EgiK@kwzxjg}DaqD+wY+->Fh5){ziHq)0_$k>IOm^+d7^Q6Ig`a195TG)_VVgJb zl$Vw?oXyChsZ)Hw7N5`P!(tP3NcUgN7|b+&0p7{nnX~EeQ{xh?jX%{=7BulSko>u0u zv`5y+AZk@|A{m_VSw&dZK_4nU)*gIc3=PLDsne2suSQzDgkVU<5g{osFFG z%}!y_n@rmVv+EJEhT!ay`>5e#oXPs%X1~a$C5mWl%HF6r2m-9)*<|>V>|M;DF}X|&mpE1yr|Z4^ zZT3}qW?@1Pfc(96+h{p}+{lX$Qc1h+2&?W5wl1LTPL%5|CDHLg5%3`G1m>79@rg6u zJUU&+@;j(tWb5yA-}I#F$2fr^4B%cR(J#-^9b}833|Mb)fkT^gt!$VuFgY<-H;$$q zap@YD>)fdVl*igtx@4vaG!1-igRZ)qD1*N|ym!a$JcQ&q?~nn5#nDUi_54n0YA-0c{&;r9sN8`c}4{%Cv2x zftY5Ee!H?I-q@!vR<`C5pX-mX#1SSPad;Y*(FC>31Pe7RV388WL)0#8g~X)snRvrk zW~4G5H0lk4J_;(xUq~?|(?|DAGTiipLBjDu#;eILd{oa+VytSRej z(o#vzFHEP0Q2AuwdWi3(&Fc6yrf8#b>&HwJ9Eym9O!Eq&h&b_;`H>Wr9_TH4NZw3c z6`o37_qSXxa4|Gv2d$*7#&U^1$6>2=L-noR{7+_F<*jq_k&zUyi8rHKhSFlA4G{b9Q0MZsdmM65)Nu(5L=9M>FW`+$ZbsGiAGjg395h$G zeI;h%AeT|Bt`(oV6_(q=*-&7ulJ_>+Y+5=WFm@#7bK5W)1mJy}cfs}|-Kv<;Rtm4! z9%p8SB940Iu4XO@MJ$cT-AE%Wyp>5Qxht6RP#)>}+{sK*w6{=P1jm)Jxw-5h6>rNw zKlgMB)f<-5A^!K~UU`%v(6$ne=N2ej?mRMKCZh;Y-CzR-XfYOLBTHHH~;>;59vXY8B--lV1uAbdiZqZguK_7 zL&dCu#kC3%}^21l-+CR!O8(ULcX=15S^Wa*oEfBzkIH<)yA&uDWFobY^KyYz&-4|yv+ z-@+y<+Ii=S^!xmL_lkt#pt6B&O6B@vr0)MrasEZNu*gUYv9&XAs~MPIz@{JC_RJyq zhm?nK(x`k^>x)W9_K(RwsXT?Dhp;wVr{=SRQ=AjD1y3tBPs=~4X2)iDx<~(Jkd~0& z=3l27E_{6VH|M)oR~e0oNjGVkJJphZnN3VgW5B@ddfHon0{&oPSeM_z+&addw7--8 z94)*=MTBozVWS`!_pX2B*U(Za6im{;&yQoS2}_%a>|p0C^=DzsfH#=$K&2azH(*^q zYW{NU=xcEr8V4L?(qUjyIC}tllbsnwEM7d|3N0YO5$nl-WaU=cKN-*~RYhpM&iPQ& zriy~OX>^rBRd6n?V3V>$ZRG{)=<{Z%%%aZW1vmxa>B2w%<_IF&M;2V|O9jLlg?ko= zVWdIwnq9DurrS~OP#jY5>=2eZN$4?~U zF8opGzoICOG^{9!_3@}9Q`Z&s?&&d5c%ro^+hZVkv$g2GpgvI?$N8<{xFqp9gX7A? z>-`*8M;31{;{82d6=L=kIXwT}S9ow=k=-LeXoFvcQNzo8gwXv(RUUQ1i2X$lj|YXd z;^mLRHSzLSq4p!Vd@d{&FFk~F;w4GQI{=q5p;^4#CmacW}2VyQD5&A-{pQB_l`fuH3(Zb zRwQ`c7r}8>f8nE71N#ZaBSmS{xMd8>1g=4xdBRWUs)EVpBSqU;@FDXJi^Y{0+J3gk zi{@rfGZ*%}RF(Z=ML{sp^e7HZr8bN4C60{ZVQev%OPK1wl|!M4^W{9}$p9bXmkW&P z+>!g5O?*j^lzX~=Z1I&EDhCE9GuIWzMN^$&2$;JjqpLFd)O*DjY4L&?&5gBxT5K~? zb{Il*1vZ1|U$o>m0VTflY!+n)V3ro&HME4K#mzE;>WvULi=J!yxDty|O-)9zfJRF8 zl)PNB-JqzZgbzy|)+-{`UN2d}cB7blWRidBHWoIbh9Z%L^;&w%2j z4hefd@$w-P%1d{!&<+EGxMo^{G^4V#gdVNRiEFYt&tIIeSm?-7PZo<|>`C@Rr5o8+ zA2UsI?Wxj1<%)ys9H3(#!T_lmIenPx;=WS$FqfQ>Tj>jy=Ugd`)~Ikc!DeVdXrPw- zGp1~^@@$-%QMQp;E!t)0KyGX-dyg&P7*3qEMl;PRZy!^(kLKjjE|Im1$_BBxSB9Yx zPHhHF@1-S`tILMbl2Dvo+orN(qgB*m)=RIlNfQDOrv;OX5#{@sIbZ^iquTN-$_UU6 zds+;a%Qat1%T>+60FT2c&H=`}B) z*h82$l+~x;GA|ukzJeZ?n9&@6t`ifCtlCs@AzO))0C{~lEjV4Von@0yMq9tG z7+gphp@?j4|=+LX8S#NUmM28blvQMiF9@Q0FWa_$`X69?Rk`tOo)-)DADCudR+% z9&;Ee_Eu}ORdQ~4^)gx-fFeY>pkh^$>+p=~2zri&f{FKv>J=u}ii9F0&AJMzFCVE6 zrCCc^Ft`EfoW9|BwI?m>MZpA4=*sDw!x8)AYLaPI14jheYJAn?H<~5+p{{Up&7oc{ zM~1SKI%}li!JL^jb~*=8I63!v&AJ3NhGr{G7@XQsb7p{=vLTHp1+Sr=wSKhF4s9KT zHN(5#r1Z;ppW3T5(T#%1%(&Whaa2_7paa+$4OWQu=AE>slHcUj_L=RPLO8=!ZM7j* z6^2kc4S~C~HSzqucGO@+hBK?{R@1oFf=NgU8|yr1l?5);h$VIGC=Ew6uc>=ZO|3@P z-kOZvSobwO-$mJp21DOdxM)k=*ECa&f(3XhMK;;Jv(A%lN>CVCf4xq83&5T_cH$tT zj=go4==leZfR_xNrH{a(2vL5cFh4Xfojh@th7ef>*YHfg8U*U0I>1i>GNB#ERbRuGX1-%&P z(_$sz^+SAI6`W|(0Jh}_MWyhsUrxozrs`W@o-p*u2pWFQJ`n_oM$nN$wjEI!JGo zI@4rl|CvY*Yk-HK9!?dr2aD_%=pIfMEWUzD{3kY=7JDlVT2U}*|Eql#i*e+7W^z@` zLeF-y$&7)?Vq#BY^9n_rXtN)o|HTFsNmM1|110%AKemUm2GJ>&eZDv+y>s(jdnY<)OIN$6;eZ z4cee1%h89eH!??^;&Z2BVXJUFDkzw2w>WkeQO}R@1Z`WuTA&JDOFsFXV=&Dr%k~H2 zHAy`)7CNpf&-dn69lk6;z}hD3TO91^FtkB(V};|2qSgf1HfEEOjgH~8G}$7f7%?oB zYPaCDZ$V$`M^U+)PXk{&>e$PC2!@j^)fJJ39(N39j#WkiBmCz9=?o)&=sPs&=R@3Yc3MP|624?!w_*6y!sPKg1u>F?|P~93m@DNS-qYR;Q l?C}Io$H0SZDqy@x`;dXp1yei25F$JJqS9UW5Bxu${|8%3rN96H diff --git a/variants/RASPBERRY_PI_PICO/defines.txt b/variants/RASPBERRY_PI_PICO/defines.txt index 43f6f22d4..6cc7d41cf 100644 --- a/variants/RASPBERRY_PI_PICO/defines.txt +++ b/variants/RASPBERRY_PI_PICO/defines.txt @@ -21,7 +21,7 @@ -DDEVICE_USTICKER=1 -DDEVICE_WATCHDOG=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751295845.4641042 +-DMBED_BUILD_TIMESTAMP=1779181752.2690537 -D__MBED_CMSIS_RTOS_CM -DMBED_MPU_CUSTOM -DMBEDTLS_ENTROPY_NV_SEED diff --git a/variants/RASPBERRY_PI_PICO/libs/libmbed.a b/variants/RASPBERRY_PI_PICO/libs/libmbed.a index 2e2d98df1780a3b41183ab99d560114332db37f8..261f604372b395adf6af2c72a17dbbf861f67244 100644 GIT binary patch delta 18271 zcmc&beOwh)+H=jzrRt`mCBNLrJ|%)-Pku;ai!IiR(rE|S>I>ooH;Xd2krZ}e;fv$ z^PK1VJm)#j3{O3A*0cx4rle56!1Ao$-)g_-?wZvMH}hMLn>RDucO5lfMPS8ghWi0W z&37i=IGf>=@p};Vn~j>UUhwW7hWo)r&9^7+A3K}*PJ`RY_-mveUuR4^&G>(SQFB?M zzdFVEfA~@J?U=lI7vq=4k$vBM{OvH~KRca_8s(RN)3XL7;p48?kCZtK|8<6AIm3V5 z!JlIIVMfhxKm)Aw0K-e;#s}0fZx6%YvgzB6)h>p|qel5f|9o%-!+)3227*cBjd=`z zc*zw;4NU&^+?B`qhZz2g`-UCDh^LsZ9AiFYgv*T@?S$hHBPhcSgtcSxSVs5(MvX9k z3iFM|UGo^>a%0uYjPT7y4I|W_Qb)sKM);!z~x8Hl_tO2T-6aK@Rg(H>mYqkINP3O0?OERfC)&WM*8tGnCss$PV55z!;fz~ zK0VC@K4ZSsD6}77>|vO~D~$t3m_q$PmGNf#{kG}{ zZPg|iBVb%5+Nwt`+Y*9rY3M)8zs~WhYCpfidQ`1O-O$+Vjl~AqtG( zRr<_}LxW(06U{r~6&PNNn%ejR@x+bhwGqk$Ay8dm?$1(Sgi-bV=DuhJCgFv7y=iHz zhv(7qy9B4W<4JRcSvwB`+Z)VFle92-4bS=9=-e2yLp<`L`Hyz(JgjNyF;~QCVe%TU zz`4-!1DQ^-{1bDTRXY!BI)=}{!%^JAY2SxBAgI-e%NHnxVeKd-En@MOK+9Pi_>-kU2zk1x?8 z$j0PcUS4(p8hSB4RNVh&=p$paNHP_VR{%E+c4s@p`oDx$J)|HIOAU5LfCV-z3G1O2 zpaQUNo+E~T_Kq;OTUjb0$R-j{Q*>mmnAsS1Yo;ZFEFbuUBA_V6xPHWO_V5 zS3K2_&zjJg-4W5~QkXehZ23dPL23h{McL~SKR1d0w>#obbcVRGZ%;%Ub)$lP$^y2G z|6@cK#a3oyI(K$x=%_Qo@KI?#6rqnwPzb!`qu4}};;x9iC`CzPtqp&Uxad(}gi~X5 zq(B3dtQ|~@tftnNU~*h}T(C(OoXm2HZ3U72kqRAYp18g4E!Y{S3L{qq3sYATwa_FU zpA>nRnt-tCxHhsh-$2TZIyir>IIl7?J6N`cdn0X$+65*rVz=Z?7Gs`_{D5XCLfzC5 zdBI8=WIoh%quDBLwU)>YJ9I!fXnY=@K=##%xua%vD?EtpN*xxTZW~E~bd9BhW^oBm zwv*50cO%z}7D$>?EFCnN(RsgzB?)rRJj=SV3LheJ*-A@~jwbLazSq)D{Xyih)mg%+ z4+yMit7Riyi|L`VXHqANjwZ`X)F%>hsGLDLKYDz&OW3m0GE$t_Y`KG;G=yHq^OjN? z%>?Fr(b7QePhhYgAi|5fEXSyO$qf6BMWAVtz!qMR_Cx>wSUQ8T?Vm|A&c9mJ9j9D1*X-VbYF?3XL)-3^N9yzzATtdP|g=Vu;~j=l#qieiRe+U%`g!W1|*< zvEz)q@yxO@#+g!E)L^UIdq^{y#+s*;aV zQybyfQE0RP)^o`uqZGgqEU;^G)SJN;fHj8D!PpaL8nGANAbDhMsnH`aWAF$GlR02R zs!~}+s8voiUcYqsRvyT7i1BlyieIG|BtuokMh}eA0p(?^%P*bTQpK}9CHga`4ns2I z^yq=nIv_p`S{VAFdsV$*xEJJRR`^^l+UxYJO_au1Y8|A^g?LNSPk z?Cql=AN|HU`mpL=GS&2~H1$cs=tJt1L>ENsN*sMb6^-EcUNgGe97G>MIanZmQ8L;c zN@pY*a@rQWZgh5x*(t6l9sOFSZXS4)-7|Uys{_g|VBLz3PHY?f+mRGO6*^DdmedSx zj`OCW;(;)SXxlk@egs`c6vDcGCJv)3wou?zt%b-cm}2$JK<;G+MmMVN*U^9Y=rHt` z9UpCW2g|c@l=WhKFt91znrD!FV1jk;FoESotu=P2VT!F0YTZDDv6Ne@BXz{daqo7a z0}c63v1fsGqhS>`(Z?&T#&Ez>u)sq5Yz9AjO$MiCe@c8r`cbGX{9d?Jo&gMPUB>C%81{_ z$F)o(lsVL09wk|?c4b`G1RXnBNJz;<$ftfA=T6nFk`cTdp9_|}=KJQM>ET=)n*Q67JzVmM3#BraR0;|9wB*tC8a z;NU~?b;@R^%Nw`GubfZ0HkHRq%kw^u&x@u&;x^o3=m|;aRyH^#(h-)>V=yI@NOY3| zCiXq)QzYn!Xs34Af~RmH!MVWswTF3!crZEP;MKvx;Y!wgOG2kcI7}B$&G_kMr#9X? z%v9x~guRAnD*jc%vP2zg`D}MX<0>&%{Nl-kmo!$O4iq>ykGePIImC-w6B@7Atp{Vb z4kTzJ0}Bo1F_dmMf0|&7+v0Nxg5Ei@h5SCLiNd~UaXfhNQi6E!(imHoj+MNJpozla zwv{t0u|dfn)IGiK#Kke{DjZA|lM`E&LmRssyM*<^hGq8)4srgH#41Bzp4psOrI8cU zs@osP@n7ABmd_R$vqZA)c^?qQSLZ(0D6^N&gCO&Kk^t#iD%}Uus zDV14lw6^Dv6#cmV^zv?qHfdKLjIj+Y2)0OPrLDpd3@m=yw%(v`-ws>7Qo2yCbuZXj zii4J;?&zcf@u73Jxk@!k(QyFJADN_$ZEU2XkfbW*459cyX}y6+WqMMUJ&32+Iyosz zlfE#`!KuRl*_p!tD@&8K*$*%8n4P2zXAHzDEG-{Kh0>dndX?&rssMKy2>;(boJ30y zI8<2kanEx}FKG4xk@Ni|INm?*PI^O=G3b;gDx_Qu zEIQs#g3IU9qe(&Wh!0r5KpG^gk0;%#oWNLSe0I5^%h7Q>iCtsxvPrq);7uhvgGa4B=3FsxYw}6; zaK}qfOO3rioW3tPpj4}P9hklGt>i4_gE0#1?MpV#rD77cL;kVjMp58kb~3rSdU$AV z$!+7sQ^uA(Pcg`{?z3aNe-aFApEb@GMS&765XDk4&i*F~B+K!Ew!@jCITgtiHu{AL zDM3aDQrLP$t`wv7?CzBI5FHoUdR`Q}%L?~LA!UnN`4C3OW~NlxbW4B*=H9h9n7d5P zhpC;oJ!P%BZ3wmM>Xe>Ym!Z}bObr;B-cPyHB&Kzzys3{ZJf$fC2z{)3%YSQiCl;5(i7c^*5$#zG1 zaT$}vN4wJBQ)5e-k++%~6>qiViqCeZPgT_*#KMoKx9OL_tAW_@?gDYtU(&azIhUZf zpG)u6qhsfJm7q9rKK&jwJCIcn-c1JGK;n4yz##^#NX+O}gH8g<^xd@k|G@1TU#dz- z2si?uzvDu!HaI{!muGZc7wnkUeHpz2OLxV8Kr8eMV2+5&oHUA5bhEoC@l-bQ$rbZ)%sFGR}Q3bs16=V$XuoFBtp!_ zWiHk)0nfnYd@@S=ZI)T=o0ZvTFkkPFGS{nD2GXXgz9X|lEjyJ4+QXSEHHR90$+N6^ znB|sznZ+t2+}1%*?G%Vl9mpK7$=#SnZ%<~k3M9JVlVIp{rsf=yD9KiJb8hGjn6^L_ zAAdHp@;2%_rOj5J)ux7&1e9aK$HTRCc2~MnY`#6K-Kh22ET39|6H++w=RKLFJ@m*6 zuKKKIRZW85-H-pI1#9-q<+S$#C?P0hwo zI<*4o>&b+$IGL587L6Kv30xYg`*Q?b*dw#6)Hu~C**hlNsAPvNTT>Ymd;mg6G*pPeTX$q@t^)*UYRT@(q?l5xPTqTPNFRkObK-m1 z_b82g$finA`aB#@jNCJjJ)m?wF$VD>WE|Ii_{<~xQg*BAMTvooAV_ZzHa(i;6wQ{L zcD*A(fnIlxpkE~&N|SPi^q82J03Q#;^uycHs@rmwsd-1ya8*u&=9mB-q*Sq}0KQ~d zmvgHcz@$yN@Zp>pDmpcYA6Licx8(dwt)0md%ZoW1)m<$CaYE!>5D9YeapF+Uy_?uPN7-(bXmyS9r|Cv%<|f9*aU2B^{c<6I#}2b2l3oDb^yx|2|L`0meb znWV#jWkav$vRp85#+SK*dOIWLZA_eSMm+!|$+6pAE-${a_3#r~)Cz{IBBfo)1Wipu zwPwA3MeD@r6Lu?G#V@zPWa=DGK6w%2)=k*0<|#tGZ|j6^z0#mk*BcY!e@;~*m_zQo zPPHH*&DcIZuj?j?iGc`8m&xL&y1WPjI(&^_Q|=rZ8NGg&cgq&oWA$6}%G6_;@PJlJ zn;=tun+Sd%MFrJYz@sHP!c>|CX@9;BtHIV z(s;3dRQ`o=!He+6Kjjnhdz3o}UMlAr_}b$0_*`*Ce*Q^C37CajJ(kBU$s-pp&BggE z3v{GqSFs$Nb@Jz7iz@TyDt3Z2sYD9IuM4H^ONLytIzLt|kcgq!`|^jBvJHy`zMSzu zeuHv&P~gyG`DR6TOkawB`O~iI&G|IYDE{CFEc7tmM)~v=1)h@CR=*C4GH{P=%%88M zKfDBoyceu2XS%)5e1sR;4)kMilM zrxDyOr$Th@Ok9k3;^X|=6oUp)KX_V49d~J3Kh583Fl+6_{BorRqeKR61sgRQ!gASa z0;;v8=8A`M3U+6cP{2!M1Npr0I{UuEyi+_ltDs29$&@B!{W>M#0}zYUd1t{v<v6pPpbanFW=b;^08%!p+T1#KD?6~S3#Ulo%p&e>iN(1<{~ z$?M|bW)#s5)cU+X1jdKMgYNp zi)=h-giHOlu$x?S^%BC8s)epf&Gv&O^1fzWvZaC?xSLzr{5lh7S(A`kUqptHA z(Odpy9x1N*KNr0y2C*(Ovl`YCVX|xCpxR|)o#OmZwn&X>!nrk$?bR3-2jvbMo2MKD zez~6kE*eZ>&8w-a$#Mw9RznP8QxrX`m4}2o&Pk6w&uViLW?I$4`t;(-^0OT2a*AKP z!cJAg3JV~8DhG}64)zmOUc##QI1AqpojJtz4HMQL7f^k7Q=U__{fTYYWGE~Ph)Ii8 zYGxovU$pw=*8yOa#$MK`W<6q+zVqxc<;HlKlXsTTPb5SA_-oouHf`?iWj!K z>3baN^NvopO{x4ftNd8~?x~9m7;)N{F zF}(`-;B|5E$t!!i^rgl$&w3{fJfdXVa?gMYB<5&;+S8@f#~Nv%!G-Tc2<}AD;)$0$ zPpB>IuxXZ%zrq`ZS6 z&T!7Czr%Y_4Ks0O3{pvA0F3tf^Pvg9S*~&rS5vRu&bb z?rLA{HIxX^EpM%_e**;)17aeNg>ykfu=P2p!{p1uh*7NgyGU+bs3(PqXDUQ zao4R*&sbo+jN6HT4O%`#=8`bhwtg8HS$ zBIGNE$7Zx%dhA0z(&IyvbuB#piB?LFvFM=mn26#h!{ZjTSbD5Md!@%#WS#<#!>C+( zoJY;lV=THLJ-n!-1Rirxz4W*X^-GUOk#8zI_Mr9B1NgxM?W|7?LldTP(@jUv%4u9K z*v4LHwxX@a?J?%l*$l&@&S_kRIV_A}UdB@+r*ko&O8j&#$8-So{mM569sPZD4Cu31 z0>KO3H2~TUSmt@*3^Nb4E(nQ3UDLT}%L6$K69d+iEISKrT;oeN?LxJ?oMX^|HNF@y zMcxc9$9x)AZNj`_ssVf$RRb9G?w%75m?mx{IxvG9HRAIK^p~p0Y)fV&!`wHDVQvDd z%Td#9VPi**VVI{--^JVv^I`DnBviR0+lp?P$*H-EMCFE=oJr{=1T$FP0q2WEWf}7!>kxU3JY~*Uyf`R~te$Tb2m{P9`2eu%!qope;f-fqf#gX0I zwbxOCq$Rd+tiM=gO@Qs3KTBzK`AM5n9Gd3uQ(iP+AmQSYwvY7B2+lQrVP-Ic>NoxL z1rpV*>xln?!AQM-^S7wgf~1?AUwIxnAoBm0^!(kwR7D`Yq4{V11DTX5u}DQ6e@3lp zBp|7Yx}Si5ZrGf{zo(y-vX6tW(7Qxp9bv0#LEOGd-p!Yv4T3gGm-$$~{KUL;<4mGser+*4aWU+7c=l?b!+E}=wk zI@z<*n{U~(U#t>ND!moDeJ<7uod#3%HVAdf6&_>Camu2~8QBxWHc==yc)+<|Xp5rG zBoYmE2}_k$8s%7fT(IdeW#xQu49mTY{!>DwUU{%cph#~8 zB74*6=v>j85co`uenO`>InZnn)8q(@Q}=;{iG3iw@ps)G<`kFa1?YDIRJp;TfXN`I zWon>(xD*975sy37@%IKcID@U%wkl;9fi*sJh<$d!i9#A zg-@%XjGFnQLSvp{%M0mOREnYqh`^||ajwME%@=W19`WyyCyI&~GGH{CBQ`n~W70K*nFT+28#dQ>p4EujJ C^guNL delta 18030 zcmc&bdwdktxwFdV$>z05$R-f7dG3+2&f`9~xB?#8E#EL={Ypg-AgcubS zE0$E?fS0sJ!3%0EQRxshN)!ZIqr`$2=uNM&flI6iX`xrzM(%g!oH?^I8}R+>A73W< zUg!J1^PTTJ^YSlGn>GTh&5ZW*9?35X?e;r=(s%lfZ@=SUmgB;2NyV9LZMOp<=^ye1WUwJw;r-ZPW&?9n8S%*7Q}Zr zaTsVE4jF-~+`@?%u3ezxUFRc7zM6kd?{>zb+IV;({uaj^u&>jrhm64&(Q5K@}=K<_Zkor1!l5zzk4yc&^bi+PVZ~is z$OsSIz=ggBG+t8ZS4X(e7r_hApDMi6&xI}pyLWLRJ)pWYv;BTs!$Y+> z5lc4EU78QI&K+qr3398|Tsp#t92jNpNH-!o%gmdijL15_d115>Ie3M6dzt}>Iy*#{ z+<&ckWt@Q`H`JJq7epZMH}@s#kTHTUCx`cnB04k5?2xxTZvKH;#{k~gH<=f!8&Tq- zA|(ob50N_blKFMJQL62*xh7SIRHS^8;NDP>;gqXCHdk47bZDw;$heo|eN?X&jh^ZRoF>W7M%8NlOp$BaqdK2s z;uxufz$1u$0S%5a7s=~tqK_@oaVU`$+&|buV-6)+5^7D1FP8ILVs6Z5 zRCQEz#VoWKk@ojuB0FTs`!Vg>P-%b6ilZeB#7IvtaWz`^$JSNqkR)0jua6o!ttU2k z9pj+7S{!i=s~D15A3&yGloiV-H94oi|CT_1j8emSx z_xlJ^-^+0w5&c?q(gJ}^dp)i@f}g0mwQCqvK$5h4rB0K4HSdoL%U4Q*?(=K>)Z6mz zxY7jXEk&;WW88T!LsIdU#CS=|T~%jBe1p~-7#XDu3^)4ITz633?~4B*UZ;p=Li0Wt zHzz~!OErV2#^#EIT9bTiQv5qwET~ysSH@SC>9j$toptfmdb3Ez^IicxS>$rc2kwa< z&?mb|K>UW%$#T-;@gHavjka&v6n{>uJ<)N zbZT9~RCxlD2koebfJ|?;9My^+HDLT^%NnC9RQ2nzlVwM%<+oZdF@3xc5J-u4Y_+V^ z<|(SL>p4rMmgf}de95vYBf^Qda8()KZ8;jz;rx3RNh_>WN$oj2SdRaXnVhc_3?I$ezBcy;-s&^35inMb6lVMsRr158lA%Ot}!>MvcAc?8we+*+P z(O)q%jDCf*b9KVST<^X-A=3517(Aj9q7x!r2U4VIq#CWaB!pEX8buhKKQhT5CMEnX zB8q){!c7qS)L{%Dq$Q(ophLDjIUT%yP)Ina znMz4@VnSpg>_|MPRX}P&+y2DEc@dnSBsQxB zj<^Hj(_@qR)K<4be;2!R!8({75!s z@F5xqduIw1rC(W7!sa?kYTbrOAE&2;4O&X-&PX|@TEec zN3Fz!5{;*5$>%|*N12`SU6mTx+S`a-~!Ku--;V$02cSrPfvY%u<#&KGfc5hviMVHBOz=nNCZ!wLx7G z5u_sGM}s?pCGz0~)-@3#Bvv2QTUjbFZG<##`S7HhP4Z7ySof**DO?IjuQpzkbou?m zkobqKi%s&Z2Zw13NRjaeT?OZ&=IKnca^_IgmTw zwA$3I3_}jSXFa73e}bgzJ0BfSj?>m(Y2}Zq>Wfc3o~s*$P!s#gQo{xr<*f6kLYMx+ zn;O>J8p*&<3clYDW0|jucgO=`YQq(*87kIPpW0nwL@s_RwRWrysp#_gMPCl;ic5nz z=grikT3N=r$e0mC>Zo`qHCG$1v@z0w$NrKU)`67Nbt=`Y?xR^a`_84V)_PT^8C-+(Lqds?Zw6lN}v&EDat^d6Iey(=dDa75H#Nfb6r zY1HTeM>^=xbu9QmNZV~j67gSf!?}xc=&&a%{p|@xVX}%f-;mDMs?2Ocn*PI!lGfZf z45{v>^qmojQ~tB`CF+iX=vRif2eo!&6w9AIp8neyLu3wYPVb&+G`4*p-7rRQ7oN1h zvh4a#(<76z{7gFAn2=_bm<0UzoTX`s#qrSI3+eLS3!`iWhUU-bXB@B?aJ`<4g-Hfn z&E$;s{BRsiIv)&LCFt`OW!z&-x>M^imM4Y_ffr3%GE8X(TuVpBstf~;EGk?6kg?a8 zON7$l~m zs99yyP?wuoU^no!PtGjR`3xO0I5iT-&xpj;Rc1z1kgnO85#@=Drp48fmRDYv*~=R& zf^7&S^)ruT?$`OLED1eu*q|&4cRiXp!8mS`*JsYx<&iSb;7o5{Rp-d<~kH?MHo^U(mg7cY6jH9P5 zHmg#X4vGwqW$;-xN_y6oB+p66dPc{jc;rL1S+EkTux8a5wUUkTn1ZZs=F!@h%&BB# z2E1?{qKr&mQP%sD!wm-a?6+oB8WV?bB&w|siWo6EqdQ}a^QS;oe zo$GmpcgXc;b9PP$XCRfv3+C?*#XIGCuf3Di1geyn-&SGQ%-2-=JnHfA{;TZ23xul% zdtlHmX5B^A@jtg$TyNlOK5lO^hPw1`_TyTGo;wozSNbn|^Hzf_Oc+q^gHPwa!_rOd ztgX32EU3(6uMf@!$T863w%p~cS!&+UE4c?)nV`77eYurpeY2=EHE*)~Xm{@WEQ>I+ z(x)C&zS#mhub$kg%mJz?_E>I*P5>%f@;Hx69{H!-4J@%JbLW}dUL7;(ET6j1=s%l# zCmZ!t26DL7=n|Nkrp*E*k~JB5y)3z&1e~JVgAe1CtI!8-$@>R09@9xC!I28=sG=d0 z4&0H~eYF}B%mCff{#ssdoF0c@T5!on_T^JfBusQ(;q4$yedNv=?)|PAylcju?*Ye9*8w7`7 z1>%x7?#>^_DzK{baQ;??qe@9JANnL;n?*3U(or741KVz8u1-Cjf9K7r-Bev`bwLNq z9E?+9?-$`hX?Az6Q{H+@K_~N-$~3Gj@UulQ#gXD&`gnmhT~SK%`hu+n@8q6M1%qrn zQoi2Sf&)gru4fAN8e4DeELg*$ie*W*_|?OOWk(9$W_iEkF)K*`3H2S$hXgoLkj~a_ zSeV905^_-UALHP7Aii)p%SCD#@vV1MVT5m8wnA-*O1S|CrxQQPF5Jhe5T#V*7`TY%VHoxn2$(yGazL0C^XObd&mlSF#LPX@Y zpA-&A2JZIlh1znQ@|oHSyYp2(7FQ@*6JP~td%v)5R5(#_&F>XN8rQ=Eg#)SK47Ati zB2|vLQ23&**A%+M?%hUMieA@s93EeuB1tC$IDS&m5aVN3dQsPk5WHQux#)IQNL06$ z7Hwixp5V}!n_Tdk7$X>J9`TJ`LPqR+L3ED*sQ%S%OT*l5K9 zN?g368}@<9nC#zQbk909E{wtBXXg#uY8;=|hBJWH_BR~u_Zn~wlbkh8;W(1n9zRU@ zN=x}~Iy2{mGk~J`nd9nw;W#1$8+-c7B<-4U=dMv14tAvy`(YdF7Ex7fl0&Zk^|ymh< zj%7O|+E7bI$thOOaYH1j+#sXumJW+0ZEVq@8mGK*8LBAJ)-alhz5qC`+zZ*Jm9%T4 z0#qy0h=6LB!AWZBeI+ll5=8a(Z7%82ISoE_?0NYOnqGqC(~9N0%F0eK>#9OpHWo0RBNkhZK-&;1smRJ-w{eiMg+GGG$;yit<%*;Hd zd}LkRu&zv>Q@}m=0T1T_@1nAUk=|;LY!ZwOC%2T%XO#^%LK54j-o@;EwyZ%%ho&lb zl^tg#m>O1juxu+E06Jrr^hO%1xPgEYC%^S!S=jWY_K!y?bm+{f)Fiq8qq3WgF(h%= z`$?E;+3mtWwqzpF9kjXDFvl>Tk{1$cvW+d4_ZPWdEL6K46P2j= zed_bOJ+oXBSh1zvLMd-%RUFHZ!yli3-ir@Pa?EY62iY7-?b=@N>S6)0s805}uIM^!P`x#y~vdPE}~XHBC6uq~-| zU#S~s)b{2JQnBp2%bm&coJIkjb553@U*`UpttPW5R8ta3@5`p)u4 z)k_kBB$?%hd1Aqd0;g;q>0y_fM3rI^oNv7bdx0tGo)^{oXQmUj;Ct0a7z{ahg{N74 z@W7BQH6FV*TCqt=>msjioMTpbo>K1*!_1R>uy%r>>y*!J@wBUt5t!Pp10I`t4H_mD z@TgTT{}azt_3|{F!RHat!B-%scE)(m=^2!oC#r8C&K7u&MR+qX)w@%D2Sc=yN!Kl? zr#dI^@V=twfRfeugtuFLO+v(!2*a;XL(u-bLYOFi>;0wHbyYRdxYWTurC0AIAXg81 zYiumr~3P(tDf7l~v&e%Tqf z{7k%XUo@II)gPCZc=Zu?-hzayf3)Dj|9yTThntqm*&mg^Zxu|jrkSXzJ~2yPHd>fx zHqAjjcEM$uBb#!CyOZo09LL4I%yIen+r)8K;_satHxs^>J;!mg!uxLXqit)b}(0D0Bx#fo&L-kN6dU+Ko|DP!C2e zLg(>kGqO*I&oVR}e~zF!{Mmsv;m;z}g+Cv`EEOz*C?(Gjip*(kr!g%#x4OkA^>V@eJmTr`@p+#uY zrue#f7LxzG8#bB9F62Ap>Dz<`O$>9uSnE3|G+oVfQDnpDK)Kc`Mk*!E=Y_>a&iW{) z92*FnOEOB?rUm-EIwVPT$<4zh5q@A_u_7SN&~d;~1zeuEYs7K#D3zIkGo<|##X-XN~hDltXYEEAntZc$|GL!wE26UGdKf1qj8 z`>5>X;CQAi8eXsO+#~K)-=Gi~I+H5rDtq1$Cuk*}HZ!JQY|sY?clw#!$?|7s#U~={ zZ~IIfGDaT3|FgKzjx8BU@`%f&kJZ;_VFtjz;hfDYk);f&Ro|A<86LJZ$ahK)>a~;J z;$cUnEThkQq@Z2{^zrn`l0{o!P`~QtOXs!h#7NQ>ejTrG!2+p39QfowP)?AQyZPAQ%(lIFFHTmXr zha4Ld+#1pM2jYX{^$~;M+tY(~ZK+A^tH}y(jj(TwBREFSsrakhn!9g_amuSogG(Yh z*D@h!(rjh*g7@N=0m^OR{Heh;`oacgneGX8Xl0#szZWm*mChTnCHStN9bOd)6>$(ye>Fp2NBLZSO9Xx*-LJ>6#!T&J0#uJgu3-nQhHMes7J+z9te4~S&B;8e;o?n9+7`PJoQ4TAVPoX Q%b^aff2g>rE98y&f8gM&B>(^b diff --git a/variants/STELLA/defines.txt b/variants/STELLA/defines.txt index 8199cf727..4a8029e52 100644 --- a/variants/STELLA/defines.txt +++ b/variants/STELLA/defines.txt @@ -34,7 +34,7 @@ -DFEATURE_STORAGE=1 -D__FPU_PRESENT=1 -D__MBED__=1 --DMBED_BUILD_TIMESTAMP=1751296267.721782 +-DMBED_BUILD_TIMESTAMP=1779181787.8582435 -D__MBED_CMSIS_RTOS_CM -DMBED_MPU_CUSTOM -DMBED_TICKLESS diff --git a/variants/STELLA/libs/libmbed.a b/variants/STELLA/libs/libmbed.a index de69bdf91afb83cb1fe02c87b831ff63b5e08fbf..ee010339ad96379483c853bcf459a2454c2fac89 100644 GIT binary patch delta 30866 zcmchAdtg+>x%jRI$P;#xO-KlNL4bs~NzQI|vnvD%At6BmY)FvJ3t|xgg%TAC6bP~M z@<&>tzyLLrP@rH55-vE{iq|Mm6nTUKLQ5=B@PdLRRx5am{JwddGv}OLdTZ}({}?yU z8oZ>uf9;b~DZSBDzPN%@OQTW+s0l>ePl(Q~cAf2q4)!@sG%&L3u@pEFea zn@ZikYa(Tya+jfkl*waAsbhakk2X~JD|2rcD(+X70sy(J7-^{ZpUTT?3>7}5&QE2_ zQbWbRs$9Hfs37G}t68a&{~*7gmwx|p4>-h2W%s>??_27=?*L8zN2ePqNg2Q4pDlIw zANb7EhROwN|L3x7o1s!)8crK3Hzoc9r4Bl6|G-eW>y`hz^2UBc<=-pst~ON4rLJ?h zq4Iv^^DTx-Qf_7bpO&ihg9f?O$$w~mT`oh__bp=!4OOI62eL9Xz)<44Rz!{{>!S>hN{0;)~_{G`76IXYpD8%OWpVB{4eNRr^2+l=T5`FvKrV{k=*Z4A@h6|8jbaq5Auj z8-V=xDRsQ_r(SSJ}K->*D;%`jOmdC`W+yo{3nnC#6o{M|A&&@h>l z8N2d-+sO3~cBoD(P^PG-zT5-cT7B9;;~yBon(_ z&P??7rI1wo^^XD@`e`}0#9U(mPUhQom~f<$+Qz4>I|^#V<0 zH!`yW)n_N9;gOL+uSaTHDPA@w;5DZ*Fa?iH3!3P|k)){P=|&uv9n@|VV;NtdX_gVs zdpPI=RTIOcYG_cgie-#DZQu3=QI8249Vj5N?z2jRnzYn##JlXCG+bI8^tj9bH|p|) z67jY_6Vw`^htsq?C{peT8peR1*c7xXM&Gk`f6!HxF0!7rM}zK~G(9OAcGPYyO2Y>~ z40=9P(+cXFJ0&;+zi=hU7NTpx?SBqhpe2;D+iuU~>|T32=)4vlRZzRlMimrgt`0V# zz}R35zR)drnzkp!%ZA$CHl^W};lTs_O(fZ!X#B3=RD7pTu%sQ%Fp(TiCiv$D1s7;L zaJp-L5R!)8{H)Z3Em^@!dg@7R84(;4rmyTA7o4wUB1j9^RO7>;Lr(>#ChCV9R|jv@ zPQ-9oXRJ&^h30G%8ooL>0N>se?9_GxVOY~cGVuIe!Ov@3II}uWn$plxSEvb@9*GRV zlMV)dsnt2g6}R1nOo@F{@w#_{eRLS#Z4Yi9puw3!&qAFW%xU=AH^C#cT18>H?JgI( zd@VB-&kYJ`O4bYq<^bBQT8tScw#+Ove4!;3r{;vr)yfBm1+~t=*NQ^QeRR9(2O--2@RYDmffB7pkoc9E7ti~E?V--hmyO-zAljSaimpQA5Vq7$>d8F=a=VP|Ak z%PrV5E^L*|In^XiNnSUSr-nTct%HYi7lpOU=B0qLE)Q##HGx%9u4JK_Uqq+j=*?l} zvh^rK8eR*_Nzedi(#Xzof%jc#Nx_k)!g5AxdVmmTMf6-HFAoYV^PryBOEoTkGujS7eA}H~+hwa#CaQnHbX|@VSS9mVZpq0!)`2inj*lXR#hH?1XQdkD z&IIpxYf^bCUf?vveL$-2Lu(ll#JoL6{vJvh5Lxcr?u*CH30~-3Fy|dm_ zCTyg3XE=!-JPjtJFi%#Ay1vWIz^`mFoe`w*?yI(&V&srcVFFA%D?l?FWrEG_cA~vf zBslvcrea|N98||iQ=ITFq>|F;%yu#wM|PO1`zTQPphMr7=E?!C8}Z8Gd!}WAoxJj9 zv^i1^OO>8+@#eeQ;Z!dq>O|0m;pS+(XrOtywhM46F5O%!)RD}f8i!%rW}hLAh2|n5 zcrt`CMRJ3Z(O_i2B=ZdIsP5FeW}}~Oht=TXWb;O$*NiA6H5O*zH>a6D)>6jo%x%j| zM4d~g9~bgKz1-PS7rKU8n-uEi0U zQM}T8Q;QiFx9n?Q_?dZ_uedjun|&%bZZ)6qQOWu}=Gr*D;KM#J4-h8FWnBD;xk+fF zA{J)mXz5>unDEGZW|b-PaZ>N_7`?)v_8lWK@Y>Aqqgp|;P!veJ_l6<3ct6Z9ED^nSZD-p}ptByW?-` z!Ve3};!4oo?8(4^%fh3CH{x`;8^RB0B?IA6`;3GPG-q2c6FOZU5rD_64gXB5J;V!a z3h&TDK3LRD8J~go?+o9g2ZlP=^v%G#_k@3|g$UEM;qU?a?$~%J z{E*fI@wwaELep^I@$lDuhFm-yzSyU-_I&sgK9ya641dE1_4W&q8ThNq;Za&%F-be^ z=sz!oxY45Bk%9Q>{|fJ^l{7OIh=5SyH}R>c<8x;(#@7p9hkxNSedm9N&(hitr>*l{ zYZ?lDIe`mh_k$7Lwa9?rl0J&a!=~Vf^?CwuThE9Vt=Vv}^?SlW0sBORYcb)i&6@(# z(3&aZP3sSa2jG;%h;Q|fk?|!<27Y=##790YckfkXpvp54V-ht&OLxQ0VfWyO$F*qF znQW-}1}w9aq==8S#1l<(N9Y8?k?ZH(vg)u5#ZS48X(Eo2O3h~4hy ztH`d^5t6VT4m9^7XpU=B#Peb(@equc%4Rp<7ZLNc9oRZzmz;^HYwJTP_{c9KRBI>! zE^E?_i4P&`x)Hr_;-~QzL%8}#?eS?C_A~p02T@3uY}qz6#aoh!8g9h)LYEgs1mZ<+Mw}6pa3)Cq4NTbG z7O_Oz!YLq*4S{2`;FU+!+Rg^!`r{FeLV&!|dM4tIPbKjBh;{}LHJI*2Z6%+U#-AfU zi73~$8nf1gSw_8nO)U^UY2%HEc710Aw2i`tyCN3qTL>7u<*$C=z>qe5?*n0$L)toy zra8`(W_%lYdRZdz;BJ;ut&~7*A>9GZN<>4Dn-`Ow>*`@8R zv!3UMTU6FVghe}K!FG%#Hy!zw#Uhm8(me5)rPUAEEH~`CZvDoZir=fW#E9)0A9eSK zmR#*9AgXK2usr087T5@!o|Kq~#_x$Vt#7dfpe=Sw06zU=%MPt!g1{P= zSUmnf5`P`;LI+dgqtW=ES%UD9LzX9e$mzTq4?TyE4Pk`i zV{Mj&zMZxcS#GhWbMB1KH3i^XM=Zb5_LLd%3FO|sI%fG!FCdgV8WyneCoCW7TL`^? zhDKZP=`)rWwG*(tnVs)Hx1Fkww}SjdpN4A?ZYS=LdU7o)^(OpL~}TY4wqQmoxH+h!J?t_F<7H z#72ZwlE49Sh=q~+wDM#NVkQaQX#(R)apb;1dfjiG8(HH65T?$+m35KpeddQ1-|d4b zEcWNLQ-daY8YA1q4w$2#vpe!VpW#XSB4>#$9j6KM&l%{=N77CB+FOy`#g2nF8()mh zz^+q~OZ2#7h>!Dq);Z}*9J=`(3t za8#Smq)q0iJ9@-%Yd=53JJX_?w8JSTl5)s!%of$%hi})jqZ;*WN3EY%=HUxNqijAc zu-0dw;n-qATUJB(J3Ti_6=89%%B(fnp}4l1G-AVC1z4u_^d! zT<`a6qQ~L>JUAsAt6SMoa8xtCw^7KGfS~kcBWZaU?3@lmhGP7s(U9wYtapJ(0r2_X zc&7KoJOLdB6Tkj?Z?8xz@SaI$d$$S;<&`)8*t=CIEvrQI%r#hx6F-B*LI<}+8q$eT;2!AE-{Ou zPxw#>{-Z@$vCL0;NGh$1Rt`xOHpQXn0Y2DO{UZ7eA0X1M=tIKq5y%uDCrRehb7S}6 z=nk#&1EEq!bnZwEcc8K%DQ1CLUzuc&`C2R>9CN8SW}Qge@XF2^F*zdZ#4FwPF|EQA zD(KnVknW_0@xiJpNIb2MS+6%i)cIy?21?8Z#+$Z!0$p$m-UP9g%|Pj)_%oKNa$vHc-6Uwult`#)R07@+qbp@!4j*9D78Z zg>W4%-WR(-I~$+?+L@!ZP|5(2fuO{` z-Gtj0pxpB9gGo7kqf|RCpo>zSh3J9q!SQ{^YFmL(NmKh;wM0=ha>+**8)o-S@23cu zV+U!`R4t)=o|?lJ$b4<;dtMwDC}`TV$=M<~{GI!1-)3R;9H#U}-vi>Llvf&0^{p3{ z&MTWb`-W+yM`xE%P467oGF*}F2yJyCk_bRIo(eYMgMaS3PaL2!sLY>5$G|S` zuqp04EqvfpM|7N5m>b8$QyEt!tX`Q*Laj$*($J!nW=QZo6cvC&XU3h;;zXHD0y<)= z==7=4CUh(3kpMijHg1#fcYKB*KNB7?mn2g7}g&*IMsXHCeUD8NBe1L$<&H}S#RR)ATvPJ(Mx=K>N=$akd_Pj#q! z!dxGwK&Z0LM-X@WCwR2B1VK&fTqoQ)vnIT+Z^4VR6Ygrg1y_EOXheI5KtMkpTe{;v z6ea9e1>-;t_rWe#A~GgIsC02`f=8?7lp~TI64W$QnmaKeN9(x&Gf1&OCciSFr?!Q8 zLJ2$}jcR7pBoqtx%XI=yZ>(DKIqLM9P2rq`7qu{9Hn;?sf&0!&7~uy|hqBGywKyS0 z?>Z1{!ZI)%OS~keOp;@B7om~H1J^bttQTg`xH*}z$tGn&YPKsoDh0pyn}pmFMR5oS z#>mWUaNu+$E)7eJ8m#F->B>f3b0PfQpPjf*7!sKQG^c)IV!cB%1S;cJCpOh6l?pDB z%?-CA=u81$B);lrt6?L^(r~TsrQRkSn3SXr#Q}2&4j=sDKGiDur30N+YaPzw`?^- zC{UQJIvym{F?S=MSfE8)Vodl-ak5k8RTOe}yK{_d&ZQix^c|XI&j!_@)-&Cfdh%6G z4?x4yk(%?QzH-;d!G}cb%qOU?9Q^ePr6)%ih|UrEqaZBVT%bQm-^8cjm}`TBgw1kT zIepSPzTg?Nc1 zDGTi`Hw3rlrcemJr= zd420chh7ksOjp_lS@X3Vf}Tlf)?8I3yQ#Z4-P$Jnyew9_#6czsk7b{Hcf`G)iYb(q<;09^$)^_DKKF{f}7LG)Yup9 z%WmoqS6Y5+T`xQuhu-n7wOzzXq>@3mgF@0>%AF2tH!a4rgOnv-{VV)0tLiM1QHM@xeqPH+-rCsGGYv(1%VE}t^v8wYU!OJAj$kfB1;#aGhORq0~h zoket4o#|?AsX4}QybYH8n4AYsxss{6qoT0efsFGiKp59EPijR4*uV`#qgFyB;`m_|oKXc! zM}4Ft^^}YvbYNKE;&7>6%S^t^Hx7Yx1?)=WxjhL5^CU_~e1rnuKal;Z=-DttiWB>B zJ|nYd>ljIA&p?oQtYqbA3n0u$-zkw~Bh@#BPxRBoW~uQivxrfwsio3SQ)9Is1X%yv zANc7H2!n5Gm?jrme_Jqbz^bEuWVI3*`*$4%XG>+&8*+p-WjhSW)88}b4MVg($dfF z>96TYeR{UU4zS??MuEMPA2x|mIdkp*X~Y3j?eRRtplRyRB1b)x1J&oo!t%V*?&NM- zjk*J#EAfo))y;MzchAs+pSc?U!+w{aj)=;bllGv23hF$`oAZ^umM^EIr<~5nwr4_A z+bTt-thke!h3}*~a(Mbn!1Ii9wDJu&RC2A2o93``FU%_`e;@=-WIO3gdtgbRTiTs7 z9Xo^pDF?%FM3RY2O`)mCdM3CR-Z|UxzQCH#(y-1UA8?DQYk%&Lgg57$IJDLA2Hy|} z%o~5_Xv$PL!C;cRba{C7ZO2Pm^ucc@g*f5q-j44aDn%#Ysi181Fz&!X=U5(DifLe+ z%0qC3YI{26Fj@43N|?bG;Z!XGtUrQ;R|YPObQTCT;E-B7owJR&x7GPOVSl8F*@Vpj zXF+tMotojiD5&Lwd{x4D)hX|Fg)HcFX!fVh?)Zc2PLeZ$E9-A$ zmkDpkC+!My1qnkSmDKS$$Zdr=Z4q$d+Sk=AERK&d+FUAcpp25-kf)+|{gydgyM$9C z9Vllcl(Zc3gE#)%gP(+~&T&O)`+?Y)4lOBi^+3;Gaz2B{bxY_57sXsbIq2#rm#{&O zjJeRI(nC=>7gqT(E?+*kjdiJ%nJ50tC9ZCx1;=Qf5KFJPmOZ4eY(J)%j`f5}m~Qh4 z&2+4({*=os{12b5Q=>dys3SfTPJen zupKUN*fanto#}onN6-W^hiO<4yl$6U-dAu#QJOk;-?z!S*H4pqpF2mjrpV_qPWD1& z!!h@4etkkr1nJ%uE&U92myHJtIOa3Ab(9|U8tGw`p728p*!TEW8eI>oc1Wz}ilQM8 z@Mg={fp#oUDb;wwu zu5300kF_%JL#KxH5jz2nN6kk=&Z$B$zypNh`O6TuU?A_wLg28lp{fm)rm4)NZ=&j) zCElop5A7)omyd1eKlFgG3|`3;=7?*kT4BJFD6uw2CZt3?yMp1k>fxbnH5wiZ#YxR?Pq;0_OcTq^;foaz3d-w##kKEnyY>&y&%;oQ)fxjJyT zs&|e@xK9lUQd*9R1R2udz&t$3nln%=V5Eh`8RYppKIY7^35dj9@HK_Lz#3VUGmK{+ zg()-fbbBi2e&Q*fecz^awSJmd`m^J?998<0)7B|flVsBT9CgUYREJ4!*^kv^i=z;7 zZ}RezF>pI7b$shl&y{0(2{ z2N~msJt0h(SJtNwQ#lV_*)9#cDq?rJ(m8Cd&`@4kGt$rS)=|TX@)UNGp3L-|a`t%S z{~K1IRVc;xhW%ogN=5lBaQXg-Dw1N1Y2PudOHU($hevRvdUV)P)jGnu-#k6+5KlUT znvw${X1|$+@Zw4sT+1 z&^Rd9hqnk`bZ6jgsky48F&RXelLeQ_6Om`g!*I%%nR`_$GAdK29gY*}dHTA%+!o=b z`MlD*xv;T1UX`obSn;No$+;Val@R)Y+ck4@4;1T31|YsFT7NWGz4kL1L*=tZTzEWJ z736CB)oMnxSwwd*$wkvBG_EIK|!aipOf;aBojPJ8)$}-e!K$ zhm#LtYkD@%Gglcxj$=4mN$P_h61%VGt>b6nFibfw%0kVnsvvuuGIEFTO#C>9X?pI% zBUPHto2)}eZp_xq2S{{2J935)jDm#C<|5aiNjhw8-N8x>xw?(dzLo!(P%fpFf5Ip5-F*2IK3teo+1)lsG0{EK zg5&v(eul$ckMDZGExJ?r)3j>HhCAU7C8aUotNB%`xC=M~F;HuV2VPJ7 z8ZJ?-{3gF#%K{j4H=rO=EJ*x(z#3GbQdFiI^f@#lTMRV(#pnS1_D|AF;VTU$ivF3c4gpTd~m?1FGc26K@JZ8`LlvI*Evk&S!Z_~JZ#hzEsxoy4EdU+D{s_1vCC26 zL0?(k_Kw=8#e;IenJs_jV9Ks&c#gDiRJzEf5*WaW;V3!*#--@PdP{alatm%9P-K+%yGkWI z1M8Goz$&R`L$(|e3i!6Is6-Cflp$>L6UAb3g?Fvvij<{}afB^GG;c)jxi}^iwGP!0 zij8ZEl;}cXr03-#<3xQ=wgox&S&^~@Vf`u65^8=n4>G$qiXIrG4CG=lTSm9YTF)q< z5^y-3S?h1ZE7YKj(Pkk_a;bxR{l;nLG_-PTl?hEb4G$RR=a1ejB*}qG6GnIGrH6Co zkIvQhq!8Wg{_(M8qhB4MAjvP0H2ivWv+R&m!hp-AU644O|J%`z%S#VyrOrWe^V>kl z$3{OcJ6DB^&8J3}i9s?mE{z@_Cn%Mkp4+1vW%HHfqnEp3kKSCPph=RoRG_x3Y*^4~ zu;%#1ql>3#dVmp}xc6w+5`E>xC1X5`HI)n&To>Z0qUZiL=2IbZWj1)y2B9I{-fy2! z9AozbBa^%cpyvZYD~jFYG(7;Hs`JI$vA#0yr(+ikR4REst9Acas~meWE-($YJK$mr zjbKu~8hbQL8Agz#a?NJhU03S3PvvZ?!dmyJaUHT_R#+=NInJZi4?vU!T;1l4Qvxo? zjk1(k*N?{Sax3$aN;)r)O^(*Cw2q4x`pvWIaUYDkD=b0bCtMqZ6`^ZVIczDu8rS)h z0+bJf51n)f?;(cSh!~8wttoibwDGw@Pzo+^qkTj$eAeyI_&#F1x|R48NK(G9Z6yLa zHoj3_z!}AqI0xC{!#C6ZIDWI75fc3PVtl0VO`J(dfu7bhJv}$=o-X0zNXCNNezpU2 zn8rvcZqHaDG|q*_i5?|?tW0{{>ru8~AV~nl)I)MZq(RjqdX{HLx`F{i3z1L9pj#6I z;Uh!G<9gtPS3Jmv1@MuZeBqusJ<_Y5ZUS{)>DlACD{Pui0X_5ZEjW&ZlZ{8+{Oxq& zTgmWt`c2Og{adh- z^xD31r`fO z8<3it_EE`MIb8+}0;qINBD*tsL-mErC9eyPkalV>b_rgQp)L!2!f#oR2^|Y`_JSAJ zPskPFmO_n`P3eL z%@^}u6Pi_v0RzSKctl{SO2rkj;Z{4}%uNa|-7IhB7`p)tbI;Pbav-db)ZDMM#RoSw z%lS0*EIc=J$XeQ_RS)1Dv8Rkz-L`)3s7n)W@3|J}Z^KsR!&P z^V6v$lEI^I9TvsGC#Nn4WWcvT=)qXxx25v8qKG47np1qQ^s34s^U7{zMLx`K4J_;Q zQ9OoUWK@|iesIvqfd{onlT2 zcL-!tiZa(a;nTgPWm|<;;9%RIENc*JEvcmAT!?=9Z0EwV(Zc2NAz?o+ixcWkDyf;f zfXUR%pL?flkI-p8DCgs{mi~$skVRB~H(%DKUmUrl^5Rq4TzJ#l*C0iOw)ZcJ>E_nlx_ za^}v3q;&Y~-P(Z1g85q+u6mRy!oj>rglS02`^d5O^RfT49stNFvnm;|>_VdTK z3I*dyiJD(M);>cS#X%LDC$&vfDmfi+kpSHCOEV^^90>u!nBX9{w`rKN^QlP_#XgKr z6SH$t(hC0&-^%p*hX`lWED?9k=KXn(RLkgoQ(I`3Y_UJ zG#*2qnNWWLHItv)s0)4`FbqH=p7M@;z%&581iyen=Tp#{f~2RtX(+3TOg@surR4U-#*a_L8dGsEt&GqTG{%das`iHOo=+x#B@UsCzav05R~> z?e;)};U=noKO_Qene7!GgsUTbMcAlXedTPclYHKkM%mGI-tJSq59~A)rKWp7`W4XBWi!iz>;fp{u9$(r7e#r*u&b$j)hJC5z@_+Vd8ddP z6^8IiKCj{d5m(A!msWI$0FP8sHwX-dSeQKiUbdpbDE2sfRP)Of z=fsweS2ng(1POP}D_M>z?m~qsLB^Ymf2gPzYdxz(@O{Y){K20pmS|lsTct^?N}sx} z`@Eu9L|Qzz2cL=Dr6Pr;G26OVHjNZAflAJEdR)Kr(aKLnNTuW_UC4L_w$B&FSH74e z#sY6Za~3~Sc}N5!oD`N^J@lhWRdQ8D|g0 zA5ONvSE;;J0Ha{=X~2bUwpW_)_LG&${RX8S2F*9Z2m344;%7rUfA0q#ygr+5B=7=p z%Y{l+6sMmr5QkmTa~qfd^UX1$4}agICw}%%mG6pBkBz8S2^^YLvU{u{`CV_)ic5?^O+&!C-LW)Dpf*>G;u4Y zS79N$+0RGVY@oH$??4H4zT<)C?$uTMRHg)ADY8 zpUkLIPNlW&7}_uT@Dbk21Zm+>I&AEg*K^NSofJEM&VZ^#RjR$6LOQ<)Ctk_jSXw2& zk|U0eiKuB+)lDsDD1mlz;!fAJv+Jw=DtBNqq(?un&-pF^K5HMjt!m>GVag0B98N;& z#o4`DxzwV}$C{Q0-M8s{sAyvIQG{IN;WI_(TF>f_TCopO;q~O_%l{IO3R;H~A$WDYCVER`F!Tnai`nzfa)@ z>E;qYm0e|iDs#P)4{0f(svz-?KBA#3;9H`{LjrK+)X4?1qmw5maZcXrGbby-joiRL V__1v6WMx@aniwtT=1<1P{}1CtDH;F( delta 30731 zcmchAdtg+>)%dOk$dl}5Hz6T!2#^pq$=%Ivc7a3!2_#5>g@EKmhyscV1tb(K5MmM0 zAL(Zl7@?vB!2%`J@PPxZ>1Q-p5P5{3ptQsq3s#gU@lnCg$nV^lxpVK_UHa92zxI!D zr^L{+Uwu_d9(x#!&VzEp`7Kf%3d{hW}NW^_rnvE_KQufA4p} z4MX|AsMPsIynT|P{NGdRejK4INrrN{d=)2_8_Nvkf2UORUt#cH>TXx@Z-UqP<80zA zL&d+T)cv~%aXRI3h6=e5|4w=18mGgQjuy7m8SsmgfXpp-i058>AxXQ=wIW%39^m0YT>(Q@A>hN?wh8>$|O z_Fq>pd^Z!paEEp@)YpFMAw{g0H5*A27v<+*ml>>pL?pu>R?w=ZY2 z46}bsxdzPtm{P|YSBJJ6{^2qx%TVpF*hU+wZ&yaXW2jcj*zXP1tV~e;s4lY_{%*PN znxR@Q3!e5@p8fPp^3Mz3e4_A8Ba}O!+zBNBN*^eFap9Z&=9&AEm6zRxTHftvF}hIi zp6TOo;Q4-^->Iv?=8OFrqx8VmFZu=b(*wKy)^CXqaN!UAR*T&OUD-)V_MEJ2bbYNk z4Lc(P>x1>EIuZlV57h(P#s^*r_W{lfZ0Mr{qU2#SGx2kkff2E4%})a@gtFW1%0jPS z3Q5D?{4}s(kkG*B!rQk6c3O2n1i&)<`ELT(X=;eva6^0Gf*@UUY(5=$b-V!VBahjM z>T?p)aY1CztC4Cg;Gq(60bh$N15l)*&3z&1 z=(SHvP1u?pyr#c?h|ObzW5V>nt|`HVq7cCzKuk405^8-YI4w!v-MBG$t4N44>&mec zW>Jwj$Ardg3=Y6IwgtPyrl1g8Mo1=Ju{ZcJv4#n(>$E8yt#yZ*km;_-06gnR@Ry?9 zQDPp49bJ!>((vXtf_>~5_jUv~4H5Vz*t1dBbLMpX$+y8{Mav>MJr1{1w!#>W^{Zz=&yYwyF-VRCbs|WU;4QUcp%8W*;iv%fL3Yjkk08$H~D8rVHpSu=f zA0QwkwGvvg4Gh{E5c;V|jz};&3$#K4RZ&RjK|jdBA07%$M-Tj`1=M>z2-F)Jx?J=O z#)K3bHUh__gvR@f-|G$?B901_(>N})Oi@k_>hXqJf@DvXoKCwN^{h3gV&}Bbt)qPh zRn6J@iqxSROF{2<&u>7BxP>c9nk_-ITEZ2>rh;dqq40JYf|ii0?C-NQO%3d z={Wj@uyVztc$bFXgykkOHnlMZE#%XVg0X` z3N0xvy9<(qreJF-E?m{$CJ8M7S3`6EC5k3ATzgQ{`k-`N)ZTx+B2!N3>RMluQ)Zgt2KPNT-LTxw0cPp;N3Dw_Wx~e1)6i84xJQAB|4uzTWeC#MJ z-ju9_Eln>^mJ%>mxJ*k$NfPUHd)(AIv&&7vVm&a}`nsvwh+g@l#fslqWBTq6Vf;|v zRd1RhItl>24JM=LqYztre#pwi&u=rG6Nd)PpWJPVQ8GO)1R%UHK%mx_B%ThGu)Ja< zTDvMN0B<;E8tLN%ou^IlVw9nZ$Z=((9l_Q#T-a%<8Yp0v$N80L~XuN8udA-;Kki}=1mxv~*>4%};3qD;Mi_FEM z^2zul4;UKBQ-;hkFA#eX$w@ir7rS9vxL9r8s<&+!2R6YngetGNW?ATwQA}7MX!jmuxV1i!2aAb~(C|nQ7gBnDcxU`<%H+ z1kzp}#lVm6G{4|ui}eT0OXBs~4tvKu#K#v){$k!PnxV$O(b}&@nQ*}^v#$?J10rJd zR)RWS9-E0bWktLtYL{>f!=&RxtIP=|d}v(6Z&iaecADr+l!KC&hd{bKEn;Szz(2u} zE#9|b1|3JidB1W*NHXJcT-y9oTBU;rkq@mr>7MhL& zPe!~dcA;`}K!$v_)0T#VIwDHM20&=Zg@}1Rz@9%v9Q7GS$NQ0)`0EcNqC~mTeAMMY z|8*(EgI4X248#xrHKM<006Z^BLOp*So{Bm@bA?kOzyD3d=RWki{ySo!>SUUMcD-p! zN1@LqG7as&)6!Su2DF&`fn^*v1zWc0M}XVFV zYPtsV?<~pkfhYseme*s^DTeXb^QQr@AkMRF^T&W2JZJ5o>NM;bXOZ+c(J5Q;IDCAf z>9l7hUM zn5t*Fr9>1Bu+y~4vQq2?+75dnavWaqnB{MJBB*8~*z1ueEH8^Sgp$JnITV>(_HMLD zqE7+R{EJ{h?roOG{B)K0@;Kl{%W{7W9FW$0xDImaV=q}WGpoklK*1xBZS&Z0ob+*m z)wtyq>lpO#A!`Jh{E8(Mzr4?~OwCI)-CAB9kdEdw7BTBz(QJ8Hln1jPsUsmB!*b`K z7*?o^?aG3ASfD0 zX=(J)pY5FGrVkKAeN3bP-NA(~iax5T7(dz?HHD0rH=o`yp zn}FMUERX7IWHflk-~8Z#E^YeOhr_I`B8;(VjyI(nUq{|>Ya|}t$66|C34{yD-~{|( zuyv@|T^@S4wOMRV)s_vrHgYO~7N3ka;W^>fsYdkrV3QSZjIs{&!O}L+>ccG^_2opX z�-cUrVv-bWJGRC5L^>lK3?Ic$&3PG$IUlqf9=CW%v5;t9!OGqR2nWr)|)=47XDH{VrHn`TaZBC zc+q-V#0f*_+HEZnsnY~XS^BTo=f~`t4_M7&C&nEl+}D2=4JpWfTDyI?Gh=JF*bC?b zs_90Q^y>&WI+B_Yji&yGH3%PTwa)VqcGr~zXnEa}ltfg6kGEML^=-6UR^kp@MiN^5 z({d}me$4t?v5_K?zrbGI*T=0t=-EX16Ja`=ddm8NzJ~GYYa#gTIqOp*6(U5JgJq$+ z&RaiHc0%}E+Vr_KNc1xz#B8_Ij^?~qnTA>ij}FHH-&!w-K0sPIve}v%t!*%w(DgZ^ z02aX+2q*XhR2?SI?}RJ@kJ@J*GDZquE=Bh3<7uLMV?X@GSqzK zv;wvsiy{w-I4G4YIol_@F_%js4-V6teoJj+jSoT~orx>!BDeU^haAA;W56)|pBG7k zRe2jDJH$}~Fn53C37_uC2O}4%i$69d*u&05uicel!k_#;vah;GVb#W`qBF7kOyn9p z?-+9DLZ7Km`g5eDPnz)RtC8Je?o9M*S5`mx(2dA9MDu_lG#aBKeTcRNN42R$lOMCl zCotR1Q8)FBglu3?ldMOHAq8C` z0*RYD$c`{}Pmfxv>X>oS^Es^6zOIh?SanRfhV-)|^E(h8QdUOgsp|+vfAzYk7C z1NM#Mq!@?IuMQ|vw_kcpZ_%Iw7 zHt2ES1$Rad@iRgv^2Wn1`ujoAeMQ|+5$5D%XQP(MiK#d(DLTJU7#E4uc6R8756z3- z=|gnMqUdIkC|GDod}8L7i;<8lEQ(IWJ8Gjd^iA;9pGEij3=4usv+BZ%5XmX4v^koe zvU1tPqv#<%996v-ebfhuv^Tm{4SF(W;-@eRv4dw%dvvF0?GPxW&glFCK_UQbNRC;l zZn-N=I%2+2_lp=%Dv8;wZu2l;*MgW_b(@NFLJr@_YHUG$3_pCQBc;*L<8hI_PIUFj zs&HJeF=mV2|4`R!v6(0-2Lx~0>4iz}xtQ;K%&%leOo{051iiy$&mt-AmHjc1YVcM0 zgFWZXPrG2J^>;BPdcwH*t(a5lOiV|LmK=o5;r5F$Z>uLE9G%+(i%+s1zxa8Kd9Wa3 z!cVr6>~DEs2JF#A40MSyC(a8;W_QM=C96YoPnm*91 z&OwZMIKj!pbE^iHtBB>G!hFUKX?SvbR4NWyI?yY|0^&1H7@d4jjdvX$7$s^O+ym?) z69=3cIA1glGVUBZZ26Lv^Wm!la68r9BZjtD)si=9S2ml*qYvLH?9v^qbw zSsWlCCCOWsAG!@x?+EdcMrXJe14hbL5Uxa45$ zN|6|}1jEb~9aWi2f+bj{AB%lMv{S;L-31YM$4)qEu00i-tKwwTPrVmgA_8eIXLc6d zK$-VZY^NFsSg)#UvH9wRO@XLmJ{$yp(i8irYGbVV>O13>s7jE5MBX_L5Befn8jd|l zap%Q)!bG-5Nf63%<094ROh!OPo{h*+@R6x;lf_yPR`T39n>a9Hb#6H9NJ7T1C#T}A zi{fm9xRx2Ku#uW34wq4?X}7|@*tWO}>Is9~g)r*KQBEY6?Tg!~`aQ!b9gRDzoU(GY z8_&emtIp0^Ztscb{0}02kW^=Me3|Nfj1zBVe3k0>oR)-I-ik>_t2UTTC}~7g01kaH{+!4Y zV7$3FzEh2E3}er#_(t_Sl>xUuAODS-L^5D=bNos*3t+(flkrX;LX92q3&i0PedNg3 zE9i}*FXKN~or|F=F(-I@h&ClB)TlE%YZ>oOSUEy(A}wK*b_t>#xjDC>Cb2{fv5X*`=Gep$Gj7Rs zoT9~vPl-5T=x}2&6UQx29P5Wsr?RrfdsZh7)CUFxi>*uyClk-8B&Aca@=S4bYvM80 z+GQXKX?7_Kc4E!b2d3f^zfH`a#?6DbfCg|9NYd`ou%xKrLJKk$I3BBo^!89r(m~Z- z7}@%nN%c;l3-A)ZF==~^0Hl+;-J{%&2>3i{pSqTiaZy>z%#!`bxJv^}I50U`lU*^2 z@oC9kH8PvSlITF4SvfGRlYt(+J2~hrPF`*SJaw7}1+CEojZY8iTrL2~fIVo*15!F# zJTc0I7WbFn)>FU1ud1Ha)=e;mg$%y<3!yWRF>V{&s9H3m-Tczvg{p2i%aYTRowd2q zm5S%J4|e8pRH`^!aQIHHi(a`SrA(c$s3cHwmnRc%2uoR`8YPnv+>P|8{Hg@ATy}On zWminf(lmi0FfWZuxvF{;XG3x*5p!-)%23suc>{;Csft$Zh%s$JRRQ>uk`%idO;ir- zc4bRuZh6YbnVbW;1#_H^ZE$~O(^DzuR7!F!@K^tIN{~8%%4#5X<%B&ewwrYRg_Kij zP-2Q|J)E-F#VIAX4+dOM)L%=%_1A{fjMY`(-i)CQr#X;OZoE7k;$YaVq36{&NUcxd|DGs4GYprWN&QkCIO|$-KDD*d zw`;Z|2VxU(-3RPxr}qghKwjR?wA}jzAn`J|SCoxjZ-JG@#e(4tn%tR42G>^(|Kc<#8zgx{T#K2z1MOpi#=;r1vS2g~NC2S3M&^A?iF1*=dZsN+ARpPS^{0+!(5 zYb1PJxqHObnQ9BT;zp@BJituXx`^aTPYf=2e3f z#gB5!JelbG_hKP=yx;b*8rbAM#9bYzr8yohTrRQgQyO zU~5UnZgtLQINI9E;F8JDGlKOj;f{?N-I_#39k_8Zq@95;WqhPr4k)!AAOEX2jUIXR?ud|B_K9a;1hra?kqawG2%dWWAaKGSf8j0LCD7 zgA1IQ*cy^quH^V|16R3_n{Ah)6}hl^G$FJ5WyS_=0lc*x%aqRQc?;W;bwvzm&@!w! zt5{>8R28t-b5oP@1CXwh;n3^P>mr8Z!+*$%)U1;!zi`A2{(FzI*`0bhOLJdERwuDC zCtA`~397i7by`#u@B;S_jT-$>Uc!QN{ZL4xG9i2vTc&2b!1v)o-Elk)l!w{4j=1a#kL5U6XLIpU%g$2^_+f)r& z=%TCg z*-qH3M2!O?Q}N@kOABAoMK1*Vx|w+N68ixqtJg$6Da*-HSe(7ao|mTUiyMAruTr+N zG~Mi3E@kDJ{agDRQ}x}cCWnPFe+i0<23%K zqgOc#p+FL=Jvmt@eEPuQxcIc=;t)OvdajFezjiE9rd8PcCTDd|oJh;YC(@h?l`St$ z!aKp)qO8WbaN_4XZAu8HK*B9#zezNG={#T!r%T#B4?15~yhk%II09jpY)71fEyF#F zoNo`+Gup7($xpI5KTCe;NXo|jj;~$*cvvffD8r?X&@rLsmm3=0bq*x0C3U-T&&j3mlf=#YWTomaV zFWLaii!EKQMMgZp=K6!;%~WT^ncx;NOv_}wk(%lHqkgnFevWIUGSe!wFzkrkRMHd* zWQOQ9!$rHV>s()|Ne7dSag(b_v|Zq=^<`I=C=G%K9*Dv7GyF-5>w=FDP#KRu=F-U+ zu+ge5$8THp@yXj(xz1>-*y#mDxc;1$x3B2|uohew@r3y?3eBJnWwq?Oyt61yVBD0?#D;y zfgQ)S~kgH19yAYsu5qNOH7dM0EE8jHQ^0YJ=>JUzgsyMg?))3YK&vz zq`BOcxgJd}$ErH!do&uC>CiasbVHnO8+uPFp7EfkHJ6V|=|*zm&3iq3Ey2Bu=EPn5 zZ(C)1MO(#0YCh=6Ri_d@UU*I*KU#rJu0_fX2|iTVG?%y+7pkC8i^krH7ZWcQWSi1M#Zb4Mh23ok}c<7 zBq54fG%C%cXRT_@DE`D#Lr@~;GGw0Iv~$#Cy~QGUw3UfRoEbGxN&dN1YCafsUQN3g zZ{Dv)d3@wYv)-_<(R>ZXkKqJ6jpCSl zw8ma!jS=bEomsF4>fIX*mmWusZmZ!k;w_{s33d?LE`_AxE6T0xq?+ zkG@w_fILf+8$7N5ceKXzsi`1%shNr2KR^1xd>uMmH6Yik22W;LbO=&`T#br^s***wt=hcA zPZizf>|B=1w>dd2SZcwN+PNZ^FIah1@}z25Pp$u1t|s!zY$z!mgt)GVVz?WyIyXqt z3lro9ork`n@66(v_b=uV*mE%ViaK3z**P7syGZuq7yLH2k2+h)4M=wn>Usta;EtTh zJ*WC36Hw2MT*#RszRhh{(*w1NF9P`>p*^gH_xAcq4Z%xYc*=4sH$%-D7$##v-aOT( z8L&PhPZL=futUnbq6TyY=*p{AO_l*`3jB0$nUGgJP7p1#F4!`r^ZEbD8!uWHSUjSNYuY_c}!+L@7x`%JtmNZlsnE$j{l1d5vXDpPUU^}FIL z^oSep9&=R{C-3IWa={5G*?&A%HfHxReK#5-x|8yKVgz2Yyb_FeY)Zan1*FJ|Oo5HV z@_l5B;JJ4u-j$Zmw~eWhQH{y>$gjgpg6C!BUlBD%8o1;`MRKgZd0c+88nqc&>CJpt zUY)GU*DSACRdaRzR@F)5;e)ViYV!}5=tm4ld@Z#8t$a-?z;FWa5hE@-nXgIpMFE`F z3P3&-qfx;HM@w{}x9e=aOS!*At%Quz?tu)0B$Y!ZqGwaFW7pgH zAk-Fciwr`Ky8uGZZf=6I_AoB_lSEJ*}?i<-R0zIOskE4$6h zW4}=~!+>2!$Icrg@E}X~yRjOXapZ9IXf&MFUhW+`Sq*CpPf4F~C6fg_Y#Jb+C%8O) z+zZNmA4sX_!Q=Kv#(8Ub7a7Q8oTVJ^xv!4flE+)fl*k+HY&&{kZ0Sgxnp&_$4O0v& zHT(RL1sbzwRkqOuTXQ%%2JCvIV1cS8&V}9XRxUzssw;>n(|2oozo1?(VR}Np@#BIu zfqm(hr_d|!_Op^vWlQq?OrrMEFABbUNso`tQyrTMHS?4_U}98~Y%(MsezK+T7e2CY ze4%i=$P2Rt@?>wt{=#i)Tw?079WAU<>^c$4UwN{yQSB~^lpu$z2tV|Ldvj+B=c{HY*V68;EOGZwOSWi zR2euNufXG@B6MB$o)~{6SPLT}amaTbiAdgmcYH>;wjRhNUmkA^(!p}O$FGjo!k811 zqql&*6CO;|RuZ;c5@qYikO^N7@Tr9vCZRnl9kp(DhRe@7`{Lld36}+-5>}n^cOyvl z>=`$qHcE?!u|OVK-YA=JP+);{cICj_Ab)fM_2!ksBcw+sWDL||fWek*(qjE-pcP=9 z`z92soKRTqZzeQZd0zrUFoD2HZTo}=BY6dQB_N{5Z(bf(5 zMZ3)$M%$H4FS@A;jlyakD$3Qdz%rKP`l1s8CB^4r;l0Gu8zW69>k_;LFZy}WgZgou zdZMUURW>CAU!ySh)iG3siqg3BuX{t~VKy}v^|9;Pwf(uMGfaWW?dXOzTogIeX&a8O zb{CybQL0}dJltkWjj(N_^Etstno4HkUi93~R z=7E_L;Ts5S*5LRYsBu0#4Vqgx@t~kBU`?7nv4^XO(a2pfF<)p$nDWpY!^a<=xNnG- z0w8Jl^~5F~S2R@XdtgU!#qTEG8>;OXSQyBAV`8J?iwx8oc6ayFnpQ+%_Us&G4$gk@?lp5X^?>-)t-E{HDC{LYW}!-U z*t1}+BfxcI}i>X&^#>0_>3jzDr`L5fF~?YpO!#5jBqWbrHfflri- zoTB9bxT?BPvKwpq04V+!lUEMaHETIE*>;x>cJr&r-(+iHM0+`Od)A#c<>Pn_UJ^Ln z65Q`2R~i;fn9|Gxt2`Ey}3NR$mB?uYXD3Uh_V7hsX!}Hs{}7_rAl; ziV3vy4etqczMukad&gTSNCL?X^3m-5a7X$yfo~hn`KdQ~Q*-6*X|-Giaszqo`ri?-hj4yc9%qS36%H$4 zOJe>9)86GK#7W94Cvul`-G|d&<$~ZO9g_UQi-eDL{ic7gQWP;>T|YfvO_LPIv&*?P z37tV3rWbNsk&#lzl%qUIKMikvcKT71f|CvdFWfb~mU|F`!N-Lq0Y*I--qX5K<8D(b zUfDc-FOQh4Q||fc=eZ~t%+@)*Nl*&-$JLLgckuYm+EKF|8(69uv|K~jhnwbXH8m@^ z^abv1rm!S3C-*O{|SM4#R#qBc5Bf3?rs5XD9OMc>h#f`^F44Jz<@4Kbp}zSW$@#BcpZm2Qk@wXP(m& zf=BN8vD!W$)zxEX-qgbyXU`m>@7u9vW>~7WFY`~AvK^QDtC>%wDGit?PMw{3SdV=B zwVBO)(U;UdmJ+pe&`^EkHtTMm2<&A7P5F6jY=j~;`>^C5M;-EQe?f1?J=y~68 z>)Ri06%8^Z2lQ-2TSu0q;r5Ybae>B3xNB^grH^qc`es5|rg17BQdIVb@R(?W!4SO9 zU`UaFmm3TP^6&iy!z3IwtE?`>_&jR3uWSl><>#>h=)?QUCK*GKZEo2V;|R1Ge$b9} z06#ky;18qtc>v#t7Ro>SQ7inQ5rYZ>k#&Aqkud;O%?Ef2YL!mVZ{EQ}WOADE>kCIfNFL4pSU3gLn>-|xNLAA zL!iO%I;tNXXhD~t3fSy^xNI1@-e*>T@j=w}UOx+Z?Mk`{7|vZ-HVkA?^GN>zX#dNz zOu&4D40-@{{CeO3^t}waggRx=4U}AF8i3*!0m7xI>3qqsuwB7GC&XZw2Ev{XS%5Vz zAj)8XTh6Id2KTu%)L`gF^>2p&u|;J(KrlnRx~R;^r%4$`4BF*_I~F8~$*wEwtF9rq zIcC|}oj?Tc2a$ejSp;`dh8b?rc$6bZ54lOtJXfBg$x5&AWLa7&+fmiFfW3IO)qdow zvhS2z6SM{R;HkXwc;(t21+vMCd?Y!$to%!5cbRv|f3V!+@I%S%fRD_PS^n7e@+T(< zEeKM!l7H?>xw?{<$44q9B!3MMZ~CgdKc8FJ;9GB$UsX;&I2UdGD~^p)9FsL{npm-y z&&V3g>MP1I&%l?Z_LNts^E2&=;QJYwbpP{uEqo&7wd#sRJn7|_;N=H=C=M@spyDZ> ztFrzJyDBr$+HDc=&G7x>;l0K3iaU7T$NR(Qw&mU5J!>ltC^xD2c$Pd-!7op7VC%CL z=apkP4s33&2vY8wa$v`W3V!g(f$@K=s8@El6(E9dHD;1WYv_9JT><#}KUX}c?ENck zaQ$Z$tCgz;6iCetPQ2+|FZ!LywY$Ot4p&yr_ZduQ-^%R;z6Jo7iR3#U?RQsxtQ?q9 z?8E}#0^m7V;eI`}@+svK7Of>-;m1jXvFP?yfv6QfCg+wQmCK(e14~tz6vTc)E^Owu;V6Mg-SK z-0W+)Z&qH_>j^iVty}>&xKCE{Q%H`GUegXbS82j+rz`ml0$vYY`O5(<5b)KW_k$1K zaY5?U_I_oja-hz8(R4ETQYF7uz^lw3_@M%RP^fJD^Oo>sqFRl@>0SA%>y-(RY|n8W>&dGvB}%1o8S%gCU@0R<@kgXNxr*^AJ|bK3p(U3>8{CDgM1X+RqnTo zgu34F!j9wYs)IgSk>*x;G(#azPH@*lRgW6+tp!#5yWZ9Sv5~W{> zIWT*uNR5lFq|FaLro;BzR(1cuPZhWwJnEQ0!k1E%Cby$XkRQsB1SXi}J6dhAU z+ZXcuJgE8&O$;N0K^-nw*&ni1j~9JKQ6TK5qHEupOt^GZ^#$d0nzF*0bOgb9!m@GI z&-myVE@5fsZmsanPxZq+Rn(Bu+g8=y@ i*Tg+Ke2DAgaNL8{cZevsMK#s>AxTfCdRA0p Date: Wed, 15 Apr 2026 16:03:39 +0200 Subject: [PATCH 6/6] mbedos: adding autogenerated file from ./mbed-os-to-arduino --- .../littlefsv2/include/littlefsv2/LittleFileSystem2.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cores/arduino/mbed/storage/filesystem/littlefsv2/include/littlefsv2/LittleFileSystem2.h b/cores/arduino/mbed/storage/filesystem/littlefsv2/include/littlefsv2/LittleFileSystem2.h index d753b3fb1..0d13ef7fb 100644 --- a/cores/arduino/mbed/storage/filesystem/littlefsv2/include/littlefsv2/LittleFileSystem2.h +++ b/cores/arduino/mbed/storage/filesystem/littlefsv2/include/littlefsv2/LittleFileSystem2.h @@ -289,9 +289,9 @@ class LittleFileSystem2 : public mbed::FileSystem { #endif //!(DOXYGEN_ONLY) private: - lfs2_t _lfs; // The actual file system - struct lfs2_config _config; - mbed::BlockDevice *_bd; // The block device + lfs2_t _lfs{}; // The actual file system + struct lfs2_config _config {}; + mbed::BlockDevice *_bd = nullptr; // The block device // thread-safe locking PlatformMutex _mutex;