1 /* Automatically generated code; do not modify directly. */
9 const unsigned char *ip
;
13 t0_parse7E_unsigned(const unsigned char **p
)
22 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
30 t0_parse7E_signed(const unsigned char **p
)
35 neg
= ((**p
) >> 6) & 1;
41 x
= (x
<< 7) | (uint32_t)(y
& 0x7F);
44 return -(int32_t)~x
- 1;
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
61 static const uint8_t t0_datablock
[];
64 void br_x509_minimal_init_main(void *t0ctx
);
66 void br_x509_minimal_run(void *t0ctx
);
79 * Implementation Notes
80 * --------------------
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
89 * The T0 code sets cert_length to 0 when the certificate is fully
92 * The C code must still perform two checks:
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
102 * Processing of a chain works in the following way:
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
113 * -- Start of the TBS: the multihash engine is reset and activated.
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
157 * -- Extensions: extension values are processed in due order.
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
181 * -- End of the TBS: the multihash engine is stopped.
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
190 * -- Signature value: the signature value is copied into the
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
203 #ifndef BR_USE_UNIX_TIME
204 #if defined __unix__ || defined __linux__ \
205 || defined _POSIX_SOURCE || defined _POSIX_C_SOURCE \
206 || (defined __APPLE__ && defined __MACH__)
207 #define BR_USE_UNIX_TIME 1
211 #ifndef BR_USE_WIN32_TIME
212 #if defined _WIN32 || defined _WIN64
213 #define BR_USE_WIN32_TIME 1
221 #if BR_USE_WIN32_TIME
225 void br_x509_minimal_init_main(void *ctx
);
226 void br_x509_minimal_run(void *ctx
);
228 /* see bearssl_x509.h */
230 br_x509_minimal_init(br_x509_minimal_context
*ctx
,
231 const br_hash_class
*dn_hash_impl
,
232 const br_x509_trust_anchor
*trust_anchors
, size_t trust_anchors_num
)
234 memset(ctx
, 0, sizeof *ctx
);
235 ctx
->vtable
= &br_x509_minimal_vtable
;
236 ctx
->dn_hash_impl
= dn_hash_impl
;
237 ctx
->trust_anchors
= trust_anchors
;
238 ctx
->trust_anchors_num
= trust_anchors_num
;
242 xm_start_chain(const br_x509_class
**ctx
, const char *server_name
)
244 br_x509_minimal_context
*cc
;
247 cc
= (br_x509_minimal_context
*)ctx
;
248 for (u
= 0; u
< cc
->num_name_elts
; u
++) {
249 cc
->name_elts
[u
].status
= 0;
250 cc
->name_elts
[u
].buf
[0] = 0;
252 memset(&cc
->pkey
, 0, sizeof cc
->pkey
);
255 cc
->cpu
.dp
= cc
->dp_stack
;
256 cc
->cpu
.rp
= cc
->rp_stack
;
257 br_x509_minimal_init_main(&cc
->cpu
);
258 if (server_name
== NULL
|| *server_name
== 0) {
259 cc
->server_name
= NULL
;
261 cc
->server_name
= server_name
;
266 xm_start_cert(const br_x509_class
**ctx
, uint32_t length
)
268 br_x509_minimal_context
*cc
;
270 cc
= (br_x509_minimal_context
*)ctx
;
275 cc
->err
= BR_ERR_X509_TRUNCATED
;
278 cc
->cert_length
= length
;
282 xm_append(const br_x509_class
**ctx
, const unsigned char *buf
, size_t len
)
284 br_x509_minimal_context
*cc
;
286 cc
= (br_x509_minimal_context
*)ctx
;
292 br_x509_minimal_run(&cc
->cpu
);
296 xm_end_cert(const br_x509_class
**ctx
)
298 br_x509_minimal_context
*cc
;
300 cc
= (br_x509_minimal_context
*)ctx
;
301 if (cc
->err
== 0 && cc
->cert_length
!= 0) {
302 cc
->err
= BR_ERR_X509_TRUNCATED
;
308 xm_end_chain(const br_x509_class
**ctx
)
310 br_x509_minimal_context
*cc
;
312 cc
= (br_x509_minimal_context
*)ctx
;
314 if (cc
->num_certs
== 0) {
315 cc
->err
= BR_ERR_X509_EMPTY_CHAIN
;
317 cc
->err
= BR_ERR_X509_NOT_TRUSTED
;
319 } else if (cc
->err
== BR_ERR_X509_OK
) {
322 return (unsigned)cc
->err
;
325 static const br_x509_pkey
*
326 xm_get_pkey(const br_x509_class
*const *ctx
, unsigned *usages
)
328 br_x509_minimal_context
*cc
;
330 cc
= (br_x509_minimal_context
*)ctx
;
331 if (cc
->err
== BR_ERR_X509_OK
332 || cc
->err
== BR_ERR_X509_NOT_TRUSTED
)
334 if (usages
!= NULL
) {
335 *usages
= cc
->key_usages
;
337 return &((br_x509_minimal_context
*)ctx
)->pkey
;
343 /* see bearssl_x509.h */
344 const br_x509_class br_x509_minimal_vtable
= {
345 sizeof(br_x509_minimal_context
),
354 #define CTX ((br_x509_minimal_context *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
355 #define CONTEXT_NAME br_x509_minimal_context
357 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
360 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
361 * DN hash implementation and context structure from the X.509 engine
365 hash_dn(br_x509_minimal_context
*ctx
, const void *dn
, size_t len
,
368 ctx
->dn_hash_impl
->init(&ctx
->dn_hash
.vtable
);
369 ctx
->dn_hash_impl
->update(&ctx
->dn_hash
.vtable
, dn
, len
);
370 ctx
->dn_hash_impl
->out(&ctx
->dn_hash
.vtable
, out
);
374 * Compare two big integers for equality. The integers use unsigned big-endian
375 * encoding; extra leading bytes (of value 0) are allowed.
378 eqbigint(const unsigned char *b1
, size_t len1
,
379 const unsigned char *b2
, size_t len2
)
381 while (len1
> 0 && *b1
== 0) {
385 while (len2
> 0 && *b2
== 0) {
392 return memcmp(b1
, b2
, len1
) == 0;
396 * Verify the signature on the certificate with the provided public key.
397 * This function checks the public key type with regards to the expected
398 * type. Returned value is either 0 on success, or a non-zero error code.
401 verify_signature(br_x509_minimal_context
*ctx
, const br_x509_pkey
*pk
)
405 kt
= ctx
->cert_signer_key_type
;
406 if ((pk
->key_type
& 0x0F) != kt
) {
407 return BR_ERR_X509_WRONG_KEY_TYPE
;
410 unsigned char tmp
[64];
413 if (ctx
->irsa
== 0) {
414 return BR_ERR_X509_UNSUPPORTED
;
416 if (!ctx
->irsa(ctx
->cert_sig
, ctx
->cert_sig_len
,
417 &t0_datablock
[ctx
->cert_sig_hash_oid
],
418 ctx
->cert_sig_hash_len
, &pk
->key
.rsa
, tmp
))
420 return BR_ERR_X509_BAD_SIGNATURE
;
422 if (memcmp(ctx
->tbs_hash
, tmp
, ctx
->cert_sig_hash_len
) != 0) {
423 return BR_ERR_X509_BAD_SIGNATURE
;
428 if (ctx
->iecdsa
== 0) {
429 return BR_ERR_X509_UNSUPPORTED
;
431 if (!ctx
->iecdsa(ctx
->iec
, ctx
->tbs_hash
,
432 ctx
->cert_sig_hash_len
, &pk
->key
.ec
,
433 ctx
->cert_sig
, ctx
->cert_sig_len
))
435 return BR_ERR_X509_BAD_SIGNATURE
;
440 return BR_ERR_X509_UNSUPPORTED
;
445 * Compare two strings for equality, in a case-insensitive way. This
446 * function handles casing only for ASCII letters.
449 eqnocase(const void *s1
, const void *s2
, size_t len
)
451 const unsigned char *buf1
, *buf2
;
460 if (x1
>= 'A' && x1
<= 'Z') {
463 if (x2
>= 'A' && x2
<= 'Z') {
475 static const uint8_t t0_datablock
[] = {
476 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
477 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
478 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
479 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
480 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
481 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
482 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
483 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
484 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
485 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
486 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
487 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
488 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
489 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
490 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
491 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
492 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
493 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
494 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
495 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
496 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D, 0x0E,
497 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D, 0x1F,
498 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
499 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
502 static const uint8_t t0_codeblock
[] = {
503 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
504 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
505 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
506 T0_INT1(BR_ERR_X509_BAD_BOOLEAN
), 0x00, 0x00, 0x01,
507 T0_INT1(BR_ERR_X509_BAD_DN
), 0x00, 0x00, 0x01,
508 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME
), 0x00, 0x00, 0x01,
509 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS
), 0x00, 0x00, 0x01,
510 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE
), 0x00, 0x00, 0x01,
511 T0_INT1(BR_ERR_X509_BAD_TIME
), 0x00, 0x00, 0x01,
512 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION
), 0x00, 0x00, 0x01,
513 T0_INT1(BR_ERR_X509_DN_MISMATCH
), 0x00, 0x00, 0x01,
514 T0_INT1(BR_ERR_X509_EXPIRED
), 0x00, 0x00, 0x01,
515 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT
), 0x00, 0x00, 0x01,
516 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE
), 0x00, 0x00, 0x01,
517 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH
), 0x00, 0x00, 0x01,
518 T0_INT1(BR_ERR_X509_INNER_TRUNC
), 0x00, 0x00, 0x01,
519 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED
), 0x00, 0x00, 0x01,
520 T0_INT1(BR_ERR_X509_NOT_CA
), 0x00, 0x00, 0x01,
521 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED
), 0x00, 0x00, 0x01,
522 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE
), 0x00, 0x00, 0x01,
523 T0_INT1(BR_ERR_X509_OVERFLOW
), 0x00, 0x00, 0x01,
524 T0_INT1(BR_ERR_X509_PARTIAL_BYTE
), 0x00, 0x00, 0x01,
525 T0_INT1(BR_ERR_X509_UNEXPECTED
), 0x00, 0x00, 0x01,
526 T0_INT1(BR_ERR_X509_UNSUPPORTED
), 0x00, 0x00, 0x01,
527 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY
), 0x00, 0x00, 0x01,
528 T0_INT1(BR_KEYTYPE_EC
), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA
),
529 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_length
)), 0x00,
530 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig
)), 0x00, 0x00,
531 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_len
)), 0x00, 0x00,
532 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_hash_oid
)), 0x00, 0x00,
533 0x01, T0_INT2(offsetof(CONTEXT_NAME
, cert_sig_len
)), 0x00, 0x00, 0x01,
534 T0_INT2(offsetof(CONTEXT_NAME
, cert_signer_key_type
)), 0x00, 0x00,
535 0x01, T0_INT2(offsetof(CONTEXT_NAME
, current_dn_hash
)), 0x00, 0x00,
536 0x01, T0_INT2(offsetof(CONTEXT_NAME
, key_usages
)), 0x00, 0x00, 0x01,
537 T0_INT2(offsetof(br_x509_minimal_context
, pkey_data
)), 0x01,
538 T0_INT2(BR_X509_BUFSIZE_KEY
), 0x00, 0x00, 0x01,
539 T0_INT2(offsetof(CONTEXT_NAME
, min_rsa_size
)), 0x00, 0x00, 0x01,
540 T0_INT2(offsetof(CONTEXT_NAME
, next_dn_hash
)), 0x00, 0x00, 0x01,
541 T0_INT2(offsetof(CONTEXT_NAME
, num_certs
)), 0x00, 0x00, 0x01,
542 T0_INT2(offsetof(CONTEXT_NAME
, pad
)), 0x00, 0x00, 0x01,
543 T0_INT2(offsetof(CONTEXT_NAME
, saved_dn_hash
)), 0x00, 0x00, 0xC6, 0x71,
544 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
545 0x01, 0x81, 0x02, 0x00, 0x00, 0x90, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
546 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
547 0x00, 0x00, 0x01, 0x82, 0x0C, 0x00, 0x00, 0x01, 0x81, 0x74, 0x00, 0x00,
548 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
549 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
550 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
551 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
552 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00, 0x06, 0x02, 0x53, 0x28, 0x00,
553 0x00, 0x01, 0x10, 0x76, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28, 0x73,
554 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x06, 0x02,
555 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x04, 0x00, 0x00, 0x25, 0x20, 0x01,
556 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00, 0x09, 0x03, 0x00, 0x5B, 0x2B,
557 0xAC, 0x39, 0xAC, 0xB0, 0x25, 0x01, 0x20, 0x11, 0x06, 0x11, 0x24, 0x73,
558 0xAA, 0xB0, 0x01, 0x02, 0x77, 0xAD, 0x01, 0x02, 0x12, 0x06, 0x02, 0x57,
559 0x28, 0x78, 0xB0, 0x01, 0x02, 0x77, 0xAB, 0xAC, 0xBF, 0x99, 0x65, 0x61,
560 0x21, 0x16, 0xAC, 0xA4, 0x29, 0x69, 0x06, 0x02, 0x4B, 0x28, 0xA4, 0x29,
561 0x71, 0x06, 0x02, 0x4B, 0x28, 0x78, 0x02, 0x00, 0x06, 0x05, 0x9A, 0x03,
562 0x01, 0x04, 0x09, 0x99, 0x61, 0x68, 0x21, 0x27, 0x05, 0x02, 0x4A, 0x28,
563 0x68, 0x65, 0x21, 0x16, 0xAC, 0xAC, 0x9B, 0x05, 0x02, 0x57, 0x28, 0xB9,
564 0x26, 0x06, 0x27, 0xBF, 0xA1, 0xAC, 0x63, 0xA7, 0x03, 0x03, 0x63, 0x3B,
565 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A, 0xA7, 0x03, 0x04, 0x78, 0x64,
566 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03, 0x12, 0x06, 0x02, 0x58, 0x28,
567 0x78, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x87, 0x26, 0x06, 0x34, 0x9B, 0x05,
568 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04, 0x01, 0x17, 0x04, 0x12, 0x6B,
569 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A, 0x6C, 0x26, 0x06, 0x04, 0x01,
570 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05, 0x78, 0xA1, 0x25, 0x03, 0x06,
571 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50, 0x28, 0xA2, 0x59, 0x03, 0x02,
572 0x04, 0x02, 0x57, 0x28, 0x78, 0x02, 0x00, 0x06, 0x21, 0x02, 0x02, 0x5A,
573 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x1D, 0x04, 0x10,
574 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06, 0x1C, 0x04,
575 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06,
576 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23, 0x04, 0x10, 0x59, 0x30, 0x11,
577 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06, 0x22, 0x04, 0x03, 0x57, 0x28,
578 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01, 0x00, 0x03, 0x07, 0xB1, 0x01,
579 0x21, 0x8D, 0x01, 0x22, 0x8D, 0x25, 0x01, 0x23, 0x11, 0x06, 0x81, 0x17,
580 0x24, 0x73, 0xAA, 0xAC, 0x25, 0x06, 0x81, 0x0B, 0x01, 0x00, 0x03, 0x08,
581 0xAC, 0x9B, 0x24, 0xB0, 0x25, 0x01, 0x01, 0x11, 0x06, 0x04, 0xA3, 0x03,
582 0x08, 0xB0, 0x01, 0x04, 0x77, 0xAA, 0x70, 0x26, 0x06, 0x0F, 0x02, 0x00,
583 0x06, 0x03, 0xC0, 0x04, 0x05, 0x97, 0x01, 0x7F, 0x03, 0x07, 0x04, 0x80,
584 0x5D, 0x8F, 0x26, 0x06, 0x06, 0x02, 0x00, 0x98, 0x04, 0x80, 0x53, 0xC2,
585 0x26, 0x06, 0x10, 0x02, 0x00, 0x06, 0x09, 0x01, 0x00, 0x03, 0x01, 0x96,
586 0x03, 0x01, 0x04, 0x01, 0xC0, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC0,
587 0x04, 0x38, 0xC5, 0x26, 0x06, 0x03, 0xC0, 0x04, 0x31, 0x8E, 0x26, 0x06,
588 0x03, 0xC0, 0x04, 0x2A, 0xC3, 0x26, 0x06, 0x03, 0xC0, 0x04, 0x23, 0x79,
589 0x26, 0x06, 0x03, 0xC0, 0x04, 0x1C, 0x84, 0x26, 0x06, 0x03, 0xC0, 0x04,
590 0x15, 0x6E, 0x26, 0x06, 0x03, 0xC0, 0x04, 0x0E, 0xC4, 0x26, 0x06, 0x03,
591 0xC0, 0x04, 0x07, 0x02, 0x08, 0x06, 0x02, 0x49, 0x28, 0xC0, 0x78, 0x78,
592 0x04, 0xFE, 0x71, 0x78, 0x78, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02,
593 0x56, 0x28, 0x24, 0x78, 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C,
594 0x2F, 0x05, 0x02, 0x45, 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00,
595 0x02, 0x07, 0x2F, 0x05, 0x02, 0x51, 0x28, 0xB0, 0x75, 0xAA, 0x9B, 0x06,
596 0x80, 0x77, 0xBA, 0x26, 0x06, 0x07, 0x01, 0x02, 0x5A, 0x88, 0x04, 0x80,
597 0x5E, 0xBB, 0x26, 0x06, 0x07, 0x01, 0x03, 0x5A, 0x89, 0x04, 0x80, 0x53,
598 0xBC, 0x26, 0x06, 0x07, 0x01, 0x04, 0x5A, 0x8A, 0x04, 0x80, 0x48, 0xBD,
599 0x26, 0x06, 0x06, 0x01, 0x05, 0x5A, 0x8B, 0x04, 0x3E, 0xBE, 0x26, 0x06,
600 0x06, 0x01, 0x06, 0x5A, 0x8C, 0x04, 0x34, 0x7E, 0x26, 0x06, 0x06, 0x01,
601 0x02, 0x59, 0x88, 0x04, 0x2A, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59,
602 0x89, 0x04, 0x20, 0x80, 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8A, 0x04,
603 0x16, 0x81, 0x26, 0x06, 0x06, 0x01, 0x05, 0x59, 0x8B, 0x04, 0x0C, 0x82,
604 0x26, 0x06, 0x06, 0x01, 0x06, 0x59, 0x8C, 0x04, 0x02, 0x57, 0x28, 0x5E,
605 0x35, 0x60, 0x37, 0x1B, 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04,
606 0x02, 0x57, 0x28, 0xBF, 0xA1, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG
),
607 0x12, 0x06, 0x02, 0x50, 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA2, 0x78, 0x78,
608 0x01, 0x00, 0x5B, 0x36, 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01,
609 0x00, 0x01, 0x09, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30,
610 0x00, 0x00, 0x01, 0x81, 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00,
611 0x01, 0x81, 0x19, 0x00, 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81,
612 0x2B, 0x00, 0x01, 0x7D, 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F,
613 0x11, 0x15, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25,
614 0xC7, 0x05, 0x04, 0x42, 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D,
615 0x06, 0x04, 0x94, 0x04, 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06,
616 0x0F, 0x01, 0x06, 0x14, 0x01, 0x81, 0x40, 0x2F, 0x94, 0x02, 0x00, 0x01,
617 0x00, 0x95, 0x04, 0x33, 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14,
618 0x01, 0x0C, 0x14, 0x01, 0x81, 0x60, 0x2F, 0x94, 0x02, 0x00, 0x01, 0x06,
619 0x95, 0x02, 0x00, 0x01, 0x00, 0x95, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01,
620 0x81, 0x70, 0x2F, 0x94, 0x02, 0x00, 0x01, 0x0C, 0x95, 0x02, 0x00, 0x01,
621 0x06, 0x95, 0x02, 0x00, 0x01, 0x00, 0x95, 0x00, 0x00, 0x01, 0x82, 0x08,
622 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72,
623 0x00, 0x00, 0x01, 0x81, 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00,
624 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80, 0x4D,
625 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00, 0x00,
626 0x30, 0x11, 0x06, 0x04, 0x42, 0xAA, 0xBF, 0xB1, 0x00, 0x00, 0x01, 0x81,
627 0x7C, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB8,
628 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62, 0x37,
629 0x01, 0x7F, 0x7B, 0x19, 0x01, 0x00, 0x7B, 0x19, 0x04, 0x7A, 0x00, 0x01,
630 0x81, 0x38, 0x00, 0x01, 0x7D, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25, 0x03,
631 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01, 0x82,
632 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67, 0x09,
633 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00, 0x2F,
634 0x94, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAC, 0x25, 0x06, 0x80, 0x59,
635 0xB0, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x73, 0xAA, 0x9B, 0x24,
636 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB0, 0x01, 0x20, 0x76, 0xAA, 0xAF, 0x02,
637 0x01, 0x1F, 0x78, 0x78, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06, 0x08,
638 0x24, 0x74, 0xB3, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30, 0x11,
639 0x06, 0x11, 0x24, 0x74, 0xB3, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00, 0x2F,
640 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11, 0x06,
641 0x08, 0x24, 0x74, 0xB3, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAB, 0x01,
642 0x00, 0x24, 0x04, 0xFF, 0x23, 0x78, 0x02, 0x00, 0x00, 0x00, 0xAC, 0xB1,
643 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA3, 0x05, 0x02, 0x51, 0x28, 0xB1,
644 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24, 0x74,
645 0xAD, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB1, 0x01, 0x7F,
646 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x78, 0x00, 0x02, 0x03, 0x00, 0xB0,
647 0x01, 0x03, 0x77, 0xAA, 0xB7, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12,
648 0x06, 0x02, 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24,
649 0x4D, 0x28, 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xB7,
650 0x02, 0x01, 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xB7, 0x01, 0x00,
651 0x24, 0x02, 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06,
652 0x03, 0x01, 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01,
653 0x20, 0x2F, 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D,
654 0x28, 0xBF, 0x00, 0x00, 0x38, 0xAC, 0xBF, 0x1A, 0x00, 0x03, 0x01, 0x00,
655 0x03, 0x00, 0x38, 0xAC, 0x25, 0x06, 0x30, 0xB0, 0x01, 0x11, 0x76, 0xAA,
656 0x25, 0x05, 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAC, 0x9B, 0x24, 0x86,
657 0x26, 0x03, 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xAF, 0x25, 0x02, 0x01,
658 0x15, 0x06, 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02,
659 0x1F, 0x78, 0x04, 0x5D, 0x78, 0x04, 0x4D, 0x78, 0x1A, 0x02, 0x00, 0x00,
660 0x00, 0xB0, 0x01, 0x06, 0x77, 0xAE, 0x00, 0x00, 0xB5, 0x85, 0x06, 0x0E,
661 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB5, 0x6D,
662 0x04, 0x08, 0x90, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00,
663 0xB6, 0x85, 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01,
664 0x00, 0x00, 0xB6, 0x6D, 0x04, 0x08, 0x90, 0x06, 0x05, 0x24, 0x01, 0x00,
665 0x04, 0x00, 0x00, 0x00, 0xB7, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04,
666 0x00, 0x04, 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24,
667 0x01, 0x00, 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06,
668 0x0E, 0x01, 0x1F, 0x15, 0x01, 0x01, 0xA0, 0x01, 0x81, 0x00, 0x01, 0x8F,
669 0x7F, 0x04, 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F,
670 0x15, 0x01, 0x02, 0xA0, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04,
671 0x1C, 0x25, 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01,
672 0x03, 0xA0, 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04,
673 0x04, 0x24, 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00,
674 0x00, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB7,
675 0x34, 0x25, 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B,
676 0x25, 0x01, 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F,
677 0x00, 0x01, 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0x9F,
678 0x34, 0x41, 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB0, 0x01, 0x03, 0x77,
679 0xAA, 0xB7, 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07,
680 0x31, 0x25, 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01,
681 0x77, 0xA9, 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xB7, 0x3E, 0x00,
682 0x04, 0xB0, 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28,
683 0x01, 0x18, 0x11, 0x03, 0x00, 0x74, 0xAA, 0xA5, 0x02, 0x00, 0x06, 0x0C,
684 0x01, 0x80, 0x64, 0x08, 0x03, 0x01, 0xA5, 0x02, 0x01, 0x09, 0x04, 0x0E,
685 0x25, 0x01, 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E,
686 0x6C, 0x09, 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01,
687 0x01, 0x03, 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63,
688 0x09, 0x01, 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09,
689 0x01, 0x83, 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA6,
690 0x41, 0x01, 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01,
691 0x01, 0x80, 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F,
692 0x2F, 0x15, 0x06, 0x03, 0x01, 0x18, 0x09, 0x92, 0x09, 0x7A, 0x25, 0x01,
693 0x05, 0x14, 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01,
694 0x3B, 0xA6, 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17,
695 0xA6, 0x01, 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA6,
696 0x01, 0x3C, 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C,
697 0xA6, 0x02, 0x02, 0x09, 0x03, 0x02, 0xB7, 0x25, 0x01, 0x2E, 0x11, 0x06,
698 0x0D, 0x24, 0xB7, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24,
699 0x04, 0x74, 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x78, 0x02,
700 0x03, 0x02, 0x02, 0x00, 0x01, 0xB7, 0x7C, 0x01, 0x0A, 0x08, 0x03, 0x00,
701 0xB7, 0x7C, 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA5,
702 0x25, 0x02, 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00,
703 0x34, 0xB0, 0x01, 0x02, 0x77, 0x0B, 0xA8, 0x00, 0x03, 0x25, 0x03, 0x00,
704 0x03, 0x01, 0x03, 0x02, 0xAA, 0xB7, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
705 0x02, 0x54, 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05,
706 0x04, 0x24, 0x01, 0x00, 0x00, 0xB7, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05,
707 0x02, 0x50, 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40,
708 0x03, 0x02, 0x25, 0x06, 0x03, 0xB7, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02,
709 0x01, 0x0A, 0x00, 0x01, 0xB7, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01,
710 0x00, 0x01, 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00,
711 0x01, 0x00, 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41,
712 0x03, 0x00, 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F,
713 0x28, 0x01, 0x08, 0x0E, 0x3B, 0xB7, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00,
714 0xA9, 0x93, 0x00, 0x00, 0xAA, 0xBF, 0x00, 0x00, 0xB0, 0x75, 0xAA, 0x00,
715 0x01, 0xAA, 0x25, 0x05, 0x02, 0x54, 0x28, 0xB7, 0x25, 0x01, 0x81, 0x00,
716 0x13, 0x06, 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xB7, 0x02,
717 0x00, 0x25, 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28,
718 0x01, 0x08, 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00,
719 0x00, 0xAA, 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xBF, 0x01, 0x00,
720 0x67, 0x37, 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA2, 0x01,
721 0x7F, 0x00, 0x00, 0xB0, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74,
722 0xB3, 0x04, 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4,
723 0x04, 0x33, 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4, 0x04,
724 0x28, 0x01, 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4, 0x04, 0x1D,
725 0x01, 0x16, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB4, 0x04, 0x12, 0x01,
726 0x1E, 0x30, 0x11, 0x06, 0x05, 0x24, 0x74, 0xB2, 0x04, 0x07, 0x42, 0xAB,
727 0x01, 0x00, 0x01, 0x00, 0x24, 0x00, 0x01, 0xB7, 0x03, 0x00, 0x02, 0x00,
728 0x01, 0x05, 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14,
729 0x25, 0x01, 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02,
730 0x00, 0x01, 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28,
731 0x09, 0x00, 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB0,
732 0x00, 0x01, 0xAA, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01,
733 0x01, 0x03, 0x00, 0x9C, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16,
734 0x24, 0x25, 0x06, 0x10, 0x9D, 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00,
735 0x00, 0x02, 0x00, 0x83, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05,
736 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 0x83, 0x03, 0x00, 0x25,
737 0x06, 0x0B, 0x9C, 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x04,
738 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
739 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0x9E,
740 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 0x83, 0x03,
741 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
742 0x37, 0x01, 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06,
743 0x10, 0xB7, 0x25, 0x05, 0x05, 0x24, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00,
744 0x83, 0x03, 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00,
745 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x00, 0xB7, 0x01, 0x08, 0x0E, 0x3B,
746 0xB7, 0x34, 0x09, 0x00, 0x00, 0xB7, 0x3B, 0xB7, 0x01, 0x08, 0x0E, 0x34,
747 0x09, 0x00, 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xB8, 0x00, 0x00,
748 0x32, 0x25, 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74,
749 0x00, 0x01, 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00,
750 0x00, 0x01, 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00,
751 0x00, 0xC0, 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC1, 0x25, 0x06, 0x01,
752 0x19, 0x04, 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00,
753 0x00, 0x01, 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x00, 0x00, 0x00, 0x01,
754 0x82, 0x15, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00, 0x00, 0x01, 0x03, 0x33,
755 0x01, 0x03, 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83,
756 0xFD, 0x5F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83,
757 0xB0, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00,
758 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
761 static const uint16_t t0_caddr
[] = {
903 #define T0_INTERPRETED 61
905 #define T0_ENTER(ip, rp, slot) do { \
906 const unsigned char *t0_newip; \
908 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
909 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
911 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
915 #define T0_DEFENTRY(name, slot) \
919 t0_context *t0ctx = ctx; \
920 t0ctx->ip = &t0_codeblock[0]; \
921 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
924 T0_DEFENTRY(br_x509_minimal_init_main
, 145)
926 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
929 br_x509_minimal_run(void *t0ctx
)
932 const unsigned char *ip
;
934 #define T0_LOCAL(x) (*(rp - 2 - (x)))
935 #define T0_POP() (*-- dp)
936 #define T0_POPi() (*(int32_t *)(-- dp))
937 #define T0_PEEK(x) (*(dp - 1 - (x)))
938 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
939 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
940 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
941 #define T0_RPOP() (*-- rp)
942 #define T0_RPOPi() (*(int32_t *)(-- rp))
943 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
944 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
945 #define T0_ROLL(x) do { \
946 size_t t0len = (size_t)(x); \
947 uint32_t t0tmp = *(dp - 1 - t0len); \
948 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
951 #define T0_SWAP() do { \
952 uint32_t t0tmp = *(dp - 2); \
953 *(dp - 2) = *(dp - 1); \
956 #define T0_ROT() do { \
957 uint32_t t0tmp = *(dp - 3); \
958 *(dp - 3) = *(dp - 2); \
959 *(dp - 2) = *(dp - 1); \
962 #define T0_NROT() do { \
963 uint32_t t0tmp = *(dp - 1); \
964 *(dp - 1) = *(dp - 2); \
965 *(dp - 2) = *(dp - 3); \
968 #define T0_PICK(x) do { \
969 uint32_t t0depth = (x); \
970 T0_PUSH(T0_PEEK(t0depth)); \
972 #define T0_CO() do { \
975 #define T0_RET() goto t0_next
977 dp
= ((t0_context
*)t0ctx
)->dp
;
978 rp
= ((t0_context
*)t0ctx
)->rp
;
979 ip
= ((t0_context
*)t0ctx
)->ip
;
986 if (t0x
< T0_INTERPRETED
) {
998 ip
= &t0_codeblock
[t0x
];
1000 case 1: /* literal constant */
1001 T0_PUSHi(t0_parse7E_signed(&ip
));
1003 case 2: /* read local */
1004 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip
)));
1006 case 3: /* write local */
1007 T0_LOCAL(t0_parse7E_unsigned(&ip
)) = T0_POP();
1010 t0off
= t0_parse7E_signed(&ip
);
1013 case 5: /* jump if */
1014 t0off
= t0_parse7E_signed(&ip
);
1019 case 6: /* jump if not */
1020 t0off
= t0_parse7E_signed(&ip
);
1028 int32_t b
= T0_POPi();
1029 int32_t a
= T0_POPi();
1037 uint32_t b
= T0_POP();
1038 uint32_t a
= T0_POP();
1046 uint32_t b
= T0_POP();
1047 uint32_t a
= T0_POP();
1055 uint32_t b
= T0_POP();
1056 uint32_t a
= T0_POP();
1069 int32_t b
= T0_POPi();
1070 int32_t a
= T0_POPi();
1078 int32_t b
= T0_POPi();
1079 int32_t a
= T0_POPi();
1080 T0_PUSH(-(uint32_t)(a
< b
));
1087 int c
= (int)T0_POPi();
1088 uint32_t x
= T0_POP();
1096 int32_t b
= T0_POPi();
1097 int32_t a
= T0_POPi();
1098 T0_PUSH(-(uint32_t)(a
<= b
));
1105 uint32_t b
= T0_POP();
1106 uint32_t a
= T0_POP();
1107 T0_PUSH(-(uint32_t)(a
!= b
));
1114 uint32_t b
= T0_POP();
1115 uint32_t a
= T0_POP();
1116 T0_PUSH(-(uint32_t)(a
== b
));
1123 int32_t b
= T0_POPi();
1124 int32_t a
= T0_POPi();
1125 T0_PUSH(-(uint32_t)(a
> b
));
1132 int32_t b
= T0_POPi();
1133 int32_t a
= T0_POPi();
1134 T0_PUSH(-(uint32_t)(a
>= b
));
1141 int c
= (int)T0_POPi();
1142 int32_t x
= T0_POPi();
1150 uint32_t b
= T0_POP();
1151 uint32_t a
= T0_POP();
1159 size_t len
= T0_POP();
1160 unsigned char *src
= (unsigned char *)CTX
+ T0_POP();
1161 unsigned char *dst
= (unsigned char *)CTX
+ T0_POP();
1162 memcpy(dst
, src
, len
);
1167 /* check-direct-trust */
1171 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1172 const br_x509_trust_anchor
*ta
;
1173 unsigned char hashed_DN
[64];
1176 ta
= &CTX
->trust_anchors
[u
];
1177 if (ta
->flags
& BR_X509_TA_CA
) {
1180 hash_dn(CTX
, ta
->dn
.data
, ta
->dn
.len
, hashed_DN
);
1181 if (memcmp(hashed_DN
, CTX
->current_dn_hash
, DNHASH_LEN
)) {
1184 kt
= CTX
->pkey
.key_type
;
1185 if ((ta
->pkey
.key_type
& 0x0F) != kt
) {
1190 case BR_KEYTYPE_RSA
:
1191 if (!eqbigint(CTX
->pkey
.key
.rsa
.n
,
1192 CTX
->pkey
.key
.rsa
.nlen
,
1194 ta
->pkey
.key
.rsa
.nlen
)
1195 || !eqbigint(CTX
->pkey
.key
.rsa
.e
,
1196 CTX
->pkey
.key
.rsa
.elen
,
1198 ta
->pkey
.key
.rsa
.elen
))
1205 if (CTX
->pkey
.key
.ec
.curve
!= ta
->pkey
.key
.ec
.curve
1206 || CTX
->pkey
.key
.ec
.qlen
!= ta
->pkey
.key
.ec
.qlen
1207 || memcmp(CTX
->pkey
.key
.ec
.q
,
1209 ta
->pkey
.key
.ec
.qlen
) != 0)
1220 * Direct trust match!
1222 CTX
->err
= BR_ERR_X509_OK
;
1229 /* check-trust-anchor-CA */
1233 for (u
= 0; u
< CTX
->trust_anchors_num
; u
++) {
1234 const br_x509_trust_anchor
*ta
;
1235 unsigned char hashed_DN
[64];
1237 ta
= &CTX
->trust_anchors
[u
];
1238 if (!(ta
->flags
& BR_X509_TA_CA
)) {
1241 hash_dn(CTX
, ta
->dn
.data
, ta
->dn
.len
, hashed_DN
);
1242 if (memcmp(hashed_DN
, CTX
->saved_dn_hash
, DNHASH_LEN
)) {
1245 if (verify_signature(CTX
, &ta
->pkey
) == 0) {
1246 CTX
->err
= BR_ERR_X509_OK
;
1259 /* compute-dn-hash */
1261 CTX
->dn_hash_impl
->out(&CTX
->dn_hash
.vtable
, CTX
->current_dn_hash
);
1262 CTX
->do_dn_hash
= 0;
1267 /* compute-tbs-hash */
1271 len
= br_multihash_out(&CTX
->mhash
, id
, CTX
->tbs_hash
);
1277 /* copy-ee-ec-pkey */
1279 size_t qlen
= T0_POP();
1280 uint32_t curve
= T0_POP();
1281 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, qlen
);
1282 CTX
->pkey
.key_type
= BR_KEYTYPE_EC
;
1283 CTX
->pkey
.key
.ec
.curve
= curve
;
1284 CTX
->pkey
.key
.ec
.q
= CTX
->ee_pkey_data
;
1285 CTX
->pkey
.key
.ec
.qlen
= qlen
;
1290 /* copy-ee-rsa-pkey */
1292 size_t elen
= T0_POP();
1293 size_t nlen
= T0_POP();
1294 memcpy(CTX
->ee_pkey_data
, CTX
->pkey_data
, nlen
+ elen
);
1295 CTX
->pkey
.key_type
= BR_KEYTYPE_RSA
;
1296 CTX
->pkey
.key
.rsa
.n
= CTX
->ee_pkey_data
;
1297 CTX
->pkey
.key
.rsa
.nlen
= nlen
;
1298 CTX
->pkey
.key
.rsa
.e
= CTX
->ee_pkey_data
+ nlen
;
1299 CTX
->pkey
.key
.rsa
.elen
= elen
;
1306 unsigned tag
= T0_POP();
1307 unsigned ok
= T0_POP();
1311 for (u
= 0; u
< CTX
->num_name_elts
; u
++) {
1312 br_name_element
*ne
;
1314 ne
= &CTX
->name_elts
[u
];
1315 if (ne
->status
== 0 && ne
->oid
[0] == 0 && ne
->oid
[1] == tag
) {
1316 if (ok
&& ne
->len
> len
) {
1317 memcpy(ne
->buf
, CTX
->pad
+ 1, len
);
1330 /* copy-name-element */
1333 int32_t off
= T0_POPi();
1337 br_name_element
*ne
= &CTX
->name_elts
[off
];
1341 if (len
< ne
->len
) {
1342 memcpy(ne
->buf
, CTX
->pad
+ 1, len
);
1358 size_t addr
= T0_POP();
1359 T0_PUSH(t0_datablock
[addr
]);
1364 /* dn-hash-length */
1366 T0_PUSH(DNHASH_LEN
);
1373 size_t qlen
= T0_POP();
1374 int curve
= T0_POP();
1377 pk
.key_type
= BR_KEYTYPE_EC
;
1378 pk
.key
.ec
.curve
= curve
;
1379 pk
.key
.ec
.q
= CTX
->pkey_data
;
1380 pk
.key
.ec
.qlen
= qlen
;
1381 T0_PUSH(verify_signature(CTX
, &pk
));
1388 size_t elen
= T0_POP();
1389 size_t nlen
= T0_POP();
1392 pk
.key_type
= BR_KEYTYPE_RSA
;
1393 pk
.key
.rsa
.n
= CTX
->pkey_data
;
1394 pk
.key
.rsa
.nlen
= nlen
;
1395 pk
.key
.rsa
.e
= CTX
->pkey_data
+ nlen
;
1396 pk
.key
.rsa
.elen
= elen
;
1397 T0_PUSH(verify_signature(CTX
, &pk
));
1408 T0_PUSH(T0_PEEK(0));
1414 const unsigned char *a2
= &t0_datablock
[T0_POP()];
1415 const unsigned char *a1
= &CTX
->pad
[0];
1419 x
= -(memcmp(a1
+ 1, a2
+ 1, len
) == 0);
1423 T0_PUSH((uint32_t)x
);
1430 size_t len
= T0_POP();
1431 const unsigned char *a2
= (const unsigned char *)CTX
+ T0_POP();
1432 const unsigned char *a1
= (const unsigned char *)CTX
+ T0_POP();
1433 T0_PUSHi(-(memcmp(a1
, a2
, len
) == 0));
1440 CTX
->err
= T0_POPi();
1446 /* get-system-date */
1448 if (CTX
->days
== 0 && CTX
->seconds
== 0) {
1449 #if BR_USE_UNIX_TIME
1450 time_t x
= time(NULL
);
1452 T0_PUSH((uint32_t)(x
/ 86400) + 719528);
1453 T0_PUSH((uint32_t)(x
% 86400));
1454 #elif BR_USE_WIN32_TIME
1458 GetSystemTimeAsFileTime(&ft
);
1459 x
= ((uint64_t)ft
.dwHighDateTime
<< 32)
1460 + (uint64_t)ft
.dwLowDateTime
;
1462 T0_PUSH((uint32_t)(x
/ 86400) + 584754);
1463 T0_PUSH((uint32_t)(x
% 86400));
1465 CTX
->err
= BR_ERR_X509_TIME_UNKNOWN
;
1470 T0_PUSH(CTX
->seconds
);
1478 uint32_t addr
= T0_POP();
1479 T0_PUSH(*(uint16_t *)((unsigned char *)CTX
+ addr
));
1486 uint32_t addr
= T0_POP();
1487 T0_PUSH(*(uint32_t *)((unsigned char *)CTX
+ addr
));
1492 /* match-server-name */
1496 if (CTX
->server_name
== NULL
) {
1500 n1
= strlen(CTX
->server_name
);
1502 if (n1
== n2
&& eqnocase(&CTX
->pad
[1], CTX
->server_name
, n1
)) {
1506 if (n2
>= 2 && CTX
->pad
[1] == '*' && CTX
->pad
[2] == '.') {
1510 while (u
< n1
&& CTX
->server_name
[u
] != '.') {
1516 && eqnocase(&CTX
->pad
[3], CTX
->server_name
+ u
, n1
))
1529 uint32_t a
= T0_POP();
1535 /* offset-name-element */
1537 unsigned san
= T0_POP();
1540 for (u
= 0; u
< CTX
->num_name_elts
; u
++) {
1541 if (CTX
->name_elts
[u
].status
== 0) {
1542 const unsigned char *oid
;
1545 oid
= CTX
->name_elts
[u
].oid
;
1547 if (oid
[0] != 0 || oid
[1] != 0) {
1555 if (len
!= 0 && len
== CTX
->pad
[0]
1556 && memcmp(oid
+ off
+ 1,
1557 CTX
->pad
+ 1, len
) == 0)
1571 uint32_t b
= T0_POP();
1572 uint32_t a
= T0_POP();
1579 T0_PUSH(T0_PEEK(1));
1583 /* read-blob-inner */
1585 uint32_t len
= T0_POP();
1586 uint32_t addr
= T0_POP();
1587 size_t clen
= CTX
->hlen
;
1592 memcpy((unsigned char *)CTX
+ addr
, CTX
->hbuf
, clen
);
1594 if (CTX
->do_mhash
) {
1595 br_multihash_update(&CTX
->mhash
, CTX
->hbuf
, clen
);
1597 if (CTX
->do_dn_hash
) {
1598 CTX
->dn_hash_impl
->update(
1599 &CTX
->dn_hash
.vtable
, CTX
->hbuf
, clen
);
1603 T0_PUSH(addr
+ clen
);
1604 T0_PUSH(len
- clen
);
1611 if (CTX
->hlen
== 0) {
1614 unsigned char x
= *CTX
->hbuf
++;
1615 if (CTX
->do_mhash
) {
1616 br_multihash_update(&CTX
->mhash
, &x
, 1);
1618 if (CTX
->do_dn_hash
) {
1619 CTX
->dn_hash_impl
->update(&CTX
->dn_hash
.vtable
, &x
, 1);
1640 uint32_t addr
= T0_POP();
1641 *(uint16_t *)((unsigned char *)CTX
+ addr
) = T0_POP();
1648 uint32_t addr
= T0_POP();
1649 *(uint32_t *)((unsigned char *)CTX
+ addr
) = T0_POP();
1656 uint32_t addr
= T0_POP();
1657 *((unsigned char *)CTX
+ addr
) = (unsigned char)T0_POP();
1664 CTX
->dn_hash_impl
->init(&CTX
->dn_hash
.vtable
);
1665 CTX
->do_dn_hash
= 1;
1670 /* start-tbs-hash */
1672 br_multihash_init(&CTX
->mhash
);
1690 /* zero-server-name */
1692 T0_PUSHi(-(CTX
->server_name
== NULL
));
1699 T0_ENTER(ip
, rp
, t0x
);
1703 ((t0_context
*)t0ctx
)->dp
= dp
;
1704 ((t0_context
*)t0ctx
)->rp
= rp
;
1705 ((t0_context
*)t0ctx
)->ip
= ip
;