projects / BearSSL / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fixed computing of intermediate buffer size for maximum-size RSA keys.
[BearSSL] / src / ssl / ssl_hs_server.c
1 /* Automatically generated code; do not modify directly. */
2
3 #include <stddef.h>
4 #include <stdint.h>
5
6 typedef struct {
7 uint32_t *dp;
8 uint32_t *rp;
9 const unsigned char *ip;
10 } t0_context;
11
12 static uint32_t
13 t0_parse7E_unsigned(const unsigned char **p)
14 {
15 uint32_t x;
16
17 x = 0;
18 for (;;) {
19 unsigned y;
20
21 y = *(*p) ++;
22 x = (x << 7) | (uint32_t)(y & 0x7F);
23 if (y < 0x80) {
24 return x;
25 }
26 }
27 }
28
29 static int32_t
30 t0_parse7E_signed(const unsigned char **p)
31 {
32 int neg;
33 uint32_t x;
34
35 neg = ((**p) >> 6) & 1;
36 x = (uint32_t)-neg;
37 for (;;) {
38 unsigned y;
39
40 y = *(*p) ++;
41 x = (x << 7) | (uint32_t)(y & 0x7F);
42 if (y < 0x80) {
43 if (neg) {
44 return -(int32_t)~x - 1;
45 } else {
46 return (int32_t)x;
47 }
48 }
49 }
50 }
51
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
60
61 /* static const unsigned char t0_datablock[]; */
62
63
64 void br_ssl_hs_server_init_main(void *t0ctx);
65
66 void br_ssl_hs_server_run(void *t0ctx);
67
68
69
70 #include <stddef.h>
71 #include <string.h>
72
73 #include "inner.h"
74
75 /*
76 * This macro evaluates to a pointer to the current engine context.
77 */
78 #define ENG ((br_ssl_engine_context *)(void *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
79
80
81
82
83
84 /*
85 * This macro evaluates to a pointer to the server context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_server_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "addresses" computed as offsets
90 * within the structure work for both kinds of context.
91 */
92 #define CTX ((br_ssl_server_context *)ENG)
93
94 /*
95 * Decrypt the pre-master secret (RSA key exchange).
96 */
97 static void
98 do_rsa_decrypt(br_ssl_server_context *ctx, int prf_id,
99 unsigned char *epms, size_t len)
100 {
101 uint32_t x;
102 unsigned char rpms[48];
103
104 /*
105 * Decrypt the PMS.
106 */
107 x = (*ctx->policy_vtable)->do_keyx(ctx->policy_vtable, epms, &len);
108
109 /*
110 * Set the first two bytes to the maximum supported client
111 * protocol version. These bytes are used for version rollback
112 * detection; forceing the two bytes will make the master secret
113 * wrong if the bytes are not correct. This process is
114 * recommended by RFC 5246 (section 7.4.7.1).
115 */
116 br_enc16be(epms, ctx->client_max_version);
117
118 /*
119 * Make a random PMS and copy it above the decrypted value if the
120 * decryption failed. Note that we use a constant-time conditional
121 * copy.
122 */
123 br_hmac_drbg_generate(&ctx->eng.rng, rpms, sizeof rpms);
124 br_ccopy(x ^ 1, epms, rpms, sizeof rpms);
125
126 /*
127 * Compute master secret.
128 */
129 br_ssl_engine_compute_master(&ctx->eng, prf_id, epms, 48);
130
131 /*
132 * Clear the pre-master secret from RAM: it is normally a buffer
133 * in the context, hence potentially long-lived.
134 */
135 memset(epms, 0, len);
136 }
137
138 /*
139 * Common part for ECDH and ECDHE.
140 */
141 static void
142 ecdh_common(br_ssl_server_context *ctx, int prf_id,
143 unsigned char *xcoor, size_t xcoor_len, uint32_t ctl)
144 {
145 unsigned char rpms[80];
146
147 if (xcoor_len > sizeof rpms) {
148 xcoor_len = sizeof rpms;
149 ctl = 0;
150 }
151
152 /*
153 * Make a random PMS and copy it above the decrypted value if the
154 * decryption failed. Note that we use a constant-time conditional
155 * copy.
156 */
157 br_hmac_drbg_generate(&ctx->eng.rng, rpms, xcoor_len);
158 br_ccopy(ctl ^ 1, xcoor, rpms, xcoor_len);
159
160 /*
161 * Compute master secret.
162 */
163 br_ssl_engine_compute_master(&ctx->eng, prf_id, xcoor, xcoor_len);
164
165 /*
166 * Clear the pre-master secret from RAM: it is normally a buffer
167 * in the context, hence potentially long-lived.
168 */
169 memset(xcoor, 0, xcoor_len);
170 }
171
172 /*
173 * Do the ECDH key exchange (not ECDHE).
174 */
175 static void
176 do_ecdh(br_ssl_server_context *ctx, int prf_id,
177 unsigned char *cpoint, size_t cpoint_len)
178 {
179 uint32_t x;
180
181 /*
182 * Finalise the key exchange.
183 */
184 x = (*ctx->policy_vtable)->do_keyx(ctx->policy_vtable,
185 cpoint, &cpoint_len);
186 ecdh_common(ctx, prf_id, cpoint, cpoint_len, x);
187 }
188
189 /*
190 * Do the full static ECDH key exchange. When this function is called,
191 * it has already been verified that the cipher suite uses ECDH (not ECDHE),
192 * and the client's public key (from its certificate) has type EC and is
193 * apt for key exchange.
194 */
195 static void
196 do_static_ecdh(br_ssl_server_context *ctx, int prf_id)
197 {
198 unsigned char cpoint[133];
199 size_t cpoint_len;
200 const br_x509_class **xc;
201 const br_x509_pkey *pk;
202
203 xc = ctx->eng.x509ctx;
204 pk = (*xc)->get_pkey(xc, NULL);
205 cpoint_len = pk->key.ec.qlen;
206 if (cpoint_len > sizeof cpoint) {
207 /*
208 * If the point is larger than our buffer then we need to
209 * restrict it. Length 2 is not a valid point length, so
210 * the ECDH will fail.
211 */
212 cpoint_len = 2;
213 }
214 memcpy(cpoint, pk->key.ec.q, cpoint_len);
215 do_ecdh(ctx, prf_id, cpoint, cpoint_len);
216 }
217
218 static size_t
219 hash_data(br_ssl_server_context *ctx,
220 void *dst, int hash_id, const void *src, size_t len)
221 {
222 const br_hash_class *hf;
223 br_hash_compat_context hc;
224
225 if (hash_id == 0) {
226 unsigned char tmp[36];
227
228 hf = br_multihash_getimpl(&ctx->eng.mhash, br_md5_ID);
229 if (hf == NULL) {
230 return 0;
231 }
232 hf->init(&hc.vtable);
233 hf->update(&hc.vtable, src, len);
234 hf->out(&hc.vtable, tmp);
235 hf = br_multihash_getimpl(&ctx->eng.mhash, br_sha1_ID);
236 if (hf == NULL) {
237 return 0;
238 }
239 hf->init(&hc.vtable);
240 hf->update(&hc.vtable, src, len);
241 hf->out(&hc.vtable, tmp + 16);
242 memcpy(dst, tmp, 36);
243 return 36;
244 } else {
245 hf = br_multihash_getimpl(&ctx->eng.mhash, hash_id);
246 if (hf == NULL) {
247 return 0;
248 }
249 hf->init(&hc.vtable);
250 hf->update(&hc.vtable, src, len);
251 hf->out(&hc.vtable, dst);
252 return (hf->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK;
253 }
254 }
255
256 /*
257 * Do the ECDHE key exchange (part 1: generation of transient key, and
258 * computing of the point to send to the client). Returned value is the
259 * signature length (in bytes), or -x on error (with x being an error
260 * code). The encoded point is written in the ecdhe_point[] context buffer
261 * (length in ecdhe_point_len).
262 */
263 static int
264 do_ecdhe_part1(br_ssl_server_context *ctx, int curve)
265 {
266 unsigned algo_id;
267 unsigned mask;
268 const unsigned char *order;
269 size_t olen, glen;
270 size_t hv_len, sig_len;
271
272 if (!((ctx->eng.iec->supported_curves >> curve) & 1)) {
273 return -BR_ERR_INVALID_ALGORITHM;
274 }
275 ctx->eng.ecdhe_curve = curve;
276
277 /*
278 * Generate our private key. We need a non-zero random value
279 * which is lower than the curve order, in a "large enough"
280 * range. We force the top bit to 0 and bottom bit to 1, which
281 * does the trick. Note that contrary to what happens in ECDSA,
282 * this is not a problem if we do not cover the full range of
283 * possible values.
284 */
285 order = ctx->eng.iec->order(curve, &olen);
286 mask = 0xFF;
287 while (mask >= order[0]) {
288 mask >>= 1;
289 }
290 br_hmac_drbg_generate(&ctx->eng.rng, ctx->ecdhe_key, olen);
291 ctx->ecdhe_key[0] &= mask;
292 ctx->ecdhe_key[olen - 1] |= 0x01;
293 ctx->ecdhe_key_len = olen;
294
295 /*
296 * Compute our ECDH point.
297 */
298 glen = ctx->eng.iec->mulgen(ctx->eng.ecdhe_point,
299 ctx->ecdhe_key, olen, curve);
300 ctx->eng.ecdhe_point_len = glen;
301
302 /*
303 * Assemble the message to be signed, and possibly hash it.
304 */
305 memcpy(ctx->eng.pad, ctx->eng.client_random, 32);
306 memcpy(ctx->eng.pad + 32, ctx->eng.server_random, 32);
307 ctx->eng.pad[64 + 0] = 0x03;
308 ctx->eng.pad[64 + 1] = 0x00;
309 ctx->eng.pad[64 + 2] = curve;
310 ctx->eng.pad[64 + 3] = ctx->eng.ecdhe_point_len;
311 memcpy(ctx->eng.pad + 64 + 4,
312 ctx->eng.ecdhe_point, ctx->eng.ecdhe_point_len);
313 hv_len = 64 + 4 + ctx->eng.ecdhe_point_len;
314 algo_id = ctx->sign_hash_id;
315 if (algo_id >= (unsigned)0xFF00) {
316 hv_len = hash_data(ctx, ctx->eng.pad, algo_id & 0xFF,
317 ctx->eng.pad, hv_len);
318 if (hv_len == 0) {
319 return -BR_ERR_INVALID_ALGORITHM;
320 }
321 }
322
323 sig_len = (*ctx->policy_vtable)->do_sign(ctx->policy_vtable,
324 algo_id, ctx->eng.pad, hv_len, sizeof ctx->eng.pad);
325 return sig_len ? (int)sig_len : -BR_ERR_INVALID_ALGORITHM;
326 }
327
328 /*
329 * Do the ECDHE key exchange (part 2: computation of the shared secret
330 * from the point sent by the client).
331 */
332 static void
333 do_ecdhe_part2(br_ssl_server_context *ctx, int prf_id,
334 unsigned char *cpoint, size_t cpoint_len)
335 {
336 int curve;
337 uint32_t ctl;
338 size_t xoff, xlen;
339
340 curve = ctx->eng.ecdhe_curve;
341
342 /*
343 * Finalise the key exchange.
344 */
345 ctl = ctx->eng.iec->mul(cpoint, cpoint_len,
346 ctx->ecdhe_key, ctx->ecdhe_key_len, curve);
347 xoff = ctx->eng.iec->xoff(curve, &xlen);
348 ecdh_common(ctx, prf_id, cpoint + xoff, xlen, ctl);
349
350 /*
351 * Clear the ECDHE private key. Forward Secrecy is achieved insofar
352 * as that key does not get stolen, so we'd better destroy it
353 * as soon as it ceases to be useful.
354 */
355 memset(ctx->ecdhe_key, 0, ctx->ecdhe_key_len);
356 }
357
358 /*
359 * Offset for hash value within the pad (when obtaining all hash values,
360 * in preparation for verification of the CertificateVerify message).
361 * Order is MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; last value
362 * is used to get the total length.
363 */
364 static const unsigned char HASH_PAD_OFF[] = { 0, 16, 36, 64, 96, 144, 208 };
365
366 /*
367 * OID for hash functions in RSA signatures.
368 */
369 static const unsigned char HASH_OID_SHA1[] = {
370 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
371 };
372
373 static const unsigned char HASH_OID_SHA224[] = {
374 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
375 };
376
377 static const unsigned char HASH_OID_SHA256[] = {
378 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
379 };
380
381 static const unsigned char HASH_OID_SHA384[] = {
382 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
383 };
384
385 static const unsigned char HASH_OID_SHA512[] = {
386 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
387 };
388
389 static const unsigned char *HASH_OID[] = {
390 HASH_OID_SHA1,
391 HASH_OID_SHA224,
392 HASH_OID_SHA256,
393 HASH_OID_SHA384,
394 HASH_OID_SHA512
395 };
396
397 /*
398 * Verify the signature in CertificateVerify. Returned value is 0 on
399 * success, or a non-zero error code. Lack of implementation of the
400 * designated signature algorithm is reported as a "bad signature"
401 * error (because it means that the peer did not honour our advertised
402 * set of supported signature algorithms).
403 */
404 static int
405 verify_CV_sig(br_ssl_server_context *ctx, size_t sig_len)
406 {
407 const br_x509_class **xc;
408 const br_x509_pkey *pk;
409 int id;
410
411 id = ctx->hash_CV_id;
412 xc = ctx->eng.x509ctx;
413 pk = (*xc)->get_pkey(xc, NULL);
414 if (pk->key_type == BR_KEYTYPE_RSA) {
415 unsigned char tmp[64];
416 const unsigned char *hash_oid;
417
418 if (id == 0) {
419 hash_oid = NULL;
420 } else {
421 hash_oid = HASH_OID[id - 2];
422 }
423 if (ctx->eng.irsavrfy == 0) {
424 return BR_ERR_BAD_SIGNATURE;
425 }
426 if (!ctx->eng.irsavrfy(ctx->eng.pad, sig_len,
427 hash_oid, ctx->hash_CV_len, &pk->key.rsa, tmp)
428 || memcmp(tmp, ctx->hash_CV, ctx->hash_CV_len) != 0)
429 {
430 return BR_ERR_BAD_SIGNATURE;
431 }
432 } else {
433 if (ctx->eng.iecdsa == 0) {
434 return BR_ERR_BAD_SIGNATURE;
435 }
436 if (!ctx->eng.iecdsa(ctx->eng.iec,
437 ctx->hash_CV, ctx->hash_CV_len,
438 &pk->key.ec, ctx->eng.pad, sig_len))
439 {
440 return BR_ERR_BAD_SIGNATURE;
441 }
442 }
443 return 0;
444 }
445
446
447
448 static const unsigned char t0_datablock[] = {
449 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
450 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
451 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
452 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
453 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
454 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
455 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
456 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
457 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
458 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
459 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
460 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xC0, 0x9C, 0x06,
461 0x04, 0xC0, 0x9D, 0x07, 0x04, 0xC0, 0xA0, 0x08, 0x04, 0xC0, 0xA1, 0x09,
462 0x04, 0xC0, 0xAC, 0x26, 0x04, 0xC0, 0xAD, 0x27, 0x04, 0xC0, 0xAE, 0x28,
463 0x04, 0xC0, 0xAF, 0x29, 0x04, 0xCC, 0xA8, 0x15, 0x04, 0xCC, 0xA9, 0x25,
464 0x04, 0x00, 0x00
465 };
466
467 static const unsigned char t0_codeblock[] = {
468 0x00, 0x01, 0x00, 0x0B, 0x00, 0x00, 0x01, 0x00, 0x0E, 0x00, 0x00, 0x01,
469 0x00, 0x0F, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x01, 0x08,
470 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
471 0x01, 0x02, 0x09, 0x00, 0x00, 0x29, 0x29, 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_BAD_CCS), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_BAD_FINISHED), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_BAD_FRAGLEN), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_BAD_HANDSHAKE), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_BAD_PARAM), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_BAD_SECRENEG), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_BAD_SIGNATURE), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_BAD_VERSION), 0x00, 0x00, 0x01,
480 T0_INT1(BR_ERR_INVALID_ALGORITHM), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,
482 T0_INT1(BR_ERR_NO_CLIENT_AUTH), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK),
483 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID), 0x00, 0x00, 0x01,
484 T0_INT1(BR_ERR_UNEXPECTED), 0x00, 0x00, 0x01,
485 T0_INT1(BR_ERR_WRONG_KEY_USAGE), 0x00, 0x00, 0x01,
486 T0_INT2(offsetof(br_ssl_engine_context, action)), 0x00, 0x00, 0x01,
487 T0_INT2(offsetof(br_ssl_engine_context, alert)), 0x00, 0x00, 0x01,
488 T0_INT2(offsetof(br_ssl_engine_context, application_data)), 0x00, 0x00,
489 0x01,
490 T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, cipher_suite)),
491 0x00, 0x00, 0x01,
492 T0_INT2(offsetof(br_ssl_server_context, client_max_version)), 0x00,
493 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, client_random)),
494 0x00, 0x00, 0x01,
495 T0_INT2(offsetof(br_ssl_server_context, client_suites)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(br_ssl_server_context, client_suites_num)),
497 0x00, 0x00, 0x01,
498 T0_INT2(offsetof(br_ssl_engine_context, close_received)), 0x00, 0x00,
499 0x01, T0_INT2(offsetof(br_ssl_server_context, curves)), 0x00, 0x00,
500 0x01, T0_INT2(offsetof(br_ssl_engine_context, ecdhe_point)), 0x00,
501 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, ecdhe_point_len)),
502 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, flags)),
503 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_server_context, hashes)),
504 0x00, 0x00, 0x7B, 0x01,
505 T0_INT2(BR_MAX_CIPHER_SUITES * sizeof(br_suite_translated)), 0x00,
506 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, log_max_frag_len)),
507 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, pad)), 0x00,
508 0x00, 0x01,
509 T0_INT2(offsetof(br_ssl_engine_context, peer_log_max_frag_len)), 0x00,
510 0x00, 0x01,
511 T0_INT2(offsetof(br_ssl_engine_context, protocol_names_num)), 0x00,
512 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, record_type_in)),
513 0x00, 0x00, 0x01,
514 T0_INT2(offsetof(br_ssl_engine_context, record_type_out)), 0x00, 0x00,
515 0x01, T0_INT2(offsetof(br_ssl_engine_context, reneg)), 0x00, 0x00,
516 0x01, T0_INT2(offsetof(br_ssl_engine_context, saved_finished)), 0x00,
517 0x00, 0x01,
518 T0_INT2(offsetof(br_ssl_engine_context, selected_protocol)), 0x00,
519 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, server_name)),
520 0x00, 0x00, 0x01,
521 T0_INT2(offsetof(br_ssl_engine_context, server_random)), 0x00, 0x00,
522 0x01,
523 T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, session_id)),
524 0x00, 0x00, 0x01,
525 T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, session_id_len)),
526 0x00, 0x00, 0x01,
527 T0_INT2(offsetof(br_ssl_engine_context, shutdown_recv)), 0x00, 0x00,
528 0x01, T0_INT2(offsetof(br_ssl_server_context, sign_hash_id)), 0x00,
529 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, suites_buf)), 0x00,
530 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, suites_num)), 0x00,
531 0x00, 0x01,
532 T0_INT2(offsetof(br_ssl_engine_context, session) + offsetof(br_ssl_session_parameters, version)),
533 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_in)),
534 0x00, 0x00, 0x01,
535 T0_INT2(offsetof(br_ssl_engine_context, version_max)), 0x00, 0x00,
536 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_min)), 0x00,
537 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context, version_out)),
538 0x00, 0x00, 0x09, 0x2A, 0x5D, 0x06, 0x02, 0x6A, 0x2B, 0x00, 0x00, 0x01,
539 0x01, 0x00, 0x01, 0x03, 0x00, 0x9B, 0x2A, 0x63, 0x47, 0x9F, 0x2A, 0x05,
540 0x04, 0x65, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0F, 0x06, 0x02, 0x9F, 0x00,
541 0x63, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x6A, 0x2B, 0x00, 0x00, 0x2A, 0x8B,
542 0x47, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x47, 0x78, 0x2E, 0xA8, 0x1C, 0x85,
543 0x01, 0x0C, 0x33, 0x00, 0x00, 0x2A, 0x22, 0x01, 0x08, 0x0C, 0x47, 0x61,
544 0x22, 0x08, 0x00, 0x01, 0x03, 0x00, 0x77, 0x30, 0x02, 0x00, 0x38, 0x13,
545 0x01, 0x01, 0x0C, 0x77, 0x42, 0x2C, 0x19, 0x38, 0x06, 0x07, 0x02, 0x00,
546 0xD0, 0x03, 0x00, 0x04, 0x75, 0x01, 0x00, 0xC7, 0x02, 0x00, 0x2A, 0x19,
547 0x13, 0x06, 0x02, 0x71, 0x2B, 0xD0, 0x04, 0x76, 0x00, 0x01, 0x00, 0x77,
548 0x42, 0x01, 0x16, 0x89, 0x42, 0x01, 0x00, 0x8C, 0x40, 0x36, 0xB1, 0x35,
549 0x06, 0x02, 0x73, 0x2B, 0x06, 0x0A, 0xD7, 0x01, 0x00, 0xD3, 0x01, 0x00,
550 0xAD, 0x04, 0x80, 0x46, 0xD7, 0xD4, 0x29, 0xD9, 0x50, 0x06, 0x01, 0xD5,
551 0xD8, 0x2C, 0x50, 0x06, 0x31, 0x01, 0x00, 0xAE, 0x2A, 0x5D, 0x06, 0x0F,
552 0x01, 0x02, 0xA4, 0x05, 0x02, 0x37, 0x2B, 0x29, 0xB2, 0xB0, 0x2A, 0xC9,
553 0x29, 0x04, 0x19, 0x2A, 0x5F, 0x06, 0x0B, 0x29, 0x01, 0x02, 0xA4, 0x05,
554 0x02, 0x70, 0x2B, 0xB2, 0x04, 0x0A, 0xB4, 0x2A, 0x05, 0x04, 0x29, 0xAB,
555 0x04, 0x02, 0xB3, 0xAF, 0x04, 0x01, 0xB2, 0x01, 0x00, 0xAD, 0x01, 0x00,
556 0xD3, 0x3E, 0x01, 0x01, 0x77, 0x42, 0x01, 0x17, 0x89, 0x42, 0x00, 0x00,
557 0x3A, 0x3A, 0x00, 0x01, 0x03, 0x00, 0x2C, 0x19, 0x38, 0x06, 0x04, 0xCF,
558 0x29, 0x04, 0x78, 0x01, 0x02, 0x02, 0x00, 0xC6, 0x19, 0x38, 0x06, 0x04,
559 0xCF, 0x29, 0x04, 0x78, 0x02, 0x00, 0x01, 0x84, 0x00, 0x08, 0x2B, 0x00,
560 0x00, 0x81, 0x2F, 0x47, 0x12, 0x01, 0x01, 0x13, 0x37, 0x00, 0x00, 0x2A,
561 0x05, 0x04, 0x29, 0x01, 0x7F, 0x00, 0x01, 0x00, 0xA2, 0x12, 0x01, 0x01,
562 0x13, 0x5F, 0x06, 0x03, 0x61, 0x04, 0x75, 0x47, 0x29, 0x00, 0x00, 0x01,
563 0x7F, 0xA1, 0xCF, 0x2A, 0x01, 0x07, 0x13, 0x01, 0x00, 0x3A, 0x0F, 0x06,
564 0x0D, 0x29, 0x01, 0x10, 0x13, 0x06, 0x05, 0x01, 0x00, 0x77, 0x42, 0xC5,
565 0x04, 0x33, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x2A, 0x29, 0x29, 0x8A, 0x30,
566 0x01, 0x01, 0x0F, 0x01, 0x01, 0xA4, 0x39, 0x06, 0x18, 0xC8, 0x2C, 0x19,
567 0x38, 0x06, 0x04, 0xCF, 0x29, 0x04, 0x78, 0x01, 0x80, 0x64, 0xC7, 0x01,
568 0x01, 0x77, 0x42, 0x01, 0x17, 0x89, 0x42, 0x04, 0x03, 0x01, 0x00, 0xA1,
569 0x04, 0x03, 0x73, 0x2B, 0x29, 0x04, 0xFF, 0x32, 0x01, 0x2A, 0x03, 0x00,
570 0x09, 0x2A, 0x5D, 0x06, 0x02, 0x6A, 0x2B, 0x02, 0x00, 0x00, 0x00, 0x9C,
571 0x01, 0x0F, 0x13, 0x00, 0x00, 0x76, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06,
572 0x10, 0x29, 0x2A, 0x01, 0x01, 0x0E, 0x06, 0x03, 0x29, 0x01, 0x02, 0x76,
573 0x42, 0x01, 0x00, 0x04, 0x21, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x14, 0x29,
574 0x01, 0x00, 0x76, 0x42, 0x2A, 0x01, 0x80, 0x64, 0x0F, 0x06, 0x05, 0x01,
575 0x82, 0x00, 0x08, 0x2B, 0x5F, 0x04, 0x07, 0x29, 0x01, 0x82, 0x00, 0x08,
576 0x2B, 0x29, 0x00, 0x00, 0x01, 0x00, 0x31, 0x06, 0x05, 0x3D, 0xA9, 0x39,
577 0x04, 0x78, 0x2A, 0x06, 0x04, 0x01, 0x01, 0x91, 0x42, 0x00, 0x00, 0x01,
578 0x1F, 0x13, 0x01, 0x12, 0x0F, 0x05, 0x02, 0x74, 0x2B, 0x78, 0x2E, 0x2A,
579 0xCB, 0x05, 0x02, 0x73, 0x2B, 0xA8, 0x28, 0x00, 0x02, 0x87, 0x2E, 0x05,
580 0x02, 0xBC, 0x00, 0xC0, 0xA7, 0xC0, 0xA7, 0x01, 0x7E, 0x03, 0x00, 0x2A,
581 0x06, 0x17, 0xC2, 0x2A, 0x03, 0x01, 0x85, 0x47, 0xB6, 0x02, 0x01, 0x51,
582 0x2A, 0x02, 0x00, 0x53, 0x06, 0x04, 0x03, 0x00, 0x04, 0x01, 0x29, 0x04,
583 0x66, 0x9D, 0x9D, 0x02, 0x00, 0x61, 0x8C, 0x40, 0x00, 0x00, 0x31, 0x06,
584 0x0B, 0x88, 0x30, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x73, 0x2B, 0x04, 0x11,
585 0xCF, 0x01, 0x07, 0x13, 0x2A, 0x01, 0x02, 0x0E, 0x06, 0x06, 0x06, 0x02,
586 0x73, 0x2B, 0x04, 0x70, 0x29, 0xC3, 0x01, 0x01, 0x0E, 0x35, 0x39, 0x06,
587 0x02, 0x66, 0x2B, 0x2A, 0x01, 0x01, 0xCA, 0x38, 0xB5, 0x00, 0x01, 0xBA,
588 0x01, 0x0B, 0x0F, 0x05, 0x02, 0x73, 0x2B, 0x2A, 0x01, 0x03, 0x0F, 0x06,
589 0x08, 0xC1, 0x06, 0x02, 0x6A, 0x2B, 0x47, 0x29, 0x00, 0x47, 0x5C, 0xC1,
590 0xA7, 0x2A, 0x06, 0x23, 0xC1, 0xA7, 0x2A, 0x5B, 0x2A, 0x06, 0x18, 0x2A,
591 0x01, 0x82, 0x00, 0x10, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x2A,
592 0x03, 0x00, 0x85, 0x02, 0x00, 0xB6, 0x02, 0x00, 0x58, 0x04, 0x65, 0x9D,
593 0x59, 0x04, 0x5A, 0x9D, 0x9D, 0x5A, 0x2A, 0x06, 0x02, 0x37, 0x00, 0x29,
594 0x2D, 0x00, 0x02, 0x2A, 0x01, 0x20, 0x13, 0x05, 0x02, 0x74, 0x2B, 0x01,
595 0x0F, 0x13, 0x03, 0x00, 0xB0, 0x95, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06,
596 0x23, 0xC0, 0x2A, 0x01, 0x81, 0x7F, 0x13, 0x61, 0x01, 0x01, 0x12, 0x02,
597 0x00, 0x0F, 0x05, 0x02, 0x6C, 0x2B, 0x01, 0x08, 0x12, 0x2A, 0x01, 0x02,
598 0x0B, 0x3A, 0x01, 0x06, 0x10, 0x39, 0x06, 0x02, 0x6E, 0x2B, 0x04, 0x0D,
599 0x02, 0x00, 0x01, 0x01, 0x0F, 0x06, 0x04, 0x01, 0x00, 0x04, 0x02, 0x01,
600 0x02, 0x20, 0x05, 0x02, 0x6E, 0x2B, 0xC0, 0x2A, 0x03, 0x01, 0x2A, 0x01,
601 0x84, 0x00, 0x10, 0x06, 0x02, 0x6F, 0x2B, 0x85, 0x47, 0xB6, 0x02, 0x01,
602 0x55, 0x2A, 0x06, 0x01, 0x2B, 0x29, 0x9D, 0x00, 0x00, 0x1D, 0xBA, 0x01,
603 0x0F, 0x0F, 0x05, 0x02, 0x73, 0x2B, 0x00, 0x0A, 0xBA, 0x01, 0x01, 0x0F,
604 0x05, 0x02, 0x73, 0x2B, 0xC0, 0x2A, 0x03, 0x00, 0x79, 0x40, 0x7A, 0x01,
605 0x20, 0xB6, 0xC2, 0x2A, 0x01, 0x20, 0x10, 0x06, 0x02, 0x72, 0x2B, 0x2A,
606 0x90, 0x42, 0x8F, 0x47, 0xB6, 0x1A, 0x03, 0x01, 0xC0, 0xA7, 0x01, 0x00,
607 0x03, 0x02, 0x01, 0x00, 0x03, 0x03, 0x83, 0xA2, 0x17, 0x3A, 0x08, 0x03,
608 0x04, 0x03, 0x05, 0x2A, 0x06, 0x80, 0x6D, 0xC0, 0x2A, 0x03, 0x06, 0x02,
609 0x01, 0x06, 0x0A, 0x2A, 0x78, 0x2E, 0x0F, 0x06, 0x04, 0x01, 0x7F, 0x03,
610 0x03, 0x2A, 0x01, 0x81, 0x7F, 0x0F, 0x06, 0x0A, 0x8A, 0x30, 0x06, 0x02,
611 0x6B, 0x2B, 0x01, 0x7F, 0x03, 0x02, 0x2A, 0x01, 0x81, 0xAC, 0x00, 0x0F,
612 0x06, 0x11, 0x02, 0x00, 0x98, 0x2E, 0x11, 0x02, 0x00, 0x97, 0x2E, 0x0B,
613 0x13, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0xC4, 0x2A, 0x5D, 0x06, 0x03,
614 0x29, 0x04, 0x26, 0x01, 0x00, 0xA4, 0x06, 0x0B, 0x01, 0x02, 0x0C, 0x7B,
615 0x08, 0x02, 0x06, 0x47, 0x40, 0x04, 0x16, 0x29, 0x02, 0x05, 0x02, 0x04,
616 0x11, 0x06, 0x02, 0x69, 0x2B, 0x02, 0x06, 0x02, 0x05, 0x40, 0x02, 0x05,
617 0x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0xFF, 0x0F, 0x29, 0x01, 0x00, 0x03,
618 0x07, 0xC2, 0xA7, 0x2A, 0x06, 0x09, 0xC2, 0x05, 0x04, 0x01, 0x7F, 0x03,
619 0x07, 0x04, 0x74, 0x9D, 0x01, 0x00, 0x8D, 0x42, 0x01, 0x88, 0x04, 0x82,
620 0x41, 0x01, 0x84, 0x80, 0x80, 0x00, 0x7E, 0x41, 0x2A, 0x06, 0x80, 0x4E,
621 0xC0, 0xA7, 0x2A, 0x06, 0x80, 0x47, 0xC0, 0x01, 0x00, 0x3A, 0x0F, 0x06,
622 0x04, 0x29, 0xB9, 0x04, 0x39, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x04, 0x29,
623 0xB7, 0x04, 0x2F, 0x01, 0x83, 0xFE, 0x01, 0x3A, 0x0F, 0x06, 0x04, 0x29,
624 0xB8, 0x04, 0x23, 0x01, 0x0D, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBE, 0x04,
625 0x19, 0x01, 0x0A, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xBF, 0x04, 0x0F, 0x01,
626 0x10, 0x3A, 0x0F, 0x06, 0x04, 0x29, 0xAC, 0x04, 0x05, 0x29, 0xBC, 0x01,
627 0x00, 0x29, 0x04, 0xFF, 0x35, 0x9D, 0x9D, 0x02, 0x01, 0x02, 0x03, 0x13,
628 0x03, 0x01, 0x02, 0x00, 0x5D, 0x06, 0x08, 0x79, 0x2E, 0x99, 0x40, 0x01,
629 0x80, 0x56, 0xA3, 0x97, 0x2E, 0x2A, 0x02, 0x00, 0x10, 0x06, 0x03, 0x29,
630 0x02, 0x00, 0x2A, 0x01, 0x86, 0x00, 0x0B, 0x06, 0x02, 0x6D, 0x2B, 0x02,
631 0x00, 0x98, 0x2E, 0x0B, 0x06, 0x04, 0x01, 0x80, 0x46, 0xA3, 0x02, 0x01,
632 0x06, 0x10, 0x95, 0x2E, 0x02, 0x00, 0x0D, 0x06, 0x05, 0x29, 0x95, 0x2E,
633 0x04, 0x04, 0x01, 0x00, 0x03, 0x01, 0x2A, 0x95, 0x40, 0x2A, 0x96, 0x40,
634 0x2A, 0x99, 0x40, 0x01, 0x86, 0x03, 0x11, 0x03, 0x08, 0x02, 0x02, 0x06,
635 0x04, 0x01, 0x02, 0x8A, 0x42, 0x8A, 0x30, 0x05, 0x04, 0x01, 0x01, 0x8A,
636 0x42, 0x02, 0x07, 0x05, 0x03, 0x01, 0x28, 0xA3, 0x44, 0x29, 0x01, 0x82,
637 0x01, 0x07, 0x01, 0xFC, 0x80, 0x00, 0x39, 0x82, 0x2F, 0x13, 0x2A, 0x82,
638 0x41, 0x2A, 0x01, 0x81, 0x7F, 0x13, 0x5E, 0x37, 0x47, 0x01, 0x08, 0x12,
639 0x5E, 0x01, 0x02, 0x13, 0x39, 0x01, 0x0C, 0x0C, 0x03, 0x09, 0x7E, 0x2F,
640 0x43, 0x13, 0x2A, 0x7E, 0x41, 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02,
641 0x01, 0x06, 0x03, 0x01, 0x7F, 0x00, 0x8F, 0x01, 0x20, 0x34, 0x01, 0x20,
642 0x90, 0x42, 0x7B, 0x2A, 0x03, 0x05, 0x2A, 0x02, 0x04, 0x0B, 0x06, 0x80,
643 0x49, 0x2A, 0x2E, 0x2A, 0x9C, 0x2A, 0x01, 0x0C, 0x12, 0x2A, 0x01, 0x01,
644 0x0F, 0x47, 0x01, 0x02, 0x0F, 0x39, 0x06, 0x0A, 0x2A, 0x02, 0x09, 0x13,
645 0x05, 0x04, 0x65, 0x01, 0x00, 0x2A, 0x02, 0x08, 0x05, 0x0E, 0x2A, 0x01,
646 0x81, 0x70, 0x13, 0x01, 0x20, 0x0E, 0x06, 0x04, 0x65, 0x01, 0x00, 0x2A,
647 0x2A, 0x06, 0x10, 0x02, 0x05, 0x63, 0x40, 0x02, 0x05, 0x40, 0x02, 0x05,
648 0x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0x01, 0x65, 0x01, 0x04, 0x08, 0x04,
649 0xFF, 0x30, 0x29, 0x02, 0x05, 0x7B, 0x09, 0x01, 0x02, 0x12, 0x2A, 0x05,
650 0x03, 0x01, 0x28, 0xA3, 0x7C, 0x42, 0x8C, 0x2E, 0x01, 0x83, 0xFF, 0x7F,
651 0x0F, 0x06, 0x0D, 0x01, 0x03, 0xA4, 0x06, 0x04, 0x01, 0x80, 0x78, 0xA3,
652 0x01, 0x00, 0x8C, 0x40, 0x18, 0x05, 0x03, 0x01, 0x28, 0xA3, 0x01, 0x00,
653 0x00, 0x00, 0xB4, 0xB3, 0x00, 0x04, 0x78, 0x2E, 0xCE, 0x06, 0x16, 0xC0,
654 0x2A, 0x01, 0x84, 0x00, 0x10, 0x06, 0x02, 0x6F, 0x2B, 0x2A, 0x03, 0x00,
655 0x85, 0x47, 0xB6, 0x02, 0x00, 0x78, 0x2E, 0xA8, 0x27, 0x78, 0x2E, 0x2A,
656 0xCC, 0x47, 0xCB, 0x03, 0x01, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x39,
657 0x06, 0x14, 0xC2, 0x2A, 0x03, 0x03, 0x85, 0x47, 0xB6, 0x02, 0x03, 0x78,
658 0x2E, 0xA8, 0x02, 0x02, 0x06, 0x03, 0x26, 0x04, 0x01, 0x24, 0x9D, 0x00,
659 0x00, 0xBA, 0x01, 0x10, 0x0F, 0x05, 0x02, 0x73, 0x2B, 0x00, 0x00, 0x9E,
660 0xBA, 0x01, 0x14, 0x0E, 0x06, 0x02, 0x73, 0x2B, 0x85, 0x01, 0x0C, 0x08,
661 0x01, 0x0C, 0xB6, 0x9D, 0x85, 0x2A, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x32,
662 0x05, 0x02, 0x67, 0x2B, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x02, 0x00,
663 0x9A, 0x02, 0x01, 0x02, 0x00, 0x3C, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02,
664 0x65, 0x00, 0xD1, 0x04, 0x74, 0x00, 0xC0, 0x01, 0x01, 0x0E, 0x06, 0x02,
665 0x68, 0x2B, 0xC2, 0x2A, 0x2A, 0x5F, 0x47, 0x01, 0x05, 0x11, 0x39, 0x06,
666 0x02, 0x68, 0x2B, 0x01, 0x08, 0x08, 0x2A, 0x84, 0x30, 0x0B, 0x06, 0x0D,
667 0x2A, 0x01, 0x01, 0x47, 0x0C, 0x3F, 0x2A, 0x84, 0x42, 0x86, 0x42, 0x04,
668 0x01, 0x29, 0x00, 0x00, 0xC0, 0x8A, 0x30, 0x01, 0x00, 0x3A, 0x0F, 0x06,
669 0x13, 0x29, 0x01, 0x01, 0x0F, 0x05, 0x02, 0x6B, 0x2B, 0xC2, 0x06, 0x02,
670 0x6B, 0x2B, 0x01, 0x02, 0x8A, 0x42, 0x04, 0x28, 0x01, 0x02, 0x3A, 0x0F,
671 0x06, 0x1F, 0x29, 0x01, 0x0D, 0x0F, 0x05, 0x02, 0x6B, 0x2B, 0xC2, 0x01,
672 0x0C, 0x0F, 0x05, 0x02, 0x6B, 0x2B, 0x85, 0x01, 0x0C, 0xB6, 0x8B, 0x85,
673 0x01, 0x0C, 0x32, 0x05, 0x02, 0x6B, 0x2B, 0x04, 0x03, 0x6B, 0x2B, 0x29,
674 0x00, 0x00, 0xC0, 0xA7, 0xC0, 0xA7, 0x2A, 0x06, 0x1D, 0xC2, 0x06, 0x03,
675 0xBC, 0x04, 0x15, 0xC0, 0x2A, 0x01, 0x81, 0x7F, 0x0D, 0x06, 0x0C, 0x2A,
676 0x8D, 0x08, 0x01, 0x00, 0x47, 0x42, 0x8D, 0x47, 0xB6, 0x04, 0x01, 0xC9,
677 0x04, 0x60, 0x9D, 0x9D, 0x00, 0x00, 0xBB, 0x2A, 0x5F, 0x06, 0x07, 0x29,
678 0x06, 0x02, 0x69, 0x2B, 0x04, 0x74, 0x00, 0x00, 0xC3, 0x01, 0x03, 0xC1,
679 0x47, 0x29, 0x47, 0x00, 0x00, 0xC0, 0xC9, 0x00, 0x03, 0x01, 0x00, 0x03,
680 0x00, 0xC0, 0xA7, 0x2A, 0x06, 0x80, 0x50, 0xC2, 0x03, 0x01, 0xC2, 0x03,
681 0x02, 0x02, 0x01, 0x01, 0x08, 0x0F, 0x06, 0x16, 0x02, 0x02, 0x01, 0x0F,
682 0x0D, 0x06, 0x0D, 0x01, 0x01, 0x02, 0x02, 0x01, 0x10, 0x08, 0x0C, 0x02,
683 0x00, 0x39, 0x03, 0x00, 0x04, 0x2A, 0x02, 0x01, 0x01, 0x02, 0x11, 0x02,
684 0x01, 0x01, 0x06, 0x0D, 0x13, 0x02, 0x02, 0x01, 0x01, 0x0F, 0x02, 0x02,
685 0x01, 0x03, 0x0F, 0x39, 0x13, 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02,
686 0x02, 0x62, 0x01, 0x02, 0x0C, 0x02, 0x01, 0x08, 0x0C, 0x39, 0x03, 0x00,
687 0x04, 0xFF, 0x2C, 0x9D, 0x02, 0x00, 0x00, 0x00, 0xC0, 0xA7, 0xBD, 0x82,
688 0x41, 0x9D, 0x00, 0x00, 0xC0, 0xA7, 0xC0, 0xA7, 0x01, 0x00, 0x7E, 0x41,
689 0x2A, 0x06, 0x15, 0xC0, 0x2A, 0x01, 0x20, 0x0B, 0x06, 0x0B, 0x01, 0x01,
690 0x47, 0x0C, 0x7E, 0x2F, 0x39, 0x7E, 0x41, 0x04, 0x01, 0x29, 0x04, 0x68,
691 0x9D, 0x9D, 0x00, 0x00, 0x01, 0x02, 0x9A, 0xC3, 0x01, 0x08, 0x0C, 0xC3,
692 0x08, 0x00, 0x00, 0x01, 0x03, 0x9A, 0xC3, 0x01, 0x08, 0x0C, 0xC3, 0x08,
693 0x01, 0x08, 0x0C, 0xC3, 0x08, 0x00, 0x00, 0x01, 0x01, 0x9A, 0xC3, 0x00,
694 0x00, 0x3D, 0x2A, 0x5D, 0x05, 0x01, 0x00, 0x29, 0xD1, 0x04, 0x76, 0x02,
695 0x03, 0x00, 0x94, 0x30, 0x03, 0x01, 0x01, 0x00, 0x2A, 0x02, 0x01, 0x0B,
696 0x06, 0x10, 0x2A, 0x01, 0x01, 0x0C, 0x93, 0x08, 0x2E, 0x02, 0x00, 0x0F,
697 0x06, 0x01, 0x00, 0x61, 0x04, 0x6A, 0x29, 0x01, 0x7F, 0x00, 0x00, 0x2C,
698 0x19, 0x38, 0x06, 0x04, 0xCF, 0x29, 0x04, 0x78, 0x01, 0x16, 0x89, 0x42,
699 0x01, 0x00, 0xE2, 0x01, 0x00, 0xE1, 0x2C, 0x01, 0x17, 0x89, 0x42, 0x00,
700 0x00, 0x01, 0x15, 0x89, 0x42, 0x47, 0x57, 0x29, 0x57, 0x29, 0x2C, 0x00,
701 0x00, 0x01, 0x01, 0x47, 0xC6, 0x00, 0x00, 0xBB, 0x01, 0x01, 0x0F, 0x05,
702 0x02, 0x73, 0x2B, 0x2A, 0xC9, 0x29, 0x00, 0x00, 0x47, 0x3A, 0x9A, 0x47,
703 0x2A, 0x06, 0x05, 0xC3, 0x29, 0x62, 0x04, 0x78, 0x29, 0x00, 0x02, 0x03,
704 0x00, 0x78, 0x2E, 0x9C, 0x03, 0x01, 0x02, 0x01, 0x01, 0x0F, 0x13, 0x02,
705 0x01, 0x01, 0x04, 0x12, 0x01, 0x0F, 0x13, 0x02, 0x01, 0x01, 0x08, 0x12,
706 0x01, 0x0F, 0x13, 0x01, 0x00, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x00,
707 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x81,
708 0x0D, 0x01, 0x01, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x01, 0x01, 0x10,
709 0x02, 0x00, 0x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x80, 0x77, 0x01,
710 0x02, 0x3A, 0x0F, 0x06, 0x10, 0x29, 0x01, 0x01, 0x01, 0x20, 0x02, 0x00,
711 0x06, 0x03, 0x4C, 0x04, 0x01, 0x4D, 0x04, 0x80, 0x61, 0x01, 0x03, 0x3A,
712 0x0F, 0x06, 0x0F, 0x29, 0x29, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x4A,
713 0x04, 0x01, 0x4B, 0x04, 0x80, 0x4C, 0x01, 0x04, 0x3A, 0x0F, 0x06, 0x0E,
714 0x29, 0x29, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x4A, 0x04, 0x01, 0x4B,
715 0x04, 0x38, 0x01, 0x05, 0x3A, 0x0F, 0x06, 0x0C, 0x29, 0x29, 0x02, 0x00,
716 0x06, 0x03, 0x4E, 0x04, 0x01, 0x4F, 0x04, 0x26, 0x2A, 0x01, 0x09, 0x10,
717 0x06, 0x02, 0x6A, 0x2B, 0x47, 0x29, 0x2A, 0x01, 0x01, 0x13, 0x01, 0x04,
718 0x0C, 0x01, 0x10, 0x08, 0x47, 0x01, 0x08, 0x13, 0x01, 0x10, 0x47, 0x09,
719 0x02, 0x00, 0x06, 0x03, 0x48, 0x04, 0x01, 0x49, 0x00, 0x29, 0x00, 0x00,
720 0x9C, 0x01, 0x0C, 0x12, 0x01, 0x02, 0x10, 0x00, 0x00, 0x9C, 0x01, 0x0C,
721 0x12, 0x2A, 0x60, 0x47, 0x01, 0x03, 0x0B, 0x13, 0x00, 0x00, 0x9C, 0x01,
722 0x0C, 0x12, 0x01, 0x01, 0x0F, 0x00, 0x00, 0x9C, 0x01, 0x0C, 0x12, 0x5F,
723 0x00, 0x00, 0x1B, 0x01, 0x00, 0x75, 0x30, 0x2A, 0x06, 0x22, 0x01, 0x01,
724 0x3A, 0x0F, 0x06, 0x06, 0x29, 0x01, 0x00, 0xA0, 0x04, 0x14, 0x01, 0x02,
725 0x3A, 0x0F, 0x06, 0x0D, 0x29, 0x77, 0x30, 0x01, 0x01, 0x0F, 0x06, 0x03,
726 0x01, 0x10, 0x39, 0x04, 0x01, 0x29, 0x04, 0x01, 0x29, 0x7D, 0x30, 0x05,
727 0x33, 0x31, 0x06, 0x30, 0x88, 0x30, 0x01, 0x14, 0x3A, 0x0F, 0x06, 0x06,
728 0x29, 0x01, 0x02, 0x39, 0x04, 0x22, 0x01, 0x15, 0x3A, 0x0F, 0x06, 0x09,
729 0x29, 0xAA, 0x06, 0x03, 0x01, 0x7F, 0xA0, 0x04, 0x13, 0x01, 0x16, 0x3A,
730 0x0F, 0x06, 0x06, 0x29, 0x01, 0x01, 0x39, 0x04, 0x07, 0x29, 0x01, 0x04,
731 0x39, 0x01, 0x00, 0x29, 0x19, 0x06, 0x03, 0x01, 0x08, 0x39, 0x00, 0x00,
732 0x1B, 0x2A, 0x05, 0x13, 0x31, 0x06, 0x10, 0x88, 0x30, 0x01, 0x15, 0x0F,
733 0x06, 0x08, 0x29, 0xAA, 0x01, 0x00, 0x77, 0x42, 0x04, 0x01, 0x23, 0x00,
734 0x00, 0xCF, 0x01, 0x07, 0x13, 0x01, 0x01, 0x10, 0x06, 0x02, 0x73, 0x2B,
735 0x00, 0x01, 0x03, 0x00, 0x2C, 0x19, 0x06, 0x05, 0x02, 0x00, 0x89, 0x42,
736 0x00, 0xCF, 0x29, 0x04, 0x74, 0x00, 0x01, 0x14, 0xD2, 0x01, 0x01, 0xE2,
737 0x2C, 0x2A, 0x01, 0x00, 0xCA, 0x01, 0x16, 0xD2, 0xD6, 0x2C, 0x00, 0x00,
738 0x01, 0x0B, 0xE2, 0x52, 0x2A, 0x2A, 0x01, 0x03, 0x08, 0xE1, 0xE1, 0x14,
739 0x2A, 0x5D, 0x06, 0x02, 0x29, 0x00, 0xE1, 0x1E, 0x2A, 0x06, 0x05, 0x85,
740 0x47, 0xDA, 0x04, 0x77, 0x29, 0x04, 0x6C, 0x00, 0x01, 0x00, 0xDC, 0x95,
741 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06, 0x05, 0x63, 0x01, 0x00, 0xDD, 0x08,
742 0x50, 0x08, 0x01, 0x03, 0x08, 0x01, 0x0D, 0xE2, 0xE1, 0x01, 0x00, 0xDC,
743 0xE2, 0x01, 0x01, 0xDC, 0x29, 0x95, 0x2E, 0x01, 0x86, 0x03, 0x11, 0x06,
744 0x08, 0x01, 0x00, 0xDD, 0xE0, 0x01, 0x01, 0xDD, 0x29, 0x50, 0xE0, 0x16,
745 0x15, 0x2A, 0x5D, 0x06, 0x02, 0x29, 0x00, 0xE0, 0x1F, 0x2A, 0x06, 0x05,
746 0x85, 0x47, 0xDA, 0x04, 0x77, 0x29, 0x04, 0x6C, 0x00, 0x9E, 0x01, 0x14,
747 0xE2, 0x01, 0x0C, 0xE1, 0x85, 0x01, 0x0C, 0xDA, 0x00, 0x04, 0x03, 0x00,
748 0x01, 0x02, 0xE2, 0x01, 0x80, 0x46, 0x8A, 0x30, 0x01, 0x02, 0x0F, 0x06,
749 0x0C, 0x02, 0x00, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04,
750 0x02, 0x01, 0x00, 0x03, 0x01, 0x86, 0x30, 0x06, 0x04, 0x01, 0x05, 0x04,
751 0x02, 0x01, 0x00, 0x03, 0x02, 0x8C, 0x2E, 0x2A, 0x06, 0x05, 0x62, 0x21,
752 0x01, 0x07, 0x08, 0x03, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03,
753 0x08, 0x2A, 0x06, 0x03, 0x01, 0x02, 0x08, 0x08, 0xE1, 0x95, 0x2E, 0xE0,
754 0x8E, 0x01, 0x04, 0x17, 0x8E, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x34, 0x8E,
755 0x01, 0x20, 0xDA, 0x01, 0x20, 0xE2, 0x8F, 0x01, 0x20, 0xDA, 0x78, 0x2E,
756 0xE0, 0x01, 0x00, 0xE2, 0x02, 0x01, 0x02, 0x02, 0x08, 0x02, 0x03, 0x08,
757 0x2A, 0x06, 0x80, 0x40, 0xE0, 0x02, 0x01, 0x2A, 0x06, 0x10, 0x01, 0x83,
758 0xFE, 0x01, 0xE0, 0x01, 0x04, 0x09, 0x2A, 0xE0, 0x62, 0x8B, 0x47, 0xDB,
759 0x04, 0x01, 0x29, 0x02, 0x02, 0x06, 0x0C, 0x01, 0x01, 0xE0, 0x01, 0x01,
760 0xE0, 0x86, 0x30, 0x01, 0x08, 0x09, 0xE2, 0x02, 0x03, 0x2A, 0x06, 0x11,
761 0x01, 0x10, 0xE0, 0x01, 0x04, 0x09, 0x2A, 0xE0, 0x64, 0x2A, 0xE0, 0x62,
762 0x85, 0x47, 0xDB, 0x04, 0x01, 0x29, 0x04, 0x01, 0x29, 0x00, 0x00, 0x01,
763 0x0E, 0xE2, 0x01, 0x00, 0xE1, 0x00, 0x03, 0x78, 0x2E, 0xCC, 0x05, 0x01,
764 0x00, 0x7E, 0x2F, 0x2A, 0x01, 0x82, 0x80, 0x80, 0x80, 0x00, 0x13, 0x06,
765 0x05, 0x29, 0x01, 0x1D, 0x04, 0x0E, 0x2A, 0x01, 0x83, 0xC0, 0x80, 0x80,
766 0x00, 0x13, 0x2A, 0x06, 0x01, 0x47, 0x29, 0xA5, 0x03, 0x00, 0x02, 0x00,
767 0x25, 0x2A, 0x5D, 0x06, 0x02, 0x37, 0x2B, 0x03, 0x01, 0x95, 0x2E, 0x01,
768 0x86, 0x03, 0x11, 0x03, 0x02, 0x01, 0x0C, 0xE2, 0x02, 0x01, 0x80, 0x30,
769 0x08, 0x02, 0x02, 0x01, 0x02, 0x13, 0x08, 0x01, 0x06, 0x08, 0xE1, 0x01,
770 0x03, 0xE2, 0x02, 0x00, 0xE0, 0x7F, 0x80, 0x30, 0xDB, 0x02, 0x02, 0x06,
771 0x1C, 0x92, 0x2E, 0x2A, 0x01, 0x83, 0xFE, 0x00, 0x0B, 0x06, 0x03, 0xE0,
772 0x04, 0x0F, 0x01, 0x81, 0x7F, 0x13, 0xE2, 0x78, 0x2E, 0xCD, 0x01, 0x01,
773 0x0C, 0x01, 0x03, 0x08, 0xE2, 0x02, 0x01, 0xE0, 0x85, 0x02, 0x01, 0xDA,
774 0x00, 0x00, 0x56, 0x2A, 0x01, 0x00, 0x0F, 0x06, 0x02, 0x65, 0x00, 0xCF,
775 0x29, 0x04, 0x73, 0x00, 0x2A, 0xE2, 0xDA, 0x00, 0x00, 0x01, 0x00, 0x78,
776 0x2E, 0xCB, 0x06, 0x0C, 0x63, 0x3A, 0x06, 0x08, 0x01, 0x80, 0x41, 0xE2,
777 0x01, 0x80, 0x42, 0xE2, 0x46, 0x06, 0x07, 0x61, 0x3A, 0x06, 0x03, 0x01,
778 0x01, 0xE2, 0x45, 0x06, 0x08, 0x61, 0x3A, 0x06, 0x04, 0x01, 0x80, 0x40,
779 0xE2, 0x47, 0x29, 0x00, 0x01, 0x01, 0x00, 0x03, 0x00, 0x46, 0x45, 0x39,
780 0x05, 0x14, 0x01, 0x01, 0x01, 0x80, 0x7C, 0xDE, 0x03, 0x00, 0x01, 0x03,
781 0x01, 0x80, 0x7C, 0xDE, 0x02, 0x00, 0x08, 0x47, 0x29, 0x00, 0x46, 0x06,
782 0x07, 0x01, 0x01, 0x44, 0x29, 0xDE, 0x03, 0x00, 0x45, 0x06, 0x0A, 0x01,
783 0x03, 0x44, 0x29, 0xDE, 0x02, 0x00, 0x08, 0x03, 0x00, 0x29, 0x02, 0x00,
784 0x00, 0x00, 0x01, 0x00, 0x01, 0x04, 0xDF, 0x01, 0x05, 0xDF, 0x01, 0x06,
785 0xDF, 0x01, 0x03, 0xDF, 0x01, 0x02, 0xDF, 0x0A, 0x65, 0x00, 0x01, 0x03,
786 0x00, 0x3A, 0x01, 0x01, 0x02, 0x00, 0x0C, 0x13, 0x05, 0x01, 0x00, 0x63,
787 0x01, 0x03, 0x3B, 0x06, 0x07, 0x02, 0x00, 0xE2, 0x01, 0x02, 0x3B, 0xE2,
788 0x00, 0x00, 0x2A, 0x01, 0x08, 0x54, 0xE2, 0xE2, 0x00, 0x00, 0x2A, 0x01,
789 0x10, 0x54, 0xE2, 0xE0, 0x00, 0x00, 0x2A, 0x57, 0x06, 0x02, 0x29, 0x00,
790 0xCF, 0x29, 0x04, 0x76
791 };
792
793 static const uint16_t t0_caddr[] = {
794 0,
795 5,
796 10,
797 15,
798 20,
799 25,
800 30,
801 35,
802 40,
803 44,
804 48,
805 52,
806 56,
807 60,
808 64,
809 68,
810 72,
811 76,
812 80,
813 84,
814 88,
815 92,
816 96,
817 100,
818 104,
819 109,
820 114,
821 119,
822 124,
823 129,
824 134,
825 139,
826 144,
827 149,
828 154,
829 159,
830 164,
831 169,
832 174,
833 180,
834 185,
835 190,
836 195,
837 200,
838 205,
839 210,
840 215,
841 220,
842 225,
843 230,
844 235,
845 240,
846 245,
847 250,
848 255,
849 260,
850 265,
851 270,
852 275,
853 280,
854 285,
855 290,
856 299,
857 303,
858 328,
859 334,
860 353,
861 364,
862 405,
863 516,
864 520,
865 553,
866 563,
867 587,
868 669,
869 683,
870 689,
871 748,
872 767,
873 789,
874 838,
875 887,
876 963,
877 1065,
878 1076,
879 1670,
880 1674,
881 1741,
882 1751,
883 1782,
884 1806,
885 1852,
886 1922,
887 1962,
888 1976,
889 1985,
890 1989,
891 2084,
892 2092,
893 2128,
894 2139,
895 2155,
896 2161,
897 2172,
898 2207,
899 2233,
900 2245,
901 2251,
902 2264,
903 2279,
904 2472,
905 2481,
906 2494,
907 2503,
908 2510,
909 2616,
910 2641,
911 2654,
912 2670,
913 2688,
914 2720,
915 2793,
916 2806,
917 2987,
918 2995,
919 3122,
920 3136,
921 3141,
922 3185,
923 3242,
924 3263,
925 3290,
926 3298,
927 3306
928 };
929
930 #define T0_INTERPRETED 93
931
932 #define T0_ENTER(ip, rp, slot) do { \
933 const unsigned char *t0_newip; \
934 uint32_t t0_lnum; \
935 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
936 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
937 (rp) += t0_lnum; \
938 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
939 (ip) = t0_newip; \
940 } while (0)
941
942 #define T0_DEFENTRY(name, slot) \
943 void \
944 name(void *ctx) \
945 { \
946 t0_context *t0ctx = ctx; \
947 t0ctx->ip = &t0_codeblock[0]; \
948 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
949 }
950
951 T0_DEFENTRY(br_ssl_hs_server_init_main, 166)
952
953 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
954
955 void
956 br_ssl_hs_server_run(void *t0ctx)
957 {
958 uint32_t *dp, *rp;
959 const unsigned char *ip;
960
961 #define T0_LOCAL(x) (*(rp - 2 - (x)))
962 #define T0_POP() (*-- dp)
963 #define T0_POPi() (*(int32_t *)(-- dp))
964 #define T0_PEEK(x) (*(dp - 1 - (x)))
965 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
966 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
967 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
968 #define T0_RPOP() (*-- rp)
969 #define T0_RPOPi() (*(int32_t *)(-- rp))
970 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
971 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
972 #define T0_ROLL(x) do { \
973 size_t t0len = (size_t)(x); \
974 uint32_t t0tmp = *(dp - 1 - t0len); \
975 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
976 *(dp - 1) = t0tmp; \
977 } while (0)
978 #define T0_SWAP() do { \
979 uint32_t t0tmp = *(dp - 2); \
980 *(dp - 2) = *(dp - 1); \
981 *(dp - 1) = t0tmp; \
982 } while (0)
983 #define T0_ROT() do { \
984 uint32_t t0tmp = *(dp - 3); \
985 *(dp - 3) = *(dp - 2); \
986 *(dp - 2) = *(dp - 1); \
987 *(dp - 1) = t0tmp; \
988 } while (0)
989 #define T0_NROT() do { \
990 uint32_t t0tmp = *(dp - 1); \
991 *(dp - 1) = *(dp - 2); \
992 *(dp - 2) = *(dp - 3); \
993 *(dp - 3) = t0tmp; \
994 } while (0)
995 #define T0_PICK(x) do { \
996 uint32_t t0depth = (x); \
997 T0_PUSH(T0_PEEK(t0depth)); \
998 } while (0)
999 #define T0_CO() do { \
1000 goto t0_exit; \
1001 } while (0)
1002 #define T0_RET() goto t0_next
1003
1004 dp = ((t0_context *)t0ctx)->dp;
1005 rp = ((t0_context *)t0ctx)->rp;
1006 ip = ((t0_context *)t0ctx)->ip;
1007 goto t0_next;
1008 for (;;) {
1009 uint32_t t0x;
1010
1011 t0_next:
1012 t0x = T0_NEXT(&ip);
1013 if (t0x < T0_INTERPRETED) {
1014 switch (t0x) {
1015 int32_t t0off;
1016
1017 case 0: /* ret */
1018 t0x = T0_RPOP();
1019 rp -= (t0x >> 16);
1020 t0x &= 0xFFFF;
1021 if (t0x == 0) {
1022 ip = NULL;
1023 goto t0_exit;
1024 }
1025 ip = &t0_codeblock[t0x];
1026 break;
1027 case 1: /* literal constant */
1028 T0_PUSHi(t0_parse7E_signed(&ip));
1029 break;
1030 case 2: /* read local */
1031 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));
1032 break;
1033 case 3: /* write local */
1034 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();
1035 break;
1036 case 4: /* jump */
1037 t0off = t0_parse7E_signed(&ip);
1038 ip += t0off;
1039 break;
1040 case 5: /* jump if */
1041 t0off = t0_parse7E_signed(&ip);
1042 if (T0_POP()) {
1043 ip += t0off;
1044 }
1045 break;
1046 case 6: /* jump if not */
1047 t0off = t0_parse7E_signed(&ip);
1048 if (!T0_POP()) {
1049 ip += t0off;
1050 }
1051 break;
1052 case 7: {
1053 /* * */
1054
1055 uint32_t b = T0_POP();
1056 uint32_t a = T0_POP();
1057 T0_PUSH(a * b);
1058
1059 }
1060 break;
1061 case 8: {
1062 /* + */
1063
1064 uint32_t b = T0_POP();
1065 uint32_t a = T0_POP();
1066 T0_PUSH(a + b);
1067
1068 }
1069 break;
1070 case 9: {
1071 /* - */
1072
1073 uint32_t b = T0_POP();
1074 uint32_t a = T0_POP();
1075 T0_PUSH(a - b);
1076
1077 }
1078 break;
1079 case 10: {
1080 /* -rot */
1081 T0_NROT();
1082 }
1083 break;
1084 case 11: {
1085 /* < */
1086
1087 int32_t b = T0_POPi();
1088 int32_t a = T0_POPi();
1089 T0_PUSH(-(uint32_t)(a < b));
1090
1091 }
1092 break;
1093 case 12: {
1094 /* << */
1095
1096 int c = (int)T0_POPi();
1097 uint32_t x = T0_POP();
1098 T0_PUSH(x << c);
1099
1100 }
1101 break;
1102 case 13: {
1103 /* <= */
1104
1105 int32_t b = T0_POPi();
1106 int32_t a = T0_POPi();
1107 T0_PUSH(-(uint32_t)(a <= b));
1108
1109 }
1110 break;
1111 case 14: {
1112 /* <> */
1113
1114 uint32_t b = T0_POP();
1115 uint32_t a = T0_POP();
1116 T0_PUSH(-(uint32_t)(a != b));
1117
1118 }
1119 break;
1120 case 15: {
1121 /* = */
1122
1123 uint32_t b = T0_POP();
1124 uint32_t a = T0_POP();
1125 T0_PUSH(-(uint32_t)(a == b));
1126
1127 }
1128 break;
1129 case 16: {
1130 /* > */
1131
1132 int32_t b = T0_POPi();
1133 int32_t a = T0_POPi();
1134 T0_PUSH(-(uint32_t)(a > b));
1135
1136 }
1137 break;
1138 case 17: {
1139 /* >= */
1140
1141 int32_t b = T0_POPi();
1142 int32_t a = T0_POPi();
1143 T0_PUSH(-(uint32_t)(a >= b));
1144
1145 }
1146 break;
1147 case 18: {
1148 /* >> */
1149
1150 int c = (int)T0_POPi();
1151 int32_t x = T0_POPi();
1152 T0_PUSHi(x >> c);
1153
1154 }
1155 break;
1156 case 19: {
1157 /* and */
1158
1159 uint32_t b = T0_POP();
1160 uint32_t a = T0_POP();
1161 T0_PUSH(a & b);
1162
1163 }
1164 break;
1165 case 20: {
1166 /* begin-cert */
1167
1168 if (ENG->chain_len == 0) {
1169 T0_PUSHi(-1);
1170 } else {
1171 ENG->cert_cur = ENG->chain->data;
1172 ENG->cert_len = ENG->chain->data_len;
1173 ENG->chain ++;
1174 ENG->chain_len --;
1175 T0_PUSH(ENG->cert_len);
1176 }
1177
1178 }
1179 break;
1180 case 21: {
1181 /* begin-ta-name */
1182
1183 const br_x500_name *dn;
1184 if (CTX->cur_dn_index >= CTX->num_tas) {
1185 T0_PUSHi(-1);
1186 } else {
1187 if (CTX->ta_names == NULL) {
1188 dn = &CTX->tas[CTX->cur_dn_index].dn;
1189 } else {
1190 dn = &CTX->ta_names[CTX->cur_dn_index];
1191 }
1192 CTX->cur_dn_index ++;
1193 CTX->cur_dn = dn->data;
1194 CTX->cur_dn_len = dn->len;
1195 T0_PUSH(CTX->cur_dn_len);
1196 }
1197
1198 }
1199 break;
1200 case 22: {
1201 /* begin-ta-name-list */
1202
1203 CTX->cur_dn_index = 0;
1204
1205 }
1206 break;
1207 case 23: {
1208 /* bzero */
1209
1210 size_t len = (size_t)T0_POP();
1211 void *addr = (unsigned char *)ENG + (size_t)T0_POP();
1212 memset(addr, 0, len);
1213
1214 }
1215 break;
1216 case 24: {
1217 /* call-policy-handler */
1218
1219 int x;
1220 br_ssl_server_choices choices;
1221
1222 x = (*CTX->policy_vtable)->choose(
1223 CTX->policy_vtable, CTX, &choices);
1224 ENG->session.cipher_suite = choices.cipher_suite;
1225 CTX->sign_hash_id = choices.algo_id;
1226 ENG->chain = choices.chain;
1227 ENG->chain_len = choices.chain_len;
1228 T0_PUSHi(-(x != 0));
1229
1230 }
1231 break;
1232 case 25: {
1233 /* can-output? */
1234
1235 T0_PUSHi(-(ENG->hlen_out > 0));
1236
1237 }
1238 break;
1239 case 26: {
1240 /* check-resume */
1241
1242 if (ENG->session.session_id_len == 32
1243 && CTX->cache_vtable != NULL && (*CTX->cache_vtable)->load(
1244 CTX->cache_vtable, CTX, &ENG->session))
1245 {
1246 T0_PUSHi(-1);
1247 } else {
1248 T0_PUSH(0);
1249 }
1250
1251 }
1252 break;
1253 case 27: {
1254 /* co */
1255 T0_CO();
1256 }
1257 break;
1258 case 28: {
1259 /* compute-Finished-inner */
1260
1261 int prf_id = T0_POP();
1262 int from_client = T0_POPi();
1263 unsigned char tmp[48];
1264 br_tls_prf_seed_chunk seed;
1265
1266 br_tls_prf_impl prf = br_ssl_engine_get_PRF(ENG, prf_id);
1267 seed.data = tmp;
1268 if (ENG->session.version >= BR_TLS12) {
1269 seed.len = br_multihash_out(&ENG->mhash, prf_id, tmp);
1270 } else {
1271 br_multihash_out(&ENG->mhash, br_md5_ID, tmp);
1272 br_multihash_out(&ENG->mhash, br_sha1_ID, tmp + 16);
1273 seed.len = 36;
1274 }
1275 prf(ENG->pad, 12, ENG->session.master_secret,
1276 sizeof ENG->session.master_secret,
1277 from_client ? "client finished" : "server finished",
1278 1, &seed);
1279
1280 }
1281 break;
1282 case 29: {
1283 /* compute-hash-CV */
1284
1285 int i;
1286
1287 for (i = 1; i <= 6; i ++) {
1288 br_multihash_out(&ENG->mhash, i,
1289 ENG->pad + HASH_PAD_OFF[i - 1]);
1290 }
1291
1292 }
1293 break;
1294 case 30: {
1295 /* copy-cert-chunk */
1296
1297 size_t clen;
1298
1299 clen = ENG->cert_len;
1300 if (clen > sizeof ENG->pad) {
1301 clen = sizeof ENG->pad;
1302 }
1303 memcpy(ENG->pad, ENG->cert_cur, clen);
1304 ENG->cert_cur += clen;
1305 ENG->cert_len -= clen;
1306 T0_PUSH(clen);
1307
1308 }
1309 break;
1310 case 31: {
1311 /* copy-dn-chunk */
1312
1313 size_t clen;
1314
1315 clen = CTX->cur_dn_len;
1316 if (clen > sizeof ENG->pad) {
1317 clen = sizeof ENG->pad;
1318 }
1319 memcpy(ENG->pad, CTX->cur_dn, clen);
1320 CTX->cur_dn += clen;
1321 CTX->cur_dn_len -= clen;
1322 T0_PUSH(clen);
1323
1324 }
1325 break;
1326 case 32: {
1327 /* copy-hash-CV */
1328
1329 int id = T0_POP();
1330 size_t off, len;
1331
1332 if (id == 0) {
1333 off = 0;
1334 len = 36;
1335 } else {
1336 if (br_multihash_getimpl(&ENG->mhash, id) == 0) {
1337 T0_PUSH(0);
1338 T0_RET();
1339 }
1340 off = HASH_PAD_OFF[id - 1];
1341 len = HASH_PAD_OFF[id] - off;
1342 }
1343 memcpy(CTX->hash_CV, ENG->pad + off, len);
1344 CTX->hash_CV_len = len;
1345 CTX->hash_CV_id = id;
1346 T0_PUSHi(-1);
1347
1348 }
1349 break;
1350 case 33: {
1351 /* copy-protocol-name */
1352
1353 size_t idx = T0_POP();
1354 size_t len = strlen(ENG->protocol_names[idx]);
1355 memcpy(ENG->pad, ENG->protocol_names[idx], len);
1356 T0_PUSH(len);
1357
1358 }
1359 break;
1360 case 34: {
1361 /* data-get8 */
1362
1363 size_t addr = T0_POP();
1364 T0_PUSH(t0_datablock[addr]);
1365
1366 }
1367 break;
1368 case 35: {
1369 /* discard-input */
1370
1371 ENG->hlen_in = 0;
1372
1373 }
1374 break;
1375 case 36: {
1376 /* do-ecdh */
1377
1378 int prf_id = T0_POPi();
1379 size_t len = T0_POP();
1380 do_ecdh(CTX, prf_id, ENG->pad, len);
1381
1382 }
1383 break;
1384 case 37: {
1385 /* do-ecdhe-part1 */
1386
1387 int curve = T0_POPi();
1388 T0_PUSHi(do_ecdhe_part1(CTX, curve));
1389
1390 }
1391 break;
1392 case 38: {
1393 /* do-ecdhe-part2 */
1394
1395 int prf_id = T0_POPi();
1396 size_t len = T0_POP();
1397 do_ecdhe_part2(CTX, prf_id, ENG->pad, len);
1398
1399 }
1400 break;
1401 case 39: {
1402 /* do-rsa-decrypt */
1403
1404 int prf_id = T0_POPi();
1405 size_t len = T0_POP();
1406 do_rsa_decrypt(CTX, prf_id, ENG->pad, len);
1407
1408 }
1409 break;
1410 case 40: {
1411 /* do-static-ecdh */
1412
1413 do_static_ecdh(CTX, T0_POP());
1414
1415 }
1416 break;
1417 case 41: {
1418 /* drop */
1419 (void)T0_POP();
1420 }
1421 break;
1422 case 42: {
1423 /* dup */
1424 T0_PUSH(T0_PEEK(0));
1425 }
1426 break;
1427 case 43: {
1428 /* fail */
1429
1430 br_ssl_engine_fail(ENG, (int)T0_POPi());
1431 T0_CO();
1432
1433 }
1434 break;
1435 case 44: {
1436 /* flush-record */
1437
1438 br_ssl_engine_flush_record(ENG);
1439
1440 }
1441 break;
1442 case 45: {
1443 /* get-key-type-usages */
1444
1445 const br_x509_class *xc;
1446 const br_x509_pkey *pk;
1447 unsigned usages;
1448
1449 xc = *(ENG->x509ctx);
1450 pk = xc->get_pkey(ENG->x509ctx, &usages);
1451 if (pk == NULL) {
1452 T0_PUSH(0);
1453 } else {
1454 T0_PUSH(pk->key_type | usages);
1455 }
1456
1457 }
1458 break;
1459 case 46: {
1460 /* get16 */
1461
1462 size_t addr = (size_t)T0_POP();
1463 T0_PUSH(*(uint16_t *)(void *)((unsigned char *)ENG + addr));
1464
1465 }
1466 break;
1467 case 47: {
1468 /* get32 */
1469
1470 size_t addr = (size_t)T0_POP();
1471 T0_PUSH(*(uint32_t *)(void *)((unsigned char *)ENG + addr));
1472
1473 }
1474 break;
1475 case 48: {
1476 /* get8 */
1477
1478 size_t addr = (size_t)T0_POP();
1479 T0_PUSH(*((unsigned char *)ENG + addr));
1480
1481 }
1482 break;
1483 case 49: {
1484 /* has-input? */
1485
1486 T0_PUSHi(-(ENG->hlen_in != 0));
1487
1488 }
1489 break;
1490 case 50: {
1491 /* memcmp */
1492
1493 size_t len = (size_t)T0_POP();
1494 void *addr2 = (unsigned char *)ENG + (size_t)T0_POP();
1495 void *addr1 = (unsigned char *)ENG + (size_t)T0_POP();
1496 int x = memcmp(addr1, addr2, len);
1497 T0_PUSH((uint32_t)-(x == 0));
1498
1499 }
1500 break;
1501 case 51: {
1502 /* memcpy */
1503
1504 size_t len = (size_t)T0_POP();
1505 void *src = (unsigned char *)ENG + (size_t)T0_POP();
1506 void *dst = (unsigned char *)ENG + (size_t)T0_POP();
1507 memcpy(dst, src, len);
1508
1509 }
1510 break;
1511 case 52: {
1512 /* mkrand */
1513
1514 size_t len = (size_t)T0_POP();
1515 void *addr = (unsigned char *)ENG + (size_t)T0_POP();
1516 br_hmac_drbg_generate(&ENG->rng, addr, len);
1517
1518 }
1519 break;
1520 case 53: {
1521 /* more-incoming-bytes? */
1522
1523 T0_PUSHi(ENG->hlen_in != 0 || !br_ssl_engine_recvrec_finished(ENG));
1524
1525 }
1526 break;
1527 case 54: {
1528 /* multihash-init */
1529
1530 br_multihash_init(&ENG->mhash);
1531
1532 }
1533 break;
1534 case 55: {
1535 /* neg */
1536
1537 uint32_t a = T0_POP();
1538 T0_PUSH(-a);
1539
1540 }
1541 break;
1542 case 56: {
1543 /* not */
1544
1545 uint32_t a = T0_POP();
1546 T0_PUSH(~a);
1547
1548 }
1549 break;
1550 case 57: {
1551 /* or */
1552
1553 uint32_t b = T0_POP();
1554 uint32_t a = T0_POP();
1555 T0_PUSH(a | b);
1556
1557 }
1558 break;
1559 case 58: {
1560 /* over */
1561 T0_PUSH(T0_PEEK(1));
1562 }
1563 break;
1564 case 59: {
1565 /* pick */
1566 T0_PICK(T0_POP());
1567 }
1568 break;
1569 case 60: {
1570 /* read-chunk-native */
1571
1572 size_t clen = ENG->hlen_in;
1573 if (clen > 0) {
1574 uint32_t addr, len;
1575
1576 len = T0_POP();
1577 addr = T0_POP();
1578 if ((size_t)len < clen) {
1579 clen = (size_t)len;
1580 }
1581 memcpy((unsigned char *)ENG + addr, ENG->hbuf_in, clen);
1582 if (ENG->record_type_in == BR_SSL_HANDSHAKE) {
1583 br_multihash_update(&ENG->mhash, ENG->hbuf_in, clen);
1584 }
1585 T0_PUSH(addr + (uint32_t)clen);
1586 T0_PUSH(len - (uint32_t)clen);
1587 ENG->hbuf_in += clen;
1588 ENG->hlen_in -= clen;
1589 }
1590
1591 }
1592 break;
1593 case 61: {
1594 /* read8-native */
1595
1596 if (ENG->hlen_in > 0) {
1597 unsigned char x;
1598
1599 x = *ENG->hbuf_in ++;
1600 if (ENG->record_type_in == BR_SSL_HANDSHAKE) {
1601 br_multihash_update(&ENG->mhash, &x, 1);
1602 }
1603 T0_PUSH(x);
1604 ENG->hlen_in --;
1605 } else {
1606 T0_PUSHi(-1);
1607 }
1608
1609 }
1610 break;
1611 case 62: {
1612 /* save-session */
1613
1614 if (CTX->cache_vtable != NULL) {
1615 (*CTX->cache_vtable)->save(
1616 CTX->cache_vtable, CTX, &ENG->session);
1617 }
1618
1619 }
1620 break;
1621 case 63: {
1622 /* set-max-frag-len */
1623
1624 size_t max_frag_len = T0_POP();
1625
1626 br_ssl_engine_new_max_frag_len(ENG, max_frag_len);
1627
1628 /*
1629 * We must adjust our own output limit. Since we call this only
1630 * after receiving a ClientHello and before beginning to send
1631 * the ServerHello, the next output record should be empty at
1632 * that point, so we can use max_frag_len as a limit.
1633 */
1634 if (ENG->hlen_out > max_frag_len) {
1635 ENG->hlen_out = max_frag_len;
1636 }
1637
1638 }
1639 break;
1640 case 64: {
1641 /* set16 */
1642
1643 size_t addr = (size_t)T0_POP();
1644 *(uint16_t *)(void *)((unsigned char *)ENG + addr) = (uint16_t)T0_POP();
1645
1646 }
1647 break;
1648 case 65: {
1649 /* set32 */
1650
1651 size_t addr = (size_t)T0_POP();
1652 *(uint32_t *)(void *)((unsigned char *)ENG + addr) = (uint32_t)T0_POP();
1653
1654 }
1655 break;
1656 case 66: {
1657 /* set8 */
1658
1659 size_t addr = (size_t)T0_POP();
1660 *((unsigned char *)ENG + addr) = (unsigned char)T0_POP();
1661
1662 }
1663 break;
1664 case 67: {
1665 /* supported-curves */
1666
1667 uint32_t x = ENG->iec == NULL ? 0 : ENG->iec->supported_curves;
1668 T0_PUSH(x);
1669
1670 }
1671 break;
1672 case 68: {
1673 /* supported-hash-functions */
1674
1675 int i;
1676 unsigned x, num;
1677
1678 x = 0;
1679 num = 0;
1680 for (i = br_sha1_ID; i <= br_sha512_ID; i ++) {
1681 if (br_multihash_getimpl(&ENG->mhash, i)) {
1682 x |= 1U << i;
1683 num ++;
1684 }
1685 }
1686 T0_PUSH(x);
1687 T0_PUSH(num);
1688
1689 }
1690 break;
1691 case 69: {
1692 /* supports-ecdsa? */
1693
1694 T0_PUSHi(-(ENG->iecdsa != 0));
1695
1696 }
1697 break;
1698 case 70: {
1699 /* supports-rsa-sign? */
1700
1701 T0_PUSHi(-(ENG->irsavrfy != 0));
1702
1703 }
1704 break;
1705 case 71: {
1706 /* swap */
1707 T0_SWAP();
1708 }
1709 break;
1710 case 72: {
1711 /* switch-aesccm-in */
1712
1713 int is_client, prf_id;
1714 unsigned cipher_key_len, tag_len;
1715
1716 tag_len = T0_POP();
1717 cipher_key_len = T0_POP();
1718 prf_id = T0_POP();
1719 is_client = T0_POP();
1720 br_ssl_engine_switch_ccm_in(ENG, is_client, prf_id,
1721 ENG->iaes_ctrcbc, cipher_key_len, tag_len);
1722
1723 }
1724 break;
1725 case 73: {
1726 /* switch-aesccm-out */
1727
1728 int is_client, prf_id;
1729 unsigned cipher_key_len, tag_len;
1730
1731 tag_len = T0_POP();
1732 cipher_key_len = T0_POP();
1733 prf_id = T0_POP();
1734 is_client = T0_POP();
1735 br_ssl_engine_switch_ccm_out(ENG, is_client, prf_id,
1736 ENG->iaes_ctrcbc, cipher_key_len, tag_len);
1737
1738 }
1739 break;
1740 case 74: {
1741 /* switch-aesgcm-in */
1742
1743 int is_client, prf_id;
1744 unsigned cipher_key_len;
1745
1746 cipher_key_len = T0_POP();
1747 prf_id = T0_POP();
1748 is_client = T0_POP();
1749 br_ssl_engine_switch_gcm_in(ENG, is_client, prf_id,
1750 ENG->iaes_ctr, cipher_key_len);
1751
1752 }
1753 break;
1754 case 75: {
1755 /* switch-aesgcm-out */
1756
1757 int is_client, prf_id;
1758 unsigned cipher_key_len;
1759
1760 cipher_key_len = T0_POP();
1761 prf_id = T0_POP();
1762 is_client = T0_POP();
1763 br_ssl_engine_switch_gcm_out(ENG, is_client, prf_id,
1764 ENG->iaes_ctr, cipher_key_len);
1765
1766 }
1767 break;
1768 case 76: {
1769 /* switch-cbc-in */
1770
1771 int is_client, prf_id, mac_id, aes;
1772 unsigned cipher_key_len;
1773
1774 cipher_key_len = T0_POP();
1775 aes = T0_POP();
1776 mac_id = T0_POP();
1777 prf_id = T0_POP();
1778 is_client = T0_POP();
1779 br_ssl_engine_switch_cbc_in(ENG, is_client, prf_id, mac_id,
1780 aes ? ENG->iaes_cbcdec : ENG->ides_cbcdec, cipher_key_len);
1781
1782 }
1783 break;
1784 case 77: {
1785 /* switch-cbc-out */
1786
1787 int is_client, prf_id, mac_id, aes;
1788 unsigned cipher_key_len;
1789
1790 cipher_key_len = T0_POP();
1791 aes = T0_POP();
1792 mac_id = T0_POP();
1793 prf_id = T0_POP();
1794 is_client = T0_POP();
1795 br_ssl_engine_switch_cbc_out(ENG, is_client, prf_id, mac_id,
1796 aes ? ENG->iaes_cbcenc : ENG->ides_cbcenc, cipher_key_len);
1797
1798 }
1799 break;
1800 case 78: {
1801 /* switch-chapol-in */
1802
1803 int is_client, prf_id;
1804
1805 prf_id = T0_POP();
1806 is_client = T0_POP();
1807 br_ssl_engine_switch_chapol_in(ENG, is_client, prf_id);
1808
1809 }
1810 break;
1811 case 79: {
1812 /* switch-chapol-out */
1813
1814 int is_client, prf_id;
1815
1816 prf_id = T0_POP();
1817 is_client = T0_POP();
1818 br_ssl_engine_switch_chapol_out(ENG, is_client, prf_id);
1819
1820 }
1821 break;
1822 case 80: {
1823 /* ta-names-total-length */
1824
1825 size_t u, len;
1826
1827 len = 0;
1828 if (CTX->ta_names != NULL) {
1829 for (u = 0; u < CTX->num_tas; u ++) {
1830 len += CTX->ta_names[u].len + 2;
1831 }
1832 } else if (CTX->tas != NULL) {
1833 for (u = 0; u < CTX->num_tas; u ++) {
1834 len += CTX->tas[u].dn.len + 2;
1835 }
1836 }
1837 T0_PUSH(len);
1838
1839 }
1840 break;
1841 case 81: {
1842 /* test-protocol-name */
1843
1844 size_t len = T0_POP();
1845 size_t u;
1846
1847 for (u = 0; u < ENG->protocol_names_num; u ++) {
1848 const char *name;
1849
1850 name = ENG->protocol_names[u];
1851 if (len == strlen(name) && memcmp(ENG->pad, name, len) == 0) {
1852 T0_PUSH(u);
1853 T0_RET();
1854 }
1855 }
1856 T0_PUSHi(-1);
1857
1858 }
1859 break;
1860 case 82: {
1861 /* total-chain-length */
1862
1863 size_t u;
1864 uint32_t total;
1865
1866 total = 0;
1867 for (u = 0; u < ENG->chain_len; u ++) {
1868 total += 3 + (uint32_t)ENG->chain[u].data_len;
1869 }
1870 T0_PUSH(total);
1871
1872 }
1873 break;
1874 case 83: {
1875 /* u< */
1876
1877 uint32_t b = T0_POP();
1878 uint32_t a = T0_POP();
1879 T0_PUSH(-(uint32_t)(a < b));
1880
1881 }
1882 break;
1883 case 84: {
1884 /* u>> */
1885
1886 int c = (int)T0_POPi();
1887 uint32_t x = T0_POP();
1888 T0_PUSH(x >> c);
1889
1890 }
1891 break;
1892 case 85: {
1893 /* verify-CV-sig */
1894
1895 int err;
1896
1897 err = verify_CV_sig(CTX, T0_POP());
1898 T0_PUSHi(err);
1899
1900 }
1901 break;
1902 case 86: {
1903 /* write-blob-chunk */
1904
1905 size_t clen = ENG->hlen_out;
1906 if (clen > 0) {
1907 uint32_t addr, len;
1908
1909 len = T0_POP();
1910 addr = T0_POP();
1911 if ((size_t)len < clen) {
1912 clen = (size_t)len;
1913 }
1914 memcpy(ENG->hbuf_out, (unsigned char *)ENG + addr, clen);
1915 if (ENG->record_type_out == BR_SSL_HANDSHAKE) {
1916 br_multihash_update(&ENG->mhash, ENG->hbuf_out, clen);
1917 }
1918 T0_PUSH(addr + (uint32_t)clen);
1919 T0_PUSH(len - (uint32_t)clen);
1920 ENG->hbuf_out += clen;
1921 ENG->hlen_out -= clen;
1922 }
1923
1924 }
1925 break;
1926 case 87: {
1927 /* write8-native */
1928
1929 unsigned char x;
1930
1931 x = (unsigned char)T0_POP();
1932 if (ENG->hlen_out > 0) {
1933 if (ENG->record_type_out == BR_SSL_HANDSHAKE) {
1934 br_multihash_update(&ENG->mhash, &x, 1);
1935 }
1936 *ENG->hbuf_out ++ = x;
1937 ENG->hlen_out --;
1938 T0_PUSHi(-1);
1939 } else {
1940 T0_PUSHi(0);
1941 }
1942
1943 }
1944 break;
1945 case 88: {
1946 /* x509-append */
1947
1948 const br_x509_class *xc;
1949 size_t len;
1950
1951 xc = *(ENG->x509ctx);
1952 len = T0_POP();
1953 xc->append(ENG->x509ctx, ENG->pad, len);
1954
1955 }
1956 break;
1957 case 89: {
1958 /* x509-end-cert */
1959
1960 const br_x509_class *xc;
1961
1962 xc = *(ENG->x509ctx);
1963 xc->end_cert(ENG->x509ctx);
1964
1965 }
1966 break;
1967 case 90: {
1968 /* x509-end-chain */
1969
1970 const br_x509_class *xc;
1971
1972 xc = *(ENG->x509ctx);
1973 T0_PUSH(xc->end_chain(ENG->x509ctx));
1974
1975 }
1976 break;
1977 case 91: {
1978 /* x509-start-cert */
1979
1980 const br_x509_class *xc;
1981
1982 xc = *(ENG->x509ctx);
1983 xc->start_cert(ENG->x509ctx, T0_POP());
1984
1985 }
1986 break;
1987 case 92: {
1988 /* x509-start-chain */
1989
1990 const br_x509_class *xc;
1991 uint32_t bc;
1992
1993 bc = T0_POP();
1994 xc = *(ENG->x509ctx);
1995 xc->start_chain(ENG->x509ctx, bc ? ENG->server_name : NULL);
1996
1997 }
1998 break;
1999 }
2000
2001 } else {
2002 T0_ENTER(ip, rp, t0x);
2003 }
2004 }
2005 t0_exit:
2006 ((t0_context *)t0ctx)->dp = dp;
2007 ((t0_context *)t0ctx)->rp = rp;
2008 ((t0_context *)t0ctx)->ip = ip;
2009 }
The BearSSL library and tools.