1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_ssl_hs_client_init_main(void *t0ctx
);
66 void br_ssl_hs_client_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the client context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_client_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_client_context *)ENG)
95 * Generate the pre-master secret for RSA key exchange, and encrypt it
96 * with the server's public key. Returned value is either the encrypted
97 * data length (in bytes), or -x on error, with 'x' being an error code.
99 * This code assumes that the public key has been already verified (it
100 * was properly obtained by the X.509 engine, and it has the right type,
101 * i.e. it is of type RSA and suitable for encryption).
104 make_pms_rsa(br_ssl_client_context
*ctx
, int prf_id
)
106 const br_x509_class
**xc
;
107 const br_x509_pkey
*pk
;
108 const unsigned char *n
;
112 xc
= ctx
->eng
.x509ctx
;
113 pk
= (*xc
)->get_pkey(xc
, NULL
);
116 * Compute actual RSA key length, in case there are leading zeros.
119 nlen
= pk
->key
.rsa
.nlen
;
120 while (nlen
> 0 && *n
== 0) {
126 * We need at least 59 bytes (48 bytes for pre-master secret, and
127 * 11 bytes for the PKCS#1 type 2 padding). Note that the X.509
128 * minimal engine normally blocks RSA keys shorter than 128 bytes,
129 * so this is mostly for public keys provided explicitly by the
133 return -BR_ERR_X509_WEAK_PUBLIC_KEY
;
135 if (nlen
> sizeof ctx
->eng
.pad
) {
136 return -BR_ERR_LIMIT_EXCEEDED
;
142 pms
= ctx
->eng
.pad
+ nlen
- 48;
143 br_enc16be(pms
, ctx
->eng
.version_max
);
144 br_hmac_drbg_generate(&ctx
->eng
.rng
, pms
+ 2, 46);
145 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, pms
, 48);
148 * Apply PKCS#1 type 2 padding.
150 ctx
->eng
.pad
[0] = 0x00;
151 ctx
->eng
.pad
[1] = 0x02;
152 ctx
->eng
.pad
[nlen
- 49] = 0x00;
153 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->eng
.pad
+ 2, nlen
- 51);
154 for (u
= 2; u
< nlen
- 49; u
++) {
155 while (ctx
->eng
.pad
[u
] == 0) {
156 br_hmac_drbg_generate(&ctx
->eng
.rng
,
157 &ctx
->eng
.pad
[u
], 1);
162 * Compute RSA encryption.
164 if (!ctx
->irsapub(ctx
->eng
.pad
, nlen
, &pk
->key
.rsa
)) {
165 return -BR_ERR_LIMIT_EXCEEDED
;
171 * OID for hash functions in RSA signatures.
173 static const unsigned char HASH_OID_SHA1
[] = {
174 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
177 static const unsigned char HASH_OID_SHA224
[] = {
178 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
181 static const unsigned char HASH_OID_SHA256
[] = {
182 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
185 static const unsigned char HASH_OID_SHA384
[] = {
186 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
189 static const unsigned char HASH_OID_SHA512
[] = {
190 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
193 static const unsigned char *HASH_OID
[] = {
202 * Check the RSA signature on the ServerKeyExchange message.
204 * hash hash function ID (2 to 6), or 0 for MD5+SHA-1 (with RSA only)
205 * use_rsa non-zero for RSA signature, zero for ECDSA
206 * sig_len signature length (in bytes); signature value is in the pad
208 * Returned value is 0 on success, or an error code.
211 verify_SKE_sig(br_ssl_client_context
*ctx
,
212 int hash
, int use_rsa
, size_t sig_len
)
214 const br_x509_class
**xc
;
215 const br_x509_pkey
*pk
;
216 br_multihash_context mhc
;
217 unsigned char hv
[64], head
[4];
220 xc
= ctx
->eng
.x509ctx
;
221 pk
= (*xc
)->get_pkey(xc
, NULL
);
222 br_multihash_zero(&mhc
);
223 br_multihash_copyimpl(&mhc
, &ctx
->eng
.mhash
);
224 br_multihash_init(&mhc
);
225 br_multihash_update(&mhc
,
226 ctx
->eng
.client_random
, sizeof ctx
->eng
.client_random
);
227 br_multihash_update(&mhc
,
228 ctx
->eng
.server_random
, sizeof ctx
->eng
.server_random
);
231 head
[2] = ctx
->eng
.ecdhe_curve
;
232 head
[3] = ctx
->eng
.ecdhe_point_len
;
233 br_multihash_update(&mhc
, head
, sizeof head
);
234 br_multihash_update(&mhc
,
235 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
237 hv_len
= br_multihash_out(&mhc
, hash
, hv
);
239 return BR_ERR_INVALID_ALGORITHM
;
242 if (!br_multihash_out(&mhc
, br_md5_ID
, hv
)
243 || !br_multihash_out(&mhc
, br_sha1_ID
, hv
+ 16))
245 return BR_ERR_INVALID_ALGORITHM
;
250 unsigned char tmp
[64];
251 const unsigned char *hash_oid
;
254 hash_oid
= HASH_OID
[hash
- 2];
258 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
259 hash_oid
, hv_len
, &pk
->key
.rsa
, tmp
)
260 || memcmp(tmp
, hv
, hv_len
) != 0)
262 return BR_ERR_BAD_SIGNATURE
;
265 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
, hv
, hv_len
, &pk
->key
.ec
,
266 ctx
->eng
.pad
, sig_len
))
268 return BR_ERR_BAD_SIGNATURE
;
275 * Perform client-side ECDH (or ECDHE). The point that should be sent to
276 * the server is written in the pad; returned value is either the point
277 * length (in bytes), or -x on error, with 'x' being an error code.
279 * The point _from_ the server is taken from ecdhe_point[] if 'ecdhe'
280 * is non-zero, or from the X.509 engine context if 'ecdhe' is zero
284 make_pms_ecdh(br_ssl_client_context
*ctx
, unsigned ecdhe
, int prf_id
)
287 unsigned char key
[66], point
[133];
288 const unsigned char *generator
, *order
, *point_src
;
289 size_t glen
, olen
, point_len
;
293 curve
= ctx
->eng
.ecdhe_curve
;
294 point_src
= ctx
->eng
.ecdhe_point
;
295 point_len
= ctx
->eng
.ecdhe_point_len
;
297 const br_x509_class
**xc
;
298 const br_x509_pkey
*pk
;
300 xc
= ctx
->eng
.x509ctx
;
301 pk
= (*xc
)->get_pkey(xc
, NULL
);
302 curve
= pk
->key
.ec
.curve
;
303 point_src
= pk
->key
.ec
.q
;
304 point_len
= pk
->key
.ec
.qlen
;
306 if ((ctx
->eng
.iec
->supported_curves
& ((uint32_t)1 << curve
)) == 0) {
307 return -BR_ERR_INVALID_ALGORITHM
;
311 * We need to generate our key, as a non-zero random value which
312 * is lower than the curve order, in a "large enough" range. We
313 * force top bit to 0 and bottom bit to 1, which guarantees that
314 * the value is in the proper range.
316 order
= ctx
->eng
.iec
->order(curve
, &olen
);
318 while (mask
>= order
[0]) {
321 br_hmac_drbg_generate(&ctx
->eng
.rng
, key
, olen
);
323 key
[olen
- 1] |= 0x01;
326 * Compute the common ECDH point, whose X coordinate is the
329 generator
= ctx
->eng
.iec
->generator(curve
, &glen
);
330 if (glen
!= point_len
) {
331 return -BR_ERR_INVALID_ALGORITHM
;
334 memcpy(point
, point_src
, glen
);
335 if (!ctx
->eng
.iec
->mul(point
, glen
, key
, olen
, curve
)) {
336 return -BR_ERR_INVALID_ALGORITHM
;
340 * The pre-master secret is the X coordinate.
342 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, point
+ 1, glen
>> 1);
344 memcpy(point
, generator
, glen
);
345 if (!ctx
->eng
.iec
->mul(point
, glen
, key
, olen
, curve
)) {
346 return -BR_ERR_INVALID_ALGORITHM
;
348 memcpy(ctx
->eng
.pad
, point
, glen
);
353 * Perform full static ECDH. This occurs only in the context of client
354 * authentication with certificates: the server uses an EC public key,
355 * the cipher suite is of type ECDH (not ECDHE), the server requested a
356 * client certificate and accepts static ECDH, the client has a
357 * certificate with an EC public key in the same curve, and accepts
358 * static ECDH as well.
360 * Returned value is 0 on success, -1 on error.
363 make_pms_static_ecdh(br_ssl_client_context
*ctx
, int prf_id
)
365 unsigned char point
[133];
367 const br_x509_class
**xc
;
368 const br_x509_pkey
*pk
;
370 xc
= ctx
->eng
.x509ctx
;
371 pk
= (*xc
)->get_pkey(xc
, NULL
);
372 point_len
= pk
->key
.ec
.qlen
;
373 if (point_len
> sizeof point
) {
376 memcpy(point
, pk
->key
.ec
.q
, point_len
);
377 if (!(*ctx
->client_auth_vtable
)->do_keyx(
378 ctx
->client_auth_vtable
, point
, point_len
))
382 br_ssl_engine_compute_master(&ctx
->eng
,
383 prf_id
, point
+ 1, point_len
>> 1);
388 * Compute the client-side signature. This is invoked only when a
389 * signature-based client authentication was selected. The computed
390 * signature is in the pad; its length (in bytes) is returned. On
391 * error, 0 is returned.
394 make_client_sign(br_ssl_client_context
*ctx
)
399 * Compute hash of handshake messages so far. This "cannot" fail
400 * because the list of supported hash functions provided to the
401 * client certificate handler was trimmed to include only the
402 * hash functions that the multi-hasher supports.
405 hv_len
= br_multihash_out(&ctx
->eng
.mhash
,
406 ctx
->hash_id
, ctx
->eng
.pad
);
408 br_multihash_out(&ctx
->eng
.mhash
,
409 br_md5_ID
, ctx
->eng
.pad
);
410 br_multihash_out(&ctx
->eng
.mhash
,
411 br_sha1_ID
, ctx
->eng
.pad
+ 16);
414 return (*ctx
->client_auth_vtable
)->do_sign(
415 ctx
->client_auth_vtable
, ctx
->hash_id
, hv_len
,
416 ctx
->eng
.pad
, sizeof ctx
->eng
.pad
);
421 static const uint8_t t0_datablock
[] = {
422 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
423 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
424 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
425 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
426 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
427 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
428 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
429 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
430 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
431 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
432 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
433 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
434 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
437 static const uint8_t t0_codeblock
[] = {
438 0x00, 0x01, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01,
439 0x00, 0x0E, 0x00, 0x00, 0x01, 0x00, 0x0F, 0x00, 0x00, 0x01, 0x01, 0x08,
440 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
441 0x01, 0x02, 0x09, 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
442 T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00, 0x01,
443 T0_INT1(BR_ERR_BAD_CIPHER_SUITE
), 0x00, 0x00, 0x01,
444 T0_INT1(BR_ERR_BAD_COMPRESSION
), 0x00, 0x00, 0x01,
445 T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
446 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
447 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
448 T0_INT1(BR_ERR_BAD_HELLO_DONE
), 0x00, 0x00, 0x01,
449 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
450 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
451 T0_INT1(BR_ERR_BAD_SNI
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_VERSION
),
452 0x00, 0x00, 0x01, T0_INT1(BR_ERR_EXTRA_EXTENSION
), 0x00, 0x00, 0x01,
453 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
454 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
455 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
456 T0_INT1(BR_ERR_RESUME_MISMATCH
), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_UNSUPPORTED_VERSION
), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
460 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
461 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
462 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
463 0x01, T0_INT2(offsetof(br_ssl_client_context
, auth_type
)), 0x00, 0x00,
465 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
467 T0_INT2(offsetof(br_ssl_engine_context
, client_random
)), 0x00, 0x00,
468 0x01, T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00,
469 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_curve
)),
471 T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00, 0x00,
472 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)), 0x00,
473 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)), 0x00,
474 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context
, hash_id
)), 0x00,
475 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context
, hashes
)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
478 T0_INT2(offsetof(br_ssl_client_context
, min_clienthello_len
)), 0x00,
479 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00, 0x00,
480 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)), 0x00,
481 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)),
482 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)),
484 T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00, 0x00,
485 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)), 0x00,
486 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_random
)),
488 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
490 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
492 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
493 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00, 0x00,
494 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00, 0x00,
496 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
497 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
499 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
500 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
501 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
502 0x00, 0x00, 0x09, 0x25, 0x50, 0x06, 0x02, 0x60, 0x26, 0x00, 0x00, 0x06,
503 0x08, 0x2A, 0x0E, 0x05, 0x02, 0x69, 0x26, 0x04, 0x01, 0x3A, 0x00, 0x00,
504 0x01, 0x01, 0x00, 0x01, 0x03, 0x00, 0x81, 0x0F, 0x25, 0x56, 0x41, 0x81,
505 0x13, 0x25, 0x05, 0x04, 0x58, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0E, 0x06,
506 0x03, 0x81, 0x13, 0x00, 0x56, 0x04, 0x69, 0x00, 0x06, 0x02, 0x60, 0x26,
507 0x00, 0x00, 0x25, 0x81, 0x00, 0x41, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x41,
508 0x71, 0x2A, 0x81, 0x21, 0x1C, 0x7C, 0x01, 0x0C, 0x2F, 0x00, 0x00, 0x25,
509 0x1E, 0x01, 0x08, 0x0B, 0x41, 0x54, 0x1E, 0x08, 0x00, 0x01, 0x03, 0x00,
510 0x01, 0x00, 0x6F, 0x3B, 0x27, 0x1A, 0x34, 0x06, 0x08, 0x02, 0x00, 0x81,
511 0x43, 0x03, 0x00, 0x04, 0x74, 0x01, 0x00, 0x81, 0x3A, 0x02, 0x00, 0x25,
512 0x1A, 0x17, 0x06, 0x02, 0x67, 0x26, 0x81, 0x43, 0x04, 0x75, 0x01, 0x01,
513 0x00, 0x6F, 0x3B, 0x01, 0x16, 0x7E, 0x3B, 0x32, 0x81, 0x49, 0x27, 0x81,
514 0x29, 0x06, 0x0B, 0x01, 0x7F, 0x81, 0x24, 0x01, 0x7F, 0x81, 0x46, 0x04,
515 0x80, 0x62, 0x81, 0x26, 0x71, 0x2A, 0x81, 0x17, 0x01,
516 T0_INT1(BR_KEYTYPE_SIGN
), 0x17, 0x06, 0x02, 0x81, 0x2A, 0x81, 0x2D,
517 0x25, 0x01, 0x0D, 0x0E, 0x06, 0x09, 0x24, 0x81, 0x2C, 0x81, 0x2D, 0x01,
518 0x7F, 0x04, 0x02, 0x01, 0x00, 0x03, 0x00, 0x01, 0x0E, 0x0E, 0x05, 0x02,
519 0x6A, 0x26, 0x06, 0x02, 0x5F, 0x26, 0x31, 0x06, 0x02, 0x6A, 0x26, 0x02,
520 0x00, 0x06, 0x22, 0x81, 0x47, 0x78, 0x2C, 0x01, 0x81, 0x7F, 0x0E, 0x06,
521 0x10, 0x24, 0x01, 0x10, 0x81, 0x52, 0x01, 0x00, 0x81, 0x51, 0x71, 0x2A,
522 0x81, 0x21, 0x23, 0x04, 0x06, 0x81, 0x4A, 0x06, 0x02, 0x81, 0x48, 0x04,
523 0x02, 0x81, 0x4A, 0x01, 0x7F, 0x81, 0x46, 0x01, 0x7F, 0x81, 0x24, 0x01,
524 0x01, 0x6F, 0x3B, 0x01, 0x17, 0x7E, 0x3B, 0x00, 0x00, 0x36, 0x36, 0x00,
525 0x00, 0x81, 0x10, 0x01, 0x0C, 0x11, 0x01, 0x00, 0x36, 0x0E, 0x06, 0x05,
526 0x24, 0x01, T0_INT1(BR_KEYTYPE_RSA
| BR_KEYTYPE_KEYX
), 0x04, 0x30,
527 0x01, 0x01, 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
528 T0_INT1(BR_KEYTYPE_RSA
| BR_KEYTYPE_SIGN
), 0x04, 0x25, 0x01, 0x02,
529 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
530 T0_INT1(BR_KEYTYPE_EC
| BR_KEYTYPE_SIGN
), 0x04, 0x1A, 0x01, 0x03,
531 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
532 T0_INT1(BR_KEYTYPE_EC
| BR_KEYTYPE_KEYX
), 0x04, 0x0F, 0x01, 0x04,
533 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
534 T0_INT1(BR_KEYTYPE_EC
| BR_KEYTYPE_KEYX
), 0x04, 0x04, 0x01, 0x00,
535 0x41, 0x24, 0x00, 0x00, 0x7A, 0x2C, 0x01, 0x0E, 0x0E, 0x06, 0x04, 0x01,
536 0x00, 0x04, 0x02, 0x01, 0x05, 0x00, 0x00, 0x3D, 0x06, 0x04, 0x01, 0x06,
537 0x04, 0x02, 0x01, 0x00, 0x00, 0x00, 0x7F, 0x2C, 0x25, 0x06, 0x08, 0x01,
538 0x01, 0x09, 0x01, 0x11, 0x07, 0x04, 0x03, 0x24, 0x01, 0x05, 0x00, 0x01,
539 0x3E, 0x03, 0x00, 0x24, 0x01, 0x00, 0x40, 0x06, 0x03, 0x02, 0x00, 0x08,
540 0x3F, 0x06, 0x03, 0x02, 0x00, 0x08, 0x25, 0x06, 0x06, 0x01, 0x01, 0x0B,
541 0x01, 0x06, 0x08, 0x00, 0x00, 0x81, 0x01, 0x3C, 0x25, 0x06, 0x03, 0x01,
542 0x09, 0x08, 0x00, 0x01, 0x3D, 0x25, 0x06, 0x1E, 0x01, 0x00, 0x03, 0x00,
543 0x25, 0x06, 0x0E, 0x25, 0x01, 0x01, 0x17, 0x02, 0x00, 0x08, 0x03, 0x00,
544 0x01, 0x01, 0x11, 0x04, 0x6F, 0x24, 0x02, 0x00, 0x01, 0x01, 0x0B, 0x01,
545 0x06, 0x08, 0x00, 0x00, 0x77, 0x2B, 0x41, 0x11, 0x01, 0x01, 0x17, 0x33,
546 0x00, 0x00, 0x81, 0x15, 0x81, 0x42, 0x25, 0x01, 0x07, 0x17, 0x01, 0x00,
547 0x36, 0x0E, 0x06, 0x0A, 0x24, 0x01, 0x10, 0x17, 0x06, 0x02, 0x81, 0x15,
548 0x04, 0x32, 0x01, 0x01, 0x36, 0x0E, 0x06, 0x29, 0x24, 0x24, 0x01, 0x00,
549 0x6F, 0x3B, 0x81, 0x28, 0x7F, 0x2C, 0x01, 0x01, 0x0E, 0x01, 0x01, 0x81,
550 0x1E, 0x35, 0x06, 0x11, 0x27, 0x1A, 0x34, 0x06, 0x05, 0x81, 0x42, 0x24,
551 0x04, 0x77, 0x01, 0x80, 0x64, 0x81, 0x3A, 0x04, 0x02, 0x81, 0x15, 0x04,
552 0x03, 0x6A, 0x26, 0x24, 0x04, 0xFF, 0x35, 0x01, 0x25, 0x03, 0x00, 0x09,
553 0x25, 0x50, 0x06, 0x02, 0x60, 0x26, 0x02, 0x00, 0x00, 0x00, 0x81, 0x10,
554 0x01, 0x0F, 0x17, 0x00, 0x00, 0x6E, 0x2C, 0x01, 0x00, 0x36, 0x0E, 0x06,
555 0x10, 0x24, 0x25, 0x01, 0x01, 0x0D, 0x06, 0x03, 0x24, 0x01, 0x02, 0x6E,
556 0x3B, 0x01, 0x00, 0x04, 0x22, 0x01, 0x01, 0x36, 0x0E, 0x06, 0x15, 0x24,
557 0x01, 0x00, 0x6E, 0x3B, 0x25, 0x01, 0x80, 0x64, 0x0E, 0x06, 0x05, 0x01,
558 0x82, 0x00, 0x08, 0x26, 0x52, 0x00, 0x04, 0x07, 0x24, 0x01, 0x82, 0x00,
559 0x08, 0x26, 0x24, 0x00, 0x00, 0x01, 0x00, 0x2D, 0x06, 0x06, 0x38, 0x81,
560 0x22, 0x35, 0x04, 0x77, 0x25, 0x06, 0x05, 0x01, 0x01, 0x81, 0x05, 0x3B,
561 0x00, 0x00, 0x2D, 0x06, 0x0B, 0x7D, 0x2C, 0x01, 0x14, 0x0D, 0x06, 0x02,
562 0x6A, 0x26, 0x04, 0x12, 0x81, 0x42, 0x01, 0x07, 0x17, 0x25, 0x01, 0x02,
563 0x0D, 0x06, 0x06, 0x06, 0x02, 0x6A, 0x26, 0x04, 0x6F, 0x24, 0x81, 0x37,
564 0x01, 0x01, 0x0D, 0x31, 0x35, 0x06, 0x02, 0x59, 0x26, 0x25, 0x01, 0x01,
565 0x81, 0x3D, 0x34, 0x81, 0x27, 0x00, 0x01, 0x81, 0x2D, 0x01, 0x0B, 0x0E,
566 0x05, 0x02, 0x6A, 0x26, 0x25, 0x01, 0x03, 0x0E, 0x06, 0x09, 0x81, 0x35,
567 0x06, 0x02, 0x60, 0x26, 0x41, 0x24, 0x00, 0x41, 0x4F, 0x81, 0x35, 0x81,
568 0x20, 0x25, 0x06, 0x27, 0x81, 0x35, 0x81, 0x20, 0x25, 0x4E, 0x25, 0x06,
569 0x19, 0x25, 0x01, 0x82, 0x00, 0x0F, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04,
570 0x01, 0x25, 0x03, 0x00, 0x7C, 0x02, 0x00, 0x81, 0x2B, 0x02, 0x00, 0x4B,
571 0x04, 0x64, 0x81, 0x11, 0x4C, 0x04, 0x56, 0x81, 0x11, 0x81, 0x11, 0x4D,
572 0x25, 0x06, 0x02, 0x33, 0x00, 0x24, 0x29, 0x00, 0x00, 0x71, 0x2A, 0x81,
573 0x17, 0x01, 0x7F, 0x81, 0x25, 0x25, 0x50, 0x06, 0x02, 0x33, 0x26, 0x25,
574 0x05, 0x02, 0x6A, 0x26, 0x36, 0x17, 0x0D, 0x06, 0x02, 0x6C, 0x26, 0x39,
575 0x00, 0x00, 0x81, 0x12, 0x81, 0x2D, 0x01, 0x14, 0x0D, 0x06, 0x02, 0x6A,
576 0x26, 0x7C, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x81, 0x2B, 0x81, 0x11, 0x7C,
577 0x25, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x2E, 0x05, 0x02, 0x5C, 0x26, 0x00,
578 0x00, 0x81, 0x2E, 0x06, 0x02, 0x6A, 0x26, 0x06, 0x02, 0x5E, 0x26, 0x00,
579 0x09, 0x81, 0x2D, 0x01, 0x02, 0x0E, 0x05, 0x02, 0x6A, 0x26, 0x81, 0x34,
580 0x03, 0x00, 0x02, 0x00, 0x81, 0x0B, 0x2A, 0x0A, 0x02, 0x00, 0x81, 0x0A,
581 0x2A, 0x0F, 0x35, 0x06, 0x02, 0x6B, 0x26, 0x02, 0x00, 0x81, 0x09, 0x2A,
582 0x0D, 0x06, 0x02, 0x63, 0x26, 0x02, 0x00, 0x81, 0x0C, 0x3A, 0x81, 0x02,
583 0x01, 0x20, 0x81, 0x2B, 0x01, 0x00, 0x03, 0x01, 0x81, 0x36, 0x03, 0x02,
584 0x02, 0x02, 0x01, 0x20, 0x0F, 0x06, 0x02, 0x68, 0x26, 0x7C, 0x02, 0x02,
585 0x81, 0x2B, 0x02, 0x02, 0x81, 0x04, 0x2C, 0x0E, 0x02, 0x02, 0x01, 0x00,
586 0x0F, 0x17, 0x06, 0x0C, 0x81, 0x03, 0x7C, 0x02, 0x02, 0x2E, 0x06, 0x04,
587 0x01, 0x7F, 0x03, 0x01, 0x81, 0x03, 0x7C, 0x02, 0x02, 0x2F, 0x02, 0x02,
588 0x81, 0x04, 0x3B, 0x02, 0x00, 0x81, 0x08, 0x02, 0x01, 0x81, 0x0E, 0x81,
589 0x34, 0x25, 0x81, 0x38, 0x50, 0x06, 0x02, 0x5A, 0x26, 0x71, 0x02, 0x01,
590 0x81, 0x0E, 0x81, 0x36, 0x06, 0x02, 0x5B, 0x26, 0x25, 0x06, 0x81, 0x3E,
591 0x81, 0x34, 0x81, 0x20, 0x81, 0x1C, 0x03, 0x03, 0x81, 0x1A, 0x03, 0x04,
592 0x81, 0x18, 0x03, 0x05, 0x81, 0x1B, 0x03, 0x06, 0x81, 0x1D, 0x03, 0x07,
593 0x81, 0x19, 0x03, 0x08, 0x25, 0x06, 0x81, 0x0B, 0x81, 0x34, 0x01, 0x00,
594 0x36, 0x0E, 0x06, 0x10, 0x24, 0x02, 0x03, 0x05, 0x02, 0x64, 0x26, 0x01,
595 0x00, 0x03, 0x03, 0x81, 0x33, 0x04, 0x80, 0x70, 0x01, 0x01, 0x36, 0x0E,
596 0x06, 0x10, 0x24, 0x02, 0x05, 0x05, 0x02, 0x64, 0x26, 0x01, 0x00, 0x03,
597 0x05, 0x81, 0x31, 0x04, 0x80, 0x5A, 0x01, 0x83, 0xFE, 0x01, 0x36, 0x0E,
598 0x06, 0x10, 0x24, 0x02, 0x04, 0x05, 0x02, 0x64, 0x26, 0x01, 0x00, 0x03,
599 0x04, 0x81, 0x32, 0x04, 0x80, 0x42, 0x01, 0x0D, 0x36, 0x0E, 0x06, 0x0F,
600 0x24, 0x02, 0x06, 0x05, 0x02, 0x64, 0x26, 0x01, 0x00, 0x03, 0x06, 0x81,
601 0x2F, 0x04, 0x2D, 0x01, 0x0A, 0x36, 0x0E, 0x06, 0x0F, 0x24, 0x02, 0x07,
602 0x05, 0x02, 0x64, 0x26, 0x01, 0x00, 0x03, 0x07, 0x81, 0x2F, 0x04, 0x18,
603 0x01, 0x0B, 0x36, 0x0E, 0x06, 0x0F, 0x24, 0x02, 0x08, 0x05, 0x02, 0x64,
604 0x26, 0x01, 0x00, 0x03, 0x08, 0x81, 0x2F, 0x04, 0x03, 0x64, 0x26, 0x24,
605 0x04, 0xFE, 0x71, 0x02, 0x04, 0x06, 0x0D, 0x02, 0x04, 0x01, 0x05, 0x0F,
606 0x06, 0x02, 0x61, 0x26, 0x01, 0x01, 0x7F, 0x3B, 0x81, 0x11, 0x81, 0x11,
607 0x02, 0x01, 0x00, 0x04, 0x81, 0x2D, 0x01, 0x0C, 0x0E, 0x05, 0x02, 0x6A,
608 0x26, 0x81, 0x36, 0x01, 0x03, 0x0E, 0x05, 0x02, 0x65, 0x26, 0x81, 0x34,
609 0x25, 0x74, 0x3B, 0x25, 0x01, 0x20, 0x10, 0x06, 0x02, 0x65, 0x26, 0x3D,
610 0x41, 0x11, 0x01, 0x01, 0x17, 0x05, 0x02, 0x65, 0x26, 0x81, 0x36, 0x25,
611 0x01, 0x81, 0x05, 0x0F, 0x06, 0x02, 0x65, 0x26, 0x25, 0x76, 0x3B, 0x75,
612 0x41, 0x81, 0x2B, 0x81, 0x08, 0x2A, 0x01, 0x86, 0x03, 0x10, 0x03, 0x00,
613 0x71, 0x2A, 0x81, 0x40, 0x03, 0x01, 0x01, 0x02, 0x03, 0x02, 0x02, 0x00,
614 0x06, 0x23, 0x81, 0x36, 0x25, 0x25, 0x01, 0x02, 0x0A, 0x41, 0x01, 0x06,
615 0x0F, 0x35, 0x06, 0x02, 0x65, 0x26, 0x03, 0x02, 0x81, 0x36, 0x02, 0x01,
616 0x01, 0x01, 0x0B, 0x01, 0x03, 0x08, 0x0E, 0x05, 0x02, 0x65, 0x26, 0x04,
617 0x08, 0x02, 0x01, 0x06, 0x04, 0x01, 0x00, 0x03, 0x02, 0x81, 0x34, 0x25,
618 0x03, 0x03, 0x25, 0x01, 0x84, 0x00, 0x0F, 0x06, 0x02, 0x66, 0x26, 0x7C,
619 0x41, 0x81, 0x2B, 0x02, 0x02, 0x02, 0x01, 0x02, 0x03, 0x48, 0x25, 0x06,
620 0x01, 0x26, 0x24, 0x81, 0x11, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02,
621 0x00, 0x81, 0x0D, 0x02, 0x01, 0x02, 0x00, 0x37, 0x25, 0x01, 0x00, 0x0E,
622 0x06, 0x02, 0x58, 0x00, 0x81, 0x44, 0x04, 0x73, 0x02, 0x01, 0x00, 0x03,
623 0x00, 0x81, 0x36, 0x81, 0x20, 0x25, 0x06, 0x80, 0x44, 0x81, 0x36, 0x01,
624 0x01, 0x36, 0x0E, 0x06, 0x06, 0x24, 0x01, 0x81, 0x7F, 0x04, 0x2E, 0x01,
625 0x80, 0x40, 0x36, 0x0E, 0x06, 0x07, 0x24, 0x01, 0x83, 0xFE, 0x00, 0x04,
626 0x20, 0x01, 0x80, 0x41, 0x36, 0x0E, 0x06, 0x07, 0x24, 0x01, 0x84, 0x80,
627 0x00, 0x04, 0x12, 0x01, 0x80, 0x42, 0x36, 0x0E, 0x06, 0x07, 0x24, 0x01,
628 0x88, 0x80, 0x00, 0x04, 0x04, 0x01, 0x00, 0x41, 0x24, 0x02, 0x00, 0x35,
629 0x03, 0x00, 0x04, 0xFF, 0x38, 0x81, 0x11, 0x71, 0x2A, 0x81, 0x3E, 0x05,
630 0x09, 0x02, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x17, 0x03, 0x00, 0x81, 0x08,
631 0x2A, 0x01, 0x86, 0x03, 0x10, 0x06, 0x3B, 0x81, 0x30, 0x25, 0x79, 0x3A,
632 0x3E, 0x24, 0x25, 0x01, 0x08, 0x0B, 0x35, 0x01, 0x8C, 0x80, 0x00, 0x35,
633 0x17, 0x02, 0x00, 0x17, 0x02, 0x00, 0x01, 0x8C, 0x80, 0x00, 0x17, 0x06,
634 0x19, 0x25, 0x01, 0x81, 0x7F, 0x17, 0x06, 0x05, 0x01, 0x84, 0x80, 0x00,
635 0x35, 0x25, 0x01, 0x83, 0xFE, 0x00, 0x17, 0x06, 0x05, 0x01, 0x88, 0x80,
636 0x00, 0x35, 0x03, 0x00, 0x04, 0x09, 0x02, 0x00, 0x01, 0x8C, 0x88, 0x01,
637 0x17, 0x03, 0x00, 0x16, 0x81, 0x34, 0x81, 0x20, 0x25, 0x06, 0x27, 0x81,
638 0x34, 0x81, 0x20, 0x25, 0x15, 0x25, 0x06, 0x19, 0x25, 0x01, 0x82, 0x00,
639 0x0F, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x25, 0x03, 0x01, 0x7C,
640 0x02, 0x01, 0x81, 0x2B, 0x02, 0x01, 0x12, 0x04, 0x64, 0x81, 0x11, 0x13,
641 0x04, 0x56, 0x81, 0x11, 0x14, 0x81, 0x11, 0x02, 0x00, 0x28, 0x00, 0x00,
642 0x81, 0x2E, 0x25, 0x52, 0x06, 0x07, 0x24, 0x06, 0x02, 0x5E, 0x26, 0x04,
643 0x73, 0x00, 0x00, 0x81, 0x37, 0x01, 0x03, 0x81, 0x35, 0x41, 0x24, 0x41,
644 0x00, 0x00, 0x81, 0x34, 0x81, 0x3B, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00,
645 0x81, 0x34, 0x81, 0x20, 0x25, 0x06, 0x34, 0x81, 0x36, 0x03, 0x01, 0x81,
646 0x36, 0x03, 0x02, 0x02, 0x01, 0x01, 0x02, 0x10, 0x02, 0x01, 0x01, 0x06,
647 0x0C, 0x17, 0x02, 0x02, 0x01, 0x01, 0x0E, 0x02, 0x02, 0x01, 0x03, 0x0E,
648 0x35, 0x17, 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, 0x55, 0x01,
649 0x02, 0x0B, 0x02, 0x01, 0x08, 0x0B, 0x35, 0x03, 0x00, 0x04, 0x49, 0x81,
650 0x11, 0x02, 0x00, 0x00, 0x00, 0x81, 0x34, 0x01, 0x01, 0x0E, 0x05, 0x02,
651 0x5D, 0x26, 0x81, 0x36, 0x01, 0x08, 0x08, 0x7A, 0x2C, 0x0E, 0x05, 0x02,
652 0x5D, 0x26, 0x00, 0x00, 0x81, 0x34, 0x7F, 0x2C, 0x05, 0x16, 0x01, 0x01,
653 0x0E, 0x05, 0x02, 0x61, 0x26, 0x81, 0x36, 0x01, 0x00, 0x0E, 0x05, 0x02,
654 0x61, 0x26, 0x01, 0x02, 0x7F, 0x3B, 0x04, 0x1F, 0x01, 0x19, 0x0E, 0x05,
655 0x02, 0x61, 0x26, 0x81, 0x36, 0x01, 0x18, 0x0E, 0x05, 0x02, 0x61, 0x26,
656 0x7C, 0x01, 0x18, 0x81, 0x2B, 0x81, 0x00, 0x7C, 0x01, 0x18, 0x2E, 0x05,
657 0x02, 0x61, 0x26, 0x00, 0x00, 0x81, 0x34, 0x06, 0x02, 0x62, 0x26, 0x00,
658 0x00, 0x01, 0x02, 0x81, 0x0D, 0x81, 0x37, 0x01, 0x08, 0x0B, 0x81, 0x37,
659 0x08, 0x00, 0x00, 0x01, 0x03, 0x81, 0x0D, 0x81, 0x37, 0x01, 0x08, 0x0B,
660 0x81, 0x37, 0x08, 0x01, 0x08, 0x0B, 0x81, 0x37, 0x08, 0x00, 0x00, 0x01,
661 0x01, 0x81, 0x0D, 0x81, 0x37, 0x00, 0x00, 0x38, 0x25, 0x50, 0x05, 0x01,
662 0x00, 0x24, 0x81, 0x44, 0x04, 0x75, 0x02, 0x03, 0x00, 0x81, 0x07, 0x2C,
663 0x03, 0x01, 0x01, 0x00, 0x25, 0x02, 0x01, 0x0A, 0x06, 0x11, 0x25, 0x01,
664 0x01, 0x0B, 0x81, 0x06, 0x08, 0x2A, 0x02, 0x00, 0x0E, 0x06, 0x01, 0x00,
665 0x54, 0x04, 0x69, 0x24, 0x01, 0x7F, 0x00, 0x00, 0x01, 0x15, 0x7E, 0x3B,
666 0x41, 0x4A, 0x24, 0x4A, 0x24, 0x27, 0x00, 0x00, 0x01, 0x01, 0x41, 0x81,
667 0x39, 0x00, 0x00, 0x41, 0x36, 0x81, 0x0D, 0x41, 0x25, 0x06, 0x06, 0x81,
668 0x37, 0x24, 0x55, 0x04, 0x77, 0x24, 0x00, 0x00, 0x25, 0x01, 0x81, 0xAC,
669 0x00, 0x0E, 0x06, 0x04, 0x24, 0x01, 0x7F, 0x00, 0x81, 0x10, 0x51, 0x00,
670 0x02, 0x03, 0x00, 0x71, 0x2A, 0x81, 0x10, 0x03, 0x01, 0x02, 0x01, 0x01,
671 0x0F, 0x17, 0x02, 0x01, 0x01, 0x04, 0x11, 0x01, 0x0F, 0x17, 0x02, 0x01,
672 0x01, 0x08, 0x11, 0x01, 0x0F, 0x17, 0x01, 0x00, 0x36, 0x0E, 0x06, 0x10,
673 0x24, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x44, 0x04, 0x01,
674 0x45, 0x04, 0x80, 0x56, 0x01, 0x01, 0x36, 0x0E, 0x06, 0x10, 0x24, 0x01,
675 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x44, 0x04, 0x01, 0x45, 0x04,
676 0x80, 0x40, 0x01, 0x02, 0x36, 0x0E, 0x06, 0x0F, 0x24, 0x01, 0x01, 0x01,
677 0x20, 0x02, 0x00, 0x06, 0x03, 0x44, 0x04, 0x01, 0x45, 0x04, 0x2B, 0x01,
678 0x03, 0x36, 0x0E, 0x06, 0x0E, 0x24, 0x24, 0x01, 0x10, 0x02, 0x00, 0x06,
679 0x03, 0x42, 0x04, 0x01, 0x43, 0x04, 0x17, 0x01, 0x04, 0x36, 0x0E, 0x06,
680 0x0E, 0x24, 0x24, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x42, 0x04, 0x01,
681 0x43, 0x04, 0x03, 0x60, 0x26, 0x24, 0x00, 0x00, 0x81, 0x10, 0x01, 0x0C,
682 0x11, 0x01, 0x02, 0x0F, 0x00, 0x00, 0x81, 0x10, 0x01, 0x0C, 0x11, 0x25,
683 0x53, 0x41, 0x01, 0x03, 0x0A, 0x17, 0x00, 0x00, 0x81, 0x10, 0x01, 0x0C,
684 0x11, 0x01, 0x01, 0x0E, 0x00, 0x00, 0x81, 0x10, 0x01, 0x0C, 0x11, 0x52,
685 0x00, 0x00, 0x1B, 0x01, 0x00, 0x6D, 0x2C, 0x25, 0x06, 0x20, 0x01, 0x01,
686 0x36, 0x0E, 0x06, 0x07, 0x24, 0x01, 0x00, 0x81, 0x14, 0x04, 0x11, 0x01,
687 0x02, 0x36, 0x0E, 0x06, 0x0A, 0x24, 0x6F, 0x2C, 0x06, 0x03, 0x01, 0x10,
688 0x35, 0x04, 0x01, 0x24, 0x04, 0x01, 0x24, 0x73, 0x2C, 0x05, 0x35, 0x2D,
689 0x06, 0x32, 0x7D, 0x2C, 0x01, 0x14, 0x36, 0x0E, 0x06, 0x06, 0x24, 0x01,
690 0x02, 0x35, 0x04, 0x24, 0x01, 0x15, 0x36, 0x0E, 0x06, 0x0B, 0x24, 0x81,
691 0x23, 0x06, 0x04, 0x01, 0x7F, 0x81, 0x14, 0x04, 0x13, 0x01, 0x16, 0x36,
692 0x0E, 0x06, 0x06, 0x24, 0x01, 0x01, 0x35, 0x04, 0x07, 0x24, 0x01, 0x04,
693 0x35, 0x01, 0x00, 0x24, 0x1A, 0x06, 0x03, 0x01, 0x08, 0x35, 0x00, 0x00,
694 0x1B, 0x25, 0x05, 0x10, 0x2D, 0x06, 0x0D, 0x7D, 0x2C, 0x01, 0x15, 0x0E,
695 0x06, 0x05, 0x24, 0x81, 0x23, 0x04, 0x01, 0x1F, 0x00, 0x00, 0x81, 0x42,
696 0x01, 0x07, 0x17, 0x01, 0x01, 0x0F, 0x06, 0x02, 0x6A, 0x26, 0x00, 0x01,
697 0x03, 0x00, 0x27, 0x1A, 0x06, 0x05, 0x02, 0x00, 0x7E, 0x3B, 0x00, 0x81,
698 0x42, 0x24, 0x04, 0x73, 0x00, 0x01, 0x14, 0x81, 0x45, 0x01, 0x01, 0x81,
699 0x52, 0x27, 0x25, 0x01, 0x00, 0x81, 0x3D, 0x01, 0x16, 0x81, 0x45, 0x81,
700 0x4B, 0x27, 0x00, 0x00, 0x01, 0x0B, 0x81, 0x52, 0x46, 0x25, 0x25, 0x01,
701 0x03, 0x08, 0x81, 0x51, 0x81, 0x51, 0x18, 0x25, 0x50, 0x06, 0x02, 0x24,
702 0x00, 0x81, 0x51, 0x1D, 0x25, 0x06, 0x06, 0x7C, 0x41, 0x81, 0x4C, 0x04,
703 0x76, 0x24, 0x04, 0x6A, 0x00, 0x20, 0x01, 0x0F, 0x81, 0x52, 0x25, 0x81,
704 0x08, 0x2A, 0x01, 0x86, 0x03, 0x10, 0x06, 0x0F, 0x01, 0x04, 0x08, 0x81,
705 0x51, 0x78, 0x2C, 0x81, 0x52, 0x70, 0x2C, 0x81, 0x52, 0x04, 0x03, 0x56,
706 0x81, 0x51, 0x25, 0x81, 0x50, 0x7C, 0x41, 0x81, 0x4C, 0x00, 0x02, 0x81,
707 0x1A, 0x81, 0x1C, 0x08, 0x81, 0x18, 0x08, 0x81, 0x1B, 0x08, 0x81, 0x1D,
708 0x08, 0x81, 0x19, 0x08, 0x03, 0x00, 0x01, 0x01, 0x81, 0x52, 0x01, 0x27,
709 0x81, 0x04, 0x2C, 0x08, 0x81, 0x07, 0x2C, 0x01, 0x01, 0x0B, 0x08, 0x02,
710 0x00, 0x06, 0x04, 0x56, 0x02, 0x00, 0x08, 0x7B, 0x2A, 0x36, 0x09, 0x25,
711 0x53, 0x06, 0x24, 0x02, 0x00, 0x05, 0x04, 0x41, 0x56, 0x41, 0x57, 0x01,
712 0x04, 0x09, 0x25, 0x50, 0x06, 0x03, 0x24, 0x01, 0x00, 0x25, 0x01, 0x04,
713 0x08, 0x02, 0x00, 0x08, 0x03, 0x00, 0x41, 0x01, 0x04, 0x08, 0x36, 0x08,
714 0x41, 0x04, 0x03, 0x24, 0x01, 0x7F, 0x03, 0x01, 0x81, 0x51, 0x81, 0x0A,
715 0x2A, 0x81, 0x50, 0x72, 0x01, 0x04, 0x19, 0x72, 0x01, 0x04, 0x08, 0x01,
716 0x1C, 0x30, 0x72, 0x01, 0x20, 0x81, 0x4C, 0x81, 0x03, 0x81, 0x04, 0x2C,
717 0x81, 0x4E, 0x81, 0x07, 0x2C, 0x25, 0x01, 0x01, 0x0B, 0x81, 0x50, 0x81,
718 0x06, 0x41, 0x25, 0x06, 0x11, 0x55, 0x36, 0x2A, 0x25, 0x81, 0x3C, 0x05,
719 0x02, 0x5A, 0x26, 0x81, 0x50, 0x41, 0x56, 0x41, 0x04, 0x6C, 0x58, 0x01,
720 0x01, 0x81, 0x52, 0x01, 0x00, 0x81, 0x52, 0x02, 0x00, 0x06, 0x81, 0x49,
721 0x02, 0x00, 0x81, 0x50, 0x81, 0x1A, 0x06, 0x13, 0x01, 0x83, 0xFE, 0x01,
722 0x81, 0x50, 0x81, 0x00, 0x81, 0x1A, 0x01, 0x04, 0x09, 0x25, 0x81, 0x50,
723 0x55, 0x81, 0x4E, 0x81, 0x1C, 0x06, 0x1D, 0x01, 0x00, 0x81, 0x50, 0x81,
724 0x01, 0x81, 0x1C, 0x01, 0x04, 0x09, 0x25, 0x81, 0x50, 0x01, 0x02, 0x09,
725 0x25, 0x81, 0x50, 0x01, 0x00, 0x81, 0x52, 0x01, 0x03, 0x09, 0x81, 0x4D,
726 0x81, 0x18, 0x06, 0x0F, 0x01, 0x01, 0x81, 0x50, 0x01, 0x01, 0x81, 0x50,
727 0x7A, 0x2C, 0x01, 0x08, 0x09, 0x81, 0x52, 0x81, 0x1B, 0x06, 0x1F, 0x01,
728 0x0D, 0x81, 0x50, 0x81, 0x1B, 0x01, 0x04, 0x09, 0x25, 0x81, 0x50, 0x01,
729 0x02, 0x09, 0x81, 0x50, 0x3F, 0x06, 0x04, 0x01, 0x03, 0x81, 0x4F, 0x40,
730 0x06, 0x04, 0x01, 0x01, 0x81, 0x4F, 0x81, 0x1D, 0x25, 0x06, 0x27, 0x01,
731 0x0A, 0x81, 0x50, 0x01, 0x04, 0x09, 0x25, 0x81, 0x50, 0x57, 0x81, 0x50,
732 0x3D, 0x01, 0x00, 0x25, 0x01, 0x20, 0x0A, 0x06, 0x0E, 0x81, 0x16, 0x11,
733 0x01, 0x01, 0x17, 0x06, 0x03, 0x25, 0x81, 0x50, 0x54, 0x04, 0x6C, 0x58,
734 0x04, 0x01, 0x24, 0x81, 0x19, 0x06, 0x0D, 0x01, 0x0B, 0x81, 0x50, 0x01,
735 0x02, 0x81, 0x50, 0x01, 0x82, 0x00, 0x81, 0x50, 0x02, 0x01, 0x50, 0x05,
736 0x14, 0x01, 0x15, 0x81, 0x50, 0x02, 0x01, 0x25, 0x81, 0x50, 0x25, 0x06,
737 0x07, 0x55, 0x01, 0x00, 0x81, 0x52, 0x04, 0x76, 0x24, 0x00, 0x00, 0x01,
738 0x10, 0x81, 0x52, 0x71, 0x2A, 0x25, 0x81, 0x41, 0x06, 0x10, 0x81, 0x21,
739 0x22, 0x25, 0x56, 0x81, 0x51, 0x25, 0x81, 0x50, 0x7C, 0x41, 0x81, 0x4C,
740 0x04, 0x12, 0x25, 0x81, 0x3F, 0x41, 0x81, 0x21, 0x21, 0x25, 0x54, 0x81,
741 0x51, 0x25, 0x81, 0x52, 0x7C, 0x41, 0x81, 0x4C, 0x00, 0x00, 0x81, 0x12,
742 0x01, 0x14, 0x81, 0x52, 0x01, 0x0C, 0x81, 0x51, 0x7C, 0x01, 0x0C, 0x81,
743 0x4C, 0x00, 0x00, 0x49, 0x25, 0x01, 0x00, 0x0E, 0x06, 0x02, 0x58, 0x00,
744 0x81, 0x42, 0x24, 0x04, 0x72, 0x00, 0x25, 0x81, 0x50, 0x81, 0x4C, 0x00,
745 0x00, 0x25, 0x81, 0x52, 0x81, 0x4C, 0x00, 0x01, 0x03, 0x00, 0x3E, 0x24,
746 0x25, 0x01, 0x10, 0x17, 0x06, 0x08, 0x01, 0x04, 0x81, 0x52, 0x02, 0x00,
747 0x81, 0x52, 0x25, 0x01, 0x08, 0x17, 0x06, 0x08, 0x01, 0x03, 0x81, 0x52,
748 0x02, 0x00, 0x81, 0x52, 0x25, 0x01, 0x20, 0x17, 0x06, 0x08, 0x01, 0x05,
749 0x81, 0x52, 0x02, 0x00, 0x81, 0x52, 0x25, 0x01, 0x80, 0x40, 0x17, 0x06,
750 0x08, 0x01, 0x06, 0x81, 0x52, 0x02, 0x00, 0x81, 0x52, 0x01, 0x04, 0x17,
751 0x06, 0x08, 0x01, 0x02, 0x81, 0x52, 0x02, 0x00, 0x81, 0x52, 0x00, 0x00,
752 0x25, 0x01, 0x08, 0x47, 0x81, 0x52, 0x81, 0x52, 0x00, 0x00, 0x25, 0x01,
753 0x10, 0x47, 0x81, 0x52, 0x81, 0x50, 0x00, 0x00, 0x25, 0x4A, 0x06, 0x02,
754 0x24, 0x00, 0x81, 0x42, 0x24, 0x04, 0x75
757 static const uint16_t t0_caddr
[] = {
891 #define T0_INTERPRETED 80
893 #define T0_ENTER(ip, rp, slot) do { \
894 const unsigned char *t0_newip; \
896 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
897 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
899 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
903 #define T0_DEFENTRY(name, slot) \
907 t0_context *t0ctx = ctx; \
908 t0ctx->ip = &t0_codeblock[0]; \
909 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
912 T0_DEFENTRY(br_ssl_hs_client_init_main
, 159)
915 br_ssl_hs_client_run(void *t0ctx
)
918 const unsigned char *ip
;
920 #define T0_LOCAL(x) (*(rp - 2 - (x)))
921 #define T0_POP() (*-- dp)
922 #define T0_POPi() (*(int32_t *)(-- dp))
923 #define T0_PEEK(x) (*(dp - 1 - (x)))
924 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
925 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
926 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
927 #define T0_RPOP() (*-- rp)
928 #define T0_RPOPi() (*(int32_t *)(-- rp))
929 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
930 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
931 #define T0_ROLL(x) do { \
932 size_t t0len = (size_t)(x); \
933 uint32_t t0tmp = *(dp - 1 - t0len); \
934 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
937 #define T0_SWAP() do { \
938 uint32_t t0tmp = *(dp - 2); \
939 *(dp - 2) = *(dp - 1); \
942 #define T0_ROT() do { \
943 uint32_t t0tmp = *(dp - 3); \
944 *(dp - 3) = *(dp - 2); \
945 *(dp - 2) = *(dp - 1); \
948 #define T0_NROT() do { \
949 uint32_t t0tmp = *(dp - 1); \
950 *(dp - 1) = *(dp - 2); \
951 *(dp - 2) = *(dp - 3); \
954 #define T0_PICK(x) do { \
955 uint32_t t0depth = (x); \
956 T0_PUSH(T0_PEEK(t0depth)); \
958 #define T0_CO() do { \
961 #define T0_RET() break
963 dp
= ((t0_context
*)t0ctx
)->dp
;
964 rp
= ((t0_context
*)t0ctx
)->rp
;
965 ip
= ((t0_context
*)t0ctx
)->ip
;
969 t0x
= t0_parse7E_unsigned(&ip
);
970 if (t0x
< T0_INTERPRETED
) {
982 ip
= &t0_codeblock
[t0x
];
984 case 1: /* literal constant */
985 T0_PUSHi(t0_parse7E_signed(&ip
));
987 case 2: /* read local */
988 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
990 case 3: /* write local */
991 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
994 t0off
= t0_parse7E_signed(&ip
);
997 case 5: /* jump if */
998 t0off
= t0_parse7E_signed(&ip
);
1003 case 6: /* jump if not */
1004 t0off
= t0_parse7E_signed(&ip
);
1012 uint32_t b
= T0_POP();
1013 uint32_t a
= T0_POP();
1021 uint32_t b
= T0_POP();
1022 uint32_t a
= T0_POP();
1030 uint32_t b
= T0_POP();
1031 uint32_t a
= T0_POP();
1039 int32_t b
= T0_POPi();
1040 int32_t a
= T0_POPi();
1041 T0_PUSH(-(uint32_t)(a
< b
));
1048 int c
= (int)T0_POPi();
1049 uint32_t x
= T0_POP();
1057 int32_t b
= T0_POPi();
1058 int32_t a
= T0_POPi();
1059 T0_PUSH(-(uint32_t)(a
<= b
));
1066 uint32_t b
= T0_POP();
1067 uint32_t a
= T0_POP();
1068 T0_PUSH(-(uint32_t)(a
!= b
));
1075 uint32_t b
= T0_POP();
1076 uint32_t a
= T0_POP();
1077 T0_PUSH(-(uint32_t)(a
== b
));
1084 int32_t b
= T0_POPi();
1085 int32_t a
= T0_POPi();
1086 T0_PUSH(-(uint32_t)(a
> b
));
1093 int32_t b
= T0_POPi();
1094 int32_t a
= T0_POPi();
1095 T0_PUSH(-(uint32_t)(a
>= b
));
1102 int c
= (int)T0_POPi();
1103 int32_t x
= T0_POPi();
1109 /* anchor-dn-append-name */
1114 if (CTX
->client_auth_vtable
!= NULL
) {
1115 (*CTX
->client_auth_vtable
)->append_name(
1116 CTX
->client_auth_vtable
, ENG
->pad
, len
);
1122 /* anchor-dn-end-name */
1124 if (CTX
->client_auth_vtable
!= NULL
) {
1125 (*CTX
->client_auth_vtable
)->end_name(
1126 CTX
->client_auth_vtable
);
1132 /* anchor-dn-end-name-list */
1134 if (CTX
->client_auth_vtable
!= NULL
) {
1135 (*CTX
->client_auth_vtable
)->end_name_list(
1136 CTX
->client_auth_vtable
);
1142 /* anchor-dn-start-name */
1147 if (CTX
->client_auth_vtable
!= NULL
) {
1148 (*CTX
->client_auth_vtable
)->start_name(
1149 CTX
->client_auth_vtable
, len
);
1155 /* anchor-dn-start-name-list */
1157 if (CTX
->client_auth_vtable
!= NULL
) {
1158 (*CTX
->client_auth_vtable
)->start_name_list(
1159 CTX
->client_auth_vtable
);
1167 uint32_t b
= T0_POP();
1168 uint32_t a
= T0_POP();
1176 if (ENG
->chain_len
== 0) {
1179 ENG
->cert_cur
= ENG
->chain
->data
;
1180 ENG
->cert_len
= ENG
->chain
->data_len
;
1183 T0_PUSH(ENG
->cert_len
);
1191 size_t len
= (size_t)T0_POP();
1192 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1193 memset(addr
, 0, len
);
1200 T0_PUSHi(-(ENG
->hlen_out
> 0));
1210 /* compute-Finished-inner */
1212 int prf_id
= T0_POP();
1213 int from_client
= T0_POPi();
1214 unsigned char seed
[48];
1217 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1218 if (ENG
->session
.version
>= BR_TLS12
) {
1219 seed_len
= br_multihash_out(&ENG
->mhash
, prf_id
, seed
);
1221 br_multihash_out(&ENG
->mhash
, br_md5_ID
, seed
);
1222 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, seed
+ 16);
1225 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1226 sizeof ENG
->session
.master_secret
,
1227 from_client
? "client finished" : "server finished",
1233 /* copy-cert-chunk */
1237 clen
= ENG
->cert_len
;
1238 if (clen
> sizeof ENG
->pad
) {
1239 clen
= sizeof ENG
->pad
;
1241 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1242 ENG
->cert_cur
+= clen
;
1243 ENG
->cert_len
-= clen
;
1251 size_t addr
= T0_POP();
1252 T0_PUSH(t0_datablock
[addr
]);
1264 /* do-client-sign */
1268 sig_len
= make_client_sign(CTX
);
1270 br_ssl_engine_fail(ENG
, BR_ERR_INVALID_ALGORITHM
);
1280 unsigned prf_id
= T0_POP();
1281 unsigned ecdhe
= T0_POP();
1284 x
= make_pms_ecdh(CTX
, ecdhe
, prf_id
);
1286 br_ssl_engine_fail(ENG
, -x
);
1295 /* do-rsa-encrypt */
1299 x
= make_pms_rsa(CTX
, T0_POP());
1301 br_ssl_engine_fail(ENG
, -x
);
1310 /* do-static-ecdh */
1312 unsigned prf_id
= T0_POP();
1314 if (make_pms_static_ecdh(CTX
, prf_id
) < 0) {
1315 br_ssl_engine_fail(ENG
, BR_ERR_INVALID_ALGORITHM
);
1328 T0_PUSH(T0_PEEK(0));
1334 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1342 br_ssl_engine_flush_record(ENG
);
1347 /* get-client-chain */
1349 uint32_t auth_types
;
1351 auth_types
= T0_POP();
1352 if (CTX
->client_auth_vtable
!= NULL
) {
1353 br_ssl_client_certificate ux
;
1355 (*CTX
->client_auth_vtable
)->choose(CTX
->client_auth_vtable
,
1356 CTX
, auth_types
, &ux
);
1357 CTX
->auth_type
= (unsigned char)ux
.auth_type
;
1358 CTX
->hash_id
= (unsigned char)ux
.hash_id
;
1359 ENG
->chain
= ux
.chain
;
1360 ENG
->chain_len
= ux
.chain_len
;
1369 /* get-key-type-usages */
1371 const br_x509_class
*xc
;
1372 const br_x509_pkey
*pk
;
1375 xc
= *(ENG
->x509ctx
);
1376 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1380 T0_PUSH(pk
->key_type
| usages
);
1388 size_t addr
= (size_t)T0_POP();
1389 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1396 size_t addr
= (size_t)T0_POP();
1397 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1404 size_t addr
= (size_t)T0_POP();
1405 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1412 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1419 size_t len
= (size_t)T0_POP();
1420 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1421 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1422 int x
= memcmp(addr1
, addr2
, len
);
1423 T0_PUSH((uint32_t)-(x
== 0));
1430 size_t len
= (size_t)T0_POP();
1431 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1432 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1433 memcpy(dst
, src
, len
);
1440 size_t len
= (size_t)T0_POP();
1441 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1442 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1447 /* more-incoming-bytes? */
1449 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1454 /* multihash-init */
1456 br_multihash_init(&ENG
->mhash
);
1463 uint32_t a
= T0_POP();
1471 uint32_t a
= T0_POP();
1479 uint32_t b
= T0_POP();
1480 uint32_t a
= T0_POP();
1487 T0_PUSH(T0_PEEK(1));
1491 /* read-chunk-native */
1493 size_t clen
= ENG
->hlen_in
;
1499 if ((size_t)len
< clen
) {
1502 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1503 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1504 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1506 T0_PUSH(addr
+ (uint32_t)clen
);
1507 T0_PUSH(len
- (uint32_t)clen
);
1508 ENG
->hbuf_in
+= clen
;
1509 ENG
->hlen_in
-= clen
;
1517 if (ENG
->hlen_in
> 0) {
1520 x
= *ENG
->hbuf_in
++;
1521 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1522 br_multihash_update(&ENG
->mhash
, &x
, 1);
1533 /* set-server-curve */
1535 const br_x509_class
*xc
;
1536 const br_x509_pkey
*pk
;
1538 xc
= *(ENG
->x509ctx
);
1539 pk
= xc
->get_pkey(ENG
->x509ctx
, NULL
);
1541 (pk
->key_type
== BR_KEYTYPE_EC
) ? pk
->key
.ec
.curve
: 0;
1548 size_t addr
= (size_t)T0_POP();
1549 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1556 size_t addr
= (size_t)T0_POP();
1557 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1564 void *str
= (unsigned char *)ENG
+ (size_t)T0_POP();
1565 T0_PUSH((uint32_t)strlen(str
));
1570 /* supported-curves */
1572 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1578 /* supported-hash-functions */
1585 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1586 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1597 /* supports-ecdsa? */
1599 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1604 /* supports-rsa-sign? */
1606 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1616 /* switch-aesgcm-in */
1618 int is_client
, prf_id
;
1619 unsigned cipher_key_len
;
1621 cipher_key_len
= T0_POP();
1623 is_client
= T0_POP();
1624 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1625 ENG
->iaes_ctr
, cipher_key_len
);
1630 /* switch-aesgcm-out */
1632 int is_client
, prf_id
;
1633 unsigned cipher_key_len
;
1635 cipher_key_len
= T0_POP();
1637 is_client
= T0_POP();
1638 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1639 ENG
->iaes_ctr
, cipher_key_len
);
1646 int is_client
, prf_id
, mac_id
, aes
;
1647 unsigned cipher_key_len
;
1649 cipher_key_len
= T0_POP();
1653 is_client
= T0_POP();
1654 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1655 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1660 /* switch-cbc-out */
1662 int is_client
, prf_id
, mac_id
, aes
;
1663 unsigned cipher_key_len
;
1665 cipher_key_len
= T0_POP();
1669 is_client
= T0_POP();
1670 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1671 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1676 /* total-chain-length */
1682 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1683 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1692 int c
= (int)T0_POPi();
1693 uint32_t x
= T0_POP();
1699 /* verify-SKE-sig */
1701 size_t sig_len
= T0_POP();
1702 int use_rsa
= T0_POPi();
1703 int hash
= T0_POPi();
1705 T0_PUSH(verify_SKE_sig(CTX
, hash
, use_rsa
, sig_len
));
1710 /* write-blob-chunk */
1712 size_t clen
= ENG
->hlen_out
;
1718 if ((size_t)len
< clen
) {
1721 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1722 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1723 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1725 T0_PUSH(addr
+ (uint32_t)clen
);
1726 T0_PUSH(len
- (uint32_t)clen
);
1727 ENG
->hbuf_out
+= clen
;
1728 ENG
->hlen_out
-= clen
;
1738 x
= (unsigned char)T0_POP();
1739 if (ENG
->hlen_out
> 0) {
1740 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1741 br_multihash_update(&ENG
->mhash
, &x
, 1);
1743 *ENG
->hbuf_out
++ = x
;
1755 const br_x509_class
*xc
;
1758 xc
= *(ENG
->x509ctx
);
1760 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1767 const br_x509_class
*xc
;
1769 xc
= *(ENG
->x509ctx
);
1770 xc
->end_cert(ENG
->x509ctx
);
1775 /* x509-end-chain */
1777 const br_x509_class
*xc
;
1779 xc
= *(ENG
->x509ctx
);
1780 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1785 /* x509-start-cert */
1787 const br_x509_class
*xc
;
1789 xc
= *(ENG
->x509ctx
);
1790 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1795 /* x509-start-chain */
1797 const br_x509_class
*xc
;
1801 xc
= *(ENG
->x509ctx
);
1802 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1809 T0_ENTER(ip
, rp
, t0x
);
1813 ((t0_context
*)t0ctx
)->dp
= dp
;
1814 ((t0_context
*)t0ctx
)->rp
= rp
;
1815 ((t0_context
*)t0ctx
)->ip
= ip
;