1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_x509_minimal_init_main(void *t0ctx
);
66 void br_x509_minimal_run(void *t0ctx
);
79 * Implementation Notes
80 * --------------------
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
89 * The T0 code sets cert_length to 0 when the certificate is fully
92 * The C code must still perform two checks:
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
102 * Processing of a chain works in the following way:
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
113 * -- Start of the TBS: the multihash engine is reset and activated.
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
157 * -- Extensions: extension values are processed in due order.
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
181 * -- End of the TBS: the multihash engine is stopped.
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
190 * -- Signature value: the signature value is copied into the
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
203 #ifndef BR_USE_UNIX_TIME
204 #if defined __unix__ || defined __linux__ \
205 || defined _POSIX_SOURCE || defined _POSIX_C_SOURCE \
206 || (defined __APPLE__ && defined __MACH__)
207 #define BR_USE_UNIX_TIME 1
211 #ifndef BR_USE_WIN32_TIME
212 #if defined _WIN32 || defined _WIN64
213 #define BR_USE_WIN32_TIME 1
221 #if BR_USE_WIN32_TIME
225 void br_x509_minimal_init_main(void *ctx
);
226 void br_x509_minimal_run(void *ctx
);
228 /* see bearssl_x509.h */
230 br_x509_minimal_init(br_x509_minimal_context
*ctx
,
231 const br_hash_class
*dn_hash_impl
,
232 const br_x509_trust_anchor
*trust_anchors
, size_t trust_anchors_num
)
234 memset(ctx
, 0, sizeof *ctx
);
235 ctx
->vtable
= &br_x509_minimal_vtable
;
236 ctx
->dn_hash_impl
= dn_hash_impl
;
237 ctx
->trust_anchors
= trust_anchors
;
238 ctx
->trust_anchors_num
= trust_anchors_num
;
242 xm_start_chain(const br_x509_class
**ctx
,
243 unsigned expected_key_type
, const char *server_name
)
245 br_x509_minimal_context
*cc
;
247 cc
= (br_x509_minimal_context
*)ctx
;
248 memset(&cc
->pkey
, 0, sizeof cc
->pkey
);
251 cc
->cpu
.dp
= cc
->dp_stack
;
252 cc
->cpu
.rp
= cc
->rp_stack
;
253 br_x509_minimal_init_main(&cc
->cpu
);
254 cc
->expected_key_type
= expected_key_type
;
255 if (server_name
== NULL
|| *server_name
== 0) {
256 cc
->server_name
= NULL
;
258 cc
->server_name
= server_name
;
263 xm_start_cert(const br_x509_class
**ctx
, uint32_t length
)
265 br_x509_minimal_context
*cc
;
267 cc
= (br_x509_minimal_context
*)ctx
;
272 cc
->err
= BR_ERR_X509_TRUNCATED
;
275 cc
->cert_length
= length
;
279 xm_append(const br_x509_class
**ctx
, const unsigned char *buf
, size_t len
)
281 br_x509_minimal_context
*cc
;
283 cc
= (br_x509_minimal_context
*)ctx
;
289 br_x509_minimal_run(&cc
->cpu
);
293 xm_end_cert(const br_x509_class
**ctx
)
295 br_x509_minimal_context
*cc
;
297 cc
= (br_x509_minimal_context
*)ctx
;
298 if (cc
->err
== 0 && cc
->cert_length
!= 0) {
299 cc
->err
= BR_ERR_X509_TRUNCATED
;
305 xm_end_chain(const br_x509_class
**ctx
)
307 br_x509_minimal_context
*cc
;
309 cc
= (br_x509_minimal_context
*)ctx
;
311 if (cc
->num_certs
== 0) {
312 cc
->err
= BR_ERR_X509_EMPTY_CHAIN
;
314 cc
->err
= BR_ERR_X509_NOT_TRUSTED
;
316 } else if (cc
->err
== BR_ERR_X509_OK
) {
319 return (unsigned)cc
->err
;
322 static const br_x509_pkey
*
323 xm_get_pkey(const br_x509_class
*const *ctx
)
325 br_x509_minimal_context
*cc
;
327 cc
= (br_x509_minimal_context
*)ctx
;
328 if (cc
->err
== BR_ERR_X509_OK
329 || cc
->err
== BR_ERR_X509_NOT_TRUSTED
)
331 return &((br_x509_minimal_context
*)ctx
)->pkey
;
337 /* see bearssl_x509.h */
338 const br_x509_class br_x509_minimal_vtable
= {
339 sizeof(br_x509_minimal_context
),
348 #define CTX ((br_x509_minimal_context *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
349 #define CONTEXT_NAME br_x509_minimal_context
351 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
354 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
355 * DN hash implementation and context structure from the X.509 engine
359 hash_dn(br_x509_minimal_context
*ctx
, const void *dn
, size_t len
,
362 ctx
->dn_hash_impl
->init(&ctx
->dn_hash
.vtable
);
363 ctx
->dn_hash_impl
->update(&ctx
->dn_hash
.vtable
, dn
, len
);
364 ctx
->dn_hash_impl
->out(&ctx
->dn_hash
.vtable
, out
);
368 * Compare two big integers for equality. The integers use unsigned big-endian
369 * encoding; extra leading bytes (of value 0) are allowed.
372 eqbigint(const unsigned char *b1
, size_t len1
,
373 const unsigned char *b2
, size_t len2
)
375 while (len1
> 0 && *b1
== 0) {
379 while (len2
> 0 && *b2
== 0) {
386 return memcmp(b1
, b2
, len1
) == 0;
390 * Verify the signature on the certificate with the provided public key.
391 * This function checks the public key type with regards to the expected
392 * type. Returned value is either 0 on success, or a non-zero error code.
395 verify_signature(br_x509_minimal_context
*ctx
, const br_x509_pkey
*pk
)
399 kt
= ctx
->cert_signer_key_type
;
400 if ((pk
->key_type
& 0x0F) != kt
) {
401 return BR_ERR_X509_WRONG_KEY_TYPE
;
404 unsigned char tmp
[64];
407 if (ctx
->irsa
== 0) {
408 return BR_ERR_X509_UNSUPPORTED
;
410 if (!ctx
->irsa(ctx
->cert_sig
, ctx
->cert_sig_len
,
411 &t0_datablock
[ctx
->cert_sig_hash_oid
],
412 ctx
->cert_sig_hash_len
, &pk
->key
.rsa
, tmp
))
414 return BR_ERR_X509_BAD_SIGNATURE
;
416 if (memcmp(ctx
->tbs_hash
, tmp
, ctx
->cert_sig_hash_len
) != 0) {
417 return BR_ERR_X509_BAD_SIGNATURE
;
422 if (ctx
->iecdsa
== 0) {
423 return BR_ERR_X509_UNSUPPORTED
;
425 if (!ctx
->iecdsa(ctx
->iec
, ctx
->tbs_hash
,
426 ctx
->cert_sig_hash_len
, &pk
->key
.ec
,
427 ctx
->cert_sig
, ctx
->cert_sig_len
))
429 return BR_ERR_X509_BAD_SIGNATURE
;
434 return BR_ERR_X509_UNSUPPORTED
;
439 * Compare two strings for equality, in a case-insensitive way. This
440 * function handles casing only for ASCII letters.
443 eqnocase(const void *s1
, const void *s2
, size_t len
)
445 const unsigned char *buf1
, *buf2
;
454 if (x1
>= 'A' && x1
<= 'Z') {
457 if (x2
>= 'A' && x2
<= 'Z') {
469 static const uint8_t t0_datablock
[] = {
470 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
471 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
472 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
473 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
474 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
475 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
476 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
477 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
478 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
479 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
480 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
481 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
482 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
483 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
484 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
485 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E, 0x0F, 0x1F, 0x12, 0xFE,
486 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F, 0x26, 0x1E, 0x29, 0xDF,
487 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E, 0x0F, 0x3F, 0x13, 0x1E,
488 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F, 0x26, 0x3E, 0x29, 0xFF,
489 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F, 0x03, 0x55, 0x1D, 0x11,
490 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D, 0x0E, 0x03, 0x55, 0x1D, 0x12,
491 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D, 0x1F, 0x03, 0x55, 0x1D, 0x2E,
492 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x08, 0x2B, 0x06,
493 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
496 static const uint8_t t0_codeblock
[] = {
497 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 0x00, 0x11, 0x00, 0x00, 0x01,
498 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A, 0x00, 0x00, 0x22, 0x22, 0x00,
499 0x00, 0x01, T0_INT1(BR_ERR_X509_BAD_BOOLEAN
), 0x00, 0x00, 0x01,
500 T0_INT1(BR_ERR_X509_BAD_DN
), 0x00, 0x00, 0x01,
501 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME
), 0x00, 0x00, 0x01,
502 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS
), 0x00, 0x00, 0x01,
503 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE
), 0x00, 0x00, 0x01,
504 T0_INT1(BR_ERR_X509_BAD_TIME
), 0x00, 0x00, 0x01,
505 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION
), 0x00, 0x00, 0x01,
506 T0_INT1(BR_ERR_X509_DN_MISMATCH
), 0x00, 0x00, 0x01,
507 T0_INT1(BR_ERR_X509_EXPIRED
), 0x00, 0x00, 0x01,
508 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT
), 0x00, 0x00, 0x01,
509 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE
), 0x00, 0x00, 0x01,
510 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH
), 0x00, 0x00, 0x01,
511 T0_INT1(BR_ERR_X509_INNER_TRUNC
), 0x00, 0x00, 0x01,
512 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
513 T0_INT1(BR_ERR_X509_NOT_CA
), 0x00, 0x00, 0x01,
514 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED
), 0x00, 0x00, 0x01,
515 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE
), 0x00, 0x00, 0x01,
516 T0_INT1(BR_ERR_X509_OVERFLOW
), 0x00, 0x00, 0x01,
517 T0_INT1(BR_ERR_X509_PARTIAL_BYTE
), 0x00, 0x00, 0x01,
518 T0_INT1(BR_ERR_X509_UNEXPECTED
), 0x00, 0x00, 0x01,
519 T0_INT1(BR_ERR_X509_UNSUPPORTED
), 0x00, 0x00, 0x01,
520 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY
), 0x00, 0x00, 0x01,
521 T0_INT1(BR_ERR_X509_WRONG_KEY_TYPE
), 0x00, 0x00, 0x01,
522 T0_INT1(BR_KEYTYPE_EC
), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA
),
523 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_length
)), 0x00,
524 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig
)), 0x00, 0x00,
525 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_len
)), 0x00, 0x00,
526 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_oid
)), 0x00, 0x00,
527 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_len
)), 0x00, 0x00, 0x01,
528 T0_INT2(offsetof(CONTEXT_NAME
, cert_signer_key_type
)), 0x00, 0x00,
529 0x01, T0_INT2(offsetof(CONTEXT_NAME
, current_dn_hash
)), 0x00, 0x00,
530 0x01, T0_INT2(offsetof(CONTEXT_NAME
, expected_key_type
)), 0x00, 0x00,
531 0x01, T0_INT2(offsetof(br_x509_minimal_context
, pkey_data
)), 0x01,
532 T0_INT2(BR_X509_BUFSIZE_KEY
), 0x00, 0x00, 0x01,
533 T0_INT2(offsetof(CONTEXT_NAME
, min_rsa_size
)), 0x00, 0x00, 0x01,
534 T0_INT2(offsetof(CONTEXT_NAME
, next_dn_hash
)), 0x00, 0x00, 0x01,
535 T0_INT2(offsetof(CONTEXT_NAME
, num_certs
)), 0x00, 0x00, 0x01,
536 T0_INT2(offsetof(CONTEXT_NAME
, pad
)), 0x00, 0x00, 0x01,
537 T0_INT2(offsetof(CONTEXT_NAME
, saved_dn_hash
)), 0x00, 0x00, 0x81, 0x31,
538 0x6E, 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00,
539 0x00, 0x01, 0x81, 0x02, 0x00, 0x00, 0x01, 0x82, 0x08, 0x00, 0x00, 0x01,
540 0x81, 0x70, 0x00, 0x00, 0x01, 0x81, 0x64, 0x00, 0x04, 0x03, 0x00, 0x03,
541 0x01, 0x03, 0x02, 0x03, 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07,
542 0x02, 0x02, 0x02, 0x00, 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D,
543 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0x23, 0x02, 0x01, 0x13, 0x39, 0x02,
544 0x00, 0x0F, 0x15, 0x00, 0x00, 0x05, 0x02, 0x4F, 0x26, 0x00, 0x00, 0x06,
545 0x02, 0x50, 0x26, 0x00, 0x00, 0x01, 0x10, 0x73, 0x00, 0x00, 0x11, 0x05,
546 0x02, 0x53, 0x26, 0x70, 0x00, 0x00, 0x11, 0x05, 0x02, 0x53, 0x26, 0x71,
547 0x00, 0x00, 0x06, 0x02, 0x49, 0x26, 0x00, 0x00, 0x01, 0x82, 0x00, 0x00,
548 0x00, 0x23, 0x1E, 0x01, 0x08, 0x0E, 0x39, 0x3D, 0x1E, 0x09, 0x00, 0x09,
549 0x03, 0x00, 0x59, 0x29, 0x81, 0x1D, 0x37, 0x81, 0x1D, 0x81, 0x20, 0x23,
550 0x01, 0x20, 0x11, 0x06, 0x15, 0x22, 0x70, 0x81, 0x1B, 0x81, 0x20, 0x01,
551 0x02, 0x74, 0x81, 0x1E, 0x01, 0x02, 0x12, 0x06, 0x02, 0x54, 0x26, 0x75,
552 0x81, 0x20, 0x01, 0x02, 0x74, 0x81, 0x1C, 0x81, 0x1D, 0x81, 0x2A, 0x81,
553 0x10, 0x63, 0x5F, 0x1F, 0x16, 0x81, 0x1D, 0x81, 0x15, 0x27, 0x67, 0x06,
554 0x02, 0x48, 0x26, 0x81, 0x15, 0x27, 0x6E, 0x06, 0x02, 0x48, 0x26, 0x75,
555 0x81, 0x10, 0x02, 0x00, 0x06, 0x05, 0x2B, 0x03, 0x01, 0x04, 0x08, 0x5F,
556 0x66, 0x1F, 0x25, 0x05, 0x02, 0x47, 0x26, 0x66, 0x63, 0x1F, 0x16, 0x81,
557 0x1D, 0x81, 0x1D, 0x81, 0x11, 0x05, 0x02, 0x54, 0x26, 0x81, 0x24, 0x24,
558 0x06, 0x2C, 0x81, 0x2A, 0x81, 0x12, 0x81, 0x1D, 0x61, 0x81, 0x18, 0x03,
559 0x03, 0x61, 0x39, 0x02, 0x03, 0x09, 0x39, 0x02, 0x03, 0x0A, 0x81, 0x18,
560 0x03, 0x04, 0x75, 0x62, 0x28, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03, 0x12,
561 0x06, 0x02, 0x55, 0x26, 0x75, 0x58, 0x03, 0x02, 0x04, 0x3E, 0x81, 0x01,
562 0x24, 0x06, 0x37, 0x81, 0x11, 0x05, 0x02, 0x54, 0x26, 0x68, 0x24, 0x06,
563 0x04, 0x01, 0x17, 0x04, 0x12, 0x69, 0x24, 0x06, 0x04, 0x01, 0x18, 0x04,
564 0x0A, 0x6A, 0x24, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 0x54, 0x26, 0x03,
565 0x05, 0x75, 0x81, 0x12, 0x23, 0x03, 0x06, 0x23, 0x61, 0x32, 0x0D, 0x06,
566 0x02, 0x4D, 0x26, 0x81, 0x13, 0x57, 0x03, 0x02, 0x04, 0x02, 0x54, 0x26,
567 0x75, 0x02, 0x00, 0x06, 0x33, 0x60, 0x2A, 0x01, 0x0F, 0x15, 0x23, 0x06,
568 0x09, 0x02, 0x02, 0x11, 0x05, 0x02, 0x56, 0x26, 0x04, 0x01, 0x22, 0x02,
569 0x02, 0x58, 0x2E, 0x11, 0x06, 0x08, 0x22, 0x02, 0x03, 0x02, 0x04, 0x1D,
570 0x04, 0x10, 0x57, 0x2E, 0x11, 0x06, 0x08, 0x22, 0x02, 0x05, 0x02, 0x06,
571 0x1C, 0x04, 0x03, 0x54, 0x26, 0x22, 0x04, 0x24, 0x02, 0x02, 0x58, 0x2E,
572 0x11, 0x06, 0x08, 0x22, 0x02, 0x03, 0x02, 0x04, 0x21, 0x04, 0x10, 0x57,
573 0x2E, 0x11, 0x06, 0x08, 0x22, 0x02, 0x05, 0x02, 0x06, 0x20, 0x04, 0x03,
574 0x54, 0x26, 0x22, 0x23, 0x06, 0x01, 0x26, 0x22, 0x01, 0x00, 0x03, 0x07,
575 0x81, 0x21, 0x01, 0x21, 0x81, 0x07, 0x01, 0x22, 0x81, 0x07, 0x23, 0x01,
576 0x23, 0x11, 0x06, 0x81, 0x36, 0x22, 0x70, 0x81, 0x1B, 0x81, 0x1D, 0x23,
577 0x06, 0x81, 0x28, 0x01, 0x00, 0x03, 0x08, 0x81, 0x1D, 0x81, 0x11, 0x22,
578 0x81, 0x20, 0x23, 0x01, 0x01, 0x11, 0x06, 0x06, 0x81, 0x14, 0x03, 0x08,
579 0x81, 0x20, 0x01, 0x04, 0x74, 0x81, 0x1B, 0x6D, 0x24, 0x06, 0x11, 0x02,
580 0x00, 0x06, 0x04, 0x81, 0x2B, 0x04, 0x06, 0x81, 0x0E, 0x01, 0x7F, 0x03,
581 0x07, 0x04, 0x80, 0x72, 0x81, 0x09, 0x24, 0x06, 0x07, 0x02, 0x00, 0x81,
582 0x0F, 0x04, 0x80, 0x66, 0x81, 0x2D, 0x24, 0x06, 0x13, 0x02, 0x00, 0x06,
583 0x0A, 0x01, 0x00, 0x03, 0x01, 0x81, 0x0D, 0x03, 0x01, 0x04, 0x02, 0x81,
584 0x2B, 0x04, 0x80, 0x4E, 0x6C, 0x24, 0x06, 0x05, 0x81, 0x2B, 0x04, 0x80,
585 0x45, 0x81, 0x30, 0x24, 0x06, 0x04, 0x81, 0x2B, 0x04, 0x3C, 0x81, 0x08,
586 0x24, 0x06, 0x04, 0x81, 0x2B, 0x04, 0x33, 0x81, 0x2E, 0x24, 0x06, 0x04,
587 0x81, 0x2B, 0x04, 0x2A, 0x76, 0x24, 0x06, 0x04, 0x81, 0x2B, 0x04, 0x22,
588 0x81, 0x00, 0x24, 0x06, 0x04, 0x81, 0x2B, 0x04, 0x19, 0x6B, 0x24, 0x06,
589 0x04, 0x81, 0x2B, 0x04, 0x11, 0x81, 0x2F, 0x24, 0x06, 0x04, 0x81, 0x2B,
590 0x04, 0x08, 0x02, 0x08, 0x06, 0x02, 0x46, 0x26, 0x81, 0x2B, 0x75, 0x75,
591 0x04, 0xFE, 0x54, 0x75, 0x75, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02,
592 0x53, 0x26, 0x22, 0x75, 0x38, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3A,
593 0x2D, 0x05, 0x02, 0x42, 0x26, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00,
594 0x02, 0x07, 0x2D, 0x05, 0x02, 0x4E, 0x26, 0x81, 0x20, 0x72, 0x81, 0x1B,
595 0x81, 0x11, 0x06, 0x81, 0x07, 0x81, 0x25, 0x24, 0x06, 0x08, 0x01, 0x02,
596 0x58, 0x81, 0x02, 0x04, 0x80, 0x6C, 0x81, 0x26, 0x24, 0x06, 0x08, 0x01,
597 0x03, 0x58, 0x81, 0x03, 0x04, 0x80, 0x5F, 0x81, 0x27, 0x24, 0x06, 0x08,
598 0x01, 0x04, 0x58, 0x81, 0x04, 0x04, 0x80, 0x52, 0x81, 0x28, 0x24, 0x06,
599 0x08, 0x01, 0x05, 0x58, 0x81, 0x05, 0x04, 0x80, 0x45, 0x81, 0x29, 0x24,
600 0x06, 0x07, 0x01, 0x06, 0x58, 0x81, 0x06, 0x04, 0x39, 0x7B, 0x24, 0x06,
601 0x07, 0x01, 0x02, 0x57, 0x81, 0x02, 0x04, 0x2E, 0x7C, 0x24, 0x06, 0x07,
602 0x01, 0x03, 0x57, 0x81, 0x03, 0x04, 0x23, 0x7D, 0x24, 0x06, 0x07, 0x01,
603 0x04, 0x57, 0x81, 0x04, 0x04, 0x18, 0x7E, 0x24, 0x06, 0x07, 0x01, 0x05,
604 0x57, 0x81, 0x05, 0x04, 0x0D, 0x7F, 0x24, 0x06, 0x07, 0x01, 0x06, 0x57,
605 0x81, 0x06, 0x04, 0x02, 0x54, 0x26, 0x5C, 0x33, 0x5E, 0x35, 0x1B, 0x23,
606 0x05, 0x02, 0x54, 0x26, 0x5B, 0x35, 0x04, 0x02, 0x54, 0x26, 0x81, 0x2A,
607 0x81, 0x12, 0x23, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG
), 0x12, 0x06, 0x02,
608 0x4D, 0x26, 0x23, 0x5D, 0x33, 0x5A, 0x81, 0x13, 0x75, 0x75, 0x01, 0x00,
609 0x59, 0x34, 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x23, 0x01, 0x00, 0x01,
610 0x09, 0x6F, 0x05, 0x02, 0x45, 0x26, 0x00, 0x00, 0x2E, 0x2E, 0x00, 0x00,
611 0x01, 0x81, 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 0x01, 0x81,
612 0x19, 0x00, 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 0x2B, 0x00,
613 0x00, 0x01, 0x82, 0x04, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 0x01,
614 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80, 0x4D, 0x00,
615 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00, 0x00, 0x2E,
616 0x11, 0x06, 0x07, 0x3F, 0x81, 0x1B, 0x81, 0x2A, 0x81, 0x21, 0x00, 0x00,
617 0x01, 0x81, 0x78, 0x00, 0x00, 0x01, 0x81, 0x68, 0x00, 0x00, 0x01, 0x7F,
618 0x78, 0x19, 0x01, 0x00, 0x78, 0x19, 0x04, 0x7A, 0x00, 0x01, 0x81, 0x34,
619 0x00, 0x01, 0x7A, 0x0D, 0x06, 0x02, 0x4C, 0x26, 0x23, 0x03, 0x00, 0x0A,
620 0x02, 0x00, 0x00, 0x01, 0x01, 0x00, 0x03, 0x00, 0x81, 0x1D, 0x23, 0x06,
621 0x18, 0x81, 0x20, 0x01, 0x22, 0x11, 0x06, 0x0C, 0x71, 0x81, 0x1F, 0x22,
622 0x2B, 0x02, 0x00, 0x2D, 0x03, 0x00, 0x04, 0x03, 0x22, 0x81, 0x1C, 0x04,
623 0x65, 0x75, 0x02, 0x00, 0x00, 0x00, 0x81, 0x1D, 0x81, 0x21, 0x23, 0x01,
624 0x01, 0x11, 0x06, 0x0A, 0x81, 0x14, 0x05, 0x02, 0x4E, 0x26, 0x81, 0x21,
625 0x04, 0x02, 0x4E, 0x26, 0x23, 0x01, 0x02, 0x11, 0x06, 0x0E, 0x22, 0x71,
626 0x81, 0x1E, 0x64, 0x29, 0x3E, 0x0D, 0x06, 0x02, 0x4E, 0x26, 0x81, 0x21,
627 0x01, 0x7F, 0x10, 0x06, 0x02, 0x53, 0x26, 0x22, 0x75, 0x00, 0x02, 0x06,
628 0x10, 0x60, 0x2A, 0x01, 0x10, 0x15, 0x06, 0x04, 0x01, 0x30, 0x04, 0x03,
629 0x01, 0x81, 0x40, 0x04, 0x02, 0x01, 0x04, 0x03, 0x00, 0x81, 0x20, 0x01,
630 0x03, 0x74, 0x81, 0x1B, 0x81, 0x22, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07,
631 0x12, 0x06, 0x02, 0x53, 0x26, 0x23, 0x01, 0x00, 0x2E, 0x11, 0x06, 0x05,
632 0x22, 0x4A, 0x26, 0x04, 0x17, 0x01, 0x01, 0x2E, 0x11, 0x06, 0x0B, 0x22,
633 0x81, 0x22, 0x02, 0x01, 0x14, 0x02, 0x01, 0x0E, 0x04, 0x06, 0x22, 0x81,
634 0x22, 0x01, 0x00, 0x22, 0x02, 0x00, 0x15, 0x05, 0x02, 0x4A, 0x26, 0x81,
635 0x2A, 0x00, 0x02, 0x36, 0x01, 0x00, 0x65, 0x35, 0x81, 0x1D, 0x23, 0x06,
636 0x80, 0x6F, 0x81, 0x20, 0x01, 0x11, 0x73, 0x81, 0x1B, 0x23, 0x05, 0x02,
637 0x41, 0x26, 0x23, 0x06, 0x80, 0x5B, 0x81, 0x1D, 0x81, 0x20, 0x01, 0x06,
638 0x74, 0x81, 0x1B, 0x23, 0x01, 0x03, 0x11, 0x06, 0x1E, 0x81, 0x22, 0x01,
639 0x10, 0x0E, 0x03, 0x00, 0x81, 0x22, 0x01, 0x08, 0x0E, 0x02, 0x00, 0x09,
640 0x03, 0x00, 0x81, 0x22, 0x02, 0x00, 0x09, 0x01, 0x82, 0xD4, 0x88, 0x03,
641 0x11, 0x03, 0x01, 0x81, 0x2A, 0x02, 0x01, 0x06, 0x23, 0x81, 0x20, 0x23,
642 0x23, 0x01, 0x0C, 0x11, 0x39, 0x01, 0x13, 0x11, 0x2D, 0x39, 0x01, 0x14,
643 0x11, 0x2D, 0x06, 0x07, 0x71, 0x81, 0x1F, 0x22, 0x75, 0x04, 0x07, 0x22,
644 0x01, 0x00, 0x65, 0x35, 0x81, 0x2A, 0x04, 0x02, 0x81, 0x2A, 0x04, 0xFF,
645 0x21, 0x75, 0x04, 0xFF, 0x0D, 0x75, 0x1A, 0x00, 0x00, 0x81, 0x20, 0x01,
646 0x06, 0x74, 0x81, 0x1F, 0x00, 0x00, 0x81, 0x20, 0x01, 0x03, 0x74, 0x81,
647 0x1B, 0x81, 0x22, 0x06, 0x02, 0x52, 0x26, 0x00, 0x00, 0x39, 0x23, 0x06,
648 0x07, 0x2F, 0x23, 0x06, 0x01, 0x19, 0x04, 0x76, 0x3F, 0x00, 0x00, 0x01,
649 0x01, 0x74, 0x81, 0x1A, 0x01, 0x01, 0x10, 0x06, 0x02, 0x40, 0x26, 0x81,
650 0x22, 0x3B, 0x00, 0x04, 0x81, 0x20, 0x23, 0x01, 0x17, 0x01, 0x18, 0x6F,
651 0x05, 0x02, 0x45, 0x26, 0x01, 0x18, 0x11, 0x03, 0x00, 0x71, 0x81, 0x1B,
652 0x81, 0x16, 0x02, 0x00, 0x06, 0x0D, 0x01, 0x80, 0x64, 0x08, 0x03, 0x01,
653 0x81, 0x16, 0x02, 0x01, 0x09, 0x04, 0x0E, 0x23, 0x01, 0x32, 0x0D, 0x06,
654 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E, 0x6C, 0x09, 0x03, 0x01, 0x02,
655 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01, 0x01, 0x03, 0x09, 0x01, 0x04,
656 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63, 0x09, 0x01, 0x80, 0x64, 0x0C,
657 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09, 0x01, 0x83, 0x10, 0x0C, 0x09,
658 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0x81, 0x17, 0x3E, 0x01, 0x01, 0x0E,
659 0x02, 0x01, 0x01, 0x04, 0x07, 0x3C, 0x02, 0x01, 0x01, 0x80, 0x64, 0x07,
660 0x3B, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3C, 0x2D, 0x15, 0x06, 0x03,
661 0x01, 0x18, 0x09, 0x81, 0x0B, 0x09, 0x77, 0x23, 0x01, 0x05, 0x14, 0x02,
662 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01, 0x39, 0x81, 0x17,
663 0x02, 0x03, 0x09, 0x3E, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17, 0x81, 0x17,
664 0x01, 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0x81, 0x17,
665 0x01, 0x3C, 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C,
666 0x81, 0x17, 0x02, 0x02, 0x09, 0x03, 0x02, 0x81, 0x22, 0x23, 0x01, 0x2E,
667 0x11, 0x06, 0x0E, 0x22, 0x81, 0x22, 0x23, 0x01, 0x30, 0x01, 0x39, 0x6F,
668 0x06, 0x03, 0x22, 0x04, 0x73, 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x45,
669 0x26, 0x75, 0x02, 0x03, 0x02, 0x02, 0x00, 0x01, 0x81, 0x22, 0x79, 0x01,
670 0x0A, 0x08, 0x03, 0x00, 0x81, 0x22, 0x79, 0x02, 0x00, 0x09, 0x00, 0x02,
671 0x03, 0x00, 0x03, 0x01, 0x81, 0x16, 0x23, 0x02, 0x01, 0x02, 0x00, 0x6F,
672 0x05, 0x02, 0x45, 0x26, 0x00, 0x00, 0x32, 0x81, 0x20, 0x01, 0x02, 0x74,
673 0x0B, 0x81, 0x19, 0x00, 0x03, 0x23, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02,
674 0x81, 0x1B, 0x81, 0x22, 0x23, 0x01, 0x81, 0x00, 0x13, 0x06, 0x02, 0x51,
675 0x26, 0x23, 0x01, 0x00, 0x11, 0x06, 0x0C, 0x22, 0x23, 0x05, 0x04, 0x22,
676 0x01, 0x00, 0x00, 0x81, 0x22, 0x04, 0x6E, 0x02, 0x01, 0x23, 0x05, 0x02,
677 0x4D, 0x26, 0x3E, 0x03, 0x01, 0x02, 0x02, 0x35, 0x02, 0x02, 0x3D, 0x03,
678 0x02, 0x23, 0x06, 0x04, 0x81, 0x22, 0x04, 0x67, 0x22, 0x02, 0x00, 0x02,
679 0x01, 0x0A, 0x00, 0x01, 0x81, 0x22, 0x23, 0x01, 0x81, 0x00, 0x0D, 0x06,
680 0x01, 0x00, 0x01, 0x81, 0x00, 0x0A, 0x23, 0x05, 0x02, 0x4B, 0x26, 0x03,
681 0x00, 0x01, 0x00, 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x1A, 0x02, 0x00,
682 0x3E, 0x03, 0x00, 0x23, 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02,
683 0x4C, 0x26, 0x01, 0x08, 0x0E, 0x39, 0x81, 0x22, 0x32, 0x09, 0x04, 0x5F,
684 0x00, 0x00, 0x81, 0x1A, 0x81, 0x0C, 0x00, 0x00, 0x81, 0x1B, 0x81, 0x2A,
685 0x00, 0x00, 0x81, 0x20, 0x72, 0x81, 0x1B, 0x00, 0x01, 0x81, 0x1B, 0x23,
686 0x05, 0x02, 0x51, 0x26, 0x81, 0x22, 0x23, 0x01, 0x81, 0x00, 0x13, 0x06,
687 0x02, 0x51, 0x26, 0x03, 0x00, 0x23, 0x06, 0x17, 0x81, 0x22, 0x02, 0x00,
688 0x23, 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x51, 0x26, 0x01,
689 0x08, 0x0E, 0x09, 0x03, 0x00, 0x04, 0x66, 0x22, 0x02, 0x00, 0x00, 0x00,
690 0x81, 0x1B, 0x23, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x09, 0x81, 0x2A, 0x01,
691 0x00, 0x65, 0x35, 0x01, 0x00, 0x00, 0x23, 0x65, 0x35, 0x65, 0x3D, 0x81,
692 0x13, 0x01, 0x7F, 0x00, 0x01, 0x81, 0x22, 0x03, 0x00, 0x02, 0x00, 0x01,
693 0x05, 0x14, 0x01, 0x01, 0x15, 0x2C, 0x02, 0x00, 0x01, 0x06, 0x14, 0x23,
694 0x01, 0x01, 0x15, 0x06, 0x02, 0x43, 0x26, 0x01, 0x04, 0x0E, 0x02, 0x00,
695 0x01, 0x1F, 0x15, 0x23, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x44, 0x26, 0x09,
696 0x00, 0x00, 0x23, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0x81, 0x20,
697 0x00, 0x00, 0x23, 0x05, 0x02, 0x4C, 0x26, 0x3E, 0x81, 0x23, 0x00, 0x00,
698 0x30, 0x23, 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x22, 0x19, 0x04, 0x74,
699 0x00, 0x01, 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00,
700 0x00, 0x01, 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00,
701 0x00, 0x81, 0x2B, 0x22, 0x00, 0x00, 0x23, 0x06, 0x08, 0x81, 0x2C, 0x23,
702 0x06, 0x01, 0x19, 0x04, 0x75, 0x00, 0x00, 0x01, 0x00, 0x2E, 0x2F, 0x0B,
703 0x3F, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x01, 0x81, 0x7C, 0x00,
704 0x00, 0x01, 0x82, 0x11, 0x00, 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x01,
705 0x03, 0x31, 0x01, 0x03, 0x31, 0x00
708 static const uint16_t t0_caddr
[] = {
830 #define T0_INTERPRETED 59
832 #define T0_ENTER(ip, rp, slot) do { \
833 const unsigned char *t0_newip; \
835 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
836 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
838 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
842 #define T0_DEFENTRY(name, slot) \
846 t0_context *t0ctx = ctx; \
847 t0ctx->ip = &t0_codeblock[0]; \
848 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
851 T0_DEFENTRY(br_x509_minimal_init_main
, 138)
854 br_x509_minimal_run(void *t0ctx
)
857 const unsigned char *ip
;
859 #define T0_LOCAL(x) (*(rp - 2 - (x)))
860 #define T0_POP() (*-- dp)
861 #define T0_POPi() (*(int32_t *)(-- dp))
862 #define T0_PEEK(x) (*(dp - 1 - (x)))
863 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
864 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
865 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
866 #define T0_RPOP() (*-- rp)
867 #define T0_RPOPi() (*(int32_t *)(-- rp))
868 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
869 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
870 #define T0_ROLL(x) do { \
871 size_t t0len = (size_t)(x); \
872 uint32_t t0tmp = *(dp - 1 - t0len); \
873 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
876 #define T0_SWAP() do { \
877 uint32_t t0tmp = *(dp - 2); \
878 *(dp - 2) = *(dp - 1); \
881 #define T0_ROT() do { \
882 uint32_t t0tmp = *(dp - 3); \
883 *(dp - 3) = *(dp - 2); \
884 *(dp - 2) = *(dp - 1); \
887 #define T0_NROT() do { \
888 uint32_t t0tmp = *(dp - 1); \
889 *(dp - 1) = *(dp - 2); \
890 *(dp - 2) = *(dp - 3); \
893 #define T0_PICK(x) do { \
894 uint32_t t0depth = (x); \
895 T0_PUSH(T0_PEEK(t0depth)); \
897 #define T0_CO() do { \
900 #define T0_RET() break
902 dp
= ((t0_context
*)t0ctx
)->dp
;
903 rp
= ((t0_context
*)t0ctx
)->rp
;
904 ip
= ((t0_context
*)t0ctx
)->ip
;
908 t0x
= t0_parse7E_unsigned(&ip
);
909 if (t0x
< T0_INTERPRETED
) {
921 ip
= &t0_codeblock
[t0x
];
923 case 1: /* literal constant */
924 T0_PUSHi(t0_parse7E_signed(&ip
));
926 case 2: /* read local */
927 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
929 case 3: /* write local */
930 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
933 t0off
= t0_parse7E_signed(&ip
);
936 case 5: /* jump if */
937 t0off
= t0_parse7E_signed(&ip
);
942 case 6: /* jump if not */
943 t0off
= t0_parse7E_signed(&ip
);
951 int32_t b
= T0_POPi();
952 int32_t a
= T0_POPi();
960 uint32_t b
= T0_POP();
961 uint32_t a
= T0_POP();
969 uint32_t b
= T0_POP();
970 uint32_t a
= T0_POP();
978 uint32_t b
= T0_POP();
979 uint32_t a
= T0_POP();
992 int32_t b
= T0_POPi();
993 int32_t a
= T0_POPi();
1001 int32_t b
= T0_POPi();
1002 int32_t a
= T0_POPi();
1003 T0_PUSH(-(uint32_t)(a
< b
));
1010 int c
= (int)T0_POPi();
1011 uint32_t x
= T0_POP();
1019 int32_t b
= T0_POPi();
1020 int32_t a
= T0_POPi();
1021 T0_PUSH(-(uint32_t)(a
<= b
));
1028 uint32_t b
= T0_POP();
1029 uint32_t a
= T0_POP();
1030 T0_PUSH(-(uint32_t)(a
!= b
));
1037 uint32_t b
= T0_POP();
1038 uint32_t a
= T0_POP();
1039 T0_PUSH(-(uint32_t)(a
== b
));
1046 int32_t b
= T0_POPi();
1047 int32_t a
= T0_POPi();
1048 T0_PUSH(-(uint32_t)(a
> b
));
1055 int32_t b
= T0_POPi();
1056 int32_t a
= T0_POPi();
1057 T0_PUSH(-(uint32_t)(a
>= b
));
1064 int c
= (int)T0_POPi();
1065 int32_t x
= T0_POPi();
1073 uint32_t b
= T0_POP();
1074 uint32_t a
= T0_POP();
1082 size_t len
= T0_POP();
1083 unsigned char *src
= (unsigned char *)CTX
+ T0_POP();
1084 unsigned char *dst
= (unsigned char *)CTX
+ T0_POP();
1085 memcpy(dst
, src
, len
);
1090 /* check-direct-trust */
1094 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1095 const br_x509_trust_anchor
*ta
;
1096 unsigned char hashed_DN
[64];
1099 ta
= &CTX
->trust_anchors
[u
];
1100 if (ta
->flags
& BR_X509_TA_CA
) {
1103 hash_dn(CTX
, ta
->dn
, ta
->dn_len
, hashed_DN
);
1104 if (memcmp(hashed_DN
, CTX
->current_dn_hash
, DNHASH_LEN
)) {
1107 kt
= CTX
->pkey
.key_type
;
1108 if ((ta
->pkey
.key_type
& 0x0F) != kt
) {
1113 case BR_KEYTYPE_RSA
:
1114 if (!eqbigint(CTX
->pkey
.key
.rsa
.n
,
1115 CTX
->pkey
.key
.rsa
.nlen
,
1117 ta
->pkey
.key
.rsa
.nlen
)
1118 || !eqbigint(CTX
->pkey
.key
.rsa
.e
,
1119 CTX
->pkey
.key
.rsa
.elen
,
1121 ta
->pkey
.key
.rsa
.elen
))
1128 if (CTX
->pkey
.key
.ec
.curve
!= ta
->pkey
.key
.ec
.curve
1129 || CTX
->pkey
.key
.ec
.qlen
!= ta
->pkey
.key
.ec
.qlen
1130 || memcmp(CTX
->pkey
.key
.ec
.q
,
1132 ta
->pkey
.key
.ec
.qlen
) != 0)
1143 * Direct trust match!
1145 CTX
->err
= BR_ERR_X509_OK
;
1152 /* check-trust-anchor-CA */
1156 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1157 const br_x509_trust_anchor
*ta
;
1158 unsigned char hashed_DN
[64];
1160 ta
= &CTX
->trust_anchors
[u
];
1161 if (!(ta
->flags
& BR_X509_TA_CA
)) {
1164 hash_dn(CTX
, ta
->dn
, ta
->dn_len
, hashed_DN
);
1165 if (memcmp(hashed_DN
, CTX
->saved_dn_hash
, DNHASH_LEN
)) {
1168 if (verify_signature(CTX
, &ta
->pkey
) == 0) {
1169 CTX
->err
= BR_ERR_X509_OK
;
1182 /* compute-dn-hash */
1184 CTX
->dn_hash_impl
->out(&CTX
->dn_hash
.vtable
, CTX
->current_dn_hash
);
1185 CTX
->do_dn_hash
= 0;
1190 /* compute-tbs-hash */
1194 len
= br_multihash_out(&CTX
->mhash
, id
, CTX
->tbs_hash
);
1200 /* copy-ee-ec-pkey */
1202 size_t qlen
= T0_POP();
1203 uint32_t curve
= T0_POP();
1204 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, qlen
);
1205 CTX
->pkey
.key_type
= BR_KEYTYPE_EC
;
1206 CTX
->pkey
.key
.ec
.curve
= curve
;
1207 CTX
->pkey
.key
.ec
.q
= CTX
->ee_pkey_data
;
1208 CTX
->pkey
.key
.ec
.qlen
= qlen
;
1213 /* copy-ee-rsa-pkey */
1215 size_t elen
= T0_POP();
1216 size_t nlen
= T0_POP();
1217 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, nlen
+ elen
);
1218 CTX
->pkey
.key_type
= BR_KEYTYPE_RSA
;
1219 CTX
->pkey
.key
.rsa
.n
= CTX
->ee_pkey_data
;
1220 CTX
->pkey
.key
.rsa
.nlen
= nlen
;
1221 CTX
->pkey
.key
.rsa
.e
= CTX
->ee_pkey_data
+ nlen
;
1222 CTX
->pkey
.key
.rsa
.elen
= elen
;
1229 size_t addr
= T0_POP();
1230 T0_PUSH(t0_datablock
[addr
]);
1235 /* dn-hash-length */
1237 T0_PUSH(DNHASH_LEN
);
1244 size_t qlen
= T0_POP();
1245 int curve
= T0_POP();
1248 pk
.key_type
= BR_KEYTYPE_EC
;
1249 pk
.key
.ec
.curve
= curve
;
1250 pk
.key
.ec
.q
= CTX
->pkey_data
;
1251 pk
.key
.ec
.qlen
= qlen
;
1252 T0_PUSH(verify_signature(CTX
, &pk
));
1259 size_t elen
= T0_POP();
1260 size_t nlen
= T0_POP();
1263 pk
.key_type
= BR_KEYTYPE_RSA
;
1264 pk
.key
.rsa
.n
= CTX
->pkey_data
;
1265 pk
.key
.rsa
.nlen
= nlen
;
1266 pk
.key
.rsa
.e
= CTX
->pkey_data
+ nlen
;
1267 pk
.key
.rsa
.elen
= elen
;
1268 T0_PUSH(verify_signature(CTX
, &pk
));
1279 T0_PUSH(T0_PEEK(0));
1285 const unsigned char *a2
= &t0_datablock
[T0_POP()];
1286 const unsigned char *a1
= &CTX
->pad
[0];
1290 x
= -(memcmp(a1
+ 1, a2
+ 1, len
) == 0);
1294 T0_PUSH((uint32_t)x
);
1301 size_t len
= T0_POP();
1302 const unsigned char *a2
= (const unsigned char *)CTX
+ T0_POP();
1303 const unsigned char *a1
= (const unsigned char *)CTX
+ T0_POP();
1304 T0_PUSHi(-(memcmp(a1
, a2
, len
) == 0));
1311 CTX
->err
= T0_POPi();
1317 /* get-system-date */
1319 if (CTX
->days
== 0 && CTX
->seconds
== 0) {
1320 #if BR_USE_UNIX_TIME
1321 time_t x
= time(NULL
);
1323 T0_PUSH((uint32_t)(x
/ 86400) + 719528);
1324 T0_PUSH((uint32_t)(x
% 86400));
1325 #elif BR_USE_WIN32_TIME
1329 GetSystemTimeAsFileTime(&ft
);
1330 x
= ((uint64_t)ft
.dwHighDateTime
<< 32)
1331 + (uint64_t)ft
.dwLowDateTime
;
1333 T0_PUSH((uint32_t)(x
/ 86400) + 584754);
1334 T0_PUSH((uint32_t)(x
% 86400));
1336 CTX
->err
= BR_ERR_X509_TIME_UNKNOWN
;
1341 T0_PUSH(CTX
->seconds
);
1349 uint32_t addr
= T0_POP();
1350 T0_PUSH(*(uint16_t *)((unsigned char *)CTX
+ addr
));
1357 uint32_t addr
= T0_POP();
1358 T0_PUSH(*(uint32_t *)((unsigned char *)CTX
+ addr
));
1365 uint32_t addr
= T0_POP();
1366 T0_PUSH(*((unsigned char *)CTX
+ addr
));
1371 /* match-server-name */
1375 if (CTX
->server_name
== NULL
) {
1379 n1
= strlen(CTX
->server_name
);
1381 if (n1
== n2
&& eqnocase(&CTX
->pad
[1], CTX
->server_name
, n1
)) {
1385 if (n2
>= 2 && CTX
->pad
[1] == '*' && CTX
->pad
[2] == '.') {
1389 while (u
< n1
&& CTX
->server_name
[u
] != '.') {
1395 && eqnocase(&CTX
->pad
[3], CTX
->server_name
+ u
, n1
))
1408 uint32_t a
= T0_POP();
1416 uint32_t b
= T0_POP();
1417 uint32_t a
= T0_POP();
1424 T0_PUSH(T0_PEEK(1));
1428 /* read-blob-inner */
1430 uint32_t len
= T0_POP();
1431 uint32_t addr
= T0_POP();
1432 size_t clen
= CTX
->hlen
;
1437 memcpy((unsigned char *)CTX
+ addr
, CTX
->hbuf
, clen
);
1439 if (CTX
->do_mhash
) {
1440 br_multihash_update(&CTX
->mhash
, CTX
->hbuf
, clen
);
1442 if (CTX
->do_dn_hash
) {
1443 CTX
->dn_hash_impl
->update(
1444 &CTX
->dn_hash
.vtable
, CTX
->hbuf
, clen
);
1448 T0_PUSH(addr
+ clen
);
1449 T0_PUSH(len
- clen
);
1456 if (CTX
->hlen
== 0) {
1459 unsigned char x
= *CTX
->hbuf
++;
1460 if (CTX
->do_mhash
) {
1461 br_multihash_update(&CTX
->mhash
, &x
, 1);
1463 if (CTX
->do_dn_hash
) {
1464 CTX
->dn_hash_impl
->update(&CTX
->dn_hash
.vtable
, &x
, 1);
1485 uint32_t addr
= T0_POP();
1486 *(uint16_t *)((unsigned char *)CTX
+ addr
) = T0_POP();
1493 uint32_t addr
= T0_POP();
1494 *(uint32_t *)((unsigned char *)CTX
+ addr
) = T0_POP();
1501 uint32_t addr
= T0_POP();
1502 *((unsigned char *)CTX
+ addr
) = (unsigned char)T0_POP();
1509 CTX
->dn_hash_impl
->init(&CTX
->dn_hash
.vtable
);
1510 CTX
->do_dn_hash
= 1;
1515 /* start-tbs-hash */
1517 br_multihash_init(&CTX
->mhash
);
1535 /* zero-server-name */
1537 T0_PUSHi(-(CTX
->server_name
== NULL
));
1544 T0_ENTER(ip
, rp
, t0x
);
1548 ((t0_context
*)t0ctx
)->dp
= dp
;
1549 ((t0_context
*)t0ctx
)->rp
= rp
;
1550 ((t0_context
*)t0ctx
)->ip
= ip
;