aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>2022-04-28 15:58:20 +0000
committerAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>2022-04-28 15:58:20 +0000
commite7cdd665bc8b65e7fe03d3421de42a0187daa694 (patch)
tree9c582ddacc6bcaa666defcc6bc8f6af51ce27816
parent7fa2d67e27228c176053ca3b2a54992b3319492a (diff)
parent9f169a5cf62f5790cfe84f16db74c6bc5b116145 (diff)
downloadopen-dice-android13-frc-scheduling-release.tar.gz
Snap for 8512216 from 9f169a5cf62f5790cfe84f16db74c6bc5b116145 to tm-frc-scheduling-releaset_frc_sch_330443040t_frc_sch_330443010android13-frc-scheduling-release
Change-Id: I1069cffd9c5553d44d6dac230ff308b11572975b
Diffstat
-rw-r--r--Android.bp6
-rw-r--r--BUILD.gn12
-rw-r--r--BUILDCONFIG.gn6
-rw-r--r--include/dice/dice.h12
-rw-r--r--include/dice/known_test_values.h68
-rw-r--r--rules.mk3
-rw-r--r--src/android/BUILD.gn3
-rw-r--r--src/android/bcc.c113
-rw-r--r--src/android/bcc_test.cc23
-rw-r--r--src/boringssl_ed25519_ops.c (renamed from src/boringssl_hash_kdf_sign_ops.c)26
-rw-r--r--src/boringssl_hash_kdf_ops.c43
-rw-r--r--src/dice.c12
-rw-r--r--src/dice_test.cc20
-rw-r--r--src/template_cert_op.c2
-rw-r--r--third_party/boringssl/BUILD.generated.gni22
-rw-r--r--third_party/boringssl/err_data.c1358
-rw-r--r--toolchains/BUILD.gn7
17 files changed, 965 insertions, 771 deletions
diff --git a/Android.bp b/Android.bp
index d25c5f9..37745e4 100644
--- a/Android.bp
+++ b/Android.bp
@@ -28,7 +28,8 @@ cc_library_static {
host_supported: true,
vendor_available: true,
srcs: [
- "src/boringssl_hash_kdf_sign_ops.c",
+ "src/boringssl_hash_kdf_ops.c",
+ "src/boringssl_ed25519_ops.c",
"src/cbor_cert_op.c",
"src/cbor_writer.c",
"src/clear_memory.c",
@@ -210,7 +211,8 @@ rust_bindgen {
// import it instead from open_dice_cbor_bindgen.
"--blocklist-type=DiceInputValues_",
"--blocklist-type=DiceInputValues",
- "--raw-line", "pub use open_dice_cbor_bindgen::DiceInputValues;",
+ "--raw-line",
+ "pub use open_dice_cbor_bindgen::DiceInputValues;",
],
rustlibs: [
diff --git a/BUILD.gn b/BUILD.gn
index fa15140..f2c68a9 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -66,7 +66,8 @@ pw_static_library("dice_with_boringssl_ops") {
]
sources = [
"src/boringssl_cert_op.c",
- "src/boringssl_hash_kdf_sign_ops.c",
+ "src/boringssl_hash_kdf_ops.c",
+ "src/boringssl_ed25519_ops.c",
"src/clear_memory.c",
"src/dice.c",
"src/utils.c",
@@ -104,7 +105,8 @@ pw_static_library("dice_with_cbor_cert") {
"include/dice/utils.h",
]
sources = [
- "src/boringssl_hash_kdf_sign_ops.c",
+ "src/boringssl_hash_kdf_ops.c",
+ "src/boringssl_ed25519_ops.c",
"src/cbor_cert_op.c",
"src/clear_memory.c",
"src/dice.c",
@@ -123,7 +125,8 @@ pw_static_library("dice_with_cbor_template_cert") {
"include/dice/utils.h",
]
sources = [
- "src/boringssl_hash_kdf_sign_ops.c",
+ "src/boringssl_hash_kdf_ops.c",
+ "src/boringssl_ed25519_ops.c",
"src/clear_memory.c",
"src/dice.c",
"src/template_cbor_cert_op.c",
@@ -141,7 +144,8 @@ pw_static_library("dice_with_x509_template_cert") {
"include/dice/utils.h",
]
sources = [
- "src/boringssl_hash_kdf_sign_ops.c",
+ "src/boringssl_hash_kdf_ops.c",
+ "src/boringssl_ed25519_ops.c",
"src/clear_memory.c",
"src/dice.c",
"src/template_cert_op.c",
diff --git a/BUILDCONFIG.gn b/BUILDCONFIG.gn
index 5a2ac67..a393863 100644
--- a/BUILDCONFIG.gn
+++ b/BUILDCONFIG.gn
@@ -16,5 +16,7 @@ _pigweed_directory = {
import("//build_overrides/pigweed.gni")
}
-# The default toolchain is not used in Pigweed builds.
-set_default_toolchain("${_pigweed_directory.dir_pw_toolchain}/dummy")
+# The default toolchain is not used in Pigweed builds, so it is set to a
+# toolchain that cannot compile C/C++ code. The top-level BUILD.gn should stamp
+# a group with all of the build targets and their toolchains.
+set_default_toolchain("${_pigweed_directory.dir_pw_toolchain}/default")
diff --git a/include/dice/dice.h b/include/dice/dice.h
index 2e83424..cf54942 100644
--- a/include/dice/dice.h
+++ b/include/dice/dice.h
@@ -116,6 +116,9 @@ DiceResult DiceDeriveCdiCertificateId(void* context,
// Given a full set of input values and the current CDI values, computes the
// next CDI values and a matching certificate. See the Open Profile for DICE
// specification for a detailed explanation of this flow.
+// In certain cases, the caller may not need to generate the CDI certificate.
+// The caller should signal this by setting the certificate parameters to
+// null/zero values appropriately.
//
// Parameters:
// context: Context provided by the caller that is opaque to this library
@@ -129,16 +132,19 @@ DiceResult DiceDeriveCdiCertificateId(void* context,
// input_values: A set of input values describing the target program or
// system.
// next_cdi_certificate_buffer_size: The size in bytes of the buffer pointed
-// to by the |next_cdi_certificate| argument.
+// to by the |next_cdi_certificate| argument. This should be set to zero
+// if next CDI certificate should not be computed.
// next_cdi_certificate: On success, will be populated with the generated
// certificate, up to |next_cdi_certificate_buffer_size| in size. If the
// certificate cannot fit in the buffer, |next_cdi_certificate_size| is
// populated with the required size and kDiceResultBufferTooSmall is
-// returned.
+// returned. This should be set to NULL if next CDI certificate should
+// not be computed.
// next_cdi_certificate_actual_size: On success, will be populated with the
// size, in bytes, of the certificate data written to
// |next_cdi_certificate|. If kDiceResultBufferTooSmall is returned, will
-// be populated with the required buffer size.
+// be populated with the required buffer size. This should be set to NULL
+// if next CDI certificate should not be computed.
// next_cdi_attest: On success, will be populated with the next CDI value for
// attestation.
// next_cdi_seal: On success, will be populated with the next CDI value for
diff --git a/include/dice/known_test_values.h b/include/dice/known_test_values.h
index 49ddfb9..90c565a 100644
--- a/include/dice/known_test_values.h
+++ b/include/dice/known_test_values.h
@@ -86,10 +86,10 @@ constexpr uint8_t kExpectedCdiSeal_ZeroInput[32] = {
// 209:d=2 hl=2 l= 1 prim: ENUMERATED :00
//
// Signature Algorithm: ED25519
-// cd:8e:a8:d0:f5:12:b5:28:64:11:47:11:db:12:cf:b2:27:64:
-// 22:8d:a3:76:27:98:32:6e:6c:5a:44:10:ef:b3:ae:39:96:04:
-// 53:57:72:a6:11:2b:58:78:59:06:0b:a6:a8:23:0a:aa:20:73:
-// 91:0e:fb:1a:39:c1:d1:86:41:0b
+// ba:e1:ef:9f:c5:b6:88:be:4a:67:22:b4:47:44:50:25:b6:37:
+// 68:8b:1a:29:27:9e:46:c6:d0:68:d8:6d:19:ed:50:55:ca:24:
+// 41:71:a5:b5:37:0d:60:2b:85:08:f9:38:6c:95:c6:77:33:11:
+// a2:28:a5:49:5b:87:05:e4:e8:0d
constexpr uint8_t kExpectedX509Ed25519Cert_ZeroInput[635] = {
0x30, 0x82, 0x02, 0x77, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x67, 0xc2, 0x2a, 0x88, 0x59, 0x06, 0x2b, 0x98, 0x68,
@@ -118,7 +118,7 @@ constexpr uint8_t kExpectedX509Ed25519Cert_ZeroInput[635] = {
0xe8, 0xe7, 0x2b, 0x0b, 0xcd, 0x9f, 0x59, 0x34, 0x9c, 0x89, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02,
0x02, 0x04, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
- 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0x01, 0x30, 0x81, 0xe3, 0x06, 0x0a,
+ 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x81, 0xe3, 0x06, 0x0a,
0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x01, 0x18, 0x04, 0x81,
0xd4, 0x30, 0x81, 0xd1, 0xa0, 0x42, 0x04, 0x40, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -138,12 +138,12 @@ constexpr uint8_t kExpectedX509Ed25519Cert_ZeroInput[635] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xa6, 0x03, 0x0a, 0x01, 0x00, 0x30, 0x05, 0x06,
- 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0xcd, 0x8e, 0xa8, 0xd0, 0xf5,
- 0x12, 0xb5, 0x28, 0x64, 0x11, 0x47, 0x11, 0xdb, 0x12, 0xcf, 0xb2, 0x27,
- 0x64, 0x22, 0x8d, 0xa3, 0x76, 0x27, 0x98, 0x32, 0x6e, 0x6c, 0x5a, 0x44,
- 0x10, 0xef, 0xb3, 0xae, 0x39, 0x96, 0x04, 0x53, 0x57, 0x72, 0xa6, 0x11,
- 0x2b, 0x58, 0x78, 0x59, 0x06, 0x0b, 0xa6, 0xa8, 0x23, 0x0a, 0xaa, 0x20,
- 0x73, 0x91, 0x0e, 0xfb, 0x1a, 0x39, 0xc1, 0xd1, 0x86, 0x41, 0x0b};
+ 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0xba, 0xe1, 0xef, 0x9f, 0xc5,
+ 0xb6, 0x88, 0xbe, 0x4a, 0x67, 0x22, 0xb4, 0x47, 0x44, 0x50, 0x25, 0xb6,
+ 0x37, 0x68, 0x8b, 0x1a, 0x29, 0x27, 0x9e, 0x46, 0xc6, 0xd0, 0x68, 0xd8,
+ 0x6d, 0x19, 0xed, 0x50, 0x55, 0xca, 0x24, 0x41, 0x71, 0xa5, 0xb5, 0x37,
+ 0x0d, 0x60, 0x2b, 0x85, 0x08, 0xf9, 0x38, 0x6c, 0x95, 0xc6, 0x77, 0x33,
+ 0x11, 0xa2, 0x28, 0xa5, 0x49, 0x5b, 0x87, 0x05, 0xe4, 0xe8, 0x0d};
// $ openssl x509 -inform DER -noout -text -certopt ext_parse
// Certificate:
@@ -371,10 +371,10 @@ constexpr uint8_t kExpectedCdiSeal_HashOnlyInput[32] = {
// 209:d=2 hl=2 l= 1 prim: ENUMERATED :00
//
// Signature Algorithm: ED25519
-// 48:f5:68:52:d1:f3:1e:06:73:99:a4:77:be:33:61:df:5f:ce:
-// 3f:4f:fb:23:55:f4:94:d9:d1:d0:19:2a:01:b1:21:6b:d2:b8:
-// c6:93:d8:c1:a8:c2:84:88:7a:3c:38:60:3b:20:26:8c:b5:56:
-// 5f:09:a4:f4:49:9b:bb:c6:3c:09
+// 2d:26:2d:e5:ad:8f:4a:d2:78:e3:38:fe:bc:4f:60:67:d8:c3:
+// 20:4b:f1:19:e1:e7:48:c5:9f:51:01:57:62:f1:0d:75:d2:6d:
+// d0:1b:0b:a4:32:f6:55:5a:55:b0:86:c0:e9:f9:6a:35:7c:5e:
+// 40:68:5f:05:ef:f6:52:a7:4c:05
constexpr uint8_t kExpectedX509Ed25519Cert_HashOnlyInput[635] = {
0x30, 0x82, 0x02, 0x77, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x0d, 0x04, 0x0e, 0x2f, 0x46, 0x00, 0x52, 0xa5, 0x31,
@@ -403,7 +403,7 @@ constexpr uint8_t kExpectedX509Ed25519Cert_HashOnlyInput[635] = {
0x1b, 0x91, 0xdb, 0xf9, 0xb4, 0x40, 0x83, 0x32, 0xec, 0x29, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02,
0x02, 0x04, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
- 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0x01, 0x30, 0x81, 0xe3, 0x06, 0x0a,
+ 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x81, 0xe3, 0x06, 0x0a,
0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x01, 0x18, 0x04, 0x81,
0xd4, 0x30, 0x81, 0xd1, 0xa0, 0x42, 0x04, 0x40, 0xb7, 0xd4, 0x0c, 0xcb,
0x22, 0x5b, 0xa5, 0x78, 0x8f, 0x98, 0xff, 0x9e, 0x86, 0x93, 0x75, 0xf6,
@@ -423,12 +423,12 @@ constexpr uint8_t kExpectedX509Ed25519Cert_HashOnlyInput[635] = {
0xd4, 0xfe, 0x92, 0x5f, 0x36, 0x2d, 0xeb, 0x5d, 0xbb, 0x32, 0x8b, 0xe3,
0x94, 0x4f, 0xbe, 0x1b, 0x21, 0xf9, 0xcc, 0x23, 0x73, 0x41, 0xb6, 0xb9,
0xb6, 0x98, 0xd0, 0xbc, 0xa6, 0x03, 0x0a, 0x01, 0x00, 0x30, 0x05, 0x06,
- 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0x48, 0xf5, 0x68, 0x52, 0xd1,
- 0xf3, 0x1e, 0x06, 0x73, 0x99, 0xa4, 0x77, 0xbe, 0x33, 0x61, 0xdf, 0x5f,
- 0xce, 0x3f, 0x4f, 0xfb, 0x23, 0x55, 0xf4, 0x94, 0xd9, 0xd1, 0xd0, 0x19,
- 0x2a, 0x01, 0xb1, 0x21, 0x6b, 0xd2, 0xb8, 0xc6, 0x93, 0xd8, 0xc1, 0xa8,
- 0xc2, 0x84, 0x88, 0x7a, 0x3c, 0x38, 0x60, 0x3b, 0x20, 0x26, 0x8c, 0xb5,
- 0x56, 0x5f, 0x09, 0xa4, 0xf4, 0x49, 0x9b, 0xbb, 0xc6, 0x3c, 0x09};
+ 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0x2d, 0x26, 0x2d, 0xe5, 0xad,
+ 0x8f, 0x4a, 0xd2, 0x78, 0xe3, 0x38, 0xfe, 0xbc, 0x4f, 0x60, 0x67, 0xd8,
+ 0xc3, 0x20, 0x4b, 0xf1, 0x19, 0xe1, 0xe7, 0x48, 0xc5, 0x9f, 0x51, 0x01,
+ 0x57, 0x62, 0xf1, 0x0d, 0x75, 0xd2, 0x6d, 0xd0, 0x1b, 0x0b, 0xa4, 0x32,
+ 0xf6, 0x55, 0x5a, 0x55, 0xb0, 0x86, 0xc0, 0xe9, 0xf9, 0x6a, 0x35, 0x7c,
+ 0x5e, 0x40, 0x68, 0x5f, 0x05, 0xef, 0xf6, 0x52, 0xa7, 0x4c, 0x05};
// $ openssl x509 -inform DER -noout -text -certopt ext_parse
// Certificate:
@@ -677,10 +677,10 @@ constexpr uint8_t kExpectedCdiSeal_DescriptorInput[32] = {
// 427:d=2 hl=2 l= 1 prim: ENUMERATED :00
//
// Signature Algorithm: ED25519
-// ce:e6:a6:f7:5a:09:2e:a9:f1:27:73:46:61:21:5a:f7:15:c4:
-// a5:31:43:37:b5:2f:3d:c8:61:f1:d2:65:56:84:81:e2:c5:c4:
-// a0:87:55:d0:55:15:ce:14:d5:8e:94:5a:f9:b7:0e:09:91:3b:
-// 25:75:e2:ea:cb:7d:37:72:54:0f
+// 70:3c:ba:64:6b:18:2b:3f:26:b3:67:52:3b:3d:08:f5:88:3d:
+// fe:79:d4:b4:e5:70:71:1d:95:f6:9a:ac:ca:f7:23:8b:fd:e2:
+// 22:5b:3b:39:82:99:02:e8:db:67:70:f2:99:9d:f7:3b:73:12:
+// 6a:b0:a0:ac:49:4b:37:06:21:06
constexpr uint8_t kExpectedX509Ed25519Cert_DescriptorInput[855] = {
0x30, 0x82, 0x03, 0x53, 0x30, 0x82, 0x03, 0x05, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x52, 0x1f, 0x03, 0x5c, 0x21, 0xe3, 0x2f, 0x16, 0x74,
@@ -709,7 +709,7 @@ constexpr uint8_t kExpectedX509Ed25519Cert_DescriptorInput[855] = {
0x1e, 0xae, 0x6b, 0xde, 0xd9, 0x3c, 0xe3, 0x21, 0xe0, 0xdf, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02,
0x02, 0x04, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
- 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0x01, 0x30, 0x82, 0x01, 0xbe, 0x06,
+ 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x82, 0x01, 0xbe, 0x06,
0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x01, 0x18, 0x04,
0x82, 0x01, 0xae, 0x30, 0x82, 0x01, 0xaa, 0xa0, 0x42, 0x04, 0x40, 0xb7,
0xd4, 0x0c, 0xcb, 0x22, 0x5b, 0xa5, 0x78, 0x8f, 0x98, 0xff, 0x9e, 0x86,
@@ -747,13 +747,13 @@ constexpr uint8_t kExpectedX509Ed25519Cert_DescriptorInput[855] = {
0xe7, 0x1c, 0x16, 0x62, 0xd5, 0x59, 0xd7, 0x49, 0x2b, 0x6a, 0xa2, 0x36,
0x67, 0x57, 0xd1, 0xf2, 0xf9, 0xaf, 0x13, 0xd7, 0xa3, 0xe4, 0xd3, 0x39,
0x5b, 0x02, 0x78, 0xb1, 0xe0, 0x09, 0x70, 0xa2, 0xa6, 0x03, 0x0a, 0x01,
- 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0xce,
- 0xe6, 0xa6, 0xf7, 0x5a, 0x09, 0x2e, 0xa9, 0xf1, 0x27, 0x73, 0x46, 0x61,
- 0x21, 0x5a, 0xf7, 0x15, 0xc4, 0xa5, 0x31, 0x43, 0x37, 0xb5, 0x2f, 0x3d,
- 0xc8, 0x61, 0xf1, 0xd2, 0x65, 0x56, 0x84, 0x81, 0xe2, 0xc5, 0xc4, 0xa0,
- 0x87, 0x55, 0xd0, 0x55, 0x15, 0xce, 0x14, 0xd5, 0x8e, 0x94, 0x5a, 0xf9,
- 0xb7, 0x0e, 0x09, 0x91, 0x3b, 0x25, 0x75, 0xe2, 0xea, 0xcb, 0x7d, 0x37,
- 0x72, 0x54, 0x0f};
+ 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0x70,
+ 0x3c, 0xba, 0x64, 0x6b, 0x18, 0x2b, 0x3f, 0x26, 0xb3, 0x67, 0x52, 0x3b,
+ 0x3d, 0x08, 0xf5, 0x88, 0x3d, 0xfe, 0x79, 0xd4, 0xb4, 0xe5, 0x70, 0x71,
+ 0x1d, 0x95, 0xf6, 0x9a, 0xac, 0xca, 0xf7, 0x23, 0x8b, 0xfd, 0xe2, 0x22,
+ 0x5b, 0x3b, 0x39, 0x82, 0x99, 0x02, 0xe8, 0xdb, 0x67, 0x70, 0xf2, 0x99,
+ 0x9d, 0xf7, 0x3b, 0x73, 0x12, 0x6a, 0xb0, 0xa0, 0xac, 0x49, 0x4b, 0x37,
+ 0x06, 0x21, 0x06};
// $ openssl x509 -inform DER -noout -text -certopt ext_parse
// Certificate:
diff --git a/rules.mk b/rules.mk
index 13d6cb8..ff5b942 100644
--- a/rules.mk
+++ b/rules.mk
@@ -20,7 +20,8 @@ MODULE := $(LOCAL_DIR)
MODULE_SRCS := \
$(LOCAL_DIR)/src/android/bcc.c \
- $(LOCAL_DIR)/src/boringssl_hash_kdf_sign_ops.c \
+ $(LOCAL_DIR)/src/boringssl_hash_kdf_ops.c \
+ $(LOCAL_DIR)/src/boringssl_ed25519_ops.c \
$(LOCAL_DIR)/src/cbor_cert_op.c \
$(LOCAL_DIR)/src/cbor_writer.c \
$(LOCAL_DIR)/src/clear_memory.c \
diff --git a/src/android/BUILD.gn b/src/android/BUILD.gn
index 4cef1b0..dd8bdbc 100644
--- a/src/android/BUILD.gn
+++ b/src/android/BUILD.gn
@@ -21,6 +21,7 @@ pw_source_set("bcc") {
deps = [
"//:cbor_reader",
"//:cbor_writer",
+ "//:dice_with_cbor_cert",
]
}
@@ -30,7 +31,6 @@ pw_test("bcc_test") {
]
deps = [
":bcc",
- "//:dice_with_cbor_cert",
]
}
@@ -40,6 +40,5 @@ pw_executable("bcc_fuzzer") {
]
deps = [
":bcc",
- "//:dice_with_boringssl_ops",
]
}
diff --git a/src/android/bcc.c b/src/android/bcc.c
index 60a98a0..8855f71 100644
--- a/src/android/bcc.c
+++ b/src/android/bcc.c
@@ -18,7 +18,9 @@
#include "dice/cbor_reader.h"
#include "dice/cbor_writer.h"
+#include "dice/ops/trait/cose.h"
#include "dice/dice.h"
+#include "dice/ops.h"
// Completely gratuitous bit twiddling.
static size_t PopulationCount(uint32_t n) {
@@ -127,6 +129,69 @@ DiceResult BccMainFlow(void* context,
return kDiceResultOk;
}
+static DiceResult BccMainFlowWithNewBcc(
+ void* context, const uint8_t current_cdi_attest[DICE_CDI_SIZE],
+ const uint8_t current_cdi_seal[DICE_CDI_SIZE],
+ const DiceInputValues* input_values, size_t buffer_size, uint8_t* buffer,
+ size_t* bcc_size, uint8_t next_cdi_attest[DICE_CDI_SIZE],
+ uint8_t next_cdi_seal[DICE_CDI_SIZE]) {
+ uint8_t current_cdi_private_key_seed[DICE_PRIVATE_KEY_SEED_SIZE];
+ uint8_t attestation_public_key[DICE_PUBLIC_KEY_SIZE];
+ uint8_t attestation_private_key[DICE_PRIVATE_KEY_SIZE];
+ // Derive an asymmetric private key seed from the current attestation CDI
+ // value.
+ DiceResult result = DiceDeriveCdiPrivateKeySeed(context, current_cdi_attest,
+ current_cdi_private_key_seed);
+ if (result != kDiceResultOk) {
+ goto out;
+ }
+ // Derive attestation key pair.
+ result = DiceKeypairFromSeed(context, current_cdi_private_key_seed,
+ attestation_public_key, attestation_private_key);
+ if (result != kDiceResultOk) {
+ goto out;
+ }
+
+ // Consruct the BCC from the attestation public key and the next CDI
+ // certificate.
+ struct CborOut out;
+ CborOutInit(buffer, buffer_size, &out);
+ CborWriteArray(2, &out);
+ if (CborOutOverflowed(&out)) {
+ result = kDiceResultBufferTooSmall;
+ goto out;
+ }
+ size_t encoded_size_used = CborOutSize(&out);
+ buffer += encoded_size_used;
+ buffer_size -= encoded_size_used;
+
+ size_t encoded_pub_key_size = 0;
+ result = DiceCoseEncodePublicKey(context, attestation_public_key, buffer_size,
+ buffer, &encoded_pub_key_size);
+ if (result != kDiceResultOk) {
+ goto out;
+ }
+
+ buffer += encoded_pub_key_size;
+ buffer_size -= encoded_pub_key_size;
+
+ result = DiceMainFlow(context, current_cdi_attest, current_cdi_seal,
+ input_values, buffer_size, buffer, bcc_size,
+ next_cdi_attest, next_cdi_seal);
+ if (result != kDiceResultOk) {
+ return result;
+ }
+ *bcc_size += encoded_size_used + encoded_pub_key_size;
+
+out:
+ DiceClearMemory(context, sizeof(current_cdi_private_key_seed),
+ current_cdi_private_key_seed);
+ DiceClearMemory(context, sizeof(attestation_private_key),
+ attestation_private_key);
+
+ return result;
+}
+
DiceResult BccHandoverMainFlow(void* context, const uint8_t* bcc_handover,
size_t bcc_handover_size,
const DiceInputValues* input_values,
@@ -146,13 +211,13 @@ DiceResult BccHandoverMainFlow(void* context, const uint8_t* bcc_handover,
// BccHandover = {
// 1 : bstr .size 32, ; CDI_Attest
// 2 : bstr .size 32, ; CDI_Seal
- // 3 : Bcc, ; Certificate chain
+ // ? 3 : Bcc, ; Certificate chain
// }
struct CborIn in;
int64_t label;
size_t item_size;
CborInInit(bcc_handover, bcc_handover_size, &in);
- if (CborReadMap(&in, &item_size) != CBOR_READ_RESULT_OK || item_size < 3 ||
+ if (CborReadMap(&in, &item_size) != CBOR_READ_RESULT_OK || item_size < 2 ||
// Read the attestation CDI.
CborReadInt(&in, &label) != CBOR_READ_RESULT_OK ||
label != kCdiAttestLabel ||
@@ -163,17 +228,23 @@ DiceResult BccHandoverMainFlow(void* context, const uint8_t* bcc_handover,
CborReadInt(&in, &label) != CBOR_READ_RESULT_OK ||
label != kCdiSealLabel ||
CborReadBstr(&in, &item_size, &current_cdi_seal) != CBOR_READ_RESULT_OK ||
- item_size != DICE_CDI_SIZE ||
- // Read the BCC.
- CborReadInt(&in, &label) != CBOR_READ_RESULT_OK || label != kBccLabel) {
+ item_size != DICE_CDI_SIZE) {
return kDiceResultInvalidInput;
}
- size_t bcc_start = CborInOffset(&in);
- bcc = bcc_handover + bcc_start;
- if (CborReadSkip(&in) != CBOR_READ_RESULT_OK) {
- return kDiceResultInvalidInput;
+
+ size_t bcc_size = 0;
+ // Calculate the BCC size, if the BCC is present in the BccHandover.
+ if (CborReadInt(&in, &label) == CBOR_READ_RESULT_OK) {
+ if (label != kBccLabel) {
+ return kDiceResultInvalidInput;
+ }
+ size_t bcc_start = CborInOffset(&in);
+ bcc = bcc_handover + bcc_start;
+ if (CborReadSkip(&in) != CBOR_READ_RESULT_OK) {
+ return kDiceResultInvalidInput;
+ }
+ bcc_size = CborInOffset(&in) - bcc_start;
}
- size_t bcc_size = CborInOffset(&in) - bcc_start;
// Write the new handover data.
struct CborOut out;
@@ -189,14 +260,24 @@ DiceResult BccHandoverMainFlow(void* context, const uint8_t* bcc_handover,
return kDiceResultBufferTooSmall;
}
- result = BccMainFlow(context, current_cdi_attest, current_cdi_seal, bcc,
- bcc_size, input_values, buffer_size - CborOutSize(&out),
- buffer + CborOutSize(&out), &bcc_size, next_cdi_attest,
- next_cdi_seal);
+ if (bcc_size != 0) {
+ // If BCC is present in the bcc_handover, append the next certificate to the
+ // existing BCC.
+ result = BccMainFlow(context, current_cdi_attest, current_cdi_seal, bcc,
+ bcc_size, input_values, buffer_size - CborOutSize(&out),
+ buffer + CborOutSize(&out), &bcc_size, next_cdi_attest,
+ next_cdi_seal);
+ } else {
+ // If BCC is not present in the bcc_handover, construct BCC from the public key
+ // derived from the current CDI attest and the next CDI certificate.
+ result = BccMainFlowWithNewBcc(
+ context, current_cdi_attest, current_cdi_seal, input_values,
+ buffer_size - CborOutSize(&out), buffer + CborOutSize(&out), &bcc_size,
+ next_cdi_attest, next_cdi_seal);
+ }
if (result != kDiceResultOk) {
- return result;
+ return result;
}
-
*actual_size = CborOutSize(&out) + bcc_size;
return kDiceResultOk;
}
diff --git a/src/android/bcc_test.cc b/src/android/bcc_test.cc
index 20bea0d..44dce5b 100644
--- a/src/android/bcc_test.cc
+++ b/src/android/bcc_test.cc
@@ -114,6 +114,29 @@ TEST(BccHandoverTest, PreservesPreviousEntries) {
EXPECT_EQ(0, memcmp(next_bcc_handover + 73, bcc_handover + 73,
sizeof(bcc_handover) - 8 - 73));
}
+
+TEST(BccHandoverNoCertTest, InHandoverWithoutBccOutHandoverWithBcc) {
+ const uint8_t bcc_handover[] = {
+ 0xa2,
+ // CDI attest
+ 0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ // CDI seal
+ 0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ };
+ DiceInputValues input_values = {};
+ uint8_t next_bcc_handover[1024] = {};
+ size_t next_bcc_handover_size;
+ DiceResult result = BccHandoverMainFlow(
+ /*context=*/NULL, bcc_handover, sizeof(bcc_handover), &input_values,
+ sizeof(next_bcc_handover), next_bcc_handover, &next_bcc_handover_size);
+ EXPECT_EQ(kDiceResultOk, result);
+ EXPECT_GT(next_bcc_handover_size, sizeof(bcc_handover));
+ EXPECT_EQ(0xa3, next_bcc_handover[0]);
+}
}
} // namespace
diff --git a/src/boringssl_hash_kdf_sign_ops.c b/src/boringssl_ed25519_ops.c
index 9198b4a..a1b9797 100644
--- a/src/boringssl_hash_kdf_sign_ops.c
+++ b/src/boringssl_ed25519_ops.c
@@ -1,4 +1,4 @@
-// Copyright 2020 Google LLC
+// Copyright 2022 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not
// use this file except in compliance with the License. You may obtain a copy of
@@ -12,8 +12,7 @@
// License for the specific language governing permissions and limitations under
// the License.
-// This is an implementation of the crypto operations that uses boringssl. The
-// algorithms used are SHA512, HKDF-SHA512, and Ed25519-SHA512.
+// An implementation of the ed25519 signature operations using boringssl.
#include <stdint.h>
@@ -21,9 +20,6 @@
#include "dice/ops.h"
#include "openssl/curve25519.h"
#include "openssl/evp.h"
-#include "openssl/hkdf.h"
-#include "openssl/is_boringssl.h"
-#include "openssl/sha.h"
#if DICE_PRIVATE_KEY_SEED_SIZE != 32
#error "Private key seed is expected to be 32 bytes."
@@ -38,24 +34,6 @@
#error "Ed25519 needs 64 bytes to store the signature."
#endif
-DiceResult DiceHash(void* context_not_used, const uint8_t* input,
- size_t input_size, uint8_t output[DICE_HASH_SIZE]) {
- (void)context_not_used;
- SHA512(input, input_size, output);
- return kDiceResultOk;
-}
-
-DiceResult DiceKdf(void* context_not_used, size_t length, const uint8_t* ikm,
- size_t ikm_size, const uint8_t* salt, size_t salt_size,
- const uint8_t* info, size_t info_size, uint8_t* output) {
- (void)context_not_used;
- if (!HKDF(output, length, EVP_sha512(), ikm, ikm_size, salt, salt_size, info,
- info_size)) {
- return kDiceResultPlatformError;
- }
- return kDiceResultOk;
-}
-
DiceResult DiceKeypairFromSeed(void* context_not_used,
const uint8_t seed[DICE_PRIVATE_KEY_SEED_SIZE],
uint8_t public_key[DICE_PUBLIC_KEY_SIZE],
diff --git a/src/boringssl_hash_kdf_ops.c b/src/boringssl_hash_kdf_ops.c
new file mode 100644
index 0000000..657276a
--- /dev/null
+++ b/src/boringssl_hash_kdf_ops.c
@@ -0,0 +1,43 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not
+// use this file except in compliance with the License. You may obtain a copy of
+// the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations under
+// the License.
+
+// An implementation of the hash and kdf crypto operations using boringssl. The
+// algorithms used are SHA512 and HKDF-SHA512.
+
+#include <stdint.h>
+
+#include "dice/dice.h"
+#include "dice/ops.h"
+#include "openssl/evp.h"
+#include "openssl/hkdf.h"
+#include "openssl/is_boringssl.h"
+#include "openssl/sha.h"
+
+DiceResult DiceHash(void* context_not_used, const uint8_t* input,
+ size_t input_size, uint8_t output[DICE_HASH_SIZE]) {
+ (void)context_not_used;
+ SHA512(input, input_size, output);
+ return kDiceResultOk;
+}
+
+DiceResult DiceKdf(void* context_not_used, size_t length, const uint8_t* ikm,
+ size_t ikm_size, const uint8_t* salt, size_t salt_size,
+ const uint8_t* info, size_t info_size, uint8_t* output) {
+ (void)context_not_used;
+ if (!HKDF(output, length, EVP_sha512(), ikm, ikm_size, salt, salt_size, info,
+ info_size)) {
+ return kDiceResultPlatformError;
+ }
+ return kDiceResultOk;
+}
diff --git a/src/dice.c b/src/dice.c
index e9b0cd9..4bbd712 100644
--- a/src/dice.c
+++ b/src/dice.c
@@ -152,6 +152,14 @@ DiceResult DiceMainFlow(void* context,
goto out;
}
+ // Create the CDI certificate only if it is required (i.e. non-null/non-zero
+ // values are provided for the next CDI certificate parameters).
+ if (next_cdi_certificate == NULL &&
+ next_cdi_certificate_actual_size == NULL &&
+ next_cdi_certificate_buffer_size == 0) {
+ goto out;
+ }
+
// Derive asymmetric private key seeds from the attestation CDI values.
result = DiceDeriveCdiPrivateKeySeed(context, current_cdi_attest,
current_cdi_private_key_seed);
@@ -170,9 +178,7 @@ DiceResult DiceMainFlow(void* context,
context, next_cdi_private_key_seed, current_cdi_private_key_seed,
input_values, next_cdi_certificate_buffer_size, next_cdi_certificate,
next_cdi_certificate_actual_size);
- if (result != kDiceResultOk) {
- goto out;
- }
+
out:
// Clear sensitive memory.
DiceClearMemory(context, sizeof(input_buffer), input_buffer);
diff --git a/src/dice_test.cc b/src/dice_test.cc
index 65330f7..a5d3b9e 100644
--- a/src/dice_test.cc
+++ b/src/dice_test.cc
@@ -198,4 +198,24 @@ TEST(DiceTest, NoExtraneousOps) {
EXPECT_LE(ops.generate_certificate_count_, 1);
}
+TEST(DiceTest, NoCertParamsPreservesCDIs) {
+ FakeDiceOps ops;
+ DiceStateForTest current_state = {};
+ DiceStateForTest next_state = {};
+ DiceStateForTest next_state_no_cert = {};
+ DiceInputValues input_values = {};
+ DiceResult result = DiceMainFlow(
+ &ops, current_state.cdi_attest, current_state.cdi_seal, &input_values,
+ sizeof(next_state.certificate), next_state.certificate,
+ &next_state.certificate_size, next_state.cdi_attest, next_state.cdi_seal);
+ result = DiceMainFlow(
+ &ops, current_state.cdi_attest, current_state.cdi_seal, &input_values, 0,
+ NULL, NULL, next_state_no_cert.cdi_attest, next_state_no_cert.cdi_seal);
+ EXPECT_EQ(kDiceResultOk, result);
+ EXPECT_EQ(0, memcmp(next_state.cdi_attest, next_state_no_cert.cdi_attest,
+ DICE_CDI_SIZE));
+ EXPECT_EQ(0, memcmp(next_state.cdi_seal, next_state_no_cert.cdi_seal,
+ DICE_CDI_SIZE));
+}
+
} // namespace
diff --git a/src/template_cert_op.c b/src/template_cert_op.c
index 0df423a..e577cd2 100644
--- a/src/template_cert_op.c
+++ b/src/template_cert_op.c
@@ -87,7 +87,7 @@ static const uint8_t kTemplate[635] = {
// Constant encoding.
0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04,
0x03, 0x02, 0x02, 0x04, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
- 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0x01, 0x30, 0x81, 0xe3,
+ 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x81, 0xe3,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x01, 0x18,
0x04, 0x81, 0xd4, 0x30, 0x81, 0xd1, 0xa0, 0x42, 0x04, 0x40,
// Offset 356: Code hash, 64 bytes.
diff --git a/third_party/boringssl/BUILD.generated.gni b/third_party/boringssl/BUILD.generated.gni
index aee38c2..fed3f02 100644
--- a/third_party/boringssl/BUILD.generated.gni
+++ b/third_party/boringssl/BUILD.generated.gni
@@ -18,18 +18,19 @@ crypto_sources = [
"src/crypto/asn1/a_object.c",
"src/crypto/asn1/a_octet.c",
"src/crypto/asn1/a_print.c",
+ "src/crypto/asn1/a_strex.c",
"src/crypto/asn1/a_strnid.c",
"src/crypto/asn1/a_time.c",
"src/crypto/asn1/a_type.c",
"src/crypto/asn1/a_utctm.c",
"src/crypto/asn1/a_utf8.c",
"src/crypto/asn1/asn1_lib.c",
- "src/crypto/asn1/asn1_locl.h",
"src/crypto/asn1/asn1_par.c",
"src/crypto/asn1/asn_pack.c",
- "src/crypto/asn1/f_enum.c",
+ "src/crypto/asn1/charmap.h",
"src/crypto/asn1/f_int.c",
"src/crypto/asn1/f_string.c",
+ "src/crypto/asn1/internal.h",
"src/crypto/asn1/tasn_dec.c",
"src/crypto/asn1/tasn_enc.c",
"src/crypto/asn1/tasn_fre.c",
@@ -137,8 +138,8 @@ crypto_sources = [
"src/crypto/fipsmodule/ec/p256-x86_64-table.h",
"src/crypto/fipsmodule/ec/p256-x86_64.h",
"src/crypto/fipsmodule/ec/p256_table.h",
+ "src/crypto/fipsmodule/ecdsa/internal.h",
"src/crypto/fipsmodule/fips_shared_support.c",
- "src/crypto/fipsmodule/is_fips.c",
"src/crypto/fipsmodule/md5/internal.h",
"src/crypto/fipsmodule/modes/internal.h",
"src/crypto/fipsmodule/rand/fork_detect.h",
@@ -149,10 +150,10 @@ crypto_sources = [
"src/crypto/fipsmodule/tls/internal.h",
"src/crypto/hkdf/hkdf.c",
"src/crypto/hpke/hpke.c",
- "src/crypto/hpke/internal.h",
"src/crypto/hrss/hrss.c",
"src/crypto/hrss/internal.h",
"src/crypto/internal.h",
+ "src/crypto/lhash/internal.h",
"src/crypto/lhash/lhash.c",
"src/crypto/mem.c",
"src/crypto/obj/obj.c",
@@ -202,21 +203,19 @@ crypto_sources = [
"src/crypto/trust_token/voprf.c",
"src/crypto/x509/a_digest.c",
"src/crypto/x509/a_sign.c",
- "src/crypto/x509/a_strex.c",
"src/crypto/x509/a_verify.c",
"src/crypto/x509/algorithm.c",
"src/crypto/x509/asn1_gen.c",
"src/crypto/x509/by_dir.c",
"src/crypto/x509/by_file.c",
- "src/crypto/x509/charmap.h",
"src/crypto/x509/i2d_pr.c",
"src/crypto/x509/internal.h",
+ "src/crypto/x509/name_print.c",
"src/crypto/x509/rsa_pss.c",
"src/crypto/x509/t_crl.c",
"src/crypto/x509/t_req.c",
"src/crypto/x509/t_x509.c",
"src/crypto/x509/t_x509a.c",
- "src/crypto/x509/vpm_int.h",
"src/crypto/x509/x509.c",
"src/crypto/x509/x509_att.c",
"src/crypto/x509/x509_cmp.c",
@@ -225,7 +224,6 @@ crypto_sources = [
"src/crypto/x509/x509_ext.c",
"src/crypto/x509/x509_lu.c",
"src/crypto/x509/x509_obj.c",
- "src/crypto/x509/x509_r2x.c",
"src/crypto/x509/x509_req.c",
"src/crypto/x509/x509_set.c",
"src/crypto/x509/x509_trs.c",
@@ -256,7 +254,6 @@ crypto_sources = [
"src/crypto/x509v3/internal.h",
"src/crypto/x509v3/pcy_cache.c",
"src/crypto/x509v3/pcy_data.c",
- "src/crypto/x509v3/pcy_int.h",
"src/crypto/x509v3/pcy_lib.c",
"src/crypto/x509v3/pcy_map.c",
"src/crypto/x509v3/pcy_node.c",
@@ -328,9 +325,11 @@ crypto_headers = [
"src/include/openssl/engine.h",
"src/include/openssl/err.h",
"src/include/openssl/evp.h",
+ "src/include/openssl/evp_errors.h",
"src/include/openssl/ex_data.h",
"src/include/openssl/hkdf.h",
"src/include/openssl/hmac.h",
+ "src/include/openssl/hpke.h",
"src/include/openssl/hrss.h",
"src/include/openssl/is_boringssl.h",
"src/include/openssl/lhash.h",
@@ -375,6 +374,8 @@ ssl_sources = [
"src/ssl/d1_srtp.cc",
"src/ssl/dtls_method.cc",
"src/ssl/dtls_record.cc",
+ "src/ssl/encrypted_client_hello.cc",
+ "src/ssl/extensions.cc",
"src/ssl/handoff.cc",
"src/ssl/handshake.cc",
"src/ssl/handshake_client.cc",
@@ -398,7 +399,6 @@ ssl_sources = [
"src/ssl/ssl_versions.cc",
"src/ssl/ssl_x509.cc",
"src/ssl/t1_enc.cc",
- "src/ssl/t1_lib.cc",
"src/ssl/tls13_both.cc",
"src/ssl/tls13_client.cc",
"src/ssl/tls13_enc.cc",
@@ -423,6 +423,7 @@ tool_sources = [
"src/tool/digest.cc",
"src/tool/fd.cc",
"src/tool/file.cc",
+ "src/tool/generate_ech.cc",
"src/tool/generate_ed25519.cc",
"src/tool/genrsa.cc",
"src/tool/internal.h",
@@ -632,6 +633,7 @@ fuzzers = [
"bn_mod_exp",
"cert",
"client",
+ "decode_client_hello_inner",
"dtls_client",
"dtls_server",
"pkcs12",
diff --git a/third_party/boringssl/err_data.c b/third_party/boringssl/err_data.c
index 75168e6..98bc22a 100644
--- a/third_party/boringssl/err_data.c
+++ b/third_party/boringssl/err_data.c
@@ -55,184 +55,185 @@ OPENSSL_STATIC_ASSERT(ERR_LIB_USER == 33, "library value changed");
OPENSSL_STATIC_ASSERT(ERR_NUM_LIBS == 34, "number of libraries changed");
const uint32_t kOpenSSLReasonValues[] = {
- 0xc320847,
- 0xc328861,
- 0xc330870,
- 0xc338880,
- 0xc34088f,
- 0xc3488a8,
- 0xc3508b4,
- 0xc3588d1,
- 0xc3608f1,
- 0xc3688ff,
- 0xc37090f,
- 0xc37891c,
- 0xc38092c,
- 0xc388937,
- 0xc39094d,
- 0xc39895c,
- 0xc3a0970,
- 0xc3a8854,
+ 0xc320862,
+ 0xc32887c,
+ 0xc33088b,
+ 0xc33889b,
+ 0xc3408aa,
+ 0xc3488c3,
+ 0xc3508cf,
+ 0xc3588ec,
+ 0xc36090c,
+ 0xc36891a,
+ 0xc37092a,
+ 0xc378937,
+ 0xc380947,
+ 0xc388952,
+ 0xc390968,
+ 0xc398977,
+ 0xc3a098b,
+ 0xc3a886f,
0xc3b00f7,
- 0xc3b88e3,
- 0x10320854,
- 0x103295b6,
- 0x103315c2,
- 0x103395db,
- 0x103415ee,
- 0x10348f34,
- 0x10350c6d,
- 0x10359601,
- 0x1036162b,
- 0x1036963e,
- 0x1037165d,
- 0x10379676,
- 0x1038168b,
- 0x103896a9,
- 0x103916b8,
- 0x103996d4,
- 0x103a16ef,
- 0x103a96fe,
- 0x103b171a,
- 0x103b9735,
- 0x103c175b,
+ 0xc3b88fe,
+ 0x1032086f,
+ 0x103295e5,
+ 0x103315f1,
+ 0x1033960a,
+ 0x1034161d,
+ 0x10348f4f,
+ 0x10350c88,
+ 0x10359630,
+ 0x1036165a,
+ 0x1036966d,
+ 0x1037168c,
+ 0x103796a5,
+ 0x103816ba,
+ 0x103896d8,
+ 0x103916e7,
+ 0x10399703,
+ 0x103a171e,
+ 0x103a972d,
+ 0x103b1749,
+ 0x103b9764,
+ 0x103c178a,
0x103c80f7,
- 0x103d176c,
- 0x103d9780,
- 0x103e179f,
- 0x103e97ae,
- 0x103f17c5,
- 0x103f97d8,
- 0x10400c31,
- 0x104097eb,
- 0x10411809,
- 0x1041981c,
- 0x10421836,
- 0x10429846,
- 0x1043185a,
- 0x10439870,
- 0x10441888,
- 0x1044989d,
- 0x104518b1,
- 0x104598c3,
- 0x1046060a,
- 0x1046895c,
- 0x104718d8,
- 0x104798ef,
- 0x10481904,
- 0x10489912,
- 0x10490e80,
- 0x1049974c,
- 0x104a1616,
- 0x14320c14,
- 0x14328c22,
- 0x14330c31,
- 0x14338c43,
+ 0x103d179b,
+ 0x103d97af,
+ 0x103e17ce,
+ 0x103e97dd,
+ 0x103f17f4,
+ 0x103f9807,
+ 0x10400c4c,
+ 0x1040981a,
+ 0x10411838,
+ 0x1041984b,
+ 0x10421865,
+ 0x10429875,
+ 0x10431889,
+ 0x1043989f,
+ 0x104418b7,
+ 0x104498cc,
+ 0x104518e0,
+ 0x104598f2,
+ 0x10460625,
+ 0x10468977,
+ 0x10471907,
+ 0x1047991e,
+ 0x10481933,
+ 0x10489941,
+ 0x10490e9b,
+ 0x1049977b,
+ 0x104a1645,
+ 0x14320c2f,
+ 0x14328c3d,
+ 0x14330c4c,
+ 0x14338c5e,
0x143400b9,
0x143480f7,
0x18320090,
- 0x18328f8a,
+ 0x18328fa5,
0x183300b9,
- 0x18338fa0,
- 0x18340fb4,
+ 0x18338fbb,
+ 0x18340fcf,
0x183480f7,
- 0x18350fd3,
- 0x18358feb,
- 0x18361000,
- 0x18369014,
- 0x18371038,
- 0x1837904e,
- 0x18381062,
- 0x18389072,
- 0x18390a82,
- 0x18399082,
- 0x183a10a8,
- 0x183a90ce,
- 0x183b0c8c,
- 0x183b911d,
- 0x183c112f,
- 0x183c913a,
- 0x183d114a,
- 0x183d915b,
- 0x183e116c,
- 0x183e917e,
- 0x183f11a7,
- 0x183f91c0,
- 0x184011d8,
- 0x184086e2,
- 0x184110f1,
- 0x184190bc,
- 0x184210db,
- 0x18428c79,
- 0x18431097,
- 0x18439103,
- 0x18440fc9,
- 0x20321212,
- 0x203291ff,
- 0x2432121e,
- 0x243289a2,
- 0x24331230,
- 0x2433923d,
- 0x2434124a,
- 0x2434925c,
- 0x2435126b,
- 0x24359288,
- 0x24361295,
- 0x243692a3,
- 0x243712b1,
- 0x243792bf,
- 0x243812c8,
- 0x243892d5,
- 0x243912e8,
- 0x28320c61,
- 0x28328c8c,
- 0x28330c31,
- 0x28338c9f,
- 0x28340c6d,
+ 0x18350fee,
+ 0x18359006,
+ 0x1836101b,
+ 0x1836902f,
+ 0x18371067,
+ 0x1837907d,
+ 0x18381091,
+ 0x183890a1,
+ 0x18390a9d,
+ 0x183990b1,
+ 0x183a10d7,
+ 0x183a90fd,
+ 0x183b0ca7,
+ 0x183b914c,
+ 0x183c115e,
+ 0x183c9169,
+ 0x183d1179,
+ 0x183d918a,
+ 0x183e119b,
+ 0x183e91ad,
+ 0x183f11d6,
+ 0x183f91ef,
+ 0x18401207,
+ 0x184086fd,
+ 0x18411120,
+ 0x184190eb,
+ 0x1842110a,
+ 0x18428c94,
+ 0x184310c6,
+ 0x18439132,
+ 0x18440fe4,
+ 0x18449053,
+ 0x20321241,
+ 0x2032922e,
+ 0x2432124d,
+ 0x243289bd,
+ 0x2433125f,
+ 0x2433926c,
+ 0x24341279,
+ 0x2434928b,
+ 0x2435129a,
+ 0x243592b7,
+ 0x243612c4,
+ 0x243692d2,
+ 0x243712e0,
+ 0x243792ee,
+ 0x243812f7,
+ 0x24389304,
+ 0x24391317,
+ 0x28320c7c,
+ 0x28328ca7,
+ 0x28330c4c,
+ 0x28338cba,
+ 0x28340c88,
0x283480b9,
0x283500f7,
- 0x28358c79,
- 0x2c3230e6,
- 0x2c3292ff,
- 0x2c3330f4,
- 0x2c33b106,
- 0x2c34311a,
- 0x2c34b12c,
- 0x2c353147,
- 0x2c35b159,
- 0x2c363189,
+ 0x28358c94,
+ 0x2c323286,
+ 0x2c32932e,
+ 0x2c333294,
+ 0x2c33b2a6,
+ 0x2c3432ba,
+ 0x2c34b2cc,
+ 0x2c3532e7,
+ 0x2c35b2f9,
+ 0x2c363329,
0x2c36833a,
- 0x2c373196,
- 0x2c37b1c2,
- 0x2c3831e7,
- 0x2c38b1fe,
- 0x2c39321c,
- 0x2c39b22c,
- 0x2c3a323e,
- 0x2c3ab252,
- 0x2c3b3263,
- 0x2c3bb282,
- 0x2c3c1311,
- 0x2c3c9327,
- 0x2c3d3296,
- 0x2c3d9340,
- 0x2c3e32b3,
- 0x2c3eb2c1,
- 0x2c3f32d9,
- 0x2c3fb2f1,
- 0x2c40331b,
- 0x2c409212,
- 0x2c41332c,
- 0x2c41b33f,
- 0x2c4211d8,
- 0x2c42b350,
- 0x2c43072f,
- 0x2c43b274,
- 0x2c4431d5,
- 0x2c44b2fe,
- 0x2c45316c,
- 0x2c45b1a8,
- 0x2c46320c,
+ 0x2c373336,
+ 0x2c37b362,
+ 0x2c383387,
+ 0x2c38b39e,
+ 0x2c3933bc,
+ 0x2c39b3cc,
+ 0x2c3a33de,
+ 0x2c3ab3f2,
+ 0x2c3b3403,
+ 0x2c3bb422,
+ 0x2c3c1340,
+ 0x2c3c9356,
+ 0x2c3d3436,
+ 0x2c3d936f,
+ 0x2c3e3453,
+ 0x2c3eb461,
+ 0x2c3f3479,
+ 0x2c3fb491,
+ 0x2c4034bb,
+ 0x2c409241,
+ 0x2c4134cc,
+ 0x2c41b4df,
+ 0x2c421207,
+ 0x2c42b4f0,
+ 0x2c43074a,
+ 0x2c43b414,
+ 0x2c443375,
+ 0x2c44b49e,
+ 0x2c45330c,
+ 0x2c45b348,
+ 0x2c4633ac,
0x30320000,
0x30328015,
0x3033001f,
@@ -275,514 +276,530 @@ const uint32_t kOpenSSLReasonValues[] = {
0x30458306,
0x3046031f,
0x3046833a,
- 0x30470357,
- 0x30478369,
- 0x30480377,
- 0x30488388,
- 0x30490397,
- 0x304983af,
- 0x304a03c1,
- 0x304a83d5,
- 0x304b03ed,
- 0x304b8400,
- 0x304c040b,
- 0x304c841c,
- 0x304d0428,
- 0x304d843e,
- 0x304e044c,
- 0x304e8462,
- 0x304f0474,
- 0x304f8486,
- 0x305004a9,
- 0x305084bc,
- 0x305104cd,
- 0x305184dd,
- 0x305204f5,
- 0x3052850a,
- 0x30530522,
- 0x30538536,
- 0x3054054e,
- 0x30548567,
- 0x30550580,
- 0x3055859d,
- 0x305605a8,
- 0x305685c0,
- 0x305705d0,
- 0x305785e1,
- 0x305805f4,
- 0x3058860a,
- 0x30590613,
- 0x30598628,
- 0x305a063b,
- 0x305a864a,
- 0x305b066a,
- 0x305b8679,
- 0x305c069a,
- 0x305c86b6,
- 0x305d06c2,
- 0x305d86e2,
- 0x305e06fe,
- 0x305e870f,
- 0x305f0725,
- 0x305f872f,
- 0x30600499,
+ 0x30470372,
+ 0x30478384,
+ 0x30480392,
+ 0x304883a3,
+ 0x304903b2,
+ 0x304983ca,
+ 0x304a03dc,
+ 0x304a83f0,
+ 0x304b0408,
+ 0x304b841b,
+ 0x304c0426,
+ 0x304c8437,
+ 0x304d0443,
+ 0x304d8459,
+ 0x304e0467,
+ 0x304e847d,
+ 0x304f048f,
+ 0x304f84a1,
+ 0x305004c4,
+ 0x305084d7,
+ 0x305104e8,
+ 0x305184f8,
+ 0x30520510,
+ 0x30528525,
+ 0x3053053d,
+ 0x30538551,
+ 0x30540569,
+ 0x30548582,
+ 0x3055059b,
+ 0x305585b8,
+ 0x305605c3,
+ 0x305685db,
+ 0x305705eb,
+ 0x305785fc,
+ 0x3058060f,
+ 0x30588625,
+ 0x3059062e,
+ 0x30598643,
+ 0x305a0656,
+ 0x305a8665,
+ 0x305b0685,
+ 0x305b8694,
+ 0x305c06b5,
+ 0x305c86d1,
+ 0x305d06dd,
+ 0x305d86fd,
+ 0x305e0719,
+ 0x305e872a,
+ 0x305f0740,
+ 0x305f874a,
+ 0x306004b4,
0x3060804a,
- 0x34320b72,
- 0x34328b86,
- 0x34330ba3,
- 0x34338bb6,
- 0x34340bc5,
- 0x34348bfe,
- 0x34350be2,
+ 0x30610357,
+ 0x34320b8d,
+ 0x34328ba1,
+ 0x34330bbe,
+ 0x34338bd1,
+ 0x34340be0,
+ 0x34348c19,
+ 0x34350bfd,
0x3c320090,
- 0x3c328cc9,
- 0x3c330ce2,
- 0x3c338cfd,
- 0x3c340d1a,
- 0x3c348d44,
- 0x3c350d5f,
- 0x3c358d85,
- 0x3c360d9e,
- 0x3c368db6,
- 0x3c370dc7,
- 0x3c378dd5,
- 0x3c380de2,
- 0x3c388df6,
- 0x3c390c8c,
- 0x3c398e19,
- 0x3c3a0e2d,
- 0x3c3a891c,
- 0x3c3b0e3d,
- 0x3c3b8e58,
- 0x3c3c0e6a,
- 0x3c3c8e9d,
- 0x3c3d0ea7,
- 0x3c3d8ebb,
- 0x3c3e0ec9,
- 0x3c3e8eee,
- 0x3c3f0cb5,
- 0x3c3f8ed7,
+ 0x3c328ce4,
+ 0x3c330cfd,
+ 0x3c338d18,
+ 0x3c340d35,
+ 0x3c348d5f,
+ 0x3c350d7a,
+ 0x3c358da0,
+ 0x3c360db9,
+ 0x3c368dd1,
+ 0x3c370de2,
+ 0x3c378df0,
+ 0x3c380dfd,
+ 0x3c388e11,
+ 0x3c390ca7,
+ 0x3c398e34,
+ 0x3c3a0e48,
+ 0x3c3a8937,
+ 0x3c3b0e58,
+ 0x3c3b8e73,
+ 0x3c3c0e85,
+ 0x3c3c8eb8,
+ 0x3c3d0ec2,
+ 0x3c3d8ed6,
+ 0x3c3e0ee4,
+ 0x3c3e8f09,
+ 0x3c3f0cd0,
+ 0x3c3f8ef2,
0x3c4000b9,
0x3c4080f7,
- 0x3c410d35,
- 0x3c418d74,
- 0x3c420e80,
- 0x3c428e0a,
- 0x403219a4,
- 0x403299ba,
- 0x403319e8,
- 0x403399f2,
- 0x40341a09,
- 0x40349a27,
- 0x40351a37,
- 0x40359a49,
- 0x40361a56,
- 0x40369a62,
- 0x40371a77,
- 0x40379a89,
- 0x40381a94,
- 0x40389aa6,
- 0x40390f34,
- 0x40399ab6,
- 0x403a1ac9,
- 0x403a9aea,
- 0x403b1afb,
- 0x403b9b0b,
+ 0x3c410d50,
+ 0x3c418d8f,
+ 0x3c420e9b,
+ 0x3c428e25,
+ 0x403219d3,
+ 0x403299e9,
+ 0x40331a17,
+ 0x40339a21,
+ 0x40341a38,
+ 0x40349a56,
+ 0x40351a66,
+ 0x40359a78,
+ 0x40361a85,
+ 0x40369a91,
+ 0x40371aa6,
+ 0x40379ab8,
+ 0x40381ac3,
+ 0x40389ad5,
+ 0x40390f4f,
+ 0x40399ae5,
+ 0x403a1af8,
+ 0x403a9b19,
+ 0x403b1b2a,
+ 0x403b9b3a,
0x403c0071,
0x403c8090,
- 0x403d1b6c,
- 0x403d9b82,
- 0x403e1b91,
- 0x403e9bc9,
- 0x403f1be3,
- 0x403f9c0b,
- 0x40401c20,
- 0x40409c34,
- 0x40411c6f,
- 0x40419c8a,
- 0x40421ca3,
- 0x40429cb6,
- 0x40431cca,
- 0x40439ce2,
- 0x40441cf9,
+ 0x403d1b9b,
+ 0x403d9bb1,
+ 0x403e1bc0,
+ 0x403e9bf8,
+ 0x403f1c12,
+ 0x403f9c3a,
+ 0x40401c4f,
+ 0x40409c63,
+ 0x40411c9e,
+ 0x40419cb9,
+ 0x40421cd2,
+ 0x40429ce5,
+ 0x40431cf9,
+ 0x40439d27,
+ 0x40441d3e,
0x404480b9,
- 0x40451d0e,
- 0x40459d20,
- 0x40461d44,
- 0x40469d64,
- 0x40471d72,
- 0x40479d99,
- 0x40481e0a,
- 0x40489e3d,
- 0x40491e54,
- 0x40499e6e,
- 0x404a1e85,
- 0x404a9ea3,
- 0x404b1ebb,
- 0x404b9ee8,
- 0x404c1efe,
- 0x404c9f10,
- 0x404d1f31,
- 0x404d9f6a,
- 0x404e1f7e,
- 0x404e9f8b,
- 0x404f1fd2,
- 0x404fa018,
- 0x4050206f,
- 0x4050a083,
- 0x405120b6,
- 0x405220c6,
- 0x4052a0ea,
- 0x40532102,
- 0x4053a115,
- 0x4054212a,
- 0x4054a14d,
- 0x40552178,
- 0x4055a1b5,
- 0x405621da,
- 0x4056a1f3,
- 0x4057220b,
- 0x4057a21e,
- 0x40582233,
- 0x4058a25a,
- 0x40592289,
- 0x4059a2b6,
- 0x405a22ca,
- 0x405aa2da,
- 0x405b22f2,
- 0x405ba303,
- 0x405c2316,
- 0x405ca355,
- 0x405d2362,
- 0x405da387,
- 0x405e23c5,
- 0x405e8ac0,
- 0x405f23e6,
- 0x405fa3f3,
- 0x40602401,
- 0x4060a423,
- 0x40612484,
- 0x4061a4bc,
- 0x406224d3,
- 0x4062a4e4,
- 0x40632531,
- 0x4063a546,
- 0x4064255d,
- 0x4064a589,
- 0x406525a4,
- 0x4065a5bb,
- 0x406625d3,
- 0x4066a5fd,
- 0x40672628,
- 0x4067a66d,
- 0x406826b5,
- 0x4068a6d6,
- 0x40692708,
- 0x4069a736,
- 0x406a2757,
- 0x406aa777,
- 0x406b28ff,
- 0x406ba922,
- 0x406c2938,
- 0x406cac29,
- 0x406d2c58,
- 0x406dac80,
- 0x406e2cae,
- 0x406eacfb,
- 0x406f2d54,
- 0x406fad8c,
- 0x40702d9f,
- 0x4070adbc,
- 0x4071080f,
- 0x4071adce,
- 0x40722de1,
- 0x4072ae17,
- 0x40732e2f,
- 0x40739511,
- 0x40742e43,
- 0x4074ae5d,
- 0x40752e6e,
- 0x4075ae82,
- 0x40762e90,
- 0x407692d5,
- 0x40772eb5,
- 0x4077aed7,
- 0x40782ef2,
- 0x4078af2b,
- 0x40792f42,
- 0x4079af58,
- 0x407a2f84,
- 0x407aaf97,
- 0x407b2fac,
- 0x407bafbe,
- 0x407c2fef,
- 0x407caff8,
- 0x407d26f1,
- 0x407da028,
- 0x407e2f07,
- 0x407ea26a,
- 0x407f1d86,
- 0x407f9ed2,
- 0x40801fe2,
- 0x40809dae,
- 0x408120d8,
- 0x40819fbc,
- 0x40822c99,
- 0x40829b17,
- 0x40832245,
- 0x4083a56e,
- 0x40841dc2,
- 0x4084a2a2,
- 0x40852327,
- 0x4085a44b,
- 0x408623a7,
- 0x4086a042,
- 0x40872cdf,
- 0x4087a499,
- 0x40881b55,
- 0x4088a680,
- 0x40891ba4,
- 0x40899b31,
- 0x408a2970,
- 0x408a9929,
- 0x408b2fd3,
- 0x408bad69,
- 0x408c2337,
- 0x408c9961,
- 0x408d1e23,
- 0x408d9df4,
- 0x408e1f53,
- 0x408ea195,
- 0x408f2694,
- 0x408fa467,
- 0x40902649,
- 0x4090a379,
- 0x40912958,
- 0x40919987,
- 0x40921bf1,
- 0x4092ad1a,
- 0x40932dfa,
- 0x4093a053,
- 0x40941dd6,
- 0x4094a989,
- 0x409524f5,
- 0x4095af64,
- 0x40962cc6,
- 0x40969ffb,
- 0x4097209e,
- 0x40979fa2,
- 0x40981c51,
- 0x4098a509,
- 0x40992d36,
- 0x4099a1c2,
- 0x409a215b,
- 0x409a9945,
- 0x41f4282a,
- 0x41f928bc,
- 0x41fe27af,
- 0x41feaa65,
- 0x41ff2b7a,
- 0x42032843,
- 0x42082865,
- 0x4208a8a1,
- 0x42092793,
- 0x4209a8db,
- 0x420a27ea,
- 0x420aa7ca,
- 0x420b280a,
- 0x420ba883,
- 0x420c2b96,
- 0x420ca999,
- 0x420d2a4c,
- 0x420daa83,
- 0x42122a9d,
- 0x42172b5d,
- 0x4217aadf,
- 0x421c2b01,
- 0x421f2abc,
- 0x42212c0e,
- 0x42262b40,
- 0x422b2bec,
- 0x422baa27,
- 0x422c2bce,
- 0x422ca9da,
- 0x422d29b3,
- 0x422dabad,
- 0x422e2a06,
- 0x42302b1c,
- 0x4432073a,
- 0x44328749,
- 0x44330755,
- 0x44338763,
- 0x44340776,
- 0x44348787,
- 0x4435078e,
- 0x44358798,
- 0x443607ab,
- 0x443687c1,
- 0x443707d3,
- 0x443787e0,
- 0x443807ef,
- 0x443887f7,
- 0x4439080f,
- 0x4439881d,
- 0x443a0830,
- 0x483212ff,
- 0x48329311,
- 0x48331327,
- 0x48339340,
- 0x4c321365,
- 0x4c329375,
- 0x4c331388,
- 0x4c3393a8,
+ 0x40451d53,
+ 0x40459d65,
+ 0x40461d89,
+ 0x40469da9,
+ 0x40471db7,
+ 0x40479dde,
+ 0x40481e4f,
+ 0x40489f09,
+ 0x40491f20,
+ 0x40499f3a,
+ 0x404a1f51,
+ 0x404a9f6f,
+ 0x404b1f87,
+ 0x404b9fb4,
+ 0x404c1fca,
+ 0x404c9fdc,
+ 0x404d1ffd,
+ 0x404da036,
+ 0x404e204a,
+ 0x404ea057,
+ 0x404f20f1,
+ 0x404fa167,
+ 0x405021be,
+ 0x4050a1d2,
+ 0x40512205,
+ 0x40522215,
+ 0x4052a239,
+ 0x40532251,
+ 0x4053a264,
+ 0x40542279,
+ 0x4054a29c,
+ 0x405522c7,
+ 0x4055a304,
+ 0x40562329,
+ 0x4056a342,
+ 0x4057235a,
+ 0x4057a36d,
+ 0x40582382,
+ 0x4058a3a9,
+ 0x405923d8,
+ 0x4059a405,
+ 0x405a2419,
+ 0x405aa429,
+ 0x405b2441,
+ 0x405ba452,
+ 0x405c2465,
+ 0x405ca4a4,
+ 0x405d24b1,
+ 0x405da4d6,
+ 0x405e2514,
+ 0x405e8adb,
+ 0x405f254f,
+ 0x405fa55c,
+ 0x4060256a,
+ 0x4060a58c,
+ 0x406125ed,
+ 0x4061a625,
+ 0x4062263c,
+ 0x4062a64d,
+ 0x4063269a,
+ 0x4063a6af,
+ 0x406426c6,
+ 0x4064a6f2,
+ 0x4065270d,
+ 0x4065a724,
+ 0x4066273c,
+ 0x4066a766,
+ 0x40672791,
+ 0x4067a7d6,
+ 0x4068281e,
+ 0x4068a83f,
+ 0x40692871,
+ 0x4069a89f,
+ 0x406a28c0,
+ 0x406aa8e0,
+ 0x406b2a68,
+ 0x406baa8b,
+ 0x406c2aa1,
+ 0x406cadab,
+ 0x406d2dda,
+ 0x406dae02,
+ 0x406e2e30,
+ 0x406eae7d,
+ 0x406f2ed6,
+ 0x406faf0e,
+ 0x40702f21,
+ 0x4070af3e,
+ 0x4071082a,
+ 0x4071af50,
+ 0x40722f63,
+ 0x4072af99,
+ 0x40732fb1,
+ 0x40739540,
+ 0x40742fc5,
+ 0x4074afdf,
+ 0x40752ff0,
+ 0x4075b004,
+ 0x40763012,
+ 0x40769304,
+ 0x40773037,
+ 0x4077b077,
+ 0x40783092,
+ 0x4078b0cb,
+ 0x407930e2,
+ 0x4079b0f8,
+ 0x407a3124,
+ 0x407ab137,
+ 0x407b314c,
+ 0x407bb15e,
+ 0x407c318f,
+ 0x407cb198,
+ 0x407d285a,
+ 0x407da177,
+ 0x407e30a7,
+ 0x407ea3b9,
+ 0x407f1dcb,
+ 0x407f9f9e,
+ 0x40802101,
+ 0x40809df3,
+ 0x40812227,
+ 0x4081a0a5,
+ 0x40822e1b,
+ 0x40829b46,
+ 0x40832394,
+ 0x4083a6d7,
+ 0x40841e07,
+ 0x4084a3f1,
+ 0x40852476,
+ 0x4085a5b4,
+ 0x408624f6,
+ 0x4086a191,
+ 0x40872e61,
+ 0x4087a602,
+ 0x40881b84,
+ 0x4088a7e9,
+ 0x40891bd3,
+ 0x40899b60,
+ 0x408a2ad9,
+ 0x408a9958,
+ 0x408b3173,
+ 0x408baeeb,
+ 0x408c2486,
+ 0x408c9990,
+ 0x408d1eef,
+ 0x408d9e39,
+ 0x408e201f,
+ 0x408ea2e4,
+ 0x408f27fd,
+ 0x408fa5d0,
+ 0x409027b2,
+ 0x4090a4c8,
+ 0x40912ac1,
+ 0x409199b6,
+ 0x40921c20,
+ 0x4092ae9c,
+ 0x40932f7c,
+ 0x4093a1a2,
+ 0x40941e1b,
+ 0x4094aaf2,
+ 0x4095265e,
+ 0x4095b104,
+ 0x40962e48,
+ 0x4096a11a,
+ 0x409721ed,
+ 0x4097a06e,
+ 0x40981c80,
+ 0x4098a672,
+ 0x40992eb8,
+ 0x4099a311,
+ 0x409a22aa,
+ 0x409a9974,
+ 0x409b1e75,
+ 0x409b9ea0,
+ 0x409c3059,
+ 0x409c9ec8,
+ 0x409d20d6,
+ 0x409da0bb,
+ 0x409e1d11,
+ 0x409ea14f,
+ 0x409f2137,
+ 0x409f9e68,
+ 0x40a02535,
+ 0x40a0a088,
+ 0x41f42993,
+ 0x41f92a25,
+ 0x41fe2918,
+ 0x41feabce,
+ 0x41ff2cfc,
+ 0x420329ac,
+ 0x420829ce,
+ 0x4208aa0a,
+ 0x420928fc,
+ 0x4209aa44,
+ 0x420a2953,
+ 0x420aa933,
+ 0x420b2973,
+ 0x420ba9ec,
+ 0x420c2d18,
+ 0x420cab02,
+ 0x420d2bb5,
+ 0x420dabec,
+ 0x42122c1f,
+ 0x42172cdf,
+ 0x4217ac61,
+ 0x421c2c83,
+ 0x421f2c3e,
+ 0x42212d90,
+ 0x42262cc2,
+ 0x422b2d6e,
+ 0x422bab90,
+ 0x422c2d50,
+ 0x422cab43,
+ 0x422d2b1c,
+ 0x422dad2f,
+ 0x422e2b6f,
+ 0x42302c9e,
+ 0x4230ac06,
+ 0x44320755,
+ 0x44328764,
+ 0x44330770,
+ 0x4433877e,
+ 0x44340791,
+ 0x443487a2,
+ 0x443507a9,
+ 0x443587b3,
+ 0x443607c6,
+ 0x443687dc,
+ 0x443707ee,
+ 0x443787fb,
+ 0x4438080a,
+ 0x44388812,
+ 0x4439082a,
+ 0x44398838,
+ 0x443a084b,
+ 0x4832132e,
+ 0x48329340,
+ 0x48331356,
+ 0x4833936f,
+ 0x4c321394,
+ 0x4c3293a4,
+ 0x4c3313b7,
+ 0x4c3393d7,
0x4c3400b9,
0x4c3480f7,
- 0x4c3513b4,
- 0x4c3593c2,
- 0x4c3613de,
- 0x4c369404,
- 0x4c371413,
- 0x4c379421,
- 0x4c381436,
- 0x4c389442,
- 0x4c391462,
- 0x4c39948c,
- 0x4c3a14a5,
- 0x4c3a94be,
- 0x4c3b060a,
- 0x4c3b94d7,
- 0x4c3c14e9,
- 0x4c3c94f8,
- 0x4c3d1511,
- 0x4c3d8c54,
- 0x4c3e157e,
- 0x4c3e9520,
- 0x4c3f15a0,
- 0x4c3f92d5,
- 0x4c401536,
- 0x4c409351,
- 0x4c41156e,
- 0x4c4193f1,
- 0x4c42155a,
- 0x50323362,
- 0x5032b371,
- 0x5033337c,
- 0x5033b38c,
- 0x503433a5,
- 0x5034b3bf,
- 0x503533cd,
- 0x5035b3e3,
- 0x503633f5,
- 0x5036b40b,
- 0x50373424,
- 0x5037b437,
- 0x5038344f,
- 0x5038b460,
- 0x50393475,
- 0x5039b489,
- 0x503a34a9,
- 0x503ab4bf,
- 0x503b34d7,
- 0x503bb4e9,
- 0x503c3505,
- 0x503cb51c,
- 0x503d3535,
- 0x503db54b,
- 0x503e3558,
- 0x503eb56e,
- 0x503f3580,
- 0x503f8388,
- 0x50403593,
- 0x5040b5a3,
- 0x504135bd,
- 0x5041b5cc,
- 0x504235e6,
- 0x5042b603,
- 0x50433613,
- 0x5043b623,
- 0x50443632,
- 0x5044843e,
- 0x50453646,
- 0x5045b664,
- 0x50463677,
- 0x5046b68d,
- 0x5047369f,
- 0x5047b6b4,
- 0x504836da,
- 0x5048b6e8,
- 0x504936fb,
- 0x5049b710,
- 0x504a3726,
- 0x504ab736,
- 0x504b3756,
- 0x504bb769,
- 0x504c378c,
- 0x504cb7ba,
- 0x504d37cc,
- 0x504db7e9,
- 0x504e3804,
- 0x504eb820,
- 0x504f3832,
- 0x504fb849,
- 0x50503858,
- 0x505086fe,
- 0x5051386b,
- 0x58320f72,
- 0x68320f34,
- 0x68328c8c,
- 0x68330c9f,
- 0x68338f42,
- 0x68340f52,
+ 0x4c3513e3,
+ 0x4c3593f1,
+ 0x4c36140d,
+ 0x4c369433,
+ 0x4c371442,
+ 0x4c379450,
+ 0x4c381465,
+ 0x4c389471,
+ 0x4c391491,
+ 0x4c3994bb,
+ 0x4c3a14d4,
+ 0x4c3a94ed,
+ 0x4c3b0625,
+ 0x4c3b9506,
+ 0x4c3c1518,
+ 0x4c3c9527,
+ 0x4c3d1540,
+ 0x4c3d8c6f,
+ 0x4c3e15ad,
+ 0x4c3e954f,
+ 0x4c3f15cf,
+ 0x4c3f9304,
+ 0x4c401565,
+ 0x4c409380,
+ 0x4c41159d,
+ 0x4c419420,
+ 0x4c421589,
+ 0x50323502,
+ 0x5032b511,
+ 0x5033351c,
+ 0x5033b52c,
+ 0x50343545,
+ 0x5034b55f,
+ 0x5035356d,
+ 0x5035b583,
+ 0x50363595,
+ 0x5036b5ab,
+ 0x503735c4,
+ 0x5037b5d7,
+ 0x503835ef,
+ 0x5038b600,
+ 0x50393615,
+ 0x5039b629,
+ 0x503a3649,
+ 0x503ab65f,
+ 0x503b3677,
+ 0x503bb689,
+ 0x503c36a5,
+ 0x503cb6bc,
+ 0x503d36d5,
+ 0x503db6eb,
+ 0x503e36f8,
+ 0x503eb70e,
+ 0x503f3720,
+ 0x503f83a3,
+ 0x50403733,
+ 0x5040b743,
+ 0x5041375d,
+ 0x5041b76c,
+ 0x50423786,
+ 0x5042b7a3,
+ 0x504337b3,
+ 0x5043b7c3,
+ 0x504437e0,
+ 0x50448459,
+ 0x504537f4,
+ 0x5045b812,
+ 0x50463825,
+ 0x5046b83b,
+ 0x5047384d,
+ 0x5047b862,
+ 0x50483888,
+ 0x5048b896,
+ 0x504938a9,
+ 0x5049b8be,
+ 0x504a38d4,
+ 0x504ab8e4,
+ 0x504b3904,
+ 0x504bb917,
+ 0x504c393a,
+ 0x504cb968,
+ 0x504d3995,
+ 0x504db9b2,
+ 0x504e39cd,
+ 0x504eb9e9,
+ 0x504f39fb,
+ 0x504fba12,
+ 0x50503a21,
+ 0x50508719,
+ 0x50513a34,
+ 0x5051b7d2,
+ 0x5052397a,
+ 0x58320f8d,
+ 0x68320f4f,
+ 0x68328ca7,
+ 0x68330cba,
+ 0x68338f5d,
+ 0x68340f6d,
0x683480f7,
- 0x6c320efa,
- 0x6c328c43,
- 0x6c330f05,
- 0x6c338f1e,
- 0x74320a28,
+ 0x6c320f15,
+ 0x6c328c5e,
+ 0x6c330f20,
+ 0x6c338f39,
+ 0x74320a43,
0x743280b9,
- 0x74330c54,
- 0x7832098d,
- 0x783289a2,
- 0x783309ae,
+ 0x74330c6f,
+ 0x783209a8,
+ 0x783289bd,
+ 0x783309c9,
0x78338090,
- 0x783409bd,
- 0x783489d2,
- 0x783509f1,
- 0x78358a13,
- 0x78360a28,
- 0x78368a3e,
- 0x78370a4e,
- 0x78378a6f,
- 0x78380a82,
- 0x78388a94,
- 0x78390aa1,
- 0x78398ac0,
- 0x783a0ad5,
- 0x783a8ae3,
- 0x783b0aed,
- 0x783b8b01,
- 0x783c0b18,
- 0x783c8b2d,
- 0x783d0b44,
- 0x783d8b59,
- 0x783e0aaf,
- 0x783e8a61,
- 0x7c3211ee,
- 0x80321404,
+ 0x783409d8,
+ 0x783489ed,
+ 0x78350a0c,
+ 0x78358a2e,
+ 0x78360a43,
+ 0x78368a59,
+ 0x78370a69,
+ 0x78378a8a,
+ 0x78380a9d,
+ 0x78388aaf,
+ 0x78390abc,
+ 0x78398adb,
+ 0x783a0af0,
+ 0x783a8afe,
+ 0x783b0b08,
+ 0x783b8b1c,
+ 0x783c0b33,
+ 0x783c8b48,
+ 0x783d0b5f,
+ 0x783d8b74,
+ 0x783e0aca,
+ 0x783e8a7c,
+ 0x7c32121d,
+ 0x80321433,
0x80328090,
- 0x803330b5,
+ 0x80333255,
0x803380b9,
- 0x803430c4,
- 0x8034b02c,
- 0x8035304a,
- 0x8035b0d8,
- 0x8036308c,
- 0x8036b03b,
- 0x8037307e,
- 0x8037b019,
- 0x8038309f,
- 0x8038b05b,
- 0x80393070,
+ 0x80343264,
+ 0x8034b1cc,
+ 0x803531ea,
+ 0x8035b278,
+ 0x8036322c,
+ 0x8036b1db,
+ 0x8037321e,
+ 0x8037b1b9,
+ 0x8038323f,
+ 0x8038b1fb,
+ 0x80393210,
};
const size_t kOpenSSLReasonValuesLen = sizeof(kOpenSSLReasonValues) / sizeof(kOpenSSLReasonValues[0]);
@@ -831,6 +848,7 @@ const char kOpenSSLReasonStringData[] =
"INTEGER_NOT_ASCII_FORMAT\0"
"INTEGER_TOO_LARGE_FOR_LONG\0"
"INVALID_BIT_STRING_BITS_LEFT\0"
+ "INVALID_BIT_STRING_PADDING\0"
"INVALID_BMPSTRING\0"
"INVALID_DIGIT\0"
"INVALID_MODIFIER\0"
@@ -1004,6 +1022,7 @@ const char kOpenSSLReasonStringData[] =
"EXPECTING_AN_RSA_KEY\0"
"EXPECTING_A_DSA_KEY\0"
"ILLEGAL_OR_UNSUPPORTED_PADDING_MODE\0"
+ "INVALID_BUFFER_SIZE\0"
"INVALID_DIGEST_LENGTH\0"
"INVALID_DIGEST_TYPE\0"
"INVALID_KEYBITS\0"
@@ -1158,6 +1177,7 @@ const char kOpenSSLReasonStringData[] =
"CLIENTHELLO_TLSEXT\0"
"CONNECTION_REJECTED\0"
"CONNECTION_TYPE_NOT_SET\0"
+ "COULD_NOT_PARSE_HINTS\0"
"CUSTOM_EXTENSION_ERROR\0"
"DATA_LENGTH_TOO_LONG\0"
"DECRYPTION_FAILED\0"
@@ -1172,6 +1192,10 @@ const char kOpenSSLReasonStringData[] =
"DUPLICATE_SIGNATURE_ALGORITHM\0"
"EARLY_DATA_NOT_IN_USE\0"
"ECC_CERT_NOT_FOR_SIGNING\0"
+ "ECH_REJECTED\0"
+ "ECH_SERVER_CONFIG_AND_PRIVATE_KEY_MISMATCH\0"
+ "ECH_SERVER_CONFIG_UNSUPPORTED_EXTENSION\0"
+ "ECH_SERVER_WOULD_HAVE_NO_RETRY_CONFIGS\0"
"EMPTY_HELLO_RETRY_REQUEST\0"
"EMS_STATE_INCONSISTENT\0"
"ENCRYPTED_LENGTH_TOO_LONG\0"
@@ -1189,10 +1213,15 @@ const char kOpenSSLReasonStringData[] =
"HTTP_REQUEST\0"
"INAPPROPRIATE_FALLBACK\0"
"INCONSISTENT_CLIENT_HELLO\0"
+ "INCONSISTENT_ECH_NEGOTIATION\0"
"INVALID_ALPN_PROTOCOL\0"
+ "INVALID_ALPN_PROTOCOL_LIST\0"
+ "INVALID_CLIENT_HELLO_INNER\0"
"INVALID_COMMAND\0"
"INVALID_COMPRESSION_LIST\0"
"INVALID_DELEGATED_CREDENTIAL\0"
+ "INVALID_ECH_CONFIG_LIST\0"
+ "INVALID_ECH_PUBLIC_NAME\0"
"INVALID_MESSAGE\0"
"INVALID_OUTER_RECORD_TYPE\0"
"INVALID_SCT_LIST\0"
@@ -1237,6 +1266,7 @@ const char kOpenSSLReasonStringData[] =
"OLD_SESSION_CIPHER_NOT_RETURNED\0"
"OLD_SESSION_PRF_HASH_MISMATCH\0"
"OLD_SESSION_VERSION_NOT_RETURNED\0"
+ "OUTER_EXTENSION_NOT_FOUND\0"
"PARSE_TLSEXT\0"
"PATH_TOO_LONG\0"
"PEER_DID_NOT_RETURN_A_CERTIFICATE\0"
@@ -1297,6 +1327,7 @@ const char kOpenSSLReasonStringData[] =
"TLSV1_ALERT_DECODE_ERROR\0"
"TLSV1_ALERT_DECRYPTION_FAILED\0"
"TLSV1_ALERT_DECRYPT_ERROR\0"
+ "TLSV1_ALERT_ECH_REQUIRED\0"
"TLSV1_ALERT_EXPORT_RESTRICTION\0"
"TLSV1_ALERT_INAPPROPRIATE_FALLBACK\0"
"TLSV1_ALERT_INSUFFICIENT_SECURITY\0"
@@ -1336,6 +1367,7 @@ const char kOpenSSLReasonStringData[] =
"UNKNOWN_STATE\0"
"UNSAFE_LEGACY_RENEGOTIATION_DISABLED\0"
"UNSUPPORTED_COMPRESSION_ALGORITHM\0"
+ "UNSUPPORTED_ECH_SERVER_CONFIG\0"
"UNSUPPORTED_ELLIPTIC_CURVE\0"
"UNSUPPORTED_PROTOCOL\0"
"UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY\0"
@@ -1430,6 +1462,7 @@ const char kOpenSSLReasonStringData[] =
"INVALID_PURPOSE\0"
"INVALID_SECTION\0"
"INVALID_SYNTAX\0"
+ "INVALID_VALUE\0"
"ISSUER_DECODE_ERROR\0"
"NEED_ORGANIZATION_AND_NUMBERS\0"
"NO_CONFIG_DATABASE\0"
@@ -1447,6 +1480,7 @@ const char kOpenSSLReasonStringData[] =
"POLICY_PATH_LENGTH_ALREADY_DEFINED\0"
"POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY\0"
"SECTION_NOT_FOUND\0"
+ "TRAILING_DATA_IN_EXTENSION\0"
"UNABLE_TO_GET_ISSUER_DETAILS\0"
"UNABLE_TO_GET_ISSUER_KEYID\0"
"UNKNOWN_BIT_STRING_ARGUMENT\0"
diff --git a/toolchains/BUILD.gn b/toolchains/BUILD.gn
index 76de412..16abe57 100644
--- a/toolchains/BUILD.gn
+++ b/toolchains/BUILD.gn
@@ -16,13 +16,6 @@ import("//build_overrides/pigweed.gni")
import("$dir_pigweed/targets/host/target_toolchains.gni")
import("$dir_pw_toolchain/generate_toolchain.gni")
-declare_args() {
- # These aren't used but they are set by the Pigweed toolchain. Declaring them
- # here silences gn warnings.
- pw_trace_BACKEND = ""
- pw_trace_tokenizer_time = ""
-}
-
config("common_config") {
include_dirs = [ "//include" ]
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 22:44:44 +0000