projects / BearSSL / blob
? search:


a8283e35696960c9ba866324d09f2e4d5546c1e7
[BearSSL] / src / x509 / x509_minimal.c
1 /* Automatically generated code; do not modify directly. */
2
3 #include <stddef.h>
4 #include <stdint.h>
5
6 typedef struct {
7 uint32_t *dp;
8 uint32_t *rp;
9 const unsigned char *ip;
10 } t0_context;
11
12 static uint32_t
13 t0_parse7E_unsigned(const unsigned char **p)
14 {
15 uint32_t x;
16
17 x = 0;
18 for (;;) {
19 unsigned y;
20
21 y = *(*p) ++;
22 x = (x << 7) | (uint32_t)(y & 0x7F);
23 if (y < 0x80) {
24 return x;
25 }
26 }
27 }
28
29 static int32_t
30 t0_parse7E_signed(const unsigned char **p)
31 {
32 int neg;
33 uint32_t x;
34
35 neg = ((**p) >> 6) & 1;
36 x = (uint32_t)-neg;
37 for (;;) {
38 unsigned y;
39
40 y = *(*p) ++;
41 x = (x << 7) | (uint32_t)(y & 0x7F);
42 if (y < 0x80) {
43 if (neg) {
44 return -(int32_t)~x - 1;
45 } else {
46 return (int32_t)x;
47 }
48 }
49 }
50 }
51
52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80)
53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F)
54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8)
55 #define T0_INT1(x) T0_FBYTE(x, 0)
56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0)
57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
60
61 /* static const unsigned char t0_datablock[]; */
62
63
64 void br_x509_minimal_init_main(void *t0ctx);
65
66 void br_x509_minimal_run(void *t0ctx);
67
68
69
70 #include "inner.h"
71
72
73
74
75
76 #include "inner.h"
77
78 /*
79 * Implementation Notes
80 * --------------------
81 *
82 * The C code pushes the data by chunks; all decoding is done in the
83 * T0 code. The cert_length value is set to the certificate length when
84 * a new certificate is started; the T0 code picks it up as outer limit,
85 * and decoding functions use it to ensure that no attempt is made at
86 * reading past it. The T0 code also checks that once the certificate is
87 * decoded, there are no trailing bytes.
88 *
89 * The T0 code sets cert_length to 0 when the certificate is fully
90 * decoded.
91 *
92 * The C code must still perform two checks:
93 *
94 * -- If the certificate length is 0, then the T0 code will not be
95 * invoked at all. This invalid condition must thus be reported by the
96 * C code.
97 *
98 * -- When reaching the end of certificate, the C code must verify that
99 * the certificate length has been set to 0, thereby signaling that
100 * the T0 code properly decoded a certificate.
101 *
102 * Processing of a chain works in the following way:
103 *
104 * -- The error flag is set to a non-zero value when validation is
105 * finished. The value is either BR_ERR_X509_OK (validation is
106 * successful) or another non-zero error code. When a non-zero error
107 * code is obtained, the remaining bytes in the current certificate and
108 * the subsequent certificates (if any) are completely ignored.
109 *
110 * -- Each certificate is decoded in due course, with the following
111 * "interesting points":
112 *
113 * -- Start of the TBS: the multihash engine is reset and activated.
114 *
115 * -- Start of the issuer DN: the secondary hash engine is started,
116 * to process the encoded issuer DN.
117 *
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
119 * resulting hash value is computed and then copied into the
120 * next_dn_hash[] buffer.
121 *
122 * -- Start of the subject DN: the secondary hash engine is started,
123 * to process the encoded subject DN.
124 *
125 * -- For the EE certificate only: the Common Name, if any, is matched
126 * against the expected server name.
127 *
128 * -- End of the subject DN: the secondary hash engine is stopped. The
129 * resulting hash value is computed into the pad. It is then processed:
130 *
131 * -- If this is the EE certificate, then the hash is ignored
132 * (except for direct trust processing, see later; the hash is
133 * simply left in current_dn_hash[]).
134 *
135 * -- Otherwise, the hashed subject DN is compared with the saved
136 * hash value (in saved_dn_hash[]). They must match.
137 *
138 * Either way, the next_dn_hash[] value is then copied into the
139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[]
140 * contains the hash of the issuer DN for the current certificate,
141 * and current_dn_hash[] contains the hash of the subject DN for the
142 * current certificate.
143 *
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
145 * key types are reported at that point.
146 *
147 * -- If this is the EE certificate, then the key type is compared
148 * with the expected key type (initialization parameter). The public
149 * key data is copied to ee_pkey_data[]. The key and hashed subject
150 * DN are also compared with the "direct trust" keys; if the key
151 * and DN are matched, then validation ends with a success.
152 *
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
154 * against the saved TBS hash (tbs_hash[]) and that freshly
155 * decoded public key. Failure here ends validation with an error.
156 *
157 * -- Extensions: extension values are processed in due order.
158 *
159 * -- Basic Constraints: for all certificates except EE, must be
160 * present, indicate a CA, and have a path legnth compatible with
161 * the chain length so far.
162 *
163 * -- Key Usage: for the EE, if present, must allow signatures
164 * or encryption/key exchange, as required for the cipher suite.
165 * For non-EE, if present, must have the "certificate sign" bit.
166 *
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
169 *
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
171 * Alt Name, Subject Directory Attributes, CRL Distribution Points
172 * Freshest CRL, Authority Info Access and Subject Info Access
173 * extensions are always ignored: they either contain only
174 * informative data, or they relate to revocation processing, which
175 * we explicitly do not support.
176 *
177 * -- All other extensions are ignored if non-critical. If a
178 * critical extension other than the ones above is encountered,
179 * then a failure is reported.
180 *
181 * -- End of the TBS: the multihash engine is stopped.
182 *
183 * -- Signature algorithm: the signature algorithm on the
184 * certificate is decoded. A failure is reported if that algorithm
185 * is unknown. The hashed TBS corresponding to the signature hash
186 * function is computed and stored in tbs_hash[] (if not supported,
187 * then a failure is reported). The hash OID and length are stored
188 * in cert_sig_hash_oid and cert_sig_hash_len.
189 *
190 * -- Signature value: the signature value is copied into the
191 * cert_sig[] array.
192 *
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
194 * looked up in the trust store (CA trust anchors only); for all
195 * that match, the signature (cert_sig[]) is verified against the
196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these
197 * signatures is valid, then validation ends with a success.
198 *
199 * -- If the chain end is reached without obtaining a validation success,
200 * then validation is reported as failed.
201 */
202
203 #ifndef BR_USE_UNIX_TIME
204 #if defined __unix__ || defined __linux__ \
205 || defined _POSIX_SOURCE || defined _POSIX_C_SOURCE \
206 || (defined __APPLE__ && defined __MACH__)
207 #define BR_USE_UNIX_TIME 1
208 #endif
209 #endif
210
211 #ifndef BR_USE_WIN32_TIME
212 #if defined _WIN32 || defined _WIN64
213 #define BR_USE_WIN32_TIME 1
214 #endif
215 #endif
216
217 #if BR_USE_UNIX_TIME
218 #include <time.h>
219 #endif
220
221 #if BR_USE_WIN32_TIME
222 #include <windows.h>
223 #endif
224
225 /*
226 * The T0 compiler will produce these prototypes declarations in the
227 * header.
228 *
229 void br_x509_minimal_init_main(void *ctx);
230 void br_x509_minimal_run(void *ctx);
231 */
232
233 /* see bearssl_x509.h */
234 void
235 br_x509_minimal_init(br_x509_minimal_context *ctx,
236 const br_hash_class *dn_hash_impl,
237 const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num)
238 {
239 memset(ctx, 0, sizeof *ctx);
240 ctx->vtable = &br_x509_minimal_vtable;
241 ctx->dn_hash_impl = dn_hash_impl;
242 ctx->trust_anchors = trust_anchors;
243 ctx->trust_anchors_num = trust_anchors_num;
244 }
245
246 static void
247 xm_start_chain(const br_x509_class **ctx, const char *server_name)
248 {
249 br_x509_minimal_context *cc;
250 size_t u;
251
252 cc = (br_x509_minimal_context *)ctx;
253 for (u = 0; u < cc->num_name_elts; u ++) {
254 cc->name_elts[u].status = 0;
255 cc->name_elts[u].buf[0] = 0;
256 }
257 memset(&cc->pkey, 0, sizeof cc->pkey);
258 cc->num_certs = 0;
259 cc->err = 0;
260 cc->cpu.dp = cc->dp_stack;
261 cc->cpu.rp = cc->rp_stack;
262 br_x509_minimal_init_main(&cc->cpu);
263 if (server_name == NULL || *server_name == 0) {
264 cc->server_name = NULL;
265 } else {
266 cc->server_name = server_name;
267 }
268 }
269
270 static void
271 xm_start_cert(const br_x509_class **ctx, uint32_t length)
272 {
273 br_x509_minimal_context *cc;
274
275 cc = (br_x509_minimal_context *)ctx;
276 if (cc->err != 0) {
277 return;
278 }
279 if (length == 0) {
280 cc->err = BR_ERR_X509_TRUNCATED;
281 return;
282 }
283 cc->cert_length = length;
284 }
285
286 static void
287 xm_append(const br_x509_class **ctx, const unsigned char *buf, size_t len)
288 {
289 br_x509_minimal_context *cc;
290
291 cc = (br_x509_minimal_context *)ctx;
292 if (cc->err != 0) {
293 return;
294 }
295 cc->hbuf = buf;
296 cc->hlen = len;
297 br_x509_minimal_run(&cc->cpu);
298 }
299
300 static void
301 xm_end_cert(const br_x509_class **ctx)
302 {
303 br_x509_minimal_context *cc;
304
305 cc = (br_x509_minimal_context *)ctx;
306 if (cc->err == 0 && cc->cert_length != 0) {
307 cc->err = BR_ERR_X509_TRUNCATED;
308 }
309 cc->num_certs ++;
310 }
311
312 static unsigned
313 xm_end_chain(const br_x509_class **ctx)
314 {
315 br_x509_minimal_context *cc;
316
317 cc = (br_x509_minimal_context *)ctx;
318 if (cc->err == 0) {
319 if (cc->num_certs == 0) {
320 cc->err = BR_ERR_X509_EMPTY_CHAIN;
321 } else {
322 cc->err = BR_ERR_X509_NOT_TRUSTED;
323 }
324 } else if (cc->err == BR_ERR_X509_OK) {
325 return 0;
326 }
327 return (unsigned)cc->err;
328 }
329
330 static const br_x509_pkey *
331 xm_get_pkey(const br_x509_class *const *ctx, unsigned *usages)
332 {
333 br_x509_minimal_context *cc;
334
335 cc = (br_x509_minimal_context *)ctx;
336 if (cc->err == BR_ERR_X509_OK
337 || cc->err == BR_ERR_X509_NOT_TRUSTED)
338 {
339 if (usages != NULL) {
340 *usages = cc->key_usages;
341 }
342 return &((br_x509_minimal_context *)ctx)->pkey;
343 } else {
344 return NULL;
345 }
346 }
347
348 /* see bearssl_x509.h */
349 const br_x509_class br_x509_minimal_vtable = {
350 sizeof(br_x509_minimal_context),
351 xm_start_chain,
352 xm_start_cert,
353 xm_append,
354 xm_end_cert,
355 xm_end_chain,
356 xm_get_pkey
357 };
358
359 #define CTX ((br_x509_minimal_context *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu)))
360 #define CONTEXT_NAME br_x509_minimal_context
361
362 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
363
364 /*
365 * Hash a DN (from a trust anchor) into the provided buffer. This uses the
366 * DN hash implementation and context structure from the X.509 engine
367 * context.
368 */
369 static void
370 hash_dn(br_x509_minimal_context *ctx, const void *dn, size_t len,
371 unsigned char *out)
372 {
373 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable);
374 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len);
375 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out);
376 }
377
378 /*
379 * Compare two big integers for equality. The integers use unsigned big-endian
380 * encoding; extra leading bytes (of value 0) are allowed.
381 */
382 static int
383 eqbigint(const unsigned char *b1, size_t len1,
384 const unsigned char *b2, size_t len2)
385 {
386 while (len1 > 0 && *b1 == 0) {
387 b1 ++;
388 len1 --;
389 }
390 while (len2 > 0 && *b2 == 0) {
391 b2 ++;
392 len2 --;
393 }
394 if (len1 != len2) {
395 return 0;
396 }
397 return memcmp(b1, b2, len1) == 0;
398 }
399
400 /*
401 * Compare two strings for equality, in a case-insensitive way. This
402 * function handles casing only for ASCII letters.
403 */
404 static int
405 eqnocase(const void *s1, const void *s2, size_t len)
406 {
407 const unsigned char *buf1, *buf2;
408
409 buf1 = s1;
410 buf2 = s2;
411 while (len -- > 0) {
412 int x1, x2;
413
414 x1 = *buf1 ++;
415 x2 = *buf2 ++;
416 if (x1 >= 'A' && x1 <= 'Z') {
417 x1 += 'a' - 'A';
418 }
419 if (x2 >= 'A' && x2 <= 'Z') {
420 x2 += 'a' - 'A';
421 }
422 if (x1 != x2) {
423 return 0;
424 }
425 }
426 return 1;
427 }
428
429 static int verify_signature(br_x509_minimal_context *ctx,
430 const br_x509_pkey *pk);
431
432
433
434 static const unsigned char t0_datablock[] = {
435 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09,
436 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86,
437 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86,
438 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
439 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
440 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01,
441 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
442 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
443 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07,
444 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE,
445 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B,
446 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01,
447 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86,
448 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
449 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04,
450 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E,
451 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F,
452 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E,
453 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F,
454 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F,
455 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01,
456 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D,
457 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D,
458 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
459 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B
460 };
461
462 static const unsigned char t0_codeblock[] = {
463 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01,
464 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A,
465 0x00, 0x00, 0x24, 0x24, 0x00, 0x00, 0x01,
466 T0_INT1(BR_ERR_X509_BAD_BOOLEAN), 0x00, 0x00, 0x01,
467 T0_INT1(BR_ERR_X509_BAD_DN), 0x00, 0x00, 0x01,
468 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME), 0x00, 0x00, 0x01,
469 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS), 0x00, 0x00, 0x01,
470 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE), 0x00, 0x00, 0x01,
471 T0_INT1(BR_ERR_X509_BAD_TIME), 0x00, 0x00, 0x01,
472 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION), 0x00, 0x00, 0x01,
473 T0_INT1(BR_ERR_X509_DN_MISMATCH), 0x00, 0x00, 0x01,
474 T0_INT1(BR_ERR_X509_EXPIRED), 0x00, 0x00, 0x01,
475 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT), 0x00, 0x00, 0x01,
476 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE), 0x00, 0x00, 0x01,
477 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH), 0x00, 0x00, 0x01,
478 T0_INT1(BR_ERR_X509_INNER_TRUNC), 0x00, 0x00, 0x01,
479 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED), 0x00, 0x00, 0x01,
480 T0_INT1(BR_ERR_X509_NOT_CA), 0x00, 0x00, 0x01,
481 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED), 0x00, 0x00, 0x01,
482 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE), 0x00, 0x00, 0x01,
483 T0_INT1(BR_ERR_X509_OVERFLOW), 0x00, 0x00, 0x01,
484 T0_INT1(BR_ERR_X509_PARTIAL_BYTE), 0x00, 0x00, 0x01,
485 T0_INT1(BR_ERR_X509_UNEXPECTED), 0x00, 0x00, 0x01,
486 T0_INT1(BR_ERR_X509_UNSUPPORTED), 0x00, 0x00, 0x01,
487 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY), 0x00, 0x00, 0x01,
488 T0_INT1(BR_KEYTYPE_EC), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA),
489 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_length)), 0x00,
490 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig)), 0x00, 0x00,
491 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_len)), 0x00, 0x00,
492 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_oid)), 0x00, 0x00,
493 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_len)), 0x00, 0x00, 0x01,
494 T0_INT2(offsetof(CONTEXT_NAME, cert_signer_key_type)), 0x00, 0x00,
495 0x01, T0_INT2(offsetof(CONTEXT_NAME, current_dn_hash)), 0x00, 0x00,
496 0x01, T0_INT2(offsetof(CONTEXT_NAME, key_usages)), 0x00, 0x00, 0x01,
497 T0_INT2(offsetof(br_x509_minimal_context, pkey_data)), 0x01,
498 T0_INT2(BR_X509_BUFSIZE_KEY), 0x00, 0x00, 0x01,
499 T0_INT2(offsetof(CONTEXT_NAME, min_rsa_size)), 0x00, 0x00, 0x01,
500 T0_INT2(offsetof(CONTEXT_NAME, next_dn_hash)), 0x00, 0x00, 0x01,
501 T0_INT2(offsetof(CONTEXT_NAME, num_certs)), 0x00, 0x00, 0x01,
502 T0_INT2(offsetof(CONTEXT_NAME, pad)), 0x00, 0x00, 0x01,
503 T0_INT2(offsetof(CONTEXT_NAME, saved_dn_hash)), 0x00, 0x00, 0xC9, 0x71,
504 0x00, 0x00, 0x01, 0x80, 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00,
505 0x01, 0x81, 0x02, 0x00, 0x00, 0x92, 0x05, 0x05, 0x34, 0x42, 0x01, 0x00,
506 0x00, 0x34, 0x01, 0x0A, 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A,
507 0x00, 0x00, 0x01, 0x82, 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00,
508 0x01, 0x81, 0x68, 0x00, 0x04, 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0x03,
509 0x03, 0x02, 0x03, 0x02, 0x01, 0x11, 0x06, 0x07, 0x02, 0x02, 0x02, 0x00,
510 0x0D, 0x04, 0x05, 0x02, 0x03, 0x02, 0x01, 0x0D, 0x00, 0x02, 0x03, 0x00,
511 0x03, 0x01, 0x25, 0x02, 0x01, 0x13, 0x3B, 0x02, 0x00, 0x0F, 0x15, 0x00,
512 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x52, 0x28, 0x00, 0x00,
513 0x06, 0x02, 0x53, 0x28, 0x00, 0x00, 0x01, 0x10, 0x77, 0x00, 0x00, 0x11,
514 0x05, 0x02, 0x56, 0x28, 0x74, 0x00, 0x00, 0x11, 0x05, 0x02, 0x56, 0x28,
515 0x75, 0x00, 0x00, 0x06, 0x02, 0x4C, 0x28, 0x00, 0x00, 0x01, 0x82, 0x11,
516 0x00, 0x00, 0x25, 0x20, 0x01, 0x08, 0x0E, 0x3B, 0x40, 0x20, 0x09, 0x00,
517 0x09, 0x03, 0x00, 0x5B, 0x2B, 0xAF, 0x39, 0xAF, 0xB3, 0x25, 0x01, 0x20,
518 0x11, 0x06, 0x11, 0x24, 0x74, 0xAD, 0xB3, 0x01, 0x02, 0x78, 0xB0, 0x01,
519 0x02, 0x12, 0x06, 0x02, 0x57, 0x28, 0x79, 0xB3, 0x01, 0x02, 0x78, 0xAE,
520 0xAF, 0xC2, 0x9C, 0x65, 0x61, 0x21, 0x16, 0xAF, 0xA7, 0x29, 0x69, 0x06,
521 0x02, 0x4B, 0x28, 0xA7, 0x29, 0x71, 0x06, 0x02, 0x4B, 0x28, 0x79, 0x02,
522 0x00, 0x06, 0x05, 0x9D, 0x03, 0x01, 0x04, 0x09, 0x9C, 0x61, 0x68, 0x21,
523 0x27, 0x05, 0x02, 0x4A, 0x28, 0x68, 0x65, 0x21, 0x16, 0xAF, 0xAF, 0x9E,
524 0x05, 0x02, 0x57, 0x28, 0xBC, 0x26, 0x06, 0x27, 0xC2, 0xA4, 0xAF, 0x63,
525 0xAA, 0x03, 0x03, 0x63, 0x3B, 0x02, 0x03, 0x09, 0x3B, 0x02, 0x03, 0x0A,
526 0xAA, 0x03, 0x04, 0x79, 0x64, 0x2A, 0x01, 0x81, 0x00, 0x09, 0x02, 0x03,
527 0x12, 0x06, 0x02, 0x58, 0x28, 0x79, 0x5A, 0x03, 0x02, 0x04, 0x3A, 0x88,
528 0x26, 0x06, 0x34, 0x9E, 0x05, 0x02, 0x57, 0x28, 0x6A, 0x26, 0x06, 0x04,
529 0x01, 0x17, 0x04, 0x12, 0x6B, 0x26, 0x06, 0x04, 0x01, 0x18, 0x04, 0x0A,
530 0x6C, 0x26, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 0x57, 0x28, 0x03, 0x05,
531 0x79, 0xA4, 0x25, 0x03, 0x06, 0x25, 0x63, 0x34, 0x0D, 0x06, 0x02, 0x50,
532 0x28, 0xA5, 0x59, 0x03, 0x02, 0x04, 0x02, 0x57, 0x28, 0x79, 0x02, 0x00,
533 0x06, 0x21, 0x02, 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03,
534 0x02, 0x04, 0x1D, 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02,
535 0x05, 0x02, 0x06, 0x1C, 0x04, 0x03, 0x57, 0x28, 0x24, 0x04, 0x24, 0x02,
536 0x02, 0x5A, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x03, 0x02, 0x04, 0x23,
537 0x04, 0x10, 0x59, 0x30, 0x11, 0x06, 0x08, 0x24, 0x02, 0x05, 0x02, 0x06,
538 0x22, 0x04, 0x03, 0x57, 0x28, 0x24, 0x25, 0x06, 0x01, 0x28, 0x24, 0x01,
539 0x00, 0x03, 0x07, 0xB4, 0x01, 0x21, 0x8F, 0x01, 0x22, 0x8F, 0x25, 0x01,
540 0x23, 0x11, 0x06, 0x81, 0x26, 0x24, 0x74, 0xAD, 0xAF, 0x25, 0x06, 0x81,
541 0x1A, 0x01, 0x00, 0x03, 0x08, 0xAF, 0x9E, 0x24, 0xB3, 0x25, 0x01, 0x01,
542 0x11, 0x06, 0x04, 0xA6, 0x03, 0x08, 0xB3, 0x01, 0x04, 0x78, 0xAD, 0x70,
543 0x26, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC3, 0x04, 0x05, 0x99, 0x01,
544 0x7F, 0x03, 0x07, 0x04, 0x80, 0x6C, 0x91, 0x26, 0x06, 0x06, 0x02, 0x00,
545 0x9B, 0x04, 0x80, 0x62, 0xC5, 0x26, 0x06, 0x11, 0x02, 0x00, 0x06, 0x09,
546 0x01, 0x00, 0x03, 0x01, 0x98, 0x03, 0x01, 0x04, 0x01, 0xC3, 0x04, 0x80,
547 0x4D, 0x73, 0x26, 0x06, 0x0A, 0x02, 0x08, 0x06, 0x03, 0x9A, 0x04, 0x01,
548 0xC3, 0x04, 0x3F, 0x6F, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x38, 0xC8, 0x26,
549 0x06, 0x03, 0xC3, 0x04, 0x31, 0x90, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x2A,
550 0xC6, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x23, 0x7A, 0x26, 0x06, 0x03, 0xC3,
551 0x04, 0x1C, 0x85, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x15, 0x6E, 0x26, 0x06,
552 0x03, 0xC3, 0x04, 0x0E, 0xC7, 0x26, 0x06, 0x03, 0xC3, 0x04, 0x07, 0x02,
553 0x08, 0x06, 0x02, 0x49, 0x28, 0xC3, 0x79, 0x79, 0x04, 0xFE, 0x62, 0x79,
554 0x79, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02, 0x56, 0x28, 0x24, 0x79,
555 0x3A, 0x02, 0x00, 0x06, 0x08, 0x02, 0x01, 0x3C, 0x2F, 0x05, 0x02, 0x45,
556 0x28, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00, 0x02, 0x07, 0x2F, 0x05,
557 0x02, 0x51, 0x28, 0xB3, 0x76, 0xAD, 0x9E, 0x06, 0x80, 0x77, 0xBD, 0x26,
558 0x06, 0x07, 0x01, 0x02, 0x5A, 0x8A, 0x04, 0x80, 0x5E, 0xBE, 0x26, 0x06,
559 0x07, 0x01, 0x03, 0x5A, 0x8B, 0x04, 0x80, 0x53, 0xBF, 0x26, 0x06, 0x07,
560 0x01, 0x04, 0x5A, 0x8C, 0x04, 0x80, 0x48, 0xC0, 0x26, 0x06, 0x06, 0x01,
561 0x05, 0x5A, 0x8D, 0x04, 0x3E, 0xC1, 0x26, 0x06, 0x06, 0x01, 0x06, 0x5A,
562 0x8E, 0x04, 0x34, 0x7F, 0x26, 0x06, 0x06, 0x01, 0x02, 0x59, 0x8A, 0x04,
563 0x2A, 0x80, 0x26, 0x06, 0x06, 0x01, 0x03, 0x59, 0x8B, 0x04, 0x20, 0x81,
564 0x26, 0x06, 0x06, 0x01, 0x04, 0x59, 0x8C, 0x04, 0x16, 0x82, 0x26, 0x06,
565 0x06, 0x01, 0x05, 0x59, 0x8D, 0x04, 0x0C, 0x83, 0x26, 0x06, 0x06, 0x01,
566 0x06, 0x59, 0x8E, 0x04, 0x02, 0x57, 0x28, 0x5E, 0x35, 0x60, 0x37, 0x1B,
567 0x25, 0x05, 0x02, 0x57, 0x28, 0x5D, 0x37, 0x04, 0x02, 0x57, 0x28, 0xC2,
568 0xA4, 0x25, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG), 0x12, 0x06, 0x02, 0x50,
569 0x28, 0x25, 0x5F, 0x35, 0x5C, 0xA5, 0x79, 0x79, 0x01, 0x00, 0x5B, 0x36,
570 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x25, 0x01, 0x00, 0x01, 0x09, 0x72,
571 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x30, 0x30, 0x00, 0x00, 0x01, 0x81,
572 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 0x01, 0x81, 0x19, 0x00,
573 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 0x2B, 0x00, 0x01, 0x7E,
574 0x01, 0x01, 0x11, 0x3B, 0x01, 0x83, 0xFD, 0x7F, 0x11, 0x15, 0x06, 0x03,
575 0x3B, 0x24, 0x00, 0x3B, 0x25, 0x03, 0x00, 0x25, 0xCA, 0x05, 0x04, 0x42,
576 0x01, 0x00, 0x00, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x96, 0x04,
577 0x80, 0x49, 0x25, 0x01, 0x90, 0x00, 0x0D, 0x06, 0x0F, 0x01, 0x06, 0x14,
578 0x01, 0x81, 0x40, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x00, 0x97, 0x04, 0x33,
579 0x25, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14, 0x01, 0x0C, 0x14, 0x01,
580 0x81, 0x60, 0x2F, 0x96, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00, 0x01,
581 0x00, 0x97, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01, 0x81, 0x70, 0x2F, 0x96,
582 0x02, 0x00, 0x01, 0x0C, 0x97, 0x02, 0x00, 0x01, 0x06, 0x97, 0x02, 0x00,
583 0x01, 0x00, 0x97, 0x00, 0x00, 0x01, 0x82, 0x15, 0x00, 0x00, 0x25, 0x01,
584 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x81,
585 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 0x01, 0x81, 0x78, 0x00,
586 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 0x00, 0x00, 0x01, 0x80,
587 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 0x01, 0x80, 0x61, 0x00,
588 0x00, 0x30, 0x11, 0x06, 0x04, 0x42, 0xAD, 0xC2, 0xB4, 0x00, 0x00, 0x01,
589 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 0x00, 0x25, 0x01, 0x83,
590 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x00, 0x00, 0x01, 0x30, 0x62,
591 0x37, 0x01, 0x7F, 0x7C, 0x19, 0x01, 0x00, 0x7C, 0x19, 0x04, 0x7A, 0x00,
592 0x01, 0x81, 0x38, 0x00, 0x01, 0x7E, 0x0D, 0x06, 0x02, 0x4F, 0x28, 0x25,
593 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 0x25, 0x3F, 0x3B, 0x01,
594 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x42, 0x01, 0x00, 0x00, 0x30, 0x67,
595 0x09, 0x37, 0x40, 0x00, 0x00, 0x14, 0x01, 0x3F, 0x15, 0x01, 0x81, 0x00,
596 0x2F, 0x96, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 0xAF, 0x25, 0x06, 0x80,
597 0x59, 0xB3, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 0x24, 0x74, 0xAD, 0x9E,
598 0x24, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB3, 0x01, 0x20, 0x77, 0xAD, 0xB2,
599 0x02, 0x01, 0x1F, 0x79, 0x79, 0x04, 0x38, 0x01, 0x21, 0x30, 0x11, 0x06,
600 0x08, 0x24, 0x75, 0xB6, 0x01, 0x01, 0x1E, 0x04, 0x2A, 0x01, 0x22, 0x30,
601 0x11, 0x06, 0x11, 0x24, 0x75, 0xB6, 0x25, 0x06, 0x06, 0x2C, 0x02, 0x00,
602 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1E, 0x04, 0x13, 0x01, 0x26, 0x30, 0x11,
603 0x06, 0x08, 0x24, 0x75, 0xB6, 0x01, 0x06, 0x1E, 0x04, 0x05, 0x42, 0xAE,
604 0x01, 0x00, 0x24, 0x04, 0xFF, 0x23, 0x79, 0x02, 0x00, 0x00, 0x00, 0xAF,
605 0xB4, 0x25, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA6, 0x05, 0x02, 0x51, 0x28,
606 0xB4, 0x04, 0x02, 0x51, 0x28, 0x25, 0x01, 0x02, 0x11, 0x06, 0x0C, 0x24,
607 0x75, 0xB0, 0x66, 0x2B, 0x41, 0x0D, 0x06, 0x02, 0x51, 0x28, 0xB4, 0x01,
608 0x7F, 0x10, 0x06, 0x02, 0x56, 0x28, 0x24, 0x79, 0x00, 0x00, 0xAF, 0x25,
609 0x06, 0x1A, 0xAF, 0x9E, 0x24, 0x25, 0x06, 0x11, 0xAF, 0x25, 0x06, 0x0C,
610 0xAF, 0x9E, 0x24, 0x89, 0x26, 0x05, 0x02, 0x49, 0x28, 0xC2, 0x04, 0x71,
611 0x79, 0x79, 0x04, 0x63, 0x79, 0x00, 0x02, 0x03, 0x00, 0xB3, 0x01, 0x03,
612 0x78, 0xAD, 0xBA, 0x03, 0x01, 0x02, 0x01, 0x01, 0x07, 0x12, 0x06, 0x02,
613 0x56, 0x28, 0x25, 0x01, 0x00, 0x30, 0x11, 0x06, 0x05, 0x24, 0x4D, 0x28,
614 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 0x24, 0xBA, 0x02, 0x01,
615 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x24, 0xBA, 0x01, 0x00, 0x24, 0x02,
616 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 0x15, 0x06, 0x03, 0x01,
617 0x10, 0x2F, 0x3B, 0x01, 0x81, 0x40, 0x15, 0x06, 0x03, 0x01, 0x20, 0x2F,
618 0x62, 0x37, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 0x02, 0x4D, 0x28, 0xC2,
619 0x00, 0x00, 0x38, 0xAF, 0xC2, 0x1A, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00,
620 0x38, 0xAF, 0x25, 0x06, 0x30, 0xB3, 0x01, 0x11, 0x77, 0xAD, 0x25, 0x05,
621 0x02, 0x44, 0x28, 0x25, 0x06, 0x20, 0xAF, 0x9E, 0x24, 0x87, 0x26, 0x03,
622 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xB2, 0x25, 0x02, 0x01, 0x15, 0x06,
623 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 0x02, 0x02, 0x1F, 0x79,
624 0x04, 0x5D, 0x79, 0x04, 0x4D, 0x79, 0x1A, 0x02, 0x00, 0x00, 0x00, 0xB3,
625 0x01, 0x06, 0x78, 0xB1, 0x00, 0x00, 0xB8, 0x86, 0x06, 0x0E, 0x3B, 0x25,
626 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00, 0xB8, 0x6D, 0x04, 0x08,
627 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB9, 0x86,
628 0x06, 0x0E, 0x3B, 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x00, 0x00,
629 0xB9, 0x6D, 0x04, 0x08, 0x92, 0x06, 0x05, 0x24, 0x01, 0x00, 0x04, 0x00,
630 0x00, 0x00, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x04, 0x00, 0x04,
631 0x80, 0x55, 0x25, 0x01, 0x81, 0x40, 0x0D, 0x06, 0x07, 0x24, 0x01, 0x00,
632 0x00, 0x04, 0x80, 0x47, 0x25, 0x01, 0x81, 0x60, 0x0D, 0x06, 0x0E, 0x01,
633 0x1F, 0x15, 0x01, 0x01, 0xA3, 0x01, 0x81, 0x00, 0x01, 0x8F, 0x7F, 0x04,
634 0x32, 0x25, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 0x01, 0x0F, 0x15, 0x01,
635 0x02, 0xA3, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x04, 0x1C, 0x25,
636 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 0x15, 0x01, 0x03, 0xA3,
637 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 0x7F, 0x04, 0x04, 0x24,
638 0x01, 0x00, 0x00, 0x72, 0x05, 0x03, 0x24, 0x01, 0x00, 0x00, 0x00, 0x3B,
639 0x25, 0x05, 0x06, 0x42, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xBA, 0x34, 0x25,
640 0x3D, 0x06, 0x03, 0x3B, 0x24, 0x00, 0x01, 0x06, 0x0E, 0x3B, 0x25, 0x01,
641 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x42, 0x01, 0x7F, 0x00, 0x01,
642 0x3F, 0x15, 0x09, 0x00, 0x00, 0x25, 0x06, 0x06, 0x0B, 0xA2, 0x34, 0x41,
643 0x04, 0x77, 0x24, 0x25, 0x00, 0x00, 0xB3, 0x01, 0x03, 0x78, 0xAD, 0xBA,
644 0x06, 0x02, 0x55, 0x28, 0x00, 0x00, 0x3B, 0x25, 0x06, 0x07, 0x31, 0x25,
645 0x06, 0x01, 0x19, 0x04, 0x76, 0x42, 0x00, 0x00, 0x01, 0x01, 0x78, 0xAC,
646 0x01, 0x01, 0x10, 0x06, 0x02, 0x43, 0x28, 0xBA, 0x3E, 0x00, 0x04, 0xB3,
647 0x25, 0x01, 0x17, 0x01, 0x18, 0x72, 0x05, 0x02, 0x48, 0x28, 0x01, 0x18,
648 0x11, 0x03, 0x00, 0x75, 0xAD, 0xA8, 0x02, 0x00, 0x06, 0x0C, 0x01, 0x80,
649 0x64, 0x08, 0x03, 0x01, 0xA8, 0x02, 0x01, 0x09, 0x04, 0x0E, 0x25, 0x01,
650 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 0x01, 0x8E, 0x6C, 0x09,
651 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 0x02, 0x01, 0x01, 0x03,
652 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 0x80, 0x63, 0x09, 0x01,
653 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 0x0F, 0x09, 0x01, 0x83,
654 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 0x0C, 0xA9, 0x41, 0x01,
655 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3F, 0x02, 0x01, 0x01, 0x80,
656 0x64, 0x07, 0x3E, 0x02, 0x01, 0x01, 0x83, 0x10, 0x07, 0x3F, 0x2F, 0x15,
657 0x06, 0x03, 0x01, 0x18, 0x09, 0x94, 0x09, 0x7B, 0x25, 0x01, 0x05, 0x14,
658 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 0x01, 0x01, 0x3B, 0xA9,
659 0x02, 0x03, 0x09, 0x41, 0x03, 0x03, 0x01, 0x00, 0x01, 0x17, 0xA9, 0x01,
660 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3B, 0xA9, 0x01, 0x3C,
661 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 0x01, 0x3C, 0xA9, 0x02,
662 0x02, 0x09, 0x03, 0x02, 0xBA, 0x25, 0x01, 0x2E, 0x11, 0x06, 0x0D, 0x24,
663 0xBA, 0x25, 0x01, 0x30, 0x01, 0x39, 0x72, 0x06, 0x03, 0x24, 0x04, 0x74,
664 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x48, 0x28, 0x79, 0x02, 0x03, 0x02,
665 0x02, 0x00, 0x01, 0xBA, 0x7D, 0x01, 0x0A, 0x08, 0x03, 0x00, 0xBA, 0x7D,
666 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01, 0xA8, 0x25, 0x02,
667 0x01, 0x02, 0x00, 0x72, 0x05, 0x02, 0x48, 0x28, 0x00, 0x00, 0x34, 0xB3,
668 0x01, 0x02, 0x78, 0x0B, 0xAB, 0x00, 0x03, 0x25, 0x03, 0x00, 0x03, 0x01,
669 0x03, 0x02, 0xAD, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06, 0x02, 0x54,
670 0x28, 0x25, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x24, 0x25, 0x05, 0x04, 0x24,
671 0x01, 0x00, 0x00, 0xBA, 0x04, 0x6F, 0x02, 0x01, 0x25, 0x05, 0x02, 0x50,
672 0x28, 0x41, 0x03, 0x01, 0x02, 0x02, 0x37, 0x02, 0x02, 0x40, 0x03, 0x02,
673 0x25, 0x06, 0x03, 0xBA, 0x04, 0x68, 0x24, 0x02, 0x00, 0x02, 0x01, 0x0A,
674 0x00, 0x01, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x0D, 0x06, 0x01, 0x00, 0x01,
675 0x81, 0x00, 0x0A, 0x25, 0x05, 0x02, 0x4E, 0x28, 0x03, 0x00, 0x01, 0x00,
676 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 0x00, 0x41, 0x03, 0x00,
677 0x25, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 0x02, 0x4F, 0x28, 0x01,
678 0x08, 0x0E, 0x3B, 0xBA, 0x34, 0x09, 0x04, 0x60, 0x00, 0x00, 0xAC, 0x95,
679 0x00, 0x00, 0xAD, 0xC2, 0x00, 0x00, 0xB3, 0x76, 0xAD, 0x00, 0x01, 0xAD,
680 0x25, 0x05, 0x02, 0x54, 0x28, 0xBA, 0x25, 0x01, 0x81, 0x00, 0x13, 0x06,
681 0x02, 0x54, 0x28, 0x03, 0x00, 0x25, 0x06, 0x16, 0xBA, 0x02, 0x00, 0x25,
682 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 0x54, 0x28, 0x01, 0x08,
683 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x24, 0x02, 0x00, 0x00, 0x00, 0xAD,
684 0x25, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xC2, 0x01, 0x00, 0x67, 0x37,
685 0x01, 0x00, 0x00, 0x25, 0x67, 0x37, 0x67, 0x40, 0xA5, 0x01, 0x7F, 0x00,
686 0x00, 0xB3, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB6, 0x04,
687 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x33,
688 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x28, 0x01,
689 0x14, 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x1D, 0x01, 0x16,
690 0x30, 0x11, 0x06, 0x05, 0x24, 0x75, 0xB7, 0x04, 0x12, 0x01, 0x1E, 0x30,
691 0x11, 0x06, 0x05, 0x24, 0x75, 0xB5, 0x04, 0x07, 0x42, 0xAE, 0x01, 0x00,
692 0x01, 0x00, 0x24, 0x00, 0x01, 0xBA, 0x03, 0x00, 0x02, 0x00, 0x01, 0x05,
693 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 0x06, 0x14, 0x25, 0x01,
694 0x01, 0x15, 0x06, 0x02, 0x46, 0x28, 0x01, 0x04, 0x0E, 0x02, 0x00, 0x01,
695 0x1F, 0x15, 0x25, 0x01, 0x1F, 0x11, 0x06, 0x02, 0x47, 0x28, 0x09, 0x00,
696 0x00, 0x25, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 0x00, 0xB3, 0x00, 0x01,
697 0xAD, 0x25, 0x05, 0x05, 0x67, 0x37, 0x01, 0x7F, 0x00, 0x01, 0x01, 0x03,
698 0x00, 0x9F, 0x25, 0x01, 0x83, 0xFF, 0x7E, 0x11, 0x06, 0x16, 0x24, 0x25,
699 0x06, 0x10, 0xA0, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02,
700 0x00, 0x84, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 0x25, 0x05, 0x05, 0x24,
701 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x25, 0x06, 0x0B,
702 0x9F, 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x04, 0x6D, 0x24,
703 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01, 0x7F, 0x00,
704 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xA1, 0x25, 0x05,
705 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03, 0x00, 0x04,
706 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67, 0x37, 0x01,
707 0x7F, 0x00, 0x01, 0xAD, 0x01, 0x01, 0x03, 0x00, 0x25, 0x06, 0x10, 0xBA,
708 0x25, 0x05, 0x05, 0x24, 0xC2, 0x01, 0x00, 0x00, 0x02, 0x00, 0x84, 0x03,
709 0x00, 0x04, 0x6D, 0x24, 0x02, 0x00, 0x25, 0x05, 0x01, 0x00, 0x41, 0x67,
710 0x37, 0x01, 0x7F, 0x00, 0x00, 0xBA, 0x01, 0x08, 0x0E, 0x3B, 0xBA, 0x34,
711 0x09, 0x00, 0x00, 0xBA, 0x3B, 0xBA, 0x01, 0x08, 0x0E, 0x34, 0x09, 0x00,
712 0x00, 0x25, 0x05, 0x02, 0x4F, 0x28, 0x41, 0xBB, 0x00, 0x00, 0x32, 0x25,
713 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x24, 0x19, 0x04, 0x74, 0x00, 0x01,
714 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 0x15, 0x00, 0x00, 0x01,
715 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 0x33, 0x00, 0x00, 0xC3,
716 0x24, 0x00, 0x00, 0x25, 0x06, 0x07, 0xC4, 0x25, 0x06, 0x01, 0x19, 0x04,
717 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 0x42, 0x00, 0x00, 0x01,
718 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00, 0x00, 0x01, 0x82, 0x22,
719 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x01, 0x03, 0x33, 0x01, 0x03,
720 0x33, 0x00, 0x00, 0x25, 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFD, 0x5F,
721 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x25, 0x01, 0x83, 0xB0, 0x00,
722 0x01, 0x83, 0xBF, 0x7F, 0x72, 0x06, 0x04, 0x24, 0x01, 0x00, 0x00, 0x01,
723 0x83, 0xFF, 0x7F, 0x15, 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00
724 };
725
726 static const uint16_t t0_caddr[] = {
727 0,
728 5,
729 10,
730 15,
731 20,
732 25,
733 29,
734 33,
735 37,
736 41,
737 45,
738 49,
739 53,
740 57,
741 61,
742 65,
743 69,
744 73,
745 77,
746 81,
747 85,
748 89,
749 93,
750 97,
751 101,
752 105,
753 109,
754 113,
755 117,
756 121,
757 125,
758 130,
759 135,
760 140,
761 145,
762 150,
763 155,
764 160,
765 165,
766 173,
767 178,
768 183,
769 188,
770 193,
771 198,
772 202,
773 207,
774 212,
775 217,
776 238,
777 243,
778 248,
779 253,
780 282,
781 297,
782 302,
783 308,
784 314,
785 319,
786 327,
787 335,
788 341,
789 346,
790 357,
791 992,
792 1007,
793 1011,
794 1016,
795 1021,
796 1026,
797 1031,
798 1036,
799 1150,
800 1155,
801 1167,
802 1172,
803 1177,
804 1182,
805 1186,
806 1191,
807 1196,
808 1201,
809 1206,
810 1216,
811 1221,
812 1226,
813 1238,
814 1253,
815 1258,
816 1272,
817 1294,
818 1305,
819 1408,
820 1455,
821 1488,
822 1579,
823 1585,
824 1648,
825 1655,
826 1683,
827 1711,
828 1816,
829 1858,
830 1871,
831 1883,
832 1897,
833 1912,
834 2132,
835 2146,
836 2163,
837 2172,
838 2239,
839 2295,
840 2299,
841 2303,
842 2308,
843 2356,
844 2382,
845 2458,
846 2502,
847 2513,
848 2598,
849 2636,
850 2674,
851 2684,
852 2694,
853 2703,
854 2716,
855 2720,
856 2724,
857 2728,
858 2732,
859 2736,
860 2740,
861 2744,
862 2756,
863 2764,
864 2769,
865 2774,
866 2779,
867 2784,
868 2792
869 };
870
871 #define T0_INTERPRETED 61
872
873 #define T0_ENTER(ip, rp, slot) do { \
874 const unsigned char *t0_newip; \
875 uint32_t t0_lnum; \
876 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
877 t0_lnum = t0_parse7E_unsigned(&t0_newip); \
878 (rp) += t0_lnum; \
879 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
880 (ip) = t0_newip; \
881 } while (0)
882
883 #define T0_DEFENTRY(name, slot) \
884 void \
885 name(void *ctx) \
886 { \
887 t0_context *t0ctx = ctx; \
888 t0ctx->ip = &t0_codeblock[0]; \
889 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
890 }
891
892 T0_DEFENTRY(br_x509_minimal_init_main, 147)
893
894 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++)
895
896 void
897 br_x509_minimal_run(void *t0ctx)
898 {
899 uint32_t *dp, *rp;
900 const unsigned char *ip;
901
902 #define T0_LOCAL(x) (*(rp - 2 - (x)))
903 #define T0_POP() (*-- dp)
904 #define T0_POPi() (*(int32_t *)(-- dp))
905 #define T0_PEEK(x) (*(dp - 1 - (x)))
906 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x)))
907 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0)
908 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0)
909 #define T0_RPOP() (*-- rp)
910 #define T0_RPOPi() (*(int32_t *)(-- rp))
911 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0)
912 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0)
913 #define T0_ROLL(x) do { \
914 size_t t0len = (size_t)(x); \
915 uint32_t t0tmp = *(dp - 1 - t0len); \
916 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \
917 *(dp - 1) = t0tmp; \
918 } while (0)
919 #define T0_SWAP() do { \
920 uint32_t t0tmp = *(dp - 2); \
921 *(dp - 2) = *(dp - 1); \
922 *(dp - 1) = t0tmp; \
923 } while (0)
924 #define T0_ROT() do { \
925 uint32_t t0tmp = *(dp - 3); \
926 *(dp - 3) = *(dp - 2); \
927 *(dp - 2) = *(dp - 1); \
928 *(dp - 1) = t0tmp; \
929 } while (0)
930 #define T0_NROT() do { \
931 uint32_t t0tmp = *(dp - 1); \
932 *(dp - 1) = *(dp - 2); \
933 *(dp - 2) = *(dp - 3); \
934 *(dp - 3) = t0tmp; \
935 } while (0)
936 #define T0_PICK(x) do { \
937 uint32_t t0depth = (x); \
938 T0_PUSH(T0_PEEK(t0depth)); \
939 } while (0)
940 #define T0_CO() do { \
941 goto t0_exit; \
942 } while (0)
943 #define T0_RET() goto t0_next
944
945 dp = ((t0_context *)t0ctx)->dp;
946 rp = ((t0_context *)t0ctx)->rp;
947 ip = ((t0_context *)t0ctx)->ip;
948 goto t0_next;
949 for (;;) {
950 uint32_t t0x;
951
952 t0_next:
953 t0x = T0_NEXT(&ip);
954 if (t0x < T0_INTERPRETED) {
955 switch (t0x) {
956 int32_t t0off;
957
958 case 0: /* ret */
959 t0x = T0_RPOP();
960 rp -= (t0x >> 16);
961 t0x &= 0xFFFF;
962 if (t0x == 0) {
963 ip = NULL;
964 goto t0_exit;
965 }
966 ip = &t0_codeblock[t0x];
967 break;
968 case 1: /* literal constant */
969 T0_PUSHi(t0_parse7E_signed(&ip));
970 break;
971 case 2: /* read local */
972 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip)));
973 break;
974 case 3: /* write local */
975 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP();
976 break;
977 case 4: /* jump */
978 t0off = t0_parse7E_signed(&ip);
979 ip += t0off;
980 break;
981 case 5: /* jump if */
982 t0off = t0_parse7E_signed(&ip);
983 if (T0_POP()) {
984 ip += t0off;
985 }
986 break;
987 case 6: /* jump if not */
988 t0off = t0_parse7E_signed(&ip);
989 if (!T0_POP()) {
990 ip += t0off;
991 }
992 break;
993 case 7: {
994 /* %25 */
995
996 int32_t b = T0_POPi();
997 int32_t a = T0_POPi();
998 T0_PUSHi(a % b);
999
1000 }
1001 break;
1002 case 8: {
1003 /* * */
1004
1005 uint32_t b = T0_POP();
1006 uint32_t a = T0_POP();
1007 T0_PUSH(a * b);
1008
1009 }
1010 break;
1011 case 9: {
1012 /* + */
1013
1014 uint32_t b = T0_POP();
1015 uint32_t a = T0_POP();
1016 T0_PUSH(a + b);
1017
1018 }
1019 break;
1020 case 10: {
1021 /* - */
1022
1023 uint32_t b = T0_POP();
1024 uint32_t a = T0_POP();
1025 T0_PUSH(a - b);
1026
1027 }
1028 break;
1029 case 11: {
1030 /* -rot */
1031 T0_NROT();
1032 }
1033 break;
1034 case 12: {
1035 /* / */
1036
1037 int32_t b = T0_POPi();
1038 int32_t a = T0_POPi();
1039 T0_PUSHi(a / b);
1040
1041 }
1042 break;
1043 case 13: {
1044 /* < */
1045
1046 int32_t b = T0_POPi();
1047 int32_t a = T0_POPi();
1048 T0_PUSH(-(uint32_t)(a < b));
1049
1050 }
1051 break;
1052 case 14: {
1053 /* << */
1054
1055 int c = (int)T0_POPi();
1056 uint32_t x = T0_POP();
1057 T0_PUSH(x << c);
1058
1059 }
1060 break;
1061 case 15: {
1062 /* <= */
1063
1064 int32_t b = T0_POPi();
1065 int32_t a = T0_POPi();
1066 T0_PUSH(-(uint32_t)(a <= b));
1067
1068 }
1069 break;
1070 case 16: {
1071 /* <> */
1072
1073 uint32_t b = T0_POP();
1074 uint32_t a = T0_POP();
1075 T0_PUSH(-(uint32_t)(a != b));
1076
1077 }
1078 break;
1079 case 17: {
1080 /* = */
1081
1082 uint32_t b = T0_POP();
1083 uint32_t a = T0_POP();
1084 T0_PUSH(-(uint32_t)(a == b));
1085
1086 }
1087 break;
1088 case 18: {
1089 /* > */
1090
1091 int32_t b = T0_POPi();
1092 int32_t a = T0_POPi();
1093 T0_PUSH(-(uint32_t)(a > b));
1094
1095 }
1096 break;
1097 case 19: {
1098 /* >= */
1099
1100 int32_t b = T0_POPi();
1101 int32_t a = T0_POPi();
1102 T0_PUSH(-(uint32_t)(a >= b));
1103
1104 }
1105 break;
1106 case 20: {
1107 /* >> */
1108
1109 int c = (int)T0_POPi();
1110 int32_t x = T0_POPi();
1111 T0_PUSHi(x >> c);
1112
1113 }
1114 break;
1115 case 21: {
1116 /* and */
1117
1118 uint32_t b = T0_POP();
1119 uint32_t a = T0_POP();
1120 T0_PUSH(a & b);
1121
1122 }
1123 break;
1124 case 22: {
1125 /* blobcopy */
1126
1127 size_t len = T0_POP();
1128 unsigned char *src = (unsigned char *)CTX + T0_POP();
1129 unsigned char *dst = (unsigned char *)CTX + T0_POP();
1130 memcpy(dst, src, len);
1131
1132 }
1133 break;
1134 case 23: {
1135 /* check-direct-trust */
1136
1137 size_t u;
1138
1139 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1140 const br_x509_trust_anchor *ta;
1141 unsigned char hashed_DN[64];
1142 int kt;
1143
1144 ta = &CTX->trust_anchors[u];
1145 if (ta->flags & BR_X509_TA_CA) {
1146 continue;
1147 }
1148 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1149 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) {
1150 continue;
1151 }
1152 kt = CTX->pkey.key_type;
1153 if ((ta->pkey.key_type & 0x0F) != kt) {
1154 continue;
1155 }
1156 switch (kt) {
1157
1158 case BR_KEYTYPE_RSA:
1159 if (!eqbigint(CTX->pkey.key.rsa.n,
1160 CTX->pkey.key.rsa.nlen,
1161 ta->pkey.key.rsa.n,
1162 ta->pkey.key.rsa.nlen)
1163 || !eqbigint(CTX->pkey.key.rsa.e,
1164 CTX->pkey.key.rsa.elen,
1165 ta->pkey.key.rsa.e,
1166 ta->pkey.key.rsa.elen))
1167 {
1168 continue;
1169 }
1170 break;
1171
1172 case BR_KEYTYPE_EC:
1173 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve
1174 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen
1175 || memcmp(CTX->pkey.key.ec.q,
1176 ta->pkey.key.ec.q,
1177 ta->pkey.key.ec.qlen) != 0)
1178 {
1179 continue;
1180 }
1181 break;
1182
1183 default:
1184 continue;
1185 }
1186
1187 /*
1188 * Direct trust match!
1189 */
1190 CTX->err = BR_ERR_X509_OK;
1191 T0_CO();
1192 }
1193
1194 }
1195 break;
1196 case 24: {
1197 /* check-trust-anchor-CA */
1198
1199 size_t u;
1200
1201 for (u = 0; u < CTX->trust_anchors_num; u ++) {
1202 const br_x509_trust_anchor *ta;
1203 unsigned char hashed_DN[64];
1204
1205 ta = &CTX->trust_anchors[u];
1206 if (!(ta->flags & BR_X509_TA_CA)) {
1207 continue;
1208 }
1209 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN);
1210 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) {
1211 continue;
1212 }
1213 if (verify_signature(CTX, &ta->pkey) == 0) {
1214 CTX->err = BR_ERR_X509_OK;
1215 T0_CO();
1216 }
1217 }
1218
1219 }
1220 break;
1221 case 25: {
1222 /* co */
1223 T0_CO();
1224 }
1225 break;
1226 case 26: {
1227 /* compute-dn-hash */
1228
1229 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash);
1230 CTX->do_dn_hash = 0;
1231
1232 }
1233 break;
1234 case 27: {
1235 /* compute-tbs-hash */
1236
1237 int id = T0_POPi();
1238 size_t len;
1239 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash);
1240 T0_PUSH(len);
1241
1242 }
1243 break;
1244 case 28: {
1245 /* copy-ee-ec-pkey */
1246
1247 size_t qlen = T0_POP();
1248 uint32_t curve = T0_POP();
1249 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen);
1250 CTX->pkey.key_type = BR_KEYTYPE_EC;
1251 CTX->pkey.key.ec.curve = curve;
1252 CTX->pkey.key.ec.q = CTX->ee_pkey_data;
1253 CTX->pkey.key.ec.qlen = qlen;
1254
1255 }
1256 break;
1257 case 29: {
1258 /* copy-ee-rsa-pkey */
1259
1260 size_t elen = T0_POP();
1261 size_t nlen = T0_POP();
1262 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen);
1263 CTX->pkey.key_type = BR_KEYTYPE_RSA;
1264 CTX->pkey.key.rsa.n = CTX->ee_pkey_data;
1265 CTX->pkey.key.rsa.nlen = nlen;
1266 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen;
1267 CTX->pkey.key.rsa.elen = elen;
1268
1269 }
1270 break;
1271 case 30: {
1272 /* copy-name-SAN */
1273
1274 unsigned tag = T0_POP();
1275 unsigned ok = T0_POP();
1276 size_t u, len;
1277
1278 len = CTX->pad[0];
1279 for (u = 0; u < CTX->num_name_elts; u ++) {
1280 br_name_element *ne;
1281
1282 ne = &CTX->name_elts[u];
1283 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) {
1284 if (ok && ne->len > len) {
1285 memcpy(ne->buf, CTX->pad + 1, len);
1286 ne->buf[len] = 0;
1287 ne->status = 1;
1288 } else {
1289 ne->status = -1;
1290 }
1291 break;
1292 }
1293 }
1294
1295 }
1296 break;
1297 case 31: {
1298 /* copy-name-element */
1299
1300 size_t len;
1301 int32_t off = T0_POPi();
1302 int ok = T0_POPi();
1303
1304 if (off >= 0) {
1305 br_name_element *ne = &CTX->name_elts[off];
1306
1307 if (ok) {
1308 len = CTX->pad[0];
1309 if (len < ne->len) {
1310 memcpy(ne->buf, CTX->pad + 1, len);
1311 ne->buf[len] = 0;
1312 ne->status = 1;
1313 } else {
1314 ne->status = -1;
1315 }
1316 } else {
1317 ne->status = -1;
1318 }
1319 }
1320
1321 }
1322 break;
1323 case 32: {
1324 /* data-get8 */
1325
1326 size_t addr = T0_POP();
1327 T0_PUSH(t0_datablock[addr]);
1328
1329 }
1330 break;
1331 case 33: {
1332 /* dn-hash-length */
1333
1334 T0_PUSH(DNHASH_LEN);
1335
1336 }
1337 break;
1338 case 34: {
1339 /* do-ecdsa-vrfy */
1340
1341 size_t qlen = T0_POP();
1342 int curve = T0_POP();
1343 br_x509_pkey pk;
1344
1345 pk.key_type = BR_KEYTYPE_EC;
1346 pk.key.ec.curve = curve;
1347 pk.key.ec.q = CTX->pkey_data;
1348 pk.key.ec.qlen = qlen;
1349 T0_PUSH(verify_signature(CTX, &pk));
1350
1351 }
1352 break;
1353 case 35: {
1354 /* do-rsa-vrfy */
1355
1356 size_t elen = T0_POP();
1357 size_t nlen = T0_POP();
1358 br_x509_pkey pk;
1359
1360 pk.key_type = BR_KEYTYPE_RSA;
1361 pk.key.rsa.n = CTX->pkey_data;
1362 pk.key.rsa.nlen = nlen;
1363 pk.key.rsa.e = CTX->pkey_data + nlen;
1364 pk.key.rsa.elen = elen;
1365 T0_PUSH(verify_signature(CTX, &pk));
1366
1367 }
1368 break;
1369 case 36: {
1370 /* drop */
1371 (void)T0_POP();
1372 }
1373 break;
1374 case 37: {
1375 /* dup */
1376 T0_PUSH(T0_PEEK(0));
1377 }
1378 break;
1379 case 38: {
1380 /* eqOID */
1381
1382 const unsigned char *a2 = &t0_datablock[T0_POP()];
1383 const unsigned char *a1 = &CTX->pad[0];
1384 size_t len = a1[0];
1385 int x;
1386 if (len == a2[0]) {
1387 x = -(memcmp(a1 + 1, a2 + 1, len) == 0);
1388 } else {
1389 x = 0;
1390 }
1391 T0_PUSH((uint32_t)x);
1392
1393 }
1394 break;
1395 case 39: {
1396 /* eqblob */
1397
1398 size_t len = T0_POP();
1399 const unsigned char *a2 = (const unsigned char *)CTX + T0_POP();
1400 const unsigned char *a1 = (const unsigned char *)CTX + T0_POP();
1401 T0_PUSHi(-(memcmp(a1, a2, len) == 0));
1402
1403 }
1404 break;
1405 case 40: {
1406 /* fail */
1407
1408 CTX->err = T0_POPi();
1409 T0_CO();
1410
1411 }
1412 break;
1413 case 41: {
1414 /* get-system-date */
1415
1416 if (CTX->days == 0 && CTX->seconds == 0) {
1417 #if BR_USE_UNIX_TIME
1418 time_t x = time(NULL);
1419
1420 T0_PUSH((uint32_t)(x / 86400) + 719528);
1421 T0_PUSH((uint32_t)(x % 86400));
1422 #elif BR_USE_WIN32_TIME
1423 FILETIME ft;
1424 uint64_t x;
1425
1426 GetSystemTimeAsFileTime(&ft);
1427 x = ((uint64_t)ft.dwHighDateTime << 32)
1428 + (uint64_t)ft.dwLowDateTime;
1429 x = (x / 10000000);
1430 T0_PUSH((uint32_t)(x / 86400) + 584754);
1431 T0_PUSH((uint32_t)(x % 86400));
1432 #else
1433 CTX->err = BR_ERR_X509_TIME_UNKNOWN;
1434 T0_CO();
1435 #endif
1436 } else {
1437 T0_PUSH(CTX->days);
1438 T0_PUSH(CTX->seconds);
1439 }
1440
1441 }
1442 break;
1443 case 42: {
1444 /* get16 */
1445
1446 uint32_t addr = T0_POP();
1447 T0_PUSH(*(uint16_t *)((unsigned char *)CTX + addr));
1448
1449 }
1450 break;
1451 case 43: {
1452 /* get32 */
1453
1454 uint32_t addr = T0_POP();
1455 T0_PUSH(*(uint32_t *)((unsigned char *)CTX + addr));
1456
1457 }
1458 break;
1459 case 44: {
1460 /* match-server-name */
1461
1462 size_t n1, n2;
1463
1464 if (CTX->server_name == NULL) {
1465 T0_PUSH(0);
1466 T0_RET();
1467 }
1468 n1 = strlen(CTX->server_name);
1469 n2 = CTX->pad[0];
1470 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) {
1471 T0_PUSHi(-1);
1472 T0_RET();
1473 }
1474 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') {
1475 size_t u;
1476
1477 u = 0;
1478 while (u < n1 && CTX->server_name[u] != '.') {
1479 u ++;
1480 }
1481 u ++;
1482 n1 -= u;
1483 if ((n2 - 2) == n1
1484 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1))
1485 {
1486 T0_PUSHi(-1);
1487 T0_RET();
1488 }
1489 }
1490 T0_PUSH(0);
1491
1492 }
1493 break;
1494 case 45: {
1495 /* neg */
1496
1497 uint32_t a = T0_POP();
1498 T0_PUSH(-a);
1499
1500 }
1501 break;
1502 case 46: {
1503 /* offset-name-element */
1504
1505 unsigned san = T0_POP();
1506 size_t u;
1507
1508 for (u = 0; u < CTX->num_name_elts; u ++) {
1509 if (CTX->name_elts[u].status == 0) {
1510 const unsigned char *oid;
1511 size_t len, off;
1512
1513 oid = CTX->name_elts[u].oid;
1514 if (san) {
1515 if (oid[0] != 0 || oid[1] != 0) {
1516 continue;
1517 }
1518 off = 2;
1519 } else {
1520 off = 0;
1521 }
1522 len = oid[off];
1523 if (len != 0 && len == CTX->pad[0]
1524 && memcmp(oid + off + 1,
1525 CTX->pad + 1, len) == 0)
1526 {
1527 T0_PUSH(u);
1528 T0_RET();
1529 }
1530 }
1531 }
1532 T0_PUSHi(-1);
1533
1534 }
1535 break;
1536 case 47: {
1537 /* or */
1538
1539 uint32_t b = T0_POP();
1540 uint32_t a = T0_POP();
1541 T0_PUSH(a | b);
1542
1543 }
1544 break;
1545 case 48: {
1546 /* over */
1547 T0_PUSH(T0_PEEK(1));
1548 }
1549 break;
1550 case 49: {
1551 /* read-blob-inner */
1552
1553 uint32_t len = T0_POP();
1554 uint32_t addr = T0_POP();
1555 size_t clen = CTX->hlen;
1556 if (clen > len) {
1557 clen = (size_t)len;
1558 }
1559 if (addr != 0) {
1560 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen);
1561 }
1562 if (CTX->do_mhash) {
1563 br_multihash_update(&CTX->mhash, CTX->hbuf, clen);
1564 }
1565 if (CTX->do_dn_hash) {
1566 CTX->dn_hash_impl->update(
1567 &CTX->dn_hash.vtable, CTX->hbuf, clen);
1568 }
1569 CTX->hbuf += clen;
1570 CTX->hlen -= clen;
1571 T0_PUSH(addr + clen);
1572 T0_PUSH(len - clen);
1573
1574 }
1575 break;
1576 case 50: {
1577 /* read8-low */
1578
1579 if (CTX->hlen == 0) {
1580 T0_PUSHi(-1);
1581 } else {
1582 unsigned char x = *CTX->hbuf ++;
1583 if (CTX->do_mhash) {
1584 br_multihash_update(&CTX->mhash, &x, 1);
1585 }
1586 if (CTX->do_dn_hash) {
1587 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1);
1588 }
1589 CTX->hlen --;
1590 T0_PUSH(x);
1591 }
1592
1593 }
1594 break;
1595 case 51: {
1596 /* roll */
1597 T0_ROLL(T0_POP());
1598 }
1599 break;
1600 case 52: {
1601 /* rot */
1602 T0_ROT();
1603 }
1604 break;
1605 case 53: {
1606 /* set16 */
1607
1608 uint32_t addr = T0_POP();
1609 *(uint16_t *)((unsigned char *)CTX + addr) = T0_POP();
1610
1611 }
1612 break;
1613 case 54: {
1614 /* set32 */
1615
1616 uint32_t addr = T0_POP();
1617 *(uint32_t *)((unsigned char *)CTX + addr) = T0_POP();
1618
1619 }
1620 break;
1621 case 55: {
1622 /* set8 */
1623
1624 uint32_t addr = T0_POP();
1625 *((unsigned char *)CTX + addr) = (unsigned char)T0_POP();
1626
1627 }
1628 break;
1629 case 56: {
1630 /* start-dn-hash */
1631
1632 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable);
1633 CTX->do_dn_hash = 1;
1634
1635 }
1636 break;
1637 case 57: {
1638 /* start-tbs-hash */
1639
1640 br_multihash_init(&CTX->mhash);
1641 CTX->do_mhash = 1;
1642
1643 }
1644 break;
1645 case 58: {
1646 /* stop-tbs-hash */
1647
1648 CTX->do_mhash = 0;
1649
1650 }
1651 break;
1652 case 59: {
1653 /* swap */
1654 T0_SWAP();
1655 }
1656 break;
1657 case 60: {
1658 /* zero-server-name */
1659
1660 T0_PUSHi(-(CTX->server_name == NULL));
1661
1662 }
1663 break;
1664 }
1665
1666 } else {
1667 T0_ENTER(ip, rp, t0x);
1668 }
1669 }
1670 t0_exit:
1671 ((t0_context *)t0ctx)->dp = dp;
1672 ((t0_context *)t0ctx)->rp = rp;
1673 ((t0_context *)t0ctx)->ip = ip;
1674 }
1675
1676
1677
1678 /*
1679 * Verify the signature on the certificate with the provided public key.
1680 * This function checks the public key type with regards to the expected
1681 * type. Returned value is either 0 on success, or a non-zero error code.
1682 */
1683 static int
1684 verify_signature(br_x509_minimal_context *ctx, const br_x509_pkey *pk)
1685 {
1686 int kt;
1687
1688 kt = ctx->cert_signer_key_type;
1689 if ((pk->key_type & 0x0F) != kt) {
1690 return BR_ERR_X509_WRONG_KEY_TYPE;
1691 }
1692 switch (kt) {
1693 unsigned char tmp[64];
1694
1695 case BR_KEYTYPE_RSA:
1696 if (ctx->irsa == 0) {
1697 return BR_ERR_X509_UNSUPPORTED;
1698 }
1699 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len,
1700 &t0_datablock[ctx->cert_sig_hash_oid],
1701 ctx->cert_sig_hash_len, &pk->key.rsa, tmp))
1702 {
1703 return BR_ERR_X509_BAD_SIGNATURE;
1704 }
1705 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) {
1706 return BR_ERR_X509_BAD_SIGNATURE;
1707 }
1708 return 0;
1709
1710 case BR_KEYTYPE_EC:
1711 if (ctx->iecdsa == 0) {
1712 return BR_ERR_X509_UNSUPPORTED;
1713 }
1714 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash,
1715 ctx->cert_sig_hash_len, &pk->key.ec,
1716 ctx->cert_sig, ctx->cert_sig_len))
1717 {
1718 return BR_ERR_X509_BAD_SIGNATURE;
1719 }
1720 return 0;
1721
1722 default:
1723 return BR_ERR_X509_UNSUPPORTED;
1724 }
1725 }
1726
1727
The BearSSL library and tools.