crypto/tls: rotate session keys in older TLS versions

Also encode the certificates in a way that's more consistent with TLS 1.3 (with a 24 byte length prefix). Note that this will have an additional performance cost requiring clients to do a full handshake every 7 days where previously they were able to use the same ticket indefinitely. Updates #25256 Change-Id: Ic4d1ba0d92773c490b33b5f6c1320d557cc7347d Reviewed-on: https://go-review.googlesource.com/c/go/+/231317 Run-TryBot: Katie Hockman <[email protected]> TryBot-Result: Gobot Gobot <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
golang · May 7, 2020 · 6ea19bb · 6ea19bb
1 parent b1760f3
commit 6ea19bb
Show file tree

Hide file tree

Showing 11 changed files with 408 additions and 393 deletions.
diff --git a/src/crypto/tls/handshake_client_test.go b/src/crypto/tls/handshake_client_test.go
@@ -952,6 +952,18 @@ func testResumption(t *testing.T, version uint16) {
 	}
 	testResumeState("KeyChangeFinish", true)
 
+	// Age the session ticket a bit, but not yet expired.
+	serverConfig.Time = func() time.Time { return time.Now().Add(24*time.Hour + time.Minute) }
+	testResumeState("OldSessionTicket", true)
+	ticket = getTicket()
+	// Expire the session ticket, which would force a full handshake.
+	serverConfig.Time = func() time.Time { return time.Now().Add(24*8*time.Hour + time.Minute) }
+	testResumeState("ExpiredSessionTicket", false)
+	if bytes.Equal(ticket, getTicket()) {
+		t.Fatal("new ticket wasn't provided after old ticket expired")
+	}
+	testResumeState("FreshSessionTicket", true)
+
 	// Reset serverConfig to ensure that calling SetSessionTicketKeys
 	// before the serverConfig is used works.
 	serverConfig = &Config{

diff --git a/src/crypto/tls/handshake_messages_test.go b/src/crypto/tls/handshake_messages_test.go
@@ -309,6 +309,7 @@ func (*sessionState) Generate(rand *rand.Rand, size int) reflect.Value {
 	s.vers = uint16(rand.Intn(10000))
 	s.cipherSuite = uint16(rand.Intn(10000))
 	s.masterSecret = randomBytes(rand.Intn(100)+1, rand)
+	s.createdAt = uint64(rand.Int63())
 	for i := 0; i < rand.Intn(20); i++ {
 		s.certificates = append(s.certificates, randomBytes(rand.Intn(500)+1, rand))
 	}

diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
@@ -15,6 +15,7 @@ import (
 	"fmt"
 	"io"
 	"sync/atomic"
+	"time"
 )
 
 // serverHandshakeState contains details of a server handshake in progress.
@@ -368,6 +369,11 @@ func (hs *serverHandshakeState) checkForResumption() bool {
 		return false
 	}
 
+	createdAt := time.Unix(int64(hs.sessionState.createdAt), 0)
+	if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+		return false
+	}
+
 	// Never resume a session for a different TLS version.
 	if c.vers != hs.sessionState.vers {
 		return false
@@ -689,6 +695,7 @@ func (hs *serverHandshakeState) sendSessionTicket() error {
 	state := sessionState{
 		vers:         c.vers,
 		cipherSuite:  hs.suite.id,
+		createdAt:    uint64(c.config.time().Unix()),
 		masterSecret: hs.masterSecret,
 		certificates: certsFromClient,
 	}

diff --git a/src/crypto/tls/testdata/Server-TLSv10-ExportKeyingMaterial b/src/crypto/tls/testdata/Server-TLSv10-ExportKeyingMaterial
@@ -1,12 +1,11 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 75 01 00 00  71 03 01 a0 fd 51 a6 77  |....u...q....Q.w|
-00000010  69 ee 39 14 8d 0f be a6  9c f7 95 aa 63 14 d2 90  |i.9.........c...|
-00000020  1e 39 34 2c df d8 e4 92  2b a0 36 00 00 12 c0 0a  |.94,....+.6.....|
+00000000  16 03 01 00 63 01 00 00  5f 03 01 7a df fa af 20  |....c..._..z... |
+00000010  74 5a 83 3b 91 95 b4 9b  57 d8 6b f2 88 2a 68 e8  |tZ.;....W.k..*h.|
+00000020  b8 9e e7 88 a6 c5 e7 59  08 ff 9b 00 00 12 c0 0a  |.......Y........|
 00000030  c0 14 00 39 c0 09 c0 13  00 33 00 35 00 2f 00 ff  |...9.....3.5./..|
-00000040  01 00 00 36 00 00 00 0e  00 0c 00 00 09 31 32 37  |...6.........127|
-00000050  2e 30 2e 30 2e 31 00 0b  00 04 03 00 01 02 00 0a  |.0.0.1..........|
-00000060  00 0c 00 0a 00 1d 00 17  00 1e 00 19 00 18 00 23  |...............#|
-00000070  00 00 00 16 00 00 00 17  00 00                    |..........|
+00000040  01 00 00 24 00 0b 00 04  03 00 01 02 00 0a 00 0c  |...$............|
+00000050  00 0a 00 1d 00 17 00 1e  00 19 00 18 00 23 00 00  |.............#..|
+00000060  00 16 00 00 00 17 00 00                           |........|
 >>> Flow 2 (server to client)
 00000000  16 03 01 00 3b 02 00 00  37 03 01 00 00 00 00 00  |....;...7.......|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
@@ -52,43 +51,43 @@
 00000290  d4 db fe 3d 13 60 84 5c  21 d3 3b e9 fa e7 16 03  |...=.`.\!.;.....|
 000002a0  01 00 aa 0c 00 00 a6 03  00 1d 20 2f e5 7d a3 47  |.......... /.}.G|
 000002b0  cd 62 43 15 28 da ac 5f  bb 29 07 30 ff f6 84 af  |.bC.(.._.).0....|
-000002c0  c4 cf c2 ed 90 99 5f 58  cb 3b 74 00 80 00 9f b3  |......_X.;t.....|
-000002d0  fa c1 71 14 e3 1a 6c 3f  b6 61 15 e2 7b 99 c5 4c  |..q...l?.a..{..L|
-000002e0  39 e0 45 f8 9d d3 84 1a  c4 fc 7c 51 32 3d 67 0b  |9.E.......|Q2=g.|
-000002f0  28 b8 8c 6d 66 7e ab 82  c9 f6 d0 49 62 96 2c af  |(..mf~.....Ib.,.|
-00000300  4f 0a d1 21 54 b8 3e ae  09 fd d8 85 10 cb da c4  |O..!T.>.........|
-00000310  6f 42 16 cd 70 cd 33 b0  a5 e5 a1 c7 9a 35 41 3f  |oB..p.3......5A?|
-00000320  59 db a1 b3 f4 ae f6 72  9c a8 db f5 86 99 43 b3  |Y......r......C.|
-00000330  8f bc 0f d9 0a 50 49 58  3b 17 fa 51 27 11 e9 95  |.....PIX;..Q'...|
-00000340  8c bb 1a 31 11 bc a2 fa  2c 6b c2 6a 40 16 03 01  |...1....,k.j@...|
+000002c0  c4 cf c2 ed 90 99 5f 58  cb 3b 74 00 80 bb 96 fe  |......_X.;t.....|
+000002d0  bf a0 81 24 bc 40 b4 e2  37 b1 c9 66 2d c3 c1 bb  |..[email protected]...|
+000002e0  89 fb 28 23 60 76 b1 e6  2c c1 e9 06 d0 95 c5 10  |..(#`v..,.......|
+000002f0  17 ce 79 36 c2 14 e0 1d  1d 0d 0e 49 3e b9 7f 00  |..y6.......I>...|
+00000300  ad e3 1d 37 ab ce 2c 37  dc eb be aa 6c 28 33 05  |...7..,7....l(3.|
+00000310  53 fd 06 17 b4 85 b9 b8  35 1c a7 3c bb 07 3f 4b  |S.......5..<..?K|
+00000320  53 98 00 4d 8e 49 bd 35  55 64 92 d0 a0 db 05 80  |S..M.I.5Ud......|
+00000330  57 24 78 cd 10 ed ae f0  6a 83 bc b4 4d 77 79 ba  |W$x.....j...Mwy.|
+00000340  6e e7 2e 8f ac 9e 98 34  36 9d a9 27 f0 16 03 01  |n......46..'....|
 00000350  00 04 0e 00 00 00                                 |......|
 >>> Flow 3 (client to server)
-00000000  16 03 01 00 25 10 00 00  21 20 bf 0c 33 f5 6a 06  |....%...! ..3.j.|
-00000010  18 0a 74 ad 8b bd ef 9c  00 a3 c0 03 20 5b ea 69  |..t......... [.i|
-00000020  09 18 b8 4a 30 13 c7 10  30 3a 14 03 01 00 01 01  |...J0...0:......|
-00000030  16 03 01 00 30 04 6d f7  66 e9 7f 72 80 32 24 93  |....0.m.f..r.2$.|
-00000040  2f 74 5e 34 c5 fb 19 a0  64 31 1e cb 63 03 fb 51  |/t^4....d1..c..Q|
-00000050  5c d9 17 a8 b0 8a b6 74  e8 84 86 a5 33 d2 75 4a  |\......t....3.uJ|
-00000060  c0 bb 6a bb f3                                    |..j..|
+00000000  16 03 01 00 25 10 00 00  21 20 00 ad c5 2b 21 7f  |....%...! ...+!.|
+00000010  8e 44 f2 f5 32 22 c8 c2  c6 de 2c 0b 7a a9 24 b6  |.D..2"....,.z.$.|
+00000020  03 20 c0 cc 79 2e 11 2f  d3 43 14 03 01 00 01 01  |. ..y../.C......|
+00000030  16 03 01 00 30 78 5c 32  72 a1 c8 3b 9c 7b 77 0b  |....0x\2r..;.{w.|
+00000040  a0 28 52 55 17 16 d5 39  89 d0 43 bf 67 29 85 6f  |.(RU...9..C.g).o|
+00000050  b5 1e 83 fa 22 96 78 e3  5c 45 5a 3d fe 2b d5 b7  |....".x.\EZ=.+..|
+00000060  3d 64 44 8c a8                                    |=dD..|
 >>> Flow 4 (server to client)
-00000000  16 03 01 00 82 04 00 00  7e 00 00 00 00 00 78 50  |........~.....xP|
+00000000  16 03 01 00 8b 04 00 00  87 00 00 00 00 00 81 50  |...............P|
 00000010  46 ad c1 db a8 38 86 7b  2b bb fd d0 c3 42 3e 00  |F....8.{+....B>.|
 00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 94  |................|
-00000030  6d ec a4 83 61 28 8e b8  1b 0e dd 7d 71 4a 36 c3  |m...a(.....}qJ6.|
-00000040  6d cb c7 88 ed 19 c5 08  72 b9 25 fb 6c 29 b8 b2  |m.......r.%.l)..|
-00000050  72 f8 27 c0 1e f2 86 16  54 0f 72 a9 6e 15 69 9e  |r.'.....T.r.n.i.|
-00000060  66 fe d1 05 20 33 94 32  40 82 bb e3 61 47 3a 8e  |f... [email protected]:.|
-00000070  b7 45 92 8a 5c 84 64 eb  6c 1a 3c bb 2f be ce b2  |.E..\.d.l.<./...|
-00000080  5f cb c9 be c4 ff d6 14  03 01 00 01 01 16 03 01  |_...............|
-00000090  00 30 5e ff 91 82 d5 30  a4 fb cd 20 90 c1 2d 08  |.0^....0... ..-.|
-000000a0  aa 19 d6 72 fa 74 07 95  df 14 eb 59 bb 0c 81 3f  |...r.t.....Y...?|
-000000b0  75 77 45 96 d8 3e 45 a7  42 1c f1 82 c0 04 4d 2e  |uwE..>E.B.....M.|
-000000c0  3f 07 17 03 01 00 20 54  90 60 76 16 5f 6b d0 3e  |?..... T.`v._k.>|
-000000d0  f6 bf f3 0a 5c b9 3b 19  cb df a6 94 28 04 24 ea  |....\.;.....(.$.|
-000000e0  73 1f 49 5e 23 f6 91 17  03 01 00 30 b5 97 eb 85  |s.I^#......0....|
-000000f0  cc 17 86 b0 0d 24 bf 64  6d 4f 16 55 b0 f3 64 7c  |.....$.dmO.U..d||
-00000100  75 3f e4 16 94 41 56 64  12 50 0e 7c 0c 1c e7 58  |u?...AVd.P.|...X|
-00000110  4d 9c 82 d8 f5 5a 61 a3  d8 3c f5 04 15 03 01 00  |M....Za..<......|
-00000120  20 59 6c e6 9e 4e 14 94  5d 61 94 b2 ba 0f eb 18  | Yl..N..]a......|
-00000130  cf 10 5b f6 90 27 58 8e  10 54 36 d4 c7 52 37 2e  |..[..'X..T6..R7.|
-00000140  a0                                                |.|
+00000030  6d ec a4 83 51 ed 14 ef  68 ca 42 c5 4c 5f bb 3b  |m...Q...h.B.L_.;|
+00000040  9c c8 3c 7e 1c cf dc da  e4 35 83 03 13 95 82 5f  |..<~.....5....._|
+00000050  32 77 8a cf dc e9 10 65  9b 97 d4 5d ff 43 57 14  |2w.....e...].CW.|
+00000060  a3 25 e0 fa c8 26 0c ff  71 67 9b 32 2f 49 38 16  |.%...&..qg.2/I8.|
+00000070  aa ea b9 fa 99 86 4c b9  db 7a ef bc 87 43 e8 db  |......L..z...C..|
+00000080  26 27 73 76 80 77 59 c4  fb 7d 56 e9 7e 23 03 75  |&'sv.wY..}V.~#.u|
+00000090  14 03 01 00 01 01 16 03  01 00 30 80 8f 8e 11 b5  |..........0.....|
+000000a0  f4 a0 8c 4a ae 3f 25 17  66 93 1c c5 a5 10 57 e3  |...J.?%.f.....W.|
+000000b0  24 7a c1 a9 72 74 4f fd  20 5e 5b 58 4d bd 5d f0  |$z..rtO. ^[XM.].|
+000000c0  05 8e 06 61 0a 98 19 a0  a8 73 02 17 03 01 00 20  |...a.....s..... |
+000000d0  d9 dd 86 e6 55 55 df 2c  0d 1e 5f 0e 9e 1e 76 51  |....UU.,.._...vQ|
+000000e0  98 e0 2b 09 f9 44 4d 4d  22 97 0d 1e 95 7b b9 41  |..+..DMM"....{.A|
+000000f0  17 03 01 00 30 74 82 1c  35 9b 87 cd 5e 29 95 e1  |....0t..5...^)..|
+00000100  18 e3 76 32 94 b5 1b d0  06 d2 ec 49 40 24 73 d3  |..v2.......I@$s.|
+00000110  fc 5d 1a 26 59 5b 33 d8  5a 30 d5 92 30 bc 80 e0  |.].&Y[3.Z0..0...|
+00000120  ed 85 e8 14 01 15 03 01  00 20 ec 69 2f 9d 29 4f  |......... .i/.)O|
+00000130  1f 8e e6 34 f0 87 66 40  e8 13 14 02 74 c4 1d aa  |..[email protected]...|
+00000140  65 72 43 50 6e 71 9c 2e  b6 3a                    |erCPnq...:|
diff --git a/src/crypto/tls/testdata/Server-TLSv12-ALPN b/src/crypto/tls/testdata/Server-TLSv12-ALPN
@@ -1,19 +1,18 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 e3 01 00 00  df 03 03 e7 33 0d 6a 2d  |............3.j-|
-00000010  87 bc b4 a1 11 ee 1a 4e  91 f5 fb ad 29 70 d4 6d  |.......N....)p.m|
-00000020  05 be ec f3 e2 b1 0d 4e  da a4 b5 00 00 38 c0 2c  |.......N.....8.,|
+00000000  16 03 01 00 d1 01 00 00  cd 03 03 50 99 a9 e9 80  |...........P....|
+00000010  87 f1 0a 5a bc 9d a6 53  6d 08 36 4a 79 f8 48 c3  |...Z...Sm.6Jy.H.|
+00000020  fe c1 b4 02 d9 66 b2 cc  f9 8d d4 00 00 38 c0 2c  |.....f.......8.,|
 00000030  c0 30 00 9f cc a9 cc a8  cc aa c0 2b c0 2f 00 9e  |.0.........+./..|
 00000040  c0 24 c0 28 00 6b c0 23  c0 27 00 67 c0 0a c0 14  |.$.(.k.#.'.g....|
 00000050  00 39 c0 09 c0 13 00 33  00 9d 00 9c 00 3d 00 3c  |.9.....3.....=.<|
-00000060  00 35 00 2f 00 ff 01 00  00 7e 00 00 00 0e 00 0c  |.5./.....~......|
-00000070  00 00 09 31 32 37 2e 30  2e 30 2e 31 00 0b 00 04  |...127.0.0.1....|
-00000080  03 00 01 02 00 0a 00 0c  00 0a 00 1d 00 17 00 1e  |................|
-00000090  00 19 00 18 00 23 00 00  00 10 00 10 00 0e 06 70  |.....#.........p|
-000000a0  72 6f 74 6f 32 06 70 72  6f 74 6f 31 00 16 00 00  |roto2.proto1....|
-000000b0  00 17 00 00 00 0d 00 30  00 2e 04 03 05 03 06 03  |.......0........|
-000000c0  08 07 08 08 08 09 08 0a  08 0b 08 04 08 05 08 06  |................|
-000000d0  04 01 05 01 06 01 03 03  02 03 03 01 02 01 03 02  |................|
-000000e0  02 02 04 02 05 02 06 02                           |........|
+00000060  00 35 00 2f 00 ff 01 00  00 6c 00 0b 00 04 03 00  |.5./.....l......|
+00000070  01 02 00 0a 00 0c 00 0a  00 1d 00 17 00 1e 00 19  |................|
+00000080  00 18 00 23 00 00 00 10  00 10 00 0e 06 70 72 6f  |...#.........pro|
+00000090  74 6f 32 06 70 72 6f 74  6f 31 00 16 00 00 00 17  |to2.proto1......|
+000000a0  00 00 00 0d 00 30 00 2e  04 03 05 03 06 03 08 07  |.....0..........|
+000000b0  08 08 08 09 08 0a 08 0b  08 04 08 05 08 06 04 01  |................|
+000000c0  05 01 06 01 03 03 02 03  03 01 02 01 03 02 02 02  |................|
+000000d0  04 02 05 02 06 02                                 |......|
 >>> Flow 2 (server to client)
 00000000  16 03 03 00 48 02 00 00  44 03 03 00 00 00 00 00  |....H...D.......|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
@@ -60,38 +59,38 @@
 000002a0  3d 13 60 84 5c 21 d3 3b  e9 fa e7 16 03 03 00 ac  |=.`.\!.;........|
 000002b0  0c 00 00 a8 03 00 1d 20  2f e5 7d a3 47 cd 62 43  |....... /.}.G.bC|
 000002c0  15 28 da ac 5f bb 29 07  30 ff f6 84 af c4 cf c2  |.(.._.).0.......|
-000002d0  ed 90 99 5f 58 cb 3b 74  08 04 00 80 b6 a2 61 f9  |..._X.;t......a.|
-000002e0  30 40 0b 5c 2c 92 b4 7b  e3 42 79 00 11 4d 6b 85  |0@.\,..{.By..Mk.|
-000002f0  df 2e 19 c2 fc a8 bc 16  0b c0 8d 02 55 99 a7 06  |............U...|
-00000300  fa 4c 4d 4c 27 de 6d 3d  1e 7a 6f 2c fc eb 9e 15  |.LML'.m=.zo,....|
-00000310  40 6f 0c 81 b3 e1 4d 78  b7 38 c6 50 8f 5b 63 ac  |@o....Mx.8.P.[c.|
-00000320  20 4f a6 06 aa 00 84 f5  01 f4 68 7a 5a 16 c5 da  | O........hzZ...|
-00000330  71 b2 4f 04 6e 59 88 14  8c 81 01 91 a8 e8 c1 18  |q.O.nY..........|
-00000340  a8 07 e8 7a f4 dc b9 e7  7f c5 ce 2c 32 8d fe d6  |...z.......,2...|
-00000350  1f 0e a5 f0 f4 c7 dd 39  13 a1 ca 6d 16 03 03 00  |.......9...m....|
+000002d0  ed 90 99 5f 58 cb 3b 74  08 04 00 80 cb 03 45 70  |..._X.;t......Ep|
+000002e0  f5 51 af d7 cf db 26 79  d1 57 c2 06 4c 49 e6 ea  |.Q....&y.W..LI..|
+000002f0  e7 f4 b8 2c 23 52 8a 1f  bd 8e a3 9e 79 d4 8e 66  |...,#R......y..f|
+00000300  ee 92 39 97 cc ec 46 03  76 f9 59 b7 2e 6f e4 88  |..9...F.v.Y..o..|
+00000310  fd 39 65 59 88 c2 7e 7a  bc de 86 49 98 45 a6 44  |.9eY..~z...I.E.D|
+00000320  82 41 19 94 53 3d 34 4b  73 52 5a af b2 3d 92 5e  |.A..S=4KsRZ..=.^|
+00000330  f3 5b e8 fa 23 a7 71 5c  64 1b 43 bb bd 8e 01 2a  |.[..#.q\d.C....*|
+00000340  59 2d 3b 73 0f b9 3d 02  9a 09 4a fc 0e 4b 65 07  |Y-;s..=...J..Ke.|
+00000350  82 f9 e1 ad ec 64 27 a4  07 60 c7 32 16 03 03 00  |.....d'..`.2....|
 00000360  04 0e 00 00 00                                    |.....|
 >>> Flow 3 (client to server)
-00000000  16 03 03 00 25 10 00 00  21 20 d7 fa 22 66 b4 c8  |....%...! .."f..|
-00000010  67 2c 45 93 bf 38 3a 13  21 45 d5 29 95 5b 0d 5c  |g,E..8:.!E.).[.\|
-00000020  79 d2 d6 9b ef bd 7d eb  a9 21 14 03 03 00 01 01  |y.....}..!......|
-00000030  16 03 03 00 28 a2 81 84  32 29 01 69 28 f9 56 cc  |....(...2).i(.V.|
-00000040  c9 72 51 5c 22 38 51 12  e1 55 a1 d6 8c cf 66 75  |.rQ\"8Q..U....fu|
-00000050  b4 bd 49 60 d0 e4 7e 9e  fe 56 d1 62 36           |..I`..~..V.b6|
+00000000  16 03 03 00 25 10 00 00  21 20 f6 5d 24 8e fc 1c  |....%...! .]$...|
+00000010  39 bb 01 fc 23 ef f4 86  8b aa 2c 39 2a a1 4d e6  |9...#.....,9*.M.|
+00000020  7c 21 74 cc ed 2c 9b 4b  f2 01 14 03 03 00 01 01  ||!t..,.K........|
+00000030  16 03 03 00 28 96 9c a6  78 4b 94 24 e2 31 5a 25  |....(...xK.$.1Z%|
+00000040  68 5e 6a 51 03 5d 9d cf  45 b1 78 17 0b bf ff c6  |h^jQ.]..E.x.....|
+00000050  72 5b e9 f0 a1 b1 46 ab  a5 e1 3f 4d 67           |r[....F...?Mg|
 >>> Flow 4 (server to client)
-00000000  16 03 03 00 82 04 00 00  7e 00 00 00 00 00 78 50  |........~.....xP|
+00000000  16 03 03 00 8b 04 00 00  87 00 00 00 00 00 81 50  |...............P|
 00000010  46 ad c1 db a8 38 86 7b  2b bb fd d0 c3 42 3e 00  |F....8.{+....B>.|
 00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 94  |................|
-00000030  6f ec 80 83 61 cf 87 48  45 0d 9d a5 bf 38 b4 9f  |o...a..HE....8..|
-00000040  19 a9 cd ca 63 79 2d c3  ae 70 74 56 44 99 fb cc  |....cy-..ptVD...|
-00000050  7d 31 c2 67 75 fe 57 1b  fd 6b 2f cd df ec fa 5b  |}1.gu.W..k/....[|
-00000060  23 47 19 7e 84 33 94 d7  de e2 b9 ff 75 7d dc 80  |#G.~.3......u}..|
-00000070  9e 55 94 8e 15 94 70 8f  b5 21 0e 4e f7 4c e6 44  |.U....p..!.N.L.D|
-00000080  01 a3 9d 67 5f 05 73 14  03 03 00 01 01 16 03 03  |...g_.s.........|
-00000090  00 28 00 00 00 00 00 00  00 00 3a 49 dc e2 aa ce  |.(........:I....|
-000000a0  a8 43 27 08 a8 6b 7c ae  3f 07 18 e1 04 a9 e6 24  |.C'..k|.?......$|
-000000b0  0e 9e 0a 0f af a4 c3 6e  90 2d 17 03 03 00 25 00  |.......n.-....%.|
-000000c0  00 00 00 00 00 00 01 41  e1 9b 4c 8a 1a e8 10 bf  |.......A..L.....|
-000000d0  9f fd 76 e4 43 c2 cf 04  ee 68 6a 02 3c 97 fc ec  |..v.C....hj.<...|
-000000e0  c4 0a 74 1d 15 03 03 00  1a 00 00 00 00 00 00 00  |..t.............|
-000000f0  02 1c 9b b1 b6 07 fa 33  a8 70 03 d9 27 29 ea 61  |.......3.p..').a|
-00000100  96 c2 48                                          |..H|
+00000030  6f ec 80 83 51 ed 14 ef  68 ca 42 c5 4c 4a f5 b1  |o...Q...h.B.LJ..|
+00000040  56 86 3e f2 10 79 9e f3  a0 ed 07 6d 09 fc 77 63  |V.>..y.....m..wc|
+00000050  86 68 42 99 7b 13 c3 35  cf 5b a6 3a fa aa c2 ec  |.hB.{..5.[.:....|
+00000060  80 a2 27 e4 97 24 07 48  2c 70 30 fc d6 49 38 16  |..'..$.H,p0..I8.|
+00000070  60 d5 b0 4c ec 4b 74 48  03 2a 5e fb 14 43 6c 5f  |`..L.KtH.*^..Cl_|
+00000080  35 9c 1b a8 7d 62 f8 42  68 27 cb 6d 15 38 e7 8e  |5...}b.Bh'.m.8..|
+00000090  14 03 03 00 01 01 16 03  03 00 28 00 00 00 00 00  |..........(.....|
+000000a0  00 00 00 8d 7a 5a 66 3b  c9 fe 51 c2 71 ef a5 8b  |....zZf;..Q.q...|
+000000b0  42 7d 79 33 4e 6d 66 12  cc e7 46 4f c3 30 12 8f  |B}y3Nmf...FO.0..|
+000000c0  0c 57 60 17 03 03 00 25  00 00 00 00 00 00 00 01  |.W`....%........|
+000000d0  83 aa 62 fe a3 73 ed 67  87 c0 19 1c fa f0 2c 26  |..b..s.g......,&|
+000000e0  4b 16 44 9c a7 f8 c3 e1  ba 6a 85 8f 84 15 03 03  |K.D......j......|
+000000f0  00 1a 00 00 00 00 00 00  00 02 a8 b3 b2 dd 4b a6  |..............K.|
+00000100  ba 05 dc 8f ac 98 ae 01  10 60 9a 62              |.........`.b|