projects / BearSSL / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added an explicit initialisation to a stack buffer to prevent an (harmless) uninitial...
[BearSSL] / src / x509 / x509_minimal.c
1 /* Automatically generated code; do not modify directly. */
2
3 #include <stddef.h>
4 #include <stdint.h>
5
6 typedef struct {
7 uint32_t *dp;
8 uint32_t *rp;
9 const unsigned char *ip;
10 } t0_context;
11
12 static uint32_t
13 t0_parse7E_unsigned(const unsigned char **p)
14 {
15 uint32_t x;
16
17 x = 0;
18 for (;;) {
19 unsigned y;
20
21 y = *(*p) ++;
22 x = (x << 7) | (uint32_t)(y & 0x7F);
23 if (y < 0x80) {
24 return x;
25 }
26 }
27 }
28
29 static int32_t
30 t0_parse7E_signed(const unsigned char **p)
31 {
32 int neg;
33 uint32_t x;
34
35 neg = ((**p) >> 6) & 1;
36 x = (uint32_t)-neg;
37 for (;;) {
38 unsigned y;
39
40 y = *(*p) ++;
41 x = (x << 7) | (uint32_t)(y & 0x7F);
42 if (y < 0x80) {
43 if (neg) {
44 return -(int32_t)~x - 1;
45 } else {
46 return (int32_t)x;
47 }
48 }
49 }
50 }
51
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
60
61 /* static const unsigned char t0_datablock[]; */
62
63
64 void br_x509_minimal_init_main(void *t0ctx);
65
66 void br_x509_minimal_run(void *t0ctx);
67
68
69
70 #include "inner.h"
71
72
73
74
75
76 #include "inner.h"
77
78 /*
79 * Implementation Notes
80 * --------------------
81 *
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
88 *
89 * The T0 code sets cert_length to 0 when the certificate is fully
90 * decoded.
91 *
92 * The C code must still perform two checks:
93 *
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
96 * C code.
97 *
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
101 *
102 * Processing of a chain works in the following way:
103 *
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
109 *
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
112 *
113 * -- Start of the TBS: the multihash engine is reset and activated.
114 *
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
117 *
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
121 *
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
124 *
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
127 *
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
130 *
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
134 *
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
137 *
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
143 *
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
146 *
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
152 *
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
156 *
157 * -- Extensions: extension values are processed in due order.
158 *
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
162 *
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
166 *
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
169 *
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
176 *
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
180 *
181 * -- End of the TBS: the multihash engine is stopped.
182 *
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
189 *
190 * -- Signature value: the signature value is copied into the
191 * cert_sig[] array.
192 *
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
198 *
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
201 */
202
203 #ifndef BR_USE_UNIX_TIME
204 #if defined __unix__ || defined __linux__ \
205 || defined _POSIX_SOURCE || defined _POSIX_C_SOURCE \
206 || (defined __APPLE__ && defined __MACH__)
207 #define BR_USE_UNIX_TIME 1
208 #endif
209 #endif
210
211 #ifndef BR_USE_WIN32_TIME
212 #if defined _WIN32 || defined _WIN64
213 #define BR_USE_WIN32_TIME 1
214 #endif
215 #endif
216
217 #if BR_USE_UNIX_TIME
218 #include <time.h>
219 #endif
220
221 #if BR_USE_WIN32_TIME
222 #include <windows.h>
223 #endif
224
225 void br_x509_minimal_init_main(void *ctx);
226 void br_x509_minimal_run(void *ctx);
227
228 /* see bearssl_x509.h */
229 void
230 br_x509_minimal_init(br_x509_minimal_context *ctx,
231 const br_hash_class *dn_hash_impl,
232 const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num)
233 {
234 memset(ctx, 0, sizeof *ctx);
235 ctx->vtable = &br_x509_minimal_vtable;
236 ctx->dn_hash_impl = dn_hash_impl;
237 ctx->trust_anchors = trust_anchors;
238 ctx->trust_anchors_num = trust_anchors_num;
239 }
240
241 static void
242 xm_start_chain(const br_x509_class **ctx, const char *server_name)
243 {
244 br_x509_minimal_context *cc;
245 size_t u;
246
247 cc = (br_x509_minimal_context *)ctx;
248 for (u = 0; u < cc->num_name_elts; u ++) {
249 cc->name_elts[u].status = 0;
250 cc->name_elts[u].buf[0] = 0;
251 }
252 memset(&cc->pkey, 0, sizeof cc->pkey);
253 cc->num_certs = 0;
254 cc->err = 0;
255 cc->cpu.dp = cc->dp_stack;
256 cc->cpu.rp = cc->rp_stack;
257 br_x509_minimal_init_main(&cc->cpu);
258 if (server_name == NULL || *server_name == 0) {
259 cc->server_name = NULL;
260 } else {
261 cc->server_name = server_name;
262 }
263 }
264
265 static void
266 xm_start_cert(const br_x509_class **ctx, uint32_t length)
267 {
268 br_x509_minimal_context *cc;
269
270 cc = (br_x509_minimal_context *)ctx;
271 if (cc->err != 0) {
272 return;
273 }
274 if (length == 0) {
275 cc->err = BR_ERR_X509_TRUNCATED;
276 return;
277 }
278 cc->cert_length = length;
279 }
280
281 static void
282 xm_append(const br_x509_class **ctx, const unsigned char *buf, size_t len)
283 {
284 br_x509_minimal_context *cc;
285
286 cc = (br_x509_minimal_context *)ctx;
287 if (cc->err != 0) {
288 return;
289 }
290 cc->hbuf = buf;
291 cc->hlen = len;
292 br_x509_minimal_run(&cc->cpu);
293 }
294
295 static void
296 xm_end_cert(const br_x509_class **ctx)
297 {
298 br_x509_minimal_context *cc;
299
300 cc = (br_x509_minimal_context *)ctx;
301 if (cc->err == 0 && cc->cert_length != 0) {
302 cc->err = BR_ERR_X509_TRUNCATED;
303 }
304 cc->num_certs ++;
305 }
306
307 static unsigned
308 xm_end_chain(const br_x509_class **ctx)
309 {
310 br_x509_minimal_context *cc;
311
312 cc = (br_x509_minimal_context *)ctx;
313 if (cc->err == 0) {
314 if (cc->num_certs == 0) {
315 cc->err = BR_ERR_X509_EMPTY_CHAIN;
316 } else {
317 cc->err = BR_ERR_X509_NOT_TRUSTED;
318 }
319 } else if (cc->err == BR_ERR_X509_OK) {
320 return 0;
321 }
322 return (unsigned)cc->err;
323 }
324
325 static const br_x509_pkey *
326 xm_get_pkey(const br_x509_class *const *ctx, unsigned *usages)
327 {
328 br_x509_minimal_context *cc;
329
330 cc = (br_x509_minimal_context *)ctx;
331 if (cc->err == BR_ERR_X509_OK
332 || cc->err == BR_ERR_X509_NOT_TRUSTED)
333 {
334 if (usages != NULL) {
335 *usages = cc->key_usages;
336 }
337 return &((br_x509_minimal_context *)ctx)->pkey;
338 } else {
339 return NULL;
340 }
341 }
342
343 /* see bearssl_x509.h */
344 const br_x509_class br_x509_minimal_vtable = {
345 sizeof(br_x509_minimal_context),
346 xm_start_chain,
347 xm_start_cert,
348 xm_append,
349 xm_end_cert,
350 xm_end_chain,
351 xm_get_pkey
352 };
353
354 #define CTX ((br_x509_minimal_context *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
355 #define CONTEXT_NAME br_x509_minimal_context
356
357 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
358
359 /*
360 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
361 * DN hash implementation and context structure from the X.509 engine
362 * context.
363 */
364 static void
365 hash_dn(br_x509_minimal_context *ctx, const void *dn, size_t len,
366 unsigned char *out)
367 {
368 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable);
369 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len);
370 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out);
371 }
372
373 /*
374 * Compare two big integers for equality. The integers use unsigned big-endian
375 * encoding; extra leading bytes (of value 0) are allowed.
376 */
377 static int
378 eqbigint(const unsigned char *b1, size_t len1,
379 const unsigned char *b2, size_t len2)
380 {
381 while (len1 > 0 && *b1 == 0) {
382 b1 ++;
383 len1 --;
384 }
385 while (len2 > 0 && *b2 == 0) {
386 b2 ++;
387 len2 --;
388 }
389 if (len1 != len2) {
390 return 0;
391 }
392 return memcmp(b1, b2, len1) == 0;
393 }
394
395 /*
396 * Compare two strings for equality, in a case-insensitive way. This
397 * function handles casing only for ASCII letters.
398 */
399 static int
400 eqnocase(const void *s1, const void *s2, size_t len)
401 {
402 const unsigned char *buf1, *buf2;
403
404 buf1 = s1;
405 buf2 = s2;
406 while (len -- > 0) {
407 int x1, x2;
408
409 x1 = *buf1 ++;
410 x2 = *buf2 ++;
411 if (x1 >= 'A' && x1 <= 'Z') {
412 x1 += 'a' - 'A';
413 }
414 if (x2 >= 'A' && x2 <= 'Z') {
415 x2 += 'a' - 'A';
416 }
417 if (x1 != x2) {
418 return 0;
419 }
420 }
421 return 1;
422 }
423
424 static int verify_signature(br_x509_minimal_context *ctx,
425 const br_x509_pkey *pk);
426
427
428
429 static const unsigned char t0_datablock[] = {
430 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
431 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
432 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
433 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
434 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
435 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
436 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
437 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
438 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
439 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
440 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
441 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
442 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
443 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
444 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
445 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
446 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
447 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
448 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
449 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
450 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01,
451 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D,
452 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D,
453 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
454 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
455 };
456
457 static const unsigned char t0_codeblock[] = {
458 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
459 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
460 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
461 T0_INT1(BR_ERR_X509_BAD_BOOLEAN), 0x00, 0x00, 0x01,
462 T0_INT1(BR_ERR_X509_BAD_DN), 0x00, 0x00, 0x01,
463 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME), 0x00, 0x00, 0x01,
464 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS), 0x00, 0x00, 0x01,
465 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE), 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_BAD_TIME), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_DN_MISMATCH), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_EXPIRED), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_INNER_TRUNC), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_X509_NOT_CA), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_X509_OVERFLOW), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_X509_PARTIAL_BYTE), 0x00, 0x00, 0x01,
480 T0_INT1(BR_ERR_X509_UNEXPECTED), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_X509_UNSUPPORTED), 0x00, 0x00, 0x01,
482 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY), 0x00, 0x00, 0x01,
483 T0_INT1(BR_KEYTYPE_EC), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA),
484 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_length)), 0x00,
485 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig)), 0x00, 0x00,
486 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_len)), 0x00, 0x00,
487 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_oid)), 0x00, 0x00,
488 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_len)), 0x00, 0x00, 0x01,
489 T0_INT2(offsetof(CONTEXT_NAME, cert_signer_key_type)), 0x00, 0x00,
490 0x01, T0_INT2(offsetof(CONTEXT_NAME, current_dn_hash)), 0x00, 0x00,
491 0x01, T0_INT2(offsetof(CONTEXT_NAME, key_usages)), 0x00, 0x00, 0x01,
492 T0_INT2(offsetof(br_x509_minimal_context, pkey_data)), 0x01,
493 T0_INT2(BR_X509_BUFSIZE_KEY), 0x00, 0x00, 0x01,
494 T0_INT2(offsetof(CONTEXT_NAME, min_rsa_size)), 0x00, 0x00, 0x01,
495 T0_INT2(offsetof(CONTEXT_NAME, next_dn_hash)), 0x00, 0x00, 0x01,
496 T0_INT2(offsetof(CONTEXT_NAME, num_certs)), 0x00, 0x00, 0x01,
497 T0_INT2(offsetof(CONTEXT_NAME, pad)), 0x00, 0x00, 0x01,
498 T0_INT2(offsetof(CONTEXT_NAME, saved_dn_hash)), 0x00, 0x00, 0xC9, 0x71,
499 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
500 0x01, 0x81, 0x02, 0x00, 0x00, 0x92, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
501 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
502 0x00, 0x00, 0x01, 0x82, 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00,
503 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
504 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
505 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
506 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
507 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00,
508 0x06, 0x02, 0x53, 0x28, 0x00, 0x00, 0x01, 0x10, 0x77, 0x00, 0x00, 0x11,
509 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28,
510 0x75, 0x00, 0x00, 0x06, 0x02, 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x11,
511 0x00, 0x00, 0x25, 0x20, 0x01, 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00,
512 0x09, 0x03, 0x00, 0x5B, 0x2B, 0xAF, 0x39, 0xAF, 0xB3, 0x25, 0x01, 0x20,
513 0x11, 0x06, 0x11, 0x24, 0x74, 0xAD, 0xB3, 0x01, 0x02, 0x78, 0xB0, 0x01,
514 0x02, 0x12, 0x06, 0x02, 0x57, 0x28, 0x79, 0xB3, 0x01, 0x02, 0x78, 0xAE,
515 0xAF, 0xC2, 0x9C, 0x65, 0x61, 0x21, 0x16, 0xAF, 0xA7, 0x29, 0x69, 0x06,
516 0x02, 0x4B, 0x28, 0xA7, 0x29, 0x71, 0x06, 0x02, 0x4B, 0x28, 0x79, 0x02,
517 0x00, 0x06, 0x05, 0x9D, 0x03, 0x01, 0x04, 0x09, 0x9C, 0x61, 0x68, 0x21,
518 0x27, 0x05, 0x02, 0x4A, 0x28, 0x68, 0x65, 0x21, 0x16, 0xAF, 0xAF, 0x9E,
519 0x05, 0x02, 0x57, 0x28, 0xBC, 0x26, 0x06, 0x27, 0xC2, 0xA4, 0xAF, 0x63,
520 0xAA, 0x03, 0x03, 0x63, 0x3B, 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A,
521 0xAA, 0x03, 0x04, 0x79, 0x64, 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03,
522 0x12, 0x06, 0x02, 0x58, 0x28, 0x79, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x88,
523 0x26, 0x06, 0x34, 0x9E, 0x05, 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04,
524 0x01, 0x17, 0x04, 0x12, 0x6B, 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A,
525 0x6C, 0x26, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05,
526 0x79, 0xA4, 0x25, 0x03, 0x06, 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50,
527 0x28, 0xA5, 0x59, 0x03, 0x02, 0x04, 0x02, 0x57, 0x28, 0x79, 0x02, 0x00,
528 0x06, 0x21, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03,
529 0x02, 0x04, 0x1D, 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02,
530 0x05, 0x02, 0x06, 0x1C, 0x04, 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02,
531 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23,
532 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06,
533 0x22, 0x04, 0x03, 0x57, 0x28, 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01,
534 0x00, 0x03, 0x07, 0xB4, 0x01, 0x21, 0x8F, 0x01, 0x22, 0x8F, 0x25, 0x01,
535 0x23, 0x11, 0x06, 0x81, 0x26, 0x24, 0x74, 0xAD, 0xAF, 0x25, 0x06, 0x81,
536 0x1A, 0x01, 0x00, 0x03, 0x08, 0xAF, 0x9E, 0x24, 0xB3, 0x25, 0x01, 0x01,
537 0x11, 0x06, 0x04, 0xA6, 0x03, 0x08, 0xB3, 0x01, 0x04, 0x78, 0xAD, 0x70,
538 0x26, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC3, 0x04, 0x05, 0x99, 0x01,
539 0x7F, 0x03, 0x07, 0x04, 0x80, 0x6C, 0x91, 0x26, 0x06, 0x06, 0x02, 0x00,
540 0x9B, 0x04, 0x80, 0x62, 0xC5, 0x26, 0x06, 0x11, 0x02, 0x00, 0x06, 0x09,
541 0x01, 0x00, 0x03, 0x01, 0x98, 0x03, 0x01, 0x04, 0x01, 0xC3, 0x04, 0x80,
542 0x4D, 0x73, 0x26, 0x06, 0x0A, 0x02, 0x08, 0x06, 0x03, 0x9A, 0x04, 0x01,
543 0xC3, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x38, 0xC8, 0x26,
544 0x06, 0x03, 0xC3, 0x04, 0x31, 0x90, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x2A,
545 0xC6, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x23, 0x7A, 0x26, 0x06, 0x03, 0xC3,
546 0x04, 0x1C, 0x85, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x15, 0x6E, 0x26, 0x06,
547 0x03, 0xC3, 0x04, 0x0E, 0xC7, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x07, 0x02,
548 0x08, 0x06, 0x02, 0x49, 0x28, 0xC3, 0x79, 0x79, 0x04, 0xFE, 0x62, 0x79,
549 0x79, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02, 0x56, 0x28, 0x24, 0x79,
550 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C, 0x2F, 0x05, 0x02, 0x45,
551 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00, 0x02, 0x07, 0x2F, 0x05,
552 0x02, 0x51, 0x28, 0xB3, 0x76, 0xAD, 0x9E, 0x06, 0x80, 0x77, 0xBD, 0x26,
553 0x06, 0x07, 0x01, 0x02, 0x5A, 0x8A, 0x04, 0x80, 0x5E, 0xBE, 0x26, 0x06,
554 0x07, 0x01, 0x03, 0x5A, 0x8B, 0x04, 0x80, 0x53, 0xBF, 0x26, 0x06, 0x07,
555 0x01, 0x04, 0x5A, 0x8C, 0x04, 0x80, 0x48, 0xC0, 0x26, 0x06, 0x06, 0x01,
556 0x05, 0x5A, 0x8D, 0x04, 0x3E, 0xC1, 0x26, 0x06, 0x06, 0x01, 0x06, 0x5A,
557 0x8E, 0x04, 0x34, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x02, 0x59, 0x8A, 0x04,
558 0x2A, 0x80, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59, 0x8B, 0x04, 0x20, 0x81,
559 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8C, 0x04, 0x16, 0x82, 0x26, 0x06,
560 0x06, 0x01, 0x05, 0x59, 0x8D, 0x04, 0x0C, 0x83, 0x26, 0x06, 0x06, 0x01,
561 0x06, 0x59, 0x8E, 0x04, 0x02, 0x57, 0x28, 0x5E, 0x35, 0x60, 0x37, 0x1B,
562 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04, 0x02, 0x57, 0x28, 0xC2,
563 0xA4, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG), 0x12, 0x06, 0x02, 0x50,
564 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA5, 0x79, 0x79, 0x01, 0x00, 0x5B, 0x36,
565 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01, 0x00, 0x01, 0x09, 0x72,
566 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30, 0x00, 0x00, 0x01, 0x81,
567 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 0x01, 0x81, 0x19, 0x00,
568 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 0x2B, 0x00, 0x01, 0x7E,
569 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F, 0x11, 0x15, 0x06, 0x03,
570 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25, 0xCA, 0x05, 0x04, 0x42,
571 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x96, 0x04,
572 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06, 0x0F, 0x01, 0x06, 0x14,
573 0x01, 0x81, 0x40, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x00, 0x97, 0x04, 0x33,
574 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14, 0x01, 0x0C, 0x14, 0x01,
575 0x81, 0x60, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00, 0x01,
576 0x00, 0x97, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01, 0x81, 0x70, 0x2F, 0x96,
577 0x02, 0x00, 0x01, 0x0C, 0x97, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00,
578 0x01, 0x00, 0x97, 0x00, 0x00, 0x01, 0x82, 0x15, 0x00, 0x00, 0x25, 0x01,
579 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x81,
580 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00,
581 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80,
582 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00,
583 0x00, 0x30, 0x11, 0x06, 0x04, 0x42, 0xAD, 0xC2, 0xB4, 0x00, 0x00, 0x01,
584 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83,
585 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62,
586 0x37, 0x01, 0x7F, 0x7C, 0x19, 0x01, 0x00, 0x7C, 0x19, 0x04, 0x7A, 0x00,
587 0x01, 0x81, 0x38, 0x00, 0x01, 0x7E, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25,
588 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01,
589 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67,
590 0x09, 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00,
591 0x2F, 0x96, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAF, 0x25, 0x06, 0x80,
592 0x59, 0xB3, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x74, 0xAD, 0x9E,
593 0x24, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB3, 0x01, 0x20, 0x77, 0xAD, 0xB2,
594 0x02, 0x01, 0x1F, 0x79, 0x79, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06,
595 0x08, 0x24, 0x75, 0xB6, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30,
596 0x11, 0x06, 0x11, 0x24, 0x75, 0xB6, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00,
597 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11,
598 0x06, 0x08, 0x24, 0x75, 0xB6, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAE,
599 0x01, 0x00, 0x24, 0x04, 0xFF, 0x23, 0x79, 0x02, 0x00, 0x00, 0x00, 0xAF,
600 0xB4, 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA6, 0x05, 0x02, 0x51, 0x28,
601 0xB4, 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24,
602 0x75, 0xB0, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB4, 0x01,
603 0x7F, 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x79, 0x00, 0x00, 0xAF, 0x25,
604 0x06, 0x1A, 0xAF, 0x9E, 0x24, 0x25, 0x06, 0x11, 0xAF, 0x25, 0x06, 0x0C,
605 0xAF, 0x9E, 0x24, 0x89, 0x26, 0x05, 0x02, 0x49, 0x28, 0xC2, 0x04, 0x71,
606 0x79, 0x79, 0x04, 0x63, 0x79, 0x00, 0x02, 0x03, 0x00, 0xB3, 0x01, 0x03,
607 0x78, 0xAD, 0xBA, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12, 0x06, 0x02,
608 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24, 0x4D, 0x28,
609 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xBA, 0x02, 0x01,
610 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xBA, 0x01, 0x00, 0x24, 0x02,
611 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06, 0x03, 0x01,
612 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01, 0x20, 0x2F,
613 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D, 0x28, 0xC2,
614 0x00, 0x00, 0x38, 0xAF, 0xC2, 0x1A, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00,
615 0x38, 0xAF, 0x25, 0x06, 0x30, 0xB3, 0x01, 0x11, 0x77, 0xAD, 0x25, 0x05,
616 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAF, 0x9E, 0x24, 0x87, 0x26, 0x03,
617 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xB2, 0x25, 0x02, 0x01, 0x15, 0x06,
618 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02, 0x1F, 0x79,
619 0x04, 0x5D, 0x79, 0x04, 0x4D, 0x79, 0x1A, 0x02, 0x00, 0x00, 0x00, 0xB3,
620 0x01, 0x06, 0x78, 0xB1, 0x00, 0x00, 0xB8, 0x86, 0x06, 0x0E, 0x3B, 0x25,
621 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB8, 0x6D, 0x04, 0x08,
622 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB9, 0x86,
623 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00,
624 0xB9, 0x6D, 0x04, 0x08, 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00,
625 0x00, 0x00, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x00, 0x04,
626 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24, 0x01, 0x00,
627 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06, 0x0E, 0x01,
628 0x1F, 0x15, 0x01, 0x01, 0xA3, 0x01, 0x81, 0x00, 0x01, 0x8F, 0x7F, 0x04,
629 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F, 0x15, 0x01,
630 0x02, 0xA3, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04, 0x1C, 0x25,
631 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01, 0x03, 0xA3,
632 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04, 0x04, 0x24,
633 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00, 0x00, 0x3B,
634 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xBA, 0x34, 0x25,
635 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B, 0x25, 0x01,
636 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F, 0x00, 0x01,
637 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0xA2, 0x34, 0x41,
638 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB3, 0x01, 0x03, 0x78, 0xAD, 0xBA,
639 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07, 0x31, 0x25,
640 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01, 0x78, 0xAC,
641 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xBA, 0x3E, 0x00, 0x04, 0xB3,
642 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28, 0x01, 0x18,
643 0x11, 0x03, 0x00, 0x75, 0xAD, 0xA8, 0x02, 0x00, 0x06, 0x0C, 0x01, 0x80,
644 0x64, 0x08, 0x03, 0x01, 0xA8, 0x02, 0x01, 0x09, 0x04, 0x0E, 0x25, 0x01,
645 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E, 0x6C, 0x09,
646 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01, 0x01, 0x03,
647 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63, 0x09, 0x01,
648 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09, 0x01, 0x83,
649 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA9, 0x41, 0x01,
650 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01, 0x01, 0x80,
651 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F, 0x2F, 0x15,
652 0x06, 0x03, 0x01, 0x18, 0x09, 0x94, 0x09, 0x7B, 0x25, 0x01, 0x05, 0x14,
653 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01, 0x3B, 0xA9,
654 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17, 0xA9, 0x01,
655 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA9, 0x01, 0x3C,
656 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C, 0xA9, 0x02,
657 0x02, 0x09, 0x03, 0x02, 0xBA, 0x25, 0x01, 0x2E, 0x11, 0x06, 0x0D, 0x24,
658 0xBA, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24, 0x04, 0x74,
659 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x79, 0x02, 0x03, 0x02,
660 0x02, 0x00, 0x01, 0xBA, 0x7D, 0x01, 0x0A, 0x08, 0x03, 0x00, 0xBA, 0x7D,
661 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA8, 0x25, 0x02,
662 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x34, 0xB3,
663 0x01, 0x02, 0x78, 0x0B, 0xAB, 0x00, 0x03, 0x25, 0x03, 0x00, 0x03, 0x01,
664 0x03, 0x02, 0xAD, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06, 0x02, 0x54,
665 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05, 0x04, 0x24,
666 0x01, 0x00, 0x00, 0xBA, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05, 0x02, 0x50,
667 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40, 0x03, 0x02,
668 0x25, 0x06, 0x03, 0xBA, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02, 0x01, 0x0A,
669 0x00, 0x01, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01, 0x00, 0x01,
670 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00, 0x01, 0x00,
671 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41, 0x03, 0x00,
672 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F, 0x28, 0x01,
673 0x08, 0x0E, 0x3B, 0xBA, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00, 0xAC, 0x95,
674 0x00, 0x00, 0xAD, 0xC2, 0x00, 0x00, 0xB3, 0x76, 0xAD, 0x00, 0x01, 0xAD,
675 0x25, 0x05, 0x02, 0x54, 0x28, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
676 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xBA, 0x02, 0x00, 0x25,
677 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28, 0x01, 0x08,
678 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00, 0x00, 0xAD,
679 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xC2, 0x01, 0x00, 0x67, 0x37,
680 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA5, 0x01, 0x7F, 0x00,
681 0x00, 0xB3, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB6, 0x04,
682 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x33,
683 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x28, 0x01,
684 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x1D, 0x01, 0x16,
685 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x12, 0x01, 0x1E, 0x30,
686 0x11, 0x06, 0x05, 0x24, 0x75, 0xB5, 0x04, 0x07, 0x42, 0xAE, 0x01, 0x00,
687 0x01, 0x00, 0x24, 0x00, 0x01, 0xBA, 0x03, 0x00, 0x02, 0x00, 0x01, 0x05,
688 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14, 0x25, 0x01,
689 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02, 0x00, 0x01,
690 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28, 0x09, 0x00,
691 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB3, 0x00, 0x01,
692 0xAD, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01, 0x01, 0x03,
693 0x00, 0x9F, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16, 0x24, 0x25,
694 0x06, 0x10, 0xA0, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02,
695 0x00, 0x84, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05, 0x05, 0x24,
696 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x25, 0x06, 0x0B,
697 0x9F, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x04, 0x6D, 0x24,
698 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00,
699 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xA1, 0x25, 0x05,
700 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x04,
701 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
702 0x7F, 0x00, 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xBA,
703 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03,
704 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
705 0x37, 0x01, 0x7F, 0x00, 0x00, 0xBA, 0x01, 0x08, 0x0E, 0x3B, 0xBA, 0x34,
706 0x09, 0x00, 0x00, 0xBA, 0x3B, 0xBA, 0x01, 0x08, 0x0E, 0x34, 0x09, 0x00,
707 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xBB, 0x00, 0x00, 0x32, 0x25,
708 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74, 0x00, 0x01,
709 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00, 0x00, 0x01,
710 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00, 0x00, 0xC3,
711 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC4, 0x25, 0x06, 0x01, 0x19, 0x04,
712 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00, 0x00, 0x01,
713 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00, 0x00, 0x01, 0x82, 0x22,
714 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x01, 0x03, 0x33, 0x01, 0x03,
715 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFD, 0x5F,
716 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00,
717 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x01,
718 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
719 };
720
721 static const uint16_t t0_caddr[] = {
722 0,
723 5,
724 10,
725 15,
726 20,
727 25,
728 29,
729 33,
730 37,
731 41,
732 45,
733 49,
734 53,
735 57,
736 61,
737 65,
738 69,
739 73,
740 77,
741 81,
742 85,
743 89,
744 93,
745 97,
746 101,
747 105,
748 109,
749 113,
750 117,
751 121,
752 125,
753 130,
754 135,
755 140,
756 145,
757 150,
758 155,
759 160,
760 165,
761 173,
762 178,
763 183,
764 188,
765 193,
766 198,
767 202,
768 207,
769 212,
770 217,
771 238,
772 243,
773 248,
774 253,
775 282,
776 297,
777 302,
778 308,
779 314,
780 319,
781 327,
782 335,
783 341,
784 346,
785 357,
786 992,
787 1007,
788 1011,
789 1016,
790 1021,
791 1026,
792 1031,
793 1036,
794 1150,
795 1155,
796 1167,
797 1172,
798 1177,
799 1182,
800 1186,
801 1191,
802 1196,
803 1201,
804 1206,
805 1216,
806 1221,
807 1226,
808 1238,
809 1253,
810 1258,
811 1272,
812 1294,
813 1305,
814 1408,
815 1455,
816 1488,
817 1579,
818 1585,
819 1648,
820 1655,
821 1683,
822 1711,
823 1816,
824 1858,
825 1871,
826 1883,
827 1897,
828 1912,
829 2132,
830 2146,
831 2163,
832 2172,
833 2239,
834 2295,
835 2299,
836 2303,
837 2308,
838 2356,
839 2382,
840 2458,
841 2502,
842 2513,
843 2598,
844 2636,
845 2674,
846 2684,
847 2694,
848 2703,
849 2716,
850 2720,
851 2724,
852 2728,
853 2732,
854 2736,
855 2740,
856 2744,
857 2756,
858 2764,
859 2769,
860 2774,
861 2779,
862 2784,
863 2792
864 };
865
866 #define T0_INTERPRETED 61
867
868 #define T0_ENTER(ip, rp, slot) do { \
869 const unsigned char *t0_newip; \
870 uint32_t t0_lnum; \
871 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
872 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
873 (rp) += t0_lnum; \
874 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
875 (ip) = t0_newip; \
876 } while (0)
877
878 #define T0_DEFENTRY(name, slot) \
879 void \
880 name(void *ctx) \
881 { \
882 t0_context *t0ctx = ctx; \
883 t0ctx->ip = &t0_codeblock[0]; \
884 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
885 }
886
887 T0_DEFENTRY(br_x509_minimal_init_main, 147)
888
889 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
890
891 void
892 br_x509_minimal_run(void *t0ctx)
893 {
894 uint32_t *dp, *rp;
895 const unsigned char *ip;
896
897 #define T0_LOCAL(x) (*(rp - 2 - (x)))
898 #define T0_POP() (*-- dp)
899 #define T0_POPi() (*(int32_t *)(-- dp))
900 #define T0_PEEK(x) (*(dp - 1 - (x)))
901 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
902 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
903 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
904 #define T0_RPOP() (*-- rp)
905 #define T0_RPOPi() (*(int32_t *)(-- rp))
906 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
907 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
908 #define T0_ROLL(x) do { \
909 size_t t0len = (size_t)(x); \
910 uint32_t t0tmp = *(dp - 1 - t0len); \
911 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
912 *(dp - 1) = t0tmp; \
913 } while (0)
914 #define T0_SWAP() do { \
915 uint32_t t0tmp = *(dp - 2); \
916 *(dp - 2) = *(dp - 1); \
917 *(dp - 1) = t0tmp; \
918 } while (0)
919 #define T0_ROT() do { \
920 uint32_t t0tmp = *(dp - 3); \
921 *(dp - 3) = *(dp - 2); \
922 *(dp - 2) = *(dp - 1); \
923 *(dp - 1) = t0tmp; \
924 } while (0)
925 #define T0_NROT() do { \
926 uint32_t t0tmp = *(dp - 1); \
927 *(dp - 1) = *(dp - 2); \
928 *(dp - 2) = *(dp - 3); \
929 *(dp - 3) = t0tmp; \
930 } while (0)
931 #define T0_PICK(x) do { \
932 uint32_t t0depth = (x); \
933 T0_PUSH(T0_PEEK(t0depth)); \
934 } while (0)
935 #define T0_CO() do { \
936 goto t0_exit; \
937 } while (0)
938 #define T0_RET() goto t0_next
939
940 dp = ((t0_context *)t0ctx)->dp;
941 rp = ((t0_context *)t0ctx)->rp;
942 ip = ((t0_context *)t0ctx)->ip;
943 goto t0_next;
944 for (;;) {
945 uint32_t t0x;
946
947 t0_next:
948 t0x = T0_NEXT(&ip);
949 if (t0x < T0_INTERPRETED) {
950 switch (t0x) {
951 int32_t t0off;
952
953 case 0: /* ret */
954 t0x = T0_RPOP();
955 rp -= (t0x >> 16);
956 t0x &= 0xFFFF;
957 if (t0x == 0) {
958 ip = NULL;
959 goto t0_exit;
960 }
961 ip = &t0_codeblock[t0x];
962 break;
963 case 1: /* literal constant */
964 T0_PUSHi(t0_parse7E_signed(&ip));
965 break;
966 case 2: /* read local */
967 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));
968 break;
969 case 3: /* write local */
970 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();
971 break;
972 case 4: /* jump */
973 t0off = t0_parse7E_signed(&ip);
974 ip += t0off;
975 break;
976 case 5: /* jump if */
977 t0off = t0_parse7E_signed(&ip);
978 if (T0_POP()) {
979 ip += t0off;
980 }
981 break;
982 case 6: /* jump if not */
983 t0off = t0_parse7E_signed(&ip);
984 if (!T0_POP()) {
985 ip += t0off;
986 }
987 break;
988 case 7: {
989 /* %25 */
990
991 int32_t b = T0_POPi();
992 int32_t a = T0_POPi();
993 T0_PUSHi(a % b);
994
995 }
996 break;
997 case 8: {
998 /* * */
999
1000 uint32_t b = T0_POP();
1001 uint32_t a = T0_POP();
1002 T0_PUSH(a * b);
1003
1004 }
1005 break;
1006 case 9: {
1007 /* + */
1008
1009 uint32_t b = T0_POP();
1010 uint32_t a = T0_POP();
1011 T0_PUSH(a + b);
1012
1013 }
1014 break;
1015 case 10: {
1016 /* - */
1017
1018 uint32_t b = T0_POP();
1019 uint32_t a = T0_POP();
1020 T0_PUSH(a - b);
1021
1022 }
1023 break;
1024 case 11: {
1025 /* -rot */
1026 T0_NROT();
1027 }
1028 break;
1029 case 12: {
1030 /* / */
1031
1032 int32_t b = T0_POPi();
1033 int32_t a = T0_POPi();
1034 T0_PUSHi(a / b);
1035
1036 }
1037 break;
1038 case 13: {
1039 /* < */
1040
1041 int32_t b = T0_POPi();
1042 int32_t a = T0_POPi();
1043 T0_PUSH(-(uint32_t)(a < b));
1044
1045 }
1046 break;
1047 case 14: {
1048 /* << */
1049
1050 int c = (int)T0_POPi();
1051 uint32_t x = T0_POP();
1052 T0_PUSH(x << c);
1053
1054 }
1055 break;
1056 case 15: {
1057 /* <= */
1058
1059 int32_t b = T0_POPi();
1060 int32_t a = T0_POPi();
1061 T0_PUSH(-(uint32_t)(a <= b));
1062
1063 }
1064 break;
1065 case 16: {
1066 /* <> */
1067
1068 uint32_t b = T0_POP();
1069 uint32_t a = T0_POP();
1070 T0_PUSH(-(uint32_t)(a != b));
1071
1072 }
1073 break;
1074 case 17: {
1075 /* = */
1076
1077 uint32_t b = T0_POP();
1078 uint32_t a = T0_POP();
1079 T0_PUSH(-(uint32_t)(a == b));
1080
1081 }
1082 break;
1083 case 18: {
1084 /* > */
1085
1086 int32_t b = T0_POPi();
1087 int32_t a = T0_POPi();
1088 T0_PUSH(-(uint32_t)(a > b));
1089
1090 }
1091 break;
1092 case 19: {
1093 /* >= */
1094
1095 int32_t b = T0_POPi();
1096 int32_t a = T0_POPi();
1097 T0_PUSH(-(uint32_t)(a >= b));
1098
1099 }
1100 break;
1101 case 20: {
1102 /* >> */
1103
1104 int c = (int)T0_POPi();
1105 int32_t x = T0_POPi();
1106 T0_PUSHi(x >> c);
1107
1108 }
1109 break;
1110 case 21: {
1111 /* and */
1112
1113 uint32_t b = T0_POP();
1114 uint32_t a = T0_POP();
1115 T0_PUSH(a & b);
1116
1117 }
1118 break;
1119 case 22: {
1120 /* blobcopy */
1121
1122 size_t len = T0_POP();
1123 unsigned char *src = (unsigned char *)CTX + T0_POP();
1124 unsigned char *dst = (unsigned char *)CTX + T0_POP();
1125 memcpy(dst, src, len);
1126
1127 }
1128 break;
1129 case 23: {
1130 /* check-direct-trust */
1131
1132 size_t u;
1133
1134 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1135 const br_x509_trust_anchor *ta;
1136 unsigned char hashed_DN[64];
1137 int kt;
1138
1139 ta = &CTX->trust_anchors[u];
1140 if (ta->flags & BR_X509_TA_CA) {
1141 continue;
1142 }
1143 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1144 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) {
1145 continue;
1146 }
1147 kt = CTX->pkey.key_type;
1148 if ((ta->pkey.key_type & 0x0F) != kt) {
1149 continue;
1150 }
1151 switch (kt) {
1152
1153 case BR_KEYTYPE_RSA:
1154 if (!eqbigint(CTX->pkey.key.rsa.n,
1155 CTX->pkey.key.rsa.nlen,
1156 ta->pkey.key.rsa.n,
1157 ta->pkey.key.rsa.nlen)
1158 || !eqbigint(CTX->pkey.key.rsa.e,
1159 CTX->pkey.key.rsa.elen,
1160 ta->pkey.key.rsa.e,
1161 ta->pkey.key.rsa.elen))
1162 {
1163 continue;
1164 }
1165 break;
1166
1167 case BR_KEYTYPE_EC:
1168 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve
1169 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen
1170 || memcmp(CTX->pkey.key.ec.q,
1171 ta->pkey.key.ec.q,
1172 ta->pkey.key.ec.qlen) != 0)
1173 {
1174 continue;
1175 }
1176 break;
1177
1178 default:
1179 continue;
1180 }
1181
1182 /*
1183 * Direct trust match!
1184 */
1185 CTX->err = BR_ERR_X509_OK;
1186 T0_CO();
1187 }
1188
1189 }
1190 break;
1191 case 24: {
1192 /* check-trust-anchor-CA */
1193
1194 size_t u;
1195
1196 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1197 const br_x509_trust_anchor *ta;
1198 unsigned char hashed_DN[64];
1199
1200 ta = &CTX->trust_anchors[u];
1201 if (!(ta->flags & BR_X509_TA_CA)) {
1202 continue;
1203 }
1204 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1205 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) {
1206 continue;
1207 }
1208 if (verify_signature(CTX, &ta->pkey) == 0) {
1209 CTX->err = BR_ERR_X509_OK;
1210 T0_CO();
1211 }
1212 }
1213
1214 }
1215 break;
1216 case 25: {
1217 /* co */
1218 T0_CO();
1219 }
1220 break;
1221 case 26: {
1222 /* compute-dn-hash */
1223
1224 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash);
1225 CTX->do_dn_hash = 0;
1226
1227 }
1228 break;
1229 case 27: {
1230 /* compute-tbs-hash */
1231
1232 int id = T0_POPi();
1233 size_t len;
1234 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash);
1235 T0_PUSH(len);
1236
1237 }
1238 break;
1239 case 28: {
1240 /* copy-ee-ec-pkey */
1241
1242 size_t qlen = T0_POP();
1243 uint32_t curve = T0_POP();
1244 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen);
1245 CTX->pkey.key_type = BR_KEYTYPE_EC;
1246 CTX->pkey.key.ec.curve = curve;
1247 CTX->pkey.key.ec.q = CTX->ee_pkey_data;
1248 CTX->pkey.key.ec.qlen = qlen;
1249
1250 }
1251 break;
1252 case 29: {
1253 /* copy-ee-rsa-pkey */
1254
1255 size_t elen = T0_POP();
1256 size_t nlen = T0_POP();
1257 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen);
1258 CTX->pkey.key_type = BR_KEYTYPE_RSA;
1259 CTX->pkey.key.rsa.n = CTX->ee_pkey_data;
1260 CTX->pkey.key.rsa.nlen = nlen;
1261 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen;
1262 CTX->pkey.key.rsa.elen = elen;
1263
1264 }
1265 break;
1266 case 30: {
1267 /* copy-name-SAN */
1268
1269 unsigned tag = T0_POP();
1270 unsigned ok = T0_POP();
1271 size_t u, len;
1272
1273 len = CTX->pad[0];
1274 for (u = 0; u < CTX->num_name_elts; u ++) {
1275 br_name_element *ne;
1276
1277 ne = &CTX->name_elts[u];
1278 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) {
1279 if (ok && ne->len > len) {
1280 memcpy(ne->buf, CTX->pad + 1, len);
1281 ne->buf[len] = 0;
1282 ne->status = 1;
1283 } else {
1284 ne->status = -1;
1285 }
1286 break;
1287 }
1288 }
1289
1290 }
1291 break;
1292 case 31: {
1293 /* copy-name-element */
1294
1295 size_t len;
1296 int32_t off = T0_POPi();
1297 int ok = T0_POPi();
1298
1299 if (off >= 0) {
1300 br_name_element *ne = &CTX->name_elts[off];
1301
1302 if (ok) {
1303 len = CTX->pad[0];
1304 if (len < ne->len) {
1305 memcpy(ne->buf, CTX->pad + 1, len);
1306 ne->buf[len] = 0;
1307 ne->status = 1;
1308 } else {
1309 ne->status = -1;
1310 }
1311 } else {
1312 ne->status = -1;
1313 }
1314 }
1315
1316 }
1317 break;
1318 case 32: {
1319 /* data-get8 */
1320
1321 size_t addr = T0_POP();
1322 T0_PUSH(t0_datablock[addr]);
1323
1324 }
1325 break;
1326 case 33: {
1327 /* dn-hash-length */
1328
1329 T0_PUSH(DNHASH_LEN);
1330
1331 }
1332 break;
1333 case 34: {
1334 /* do-ecdsa-vrfy */
1335
1336 size_t qlen = T0_POP();
1337 int curve = T0_POP();
1338 br_x509_pkey pk;
1339
1340 pk.key_type = BR_KEYTYPE_EC;
1341 pk.key.ec.curve = curve;
1342 pk.key.ec.q = CTX->pkey_data;
1343 pk.key.ec.qlen = qlen;
1344 T0_PUSH(verify_signature(CTX, &pk));
1345
1346 }
1347 break;
1348 case 35: {
1349 /* do-rsa-vrfy */
1350
1351 size_t elen = T0_POP();
1352 size_t nlen = T0_POP();
1353 br_x509_pkey pk;
1354
1355 pk.key_type = BR_KEYTYPE_RSA;
1356 pk.key.rsa.n = CTX->pkey_data;
1357 pk.key.rsa.nlen = nlen;
1358 pk.key.rsa.e = CTX->pkey_data + nlen;
1359 pk.key.rsa.elen = elen;
1360 T0_PUSH(verify_signature(CTX, &pk));
1361
1362 }
1363 break;
1364 case 36: {
1365 /* drop */
1366 (void)T0_POP();
1367 }
1368 break;
1369 case 37: {
1370 /* dup */
1371 T0_PUSH(T0_PEEK(0));
1372 }
1373 break;
1374 case 38: {
1375 /* eqOID */
1376
1377 const unsigned char *a2 = &t0_datablock[T0_POP()];
1378 const unsigned char *a1 = &CTX->pad[0];
1379 size_t len = a1[0];
1380 int x;
1381 if (len == a2[0]) {
1382 x = -(memcmp(a1 + 1, a2 + 1, len) == 0);
1383 } else {
1384 x = 0;
1385 }
1386 T0_PUSH((uint32_t)x);
1387
1388 }
1389 break;
1390 case 39: {
1391 /* eqblob */
1392
1393 size_t len = T0_POP();
1394 const unsigned char *a2 = (const unsigned char *)CTX + T0_POP();
1395 const unsigned char *a1 = (const unsigned char *)CTX + T0_POP();
1396 T0_PUSHi(-(memcmp(a1, a2, len) == 0));
1397
1398 }
1399 break;
1400 case 40: {
1401 /* fail */
1402
1403 CTX->err = T0_POPi();
1404 T0_CO();
1405
1406 }
1407 break;
1408 case 41: {
1409 /* get-system-date */
1410
1411 if (CTX->days == 0 && CTX->seconds == 0) {
1412 #if BR_USE_UNIX_TIME
1413 time_t x = time(NULL);
1414
1415 T0_PUSH((uint32_t)(x / 86400) + 719528);
1416 T0_PUSH((uint32_t)(x % 86400));
1417 #elif BR_USE_WIN32_TIME
1418 FILETIME ft;
1419 uint64_t x;
1420
1421 GetSystemTimeAsFileTime(&ft);
1422 x = ((uint64_t)ft.dwHighDateTime << 32)
1423 + (uint64_t)ft.dwLowDateTime;
1424 x = (x / 10000000);
1425 T0_PUSH((uint32_t)(x / 86400) + 584754);
1426 T0_PUSH((uint32_t)(x % 86400));
1427 #else
1428 CTX->err = BR_ERR_X509_TIME_UNKNOWN;
1429 T0_CO();
1430 #endif
1431 } else {
1432 T0_PUSH(CTX->days);
1433 T0_PUSH(CTX->seconds);
1434 }
1435
1436 }
1437 break;
1438 case 42: {
1439 /* get16 */
1440
1441 uint32_t addr = T0_POP();
1442 T0_PUSH(*(uint16_t *)((unsigned char *)CTX + addr));
1443
1444 }
1445 break;
1446 case 43: {
1447 /* get32 */
1448
1449 uint32_t addr = T0_POP();
1450 T0_PUSH(*(uint32_t *)((unsigned char *)CTX + addr));
1451
1452 }
1453 break;
1454 case 44: {
1455 /* match-server-name */
1456
1457 size_t n1, n2;
1458
1459 if (CTX->server_name == NULL) {
1460 T0_PUSH(0);
1461 T0_RET();
1462 }
1463 n1 = strlen(CTX->server_name);
1464 n2 = CTX->pad[0];
1465 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) {
1466 T0_PUSHi(-1);
1467 T0_RET();
1468 }
1469 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') {
1470 size_t u;
1471
1472 u = 0;
1473 while (u < n1 && CTX->server_name[u] != '.') {
1474 u ++;
1475 }
1476 u ++;
1477 n1 -= u;
1478 if ((n2 - 2) == n1
1479 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1))
1480 {
1481 T0_PUSHi(-1);
1482 T0_RET();
1483 }
1484 }
1485 T0_PUSH(0);
1486
1487 }
1488 break;
1489 case 45: {
1490 /* neg */
1491
1492 uint32_t a = T0_POP();
1493 T0_PUSH(-a);
1494
1495 }
1496 break;
1497 case 46: {
1498 /* offset-name-element */
1499
1500 unsigned san = T0_POP();
1501 size_t u;
1502
1503 for (u = 0; u < CTX->num_name_elts; u ++) {
1504 if (CTX->name_elts[u].status == 0) {
1505 const unsigned char *oid;
1506 size_t len, off;
1507
1508 oid = CTX->name_elts[u].oid;
1509 if (san) {
1510 if (oid[0] != 0 || oid[1] != 0) {
1511 continue;
1512 }
1513 off = 2;
1514 } else {
1515 off = 0;
1516 }
1517 len = oid[off];
1518 if (len != 0 && len == CTX->pad[0]
1519 && memcmp(oid + off + 1,
1520 CTX->pad + 1, len) == 0)
1521 {
1522 T0_PUSH(u);
1523 T0_RET();
1524 }
1525 }
1526 }
1527 T0_PUSHi(-1);
1528
1529 }
1530 break;
1531 case 47: {
1532 /* or */
1533
1534 uint32_t b = T0_POP();
1535 uint32_t a = T0_POP();
1536 T0_PUSH(a | b);
1537
1538 }
1539 break;
1540 case 48: {
1541 /* over */
1542 T0_PUSH(T0_PEEK(1));
1543 }
1544 break;
1545 case 49: {
1546 /* read-blob-inner */
1547
1548 uint32_t len = T0_POP();
1549 uint32_t addr = T0_POP();
1550 size_t clen = CTX->hlen;
1551 if (clen > len) {
1552 clen = (size_t)len;
1553 }
1554 if (addr != 0) {
1555 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen);
1556 }
1557 if (CTX->do_mhash) {
1558 br_multihash_update(&CTX->mhash, CTX->hbuf, clen);
1559 }
1560 if (CTX->do_dn_hash) {
1561 CTX->dn_hash_impl->update(
1562 &CTX->dn_hash.vtable, CTX->hbuf, clen);
1563 }
1564 CTX->hbuf += clen;
1565 CTX->hlen -= clen;
1566 T0_PUSH(addr + clen);
1567 T0_PUSH(len - clen);
1568
1569 }
1570 break;
1571 case 50: {
1572 /* read8-low */
1573
1574 if (CTX->hlen == 0) {
1575 T0_PUSHi(-1);
1576 } else {
1577 unsigned char x = *CTX->hbuf ++;
1578 if (CTX->do_mhash) {
1579 br_multihash_update(&CTX->mhash, &x, 1);
1580 }
1581 if (CTX->do_dn_hash) {
1582 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1);
1583 }
1584 CTX->hlen --;
1585 T0_PUSH(x);
1586 }
1587
1588 }
1589 break;
1590 case 51: {
1591 /* roll */
1592 T0_ROLL(T0_POP());
1593 }
1594 break;
1595 case 52: {
1596 /* rot */
1597 T0_ROT();
1598 }
1599 break;
1600 case 53: {
1601 /* set16 */
1602
1603 uint32_t addr = T0_POP();
1604 *(uint16_t *)((unsigned char *)CTX + addr) = T0_POP();
1605
1606 }
1607 break;
1608 case 54: {
1609 /* set32 */
1610
1611 uint32_t addr = T0_POP();
1612 *(uint32_t *)((unsigned char *)CTX + addr) = T0_POP();
1613
1614 }
1615 break;
1616 case 55: {
1617 /* set8 */
1618
1619 uint32_t addr = T0_POP();
1620 *((unsigned char *)CTX + addr) = (unsigned char)T0_POP();
1621
1622 }
1623 break;
1624 case 56: {
1625 /* start-dn-hash */
1626
1627 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable);
1628 CTX->do_dn_hash = 1;
1629
1630 }
1631 break;
1632 case 57: {
1633 /* start-tbs-hash */
1634
1635 br_multihash_init(&CTX->mhash);
1636 CTX->do_mhash = 1;
1637
1638 }
1639 break;
1640 case 58: {
1641 /* stop-tbs-hash */
1642
1643 CTX->do_mhash = 0;
1644
1645 }
1646 break;
1647 case 59: {
1648 /* swap */
1649 T0_SWAP();
1650 }
1651 break;
1652 case 60: {
1653 /* zero-server-name */
1654
1655 T0_PUSHi(-(CTX->server_name == NULL));
1656
1657 }
1658 break;
1659 }
1660
1661 } else {
1662 T0_ENTER(ip, rp, t0x);
1663 }
1664 }
1665 t0_exit:
1666 ((t0_context *)t0ctx)->dp = dp;
1667 ((t0_context *)t0ctx)->rp = rp;
1668 ((t0_context *)t0ctx)->ip = ip;
1669 }
1670
1671
1672
1673 /*
1674 * Verify the signature on the certificate with the provided public key.
1675 * This function checks the public key type with regards to the expected
1676 * type. Returned value is either 0 on success, or a non-zero error code.
1677 */
1678 static int
1679 verify_signature(br_x509_minimal_context *ctx, const br_x509_pkey *pk)
1680 {
1681 int kt;
1682
1683 kt = ctx->cert_signer_key_type;
1684 if ((pk->key_type & 0x0F) != kt) {
1685 return BR_ERR_X509_WRONG_KEY_TYPE;
1686 }
1687 switch (kt) {
1688 unsigned char tmp[64];
1689
1690 case BR_KEYTYPE_RSA:
1691 if (ctx->irsa == 0) {
1692 return BR_ERR_X509_UNSUPPORTED;
1693 }
1694 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len,
1695 &t0_datablock[ctx->cert_sig_hash_oid],
1696 ctx->cert_sig_hash_len, &pk->key.rsa, tmp))
1697 {
1698 return BR_ERR_X509_BAD_SIGNATURE;
1699 }
1700 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) {
1701 return BR_ERR_X509_BAD_SIGNATURE;
1702 }
1703 return 0;
1704
1705 case BR_KEYTYPE_EC:
1706 if (ctx->iecdsa == 0) {
1707 return BR_ERR_X509_UNSUPPORTED;
1708 }
1709 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash,
1710 ctx->cert_sig_hash_len, &pk->key.ec,
1711 ctx->cert_sig, ctx->cert_sig_len))
1712 {
1713 return BR_ERR_X509_BAD_SIGNATURE;
1714 }
1715 return 0;
1716
1717 default:
1718 return BR_ERR_X509_UNSUPPORTED;
1719 }
1720 }
1721
1722
The BearSSL library and tools.