1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 /* static const unsigned char t0_datablock[]; */
64 void br_x509_minimal_init_main(void *t0ctx
);
66 void br_x509_minimal_run(void *t0ctx
);
79 * Implementation Notes
80 * --------------------
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
89 * The T0 code sets cert_length to 0 when the certificate is fully
92 * The C code must still perform two checks:
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
102 * Processing of a chain works in the following way:
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
113 * -- Start of the TBS: the multihash engine is reset and activated.
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
157 * -- Extensions: extension values are processed in due order.
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
181 * -- End of the TBS: the multihash engine is stopped.
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
190 * -- Signature value: the signature value is copied into the
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
203 #ifndef BR_USE_UNIX_TIME
204 #if defined __unix__ || defined __linux__ \
205 || defined _POSIX_SOURCE || defined _POSIX_C_SOURCE \
206 || (defined __APPLE__ && defined __MACH__)
207 #define BR_USE_UNIX_TIME 1
211 #ifndef BR_USE_WIN32_TIME
212 #if defined _WIN32 || defined _WIN64
213 #define BR_USE_WIN32_TIME 1
221 #if BR_USE_WIN32_TIME
226 * The T0 compiler will produce these prototypes declarations in the
229 void br_x509_minimal_init_main(void *ctx);
230 void br_x509_minimal_run(void *ctx);
233 /* see bearssl_x509.h */
235 br_x509_minimal_init(br_x509_minimal_context
*ctx
,
236 const br_hash_class
*dn_hash_impl
,
237 const br_x509_trust_anchor
*trust_anchors
, size_t trust_anchors_num
)
239 memset(ctx
, 0, sizeof *ctx
);
240 ctx
->vtable
= &br_x509_minimal_vtable
;
241 ctx
->dn_hash_impl
= dn_hash_impl
;
242 ctx
->trust_anchors
= trust_anchors
;
243 ctx
->trust_anchors_num
= trust_anchors_num
;
247 xm_start_chain(const br_x509_class
**ctx
, const char *server_name
)
249 br_x509_minimal_context
*cc
;
252 cc
= (br_x509_minimal_context
*)(void *)ctx
;
253 for (u
= 0; u
< cc
->num_name_elts
; u
++) {
254 cc
->name_elts
[u
].status
= 0;
255 cc
->name_elts
[u
].buf
[0] = 0;
257 memset(&cc
->pkey
, 0, sizeof cc
->pkey
);
260 cc
->cpu
.dp
= cc
->dp_stack
;
261 cc
->cpu
.rp
= cc
->rp_stack
;
262 br_x509_minimal_init_main(&cc
->cpu
);
263 if (server_name
== NULL
|| *server_name
== 0) {
264 cc
->server_name
= NULL
;
266 cc
->server_name
= server_name
;
271 xm_start_cert(const br_x509_class
**ctx
, uint32_t length
)
273 br_x509_minimal_context
*cc
;
275 cc
= (br_x509_minimal_context
*)(void *)ctx
;
280 cc
->err
= BR_ERR_X509_TRUNCATED
;
283 cc
->cert_length
= length
;
287 xm_append(const br_x509_class
**ctx
, const unsigned char *buf
, size_t len
)
289 br_x509_minimal_context
*cc
;
291 cc
= (br_x509_minimal_context
*)(void *)ctx
;
297 br_x509_minimal_run(&cc
->cpu
);
301 xm_end_cert(const br_x509_class
**ctx
)
303 br_x509_minimal_context
*cc
;
305 cc
= (br_x509_minimal_context
*)(void *)ctx
;
306 if (cc
->err
== 0 && cc
->cert_length
!= 0) {
307 cc
->err
= BR_ERR_X509_TRUNCATED
;
313 xm_end_chain(const br_x509_class
**ctx
)
315 br_x509_minimal_context
*cc
;
317 cc
= (br_x509_minimal_context
*)(void *)ctx
;
319 if (cc
->num_certs
== 0) {
320 cc
->err
= BR_ERR_X509_EMPTY_CHAIN
;
322 cc
->err
= BR_ERR_X509_NOT_TRUSTED
;
324 } else if (cc
->err
== BR_ERR_X509_OK
) {
327 return (unsigned)cc
->err
;
330 static const br_x509_pkey
*
331 xm_get_pkey(const br_x509_class
*const *ctx
, unsigned *usages
)
333 br_x509_minimal_context
*cc
;
335 cc
= (br_x509_minimal_context
*)(void *)ctx
;
336 if (cc
->err
== BR_ERR_X509_OK
337 || cc
->err
== BR_ERR_X509_NOT_TRUSTED
)
339 if (usages
!= NULL
) {
340 *usages
= cc
->key_usages
;
342 return &((br_x509_minimal_context
*)(void *)ctx
)->pkey
;
348 /* see bearssl_x509.h */
349 const br_x509_class br_x509_minimal_vtable
= {
350 sizeof(br_x509_minimal_context
),
359 #define CTX ((br_x509_minimal_context *)(void *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
360 #define CONTEXT_NAME br_x509_minimal_context
362 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
365 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
366 * DN hash implementation and context structure from the X.509 engine
370 hash_dn(br_x509_minimal_context
*ctx
, const void *dn
, size_t len
,
373 ctx
->dn_hash_impl
->init(&ctx
->dn_hash
.vtable
);
374 ctx
->dn_hash_impl
->update(&ctx
->dn_hash
.vtable
, dn
, len
);
375 ctx
->dn_hash_impl
->out(&ctx
->dn_hash
.vtable
, out
);
379 * Compare two big integers for equality. The integers use unsigned big-endian
380 * encoding; extra leading bytes (of value 0) are allowed.
383 eqbigint(const unsigned char *b1
, size_t len1
,
384 const unsigned char *b2
, size_t len2
)
386 while (len1
> 0 && *b1
== 0) {
390 while (len2
> 0 && *b2
== 0) {
397 return memcmp(b1
, b2
, len1
) == 0;
401 * Compare two strings for equality, in a case-insensitive way. This
402 * function handles casing only for ASCII letters.
405 eqnocase(const void *s1
, const void *s2
, size_t len
)
407 const unsigned char *buf1
, *buf2
;
416 if (x1
>= 'A' && x1
<= 'Z') {
419 if (x2
>= 'A' && x2
<= 'Z') {
429 static int verify_signature(br_x509_minimal_context
*ctx
,
430 const br_x509_pkey
*pk
);
434 static const unsigned char t0_datablock
[] = {
435 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
436 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
437 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
438 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
439 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
440 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
441 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
442 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
443 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
444 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
445 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
446 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
447 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
448 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
449 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
450 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
451 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
452 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
453 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
454 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
455 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01,
456 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D,
457 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D,
458 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
459 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
462 static const unsigned char t0_codeblock
[] = {
463 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
464 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
465 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_BAD_BOOLEAN
), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_BAD_DN
), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME
), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS
), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE
), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_BAD_TIME
), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION
), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_DN_MISMATCH
), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_X509_EXPIRED
), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT
), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE
), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH
), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_X509_INNER_TRUNC
), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
480 T0_INT1(BR_ERR_X509_NOT_CA
), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED
), 0x00, 0x00, 0x01,
482 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE
), 0x00, 0x00, 0x01,
483 T0_INT1(BR_ERR_X509_OVERFLOW
), 0x00, 0x00, 0x01,
484 T0_INT1(BR_ERR_X509_PARTIAL_BYTE
), 0x00, 0x00, 0x01,
485 T0_INT1(BR_ERR_X509_UNEXPECTED
), 0x00, 0x00, 0x01,
486 T0_INT1(BR_ERR_X509_UNSUPPORTED
), 0x00, 0x00, 0x01,
487 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY
), 0x00, 0x00, 0x01,
488 T0_INT1(BR_KEYTYPE_EC
), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA
),
489 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_length
)), 0x00,
490 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig
)), 0x00, 0x00,
491 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_len
)), 0x00, 0x00,
492 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_oid
)), 0x00, 0x00,
493 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_len
)), 0x00, 0x00, 0x01,
494 T0_INT2(offsetof(CONTEXT_NAME
, cert_signer_key_type
)), 0x00, 0x00,
495 0x01, T0_INT2(offsetof(CONTEXT_NAME
, current_dn_hash
)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(CONTEXT_NAME
, key_usages
)), 0x00, 0x00, 0x01,
497 T0_INT2(offsetof(br_x509_minimal_context
, pkey_data
)), 0x01,
498 T0_INT2(BR_X509_BUFSIZE_KEY
), 0x00, 0x00, 0x01,
499 T0_INT2(offsetof(CONTEXT_NAME
, min_rsa_size
)), 0x00, 0x00, 0x01,
500 T0_INT2(offsetof(CONTEXT_NAME
, next_dn_hash
)), 0x00, 0x00, 0x01,
501 T0_INT2(offsetof(CONTEXT_NAME
, num_certs
)), 0x00, 0x00, 0x01,
502 T0_INT2(offsetof(CONTEXT_NAME
, pad
)), 0x00, 0x00, 0x01,
503 T0_INT2(offsetof(CONTEXT_NAME
, saved_dn_hash
)), 0x00, 0x00, 0xC9, 0x71,
504 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
505 0x01, 0x81, 0x02, 0x00, 0x00, 0x92, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
506 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
507 0x00, 0x00, 0x01, 0x82, 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00,
508 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
509 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
510 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
511 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
512 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00,
513 0x06, 0x02, 0x53, 0x28, 0x00, 0x00, 0x01, 0x10, 0x77, 0x00, 0x00, 0x11,
514 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28,
515 0x75, 0x00, 0x00, 0x06, 0x02, 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x11,
516 0x00, 0x00, 0x25, 0x20, 0x01, 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00,
517 0x09, 0x03, 0x00, 0x5B, 0x2B, 0xAF, 0x39, 0xAF, 0xB3, 0x25, 0x01, 0x20,
518 0x11, 0x06, 0x11, 0x24, 0x74, 0xAD, 0xB3, 0x01, 0x02, 0x78, 0xB0, 0x01,
519 0x02, 0x12, 0x06, 0x02, 0x57, 0x28, 0x79, 0xB3, 0x01, 0x02, 0x78, 0xAE,
520 0xAF, 0xC2, 0x9C, 0x65, 0x61, 0x21, 0x16, 0xAF, 0xA7, 0x29, 0x69, 0x06,
521 0x02, 0x4B, 0x28, 0xA7, 0x29, 0x71, 0x06, 0x02, 0x4B, 0x28, 0x79, 0x02,
522 0x00, 0x06, 0x05, 0x9D, 0x03, 0x01, 0x04, 0x09, 0x9C, 0x61, 0x68, 0x21,
523 0x27, 0x05, 0x02, 0x4A, 0x28, 0x68, 0x65, 0x21, 0x16, 0xAF, 0xAF, 0x9E,
524 0x05, 0x02, 0x57, 0x28, 0xBC, 0x26, 0x06, 0x27, 0xC2, 0xA4, 0xAF, 0x63,
525 0xAA, 0x03, 0x03, 0x63, 0x3B, 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A,
526 0xAA, 0x03, 0x04, 0x79, 0x64, 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03,
527 0x12, 0x06, 0x02, 0x58, 0x28, 0x79, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x88,
528 0x26, 0x06, 0x34, 0x9E, 0x05, 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04,
529 0x01, 0x17, 0x04, 0x12, 0x6B, 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A,
530 0x6C, 0x26, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05,
531 0x79, 0xA4, 0x25, 0x03, 0x06, 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50,
532 0x28, 0xA5, 0x59, 0x03, 0x02, 0x04, 0x02, 0x57, 0x28, 0x79, 0x02, 0x00,
533 0x06, 0x21, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03,
534 0x02, 0x04, 0x1D, 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02,
535 0x05, 0x02, 0x06, 0x1C, 0x04, 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02,
536 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23,
537 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06,
538 0x22, 0x04, 0x03, 0x57, 0x28, 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01,
539 0x00, 0x03, 0x07, 0xB4, 0x01, 0x21, 0x8F, 0x01, 0x22, 0x8F, 0x25, 0x01,
540 0x23, 0x11, 0x06, 0x81, 0x26, 0x24, 0x74, 0xAD, 0xAF, 0x25, 0x06, 0x81,
541 0x1A, 0x01, 0x00, 0x03, 0x08, 0xAF, 0x9E, 0x24, 0xB3, 0x25, 0x01, 0x01,
542 0x11, 0x06, 0x04, 0xA6, 0x03, 0x08, 0xB3, 0x01, 0x04, 0x78, 0xAD, 0x70,
543 0x26, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC3, 0x04, 0x05, 0x99, 0x01,
544 0x7F, 0x03, 0x07, 0x04, 0x80, 0x6C, 0x91, 0x26, 0x06, 0x06, 0x02, 0x00,
545 0x9B, 0x04, 0x80, 0x62, 0xC5, 0x26, 0x06, 0x11, 0x02, 0x00, 0x06, 0x09,
546 0x01, 0x00, 0x03, 0x01, 0x98, 0x03, 0x01, 0x04, 0x01, 0xC3, 0x04, 0x80,
547 0x4D, 0x73, 0x26, 0x06, 0x0A, 0x02, 0x08, 0x06, 0x03, 0x9A, 0x04, 0x01,
548 0xC3, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x38, 0xC8, 0x26,
549 0x06, 0x03, 0xC3, 0x04, 0x31, 0x90, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x2A,
550 0xC6, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x23, 0x7A, 0x26, 0x06, 0x03, 0xC3,
551 0x04, 0x1C, 0x85, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x15, 0x6E, 0x26, 0x06,
552 0x03, 0xC3, 0x04, 0x0E, 0xC7, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x07, 0x02,
553 0x08, 0x06, 0x02, 0x49, 0x28, 0xC3, 0x79, 0x79, 0x04, 0xFE, 0x62, 0x79,
554 0x79, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02, 0x56, 0x28, 0x24, 0x79,
555 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C, 0x2F, 0x05, 0x02, 0x45,
556 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00, 0x02, 0x07, 0x2F, 0x05,
557 0x02, 0x51, 0x28, 0xB3, 0x76, 0xAD, 0x9E, 0x06, 0x80, 0x77, 0xBD, 0x26,
558 0x06, 0x07, 0x01, 0x02, 0x5A, 0x8A, 0x04, 0x80, 0x5E, 0xBE, 0x26, 0x06,
559 0x07, 0x01, 0x03, 0x5A, 0x8B, 0x04, 0x80, 0x53, 0xBF, 0x26, 0x06, 0x07,
560 0x01, 0x04, 0x5A, 0x8C, 0x04, 0x80, 0x48, 0xC0, 0x26, 0x06, 0x06, 0x01,
561 0x05, 0x5A, 0x8D, 0x04, 0x3E, 0xC1, 0x26, 0x06, 0x06, 0x01, 0x06, 0x5A,
562 0x8E, 0x04, 0x34, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x02, 0x59, 0x8A, 0x04,
563 0x2A, 0x80, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59, 0x8B, 0x04, 0x20, 0x81,
564 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8C, 0x04, 0x16, 0x82, 0x26, 0x06,
565 0x06, 0x01, 0x05, 0x59, 0x8D, 0x04, 0x0C, 0x83, 0x26, 0x06, 0x06, 0x01,
566 0x06, 0x59, 0x8E, 0x04, 0x02, 0x57, 0x28, 0x5E, 0x35, 0x60, 0x37, 0x1B,
567 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04, 0x02, 0x57, 0x28, 0xC2,
568 0xA4, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG
), 0x12, 0x06, 0x02, 0x50,
569 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA5, 0x79, 0x79, 0x01, 0x00, 0x5B, 0x36,
570 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01, 0x00, 0x01, 0x09, 0x72,
571 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30, 0x00, 0x00, 0x01, 0x81,
572 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 0x01, 0x81, 0x19, 0x00,
573 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 0x2B, 0x00, 0x01, 0x7E,
574 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F, 0x11, 0x15, 0x06, 0x03,
575 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25, 0xCA, 0x05, 0x04, 0x42,
576 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x96, 0x04,
577 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06, 0x0F, 0x01, 0x06, 0x14,
578 0x01, 0x81, 0x40, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x00, 0x97, 0x04, 0x33,
579 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14, 0x01, 0x0C, 0x14, 0x01,
580 0x81, 0x60, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00, 0x01,
581 0x00, 0x97, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01, 0x81, 0x70, 0x2F, 0x96,
582 0x02, 0x00, 0x01, 0x0C, 0x97, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00,
583 0x01, 0x00, 0x97, 0x00, 0x00, 0x01, 0x82, 0x15, 0x00, 0x00, 0x25, 0x01,
584 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x81,
585 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00,
586 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80,
587 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00,
588 0x00, 0x30, 0x11, 0x06, 0x04, 0x42, 0xAD, 0xC2, 0xB4, 0x00, 0x00, 0x01,
589 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83,
590 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62,
591 0x37, 0x01, 0x7F, 0x7C, 0x19, 0x01, 0x00, 0x7C, 0x19, 0x04, 0x7A, 0x00,
592 0x01, 0x81, 0x38, 0x00, 0x01, 0x7E, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25,
593 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01,
594 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67,
595 0x09, 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00,
596 0x2F, 0x96, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAF, 0x25, 0x06, 0x80,
597 0x59, 0xB3, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x74, 0xAD, 0x9E,
598 0x24, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB3, 0x01, 0x20, 0x77, 0xAD, 0xB2,
599 0x02, 0x01, 0x1F, 0x79, 0x79, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06,
600 0x08, 0x24, 0x75, 0xB6, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30,
601 0x11, 0x06, 0x11, 0x24, 0x75, 0xB6, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00,
602 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11,
603 0x06, 0x08, 0x24, 0x75, 0xB6, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAE,
604 0x01, 0x00, 0x24, 0x04, 0xFF, 0x23, 0x79, 0x02, 0x00, 0x00, 0x00, 0xAF,
605 0xB4, 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA6, 0x05, 0x02, 0x51, 0x28,
606 0xB4, 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24,
607 0x75, 0xB0, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB4, 0x01,
608 0x7F, 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x79, 0x00, 0x00, 0xAF, 0x25,
609 0x06, 0x1A, 0xAF, 0x9E, 0x24, 0x25, 0x06, 0x11, 0xAF, 0x25, 0x06, 0x0C,
610 0xAF, 0x9E, 0x24, 0x89, 0x26, 0x05, 0x02, 0x49, 0x28, 0xC2, 0x04, 0x71,
611 0x79, 0x79, 0x04, 0x63, 0x79, 0x00, 0x02, 0x03, 0x00, 0xB3, 0x01, 0x03,
612 0x78, 0xAD, 0xBA, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12, 0x06, 0x02,
613 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24, 0x4D, 0x28,
614 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xBA, 0x02, 0x01,
615 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xBA, 0x01, 0x00, 0x24, 0x02,
616 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06, 0x03, 0x01,
617 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01, 0x20, 0x2F,
618 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D, 0x28, 0xC2,
619 0x00, 0x00, 0x38, 0xAF, 0xC2, 0x1A, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00,
620 0x38, 0xAF, 0x25, 0x06, 0x30, 0xB3, 0x01, 0x11, 0x77, 0xAD, 0x25, 0x05,
621 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAF, 0x9E, 0x24, 0x87, 0x26, 0x03,
622 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xB2, 0x25, 0x02, 0x01, 0x15, 0x06,
623 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02, 0x1F, 0x79,
624 0x04, 0x5D, 0x79, 0x04, 0x4D, 0x79, 0x1A, 0x02, 0x00, 0x00, 0x00, 0xB3,
625 0x01, 0x06, 0x78, 0xB1, 0x00, 0x00, 0xB8, 0x86, 0x06, 0x0E, 0x3B, 0x25,
626 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB8, 0x6D, 0x04, 0x08,
627 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB9, 0x86,
628 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00,
629 0xB9, 0x6D, 0x04, 0x08, 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00,
630 0x00, 0x00, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x00, 0x04,
631 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24, 0x01, 0x00,
632 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06, 0x0E, 0x01,
633 0x1F, 0x15, 0x01, 0x01, 0xA3, 0x01, 0x81, 0x00, 0x01, 0x8F, 0x7F, 0x04,
634 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F, 0x15, 0x01,
635 0x02, 0xA3, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04, 0x1C, 0x25,
636 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01, 0x03, 0xA3,
637 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04, 0x04, 0x24,
638 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00, 0x00, 0x3B,
639 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xBA, 0x34, 0x25,
640 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B, 0x25, 0x01,
641 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F, 0x00, 0x01,
642 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0xA2, 0x34, 0x41,
643 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB3, 0x01, 0x03, 0x78, 0xAD, 0xBA,
644 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07, 0x31, 0x25,
645 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01, 0x78, 0xAC,
646 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xBA, 0x3E, 0x00, 0x04, 0xB3,
647 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28, 0x01, 0x18,
648 0x11, 0x03, 0x00, 0x75, 0xAD, 0xA8, 0x02, 0x00, 0x06, 0x0C, 0x01, 0x80,
649 0x64, 0x08, 0x03, 0x01, 0xA8, 0x02, 0x01, 0x09, 0x04, 0x0E, 0x25, 0x01,
650 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E, 0x6C, 0x09,
651 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01, 0x01, 0x03,
652 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63, 0x09, 0x01,
653 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09, 0x01, 0x83,
654 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA9, 0x41, 0x01,
655 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01, 0x01, 0x80,
656 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F, 0x2F, 0x15,
657 0x06, 0x03, 0x01, 0x18, 0x09, 0x94, 0x09, 0x7B, 0x25, 0x01, 0x05, 0x14,
658 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01, 0x3B, 0xA9,
659 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17, 0xA9, 0x01,
660 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA9, 0x01, 0x3C,
661 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C, 0xA9, 0x02,
662 0x02, 0x09, 0x03, 0x02, 0xBA, 0x25, 0x01, 0x2E, 0x11, 0x06, 0x0D, 0x24,
663 0xBA, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24, 0x04, 0x74,
664 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x79, 0x02, 0x03, 0x02,
665 0x02, 0x00, 0x01, 0xBA, 0x7D, 0x01, 0x0A, 0x08, 0x03, 0x00, 0xBA, 0x7D,
666 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA8, 0x25, 0x02,
667 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x34, 0xB3,
668 0x01, 0x02, 0x78, 0x0B, 0xAB, 0x00, 0x03, 0x25, 0x03, 0x00, 0x03, 0x01,
669 0x03, 0x02, 0xAD, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06, 0x02, 0x54,
670 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05, 0x04, 0x24,
671 0x01, 0x00, 0x00, 0xBA, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05, 0x02, 0x50,
672 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40, 0x03, 0x02,
673 0x25, 0x06, 0x03, 0xBA, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02, 0x01, 0x0A,
674 0x00, 0x01, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01, 0x00, 0x01,
675 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00, 0x01, 0x00,
676 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41, 0x03, 0x00,
677 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F, 0x28, 0x01,
678 0x08, 0x0E, 0x3B, 0xBA, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00, 0xAC, 0x95,
679 0x00, 0x00, 0xAD, 0xC2, 0x00, 0x00, 0xB3, 0x76, 0xAD, 0x00, 0x01, 0xAD,
680 0x25, 0x05, 0x02, 0x54, 0x28, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
681 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xBA, 0x02, 0x00, 0x25,
682 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28, 0x01, 0x08,
683 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00, 0x00, 0xAD,
684 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xC2, 0x01, 0x00, 0x67, 0x37,
685 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA5, 0x01, 0x7F, 0x00,
686 0x00, 0xB3, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB6, 0x04,
687 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x33,
688 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x28, 0x01,
689 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x1D, 0x01, 0x16,
690 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x12, 0x01, 0x1E, 0x30,
691 0x11, 0x06, 0x05, 0x24, 0x75, 0xB5, 0x04, 0x07, 0x42, 0xAE, 0x01, 0x00,
692 0x01, 0x00, 0x24, 0x00, 0x01, 0xBA, 0x03, 0x00, 0x02, 0x00, 0x01, 0x05,
693 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14, 0x25, 0x01,
694 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02, 0x00, 0x01,
695 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28, 0x09, 0x00,
696 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB3, 0x00, 0x01,
697 0xAD, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01, 0x01, 0x03,
698 0x00, 0x9F, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16, 0x24, 0x25,
699 0x06, 0x10, 0xA0, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02,
700 0x00, 0x84, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05, 0x05, 0x24,
701 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x25, 0x06, 0x0B,
702 0x9F, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x04, 0x6D, 0x24,
703 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00,
704 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xA1, 0x25, 0x05,
705 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x04,
706 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
707 0x7F, 0x00, 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xBA,
708 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03,
709 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
710 0x37, 0x01, 0x7F, 0x00, 0x00, 0xBA, 0x01, 0x08, 0x0E, 0x3B, 0xBA, 0x34,
711 0x09, 0x00, 0x00, 0xBA, 0x3B, 0xBA, 0x01, 0x08, 0x0E, 0x34, 0x09, 0x00,
712 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xBB, 0x00, 0x00, 0x32, 0x25,
713 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74, 0x00, 0x01,
714 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00, 0x00, 0x01,
715 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00, 0x00, 0xC3,
716 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC4, 0x25, 0x06, 0x01, 0x19, 0x04,
717 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00, 0x00, 0x01,
718 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00, 0x00, 0x01, 0x82, 0x22,
719 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x01, 0x03, 0x33, 0x01, 0x03,
720 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFD, 0x5F,
721 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00,
722 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x01,
723 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
726 static const uint16_t t0_caddr
[] = {
871 #define T0_INTERPRETED 61
873 #define T0_ENTER(ip, rp, slot) do { \
874 const unsigned char *t0_newip; \
876 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
877 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
879 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
883 #define T0_DEFENTRY(name, slot) \
887 t0_context *t0ctx = ctx; \
888 t0ctx->ip = &t0_codeblock[0]; \
889 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
892 T0_DEFENTRY(br_x509_minimal_init_main
, 147)
894 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
897 br_x509_minimal_run(void *t0ctx
)
900 const unsigned char *ip
;
902 #define T0_LOCAL(x) (*(rp - 2 - (x)))
903 #define T0_POP() (*-- dp)
904 #define T0_POPi() (*(int32_t *)(-- dp))
905 #define T0_PEEK(x) (*(dp - 1 - (x)))
906 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
907 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
908 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
909 #define T0_RPOP() (*-- rp)
910 #define T0_RPOPi() (*(int32_t *)(-- rp))
911 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
912 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
913 #define T0_ROLL(x) do { \
914 size_t t0len = (size_t)(x); \
915 uint32_t t0tmp = *(dp - 1 - t0len); \
916 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
919 #define T0_SWAP() do { \
920 uint32_t t0tmp = *(dp - 2); \
921 *(dp - 2) = *(dp - 1); \
924 #define T0_ROT() do { \
925 uint32_t t0tmp = *(dp - 3); \
926 *(dp - 3) = *(dp - 2); \
927 *(dp - 2) = *(dp - 1); \
930 #define T0_NROT() do { \
931 uint32_t t0tmp = *(dp - 1); \
932 *(dp - 1) = *(dp - 2); \
933 *(dp - 2) = *(dp - 3); \
936 #define T0_PICK(x) do { \
937 uint32_t t0depth = (x); \
938 T0_PUSH(T0_PEEK(t0depth)); \
940 #define T0_CO() do { \
943 #define T0_RET() goto t0_next
945 dp
= ((t0_context
*)t0ctx
)->dp
;
946 rp
= ((t0_context
*)t0ctx
)->rp
;
947 ip
= ((t0_context
*)t0ctx
)->ip
;
954 if (t0x
< T0_INTERPRETED
) {
966 ip
= &t0_codeblock
[t0x
];
968 case 1: /* literal constant */
969 T0_PUSHi(t0_parse7E_signed(&ip
));
971 case 2: /* read local */
972 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
974 case 3: /* write local */
975 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
978 t0off
= t0_parse7E_signed(&ip
);
981 case 5: /* jump if */
982 t0off
= t0_parse7E_signed(&ip
);
987 case 6: /* jump if not */
988 t0off
= t0_parse7E_signed(&ip
);
996 int32_t b
= T0_POPi();
997 int32_t a
= T0_POPi();
1005 uint32_t b
= T0_POP();
1006 uint32_t a
= T0_POP();
1014 uint32_t b
= T0_POP();
1015 uint32_t a
= T0_POP();
1023 uint32_t b
= T0_POP();
1024 uint32_t a
= T0_POP();
1037 int32_t b
= T0_POPi();
1038 int32_t a
= T0_POPi();
1046 int32_t b
= T0_POPi();
1047 int32_t a
= T0_POPi();
1048 T0_PUSH(-(uint32_t)(a
< b
));
1055 int c
= (int)T0_POPi();
1056 uint32_t x
= T0_POP();
1064 int32_t b
= T0_POPi();
1065 int32_t a
= T0_POPi();
1066 T0_PUSH(-(uint32_t)(a
<= b
));
1073 uint32_t b
= T0_POP();
1074 uint32_t a
= T0_POP();
1075 T0_PUSH(-(uint32_t)(a
!= b
));
1082 uint32_t b
= T0_POP();
1083 uint32_t a
= T0_POP();
1084 T0_PUSH(-(uint32_t)(a
== b
));
1091 int32_t b
= T0_POPi();
1092 int32_t a
= T0_POPi();
1093 T0_PUSH(-(uint32_t)(a
> b
));
1100 int32_t b
= T0_POPi();
1101 int32_t a
= T0_POPi();
1102 T0_PUSH(-(uint32_t)(a
>= b
));
1109 int c
= (int)T0_POPi();
1110 int32_t x
= T0_POPi();
1118 uint32_t b
= T0_POP();
1119 uint32_t a
= T0_POP();
1127 size_t len
= T0_POP();
1128 unsigned char *src
= (unsigned char *)CTX
+ T0_POP();
1129 unsigned char *dst
= (unsigned char *)CTX
+ T0_POP();
1130 memcpy(dst
, src
, len
);
1135 /* check-direct-trust */
1139 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1140 const br_x509_trust_anchor
*ta
;
1141 unsigned char hashed_DN
[64];
1144 ta
= &CTX
->trust_anchors
[u
];
1145 if (ta
->flags
& BR_X509_TA_CA
) {
1148 hash_dn(CTX
, ta
->dn
.data
, ta
->dn
.len
, hashed_DN
);
1149 if (memcmp(hashed_DN
, CTX
->current_dn_hash
, DNHASH_LEN
)) {
1152 kt
= CTX
->pkey
.key_type
;
1153 if ((ta
->pkey
.key_type
& 0x0F) != kt
) {
1158 case BR_KEYTYPE_RSA
:
1159 if (!eqbigint(CTX
->pkey
.key
.rsa
.n
,
1160 CTX
->pkey
.key
.rsa
.nlen
,
1162 ta
->pkey
.key
.rsa
.nlen
)
1163 || !eqbigint(CTX
->pkey
.key
.rsa
.e
,
1164 CTX
->pkey
.key
.rsa
.elen
,
1166 ta
->pkey
.key
.rsa
.elen
))
1173 if (CTX
->pkey
.key
.ec
.curve
!= ta
->pkey
.key
.ec
.curve
1174 || CTX
->pkey
.key
.ec
.qlen
!= ta
->pkey
.key
.ec
.qlen
1175 || memcmp(CTX
->pkey
.key
.ec
.q
,
1177 ta
->pkey
.key
.ec
.qlen
) != 0)
1188 * Direct trust match!
1190 CTX
->err
= BR_ERR_X509_OK
;
1197 /* check-trust-anchor-CA */
1201 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1202 const br_x509_trust_anchor
*ta
;
1203 unsigned char hashed_DN
[64];
1205 ta
= &CTX
->trust_anchors
[u
];
1206 if (!(ta
->flags
& BR_X509_TA_CA
)) {
1209 hash_dn(CTX
, ta
->dn
.data
, ta
->dn
.len
, hashed_DN
);
1210 if (memcmp(hashed_DN
, CTX
->saved_dn_hash
, DNHASH_LEN
)) {
1213 if (verify_signature(CTX
, &ta
->pkey
) == 0) {
1214 CTX
->err
= BR_ERR_X509_OK
;
1227 /* compute-dn-hash */
1229 CTX
->dn_hash_impl
->out(&CTX
->dn_hash
.vtable
, CTX
->current_dn_hash
);
1230 CTX
->do_dn_hash
= 0;
1235 /* compute-tbs-hash */
1239 len
= br_multihash_out(&CTX
->mhash
, id
, CTX
->tbs_hash
);
1245 /* copy-ee-ec-pkey */
1247 size_t qlen
= T0_POP();
1248 uint32_t curve
= T0_POP();
1249 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, qlen
);
1250 CTX
->pkey
.key_type
= BR_KEYTYPE_EC
;
1251 CTX
->pkey
.key
.ec
.curve
= curve
;
1252 CTX
->pkey
.key
.ec
.q
= CTX
->ee_pkey_data
;
1253 CTX
->pkey
.key
.ec
.qlen
= qlen
;
1258 /* copy-ee-rsa-pkey */
1260 size_t elen
= T0_POP();
1261 size_t nlen
= T0_POP();
1262 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, nlen
+ elen
);
1263 CTX
->pkey
.key_type
= BR_KEYTYPE_RSA
;
1264 CTX
->pkey
.key
.rsa
.n
= CTX
->ee_pkey_data
;
1265 CTX
->pkey
.key
.rsa
.nlen
= nlen
;
1266 CTX
->pkey
.key
.rsa
.e
= CTX
->ee_pkey_data
+ nlen
;
1267 CTX
->pkey
.key
.rsa
.elen
= elen
;
1274 unsigned tag
= T0_POP();
1275 unsigned ok
= T0_POP();
1279 for (u
= 0; u
< CTX
->num_name_elts
; u
++) {
1280 br_name_element
*ne
;
1282 ne
= &CTX
->name_elts
[u
];
1283 if (ne
->status
== 0 && ne
->oid
[0] == 0 && ne
->oid
[1] == tag
) {
1284 if (ok
&& ne
->len
> len
) {
1285 memcpy(ne
->buf
, CTX
->pad
+ 1, len
);
1298 /* copy-name-element */
1301 int32_t off
= T0_POPi();
1305 br_name_element
*ne
= &CTX
->name_elts
[off
];
1309 if (len
< ne
->len
) {
1310 memcpy(ne
->buf
, CTX
->pad
+ 1, len
);
1326 size_t addr
= T0_POP();
1327 T0_PUSH(t0_datablock
[addr
]);
1332 /* dn-hash-length */
1334 T0_PUSH(DNHASH_LEN
);
1341 size_t qlen
= T0_POP();
1342 int curve
= T0_POP();
1345 pk
.key_type
= BR_KEYTYPE_EC
;
1346 pk
.key
.ec
.curve
= curve
;
1347 pk
.key
.ec
.q
= CTX
->pkey_data
;
1348 pk
.key
.ec
.qlen
= qlen
;
1349 T0_PUSH(verify_signature(CTX
, &pk
));
1356 size_t elen
= T0_POP();
1357 size_t nlen
= T0_POP();
1360 pk
.key_type
= BR_KEYTYPE_RSA
;
1361 pk
.key
.rsa
.n
= CTX
->pkey_data
;
1362 pk
.key
.rsa
.nlen
= nlen
;
1363 pk
.key
.rsa
.e
= CTX
->pkey_data
+ nlen
;
1364 pk
.key
.rsa
.elen
= elen
;
1365 T0_PUSH(verify_signature(CTX
, &pk
));
1376 T0_PUSH(T0_PEEK(0));
1382 const unsigned char *a2
= &t0_datablock
[T0_POP()];
1383 const unsigned char *a1
= &CTX
->pad
[0];
1387 x
= -(memcmp(a1
+ 1, a2
+ 1, len
) == 0);
1391 T0_PUSH((uint32_t)x
);
1398 size_t len
= T0_POP();
1399 const unsigned char *a2
= (const unsigned char *)CTX
+ T0_POP();
1400 const unsigned char *a1
= (const unsigned char *)CTX
+ T0_POP();
1401 T0_PUSHi(-(memcmp(a1
, a2
, len
) == 0));
1408 CTX
->err
= T0_POPi();
1414 /* get-system-date */
1416 if (CTX
->days
== 0 && CTX
->seconds
== 0) {
1417 #if BR_USE_UNIX_TIME
1418 time_t x
= time(NULL
);
1420 T0_PUSH((uint32_t)(x
/ 86400) + 719528);
1421 T0_PUSH((uint32_t)(x
% 86400));
1422 #elif BR_USE_WIN32_TIME
1426 GetSystemTimeAsFileTime(&ft
);
1427 x
= ((uint64_t)ft
.dwHighDateTime
<< 32)
1428 + (uint64_t)ft
.dwLowDateTime
;
1430 T0_PUSH((uint32_t)(x
/ 86400) + 584754);
1431 T0_PUSH((uint32_t)(x
% 86400));
1433 CTX
->err
= BR_ERR_X509_TIME_UNKNOWN
;
1438 T0_PUSH(CTX
->seconds
);
1446 uint32_t addr
= T0_POP();
1447 T0_PUSH(*(uint16_t *)(void *)((unsigned char *)CTX
+ addr
));
1454 uint32_t addr
= T0_POP();
1455 T0_PUSH(*(uint32_t *)(void *)((unsigned char *)CTX
+ addr
));
1460 /* match-server-name */
1464 if (CTX
->server_name
== NULL
) {
1468 n1
= strlen(CTX
->server_name
);
1470 if (n1
== n2
&& eqnocase(&CTX
->pad
[1], CTX
->server_name
, n1
)) {
1474 if (n2
>= 2 && CTX
->pad
[1] == '*' && CTX
->pad
[2] == '.') {
1478 while (u
< n1
&& CTX
->server_name
[u
] != '.') {
1484 && eqnocase(&CTX
->pad
[3], CTX
->server_name
+ u
, n1
))
1497 uint32_t a
= T0_POP();
1503 /* offset-name-element */
1505 unsigned san
= T0_POP();
1508 for (u
= 0; u
< CTX
->num_name_elts
; u
++) {
1509 if (CTX
->name_elts
[u
].status
== 0) {
1510 const unsigned char *oid
;
1513 oid
= CTX
->name_elts
[u
].oid
;
1515 if (oid
[0] != 0 || oid
[1] != 0) {
1523 if (len
!= 0 && len
== CTX
->pad
[0]
1524 && memcmp(oid
+ off
+ 1,
1525 CTX
->pad
+ 1, len
) == 0)
1539 uint32_t b
= T0_POP();
1540 uint32_t a
= T0_POP();
1547 T0_PUSH(T0_PEEK(1));
1551 /* read-blob-inner */
1553 uint32_t len
= T0_POP();
1554 uint32_t addr
= T0_POP();
1555 size_t clen
= CTX
->hlen
;
1560 memcpy((unsigned char *)CTX
+ addr
, CTX
->hbuf
, clen
);
1562 if (CTX
->do_mhash
) {
1563 br_multihash_update(&CTX
->mhash
, CTX
->hbuf
, clen
);
1565 if (CTX
->do_dn_hash
) {
1566 CTX
->dn_hash_impl
->update(
1567 &CTX
->dn_hash
.vtable
, CTX
->hbuf
, clen
);
1571 T0_PUSH(addr
+ clen
);
1572 T0_PUSH(len
- clen
);
1579 if (CTX
->hlen
== 0) {
1582 unsigned char x
= *CTX
->hbuf
++;
1583 if (CTX
->do_mhash
) {
1584 br_multihash_update(&CTX
->mhash
, &x
, 1);
1586 if (CTX
->do_dn_hash
) {
1587 CTX
->dn_hash_impl
->update(&CTX
->dn_hash
.vtable
, &x
, 1);
1608 uint32_t addr
= T0_POP();
1609 *(uint16_t *)(void *)((unsigned char *)CTX
+ addr
) = T0_POP();
1616 uint32_t addr
= T0_POP();
1617 *(uint32_t *)(void *)((unsigned char *)CTX
+ addr
) = T0_POP();
1624 uint32_t addr
= T0_POP();
1625 *((unsigned char *)CTX
+ addr
) = (unsigned char)T0_POP();
1632 CTX
->dn_hash_impl
->init(&CTX
->dn_hash
.vtable
);
1633 CTX
->do_dn_hash
= 1;
1638 /* start-tbs-hash */
1640 br_multihash_init(&CTX
->mhash
);
1658 /* zero-server-name */
1660 T0_PUSHi(-(CTX
->server_name
== NULL
));
1667 T0_ENTER(ip
, rp
, t0x
);
1671 ((t0_context
*)t0ctx
)->dp
= dp
;
1672 ((t0_context
*)t0ctx
)->rp
= rp
;
1673 ((t0_context
*)t0ctx
)->ip
= ip
;
1679 * Verify the signature on the certificate with the provided public key.
1680 * This function checks the public key type with regards to the expected
1681 * type. Returned value is either 0 on success, or a non-zero error code.
1684 verify_signature(br_x509_minimal_context
*ctx
, const br_x509_pkey
*pk
)
1688 kt
= ctx
->cert_signer_key_type
;
1689 if ((pk
->key_type
& 0x0F) != kt
) {
1690 return BR_ERR_X509_WRONG_KEY_TYPE
;
1693 unsigned char tmp
[64];
1695 case BR_KEYTYPE_RSA
:
1696 if (ctx
->irsa
== 0) {
1697 return BR_ERR_X509_UNSUPPORTED
;
1699 if (!ctx
->irsa(ctx
->cert_sig
, ctx
->cert_sig_len
,
1700 &t0_datablock
[ctx
->cert_sig_hash_oid
],
1701 ctx
->cert_sig_hash_len
, &pk
->key
.rsa
, tmp
))
1703 return BR_ERR_X509_BAD_SIGNATURE
;
1705 if (memcmp(ctx
->tbs_hash
, tmp
, ctx
->cert_sig_hash_len
) != 0) {
1706 return BR_ERR_X509_BAD_SIGNATURE
;
1711 if (ctx
->iecdsa
== 0) {
1712 return BR_ERR_X509_UNSUPPORTED
;
1714 if (!ctx
->iecdsa(ctx
->iec
, ctx
->tbs_hash
,
1715 ctx
->cert_sig_hash_len
, &pk
->key
.ec
,
1716 ctx
->cert_sig
, ctx
->cert_sig_len
))
1718 return BR_ERR_X509_BAD_SIGNATURE
;
1723 return BR_ERR_X509_UNSUPPORTED
;