Lines Matching +full:y +full:- +full:rp
8 uint32_t *rp; member
19 unsigned y; in t0_parse7E_unsigned() local
21 y = *(*p) ++; in t0_parse7E_unsigned()
22 x = (x << 7) | (uint32_t)(y & 0x7F); in t0_parse7E_unsigned()
23 if (y < 0x80) { in t0_parse7E_unsigned()
36 x = (uint32_t)-neg; in t0_parse7E_signed()
38 unsigned y; in t0_parse7E_signed() local
40 y = *(*p) ++; in t0_parse7E_signed()
41 x = (x << 7) | (uint32_t)(y & 0x7F); in t0_parse7E_signed()
42 if (y < 0x80) { in t0_parse7E_signed()
44 return -(int32_t)~x - 1; in t0_parse7E_signed()
80 * --------------------
94 * -- If the certificate length is 0, then the T0 code will not be
98 * -- When reaching the end of certificate, the C code must verify that
104 * -- The error flag is set to a non-zero value when validation is
106 * successful) or another non-zero error code. When a non-zero error
110 * -- Each certificate is decoded in due course, with the following
113 * -- Start of the TBS: the multihash engine is reset and activated.
115 * -- Start of the issuer DN: the secondary hash engine is started,
118 * -- End of the issuer DN: the secondary hash engine is stopped. The
122 * -- Start of the subject DN: the secondary hash engine is started,
125 * -- For the EE certificate only: the Common Name, if any, is matched
128 * -- End of the subject DN: the secondary hash engine is stopped. The
131 * -- If this is the EE certificate, then the hash is ignored
135 * -- Otherwise, the hashed subject DN is compared with the saved
144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown
147 * -- If this is the EE certificate, then the key type is compared
153 * -- Otherwise, the saved signature (cert_sig[]) is verified
157 * -- Extensions: extension values are processed in due order.
159 * -- Basic Constraints: for all certificates except EE, must be
163 * -- Key Usage: for the EE, if present, must allow signatures
165 * For non-EE, if present, must have the "certificate sign" bit.
167 * -- Subject Alt Name: for the EE, dNSName names are matched
168 * against the server name. Ignored for non-EE.
170 * -- Authority Key Identifier, Subject Key Identifier, Issuer
177 * -- All other extensions are ignored if non-critical. If a
181 * -- End of the TBS: the multihash engine is stopped.
183 * -- Signature algorithm: the signature algorithm on the
190 * -- Signature value: the signature value is copied into the
193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is
199 * -- If the chain end is reached without obtaining a validation success,
226 ctx->vtable = &br_x509_minimal_vtable; in br_x509_minimal_init()
227 ctx->dn_hash_impl = dn_hash_impl; in br_x509_minimal_init()
228 ctx->trust_anchors = trust_anchors; in br_x509_minimal_init()
229 ctx->trust_anchors_num = trust_anchors_num; in br_x509_minimal_init()
239 for (u = 0; u < cc->num_name_elts; u ++) { in xm_start_chain()
240 cc->name_elts[u].status = 0; in xm_start_chain()
241 cc->name_elts[u].buf[0] = 0; in xm_start_chain()
243 memset(&cc->pkey, 0, sizeof cc->pkey); in xm_start_chain()
244 cc->num_certs = 0; in xm_start_chain()
245 cc->err = 0; in xm_start_chain()
246 cc->cpu.dp = cc->dp_stack; in xm_start_chain()
247 cc->cpu.rp = cc->rp_stack; in xm_start_chain()
248 br_x509_minimal_init_main(&cc->cpu); in xm_start_chain()
250 cc->server_name = NULL; in xm_start_chain()
252 cc->server_name = server_name; in xm_start_chain()
262 if (cc->err != 0) { in xm_start_cert()
266 cc->err = BR_ERR_X509_TRUNCATED; in xm_start_cert()
269 cc->cert_length = length; in xm_start_cert()
278 if (cc->err != 0) { in xm_append()
281 cc->hbuf = buf; in xm_append()
282 cc->hlen = len; in xm_append()
283 br_x509_minimal_run(&cc->cpu); in xm_append()
292 if (cc->err == 0 && cc->cert_length != 0) { in xm_end_cert()
293 cc->err = BR_ERR_X509_TRUNCATED; in xm_end_cert()
295 cc->num_certs ++; in xm_end_cert()
304 if (cc->err == 0) { in xm_end_chain()
305 if (cc->num_certs == 0) { in xm_end_chain()
306 cc->err = BR_ERR_X509_EMPTY_CHAIN; in xm_end_chain()
308 cc->err = BR_ERR_X509_NOT_TRUSTED; in xm_end_chain()
310 } else if (cc->err == BR_ERR_X509_OK) { in xm_end_chain()
313 return (unsigned)cc->err; in xm_end_chain()
322 if (cc->err == BR_ERR_X509_OK in xm_get_pkey()
323 || cc->err == BR_ERR_X509_NOT_TRUSTED) in xm_get_pkey()
326 *usages = cc->key_usages; in xm_get_pkey()
328 return &((br_x509_minimal_context *)(void *)ctx)->pkey; in xm_get_pkey()
345 #define CTX ((br_x509_minimal_context *)(void *)((unsigned char *)t0ctx - offsetof(br_x509_minima…
348 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK)
359 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable); in hash_dn()
360 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len); in hash_dn()
361 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out); in hash_dn()
365 * Compare two big integers for equality. The integers use unsigned big-endian
374 len1 --; in eqbigint()
378 len2 --; in eqbigint()
387 * Compare two strings for equality, in a case-insensitive way. This
397 while (len -- > 0) { in eqnocase()
403 x1 += 'a' - 'A'; in eqnocase()
406 x2 += 'a' - 'A'; in eqnocase()
853 #define T0_ENTER(ip, rp, slot) do { \ argument
856 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \
858 (rp) += t0_lnum; \
859 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \
868 t0ctx->ip = &t0_codeblock[0]; \
869 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \
879 uint32_t *dp, *rp; in br_x509_minimal_run() local
882 #define T0_LOCAL(x) (*(rp - 2 - (x))) in br_x509_minimal_run()
883 #define T0_POP() (*-- dp) in br_x509_minimal_run()
884 #define T0_POPi() (*(int32_t *)(-- dp)) in br_x509_minimal_run()
885 #define T0_PEEK(x) (*(dp - 1 - (x))) in br_x509_minimal_run()
886 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x))) in br_x509_minimal_run()
889 #define T0_RPOP() (*-- rp) in br_x509_minimal_run()
890 #define T0_RPOPi() (*(int32_t *)(-- rp)) in br_x509_minimal_run()
891 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0) in br_x509_minimal_run()
892 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0) in br_x509_minimal_run()
895 uint32_t t0tmp = *(dp - 1 - t0len); \ in br_x509_minimal_run()
896 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \ in br_x509_minimal_run()
897 *(dp - 1) = t0tmp; \ in br_x509_minimal_run()
900 uint32_t t0tmp = *(dp - 2); \ in br_x509_minimal_run()
901 *(dp - 2) = *(dp - 1); \ in br_x509_minimal_run()
902 *(dp - 1) = t0tmp; \ in br_x509_minimal_run()
905 uint32_t t0tmp = *(dp - 3); \ in br_x509_minimal_run()
906 *(dp - 3) = *(dp - 2); \ in br_x509_minimal_run()
907 *(dp - 2) = *(dp - 1); \ in br_x509_minimal_run()
908 *(dp - 1) = t0tmp; \ in br_x509_minimal_run()
911 uint32_t t0tmp = *(dp - 1); \ in br_x509_minimal_run()
912 *(dp - 1) = *(dp - 2); \ in br_x509_minimal_run()
913 *(dp - 2) = *(dp - 3); \ in br_x509_minimal_run()
914 *(dp - 3) = t0tmp; \ in br_x509_minimal_run()
925 dp = ((t0_context *)t0ctx)->dp; in br_x509_minimal_run()
926 rp = ((t0_context *)t0ctx)->rp; in br_x509_minimal_run()
927 ip = ((t0_context *)t0ctx)->ip; in br_x509_minimal_run()
940 rp -= (t0x >> 16); in br_x509_minimal_run()
1001 /* - */ in br_x509_minimal_run()
1005 T0_PUSH(a - b); in br_x509_minimal_run()
1010 /* -rot */ in br_x509_minimal_run()
1028 T0_PUSH(-(uint32_t)(a < b)); in br_x509_minimal_run()
1046 T0_PUSH(-(uint32_t)(a <= b)); in br_x509_minimal_run()
1055 T0_PUSH(-(uint32_t)(a != b)); in br_x509_minimal_run()
1064 T0_PUSH(-(uint32_t)(a == b)); in br_x509_minimal_run()
1073 T0_PUSH(-(uint32_t)(a > b)); in br_x509_minimal_run()
1082 T0_PUSH(-(uint32_t)(a >= b)); in br_x509_minimal_run()
1115 /* check-direct-trust */ in br_x509_minimal_run()
1119 for (u = 0; u < CTX->trust_anchors_num; u ++) { in br_x509_minimal_run()
1124 ta = &CTX->trust_anchors[u]; in br_x509_minimal_run()
1125 if (ta->flags & BR_X509_TA_CA) { in br_x509_minimal_run()
1128 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN); in br_x509_minimal_run()
1129 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) { in br_x509_minimal_run()
1132 kt = CTX->pkey.key_type; in br_x509_minimal_run()
1133 if ((ta->pkey.key_type & 0x0F) != kt) { in br_x509_minimal_run()
1139 if (!eqbigint(CTX->pkey.key.rsa.n, in br_x509_minimal_run()
1140 CTX->pkey.key.rsa.nlen, in br_x509_minimal_run()
1141 ta->pkey.key.rsa.n, in br_x509_minimal_run()
1142 ta->pkey.key.rsa.nlen) in br_x509_minimal_run()
1143 || !eqbigint(CTX->pkey.key.rsa.e, in br_x509_minimal_run()
1144 CTX->pkey.key.rsa.elen, in br_x509_minimal_run()
1145 ta->pkey.key.rsa.e, in br_x509_minimal_run()
1146 ta->pkey.key.rsa.elen)) in br_x509_minimal_run()
1153 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve in br_x509_minimal_run()
1154 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen in br_x509_minimal_run()
1155 || memcmp(CTX->pkey.key.ec.q, in br_x509_minimal_run()
1156 ta->pkey.key.ec.q, in br_x509_minimal_run()
1157 ta->pkey.key.ec.qlen) != 0) in br_x509_minimal_run()
1170 CTX->err = BR_ERR_X509_OK; in br_x509_minimal_run()
1177 /* check-trust-anchor-CA */ in br_x509_minimal_run()
1181 for (u = 0; u < CTX->trust_anchors_num; u ++) { in br_x509_minimal_run()
1185 ta = &CTX->trust_anchors[u]; in br_x509_minimal_run()
1186 if (!(ta->flags & BR_X509_TA_CA)) { in br_x509_minimal_run()
1189 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN); in br_x509_minimal_run()
1190 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) { in br_x509_minimal_run()
1193 if (verify_signature(CTX, &ta->pkey) == 0) { in br_x509_minimal_run()
1194 CTX->err = BR_ERR_X509_OK; in br_x509_minimal_run()
1202 /* check-validity-range */ in br_x509_minimal_run()
1209 if (CTX->itime != 0) { in br_x509_minimal_run()
1210 r = CTX->itime(CTX->itime_ctx, nbd, nbs, nad, nas); in br_x509_minimal_run()
1211 if (r < -1 || r > 1) { in br_x509_minimal_run()
1212 CTX->err = BR_ERR_X509_TIME_UNKNOWN; in br_x509_minimal_run()
1216 uint32_t vd = CTX->days; in br_x509_minimal_run()
1217 uint32_t vs = CTX->seconds; in br_x509_minimal_run()
1235 CTX->err = BR_ERR_X509_TIME_UNKNOWN; in br_x509_minimal_run()
1240 r = -1; in br_x509_minimal_run()
1257 /* compute-dn-hash */ in br_x509_minimal_run()
1259 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash); in br_x509_minimal_run()
1260 CTX->do_dn_hash = 0; in br_x509_minimal_run()
1265 /* compute-tbs-hash */ in br_x509_minimal_run()
1269 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash); in br_x509_minimal_run()
1275 /* copy-ee-ec-pkey */ in br_x509_minimal_run()
1279 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen); in br_x509_minimal_run()
1280 CTX->pkey.key_type = BR_KEYTYPE_EC; in br_x509_minimal_run()
1281 CTX->pkey.key.ec.curve = curve; in br_x509_minimal_run()
1282 CTX->pkey.key.ec.q = CTX->ee_pkey_data; in br_x509_minimal_run()
1283 CTX->pkey.key.ec.qlen = qlen; in br_x509_minimal_run()
1288 /* copy-ee-rsa-pkey */ in br_x509_minimal_run()
1292 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen); in br_x509_minimal_run()
1293 CTX->pkey.key_type = BR_KEYTYPE_RSA; in br_x509_minimal_run()
1294 CTX->pkey.key.rsa.n = CTX->ee_pkey_data; in br_x509_minimal_run()
1295 CTX->pkey.key.rsa.nlen = nlen; in br_x509_minimal_run()
1296 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen; in br_x509_minimal_run()
1297 CTX->pkey.key.rsa.elen = elen; in br_x509_minimal_run()
1302 /* copy-name-SAN */ in br_x509_minimal_run()
1308 len = CTX->pad[0]; in br_x509_minimal_run()
1309 for (u = 0; u < CTX->num_name_elts; u ++) { in br_x509_minimal_run()
1312 ne = &CTX->name_elts[u]; in br_x509_minimal_run()
1313 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) { in br_x509_minimal_run()
1314 if (ok && ne->len > len) { in br_x509_minimal_run()
1315 memcpy(ne->buf, CTX->pad + 1, len); in br_x509_minimal_run()
1316 ne->buf[len] = 0; in br_x509_minimal_run()
1317 ne->status = 1; in br_x509_minimal_run()
1319 ne->status = -1; in br_x509_minimal_run()
1328 /* copy-name-element */ in br_x509_minimal_run()
1335 br_name_element *ne = &CTX->name_elts[off]; in br_x509_minimal_run()
1338 len = CTX->pad[0]; in br_x509_minimal_run()
1339 if (len < ne->len) { in br_x509_minimal_run()
1340 memcpy(ne->buf, CTX->pad + 1, len); in br_x509_minimal_run()
1341 ne->buf[len] = 0; in br_x509_minimal_run()
1342 ne->status = 1; in br_x509_minimal_run()
1344 ne->status = -1; in br_x509_minimal_run()
1347 ne->status = -1; in br_x509_minimal_run()
1354 /* data-get8 */ in br_x509_minimal_run()
1362 /* dn-hash-length */ in br_x509_minimal_run()
1369 /* do-ecdsa-vrfy */ in br_x509_minimal_run()
1377 pk.key.ec.q = CTX->pkey_data; in br_x509_minimal_run()
1384 /* do-rsa-vrfy */ in br_x509_minimal_run()
1391 pk.key.rsa.n = CTX->pkey_data; in br_x509_minimal_run()
1393 pk.key.rsa.e = CTX->pkey_data + nlen; in br_x509_minimal_run()
1413 const unsigned char *a1 = &CTX->pad[0]; in br_x509_minimal_run()
1417 x = -(memcmp(a1 + 1, a2 + 1, len) == 0); in br_x509_minimal_run()
1431 T0_PUSHi(-(memcmp(a1, a2, len) == 0)); in br_x509_minimal_run()
1438 CTX->err = T0_POPi(); in br_x509_minimal_run()
1460 /* match-server-name */ in br_x509_minimal_run()
1464 if (CTX->server_name == NULL) { in br_x509_minimal_run()
1468 n1 = strlen(CTX->server_name); in br_x509_minimal_run()
1469 n2 = CTX->pad[0]; in br_x509_minimal_run()
1470 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) { in br_x509_minimal_run()
1471 T0_PUSHi(-1); in br_x509_minimal_run()
1474 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') { in br_x509_minimal_run()
1478 while (u < n1 && CTX->server_name[u] != '.') { in br_x509_minimal_run()
1482 n1 -= u; in br_x509_minimal_run()
1483 if ((n2 - 2) == n1 in br_x509_minimal_run()
1484 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1)) in br_x509_minimal_run()
1486 T0_PUSHi(-1); in br_x509_minimal_run()
1498 T0_PUSH(-a); in br_x509_minimal_run()
1503 /* offset-name-element */ in br_x509_minimal_run()
1508 for (u = 0; u < CTX->num_name_elts; u ++) { in br_x509_minimal_run()
1509 if (CTX->name_elts[u].status == 0) { in br_x509_minimal_run()
1513 oid = CTX->name_elts[u].oid; in br_x509_minimal_run()
1523 if (len != 0 && len == CTX->pad[0] in br_x509_minimal_run()
1525 CTX->pad + 1, len) == 0) in br_x509_minimal_run()
1532 T0_PUSHi(-1); in br_x509_minimal_run()
1551 /* read-blob-inner */ in br_x509_minimal_run()
1555 size_t clen = CTX->hlen; in br_x509_minimal_run()
1560 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen); in br_x509_minimal_run()
1562 if (CTX->do_mhash) { in br_x509_minimal_run()
1563 br_multihash_update(&CTX->mhash, CTX->hbuf, clen); in br_x509_minimal_run()
1565 if (CTX->do_dn_hash) { in br_x509_minimal_run()
1566 CTX->dn_hash_impl->update( in br_x509_minimal_run()
1567 &CTX->dn_hash.vtable, CTX->hbuf, clen); in br_x509_minimal_run()
1569 CTX->hbuf += clen; in br_x509_minimal_run()
1570 CTX->hlen -= clen; in br_x509_minimal_run()
1572 T0_PUSH(len - clen); in br_x509_minimal_run()
1577 /* read8-low */ in br_x509_minimal_run()
1579 if (CTX->hlen == 0) { in br_x509_minimal_run()
1580 T0_PUSHi(-1); in br_x509_minimal_run()
1582 unsigned char x = *CTX->hbuf ++; in br_x509_minimal_run()
1583 if (CTX->do_mhash) { in br_x509_minimal_run()
1584 br_multihash_update(&CTX->mhash, &x, 1); in br_x509_minimal_run()
1586 if (CTX->do_dn_hash) { in br_x509_minimal_run()
1587 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1); in br_x509_minimal_run()
1589 CTX->hlen --; in br_x509_minimal_run()
1625 /* start-dn-hash */ in br_x509_minimal_run()
1627 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable); in br_x509_minimal_run()
1628 CTX->do_dn_hash = 1; in br_x509_minimal_run()
1633 /* start-tbs-hash */ in br_x509_minimal_run()
1635 br_multihash_init(&CTX->mhash); in br_x509_minimal_run()
1636 CTX->do_mhash = 1; in br_x509_minimal_run()
1641 /* stop-tbs-hash */ in br_x509_minimal_run()
1643 CTX->do_mhash = 0; in br_x509_minimal_run()
1653 /* zero-server-name */ in br_x509_minimal_run()
1655 T0_PUSHi(-(CTX->server_name == NULL)); in br_x509_minimal_run()
1662 T0_ENTER(ip, rp, t0x); in br_x509_minimal_run()
1666 ((t0_context *)t0ctx)->dp = dp; in br_x509_minimal_run()
1667 ((t0_context *)t0ctx)->rp = rp; in br_x509_minimal_run()
1668 ((t0_context *)t0ctx)->ip = ip; in br_x509_minimal_run()
1676 * type. Returned value is either 0 on success, or a non-zero error code.
1683 kt = ctx->cert_signer_key_type; in verify_signature()
1684 if ((pk->key_type & 0x0F) != kt) { in verify_signature()
1691 if (ctx->irsa == 0) { in verify_signature()
1694 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len, in verify_signature()
1695 &t0_datablock[ctx->cert_sig_hash_oid], in verify_signature()
1696 ctx->cert_sig_hash_len, &pk->key.rsa, tmp)) in verify_signature()
1700 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) { in verify_signature()
1706 if (ctx->iecdsa == 0) { in verify_signature()
1709 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash, in verify_signature()
1710 ctx->cert_sig_hash_len, &pk->key.ec, in verify_signature()
1711 ctx->cert_sig, ctx->cert_sig_len)) in verify_signature()