projects / BearSSL / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New "i62" code for big integers with 64x64->128 opcodes; also improved "i31" modular...
[BearSSL] / src / x509 / x509_minimal.c
1 /* Automatically generated code; do not modify directly. */
2
3 #include <stddef.h>
4 #include <stdint.h>
5
6 typedef struct {
7 uint32_t *dp;
8 uint32_t *rp;
9 const unsigned char *ip;
10 } t0_context;
11
12 static uint32_t
13 t0_parse7E_unsigned(const unsigned char **p)
14 {
15 uint32_t x;
16
17 x = 0;
18 for (;;) {
19 unsigned y;
20
21 y = *(*p) ++;
22 x = (x << 7) | (uint32_t)(y & 0x7F);
23 if (y < 0x80) {
24 return x;
25 }
26 }
27 }
28
29 static int32_t
30 t0_parse7E_signed(const unsigned char **p)
31 {
32 int neg;
33 uint32_t x;
34
35 neg = ((**p) >> 6) & 1;
36 x = (uint32_t)-neg;
37 for (;;) {
38 unsigned y;
39
40 y = *(*p) ++;
41 x = (x << 7) | (uint32_t)(y & 0x7F);
42 if (y < 0x80) {
43 if (neg) {
44 return -(int32_t)~x - 1;
45 } else {
46 return (int32_t)x;
47 }
48 }
49 }
50 }
51
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
60
61 /* static const unsigned char t0_datablock[]; */
62
63
64 void br_x509_minimal_init_main(void *t0ctx);
65
66 void br_x509_minimal_run(void *t0ctx);
67
68
69
70 #include "inner.h"
71
72
73
74
75
76 #include "inner.h"
77
78 /*
79 * Implementation Notes
80 * --------------------
81 *
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
88 *
89 * The T0 code sets cert_length to 0 when the certificate is fully
90 * decoded.
91 *
92 * The C code must still perform two checks:
93 *
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
96 * C code.
97 *
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
101 *
102 * Processing of a chain works in the following way:
103 *
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
109 *
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
112 *
113 * -- Start of the TBS: the multihash engine is reset and activated.
114 *
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
117 *
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
121 *
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
124 *
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
127 *
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
130 *
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
134 *
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
137 *
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
143 *
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
146 *
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
152 *
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
156 *
157 * -- Extensions: extension values are processed in due order.
158 *
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
162 *
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
166 *
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
169 *
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
176 *
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
180 *
181 * -- End of the TBS: the multihash engine is stopped.
182 *
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
189 *
190 * -- Signature value: the signature value is copied into the
191 * cert_sig[] array.
192 *
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
198 *
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
201 */
202
203 #ifndef BR_USE_UNIX_TIME
204 #if defined __unix__ || defined __linux__ \
205 || defined _POSIX_SOURCE || defined _POSIX_C_SOURCE \
206 || (defined __APPLE__ && defined __MACH__)
207 #define BR_USE_UNIX_TIME 1
208 #endif
209 #endif
210
211 #ifndef BR_USE_WIN32_TIME
212 #if defined _WIN32 || defined _WIN64
213 #define BR_USE_WIN32_TIME 1
214 #endif
215 #endif
216
217 #if BR_USE_UNIX_TIME
218 #include <time.h>
219 #endif
220
221 #if BR_USE_WIN32_TIME
222 #include <windows.h>
223 #endif
224
225 void br_x509_minimal_init_main(void *ctx);
226 void br_x509_minimal_run(void *ctx);
227
228 /* see bearssl_x509.h */
229 void
230 br_x509_minimal_init(br_x509_minimal_context *ctx,
231 const br_hash_class *dn_hash_impl,
232 const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num)
233 {
234 memset(ctx, 0, sizeof *ctx);
235 ctx->vtable = &br_x509_minimal_vtable;
236 ctx->dn_hash_impl = dn_hash_impl;
237 ctx->trust_anchors = trust_anchors;
238 ctx->trust_anchors_num = trust_anchors_num;
239 }
240
241 static void
242 xm_start_chain(const br_x509_class **ctx, const char *server_name)
243 {
244 br_x509_minimal_context *cc;
245 size_t u;
246
247 cc = (br_x509_minimal_context *)ctx;
248 for (u = 0; u < cc->num_name_elts; u ++) {
249 cc->name_elts[u].status = 0;
250 cc->name_elts[u].buf[0] = 0;
251 }
252 memset(&cc->pkey, 0, sizeof cc->pkey);
253 cc->num_certs = 0;
254 cc->err = 0;
255 cc->cpu.dp = cc->dp_stack;
256 cc->cpu.rp = cc->rp_stack;
257 br_x509_minimal_init_main(&cc->cpu);
258 if (server_name == NULL || *server_name == 0) {
259 cc->server_name = NULL;
260 } else {
261 cc->server_name = server_name;
262 }
263 }
264
265 static void
266 xm_start_cert(const br_x509_class **ctx, uint32_t length)
267 {
268 br_x509_minimal_context *cc;
269
270 cc = (br_x509_minimal_context *)ctx;
271 if (cc->err != 0) {
272 return;
273 }
274 if (length == 0) {
275 cc->err = BR_ERR_X509_TRUNCATED;
276 return;
277 }
278 cc->cert_length = length;
279 }
280
281 static void
282 xm_append(const br_x509_class **ctx, const unsigned char *buf, size_t len)
283 {
284 br_x509_minimal_context *cc;
285
286 cc = (br_x509_minimal_context *)ctx;
287 if (cc->err != 0) {
288 return;
289 }
290 cc->hbuf = buf;
291 cc->hlen = len;
292 br_x509_minimal_run(&cc->cpu);
293 }
294
295 static void
296 xm_end_cert(const br_x509_class **ctx)
297 {
298 br_x509_minimal_context *cc;
299
300 cc = (br_x509_minimal_context *)ctx;
301 if (cc->err == 0 && cc->cert_length != 0) {
302 cc->err = BR_ERR_X509_TRUNCATED;
303 }
304 cc->num_certs ++;
305 }
306
307 static unsigned
308 xm_end_chain(const br_x509_class **ctx)
309 {
310 br_x509_minimal_context *cc;
311
312 cc = (br_x509_minimal_context *)ctx;
313 if (cc->err == 0) {
314 if (cc->num_certs == 0) {
315 cc->err = BR_ERR_X509_EMPTY_CHAIN;
316 } else {
317 cc->err = BR_ERR_X509_NOT_TRUSTED;
318 }
319 } else if (cc->err == BR_ERR_X509_OK) {
320 return 0;
321 }
322 return (unsigned)cc->err;
323 }
324
325 static const br_x509_pkey *
326 xm_get_pkey(const br_x509_class *const *ctx, unsigned *usages)
327 {
328 br_x509_minimal_context *cc;
329
330 cc = (br_x509_minimal_context *)ctx;
331 if (cc->err == BR_ERR_X509_OK
332 || cc->err == BR_ERR_X509_NOT_TRUSTED)
333 {
334 if (usages != NULL) {
335 *usages = cc->key_usages;
336 }
337 return &((br_x509_minimal_context *)ctx)->pkey;
338 } else {
339 return NULL;
340 }
341 }
342
343 /* see bearssl_x509.h */
344 const br_x509_class br_x509_minimal_vtable = {
345 sizeof(br_x509_minimal_context),
346 xm_start_chain,
347 xm_start_cert,
348 xm_append,
349 xm_end_cert,
350 xm_end_chain,
351 xm_get_pkey
352 };
353
354 #define CTX ((br_x509_minimal_context *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
355 #define CONTEXT_NAME br_x509_minimal_context
356
357 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
358
359 /*
360 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
361 * DN hash implementation and context structure from the X.509 engine
362 * context.
363 */
364 static void
365 hash_dn(br_x509_minimal_context *ctx, const void *dn, size_t len,
366 unsigned char *out)
367 {
368 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable);
369 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len);
370 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out);
371 }
372
373 /*
374 * Compare two big integers for equality. The integers use unsigned big-endian
375 * encoding; extra leading bytes (of value 0) are allowed.
376 */
377 static int
378 eqbigint(const unsigned char *b1, size_t len1,
379 const unsigned char *b2, size_t len2)
380 {
381 while (len1 > 0 && *b1 == 0) {
382 b1 ++;
383 len1 --;
384 }
385 while (len2 > 0 && *b2 == 0) {
386 b2 ++;
387 len2 --;
388 }
389 if (len1 != len2) {
390 return 0;
391 }
392 return memcmp(b1, b2, len1) == 0;
393 }
394
395 /*
396 * Compare two strings for equality, in a case-insensitive way. This
397 * function handles casing only for ASCII letters.
398 */
399 static int
400 eqnocase(const void *s1, const void *s2, size_t len)
401 {
402 const unsigned char *buf1, *buf2;
403
404 buf1 = s1;
405 buf2 = s2;
406 while (len -- > 0) {
407 int x1, x2;
408
409 x1 = *buf1 ++;
410 x2 = *buf2 ++;
411 if (x1 >= 'A' && x1 <= 'Z') {
412 x1 += 'a' - 'A';
413 }
414 if (x2 >= 'A' && x2 <= 'Z') {
415 x2 += 'a' - 'A';
416 }
417 if (x1 != x2) {
418 return 0;
419 }
420 }
421 return 1;
422 }
423
424 static int verify_signature(br_x509_minimal_context *ctx,
425 const br_x509_pkey *pk);
426
427
428
429 static const unsigned char t0_datablock[] = {
430 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
431 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
432 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
433 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
434 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
435 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
436 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
437 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
438 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
439 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
440 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
441 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
442 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
443 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
444 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
445 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
446 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
447 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
448 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
449 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
450 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D, 0x0E,
451 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D, 0x1F,
452 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
453 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
454 };
455
456 static const unsigned char t0_codeblock[] = {
457 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
458 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
459 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_X509_BAD_BOOLEAN), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_X509_BAD_DN), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_X509_BAD_TIME), 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_DN_MISMATCH), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_EXPIRED), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_INNER_TRUNC), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_X509_NOT_CA), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_X509_OVERFLOW), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_X509_PARTIAL_BYTE), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_X509_UNEXPECTED), 0x00, 0x00, 0x01,
480 T0_INT1(BR_ERR_X509_UNSUPPORTED), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY), 0x00, 0x00, 0x01,
482 T0_INT1(BR_KEYTYPE_EC), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA),
483 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_length)), 0x00,
484 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig)), 0x00, 0x00,
485 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_len)), 0x00, 0x00,
486 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_oid)), 0x00, 0x00,
487 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_len)), 0x00, 0x00, 0x01,
488 T0_INT2(offsetof(CONTEXT_NAME, cert_signer_key_type)), 0x00, 0x00,
489 0x01, T0_INT2(offsetof(CONTEXT_NAME, current_dn_hash)), 0x00, 0x00,
490 0x01, T0_INT2(offsetof(CONTEXT_NAME, key_usages)), 0x00, 0x00, 0x01,
491 T0_INT2(offsetof(br_x509_minimal_context, pkey_data)), 0x01,
492 T0_INT2(BR_X509_BUFSIZE_KEY), 0x00, 0x00, 0x01,
493 T0_INT2(offsetof(CONTEXT_NAME, min_rsa_size)), 0x00, 0x00, 0x01,
494 T0_INT2(offsetof(CONTEXT_NAME, next_dn_hash)), 0x00, 0x00, 0x01,
495 T0_INT2(offsetof(CONTEXT_NAME, num_certs)), 0x00, 0x00, 0x01,
496 T0_INT2(offsetof(CONTEXT_NAME, pad)), 0x00, 0x00, 0x01,
497 T0_INT2(offsetof(CONTEXT_NAME, saved_dn_hash)), 0x00, 0x00, 0xC6, 0x71,
498 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
499 0x01, 0x81, 0x02, 0x00, 0x00, 0x90, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
500 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
501 0x00, 0x00, 0x01, 0x82, 0x0C, 0x00, 0x00, 0x01, 0x81, 0x74, 0x00, 0x00,
502 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
503 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
504 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
505 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
506 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00, 0x06, 0x02, 0x53, 0x28, 0x00,
507 0x00, 0x01, 0x10, 0x76, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28, 0x73,
508 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x06, 0x02,
509 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x04, 0x00, 0x00, 0x25, 0x20, 0x01,
510 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00, 0x09, 0x03, 0x00, 0x5B, 0x2B,
511 0xAC, 0x39, 0xAC, 0xB0, 0x25, 0x01, 0x20, 0x11, 0x06, 0x11, 0x24, 0x73,
512 0xAA, 0xB0, 0x01, 0x02, 0x77, 0xAD, 0x01, 0x02, 0x12, 0x06, 0x02, 0x57,
513 0x28, 0x78, 0xB0, 0x01, 0x02, 0x77, 0xAB, 0xAC, 0xBF, 0x99, 0x65, 0x61,
514 0x21, 0x16, 0xAC, 0xA4, 0x29, 0x69, 0x06, 0x02, 0x4B, 0x28, 0xA4, 0x29,
515 0x71, 0x06, 0x02, 0x4B, 0x28, 0x78, 0x02, 0x00, 0x06, 0x05, 0x9A, 0x03,
516 0x01, 0x04, 0x09, 0x99, 0x61, 0x68, 0x21, 0x27, 0x05, 0x02, 0x4A, 0x28,
517 0x68, 0x65, 0x21, 0x16, 0xAC, 0xAC, 0x9B, 0x05, 0x02, 0x57, 0x28, 0xB9,
518 0x26, 0x06, 0x27, 0xBF, 0xA1, 0xAC, 0x63, 0xA7, 0x03, 0x03, 0x63, 0x3B,
519 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A, 0xA7, 0x03, 0x04, 0x78, 0x64,
520 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03, 0x12, 0x06, 0x02, 0x58, 0x28,
521 0x78, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x87, 0x26, 0x06, 0x34, 0x9B, 0x05,
522 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04, 0x01, 0x17, 0x04, 0x12, 0x6B,
523 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A, 0x6C, 0x26, 0x06, 0x04, 0x01,
524 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05, 0x78, 0xA1, 0x25, 0x03, 0x06,
525 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50, 0x28, 0xA2, 0x59, 0x03, 0x02,
526 0x04, 0x02, 0x57, 0x28, 0x78, 0x02, 0x00, 0x06, 0x21, 0x02, 0x02, 0x5A,
527 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x1D, 0x04, 0x10,
528 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06, 0x1C, 0x04,
529 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06,
530 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23, 0x04, 0x10, 0x59, 0x30, 0x11,
531 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06, 0x22, 0x04, 0x03, 0x57, 0x28,
532 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01, 0x00, 0x03, 0x07, 0xB1, 0x01,
533 0x21, 0x8D, 0x01, 0x22, 0x8D, 0x25, 0x01, 0x23, 0x11, 0x06, 0x81, 0x17,
534 0x24, 0x73, 0xAA, 0xAC, 0x25, 0x06, 0x81, 0x0B, 0x01, 0x00, 0x03, 0x08,
535 0xAC, 0x9B, 0x24, 0xB0, 0x25, 0x01, 0x01, 0x11, 0x06, 0x04, 0xA3, 0x03,
536 0x08, 0xB0, 0x01, 0x04, 0x77, 0xAA, 0x70, 0x26, 0x06, 0x0F, 0x02, 0x00,
537 0x06, 0x03, 0xC0, 0x04, 0x05, 0x97, 0x01, 0x7F, 0x03, 0x07, 0x04, 0x80,
538 0x5D, 0x8F, 0x26, 0x06, 0x06, 0x02, 0x00, 0x98, 0x04, 0x80, 0x53, 0xC2,
539 0x26, 0x06, 0x10, 0x02, 0x00, 0x06, 0x09, 0x01, 0x00, 0x03, 0x01, 0x96,
540 0x03, 0x01, 0x04, 0x01, 0xC0, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC0,
541 0x04, 0x38, 0xC5, 0x26, 0x06, 0x03, 0xC0, 0x04, 0x31, 0x8E, 0x26, 0x06,
542 0x03, 0xC0, 0x04, 0x2A, 0xC3, 0x26, 0x06, 0x03, 0xC0, 0x04, 0x23, 0x79,
543 0x26, 0x06, 0x03, 0xC0, 0x04, 0x1C, 0x84, 0x26, 0x06, 0x03, 0xC0, 0x04,
544 0x15, 0x6E, 0x26, 0x06, 0x03, 0xC0, 0x04, 0x0E, 0xC4, 0x26, 0x06, 0x03,
545 0xC0, 0x04, 0x07, 0x02, 0x08, 0x06, 0x02, 0x49, 0x28, 0xC0, 0x78, 0x78,
546 0x04, 0xFE, 0x71, 0x78, 0x78, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02,
547 0x56, 0x28, 0x24, 0x78, 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C,
548 0x2F, 0x05, 0x02, 0x45, 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00,
549 0x02, 0x07, 0x2F, 0x05, 0x02, 0x51, 0x28, 0xB0, 0x75, 0xAA, 0x9B, 0x06,
550 0x80, 0x77, 0xBA, 0x26, 0x06, 0x07, 0x01, 0x02, 0x5A, 0x88, 0x04, 0x80,
551 0x5E, 0xBB, 0x26, 0x06, 0x07, 0x01, 0x03, 0x5A, 0x89, 0x04, 0x80, 0x53,
552 0xBC, 0x26, 0x06, 0x07, 0x01, 0x04, 0x5A, 0x8A, 0x04, 0x80, 0x48, 0xBD,
553 0x26, 0x06, 0x06, 0x01, 0x05, 0x5A, 0x8B, 0x04, 0x3E, 0xBE, 0x26, 0x06,
554 0x06, 0x01, 0x06, 0x5A, 0x8C, 0x04, 0x34, 0x7E, 0x26, 0x06, 0x06, 0x01,
555 0x02, 0x59, 0x88, 0x04, 0x2A, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59,
556 0x89, 0x04, 0x20, 0x80, 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8A, 0x04,
557 0x16, 0x81, 0x26, 0x06, 0x06, 0x01, 0x05, 0x59, 0x8B, 0x04, 0x0C, 0x82,
558 0x26, 0x06, 0x06, 0x01, 0x06, 0x59, 0x8C, 0x04, 0x02, 0x57, 0x28, 0x5E,
559 0x35, 0x60, 0x37, 0x1B, 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04,
560 0x02, 0x57, 0x28, 0xBF, 0xA1, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG),
561 0x12, 0x06, 0x02, 0x50, 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA2, 0x78, 0x78,
562 0x01, 0x00, 0x5B, 0x36, 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01,
563 0x00, 0x01, 0x09, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30,
564 0x00, 0x00, 0x01, 0x81, 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00,
565 0x01, 0x81, 0x19, 0x00, 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81,
566 0x2B, 0x00, 0x01, 0x7D, 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F,
567 0x11, 0x15, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25,
568 0xC7, 0x05, 0x04, 0x42, 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D,
569 0x06, 0x04, 0x94, 0x04, 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06,
570 0x0F, 0x01, 0x06, 0x14, 0x01, 0x81, 0x40, 0x2F, 0x94, 0x02, 0x00, 0x01,
571 0x00, 0x95, 0x04, 0x33, 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14,
572 0x01, 0x0C, 0x14, 0x01, 0x81, 0x60, 0x2F, 0x94, 0x02, 0x00, 0x01, 0x06,
573 0x95, 0x02, 0x00, 0x01, 0x00, 0x95, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01,
574 0x81, 0x70, 0x2F, 0x94, 0x02, 0x00, 0x01, 0x0C, 0x95, 0x02, 0x00, 0x01,
575 0x06, 0x95, 0x02, 0x00, 0x01, 0x00, 0x95, 0x00, 0x00, 0x01, 0x82, 0x08,
576 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72,
577 0x00, 0x00, 0x01, 0x81, 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00,
578 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80, 0x4D,
579 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00, 0x00,
580 0x30, 0x11, 0x06, 0x04, 0x42, 0xAA, 0xBF, 0xB1, 0x00, 0x00, 0x01, 0x81,
581 0x7C, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB8,
582 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62, 0x37,
583 0x01, 0x7F, 0x7B, 0x19, 0x01, 0x00, 0x7B, 0x19, 0x04, 0x7A, 0x00, 0x01,
584 0x81, 0x38, 0x00, 0x01, 0x7D, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25, 0x03,
585 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01, 0x82,
586 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67, 0x09,
587 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00, 0x2F,
588 0x94, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAC, 0x25, 0x06, 0x80, 0x59,
589 0xB0, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x73, 0xAA, 0x9B, 0x24,
590 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB0, 0x01, 0x20, 0x76, 0xAA, 0xAF, 0x02,
591 0x01, 0x1F, 0x78, 0x78, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06, 0x08,
592 0x24, 0x74, 0xB3, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30, 0x11,
593 0x06, 0x11, 0x24, 0x74, 0xB3, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00, 0x2F,
594 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11, 0x06,
595 0x08, 0x24, 0x74, 0xB3, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAB, 0x01,
596 0x00, 0x24, 0x04, 0xFF, 0x23, 0x78, 0x02, 0x00, 0x00, 0x00, 0xAC, 0xB1,
597 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA3, 0x05, 0x02, 0x51, 0x28, 0xB1,
598 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24, 0x74,
599 0xAD, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB1, 0x01, 0x7F,
600 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x78, 0x00, 0x02, 0x03, 0x00, 0xB0,
601 0x01, 0x03, 0x77, 0xAA, 0xB7, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12,
602 0x06, 0x02, 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24,
603 0x4D, 0x28, 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xB7,
604 0x02, 0x01, 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xB7, 0x01, 0x00,
605 0x24, 0x02, 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06,
606 0x03, 0x01, 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01,
607 0x20, 0x2F, 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D,
608 0x28, 0xBF, 0x00, 0x00, 0x38, 0xAC, 0xBF, 0x1A, 0x00, 0x03, 0x01, 0x00,
609 0x03, 0x00, 0x38, 0xAC, 0x25, 0x06, 0x30, 0xB0, 0x01, 0x11, 0x76, 0xAA,
610 0x25, 0x05, 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAC, 0x9B, 0x24, 0x86,
611 0x26, 0x03, 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xAF, 0x25, 0x02, 0x01,
612 0x15, 0x06, 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02,
613 0x1F, 0x78, 0x04, 0x5D, 0x78, 0x04, 0x4D, 0x78, 0x1A, 0x02, 0x00, 0x00,
614 0x00, 0xB0, 0x01, 0x06, 0x77, 0xAE, 0x00, 0x00, 0xB5, 0x85, 0x06, 0x0E,
615 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB5, 0x6D,
616 0x04, 0x08, 0x90, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00,
617 0xB6, 0x85, 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01,
618 0x00, 0x00, 0xB6, 0x6D, 0x04, 0x08, 0x90, 0x06, 0x05, 0x24, 0x01, 0x00,
619 0x04, 0x00, 0x00, 0x00, 0xB7, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04,
620 0x00, 0x04, 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24,
621 0x01, 0x00, 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06,
622 0x0E, 0x01, 0x1F, 0x15, 0x01, 0x01, 0xA0, 0x01, 0x81, 0x00, 0x01, 0x8F,
623 0x7F, 0x04, 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F,
624 0x15, 0x01, 0x02, 0xA0, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04,
625 0x1C, 0x25, 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01,
626 0x03, 0xA0, 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04,
627 0x04, 0x24, 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00,
628 0x00, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB7,
629 0x34, 0x25, 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B,
630 0x25, 0x01, 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F,
631 0x00, 0x01, 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0x9F,
632 0x34, 0x41, 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB0, 0x01, 0x03, 0x77,
633 0xAA, 0xB7, 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07,
634 0x31, 0x25, 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01,
635 0x77, 0xA9, 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xB7, 0x3E, 0x00,
636 0x04, 0xB0, 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28,
637 0x01, 0x18, 0x11, 0x03, 0x00, 0x74, 0xAA, 0xA5, 0x02, 0x00, 0x06, 0x0C,
638 0x01, 0x80, 0x64, 0x08, 0x03, 0x01, 0xA5, 0x02, 0x01, 0x09, 0x04, 0x0E,
639 0x25, 0x01, 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E,
640 0x6C, 0x09, 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01,
641 0x01, 0x03, 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63,
642 0x09, 0x01, 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09,
643 0x01, 0x83, 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA6,
644 0x41, 0x01, 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01,
645 0x01, 0x80, 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F,
646 0x2F, 0x15, 0x06, 0x03, 0x01, 0x18, 0x09, 0x92, 0x09, 0x7A, 0x25, 0x01,
647 0x05, 0x14, 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01,
648 0x3B, 0xA6, 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17,
649 0xA6, 0x01, 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA6,
650 0x01, 0x3C, 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C,
651 0xA6, 0x02, 0x02, 0x09, 0x03, 0x02, 0xB7, 0x25, 0x01, 0x2E, 0x11, 0x06,
652 0x0D, 0x24, 0xB7, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24,
653 0x04, 0x74, 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x78, 0x02,
654 0x03, 0x02, 0x02, 0x00, 0x01, 0xB7, 0x7C, 0x01, 0x0A, 0x08, 0x03, 0x00,
655 0xB7, 0x7C, 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA5,
656 0x25, 0x02, 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00,
657 0x34, 0xB0, 0x01, 0x02, 0x77, 0x0B, 0xA8, 0x00, 0x03, 0x25, 0x03, 0x00,
658 0x03, 0x01, 0x03, 0x02, 0xAA, 0xB7, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
659 0x02, 0x54, 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05,
660 0x04, 0x24, 0x01, 0x00, 0x00, 0xB7, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05,
661 0x02, 0x50, 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40,
662 0x03, 0x02, 0x25, 0x06, 0x03, 0xB7, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02,
663 0x01, 0x0A, 0x00, 0x01, 0xB7, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01,
664 0x00, 0x01, 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00,
665 0x01, 0x00, 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41,
666 0x03, 0x00, 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F,
667 0x28, 0x01, 0x08, 0x0E, 0x3B, 0xB7, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00,
668 0xA9, 0x93, 0x00, 0x00, 0xAA, 0xBF, 0x00, 0x00, 0xB0, 0x75, 0xAA, 0x00,
669 0x01, 0xAA, 0x25, 0x05, 0x02, 0x54, 0x28, 0xB7, 0x25, 0x01, 0x81, 0x00,
670 0x13, 0x06, 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xB7, 0x02,
671 0x00, 0x25, 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28,
672 0x01, 0x08, 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00,
673 0x00, 0xAA, 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xBF, 0x01, 0x00,
674 0x67, 0x37, 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA2, 0x01,
675 0x7F, 0x00, 0x00, 0xB0, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74,
676 0xB3, 0x04, 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4,
677 0x04, 0x33, 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4, 0x04,
678 0x28, 0x01, 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4, 0x04, 0x1D,
679 0x01, 0x16, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4, 0x04, 0x12, 0x01,
680 0x1E, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB2, 0x04, 0x07, 0x42, 0xAB,
681 0x01, 0x00, 0x01, 0x00, 0x24, 0x00, 0x01, 0xB7, 0x03, 0x00, 0x02, 0x00,
682 0x01, 0x05, 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14,
683 0x25, 0x01, 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02,
684 0x00, 0x01, 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28,
685 0x09, 0x00, 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB0,
686 0x00, 0x01, 0xAA, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01,
687 0x01, 0x03, 0x00, 0x9C, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16,
688 0x24, 0x25, 0x06, 0x10, 0x9D, 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00,
689 0x00, 0x02, 0x00, 0x83, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05,
690 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 0x83, 0x03, 0x00, 0x25,
691 0x06, 0x0B, 0x9C, 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x04,
692 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
693 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0x9E,
694 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 0x83, 0x03,
695 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
696 0x37, 0x01, 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06,
697 0x10, 0xB7, 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00,
698 0x83, 0x03, 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00,
699 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x00, 0xB7, 0x01, 0x08, 0x0E, 0x3B,
700 0xB7, 0x34, 0x09, 0x00, 0x00, 0xB7, 0x3B, 0xB7, 0x01, 0x08, 0x0E, 0x34,
701 0x09, 0x00, 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xB8, 0x00, 0x00,
702 0x32, 0x25, 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74,
703 0x00, 0x01, 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00,
704 0x00, 0x01, 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00,
705 0x00, 0xC0, 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC1, 0x25, 0x06, 0x01,
706 0x19, 0x04, 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00,
707 0x00, 0x01, 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x00, 0x00, 0x00, 0x01,
708 0x82, 0x15, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00, 0x00, 0x01, 0x03, 0x33,
709 0x01, 0x03, 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83,
710 0xFD, 0x5F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83,
711 0xB0, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00,
712 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
713 };
714
715 static const uint16_t t0_caddr[] = {
716 0,
717 5,
718 10,
719 15,
720 20,
721 25,
722 29,
723 33,
724 37,
725 41,
726 45,
727 49,
728 53,
729 57,
730 61,
731 65,
732 69,
733 73,
734 77,
735 81,
736 85,
737 89,
738 93,
739 97,
740 101,
741 105,
742 109,
743 113,
744 117,
745 121,
746 125,
747 130,
748 135,
749 140,
750 145,
751 150,
752 155,
753 160,
754 165,
755 173,
756 178,
757 183,
758 188,
759 193,
760 198,
761 202,
762 207,
763 212,
764 217,
765 238,
766 243,
767 248,
768 253,
769 282,
770 297,
771 303,
772 309,
773 314,
774 322,
775 330,
776 336,
777 341,
778 352,
779 972,
780 987,
781 991,
782 996,
783 1001,
784 1006,
785 1011,
786 1016,
787 1130,
788 1135,
789 1147,
790 1152,
791 1157,
792 1161,
793 1166,
794 1171,
795 1176,
796 1181,
797 1191,
798 1196,
799 1201,
800 1213,
801 1228,
802 1233,
803 1247,
804 1269,
805 1280,
806 1383,
807 1430,
808 1521,
809 1527,
810 1590,
811 1597,
812 1625,
813 1653,
814 1758,
815 1800,
816 1813,
817 1825,
818 1839,
819 1854,
820 2074,
821 2088,
822 2105,
823 2114,
824 2181,
825 2237,
826 2241,
827 2245,
828 2250,
829 2298,
830 2324,
831 2400,
832 2444,
833 2455,
834 2540,
835 2578,
836 2616,
837 2626,
838 2636,
839 2645,
840 2658,
841 2662,
842 2666,
843 2670,
844 2674,
845 2678,
846 2682,
847 2686,
848 2698,
849 2706,
850 2711,
851 2716,
852 2721,
853 2726,
854 2734
855 };
856
857 #define T0_INTERPRETED 61
858
859 #define T0_ENTER(ip, rp, slot) do { \
860 const unsigned char *t0_newip; \
861 uint32_t t0_lnum; \
862 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
863 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
864 (rp) += t0_lnum; \
865 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
866 (ip) = t0_newip; \
867 } while (0)
868
869 #define T0_DEFENTRY(name, slot) \
870 void \
871 name(void *ctx) \
872 { \
873 t0_context *t0ctx = ctx; \
874 t0ctx->ip = &t0_codeblock[0]; \
875 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
876 }
877
878 T0_DEFENTRY(br_x509_minimal_init_main, 145)
879
880 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
881
882 void
883 br_x509_minimal_run(void *t0ctx)
884 {
885 uint32_t *dp, *rp;
886 const unsigned char *ip;
887
888 #define T0_LOCAL(x) (*(rp - 2 - (x)))
889 #define T0_POP() (*-- dp)
890 #define T0_POPi() (*(int32_t *)(-- dp))
891 #define T0_PEEK(x) (*(dp - 1 - (x)))
892 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
893 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
894 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
895 #define T0_RPOP() (*-- rp)
896 #define T0_RPOPi() (*(int32_t *)(-- rp))
897 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
898 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
899 #define T0_ROLL(x) do { \
900 size_t t0len = (size_t)(x); \
901 uint32_t t0tmp = *(dp - 1 - t0len); \
902 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
903 *(dp - 1) = t0tmp; \
904 } while (0)
905 #define T0_SWAP() do { \
906 uint32_t t0tmp = *(dp - 2); \
907 *(dp - 2) = *(dp - 1); \
908 *(dp - 1) = t0tmp; \
909 } while (0)
910 #define T0_ROT() do { \
911 uint32_t t0tmp = *(dp - 3); \
912 *(dp - 3) = *(dp - 2); \
913 *(dp - 2) = *(dp - 1); \
914 *(dp - 1) = t0tmp; \
915 } while (0)
916 #define T0_NROT() do { \
917 uint32_t t0tmp = *(dp - 1); \
918 *(dp - 1) = *(dp - 2); \
919 *(dp - 2) = *(dp - 3); \
920 *(dp - 3) = t0tmp; \
921 } while (0)
922 #define T0_PICK(x) do { \
923 uint32_t t0depth = (x); \
924 T0_PUSH(T0_PEEK(t0depth)); \
925 } while (0)
926 #define T0_CO() do { \
927 goto t0_exit; \
928 } while (0)
929 #define T0_RET() goto t0_next
930
931 dp = ((t0_context *)t0ctx)->dp;
932 rp = ((t0_context *)t0ctx)->rp;
933 ip = ((t0_context *)t0ctx)->ip;
934 goto t0_next;
935 for (;;) {
936 uint32_t t0x;
937
938 t0_next:
939 t0x = T0_NEXT(&ip);
940 if (t0x < T0_INTERPRETED) {
941 switch (t0x) {
942 int32_t t0off;
943
944 case 0: /* ret */
945 t0x = T0_RPOP();
946 rp -= (t0x >> 16);
947 t0x &= 0xFFFF;
948 if (t0x == 0) {
949 ip = NULL;
950 goto t0_exit;
951 }
952 ip = &t0_codeblock[t0x];
953 break;
954 case 1: /* literal constant */
955 T0_PUSHi(t0_parse7E_signed(&ip));
956 break;
957 case 2: /* read local */
958 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));
959 break;
960 case 3: /* write local */
961 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();
962 break;
963 case 4: /* jump */
964 t0off = t0_parse7E_signed(&ip);
965 ip += t0off;
966 break;
967 case 5: /* jump if */
968 t0off = t0_parse7E_signed(&ip);
969 if (T0_POP()) {
970 ip += t0off;
971 }
972 break;
973 case 6: /* jump if not */
974 t0off = t0_parse7E_signed(&ip);
975 if (!T0_POP()) {
976 ip += t0off;
977 }
978 break;
979 case 7: {
980 /* %25 */
981
982 int32_t b = T0_POPi();
983 int32_t a = T0_POPi();
984 T0_PUSHi(a % b);
985
986 }
987 break;
988 case 8: {
989 /* * */
990
991 uint32_t b = T0_POP();
992 uint32_t a = T0_POP();
993 T0_PUSH(a * b);
994
995 }
996 break;
997 case 9: {
998 /* + */
999
1000 uint32_t b = T0_POP();
1001 uint32_t a = T0_POP();
1002 T0_PUSH(a + b);
1003
1004 }
1005 break;
1006 case 10: {
1007 /* - */
1008
1009 uint32_t b = T0_POP();
1010 uint32_t a = T0_POP();
1011 T0_PUSH(a - b);
1012
1013 }
1014 break;
1015 case 11: {
1016 /* -rot */
1017 T0_NROT();
1018 }
1019 break;
1020 case 12: {
1021 /* / */
1022
1023 int32_t b = T0_POPi();
1024 int32_t a = T0_POPi();
1025 T0_PUSHi(a / b);
1026
1027 }
1028 break;
1029 case 13: {
1030 /* < */
1031
1032 int32_t b = T0_POPi();
1033 int32_t a = T0_POPi();
1034 T0_PUSH(-(uint32_t)(a < b));
1035
1036 }
1037 break;
1038 case 14: {
1039 /* << */
1040
1041 int c = (int)T0_POPi();
1042 uint32_t x = T0_POP();
1043 T0_PUSH(x << c);
1044
1045 }
1046 break;
1047 case 15: {
1048 /* <= */
1049
1050 int32_t b = T0_POPi();
1051 int32_t a = T0_POPi();
1052 T0_PUSH(-(uint32_t)(a <= b));
1053
1054 }
1055 break;
1056 case 16: {
1057 /* <> */
1058
1059 uint32_t b = T0_POP();
1060 uint32_t a = T0_POP();
1061 T0_PUSH(-(uint32_t)(a != b));
1062
1063 }
1064 break;
1065 case 17: {
1066 /* = */
1067
1068 uint32_t b = T0_POP();
1069 uint32_t a = T0_POP();
1070 T0_PUSH(-(uint32_t)(a == b));
1071
1072 }
1073 break;
1074 case 18: {
1075 /* > */
1076
1077 int32_t b = T0_POPi();
1078 int32_t a = T0_POPi();
1079 T0_PUSH(-(uint32_t)(a > b));
1080
1081 }
1082 break;
1083 case 19: {
1084 /* >= */
1085
1086 int32_t b = T0_POPi();
1087 int32_t a = T0_POPi();
1088 T0_PUSH(-(uint32_t)(a >= b));
1089
1090 }
1091 break;
1092 case 20: {
1093 /* >> */
1094
1095 int c = (int)T0_POPi();
1096 int32_t x = T0_POPi();
1097 T0_PUSHi(x >> c);
1098
1099 }
1100 break;
1101 case 21: {
1102 /* and */
1103
1104 uint32_t b = T0_POP();
1105 uint32_t a = T0_POP();
1106 T0_PUSH(a & b);
1107
1108 }
1109 break;
1110 case 22: {
1111 /* blobcopy */
1112
1113 size_t len = T0_POP();
1114 unsigned char *src = (unsigned char *)CTX + T0_POP();
1115 unsigned char *dst = (unsigned char *)CTX + T0_POP();
1116 memcpy(dst, src, len);
1117
1118 }
1119 break;
1120 case 23: {
1121 /* check-direct-trust */
1122
1123 size_t u;
1124
1125 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1126 const br_x509_trust_anchor *ta;
1127 unsigned char hashed_DN[64];
1128 int kt;
1129
1130 ta = &CTX->trust_anchors[u];
1131 if (ta->flags & BR_X509_TA_CA) {
1132 continue;
1133 }
1134 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1135 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) {
1136 continue;
1137 }
1138 kt = CTX->pkey.key_type;
1139 if ((ta->pkey.key_type & 0x0F) != kt) {
1140 continue;
1141 }
1142 switch (kt) {
1143
1144 case BR_KEYTYPE_RSA:
1145 if (!eqbigint(CTX->pkey.key.rsa.n,
1146 CTX->pkey.key.rsa.nlen,
1147 ta->pkey.key.rsa.n,
1148 ta->pkey.key.rsa.nlen)
1149 || !eqbigint(CTX->pkey.key.rsa.e,
1150 CTX->pkey.key.rsa.elen,
1151 ta->pkey.key.rsa.e,
1152 ta->pkey.key.rsa.elen))
1153 {
1154 continue;
1155 }
1156 break;
1157
1158 case BR_KEYTYPE_EC:
1159 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve
1160 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen
1161 || memcmp(CTX->pkey.key.ec.q,
1162 ta->pkey.key.ec.q,
1163 ta->pkey.key.ec.qlen) != 0)
1164 {
1165 continue;
1166 }
1167 break;
1168
1169 default:
1170 continue;
1171 }
1172
1173 /*
1174 * Direct trust match!
1175 */
1176 CTX->err = BR_ERR_X509_OK;
1177 T0_CO();
1178 }
1179
1180 }
1181 break;
1182 case 24: {
1183 /* check-trust-anchor-CA */
1184
1185 size_t u;
1186
1187 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1188 const br_x509_trust_anchor *ta;
1189 unsigned char hashed_DN[64];
1190
1191 ta = &CTX->trust_anchors[u];
1192 if (!(ta->flags & BR_X509_TA_CA)) {
1193 continue;
1194 }
1195 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1196 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) {
1197 continue;
1198 }
1199 if (verify_signature(CTX, &ta->pkey) == 0) {
1200 CTX->err = BR_ERR_X509_OK;
1201 T0_CO();
1202 }
1203 }
1204
1205 }
1206 break;
1207 case 25: {
1208 /* co */
1209 T0_CO();
1210 }
1211 break;
1212 case 26: {
1213 /* compute-dn-hash */
1214
1215 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash);
1216 CTX->do_dn_hash = 0;
1217
1218 }
1219 break;
1220 case 27: {
1221 /* compute-tbs-hash */
1222
1223 int id = T0_POPi();
1224 size_t len;
1225 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash);
1226 T0_PUSH(len);
1227
1228 }
1229 break;
1230 case 28: {
1231 /* copy-ee-ec-pkey */
1232
1233 size_t qlen = T0_POP();
1234 uint32_t curve = T0_POP();
1235 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen);
1236 CTX->pkey.key_type = BR_KEYTYPE_EC;
1237 CTX->pkey.key.ec.curve = curve;
1238 CTX->pkey.key.ec.q = CTX->ee_pkey_data;
1239 CTX->pkey.key.ec.qlen = qlen;
1240
1241 }
1242 break;
1243 case 29: {
1244 /* copy-ee-rsa-pkey */
1245
1246 size_t elen = T0_POP();
1247 size_t nlen = T0_POP();
1248 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen);
1249 CTX->pkey.key_type = BR_KEYTYPE_RSA;
1250 CTX->pkey.key.rsa.n = CTX->ee_pkey_data;
1251 CTX->pkey.key.rsa.nlen = nlen;
1252 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen;
1253 CTX->pkey.key.rsa.elen = elen;
1254
1255 }
1256 break;
1257 case 30: {
1258 /* copy-name-SAN */
1259
1260 unsigned tag = T0_POP();
1261 unsigned ok = T0_POP();
1262 size_t u, len;
1263
1264 len = CTX->pad[0];
1265 for (u = 0; u < CTX->num_name_elts; u ++) {
1266 br_name_element *ne;
1267
1268 ne = &CTX->name_elts[u];
1269 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) {
1270 if (ok && ne->len > len) {
1271 memcpy(ne->buf, CTX->pad + 1, len);
1272 ne->buf[len] = 0;
1273 ne->status = 1;
1274 } else {
1275 ne->status = -1;
1276 }
1277 break;
1278 }
1279 }
1280
1281 }
1282 break;
1283 case 31: {
1284 /* copy-name-element */
1285
1286 size_t len;
1287 int32_t off = T0_POPi();
1288 int ok = T0_POPi();
1289
1290 if (off >= 0) {
1291 br_name_element *ne = &CTX->name_elts[off];
1292
1293 if (ok) {
1294 len = CTX->pad[0];
1295 if (len < ne->len) {
1296 memcpy(ne->buf, CTX->pad + 1, len);
1297 ne->buf[len] = 0;
1298 ne->status = 1;
1299 } else {
1300 ne->status = -1;
1301 }
1302 } else {
1303 ne->status = -1;
1304 }
1305 }
1306
1307 }
1308 break;
1309 case 32: {
1310 /* data-get8 */
1311
1312 size_t addr = T0_POP();
1313 T0_PUSH(t0_datablock[addr]);
1314
1315 }
1316 break;
1317 case 33: {
1318 /* dn-hash-length */
1319
1320 T0_PUSH(DNHASH_LEN);
1321
1322 }
1323 break;
1324 case 34: {
1325 /* do-ecdsa-vrfy */
1326
1327 size_t qlen = T0_POP();
1328 int curve = T0_POP();
1329 br_x509_pkey pk;
1330
1331 pk.key_type = BR_KEYTYPE_EC;
1332 pk.key.ec.curve = curve;
1333 pk.key.ec.q = CTX->pkey_data;
1334 pk.key.ec.qlen = qlen;
1335 T0_PUSH(verify_signature(CTX, &pk));
1336
1337 }
1338 break;
1339 case 35: {
1340 /* do-rsa-vrfy */
1341
1342 size_t elen = T0_POP();
1343 size_t nlen = T0_POP();
1344 br_x509_pkey pk;
1345
1346 pk.key_type = BR_KEYTYPE_RSA;
1347 pk.key.rsa.n = CTX->pkey_data;
1348 pk.key.rsa.nlen = nlen;
1349 pk.key.rsa.e = CTX->pkey_data + nlen;
1350 pk.key.rsa.elen = elen;
1351 T0_PUSH(verify_signature(CTX, &pk));
1352
1353 }
1354 break;
1355 case 36: {
1356 /* drop */
1357 (void)T0_POP();
1358 }
1359 break;
1360 case 37: {
1361 /* dup */
1362 T0_PUSH(T0_PEEK(0));
1363 }
1364 break;
1365 case 38: {
1366 /* eqOID */
1367
1368 const unsigned char *a2 = &t0_datablock[T0_POP()];
1369 const unsigned char *a1 = &CTX->pad[0];
1370 size_t len = a1[0];
1371 int x;
1372 if (len == a2[0]) {
1373 x = -(memcmp(a1 + 1, a2 + 1, len) == 0);
1374 } else {
1375 x = 0;
1376 }
1377 T0_PUSH((uint32_t)x);
1378
1379 }
1380 break;
1381 case 39: {
1382 /* eqblob */
1383
1384 size_t len = T0_POP();
1385 const unsigned char *a2 = (const unsigned char *)CTX + T0_POP();
1386 const unsigned char *a1 = (const unsigned char *)CTX + T0_POP();
1387 T0_PUSHi(-(memcmp(a1, a2, len) == 0));
1388
1389 }
1390 break;
1391 case 40: {
1392 /* fail */
1393
1394 CTX->err = T0_POPi();
1395 T0_CO();
1396
1397 }
1398 break;
1399 case 41: {
1400 /* get-system-date */
1401
1402 if (CTX->days == 0 && CTX->seconds == 0) {
1403 #if BR_USE_UNIX_TIME
1404 time_t x = time(NULL);
1405
1406 T0_PUSH((uint32_t)(x / 86400) + 719528);
1407 T0_PUSH((uint32_t)(x % 86400));
1408 #elif BR_USE_WIN32_TIME
1409 FILETIME ft;
1410 uint64_t x;
1411
1412 GetSystemTimeAsFileTime(&ft);
1413 x = ((uint64_t)ft.dwHighDateTime << 32)
1414 + (uint64_t)ft.dwLowDateTime;
1415 x = (x / 10000000);
1416 T0_PUSH((uint32_t)(x / 86400) + 584754);
1417 T0_PUSH((uint32_t)(x % 86400));
1418 #else
1419 CTX->err = BR_ERR_X509_TIME_UNKNOWN;
1420 T0_CO();
1421 #endif
1422 } else {
1423 T0_PUSH(CTX->days);
1424 T0_PUSH(CTX->seconds);
1425 }
1426
1427 }
1428 break;
1429 case 42: {
1430 /* get16 */
1431
1432 uint32_t addr = T0_POP();
1433 T0_PUSH(*(uint16_t *)((unsigned char *)CTX + addr));
1434
1435 }
1436 break;
1437 case 43: {
1438 /* get32 */
1439
1440 uint32_t addr = T0_POP();
1441 T0_PUSH(*(uint32_t *)((unsigned char *)CTX + addr));
1442
1443 }
1444 break;
1445 case 44: {
1446 /* match-server-name */
1447
1448 size_t n1, n2;
1449
1450 if (CTX->server_name == NULL) {
1451 T0_PUSH(0);
1452 T0_RET();
1453 }
1454 n1 = strlen(CTX->server_name);
1455 n2 = CTX->pad[0];
1456 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) {
1457 T0_PUSHi(-1);
1458 T0_RET();
1459 }
1460 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') {
1461 size_t u;
1462
1463 u = 0;
1464 while (u < n1 && CTX->server_name[u] != '.') {
1465 u ++;
1466 }
1467 u ++;
1468 n1 -= u;
1469 if ((n2 - 2) == n1
1470 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1))
1471 {
1472 T0_PUSHi(-1);
1473 T0_RET();
1474 }
1475 }
1476 T0_PUSH(0);
1477
1478 }
1479 break;
1480 case 45: {
1481 /* neg */
1482
1483 uint32_t a = T0_POP();
1484 T0_PUSH(-a);
1485
1486 }
1487 break;
1488 case 46: {
1489 /* offset-name-element */
1490
1491 unsigned san = T0_POP();
1492 size_t u;
1493
1494 for (u = 0; u < CTX->num_name_elts; u ++) {
1495 if (CTX->name_elts[u].status == 0) {
1496 const unsigned char *oid;
1497 size_t len, off;
1498
1499 oid = CTX->name_elts[u].oid;
1500 if (san) {
1501 if (oid[0] != 0 || oid[1] != 0) {
1502 continue;
1503 }
1504 off = 2;
1505 } else {
1506 off = 0;
1507 }
1508 len = oid[off];
1509 if (len != 0 && len == CTX->pad[0]
1510 && memcmp(oid + off + 1,
1511 CTX->pad + 1, len) == 0)
1512 {
1513 T0_PUSH(u);
1514 T0_RET();
1515 }
1516 }
1517 }
1518 T0_PUSHi(-1);
1519
1520 }
1521 break;
1522 case 47: {
1523 /* or */
1524
1525 uint32_t b = T0_POP();
1526 uint32_t a = T0_POP();
1527 T0_PUSH(a | b);
1528
1529 }
1530 break;
1531 case 48: {
1532 /* over */
1533 T0_PUSH(T0_PEEK(1));
1534 }
1535 break;
1536 case 49: {
1537 /* read-blob-inner */
1538
1539 uint32_t len = T0_POP();
1540 uint32_t addr = T0_POP();
1541 size_t clen = CTX->hlen;
1542 if (clen > len) {
1543 clen = (size_t)len;
1544 }
1545 if (addr != 0) {
1546 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen);
1547 }
1548 if (CTX->do_mhash) {
1549 br_multihash_update(&CTX->mhash, CTX->hbuf, clen);
1550 }
1551 if (CTX->do_dn_hash) {
1552 CTX->dn_hash_impl->update(
1553 &CTX->dn_hash.vtable, CTX->hbuf, clen);
1554 }
1555 CTX->hbuf += clen;
1556 CTX->hlen -= clen;
1557 T0_PUSH(addr + clen);
1558 T0_PUSH(len - clen);
1559
1560 }
1561 break;
1562 case 50: {
1563 /* read8-low */
1564
1565 if (CTX->hlen == 0) {
1566 T0_PUSHi(-1);
1567 } else {
1568 unsigned char x = *CTX->hbuf ++;
1569 if (CTX->do_mhash) {
1570 br_multihash_update(&CTX->mhash, &x, 1);
1571 }
1572 if (CTX->do_dn_hash) {
1573 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1);
1574 }
1575 CTX->hlen --;
1576 T0_PUSH(x);
1577 }
1578
1579 }
1580 break;
1581 case 51: {
1582 /* roll */
1583 T0_ROLL(T0_POP());
1584 }
1585 break;
1586 case 52: {
1587 /* rot */
1588 T0_ROT();
1589 }
1590 break;
1591 case 53: {
1592 /* set16 */
1593
1594 uint32_t addr = T0_POP();
1595 *(uint16_t *)((unsigned char *)CTX + addr) = T0_POP();
1596
1597 }
1598 break;
1599 case 54: {
1600 /* set32 */
1601
1602 uint32_t addr = T0_POP();
1603 *(uint32_t *)((unsigned char *)CTX + addr) = T0_POP();
1604
1605 }
1606 break;
1607 case 55: {
1608 /* set8 */
1609
1610 uint32_t addr = T0_POP();
1611 *((unsigned char *)CTX + addr) = (unsigned char)T0_POP();
1612
1613 }
1614 break;
1615 case 56: {
1616 /* start-dn-hash */
1617
1618 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable);
1619 CTX->do_dn_hash = 1;
1620
1621 }
1622 break;
1623 case 57: {
1624 /* start-tbs-hash */
1625
1626 br_multihash_init(&CTX->mhash);
1627 CTX->do_mhash = 1;
1628
1629 }
1630 break;
1631 case 58: {
1632 /* stop-tbs-hash */
1633
1634 CTX->do_mhash = 0;
1635
1636 }
1637 break;
1638 case 59: {
1639 /* swap */
1640 T0_SWAP();
1641 }
1642 break;
1643 case 60: {
1644 /* zero-server-name */
1645
1646 T0_PUSHi(-(CTX->server_name == NULL));
1647
1648 }
1649 break;
1650 }
1651
1652 } else {
1653 T0_ENTER(ip, rp, t0x);
1654 }
1655 }
1656 t0_exit:
1657 ((t0_context *)t0ctx)->dp = dp;
1658 ((t0_context *)t0ctx)->rp = rp;
1659 ((t0_context *)t0ctx)->ip = ip;
1660 }
1661
1662
1663
1664 /*
1665 * Verify the signature on the certificate with the provided public key.
1666 * This function checks the public key type with regards to the expected
1667 * type. Returned value is either 0 on success, or a non-zero error code.
1668 */
1669 static int
1670 verify_signature(br_x509_minimal_context *ctx, const br_x509_pkey *pk)
1671 {
1672 int kt;
1673
1674 kt = ctx->cert_signer_key_type;
1675 if ((pk->key_type & 0x0F) != kt) {
1676 return BR_ERR_X509_WRONG_KEY_TYPE;
1677 }
1678 switch (kt) {
1679 unsigned char tmp[64];
1680
1681 case BR_KEYTYPE_RSA:
1682 if (ctx->irsa == 0) {
1683 return BR_ERR_X509_UNSUPPORTED;
1684 }
1685 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len,
1686 &t0_datablock[ctx->cert_sig_hash_oid],
1687 ctx->cert_sig_hash_len, &pk->key.rsa, tmp))
1688 {
1689 return BR_ERR_X509_BAD_SIGNATURE;
1690 }
1691 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) {
1692 return BR_ERR_X509_BAD_SIGNATURE;
1693 }
1694 return 0;
1695
1696 case BR_KEYTYPE_EC:
1697 if (ctx->iecdsa == 0) {
1698 return BR_ERR_X509_UNSUPPORTED;
1699 }
1700 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash,
1701 ctx->cert_sig_hash_len, &pk->key.ec,
1702 ctx->cert_sig, ctx->cert_sig_len))
1703 {
1704 return BR_ERR_X509_BAD_SIGNATURE;
1705 }
1706 return 0;
1707
1708 default:
1709 return BR_ERR_X509_UNSUPPORTED;
1710 }
1711 }
1712
1713
The BearSSL library and tools.