1 /* Automatically generated code; do not modify directly. */ 2 3 #include <stddef.h> 4 #include <stdint.h> 5 6 typedef struct { 7 uint32_t *dp; 8 uint32_t *rp; 9 const unsigned char *ip; 10 } t0_context; 11 12 static uint32_t 13 t0_parse7E_unsigned(const unsigned char **p) 14 { 15 uint32_t x; 16 17 x = 0; 18 for (;;) { 19 unsigned y; 20 21 y = *(*p) ++; 22 x = (x << 7) | (uint32_t)(y & 0x7F); 23 if (y < 0x80) { 24 return x; 25 } 26 } 27 } 28 29 static int32_t 30 t0_parse7E_signed(const unsigned char **p) 31 { 32 int neg; 33 uint32_t x; 34 35 neg = ((**p) >> 6) & 1; 36 x = (uint32_t)-neg; 37 for (;;) { 38 unsigned y; 39 40 y = *(*p) ++; 41 x = (x << 7) | (uint32_t)(y & 0x7F); 42 if (y < 0x80) { 43 if (neg) { 44 return -(int32_t)~x - 1; 45 } else { 46 return (int32_t)x; 47 } 48 } 49 } 50 } 51 52 #define T0_VBYTE(x, n) (unsigned char)((((uint32_t)(x) >> (n)) & 0x7F) | 0x80) 53 #define T0_FBYTE(x, n) (unsigned char)(((uint32_t)(x) >> (n)) & 0x7F) 54 #define T0_SBYTE(x) (unsigned char)((((uint32_t)(x) >> 28) + 0xF8) ^ 0xF8) 55 #define T0_INT1(x) T0_FBYTE(x, 0) 56 #define T0_INT2(x) T0_VBYTE(x, 7), T0_FBYTE(x, 0) 57 #define T0_INT3(x) T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0) 58 #define T0_INT4(x) T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0) 59 #define T0_INT5(x) T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0) 60 61 /* static const unsigned char t0_datablock[]; */ 62 63 64 void br_x509_minimal_init_main(void *t0ctx); 65 66 void br_x509_minimal_run(void *t0ctx); 67 68 69 70 #include "inner.h" 71 72 73 74 75 76 #include "inner.h" 77 78 /* 79 * Implementation Notes 80 * -------------------- 81 * 82 * The C code pushes the data by chunks; all decoding is done in the 83 * T0 code. The cert_length value is set to the certificate length when 84 * a new certificate is started; the T0 code picks it up as outer limit, 85 * and decoding functions use it to ensure that no attempt is made at 86 * reading past it. The T0 code also checks that once the certificate is 87 * decoded, there are no trailing bytes. 88 * 89 * The T0 code sets cert_length to 0 when the certificate is fully 90 * decoded. 91 * 92 * The C code must still perform two checks: 93 * 94 * -- If the certificate length is 0, then the T0 code will not be 95 * invoked at all. This invalid condition must thus be reported by the 96 * C code. 97 * 98 * -- When reaching the end of certificate, the C code must verify that 99 * the certificate length has been set to 0, thereby signaling that 100 * the T0 code properly decoded a certificate. 101 * 102 * Processing of a chain works in the following way: 103 * 104 * -- The error flag is set to a non-zero value when validation is 105 * finished. The value is either BR_ERR_X509_OK (validation is 106 * successful) or another non-zero error code. When a non-zero error 107 * code is obtained, the remaining bytes in the current certificate and 108 * the subsequent certificates (if any) are completely ignored. 109 * 110 * -- Each certificate is decoded in due course, with the following 111 * "interesting points": 112 * 113 * -- Start of the TBS: the multihash engine is reset and activated. 114 * 115 * -- Start of the issuer DN: the secondary hash engine is started, 116 * to process the encoded issuer DN. 117 * 118 * -- End of the issuer DN: the secondary hash engine is stopped. The 119 * resulting hash value is computed and then copied into the 120 * next_dn_hash[] buffer. 121 * 122 * -- Start of the subject DN: the secondary hash engine is started, 123 * to process the encoded subject DN. 124 * 125 * -- For the EE certificate only: the Common Name, if any, is matched 126 * against the expected server name. 127 * 128 * -- End of the subject DN: the secondary hash engine is stopped. The 129 * resulting hash value is computed into the pad. It is then processed: 130 * 131 * -- If this is the EE certificate, then the hash is ignored 132 * (except for direct trust processing, see later; the hash is 133 * simply left in current_dn_hash[]). 134 * 135 * -- Otherwise, the hashed subject DN is compared with the saved 136 * hash value (in saved_dn_hash[]). They must match. 137 * 138 * Either way, the next_dn_hash[] value is then copied into the 139 * saved_dn_hash[] value. Thus, at that point, saved_dn_hash[] 140 * contains the hash of the issuer DN for the current certificate, 141 * and current_dn_hash[] contains the hash of the subject DN for the 142 * current certificate. 143 * 144 * -- Public key: it is decoded into the cert_pkey[] buffer. Unknown 145 * key types are reported at that point. 146 * 147 * -- If this is the EE certificate, then the key type is compared 148 * with the expected key type (initialization parameter). The public 149 * key data is copied to ee_pkey_data[]. The key and hashed subject 150 * DN are also compared with the "direct trust" keys; if the key 151 * and DN are matched, then validation ends with a success. 152 * 153 * -- Otherwise, the saved signature (cert_sig[]) is verified 154 * against the saved TBS hash (tbs_hash[]) and that freshly 155 * decoded public key. Failure here ends validation with an error. 156 * 157 * -- Extensions: extension values are processed in due order. 158 * 159 * -- Basic Constraints: for all certificates except EE, must be 160 * present, indicate a CA, and have a path length compatible with 161 * the chain length so far. 162 * 163 * -- Key Usage: for the EE, if present, must allow signatures 164 * or encryption/key exchange, as required for the cipher suite. 165 * For non-EE, if present, must have the "certificate sign" bit. 166 * 167 * -- Subject Alt Name: for the EE, dNSName names are matched 168 * against the server name. Ignored for non-EE. 169 * 170 * -- Authority Key Identifier, Subject Key Identifier, Issuer 171 * Alt Name, Subject Directory Attributes, CRL Distribution Points 172 * Freshest CRL, Authority Info Access and Subject Info Access 173 * extensions are always ignored: they either contain only 174 * informative data, or they relate to revocation processing, which 175 * we explicitly do not support. 176 * 177 * -- All other extensions are ignored if non-critical. If a 178 * critical extension other than the ones above is encountered, 179 * then a failure is reported. 180 * 181 * -- End of the TBS: the multihash engine is stopped. 182 * 183 * -- Signature algorithm: the signature algorithm on the 184 * certificate is decoded. A failure is reported if that algorithm 185 * is unknown. The hashed TBS corresponding to the signature hash 186 * function is computed and stored in tbs_hash[] (if not supported, 187 * then a failure is reported). The hash OID and length are stored 188 * in cert_sig_hash_oid and cert_sig_hash_len. 189 * 190 * -- Signature value: the signature value is copied into the 191 * cert_sig[] array. 192 * 193 * -- Certificate end: the hashed issuer DN (saved_dn_hash[]) is 194 * looked up in the trust store (CA trust anchors only); for all 195 * that match, the signature (cert_sig[]) is verified against the 196 * anchor public key (hashed TBS is in tbs_hash[]). If one of these 197 * signatures is valid, then validation ends with a success. 198 * 199 * -- If the chain end is reached without obtaining a validation success, 200 * then validation is reported as failed. 201 */ 202 203 #if BR_USE_UNIX_TIME 204 #include <time.h> 205 #endif 206 207 #if BR_USE_WIN32_TIME 208 #include <windows.h> 209 #endif 210 211 /* 212 * The T0 compiler will produce these prototypes declarations in the 213 * header. 214 * 215 void br_x509_minimal_init_main(void *ctx); 216 void br_x509_minimal_run(void *ctx); 217 */ 218 219 /* see bearssl_x509.h */ 220 void 221 br_x509_minimal_init(br_x509_minimal_context *ctx, 222 const br_hash_class *dn_hash_impl, 223 const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num) 224 { 225 memset(ctx, 0, sizeof *ctx); 226 ctx->vtable = &br_x509_minimal_vtable; 227 ctx->dn_hash_impl = dn_hash_impl; 228 ctx->trust_anchors = trust_anchors; 229 ctx->trust_anchors_num = trust_anchors_num; 230 } 231 232 static void 233 xm_start_chain(const br_x509_class **ctx, const char *server_name) 234 { 235 br_x509_minimal_context *cc; 236 size_t u; 237 238 cc = (br_x509_minimal_context *)(void *)ctx; 239 for (u = 0; u < cc->num_name_elts; u ++) { 240 cc->name_elts[u].status = 0; 241 cc->name_elts[u].buf[0] = 0; 242 } 243 memset(&cc->pkey, 0, sizeof cc->pkey); 244 cc->num_certs = 0; 245 cc->err = 0; 246 cc->cpu.dp = cc->dp_stack; 247 cc->cpu.rp = cc->rp_stack; 248 br_x509_minimal_init_main(&cc->cpu); 249 if (server_name == NULL || *server_name == 0) { 250 cc->server_name = NULL; 251 } else { 252 cc->server_name = server_name; 253 } 254 } 255 256 static void 257 xm_start_cert(const br_x509_class **ctx, uint32_t length) 258 { 259 br_x509_minimal_context *cc; 260 261 cc = (br_x509_minimal_context *)(void *)ctx; 262 if (cc->err != 0) { 263 return; 264 } 265 if (length == 0) { 266 cc->err = BR_ERR_X509_TRUNCATED; 267 return; 268 } 269 cc->cert_length = length; 270 } 271 272 static void 273 xm_append(const br_x509_class **ctx, const unsigned char *buf, size_t len) 274 { 275 br_x509_minimal_context *cc; 276 277 cc = (br_x509_minimal_context *)(void *)ctx; 278 if (cc->err != 0) { 279 return; 280 } 281 cc->hbuf = buf; 282 cc->hlen = len; 283 br_x509_minimal_run(&cc->cpu); 284 } 285 286 static void 287 xm_end_cert(const br_x509_class **ctx) 288 { 289 br_x509_minimal_context *cc; 290 291 cc = (br_x509_minimal_context *)(void *)ctx; 292 if (cc->err == 0 && cc->cert_length != 0) { 293 cc->err = BR_ERR_X509_TRUNCATED; 294 } 295 cc->num_certs ++; 296 } 297 298 static unsigned 299 xm_end_chain(const br_x509_class **ctx) 300 { 301 br_x509_minimal_context *cc; 302 303 cc = (br_x509_minimal_context *)(void *)ctx; 304 if (cc->err == 0) { 305 if (cc->num_certs == 0) { 306 cc->err = BR_ERR_X509_EMPTY_CHAIN; 307 } else { 308 cc->err = BR_ERR_X509_NOT_TRUSTED; 309 } 310 } else if (cc->err == BR_ERR_X509_OK) { 311 return 0; 312 } 313 return (unsigned)cc->err; 314 } 315 316 static const br_x509_pkey * 317 xm_get_pkey(const br_x509_class *const *ctx, unsigned *usages) 318 { 319 br_x509_minimal_context *cc; 320 321 cc = (br_x509_minimal_context *)(void *)ctx; 322 if (cc->err == BR_ERR_X509_OK 323 || cc->err == BR_ERR_X509_NOT_TRUSTED) 324 { 325 if (usages != NULL) { 326 *usages = cc->key_usages; 327 } 328 return &((br_x509_minimal_context *)(void *)ctx)->pkey; 329 } else { 330 return NULL; 331 } 332 } 333 334 /* see bearssl_x509.h */ 335 const br_x509_class br_x509_minimal_vtable = { 336 sizeof(br_x509_minimal_context), 337 xm_start_chain, 338 xm_start_cert, 339 xm_append, 340 xm_end_cert, 341 xm_end_chain, 342 xm_get_pkey 343 }; 344 345 #define CTX ((br_x509_minimal_context *)(void *)((unsigned char *)t0ctx - offsetof(br_x509_minimal_context, cpu))) 346 #define CONTEXT_NAME br_x509_minimal_context 347 348 #define DNHASH_LEN ((CTX->dn_hash_impl->desc >> BR_HASHDESC_OUT_OFF) & BR_HASHDESC_OUT_MASK) 349 350 /* 351 * Hash a DN (from a trust anchor) into the provided buffer. This uses the 352 * DN hash implementation and context structure from the X.509 engine 353 * context. 354 */ 355 static void 356 hash_dn(br_x509_minimal_context *ctx, const void *dn, size_t len, 357 unsigned char *out) 358 { 359 ctx->dn_hash_impl->init(&ctx->dn_hash.vtable); 360 ctx->dn_hash_impl->update(&ctx->dn_hash.vtable, dn, len); 361 ctx->dn_hash_impl->out(&ctx->dn_hash.vtable, out); 362 } 363 364 /* 365 * Compare two big integers for equality. The integers use unsigned big-endian 366 * encoding; extra leading bytes (of value 0) are allowed. 367 */ 368 static int 369 eqbigint(const unsigned char *b1, size_t len1, 370 const unsigned char *b2, size_t len2) 371 { 372 while (len1 > 0 && *b1 == 0) { 373 b1 ++; 374 len1 --; 375 } 376 while (len2 > 0 && *b2 == 0) { 377 b2 ++; 378 len2 --; 379 } 380 if (len1 != len2) { 381 return 0; 382 } 383 return memcmp(b1, b2, len1) == 0; 384 } 385 386 /* 387 * Compare two strings for equality, in a case-insensitive way. This 388 * function handles casing only for ASCII letters. 389 */ 390 static int 391 eqnocase(const void *s1, const void *s2, size_t len) 392 { 393 const unsigned char *buf1, *buf2; 394 395 buf1 = s1; 396 buf2 = s2; 397 while (len -- > 0) { 398 int x1, x2; 399 400 x1 = *buf1 ++; 401 x2 = *buf2 ++; 402 if (x1 >= 'A' && x1 <= 'Z') { 403 x1 += 'a' - 'A'; 404 } 405 if (x2 >= 'A' && x2 <= 'Z') { 406 x2 += 'a' - 'A'; 407 } 408 if (x1 != x2) { 409 return 0; 410 } 411 } 412 return 1; 413 } 414 415 static int verify_signature(br_x509_minimal_context *ctx, 416 const br_x509_pkey *pk); 417 418 419 420 static const unsigned char t0_datablock[] = { 421 0x00, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x09, 422 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x09, 0x2A, 0x86, 423 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E, 0x09, 0x2A, 0x86, 0x48, 0x86, 424 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 425 0x01, 0x01, 0x0C, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 426 0x0D, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x09, 0x60, 0x86, 0x48, 0x01, 427 0x65, 0x03, 0x04, 0x02, 0x04, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 428 0x04, 0x02, 0x01, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 429 0x02, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x07, 430 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x08, 0x2A, 0x86, 0x48, 0xCE, 431 0x3D, 0x03, 0x01, 0x07, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x05, 0x2B, 432 0x81, 0x04, 0x00, 0x23, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01, 433 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01, 0x08, 0x2A, 0x86, 434 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 435 0x04, 0x03, 0x03, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x04, 436 0x03, 0x55, 0x04, 0x03, 0x00, 0x1F, 0x03, 0xFC, 0x07, 0x7F, 0x0B, 0x5E, 437 0x0F, 0x1F, 0x12, 0xFE, 0x16, 0xBF, 0x1A, 0x9F, 0x1E, 0x7E, 0x22, 0x3F, 438 0x26, 0x1E, 0x29, 0xDF, 0x00, 0x1F, 0x03, 0xFD, 0x07, 0x9F, 0x0B, 0x7E, 439 0x0F, 0x3F, 0x13, 0x1E, 0x16, 0xDF, 0x1A, 0xBF, 0x1E, 0x9E, 0x22, 0x5F, 440 0x26, 0x3E, 0x29, 0xFF, 0x03, 0x55, 0x1D, 0x13, 0x03, 0x55, 0x1D, 0x0F, 441 0x03, 0x55, 0x1D, 0x11, 0x03, 0x55, 0x1D, 0x20, 0x08, 0x2B, 0x06, 0x01, 442 0x05, 0x05, 0x07, 0x02, 0x01, 0x03, 0x55, 0x1D, 0x23, 0x03, 0x55, 0x1D, 443 0x0E, 0x03, 0x55, 0x1D, 0x12, 0x03, 0x55, 0x1D, 0x09, 0x03, 0x55, 0x1D, 444 0x1F, 0x03, 0x55, 0x1D, 0x2E, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 445 0x01, 0x01, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0B 446 }; 447 448 static const unsigned char t0_codeblock[] = { 449 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01, 0x00, 0x10, 0x00, 0x00, 0x01, 450 0x00, 0x11, 0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x01, 0x0A, 451 0x00, 0x00, 0x25, 0x25, 0x00, 0x00, 0x01, 452 T0_INT1(BR_ERR_X509_BAD_BOOLEAN), 0x00, 0x00, 0x01, 453 T0_INT1(BR_ERR_X509_BAD_DN), 0x00, 0x00, 0x01, 454 T0_INT1(BR_ERR_X509_BAD_SERVER_NAME), 0x00, 0x00, 0x01, 455 T0_INT1(BR_ERR_X509_BAD_TAG_CLASS), 0x00, 0x00, 0x01, 456 T0_INT1(BR_ERR_X509_BAD_TAG_VALUE), 0x00, 0x00, 0x01, 457 T0_INT1(BR_ERR_X509_BAD_TIME), 0x00, 0x00, 0x01, 458 T0_INT1(BR_ERR_X509_CRITICAL_EXTENSION), 0x00, 0x00, 0x01, 459 T0_INT1(BR_ERR_X509_DN_MISMATCH), 0x00, 0x00, 0x01, 460 T0_INT1(BR_ERR_X509_EXPIRED), 0x00, 0x00, 0x01, 461 T0_INT1(BR_ERR_X509_EXTRA_ELEMENT), 0x00, 0x00, 0x01, 462 T0_INT1(BR_ERR_X509_FORBIDDEN_KEY_USAGE), 0x00, 0x00, 0x01, 463 T0_INT1(BR_ERR_X509_INDEFINITE_LENGTH), 0x00, 0x00, 0x01, 464 T0_INT1(BR_ERR_X509_INNER_TRUNC), 0x00, 0x00, 0x01, 465 T0_INT1(BR_ERR_X509_LIMIT_EXCEEDED), 0x00, 0x00, 0x01, 466 T0_INT1(BR_ERR_X509_NOT_CA), 0x00, 0x00, 0x01, 467 T0_INT1(BR_ERR_X509_NOT_CONSTRUCTED), 0x00, 0x00, 0x01, 468 T0_INT1(BR_ERR_X509_NOT_PRIMITIVE), 0x00, 0x00, 0x01, 469 T0_INT1(BR_ERR_X509_OVERFLOW), 0x00, 0x00, 0x01, 470 T0_INT1(BR_ERR_X509_PARTIAL_BYTE), 0x00, 0x00, 0x01, 471 T0_INT1(BR_ERR_X509_UNEXPECTED), 0x00, 0x00, 0x01, 472 T0_INT1(BR_ERR_X509_UNSUPPORTED), 0x00, 0x00, 0x01, 473 T0_INT1(BR_ERR_X509_WEAK_PUBLIC_KEY), 0x00, 0x00, 0x01, 474 T0_INT1(BR_KEYTYPE_EC), 0x00, 0x00, 0x01, T0_INT1(BR_KEYTYPE_RSA), 475 0x00, 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_length)), 0x00, 476 0x00, 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig)), 0x00, 0x00, 477 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_len)), 0x00, 0x00, 478 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_hash_oid)), 0x00, 0x00, 479 0x01, T0_INT2(offsetof(CONTEXT_NAME, cert_sig_len)), 0x00, 0x00, 0x01, 480 T0_INT2(offsetof(CONTEXT_NAME, cert_signer_key_type)), 0x00, 0x00, 481 0x01, T0_INT2(offsetof(CONTEXT_NAME, current_dn_hash)), 0x00, 0x00, 482 0x01, T0_INT2(offsetof(CONTEXT_NAME, key_usages)), 0x00, 0x00, 0x01, 483 T0_INT2(offsetof(br_x509_minimal_context, pkey_data)), 0x01, 484 T0_INT2(BR_X509_BUFSIZE_KEY), 0x00, 0x00, 0x01, 485 T0_INT2(offsetof(CONTEXT_NAME, min_rsa_size)), 0x00, 0x00, 0x01, 486 T0_INT2(offsetof(CONTEXT_NAME, next_dn_hash)), 0x00, 0x00, 0x01, 487 T0_INT2(offsetof(CONTEXT_NAME, num_certs)), 0x00, 0x00, 0x01, 488 T0_INT2(offsetof(CONTEXT_NAME, pad)), 0x00, 0x00, 0x01, 489 T0_INT2(offsetof(CONTEXT_NAME, saved_dn_hash)), 0x00, 0x00, 0x01, 0x80, 490 0x73, 0x00, 0x00, 0x01, 0x80, 0x7C, 0x00, 0x00, 0x01, 0x81, 0x02, 0x00, 491 0x00, 0x8F, 0x05, 0x05, 0x33, 0x41, 0x01, 0x00, 0x00, 0x33, 0x01, 0x0A, 492 0x0E, 0x09, 0x01, 0x9A, 0xFF, 0xB8, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x82, 493 0x19, 0x00, 0x00, 0x01, 0x82, 0x01, 0x00, 0x00, 0x01, 0x81, 0x68, 0x00, 494 0x02, 0x03, 0x00, 0x03, 0x01, 0x26, 0x02, 0x01, 0x13, 0x3A, 0x02, 0x00, 495 0x0F, 0x15, 0x00, 0x00, 0x01, 0x81, 0x74, 0x00, 0x00, 0x05, 0x02, 0x51, 496 0x29, 0x00, 0x00, 0x06, 0x02, 0x52, 0x29, 0x00, 0x00, 0x01, 0x10, 0x74, 497 0x00, 0x00, 0x11, 0x05, 0x02, 0x55, 0x29, 0x71, 0x00, 0x00, 0x11, 0x05, 498 0x02, 0x55, 0x29, 0x72, 0x00, 0x00, 0x06, 0x02, 0x4B, 0x29, 0x00, 0x00, 499 0x01, 0x82, 0x11, 0x00, 0x00, 0x26, 0x21, 0x01, 0x08, 0x0E, 0x3A, 0x3F, 500 0x21, 0x09, 0x00, 0x0B, 0x03, 0x00, 0x5A, 0x2B, 0xAC, 0x38, 0xAC, 0xB0, 501 0x26, 0x01, 0x20, 0x11, 0x06, 0x11, 0x25, 0x71, 0xAA, 0xB0, 0x01, 0x02, 502 0x75, 0xAD, 0x01, 0x02, 0x12, 0x06, 0x02, 0x56, 0x29, 0x76, 0xB0, 0x01, 503 0x02, 0x75, 0xAB, 0xAC, 0xBF, 0x99, 0x64, 0x60, 0x22, 0x16, 0xAC, 0xA4, 504 0x03, 0x01, 0x03, 0x02, 0xA4, 0x02, 0x02, 0x02, 0x01, 0x19, 0x06, 0x02, 505 0x4A, 0x29, 0x76, 0x02, 0x00, 0x06, 0x05, 0x9A, 0x03, 0x03, 0x04, 0x09, 506 0x99, 0x60, 0x67, 0x22, 0x28, 0x05, 0x02, 0x49, 0x29, 0x67, 0x64, 0x22, 507 0x16, 0xAC, 0xAC, 0x9B, 0x05, 0x02, 0x56, 0x29, 0xB9, 0x27, 0x06, 0x27, 508 0xBF, 0xA1, 0xAC, 0x62, 0xA7, 0x03, 0x05, 0x62, 0x3A, 0x02, 0x05, 0x09, 509 0x3A, 0x02, 0x05, 0x0A, 0xA7, 0x03, 0x06, 0x76, 0x63, 0x2A, 0x01, 0x81, 510 0x00, 0x09, 0x02, 0x05, 0x12, 0x06, 0x02, 0x57, 0x29, 0x76, 0x59, 0x03, 511 0x04, 0x04, 0x3A, 0x85, 0x27, 0x06, 0x34, 0x9B, 0x05, 0x02, 0x56, 0x29, 512 0x68, 0x27, 0x06, 0x04, 0x01, 0x17, 0x04, 0x12, 0x69, 0x27, 0x06, 0x04, 513 0x01, 0x18, 0x04, 0x0A, 0x6A, 0x27, 0x06, 0x04, 0x01, 0x19, 0x04, 0x02, 514 0x56, 0x29, 0x03, 0x07, 0x76, 0xA1, 0x26, 0x03, 0x08, 0x26, 0x62, 0x33, 515 0x0D, 0x06, 0x02, 0x4F, 0x29, 0xA2, 0x58, 0x03, 0x04, 0x04, 0x02, 0x56, 516 0x29, 0x76, 0x02, 0x00, 0x06, 0x21, 0x02, 0x04, 0x59, 0x30, 0x11, 0x06, 517 0x08, 0x25, 0x02, 0x05, 0x02, 0x06, 0x1E, 0x04, 0x10, 0x58, 0x30, 0x11, 518 0x06, 0x08, 0x25, 0x02, 0x07, 0x02, 0x08, 0x1D, 0x04, 0x03, 0x56, 0x29, 519 0x25, 0x04, 0x24, 0x02, 0x04, 0x59, 0x30, 0x11, 0x06, 0x08, 0x25, 0x02, 520 0x05, 0x02, 0x06, 0x24, 0x04, 0x10, 0x58, 0x30, 0x11, 0x06, 0x08, 0x25, 521 0x02, 0x07, 0x02, 0x08, 0x23, 0x04, 0x03, 0x56, 0x29, 0x25, 0x26, 0x06, 522 0x01, 0x29, 0x25, 0x01, 0x00, 0x03, 0x09, 0xB1, 0x01, 0x21, 0x8C, 0x01, 523 0x22, 0x8C, 0x26, 0x01, 0x23, 0x11, 0x06, 0x81, 0x26, 0x25, 0x71, 0xAA, 524 0xAC, 0x26, 0x06, 0x81, 0x1A, 0x01, 0x00, 0x03, 0x0A, 0xAC, 0x9B, 0x25, 525 0xB0, 0x26, 0x01, 0x01, 0x11, 0x06, 0x04, 0xA3, 0x03, 0x0A, 0xB0, 0x01, 526 0x04, 0x75, 0xAA, 0x6E, 0x27, 0x06, 0x0F, 0x02, 0x00, 0x06, 0x03, 0xC0, 527 0x04, 0x05, 0x96, 0x01, 0x7F, 0x03, 0x09, 0x04, 0x80, 0x6C, 0x8E, 0x27, 528 0x06, 0x06, 0x02, 0x00, 0x98, 0x04, 0x80, 0x62, 0xC2, 0x27, 0x06, 0x11, 529 0x02, 0x00, 0x06, 0x09, 0x01, 0x00, 0x03, 0x03, 0x95, 0x03, 0x03, 0x04, 530 0x01, 0xC0, 0x04, 0x80, 0x4D, 0x70, 0x27, 0x06, 0x0A, 0x02, 0x0A, 0x06, 531 0x03, 0x97, 0x04, 0x01, 0xC0, 0x04, 0x3F, 0x6D, 0x27, 0x06, 0x03, 0xC0, 532 0x04, 0x38, 0xC5, 0x27, 0x06, 0x03, 0xC0, 0x04, 0x31, 0x8D, 0x27, 0x06, 533 0x03, 0xC0, 0x04, 0x2A, 0xC3, 0x27, 0x06, 0x03, 0xC0, 0x04, 0x23, 0x77, 534 0x27, 0x06, 0x03, 0xC0, 0x04, 0x1C, 0x82, 0x27, 0x06, 0x03, 0xC0, 0x04, 535 0x15, 0x6C, 0x27, 0x06, 0x03, 0xC0, 0x04, 0x0E, 0xC4, 0x27, 0x06, 0x03, 536 0xC0, 0x04, 0x07, 0x02, 0x0A, 0x06, 0x02, 0x48, 0x29, 0xC0, 0x76, 0x76, 537 0x04, 0xFE, 0x62, 0x76, 0x76, 0x04, 0x08, 0x01, 0x7F, 0x11, 0x05, 0x02, 538 0x55, 0x29, 0x25, 0x76, 0x39, 0x02, 0x00, 0x06, 0x08, 0x02, 0x03, 0x3B, 539 0x2F, 0x05, 0x02, 0x44, 0x29, 0x02, 0x00, 0x06, 0x01, 0x17, 0x02, 0x00, 540 0x02, 0x09, 0x2F, 0x05, 0x02, 0x50, 0x29, 0xB0, 0x73, 0xAA, 0x9B, 0x06, 541 0x80, 0x77, 0xBA, 0x27, 0x06, 0x07, 0x01, 0x02, 0x59, 0x87, 0x04, 0x80, 542 0x5E, 0xBB, 0x27, 0x06, 0x07, 0x01, 0x03, 0x59, 0x88, 0x04, 0x80, 0x53, 543 0xBC, 0x27, 0x06, 0x07, 0x01, 0x04, 0x59, 0x89, 0x04, 0x80, 0x48, 0xBD, 544 0x27, 0x06, 0x06, 0x01, 0x05, 0x59, 0x8A, 0x04, 0x3E, 0xBE, 0x27, 0x06, 545 0x06, 0x01, 0x06, 0x59, 0x8B, 0x04, 0x34, 0x7C, 0x27, 0x06, 0x06, 0x01, 546 0x02, 0x58, 0x87, 0x04, 0x2A, 0x7D, 0x27, 0x06, 0x06, 0x01, 0x03, 0x58, 547 0x88, 0x04, 0x20, 0x7E, 0x27, 0x06, 0x06, 0x01, 0x04, 0x58, 0x89, 0x04, 548 0x16, 0x7F, 0x27, 0x06, 0x06, 0x01, 0x05, 0x58, 0x8A, 0x04, 0x0C, 0x80, 549 0x27, 0x06, 0x06, 0x01, 0x06, 0x58, 0x8B, 0x04, 0x02, 0x56, 0x29, 0x5D, 550 0x34, 0x5F, 0x36, 0x1C, 0x26, 0x05, 0x02, 0x56, 0x29, 0x5C, 0x36, 0x04, 551 0x02, 0x56, 0x29, 0xBF, 0xA1, 0x26, 0x01, T0_INT2(BR_X509_BUFSIZE_SIG), 552 0x12, 0x06, 0x02, 0x4F, 0x29, 0x26, 0x5E, 0x34, 0x5B, 0xA2, 0x76, 0x76, 553 0x01, 0x00, 0x5A, 0x35, 0x18, 0x00, 0x00, 0x01, 0x30, 0x0A, 0x26, 0x01, 554 0x00, 0x01, 0x09, 0x6F, 0x05, 0x02, 0x47, 0x29, 0x00, 0x00, 0x30, 0x30, 555 0x00, 0x00, 0x01, 0x81, 0x08, 0x00, 0x00, 0x01, 0x81, 0x10, 0x00, 0x00, 556 0x01, 0x81, 0x19, 0x00, 0x00, 0x01, 0x81, 0x22, 0x00, 0x00, 0x01, 0x81, 557 0x2B, 0x00, 0x01, 0x7B, 0x01, 0x01, 0x11, 0x3A, 0x01, 0x83, 0xFD, 0x7F, 558 0x11, 0x15, 0x06, 0x03, 0x3A, 0x25, 0x00, 0x3A, 0x26, 0x03, 0x00, 0x26, 559 0xC6, 0x05, 0x04, 0x41, 0x01, 0x00, 0x00, 0x26, 0x01, 0x81, 0x00, 0x0D, 560 0x06, 0x04, 0x93, 0x04, 0x80, 0x49, 0x26, 0x01, 0x90, 0x00, 0x0D, 0x06, 561 0x0F, 0x01, 0x06, 0x14, 0x01, 0x81, 0x40, 0x2F, 0x93, 0x02, 0x00, 0x01, 562 0x00, 0x94, 0x04, 0x33, 0x26, 0x01, 0x83, 0xFF, 0x7F, 0x0D, 0x06, 0x14, 563 0x01, 0x0C, 0x14, 0x01, 0x81, 0x60, 0x2F, 0x93, 0x02, 0x00, 0x01, 0x06, 564 0x94, 0x02, 0x00, 0x01, 0x00, 0x94, 0x04, 0x17, 0x01, 0x12, 0x14, 0x01, 565 0x81, 0x70, 0x2F, 0x93, 0x02, 0x00, 0x01, 0x0C, 0x94, 0x02, 0x00, 0x01, 566 0x06, 0x94, 0x02, 0x00, 0x01, 0x00, 0x94, 0x00, 0x00, 0x01, 0x82, 0x15, 567 0x00, 0x00, 0x26, 0x01, 0x83, 0xB0, 0x00, 0x01, 0x83, 0xB7, 0x7F, 0x6F, 568 0x00, 0x00, 0x01, 0x81, 0x34, 0x00, 0x00, 0x01, 0x80, 0x6B, 0x00, 0x00, 569 0x01, 0x81, 0x78, 0x00, 0x00, 0x01, 0x3D, 0x00, 0x00, 0x01, 0x80, 0x43, 570 0x00, 0x00, 0x01, 0x80, 0x4D, 0x00, 0x00, 0x01, 0x80, 0x57, 0x00, 0x00, 571 0x01, 0x80, 0x61, 0x00, 0x00, 0x30, 0x11, 0x06, 0x04, 0x41, 0xAA, 0xBF, 572 0xB1, 0x00, 0x00, 0x01, 0x82, 0x09, 0x00, 0x00, 0x01, 0x81, 0x6C, 0x00, 573 0x00, 0x26, 0x01, 0x83, 0xB8, 0x00, 0x01, 0x83, 0xBF, 0x7F, 0x6F, 0x00, 574 0x00, 0x01, 0x30, 0x61, 0x36, 0x01, 0x7F, 0x79, 0x1A, 0x01, 0x00, 0x79, 575 0x1A, 0x04, 0x7A, 0x00, 0x01, 0x81, 0x38, 0x00, 0x01, 0x7B, 0x0D, 0x06, 576 0x02, 0x4E, 0x29, 0x26, 0x03, 0x00, 0x0A, 0x02, 0x00, 0x00, 0x00, 0x30, 577 0x26, 0x3E, 0x3A, 0x01, 0x82, 0x00, 0x13, 0x2F, 0x06, 0x04, 0x41, 0x01, 578 0x00, 0x00, 0x30, 0x66, 0x09, 0x36, 0x3F, 0x00, 0x00, 0x14, 0x01, 0x3F, 579 0x15, 0x01, 0x81, 0x00, 0x2F, 0x93, 0x00, 0x02, 0x01, 0x00, 0x03, 0x00, 580 0xAC, 0x26, 0x06, 0x80, 0x59, 0xB0, 0x01, 0x20, 0x30, 0x11, 0x06, 0x17, 581 0x25, 0x71, 0xAA, 0x9B, 0x25, 0x01, 0x7F, 0x2E, 0x03, 0x01, 0xB0, 0x01, 582 0x20, 0x74, 0xAA, 0xAF, 0x02, 0x01, 0x20, 0x76, 0x76, 0x04, 0x38, 0x01, 583 0x21, 0x30, 0x11, 0x06, 0x08, 0x25, 0x72, 0xB3, 0x01, 0x01, 0x1F, 0x04, 584 0x2A, 0x01, 0x22, 0x30, 0x11, 0x06, 0x11, 0x25, 0x72, 0xB3, 0x26, 0x06, 585 0x06, 0x2C, 0x02, 0x00, 0x2F, 0x03, 0x00, 0x01, 0x02, 0x1F, 0x04, 0x13, 586 0x01, 0x26, 0x30, 0x11, 0x06, 0x08, 0x25, 0x72, 0xB3, 0x01, 0x06, 0x1F, 587 0x04, 0x05, 0x41, 0xAB, 0x01, 0x00, 0x25, 0x04, 0xFF, 0x23, 0x76, 0x02, 588 0x00, 0x00, 0x00, 0xAC, 0xB1, 0x26, 0x01, 0x01, 0x11, 0x06, 0x08, 0xA3, 589 0x05, 0x02, 0x50, 0x29, 0xB1, 0x04, 0x02, 0x50, 0x29, 0x26, 0x01, 0x02, 590 0x11, 0x06, 0x0C, 0x25, 0x72, 0xAD, 0x65, 0x2B, 0x40, 0x0D, 0x06, 0x02, 591 0x50, 0x29, 0xB1, 0x01, 0x7F, 0x10, 0x06, 0x02, 0x55, 0x29, 0x25, 0x76, 592 0x00, 0x00, 0xAC, 0x26, 0x06, 0x1A, 0xAC, 0x9B, 0x25, 0x26, 0x06, 0x11, 593 0xAC, 0x26, 0x06, 0x0C, 0xAC, 0x9B, 0x25, 0x86, 0x27, 0x05, 0x02, 0x48, 594 0x29, 0xBF, 0x04, 0x71, 0x76, 0x76, 0x04, 0x63, 0x76, 0x00, 0x02, 0x03, 595 0x00, 0xB0, 0x01, 0x03, 0x75, 0xAA, 0xB7, 0x03, 0x01, 0x02, 0x01, 0x01, 596 0x07, 0x12, 0x06, 0x02, 0x55, 0x29, 0x26, 0x01, 0x00, 0x30, 0x11, 0x06, 597 0x05, 0x25, 0x4C, 0x29, 0x04, 0x15, 0x01, 0x01, 0x30, 0x11, 0x06, 0x0A, 598 0x25, 0xB7, 0x02, 0x01, 0x14, 0x02, 0x01, 0x0E, 0x04, 0x05, 0x25, 0xB7, 599 0x01, 0x00, 0x25, 0x02, 0x00, 0x06, 0x19, 0x01, 0x00, 0x30, 0x01, 0x38, 600 0x15, 0x06, 0x03, 0x01, 0x10, 0x2F, 0x3A, 0x01, 0x81, 0x40, 0x15, 0x06, 601 0x03, 0x01, 0x20, 0x2F, 0x61, 0x36, 0x04, 0x07, 0x01, 0x04, 0x15, 0x05, 602 0x02, 0x4C, 0x29, 0xBF, 0x00, 0x00, 0x37, 0xAC, 0xBF, 0x1B, 0x00, 0x03, 603 0x01, 0x00, 0x03, 0x00, 0x37, 0xAC, 0x26, 0x06, 0x30, 0xB0, 0x01, 0x11, 604 0x74, 0xAA, 0x26, 0x05, 0x02, 0x43, 0x29, 0x26, 0x06, 0x20, 0xAC, 0x9B, 605 0x25, 0x84, 0x27, 0x03, 0x01, 0x01, 0x00, 0x2E, 0x03, 0x02, 0xAF, 0x26, 606 0x02, 0x01, 0x15, 0x06, 0x07, 0x2C, 0x06, 0x04, 0x01, 0x7F, 0x03, 0x00, 607 0x02, 0x02, 0x20, 0x76, 0x04, 0x5D, 0x76, 0x04, 0x4D, 0x76, 0x1B, 0x02, 608 0x00, 0x00, 0x00, 0xB0, 0x01, 0x06, 0x75, 0xAE, 0x00, 0x00, 0xB5, 0x83, 609 0x06, 0x0E, 0x3A, 0x26, 0x05, 0x06, 0x41, 0x01, 0x00, 0x01, 0x00, 0x00, 610 0xB5, 0x6B, 0x04, 0x08, 0x8F, 0x06, 0x05, 0x25, 0x01, 0x00, 0x04, 0x00, 611 0x00, 0x00, 0xB6, 0x83, 0x06, 0x0E, 0x3A, 0x26, 0x05, 0x06, 0x41, 0x01, 612 0x00, 0x01, 0x00, 0x00, 0xB6, 0x6B, 0x04, 0x08, 0x8F, 0x06, 0x05, 0x25, 613 0x01, 0x00, 0x04, 0x00, 0x00, 0x00, 0xB7, 0x26, 0x01, 0x81, 0x00, 0x0D, 614 0x06, 0x04, 0x00, 0x04, 0x80, 0x55, 0x26, 0x01, 0x81, 0x40, 0x0D, 0x06, 615 0x07, 0x25, 0x01, 0x00, 0x00, 0x04, 0x80, 0x47, 0x26, 0x01, 0x81, 0x60, 616 0x0D, 0x06, 0x0E, 0x01, 0x1F, 0x15, 0x01, 0x01, 0xA0, 0x01, 0x81, 0x00, 617 0x01, 0x8F, 0x7F, 0x04, 0x32, 0x26, 0x01, 0x81, 0x70, 0x0D, 0x06, 0x0F, 618 0x01, 0x0F, 0x15, 0x01, 0x02, 0xA0, 0x01, 0x90, 0x00, 0x01, 0x83, 0xFF, 619 0x7F, 0x04, 0x1C, 0x26, 0x01, 0x81, 0x78, 0x0D, 0x06, 0x11, 0x01, 0x07, 620 0x15, 0x01, 0x03, 0xA0, 0x01, 0x84, 0x80, 0x00, 0x01, 0x80, 0xC3, 0xFF, 621 0x7F, 0x04, 0x04, 0x25, 0x01, 0x00, 0x00, 0x6F, 0x05, 0x03, 0x25, 0x01, 622 0x00, 0x00, 0x00, 0x3A, 0x26, 0x05, 0x06, 0x41, 0x01, 0x00, 0x01, 0x7F, 623 0x00, 0xB7, 0x33, 0x26, 0x3C, 0x06, 0x03, 0x3A, 0x25, 0x00, 0x01, 0x06, 624 0x0E, 0x3A, 0x26, 0x01, 0x06, 0x14, 0x01, 0x02, 0x10, 0x06, 0x04, 0x41, 625 0x01, 0x7F, 0x00, 0x01, 0x3F, 0x15, 0x09, 0x00, 0x00, 0x26, 0x06, 0x06, 626 0x0B, 0x9F, 0x33, 0x40, 0x04, 0x77, 0x25, 0x26, 0x00, 0x00, 0xB0, 0x01, 627 0x03, 0x75, 0xAA, 0xB7, 0x06, 0x02, 0x54, 0x29, 0x00, 0x00, 0x3A, 0x26, 628 0x06, 0x07, 0x31, 0x26, 0x06, 0x01, 0x1A, 0x04, 0x76, 0x41, 0x00, 0x00, 629 0x01, 0x01, 0x75, 0xA9, 0x01, 0x01, 0x10, 0x06, 0x02, 0x42, 0x29, 0xB7, 630 0x3D, 0x00, 0x04, 0xB0, 0x26, 0x01, 0x17, 0x01, 0x18, 0x6F, 0x05, 0x02, 631 0x47, 0x29, 0x01, 0x18, 0x11, 0x03, 0x00, 0x72, 0xAA, 0xA5, 0x02, 0x00, 632 0x06, 0x0C, 0x01, 0x80, 0x64, 0x08, 0x03, 0x01, 0xA5, 0x02, 0x01, 0x09, 633 0x04, 0x0E, 0x26, 0x01, 0x32, 0x0D, 0x06, 0x04, 0x01, 0x80, 0x64, 0x09, 634 0x01, 0x8E, 0x6C, 0x09, 0x03, 0x01, 0x02, 0x01, 0x01, 0x82, 0x6D, 0x08, 635 0x02, 0x01, 0x01, 0x03, 0x09, 0x01, 0x04, 0x0C, 0x09, 0x02, 0x01, 0x01, 636 0x80, 0x63, 0x09, 0x01, 0x80, 0x64, 0x0C, 0x0A, 0x02, 0x01, 0x01, 0x83, 637 0x0F, 0x09, 0x01, 0x83, 0x10, 0x0C, 0x09, 0x03, 0x03, 0x01, 0x01, 0x01, 638 0x0C, 0xA6, 0x40, 0x01, 0x01, 0x0E, 0x02, 0x01, 0x01, 0x04, 0x07, 0x3E, 639 0x02, 0x01, 0x01, 0x80, 0x64, 0x07, 0x3D, 0x02, 0x01, 0x01, 0x83, 0x10, 640 0x07, 0x3E, 0x2F, 0x15, 0x06, 0x03, 0x01, 0x18, 0x09, 0x91, 0x09, 0x78, 641 0x26, 0x01, 0x05, 0x14, 0x02, 0x03, 0x09, 0x03, 0x03, 0x01, 0x1F, 0x15, 642 0x01, 0x01, 0x3A, 0xA6, 0x02, 0x03, 0x09, 0x40, 0x03, 0x03, 0x01, 0x00, 643 0x01, 0x17, 0xA6, 0x01, 0x9C, 0x10, 0x08, 0x03, 0x02, 0x01, 0x00, 0x01, 644 0x3B, 0xA6, 0x01, 0x3C, 0x08, 0x02, 0x02, 0x09, 0x03, 0x02, 0x01, 0x00, 645 0x01, 0x3C, 0xA6, 0x02, 0x02, 0x09, 0x03, 0x02, 0xB7, 0x26, 0x01, 0x2E, 646 0x11, 0x06, 0x0D, 0x25, 0xB7, 0x26, 0x01, 0x30, 0x01, 0x39, 0x6F, 0x06, 647 0x03, 0x25, 0x04, 0x74, 0x01, 0x80, 0x5A, 0x10, 0x06, 0x02, 0x47, 0x29, 648 0x76, 0x02, 0x03, 0x02, 0x02, 0x00, 0x01, 0xB7, 0x7A, 0x01, 0x0A, 0x08, 649 0x03, 0x00, 0xB7, 0x7A, 0x02, 0x00, 0x09, 0x00, 0x02, 0x03, 0x00, 0x03, 650 0x01, 0xA5, 0x26, 0x02, 0x01, 0x02, 0x00, 0x6F, 0x05, 0x02, 0x47, 0x29, 651 0x00, 0x00, 0x33, 0xB0, 0x01, 0x02, 0x75, 0x0B, 0xA8, 0x00, 0x03, 0x26, 652 0x03, 0x00, 0x03, 0x01, 0x03, 0x02, 0xAA, 0xB7, 0x26, 0x01, 0x81, 0x00, 653 0x13, 0x06, 0x02, 0x53, 0x29, 0x26, 0x01, 0x00, 0x11, 0x06, 0x0B, 0x25, 654 0x26, 0x05, 0x04, 0x25, 0x01, 0x00, 0x00, 0xB7, 0x04, 0x6F, 0x02, 0x01, 655 0x26, 0x05, 0x02, 0x4F, 0x29, 0x40, 0x03, 0x01, 0x02, 0x02, 0x36, 0x02, 656 0x02, 0x3F, 0x03, 0x02, 0x26, 0x06, 0x03, 0xB7, 0x04, 0x68, 0x25, 0x02, 657 0x00, 0x02, 0x01, 0x0A, 0x00, 0x01, 0xB7, 0x26, 0x01, 0x81, 0x00, 0x0D, 658 0x06, 0x01, 0x00, 0x01, 0x81, 0x00, 0x0A, 0x26, 0x05, 0x02, 0x4D, 0x29, 659 0x03, 0x00, 0x01, 0x00, 0x02, 0x00, 0x01, 0x00, 0x12, 0x06, 0x19, 0x02, 660 0x00, 0x40, 0x03, 0x00, 0x26, 0x01, 0x83, 0xFF, 0xFF, 0x7F, 0x12, 0x06, 661 0x02, 0x4E, 0x29, 0x01, 0x08, 0x0E, 0x3A, 0xB7, 0x33, 0x09, 0x04, 0x60, 662 0x00, 0x00, 0xA9, 0x92, 0x00, 0x00, 0xAA, 0xBF, 0x00, 0x00, 0xB0, 0x73, 663 0xAA, 0x00, 0x01, 0xAA, 0x26, 0x05, 0x02, 0x53, 0x29, 0xB7, 0x26, 0x01, 664 0x81, 0x00, 0x13, 0x06, 0x02, 0x53, 0x29, 0x03, 0x00, 0x26, 0x06, 0x16, 665 0xB7, 0x02, 0x00, 0x26, 0x01, 0x87, 0xFF, 0xFF, 0x7F, 0x13, 0x06, 0x02, 666 0x53, 0x29, 0x01, 0x08, 0x0E, 0x09, 0x03, 0x00, 0x04, 0x67, 0x25, 0x02, 667 0x00, 0x00, 0x00, 0xAA, 0x26, 0x01, 0x81, 0x7F, 0x12, 0x06, 0x08, 0xBF, 668 0x01, 0x00, 0x66, 0x36, 0x01, 0x00, 0x00, 0x26, 0x66, 0x36, 0x66, 0x3F, 669 0xA2, 0x01, 0x7F, 0x00, 0x00, 0xB0, 0x01, 0x0C, 0x30, 0x11, 0x06, 0x05, 670 0x25, 0x72, 0xB3, 0x04, 0x3E, 0x01, 0x12, 0x30, 0x11, 0x06, 0x05, 0x25, 671 0x72, 0xB4, 0x04, 0x33, 0x01, 0x13, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 672 0xB4, 0x04, 0x28, 0x01, 0x14, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 0xB4, 673 0x04, 0x1D, 0x01, 0x16, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 0xB4, 0x04, 674 0x12, 0x01, 0x1E, 0x30, 0x11, 0x06, 0x05, 0x25, 0x72, 0xB2, 0x04, 0x07, 675 0x41, 0xAB, 0x01, 0x00, 0x01, 0x00, 0x25, 0x00, 0x01, 0xB7, 0x03, 0x00, 676 0x02, 0x00, 0x01, 0x05, 0x14, 0x01, 0x01, 0x15, 0x2D, 0x02, 0x00, 0x01, 677 0x06, 0x14, 0x26, 0x01, 0x01, 0x15, 0x06, 0x02, 0x45, 0x29, 0x01, 0x04, 678 0x0E, 0x02, 0x00, 0x01, 0x1F, 0x15, 0x26, 0x01, 0x1F, 0x11, 0x06, 0x02, 679 0x46, 0x29, 0x09, 0x00, 0x00, 0x26, 0x05, 0x05, 0x01, 0x00, 0x01, 0x7F, 680 0x00, 0xB0, 0x00, 0x01, 0xAA, 0x26, 0x05, 0x05, 0x66, 0x36, 0x01, 0x7F, 681 0x00, 0x01, 0x01, 0x03, 0x00, 0x9C, 0x26, 0x01, 0x83, 0xFF, 0x7E, 0x11, 682 0x06, 0x16, 0x25, 0x26, 0x06, 0x10, 0x9D, 0x26, 0x05, 0x05, 0x25, 0xBF, 683 0x01, 0x00, 0x00, 0x02, 0x00, 0x81, 0x03, 0x00, 0x04, 0x6D, 0x04, 0x1B, 684 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 0x81, 0x03, 685 0x00, 0x26, 0x06, 0x0B, 0x9C, 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 686 0x00, 0x04, 0x6D, 0x25, 0x02, 0x00, 0x26, 0x05, 0x01, 0x00, 0x40, 0x66, 687 0x36, 0x01, 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 0x26, 0x06, 688 0x10, 0x9E, 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 0x00, 0x02, 0x00, 689 0x81, 0x03, 0x00, 0x04, 0x6D, 0x25, 0x02, 0x00, 0x26, 0x05, 0x01, 0x00, 690 0x40, 0x66, 0x36, 0x01, 0x7F, 0x00, 0x01, 0xAA, 0x01, 0x01, 0x03, 0x00, 691 0x26, 0x06, 0x10, 0xB7, 0x26, 0x05, 0x05, 0x25, 0xBF, 0x01, 0x00, 0x00, 692 0x02, 0x00, 0x81, 0x03, 0x00, 0x04, 0x6D, 0x25, 0x02, 0x00, 0x26, 0x05, 693 0x01, 0x00, 0x40, 0x66, 0x36, 0x01, 0x7F, 0x00, 0x00, 0xB7, 0x01, 0x08, 694 0x0E, 0x3A, 0xB7, 0x33, 0x09, 0x00, 0x00, 0xB7, 0x3A, 0xB7, 0x01, 0x08, 695 0x0E, 0x33, 0x09, 0x00, 0x00, 0x26, 0x05, 0x02, 0x4E, 0x29, 0x40, 0xB8, 696 0x00, 0x00, 0x32, 0x26, 0x01, 0x00, 0x13, 0x06, 0x01, 0x00, 0x25, 0x1A, 697 0x04, 0x74, 0x00, 0x01, 0x01, 0x00, 0x00, 0x01, 0x0B, 0x00, 0x00, 0x01, 698 0x15, 0x00, 0x00, 0x01, 0x1F, 0x00, 0x00, 0x01, 0x29, 0x00, 0x00, 0x01, 699 0x33, 0x00, 0x00, 0xC0, 0x25, 0x00, 0x00, 0x26, 0x06, 0x07, 0xC1, 0x26, 700 0x06, 0x01, 0x1A, 0x04, 0x76, 0x00, 0x00, 0x01, 0x00, 0x30, 0x31, 0x0B, 701 0x41, 0x00, 0x00, 0x01, 0x81, 0x70, 0x00, 0x00, 0x01, 0x82, 0x0D, 0x00, 702 0x00, 0x01, 0x82, 0x22, 0x00, 0x00, 0x01, 0x82, 0x05, 0x00, 0x00, 0x26, 703 0x01, 0x83, 0xFB, 0x50, 0x01, 0x83, 0xFB, 0x6F, 0x6F, 0x06, 0x04, 0x25, 704 0x01, 0x00, 0x00, 0x26, 0x01, 0x83, 0xB0, 0x00, 0x01, 0x83, 0xBF, 0x7F, 705 0x6F, 0x06, 0x04, 0x25, 0x01, 0x00, 0x00, 0x01, 0x83, 0xFF, 0x7F, 0x15, 706 0x01, 0x83, 0xFF, 0x7E, 0x0D, 0x00 707 }; 708 709 static const uint16_t t0_caddr[] = { 710 0, 711 5, 712 10, 713 15, 714 20, 715 25, 716 29, 717 33, 718 37, 719 41, 720 45, 721 49, 722 53, 723 57, 724 61, 725 65, 726 69, 727 73, 728 77, 729 81, 730 85, 731 89, 732 93, 733 97, 734 101, 735 105, 736 109, 737 113, 738 117, 739 121, 740 125, 741 130, 742 135, 743 140, 744 145, 745 150, 746 155, 747 160, 748 165, 749 173, 750 178, 751 183, 752 188, 753 193, 754 198, 755 203, 756 208, 757 213, 758 234, 759 239, 760 244, 761 249, 762 264, 763 269, 764 275, 765 281, 766 286, 767 294, 768 302, 769 308, 770 313, 771 324, 772 960, 773 975, 774 979, 775 984, 776 989, 777 994, 778 999, 779 1004, 780 1118, 781 1123, 782 1135, 783 1140, 784 1145, 785 1150, 786 1154, 787 1159, 788 1164, 789 1169, 790 1174, 791 1184, 792 1189, 793 1194, 794 1206, 795 1221, 796 1226, 797 1240, 798 1262, 799 1273, 800 1376, 801 1423, 802 1456, 803 1547, 804 1553, 805 1616, 806 1623, 807 1651, 808 1679, 809 1784, 810 1826, 811 1839, 812 1851, 813 1865, 814 1880, 815 2100, 816 2114, 817 2131, 818 2140, 819 2207, 820 2263, 821 2267, 822 2271, 823 2276, 824 2324, 825 2350, 826 2426, 827 2470, 828 2481, 829 2566, 830 2604, 831 2642, 832 2652, 833 2662, 834 2671, 835 2684, 836 2688, 837 2692, 838 2696, 839 2700, 840 2704, 841 2708, 842 2712, 843 2724, 844 2732, 845 2737, 846 2742, 847 2747, 848 2752 849 }; 850 851 #define T0_INTERPRETED 60 852 853 #define T0_ENTER(ip, rp, slot) do { \ 854 const unsigned char *t0_newip; \ 855 uint32_t t0_lnum; \ 856 t0_newip = &t0_codeblock[t0_caddr[(slot) - T0_INTERPRETED]]; \ 857 t0_lnum = t0_parse7E_unsigned(&t0_newip); \ 858 (rp) += t0_lnum; \ 859 *((rp) ++) = (uint32_t)((ip) - &t0_codeblock[0]) + (t0_lnum << 16); \ 860 (ip) = t0_newip; \ 861 } while (0) 862 863 #define T0_DEFENTRY(name, slot) \ 864 void \ 865 name(void *ctx) \ 866 { \ 867 t0_context *t0ctx = ctx; \ 868 t0ctx->ip = &t0_codeblock[0]; \ 869 T0_ENTER(t0ctx->ip, t0ctx->rp, slot); \ 870 } 871 872 T0_DEFENTRY(br_x509_minimal_init_main, 144) 873 874 #define T0_NEXT(t0ipp) (*(*(t0ipp)) ++) 875 876 void 877 br_x509_minimal_run(void *t0ctx) 878 { 879 uint32_t *dp, *rp; 880 const unsigned char *ip; 881 882 #define T0_LOCAL(x) (*(rp - 2 - (x))) 883 #define T0_POP() (*-- dp) 884 #define T0_POPi() (*(int32_t *)(-- dp)) 885 #define T0_PEEK(x) (*(dp - 1 - (x))) 886 #define T0_PEEKi(x) (*(int32_t *)(dp - 1 - (x))) 887 #define T0_PUSH(v) do { *dp = (v); dp ++; } while (0) 888 #define T0_PUSHi(v) do { *(int32_t *)dp = (v); dp ++; } while (0) 889 #define T0_RPOP() (*-- rp) 890 #define T0_RPOPi() (*(int32_t *)(-- rp)) 891 #define T0_RPUSH(v) do { *rp = (v); rp ++; } while (0) 892 #define T0_RPUSHi(v) do { *(int32_t *)rp = (v); rp ++; } while (0) 893 #define T0_ROLL(x) do { \ 894 size_t t0len = (size_t)(x); \ 895 uint32_t t0tmp = *(dp - 1 - t0len); \ 896 memmove(dp - t0len - 1, dp - t0len, t0len * sizeof *dp); \ 897 *(dp - 1) = t0tmp; \ 898 } while (0) 899 #define T0_SWAP() do { \ 900 uint32_t t0tmp = *(dp - 2); \ 901 *(dp - 2) = *(dp - 1); \ 902 *(dp - 1) = t0tmp; \ 903 } while (0) 904 #define T0_ROT() do { \ 905 uint32_t t0tmp = *(dp - 3); \ 906 *(dp - 3) = *(dp - 2); \ 907 *(dp - 2) = *(dp - 1); \ 908 *(dp - 1) = t0tmp; \ 909 } while (0) 910 #define T0_NROT() do { \ 911 uint32_t t0tmp = *(dp - 1); \ 912 *(dp - 1) = *(dp - 2); \ 913 *(dp - 2) = *(dp - 3); \ 914 *(dp - 3) = t0tmp; \ 915 } while (0) 916 #define T0_PICK(x) do { \ 917 uint32_t t0depth = (x); \ 918 T0_PUSH(T0_PEEK(t0depth)); \ 919 } while (0) 920 #define T0_CO() do { \ 921 goto t0_exit; \ 922 } while (0) 923 #define T0_RET() goto t0_next 924 925 dp = ((t0_context *)t0ctx)->dp; 926 rp = ((t0_context *)t0ctx)->rp; 927 ip = ((t0_context *)t0ctx)->ip; 928 goto t0_next; 929 for (;;) { 930 uint32_t t0x; 931 932 t0_next: 933 t0x = T0_NEXT(&ip); 934 if (t0x < T0_INTERPRETED) { 935 switch (t0x) { 936 int32_t t0off; 937 938 case 0: /* ret */ 939 t0x = T0_RPOP(); 940 rp -= (t0x >> 16); 941 t0x &= 0xFFFF; 942 if (t0x == 0) { 943 ip = NULL; 944 goto t0_exit; 945 } 946 ip = &t0_codeblock[t0x]; 947 break; 948 case 1: /* literal constant */ 949 T0_PUSHi(t0_parse7E_signed(&ip)); 950 break; 951 case 2: /* read local */ 952 T0_PUSH(T0_LOCAL(t0_parse7E_unsigned(&ip))); 953 break; 954 case 3: /* write local */ 955 T0_LOCAL(t0_parse7E_unsigned(&ip)) = T0_POP(); 956 break; 957 case 4: /* jump */ 958 t0off = t0_parse7E_signed(&ip); 959 ip += t0off; 960 break; 961 case 5: /* jump if */ 962 t0off = t0_parse7E_signed(&ip); 963 if (T0_POP()) { 964 ip += t0off; 965 } 966 break; 967 case 6: /* jump if not */ 968 t0off = t0_parse7E_signed(&ip); 969 if (!T0_POP()) { 970 ip += t0off; 971 } 972 break; 973 case 7: { 974 /* %25 */ 975 976 int32_t b = T0_POPi(); 977 int32_t a = T0_POPi(); 978 T0_PUSHi(a % b); 979 980 } 981 break; 982 case 8: { 983 /* * */ 984 985 uint32_t b = T0_POP(); 986 uint32_t a = T0_POP(); 987 T0_PUSH(a * b); 988 989 } 990 break; 991 case 9: { 992 /* + */ 993 994 uint32_t b = T0_POP(); 995 uint32_t a = T0_POP(); 996 T0_PUSH(a + b); 997 998 } 999 break; 1000 case 10: { 1001 /* - */ 1002 1003 uint32_t b = T0_POP(); 1004 uint32_t a = T0_POP(); 1005 T0_PUSH(a - b); 1006 1007 } 1008 break; 1009 case 11: { 1010 /* -rot */ 1011 T0_NROT(); 1012 } 1013 break; 1014 case 12: { 1015 /* / */ 1016 1017 int32_t b = T0_POPi(); 1018 int32_t a = T0_POPi(); 1019 T0_PUSHi(a / b); 1020 1021 } 1022 break; 1023 case 13: { 1024 /* < */ 1025 1026 int32_t b = T0_POPi(); 1027 int32_t a = T0_POPi(); 1028 T0_PUSH(-(uint32_t)(a < b)); 1029 1030 } 1031 break; 1032 case 14: { 1033 /* << */ 1034 1035 int c = (int)T0_POPi(); 1036 uint32_t x = T0_POP(); 1037 T0_PUSH(x << c); 1038 1039 } 1040 break; 1041 case 15: { 1042 /* <= */ 1043 1044 int32_t b = T0_POPi(); 1045 int32_t a = T0_POPi(); 1046 T0_PUSH(-(uint32_t)(a <= b)); 1047 1048 } 1049 break; 1050 case 16: { 1051 /* <> */ 1052 1053 uint32_t b = T0_POP(); 1054 uint32_t a = T0_POP(); 1055 T0_PUSH(-(uint32_t)(a != b)); 1056 1057 } 1058 break; 1059 case 17: { 1060 /* = */ 1061 1062 uint32_t b = T0_POP(); 1063 uint32_t a = T0_POP(); 1064 T0_PUSH(-(uint32_t)(a == b)); 1065 1066 } 1067 break; 1068 case 18: { 1069 /* > */ 1070 1071 int32_t b = T0_POPi(); 1072 int32_t a = T0_POPi(); 1073 T0_PUSH(-(uint32_t)(a > b)); 1074 1075 } 1076 break; 1077 case 19: { 1078 /* >= */ 1079 1080 int32_t b = T0_POPi(); 1081 int32_t a = T0_POPi(); 1082 T0_PUSH(-(uint32_t)(a >= b)); 1083 1084 } 1085 break; 1086 case 20: { 1087 /* >> */ 1088 1089 int c = (int)T0_POPi(); 1090 int32_t x = T0_POPi(); 1091 T0_PUSHi(x >> c); 1092 1093 } 1094 break; 1095 case 21: { 1096 /* and */ 1097 1098 uint32_t b = T0_POP(); 1099 uint32_t a = T0_POP(); 1100 T0_PUSH(a & b); 1101 1102 } 1103 break; 1104 case 22: { 1105 /* blobcopy */ 1106 1107 size_t len = T0_POP(); 1108 unsigned char *src = (unsigned char *)CTX + T0_POP(); 1109 unsigned char *dst = (unsigned char *)CTX + T0_POP(); 1110 memcpy(dst, src, len); 1111 1112 } 1113 break; 1114 case 23: { 1115 /* check-direct-trust */ 1116 1117 size_t u; 1118 1119 for (u = 0; u < CTX->trust_anchors_num; u ++) { 1120 const br_x509_trust_anchor *ta; 1121 unsigned char hashed_DN[64]; 1122 int kt; 1123 1124 ta = &CTX->trust_anchors[u]; 1125 if (ta->flags & BR_X509_TA_CA) { 1126 continue; 1127 } 1128 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN); 1129 if (memcmp(hashed_DN, CTX->current_dn_hash, DNHASH_LEN)) { 1130 continue; 1131 } 1132 kt = CTX->pkey.key_type; 1133 if ((ta->pkey.key_type & 0x0F) != kt) { 1134 continue; 1135 } 1136 switch (kt) { 1137 1138 case BR_KEYTYPE_RSA: 1139 if (!eqbigint(CTX->pkey.key.rsa.n, 1140 CTX->pkey.key.rsa.nlen, 1141 ta->pkey.key.rsa.n, 1142 ta->pkey.key.rsa.nlen) 1143 || !eqbigint(CTX->pkey.key.rsa.e, 1144 CTX->pkey.key.rsa.elen, 1145 ta->pkey.key.rsa.e, 1146 ta->pkey.key.rsa.elen)) 1147 { 1148 continue; 1149 } 1150 break; 1151 1152 case BR_KEYTYPE_EC: 1153 if (CTX->pkey.key.ec.curve != ta->pkey.key.ec.curve 1154 || CTX->pkey.key.ec.qlen != ta->pkey.key.ec.qlen 1155 || memcmp(CTX->pkey.key.ec.q, 1156 ta->pkey.key.ec.q, 1157 ta->pkey.key.ec.qlen) != 0) 1158 { 1159 continue; 1160 } 1161 break; 1162 1163 default: 1164 continue; 1165 } 1166 1167 /* 1168 * Direct trust match! 1169 */ 1170 CTX->err = BR_ERR_X509_OK; 1171 T0_CO(); 1172 } 1173 1174 } 1175 break; 1176 case 24: { 1177 /* check-trust-anchor-CA */ 1178 1179 size_t u; 1180 1181 for (u = 0; u < CTX->trust_anchors_num; u ++) { 1182 const br_x509_trust_anchor *ta; 1183 unsigned char hashed_DN[64]; 1184 1185 ta = &CTX->trust_anchors[u]; 1186 if (!(ta->flags & BR_X509_TA_CA)) { 1187 continue; 1188 } 1189 hash_dn(CTX, ta->dn.data, ta->dn.len, hashed_DN); 1190 if (memcmp(hashed_DN, CTX->saved_dn_hash, DNHASH_LEN)) { 1191 continue; 1192 } 1193 if (verify_signature(CTX, &ta->pkey) == 0) { 1194 CTX->err = BR_ERR_X509_OK; 1195 T0_CO(); 1196 } 1197 } 1198 1199 } 1200 break; 1201 case 25: { 1202 /* check-validity-range */ 1203 1204 uint32_t nbs = T0_POP(); 1205 uint32_t nbd = T0_POP(); 1206 uint32_t nas = T0_POP(); 1207 uint32_t nad = T0_POP(); 1208 int r; 1209 if (CTX->itime != 0) { 1210 r = CTX->itime(CTX->itime_ctx, nbd, nbs, nad, nas); 1211 if (r < -1 || r > 1) { 1212 CTX->err = BR_ERR_X509_TIME_UNKNOWN; 1213 T0_CO(); 1214 } 1215 } else { 1216 uint32_t vd = CTX->days; 1217 uint32_t vs = CTX->seconds; 1218 if (vd == 0 && vs == 0) { 1219 #if BR_USE_UNIX_TIME 1220 time_t x = time(NULL); 1221 1222 vd = (uint32_t)(x / 86400) + 719528; 1223 vs = (uint32_t)(x % 86400); 1224 #elif BR_USE_WIN32_TIME 1225 FILETIME ft; 1226 uint64_t x; 1227 1228 GetSystemTimeAsFileTime(&ft); 1229 x = ((uint64_t)ft.dwHighDateTime << 32) 1230 + (uint64_t)ft.dwLowDateTime; 1231 x = (x / 10000000); 1232 vd = (uint32_t)(x / 86400) + 584754; 1233 vs = (uint32_t)(x % 86400); 1234 #else 1235 CTX->err = BR_ERR_X509_TIME_UNKNOWN; 1236 T0_CO(); 1237 #endif 1238 } 1239 if (vd < nbd || (vd == nbd && vs < nbs)) { 1240 r = -1; 1241 } else if (vd > nad || (vd == nad && vs > nas)) { 1242 r = 1; 1243 } else { 1244 r = 0; 1245 } 1246 } 1247 T0_PUSHi(r); 1248 1249 } 1250 break; 1251 case 26: { 1252 /* co */ 1253 T0_CO(); 1254 } 1255 break; 1256 case 27: { 1257 /* compute-dn-hash */ 1258 1259 CTX->dn_hash_impl->out(&CTX->dn_hash.vtable, CTX->current_dn_hash); 1260 CTX->do_dn_hash = 0; 1261 1262 } 1263 break; 1264 case 28: { 1265 /* compute-tbs-hash */ 1266 1267 int id = T0_POPi(); 1268 size_t len; 1269 len = br_multihash_out(&CTX->mhash, id, CTX->tbs_hash); 1270 T0_PUSH(len); 1271 1272 } 1273 break; 1274 case 29: { 1275 /* copy-ee-ec-pkey */ 1276 1277 size_t qlen = T0_POP(); 1278 uint32_t curve = T0_POP(); 1279 memcpy(CTX->ee_pkey_data, CTX->pkey_data, qlen); 1280 CTX->pkey.key_type = BR_KEYTYPE_EC; 1281 CTX->pkey.key.ec.curve = curve; 1282 CTX->pkey.key.ec.q = CTX->ee_pkey_data; 1283 CTX->pkey.key.ec.qlen = qlen; 1284 1285 } 1286 break; 1287 case 30: { 1288 /* copy-ee-rsa-pkey */ 1289 1290 size_t elen = T0_POP(); 1291 size_t nlen = T0_POP(); 1292 memcpy(CTX->ee_pkey_data, CTX->pkey_data, nlen + elen); 1293 CTX->pkey.key_type = BR_KEYTYPE_RSA; 1294 CTX->pkey.key.rsa.n = CTX->ee_pkey_data; 1295 CTX->pkey.key.rsa.nlen = nlen; 1296 CTX->pkey.key.rsa.e = CTX->ee_pkey_data + nlen; 1297 CTX->pkey.key.rsa.elen = elen; 1298 1299 } 1300 break; 1301 case 31: { 1302 /* copy-name-SAN */ 1303 1304 unsigned tag = T0_POP(); 1305 unsigned ok = T0_POP(); 1306 size_t u, len; 1307 1308 len = CTX->pad[0]; 1309 for (u = 0; u < CTX->num_name_elts; u ++) { 1310 br_name_element *ne; 1311 1312 ne = &CTX->name_elts[u]; 1313 if (ne->status == 0 && ne->oid[0] == 0 && ne->oid[1] == tag) { 1314 if (ok && ne->len > len) { 1315 memcpy(ne->buf, CTX->pad + 1, len); 1316 ne->buf[len] = 0; 1317 ne->status = 1; 1318 } else { 1319 ne->status = -1; 1320 } 1321 break; 1322 } 1323 } 1324 1325 } 1326 break; 1327 case 32: { 1328 /* copy-name-element */ 1329 1330 size_t len; 1331 int32_t off = T0_POPi(); 1332 int ok = T0_POPi(); 1333 1334 if (off >= 0) { 1335 br_name_element *ne = &CTX->name_elts[off]; 1336 1337 if (ok) { 1338 len = CTX->pad[0]; 1339 if (len < ne->len) { 1340 memcpy(ne->buf, CTX->pad + 1, len); 1341 ne->buf[len] = 0; 1342 ne->status = 1; 1343 } else { 1344 ne->status = -1; 1345 } 1346 } else { 1347 ne->status = -1; 1348 } 1349 } 1350 1351 } 1352 break; 1353 case 33: { 1354 /* data-get8 */ 1355 1356 size_t addr = T0_POP(); 1357 T0_PUSH(t0_datablock[addr]); 1358 1359 } 1360 break; 1361 case 34: { 1362 /* dn-hash-length */ 1363 1364 T0_PUSH(DNHASH_LEN); 1365 1366 } 1367 break; 1368 case 35: { 1369 /* do-ecdsa-vrfy */ 1370 1371 size_t qlen = T0_POP(); 1372 int curve = T0_POP(); 1373 br_x509_pkey pk; 1374 1375 pk.key_type = BR_KEYTYPE_EC; 1376 pk.key.ec.curve = curve; 1377 pk.key.ec.q = CTX->pkey_data; 1378 pk.key.ec.qlen = qlen; 1379 T0_PUSH(verify_signature(CTX, &pk)); 1380 1381 } 1382 break; 1383 case 36: { 1384 /* do-rsa-vrfy */ 1385 1386 size_t elen = T0_POP(); 1387 size_t nlen = T0_POP(); 1388 br_x509_pkey pk; 1389 1390 pk.key_type = BR_KEYTYPE_RSA; 1391 pk.key.rsa.n = CTX->pkey_data; 1392 pk.key.rsa.nlen = nlen; 1393 pk.key.rsa.e = CTX->pkey_data + nlen; 1394 pk.key.rsa.elen = elen; 1395 T0_PUSH(verify_signature(CTX, &pk)); 1396 1397 } 1398 break; 1399 case 37: { 1400 /* drop */ 1401 (void)T0_POP(); 1402 } 1403 break; 1404 case 38: { 1405 /* dup */ 1406 T0_PUSH(T0_PEEK(0)); 1407 } 1408 break; 1409 case 39: { 1410 /* eqOID */ 1411 1412 const unsigned char *a2 = &t0_datablock[T0_POP()]; 1413 const unsigned char *a1 = &CTX->pad[0]; 1414 size_t len = a1[0]; 1415 int x; 1416 if (len == a2[0]) { 1417 x = -(memcmp(a1 + 1, a2 + 1, len) == 0); 1418 } else { 1419 x = 0; 1420 } 1421 T0_PUSH((uint32_t)x); 1422 1423 } 1424 break; 1425 case 40: { 1426 /* eqblob */ 1427 1428 size_t len = T0_POP(); 1429 const unsigned char *a2 = (const unsigned char *)CTX + T0_POP(); 1430 const unsigned char *a1 = (const unsigned char *)CTX + T0_POP(); 1431 T0_PUSHi(-(memcmp(a1, a2, len) == 0)); 1432 1433 } 1434 break; 1435 case 41: { 1436 /* fail */ 1437 1438 CTX->err = T0_POPi(); 1439 T0_CO(); 1440 1441 } 1442 break; 1443 case 42: { 1444 /* get16 */ 1445 1446 uint32_t addr = T0_POP(); 1447 T0_PUSH(*(uint16_t *)(void *)((unsigned char *)CTX + addr)); 1448 1449 } 1450 break; 1451 case 43: { 1452 /* get32 */ 1453 1454 uint32_t addr = T0_POP(); 1455 T0_PUSH(*(uint32_t *)(void *)((unsigned char *)CTX + addr)); 1456 1457 } 1458 break; 1459 case 44: { 1460 /* match-server-name */ 1461 1462 size_t n1, n2; 1463 1464 if (CTX->server_name == NULL) { 1465 T0_PUSH(0); 1466 T0_RET(); 1467 } 1468 n1 = strlen(CTX->server_name); 1469 n2 = CTX->pad[0]; 1470 if (n1 == n2 && eqnocase(&CTX->pad[1], CTX->server_name, n1)) { 1471 T0_PUSHi(-1); 1472 T0_RET(); 1473 } 1474 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') { 1475 size_t u; 1476 1477 u = 0; 1478 while (u < n1 && CTX->server_name[u] != '.') { 1479 u ++; 1480 } 1481 u ++; 1482 n1 -= u; 1483 if ((n2 - 2) == n1 1484 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1)) 1485 { 1486 T0_PUSHi(-1); 1487 T0_RET(); 1488 } 1489 } 1490 T0_PUSH(0); 1491 1492 } 1493 break; 1494 case 45: { 1495 /* neg */ 1496 1497 uint32_t a = T0_POP(); 1498 T0_PUSH(-a); 1499 1500 } 1501 break; 1502 case 46: { 1503 /* offset-name-element */ 1504 1505 unsigned san = T0_POP(); 1506 size_t u; 1507 1508 for (u = 0; u < CTX->num_name_elts; u ++) { 1509 if (CTX->name_elts[u].status == 0) { 1510 const unsigned char *oid; 1511 size_t len, off; 1512 1513 oid = CTX->name_elts[u].oid; 1514 if (san) { 1515 if (oid[0] != 0 || oid[1] != 0) { 1516 continue; 1517 } 1518 off = 2; 1519 } else { 1520 off = 0; 1521 } 1522 len = oid[off]; 1523 if (len != 0 && len == CTX->pad[0] 1524 && memcmp(oid + off + 1, 1525 CTX->pad + 1, len) == 0) 1526 { 1527 T0_PUSH(u); 1528 T0_RET(); 1529 } 1530 } 1531 } 1532 T0_PUSHi(-1); 1533 1534 } 1535 break; 1536 case 47: { 1537 /* or */ 1538 1539 uint32_t b = T0_POP(); 1540 uint32_t a = T0_POP(); 1541 T0_PUSH(a | b); 1542 1543 } 1544 break; 1545 case 48: { 1546 /* over */ 1547 T0_PUSH(T0_PEEK(1)); 1548 } 1549 break; 1550 case 49: { 1551 /* read-blob-inner */ 1552 1553 uint32_t len = T0_POP(); 1554 uint32_t addr = T0_POP(); 1555 size_t clen = CTX->hlen; 1556 if (clen > len) { 1557 clen = (size_t)len; 1558 } 1559 if (addr != 0) { 1560 memcpy((unsigned char *)CTX + addr, CTX->hbuf, clen); 1561 } 1562 if (CTX->do_mhash) { 1563 br_multihash_update(&CTX->mhash, CTX->hbuf, clen); 1564 } 1565 if (CTX->do_dn_hash) { 1566 CTX->dn_hash_impl->update( 1567 &CTX->dn_hash.vtable, CTX->hbuf, clen); 1568 } 1569 CTX->hbuf += clen; 1570 CTX->hlen -= clen; 1571 T0_PUSH(addr + clen); 1572 T0_PUSH(len - clen); 1573 1574 } 1575 break; 1576 case 50: { 1577 /* read8-low */ 1578 1579 if (CTX->hlen == 0) { 1580 T0_PUSHi(-1); 1581 } else { 1582 unsigned char x = *CTX->hbuf ++; 1583 if (CTX->do_mhash) { 1584 br_multihash_update(&CTX->mhash, &x, 1); 1585 } 1586 if (CTX->do_dn_hash) { 1587 CTX->dn_hash_impl->update(&CTX->dn_hash.vtable, &x, 1); 1588 } 1589 CTX->hlen --; 1590 T0_PUSH(x); 1591 } 1592 1593 } 1594 break; 1595 case 51: { 1596 /* rot */ 1597 T0_ROT(); 1598 } 1599 break; 1600 case 52: { 1601 /* set16 */ 1602 1603 uint32_t addr = T0_POP(); 1604 *(uint16_t *)(void *)((unsigned char *)CTX + addr) = T0_POP(); 1605 1606 } 1607 break; 1608 case 53: { 1609 /* set32 */ 1610 1611 uint32_t addr = T0_POP(); 1612 *(uint32_t *)(void *)((unsigned char *)CTX + addr) = T0_POP(); 1613 1614 } 1615 break; 1616 case 54: { 1617 /* set8 */ 1618 1619 uint32_t addr = T0_POP(); 1620 *((unsigned char *)CTX + addr) = (unsigned char)T0_POP(); 1621 1622 } 1623 break; 1624 case 55: { 1625 /* start-dn-hash */ 1626 1627 CTX->dn_hash_impl->init(&CTX->dn_hash.vtable); 1628 CTX->do_dn_hash = 1; 1629 1630 } 1631 break; 1632 case 56: { 1633 /* start-tbs-hash */ 1634 1635 br_multihash_init(&CTX->mhash); 1636 CTX->do_mhash = 1; 1637 1638 } 1639 break; 1640 case 57: { 1641 /* stop-tbs-hash */ 1642 1643 CTX->do_mhash = 0; 1644 1645 } 1646 break; 1647 case 58: { 1648 /* swap */ 1649 T0_SWAP(); 1650 } 1651 break; 1652 case 59: { 1653 /* zero-server-name */ 1654 1655 T0_PUSHi(-(CTX->server_name == NULL)); 1656 1657 } 1658 break; 1659 } 1660 1661 } else { 1662 T0_ENTER(ip, rp, t0x); 1663 } 1664 } 1665 t0_exit: 1666 ((t0_context *)t0ctx)->dp = dp; 1667 ((t0_context *)t0ctx)->rp = rp; 1668 ((t0_context *)t0ctx)->ip = ip; 1669 } 1670 1671 1672 1673 /* 1674 * Verify the signature on the certificate with the provided public key. 1675 * This function checks the public key type with regards to the expected 1676 * type. Returned value is either 0 on success, or a non-zero error code. 1677 */ 1678 static int 1679 verify_signature(br_x509_minimal_context *ctx, const br_x509_pkey *pk) 1680 { 1681 int kt; 1682 1683 kt = ctx->cert_signer_key_type; 1684 if ((pk->key_type & 0x0F) != kt) { 1685 return BR_ERR_X509_WRONG_KEY_TYPE; 1686 } 1687 switch (kt) { 1688 unsigned char tmp[64]; 1689 1690 case BR_KEYTYPE_RSA: 1691 if (ctx->irsa == 0) { 1692 return BR_ERR_X509_UNSUPPORTED; 1693 } 1694 if (!ctx->irsa(ctx->cert_sig, ctx->cert_sig_len, 1695 &t0_datablock[ctx->cert_sig_hash_oid], 1696 ctx->cert_sig_hash_len, &pk->key.rsa, tmp)) 1697 { 1698 return BR_ERR_X509_BAD_SIGNATURE; 1699 } 1700 if (memcmp(ctx->tbs_hash, tmp, ctx->cert_sig_hash_len) != 0) { 1701 return BR_ERR_X509_BAD_SIGNATURE; 1702 } 1703 return 0; 1704 1705 case BR_KEYTYPE_EC: 1706 if (ctx->iecdsa == 0) { 1707 return BR_ERR_X509_UNSUPPORTED; 1708 } 1709 if (!ctx->iecdsa(ctx->iec, ctx->tbs_hash, 1710 ctx->cert_sig_hash_len, &pk->key.ec, 1711 ctx->cert_sig, ctx->cert_sig_len)) 1712 { 1713 return BR_ERR_X509_BAD_SIGNATURE; 1714 } 1715 return 0; 1716 1717 default: 1718 return BR_ERR_X509_UNSUPPORTED; 1719 } 1720 } 1721 1722 1723