1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_ssl_hs_client_init_main(void *t0ctx
);
66 void br_ssl_hs_client_run(void *t0ctx
);
76 * This macro evaluates to a pointer to the current engine context.
78 #define ENG ((br_ssl_engine_context *)((unsigned char *)t0ctx - offsetof(br_ssl_engine_context, cpu)))
85 * This macro evaluates to a pointer to the client context, under that
86 * specific name. It must be noted that since the engine context is the
87 * first field of the br_ssl_client_context structure ('eng'), then
88 * pointers values of both types are interchangeable, modulo an
89 * appropriate cast. This also means that "adresses" computed as offsets
90 * within the structure work for both kinds of context.
92 #define CTX ((br_ssl_client_context *)ENG)
95 * Generate the pre-master secret for RSA key exchange, and encrypt it
96 * with the server's public key. Returned value is either the encrypted
97 * data length (in bytes), or -x on error, with 'x' being an error code.
99 * This code assumes that the public key has been already verified (it
100 * was properly obtained by the X.509 engine, and it has the right type,
101 * i.e. it is of type RSA and suitable for encryption).
104 make_pms_rsa(br_ssl_client_context
*ctx
, int prf_id
)
106 const br_x509_class
**xc
;
107 const br_x509_pkey
*pk
;
108 const unsigned char *n
;
112 xc
= ctx
->eng
.x509ctx
;
113 pk
= (*xc
)->get_pkey(xc
, NULL
);
116 * Compute actual RSA key length, in case there are leading zeros.
119 nlen
= pk
->key
.rsa
.nlen
;
120 while (nlen
> 0 && *n
== 0) {
126 * We need at least 59 bytes (48 bytes for pre-master secret, and
127 * 11 bytes for the PKCS#1 type 2 padding). Note that the X.509
128 * minimal engine normally blocks RSA keys shorter than 128 bytes,
129 * so this is mostly for public keys provided explicitly by the
133 return -BR_ERR_X509_WEAK_PUBLIC_KEY
;
135 if (nlen
> sizeof ctx
->eng
.pad
) {
136 return -BR_ERR_LIMIT_EXCEEDED
;
142 pms
= ctx
->eng
.pad
+ nlen
- 48;
143 br_enc16be(pms
, ctx
->eng
.version_max
);
144 br_hmac_drbg_generate(&ctx
->eng
.rng
, pms
+ 2, 46);
145 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, pms
, 48);
148 * Apply PKCS#1 type 2 padding.
150 ctx
->eng
.pad
[0] = 0x00;
151 ctx
->eng
.pad
[1] = 0x02;
152 ctx
->eng
.pad
[nlen
- 49] = 0x00;
153 br_hmac_drbg_generate(&ctx
->eng
.rng
, ctx
->eng
.pad
+ 2, nlen
- 51);
154 for (u
= 2; u
< nlen
- 49; u
++) {
155 while (ctx
->eng
.pad
[u
] == 0) {
156 br_hmac_drbg_generate(&ctx
->eng
.rng
,
157 &ctx
->eng
.pad
[u
], 1);
162 * Compute RSA encryption.
164 if (!ctx
->irsapub(ctx
->eng
.pad
, nlen
, &pk
->key
.rsa
)) {
165 return -BR_ERR_LIMIT_EXCEEDED
;
171 * OID for hash functions in RSA signatures.
173 static const unsigned char HASH_OID_SHA1
[] = {
174 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
177 static const unsigned char HASH_OID_SHA224
[] = {
178 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
181 static const unsigned char HASH_OID_SHA256
[] = {
182 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
185 static const unsigned char HASH_OID_SHA384
[] = {
186 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
189 static const unsigned char HASH_OID_SHA512
[] = {
190 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
193 static const unsigned char *HASH_OID
[] = {
202 * Check the RSA signature on the ServerKeyExchange message.
204 * hash hash function ID (2 to 6), or 0 for MD5+SHA-1 (with RSA only)
205 * use_rsa non-zero for RSA signature, zero for ECDSA
206 * sig_len signature length (in bytes); signature value is in the pad
208 * Returned value is 0 on success, or an error code.
211 verify_SKE_sig(br_ssl_client_context
*ctx
,
212 int hash
, int use_rsa
, size_t sig_len
)
214 const br_x509_class
**xc
;
215 const br_x509_pkey
*pk
;
216 br_multihash_context mhc
;
217 unsigned char hv
[64], head
[4];
220 xc
= ctx
->eng
.x509ctx
;
221 pk
= (*xc
)->get_pkey(xc
, NULL
);
222 br_multihash_zero(&mhc
);
223 br_multihash_copyimpl(&mhc
, &ctx
->eng
.mhash
);
224 br_multihash_init(&mhc
);
225 br_multihash_update(&mhc
,
226 ctx
->eng
.client_random
, sizeof ctx
->eng
.client_random
);
227 br_multihash_update(&mhc
,
228 ctx
->eng
.server_random
, sizeof ctx
->eng
.server_random
);
231 head
[2] = ctx
->eng
.ecdhe_curve
;
232 head
[3] = ctx
->eng
.ecdhe_point_len
;
233 br_multihash_update(&mhc
, head
, sizeof head
);
234 br_multihash_update(&mhc
,
235 ctx
->eng
.ecdhe_point
, ctx
->eng
.ecdhe_point_len
);
237 hv_len
= br_multihash_out(&mhc
, hash
, hv
);
239 return BR_ERR_INVALID_ALGORITHM
;
242 if (!br_multihash_out(&mhc
, br_md5_ID
, hv
)
243 || !br_multihash_out(&mhc
, br_sha1_ID
, hv
+ 16))
245 return BR_ERR_INVALID_ALGORITHM
;
250 unsigned char tmp
[64];
251 const unsigned char *hash_oid
;
254 hash_oid
= HASH_OID
[hash
- 2];
258 if (!ctx
->eng
.irsavrfy(ctx
->eng
.pad
, sig_len
,
259 hash_oid
, hv_len
, &pk
->key
.rsa
, tmp
)
260 || memcmp(tmp
, hv
, hv_len
) != 0)
262 return BR_ERR_BAD_SIGNATURE
;
265 if (!ctx
->eng
.iecdsa(ctx
->eng
.iec
, hv
, hv_len
, &pk
->key
.ec
,
266 ctx
->eng
.pad
, sig_len
))
268 return BR_ERR_BAD_SIGNATURE
;
275 * Perform client-side ECDH (or ECDHE). The point that should be sent to
276 * the server is written in the pad; returned value is either the point
277 * length (in bytes), or -x on error, with 'x' being an error code.
279 * The point _from_ the server is taken from ecdhe_point[] if 'ecdhe'
280 * is non-zero, or from the X.509 engine context if 'ecdhe' is zero
284 make_pms_ecdh(br_ssl_client_context
*ctx
, unsigned ecdhe
, int prf_id
)
287 unsigned char key
[66], point
[133];
288 const unsigned char *generator
, *order
, *point_src
;
289 size_t glen
, olen
, point_len
;
293 curve
= ctx
->eng
.ecdhe_curve
;
294 point_src
= ctx
->eng
.ecdhe_point
;
295 point_len
= ctx
->eng
.ecdhe_point_len
;
297 const br_x509_class
**xc
;
298 const br_x509_pkey
*pk
;
300 xc
= ctx
->eng
.x509ctx
;
301 pk
= (*xc
)->get_pkey(xc
, NULL
);
302 curve
= pk
->key
.ec
.curve
;
303 point_src
= pk
->key
.ec
.q
;
304 point_len
= pk
->key
.ec
.qlen
;
306 if ((ctx
->eng
.iec
->supported_curves
& ((uint32_t)1 << curve
)) == 0) {
307 return -BR_ERR_INVALID_ALGORITHM
;
311 * We need to generate our key, as a non-zero random value which
312 * is lower than the curve order, in a "large enough" range. We
313 * force top bit to 0 and bottom bit to 1, which guarantees that
314 * the value is in the proper range.
316 order
= ctx
->eng
.iec
->order(curve
, &olen
);
318 while (mask
>= order
[0]) {
321 br_hmac_drbg_generate(&ctx
->eng
.rng
, key
, olen
);
323 key
[olen
- 1] |= 0x01;
326 * Compute the common ECDH point, whose X coordinate is the
329 generator
= ctx
->eng
.iec
->generator(curve
, &glen
);
330 if (glen
!= point_len
) {
331 return -BR_ERR_INVALID_ALGORITHM
;
334 memcpy(point
, point_src
, glen
);
335 if (!ctx
->eng
.iec
->mul(point
, glen
, key
, olen
, curve
)) {
336 return -BR_ERR_INVALID_ALGORITHM
;
340 * The pre-master secret is the X coordinate.
342 br_ssl_engine_compute_master(&ctx
->eng
, prf_id
, point
+ 1, glen
>> 1);
344 memcpy(point
, generator
, glen
);
345 if (!ctx
->eng
.iec
->mul(point
, glen
, key
, olen
, curve
)) {
346 return -BR_ERR_INVALID_ALGORITHM
;
348 memcpy(ctx
->eng
.pad
, point
, glen
);
353 * Perform full static ECDH. This occurs only in the context of client
354 * authentication with certificates: the server uses an EC public key,
355 * the cipher suite is of type ECDH (not ECDHE), the server requested a
356 * client certificate and accepts static ECDH, the client has a
357 * certificate with an EC public key in the same curve, and accepts
358 * static ECDH as well.
360 * Returned value is 0 on success, -1 on error.
363 make_pms_static_ecdh(br_ssl_client_context
*ctx
, int prf_id
)
365 unsigned char point
[133];
367 const br_x509_class
**xc
;
368 const br_x509_pkey
*pk
;
370 xc
= ctx
->eng
.x509ctx
;
371 pk
= (*xc
)->get_pkey(xc
, NULL
);
372 point_len
= pk
->key
.ec
.qlen
;
373 if (point_len
> sizeof point
) {
376 memcpy(point
, pk
->key
.ec
.q
, point_len
);
377 if (!(*ctx
->client_auth_vtable
)->do_keyx(
378 ctx
->client_auth_vtable
, point
, point_len
))
382 br_ssl_engine_compute_master(&ctx
->eng
,
383 prf_id
, point
+ 1, point_len
>> 1);
388 * Compute the client-side signature. This is invoked only when a
389 * signature-based client authentication was selected. The computed
390 * signature is in the pad; its length (in bytes) is returned. On
391 * error, 0 is returned.
394 make_client_sign(br_ssl_client_context
*ctx
)
399 * Compute hash of handshake messages so far. This "cannot" fail
400 * because the list of supported hash functions provided to the
401 * client certificate handler was trimmed to include only the
402 * hash functions that the multi-hasher supports.
405 hv_len
= br_multihash_out(&ctx
->eng
.mhash
,
406 ctx
->hash_id
, ctx
->eng
.pad
);
408 br_multihash_out(&ctx
->eng
.mhash
,
409 br_md5_ID
, ctx
->eng
.pad
);
410 br_multihash_out(&ctx
->eng
.mhash
,
411 br_sha1_ID
, ctx
->eng
.pad
+ 16);
414 return (*ctx
->client_auth_vtable
)->do_sign(
415 ctx
->client_auth_vtable
, ctx
->hash_id
, hv_len
,
416 ctx
->eng
.pad
, sizeof ctx
->eng
.pad
);
421 static const uint8_t t0_datablock
[] = {
422 0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
423 0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
424 0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
425 0x24, 0xC0, 0x05, 0x42, 0x24, 0xC0, 0x08, 0x20, 0x24, 0xC0, 0x09, 0x21,
426 0x24, 0xC0, 0x0A, 0x22, 0x24, 0xC0, 0x0D, 0x30, 0x24, 0xC0, 0x0E, 0x31,
427 0x24, 0xC0, 0x0F, 0x32, 0x24, 0xC0, 0x12, 0x10, 0x24, 0xC0, 0x13, 0x11,
428 0x24, 0xC0, 0x14, 0x12, 0x24, 0xC0, 0x23, 0x21, 0x44, 0xC0, 0x24, 0x22,
429 0x55, 0xC0, 0x25, 0x41, 0x44, 0xC0, 0x26, 0x42, 0x55, 0xC0, 0x27, 0x11,
430 0x44, 0xC0, 0x28, 0x12, 0x55, 0xC0, 0x29, 0x31, 0x44, 0xC0, 0x2A, 0x32,
431 0x55, 0xC0, 0x2B, 0x23, 0x04, 0xC0, 0x2C, 0x24, 0x05, 0xC0, 0x2D, 0x43,
432 0x04, 0xC0, 0x2E, 0x44, 0x05, 0xC0, 0x2F, 0x13, 0x04, 0xC0, 0x30, 0x14,
433 0x05, 0xC0, 0x31, 0x33, 0x04, 0xC0, 0x32, 0x34, 0x05, 0xCC, 0xA8, 0x15,
434 0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
437 static const uint8_t t0_codeblock
[] = {
438 0x00, 0x01, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01,
439 0x00, 0x0E, 0x00, 0x00, 0x01, 0x00, 0x0F, 0x00, 0x00, 0x01, 0x01, 0x08,
440 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
441 0x01, 0x02, 0x09, 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
442 T0_INT1(BR_ERR_BAD_CCS
), 0x00, 0x00, 0x01,
443 T0_INT1(BR_ERR_BAD_CIPHER_SUITE
), 0x00, 0x00, 0x01,
444 T0_INT1(BR_ERR_BAD_COMPRESSION
), 0x00, 0x00, 0x01,
445 T0_INT1(BR_ERR_BAD_FINISHED
), 0x00, 0x00, 0x01,
446 T0_INT1(BR_ERR_BAD_FRAGLEN
), 0x00, 0x00, 0x01,
447 T0_INT1(BR_ERR_BAD_HANDSHAKE
), 0x00, 0x00, 0x01,
448 T0_INT1(BR_ERR_BAD_HELLO_DONE
), 0x00, 0x00, 0x01,
449 T0_INT1(BR_ERR_BAD_PARAM
), 0x00, 0x00, 0x01,
450 T0_INT1(BR_ERR_BAD_SECRENEG
), 0x00, 0x00, 0x01,
451 T0_INT1(BR_ERR_BAD_SNI
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_BAD_VERSION
),
452 0x00, 0x00, 0x01, T0_INT1(BR_ERR_EXTRA_EXTENSION
), 0x00, 0x00, 0x01,
453 T0_INT1(BR_ERR_INVALID_ALGORITHM
), 0x00, 0x00, 0x01,
454 T0_INT1(BR_ERR_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OK
),
455 0x00, 0x00, 0x01, T0_INT1(BR_ERR_OVERSIZED_ID
), 0x00, 0x00, 0x01,
456 T0_INT1(BR_ERR_RESUME_MISMATCH
), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_UNEXPECTED
), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_UNSUPPORTED_VERSION
), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_WRONG_KEY_USAGE
), 0x00, 0x00, 0x01,
460 T0_INT2(offsetof(br_ssl_engine_context
, action
)), 0x00, 0x00, 0x01,
461 T0_INT2(offsetof(br_ssl_engine_context
, alert
)), 0x00, 0x00, 0x01,
462 T0_INT2(offsetof(br_ssl_engine_context
, application_data
)), 0x00, 0x00,
463 0x01, T0_INT2(offsetof(br_ssl_client_context
, auth_type
)), 0x00, 0x00,
465 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, cipher_suite
)),
467 T0_INT2(offsetof(br_ssl_engine_context
, client_random
)), 0x00, 0x00,
468 0x01, T0_INT2(offsetof(br_ssl_engine_context
, close_received
)), 0x00,
469 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_curve
)),
471 T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point
)), 0x00, 0x00,
472 0x01, T0_INT2(offsetof(br_ssl_engine_context
, ecdhe_point_len
)), 0x00,
473 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, flags
)), 0x00,
474 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context
, hash_id
)), 0x00,
475 0x00, 0x01, T0_INT2(offsetof(br_ssl_client_context
, hashes
)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, log_max_frag_len
)),
478 T0_INT2(offsetof(br_ssl_client_context
, min_clienthello_len
)), 0x00,
479 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, pad
)), 0x00, 0x00,
480 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_in
)), 0x00,
481 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, record_type_out
)),
482 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, reneg
)),
484 T0_INT2(offsetof(br_ssl_engine_context
, saved_finished
)), 0x00, 0x00,
485 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_name
)), 0x00,
486 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, server_random
)),
488 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id
)),
490 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, session_id_len
)),
492 T0_INT2(offsetof(br_ssl_engine_context
, shutdown_recv
)), 0x00, 0x00,
493 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_buf
)), 0x00, 0x00,
494 0x01, T0_INT2(offsetof(br_ssl_engine_context
, suites_num
)), 0x00, 0x00,
496 T0_INT2(offsetof(br_ssl_engine_context
, session
) + offsetof(br_ssl_session_parameters
, version
)),
497 0x00, 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_in
)),
499 T0_INT2(offsetof(br_ssl_engine_context
, version_max
)), 0x00, 0x00,
500 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_min
)), 0x00,
501 0x00, 0x01, T0_INT2(offsetof(br_ssl_engine_context
, version_out
)),
502 0x00, 0x00, 0x09, 0x25, 0x52, 0x06, 0x02, 0x62, 0x26, 0x00, 0x00, 0x06,
503 0x08, 0x2A, 0x0E, 0x05, 0x02, 0x6B, 0x26, 0x04, 0x01, 0x3A, 0x00, 0x00,
504 0x01, 0x01, 0x00, 0x01, 0x03, 0x00, 0x91, 0x25, 0x58, 0x41, 0x95, 0x25,
505 0x05, 0x04, 0x5A, 0x01, 0x00, 0x00, 0x02, 0x00, 0x0E, 0x06, 0x02, 0x95,
506 0x00, 0x58, 0x04, 0x6B, 0x00, 0x06, 0x02, 0x62, 0x26, 0x00, 0x00, 0x25,
507 0x82, 0x41, 0x05, 0x03, 0x01, 0x0C, 0x08, 0x41, 0x73, 0x2A, 0xA3, 0x1C,
508 0x7E, 0x01, 0x0C, 0x2F, 0x00, 0x00, 0x25, 0x1E, 0x01, 0x08, 0x0B, 0x41,
509 0x56, 0x1E, 0x08, 0x00, 0x01, 0x03, 0x00, 0x01, 0x00, 0x71, 0x3B, 0x27,
510 0x1A, 0x34, 0x06, 0x07, 0x02, 0x00, 0xC5, 0x03, 0x00, 0x04, 0x75, 0x01,
511 0x00, 0xBC, 0x02, 0x00, 0x25, 0x1A, 0x17, 0x06, 0x02, 0x69, 0x26, 0xC5,
512 0x04, 0x76, 0x01, 0x01, 0x00, 0x71, 0x3B, 0x01, 0x16, 0x80, 0x3B, 0x32,
513 0xCB, 0x27, 0xAB, 0x06, 0x09, 0x01, 0x7F, 0xA6, 0x01, 0x7F, 0xC8, 0x04,
514 0x80, 0x53, 0xA8, 0x73, 0x2A, 0x99, 0x01, T0_INT1(BR_KEYTYPE_SIGN
),
515 0x17, 0x06, 0x01, 0xAC, 0xAF, 0x25, 0x01, 0x0D, 0x0E, 0x06, 0x07, 0x24,
516 0xAE, 0xAF, 0x01, 0x7F, 0x04, 0x02, 0x01, 0x00, 0x03, 0x00, 0x01, 0x0E,
517 0x0E, 0x05, 0x02, 0x6C, 0x26, 0x06, 0x02, 0x61, 0x26, 0x31, 0x06, 0x02,
518 0x6C, 0x26, 0x02, 0x00, 0x06, 0x1C, 0xC9, 0x7A, 0x2C, 0x01, 0x81, 0x7F,
519 0x0E, 0x06, 0x0D, 0x24, 0x01, 0x10, 0xD4, 0x01, 0x00, 0xD3, 0x73, 0x2A,
520 0xA3, 0x23, 0x04, 0x04, 0xCC, 0x06, 0x01, 0xCA, 0x04, 0x01, 0xCC, 0x01,
521 0x7F, 0xC8, 0x01, 0x7F, 0xA6, 0x01, 0x01, 0x71, 0x3B, 0x01, 0x17, 0x80,
522 0x3B, 0x00, 0x00, 0x36, 0x36, 0x00, 0x00, 0x92, 0x01, 0x0C, 0x11, 0x01,
523 0x00, 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
524 T0_INT1(BR_KEYTYPE_RSA
| BR_KEYTYPE_KEYX
), 0x04, 0x30, 0x01, 0x01,
525 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
526 T0_INT1(BR_KEYTYPE_RSA
| BR_KEYTYPE_SIGN
), 0x04, 0x25, 0x01, 0x02,
527 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
528 T0_INT1(BR_KEYTYPE_EC
| BR_KEYTYPE_SIGN
), 0x04, 0x1A, 0x01, 0x03,
529 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
530 T0_INT1(BR_KEYTYPE_EC
| BR_KEYTYPE_KEYX
), 0x04, 0x0F, 0x01, 0x04,
531 0x36, 0x0E, 0x06, 0x05, 0x24, 0x01,
532 T0_INT1(BR_KEYTYPE_EC
| BR_KEYTYPE_KEYX
), 0x04, 0x04, 0x01, 0x00,
533 0x41, 0x24, 0x00, 0x00, 0x7C, 0x2C, 0x01, 0x0E, 0x0E, 0x06, 0x04, 0x01,
534 0x00, 0x04, 0x02, 0x01, 0x05, 0x00, 0x00, 0x3D, 0x06, 0x04, 0x01, 0x06,
535 0x04, 0x02, 0x01, 0x00, 0x00, 0x00, 0x81, 0x2C, 0x25, 0x06, 0x08, 0x01,
536 0x01, 0x09, 0x01, 0x11, 0x07, 0x04, 0x03, 0x24, 0x01, 0x05, 0x00, 0x01,
537 0x3E, 0x03, 0x00, 0x24, 0x01, 0x00, 0x40, 0x06, 0x03, 0x02, 0x00, 0x08,
538 0x3F, 0x06, 0x03, 0x02, 0x00, 0x08, 0x25, 0x06, 0x06, 0x01, 0x01, 0x0B,
539 0x01, 0x06, 0x08, 0x00, 0x00, 0x83, 0x3C, 0x25, 0x06, 0x03, 0x01, 0x09,
540 0x08, 0x00, 0x01, 0x3D, 0x25, 0x06, 0x1E, 0x01, 0x00, 0x03, 0x00, 0x25,
541 0x06, 0x0E, 0x25, 0x01, 0x01, 0x17, 0x02, 0x00, 0x08, 0x03, 0x00, 0x01,
542 0x01, 0x11, 0x04, 0x6F, 0x24, 0x02, 0x00, 0x01, 0x01, 0x0B, 0x01, 0x06,
543 0x08, 0x00, 0x00, 0x79, 0x2B, 0x41, 0x11, 0x01, 0x01, 0x17, 0x33, 0x00,
544 0x00, 0x97, 0xC4, 0x25, 0x01, 0x07, 0x17, 0x01, 0x00, 0x36, 0x0E, 0x06,
545 0x09, 0x24, 0x01, 0x10, 0x17, 0x06, 0x01, 0x97, 0x04, 0x2D, 0x01, 0x01,
546 0x36, 0x0E, 0x06, 0x24, 0x24, 0x24, 0x01, 0x00, 0x71, 0x3B, 0xAA, 0x81,
547 0x2C, 0x01, 0x01, 0x0E, 0x01, 0x01, 0xA0, 0x35, 0x06, 0x0F, 0x27, 0x1A,
548 0x34, 0x06, 0x04, 0xC4, 0x24, 0x04, 0x78, 0x01, 0x80, 0x64, 0xBC, 0x04,
549 0x01, 0x97, 0x04, 0x03, 0x6C, 0x26, 0x24, 0x04, 0xFF, 0x3C, 0x01, 0x25,
550 0x03, 0x00, 0x09, 0x25, 0x52, 0x06, 0x02, 0x62, 0x26, 0x02, 0x00, 0x00,
551 0x00, 0x92, 0x01, 0x0F, 0x17, 0x00, 0x00, 0x70, 0x2C, 0x01, 0x00, 0x36,
552 0x0E, 0x06, 0x10, 0x24, 0x25, 0x01, 0x01, 0x0D, 0x06, 0x03, 0x24, 0x01,
553 0x02, 0x70, 0x3B, 0x01, 0x00, 0x04, 0x22, 0x01, 0x01, 0x36, 0x0E, 0x06,
554 0x15, 0x24, 0x01, 0x00, 0x70, 0x3B, 0x25, 0x01, 0x80, 0x64, 0x0E, 0x06,
555 0x05, 0x01, 0x82, 0x00, 0x08, 0x26, 0x54, 0x00, 0x04, 0x07, 0x24, 0x01,
556 0x82, 0x00, 0x08, 0x26, 0x24, 0x00, 0x00, 0x01, 0x00, 0x2D, 0x06, 0x05,
557 0x38, 0xA4, 0x35, 0x04, 0x78, 0x25, 0x06, 0x04, 0x01, 0x01, 0x87, 0x3B,
558 0x00, 0x00, 0x2D, 0x06, 0x0B, 0x7F, 0x2C, 0x01, 0x14, 0x0D, 0x06, 0x02,
559 0x6C, 0x26, 0x04, 0x11, 0xC4, 0x01, 0x07, 0x17, 0x25, 0x01, 0x02, 0x0D,
560 0x06, 0x06, 0x06, 0x02, 0x6C, 0x26, 0x04, 0x70, 0x24, 0xB9, 0x01, 0x01,
561 0x0D, 0x31, 0x35, 0x06, 0x02, 0x5B, 0x26, 0x25, 0x01, 0x01, 0xBF, 0x34,
562 0xA9, 0x00, 0x01, 0xAF, 0x01, 0x0B, 0x0E, 0x05, 0x02, 0x6C, 0x26, 0x25,
563 0x01, 0x03, 0x0E, 0x06, 0x08, 0xB7, 0x06, 0x02, 0x62, 0x26, 0x41, 0x24,
564 0x00, 0x41, 0x51, 0xB7, 0xA2, 0x25, 0x06, 0x23, 0xB7, 0xA2, 0x25, 0x50,
565 0x25, 0x06, 0x18, 0x25, 0x01, 0x82, 0x00, 0x0F, 0x06, 0x05, 0x01, 0x82,
566 0x00, 0x04, 0x01, 0x25, 0x03, 0x00, 0x7E, 0x02, 0x00, 0xAD, 0x02, 0x00,
567 0x4D, 0x04, 0x65, 0x93, 0x4E, 0x04, 0x5A, 0x93, 0x93, 0x4F, 0x25, 0x06,
568 0x02, 0x33, 0x00, 0x24, 0x29, 0x00, 0x00, 0x73, 0x2A, 0x99, 0x01, 0x7F,
569 0xA7, 0x25, 0x52, 0x06, 0x02, 0x33, 0x26, 0x25, 0x05, 0x02, 0x6C, 0x26,
570 0x36, 0x17, 0x0D, 0x06, 0x02, 0x6E, 0x26, 0x39, 0x00, 0x00, 0x94, 0xAF,
571 0x01, 0x14, 0x0D, 0x06, 0x02, 0x6C, 0x26, 0x7E, 0x01, 0x0C, 0x08, 0x01,
572 0x0C, 0xAD, 0x93, 0x7E, 0x25, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x2E, 0x05,
573 0x02, 0x5E, 0x26, 0x00, 0x00, 0xB0, 0x06, 0x02, 0x6C, 0x26, 0x06, 0x02,
574 0x60, 0x26, 0x00, 0x09, 0xAF, 0x01, 0x02, 0x0E, 0x05, 0x02, 0x6C, 0x26,
575 0xB6, 0x03, 0x00, 0x02, 0x00, 0x8D, 0x2A, 0x0A, 0x02, 0x00, 0x8C, 0x2A,
576 0x0F, 0x35, 0x06, 0x02, 0x6D, 0x26, 0x02, 0x00, 0x8B, 0x2A, 0x0D, 0x06,
577 0x02, 0x65, 0x26, 0x02, 0x00, 0x8E, 0x3A, 0x84, 0x01, 0x20, 0xAD, 0x01,
578 0x00, 0x03, 0x01, 0xB8, 0x03, 0x02, 0x02, 0x02, 0x01, 0x20, 0x0F, 0x06,
579 0x02, 0x6A, 0x26, 0x7E, 0x02, 0x02, 0xAD, 0x02, 0x02, 0x86, 0x2C, 0x0E,
580 0x02, 0x02, 0x01, 0x00, 0x0F, 0x17, 0x06, 0x0B, 0x85, 0x7E, 0x02, 0x02,
581 0x2E, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x01, 0x85, 0x7E, 0x02, 0x02, 0x2F,
582 0x02, 0x02, 0x86, 0x3B, 0x02, 0x00, 0x8A, 0x02, 0x01, 0x90, 0xB6, 0x25,
583 0xBA, 0x52, 0x06, 0x02, 0x5C, 0x26, 0x73, 0x02, 0x01, 0x90, 0xB8, 0x06,
584 0x02, 0x5D, 0x26, 0x25, 0x06, 0x81, 0x2D, 0xB6, 0xA2, 0x9E, 0x03, 0x03,
585 0x9C, 0x03, 0x04, 0x9A, 0x03, 0x05, 0x9D, 0x03, 0x06, 0x9F, 0x03, 0x07,
586 0x9B, 0x03, 0x08, 0x25, 0x06, 0x81, 0x03, 0xB6, 0x01, 0x00, 0x36, 0x0E,
587 0x06, 0x0F, 0x24, 0x02, 0x03, 0x05, 0x02, 0x66, 0x26, 0x01, 0x00, 0x03,
588 0x03, 0xB5, 0x04, 0x80, 0x6A, 0x01, 0x01, 0x36, 0x0E, 0x06, 0x0F, 0x24,
589 0x02, 0x05, 0x05, 0x02, 0x66, 0x26, 0x01, 0x00, 0x03, 0x05, 0xB3, 0x04,
590 0x80, 0x55, 0x01, 0x83, 0xFE, 0x01, 0x36, 0x0E, 0x06, 0x0E, 0x24, 0x02,
591 0x04, 0x05, 0x02, 0x66, 0x26, 0x01, 0x00, 0x03, 0x04, 0xB4, 0x04, 0x3F,
592 0x01, 0x0D, 0x36, 0x0E, 0x06, 0x0E, 0x24, 0x02, 0x06, 0x05, 0x02, 0x66,
593 0x26, 0x01, 0x00, 0x03, 0x06, 0xB1, 0x04, 0x2B, 0x01, 0x0A, 0x36, 0x0E,
594 0x06, 0x0E, 0x24, 0x02, 0x07, 0x05, 0x02, 0x66, 0x26, 0x01, 0x00, 0x03,
595 0x07, 0xB1, 0x04, 0x17, 0x01, 0x0B, 0x36, 0x0E, 0x06, 0x0E, 0x24, 0x02,
596 0x08, 0x05, 0x02, 0x66, 0x26, 0x01, 0x00, 0x03, 0x08, 0xB1, 0x04, 0x03,
597 0x66, 0x26, 0x24, 0x04, 0xFE, 0x79, 0x02, 0x04, 0x06, 0x0D, 0x02, 0x04,
598 0x01, 0x05, 0x0F, 0x06, 0x02, 0x63, 0x26, 0x01, 0x01, 0x81, 0x3B, 0x93,
599 0x93, 0x02, 0x01, 0x00, 0x04, 0xAF, 0x01, 0x0C, 0x0E, 0x05, 0x02, 0x6C,
600 0x26, 0xB8, 0x01, 0x03, 0x0E, 0x05, 0x02, 0x67, 0x26, 0xB6, 0x25, 0x76,
601 0x3B, 0x25, 0x01, 0x20, 0x10, 0x06, 0x02, 0x67, 0x26, 0x3D, 0x41, 0x11,
602 0x01, 0x01, 0x17, 0x05, 0x02, 0x67, 0x26, 0xB8, 0x25, 0x01, 0x81, 0x05,
603 0x0F, 0x06, 0x02, 0x67, 0x26, 0x25, 0x78, 0x3B, 0x77, 0x41, 0xAD, 0x8A,
604 0x2A, 0x01, 0x86, 0x03, 0x10, 0x03, 0x00, 0x73, 0x2A, 0xC2, 0x03, 0x01,
605 0x01, 0x02, 0x03, 0x02, 0x02, 0x00, 0x06, 0x21, 0xB8, 0x25, 0x25, 0x01,
606 0x02, 0x0A, 0x41, 0x01, 0x06, 0x0F, 0x35, 0x06, 0x02, 0x67, 0x26, 0x03,
607 0x02, 0xB8, 0x02, 0x01, 0x01, 0x01, 0x0B, 0x01, 0x03, 0x08, 0x0E, 0x05,
608 0x02, 0x67, 0x26, 0x04, 0x08, 0x02, 0x01, 0x06, 0x04, 0x01, 0x00, 0x03,
609 0x02, 0xB6, 0x25, 0x03, 0x03, 0x25, 0x01, 0x84, 0x00, 0x0F, 0x06, 0x02,
610 0x68, 0x26, 0x7E, 0x41, 0xAD, 0x02, 0x02, 0x02, 0x01, 0x02, 0x03, 0x4A,
611 0x25, 0x06, 0x01, 0x26, 0x24, 0x93, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01,
612 0x02, 0x00, 0x8F, 0x02, 0x01, 0x02, 0x00, 0x37, 0x25, 0x01, 0x00, 0x0E,
613 0x06, 0x02, 0x5A, 0x00, 0xC6, 0x04, 0x74, 0x02, 0x01, 0x00, 0x03, 0x00,
614 0xB8, 0xA2, 0x25, 0x06, 0x80, 0x43, 0xB8, 0x01, 0x01, 0x36, 0x0E, 0x06,
615 0x06, 0x24, 0x01, 0x81, 0x7F, 0x04, 0x2E, 0x01, 0x80, 0x40, 0x36, 0x0E,
616 0x06, 0x07, 0x24, 0x01, 0x83, 0xFE, 0x00, 0x04, 0x20, 0x01, 0x80, 0x41,
617 0x36, 0x0E, 0x06, 0x07, 0x24, 0x01, 0x84, 0x80, 0x00, 0x04, 0x12, 0x01,
618 0x80, 0x42, 0x36, 0x0E, 0x06, 0x07, 0x24, 0x01, 0x88, 0x80, 0x00, 0x04,
619 0x04, 0x01, 0x00, 0x41, 0x24, 0x02, 0x00, 0x35, 0x03, 0x00, 0x04, 0xFF,
620 0x39, 0x93, 0x73, 0x2A, 0xC0, 0x05, 0x09, 0x02, 0x00, 0x01, 0x83, 0xFF,
621 0x7F, 0x17, 0x03, 0x00, 0x8A, 0x2A, 0x01, 0x86, 0x03, 0x10, 0x06, 0x3A,
622 0xB2, 0x25, 0x7B, 0x3A, 0x3E, 0x24, 0x25, 0x01, 0x08, 0x0B, 0x35, 0x01,
623 0x8C, 0x80, 0x00, 0x35, 0x17, 0x02, 0x00, 0x17, 0x02, 0x00, 0x01, 0x8C,
624 0x80, 0x00, 0x17, 0x06, 0x19, 0x25, 0x01, 0x81, 0x7F, 0x17, 0x06, 0x05,
625 0x01, 0x84, 0x80, 0x00, 0x35, 0x25, 0x01, 0x83, 0xFE, 0x00, 0x17, 0x06,
626 0x05, 0x01, 0x88, 0x80, 0x00, 0x35, 0x03, 0x00, 0x04, 0x09, 0x02, 0x00,
627 0x01, 0x8C, 0x88, 0x01, 0x17, 0x03, 0x00, 0x16, 0xB6, 0xA2, 0x25, 0x06,
628 0x23, 0xB6, 0xA2, 0x25, 0x15, 0x25, 0x06, 0x18, 0x25, 0x01, 0x82, 0x00,
629 0x0F, 0x06, 0x05, 0x01, 0x82, 0x00, 0x04, 0x01, 0x25, 0x03, 0x01, 0x7E,
630 0x02, 0x01, 0xAD, 0x02, 0x01, 0x12, 0x04, 0x65, 0x93, 0x13, 0x04, 0x5A,
631 0x93, 0x14, 0x93, 0x02, 0x00, 0x28, 0x00, 0x00, 0xB0, 0x25, 0x54, 0x06,
632 0x07, 0x24, 0x06, 0x02, 0x60, 0x26, 0x04, 0x74, 0x00, 0x00, 0xB9, 0x01,
633 0x03, 0xB7, 0x41, 0x24, 0x41, 0x00, 0x00, 0xB6, 0xBD, 0x00, 0x03, 0x01,
634 0x00, 0x03, 0x00, 0xB6, 0xA2, 0x25, 0x06, 0x32, 0xB8, 0x03, 0x01, 0xB8,
635 0x03, 0x02, 0x02, 0x01, 0x01, 0x02, 0x10, 0x02, 0x01, 0x01, 0x06, 0x0C,
636 0x17, 0x02, 0x02, 0x01, 0x01, 0x0E, 0x02, 0x02, 0x01, 0x03, 0x0E, 0x35,
637 0x17, 0x06, 0x11, 0x02, 0x00, 0x01, 0x01, 0x02, 0x02, 0x57, 0x01, 0x02,
638 0x0B, 0x02, 0x01, 0x08, 0x0B, 0x35, 0x03, 0x00, 0x04, 0x4B, 0x93, 0x02,
639 0x00, 0x00, 0x00, 0xB6, 0x01, 0x01, 0x0E, 0x05, 0x02, 0x5F, 0x26, 0xB8,
640 0x01, 0x08, 0x08, 0x7C, 0x2C, 0x0E, 0x05, 0x02, 0x5F, 0x26, 0x00, 0x00,
641 0xB6, 0x81, 0x2C, 0x05, 0x15, 0x01, 0x01, 0x0E, 0x05, 0x02, 0x63, 0x26,
642 0xB8, 0x01, 0x00, 0x0E, 0x05, 0x02, 0x63, 0x26, 0x01, 0x02, 0x81, 0x3B,
643 0x04, 0x1C, 0x01, 0x19, 0x0E, 0x05, 0x02, 0x63, 0x26, 0xB8, 0x01, 0x18,
644 0x0E, 0x05, 0x02, 0x63, 0x26, 0x7E, 0x01, 0x18, 0xAD, 0x82, 0x7E, 0x01,
645 0x18, 0x2E, 0x05, 0x02, 0x63, 0x26, 0x00, 0x00, 0xB6, 0x06, 0x02, 0x64,
646 0x26, 0x00, 0x00, 0x01, 0x02, 0x8F, 0xB9, 0x01, 0x08, 0x0B, 0xB9, 0x08,
647 0x00, 0x00, 0x01, 0x03, 0x8F, 0xB9, 0x01, 0x08, 0x0B, 0xB9, 0x08, 0x01,
648 0x08, 0x0B, 0xB9, 0x08, 0x00, 0x00, 0x01, 0x01, 0x8F, 0xB9, 0x00, 0x00,
649 0x38, 0x25, 0x52, 0x05, 0x01, 0x00, 0x24, 0xC6, 0x04, 0x76, 0x02, 0x03,
650 0x00, 0x89, 0x2C, 0x03, 0x01, 0x01, 0x00, 0x25, 0x02, 0x01, 0x0A, 0x06,
651 0x10, 0x25, 0x01, 0x01, 0x0B, 0x88, 0x08, 0x2A, 0x02, 0x00, 0x0E, 0x06,
652 0x01, 0x00, 0x56, 0x04, 0x6A, 0x24, 0x01, 0x7F, 0x00, 0x00, 0x01, 0x15,
653 0x80, 0x3B, 0x41, 0x4C, 0x24, 0x4C, 0x24, 0x27, 0x00, 0x00, 0x01, 0x01,
654 0x41, 0xBB, 0x00, 0x00, 0x41, 0x36, 0x8F, 0x41, 0x25, 0x06, 0x05, 0xB9,
655 0x24, 0x57, 0x04, 0x78, 0x24, 0x00, 0x00, 0x25, 0x01, 0x81, 0xAC, 0x00,
656 0x0E, 0x06, 0x04, 0x24, 0x01, 0x7F, 0x00, 0x92, 0x53, 0x00, 0x02, 0x03,
657 0x00, 0x73, 0x2A, 0x92, 0x03, 0x01, 0x02, 0x01, 0x01, 0x0F, 0x17, 0x02,
658 0x01, 0x01, 0x04, 0x11, 0x01, 0x0F, 0x17, 0x02, 0x01, 0x01, 0x08, 0x11,
659 0x01, 0x0F, 0x17, 0x01, 0x00, 0x36, 0x0E, 0x06, 0x10, 0x24, 0x01, 0x00,
660 0x01, 0x18, 0x02, 0x00, 0x06, 0x03, 0x44, 0x04, 0x01, 0x45, 0x04, 0x80,
661 0x68, 0x01, 0x01, 0x36, 0x0E, 0x06, 0x10, 0x24, 0x01, 0x01, 0x01, 0x10,
662 0x02, 0x00, 0x06, 0x03, 0x44, 0x04, 0x01, 0x45, 0x04, 0x80, 0x52, 0x01,
663 0x02, 0x36, 0x0E, 0x06, 0x0F, 0x24, 0x01, 0x01, 0x01, 0x20, 0x02, 0x00,
664 0x06, 0x03, 0x44, 0x04, 0x01, 0x45, 0x04, 0x3D, 0x01, 0x03, 0x36, 0x0E,
665 0x06, 0x0E, 0x24, 0x24, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x42, 0x04,
666 0x01, 0x43, 0x04, 0x29, 0x01, 0x04, 0x36, 0x0E, 0x06, 0x0E, 0x24, 0x24,
667 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x42, 0x04, 0x01, 0x43, 0x04, 0x15,
668 0x01, 0x05, 0x36, 0x0E, 0x06, 0x0C, 0x24, 0x24, 0x02, 0x00, 0x06, 0x03,
669 0x46, 0x04, 0x01, 0x47, 0x04, 0x03, 0x62, 0x26, 0x24, 0x00, 0x00, 0x92,
670 0x01, 0x0C, 0x11, 0x01, 0x02, 0x0F, 0x00, 0x00, 0x92, 0x01, 0x0C, 0x11,
671 0x25, 0x55, 0x41, 0x01, 0x03, 0x0A, 0x17, 0x00, 0x00, 0x92, 0x01, 0x0C,
672 0x11, 0x01, 0x01, 0x0E, 0x00, 0x00, 0x92, 0x01, 0x0C, 0x11, 0x54, 0x00,
673 0x00, 0x1B, 0x01, 0x00, 0x6F, 0x2C, 0x25, 0x06, 0x1F, 0x01, 0x01, 0x36,
674 0x0E, 0x06, 0x06, 0x24, 0x01, 0x00, 0x96, 0x04, 0x11, 0x01, 0x02, 0x36,
675 0x0E, 0x06, 0x0A, 0x24, 0x71, 0x2C, 0x06, 0x03, 0x01, 0x10, 0x35, 0x04,
676 0x01, 0x24, 0x04, 0x01, 0x24, 0x75, 0x2C, 0x05, 0x33, 0x2D, 0x06, 0x30,
677 0x7F, 0x2C, 0x01, 0x14, 0x36, 0x0E, 0x06, 0x06, 0x24, 0x01, 0x02, 0x35,
678 0x04, 0x22, 0x01, 0x15, 0x36, 0x0E, 0x06, 0x09, 0x24, 0xA5, 0x06, 0x03,
679 0x01, 0x7F, 0x96, 0x04, 0x13, 0x01, 0x16, 0x36, 0x0E, 0x06, 0x06, 0x24,
680 0x01, 0x01, 0x35, 0x04, 0x07, 0x24, 0x01, 0x04, 0x35, 0x01, 0x00, 0x24,
681 0x1A, 0x06, 0x03, 0x01, 0x08, 0x35, 0x00, 0x00, 0x1B, 0x25, 0x05, 0x0F,
682 0x2D, 0x06, 0x0C, 0x7F, 0x2C, 0x01, 0x15, 0x0E, 0x06, 0x04, 0x24, 0xA5,
683 0x04, 0x01, 0x1F, 0x00, 0x00, 0xC4, 0x01, 0x07, 0x17, 0x01, 0x01, 0x0F,
684 0x06, 0x02, 0x6C, 0x26, 0x00, 0x01, 0x03, 0x00, 0x27, 0x1A, 0x06, 0x05,
685 0x02, 0x00, 0x80, 0x3B, 0x00, 0xC4, 0x24, 0x04, 0x74, 0x00, 0x01, 0x14,
686 0xC7, 0x01, 0x01, 0xD4, 0x27, 0x25, 0x01, 0x00, 0xBF, 0x01, 0x16, 0xC7,
687 0xCD, 0x27, 0x00, 0x00, 0x01, 0x0B, 0xD4, 0x48, 0x25, 0x25, 0x01, 0x03,
688 0x08, 0xD3, 0xD3, 0x18, 0x25, 0x52, 0x06, 0x02, 0x24, 0x00, 0xD3, 0x1D,
689 0x25, 0x06, 0x05, 0x7E, 0x41, 0xCE, 0x04, 0x77, 0x24, 0x04, 0x6C, 0x00,
690 0x20, 0x01, 0x0F, 0xD4, 0x25, 0x8A, 0x2A, 0x01, 0x86, 0x03, 0x10, 0x06,
691 0x0C, 0x01, 0x04, 0x08, 0xD3, 0x7A, 0x2C, 0xD4, 0x72, 0x2C, 0xD4, 0x04,
692 0x02, 0x58, 0xD3, 0x25, 0xD2, 0x7E, 0x41, 0xCE, 0x00, 0x02, 0x9C, 0x9E,
693 0x08, 0x9A, 0x08, 0x9D, 0x08, 0x9F, 0x08, 0x9B, 0x08, 0x03, 0x00, 0x01,
694 0x01, 0xD4, 0x01, 0x27, 0x86, 0x2C, 0x08, 0x89, 0x2C, 0x01, 0x01, 0x0B,
695 0x08, 0x02, 0x00, 0x06, 0x04, 0x58, 0x02, 0x00, 0x08, 0x7D, 0x2A, 0x36,
696 0x09, 0x25, 0x55, 0x06, 0x24, 0x02, 0x00, 0x05, 0x04, 0x41, 0x58, 0x41,
697 0x59, 0x01, 0x04, 0x09, 0x25, 0x52, 0x06, 0x03, 0x24, 0x01, 0x00, 0x25,
698 0x01, 0x04, 0x08, 0x02, 0x00, 0x08, 0x03, 0x00, 0x41, 0x01, 0x04, 0x08,
699 0x36, 0x08, 0x41, 0x04, 0x03, 0x24, 0x01, 0x7F, 0x03, 0x01, 0xD3, 0x8C,
700 0x2A, 0xD2, 0x74, 0x01, 0x04, 0x19, 0x74, 0x01, 0x04, 0x08, 0x01, 0x1C,
701 0x30, 0x74, 0x01, 0x20, 0xCE, 0x85, 0x86, 0x2C, 0xD0, 0x89, 0x2C, 0x25,
702 0x01, 0x01, 0x0B, 0xD2, 0x88, 0x41, 0x25, 0x06, 0x0F, 0x57, 0x36, 0x2A,
703 0x25, 0xBE, 0x05, 0x02, 0x5C, 0x26, 0xD2, 0x41, 0x58, 0x41, 0x04, 0x6E,
704 0x5A, 0x01, 0x01, 0xD4, 0x01, 0x00, 0xD4, 0x02, 0x00, 0x06, 0x81, 0x22,
705 0x02, 0x00, 0xD2, 0x9C, 0x06, 0x0E, 0x01, 0x83, 0xFE, 0x01, 0xD2, 0x82,
706 0x9C, 0x01, 0x04, 0x09, 0x25, 0xD2, 0x57, 0xD0, 0x9E, 0x06, 0x16, 0x01,
707 0x00, 0xD2, 0x83, 0x9E, 0x01, 0x04, 0x09, 0x25, 0xD2, 0x01, 0x02, 0x09,
708 0x25, 0xD2, 0x01, 0x00, 0xD4, 0x01, 0x03, 0x09, 0xCF, 0x9A, 0x06, 0x0C,
709 0x01, 0x01, 0xD2, 0x01, 0x01, 0xD2, 0x7C, 0x2C, 0x01, 0x08, 0x09, 0xD4,
710 0x9D, 0x06, 0x19, 0x01, 0x0D, 0xD2, 0x9D, 0x01, 0x04, 0x09, 0x25, 0xD2,
711 0x01, 0x02, 0x09, 0xD2, 0x3F, 0x06, 0x03, 0x01, 0x03, 0xD1, 0x40, 0x06,
712 0x03, 0x01, 0x01, 0xD1, 0x9F, 0x25, 0x06, 0x22, 0x01, 0x0A, 0xD2, 0x01,
713 0x04, 0x09, 0x25, 0xD2, 0x59, 0xD2, 0x3D, 0x01, 0x00, 0x25, 0x01, 0x20,
714 0x0A, 0x06, 0x0C, 0x98, 0x11, 0x01, 0x01, 0x17, 0x06, 0x02, 0x25, 0xD2,
715 0x56, 0x04, 0x6E, 0x5A, 0x04, 0x01, 0x24, 0x9B, 0x06, 0x0A, 0x01, 0x0B,
716 0xD2, 0x01, 0x02, 0xD2, 0x01, 0x82, 0x00, 0xD2, 0x02, 0x01, 0x52, 0x05,
717 0x11, 0x01, 0x15, 0xD2, 0x02, 0x01, 0x25, 0xD2, 0x25, 0x06, 0x06, 0x57,
718 0x01, 0x00, 0xD4, 0x04, 0x77, 0x24, 0x00, 0x00, 0x01, 0x10, 0xD4, 0x73,
719 0x2A, 0x25, 0xC3, 0x06, 0x0C, 0xA3, 0x22, 0x25, 0x58, 0xD3, 0x25, 0xD2,
720 0x7E, 0x41, 0xCE, 0x04, 0x0D, 0x25, 0xC1, 0x41, 0xA3, 0x21, 0x25, 0x56,
721 0xD3, 0x25, 0xD4, 0x7E, 0x41, 0xCE, 0x00, 0x00, 0x94, 0x01, 0x14, 0xD4,
722 0x01, 0x0C, 0xD3, 0x7E, 0x01, 0x0C, 0xCE, 0x00, 0x00, 0x4B, 0x25, 0x01,
723 0x00, 0x0E, 0x06, 0x02, 0x5A, 0x00, 0xC4, 0x24, 0x04, 0x73, 0x00, 0x25,
724 0xD2, 0xCE, 0x00, 0x00, 0x25, 0xD4, 0xCE, 0x00, 0x01, 0x03, 0x00, 0x3E,
725 0x24, 0x25, 0x01, 0x10, 0x17, 0x06, 0x06, 0x01, 0x04, 0xD4, 0x02, 0x00,
726 0xD4, 0x25, 0x01, 0x08, 0x17, 0x06, 0x06, 0x01, 0x03, 0xD4, 0x02, 0x00,
727 0xD4, 0x25, 0x01, 0x20, 0x17, 0x06, 0x06, 0x01, 0x05, 0xD4, 0x02, 0x00,
728 0xD4, 0x25, 0x01, 0x80, 0x40, 0x17, 0x06, 0x06, 0x01, 0x06, 0xD4, 0x02,
729 0x00, 0xD4, 0x01, 0x04, 0x17, 0x06, 0x06, 0x01, 0x02, 0xD4, 0x02, 0x00,
730 0xD4, 0x00, 0x00, 0x25, 0x01, 0x08, 0x49, 0xD4, 0xD4, 0x00, 0x00, 0x25,
731 0x01, 0x10, 0x49, 0xD4, 0xD2, 0x00, 0x00, 0x25, 0x4C, 0x06, 0x02, 0x24,
732 0x00, 0xC4, 0x24, 0x04, 0x76
735 static const uint16_t t0_caddr
[] = {
869 #define T0_INTERPRETED 82
871 #define T0_ENTER(ip, rp, slot) do { \
872 const unsigned char *t0_newip; \
874 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
875 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
877 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
881 #define T0_DEFENTRY(name, slot) \
885 t0_context *t0ctx = ctx; \
886 t0ctx->ip = &t0_codeblock[0]; \
887 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
890 T0_DEFENTRY(br_ssl_hs_client_init_main
, 161)
892 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
895 br_ssl_hs_client_run(void *t0ctx
)
898 const unsigned char *ip
;
900 #define T0_LOCAL(x) (*(rp - 2 - (x)))
901 #define T0_POP() (*-- dp)
902 #define T0_POPi() (*(int32_t *)(-- dp))
903 #define T0_PEEK(x) (*(dp - 1 - (x)))
904 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
905 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
906 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
907 #define T0_RPOP() (*-- rp)
908 #define T0_RPOPi() (*(int32_t *)(-- rp))
909 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
910 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
911 #define T0_ROLL(x) do { \
912 size_t t0len = (size_t)(x); \
913 uint32_t t0tmp = *(dp - 1 - t0len); \
914 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
917 #define T0_SWAP() do { \
918 uint32_t t0tmp = *(dp - 2); \
919 *(dp - 2) = *(dp - 1); \
922 #define T0_ROT() do { \
923 uint32_t t0tmp = *(dp - 3); \
924 *(dp - 3) = *(dp - 2); \
925 *(dp - 2) = *(dp - 1); \
928 #define T0_NROT() do { \
929 uint32_t t0tmp = *(dp - 1); \
930 *(dp - 1) = *(dp - 2); \
931 *(dp - 2) = *(dp - 3); \
934 #define T0_PICK(x) do { \
935 uint32_t t0depth = (x); \
936 T0_PUSH(T0_PEEK(t0depth)); \
938 #define T0_CO() do { \
941 #define T0_RET() goto t0_next
943 dp
= ((t0_context
*)t0ctx
)->dp
;
944 rp
= ((t0_context
*)t0ctx
)->rp
;
945 ip
= ((t0_context
*)t0ctx
)->ip
;
952 if (t0x
< T0_INTERPRETED
) {
964 ip
= &t0_codeblock
[t0x
];
966 case 1: /* literal constant */
967 T0_PUSHi(t0_parse7E_signed(&ip
));
969 case 2: /* read local */
970 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
972 case 3: /* write local */
973 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
976 t0off
= t0_parse7E_signed(&ip
);
979 case 5: /* jump if */
980 t0off
= t0_parse7E_signed(&ip
);
985 case 6: /* jump if not */
986 t0off
= t0_parse7E_signed(&ip
);
994 uint32_t b
= T0_POP();
995 uint32_t a
= T0_POP();
1003 uint32_t b
= T0_POP();
1004 uint32_t a
= T0_POP();
1012 uint32_t b
= T0_POP();
1013 uint32_t a
= T0_POP();
1021 int32_t b
= T0_POPi();
1022 int32_t a
= T0_POPi();
1023 T0_PUSH(-(uint32_t)(a
< b
));
1030 int c
= (int)T0_POPi();
1031 uint32_t x
= T0_POP();
1039 int32_t b
= T0_POPi();
1040 int32_t a
= T0_POPi();
1041 T0_PUSH(-(uint32_t)(a
<= b
));
1048 uint32_t b
= T0_POP();
1049 uint32_t a
= T0_POP();
1050 T0_PUSH(-(uint32_t)(a
!= b
));
1057 uint32_t b
= T0_POP();
1058 uint32_t a
= T0_POP();
1059 T0_PUSH(-(uint32_t)(a
== b
));
1066 int32_t b
= T0_POPi();
1067 int32_t a
= T0_POPi();
1068 T0_PUSH(-(uint32_t)(a
> b
));
1075 int32_t b
= T0_POPi();
1076 int32_t a
= T0_POPi();
1077 T0_PUSH(-(uint32_t)(a
>= b
));
1084 int c
= (int)T0_POPi();
1085 int32_t x
= T0_POPi();
1091 /* anchor-dn-append-name */
1096 if (CTX
->client_auth_vtable
!= NULL
) {
1097 (*CTX
->client_auth_vtable
)->append_name(
1098 CTX
->client_auth_vtable
, ENG
->pad
, len
);
1104 /* anchor-dn-end-name */
1106 if (CTX
->client_auth_vtable
!= NULL
) {
1107 (*CTX
->client_auth_vtable
)->end_name(
1108 CTX
->client_auth_vtable
);
1114 /* anchor-dn-end-name-list */
1116 if (CTX
->client_auth_vtable
!= NULL
) {
1117 (*CTX
->client_auth_vtable
)->end_name_list(
1118 CTX
->client_auth_vtable
);
1124 /* anchor-dn-start-name */
1129 if (CTX
->client_auth_vtable
!= NULL
) {
1130 (*CTX
->client_auth_vtable
)->start_name(
1131 CTX
->client_auth_vtable
, len
);
1137 /* anchor-dn-start-name-list */
1139 if (CTX
->client_auth_vtable
!= NULL
) {
1140 (*CTX
->client_auth_vtable
)->start_name_list(
1141 CTX
->client_auth_vtable
);
1149 uint32_t b
= T0_POP();
1150 uint32_t a
= T0_POP();
1158 if (ENG
->chain_len
== 0) {
1161 ENG
->cert_cur
= ENG
->chain
->data
;
1162 ENG
->cert_len
= ENG
->chain
->data_len
;
1165 T0_PUSH(ENG
->cert_len
);
1173 size_t len
= (size_t)T0_POP();
1174 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1175 memset(addr
, 0, len
);
1182 T0_PUSHi(-(ENG
->hlen_out
> 0));
1192 /* compute-Finished-inner */
1194 int prf_id
= T0_POP();
1195 int from_client
= T0_POPi();
1196 unsigned char seed
[48];
1199 br_tls_prf_impl prf
= br_ssl_engine_get_PRF(ENG
, prf_id
);
1200 if (ENG
->session
.version
>= BR_TLS12
) {
1201 seed_len
= br_multihash_out(&ENG
->mhash
, prf_id
, seed
);
1203 br_multihash_out(&ENG
->mhash
, br_md5_ID
, seed
);
1204 br_multihash_out(&ENG
->mhash
, br_sha1_ID
, seed
+ 16);
1207 prf(ENG
->pad
, 12, ENG
->session
.master_secret
,
1208 sizeof ENG
->session
.master_secret
,
1209 from_client
? "client finished" : "server finished",
1215 /* copy-cert-chunk */
1219 clen
= ENG
->cert_len
;
1220 if (clen
> sizeof ENG
->pad
) {
1221 clen
= sizeof ENG
->pad
;
1223 memcpy(ENG
->pad
, ENG
->cert_cur
, clen
);
1224 ENG
->cert_cur
+= clen
;
1225 ENG
->cert_len
-= clen
;
1233 size_t addr
= T0_POP();
1234 T0_PUSH(t0_datablock
[addr
]);
1246 /* do-client-sign */
1250 sig_len
= make_client_sign(CTX
);
1252 br_ssl_engine_fail(ENG
, BR_ERR_INVALID_ALGORITHM
);
1262 unsigned prf_id
= T0_POP();
1263 unsigned ecdhe
= T0_POP();
1266 x
= make_pms_ecdh(CTX
, ecdhe
, prf_id
);
1268 br_ssl_engine_fail(ENG
, -x
);
1277 /* do-rsa-encrypt */
1281 x
= make_pms_rsa(CTX
, T0_POP());
1283 br_ssl_engine_fail(ENG
, -x
);
1292 /* do-static-ecdh */
1294 unsigned prf_id
= T0_POP();
1296 if (make_pms_static_ecdh(CTX
, prf_id
) < 0) {
1297 br_ssl_engine_fail(ENG
, BR_ERR_INVALID_ALGORITHM
);
1310 T0_PUSH(T0_PEEK(0));
1316 br_ssl_engine_fail(ENG
, (int)T0_POPi());
1324 br_ssl_engine_flush_record(ENG
);
1329 /* get-client-chain */
1331 uint32_t auth_types
;
1333 auth_types
= T0_POP();
1334 if (CTX
->client_auth_vtable
!= NULL
) {
1335 br_ssl_client_certificate ux
;
1337 (*CTX
->client_auth_vtable
)->choose(CTX
->client_auth_vtable
,
1338 CTX
, auth_types
, &ux
);
1339 CTX
->auth_type
= (unsigned char)ux
.auth_type
;
1340 CTX
->hash_id
= (unsigned char)ux
.hash_id
;
1341 ENG
->chain
= ux
.chain
;
1342 ENG
->chain_len
= ux
.chain_len
;
1351 /* get-key-type-usages */
1353 const br_x509_class
*xc
;
1354 const br_x509_pkey
*pk
;
1357 xc
= *(ENG
->x509ctx
);
1358 pk
= xc
->get_pkey(ENG
->x509ctx
, &usages
);
1362 T0_PUSH(pk
->key_type
| usages
);
1370 size_t addr
= (size_t)T0_POP();
1371 T0_PUSH(*(uint16_t *)((unsigned char *)ENG
+ addr
));
1378 size_t addr
= (size_t)T0_POP();
1379 T0_PUSH(*(uint32_t *)((unsigned char *)ENG
+ addr
));
1386 size_t addr
= (size_t)T0_POP();
1387 T0_PUSH(*((unsigned char *)ENG
+ addr
));
1394 T0_PUSHi(-(ENG
->hlen_in
!= 0));
1401 size_t len
= (size_t)T0_POP();
1402 void *addr2
= (unsigned char *)ENG
+ (size_t)T0_POP();
1403 void *addr1
= (unsigned char *)ENG
+ (size_t)T0_POP();
1404 int x
= memcmp(addr1
, addr2
, len
);
1405 T0_PUSH((uint32_t)-(x
== 0));
1412 size_t len
= (size_t)T0_POP();
1413 void *src
= (unsigned char *)ENG
+ (size_t)T0_POP();
1414 void *dst
= (unsigned char *)ENG
+ (size_t)T0_POP();
1415 memcpy(dst
, src
, len
);
1422 size_t len
= (size_t)T0_POP();
1423 void *addr
= (unsigned char *)ENG
+ (size_t)T0_POP();
1424 br_hmac_drbg_generate(&ENG
->rng
, addr
, len
);
1429 /* more-incoming-bytes? */
1431 T0_PUSHi(ENG
->hlen_in
!= 0 || !br_ssl_engine_recvrec_finished(ENG
));
1436 /* multihash-init */
1438 br_multihash_init(&ENG
->mhash
);
1445 uint32_t a
= T0_POP();
1453 uint32_t a
= T0_POP();
1461 uint32_t b
= T0_POP();
1462 uint32_t a
= T0_POP();
1469 T0_PUSH(T0_PEEK(1));
1473 /* read-chunk-native */
1475 size_t clen
= ENG
->hlen_in
;
1481 if ((size_t)len
< clen
) {
1484 memcpy((unsigned char *)ENG
+ addr
, ENG
->hbuf_in
, clen
);
1485 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1486 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_in
, clen
);
1488 T0_PUSH(addr
+ (uint32_t)clen
);
1489 T0_PUSH(len
- (uint32_t)clen
);
1490 ENG
->hbuf_in
+= clen
;
1491 ENG
->hlen_in
-= clen
;
1499 if (ENG
->hlen_in
> 0) {
1502 x
= *ENG
->hbuf_in
++;
1503 if (ENG
->record_type_in
== BR_SSL_HANDSHAKE
) {
1504 br_multihash_update(&ENG
->mhash
, &x
, 1);
1515 /* set-server-curve */
1517 const br_x509_class
*xc
;
1518 const br_x509_pkey
*pk
;
1520 xc
= *(ENG
->x509ctx
);
1521 pk
= xc
->get_pkey(ENG
->x509ctx
, NULL
);
1523 (pk
->key_type
== BR_KEYTYPE_EC
) ? pk
->key
.ec
.curve
: 0;
1530 size_t addr
= (size_t)T0_POP();
1531 *(uint16_t *)((unsigned char *)ENG
+ addr
) = (uint16_t)T0_POP();
1538 size_t addr
= (size_t)T0_POP();
1539 *((unsigned char *)ENG
+ addr
) = (unsigned char)T0_POP();
1546 void *str
= (unsigned char *)ENG
+ (size_t)T0_POP();
1547 T0_PUSH((uint32_t)strlen(str
));
1552 /* supported-curves */
1554 uint32_t x
= ENG
->iec
== NULL
? 0 : ENG
->iec
->supported_curves
;
1560 /* supported-hash-functions */
1567 for (i
= br_sha1_ID
; i
<= br_sha512_ID
; i
++) {
1568 if (br_multihash_getimpl(&ENG
->mhash
, i
)) {
1579 /* supports-ecdsa? */
1581 T0_PUSHi(-(ENG
->iecdsa
!= 0));
1586 /* supports-rsa-sign? */
1588 T0_PUSHi(-(ENG
->irsavrfy
!= 0));
1598 /* switch-aesgcm-in */
1600 int is_client
, prf_id
;
1601 unsigned cipher_key_len
;
1603 cipher_key_len
= T0_POP();
1605 is_client
= T0_POP();
1606 br_ssl_engine_switch_gcm_in(ENG
, is_client
, prf_id
,
1607 ENG
->iaes_ctr
, cipher_key_len
);
1612 /* switch-aesgcm-out */
1614 int is_client
, prf_id
;
1615 unsigned cipher_key_len
;
1617 cipher_key_len
= T0_POP();
1619 is_client
= T0_POP();
1620 br_ssl_engine_switch_gcm_out(ENG
, is_client
, prf_id
,
1621 ENG
->iaes_ctr
, cipher_key_len
);
1628 int is_client
, prf_id
, mac_id
, aes
;
1629 unsigned cipher_key_len
;
1631 cipher_key_len
= T0_POP();
1635 is_client
= T0_POP();
1636 br_ssl_engine_switch_cbc_in(ENG
, is_client
, prf_id
, mac_id
,
1637 aes
? ENG
->iaes_cbcdec
: ENG
->ides_cbcdec
, cipher_key_len
);
1642 /* switch-cbc-out */
1644 int is_client
, prf_id
, mac_id
, aes
;
1645 unsigned cipher_key_len
;
1647 cipher_key_len
= T0_POP();
1651 is_client
= T0_POP();
1652 br_ssl_engine_switch_cbc_out(ENG
, is_client
, prf_id
, mac_id
,
1653 aes
? ENG
->iaes_cbcenc
: ENG
->ides_cbcenc
, cipher_key_len
);
1658 /* switch-chapol-in */
1660 int is_client
, prf_id
;
1663 is_client
= T0_POP();
1664 br_ssl_engine_switch_chapol_in(ENG
, is_client
, prf_id
);
1669 /* switch-chapol-out */
1671 int is_client
, prf_id
;
1674 is_client
= T0_POP();
1675 br_ssl_engine_switch_chapol_out(ENG
, is_client
, prf_id
);
1680 /* total-chain-length */
1686 for (u
= 0; u
< ENG
->chain_len
; u
++) {
1687 total
+= 3 + (uint32_t)ENG
->chain
[u
].data_len
;
1696 int c
= (int)T0_POPi();
1697 uint32_t x
= T0_POP();
1703 /* verify-SKE-sig */
1705 size_t sig_len
= T0_POP();
1706 int use_rsa
= T0_POPi();
1707 int hash
= T0_POPi();
1709 T0_PUSH(verify_SKE_sig(CTX
, hash
, use_rsa
, sig_len
));
1714 /* write-blob-chunk */
1716 size_t clen
= ENG
->hlen_out
;
1722 if ((size_t)len
< clen
) {
1725 memcpy(ENG
->hbuf_out
, (unsigned char *)ENG
+ addr
, clen
);
1726 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1727 br_multihash_update(&ENG
->mhash
, ENG
->hbuf_out
, clen
);
1729 T0_PUSH(addr
+ (uint32_t)clen
);
1730 T0_PUSH(len
- (uint32_t)clen
);
1731 ENG
->hbuf_out
+= clen
;
1732 ENG
->hlen_out
-= clen
;
1742 x
= (unsigned char)T0_POP();
1743 if (ENG
->hlen_out
> 0) {
1744 if (ENG
->record_type_out
== BR_SSL_HANDSHAKE
) {
1745 br_multihash_update(&ENG
->mhash
, &x
, 1);
1747 *ENG
->hbuf_out
++ = x
;
1759 const br_x509_class
*xc
;
1762 xc
= *(ENG
->x509ctx
);
1764 xc
->append(ENG
->x509ctx
, ENG
->pad
, len
);
1771 const br_x509_class
*xc
;
1773 xc
= *(ENG
->x509ctx
);
1774 xc
->end_cert(ENG
->x509ctx
);
1779 /* x509-end-chain */
1781 const br_x509_class
*xc
;
1783 xc
= *(ENG
->x509ctx
);
1784 T0_PUSH(xc
->end_chain(ENG
->x509ctx
));
1789 /* x509-start-cert */
1791 const br_x509_class
*xc
;
1793 xc
= *(ENG
->x509ctx
);
1794 xc
->start_cert(ENG
->x509ctx
, T0_POP());
1799 /* x509-start-chain */
1801 const br_x509_class
*xc
;
1805 xc
= *(ENG
->x509ctx
);
1806 xc
->start_chain(ENG
->x509ctx
, bc
? ENG
->server_name
: NULL
);
1813 T0_ENTER(ip
, rp
, t0x
);
1817 ((t0_context
*)t0ctx
)->dp
= dp
;
1818 ((t0_context
*)t0ctx
)->rp
= rp
;
1819 ((t0_context
*)t0ctx
)->ip
= ip
;