1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 /* static const unsigned char t0_datablock[]; */
64 void br_x509_minimal_init_main(void *t0ctx
);
66 void br_x509_minimal_run(void *t0ctx
);
79 * Implementation Notes
80 * --------------------
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
89 * The T0 code sets cert_length to 0 when the certificate is fully
92 * The C code must still perform two checks:
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
102 * Processing of a chain works in the following way:
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
113 * -- Start of the TBS: the multihash engine is reset and activated.
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
157 * -- Extensions: extension values are processed in due order.
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path length compatible with
161 * the chain length so far.
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
181 * -- End of the TBS: the multihash engine is stopped.
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
190 * -- Signature value: the signature value is copied into the
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
207 #if BR_USE_WIN32_TIME
212 * The T0 compiler will produce these prototypes declarations in the
215 void br_x509_minimal_init_main(void *ctx);
216 void br_x509_minimal_run(void *ctx);
219 /* see bearssl_x509.h */
221 br_x509_minimal_init(br_x509_minimal_context
*ctx
,
222 const br_hash_class
*dn_hash_impl
,
223 const br_x509_trust_anchor
*trust_anchors
, size_t trust_anchors_num
)
225 memset(ctx
, 0, sizeof *ctx
);
226 ctx
->vtable
= &br_x509_minimal_vtable
;
227 ctx
->dn_hash_impl
= dn_hash_impl
;
228 ctx
->trust_anchors
= trust_anchors
;
229 ctx
->trust_anchors_num
= trust_anchors_num
;
233 xm_start_chain(const br_x509_class
**ctx
, const char *server_name
)
235 br_x509_minimal_context
*cc
;
238 cc
= (br_x509_minimal_context
*)(void *)ctx
;
239 for (u
= 0; u
< cc
->num_name_elts
; u
++) {
240 cc
->name_elts
[u
].status
= 0;
241 cc
->name_elts
[u
].buf
[0] = 0;
243 memset(&cc
->pkey
, 0, sizeof cc
->pkey
);
246 cc
->cpu
.dp
= cc
->dp_stack
;
247 cc
->cpu
.rp
= cc
->rp_stack
;
248 br_x509_minimal_init_main(&cc
->cpu
);
249 if (server_name
== NULL
|| *server_name
== 0) {
250 cc
->server_name
= NULL
;
252 cc
->server_name
= server_name
;
257 xm_start_cert(const br_x509_class
**ctx
, uint32_t length
)
259 br_x509_minimal_context
*cc
;
261 cc
= (br_x509_minimal_context
*)(void *)ctx
;
266 cc
->err
= BR_ERR_X509_TRUNCATED
;
269 cc
->cert_length
= length
;
273 xm_append(const br_x509_class
**ctx
, const unsigned char *buf
, size_t len
)
275 br_x509_minimal_context
*cc
;
277 cc
= (br_x509_minimal_context
*)(void *)ctx
;
283 br_x509_minimal_run(&cc
->cpu
);
287 xm_end_cert(const br_x509_class
**ctx
)
289 br_x509_minimal_context
*cc
;
291 cc
= (br_x509_minimal_context
*)(void *)ctx
;
292 if (cc
->err
== 0 && cc
->cert_length
!= 0) {
293 cc
->err
= BR_ERR_X509_TRUNCATED
;
299 xm_end_chain(const br_x509_class
**ctx
)
301 br_x509_minimal_context
*cc
;
303 cc
= (br_x509_minimal_context
*)(void *)ctx
;
305 if (cc
->num_certs
== 0) {
306 cc
->err
= BR_ERR_X509_EMPTY_CHAIN
;
308 cc
->err
= BR_ERR_X509_NOT_TRUSTED
;
310 } else if (cc
->err
== BR_ERR_X509_OK
) {
313 return (unsigned)cc
->err
;
316 static const br_x509_pkey
*
317 xm_get_pkey(const br_x509_class
*const *ctx
, unsigned *usages
)
319 br_x509_minimal_context
*cc
;
321 cc
= (br_x509_minimal_context
*)(void *)ctx
;
322 if (cc
->err
== BR_ERR_X509_OK
323 || cc
->err
== BR_ERR_X509_NOT_TRUSTED
)
325 if (usages
!= NULL
) {
326 *usages
= cc
->key_usages
;
328 return &((br_x509_minimal_context
*)(void *)ctx
)->pkey
;
334 /* see bearssl_x509.h */
335 const br_x509_class br_x509_minimal_vtable
= {
336 sizeof(br_x509_minimal_context
),
345 #define CTX ((br_x509_minimal_context *)(void *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
346 #define CONTEXT_NAME br_x509_minimal_context
348 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
351 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
352 * DN hash implementation and context structure from the X.509 engine
356 hash_dn(br_x509_minimal_context
*ctx
, const void *dn
, size_t len
,
359 ctx
->dn_hash_impl
->init(&ctx
->dn_hash
.vtable
);
360 ctx
->dn_hash_impl
->update(&ctx
->dn_hash
.vtable
, dn
, len
);
361 ctx
->dn_hash_impl
->out(&ctx
->dn_hash
.vtable
, out
);
365 * Compare two big integers for equality. The integers use unsigned big-endian
366 * encoding; extra leading bytes (of value 0) are allowed.
369 eqbigint(const unsigned char *b1
, size_t len1
,
370 const unsigned char *b2
, size_t len2
)
372 while (len1
> 0 && *b1
== 0) {
376 while (len2
> 0 && *b2
== 0) {
383 return memcmp(b1
, b2
, len1
) == 0;
387 * Compare two strings for equality, in a case-insensitive way. This
388 * function handles casing only for ASCII letters.
391 eqnocase(const void *s1
, const void *s2
, size_t len
)
393 const unsigned char *buf1
, *buf2
;
402 if (x1
>= 'A' && x1
<= 'Z') {
405 if (x2
>= 'A' && x2
<= 'Z') {
415 static int verify_signature(br_x509_minimal_context
*ctx
,
416 const br_x509_pkey
*pk
);
420 static const unsigned char t0_datablock
[] = {
421 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
422 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
423 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
424 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
425 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
426 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
427 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
428 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
429 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
430 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
431 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
432 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
433 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
434 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
435 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
436 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
437 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
438 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
439 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
440 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
441 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01,
442 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D,
443 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D,
444 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
445 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
448 static const unsigned char t0_codeblock
[] = {
449 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
450 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
451 0x00, 0x00, 0x25, 0x25, 0x00, 0x00, 0x01,
452 T0_INT1(BR_ERR_X509_BAD_BOOLEAN
), 0x00, 0x00, 0x01,
453 T0_INT1(BR_ERR_X509_BAD_DN
), 0x00, 0x00, 0x01,
454 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME
), 0x00, 0x00, 0x01,
455 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS
), 0x00, 0x00, 0x01,
456 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE
), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_X509_BAD_TIME
), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION
), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_X509_DN_MISMATCH
), 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_X509_EXPIRED
), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT
), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE
), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH
), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_X509_INNER_TRUNC
), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_NOT_CA
), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED
), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE
), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_OVERFLOW
), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_PARTIAL_BYTE
), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_UNEXPECTED
), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_UNSUPPORTED
), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY
), 0x00, 0x00, 0x01,
474 T0_INT1(BR_KEYTYPE_EC
), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA
),
475 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_length
)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig
)), 0x00, 0x00,
477 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_len
)), 0x00, 0x00,
478 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_oid
)), 0x00, 0x00,
479 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_len
)), 0x00, 0x00, 0x01,
480 T0_INT2(offsetof(CONTEXT_NAME
, cert_signer_key_type
)), 0x00, 0x00,
481 0x01, T0_INT2(offsetof(CONTEXT_NAME
, current_dn_hash
)), 0x00, 0x00,
482 0x01, T0_INT2(offsetof(CONTEXT_NAME
, key_usages
)), 0x00, 0x00, 0x01,
483 T0_INT2(offsetof(br_x509_minimal_context
, pkey_data
)), 0x01,
484 T0_INT2(BR_X509_BUFSIZE_KEY
), 0x00, 0x00, 0x01,
485 T0_INT2(offsetof(CONTEXT_NAME
, min_rsa_size
)), 0x00, 0x00, 0x01,
486 T0_INT2(offsetof(CONTEXT_NAME
, next_dn_hash
)), 0x00, 0x00, 0x01,
487 T0_INT2(offsetof(CONTEXT_NAME
, num_certs
)), 0x00, 0x00, 0x01,
488 T0_INT2(offsetof(CONTEXT_NAME
, pad
)), 0x00, 0x00, 0x01,
489 T0_INT2(offsetof(CONTEXT_NAME
, saved_dn_hash
)), 0x00, 0x00, 0x01, 0x80,
490 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00, 0x01, 0x81, 0x02, 0x00,
491 0x00, 0x8F, 0x05, 0x05, 0x33, 0x41, 0x01, 0x00, 0x00, 0x33, 0x01, 0x0A,
492 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x82,
493 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00, 0x01, 0x81, 0x68, 0x00,
494 0x02, 0x03, 0x00, 0x03, 0x01, 0x26, 0x02, 0x01, 0x13, 0x3A, 0x02, 0x00,
495 0x0F, 0x15, 0x00, 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x51,
496 0x29, 0x00, 0x00, 0x06, 0x02, 0x52, 0x29, 0x00, 0x00, 0x01, 0x10, 0x74,
497 0x00, 0x00, 0x11, 0x05, 0x02, 0x55, 0x29, 0x71, 0x00, 0x00, 0x11, 0x05,
498 0x02, 0x55, 0x29, 0x72, 0x00, 0x00, 0x06, 0x02, 0x4B, 0x29, 0x00, 0x00,
499 0x01, 0x82, 0x11, 0x00, 0x00, 0x26, 0x21, 0x01, 0x08, 0x0E, 0x3A, 0x3F,
500 0x21, 0x09, 0x00, 0x0B, 0x03, 0x00, 0x5A, 0x2B, 0xAC, 0x38, 0xAC, 0xB0,
501 0x26, 0x01, 0x20, 0x11, 0x06, 0x11, 0x25, 0x71, 0xAA, 0xB0, 0x01, 0x02,
502 0x75, 0xAD, 0x01, 0x02, 0x12, 0x06, 0x02, 0x56, 0x29, 0x76, 0xB0, 0x01,
503 0x02, 0x75, 0xAB, 0xAC, 0xBF, 0x99, 0x64, 0x60, 0x22, 0x16, 0xAC, 0xA4,
504 0x03, 0x01, 0x03, 0x02, 0xA4, 0x02, 0x02, 0x02, 0x01, 0x19, 0x06, 0x02,
505 0x4A, 0x29, 0x76, 0x02, 0x00, 0x06, 0x05, 0x9A, 0x03, 0x03, 0x04, 0x09,
506 0x99, 0x60, 0x67, 0x22, 0x28, 0x05, 0x02, 0x49, 0x29, 0x67, 0x64, 0x22,
507 0x16, 0xAC, 0xAC, 0x9B, 0x05, 0x02, 0x56, 0x29, 0xB9, 0x27, 0x06, 0x27,
508 0xBF, 0xA1, 0xAC, 0x62, 0xA7, 0x03, 0x05, 0x62, 0x3A, 0x02, 0x05, 0x09,
509 0x3A, 0x02, 0x05, 0x0A, 0xA7, 0x03, 0x06, 0x76, 0x63, 0x2A, 0x01, 0x81,
510 0x00, 0x09, 0x02, 0x05, 0x12, 0x06, 0x02, 0x57, 0x29, 0x76, 0x59, 0x03,
511 0x04, 0x04, 0x3A, 0x85, 0x27, 0x06, 0x34, 0x9B, 0x05, 0x02, 0x56, 0x29,
512 0x68, 0x27, 0x06, 0x04, 0x01, 0x17, 0x04, 0x12, 0x69, 0x27, 0x06, 0x04,
513 0x01, 0x18, 0x04, 0x0A, 0x6A, 0x27, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02,
514 0x56, 0x29, 0x03, 0x07, 0x76, 0xA1, 0x26, 0x03, 0x08, 0x26, 0x62, 0x33,
515 0x0D, 0x06, 0x02, 0x4F, 0x29, 0xA2, 0x58, 0x03, 0x04, 0x04, 0x02, 0x56,
516 0x29, 0x76, 0x02, 0x00, 0x06, 0x21, 0x02, 0x04, 0x59, 0x30, 0x11, 0x06,
517 0x08, 0x25, 0x02, 0x05, 0x02, 0x06, 0x1E, 0x04, 0x10, 0x58, 0x30, 0x11,
518 0x06, 0x08, 0x25, 0x02, 0x07, 0x02, 0x08, 0x1D, 0x04, 0x03, 0x56, 0x29,
519 0x25, 0x04, 0x24, 0x02, 0x04, 0x59, 0x30, 0x11, 0x06, 0x08, 0x25, 0x02,
520 0x05, 0x02, 0x06, 0x24, 0x04, 0x10, 0x58, 0x30, 0x11, 0x06, 0x08, 0x25,
521 0x02, 0x07, 0x02, 0x08, 0x23, 0x04, 0x03, 0x56, 0x29, 0x25, 0x26, 0x06,
522 0x01, 0x29, 0x25, 0x01, 0x00, 0x03, 0x09, 0xB1, 0x01, 0x21, 0x8C, 0x01,
523 0x22, 0x8C, 0x26, 0x01, 0x23, 0x11, 0x06, 0x81, 0x26, 0x25, 0x71, 0xAA,
524 0xAC, 0x26, 0x06, 0x81, 0x1A, 0x01, 0x00, 0x03, 0x0A, 0xAC, 0x9B, 0x25,
525 0xB0, 0x26, 0x01, 0x01, 0x11, 0x06, 0x04, 0xA3, 0x03, 0x0A, 0xB0, 0x01,
526 0x04, 0x75, 0xAA, 0x6E, 0x27, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC0,
527 0x04, 0x05, 0x96, 0x01, 0x7F, 0x03, 0x09, 0x04, 0x80, 0x6C, 0x8E, 0x27,
528 0x06, 0x06, 0x02, 0x00, 0x98, 0x04, 0x80, 0x62, 0xC2, 0x27, 0x06, 0x11,
529 0x02, 0x00, 0x06, 0x09, 0x01, 0x00, 0x03, 0x03, 0x95, 0x03, 0x03, 0x04,
530 0x01, 0xC0, 0x04, 0x80, 0x4D, 0x70, 0x27, 0x06, 0x0A, 0x02, 0x0A, 0x06,
531 0x03, 0x97, 0x04, 0x01, 0xC0, 0x04, 0x3F, 0x6D, 0x27, 0x06, 0x03, 0xC0,
532 0x04, 0x38, 0xC5, 0x27, 0x06, 0x03, 0xC0, 0x04, 0x31, 0x8D, 0x27, 0x06,
533 0x03, 0xC0, 0x04, 0x2A, 0xC3, 0x27, 0x06, 0x03, 0xC0, 0x04, 0x23, 0x77,
534 0x27, 0x06, 0x03, 0xC0, 0x04, 0x1C, 0x82, 0x27, 0x06, 0x03, 0xC0, 0x04,
535 0x15, 0x6C, 0x27, 0x06, 0x03, 0xC0, 0x04, 0x0E, 0xC4, 0x27, 0x06, 0x03,
536 0xC0, 0x04, 0x07, 0x02, 0x0A, 0x06, 0x02, 0x48, 0x29, 0xC0, 0x76, 0x76,
537 0x04, 0xFE, 0x62, 0x76, 0x76, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02,
538 0x55, 0x29, 0x25, 0x76, 0x39, 0x02, 0x00, 0x06, 0x08, 0x02, 0x03, 0x3B,
539 0x2F, 0x05, 0x02, 0x44, 0x29, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00,
540 0x02, 0x09, 0x2F, 0x05, 0x02, 0x50, 0x29, 0xB0, 0x73, 0xAA, 0x9B, 0x06,
541 0x80, 0x77, 0xBA, 0x27, 0x06, 0x07, 0x01, 0x02, 0x59, 0x87, 0x04, 0x80,
542 0x5E, 0xBB, 0x27, 0x06, 0x07, 0x01, 0x03, 0x59, 0x88, 0x04, 0x80, 0x53,
543 0xBC, 0x27, 0x06, 0x07, 0x01, 0x04, 0x59, 0x89, 0x04, 0x80, 0x48, 0xBD,
544 0x27, 0x06, 0x06, 0x01, 0x05, 0x59, 0x8A, 0x04, 0x3E, 0xBE, 0x27, 0x06,
545 0x06, 0x01, 0x06, 0x59, 0x8B, 0x04, 0x34, 0x7C, 0x27, 0x06, 0x06, 0x01,
546 0x02, 0x58, 0x87, 0x04, 0x2A, 0x7D, 0x27, 0x06, 0x06, 0x01, 0x03, 0x58,
547 0x88, 0x04, 0x20, 0x7E, 0x27, 0x06, 0x06, 0x01, 0x04, 0x58, 0x89, 0x04,
548 0x16, 0x7F, 0x27, 0x06, 0x06, 0x01, 0x05, 0x58, 0x8A, 0x04, 0x0C, 0x80,
549 0x27, 0x06, 0x06, 0x01, 0x06, 0x58, 0x8B, 0x04, 0x02, 0x56, 0x29, 0x5D,
550 0x34, 0x5F, 0x36, 0x1C, 0x26, 0x05, 0x02, 0x56, 0x29, 0x5C, 0x36, 0x04,
551 0x02, 0x56, 0x29, 0xBF, 0xA1, 0x26, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG
),
552 0x12, 0x06, 0x02, 0x4F, 0x29, 0x26, 0x5E, 0x34, 0x5B, 0xA2, 0x76, 0x76,
553 0x01, 0x00, 0x5A, 0x35, 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x26, 0x01,
554 0x00, 0x01, 0x09, 0x6F, 0x05, 0x02, 0x47, 0x29, 0x00, 0x00, 0x30, 0x30,
555 0x00, 0x00, 0x01, 0x81, 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00,
556 0x01, 0x81, 0x19, 0x00, 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81,
557 0x2B, 0x00, 0x01, 0x7B, 0x01, 0x01, 0x11, 0x3A, 0x01, 0x83, 0xFD, 0x7F,
558 0x11, 0x15, 0x06, 0x03, 0x3A, 0x25, 0x00, 0x3A, 0x26, 0x03, 0x00, 0x26,
559 0xC6, 0x05, 0x04, 0x41, 0x01, 0x00, 0x00, 0x26, 0x01, 0x81, 0x00, 0x0D,
560 0x06, 0x04, 0x93, 0x04, 0x80, 0x49, 0x26, 0x01, 0x90, 0x00, 0x0D, 0x06,
561 0x0F, 0x01, 0x06, 0x14, 0x01, 0x81, 0x40, 0x2F, 0x93, 0x02, 0x00, 0x01,
562 0x00, 0x94, 0x04, 0x33, 0x26, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14,
563 0x01, 0x0C, 0x14, 0x01, 0x81, 0x60, 0x2F, 0x93, 0x02, 0x00, 0x01, 0x06,
564 0x94, 0x02, 0x00, 0x01, 0x00, 0x94, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01,
565 0x81, 0x70, 0x2F, 0x93, 0x02, 0x00, 0x01, 0x0C, 0x94, 0x02, 0x00, 0x01,
566 0x06, 0x94, 0x02, 0x00, 0x01, 0x00, 0x94, 0x00, 0x00, 0x01, 0x82, 0x15,
567 0x00, 0x00, 0x26, 0x01, 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x6F,
568 0x00, 0x00, 0x01, 0x81, 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00,
569 0x01, 0x81, 0x78, 0x00, 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43,
570 0x00, 0x00, 0x01, 0x80, 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00,
571 0x01, 0x80, 0x61, 0x00, 0x00, 0x30, 0x11, 0x06, 0x04, 0x41, 0xAA, 0xBF,
572 0xB1, 0x00, 0x00, 0x01, 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00,
573 0x00, 0x26, 0x01, 0x83, 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x6F, 0x00,
574 0x00, 0x01, 0x30, 0x61, 0x36, 0x01, 0x7F, 0x79, 0x1A, 0x01, 0x00, 0x79,
575 0x1A, 0x04, 0x7A, 0x00, 0x01, 0x81, 0x38, 0x00, 0x01, 0x7B, 0x0D, 0x06,
576 0x02, 0x4E, 0x29, 0x26, 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30,
577 0x26, 0x3E, 0x3A, 0x01, 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x41, 0x01,
578 0x00, 0x00, 0x30, 0x66, 0x09, 0x36, 0x3F, 0x00, 0x00, 0x14, 0x01, 0x3F,
579 0x15, 0x01, 0x81, 0x00, 0x2F, 0x93, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00,
580 0xAC, 0x26, 0x06, 0x80, 0x59, 0xB0, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17,
581 0x25, 0x71, 0xAA, 0x9B, 0x25, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB0, 0x01,
582 0x20, 0x74, 0xAA, 0xAF, 0x02, 0x01, 0x20, 0x76, 0x76, 0x04, 0x38, 0x01,
583 0x21, 0x30, 0x11, 0x06, 0x08, 0x25, 0x72, 0xB3, 0x01, 0x01, 0x1F, 0x04,
584 0x2A, 0x01, 0x22, 0x30, 0x11, 0x06, 0x11, 0x25, 0x72, 0xB3, 0x26, 0x06,
585 0x06, 0x2C, 0x02, 0x00, 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1F, 0x04, 0x13,
586 0x01, 0x26, 0x30, 0x11, 0x06, 0x08, 0x25, 0x72, 0xB3, 0x01, 0x06, 0x1F,
587 0x04, 0x05, 0x41, 0xAB, 0x01, 0x00, 0x25, 0x04, 0xFF, 0x23, 0x76, 0x02,
588 0x00, 0x00, 0x00, 0xAC, 0xB1, 0x26, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA3,
589 0x05, 0x02, 0x50, 0x29, 0xB1, 0x04, 0x02, 0x50, 0x29, 0x26, 0x01, 0x02,
590 0x11, 0x06, 0x0C, 0x25, 0x72, 0xAD, 0x65, 0x2B, 0x40, 0x0D, 0x06, 0x02,
591 0x50, 0x29, 0xB1, 0x01, 0x7F, 0x10, 0x06, 0x02, 0x55, 0x29, 0x25, 0x76,
592 0x00, 0x00, 0xAC, 0x26, 0x06, 0x1A, 0xAC, 0x9B, 0x25, 0x26, 0x06, 0x11,
593 0xAC, 0x26, 0x06, 0x0C, 0xAC, 0x9B, 0x25, 0x86, 0x27, 0x05, 0x02, 0x48,
594 0x29, 0xBF, 0x04, 0x71, 0x76, 0x76, 0x04, 0x63, 0x76, 0x00, 0x02, 0x03,
595 0x00, 0xB0, 0x01, 0x03, 0x75, 0xAA, 0xB7, 0x03, 0x01, 0x02, 0x01, 0x01,
596 0x07, 0x12, 0x06, 0x02, 0x55, 0x29, 0x26, 0x01, 0x00, 0x30, 0x11, 0x06,
597 0x05, 0x25, 0x4C, 0x29, 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A,
598 0x25, 0xB7, 0x02, 0x01, 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x25, 0xB7,
599 0x01, 0x00, 0x25, 0x02, 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38,
600 0x15, 0x06, 0x03, 0x01, 0x10, 0x2F, 0x3A, 0x01, 0x81, 0x40, 0x15, 0x06,
601 0x03, 0x01, 0x20, 0x2F, 0x61, 0x36, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05,
602 0x02, 0x4C, 0x29, 0xBF, 0x00, 0x00, 0x37, 0xAC, 0xBF, 0x1B, 0x00, 0x03,
603 0x01, 0x00, 0x03, 0x00, 0x37, 0xAC, 0x26, 0x06, 0x30, 0xB0, 0x01, 0x11,
604 0x74, 0xAA, 0x26, 0x05, 0x02, 0x43, 0x29, 0x26, 0x06, 0x20, 0xAC, 0x9B,
605 0x25, 0x84, 0x27, 0x03, 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xAF, 0x26,
606 0x02, 0x01, 0x15, 0x06, 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00,
607 0x02, 0x02, 0x20, 0x76, 0x04, 0x5D, 0x76, 0x04, 0x4D, 0x76, 0x1B, 0x02,
608 0x00, 0x00, 0x00, 0xB0, 0x01, 0x06, 0x75, 0xAE, 0x00, 0x00, 0xB5, 0x83,
609 0x06, 0x0E, 0x3A, 0x26, 0x05, 0x06, 0x41, 0x01, 0x00, 0x01, 0x00, 0x00,
610 0xB5, 0x6B, 0x04, 0x08, 0x8F, 0x06, 0x05, 0x25, 0x01, 0x00, 0x04, 0x00,
611 0x00, 0x00, 0xB6, 0x83, 0x06, 0x0E, 0x3A, 0x26, 0x05, 0x06, 0x41, 0x01,
612 0x00, 0x01, 0x00, 0x00, 0xB6, 0x6B, 0x04, 0x08, 0x8F, 0x06, 0x05, 0x25,
613 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB7, 0x26, 0x01, 0x81, 0x00, 0x0D,
614 0x06, 0x04, 0x00, 0x04, 0x80, 0x55, 0x26, 0x01, 0x81, 0x40, 0x0D, 0x06,
615 0x07, 0x25, 0x01, 0x00, 0x00, 0x04, 0x80, 0x47, 0x26, 0x01, 0x81, 0x60,
616 0x0D, 0x06, 0x0E, 0x01, 0x1F, 0x15, 0x01, 0x01, 0xA0, 0x01, 0x81, 0x00,
617 0x01, 0x8F, 0x7F, 0x04, 0x32, 0x26, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F,
618 0x01, 0x0F, 0x15, 0x01, 0x02, 0xA0, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF,
619 0x7F, 0x04, 0x1C, 0x26, 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07,
620 0x15, 0x01, 0x03, 0xA0, 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF,
621 0x7F, 0x04, 0x04, 0x25, 0x01, 0x00, 0x00, 0x6F, 0x05, 0x03, 0x25, 0x01,
622 0x00, 0x00, 0x00, 0x3A, 0x26, 0x05, 0x06, 0x41, 0x01, 0x00, 0x01, 0x7F,
623 0x00, 0xB7, 0x33, 0x26, 0x3C, 0x06, 0x03, 0x3A, 0x25, 0x00, 0x01, 0x06,
624 0x0E, 0x3A, 0x26, 0x01, 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x41,
625 0x01, 0x7F, 0x00, 0x01, 0x3F, 0x15, 0x09, 0x00, 0x00, 0x26, 0x06, 0x06,
626 0x0B, 0x9F, 0x33, 0x40, 0x04, 0x77, 0x25, 0x26, 0x00, 0x00, 0xB0, 0x01,
627 0x03, 0x75, 0xAA, 0xB7, 0x06, 0x02, 0x54, 0x29, 0x00, 0x00, 0x3A, 0x26,
628 0x06, 0x07, 0x31, 0x26, 0x06, 0x01, 0x1A, 0x04, 0x76, 0x41, 0x00, 0x00,
629 0x01, 0x01, 0x75, 0xA9, 0x01, 0x01, 0x10, 0x06, 0x02, 0x42, 0x29, 0xB7,
630 0x3D, 0x00, 0x04, 0xB0, 0x26, 0x01, 0x17, 0x01, 0x18, 0x6F, 0x05, 0x02,
631 0x47, 0x29, 0x01, 0x18, 0x11, 0x03, 0x00, 0x72, 0xAA, 0xA5, 0x02, 0x00,
632 0x06, 0x0C, 0x01, 0x80, 0x64, 0x08, 0x03, 0x01, 0xA5, 0x02, 0x01, 0x09,
633 0x04, 0x0E, 0x26, 0x01, 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09,
634 0x01, 0x8E, 0x6C, 0x09, 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08,
635 0x02, 0x01, 0x01, 0x03, 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01,
636 0x80, 0x63, 0x09, 0x01, 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83,
637 0x0F, 0x09, 0x01, 0x83, 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01,
638 0x0C, 0xA6, 0x40, 0x01, 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3E,
639 0x02, 0x01, 0x01, 0x80, 0x64, 0x07, 0x3D, 0x02, 0x01, 0x01, 0x83, 0x10,
640 0x07, 0x3E, 0x2F, 0x15, 0x06, 0x03, 0x01, 0x18, 0x09, 0x91, 0x09, 0x78,
641 0x26, 0x01, 0x05, 0x14, 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15,
642 0x01, 0x01, 0x3A, 0xA6, 0x02, 0x03, 0x09, 0x40, 0x03, 0x03, 0x01, 0x00,
643 0x01, 0x17, 0xA6, 0x01, 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01,
644 0x3B, 0xA6, 0x01, 0x3C, 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00,
645 0x01, 0x3C, 0xA6, 0x02, 0x02, 0x09, 0x03, 0x02, 0xB7, 0x26, 0x01, 0x2E,
646 0x11, 0x06, 0x0D, 0x25, 0xB7, 0x26, 0x01, 0x30, 0x01, 0x39, 0x6F, 0x06,
647 0x03, 0x25, 0x04, 0x74, 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x47, 0x29,
648 0x76, 0x02, 0x03, 0x02, 0x02, 0x00, 0x01, 0xB7, 0x7A, 0x01, 0x0A, 0x08,
649 0x03, 0x00, 0xB7, 0x7A, 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03,
650 0x01, 0xA5, 0x26, 0x02, 0x01, 0x02, 0x00, 0x6F, 0x05, 0x02, 0x47, 0x29,
651 0x00, 0x00, 0x33, 0xB0, 0x01, 0x02, 0x75, 0x0B, 0xA8, 0x00, 0x03, 0x26,
652 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0xAA, 0xB7, 0x26, 0x01, 0x81, 0x00,
653 0x13, 0x06, 0x02, 0x53, 0x29, 0x26, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x25,
654 0x26, 0x05, 0x04, 0x25, 0x01, 0x00, 0x00, 0xB7, 0x04, 0x6F, 0x02, 0x01,
655 0x26, 0x05, 0x02, 0x4F, 0x29, 0x40, 0x03, 0x01, 0x02, 0x02, 0x36, 0x02,
656 0x02, 0x3F, 0x03, 0x02, 0x26, 0x06, 0x03, 0xB7, 0x04, 0x68, 0x25, 0x02,
657 0x00, 0x02, 0x01, 0x0A, 0x00, 0x01, 0xB7, 0x26, 0x01, 0x81, 0x00, 0x0D,
658 0x06, 0x01, 0x00, 0x01, 0x81, 0x00, 0x0A, 0x26, 0x05, 0x02, 0x4D, 0x29,
659 0x03, 0x00, 0x01, 0x00, 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02,
660 0x00, 0x40, 0x03, 0x00, 0x26, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06,
661 0x02, 0x4E, 0x29, 0x01, 0x08, 0x0E, 0x3A, 0xB7, 0x33, 0x09, 0x04, 0x60,
662 0x00, 0x00, 0xA9, 0x92, 0x00, 0x00, 0xAA, 0xBF, 0x00, 0x00, 0xB0, 0x73,
663 0xAA, 0x00, 0x01, 0xAA, 0x26, 0x05, 0x02, 0x53, 0x29, 0xB7, 0x26, 0x01,
664 0x81, 0x00, 0x13, 0x06, 0x02, 0x53, 0x29, 0x03, 0x00, 0x26, 0x06, 0x16,
665 0xB7, 0x02, 0x00, 0x26, 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02,
666 0x53, 0x29, 0x01, 0x08, 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x25, 0x02,
667 0x00, 0x00, 0x00, 0xAA, 0x26, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xBF,
668 0x01, 0x00, 0x66, 0x36, 0x01, 0x00, 0x00, 0x26, 0x66, 0x36, 0x66, 0x3F,
669 0xA2, 0x01, 0x7F, 0x00, 0x00, 0xB0, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05,
670 0x25, 0x72, 0xB3, 0x04, 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x25,
671 0x72, 0xB4, 0x04, 0x33, 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72,
672 0xB4, 0x04, 0x28, 0x01, 0x14, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 0xB4,
673 0x04, 0x1D, 0x01, 0x16, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 0xB4, 0x04,
674 0x12, 0x01, 0x1E, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 0xB2, 0x04, 0x07,
675 0x41, 0xAB, 0x01, 0x00, 0x01, 0x00, 0x25, 0x00, 0x01, 0xB7, 0x03, 0x00,
676 0x02, 0x00, 0x01, 0x05, 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01,
677 0x06, 0x14, 0x26, 0x01, 0x01, 0x15, 0x06, 0x02, 0x45, 0x29, 0x01, 0x04,
678 0x0E, 0x02, 0x00, 0x01, 0x1F, 0x15, 0x26, 0x01, 0x1F, 0x11, 0x06, 0x02,
679 0x46, 0x29, 0x09, 0x00, 0x00, 0x26, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F,
680 0x00, 0xB0, 0x00, 0x01, 0xAA, 0x26, 0x05, 0x05, 0x66, 0x36, 0x01, 0x7F,
681 0x00, 0x01, 0x01, 0x03, 0x00, 0x9C, 0x26, 0x01, 0x83, 0xFF, 0x7E, 0x11,
682 0x06, 0x16, 0x25, 0x26, 0x06, 0x10, 0x9D, 0x26, 0x05, 0x05, 0x25, 0xBF,
683 0x01, 0x00, 0x00, 0x02, 0x00, 0x81, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B,
684 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 0x81, 0x03,
685 0x00, 0x26, 0x06, 0x0B, 0x9C, 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00,
686 0x00, 0x04, 0x6D, 0x25, 0x02, 0x00, 0x26, 0x05, 0x01, 0x00, 0x40, 0x66,
687 0x36, 0x01, 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 0x26, 0x06,
688 0x10, 0x9E, 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00,
689 0x81, 0x03, 0x00, 0x04, 0x6D, 0x25, 0x02, 0x00, 0x26, 0x05, 0x01, 0x00,
690 0x40, 0x66, 0x36, 0x01, 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00,
691 0x26, 0x06, 0x10, 0xB7, 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 0x00,
692 0x02, 0x00, 0x81, 0x03, 0x00, 0x04, 0x6D, 0x25, 0x02, 0x00, 0x26, 0x05,
693 0x01, 0x00, 0x40, 0x66, 0x36, 0x01, 0x7F, 0x00, 0x00, 0xB7, 0x01, 0x08,
694 0x0E, 0x3A, 0xB7, 0x33, 0x09, 0x00, 0x00, 0xB7, 0x3A, 0xB7, 0x01, 0x08,
695 0x0E, 0x33, 0x09, 0x00, 0x00, 0x26, 0x05, 0x02, 0x4E, 0x29, 0x40, 0xB8,
696 0x00, 0x00, 0x32, 0x26, 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x25, 0x1A,
697 0x04, 0x74, 0x00, 0x01, 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01,
698 0x15, 0x00, 0x00, 0x01, 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01,
699 0x33, 0x00, 0x00, 0xC0, 0x25, 0x00, 0x00, 0x26, 0x06, 0x07, 0xC1, 0x26,
700 0x06, 0x01, 0x1A, 0x04, 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B,
701 0x41, 0x00, 0x00, 0x01, 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00,
702 0x00, 0x01, 0x82, 0x22, 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x26,
703 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFB, 0x6F, 0x6F, 0x06, 0x04, 0x25,
704 0x01, 0x00, 0x00, 0x26, 0x01, 0x83, 0xB0, 0x00, 0x01, 0x83, 0xBF, 0x7F,
705 0x6F, 0x06, 0x04, 0x25, 0x01, 0x00, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x15,
706 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
709 static const uint16_t t0_caddr
[] = {
851 #define T0_INTERPRETED 60
853 #define T0_ENTER(ip, rp, slot) do { \
854 const unsigned char *t0_newip; \
856 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
857 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
859 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
863 #define T0_DEFENTRY(name, slot) \
867 t0_context *t0ctx = ctx; \
868 t0ctx->ip = &t0_codeblock[0]; \
869 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
872 T0_DEFENTRY(br_x509_minimal_init_main
, 144)
874 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
877 br_x509_minimal_run(void *t0ctx
)
880 const unsigned char *ip
;
882 #define T0_LOCAL(x) (*(rp - 2 - (x)))
883 #define T0_POP() (*-- dp)
884 #define T0_POPi() (*(int32_t *)(-- dp))
885 #define T0_PEEK(x) (*(dp - 1 - (x)))
886 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
887 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
888 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
889 #define T0_RPOP() (*-- rp)
890 #define T0_RPOPi() (*(int32_t *)(-- rp))
891 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
892 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
893 #define T0_ROLL(x) do { \
894 size_t t0len = (size_t)(x); \
895 uint32_t t0tmp = *(dp - 1 - t0len); \
896 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
899 #define T0_SWAP() do { \
900 uint32_t t0tmp = *(dp - 2); \
901 *(dp - 2) = *(dp - 1); \
904 #define T0_ROT() do { \
905 uint32_t t0tmp = *(dp - 3); \
906 *(dp - 3) = *(dp - 2); \
907 *(dp - 2) = *(dp - 1); \
910 #define T0_NROT() do { \
911 uint32_t t0tmp = *(dp - 1); \
912 *(dp - 1) = *(dp - 2); \
913 *(dp - 2) = *(dp - 3); \
916 #define T0_PICK(x) do { \
917 uint32_t t0depth = (x); \
918 T0_PUSH(T0_PEEK(t0depth)); \
920 #define T0_CO() do { \
923 #define T0_RET() goto t0_next
925 dp
= ((t0_context
*)t0ctx
)->dp
;
926 rp
= ((t0_context
*)t0ctx
)->rp
;
927 ip
= ((t0_context
*)t0ctx
)->ip
;
934 if (t0x
< T0_INTERPRETED
) {
946 ip
= &t0_codeblock
[t0x
];
948 case 1: /* literal constant */
949 T0_PUSHi(t0_parse7E_signed(&ip
));
951 case 2: /* read local */
952 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
954 case 3: /* write local */
955 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
958 t0off
= t0_parse7E_signed(&ip
);
961 case 5: /* jump if */
962 t0off
= t0_parse7E_signed(&ip
);
967 case 6: /* jump if not */
968 t0off
= t0_parse7E_signed(&ip
);
976 int32_t b
= T0_POPi();
977 int32_t a
= T0_POPi();
985 uint32_t b
= T0_POP();
986 uint32_t a
= T0_POP();
994 uint32_t b
= T0_POP();
995 uint32_t a
= T0_POP();
1003 uint32_t b
= T0_POP();
1004 uint32_t a
= T0_POP();
1017 int32_t b
= T0_POPi();
1018 int32_t a
= T0_POPi();
1026 int32_t b
= T0_POPi();
1027 int32_t a
= T0_POPi();
1028 T0_PUSH(-(uint32_t)(a
< b
));
1035 int c
= (int)T0_POPi();
1036 uint32_t x
= T0_POP();
1044 int32_t b
= T0_POPi();
1045 int32_t a
= T0_POPi();
1046 T0_PUSH(-(uint32_t)(a
<= b
));
1053 uint32_t b
= T0_POP();
1054 uint32_t a
= T0_POP();
1055 T0_PUSH(-(uint32_t)(a
!= b
));
1062 uint32_t b
= T0_POP();
1063 uint32_t a
= T0_POP();
1064 T0_PUSH(-(uint32_t)(a
== b
));
1071 int32_t b
= T0_POPi();
1072 int32_t a
= T0_POPi();
1073 T0_PUSH(-(uint32_t)(a
> b
));
1080 int32_t b
= T0_POPi();
1081 int32_t a
= T0_POPi();
1082 T0_PUSH(-(uint32_t)(a
>= b
));
1089 int c
= (int)T0_POPi();
1090 int32_t x
= T0_POPi();
1098 uint32_t b
= T0_POP();
1099 uint32_t a
= T0_POP();
1107 size_t len
= T0_POP();
1108 unsigned char *src
= (unsigned char *)CTX
+ T0_POP();
1109 unsigned char *dst
= (unsigned char *)CTX
+ T0_POP();
1110 memcpy(dst
, src
, len
);
1115 /* check-direct-trust */
1119 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1120 const br_x509_trust_anchor
*ta
;
1121 unsigned char hashed_DN
[64];
1124 ta
= &CTX
->trust_anchors
[u
];
1125 if (ta
->flags
& BR_X509_TA_CA
) {
1128 hash_dn(CTX
, ta
->dn
.data
, ta
->dn
.len
, hashed_DN
);
1129 if (memcmp(hashed_DN
, CTX
->current_dn_hash
, DNHASH_LEN
)) {
1132 kt
= CTX
->pkey
.key_type
;
1133 if ((ta
->pkey
.key_type
& 0x0F) != kt
) {
1138 case BR_KEYTYPE_RSA
:
1139 if (!eqbigint(CTX
->pkey
.key
.rsa
.n
,
1140 CTX
->pkey
.key
.rsa
.nlen
,
1142 ta
->pkey
.key
.rsa
.nlen
)
1143 || !eqbigint(CTX
->pkey
.key
.rsa
.e
,
1144 CTX
->pkey
.key
.rsa
.elen
,
1146 ta
->pkey
.key
.rsa
.elen
))
1153 if (CTX
->pkey
.key
.ec
.curve
!= ta
->pkey
.key
.ec
.curve
1154 || CTX
->pkey
.key
.ec
.qlen
!= ta
->pkey
.key
.ec
.qlen
1155 || memcmp(CTX
->pkey
.key
.ec
.q
,
1157 ta
->pkey
.key
.ec
.qlen
) != 0)
1168 * Direct trust match!
1170 CTX
->err
= BR_ERR_X509_OK
;
1177 /* check-trust-anchor-CA */
1181 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1182 const br_x509_trust_anchor
*ta
;
1183 unsigned char hashed_DN
[64];
1185 ta
= &CTX
->trust_anchors
[u
];
1186 if (!(ta
->flags
& BR_X509_TA_CA
)) {
1189 hash_dn(CTX
, ta
->dn
.data
, ta
->dn
.len
, hashed_DN
);
1190 if (memcmp(hashed_DN
, CTX
->saved_dn_hash
, DNHASH_LEN
)) {
1193 if (verify_signature(CTX
, &ta
->pkey
) == 0) {
1194 CTX
->err
= BR_ERR_X509_OK
;
1202 /* check-validity-range */
1204 uint32_t nbs
= T0_POP();
1205 uint32_t nbd
= T0_POP();
1206 uint32_t nas
= T0_POP();
1207 uint32_t nad
= T0_POP();
1209 if (CTX
->itime
!= 0) {
1210 r
= CTX
->itime(CTX
->itime_ctx
, nbd
, nbs
, nad
, nas
);
1211 if (r
< -1 || r
> 1) {
1212 CTX
->err
= BR_ERR_X509_TIME_UNKNOWN
;
1216 uint32_t vd
= CTX
->days
;
1217 uint32_t vs
= CTX
->seconds
;
1218 if (vd
== 0 && vs
== 0) {
1219 #if BR_USE_UNIX_TIME
1220 time_t x
= time(NULL
);
1222 vd
= (uint32_t)(x
/ 86400) + 719528;
1223 vs
= (uint32_t)(x
% 86400);
1224 #elif BR_USE_WIN32_TIME
1228 GetSystemTimeAsFileTime(&ft
);
1229 x
= ((uint64_t)ft
.dwHighDateTime
<< 32)
1230 + (uint64_t)ft
.dwLowDateTime
;
1232 vd
= (uint32_t)(x
/ 86400) + 584754;
1233 vs
= (uint32_t)(x
% 86400);
1235 CTX
->err
= BR_ERR_X509_TIME_UNKNOWN
;
1239 if (vd
< nbd
|| (vd
== nbd
&& vs
< nbs
)) {
1241 } else if (vd
> nad
|| (vd
== nad
&& vs
> nas
)) {
1257 /* compute-dn-hash */
1259 CTX
->dn_hash_impl
->out(&CTX
->dn_hash
.vtable
, CTX
->current_dn_hash
);
1260 CTX
->do_dn_hash
= 0;
1265 /* compute-tbs-hash */
1269 len
= br_multihash_out(&CTX
->mhash
, id
, CTX
->tbs_hash
);
1275 /* copy-ee-ec-pkey */
1277 size_t qlen
= T0_POP();
1278 uint32_t curve
= T0_POP();
1279 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, qlen
);
1280 CTX
->pkey
.key_type
= BR_KEYTYPE_EC
;
1281 CTX
->pkey
.key
.ec
.curve
= curve
;
1282 CTX
->pkey
.key
.ec
.q
= CTX
->ee_pkey_data
;
1283 CTX
->pkey
.key
.ec
.qlen
= qlen
;
1288 /* copy-ee-rsa-pkey */
1290 size_t elen
= T0_POP();
1291 size_t nlen
= T0_POP();
1292 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, nlen
+ elen
);
1293 CTX
->pkey
.key_type
= BR_KEYTYPE_RSA
;
1294 CTX
->pkey
.key
.rsa
.n
= CTX
->ee_pkey_data
;
1295 CTX
->pkey
.key
.rsa
.nlen
= nlen
;
1296 CTX
->pkey
.key
.rsa
.e
= CTX
->ee_pkey_data
+ nlen
;
1297 CTX
->pkey
.key
.rsa
.elen
= elen
;
1304 unsigned tag
= T0_POP();
1305 unsigned ok
= T0_POP();
1309 for (u
= 0; u
< CTX
->num_name_elts
; u
++) {
1310 br_name_element
*ne
;
1312 ne
= &CTX
->name_elts
[u
];
1313 if (ne
->status
== 0 && ne
->oid
[0] == 0 && ne
->oid
[1] == tag
) {
1314 if (ok
&& ne
->len
> len
) {
1315 memcpy(ne
->buf
, CTX
->pad
+ 1, len
);
1328 /* copy-name-element */
1331 int32_t off
= T0_POPi();
1335 br_name_element
*ne
= &CTX
->name_elts
[off
];
1339 if (len
< ne
->len
) {
1340 memcpy(ne
->buf
, CTX
->pad
+ 1, len
);
1356 size_t addr
= T0_POP();
1357 T0_PUSH(t0_datablock
[addr
]);
1362 /* dn-hash-length */
1364 T0_PUSH(DNHASH_LEN
);
1371 size_t qlen
= T0_POP();
1372 int curve
= T0_POP();
1375 pk
.key_type
= BR_KEYTYPE_EC
;
1376 pk
.key
.ec
.curve
= curve
;
1377 pk
.key
.ec
.q
= CTX
->pkey_data
;
1378 pk
.key
.ec
.qlen
= qlen
;
1379 T0_PUSH(verify_signature(CTX
, &pk
));
1386 size_t elen
= T0_POP();
1387 size_t nlen
= T0_POP();
1390 pk
.key_type
= BR_KEYTYPE_RSA
;
1391 pk
.key
.rsa
.n
= CTX
->pkey_data
;
1392 pk
.key
.rsa
.nlen
= nlen
;
1393 pk
.key
.rsa
.e
= CTX
->pkey_data
+ nlen
;
1394 pk
.key
.rsa
.elen
= elen
;
1395 T0_PUSH(verify_signature(CTX
, &pk
));
1406 T0_PUSH(T0_PEEK(0));
1412 const unsigned char *a2
= &t0_datablock
[T0_POP()];
1413 const unsigned char *a1
= &CTX
->pad
[0];
1417 x
= -(memcmp(a1
+ 1, a2
+ 1, len
) == 0);
1421 T0_PUSH((uint32_t)x
);
1428 size_t len
= T0_POP();
1429 const unsigned char *a2
= (const unsigned char *)CTX
+ T0_POP();
1430 const unsigned char *a1
= (const unsigned char *)CTX
+ T0_POP();
1431 T0_PUSHi(-(memcmp(a1
, a2
, len
) == 0));
1438 CTX
->err
= T0_POPi();
1446 uint32_t addr
= T0_POP();
1447 T0_PUSH(*(uint16_t *)(void *)((unsigned char *)CTX
+ addr
));
1454 uint32_t addr
= T0_POP();
1455 T0_PUSH(*(uint32_t *)(void *)((unsigned char *)CTX
+ addr
));
1460 /* match-server-name */
1464 if (CTX
->server_name
== NULL
) {
1468 n1
= strlen(CTX
->server_name
);
1470 if (n1
== n2
&& eqnocase(&CTX
->pad
[1], CTX
->server_name
, n1
)) {
1474 if (n2
>= 2 && CTX
->pad
[1] == '*' && CTX
->pad
[2] == '.') {
1478 while (u
< n1
&& CTX
->server_name
[u
] != '.') {
1484 && eqnocase(&CTX
->pad
[3], CTX
->server_name
+ u
, n1
))
1497 uint32_t a
= T0_POP();
1503 /* offset-name-element */
1505 unsigned san
= T0_POP();
1508 for (u
= 0; u
< CTX
->num_name_elts
; u
++) {
1509 if (CTX
->name_elts
[u
].status
== 0) {
1510 const unsigned char *oid
;
1513 oid
= CTX
->name_elts
[u
].oid
;
1515 if (oid
[0] != 0 || oid
[1] != 0) {
1523 if (len
!= 0 && len
== CTX
->pad
[0]
1524 && memcmp(oid
+ off
+ 1,
1525 CTX
->pad
+ 1, len
) == 0)
1539 uint32_t b
= T0_POP();
1540 uint32_t a
= T0_POP();
1547 T0_PUSH(T0_PEEK(1));
1551 /* read-blob-inner */
1553 uint32_t len
= T0_POP();
1554 uint32_t addr
= T0_POP();
1555 size_t clen
= CTX
->hlen
;
1560 memcpy((unsigned char *)CTX
+ addr
, CTX
->hbuf
, clen
);
1562 if (CTX
->do_mhash
) {
1563 br_multihash_update(&CTX
->mhash
, CTX
->hbuf
, clen
);
1565 if (CTX
->do_dn_hash
) {
1566 CTX
->dn_hash_impl
->update(
1567 &CTX
->dn_hash
.vtable
, CTX
->hbuf
, clen
);
1571 T0_PUSH(addr
+ clen
);
1572 T0_PUSH(len
- clen
);
1579 if (CTX
->hlen
== 0) {
1582 unsigned char x
= *CTX
->hbuf
++;
1583 if (CTX
->do_mhash
) {
1584 br_multihash_update(&CTX
->mhash
, &x
, 1);
1586 if (CTX
->do_dn_hash
) {
1587 CTX
->dn_hash_impl
->update(&CTX
->dn_hash
.vtable
, &x
, 1);
1603 uint32_t addr
= T0_POP();
1604 *(uint16_t *)(void *)((unsigned char *)CTX
+ addr
) = T0_POP();
1611 uint32_t addr
= T0_POP();
1612 *(uint32_t *)(void *)((unsigned char *)CTX
+ addr
) = T0_POP();
1619 uint32_t addr
= T0_POP();
1620 *((unsigned char *)CTX
+ addr
) = (unsigned char)T0_POP();
1627 CTX
->dn_hash_impl
->init(&CTX
->dn_hash
.vtable
);
1628 CTX
->do_dn_hash
= 1;
1633 /* start-tbs-hash */
1635 br_multihash_init(&CTX
->mhash
);
1653 /* zero-server-name */
1655 T0_PUSHi(-(CTX
->server_name
== NULL
));
1662 T0_ENTER(ip
, rp
, t0x
);
1666 ((t0_context
*)t0ctx
)->dp
= dp
;
1667 ((t0_context
*)t0ctx
)->rp
= rp
;
1668 ((t0_context
*)t0ctx
)->ip
= ip
;
1674 * Verify the signature on the certificate with the provided public key.
1675 * This function checks the public key type with regards to the expected
1676 * type. Returned value is either 0 on success, or a non-zero error code.
1679 verify_signature(br_x509_minimal_context
*ctx
, const br_x509_pkey
*pk
)
1683 kt
= ctx
->cert_signer_key_type
;
1684 if ((pk
->key_type
& 0x0F) != kt
) {
1685 return BR_ERR_X509_WRONG_KEY_TYPE
;
1688 unsigned char tmp
[64];
1690 case BR_KEYTYPE_RSA
:
1691 if (ctx
->irsa
== 0) {
1692 return BR_ERR_X509_UNSUPPORTED
;
1694 if (!ctx
->irsa(ctx
->cert_sig
, ctx
->cert_sig_len
,
1695 &t0_datablock
[ctx
->cert_sig_hash_oid
],
1696 ctx
->cert_sig_hash_len
, &pk
->key
.rsa
, tmp
))
1698 return BR_ERR_X509_BAD_SIGNATURE
;
1700 if (memcmp(ctx
->tbs_hash
, tmp
, ctx
->cert_sig_hash_len
) != 0) {
1701 return BR_ERR_X509_BAD_SIGNATURE
;
1706 if (ctx
->iecdsa
== 0) {
1707 return BR_ERR_X509_UNSUPPORTED
;
1709 if (!ctx
->iecdsa(ctx
->iec
, ctx
->tbs_hash
,
1710 ctx
->cert_sig_hash_len
, &pk
->key
.ec
,
1711 ctx
->cert_sig
, ctx
->cert_sig_len
))
1713 return BR_ERR_X509_BAD_SIGNATURE
;
1718 return BR_ERR_X509_UNSUPPORTED
;