projects / BearSSL / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fixed mishandling of UTF-8 codepoints in the FDF0..FEDF range (these were unduly...
[BearSSL] / src / x509 / x509_minimal.c
1 /* Automatically generated code; do not modify directly. */
2
3 #include <stddef.h>
4 #include <stdint.h>
5
6 typedef struct {
7 uint32_t *dp;
8 uint32_t *rp;
9 const unsigned char *ip;
10 } t0_context;
11
12 static uint32_t
13 t0_parse7E_unsigned(const unsigned char **p)
14 {
15 uint32_t x;
16
17 x = 0;
18 for (;;) {
19 unsigned y;
20
21 y = *(*p) ++;
22 x = (x << 7) | (uint32_t)(y & 0x7F);
23 if (y < 0x80) {
24 return x;
25 }
26 }
27 }
28
29 static int32_t
30 t0_parse7E_signed(const unsigned char **p)
31 {
32 int neg;
33 uint32_t x;
34
35 neg = ((**p) >> 6) & 1;
36 x = (uint32_t)-neg;
37 for (;;) {
38 unsigned y;
39
40 y = *(*p) ++;
41 x = (x << 7) | (uint32_t)(y & 0x7F);
42 if (y < 0x80) {
43 if (neg) {
44 return -(int32_t)~x - 1;
45 } else {
46 return (int32_t)x;
47 }
48 }
49 }
50 }
51
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
60
61 /* static const unsigned char t0_datablock[]; */
62
63
64 void br_x509_minimal_init_main(void *t0ctx);
65
66 void br_x509_minimal_run(void *t0ctx);
67
68
69
70 #include "inner.h"
71
72
73
74
75
76 #include "inner.h"
77
78 /*
79 * Implementation Notes
80 * --------------------
81 *
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
88 *
89 * The T0 code sets cert_length to 0 when the certificate is fully
90 * decoded.
91 *
92 * The C code must still perform two checks:
93 *
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
96 * C code.
97 *
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
101 *
102 * Processing of a chain works in the following way:
103 *
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
109 *
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
112 *
113 * -- Start of the TBS: the multihash engine is reset and activated.
114 *
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
117 *
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
121 *
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
124 *
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
127 *
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
130 *
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
134 *
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
137 *
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
143 *
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
146 *
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
152 *
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
156 *
157 * -- Extensions: extension values are processed in due order.
158 *
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
162 *
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
166 *
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
169 *
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
176 *
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
180 *
181 * -- End of the TBS: the multihash engine is stopped.
182 *
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
189 *
190 * -- Signature value: the signature value is copied into the
191 * cert_sig[] array.
192 *
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
198 *
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
201 */
202
203 #if BR_USE_UNIX_TIME
204 #include <time.h>
205 #endif
206
207 #if BR_USE_WIN32_TIME
208 #include <windows.h>
209 #endif
210
211 /*
212 * The T0 compiler will produce these prototypes declarations in the
213 * header.
214 *
215 void br_x509_minimal_init_main(void *ctx);
216 void br_x509_minimal_run(void *ctx);
217 */
218
219 /* see bearssl_x509.h */
220 void
221 br_x509_minimal_init(br_x509_minimal_context *ctx,
222 const br_hash_class *dn_hash_impl,
223 const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num)
224 {
225 memset(ctx, 0, sizeof *ctx);
226 ctx->vtable = &br_x509_minimal_vtable;
227 ctx->dn_hash_impl = dn_hash_impl;
228 ctx->trust_anchors = trust_anchors;
229 ctx->trust_anchors_num = trust_anchors_num;
230 }
231
232 static void
233 xm_start_chain(const br_x509_class **ctx, const char *server_name)
234 {
235 br_x509_minimal_context *cc;
236 size_t u;
237
238 cc = (br_x509_minimal_context *)(void *)ctx;
239 for (u = 0; u < cc->num_name_elts; u ++) {
240 cc->name_elts[u].status = 0;
241 cc->name_elts[u].buf[0] = 0;
242 }
243 memset(&cc->pkey, 0, sizeof cc->pkey);
244 cc->num_certs = 0;
245 cc->err = 0;
246 cc->cpu.dp = cc->dp_stack;
247 cc->cpu.rp = cc->rp_stack;
248 br_x509_minimal_init_main(&cc->cpu);
249 if (server_name == NULL || *server_name == 0) {
250 cc->server_name = NULL;
251 } else {
252 cc->server_name = server_name;
253 }
254 }
255
256 static void
257 xm_start_cert(const br_x509_class **ctx, uint32_t length)
258 {
259 br_x509_minimal_context *cc;
260
261 cc = (br_x509_minimal_context *)(void *)ctx;
262 if (cc->err != 0) {
263 return;
264 }
265 if (length == 0) {
266 cc->err = BR_ERR_X509_TRUNCATED;
267 return;
268 }
269 cc->cert_length = length;
270 }
271
272 static void
273 xm_append(const br_x509_class **ctx, const unsigned char *buf, size_t len)
274 {
275 br_x509_minimal_context *cc;
276
277 cc = (br_x509_minimal_context *)(void *)ctx;
278 if (cc->err != 0) {
279 return;
280 }
281 cc->hbuf = buf;
282 cc->hlen = len;
283 br_x509_minimal_run(&cc->cpu);
284 }
285
286 static void
287 xm_end_cert(const br_x509_class **ctx)
288 {
289 br_x509_minimal_context *cc;
290
291 cc = (br_x509_minimal_context *)(void *)ctx;
292 if (cc->err == 0 && cc->cert_length != 0) {
293 cc->err = BR_ERR_X509_TRUNCATED;
294 }
295 cc->num_certs ++;
296 }
297
298 static unsigned
299 xm_end_chain(const br_x509_class **ctx)
300 {
301 br_x509_minimal_context *cc;
302
303 cc = (br_x509_minimal_context *)(void *)ctx;
304 if (cc->err == 0) {
305 if (cc->num_certs == 0) {
306 cc->err = BR_ERR_X509_EMPTY_CHAIN;
307 } else {
308 cc->err = BR_ERR_X509_NOT_TRUSTED;
309 }
310 } else if (cc->err == BR_ERR_X509_OK) {
311 return 0;
312 }
313 return (unsigned)cc->err;
314 }
315
316 static const br_x509_pkey *
317 xm_get_pkey(const br_x509_class *const *ctx, unsigned *usages)
318 {
319 br_x509_minimal_context *cc;
320
321 cc = (br_x509_minimal_context *)(void *)ctx;
322 if (cc->err == BR_ERR_X509_OK
323 || cc->err == BR_ERR_X509_NOT_TRUSTED)
324 {
325 if (usages != NULL) {
326 *usages = cc->key_usages;
327 }
328 return &((br_x509_minimal_context *)(void *)ctx)->pkey;
329 } else {
330 return NULL;
331 }
332 }
333
334 /* see bearssl_x509.h */
335 const br_x509_class br_x509_minimal_vtable = {
336 sizeof(br_x509_minimal_context),
337 xm_start_chain,
338 xm_start_cert,
339 xm_append,
340 xm_end_cert,
341 xm_end_chain,
342 xm_get_pkey
343 };
344
345 #define CTX ((br_x509_minimal_context *)(void *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
346 #define CONTEXT_NAME br_x509_minimal_context
347
348 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
349
350 /*
351 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
352 * DN hash implementation and context structure from the X.509 engine
353 * context.
354 */
355 static void
356 hash_dn(br_x509_minimal_context *ctx, const void *dn, size_t len,
357 unsigned char *out)
358 {
359 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable);
360 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len);
361 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out);
362 }
363
364 /*
365 * Compare two big integers for equality. The integers use unsigned big-endian
366 * encoding; extra leading bytes (of value 0) are allowed.
367 */
368 static int
369 eqbigint(const unsigned char *b1, size_t len1,
370 const unsigned char *b2, size_t len2)
371 {
372 while (len1 > 0 && *b1 == 0) {
373 b1 ++;
374 len1 --;
375 }
376 while (len2 > 0 && *b2 == 0) {
377 b2 ++;
378 len2 --;
379 }
380 if (len1 != len2) {
381 return 0;
382 }
383 return memcmp(b1, b2, len1) == 0;
384 }
385
386 /*
387 * Compare two strings for equality, in a case-insensitive way. This
388 * function handles casing only for ASCII letters.
389 */
390 static int
391 eqnocase(const void *s1, const void *s2, size_t len)
392 {
393 const unsigned char *buf1, *buf2;
394
395 buf1 = s1;
396 buf2 = s2;
397 while (len -- > 0) {
398 int x1, x2;
399
400 x1 = *buf1 ++;
401 x2 = *buf2 ++;
402 if (x1 >= 'A' && x1 <= 'Z') {
403 x1 += 'a' - 'A';
404 }
405 if (x2 >= 'A' && x2 <= 'Z') {
406 x2 += 'a' - 'A';
407 }
408 if (x1 != x2) {
409 return 0;
410 }
411 }
412 return 1;
413 }
414
415 static int verify_signature(br_x509_minimal_context *ctx,
416 const br_x509_pkey *pk);
417
418
419
420 static const unsigned char t0_datablock[] = {
421 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
422 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
423 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
424 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
425 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
426 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
427 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
428 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
429 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
430 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
431 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
432 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
433 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
434 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
435 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
436 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
437 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
438 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
439 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
440 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
441 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01,
442 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D,
443 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D,
444 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
445 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
446 };
447
448 static const unsigned char t0_codeblock[] = {
449 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
450 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
451 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
452 T0_INT1(BR_ERR_X509_BAD_BOOLEAN), 0x00, 0x00, 0x01,
453 T0_INT1(BR_ERR_X509_BAD_DN), 0x00, 0x00, 0x01,
454 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME), 0x00, 0x00, 0x01,
455 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS), 0x00, 0x00, 0x01,
456 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE), 0x00, 0x00, 0x01,
457 T0_INT1(BR_ERR_X509_BAD_TIME), 0x00, 0x00, 0x01,
458 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION), 0x00, 0x00, 0x01,
459 T0_INT1(BR_ERR_X509_DN_MISMATCH), 0x00, 0x00, 0x01,
460 T0_INT1(BR_ERR_X509_EXPIRED), 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_X509_INNER_TRUNC), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_NOT_CA), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_OVERFLOW), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_PARTIAL_BYTE), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_UNEXPECTED), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_UNSUPPORTED), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY), 0x00, 0x00, 0x01,
474 T0_INT1(BR_KEYTYPE_EC), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA),
475 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_length)), 0x00,
476 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig)), 0x00, 0x00,
477 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_len)), 0x00, 0x00,
478 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_oid)), 0x00, 0x00,
479 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_len)), 0x00, 0x00, 0x01,
480 T0_INT2(offsetof(CONTEXT_NAME, cert_signer_key_type)), 0x00, 0x00,
481 0x01, T0_INT2(offsetof(CONTEXT_NAME, current_dn_hash)), 0x00, 0x00,
482 0x01, T0_INT2(offsetof(CONTEXT_NAME, key_usages)), 0x00, 0x00, 0x01,
483 T0_INT2(offsetof(br_x509_minimal_context, pkey_data)), 0x01,
484 T0_INT2(BR_X509_BUFSIZE_KEY), 0x00, 0x00, 0x01,
485 T0_INT2(offsetof(CONTEXT_NAME, min_rsa_size)), 0x00, 0x00, 0x01,
486 T0_INT2(offsetof(CONTEXT_NAME, next_dn_hash)), 0x00, 0x00, 0x01,
487 T0_INT2(offsetof(CONTEXT_NAME, num_certs)), 0x00, 0x00, 0x01,
488 T0_INT2(offsetof(CONTEXT_NAME, pad)), 0x00, 0x00, 0x01,
489 T0_INT2(offsetof(CONTEXT_NAME, saved_dn_hash)), 0x00, 0x00, 0xC9, 0x71,
490 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
491 0x01, 0x81, 0x02, 0x00, 0x00, 0x92, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
492 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
493 0x00, 0x00, 0x01, 0x82, 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00,
494 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
495 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
496 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
497 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
498 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00,
499 0x06, 0x02, 0x53, 0x28, 0x00, 0x00, 0x01, 0x10, 0x77, 0x00, 0x00, 0x11,
500 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28,
501 0x75, 0x00, 0x00, 0x06, 0x02, 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x11,
502 0x00, 0x00, 0x25, 0x20, 0x01, 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00,
503 0x09, 0x03, 0x00, 0x5B, 0x2B, 0xAF, 0x39, 0xAF, 0xB3, 0x25, 0x01, 0x20,
504 0x11, 0x06, 0x11, 0x24, 0x74, 0xAD, 0xB3, 0x01, 0x02, 0x78, 0xB0, 0x01,
505 0x02, 0x12, 0x06, 0x02, 0x57, 0x28, 0x79, 0xB3, 0x01, 0x02, 0x78, 0xAE,
506 0xAF, 0xC2, 0x9C, 0x65, 0x61, 0x21, 0x16, 0xAF, 0xA7, 0x29, 0x69, 0x06,
507 0x02, 0x4B, 0x28, 0xA7, 0x29, 0x71, 0x06, 0x02, 0x4B, 0x28, 0x79, 0x02,
508 0x00, 0x06, 0x05, 0x9D, 0x03, 0x01, 0x04, 0x09, 0x9C, 0x61, 0x68, 0x21,
509 0x27, 0x05, 0x02, 0x4A, 0x28, 0x68, 0x65, 0x21, 0x16, 0xAF, 0xAF, 0x9E,
510 0x05, 0x02, 0x57, 0x28, 0xBC, 0x26, 0x06, 0x27, 0xC2, 0xA4, 0xAF, 0x63,
511 0xAA, 0x03, 0x03, 0x63, 0x3B, 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A,
512 0xAA, 0x03, 0x04, 0x79, 0x64, 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03,
513 0x12, 0x06, 0x02, 0x58, 0x28, 0x79, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x88,
514 0x26, 0x06, 0x34, 0x9E, 0x05, 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04,
515 0x01, 0x17, 0x04, 0x12, 0x6B, 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A,
516 0x6C, 0x26, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05,
517 0x79, 0xA4, 0x25, 0x03, 0x06, 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50,
518 0x28, 0xA5, 0x59, 0x03, 0x02, 0x04, 0x02, 0x57, 0x28, 0x79, 0x02, 0x00,
519 0x06, 0x21, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03,
520 0x02, 0x04, 0x1D, 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02,
521 0x05, 0x02, 0x06, 0x1C, 0x04, 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02,
522 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23,
523 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06,
524 0x22, 0x04, 0x03, 0x57, 0x28, 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01,
525 0x00, 0x03, 0x07, 0xB4, 0x01, 0x21, 0x8F, 0x01, 0x22, 0x8F, 0x25, 0x01,
526 0x23, 0x11, 0x06, 0x81, 0x26, 0x24, 0x74, 0xAD, 0xAF, 0x25, 0x06, 0x81,
527 0x1A, 0x01, 0x00, 0x03, 0x08, 0xAF, 0x9E, 0x24, 0xB3, 0x25, 0x01, 0x01,
528 0x11, 0x06, 0x04, 0xA6, 0x03, 0x08, 0xB3, 0x01, 0x04, 0x78, 0xAD, 0x70,
529 0x26, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC3, 0x04, 0x05, 0x99, 0x01,
530 0x7F, 0x03, 0x07, 0x04, 0x80, 0x6C, 0x91, 0x26, 0x06, 0x06, 0x02, 0x00,
531 0x9B, 0x04, 0x80, 0x62, 0xC5, 0x26, 0x06, 0x11, 0x02, 0x00, 0x06, 0x09,
532 0x01, 0x00, 0x03, 0x01, 0x98, 0x03, 0x01, 0x04, 0x01, 0xC3, 0x04, 0x80,
533 0x4D, 0x73, 0x26, 0x06, 0x0A, 0x02, 0x08, 0x06, 0x03, 0x9A, 0x04, 0x01,
534 0xC3, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x38, 0xC8, 0x26,
535 0x06, 0x03, 0xC3, 0x04, 0x31, 0x90, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x2A,
536 0xC6, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x23, 0x7A, 0x26, 0x06, 0x03, 0xC3,
537 0x04, 0x1C, 0x85, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x15, 0x6E, 0x26, 0x06,
538 0x03, 0xC3, 0x04, 0x0E, 0xC7, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x07, 0x02,
539 0x08, 0x06, 0x02, 0x49, 0x28, 0xC3, 0x79, 0x79, 0x04, 0xFE, 0x62, 0x79,
540 0x79, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02, 0x56, 0x28, 0x24, 0x79,
541 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C, 0x2F, 0x05, 0x02, 0x45,
542 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00, 0x02, 0x07, 0x2F, 0x05,
543 0x02, 0x51, 0x28, 0xB3, 0x76, 0xAD, 0x9E, 0x06, 0x80, 0x77, 0xBD, 0x26,
544 0x06, 0x07, 0x01, 0x02, 0x5A, 0x8A, 0x04, 0x80, 0x5E, 0xBE, 0x26, 0x06,
545 0x07, 0x01, 0x03, 0x5A, 0x8B, 0x04, 0x80, 0x53, 0xBF, 0x26, 0x06, 0x07,
546 0x01, 0x04, 0x5A, 0x8C, 0x04, 0x80, 0x48, 0xC0, 0x26, 0x06, 0x06, 0x01,
547 0x05, 0x5A, 0x8D, 0x04, 0x3E, 0xC1, 0x26, 0x06, 0x06, 0x01, 0x06, 0x5A,
548 0x8E, 0x04, 0x34, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x02, 0x59, 0x8A, 0x04,
549 0x2A, 0x80, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59, 0x8B, 0x04, 0x20, 0x81,
550 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8C, 0x04, 0x16, 0x82, 0x26, 0x06,
551 0x06, 0x01, 0x05, 0x59, 0x8D, 0x04, 0x0C, 0x83, 0x26, 0x06, 0x06, 0x01,
552 0x06, 0x59, 0x8E, 0x04, 0x02, 0x57, 0x28, 0x5E, 0x35, 0x60, 0x37, 0x1B,
553 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04, 0x02, 0x57, 0x28, 0xC2,
554 0xA4, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG), 0x12, 0x06, 0x02, 0x50,
555 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA5, 0x79, 0x79, 0x01, 0x00, 0x5B, 0x36,
556 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01, 0x00, 0x01, 0x09, 0x72,
557 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30, 0x00, 0x00, 0x01, 0x81,
558 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 0x01, 0x81, 0x19, 0x00,
559 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 0x2B, 0x00, 0x01, 0x7E,
560 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F, 0x11, 0x15, 0x06, 0x03,
561 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25, 0xCA, 0x05, 0x04, 0x42,
562 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x96, 0x04,
563 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06, 0x0F, 0x01, 0x06, 0x14,
564 0x01, 0x81, 0x40, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x00, 0x97, 0x04, 0x33,
565 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14, 0x01, 0x0C, 0x14, 0x01,
566 0x81, 0x60, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00, 0x01,
567 0x00, 0x97, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01, 0x81, 0x70, 0x2F, 0x96,
568 0x02, 0x00, 0x01, 0x0C, 0x97, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00,
569 0x01, 0x00, 0x97, 0x00, 0x00, 0x01, 0x82, 0x15, 0x00, 0x00, 0x25, 0x01,
570 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x81,
571 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00,
572 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80,
573 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00,
574 0x00, 0x30, 0x11, 0x06, 0x04, 0x42, 0xAD, 0xC2, 0xB4, 0x00, 0x00, 0x01,
575 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83,
576 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62,
577 0x37, 0x01, 0x7F, 0x7C, 0x19, 0x01, 0x00, 0x7C, 0x19, 0x04, 0x7A, 0x00,
578 0x01, 0x81, 0x38, 0x00, 0x01, 0x7E, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25,
579 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01,
580 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67,
581 0x09, 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00,
582 0x2F, 0x96, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAF, 0x25, 0x06, 0x80,
583 0x59, 0xB3, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x74, 0xAD, 0x9E,
584 0x24, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB3, 0x01, 0x20, 0x77, 0xAD, 0xB2,
585 0x02, 0x01, 0x1F, 0x79, 0x79, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06,
586 0x08, 0x24, 0x75, 0xB6, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30,
587 0x11, 0x06, 0x11, 0x24, 0x75, 0xB6, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00,
588 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11,
589 0x06, 0x08, 0x24, 0x75, 0xB6, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAE,
590 0x01, 0x00, 0x24, 0x04, 0xFF, 0x23, 0x79, 0x02, 0x00, 0x00, 0x00, 0xAF,
591 0xB4, 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA6, 0x05, 0x02, 0x51, 0x28,
592 0xB4, 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24,
593 0x75, 0xB0, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB4, 0x01,
594 0x7F, 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x79, 0x00, 0x00, 0xAF, 0x25,
595 0x06, 0x1A, 0xAF, 0x9E, 0x24, 0x25, 0x06, 0x11, 0xAF, 0x25, 0x06, 0x0C,
596 0xAF, 0x9E, 0x24, 0x89, 0x26, 0x05, 0x02, 0x49, 0x28, 0xC2, 0x04, 0x71,
597 0x79, 0x79, 0x04, 0x63, 0x79, 0x00, 0x02, 0x03, 0x00, 0xB3, 0x01, 0x03,
598 0x78, 0xAD, 0xBA, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12, 0x06, 0x02,
599 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24, 0x4D, 0x28,
600 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xBA, 0x02, 0x01,
601 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xBA, 0x01, 0x00, 0x24, 0x02,
602 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06, 0x03, 0x01,
603 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01, 0x20, 0x2F,
604 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D, 0x28, 0xC2,
605 0x00, 0x00, 0x38, 0xAF, 0xC2, 0x1A, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00,
606 0x38, 0xAF, 0x25, 0x06, 0x30, 0xB3, 0x01, 0x11, 0x77, 0xAD, 0x25, 0x05,
607 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAF, 0x9E, 0x24, 0x87, 0x26, 0x03,
608 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xB2, 0x25, 0x02, 0x01, 0x15, 0x06,
609 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02, 0x1F, 0x79,
610 0x04, 0x5D, 0x79, 0x04, 0x4D, 0x79, 0x1A, 0x02, 0x00, 0x00, 0x00, 0xB3,
611 0x01, 0x06, 0x78, 0xB1, 0x00, 0x00, 0xB8, 0x86, 0x06, 0x0E, 0x3B, 0x25,
612 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB8, 0x6D, 0x04, 0x08,
613 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB9, 0x86,
614 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00,
615 0xB9, 0x6D, 0x04, 0x08, 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00,
616 0x00, 0x00, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x00, 0x04,
617 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24, 0x01, 0x00,
618 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06, 0x0E, 0x01,
619 0x1F, 0x15, 0x01, 0x01, 0xA3, 0x01, 0x81, 0x00, 0x01, 0x8F, 0x7F, 0x04,
620 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F, 0x15, 0x01,
621 0x02, 0xA3, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04, 0x1C, 0x25,
622 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01, 0x03, 0xA3,
623 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04, 0x04, 0x24,
624 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00, 0x00, 0x3B,
625 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xBA, 0x34, 0x25,
626 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B, 0x25, 0x01,
627 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F, 0x00, 0x01,
628 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0xA2, 0x34, 0x41,
629 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB3, 0x01, 0x03, 0x78, 0xAD, 0xBA,
630 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07, 0x31, 0x25,
631 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01, 0x78, 0xAC,
632 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xBA, 0x3E, 0x00, 0x04, 0xB3,
633 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28, 0x01, 0x18,
634 0x11, 0x03, 0x00, 0x75, 0xAD, 0xA8, 0x02, 0x00, 0x06, 0x0C, 0x01, 0x80,
635 0x64, 0x08, 0x03, 0x01, 0xA8, 0x02, 0x01, 0x09, 0x04, 0x0E, 0x25, 0x01,
636 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E, 0x6C, 0x09,
637 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01, 0x01, 0x03,
638 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63, 0x09, 0x01,
639 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09, 0x01, 0x83,
640 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA9, 0x41, 0x01,
641 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01, 0x01, 0x80,
642 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F, 0x2F, 0x15,
643 0x06, 0x03, 0x01, 0x18, 0x09, 0x94, 0x09, 0x7B, 0x25, 0x01, 0x05, 0x14,
644 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01, 0x3B, 0xA9,
645 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17, 0xA9, 0x01,
646 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA9, 0x01, 0x3C,
647 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C, 0xA9, 0x02,
648 0x02, 0x09, 0x03, 0x02, 0xBA, 0x25, 0x01, 0x2E, 0x11, 0x06, 0x0D, 0x24,
649 0xBA, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24, 0x04, 0x74,
650 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x79, 0x02, 0x03, 0x02,
651 0x02, 0x00, 0x01, 0xBA, 0x7D, 0x01, 0x0A, 0x08, 0x03, 0x00, 0xBA, 0x7D,
652 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA8, 0x25, 0x02,
653 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x34, 0xB3,
654 0x01, 0x02, 0x78, 0x0B, 0xAB, 0x00, 0x03, 0x25, 0x03, 0x00, 0x03, 0x01,
655 0x03, 0x02, 0xAD, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06, 0x02, 0x54,
656 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05, 0x04, 0x24,
657 0x01, 0x00, 0x00, 0xBA, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05, 0x02, 0x50,
658 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40, 0x03, 0x02,
659 0x25, 0x06, 0x03, 0xBA, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02, 0x01, 0x0A,
660 0x00, 0x01, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01, 0x00, 0x01,
661 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00, 0x01, 0x00,
662 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41, 0x03, 0x00,
663 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F, 0x28, 0x01,
664 0x08, 0x0E, 0x3B, 0xBA, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00, 0xAC, 0x95,
665 0x00, 0x00, 0xAD, 0xC2, 0x00, 0x00, 0xB3, 0x76, 0xAD, 0x00, 0x01, 0xAD,
666 0x25, 0x05, 0x02, 0x54, 0x28, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
667 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xBA, 0x02, 0x00, 0x25,
668 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28, 0x01, 0x08,
669 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00, 0x00, 0xAD,
670 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xC2, 0x01, 0x00, 0x67, 0x37,
671 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA5, 0x01, 0x7F, 0x00,
672 0x00, 0xB3, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB6, 0x04,
673 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x33,
674 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x28, 0x01,
675 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x1D, 0x01, 0x16,
676 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x12, 0x01, 0x1E, 0x30,
677 0x11, 0x06, 0x05, 0x24, 0x75, 0xB5, 0x04, 0x07, 0x42, 0xAE, 0x01, 0x00,
678 0x01, 0x00, 0x24, 0x00, 0x01, 0xBA, 0x03, 0x00, 0x02, 0x00, 0x01, 0x05,
679 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14, 0x25, 0x01,
680 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02, 0x00, 0x01,
681 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28, 0x09, 0x00,
682 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB3, 0x00, 0x01,
683 0xAD, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01, 0x01, 0x03,
684 0x00, 0x9F, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16, 0x24, 0x25,
685 0x06, 0x10, 0xA0, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02,
686 0x00, 0x84, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05, 0x05, 0x24,
687 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x25, 0x06, 0x0B,
688 0x9F, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x04, 0x6D, 0x24,
689 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00,
690 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xA1, 0x25, 0x05,
691 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x04,
692 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
693 0x7F, 0x00, 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xBA,
694 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03,
695 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
696 0x37, 0x01, 0x7F, 0x00, 0x00, 0xBA, 0x01, 0x08, 0x0E, 0x3B, 0xBA, 0x34,
697 0x09, 0x00, 0x00, 0xBA, 0x3B, 0xBA, 0x01, 0x08, 0x0E, 0x34, 0x09, 0x00,
698 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xBB, 0x00, 0x00, 0x32, 0x25,
699 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74, 0x00, 0x01,
700 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00, 0x00, 0x01,
701 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00, 0x00, 0xC3,
702 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC4, 0x25, 0x06, 0x01, 0x19, 0x04,
703 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00, 0x00, 0x01,
704 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00, 0x00, 0x01, 0x82, 0x22,
705 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x01, 0x03, 0x33, 0x01, 0x03,
706 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFB, 0x6F,
707 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00,
708 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x01,
709 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
710 };
711
712 static const uint16_t t0_caddr[] = {
713 0,
714 5,
715 10,
716 15,
717 20,
718 25,
719 29,
720 33,
721 37,
722 41,
723 45,
724 49,
725 53,
726 57,
727 61,
728 65,
729 69,
730 73,
731 77,
732 81,
733 85,
734 89,
735 93,
736 97,
737 101,
738 105,
739 109,
740 113,
741 117,
742 121,
743 125,
744 130,
745 135,
746 140,
747 145,
748 150,
749 155,
750 160,
751 165,
752 173,
753 178,
754 183,
755 188,
756 193,
757 198,
758 202,
759 207,
760 212,
761 217,
762 238,
763 243,
764 248,
765 253,
766 282,
767 297,
768 302,
769 308,
770 314,
771 319,
772 327,
773 335,
774 341,
775 346,
776 357,
777 992,
778 1007,
779 1011,
780 1016,
781 1021,
782 1026,
783 1031,
784 1036,
785 1150,
786 1155,
787 1167,
788 1172,
789 1177,
790 1182,
791 1186,
792 1191,
793 1196,
794 1201,
795 1206,
796 1216,
797 1221,
798 1226,
799 1238,
800 1253,
801 1258,
802 1272,
803 1294,
804 1305,
805 1408,
806 1455,
807 1488,
808 1579,
809 1585,
810 1648,
811 1655,
812 1683,
813 1711,
814 1816,
815 1858,
816 1871,
817 1883,
818 1897,
819 1912,
820 2132,
821 2146,
822 2163,
823 2172,
824 2239,
825 2295,
826 2299,
827 2303,
828 2308,
829 2356,
830 2382,
831 2458,
832 2502,
833 2513,
834 2598,
835 2636,
836 2674,
837 2684,
838 2694,
839 2703,
840 2716,
841 2720,
842 2724,
843 2728,
844 2732,
845 2736,
846 2740,
847 2744,
848 2756,
849 2764,
850 2769,
851 2774,
852 2779,
853 2784,
854 2792
855 };
856
857 #define T0_INTERPRETED 61
858
859 #define T0_ENTER(ip, rp, slot) do { \
860 const unsigned char *t0_newip; \
861 uint32_t t0_lnum; \
862 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
863 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
864 (rp) += t0_lnum; \
865 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
866 (ip) = t0_newip; \
867 } while (0)
868
869 #define T0_DEFENTRY(name, slot) \
870 void \
871 name(void *ctx) \
872 { \
873 t0_context *t0ctx = ctx; \
874 t0ctx->ip = &t0_codeblock[0]; \
875 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
876 }
877
878 T0_DEFENTRY(br_x509_minimal_init_main, 147)
879
880 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
881
882 void
883 br_x509_minimal_run(void *t0ctx)
884 {
885 uint32_t *dp, *rp;
886 const unsigned char *ip;
887
888 #define T0_LOCAL(x) (*(rp - 2 - (x)))
889 #define T0_POP() (*-- dp)
890 #define T0_POPi() (*(int32_t *)(-- dp))
891 #define T0_PEEK(x) (*(dp - 1 - (x)))
892 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
893 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
894 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
895 #define T0_RPOP() (*-- rp)
896 #define T0_RPOPi() (*(int32_t *)(-- rp))
897 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
898 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
899 #define T0_ROLL(x) do { \
900 size_t t0len = (size_t)(x); \
901 uint32_t t0tmp = *(dp - 1 - t0len); \
902 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
903 *(dp - 1) = t0tmp; \
904 } while (0)
905 #define T0_SWAP() do { \
906 uint32_t t0tmp = *(dp - 2); \
907 *(dp - 2) = *(dp - 1); \
908 *(dp - 1) = t0tmp; \
909 } while (0)
910 #define T0_ROT() do { \
911 uint32_t t0tmp = *(dp - 3); \
912 *(dp - 3) = *(dp - 2); \
913 *(dp - 2) = *(dp - 1); \
914 *(dp - 1) = t0tmp; \
915 } while (0)
916 #define T0_NROT() do { \
917 uint32_t t0tmp = *(dp - 1); \
918 *(dp - 1) = *(dp - 2); \
919 *(dp - 2) = *(dp - 3); \
920 *(dp - 3) = t0tmp; \
921 } while (0)
922 #define T0_PICK(x) do { \
923 uint32_t t0depth = (x); \
924 T0_PUSH(T0_PEEK(t0depth)); \
925 } while (0)
926 #define T0_CO() do { \
927 goto t0_exit; \
928 } while (0)
929 #define T0_RET() goto t0_next
930
931 dp = ((t0_context *)t0ctx)->dp;
932 rp = ((t0_context *)t0ctx)->rp;
933 ip = ((t0_context *)t0ctx)->ip;
934 goto t0_next;
935 for (;;) {
936 uint32_t t0x;
937
938 t0_next:
939 t0x = T0_NEXT(&ip);
940 if (t0x < T0_INTERPRETED) {
941 switch (t0x) {
942 int32_t t0off;
943
944 case 0: /* ret */
945 t0x = T0_RPOP();
946 rp -= (t0x >> 16);
947 t0x &= 0xFFFF;
948 if (t0x == 0) {
949 ip = NULL;
950 goto t0_exit;
951 }
952 ip = &t0_codeblock[t0x];
953 break;
954 case 1: /* literal constant */
955 T0_PUSHi(t0_parse7E_signed(&ip));
956 break;
957 case 2: /* read local */
958 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));
959 break;
960 case 3: /* write local */
961 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();
962 break;
963 case 4: /* jump */
964 t0off = t0_parse7E_signed(&ip);
965 ip += t0off;
966 break;
967 case 5: /* jump if */
968 t0off = t0_parse7E_signed(&ip);
969 if (T0_POP()) {
970 ip += t0off;
971 }
972 break;
973 case 6: /* jump if not */
974 t0off = t0_parse7E_signed(&ip);
975 if (!T0_POP()) {
976 ip += t0off;
977 }
978 break;
979 case 7: {
980 /* %25 */
981
982 int32_t b = T0_POPi();
983 int32_t a = T0_POPi();
984 T0_PUSHi(a % b);
985
986 }
987 break;
988 case 8: {
989 /* * */
990
991 uint32_t b = T0_POP();
992 uint32_t a = T0_POP();
993 T0_PUSH(a * b);
994
995 }
996 break;
997 case 9: {
998 /* + */
999
1000 uint32_t b = T0_POP();
1001 uint32_t a = T0_POP();
1002 T0_PUSH(a + b);
1003
1004 }
1005 break;
1006 case 10: {
1007 /* - */
1008
1009 uint32_t b = T0_POP();
1010 uint32_t a = T0_POP();
1011 T0_PUSH(a - b);
1012
1013 }
1014 break;
1015 case 11: {
1016 /* -rot */
1017 T0_NROT();
1018 }
1019 break;
1020 case 12: {
1021 /* / */
1022
1023 int32_t b = T0_POPi();
1024 int32_t a = T0_POPi();
1025 T0_PUSHi(a / b);
1026
1027 }
1028 break;
1029 case 13: {
1030 /* < */
1031
1032 int32_t b = T0_POPi();
1033 int32_t a = T0_POPi();
1034 T0_PUSH(-(uint32_t)(a < b));
1035
1036 }
1037 break;
1038 case 14: {
1039 /* << */
1040
1041 int c = (int)T0_POPi();
1042 uint32_t x = T0_POP();
1043 T0_PUSH(x << c);
1044
1045 }
1046 break;
1047 case 15: {
1048 /* <= */
1049
1050 int32_t b = T0_POPi();
1051 int32_t a = T0_POPi();
1052 T0_PUSH(-(uint32_t)(a <= b));
1053
1054 }
1055 break;
1056 case 16: {
1057 /* <> */
1058
1059 uint32_t b = T0_POP();
1060 uint32_t a = T0_POP();
1061 T0_PUSH(-(uint32_t)(a != b));
1062
1063 }
1064 break;
1065 case 17: {
1066 /* = */
1067
1068 uint32_t b = T0_POP();
1069 uint32_t a = T0_POP();
1070 T0_PUSH(-(uint32_t)(a == b));
1071
1072 }
1073 break;
1074 case 18: {
1075 /* > */
1076
1077 int32_t b = T0_POPi();
1078 int32_t a = T0_POPi();
1079 T0_PUSH(-(uint32_t)(a > b));
1080
1081 }
1082 break;
1083 case 19: {
1084 /* >= */
1085
1086 int32_t b = T0_POPi();
1087 int32_t a = T0_POPi();
1088 T0_PUSH(-(uint32_t)(a >= b));
1089
1090 }
1091 break;
1092 case 20: {
1093 /* >> */
1094
1095 int c = (int)T0_POPi();
1096 int32_t x = T0_POPi();
1097 T0_PUSHi(x >> c);
1098
1099 }
1100 break;
1101 case 21: {
1102 /* and */
1103
1104 uint32_t b = T0_POP();
1105 uint32_t a = T0_POP();
1106 T0_PUSH(a & b);
1107
1108 }
1109 break;
1110 case 22: {
1111 /* blobcopy */
1112
1113 size_t len = T0_POP();
1114 unsigned char *src = (unsigned char *)CTX + T0_POP();
1115 unsigned char *dst = (unsigned char *)CTX + T0_POP();
1116 memcpy(dst, src, len);
1117
1118 }
1119 break;
1120 case 23: {
1121 /* check-direct-trust */
1122
1123 size_t u;
1124
1125 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1126 const br_x509_trust_anchor *ta;
1127 unsigned char hashed_DN[64];
1128 int kt;
1129
1130 ta = &CTX->trust_anchors[u];
1131 if (ta->flags & BR_X509_TA_CA) {
1132 continue;
1133 }
1134 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1135 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) {
1136 continue;
1137 }
1138 kt = CTX->pkey.key_type;
1139 if ((ta->pkey.key_type & 0x0F) != kt) {
1140 continue;
1141 }
1142 switch (kt) {
1143
1144 case BR_KEYTYPE_RSA:
1145 if (!eqbigint(CTX->pkey.key.rsa.n,
1146 CTX->pkey.key.rsa.nlen,
1147 ta->pkey.key.rsa.n,
1148 ta->pkey.key.rsa.nlen)
1149 || !eqbigint(CTX->pkey.key.rsa.e,
1150 CTX->pkey.key.rsa.elen,
1151 ta->pkey.key.rsa.e,
1152 ta->pkey.key.rsa.elen))
1153 {
1154 continue;
1155 }
1156 break;
1157
1158 case BR_KEYTYPE_EC:
1159 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve
1160 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen
1161 || memcmp(CTX->pkey.key.ec.q,
1162 ta->pkey.key.ec.q,
1163 ta->pkey.key.ec.qlen) != 0)
1164 {
1165 continue;
1166 }
1167 break;
1168
1169 default:
1170 continue;
1171 }
1172
1173 /*
1174 * Direct trust match!
1175 */
1176 CTX->err = BR_ERR_X509_OK;
1177 T0_CO();
1178 }
1179
1180 }
1181 break;
1182 case 24: {
1183 /* check-trust-anchor-CA */
1184
1185 size_t u;
1186
1187 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1188 const br_x509_trust_anchor *ta;
1189 unsigned char hashed_DN[64];
1190
1191 ta = &CTX->trust_anchors[u];
1192 if (!(ta->flags & BR_X509_TA_CA)) {
1193 continue;
1194 }
1195 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1196 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) {
1197 continue;
1198 }
1199 if (verify_signature(CTX, &ta->pkey) == 0) {
1200 CTX->err = BR_ERR_X509_OK;
1201 T0_CO();
1202 }
1203 }
1204
1205 }
1206 break;
1207 case 25: {
1208 /* co */
1209 T0_CO();
1210 }
1211 break;
1212 case 26: {
1213 /* compute-dn-hash */
1214
1215 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash);
1216 CTX->do_dn_hash = 0;
1217
1218 }
1219 break;
1220 case 27: {
1221 /* compute-tbs-hash */
1222
1223 int id = T0_POPi();
1224 size_t len;
1225 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash);
1226 T0_PUSH(len);
1227
1228 }
1229 break;
1230 case 28: {
1231 /* copy-ee-ec-pkey */
1232
1233 size_t qlen = T0_POP();
1234 uint32_t curve = T0_POP();
1235 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen);
1236 CTX->pkey.key_type = BR_KEYTYPE_EC;
1237 CTX->pkey.key.ec.curve = curve;
1238 CTX->pkey.key.ec.q = CTX->ee_pkey_data;
1239 CTX->pkey.key.ec.qlen = qlen;
1240
1241 }
1242 break;
1243 case 29: {
1244 /* copy-ee-rsa-pkey */
1245
1246 size_t elen = T0_POP();
1247 size_t nlen = T0_POP();
1248 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen);
1249 CTX->pkey.key_type = BR_KEYTYPE_RSA;
1250 CTX->pkey.key.rsa.n = CTX->ee_pkey_data;
1251 CTX->pkey.key.rsa.nlen = nlen;
1252 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen;
1253 CTX->pkey.key.rsa.elen = elen;
1254
1255 }
1256 break;
1257 case 30: {
1258 /* copy-name-SAN */
1259
1260 unsigned tag = T0_POP();
1261 unsigned ok = T0_POP();
1262 size_t u, len;
1263
1264 len = CTX->pad[0];
1265 for (u = 0; u < CTX->num_name_elts; u ++) {
1266 br_name_element *ne;
1267
1268 ne = &CTX->name_elts[u];
1269 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) {
1270 if (ok && ne->len > len) {
1271 memcpy(ne->buf, CTX->pad + 1, len);
1272 ne->buf[len] = 0;
1273 ne->status = 1;
1274 } else {
1275 ne->status = -1;
1276 }
1277 break;
1278 }
1279 }
1280
1281 }
1282 break;
1283 case 31: {
1284 /* copy-name-element */
1285
1286 size_t len;
1287 int32_t off = T0_POPi();
1288 int ok = T0_POPi();
1289
1290 if (off >= 0) {
1291 br_name_element *ne = &CTX->name_elts[off];
1292
1293 if (ok) {
1294 len = CTX->pad[0];
1295 if (len < ne->len) {
1296 memcpy(ne->buf, CTX->pad + 1, len);
1297 ne->buf[len] = 0;
1298 ne->status = 1;
1299 } else {
1300 ne->status = -1;
1301 }
1302 } else {
1303 ne->status = -1;
1304 }
1305 }
1306
1307 }
1308 break;
1309 case 32: {
1310 /* data-get8 */
1311
1312 size_t addr = T0_POP();
1313 T0_PUSH(t0_datablock[addr]);
1314
1315 }
1316 break;
1317 case 33: {
1318 /* dn-hash-length */
1319
1320 T0_PUSH(DNHASH_LEN);
1321
1322 }
1323 break;
1324 case 34: {
1325 /* do-ecdsa-vrfy */
1326
1327 size_t qlen = T0_POP();
1328 int curve = T0_POP();
1329 br_x509_pkey pk;
1330
1331 pk.key_type = BR_KEYTYPE_EC;
1332 pk.key.ec.curve = curve;
1333 pk.key.ec.q = CTX->pkey_data;
1334 pk.key.ec.qlen = qlen;
1335 T0_PUSH(verify_signature(CTX, &pk));
1336
1337 }
1338 break;
1339 case 35: {
1340 /* do-rsa-vrfy */
1341
1342 size_t elen = T0_POP();
1343 size_t nlen = T0_POP();
1344 br_x509_pkey pk;
1345
1346 pk.key_type = BR_KEYTYPE_RSA;
1347 pk.key.rsa.n = CTX->pkey_data;
1348 pk.key.rsa.nlen = nlen;
1349 pk.key.rsa.e = CTX->pkey_data + nlen;
1350 pk.key.rsa.elen = elen;
1351 T0_PUSH(verify_signature(CTX, &pk));
1352
1353 }
1354 break;
1355 case 36: {
1356 /* drop */
1357 (void)T0_POP();
1358 }
1359 break;
1360 case 37: {
1361 /* dup */
1362 T0_PUSH(T0_PEEK(0));
1363 }
1364 break;
1365 case 38: {
1366 /* eqOID */
1367
1368 const unsigned char *a2 = &t0_datablock[T0_POP()];
1369 const unsigned char *a1 = &CTX->pad[0];
1370 size_t len = a1[0];
1371 int x;
1372 if (len == a2[0]) {
1373 x = -(memcmp(a1 + 1, a2 + 1, len) == 0);
1374 } else {
1375 x = 0;
1376 }
1377 T0_PUSH((uint32_t)x);
1378
1379 }
1380 break;
1381 case 39: {
1382 /* eqblob */
1383
1384 size_t len = T0_POP();
1385 const unsigned char *a2 = (const unsigned char *)CTX + T0_POP();
1386 const unsigned char *a1 = (const unsigned char *)CTX + T0_POP();
1387 T0_PUSHi(-(memcmp(a1, a2, len) == 0));
1388
1389 }
1390 break;
1391 case 40: {
1392 /* fail */
1393
1394 CTX->err = T0_POPi();
1395 T0_CO();
1396
1397 }
1398 break;
1399 case 41: {
1400 /* get-system-date */
1401
1402 if (CTX->days == 0 && CTX->seconds == 0) {
1403 #if BR_USE_UNIX_TIME
1404 time_t x = time(NULL);
1405
1406 T0_PUSH((uint32_t)(x / 86400) + 719528);
1407 T0_PUSH((uint32_t)(x % 86400));
1408 #elif BR_USE_WIN32_TIME
1409 FILETIME ft;
1410 uint64_t x;
1411
1412 GetSystemTimeAsFileTime(&ft);
1413 x = ((uint64_t)ft.dwHighDateTime << 32)
1414 + (uint64_t)ft.dwLowDateTime;
1415 x = (x / 10000000);
1416 T0_PUSH((uint32_t)(x / 86400) + 584754);
1417 T0_PUSH((uint32_t)(x % 86400));
1418 #else
1419 CTX->err = BR_ERR_X509_TIME_UNKNOWN;
1420 T0_CO();
1421 #endif
1422 } else {
1423 T0_PUSH(CTX->days);
1424 T0_PUSH(CTX->seconds);
1425 }
1426
1427 }
1428 break;
1429 case 42: {
1430 /* get16 */
1431
1432 uint32_t addr = T0_POP();
1433 T0_PUSH(*(uint16_t *)(void *)((unsigned char *)CTX + addr));
1434
1435 }
1436 break;
1437 case 43: {
1438 /* get32 */
1439
1440 uint32_t addr = T0_POP();
1441 T0_PUSH(*(uint32_t *)(void *)((unsigned char *)CTX + addr));
1442
1443 }
1444 break;
1445 case 44: {
1446 /* match-server-name */
1447
1448 size_t n1, n2;
1449
1450 if (CTX->server_name == NULL) {
1451 T0_PUSH(0);
1452 T0_RET();
1453 }
1454 n1 = strlen(CTX->server_name);
1455 n2 = CTX->pad[0];
1456 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) {
1457 T0_PUSHi(-1);
1458 T0_RET();
1459 }
1460 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') {
1461 size_t u;
1462
1463 u = 0;
1464 while (u < n1 && CTX->server_name[u] != '.') {
1465 u ++;
1466 }
1467 u ++;
1468 n1 -= u;
1469 if ((n2 - 2) == n1
1470 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1))
1471 {
1472 T0_PUSHi(-1);
1473 T0_RET();
1474 }
1475 }
1476 T0_PUSH(0);
1477
1478 }
1479 break;
1480 case 45: {
1481 /* neg */
1482
1483 uint32_t a = T0_POP();
1484 T0_PUSH(-a);
1485
1486 }
1487 break;
1488 case 46: {
1489 /* offset-name-element */
1490
1491 unsigned san = T0_POP();
1492 size_t u;
1493
1494 for (u = 0; u < CTX->num_name_elts; u ++) {
1495 if (CTX->name_elts[u].status == 0) {
1496 const unsigned char *oid;
1497 size_t len, off;
1498
1499 oid = CTX->name_elts[u].oid;
1500 if (san) {
1501 if (oid[0] != 0 || oid[1] != 0) {
1502 continue;
1503 }
1504 off = 2;
1505 } else {
1506 off = 0;
1507 }
1508 len = oid[off];
1509 if (len != 0 && len == CTX->pad[0]
1510 && memcmp(oid + off + 1,
1511 CTX->pad + 1, len) == 0)
1512 {
1513 T0_PUSH(u);
1514 T0_RET();
1515 }
1516 }
1517 }
1518 T0_PUSHi(-1);
1519
1520 }
1521 break;
1522 case 47: {
1523 /* or */
1524
1525 uint32_t b = T0_POP();
1526 uint32_t a = T0_POP();
1527 T0_PUSH(a | b);
1528
1529 }
1530 break;
1531 case 48: {
1532 /* over */
1533 T0_PUSH(T0_PEEK(1));
1534 }
1535 break;
1536 case 49: {
1537 /* read-blob-inner */
1538
1539 uint32_t len = T0_POP();
1540 uint32_t addr = T0_POP();
1541 size_t clen = CTX->hlen;
1542 if (clen > len) {
1543 clen = (size_t)len;
1544 }
1545 if (addr != 0) {
1546 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen);
1547 }
1548 if (CTX->do_mhash) {
1549 br_multihash_update(&CTX->mhash, CTX->hbuf, clen);
1550 }
1551 if (CTX->do_dn_hash) {
1552 CTX->dn_hash_impl->update(
1553 &CTX->dn_hash.vtable, CTX->hbuf, clen);
1554 }
1555 CTX->hbuf += clen;
1556 CTX->hlen -= clen;
1557 T0_PUSH(addr + clen);
1558 T0_PUSH(len - clen);
1559
1560 }
1561 break;
1562 case 50: {
1563 /* read8-low */
1564
1565 if (CTX->hlen == 0) {
1566 T0_PUSHi(-1);
1567 } else {
1568 unsigned char x = *CTX->hbuf ++;
1569 if (CTX->do_mhash) {
1570 br_multihash_update(&CTX->mhash, &x, 1);
1571 }
1572 if (CTX->do_dn_hash) {
1573 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1);
1574 }
1575 CTX->hlen --;
1576 T0_PUSH(x);
1577 }
1578
1579 }
1580 break;
1581 case 51: {
1582 /* roll */
1583 T0_ROLL(T0_POP());
1584 }
1585 break;
1586 case 52: {
1587 /* rot */
1588 T0_ROT();
1589 }
1590 break;
1591 case 53: {
1592 /* set16 */
1593
1594 uint32_t addr = T0_POP();
1595 *(uint16_t *)(void *)((unsigned char *)CTX + addr) = T0_POP();
1596
1597 }
1598 break;
1599 case 54: {
1600 /* set32 */
1601
1602 uint32_t addr = T0_POP();
1603 *(uint32_t *)(void *)((unsigned char *)CTX + addr) = T0_POP();
1604
1605 }
1606 break;
1607 case 55: {
1608 /* set8 */
1609
1610 uint32_t addr = T0_POP();
1611 *((unsigned char *)CTX + addr) = (unsigned char)T0_POP();
1612
1613 }
1614 break;
1615 case 56: {
1616 /* start-dn-hash */
1617
1618 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable);
1619 CTX->do_dn_hash = 1;
1620
1621 }
1622 break;
1623 case 57: {
1624 /* start-tbs-hash */
1625
1626 br_multihash_init(&CTX->mhash);
1627 CTX->do_mhash = 1;
1628
1629 }
1630 break;
1631 case 58: {
1632 /* stop-tbs-hash */
1633
1634 CTX->do_mhash = 0;
1635
1636 }
1637 break;
1638 case 59: {
1639 /* swap */
1640 T0_SWAP();
1641 }
1642 break;
1643 case 60: {
1644 /* zero-server-name */
1645
1646 T0_PUSHi(-(CTX->server_name == NULL));
1647
1648 }
1649 break;
1650 }
1651
1652 } else {
1653 T0_ENTER(ip, rp, t0x);
1654 }
1655 }
1656 t0_exit:
1657 ((t0_context *)t0ctx)->dp = dp;
1658 ((t0_context *)t0ctx)->rp = rp;
1659 ((t0_context *)t0ctx)->ip = ip;
1660 }
1661
1662
1663
1664 /*
1665 * Verify the signature on the certificate with the provided public key.
1666 * This function checks the public key type with regards to the expected
1667 * type. Returned value is either 0 on success, or a non-zero error code.
1668 */
1669 static int
1670 verify_signature(br_x509_minimal_context *ctx, const br_x509_pkey *pk)
1671 {
1672 int kt;
1673
1674 kt = ctx->cert_signer_key_type;
1675 if ((pk->key_type & 0x0F) != kt) {
1676 return BR_ERR_X509_WRONG_KEY_TYPE;
1677 }
1678 switch (kt) {
1679 unsigned char tmp[64];
1680
1681 case BR_KEYTYPE_RSA:
1682 if (ctx->irsa == 0) {
1683 return BR_ERR_X509_UNSUPPORTED;
1684 }
1685 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len,
1686 &t0_datablock[ctx->cert_sig_hash_oid],
1687 ctx->cert_sig_hash_len, &pk->key.rsa, tmp))
1688 {
1689 return BR_ERR_X509_BAD_SIGNATURE;
1690 }
1691 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) {
1692 return BR_ERR_X509_BAD_SIGNATURE;
1693 }
1694 return 0;
1695
1696 case BR_KEYTYPE_EC:
1697 if (ctx->iecdsa == 0) {
1698 return BR_ERR_X509_UNSUPPORTED;
1699 }
1700 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash,
1701 ctx->cert_sig_hash_len, &pk->key.ec,
1702 ctx->cert_sig, ctx->cert_sig_len))
1703 {
1704 return BR_ERR_X509_BAD_SIGNATURE;
1705 }
1706 return 0;
1707
1708 default:
1709 return BR_ERR_X509_UNSUPPORTED;
1710 }
1711 }
1712
1713
The BearSSL library and tools.