1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip;
13 t0_parse7E_unsigned(const unsigned char **p)
22 x = (x << 7) | (uint32_t)(y & 0x7F);
30 t0_parse7E_signed(const unsigned char **p)
35 neg = ((**p) >> 6) & 1;
41 x = (x << 7) | (uint32_t)(y & 0x7F);
44 return -(int32_t)~x - 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 /* static const unsigned char t0_datablock[]; */
64 void br_x509_minimal_init_main(void *t0ctx);
66 void br_x509_minimal_run(void *t0ctx);
79 * Implementation Notes
80 * --------------------
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
89 * The T0 code sets cert_length to 0 when the certificate is fully
92 * The C code must still perform two checks:
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
102 * Processing of a chain works in the following way:
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
113 * -- Start of the TBS: the multihash engine is reset and activated.
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
157 * -- Extensions: extension values are processed in due order.
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
181 * -- End of the TBS: the multihash engine is stopped.
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
190 * -- Signature value: the signature value is copied into the
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
207 #if BR_USE_WIN32_TIME
212 * The T0 compiler will produce these prototypes declarations in the
215 void br_x509_minimal_init_main(void *ctx);
216 void br_x509_minimal_run(void *ctx);
219 /* see bearssl_x509.h */
221 br_x509_minimal_init(br_x509_minimal_context *ctx,
222 const br_hash_class *dn_hash_impl,
223 const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num)
225 memset(ctx, 0, sizeof *ctx);
226 ctx->vtable = &br_x509_minimal_vtable;
227 ctx->dn_hash_impl = dn_hash_impl;
228 ctx->trust_anchors = trust_anchors;
229 ctx->trust_anchors_num = trust_anchors_num;
233 xm_start_chain(const br_x509_class **ctx, const char *server_name)
235 br_x509_minimal_context *cc;
238 cc = (br_x509_minimal_context *)(void *)ctx;
239 for (u = 0; u < cc->num_name_elts; u ++) {
240 cc->name_elts[u].status = 0;
241 cc->name_elts[u].buf[0] = 0;
243 memset(&cc->pkey, 0, sizeof cc->pkey);
246 cc->cpu.dp = cc->dp_stack;
247 cc->cpu.rp = cc->rp_stack;
248 br_x509_minimal_init_main(&cc->cpu);
249 if (server_name == NULL || *server_name == 0) {
250 cc->server_name = NULL;
252 cc->server_name = server_name;
257 xm_start_cert(const br_x509_class **ctx, uint32_t length)
259 br_x509_minimal_context *cc;
261 cc = (br_x509_minimal_context *)(void *)ctx;
266 cc->err = BR_ERR_X509_TRUNCATED;
269 cc->cert_length = length;
273 xm_append(const br_x509_class **ctx, const unsigned char *buf, size_t len)
275 br_x509_minimal_context *cc;
277 cc = (br_x509_minimal_context *)(void *)ctx;
283 br_x509_minimal_run(&cc->cpu);
287 xm_end_cert(const br_x509_class **ctx)
289 br_x509_minimal_context *cc;
291 cc = (br_x509_minimal_context *)(void *)ctx;
292 if (cc->err == 0 && cc->cert_length != 0) {
293 cc->err = BR_ERR_X509_TRUNCATED;
299 xm_end_chain(const br_x509_class **ctx)
301 br_x509_minimal_context *cc;
303 cc = (br_x509_minimal_context *)(void *)ctx;
305 if (cc->num_certs == 0) {
306 cc->err = BR_ERR_X509_EMPTY_CHAIN;
308 cc->err = BR_ERR_X509_NOT_TRUSTED;
310 } else if (cc->err == BR_ERR_X509_OK) {
313 return (unsigned)cc->err;
316 static const br_x509_pkey *
317 xm_get_pkey(const br_x509_class *const *ctx, unsigned *usages)
319 br_x509_minimal_context *cc;
321 cc = (br_x509_minimal_context *)(void *)ctx;
322 if (cc->err == BR_ERR_X509_OK
323 || cc->err == BR_ERR_X509_NOT_TRUSTED)
325 if (usages != NULL) {
326 *usages = cc->key_usages;
328 return &((br_x509_minimal_context *)(void *)ctx)->pkey;
334 /* see bearssl_x509.h */
335 const br_x509_class br_x509_minimal_vtable = {
336 sizeof(br_x509_minimal_context),
345 #define CTX ((br_x509_minimal_context *)(void *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
346 #define CONTEXT_NAME br_x509_minimal_context
348 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
351 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
352 * DN hash implementation and context structure from the X.509 engine
356 hash_dn(br_x509_minimal_context *ctx, const void *dn, size_t len,
359 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable);
360 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len);
361 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out);
365 * Compare two big integers for equality. The integers use unsigned big-endian
366 * encoding; extra leading bytes (of value 0) are allowed.
369 eqbigint(const unsigned char *b1, size_t len1,
370 const unsigned char *b2, size_t len2)
372 while (len1 > 0 && *b1 == 0) {
376 while (len2 > 0 && *b2 == 0) {
383 return memcmp(b1, b2, len1) == 0;
387 * Compare two strings for equality, in a case-insensitive way. This
388 * function handles casing only for ASCII letters.
391 eqnocase(const void *s1, const void *s2, size_t len)
393 const unsigned char *buf1, *buf2;
402 if (x1 >= 'A' && x1 <= 'Z') {
405 if (x2 >= 'A' && x2 <= 'Z') {
415 static int verify_signature(br_x509_minimal_context *ctx,
416 const br_x509_pkey *pk);
420 static const unsigned char t0_datablock[] = {
421 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
422 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
423 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
424 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
425 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
426 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
427 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
428 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
429 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
430 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
431 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
432 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
433 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
434 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
435 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
436 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
437 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
438 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
439 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
440 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
441 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01,
442 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D,
443 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D,
444 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
445 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
448 static const unsigned char t0_codeblock[] = {
449 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
450 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
451 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
452 T0_INT1(BR_ERR_X509_BAD_BOOLEAN), 0x00, 0x00, 0x01,
453 T0_INT1(BR_ERR_X509_BAD_DN), 0x00, 0x00, 0x01,
454 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME), 0x00, 0x00, 0x01,
455 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS), 0x00, 0x00, 0x01,
456 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_X509_BAD_TIME), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_X509_DN_MISMATCH), 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_X509_EXPIRED), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_X509_INNER_TRUNC), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_NOT_CA), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_OVERFLOW), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_PARTIAL_BYTE), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_UNEXPECTED), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_UNSUPPORTED), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY), 0x00, 0x00, 0x01,
474 T0_INT1(BR_KEYTYPE_EC), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA),
475 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_length)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig)), 0x00, 0x00,
477 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_len)), 0x00, 0x00,
478 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_oid)), 0x00, 0x00,
479 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_len)), 0x00, 0x00, 0x01,
480 T0_INT2(offsetof(CONTEXT_NAME, cert_signer_key_type)), 0x00, 0x00,
481 0x01, T0_INT2(offsetof(CONTEXT_NAME, current_dn_hash)), 0x00, 0x00,
482 0x01, T0_INT2(offsetof(CONTEXT_NAME, key_usages)), 0x00, 0x00, 0x01,
483 T0_INT2(offsetof(br_x509_minimal_context, pkey_data)), 0x01,
484 T0_INT2(BR_X509_BUFSIZE_KEY), 0x00, 0x00, 0x01,
485 T0_INT2(offsetof(CONTEXT_NAME, min_rsa_size)), 0x00, 0x00, 0x01,
486 T0_INT2(offsetof(CONTEXT_NAME, next_dn_hash)), 0x00, 0x00, 0x01,
487 T0_INT2(offsetof(CONTEXT_NAME, num_certs)), 0x00, 0x00, 0x01,
488 T0_INT2(offsetof(CONTEXT_NAME, pad)), 0x00, 0x00, 0x01,
489 T0_INT2(offsetof(CONTEXT_NAME, saved_dn_hash)), 0x00, 0x00, 0xC9, 0x71,
490 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
491 0x01, 0x81, 0x02, 0x00, 0x00, 0x92, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
492 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
493 0x00, 0x00, 0x01, 0x82, 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00,
494 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
495 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
496 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
497 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
498 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00,
499 0x06, 0x02, 0x53, 0x28, 0x00, 0x00, 0x01, 0x10, 0x77, 0x00, 0x00, 0x11,
500 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28,
501 0x75, 0x00, 0x00, 0x06, 0x02, 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x11,
502 0x00, 0x00, 0x25, 0x20, 0x01, 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00,
503 0x09, 0x03, 0x00, 0x5B, 0x2B, 0xAF, 0x39, 0xAF, 0xB3, 0x25, 0x01, 0x20,
504 0x11, 0x06, 0x11, 0x24, 0x74, 0xAD, 0xB3, 0x01, 0x02, 0x78, 0xB0, 0x01,
505 0x02, 0x12, 0x06, 0x02, 0x57, 0x28, 0x79, 0xB3, 0x01, 0x02, 0x78, 0xAE,
506 0xAF, 0xC2, 0x9C, 0x65, 0x61, 0x21, 0x16, 0xAF, 0xA7, 0x29, 0x69, 0x06,
507 0x02, 0x4B, 0x28, 0xA7, 0x29, 0x71, 0x06, 0x02, 0x4B, 0x28, 0x79, 0x02,
508 0x00, 0x06, 0x05, 0x9D, 0x03, 0x01, 0x04, 0x09, 0x9C, 0x61, 0x68, 0x21,
509 0x27, 0x05, 0x02, 0x4A, 0x28, 0x68, 0x65, 0x21, 0x16, 0xAF, 0xAF, 0x9E,
510 0x05, 0x02, 0x57, 0x28, 0xBC, 0x26, 0x06, 0x27, 0xC2, 0xA4, 0xAF, 0x63,
511 0xAA, 0x03, 0x03, 0x63, 0x3B, 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A,
512 0xAA, 0x03, 0x04, 0x79, 0x64, 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03,
513 0x12, 0x06, 0x02, 0x58, 0x28, 0x79, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x88,
514 0x26, 0x06, 0x34, 0x9E, 0x05, 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04,
515 0x01, 0x17, 0x04, 0x12, 0x6B, 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A,
516 0x6C, 0x26, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05,
517 0x79, 0xA4, 0x25, 0x03, 0x06, 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50,
518 0x28, 0xA5, 0x59, 0x03, 0x02, 0x04, 0x02, 0x57, 0x28, 0x79, 0x02, 0x00,
519 0x06, 0x21, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03,
520 0x02, 0x04, 0x1D, 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02,
521 0x05, 0x02, 0x06, 0x1C, 0x04, 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02,
522 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23,
523 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06,
524 0x22, 0x04, 0x03, 0x57, 0x28, 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01,
525 0x00, 0x03, 0x07, 0xB4, 0x01, 0x21, 0x8F, 0x01, 0x22, 0x8F, 0x25, 0x01,
526 0x23, 0x11, 0x06, 0x81, 0x26, 0x24, 0x74, 0xAD, 0xAF, 0x25, 0x06, 0x81,
527 0x1A, 0x01, 0x00, 0x03, 0x08, 0xAF, 0x9E, 0x24, 0xB3, 0x25, 0x01, 0x01,
528 0x11, 0x06, 0x04, 0xA6, 0x03, 0x08, 0xB3, 0x01, 0x04, 0x78, 0xAD, 0x70,
529 0x26, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC3, 0x04, 0x05, 0x99, 0x01,
530 0x7F, 0x03, 0x07, 0x04, 0x80, 0x6C, 0x91, 0x26, 0x06, 0x06, 0x02, 0x00,
531 0x9B, 0x04, 0x80, 0x62, 0xC5, 0x26, 0x06, 0x11, 0x02, 0x00, 0x06, 0x09,
532 0x01, 0x00, 0x03, 0x01, 0x98, 0x03, 0x01, 0x04, 0x01, 0xC3, 0x04, 0x80,
533 0x4D, 0x73, 0x26, 0x06, 0x0A, 0x02, 0x08, 0x06, 0x03, 0x9A, 0x04, 0x01,
534 0xC3, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x38, 0xC8, 0x26,
535 0x06, 0x03, 0xC3, 0x04, 0x31, 0x90, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x2A,
536 0xC6, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x23, 0x7A, 0x26, 0x06, 0x03, 0xC3,
537 0x04, 0x1C, 0x85, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x15, 0x6E, 0x26, 0x06,
538 0x03, 0xC3, 0x04, 0x0E, 0xC7, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x07, 0x02,
539 0x08, 0x06, 0x02, 0x49, 0x28, 0xC3, 0x79, 0x79, 0x04, 0xFE, 0x62, 0x79,
540 0x79, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02, 0x56, 0x28, 0x24, 0x79,
541 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C, 0x2F, 0x05, 0x02, 0x45,
542 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00, 0x02, 0x07, 0x2F, 0x05,
543 0x02, 0x51, 0x28, 0xB3, 0x76, 0xAD, 0x9E, 0x06, 0x80, 0x77, 0xBD, 0x26,
544 0x06, 0x07, 0x01, 0x02, 0x5A, 0x8A, 0x04, 0x80, 0x5E, 0xBE, 0x26, 0x06,
545 0x07, 0x01, 0x03, 0x5A, 0x8B, 0x04, 0x80, 0x53, 0xBF, 0x26, 0x06, 0x07,
546 0x01, 0x04, 0x5A, 0x8C, 0x04, 0x80, 0x48, 0xC0, 0x26, 0x06, 0x06, 0x01,
547 0x05, 0x5A, 0x8D, 0x04, 0x3E, 0xC1, 0x26, 0x06, 0x06, 0x01, 0x06, 0x5A,
548 0x8E, 0x04, 0x34, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x02, 0x59, 0x8A, 0x04,
549 0x2A, 0x80, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59, 0x8B, 0x04, 0x20, 0x81,
550 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8C, 0x04, 0x16, 0x82, 0x26, 0x06,
551 0x06, 0x01, 0x05, 0x59, 0x8D, 0x04, 0x0C, 0x83, 0x26, 0x06, 0x06, 0x01,
552 0x06, 0x59, 0x8E, 0x04, 0x02, 0x57, 0x28, 0x5E, 0x35, 0x60, 0x37, 0x1B,
553 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04, 0x02, 0x57, 0x28, 0xC2,
554 0xA4, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG), 0x12, 0x06, 0x02, 0x50,
555 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA5, 0x79, 0x79, 0x01, 0x00, 0x5B, 0x36,
556 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01, 0x00, 0x01, 0x09, 0x72,
557 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30, 0x00, 0x00, 0x01, 0x81,
558 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 0x01, 0x81, 0x19, 0x00,
559 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 0x2B, 0x00, 0x01, 0x7E,
560 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F, 0x11, 0x15, 0x06, 0x03,
561 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25, 0xCA, 0x05, 0x04, 0x42,
562 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x96, 0x04,
563 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06, 0x0F, 0x01, 0x06, 0x14,
564 0x01, 0x81, 0x40, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x00, 0x97, 0x04, 0x33,
565 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14, 0x01, 0x0C, 0x14, 0x01,
566 0x81, 0x60, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00, 0x01,
567 0x00, 0x97, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01, 0x81, 0x70, 0x2F, 0x96,
568 0x02, 0x00, 0x01, 0x0C, 0x97, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00,
569 0x01, 0x00, 0x97, 0x00, 0x00, 0x01, 0x82, 0x15, 0x00, 0x00, 0x25, 0x01,
570 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x81,
571 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00,
572 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80,
573 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00,
574 0x00, 0x30, 0x11, 0x06, 0x04, 0x42, 0xAD, 0xC2, 0xB4, 0x00, 0x00, 0x01,
575 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83,
576 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62,
577 0x37, 0x01, 0x7F, 0x7C, 0x19, 0x01, 0x00, 0x7C, 0x19, 0x04, 0x7A, 0x00,
578 0x01, 0x81, 0x38, 0x00, 0x01, 0x7E, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25,
579 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01,
580 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67,
581 0x09, 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00,
582 0x2F, 0x96, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAF, 0x25, 0x06, 0x80,
583 0x59, 0xB3, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x74, 0xAD, 0x9E,
584 0x24, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB3, 0x01, 0x20, 0x77, 0xAD, 0xB2,
585 0x02, 0x01, 0x1F, 0x79, 0x79, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06,
586 0x08, 0x24, 0x75, 0xB6, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30,
587 0x11, 0x06, 0x11, 0x24, 0x75, 0xB6, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00,
588 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11,
589 0x06, 0x08, 0x24, 0x75, 0xB6, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAE,
590 0x01, 0x00, 0x24, 0x04, 0xFF, 0x23, 0x79, 0x02, 0x00, 0x00, 0x00, 0xAF,
591 0xB4, 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA6, 0x05, 0x02, 0x51, 0x28,
592 0xB4, 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24,
593 0x75, 0xB0, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB4, 0x01,
594 0x7F, 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x79, 0x00, 0x00, 0xAF, 0x25,
595 0x06, 0x1A, 0xAF, 0x9E, 0x24, 0x25, 0x06, 0x11, 0xAF, 0x25, 0x06, 0x0C,
596 0xAF, 0x9E, 0x24, 0x89, 0x26, 0x05, 0x02, 0x49, 0x28, 0xC2, 0x04, 0x71,
597 0x79, 0x79, 0x04, 0x63, 0x79, 0x00, 0x02, 0x03, 0x00, 0xB3, 0x01, 0x03,
598 0x78, 0xAD, 0xBA, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12, 0x06, 0x02,
599 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24, 0x4D, 0x28,
600 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xBA, 0x02, 0x01,
601 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xBA, 0x01, 0x00, 0x24, 0x02,
602 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06, 0x03, 0x01,
603 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01, 0x20, 0x2F,
604 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D, 0x28, 0xC2,
605 0x00, 0x00, 0x38, 0xAF, 0xC2, 0x1A, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00,
606 0x38, 0xAF, 0x25, 0x06, 0x30, 0xB3, 0x01, 0x11, 0x77, 0xAD, 0x25, 0x05,
607 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAF, 0x9E, 0x24, 0x87, 0x26, 0x03,
608 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xB2, 0x25, 0x02, 0x01, 0x15, 0x06,
609 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02, 0x1F, 0x79,
610 0x04, 0x5D, 0x79, 0x04, 0x4D, 0x79, 0x1A, 0x02, 0x00, 0x00, 0x00, 0xB3,
611 0x01, 0x06, 0x78, 0xB1, 0x00, 0x00, 0xB8, 0x86, 0x06, 0x0E, 0x3B, 0x25,
612 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB8, 0x6D, 0x04, 0x08,
613 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB9, 0x86,
614 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00,
615 0xB9, 0x6D, 0x04, 0x08, 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00,
616 0x00, 0x00, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x00, 0x04,
617 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24, 0x01, 0x00,
618 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06, 0x0E, 0x01,
619 0x1F, 0x15, 0x01, 0x01, 0xA3, 0x01, 0x81, 0x00, 0x01, 0x8F, 0x7F, 0x04,
620 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F, 0x15, 0x01,
621 0x02, 0xA3, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04, 0x1C, 0x25,
622 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01, 0x03, 0xA3,
623 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04, 0x04, 0x24,
624 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00, 0x00, 0x3B,
625 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xBA, 0x34, 0x25,
626 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B, 0x25, 0x01,
627 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F, 0x00, 0x01,
628 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0xA2, 0x34, 0x41,
629 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB3, 0x01, 0x03, 0x78, 0xAD, 0xBA,
630 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07, 0x31, 0x25,
631 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01, 0x78, 0xAC,
632 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xBA, 0x3E, 0x00, 0x04, 0xB3,
633 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28, 0x01, 0x18,
634 0x11, 0x03, 0x00, 0x75, 0xAD, 0xA8, 0x02, 0x00, 0x06, 0x0C, 0x01, 0x80,
635 0x64, 0x08, 0x03, 0x01, 0xA8, 0x02, 0x01, 0x09, 0x04, 0x0E, 0x25, 0x01,
636 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E, 0x6C, 0x09,
637 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01, 0x01, 0x03,
638 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63, 0x09, 0x01,
639 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09, 0x01, 0x83,
640 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA9, 0x41, 0x01,
641 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01, 0x01, 0x80,
642 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F, 0x2F, 0x15,
643 0x06, 0x03, 0x01, 0x18, 0x09, 0x94, 0x09, 0x7B, 0x25, 0x01, 0x05, 0x14,
644 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01, 0x3B, 0xA9,
645 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17, 0xA9, 0x01,
646 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA9, 0x01, 0x3C,
647 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C, 0xA9, 0x02,
648 0x02, 0x09, 0x03, 0x02, 0xBA, 0x25, 0x01, 0x2E, 0x11, 0x06, 0x0D, 0x24,
649 0xBA, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24, 0x04, 0x74,
650 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x79, 0x02, 0x03, 0x02,
651 0x02, 0x00, 0x01, 0xBA, 0x7D, 0x01, 0x0A, 0x08, 0x03, 0x00, 0xBA, 0x7D,
652 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA8, 0x25, 0x02,
653 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x34, 0xB3,
654 0x01, 0x02, 0x78, 0x0B, 0xAB, 0x00, 0x03, 0x25, 0x03, 0x00, 0x03, 0x01,
655 0x03, 0x02, 0xAD, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06, 0x02, 0x54,
656 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05, 0x04, 0x24,
657 0x01, 0x00, 0x00, 0xBA, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05, 0x02, 0x50,
658 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40, 0x03, 0x02,
659 0x25, 0x06, 0x03, 0xBA, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02, 0x01, 0x0A,
660 0x00, 0x01, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01, 0x00, 0x01,
661 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00, 0x01, 0x00,
662 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41, 0x03, 0x00,
663 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F, 0x28, 0x01,
664 0x08, 0x0E, 0x3B, 0xBA, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00, 0xAC, 0x95,
665 0x00, 0x00, 0xAD, 0xC2, 0x00, 0x00, 0xB3, 0x76, 0xAD, 0x00, 0x01, 0xAD,
666 0x25, 0x05, 0x02, 0x54, 0x28, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
667 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xBA, 0x02, 0x00, 0x25,
668 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28, 0x01, 0x08,
669 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00, 0x00, 0xAD,
670 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xC2, 0x01, 0x00, 0x67, 0x37,
671 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA5, 0x01, 0x7F, 0x00,
672 0x00, 0xB3, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB6, 0x04,
673 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x33,
674 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x28, 0x01,
675 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x1D, 0x01, 0x16,
676 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x12, 0x01, 0x1E, 0x30,
677 0x11, 0x06, 0x05, 0x24, 0x75, 0xB5, 0x04, 0x07, 0x42, 0xAE, 0x01, 0x00,
678 0x01, 0x00, 0x24, 0x00, 0x01, 0xBA, 0x03, 0x00, 0x02, 0x00, 0x01, 0x05,
679 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14, 0x25, 0x01,
680 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02, 0x00, 0x01,
681 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28, 0x09, 0x00,
682 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB3, 0x00, 0x01,
683 0xAD, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01, 0x01, 0x03,
684 0x00, 0x9F, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16, 0x24, 0x25,
685 0x06, 0x10, 0xA0, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02,
686 0x00, 0x84, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05, 0x05, 0x24,
687 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x25, 0x06, 0x0B,
688 0x9F, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x04, 0x6D, 0x24,
689 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00,
690 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xA1, 0x25, 0x05,
691 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x04,
692 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
693 0x7F, 0x00, 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xBA,
694 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03,
695 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
696 0x37, 0x01, 0x7F, 0x00, 0x00, 0xBA, 0x01, 0x08, 0x0E, 0x3B, 0xBA, 0x34,
697 0x09, 0x00, 0x00, 0xBA, 0x3B, 0xBA, 0x01, 0x08, 0x0E, 0x34, 0x09, 0x00,
698 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xBB, 0x00, 0x00, 0x32, 0x25,
699 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74, 0x00, 0x01,
700 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00, 0x00, 0x01,
701 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00, 0x00, 0xC3,
702 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC4, 0x25, 0x06, 0x01, 0x19, 0x04,
703 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00, 0x00, 0x01,
704 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00, 0x00, 0x01, 0x82, 0x22,
705 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x01, 0x03, 0x33, 0x01, 0x03,
706 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFD, 0x5F,
707 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00,
708 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x01,
709 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
712 static const uint16_t t0_caddr[] = {
857 #define T0_INTERPRETED 61
859 #define T0_ENTER(ip, rp, slot) do { \
860 const unsigned char *t0_newip; \
862 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
863 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
865 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
869 #define T0_DEFENTRY(name, slot) \
873 t0_context *t0ctx = ctx; \
874 t0ctx->ip = &t0_codeblock[0]; \
875 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
878 T0_DEFENTRY(br_x509_minimal_init_main, 147)
880 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
883 br_x509_minimal_run(void *t0ctx)
886 const unsigned char *ip;
888 #define T0_LOCAL(x) (*(rp - 2 - (x)))
889 #define T0_POP() (*-- dp)
890 #define T0_POPi() (*(int32_t *)(-- dp))
891 #define T0_PEEK(x) (*(dp - 1 - (x)))
892 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
893 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
894 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
895 #define T0_RPOP() (*-- rp)
896 #define T0_RPOPi() (*(int32_t *)(-- rp))
897 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
898 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
899 #define T0_ROLL(x) do { \
900 size_t t0len = (size_t)(x); \
901 uint32_t t0tmp = *(dp - 1 - t0len); \
902 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
905 #define T0_SWAP() do { \
906 uint32_t t0tmp = *(dp - 2); \
907 *(dp - 2) = *(dp - 1); \
910 #define T0_ROT() do { \
911 uint32_t t0tmp = *(dp - 3); \
912 *(dp - 3) = *(dp - 2); \
913 *(dp - 2) = *(dp - 1); \
916 #define T0_NROT() do { \
917 uint32_t t0tmp = *(dp - 1); \
918 *(dp - 1) = *(dp - 2); \
919 *(dp - 2) = *(dp - 3); \
922 #define T0_PICK(x) do { \
923 uint32_t t0depth = (x); \
924 T0_PUSH(T0_PEEK(t0depth)); \
926 #define T0_CO() do { \
929 #define T0_RET() goto t0_next
931 dp = ((t0_context *)t0ctx)->dp;
932 rp = ((t0_context *)t0ctx)->rp;
933 ip = ((t0_context *)t0ctx)->ip;
940 if (t0x < T0_INTERPRETED) {
952 ip = &t0_codeblock[t0x];
954 case 1: /* literal constant */
955 T0_PUSHi(t0_parse7E_signed(&ip));
957 case 2: /* read local */
958 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));
960 case 3: /* write local */
961 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();
964 t0off = t0_parse7E_signed(&ip);
967 case 5: /* jump if */
968 t0off = t0_parse7E_signed(&ip);
973 case 6: /* jump if not */
974 t0off = t0_parse7E_signed(&ip);
982 int32_t b = T0_POPi();
983 int32_t a = T0_POPi();
991 uint32_t b = T0_POP();
992 uint32_t a = T0_POP();
1000 uint32_t b = T0_POP();
1001 uint32_t a = T0_POP();
1009 uint32_t b = T0_POP();
1010 uint32_t a = T0_POP();
1023 int32_t b = T0_POPi();
1024 int32_t a = T0_POPi();
1032 int32_t b = T0_POPi();
1033 int32_t a = T0_POPi();
1034 T0_PUSH(-(uint32_t)(a < b));
1041 int c = (int)T0_POPi();
1042 uint32_t x = T0_POP();
1050 int32_t b = T0_POPi();
1051 int32_t a = T0_POPi();
1052 T0_PUSH(-(uint32_t)(a <= b));
1059 uint32_t b = T0_POP();
1060 uint32_t a = T0_POP();
1061 T0_PUSH(-(uint32_t)(a != b));
1068 uint32_t b = T0_POP();
1069 uint32_t a = T0_POP();
1070 T0_PUSH(-(uint32_t)(a == b));
1077 int32_t b = T0_POPi();
1078 int32_t a = T0_POPi();
1079 T0_PUSH(-(uint32_t)(a > b));
1086 int32_t b = T0_POPi();
1087 int32_t a = T0_POPi();
1088 T0_PUSH(-(uint32_t)(a >= b));
1095 int c = (int)T0_POPi();
1096 int32_t x = T0_POPi();
1104 uint32_t b = T0_POP();
1105 uint32_t a = T0_POP();
1113 size_t len = T0_POP();
1114 unsigned char *src = (unsigned char *)CTX + T0_POP();
1115 unsigned char *dst = (unsigned char *)CTX + T0_POP();
1116 memcpy(dst, src, len);
1121 /* check-direct-trust */
1125 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1126 const br_x509_trust_anchor *ta;
1127 unsigned char hashed_DN[64];
1130 ta = &CTX->trust_anchors[u];
1131 if (ta->flags & BR_X509_TA_CA) {
1134 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1135 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) {
1138 kt = CTX->pkey.key_type;
1139 if ((ta->pkey.key_type & 0x0F) != kt) {
1144 case BR_KEYTYPE_RSA:
1145 if (!eqbigint(CTX->pkey.key.rsa.n,
1146 CTX->pkey.key.rsa.nlen,
1148 ta->pkey.key.rsa.nlen)
1149 || !eqbigint(CTX->pkey.key.rsa.e,
1150 CTX->pkey.key.rsa.elen,
1152 ta->pkey.key.rsa.elen))
1159 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve
1160 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen
1161 || memcmp(CTX->pkey.key.ec.q,
1163 ta->pkey.key.ec.qlen) != 0)
1174 * Direct trust match!
1176 CTX->err = BR_ERR_X509_OK;
1183 /* check-trust-anchor-CA */
1187 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1188 const br_x509_trust_anchor *ta;
1189 unsigned char hashed_DN[64];
1191 ta = &CTX->trust_anchors[u];
1192 if (!(ta->flags & BR_X509_TA_CA)) {
1195 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1196 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) {
1199 if (verify_signature(CTX, &ta->pkey) == 0) {
1200 CTX->err = BR_ERR_X509_OK;
1213 /* compute-dn-hash */
1215 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash);
1216 CTX->do_dn_hash = 0;
1221 /* compute-tbs-hash */
1225 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash);
1231 /* copy-ee-ec-pkey */
1233 size_t qlen = T0_POP();
1234 uint32_t curve = T0_POP();
1235 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen);
1236 CTX->pkey.key_type = BR_KEYTYPE_EC;
1237 CTX->pkey.key.ec.curve = curve;
1238 CTX->pkey.key.ec.q = CTX->ee_pkey_data;
1239 CTX->pkey.key.ec.qlen = qlen;
1244 /* copy-ee-rsa-pkey */
1246 size_t elen = T0_POP();
1247 size_t nlen = T0_POP();
1248 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen);
1249 CTX->pkey.key_type = BR_KEYTYPE_RSA;
1250 CTX->pkey.key.rsa.n = CTX->ee_pkey_data;
1251 CTX->pkey.key.rsa.nlen = nlen;
1252 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen;
1253 CTX->pkey.key.rsa.elen = elen;
1260 unsigned tag = T0_POP();
1261 unsigned ok = T0_POP();
1265 for (u = 0; u < CTX->num_name_elts; u ++) {
1266 br_name_element *ne;
1268 ne = &CTX->name_elts[u];
1269 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) {
1270 if (ok && ne->len > len) {
1271 memcpy(ne->buf, CTX->pad + 1, len);
1284 /* copy-name-element */
1287 int32_t off = T0_POPi();
1291 br_name_element *ne = &CTX->name_elts[off];
1295 if (len < ne->len) {
1296 memcpy(ne->buf, CTX->pad + 1, len);
1312 size_t addr = T0_POP();
1313 T0_PUSH(t0_datablock[addr]);
1318 /* dn-hash-length */
1320 T0_PUSH(DNHASH_LEN);
1327 size_t qlen = T0_POP();
1328 int curve = T0_POP();
1331 pk.key_type = BR_KEYTYPE_EC;
1332 pk.key.ec.curve = curve;
1333 pk.key.ec.q = CTX->pkey_data;
1334 pk.key.ec.qlen = qlen;
1335 T0_PUSH(verify_signature(CTX, &pk));
1342 size_t elen = T0_POP();
1343 size_t nlen = T0_POP();
1346 pk.key_type = BR_KEYTYPE_RSA;
1347 pk.key.rsa.n = CTX->pkey_data;
1348 pk.key.rsa.nlen = nlen;
1349 pk.key.rsa.e = CTX->pkey_data + nlen;
1350 pk.key.rsa.elen = elen;
1351 T0_PUSH(verify_signature(CTX, &pk));
1362 T0_PUSH(T0_PEEK(0));
1368 const unsigned char *a2 = &t0_datablock[T0_POP()];
1369 const unsigned char *a1 = &CTX->pad[0];
1373 x = -(memcmp(a1 + 1, a2 + 1, len) == 0);
1377 T0_PUSH((uint32_t)x);
1384 size_t len = T0_POP();
1385 const unsigned char *a2 = (const unsigned char *)CTX + T0_POP();
1386 const unsigned char *a1 = (const unsigned char *)CTX + T0_POP();
1387 T0_PUSHi(-(memcmp(a1, a2, len) == 0));
1394 CTX->err = T0_POPi();
1400 /* get-system-date */
1402 if (CTX->days == 0 && CTX->seconds == 0) {
1403 #if BR_USE_UNIX_TIME
1404 time_t x = time(NULL);
1406 T0_PUSH((uint32_t)(x / 86400) + 719528);
1407 T0_PUSH((uint32_t)(x % 86400));
1408 #elif BR_USE_WIN32_TIME
1412 GetSystemTimeAsFileTime(&ft);
1413 x = ((uint64_t)ft.dwHighDateTime << 32)
1414 + (uint64_t)ft.dwLowDateTime;
1416 T0_PUSH((uint32_t)(x / 86400) + 584754);
1417 T0_PUSH((uint32_t)(x % 86400));
1419 CTX->err = BR_ERR_X509_TIME_UNKNOWN;
1424 T0_PUSH(CTX->seconds);
1432 uint32_t addr = T0_POP();
1433 T0_PUSH(*(uint16_t *)(void *)((unsigned char *)CTX + addr));
1440 uint32_t addr = T0_POP();
1441 T0_PUSH(*(uint32_t *)(void *)((unsigned char *)CTX + addr));
1446 /* match-server-name */
1450 if (CTX->server_name == NULL) {
1454 n1 = strlen(CTX->server_name);
1456 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) {
1460 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') {
1464 while (u < n1 && CTX->server_name[u] != '.') {
1470 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1))
1483 uint32_t a = T0_POP();
1489 /* offset-name-element */
1491 unsigned san = T0_POP();
1494 for (u = 0; u < CTX->num_name_elts; u ++) {
1495 if (CTX->name_elts[u].status == 0) {
1496 const unsigned char *oid;
1499 oid = CTX->name_elts[u].oid;
1501 if (oid[0] != 0 || oid[1] != 0) {
1509 if (len != 0 && len == CTX->pad[0]
1510 && memcmp(oid + off + 1,
1511 CTX->pad + 1, len) == 0)
1525 uint32_t b = T0_POP();
1526 uint32_t a = T0_POP();
1533 T0_PUSH(T0_PEEK(1));
1537 /* read-blob-inner */
1539 uint32_t len = T0_POP();
1540 uint32_t addr = T0_POP();
1541 size_t clen = CTX->hlen;
1546 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen);
1548 if (CTX->do_mhash) {
1549 br_multihash_update(&CTX->mhash, CTX->hbuf, clen);
1551 if (CTX->do_dn_hash) {
1552 CTX->dn_hash_impl->update(
1553 &CTX->dn_hash.vtable, CTX->hbuf, clen);
1557 T0_PUSH(addr + clen);
1558 T0_PUSH(len - clen);
1565 if (CTX->hlen == 0) {
1568 unsigned char x = *CTX->hbuf ++;
1569 if (CTX->do_mhash) {
1570 br_multihash_update(&CTX->mhash, &x, 1);
1572 if (CTX->do_dn_hash) {
1573 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1);
1594 uint32_t addr = T0_POP();
1595 *(uint16_t *)(void *)((unsigned char *)CTX + addr) = T0_POP();
1602 uint32_t addr = T0_POP();
1603 *(uint32_t *)(void *)((unsigned char *)CTX + addr) = T0_POP();
1610 uint32_t addr = T0_POP();
1611 *((unsigned char *)CTX + addr) = (unsigned char)T0_POP();
1618 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable);
1619 CTX->do_dn_hash = 1;
1624 /* start-tbs-hash */
1626 br_multihash_init(&CTX->mhash);
1644 /* zero-server-name */
1646 T0_PUSHi(-(CTX->server_name == NULL));
1653 T0_ENTER(ip, rp, t0x);
1657 ((t0_context *)t0ctx)->dp = dp;
1658 ((t0_context *)t0ctx)->rp = rp;
1659 ((t0_context *)t0ctx)->ip = ip;
1665 * Verify the signature on the certificate with the provided public key.
1666 * This function checks the public key type with regards to the expected
1667 * type. Returned value is either 0 on success, or a non-zero error code.
1670 verify_signature(br_x509_minimal_context *ctx, const br_x509_pkey *pk)
1674 kt = ctx->cert_signer_key_type;
1675 if ((pk->key_type & 0x0F) != kt) {
1676 return BR_ERR_X509_WRONG_KEY_TYPE;
1679 unsigned char tmp[64];
1681 case BR_KEYTYPE_RSA:
1682 if (ctx->irsa == 0) {
1683 return BR_ERR_X509_UNSUPPORTED;
1685 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len,
1686 &t0_datablock[ctx->cert_sig_hash_oid],
1687 ctx->cert_sig_hash_len, &pk->key.rsa, tmp))
1689 return BR_ERR_X509_BAD_SIGNATURE;
1691 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) {
1692 return BR_ERR_X509_BAD_SIGNATURE;
1697 if (ctx->iecdsa == 0) {
1698 return BR_ERR_X509_UNSUPPORTED;
1700 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash,
1701 ctx->cert_sig_hash_len, &pk->key.ec,
1702 ctx->cert_sig, ctx->cert_sig_len))
1704 return BR_ERR_X509_BAD_SIGNATURE;
1709 return BR_ERR_X509_UNSUPPORTED;
projects / FreeBSD / FreeBSD.git / blob