feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #1849 from dgarske/asn_piv

Browse Source 
Added ASN certificate PIV and GZIP support
This commit is contained in:
toddouska
2018-10-08 09:32:19 -07:00
committed by GitHub
parent 93c85caec4 319096e7e7
commit 7a02832547
14 changed files with 480 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
configure.ac
View File

@@ -1826,6 +1826,12 @@ else
then then
AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT" AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
ENABLED_ASN=no ENABLED_ASN=no
else
if test "$ENABLED_ASN" = "nocrypt"
then
AM_CFLAGS="$AM_CFLAGS -DNO_ASN_CRYPT"
enable_pwdbased=no
fi
fi fi
fi fi
@@ -1846,7 +1852,7 @@ then
ENABLED_SLOWMATH=no ENABLED_SLOWMATH=no
fi fi
AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" = "xyes"]) AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" != "xno"])
# AES # AES

9
src/internal.c
View File

@@ -15414,15 +15414,6 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
case NTRU_DECRYPT_ERROR: case NTRU_DECRYPT_ERROR:
return "NTRU decrypt error"; return "NTRU decrypt error";
case ZLIB_INIT_ERROR:
return "zlib init error";
case ZLIB_COMPRESS_ERROR:
return "zlib compress error";
case ZLIB_DECOMPRESS_ERROR:
return "zlib decompress error";
case GETTIME_ERROR: case GETTIME_ERROR:
return "gettimeofday() error"; return "gettimeofday() error";

134
wolfcrypt/src/asn.c
View File

@@ -2336,7 +2336,7 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#if !defined(NO_RSA) #if !defined(NO_RSA) && !defined(NO_ASN_CRYPT)
/* test if RSA key */ /* test if RSA key */
if (der->keyOID == RSAk) { if (der->keyOID == RSAk) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -2404,9 +2404,9 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
#endif #endif
} }
else else
#endif /* NO_RSA */ #endif /* !NO_RSA && !NO_ASN_CRYPT */
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
if (der->keyOID == ECDSAk) { if (der->keyOID == ECDSAk) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
ecc_key* key_pair = NULL; ecc_key* key_pair = NULL;
@@ -2469,9 +2469,9 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
#endif #endif
} }
else else
#endif /* HAVE_ECC */ #endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT && !NO_ASN_CRYPT */
#ifdef HAVE_ED25519 #if defined(HAVE_ED25519) && !defined(NO_ASN_CRYPT)
if (der->keyOID == ED25519k) { if (der->keyOID == ED25519k) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
ed25519_key* key_pair = NULL; ed25519_key* key_pair = NULL;
@@ -2512,7 +2512,7 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
#endif #endif
} }
else else
#endif #endif /* HAVE_ED25519 && !NO_ASN_CRYPT */
{ {
ret = 0; ret = 0;
} }
@@ -2624,7 +2624,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
*algoID = 0; *algoID = 0;
#ifndef NO_RSA #if !defined(NO_RSA) && !defined(NO_ASN_CRYPT)
{ {
RsaKey rsa; RsaKey rsa;
@@ -2637,8 +2637,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
} }
wc_FreeRsaKey(&rsa); wc_FreeRsaKey(&rsa);
} }
#endif /* NO_RSA */ #endif /* !NO_RSA && !NO_ASN_CRYPT */
#ifdef HAVE_ECC #if defined(HAVE_ECC) && !defined(NO_ASN_CRYPT)
if (*algoID == 0) { if (*algoID == 0) {
ecc_key ecc; ecc_key ecc;
@@ -2659,8 +2659,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
} }
wc_ecc_free(&ecc); wc_ecc_free(&ecc);
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC && !NO_ASN_CRYPT */
#ifdef HAVE_ED25519 #if defined(HAVE_ED25519) && !defined(NO_ASN_CRYPT)
if (*algoID != RSAk && *algoID != ECDSAk) { if (*algoID != RSAk && *algoID != ECDSAk) {
ed25519_key ed25519; ed25519_key ed25519;
@@ -2679,7 +2679,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("GetKeyOID wc_ed25519_init failed"); WOLFSSL_MSG("GetKeyOID wc_ed25519_init failed");
} }
} }
#endif #endif /* HAVE_ED25519 && !NO_ASN_CRYPT */
/* if flag is not set then is neither RSA or ECC key that could be /* if flag is not set then is neither RSA or ECC key that could be
* found */ * found */
@@ -5382,6 +5382,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
sigCtx->plain = NULL; sigCtx->plain = NULL;
} }
#endif #endif
#ifndef NO_ASN_CRYPT
if (sigCtx->key.ptr) { if (sigCtx->key.ptr) {
switch (sigCtx->keyOID) { switch (sigCtx->keyOID) {
#ifndef NO_RSA #ifndef NO_RSA
@@ -5407,11 +5408,13 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
} /* switch (keyOID) */ } /* switch (keyOID) */
sigCtx->key.ptr = NULL; sigCtx->key.ptr = NULL;
} }
#endif
/* reset state, we are done */ /* reset state, we are done */
sigCtx->state = SIG_STATE_BEGIN; sigCtx->state = SIG_STATE_BEGIN;
} }
#ifndef NO_ASN_CRYPT
static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID, static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
byte* digest, int* typeH, int* digestSz, int verify) byte* digest, int* typeH, int* digestSz, int verify)
{ {
@@ -5498,6 +5501,7 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
return ret; return ret;
} }
#endif /* !NO_ASN_CRYPT */
/* Return codes: 0=Success, Negative (see error-crypt.h), ASN_SIG_CONFIRM_E */ /* Return codes: 0=Success, Negative (see error-crypt.h), ASN_SIG_CONFIRM_E */
static int ConfirmSignature(SignatureCtx* sigCtx, static int ConfirmSignature(SignatureCtx* sigCtx,
@@ -5519,6 +5523,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
WOLFSSL_ENTER("ConfirmSignature"); WOLFSSL_ENTER("ConfirmSignature");
#ifndef NO_ASN_CRYPT
switch (sigCtx->state) { switch (sigCtx->state) {
case SIG_STATE_BEGIN: case SIG_STATE_BEGIN:
{ {
@@ -5796,6 +5801,11 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
exit_cs: exit_cs:
#endif /* !NO_ASN_CRYPT */
(void)keyOID;
(void)sigOID;
WOLFSSL_LEAVE("ConfirmSignature", ret); WOLFSSL_LEAVE("ConfirmSignature", ret);
if (ret != WC_PENDING_E) { if (ret != WC_PENDING_E) {
@@ -7447,7 +7457,7 @@ int CheckCertSignature(const byte* cert, word32 certSz, void* heap, void* cm)
#endif #endif
return ret; return ret;
} }
#endif #endif /* WOLFSSL_SMALL_CERT_VERIFY */
int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
{ {
@@ -9348,7 +9358,7 @@ static word32 SetUTF8String(word32 len, byte* output)
#endif /* WOLFSSL_CERT_REQ */ #endif /* WOLFSSL_CERT_REQ */
#endif /*WOLFSSL_CERT_GEN */ #endif /* WOLFSSL_CERT_GEN */
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
@@ -9482,7 +9492,7 @@ int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
return SetEccPublicKey(output, key, with_AlgCurve); return SetEccPublicKey(output, key, with_AlgCurve);
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
#if defined(HAVE_ED25519) && (defined(WOLFSSL_CERT_GEN) || \ #if defined(HAVE_ED25519) && (defined(WOLFSSL_CERT_GEN) || \
defined(WOLFSSL_KEY_GEN)) defined(WOLFSSL_KEY_GEN))
@@ -11769,7 +11779,7 @@ int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey)
} }
#ifndef NO_FILESYSTEM #if !defined(NO_FILESYSTEM) && !defined(NO_ASN_CRYPT)
/* Set SKID from public key file in PEM */ /* Set SKID from public key file in PEM */
int wc_SetSubjectKeyId(Cert *cert, const char* file) int wc_SetSubjectKeyId(Cert *cert, const char* file)
@@ -11869,7 +11879,7 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
return ret; return ret;
} }
#endif /* NO_FILESYSTEM */ #endif /* !NO_FILESYSTEM && !NO_ASN_CRYPT */
/* Set AKID from certificate contains in buffer (DER encoded) */ /* Set AKID from certificate contains in buffer (DER encoded) */
int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz) int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz)
@@ -13015,7 +13025,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
return 0; return 0;
} }
#if defined(HAVE_ECC_KEY_EXPORT) #if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
/* build DER formatted ECC key, include optional public key if requested, /* build DER formatted ECC key, include optional public key if requested,
* return length on success, negative on error */ * return length on success, negative on error */
static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 inLen, static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 inLen,
@@ -13133,7 +13143,7 @@ static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 inLen,
return totalSz; return totalSz;
} }
#ifndef NO_ASN_CRYPT
/* Write a Private ecc key, including public to DER format, /* Write a Private ecc key, including public to DER format,
* length on success else < 0 */ * length on success else < 0 */
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen) int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
@@ -13148,6 +13158,7 @@ int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen)
{ {
return wc_BuildEccKeyDer(key, output, inLen, 0); return wc_BuildEccKeyDer(key, output, inLen, 0);
} }
#endif /* !NO_ASN_CRYPT */
/* Write only private ecc key to unencrypted PKCS#8 format. /* Write only private ecc key to unencrypted PKCS#8 format.
* *
@@ -14451,6 +14462,91 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
#endif /* HAVE_CRL */ #endif /* HAVE_CRL */
#ifdef WOLFSSL_CERT_PIV
int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
{
int length = 0;
word32 idx = 0;
WOLFSSL_ENTER("wc_ParseCertPIV");
if (piv == NULL || buf == NULL || totalSz == 0)
return BAD_FUNC_ARG;
XMEMSET(piv, 0, sizeof(wc_CertPIV));
/* Detect Identiv PIV (with 0x0A, 0x0B and 0x0C sections) */
/* Certificate (0A 82 05FA) */
if (GetASNHeader(buf, ASN_PIV_CERT, &idx, &length, totalSz) >= 0) {
/* Identiv Type PIV card */
piv->isIdentiv = 1;
piv->cert = &buf[idx];
piv->certSz = length;
idx += length;
/* Nonce (0B 14) */
if (GetASNHeader(buf, ASN_PIV_NONCE, &idx, &length, totalSz) >= 0) {
piv->nonce = &buf[idx];
piv->nonceSz = length;
idx += length;
}
/* Signed Nonce (0C 82 0100) */
if (GetASNHeader(buf, ASN_PIV_SIGNED_NONCE, &idx, &length, totalSz) >= 0) {
piv->signedNonce = &buf[idx];
piv->signedNonceSz = length;
idx += length;
}
idx = 0;
buf = piv->cert;
totalSz = piv->certSz;
}
/* Certificate Buffer Total Size (53 82 05F6) */
if (GetASNHeader(buf, ASN_APPLICATION | ASN_PRINTABLE_STRING, &idx,
&length, totalSz) < 0) {
return ASN_PARSE_E;
}
/* PIV Certificate (70 82 05ED) */
if (GetASNHeader(buf, ASN_PIV_TAG_CERT, &idx, &length,
totalSz) < 0) {
return ASN_PARSE_E;
}
/* Capture certificate buffer pointer and length */
piv->cert = &buf[idx];
piv->certSz = length;
idx += length;
/* PIV Certificate Info (71 01 00) */
if (GetASNHeader(buf, ASN_PIV_TAG_CERT_INFO, &idx, &length,
totalSz) >= 0) {
if (length >= 1) {
piv->compression = (buf[idx] & ASN_PIV_CERT_INFO_COMPRESSED);
piv->isX509 = (buf[idx] & ASN_PIV_CERT_INFO_ISX509);
}
idx += length;
}
/* PIV Error Detection (FE 00) */
if (GetASNHeader(buf, ASN_PIV_TAG_ERR_DET, &idx, &length,
totalSz) >= 0) {
piv->certErrDet = &buf[idx];
piv->certErrDetSz = length;
idx += length;
}
return 0;
}
#endif /* WOLFSSL_CERT_PIV */
#undef ERROR_OUT #undef ERROR_OUT
#endif /* !NO_ASN */ #endif /* !NO_ASN */

39
wolfcrypt/src/compress.c
View File

@@ -67,7 +67,6 @@ static void myFree(void* opaque, void* memory)
#endif #endif
int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags)
/* /*
* out - pointer to destination buffer * out - pointer to destination buffer
* outSz - size of destination buffer * outSz - size of destination buffer
@@ -84,6 +83,8 @@ int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 fla
* add to the size of the output. The libz code says the compressed * add to the size of the output. The libz code says the compressed
* buffer should be srcSz + 0.1% + 12. * buffer should be srcSz + 0.1% + 12.
*/ */
int wc_Compress_ex(byte* out, word32 outSz, const byte* in, word32 inSz,
word32 flags, word32 windowBits)
{ {
z_stream stream; z_stream stream;
int result = 0; int result = 0;
@@ -103,7 +104,8 @@ int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 fla
stream.opaque = (voidpf)0; stream.opaque = (voidpf)0;
if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED, if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
DEFLATE_DEFAULT_WINDOWBITS, DEFLATE_DEFAULT_MEMLEVEL, DEFLATE_DEFAULT_WINDOWBITS | windowBits,
DEFLATE_DEFAULT_MEMLEVEL,
flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK) flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK)
return COMPRESS_INIT_E; return COMPRESS_INIT_E;
@@ -120,14 +122,32 @@ int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 fla
return result; return result;
} }
int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags)
{
return wc_Compress_ex(out, outSz, in, inSz, flags, 0);
}
int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
/* windowBits:
* deflateInit() and inflateInit(), as well as deflateInit2() and inflateInit2()
with windowBits in 0..15 all process zlib-wrapped deflate data.
(See RFC 1950 and RFC 1951.)
* deflateInit2() and inflateInit2() with negative windowBits in -1..-15 process
raw deflate data with no header or trailer.
* deflateInit2() and inflateInit2() with windowBits in 16..31, i.e. 16
added to 0..15, process gzip-wrapped deflate data (RFC 1952).
* inflateInit2() with windowBits in 32..47 (32 added to 0..15) will
automatically detect either a gzip or zlib header (but not raw deflate
data), and decompress accordingly.
*/
int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in, word32 inSz,
int windowBits)
/* /*
* out - pointer to destination buffer * out - pointer to destination buffer
* outSz - size of destination buffer * outSz - size of destination buffer
* in - pointer to source buffer to compress * in - pointer to source buffer to compress
* inSz - size of source to compress * inSz - size of source to compress
* flags - flags to control how compress operates * windowBits - flags to control how decompress operates
* *
* return: * return:
* negative - error code * negative - error code
@@ -150,10 +170,11 @@ int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
stream.zfree = (free_func)myFree; stream.zfree = (free_func)myFree;
stream.opaque = (voidpf)0; stream.opaque = (voidpf)0;
if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS) != Z_OK) if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS | windowBits) != Z_OK)
return DECOMPRESS_INIT_E; return DECOMPRESS_INIT_E;
if (inflate(&stream, Z_FINISH) != Z_STREAM_END) { result = inflate(&stream, Z_FINISH);
if (result != Z_STREAM_END) {
inflateEnd(&stream); inflateEnd(&stream);
return DECOMPRESS_E; return DECOMPRESS_E;
} }
@@ -167,5 +188,11 @@ int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
} }
int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
{
return wc_DeCompress_ex(out, outSz, in, inSz, 0);
}
#endif /* HAVE_LIBZ */ #endif /* HAVE_LIBZ */

9
wolfcrypt/src/cryptodev.c
View File

@@ -330,4 +330,13 @@ int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
} }
#endif /* !NO_AES && HAVE_AESGCM */ #endif /* !NO_AES && HAVE_AESGCM */
/* call to support callback for entire buffer hash */
int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash)
{
(void)data;
(void)len;
(void)hash;
return NOT_COMPILED_IN;
}
#endif /* WOLF_CRYPTO_DEV */ #endif /* WOLF_CRYPTO_DEV */

13
wolfcrypt/src/error.c
View File

@@ -483,10 +483,19 @@ const char* wc_GetErrorString(int error)
return "DH Check Private Key failure"; return "DH Check Private Key failure";
case WC_AFALG_SOCK_E: case WC_AFALG_SOCK_E:
return "AF_ALG socket error"; return "AF_ALG socket error";
case WC_DEVCRYPTO_E: case WC_DEVCRYPTO_E:
return "Error with /dev/crypto"; return "Error with /dev/crypto";
case ZLIB_INIT_ERROR:
return "zlib init error";
case ZLIB_COMPRESS_ERROR:
return "zlib compress error";
case ZLIB_DECOMPRESS_ERROR:
return "zlib decompress error";
default: default:
return "unknown error number"; return "unknown error number";

2
wolfcrypt/src/tfm.c
View File

@@ -2324,7 +2324,7 @@ int fp_to_unsigned_bin(fp_int *a, unsigned char *b)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
return FP_OKAY; return FP_OKAY;
} }
int fp_unsigned_bin_size(fp_int *a) int fp_unsigned_bin_size(fp_int *a)

236
wolfcrypt/test/test.c
View File

@@ -360,6 +360,9 @@ int blob_test(void);
#ifdef WOLF_CRYPTO_DEV #ifdef WOLF_CRYPTO_DEV
int cryptodev_test(void); int cryptodev_test(void);
#endif #endif
#ifdef WOLFSSL_CERT_PIV
int certpiv_test(void);
#endif
/* General big buffer size for many tests. */ /* General big buffer size for many tests. */
#define FOURK_BUF 4096 #define FOURK_BUF 4096
@@ -1017,6 +1020,13 @@ initDefaultName();
printf( "crypto dev test passed!\n"); printf( "crypto dev test passed!\n");
#endif #endif
#ifdef WOLFSSL_CERT_PIV
if ( (ret = certpiv_test()) != 0)
return err_sys("cert piv test failed!\n", ret);
else
printf( "cert piv test passed!\n");
#endif
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId); wolfAsync_DevClose(&devId);
#endif #endif
@@ -18287,6 +18297,158 @@ const byte sample_text[] =
"swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n" "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n"
"bag dolor terry richardson sapiente.\n"; "bag dolor terry richardson sapiente.\n";
const byte sample_text_gz[] = {
0x1F, 0x8B, 0x08, 0x08, 0xC5, 0x49, 0xB5, 0x5B, 0x00, 0x03, 0x63, 0x69, 0x70,
0x68, 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x2E, 0x74, 0x78, 0x74, 0x00, 0x8D,
0x58, 0xCB, 0x92, 0xE4, 0xB6, 0x11, 0xBC, 0xE3, 0x2B, 0xEA, 0xA6, 0x83, 0xD9,
0x1D, 0x72, 0xF8, 0x22, 0x1F, 0xB5, 0x96, 0xA5, 0xDD, 0x90, 0xBC, 0xAB, 0xD0,
0x28, 0x36, 0x42, 0x47, 0x90, 0x2C, 0x36, 0xA1, 0x06, 0x09, 0x0A, 0x8F, 0xEE,
0xE1, 0xDF, 0x3B, 0x0B, 0xE0, 0x73, 0x2C, 0x4B, 0xBA, 0xCD, 0xCE, 0x80, 0x78,
0x64, 0x65, 0x65, 0x66, 0xED, 0x3B, 0xE3, 0x5A, 0xC3, 0x81, 0x2D, 0x35, 0x69,
0x32, 0xAD, 0x8E, 0x3A, 0xD2, 0xA0, 0x7D, 0xA7, 0x2B, 0x6A, 0xAC, 0x69, 0x7A,
0x26, 0x9D, 0x22, 0xD3, 0x94, 0x22, 0x69, 0xAA, 0x8D, 0x6F, 0xC9, 0x8D, 0x64,
0x22, 0x99, 0xB1, 0x31, 0xAD, 0x69, 0xD3, 0x18, 0x89, 0xAD, 0x89, 0x6A, 0x72,
0x56, 0x7B, 0x67, 0xDA, 0x2B, 0xBD, 0xC8, 0xEF, 0xB0, 0x4D, 0x74, 0x8E, 0x5B,
0xAA, 0x39, 0x4C, 0xEE, 0xCE, 0xE4, 0x79, 0xF2, 0xDC, 0xF3, 0xD8, 0xB2, 0x37,
0x11, 0x8B, 0x8C, 0x2C, 0x7A, 0x32, 0x93, 0xF3, 0x37, 0x3D, 0x9A, 0x86, 0x4C,
0xAB, 0xF2, 0xB9, 0x57, 0xFA, 0x97, 0x1B, 0x06, 0xD7, 0x3A, 0x7A, 0xF0, 0x68,
0xF4, 0x40, 0xBA, 0x25, 0x0E, 0x81, 0xE9, 0xA6, 0x43, 0xF4, 0x6E, 0x4A, 0xF5,
0x95, 0xFE, 0x41, 0x4F, 0x67, 0x3B, 0x1A, 0x1C, 0xEE, 0x12, 0xB4, 0x8F, 0xCE,
0x1B, 0x6D, 0xB1, 0xDE, 0xBB, 0x4A, 0x4D, 0x56, 0x9B, 0x96, 0x5A, 0xB6, 0xDC,
0xC4, 0x14, 0x70, 0xE5, 0xF5, 0x7D, 0xE1, 0xB7, 0x84, 0x3F, 0xFC, 0xED, 0xEF,
0xF4, 0x30, 0x0D, 0x5F, 0xE9, 0x47, 0x17, 0xE2, 0xC5, 0x78, 0x27, 0x67, 0xDF,
0xB9, 0xEB, 0xCC, 0xCC, 0x3D, 0x59, 0xBE, 0xDD, 0xCC, 0x78, 0x0B, 0x0A, 0x1F,
0x74, 0xF8, 0x8C, 0x1A, 0xAF, 0x67, 0xEA, 0xF4, 0x44, 0xBD, 0x93, 0x7D, 0x2A,
0xEA, 0x9C, 0xD7, 0x37, 0x80, 0x32, 0x9A, 0x01, 0x37, 0xD5, 0xDE, 0xCA, 0xA2,
0x0D, 0xB9, 0xD0, 0x3B, 0xCF, 0xAD, 0x89, 0x4D, 0x5F, 0xD1, 0xE7, 0xF7, 0x2F,
0x2A, 0x0C, 0xDA, 0x5A, 0xAA, 0x35, 0x7E, 0x41, 0xC3, 0xB2, 0x37, 0xDD, 0xDD,
0xCD, 0x50, 0xEB, 0x2C, 0x96, 0x62, 0x3B, 0xD7, 0x52, 0xF4, 0xA9, 0xB9, 0x6F,
0x48, 0xED, 0xEF, 0x54, 0xEA, 0x67, 0xF6, 0x7E, 0x26, 0x8F, 0x3A, 0x68, 0xDF,
0x06, 0xBC, 0x56, 0xB7, 0x66, 0x32, 0xC1, 0x34, 0xD8, 0x88, 0x34, 0x1E, 0x88,
0xED, 0x67, 0x8A, 0xF3, 0xC4, 0x4F, 0xC0, 0xCA, 0x9E, 0x62, 0x1A, 0x6A, 0xEB,
0xAB, 0x02, 0xED, 0xB3, 0xD7, 0x91, 0x81, 0x8A, 0xEA, 0x5C, 0xF2, 0x64, 0xDD,
0xDD, 0xD1, 0xEC, 0x12, 0x4D, 0xDE, 0xD5, 0xBA, 0xC6, 0x77, 0xBD, 0x06, 0xC4,
0x5F, 0x44, 0xEA, 0x59, 0x4B, 0x5D, 0x3B, 0x8A, 0x3D, 0x0F, 0xD4, 0x9B, 0x1B,
0x80, 0x30, 0x1D, 0x30, 0xFA, 0x8F, 0x00, 0x3F, 0xDE, 0xB0, 0x6F, 0xAD, 0x6F,
0x6A, 0xDD, 0x6E, 0x2F, 0x6E, 0xCB, 0x3C, 0xD1, 0x83, 0x06, 0x7B, 0x0F, 0xFD,
0xFD, 0x4A, 0xEF, 0xBC, 0x73, 0x77, 0x3B, 0x8F, 0x34, 0xA1, 0xBA, 0xEC, 0x39,
0x80, 0x33, 0x21, 0xA4, 0x01, 0x55, 0xD7, 0xD4, 0xF4, 0xC6, 0xDA, 0x27, 0x4E,
0x54, 0x1C, 0x2B, 0xEC, 0x37, 0xDE, 0xC3, 0x4C, 0xC9, 0x5A, 0x3D, 0x34, 0x0E,
0xD8, 0x1C, 0x0E, 0xA2, 0x34, 0xE8, 0xC1, 0xD0, 0xA4, 0x51, 0xD5, 0x88, 0x8B,
0xB7, 0xC6, 0xA3, 0x96, 0x40, 0x49, 0xB7, 0xBC, 0xE0, 0x7F, 0x55, 0x3F, 0xEF,
0x6F, 0x6E, 0x92, 0x9D, 0x34, 0xFE, 0x3C, 0x5F, 0x04, 0xA5, 0x6A, 0xFF, 0x30,
0x08, 0xC9, 0xEA, 0xF5, 0x52, 0x2B, 0xFE, 0x57, 0xFA, 0x8E, 0xC7, 0xE8, 0x4D,
0x37, 0xAB, 0x03, 0xFA, 0x23, 0xBF, 0x46, 0x94, 0xFF, 0xC1, 0x16, 0xE0, 0xB9,
0x14, 0x2C, 0x9E, 0x27, 0xEC, 0x98, 0x69, 0x14, 0x92, 0xF1, 0x60, 0x5C, 0x34,
0x4D, 0xA0, 0x1F, 0xDF, 0xFD, 0x44, 0x1C, 0x7B, 0xD3, 0x80, 0x70, 0x42, 0x02,
0x30, 0x84, 0x5B, 0xE5, 0x59, 0xB7, 0xF3, 0x80, 0xFB, 0x01, 0x33, 0xA9, 0x00,
0x37, 0x52, 0xDC, 0xDA, 0xA7, 0x11, 0x85, 0xB7, 0x6E, 0x70, 0xE4, 0xDA, 0x96,
0xBA, 0x84, 0x5B, 0x81, 0x43, 0x93, 0xF3, 0xD1, 0xEA, 0xB1, 0xDD, 0xB8, 0x1F,
0xA5, 0xCC, 0xEA, 0x50, 0x66, 0x69, 0xA9, 0x8D, 0x8C, 0xA7, 0xA2, 0xF3, 0x38,
0x26, 0x43, 0x5E, 0x3F, 0x01, 0xBE, 0x1C, 0x0F, 0x20, 0x7F, 0x75, 0xA8, 0x20,
0x80, 0xC4, 0xC3, 0x5C, 0x8B, 0x0D, 0xD4, 0x60, 0x5E, 0xA3, 0x9E, 0xD0, 0xB4,
0x4B, 0x4F, 0xE6, 0x13, 0x85, 0x60, 0x42, 0x96, 0xED, 0xAA, 0xDB, 0xE9, 0x99,
0xE3, 0x07, 0x0E, 0x61, 0xB3, 0x07, 0xE3, 0xB1, 0xFA, 0xC0, 0x9B, 0xAD, 0xF6,
0xE0, 0x26, 0x33, 0xEA, 0xEA, 0x23, 0xCD, 0x1E, 0x9D, 0xE1, 0x87, 0x4B, 0x74,
0x97, 0x08, 0x3E, 0xA1, 0x28, 0xEA, 0xB3, 0x19, 0x67, 0x8B, 0x76, 0x9A, 0xA3,
0xF6, 0xB9, 0xCF, 0x80, 0x65, 0x97, 0xAE, 0xF4, 0x83, 0x6B, 0xF4, 0x43, 0x20,
0xF9, 0x0B, 0xFC, 0x9B, 0xD2, 0x4D, 0x4D, 0xA6, 0xB9, 0xA3, 0x02, 0x55, 0x79,
0x18, 0x36, 0x19, 0x5F, 0xC9, 0xEA, 0x5A, 0x76, 0x40, 0xB9, 0xBA, 0x0E, 0x9A,
0x44, 0xDF, 0x7C, 0xF8, 0x65, 0x61, 0x5E, 0x81, 0xAB, 0x71, 0xA1, 0x9E, 0x29,
0x3C, 0x59, 0xCB, 0x23, 0xA4, 0xF6, 0x60, 0x1A, 0x0D, 0x5B, 0x39, 0xAE, 0xF4,
0x6F, 0x59, 0x16, 0x9E, 0x60, 0xD8, 0x56, 0xCF, 0xEA, 0x2C, 0x4C, 0x79, 0xD3,
0x5D, 0x51, 0x46, 0xA0, 0x4E, 0xE9, 0xD6, 0xAB, 0x91, 0x43, 0x63, 0x44, 0xD7,
0x70, 0xB9, 0x23, 0x98, 0x4F, 0x3D, 0x03, 0x02, 0xF6, 0x81, 0x56, 0xC1, 0x58,
0x85, 0x07, 0xA7, 0x2D, 0x2C, 0x29, 0xCA, 0x01, 0x45, 0x31, 0x51, 0x8F, 0xD4,
0x19, 0xA1, 0x79, 0x88, 0x5A, 0xA4, 0xF5, 0xAE, 0x2D, 0x4B, 0x63, 0x4C, 0x58,
0xFE, 0xBF, 0xAD, 0xEE, 0xA3, 0x09, 0xF8, 0xE2, 0x89, 0xBE, 0x81, 0x0E, 0x86,
0x3A, 0xF9, 0x5B, 0xA5, 0xD8, 0xA4, 0x00, 0x75, 0x04, 0xF2, 0x23, 0xB8, 0x39,
0x69, 0x50, 0xB7, 0xD0, 0x34, 0x63, 0x54, 0xD8, 0x61, 0xDD, 0xA5, 0x33, 0x47,
0x85, 0x96, 0x22, 0xD0, 0x2F, 0x9F, 0x7E, 0xF8, 0x74, 0x24, 0xEA, 0x57, 0x97,
0x5A, 0xE0, 0x00, 0xCF, 0xC1, 0x67, 0xE1, 0x41, 0xBD, 0x94, 0xA1, 0x03, 0xD3,
0xB4, 0x08, 0x64, 0xF2, 0x17, 0x27, 0x35, 0x37, 0x53, 0xEF, 0x46, 0xCE, 0xD8,
0xD4, 0x09, 0x52, 0xC6, 0x1E, 0xF7, 0x28, 0xDF, 0x08, 0x0F, 0xD0, 0x6F, 0x71,
0xA6, 0xDF, 0xE4, 0x60, 0x8E, 0xC0, 0x1E, 0x78, 0x86, 0x50, 0xB0, 0x9B, 0x84,
0x7E, 0xE8, 0x36, 0xFA, 0x95, 0xF1, 0x12, 0x51, 0xC7, 0x18, 0x96, 0xA2, 0x29,
0xBB, 0x70, 0x02, 0xB4, 0xF9, 0xA8, 0x3D, 0x08, 0x66, 0xA9, 0xB3, 0xFC, 0x0A,
0x94, 0x80, 0xFD, 0x78, 0xDC, 0xAB, 0x82, 0x5A, 0xD2, 0xCD, 0xC2, 0x87, 0xC6,
0x4B, 0x07, 0xFA, 0xD1, 0xC3, 0xD9, 0x34, 0x41, 0x85, 0xF8, 0xD0, 0xB6, 0x0A,
0x9D, 0x00, 0x91, 0x35, 0x05, 0x88, 0xC3, 0xE3, 0x9B, 0x22, 0xD2, 0xB8, 0xFD,
0x95, 0x3E, 0x6D, 0x5D, 0x48, 0xA3, 0x68, 0xCF, 0x02, 0x42, 0x79, 0x79, 0x8A,
0xAA, 0x01, 0xD6, 0x09, 0x14, 0x2C, 0xF4, 0x83, 0xA3, 0x80, 0x31, 0x55, 0x46,
0x6E, 0xC5, 0xE5, 0x2F, 0x30, 0x58, 0x81, 0xA2, 0x90, 0xBE, 0x2E, 0xA1, 0xC3,
0x0F, 0xA6, 0xF5, 0x51, 0x00, 0x39, 0xB6, 0xF2, 0x2A, 0xA3, 0x15, 0x7D, 0x8D,
0xF5, 0x66, 0x5C, 0xD9, 0xFC, 0xCF, 0x2F, 0xBF, 0x08, 0x27, 0xE7, 0xD0, 0x03,
0xB8, 0xD9, 0x00, 0x13, 0x3D, 0x01, 0x6B, 0xB6, 0xA8, 0xCD, 0x5B, 0x3B, 0x3E,
0x93, 0xBF, 0xE6, 0x2E, 0xB7, 0x4A, 0xCF, 0xB3, 0x0A, 0xCE, 0x62, 0x11, 0xD6,
0x1F, 0x68, 0x9B, 0x1D, 0x68, 0xD1, 0x8C, 0x97, 0xBD, 0xA1, 0x07, 0x67, 0x73,
0x87, 0xE0, 0x36, 0xDA, 0x8C, 0xD2, 0xD2, 0xBB, 0x84, 0x28, 0xA9, 0xFE, 0x52,
0x74, 0xD6, 0xB9, 0x0F, 0x0A, 0x6A, 0x2D, 0x28, 0x35, 0x34, 0x3A, 0xD3, 0xE2,
0xCD, 0x35, 0x06, 0x7D, 0x1B, 0x35, 0x85, 0x86, 0xD1, 0x3E, 0xF2, 0x6F, 0xA1,
0xC4, 0x55, 0xBD, 0x00, 0xD8, 0xC3, 0x5D, 0xC2, 0x1D, 0x6B, 0x6B, 0x27, 0x5B,
0x95, 0xF3, 0xAB, 0xB5, 0xD3, 0x37, 0xF2, 0x2C, 0x9C, 0xC7, 0x5D, 0xBD, 0xF1,
0x68, 0x1C, 0xAD, 0xF8, 0xB5, 0xE1, 0x29, 0x72, 0x7A, 0x73, 0x62, 0x55, 0x24,
0xB9, 0x85, 0xDF, 0x7B, 0x29, 0x7D, 0xDE, 0x08, 0xF5, 0xE4, 0x44, 0xDA, 0x1A,
0x30, 0x74, 0xDA, 0xB4, 0x9B, 0x23, 0x9A, 0x3A, 0xC1, 0x53, 0xB2, 0xA2, 0xA3,
0x7B, 0x1F, 0xD9, 0x56, 0xD4, 0x4F, 0x9B, 0xB2, 0x1E, 0xEE, 0xB8, 0x6A, 0x4E,
0xB5, 0xF4, 0x5A, 0xC9, 0x18, 0x27, 0x9C, 0xDE, 0x14, 0x44, 0xED, 0xC4, 0x3C,
0x71, 0x9F, 0x5F, 0xD9, 0x37, 0xA0, 0x78, 0x34, 0x6E, 0xBC, 0xD2, 0x7B, 0x1D,
0xFA, 0x08, 0x39, 0x5A, 0x04, 0x73, 0x15, 0xD9, 0x0A, 0x48, 0xC1, 0x2D, 0x15,
0x4E, 0x84, 0x30, 0x45, 0x69, 0xB3, 0xE5, 0xF6, 0xAD, 0x09, 0x1E, 0xCC, 0x5F,
0x1F, 0x06, 0xD5, 0x58, 0xAD, 0x78, 0xD7, 0x9F, 0xE5, 0xED, 0x3B, 0x09, 0xD5,
0xA6, 0x52, 0x6F, 0x92, 0xD3, 0x3C, 0xC6, 0x1E, 0xF2, 0x93, 0x7C, 0xD3, 0x5F,
0x70, 0x85, 0x5D, 0xF8, 0xAA, 0x9D, 0xB7, 0x7B, 0x24, 0x5A, 0xE9, 0x0A, 0x35,
0x2F, 0xF5, 0xD9, 0x82, 0x02, 0x8A, 0x90, 0x13, 0x5B, 0xB5, 0x67, 0x9C, 0xDD,
0xA0, 0x4E, 0x82, 0x27, 0xDA, 0x7E, 0xE8, 0x8E, 0xCD, 0xE1, 0x56, 0x71, 0x2C,
0xE6, 0x4E, 0x1F, 0x91, 0xCD, 0x7C, 0x6A, 0xB7, 0x78, 0xD0, 0x26, 0xF3, 0x56,
0xA9, 0xD5, 0xA1, 0xC3, 0x3B, 0x98, 0xE9, 0x28, 0x09, 0xEF, 0x50, 0x90, 0xCD,
0xC4, 0x8E, 0x75, 0xCC, 0xAC, 0x2D, 0xC9, 0x03, 0x6D, 0xAC, 0xFE, 0xC4, 0x88,
0x36, 0xD1, 0x3F, 0xBB, 0x1C, 0x7D, 0xB3, 0x14, 0x61, 0x2C, 0xB7, 0x54, 0x4B,
0xDB, 0x64, 0xB6, 0x57, 0x14, 0x16, 0x8E, 0x1E, 0x6C, 0x64, 0xBB, 0x8B, 0x48,
0x5D, 0x96, 0x9D, 0xDC, 0x80, 0xA7, 0xF7, 0x54, 0xC7, 0x46, 0x38, 0x3E, 0x44,
0xDE, 0x7E, 0x92, 0x8D, 0x07, 0xF6, 0x07, 0x37, 0x4E, 0x16, 0x10, 0xB4, 0x7D,
0x88, 0x66, 0x7F, 0xBB, 0xFF, 0xEA, 0x00, 0xF3, 0xFF, 0x97, 0x2C, 0xB5, 0xBE,
0x35, 0x4B, 0x5C, 0x36, 0xEC, 0x4C, 0xBD, 0x2B, 0x7D, 0xBF, 0x46, 0xE2, 0x9C,
0x0E, 0x8A, 0xA3, 0xEC, 0xB1, 0x0E, 0x9A, 0xDA, 0x9A, 0x9B, 0x28, 0x92, 0x10,
0x53, 0x57, 0xEA, 0xEC, 0xA2, 0x32, 0x32, 0x20, 0x1D, 0x97, 0x5C, 0xB6, 0x84,
0xA9, 0x93, 0x8D, 0x95, 0x11, 0xA3, 0x24, 0xA3, 0x2D, 0xC6, 0x4A, 0xEF, 0xAA,
0x1D, 0x85, 0x2B, 0x7D, 0x28, 0xBE, 0x53, 0xCE, 0x10, 0x1F, 0xAE, 0x0E, 0x41,
0x6C, 0x4B, 0x79, 0x12, 0xFB, 0xF7, 0x54, 0xA3, 0x96, 0x54, 0x83, 0x20, 0x96,
0x8F, 0x28, 0xA9, 0x3F, 0x8B, 0x3D, 0xBA, 0x77, 0xDC, 0x24, 0xE1, 0xD4, 0x49,
0x40, 0xD8, 0x78, 0x31, 0x85, 0x43, 0xF6, 0xFE, 0x5C, 0xA6, 0x8F, 0x90, 0x09,
0xB0, 0xE7, 0xC4, 0x95, 0xB2, 0x55, 0x49, 0x97, 0x8F, 0x1C, 0x78, 0x30, 0x20,
0xA0, 0xB4, 0xEF, 0x73, 0x56, 0x59, 0x82, 0xFD, 0xCE, 0xBA, 0x6A, 0x8F, 0x2C,
0x8B, 0x15, 0xFD, 0xA1, 0x85, 0xA8, 0x5C, 0x0F, 0x11, 0xA5, 0x9D, 0xC2, 0x46,
0xC6, 0x9C, 0xC9, 0x40, 0x0B, 0x58, 0x6A, 0x1C, 0x7A, 0x23, 0xF9, 0xE0, 0x95,
0x05, 0x13, 0x58, 0x72, 0xE8, 0x9F, 0x30, 0xAC, 0xCD, 0x26, 0xD4, 0x66, 0x13,
0xDF, 0x1E, 0x7B, 0x4F, 0x9C, 0xBE, 0x38, 0x79, 0x75, 0x92, 0xA4, 0xDA, 0x26,
0x44, 0x55, 0x17, 0xA3, 0xE5, 0x62, 0xDA, 0xEB, 0x86, 0xEA, 0x68, 0xC7, 0xAB,
0xFD, 0x2D, 0x43, 0x59, 0x51, 0xC0, 0x75, 0x64, 0x91, 0x01, 0x29, 0x33, 0x28,
0xF3, 0x04, 0x83, 0x80, 0x75, 0x37, 0x75, 0x0C, 0x03, 0x7B, 0x0A, 0xAB, 0x8E,
0x60, 0x62, 0x8B, 0x4C, 0xAF, 0x2D, 0xA3, 0x2F, 0xFE, 0xAB, 0x45, 0xCF, 0xDA,
0xAB, 0xFA, 0xFA, 0x30, 0x3D, 0xE8, 0xA1, 0x96, 0xA5, 0x7B, 0xE2, 0x2A, 0xD0,
0xAF, 0x59, 0xF7, 0xD0, 0x32, 0x57, 0x19, 0xBD, 0xCA, 0x9F, 0xD5, 0x1A, 0xC7,
0xAA, 0x65, 0x4A, 0x38, 0xB2, 0x70, 0x33, 0xB7, 0x75, 0xD2, 0xCD, 0xD1, 0xF0,
0xA8, 0x87, 0x59, 0x20, 0xA5, 0x57, 0x55, 0xB1, 0xB2, 0xC9, 0x4D, 0x97, 0x34,
0x41, 0xF3, 0xF0, 0x30, 0xA1, 0x2C, 0x1C, 0x49, 0x3E, 0x89, 0x7D, 0x12, 0xE2,
0xC3, 0x04, 0xC3, 0x92, 0xC0, 0xF6, 0x39, 0x10, 0x80, 0x81, 0x8F, 0x08, 0xB4,
0xF8, 0xB9, 0x13, 0x4E, 0x2C, 0xAE, 0xB3, 0x71, 0x82, 0x63, 0x98, 0xAB, 0x5C,
0x1C, 0x10, 0xEA, 0x66, 0xF9, 0x02, 0x3A, 0x82, 0x61, 0xD0, 0xD4, 0xAE, 0x43,
0xD4, 0x01, 0x3E, 0x9D, 0x04, 0x14, 0xF6, 0x60, 0xD8, 0xA7, 0xD6, 0xB8, 0x53,
0xC8, 0xDA, 0x80, 0x93, 0xA0, 0x02, 0xDD, 0xCC, 0xE2, 0xF2, 0xBB, 0xFB, 0xE0,
0x27, 0xD7, 0x34, 0x9A, 0x71, 0x49, 0xB5, 0x4F, 0x42, 0x1F, 0xB2, 0x9D, 0x6D,
0xAA, 0x9D, 0xD3, 0x50, 0xB5, 0x8F, 0x6A, 0x4B, 0xDF, 0x1F, 0xD5, 0x27, 0x8F,
0x3B, 0x27, 0xCF, 0x2F, 0x8C, 0xF8, 0x9D, 0x4C, 0x52, 0xBC, 0x32, 0x0F, 0x73,
0xD5, 0x51, 0x8E, 0x36, 0x7E, 0xAD, 0x09, 0xF0, 0x94, 0x83, 0x5F, 0x36, 0xFD,
0x7C, 0x03, 0xED, 0xF1, 0x5E, 0x4B, 0xF7, 0xAA, 0x55, 0x5C, 0x4A, 0x14, 0x59,
0x85, 0x38, 0x2D, 0x8C, 0xDF, 0xEC, 0x65, 0x1B, 0xB8, 0x76, 0x57, 0x96, 0x3C,
0x86, 0xED, 0xF2, 0x7F, 0x2D, 0x28, 0x48, 0xDA, 0x49, 0x7F, 0xF7, 0x54, 0x2B,
0xD5, 0x39, 0xD5, 0x57, 0x0A, 0x75, 0x7A, 0x3E, 0x5E, 0x5D, 0xBA, 0x4A, 0x15,
0xFA, 0xB8, 0x31, 0x80, 0x71, 0x2C, 0xCA, 0xC4, 0x51, 0x10, 0x16, 0x5D, 0x39,
0xEC, 0x9D, 0x07, 0xB6, 0x6A, 0x89, 0x9F, 0x9B, 0x5B, 0x6F, 0x03, 0xB0, 0x92,
0x01, 0x38, 0x6B, 0x48, 0x99, 0x0A, 0x8F, 0x13, 0xC1, 0xA6, 0x01, 0xEA, 0xBF,
0x6F, 0x86, 0x43, 0x51, 0xB6, 0x11, 0x00, 0x00
};
int compress_test(void) int compress_test(void)
{ {
@@ -18315,11 +18477,46 @@ int compress_test(void)
ERROR_OUT(-9202, exit); ERROR_OUT(-9202, exit);
} }
if (XMEMCMP(d, sample_text, dSz)) { if (XMEMCMP(d, sample_text, dSz) != 0) {
ERROR_OUT(-9203, exit); ERROR_OUT(-9203, exit);
} }
ret = 0; ret = 0;
/* GZIP tests */
cSz = (dSz + (word32)(dSz * 0.001) + 12); /* reset cSz */
XMEMSET(c, 0, cSz);
XMEMSET(d, 0, dSz);
ret = wc_Compress_ex(c, cSz, sample_text, dSz, 0, LIBZ_WINBITS_GZIP);
if (ret < 0) {
ERROR_OUT(-9204, exit);
}
cSz = (word32)ret;
ret = wc_DeCompress_ex(d, dSz, c, cSz, LIBZ_WINBITS_GZIP);
if (ret < 0) {
ERROR_OUT(-9206, exit);
}
if (XMEMCMP(d, sample_text, dSz) != 0) {
ERROR_OUT(-9207, exit);
}
/* Try with gzip generated output */
XMEMSET(d, 0, dSz);
ret = wc_DeCompress_ex(d, dSz, sample_text_gz, sizeof(sample_text_gz),
LIBZ_WINBITS_GZIP);
if (ret < 0) {
ERROR_OUT(-9208, exit);
}
dSz = (word32)ret;
if (XMEMCMP(d, sample_text, dSz) != 0) {
ERROR_OUT(-9209, exit);
}
ret = 0; /* success */
exit: exit:
if (c) XFREE(c, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (c) XFREE(c, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (d) XFREE(d, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (d) XFREE(d, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -20318,6 +20515,43 @@ int cryptodev_test(void)
} }
#endif /* WOLF_CRYPTO_DEV */ #endif /* WOLF_CRYPTO_DEV */
#ifdef WOLFSSL_CERT_PIV
int certpiv_test(void)
{
int ret;
wc_CertPIV piv;
/* Template for Identiv PIV cert, nonce and signature */
const byte pivCertIdentiv[] = {
0x0A, 0x0D,
0x53, 0x04, /* NIST PIV Cert */
0x70, 0x02, /* Certificate */
0x30, 0x00,
0x71, 0x01, 0x00, /* Cert Info */
0xFE, 0x00, /* Error Detection */
0x0B, 0x01, 0x00, /* Nonce */
0x0C, 0x01, 0x00, /* Signed Nonce */
};
const byte pivCert[] = {
0x53, 0x04, /* NIST PIV Cert */
0x70, 0x02, /* Certificate */
0x30, 0x00,
0x71, 0x01, 0x00, /* Cert Info */
0xFE, 0x00, /* Error Detection */
};
/* Test with identiv 0x0A, 0x0B and 0x0C markers */
ret = wc_ParseCertPIV(&piv, pivCertIdentiv, sizeof(pivCertIdentiv));
if (ret == 0) {
/* Test with NIST PIV format */
ret = wc_ParseCertPIV(&piv, pivCert, sizeof(pivCert));
}
return ret;
}
#endif /* WOLFSSL_CERT_PIV */
#undef ERROR_OUT #undef ERROR_OUT

3
wolfssl/error-ssl.h
View File

@@ -66,9 +66,6 @@ enum wolfSSL_ErrorCodes {
CLIENT_ID_ERROR = -331, /* psk client identity error */ CLIENT_ID_ERROR = -331, /* psk client identity error */
SERVER_HINT_ERROR = -332, /* psk server hint error */ SERVER_HINT_ERROR = -332, /* psk server hint error */
PSK_KEY_ERROR = -333, /* psk key error */ PSK_KEY_ERROR = -333, /* psk key error */
ZLIB_INIT_ERROR = -334, /* zlib init error */
ZLIB_COMPRESS_ERROR = -335, /* zlib compression error */
ZLIB_DECOMPRESS_ERROR = -336, /* zlib decompression error */
GETTIME_ERROR = -337, /* gettimeofday failed ??? */ GETTIME_ERROR = -337, /* gettimeofday failed ??? */
GETITIMER_ERROR = -338, /* getitimer failed ??? */ GETITIMER_ERROR = -338, /* getitimer failed ??? */

39
wolfssl/wolfcrypt/asn.h
View File

@@ -58,6 +58,9 @@
#include <wolfssl/wolfcrypt/sha256.h> #include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/asn_public.h> /* public interface */ #include <wolfssl/wolfcrypt/asn_public.h> /* public interface */
#if defined(NO_SHA) && defined(NO_SHA256)
#define WC_SHA256_DIGEST_SIZE 32
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@@ -85,6 +88,7 @@ enum ASN_Tags {
ASN_UTF8STRING = 0x0c, ASN_UTF8STRING = 0x0c,
ASN_SEQUENCE = 0x10, ASN_SEQUENCE = 0x10,
ASN_SET = 0x11, ASN_SET = 0x11,
ASN_PRINTABLE_STRING = 0x13,
ASN_UTC_TIME = 0x17, ASN_UTC_TIME = 0x17,
ASN_OTHER_TYPE = 0x00, ASN_OTHER_TYPE = 0x00,
ASN_RFC822_TYPE = 0x01, ASN_RFC822_TYPE = 0x01,
@@ -99,6 +103,7 @@ enum ASN_Tags {
/* ASN_Flags - Bitmask */ /* ASN_Flags - Bitmask */
ASN_CONSTRUCTED = 0x20, ASN_CONSTRUCTED = 0x20,
ASN_APPLICATION = 0x40,
ASN_CONTEXT_SPECIFIC = 0x80, ASN_CONTEXT_SPECIFIC = 0x80,
}; };
@@ -137,7 +142,7 @@ enum DN_Tags {
#define WOLFSSL_BUS_CAT "/businessCategory=" #define WOLFSSL_BUS_CAT "/businessCategory="
#define WOLFSSL_JOI_C "/jurisdictionC=" #define WOLFSSL_JOI_C "/jurisdictionC="
#define WOLFSSL_JOI_ST "/jurisdictionST=" #define WOLFSSL_JOI_ST "/jurisdictionST="
#define WOLFSSL_EMAIL_ADDR "/emailAddress=" #define WOLFSSL_EMAIL_ADDR "/emailAddress="
/* NIDs */ /* NIDs */
enum enum
@@ -186,6 +191,24 @@ enum ECC_TYPES
ECC_PREFIX_1 = 161 ECC_PREFIX_1 = 161
}; };
#ifdef WOLFSSL_CERT_PIV
enum PIV_Tags {
ASN_PIV_CERT = 0x0A,
ASN_PIV_NONCE = 0x0B,
ASN_PIV_SIGNED_NONCE = 0x0C,
ASN_PIV_TAG_CERT = 0x70,
ASN_PIV_TAG_CERT_INFO = 0x71,
ASN_PIV_TAG_MSCUID = 0x72,
ASN_PIV_TAG_ERR_DET = 0xFE,
/* certificate info masks */
ASN_PIV_CERT_INFO_COMPRESSED = 0x03,
ASN_PIV_CERT_INFO_ISX509 = 0x04,
};
#endif /* WOLFSSL_CERT_PIV */
#define ASN_JOI_PREFIX "\x2b\x06\x01\x04\x01\x82\x37\x3c\x02\x01" #define ASN_JOI_PREFIX "\x2b\x06\x01\x04\x01\x82\x37\x3c\x02\x01"
#define ASN_JOI_C 0x3 #define ASN_JOI_C 0x3
#define ASN_JOI_ST 0x2 #define ASN_JOI_ST 0x2
@@ -896,11 +919,17 @@ struct TrustedPeerCert {
#define WOLFSSL_ASN_API WOLFSSL_LOCAL #define WOLFSSL_ASN_API WOLFSSL_LOCAL
#endif #endif
/* Macro for calculating hashId */
#ifdef NO_SHA #if defined(NO_SHA) && defined(NO_SHA256)
#define CalcHashId(data, len, hash) wc_Sha256Hash(data, len, hash) #ifdef WOLF_CRYPTO_DEV
#define CalcHashId(data, len, hash) wc_CryptoDevSha256Hash(data, len, hash)
#else
#define CalcHashId(data, len, hash) NOT_COMPILED_IN
#endif
#elif defined(NO_SHA)
#define CalcHashId(data, len, hash) wc_Sha256Hash(data, len, hash)
#else #else
#define CalcHashId(data, len, hash) wc_ShaHash(data, len, hash) #define CalcHashId(data, len, hash) wc_ShaHash(data, len, hash)
#endif #endif

22
wolfssl/wolfcrypt/asn_public.h
View File

@@ -479,6 +479,28 @@ WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);
#endif #endif
#ifdef WOLFSSL_CERT_PIV
typedef struct _wc_CertPIV {
const byte* cert;
word32 certSz;
const byte* certErrDet;
word32 certErrDetSz;
const byte* nonce; /* Identiv Only */
word32 nonceSz; /* Identiv Only */
const byte* signedNonce; /* Identiv Only */
word32 signedNonceSz; /* Identiv Only */
/* flags */
word16 compression:2;
word16 isX509:1;
word16 isIdentiv:1;
} wc_CertPIV;
WOLFSSL_API int wc_ParseCertPIV(wc_CertPIV* cert, const byte* buf, word32 totalSz);
#endif /* WOLFSSL_CERT_PIV */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

7
wolfssl/wolfcrypt/compress.h
View File

@@ -38,10 +38,15 @@
#define COMPRESS_FIXED 1 #define COMPRESS_FIXED 1
#define LIBZ_WINBITS_GZIP 16
WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32); WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32);
WOLFSSL_API int wc_Compress_ex(byte* out, word32 outSz, const byte* in,
word32 inSz, word32 flags, word32 windowBits);
WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32); WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32);
WOLFSSL_API int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in,
word32 inSz, int windowBits);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

2
wolfssl/wolfcrypt/cryptodev.h
View File

@@ -175,6 +175,8 @@ WOLFSSL_LOCAL int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
#endif /* !NO_AES && HAVE_AESGCM */ #endif /* !NO_AES && HAVE_AESGCM */
WOLFSSL_LOCAL int wc_CryptoDev_Sha256Hash(const byte* data, word32 len, byte* hash);
#endif /* WOLF_CRYPTO_DEV */ #endif /* WOLF_CRYPTO_DEV */
#ifdef __cplusplus #ifdef __cplusplus

6
wolfssl/wolfcrypt/error-crypt.h
View File

@@ -216,7 +216,11 @@ enum {
WC_AFALG_SOCK_E = -264, /* AF_ALG socket error */ WC_AFALG_SOCK_E = -264, /* AF_ALG socket error */
WC_DEVCRYPTO_E = -265, /* /dev/crypto error */ WC_DEVCRYPTO_E = -265, /* /dev/crypto error */
WC_LAST_E = -265, /* Update this to indicate last error */ ZLIB_INIT_ERROR = -266, /* zlib init error */
ZLIB_COMPRESS_ERROR = -267, /* zlib compression error */
ZLIB_DECOMPRESS_ERROR = -268, /* zlib decompression error */
WC_LAST_E = -268, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */ MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes /* add new companion error id strings for any new error codes