From 58a6dfd4372503cd97dd7fa230067df7a228c78e Mon Sep 17 00:00:00 2001 From: tan-qingliu Date: Mon, 12 May 2025 22:58:50 +0800 Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7CA=E8=AF=81=E4=B9=A6=E5=AE=89?= =?UTF-8?q?=E8=A3=85=E6=94=AF=E6=8C=81p7b=E6=A0=BC=E5=BC=8F=E7=9A=84?= =?UTF-8?q?=E8=AF=81=E4=B9=A6=E6=96=87=E4=BB=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: tan-qingliu Change-Id: I06dbf19819ed58d3183fd45e4745e29b1e4dec79 --- .../main/common/include/cm_x509.h | 13 + .../main/common/src/cm_x509.c | 107 ++++ .../cm_ipc/include/cm_ipc_client.h | 4 +- .../os_dependency/cm_ipc/src/cm_ipc_client.c | 13 +- .../main/include/cert_manager_api.h | 3 + .../main/include/cm_type.h | 46 +- .../source/cert_manager_api.c | 99 +++- interfaces/kits/napi/src/cm_napi.cpp | 11 + .../napi/src/cm_napi_user_trusted_cert.cpp | 172 ++++++- .../main/core/include/cert_manager.h | 2 + .../main/core/include/cert_manager_check.h | 4 +- .../main/core/include/cert_manager_service.h | 3 + .../main/core/src/cert_manager.c | 6 +- .../main/core/src/cert_manager_check.c | 20 +- .../main/core/src/cert_manager_service.c | 62 +++ .../os_dependency/idl/cm_ipc/cm_ipc_service.c | 30 +- test/fuzz_test/BUILD.gn | 1 + .../BUILD.gn | 57 +++ .../cminstallusertrustedcertp7b_fuzzer.cpp | 74 +++ .../cminstallusertrustedcertp7b_fuzzer.h | 18 + .../corpus/init | 13 + .../project.xml | 25 + test/unittest/include/cm_cert_data_p7b.h | 477 ++++++++++++++++++ test/unittest/src/cm_user_cert_test.cpp | 77 +++ 24 files changed, 1312 insertions(+), 25 deletions(-) create mode 100644 test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/BUILD.gn create mode 100644 test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.cpp create mode 100644 test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.h create mode 100644 test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/corpus/init create mode 100644 test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/project.xml create mode 100644 test/unittest/include/cm_cert_data_p7b.h diff --git a/frameworks/cert_manager_standard/main/common/include/cm_x509.h b/frameworks/cert_manager_standard/main/common/include/cm_x509.h index 47a4cb8..0d0a1f0 100644 --- a/frameworks/cert_manager_standard/main/common/include/cm_x509.h +++ b/frameworks/cert_manager_standard/main/common/include/cm_x509.h @@ -19,6 +19,7 @@ #include #include #include +#include #include "cm_type.h" #ifdef __cplusplus extern "C" { @@ -42,6 +43,9 @@ extern "C" { #define CM_ORGANIZATION_UNIT_NAME "OU" #define ASN1_TAG_TYPE_SEQ 0x30 + +DEFINE_STACK_OF(char) + enum CmCertFormat { CM_CERT_FORMAT_PEM, CM_CERT_FORMAT_DER @@ -58,6 +62,15 @@ struct DataTime { X509 *InitCertContext(const uint8_t *certBuf, uint32_t size); +/** + * @brief Create STACKOF(X509) from a buffer + * + * @param[in] certBuf P7B file buffer. + * @param[in] size Buffer's size. + * @return STACK_OF(X509)* Stack of X509 certificate. + */ +STACK_OF(X509) *InitCertStackContext(const uint8_t *certBuf, uint32_t size); + int32_t GetX509SerialNumber(X509 *x509cert, char *outBuf, uint32_t outBufMaxSize); int32_t GetX509SubjectName(const X509 *x509cert, const char *subjectObjName, char *outBuf, uint32_t outBufMaxSize); diff --git a/frameworks/cert_manager_standard/main/common/src/cm_x509.c b/frameworks/cert_manager_standard/main/common/src/cm_x509.c index 00ba31a..e007c42 100644 --- a/frameworks/cert_manager_standard/main/common/src/cm_x509.c +++ b/frameworks/cert_manager_standard/main/common/src/cm_x509.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include @@ -56,6 +57,112 @@ X509 *InitCertContext(const uint8_t *certBuf, uint32_t size) return x509; } +static int32_t FindStringInStack(STACK_OF(char) *sk, const char *target) +{ + if (sk == NULL || target == NULL) { + CM_LOG_E("null pointer"); + return CMR_ERROR; + } + int num = sk_char_num(sk); + for (int i = 0; i < num; i++) { + char *str = sk_char_value(sk, i); + if (str && strcmp(str, target) == 0) { + CM_LOG_I("found fingerprint"); + return i; + } + } + return CMR_ERROR; +} + +static int32_t DumplicateCerts(STACK_OF(X509) *certStack, STACK_OF(X509) *deduplicateStack) +{ + if (certStack == NULL || deduplicateStack == NULL) { + CM_LOG_E("certStack or deduplicateStack is null"); + return CMR_ERROR_NULL_POINTER; + } + STACK_OF(char) *fingerprintStack = sk_char_new_null(); + if (fingerprintStack == NULL) { + CM_LOG_E("fingerprintStack is null"); + return CMR_ERROR_MALLOC_FAIL; + } + int32_t ret = CM_SUCCESS; + int certNum = sk_X509_num(certStack); + for (int i = 0; i < certNum; ++i) { + X509 *cert = sk_X509_value(certStack, i); + char fingerprint[FINGERPRINT_MAX_SIZE] = {0}; + int32_t fingerprintLength = GetX509Fingerprint(cert, fingerprint, sizeof(fingerprint)); + if (fingerprintLength < 0) { + continue; + } + // check is fingerprint exist or not. + int32_t fpIdx = FindStringInStack(fingerprintStack, fingerprint); + if (fpIdx != CMR_ERROR) { + continue; + } + X509 *dupCert = X509_dup(cert); + if (dupCert == NULL) { + CM_LOG_E("dupCert is null"); + ret = CMR_ERROR_NULL_POINTER; + break; + } + char *dupFingerprint = strdup(fingerprint); + if (dupFingerprint == NULL) { + X509_free(dupCert); + CM_LOG_E("dupFingerprint is null"); + ret = CMR_ERROR_NULL_POINTER; + break; + } + sk_X509_push(deduplicateStack, dupCert); + sk_char_push(fingerprintStack, dupFingerprint); + } + sk_char_pop_free(fingerprintStack, (void (*)(char *))free); + return ret; +} + +STACK_OF(X509) *InitCertStackContext(const uint8_t *certBuf, uint32_t size) +{ + if (certBuf == NULL || size > MAX_LEN_CERTIFICATE_P7B || size == 0) { + CM_LOG_E("invalid params"); + return NULL; + } + BIO *bio = BIO_new_mem_buf(certBuf, (int)size); + if (bio == NULL) { + CM_LOG_E("bio is null"); + return NULL; + } + PKCS7 *p7 = d2i_PKCS7_bio(bio, NULL); + BIO_free(bio); + if (p7 == NULL) { + CM_LOG_E("p7 is null"); + return NULL; + } + if (p7->d.sign == NULL) { + CM_LOG_E("p7->d.sign is null"); + PKCS7_free(p7); + return NULL; + } + STACK_OF(X509) *certStack = p7->d.sign->cert; + if (certStack == NULL) { + CM_LOG_E("certStack is null"); + PKCS7_free(p7); + return NULL; + } + STACK_OF(X509) *deduplicateStack = sk_X509_new_null(); + if (deduplicateStack == NULL) { + CM_LOG_E("deduplicateStack is null"); + PKCS7_free(p7); + return NULL; + } + int32_t ret = DumplicateCerts(certStack, deduplicateStack); + PKCS7_free(p7); + if (ret != CM_SUCCESS) { + CM_LOG_E("deduplicate certs failed, ret = %d", ret); + sk_X509_pop_free(deduplicateStack, X509_free); + return NULL; + } + return deduplicateStack; +} + int32_t GetX509SerialNumber(X509 *x509cert, char *outBuf, uint32_t outBufMaxSize) { if (outBuf == NULL || x509cert == NULL) { diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h index 48d2d93..76aea96 100755 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h @@ -69,8 +69,8 @@ int32_t CmClientGetUserCertInfo(const struct CmBlob *certUri, const uint32_t sto int32_t CmClientSetUserCertStatus(const struct CmBlob *certUri, const uint32_t store, const uint32_t status); -int32_t CmClientInstallUserTrustedCert(const struct CmBlob *userCert, const struct CmBlob *certAlias, - const uint32_t userId, const uint32_t status, struct CmBlob *certUri); +int32_t CmClientInstallUserTrustedCert(const struct CmInstallCertInfo *installInfo, + const enum CmCertFileFormat certFormat, const uint32_t status, struct CmBlob *certUri); int32_t CmClientUninstallUserTrustedCert(const struct CmBlob *certUri); diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c index fe4fd0f..8d2fad2 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c @@ -944,9 +944,17 @@ int32_t CmClientSetUserCertStatus(const struct CmBlob *certUri, const uint32_t s return SetUserCertStatus(CM_MSG_SET_USER_CERTIFICATE_STATUS, certUri, store, status); } -int32_t CmClientInstallUserTrustedCert(const struct CmBlob *userCert, const struct CmBlob *certAlias, - const uint32_t userId, const uint32_t status, struct CmBlob *certUri) +int32_t CmClientInstallUserTrustedCert(const struct CmInstallCertInfo *installInfo, + const enum CmCertFileFormat certFormat, const uint32_t status, struct CmBlob *certUri) { + if (CmCheckInstallCertInfo(installInfo) != CM_SUCCESS) { + CM_LOG_E("check installCertInfo invalid"); + return CMR_ERROR_INVALID_ARGUMENT; + } + const struct CmBlob *userCert = installInfo->userCert; + const struct CmBlob *certAlias = installInfo->certAlias; + uint32_t userId = installInfo->userId; + if (CmCheckBlob(userCert) != CM_SUCCESS || CmCheckBlob(certAlias) != CM_SUCCESS || CmCheckBlob(certUri) != CM_SUCCESS) { CM_LOG_E("invalid input params"); @@ -961,6 +969,7 @@ int32_t CmClientInstallUserTrustedCert(const struct CmBlob *userCert, const stru { .tag = CM_TAG_PARAM1_BUFFER, .blob = *certAlias }, { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = userId }, { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = status }, + { .tag = CM_TAG_PARAM2_UINT32, .uint32Param = certFormat }, }; do { diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h index c70284d..f1b9270 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h @@ -86,6 +86,9 @@ CM_API_EXPORT int32_t CmGetUserCACertList(const struct UserCAProperty *property, CM_API_EXPORT int32_t CmGetCertStorePath(const enum CmCertType type, const uint32_t userId, char *path, uint32_t pathLen); +CM_API_EXPORT int32_t CmInstallUserTrustedP7BCert(const struct CmInstallCertInfo *installCertInfo, const bool status, + struct CertUriList *certUriList); + #ifdef __cplusplus } #endif diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h b/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h index 028612d..477bbbe 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cm_type.h @@ -33,13 +33,15 @@ extern "C" { #define CM_API_EXPORT __attribute__ ((visibility("default"))) #endif -#define MAX_LEN_CERTIFICATE 8196 +#define MAX_LEN_CERTIFICATE 8196 +#define MAX_LEN_CERTIFICATE_P7B (1024 * 300) #define MAX_LEN_CERTIFICATE_CHAIN (3 * MAX_LEN_CERTIFICATE) #define MAX_SUFFIX_LEN 16 #define MAX_COUNT_CERTIFICATE 256 #define MAX_COUNT_CERTIFICATE_ALL 512 +#define MAX_P7B_INSTALL_COUNT 256 #define MAX_LEN_URI 256 #define MAX_AUTH_LEN_URI 256 #define MAX_LEN_CERT_ALIAS 129 /* include 1 byte: the terminator('\0') */ @@ -470,11 +472,35 @@ enum CmCertScope { CM_GLOBAL_USER = 2, }; +enum CmCertFileFormat { + PEM_DER = 0, + P7B = 1, +}; + struct UserCAProperty { uint32_t userId; enum CmCertScope scope; }; +struct CmInstallCertInfo { + const struct CmBlob *userCert; + const struct CmBlob *certAlias; + uint32_t userId; +}; + +struct CertUriList { + uint32_t certCount; + struct CmBlob *uriList; +}; + +struct InstallUserCertParams { + struct CmContext *cmContext; + struct CmBlob *userCert; + struct CmBlob *certAlias; + struct CmBlob *outData; + uint32_t status; +}; + static inline bool CmIsAdditionOverflow(uint32_t a, uint32_t b) { return (UINT32_MAX - a) < b; @@ -488,6 +514,24 @@ static inline int32_t CmCheckBlob(const struct CmBlob *blob) return CM_SUCCESS; } +static inline int32_t CmCheckInstallUserCertParams(const struct InstallUserCertParams *params) +{ + if (params == NULL || params->cmContext == NULL || CmCheckBlob(params->certAlias) != CM_SUCCESS || + CmCheckBlob(params->userCert) != CM_SUCCESS || CmCheckBlob(params->outData) != CM_SUCCESS) { + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +static inline int32_t CmCheckInstallCertInfo(const struct CmInstallCertInfo *installCertInfo) +{ + if (installCertInfo == NULL || CmCheckBlob(installCertInfo->certAlias) != CM_SUCCESS || + CmCheckBlob(installCertInfo->userCert) != CM_SUCCESS) { + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + #ifdef __cplusplus } #endif diff --git a/interfaces/innerkits/cert_manager_standard/source/cert_manager_api.c b/interfaces/innerkits/cert_manager_standard/source/cert_manager_api.c index 11a4036..b05e3e9 100644 --- a/interfaces/innerkits/cert_manager_standard/source/cert_manager_api.c +++ b/interfaces/innerkits/cert_manager_standard/source/cert_manager_api.c @@ -373,30 +373,114 @@ CM_API_EXPORT int32_t CmInstallSystemAppCert(const struct CmAppCertParam *certPa return ret; } -CM_API_EXPORT int32_t CmInstallUserCACert(const struct CmBlob *userCert, - const struct CmBlob *certAlias, const uint32_t userId, const bool status, struct CmBlob *certUri) + +static int32_t CmInstallUserTrustedCertByFormat(const struct CmInstallCertInfo *installCertInfo, bool status, + struct CmBlob *certUri, const enum CmCertFileFormat certFormat) { - CM_LOG_I("enter install user ca cert"); - if ((userCert == NULL) || (certAlias == NULL) || (certUri == NULL)) { + CM_LOG_I("enter install user ca cert by format"); + if (CmCheckInstallCertInfo(installCertInfo) != CM_SUCCESS || CmCheckBlob(certUri) != CM_SUCCESS) { + CM_LOG_E("check installCertInfo failed"); return CMR_ERROR_INVALID_ARGUMENT; } bool isAdvSecMode = false; int32_t ret = CheckAdvSecMode(&isAdvSecMode); if (ret != CM_SUCCESS) { + CM_LOG_E("check advSecMode failed, ret = %d", ret); return ret; } if (isAdvSecMode) { - CM_LOG_E("InstallUserTrustedCert: the device enters advanced security mode"); + CM_LOG_E("the device enters advanced security mode"); return CMR_ERROR_DEVICE_ENTER_ADVSECMODE; } uint32_t uStatus = status ? 0 : 1; // 0 indicates the certificate enabled status - ret = CmClientInstallUserTrustedCert(userCert, certAlias, userId, uStatus, certUri); + ret = CmClientInstallUserTrustedCert(installCertInfo, certFormat, uStatus, certUri); CM_LOG_I("leave install user ca cert, result = %d", ret); return ret; } +CM_API_EXPORT int32_t CmInstallUserCACert(const struct CmBlob *userCert, + const struct CmBlob *certAlias, const uint32_t userId, const bool status, struct CmBlob *certUri) +{ + struct CmInstallCertInfo installInfo = { + .userCert = userCert, + .certAlias = certAlias, + .userId = userId + }; + int32_t ret = CmInstallUserTrustedCertByFormat(&installInfo, status, certUri, PEM_DER); + CM_LOG_I("leave install user ca cert, result = %d", ret); + return ret; +} + +static int32_t UnpackCertUriList(struct CertUriList *certUriList, uint8_t *inData, uint32_t dataSize) +{ + if (certUriList == NULL || inData == NULL || dataSize < sizeof(uint32_t)) { + CM_LOG_E("invalid argument"); + return CMR_ERROR_INVALID_ARGUMENT; + } + uint8_t *data = inData; + uint32_t certCount = (uint32_t)*data; + if (dataSize < (sizeof(uint32_t) + (certCount * MAX_LEN_URI))) { + CM_LOG_E("buffer size too small"); + return CMR_ERROR_BUFFER_TOO_SMALL; + } + data += sizeof(uint32_t); + certUriList->certCount = certCount; + + uint32_t uriListSize = (sizeof(struct CmBlob) + MAX_LEN_URI) * certCount; + struct CmBlob *uriList = (struct CmBlob *)CmMalloc(uriListSize); + if (uriList == NULL) { + CM_LOG_E("memory operation failed"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(uriList, uriListSize, 0, uriListSize); + certUriList->uriList = uriList; + + uint8_t *uriData = (uint8_t *)uriList + (sizeof(struct CmBlob) * certCount); + + if (memcpy_s(uriData, MAX_LEN_URI * certCount, data, MAX_LEN_URI * certCount) != EOK) { + CM_LOG_E("memory copy failed"); + return CMR_ERROR_MEM_OPERATION_COPY; + } + for (uint32_t i = 0; i < certCount; ++i) { + uriList[i].data = uriData; + uriList[i].size = MAX_LEN_URI; + uriData += MAX_LEN_URI; + } + return CM_SUCCESS; +} + +CM_API_EXPORT int32_t CmInstallUserTrustedP7BCert(const struct CmInstallCertInfo *installCertInfo, const bool status, + struct CertUriList *certUriList) +{ + if (CmCheckInstallCertInfo(installCertInfo) != CM_SUCCESS || certUriList == NULL) { + CM_LOG_E("invalid params"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + uint32_t outDataSize = sizeof(uint32_t) + (MAX_LEN_URI * MAX_P7B_INSTALL_COUNT); + uint8_t *outData = (uint8_t *)CmMalloc(outDataSize); + if (outData == NULL) { + CM_LOG_E("malloc failed"); + return CMR_ERROR_MALLOC_FAIL; + } + struct CmBlob certUriListBlob = { outDataSize, outData }; + int32_t ret = CmInstallUserTrustedCertByFormat(installCertInfo, status, &certUriListBlob, P7B); + if (ret != CM_SUCCESS) { + CM_LOG_E("install certs failed, ret = %d", ret); + CM_FREE_PTR(outData); + return ret; + } + ret = UnpackCertUriList(certUriList, outData, outDataSize); + CM_FREE_PTR(outData); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack certUriList failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + CM_API_EXPORT int32_t CmGetUserCACertList(const struct UserCAProperty *property, struct CertList *certificateList) { CM_LOG_I("enter get user ca cert list"); @@ -434,5 +518,4 @@ CM_API_EXPORT int32_t CmGetCertStorePath(const enum CmCertType type, const uint3 } return CMR_ERROR_INVALID_ARGUMENT; -} - +} \ No newline at end of file diff --git a/interfaces/kits/napi/src/cm_napi.cpp b/interfaces/kits/napi/src/cm_napi.cpp index 9fcc132..e54e68b 100644 --- a/interfaces/kits/napi/src/cm_napi.cpp +++ b/interfaces/kits/napi/src/cm_napi.cpp @@ -122,6 +122,16 @@ namespace CMNapi { return scope; } + static napi_value CreateCertFileFormat(napi_env env) + { + napi_value format = nullptr; + NAPI_CALL(env, napi_create_object(env, &format)); + + AddInt32Property(env, format, "PEM_DER", PEM_DER); + AddInt32Property(env, format, "P7B", P7B); + return format; + } + static napi_value CreateAuthStorageLevel(napi_env env) { napi_value level = nullptr; @@ -146,6 +156,7 @@ extern "C" { DECLARE_NAPI_PROPERTY("CmKeyPadding", CreateCMKeyPadding(env)), DECLARE_NAPI_PROPERTY("CertType", CreateCertType(env)), DECLARE_NAPI_PROPERTY("CertScope", CreateCertScope(env)), + DECLARE_NAPI_PROPERTY("CertFileFormat", CreateCertFileFormat(env)), DECLARE_NAPI_PROPERTY("AuthStorageLevel", CreateAuthStorageLevel(env)), /* system ca */ diff --git a/interfaces/kits/napi/src/cm_napi_user_trusted_cert.cpp b/interfaces/kits/napi/src/cm_napi_user_trusted_cert.cpp index 2ef6fd1..a4955e6 100644 --- a/interfaces/kits/napi/src/cm_napi_user_trusted_cert.cpp +++ b/interfaces/kits/napi/src/cm_napi_user_trusted_cert.cpp @@ -44,6 +44,9 @@ struct UserCertAsyncContextT { struct CmBlob *userCert = nullptr; struct CmBlob *certAlias = nullptr; struct CmBlob *certUri = nullptr; + struct CertUriList *certUriList = nullptr; + CmCertFileFormat certFormat = PEM_DER; + CmCertScope certScope = CM_ALL_USER; }; using UserCertAsyncContext = UserCertAsyncContextT *; @@ -66,6 +69,10 @@ static void FreeUserCertAsyncContext(napi_env env, UserCertAsyncContext &context FreeCmBlob(context->userCert); FreeCmBlob(context->certAlias); FreeCmBlob(context->certUri); + if (context->certUriList != nullptr) { + CM_FREE_PTR(context->certUriList->uriList); + CM_FREE_PTR(context->certUriList); + } CM_FREE_PTR(context); } @@ -100,6 +107,57 @@ static int32_t GetCertAliasData(napi_env env, napi_value object, UserCertAsyncCo return CM_SUCCESS; } +static napi_value ParseCertFormat(napi_env env, napi_value object, UserCertAsyncContext context) +{ + napi_value certFormatValue = nullptr; + napi_status status = napi_get_named_property(env, object, "certFormat", &certFormatValue); + if (status != napi_ok || certFormatValue == nullptr) { + return GetInt32(env, 0); + } + uint32_t certFormat = PEM_DER; + if (ParseUint32(env, certFormatValue, certFormat) == nullptr) { + CM_LOG_E("parse uint32 failed"); + return nullptr; + } + // check support certFormat + switch (certFormat) { + case PEM_DER: + case P7B: + break; + default: + CM_LOG_E("invalid cert format: %u", certFormat); + return nullptr; + } + context->certFormat = static_cast(certFormat); + return GetInt32(env, 0); +} + +static napi_value ParseCertScope(napi_env env, napi_value object, UserCertAsyncContext context) +{ + napi_value certScopeValue = nullptr; + napi_status status = napi_get_named_property(env, object, "certScope", &certScopeValue); + if (status != napi_ok || certScopeValue == nullptr) { + return GetInt32(env, 0); + } + uint32_t certScope = PEM_DER; + if (ParseUint32(env, certScopeValue, certScope) == nullptr) { + CM_LOG_E("parse uint32 failed"); + return nullptr; + } + // check support certScope + switch (certScope) { + case CM_ALL_USER: + case CM_GLOBAL_USER: + case CM_CURRENT_USER: + break; + default: + CM_LOG_E("invalid cert scope: %u", certScope); + return nullptr; + } + context->certScope = static_cast(certScope); + return GetInt32(env, 0); +} + static napi_value ParseCertInfo(napi_env env, napi_value object, UserCertAsyncContext context) { napi_valuetype type = napi_undefined; @@ -123,13 +181,27 @@ static napi_value ParseCertInfo(napi_env env, napi_value object, UserCertAsyncCo return nullptr; } + // parse certFormat + if (ParseCertFormat(env, object, context) == nullptr) { + CM_LOG_E("parse cert file format failed"); + return nullptr; + } + + // parse certScope + if (ParseCertScope(env, object, context) == nullptr) { + CM_LOG_E("parse cert scope failed"); + return nullptr; + } + int32_t ret = GetUserCertData(env, userCertValue, &context->userCert); if (ret != CM_SUCCESS) { + CM_LOG_E("get user certData failed, ret = %d", ret); return nullptr; } ret = GetCertAliasData(env, certAliasValue, context); if (ret != CM_SUCCESS) { + CM_LOG_E("get cert aliasData failed, ret = %d", ret); return nullptr; } @@ -280,14 +352,13 @@ static napi_value ParseUninstallAllUserCertParams(napi_env env, napi_callback_in return GetInt32(env, 0); } -static void InstallUserCertExecute(napi_env env, void *data) +static int32_t InitCertUri(UserCertAsyncContext context) { - UserCertAsyncContext context = static_cast(data); context->certUri = static_cast(CmMalloc(sizeof(CmBlob))); if (context->certUri == nullptr) { CM_LOG_E("malloc certUri failed"); context->errCode = CMR_ERROR_MALLOC_FAIL; - return; + return CMR_ERROR_MALLOC_FAIL; } (void)memset_s(context->certUri, sizeof(CmBlob), 0, sizeof(CmBlob)); @@ -295,12 +366,70 @@ static void InstallUserCertExecute(napi_env env, void *data) if (context->certUri->data == nullptr) { CM_LOG_E("malloc certUri.data failed"); context->errCode = CMR_ERROR_MALLOC_FAIL; - return; + return CMR_ERROR_MALLOC_FAIL; } (void)memset_s(context->certUri->data, OUT_AUTH_URI_SIZE, 0, OUT_AUTH_URI_SIZE); context->certUri->size = OUT_AUTH_URI_SIZE; + return CM_SUCCESS; +} - context->errCode = CmInstallUserTrustedCert(context->userCert, context->certAlias, context->certUri); +static int32_t InitCertUriList(UserCertAsyncContext context) +{ + CertUriList *certUriList = static_cast(CmMalloc(sizeof(CertUriList))); + if (certUriList == nullptr) { + CM_LOG_E("malloc certUriList failed"); + context->errCode = CMR_ERROR_MALLOC_FAIL; + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(certUriList, sizeof(CertUriList), 0, sizeof(CertUriList)); + certUriList->certCount = 0; + context->certUriList = certUriList; + return CM_SUCCESS; +} + +static void InstallUserCertExecute(napi_env env, void *data) +{ + UserCertAsyncContext context = static_cast(data); + if (context == nullptr) { + CM_LOG_E("context is null"); + return; + } + int32_t ret = CM_SUCCESS; + uint32_t userId = 0; + if (context->certScope == CM_CURRENT_USER) { + userId = INIT_INVALID_VALUE; + } else if (context->certScope == CM_GLOBAL_USER) { + userId = 0; + } else { + CM_LOG_E("invalid certificate scope"); + context->errCode = CMR_ERROR_INVALID_ARGUMENT; + return; + } + + if (context->certFormat == P7B) { + ret = InitCertUriList(context); + if (ret != CM_SUCCESS) { + CM_LOG_E("init cert uriList failed, ret = %d", ret); + context->errCode = ret; + return; + } + CmInstallCertInfo installCertInfo = { + .userCert = context->userCert, + .certAlias = context->certAlias, + .userId = userId + }; + context->errCode = CmInstallUserTrustedP7BCert(&installCertInfo, true, context->certUriList); + return; + } + + ret = InitCertUri(context); + if (ret != CM_SUCCESS) { + CM_LOG_E("init certUri failed"); + context->errCode = ret; + return; + } + context->errCode = CmInstallUserCACert(context->userCert, context->certAlias, userId, true, context->certUri); + return; } static napi_value ConvertResultCertUri(napi_env env, const CmBlob *certUri) @@ -316,13 +445,44 @@ static napi_value ConvertResultCertUri(napi_env env, const CmBlob *certUri) return result; } +static napi_value ConvertResultCertUriList(napi_env env, const CertUriList *certUriList) +{ + if (certUriList == nullptr) { + CM_LOG_E("null pointer"); + return nullptr; + } + napi_value result = nullptr; + NAPI_CALL(env, napi_create_object(env, &result)); + + napi_value uriArray = nullptr; + NAPI_CALL(env, napi_create_array(env, &uriArray)); + + for (uint32_t i = 0; i < certUriList->certCount; ++i) { + napi_value certUri = nullptr; + NAPI_CALL(env, napi_create_string_latin1(env, reinterpret_cast(certUriList->uriList[i].data), + NAPI_AUTO_LENGTH, &certUri)); + NAPI_CALL(env, napi_set_element(env, uriArray, i, certUri)); + } + + NAPI_CALL(env, napi_set_named_property(env, result, "uriList", uriArray)); + return result; +} + +static napi_value ConvertInstallCertResult(napi_env env, const UserCertAsyncContext context) +{ + if (context->certFormat == P7B) { + return ConvertResultCertUriList(env, context->certUriList); + } + return ConvertResultCertUri(env, context->certUri); +} + static void InstallUserCertComplete(napi_env env, napi_status status, void *data) { UserCertAsyncContext context = static_cast(data); napi_value result[RESULT_NUMBER] = { nullptr }; if (context->errCode == CM_SUCCESS) { napi_create_uint32(env, 0, &result[0]); - result[1] = ConvertResultCertUri(env, context->certUri); + result[1] = ConvertInstallCertResult(env, context); } else { result[0] = GenerateBusinessError(env, context->errCode); napi_get_undefined(env, &result[1]); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager.h index 60fca89..4cdb178 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager.h @@ -93,6 +93,8 @@ int32_t RdbInsertCertProperty(const struct CertPropertyOri *propertyOri); int32_t GetObjNameFromCertData(const struct CmBlob *certData, const struct CmBlob *certAlias, struct CmBlob *objectName); +int32_t GetCertOrCredCount(const struct CmContext *context, const uint32_t store, uint32_t *certCount); + #ifdef __cplusplus } #endif diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h index 8ffe648..40cb963 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h @@ -42,7 +42,7 @@ int32_t CmServiceGetCallingAppCertListCheck(const struct CmContext *cmContext, c int32_t CmServiceGetAppCertCheck(struct CmContext *cmContext, const uint32_t store, const struct CmBlob *keyUri); int32_t CmServiceInstallUserCertCheck(struct CmContext *cmContext, const struct CmBlob *userCert, - const struct CmBlob *certAlias, const uint32_t userId); + const struct CmBlob *certAlias, const uint32_t userId, const uint32_t certFormat); int32_t CmServiceUninstallUserCertCheck(struct CmContext *cmContext, const struct CmBlob *certUri); @@ -50,6 +50,8 @@ int32_t CmServiceGetUserCertInfoCheck(struct CmContext *cmContext, const struct const uint32_t type, bool isCheckUid); int32_t CmServiceSetUserCertStatusCheck(struct CmContext *cmContext, const struct CmBlob *certUri); + +int32_t CheckInstallMultiCertCount(const struct CmContext *context, const uint32_t certNum); #ifdef __cplusplus } #endif diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h index 8a505ac..c9e4808 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h @@ -62,6 +62,9 @@ int32_t CmX509ToPEM(const X509 *x509, struct CmBlob *userCertPem); int32_t CmInstallUserCert(const struct CmContext *context, const struct CmBlob *userCert, const struct CmBlob *certAlias, const uint32_t status, struct CmBlob *certUri); +int32_t CmInstallMultiUserCert(const struct CmContext *context, const struct CmBlob *userCert, + const struct CmBlob *certAlias, const uint32_t status, struct CmBlob *certUri); + int32_t CmUninstallUserCert(const struct CmContext *context, const struct CmBlob *certUri); int32_t CmUninstallAllUserCert(const struct CmContext *context); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c index 2340b3b..01c1fc7 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c @@ -559,8 +559,12 @@ int32_t CmServiceGetCallingAppCertList(const struct CmContext *context, uint32_t return CM_SUCCESS; } -static int32_t GetCertOrCredCount(const struct CmContext *context, const uint32_t store, uint32_t *certCount) +int32_t GetCertOrCredCount(const struct CmContext *context, const uint32_t store, uint32_t *certCount) { + if (context == NULL || certCount == NULL) { + CM_LOG_E("null pointer"); + return CMR_ERROR_NULL_POINTER; + } uint32_t fileCount = 0; struct CmBlob fileNames[MAX_COUNT_CERTIFICATE]; uint32_t len = MAX_COUNT_CERTIFICATE * sizeof(struct CmBlob); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c index 15d974e..bf549a1 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c @@ -494,14 +494,15 @@ static bool CmCheckAndUpdateCallerUserId(const uint32_t inputUserId, uint32_t *c } int32_t CmServiceInstallUserCertCheck(struct CmContext *cmContext, const struct CmBlob *userCert, - const struct CmBlob *certAlias, const uint32_t userId) + const struct CmBlob *certAlias, const uint32_t userId, const uint32_t certFormat) { if (cmContext == NULL) { CM_LOG_E("CmServiceInstallUserCertCheck: context is null"); return CMR_ERROR_INVALID_ARGUMENT; } - if ((CmCheckBlob(userCert) != CM_SUCCESS) || userCert->size > MAX_LEN_CERTIFICATE) { + uint32_t userCertMaxLen = (certFormat == P7B) ? MAX_LEN_CERTIFICATE_P7B : MAX_LEN_CERTIFICATE; + if ((CmCheckBlob(userCert) != CM_SUCCESS) || userCert->size > userCertMaxLen) { CM_LOG_E("input params userCert is invalid"); return CMR_ERROR_INVALID_ARGUMENT_APP_CERT; } @@ -577,3 +578,18 @@ int32_t CmServiceSetUserCertStatusCheck(struct CmContext *cmContext, const struc } return CM_SUCCESS; } + +int32_t CheckInstallMultiCertCount(const struct CmContext *context, const uint32_t certNum) +{ + uint32_t certCount = 0; + int32_t ret = GetCertOrCredCount(context, CM_USER_TRUSTED_STORE, &certCount); + if (ret != CM_SUCCESS) { + CM_LOG_E("Failed obtain cert count for store muti user cert."); + return ret; + } + if (certCount + certNum > MAX_COUNT_CERTIFICATE) { + CM_LOG_E("cert count beyond maxcount, can't install user certs"); + return CMR_ERROR_MAX_CERT_COUNT_REACHED; + } + return CM_SUCCESS; +} diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c index 217bbc6..308ae1b 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "securec.h" @@ -827,6 +828,67 @@ int32_t CmInstallUserCert(const struct CmContext *context, const struct CmBlob * return ret; } +int32_t CmInstallMultiUserCert(const struct CmContext *context, const struct CmBlob *userCert, + const struct CmBlob *certAlias, const uint32_t status, struct CmBlob *certUri) +{ + if (context == NULL || userCert == NULL || certAlias == NULL || certUri->data == NULL || + certUri->size < sizeof(uint32_t)) { + CM_LOG_E("invalid argument"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + uint8_t *outData = certUri->data; + uint32_t uriListSize = 0; + + STACK_OF(X509) *certStack = InitCertStackContext(userCert->data, userCert->size); + if (certStack == NULL) { + CM_LOG_E("init certStack failed"); + return CMR_ERROR_INVALID_CERT_FORMAT; + } + uriListSize = (int32_t)sk_X509_num(certStack); + // check buffer size + uint32_t capacity = (certUri->size - sizeof(uint32_t)) / MAX_LEN_URI; + if (uriListSize > capacity) { + CM_LOG_E("too many certs, uriListSize = %u, capacity = %u", uriListSize, capacity); + sk_X509_pop_free(certStack, X509_free); + return CMR_ERROR_MAX_CERT_COUNT_REACHED; + } + int32_t ret = CheckInstallMultiCertCount(context, (uint32_t)uriListSize); + if (ret != CM_SUCCESS) { + CM_LOG_E("check install certs too many, ret = %d", ret); + sk_X509_pop_free(certStack, X509_free); + return ret; + } + + // set uriListSize + *((uint32_t *)outData) = uriListSize; + outData += sizeof(uint32_t); + + for (int32_t i = 0; i < uriListSize; ++i) { + struct CmBlob certPemData = { 0, NULL }; + X509 *cert = sk_X509_value(certStack, i); + ret = CmX509ToPEM(cert, &certPemData); + if (ret != CM_SUCCESS) { + CM_LOG_E("CmX509ToPem failed, ret = %d", ret); + break; + } + + // install an user cert + struct CmBlob outUri = { MAX_LEN_URI, outData }; + ret = CmInstallUserCert(context, &certPemData, certAlias, status, &outUri); + if (ret != CM_SUCCESS) { + CM_FREE_BLOB(certPemData); + CM_LOG_E("CmInstallUserCert failed, ret = %d", ret); + break; + } + CM_FREE_BLOB(certPemData); + outData += MAX_LEN_URI; + } + + sk_X509_pop_free(certStack, X509_free); + return ret; +} + static int32_t CmComparisonCallerIdWithUri(const struct CmContext *context, const struct CmBlob *certUri) { diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c index 4996b78..462e283 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c @@ -1191,6 +1191,29 @@ void CmIpcServiceSetUserCertStatus(const struct CmBlob *paramSetBlob, struct CmB CM_LOG_I("leave: ret = %d", ret); } +static int32_t CmInstallUserCertExecute(const struct InstallUserCertParams *installCertParams, + const enum CmCertFileFormat certFormat) +{ + if (CmCheckInstallUserCertParams(installCertParams) != CM_SUCCESS) { + CM_LOG_E("invalid params"); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = CM_SUCCESS; + if (certFormat == PEM_DER) { + ret = CmInstallUserCert(installCertParams->cmContext, installCertParams->userCert, + installCertParams->certAlias, installCertParams->status, installCertParams->outData); + } else if (certFormat == P7B) { + ret = CmInstallMultiUserCert(installCertParams->cmContext, installCertParams->userCert, + installCertParams->certAlias, installCertParams->status, installCertParams->outData); + } else { + ret = CMR_ERROR_NOT_SUPPORTED; + } + if (ret != CM_SUCCESS) { + CM_LOG_E("install user cert failed, certFormat = %u, ret = %d", certFormat, ret); + } + return ret; +} + void CmIpcServiceInstallUserCert(const struct CmBlob *paramSetBlob, struct CmBlob *outData, const struct CmContext *context) { @@ -1199,6 +1222,7 @@ void CmIpcServiceInstallUserCert(const struct CmBlob *paramSetBlob, struct CmBlo struct CmBlob certAlias = { 0, NULL }; uint32_t userId = 0; uint32_t status = CERT_STATUS_ENANLED; + uint32_t certFormat = PEM_DER; struct CmContext cmContext = {0}; struct CmContext oriContext = {0}; struct CmParamSet *paramSet = NULL; @@ -1207,6 +1231,7 @@ void CmIpcServiceInstallUserCert(const struct CmBlob *paramSetBlob, struct CmBlo { .tag = CM_TAG_PARAM1_BUFFER, .blob = &certAlias }, { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &userId }, { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = &status }, + { .tag = CM_TAG_PARAM2_UINT32, .uint32Param = &certFormat }, }; do { @@ -1218,13 +1243,14 @@ void CmIpcServiceInstallUserCert(const struct CmBlob *paramSetBlob, struct CmBlo oriContext.userId = cmContext.userId; oriContext.uid = cmContext.uid; - ret = CmServiceInstallUserCertCheck(&cmContext, &userCert, &certAlias, userId); + ret = CmServiceInstallUserCertCheck(&cmContext, &userCert, &certAlias, userId, certFormat); if (ret != CM_SUCCESS) { CM_LOG_E("CmServiceInstallUserCertCheck fail, ret = %d", ret); break; } - ret = CmInstallUserCert(&cmContext, &userCert, &certAlias, status, outData); + struct InstallUserCertParams installUserCertParams = { &cmContext, &userCert, &certAlias, outData, status }; + ret = CmInstallUserCertExecute(&installUserCertParams, certFormat); if (ret != CM_SUCCESS) { CM_LOG_E("CertManagerInstallUserCert fail, ret = %d", ret); break; diff --git a/test/fuzz_test/BUILD.gn b/test/fuzz_test/BUILD.gn index 7adbc30..b7de858 100644 --- a/test/fuzz_test/BUILD.gn +++ b/test/fuzz_test/BUILD.gn @@ -66,6 +66,7 @@ group("fuzztest") { "./cmipcserviceuninstallusercert_fuzzer:fuzztest", "./cmipcserviceupdate_fuzzer:fuzztest", "./cmonremoterequest_fuzzer:fuzztest", + "./cminstallusertrustedcertp7b_fuzzer:fuzztest", ] deps += [ diff --git a/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/BUILD.gn b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/BUILD.gn new file mode 100644 index 0000000..3655830 --- /dev/null +++ b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/BUILD.gn @@ -0,0 +1,57 @@ +# Copyright (c) 2022-2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//base/security/certificate_manager/cert_manager.gni") +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "certificate_manager/certificate_manager" + +##############################fuzztest########################################## +ohos_fuzztest("CmInstallUserTrustedP7BCertFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "${cert_manager_root_dir}/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "cminstallusertrustedcertp7b_fuzzer.cpp" ] + deps = [ + "${cert_manager_root_dir}/frameworks/cert_manager_standard/main/common:libcert_manager_common_standard_static", + "${cert_manager_root_dir}/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + "${cert_manager_root_dir}/test/fuzz_test/fuzz_test_common:libcert_manager_fuzz_test_common_static", + ] + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "bounds_checking_function:libsec_static", + "c_utils:utils", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + + deps += [ + # deps file + ":CmInstallUserTrustedP7BCertFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.cpp b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.cpp new file mode 100644 index 0000000..54190ab --- /dev/null +++ b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.cpp @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2022-2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cminstallusertrustedcertp7b_fuzzer.h" + +#include "cert_manager_api.h" +#include "cm_fuzz_test_common.h" + +using namespace CmFuzzTest; +namespace OHOS { + static const uint32_t CM_BLOB_NUM = 3; + + bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) + { + uint32_t minSize = CM_BLOB_NUM * sizeof(struct CmBlob); + uint8_t *myData = nullptr; + if (!CopyMyData(data, size, minSize, &myData)) { + return false; + } + + uint32_t remainSize = static_cast(size); + uint32_t offset = 0; + struct CmBlob userCert = { 0, nullptr }; + if (!GetCmBlobFromBuffer(myData, &remainSize, &offset, &userCert)) { + CmFree(myData); + return false; + } + + struct CmBlob certAlias = { 0, nullptr }; + if (!GetCmBlobFromBuffer(myData, &remainSize, &offset, &certAlias)) { + CmFree(myData); + return false; + } + + struct CertUriList certUriList = { 0, nullptr }; + + uint32_t randomUserId = 0; + if (!GetUintFromBuffer(myData, &remainSize, &offset, &randomUserId)) { + return false; + } + struct CmInstallCertInfo installCertInfo = { + .userCert = &userCert, + .certAlias = &certAlias, + .userId = randomUserId + }; + + SetATPermission(); + (void)CmInstallUserTrustedP7BCert(&installCertInfo, true, &certUriList); + + CM_FREE_PTR(certUriList.uriList); + CmFree(myData); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} diff --git a/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.h b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.h new file mode 100644 index 0000000..1d92520 --- /dev/null +++ b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/cminstallusertrustedcertp7b_fuzzer.h @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZ_PROJECT_NAME +#define FUZZ_PROJECT_NAME "cminstallusertrustedcertp7b_fuzzer" +#endif diff --git a/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/corpus/init b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/corpus/init new file mode 100644 index 0000000..1b91014 --- /dev/null +++ b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/project.xml b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/project.xml new file mode 100644 index 0000000..6e8ad2c --- /dev/null +++ b/test/fuzz_test/cminstallusertrustedcertp7b_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/unittest/include/cm_cert_data_p7b.h b/test/unittest/include/cm_cert_data_p7b.h new file mode 100644 index 0000000..c0de483 --- /dev/null +++ b/test/unittest/include/cm_cert_data_p7b.h @@ -0,0 +1,477 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_CERT_DATA_P7B_H +#define CM_CERT_DATA_P7B_H + +#include "cm_type.h" + +static const uint8_t g_p7bUserCertInfo[] = { + 0x30, 0x82, 0x0b, 0x93, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, + 0x82, 0x0b, 0x84, 0x30, 0x82, 0x0b, 0x80, 0x02, 0x01, 0x01, 0x31, 0x00, 0x30, 0x0b, 0x06, 0x09, + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x0b, 0x66, 0x30, 0x82, 0x05, + 0xaf, 0x30, 0x82, 0x03, 0x97, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x0c, 0x7a, 0x28, 0xa2, + 0xf1, 0x43, 0x49, 0x49, 0xc4, 0x42, 0x03, 0x8b, 0xeb, 0x15, 0xf3, 0xfc, 0xf9, 0xc7, 0x91, 0xfb, + 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, + 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, 0x6e, 0x31, 0x0c, + 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, + 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, + 0x0b, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, + 0x03, 0x61, 0x61, 0x61, 0x31, 0x12, 0x30, 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x01, 0x09, 0x01, 0x16, 0x03, 0x61, 0x61, 0x61, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x35, 0x30, 0x34, + 0x32, 0x38, 0x30, 0x38, 0x30, 0x32, 0x35, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x35, 0x30, 0x34, 0x32, + 0x36, 0x30, 0x38, 0x30, 0x32, 0x35, 0x30, 0x5a, 0x30, 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, 0x6e, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x03, + 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x61, 0x61, + 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, + 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x12, 0x30, + 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x03, 0x61, 0x61, + 0x61, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82, 0x02, 0x0a, 0x02, 0x82, 0x02, + 0x01, 0x00, 0xd7, 0x25, 0xfc, 0xef, 0x5f, 0xaf, 0xc1, 0x3e, 0x86, 0xbb, 0x90, 0x2d, 0xcc, 0x7a, + 0x2c, 0x27, 0xc3, 0x58, 0x78, 0x78, 0x53, 0x91, 0xfd, 0xe2, 0xa7, 0x97, 0x91, 0x10, 0xe1, 0x7e, + 0xa8, 0xf6, 0xbb, 0x67, 0x2b, 0xa9, 0xfa, 0x4d, 0x7c, 0x17, 0xb2, 0x8b, 0x23, 0xba, 0x6c, 0xbb, + 0xfe, 0x4c, 0x8c, 0x2e, 0x4b, 0x49, 0xd3, 0x34, 0x9f, 0x36, 0xe1, 0x04, 0x75, 0x28, 0x34, 0x02, + 0x9a, 0xda, 0x73, 0xb9, 0x1a, 0xab, 0xd3, 0x0f, 0x2d, 0x3f, 0x9d, 0x42, 0xb9, 0x39, 0x0d, 0xd0, + 0xfa, 0xd3, 0xdb, 0x9b, 0x6b, 0xc5, 0x6a, 0x86, 0xc4, 0x53, 0x05, 0x50, 0x91, 0x1a, 0xee, 0x25, + 0xd1, 0x9f, 0xcb, 0x38, 0xf7, 0x7a, 0x99, 0x7f, 0x7a, 0x67, 0x12, 0x66, 0x02, 0xbe, 0x6c, 0x9f, + 0x50, 0xa7, 0x70, 0x31, 0x42, 0x53, 0x68, 0xfc, 0x9c, 0xe9, 0x6d, 0x58, 0xbb, 0x8a, 0x4d, 0x44, + 0xf0, 0xa1, 0x20, 0x3c, 0x61, 0x7e, 0xad, 0x5e, 0xfc, 0x42, 0x70, 0xbc, 0xff, 0x23, 0xca, 0xbf, + 0xe6, 0x5f, 0xec, 0xb5, 0x20, 0x21, 0x9a, 0x42, 0x38, 0x0e, 0xd5, 0x83, 0x22, 0x7b, 0x6f, 0x23, + 0x33, 0x0a, 0x7f, 0x14, 0xf3, 0x07, 0x0f, 0xba, 0x6a, 0x29, 0x2f, 0xc8, 0x99, 0xec, 0x8f, 0xc3, + 0x0b, 0x8f, 0xf7, 0x3f, 0x9e, 0x42, 0xf7, 0x46, 0x66, 0x95, 0x49, 0x16, 0xbd, 0x02, 0xcf, 0x7c, + 0xf6, 0xb1, 0x1f, 0x9d, 0x59, 0x22, 0xc4, 0xf3, 0x08, 0xb3, 0xfc, 0x2a, 0x6b, 0x31, 0x29, 0xf5, + 0x00, 0x02, 0x20, 0xca, 0x08, 0x97, 0x9f, 0xd3, 0xe6, 0xab, 0x26, 0x29, 0x35, 0x48, 0x84, 0x99, + 0xd8, 0xdb, 0xef, 0xd9, 0x50, 0x95, 0xb3, 0x0c, 0xc4, 0x84, 0xab, 0x39, 0x4c, 0x0e, 0x50, 0x04, + 0x92, 0x97, 0xdf, 0x79, 0x41, 0x21, 0x5a, 0x8b, 0xcb, 0xce, 0x4d, 0x1d, 0xd6, 0x2f, 0x46, 0x1b, + 0x8b, 0x39, 0xcb, 0xe3, 0x3e, 0xcf, 0xb9, 0x60, 0xf4, 0xaf, 0x8b, 0xf7, 0xce, 0x7a, 0x94, 0x6d, + 0xe0, 0x8a, 0x13, 0xb3, 0xbc, 0xeb, 0x62, 0xe6, 0x93, 0x2b, 0x01, 0x01, 0xdd, 0xce, 0x1b, 0x3a, + 0xf2, 0xe9, 0x6b, 0x48, 0x96, 0x82, 0x4b, 0x38, 0x34, 0x0d, 0x6b, 0x8b, 0xe2, 0xc7, 0x66, 0x37, + 0x87, 0x74, 0x24, 0x4d, 0xa2, 0x00, 0x7a, 0x51, 0x55, 0x3a, 0xf5, 0x61, 0x91, 0xbb, 0x26, 0x43, + 0x33, 0xe2, 0xce, 0x7f, 0x80, 0x83, 0x89, 0xcd, 0x7c, 0xfd, 0x6a, 0xf6, 0x4c, 0xe8, 0xcc, 0x08, + 0x6e, 0xd2, 0xb3, 0x85, 0x92, 0x9d, 0x21, 0x6c, 0x6a, 0xb4, 0x82, 0xf6, 0x5d, 0xaa, 0xfc, 0x38, + 0x0e, 0x60, 0x4d, 0xeb, 0x7c, 0x21, 0xa2, 0xc8, 0x0c, 0x1c, 0xb5, 0xd5, 0x24, 0xaf, 0xa3, 0xaa, + 0xf8, 0x2b, 0x92, 0x34, 0xa4, 0xe5, 0x66, 0x83, 0xd8, 0x4b, 0x15, 0xac, 0x66, 0xf9, 0x06, 0xdb, + 0xc8, 0xa7, 0xe2, 0xcf, 0x7b, 0x7b, 0x82, 0x24, 0xfa, 0xd7, 0x04, 0xd5, 0xf2, 0xbe, 0x2d, 0x92, + 0xd0, 0xa9, 0x02, 0xd5, 0x88, 0xe5, 0x5c, 0xca, 0xe6, 0xaa, 0xfb, 0x38, 0xd1, 0x56, 0xf7, 0xe2, + 0x60, 0x9e, 0x84, 0xab, 0xc9, 0x60, 0x11, 0xb1, 0x3c, 0xf4, 0x9b, 0xd5, 0x2f, 0xf8, 0x2e, 0xe5, + 0xe4, 0x71, 0x8d, 0x13, 0x5f, 0x30, 0x55, 0xa2, 0x57, 0x35, 0x40, 0xb1, 0x0a, 0x65, 0x7a, 0x8c, + 0x4b, 0x22, 0x2e, 0xaa, 0x73, 0x97, 0x84, 0x8a, 0xd1, 0x57, 0x66, 0xdf, 0xfd, 0xe7, 0x9b, 0xe0, + 0x62, 0xa6, 0xc0, 0xa6, 0x50, 0xd7, 0x3a, 0x34, 0x78, 0x49, 0xf4, 0x8e, 0x79, 0xa1, 0x48, 0x6f, + 0xe4, 0x42, 0x9c, 0xff, 0x44, 0x6d, 0xe9, 0x25, 0x85, 0x66, 0xfc, 0x12, 0xf1, 0x11, 0xd9, 0x42, + 0xeb, 0x91, 0xb8, 0xdb, 0x68, 0x87, 0x81, 0x87, 0x34, 0x98, 0x79, 0x36, 0x35, 0x6a, 0x6c, 0xa3, + 0xbb, 0x83, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x1d, 0x06, 0x03, 0x55, + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, 0x57, 0xb9, 0x0a, 0x74, + 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, + 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, 0x57, 0xb9, 0x0a, + 0x74, 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x0f, 0x06, 0x03, 0x55, + 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, + 0x0d, 0xe5, 0xbe, 0x47, 0x84, 0x34, 0x74, 0xf5, 0xe6, 0x8a, 0xbc, 0x24, 0x66, 0x3c, 0x30, 0xe3, + 0x8b, 0x61, 0x0d, 0xb1, 0x0f, 0x18, 0xec, 0xbb, 0xb9, 0x32, 0x42, 0x36, 0x03, 0x0e, 0x86, 0x18, + 0x1a, 0x73, 0xe4, 0x5a, 0xfa, 0xb9, 0x97, 0xfd, 0x40, 0xff, 0x54, 0xe4, 0x97, 0x2f, 0x47, 0x56, + 0x55, 0x50, 0xcd, 0x1e, 0xe4, 0x4e, 0x9d, 0x82, 0xc9, 0xb4, 0x47, 0x3a, 0x1b, 0xff, 0x1d, 0xcc, + 0xdb, 0xad, 0x28, 0xb1, 0x4e, 0x65, 0x51, 0x43, 0x7f, 0xf9, 0x4f, 0x27, 0xbc, 0x58, 0xe2, 0x59, + 0xcb, 0xa8, 0xa8, 0x00, 0x0f, 0xda, 0xef, 0x94, 0x06, 0x52, 0x10, 0x18, 0x71, 0xfb, 0x97, 0x41, + 0x88, 0x13, 0xb1, 0x89, 0xa5, 0x25, 0x40, 0xf7, 0x2c, 0x9c, 0x7d, 0xb9, 0x63, 0x0d, 0x64, 0x12, + 0x7a, 0xd5, 0x83, 0xa8, 0xcd, 0x49, 0xf5, 0xb3, 0x19, 0xb9, 0xac, 0x6f, 0xe5, 0xc1, 0x7d, 0xbb, + 0x85, 0xf8, 0x6c, 0x77, 0x4d, 0xc5, 0x0a, 0x81, 0xde, 0x8b, 0xfb, 0x7d, 0xfd, 0x9a, 0x57, 0x22, + 0xd3, 0xf3, 0xa9, 0xa6, 0xe4, 0x10, 0x0a, 0x57, 0x96, 0x92, 0xf8, 0x4c, 0x03, 0x7c, 0xff, 0xfd, + 0x16, 0x14, 0x6b, 0x01, 0xb9, 0xe6, 0xad, 0xaf, 0xa5, 0xe1, 0x1f, 0x23, 0xc0, 0xb1, 0xd8, 0x23, + 0x8d, 0x12, 0x82, 0x9d, 0x50, 0xe0, 0x71, 0xbe, 0x95, 0x87, 0x32, 0xf2, 0x6f, 0x3f, 0x5c, 0x4d, + 0x6f, 0x53, 0x2c, 0x5c, 0xa2, 0x48, 0xc4, 0x73, 0x3f, 0x67, 0x28, 0x11, 0x5b, 0xbf, 0x12, 0x9e, + 0xd8, 0xed, 0x42, 0xd5, 0x51, 0xea, 0xe2, 0x29, 0xd4, 0x90, 0xc6, 0x34, 0x00, 0xa3, 0x3a, 0xd3, + 0xc4, 0x16, 0x27, 0x66, 0x2d, 0xbb, 0xc0, 0x6f, 0xf4, 0x59, 0x3c, 0xab, 0xd9, 0xd0, 0xd9, 0xc7, + 0x0a, 0xb1, 0x39, 0xbb, 0x7e, 0xd1, 0x02, 0x27, 0x0a, 0x7e, 0x7a, 0x67, 0xd7, 0xf3, 0x0c, 0xb0, + 0x29, 0xcd, 0x97, 0x63, 0x84, 0x44, 0x97, 0x70, 0x33, 0x9e, 0xb0, 0x9a, 0x0e, 0x6a, 0xcb, 0xfe, + 0x25, 0x75, 0xe8, 0x72, 0x19, 0x81, 0xd7, 0x0c, 0xf6, 0xef, 0x09, 0xcc, 0x5a, 0xe1, 0xe0, 0xf6, + 0x7b, 0xa5, 0x6a, 0x41, 0x74, 0xc0, 0x84, 0xa7, 0x5a, 0x1f, 0x2d, 0x3f, 0x6e, 0xb0, 0xf8, 0x70, + 0x5e, 0x74, 0x8a, 0x5a, 0xc7, 0x79, 0x76, 0x27, 0x96, 0xda, 0x7a, 0xd7, 0x5c, 0x2a, 0x24, 0x0b, + 0xc3, 0x87, 0x4b, 0x6a, 0xe9, 0x31, 0x24, 0x23, 0xed, 0x9a, 0xee, 0xed, 0x9f, 0x96, 0x35, 0xb5, + 0xb5, 0x9b, 0xf0, 0xdd, 0xc0, 0x8f, 0xfb, 0x17, 0x29, 0xe5, 0xbe, 0x1d, 0x5d, 0x0f, 0x57, 0x12, + 0x31, 0xb7, 0x2c, 0x93, 0x49, 0x79, 0xd8, 0xff, 0x87, 0x97, 0x98, 0xe3, 0x6c, 0x25, 0x07, 0x66, + 0x40, 0xe8, 0xcd, 0xd8, 0x41, 0xcc, 0x01, 0x7e, 0x41, 0x17, 0x89, 0xeb, 0x1c, 0x5f, 0xba, 0x16, + 0x8e, 0xb4, 0xa9, 0x19, 0x98, 0xcb, 0x8f, 0xff, 0xc7, 0x6e, 0x72, 0x57, 0x5e, 0x7a, 0x50, 0xf7, + 0x13, 0x12, 0x00, 0x4c, 0x0f, 0xdc, 0x50, 0x31, 0x89, 0x26, 0xf7, 0x6c, 0x8f, 0xc5, 0x78, 0x19, + 0xd1, 0xb6, 0xef, 0x08, 0x9f, 0x0b, 0xf9, 0xf9, 0x88, 0x2a, 0x2e, 0x62, 0x3e, 0x11, 0xfb, 0xbe, + 0xee, 0xac, 0x30, 0x73, 0xed, 0xea, 0x8e, 0xc1, 0x91, 0x62, 0x9c, 0xd9, 0xec, 0xbf, 0xfc, 0xc0, + 0x7c, 0xe9, 0x52, 0x33, 0x19, 0xd6, 0x40, 0x93, 0x58, 0x02, 0x9a, 0x40, 0x48, 0x4a, 0xe6, 0xc2, + 0xe5, 0xab, 0x08, 0xd1, 0x59, 0xa8, 0xe7, 0x71, 0x0c, 0x37, 0x67, 0xe7, 0x6b, 0x70, 0xe8, 0x35, + 0x5f, 0x34, 0x33, 0x9e, 0xb6, 0x41, 0x01, 0xf5, 0xc0, 0x53, 0x20, 0x30, 0x20, 0x71, 0x0f, 0x54, + 0x3b, 0x3d, 0xac, 0x6b, 0x28, 0x75, 0x51, 0x18, 0x12, 0x26, 0x0c, 0x9e, 0x25, 0x49, 0xf8, 0x6e, + 0x30, 0x82, 0x05, 0xaf, 0x30, 0x82, 0x03, 0x97, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x07, + 0xe8, 0x71, 0x87, 0x40, 0xf6, 0x62, 0x07, 0x86, 0x97, 0xb0, 0xd1, 0xd2, 0xb7, 0x30, 0x41, 0x81, + 0xfc, 0xbd, 0xb8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, + 0x05, 0x00, 0x30, 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, + 0x6e, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, + 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, + 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, + 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x12, 0x30, 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, + 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x03, 0x62, 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x32, + 0x35, 0x30, 0x34, 0x32, 0x38, 0x30, 0x38, 0x30, 0x33, 0x31, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x35, + 0x30, 0x34, 0x32, 0x36, 0x30, 0x38, 0x30, 0x33, 0x31, 0x30, 0x5a, 0x30, 0x67, 0x31, 0x0b, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, 0x6e, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, + 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x62, + 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x03, 0x62, 0x62, 0x62, + 0x31, 0x12, 0x30, 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, + 0x03, 0x62, 0x62, 0x62, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, + 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82, 0x02, 0x0a, + 0x02, 0x82, 0x02, 0x01, 0x00, 0xd7, 0x25, 0xfc, 0xef, 0x5f, 0xaf, 0xc1, 0x3e, 0x86, 0xbb, 0x90, + 0x2d, 0xcc, 0x7a, 0x2c, 0x27, 0xc3, 0x58, 0x78, 0x78, 0x53, 0x91, 0xfd, 0xe2, 0xa7, 0x97, 0x91, + 0x10, 0xe1, 0x7e, 0xa8, 0xf6, 0xbb, 0x67, 0x2b, 0xa9, 0xfa, 0x4d, 0x7c, 0x17, 0xb2, 0x8b, 0x23, + 0xba, 0x6c, 0xbb, 0xfe, 0x4c, 0x8c, 0x2e, 0x4b, 0x49, 0xd3, 0x34, 0x9f, 0x36, 0xe1, 0x04, 0x75, + 0x28, 0x34, 0x02, 0x9a, 0xda, 0x73, 0xb9, 0x1a, 0xab, 0xd3, 0x0f, 0x2d, 0x3f, 0x9d, 0x42, 0xb9, + 0x39, 0x0d, 0xd0, 0xfa, 0xd3, 0xdb, 0x9b, 0x6b, 0xc5, 0x6a, 0x86, 0xc4, 0x53, 0x05, 0x50, 0x91, + 0x1a, 0xee, 0x25, 0xd1, 0x9f, 0xcb, 0x38, 0xf7, 0x7a, 0x99, 0x7f, 0x7a, 0x67, 0x12, 0x66, 0x02, + 0xbe, 0x6c, 0x9f, 0x50, 0xa7, 0x70, 0x31, 0x42, 0x53, 0x68, 0xfc, 0x9c, 0xe9, 0x6d, 0x58, 0xbb, + 0x8a, 0x4d, 0x44, 0xf0, 0xa1, 0x20, 0x3c, 0x61, 0x7e, 0xad, 0x5e, 0xfc, 0x42, 0x70, 0xbc, 0xff, + 0x23, 0xca, 0xbf, 0xe6, 0x5f, 0xec, 0xb5, 0x20, 0x21, 0x9a, 0x42, 0x38, 0x0e, 0xd5, 0x83, 0x22, + 0x7b, 0x6f, 0x23, 0x33, 0x0a, 0x7f, 0x14, 0xf3, 0x07, 0x0f, 0xba, 0x6a, 0x29, 0x2f, 0xc8, 0x99, + 0xec, 0x8f, 0xc3, 0x0b, 0x8f, 0xf7, 0x3f, 0x9e, 0x42, 0xf7, 0x46, 0x66, 0x95, 0x49, 0x16, 0xbd, + 0x02, 0xcf, 0x7c, 0xf6, 0xb1, 0x1f, 0x9d, 0x59, 0x22, 0xc4, 0xf3, 0x08, 0xb3, 0xfc, 0x2a, 0x6b, + 0x31, 0x29, 0xf5, 0x00, 0x02, 0x20, 0xca, 0x08, 0x97, 0x9f, 0xd3, 0xe6, 0xab, 0x26, 0x29, 0x35, + 0x48, 0x84, 0x99, 0xd8, 0xdb, 0xef, 0xd9, 0x50, 0x95, 0xb3, 0x0c, 0xc4, 0x84, 0xab, 0x39, 0x4c, + 0x0e, 0x50, 0x04, 0x92, 0x97, 0xdf, 0x79, 0x41, 0x21, 0x5a, 0x8b, 0xcb, 0xce, 0x4d, 0x1d, 0xd6, + 0x2f, 0x46, 0x1b, 0x8b, 0x39, 0xcb, 0xe3, 0x3e, 0xcf, 0xb9, 0x60, 0xf4, 0xaf, 0x8b, 0xf7, 0xce, + 0x7a, 0x94, 0x6d, 0xe0, 0x8a, 0x13, 0xb3, 0xbc, 0xeb, 0x62, 0xe6, 0x93, 0x2b, 0x01, 0x01, 0xdd, + 0xce, 0x1b, 0x3a, 0xf2, 0xe9, 0x6b, 0x48, 0x96, 0x82, 0x4b, 0x38, 0x34, 0x0d, 0x6b, 0x8b, 0xe2, + 0xc7, 0x66, 0x37, 0x87, 0x74, 0x24, 0x4d, 0xa2, 0x00, 0x7a, 0x51, 0x55, 0x3a, 0xf5, 0x61, 0x91, + 0xbb, 0x26, 0x43, 0x33, 0xe2, 0xce, 0x7f, 0x80, 0x83, 0x89, 0xcd, 0x7c, 0xfd, 0x6a, 0xf6, 0x4c, + 0xe8, 0xcc, 0x08, 0x6e, 0xd2, 0xb3, 0x85, 0x92, 0x9d, 0x21, 0x6c, 0x6a, 0xb4, 0x82, 0xf6, 0x5d, + 0xaa, 0xfc, 0x38, 0x0e, 0x60, 0x4d, 0xeb, 0x7c, 0x21, 0xa2, 0xc8, 0x0c, 0x1c, 0xb5, 0xd5, 0x24, + 0xaf, 0xa3, 0xaa, 0xf8, 0x2b, 0x92, 0x34, 0xa4, 0xe5, 0x66, 0x83, 0xd8, 0x4b, 0x15, 0xac, 0x66, + 0xf9, 0x06, 0xdb, 0xc8, 0xa7, 0xe2, 0xcf, 0x7b, 0x7b, 0x82, 0x24, 0xfa, 0xd7, 0x04, 0xd5, 0xf2, + 0xbe, 0x2d, 0x92, 0xd0, 0xa9, 0x02, 0xd5, 0x88, 0xe5, 0x5c, 0xca, 0xe6, 0xaa, 0xfb, 0x38, 0xd1, + 0x56, 0xf7, 0xe2, 0x60, 0x9e, 0x84, 0xab, 0xc9, 0x60, 0x11, 0xb1, 0x3c, 0xf4, 0x9b, 0xd5, 0x2f, + 0xf8, 0x2e, 0xe5, 0xe4, 0x71, 0x8d, 0x13, 0x5f, 0x30, 0x55, 0xa2, 0x57, 0x35, 0x40, 0xb1, 0x0a, + 0x65, 0x7a, 0x8c, 0x4b, 0x22, 0x2e, 0xaa, 0x73, 0x97, 0x84, 0x8a, 0xd1, 0x57, 0x66, 0xdf, 0xfd, + 0xe7, 0x9b, 0xe0, 0x62, 0xa6, 0xc0, 0xa6, 0x50, 0xd7, 0x3a, 0x34, 0x78, 0x49, 0xf4, 0x8e, 0x79, + 0xa1, 0x48, 0x6f, 0xe4, 0x42, 0x9c, 0xff, 0x44, 0x6d, 0xe9, 0x25, 0x85, 0x66, 0xfc, 0x12, 0xf1, + 0x11, 0xd9, 0x42, 0xeb, 0x91, 0xb8, 0xdb, 0x68, 0x87, 0x81, 0x87, 0x34, 0x98, 0x79, 0x36, 0x35, + 0x6a, 0x6c, 0xa3, 0xbb, 0x83, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x1d, + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, 0x57, + 0xb9, 0x0a, 0x74, 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x1f, 0x06, + 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, + 0x57, 0xb9, 0x0a, 0x74, 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x0f, + 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, + 0x02, 0x01, 0x00, 0x13, 0x11, 0x48, 0xce, 0x68, 0x7f, 0xb8, 0x7f, 0x99, 0x07, 0x8b, 0x6e, 0x93, + 0xd8, 0xe0, 0x11, 0x37, 0x2c, 0xe4, 0x5e, 0xc3, 0x88, 0xba, 0x5d, 0x42, 0x68, 0x5a, 0x2d, 0x08, + 0x37, 0xef, 0xad, 0x85, 0x61, 0x49, 0x0e, 0xb4, 0xe5, 0xd9, 0xb7, 0x3f, 0xe4, 0xae, 0x54, 0xbe, + 0xae, 0x71, 0xdf, 0xe7, 0xf1, 0xf3, 0xc0, 0x2e, 0x3b, 0x0d, 0xb8, 0xe3, 0x08, 0xf3, 0x32, 0x52, + 0x42, 0x5b, 0x7a, 0x61, 0x52, 0xda, 0xf4, 0x88, 0x14, 0x5c, 0xbc, 0xe4, 0xd6, 0xc0, 0x61, 0x7d, + 0x7c, 0x97, 0x3b, 0x62, 0x50, 0xa1, 0x56, 0x2a, 0x15, 0xa3, 0xe7, 0xe2, 0x04, 0x22, 0xa0, 0x95, + 0xd5, 0x5c, 0x2b, 0x9f, 0xe0, 0xf6, 0xf2, 0xc6, 0x8f, 0x52, 0x62, 0xa7, 0x0a, 0x4c, 0xfb, 0x07, + 0x71, 0xb3, 0xbf, 0xae, 0xf6, 0xf5, 0x9b, 0x67, 0x97, 0x8b, 0xb2, 0x8c, 0xf3, 0xdf, 0x25, 0x33, + 0x42, 0x3b, 0x95, 0xb3, 0xc2, 0xd3, 0x75, 0x4d, 0xb2, 0xf1, 0x21, 0xfc, 0x79, 0x9f, 0x4a, 0xf6, + 0xef, 0xf7, 0x24, 0xf6, 0xda, 0x62, 0x03, 0xf4, 0x06, 0x65, 0xd4, 0x4c, 0xc4, 0xbb, 0x4a, 0x2a, + 0xa0, 0x5b, 0x92, 0xbf, 0xe3, 0x0e, 0x2a, 0xbf, 0x9c, 0x4f, 0x3e, 0xf6, 0x34, 0x2f, 0x5b, 0x08, + 0x87, 0x92, 0x45, 0x53, 0xcf, 0xb5, 0x2d, 0x71, 0xa9, 0x92, 0xfc, 0xe3, 0x44, 0x95, 0x74, 0x22, + 0x99, 0xea, 0x55, 0x6d, 0xe1, 0xa9, 0x21, 0x2a, 0x40, 0x8f, 0x7d, 0x9f, 0xcd, 0x58, 0xc7, 0x48, + 0x3d, 0x30, 0x00, 0x65, 0x6d, 0xd6, 0x61, 0x7f, 0x38, 0xf0, 0x61, 0x73, 0xdf, 0x1f, 0x3d, 0x5f, + 0x34, 0x81, 0x01, 0xff, 0xb0, 0xc6, 0x6f, 0xeb, 0x2d, 0x80, 0xe8, 0x89, 0xef, 0x43, 0x34, 0x5e, + 0x8a, 0xbc, 0xa5, 0x04, 0x9f, 0x87, 0xa1, 0xc2, 0x0a, 0x44, 0x1f, 0x47, 0xe5, 0xa4, 0xab, 0x05, + 0x40, 0x4f, 0x03, 0xd8, 0xb5, 0xb3, 0x87, 0x03, 0x88, 0x47, 0x47, 0x7a, 0xae, 0x7d, 0xcb, 0xbe, + 0xe0, 0xde, 0x77, 0xdd, 0x9d, 0x4e, 0xe9, 0xa4, 0x8e, 0xd9, 0xc9, 0xf2, 0x88, 0x3f, 0x02, 0xde, + 0x53, 0x2f, 0x89, 0x54, 0x42, 0x38, 0x7c, 0xb0, 0xce, 0x3b, 0x31, 0xbc, 0xd6, 0x1d, 0x1c, 0xba, + 0xda, 0xd6, 0x2b, 0x9e, 0x5f, 0xcf, 0x4e, 0xed, 0x6e, 0xc8, 0x56, 0x16, 0xf7, 0xf5, 0xf3, 0x92, + 0x42, 0xf7, 0xe9, 0x21, 0xca, 0xbf, 0xcd, 0xd2, 0x80, 0xcb, 0x87, 0xfb, 0x96, 0x56, 0x87, 0xf9, + 0x08, 0x89, 0xda, 0x43, 0xd7, 0xc4, 0x74, 0x6a, 0x58, 0x29, 0x83, 0x69, 0xb0, 0x8c, 0x5c, 0x5a, + 0xf5, 0x07, 0xda, 0xa0, 0xe7, 0x04, 0x00, 0x2f, 0x35, 0x61, 0x7c, 0x3a, 0xdd, 0xeb, 0xbc, 0x8b, + 0x15, 0x5f, 0xb7, 0xae, 0x76, 0x79, 0x4c, 0xdf, 0x43, 0x43, 0x50, 0xa4, 0x69, 0xa5, 0xf5, 0xd0, + 0xab, 0x0d, 0xb4, 0x01, 0x30, 0xa3, 0x56, 0x3d, 0xdb, 0x09, 0xea, 0xd6, 0xb6, 0xfe, 0xd9, 0x8c, + 0x5c, 0x44, 0x33, 0xd4, 0x77, 0xdb, 0x3d, 0xb7, 0x35, 0x12, 0xc6, 0xa0, 0x61, 0x6c, 0x01, 0x72, + 0x44, 0xe3, 0x99, 0x14, 0x10, 0x88, 0x90, 0x2e, 0xd2, 0xa9, 0x86, 0xc0, 0xf1, 0x13, 0x8f, 0x75, + 0xf9, 0xbe, 0x30, 0xba, 0x37, 0x92, 0x4d, 0xda, 0x7e, 0x18, 0x44, 0x8d, 0x5b, 0xa6, 0x34, 0xe2, + 0x8a, 0xe9, 0x69, 0x6a, 0x59, 0x87, 0x34, 0xa7, 0xd3, 0xa5, 0xc1, 0xb2, 0x0f, 0x2b, 0x95, 0xae, + 0xd0, 0x62, 0xe0, 0x7c, 0x8f, 0xe7, 0x90, 0x1c, 0xfd, 0xd0, 0x32, 0x15, 0x44, 0xdc, 0x61, 0x11, + 0x77, 0x6a, 0x59, 0x56, 0x09, 0x07, 0xae, 0x7a, 0xea, 0x67, 0x33, 0x25, 0x5b, 0x3d, 0x04, 0x56, + 0x7d, 0x2f, 0x73, 0x3b, 0xa6, 0x19, 0x01, 0x83, 0x99, 0x60, 0x42, 0x64, 0x29, 0xd6, 0xef, 0x06, + 0x67, 0x7a, 0xc2, 0xa1, 0x00, 0x31, 0x00 +}; + +static const uint8_t g_p7bUserCertTooLongSubjInfo[] = { + 0x30, 0x82, 0x10, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, + 0x82, 0x10, 0x09, 0x30, 0x82, 0x10, 0x05, 0x02, 0x01, 0x01, 0x31, 0x00, 0x30, 0x0b, 0x06, 0x09, + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x0f, 0xeb, 0x30, 0x82, 0x05, + 0xaf, 0x30, 0x82, 0x03, 0x97, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x0c, 0x7a, 0x28, 0xa2, + 0xf1, 0x43, 0x49, 0x49, 0xc4, 0x42, 0x03, 0x8b, 0xeb, 0x15, 0xf3, 0xfc, 0xf9, 0xc7, 0x91, 0xfb, + 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, + 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, 0x6e, 0x31, 0x0c, + 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, + 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, + 0x0b, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, + 0x03, 0x61, 0x61, 0x61, 0x31, 0x12, 0x30, 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x01, 0x09, 0x01, 0x16, 0x03, 0x61, 0x61, 0x61, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x35, 0x30, 0x34, + 0x32, 0x38, 0x30, 0x38, 0x30, 0x32, 0x35, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x35, 0x30, 0x34, 0x32, + 0x36, 0x30, 0x38, 0x30, 0x32, 0x35, 0x30, 0x5a, 0x30, 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, 0x6e, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x03, + 0x61, 0x61, 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x61, 0x61, + 0x61, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, + 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x03, 0x61, 0x61, 0x61, 0x31, 0x12, 0x30, + 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x03, 0x61, 0x61, + 0x61, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82, 0x02, 0x0a, 0x02, 0x82, 0x02, + 0x01, 0x00, 0xd7, 0x25, 0xfc, 0xef, 0x5f, 0xaf, 0xc1, 0x3e, 0x86, 0xbb, 0x90, 0x2d, 0xcc, 0x7a, + 0x2c, 0x27, 0xc3, 0x58, 0x78, 0x78, 0x53, 0x91, 0xfd, 0xe2, 0xa7, 0x97, 0x91, 0x10, 0xe1, 0x7e, + 0xa8, 0xf6, 0xbb, 0x67, 0x2b, 0xa9, 0xfa, 0x4d, 0x7c, 0x17, 0xb2, 0x8b, 0x23, 0xba, 0x6c, 0xbb, + 0xfe, 0x4c, 0x8c, 0x2e, 0x4b, 0x49, 0xd3, 0x34, 0x9f, 0x36, 0xe1, 0x04, 0x75, 0x28, 0x34, 0x02, + 0x9a, 0xda, 0x73, 0xb9, 0x1a, 0xab, 0xd3, 0x0f, 0x2d, 0x3f, 0x9d, 0x42, 0xb9, 0x39, 0x0d, 0xd0, + 0xfa, 0xd3, 0xdb, 0x9b, 0x6b, 0xc5, 0x6a, 0x86, 0xc4, 0x53, 0x05, 0x50, 0x91, 0x1a, 0xee, 0x25, + 0xd1, 0x9f, 0xcb, 0x38, 0xf7, 0x7a, 0x99, 0x7f, 0x7a, 0x67, 0x12, 0x66, 0x02, 0xbe, 0x6c, 0x9f, + 0x50, 0xa7, 0x70, 0x31, 0x42, 0x53, 0x68, 0xfc, 0x9c, 0xe9, 0x6d, 0x58, 0xbb, 0x8a, 0x4d, 0x44, + 0xf0, 0xa1, 0x20, 0x3c, 0x61, 0x7e, 0xad, 0x5e, 0xfc, 0x42, 0x70, 0xbc, 0xff, 0x23, 0xca, 0xbf, + 0xe6, 0x5f, 0xec, 0xb5, 0x20, 0x21, 0x9a, 0x42, 0x38, 0x0e, 0xd5, 0x83, 0x22, 0x7b, 0x6f, 0x23, + 0x33, 0x0a, 0x7f, 0x14, 0xf3, 0x07, 0x0f, 0xba, 0x6a, 0x29, 0x2f, 0xc8, 0x99, 0xec, 0x8f, 0xc3, + 0x0b, 0x8f, 0xf7, 0x3f, 0x9e, 0x42, 0xf7, 0x46, 0x66, 0x95, 0x49, 0x16, 0xbd, 0x02, 0xcf, 0x7c, + 0xf6, 0xb1, 0x1f, 0x9d, 0x59, 0x22, 0xc4, 0xf3, 0x08, 0xb3, 0xfc, 0x2a, 0x6b, 0x31, 0x29, 0xf5, + 0x00, 0x02, 0x20, 0xca, 0x08, 0x97, 0x9f, 0xd3, 0xe6, 0xab, 0x26, 0x29, 0x35, 0x48, 0x84, 0x99, + 0xd8, 0xdb, 0xef, 0xd9, 0x50, 0x95, 0xb3, 0x0c, 0xc4, 0x84, 0xab, 0x39, 0x4c, 0x0e, 0x50, 0x04, + 0x92, 0x97, 0xdf, 0x79, 0x41, 0x21, 0x5a, 0x8b, 0xcb, 0xce, 0x4d, 0x1d, 0xd6, 0x2f, 0x46, 0x1b, + 0x8b, 0x39, 0xcb, 0xe3, 0x3e, 0xcf, 0xb9, 0x60, 0xf4, 0xaf, 0x8b, 0xf7, 0xce, 0x7a, 0x94, 0x6d, + 0xe0, 0x8a, 0x13, 0xb3, 0xbc, 0xeb, 0x62, 0xe6, 0x93, 0x2b, 0x01, 0x01, 0xdd, 0xce, 0x1b, 0x3a, + 0xf2, 0xe9, 0x6b, 0x48, 0x96, 0x82, 0x4b, 0x38, 0x34, 0x0d, 0x6b, 0x8b, 0xe2, 0xc7, 0x66, 0x37, + 0x87, 0x74, 0x24, 0x4d, 0xa2, 0x00, 0x7a, 0x51, 0x55, 0x3a, 0xf5, 0x61, 0x91, 0xbb, 0x26, 0x43, + 0x33, 0xe2, 0xce, 0x7f, 0x80, 0x83, 0x89, 0xcd, 0x7c, 0xfd, 0x6a, 0xf6, 0x4c, 0xe8, 0xcc, 0x08, + 0x6e, 0xd2, 0xb3, 0x85, 0x92, 0x9d, 0x21, 0x6c, 0x6a, 0xb4, 0x82, 0xf6, 0x5d, 0xaa, 0xfc, 0x38, + 0x0e, 0x60, 0x4d, 0xeb, 0x7c, 0x21, 0xa2, 0xc8, 0x0c, 0x1c, 0xb5, 0xd5, 0x24, 0xaf, 0xa3, 0xaa, + 0xf8, 0x2b, 0x92, 0x34, 0xa4, 0xe5, 0x66, 0x83, 0xd8, 0x4b, 0x15, 0xac, 0x66, 0xf9, 0x06, 0xdb, + 0xc8, 0xa7, 0xe2, 0xcf, 0x7b, 0x7b, 0x82, 0x24, 0xfa, 0xd7, 0x04, 0xd5, 0xf2, 0xbe, 0x2d, 0x92, + 0xd0, 0xa9, 0x02, 0xd5, 0x88, 0xe5, 0x5c, 0xca, 0xe6, 0xaa, 0xfb, 0x38, 0xd1, 0x56, 0xf7, 0xe2, + 0x60, 0x9e, 0x84, 0xab, 0xc9, 0x60, 0x11, 0xb1, 0x3c, 0xf4, 0x9b, 0xd5, 0x2f, 0xf8, 0x2e, 0xe5, + 0xe4, 0x71, 0x8d, 0x13, 0x5f, 0x30, 0x55, 0xa2, 0x57, 0x35, 0x40, 0xb1, 0x0a, 0x65, 0x7a, 0x8c, + 0x4b, 0x22, 0x2e, 0xaa, 0x73, 0x97, 0x84, 0x8a, 0xd1, 0x57, 0x66, 0xdf, 0xfd, 0xe7, 0x9b, 0xe0, + 0x62, 0xa6, 0xc0, 0xa6, 0x50, 0xd7, 0x3a, 0x34, 0x78, 0x49, 0xf4, 0x8e, 0x79, 0xa1, 0x48, 0x6f, + 0xe4, 0x42, 0x9c, 0xff, 0x44, 0x6d, 0xe9, 0x25, 0x85, 0x66, 0xfc, 0x12, 0xf1, 0x11, 0xd9, 0x42, + 0xeb, 0x91, 0xb8, 0xdb, 0x68, 0x87, 0x81, 0x87, 0x34, 0x98, 0x79, 0x36, 0x35, 0x6a, 0x6c, 0xa3, + 0xbb, 0x83, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x1d, 0x06, 0x03, 0x55, + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, 0x57, 0xb9, 0x0a, 0x74, + 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, + 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, 0x57, 0xb9, 0x0a, + 0x74, 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x0f, 0x06, 0x03, 0x55, + 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, 0x00, + 0x0d, 0xe5, 0xbe, 0x47, 0x84, 0x34, 0x74, 0xf5, 0xe6, 0x8a, 0xbc, 0x24, 0x66, 0x3c, 0x30, 0xe3, + 0x8b, 0x61, 0x0d, 0xb1, 0x0f, 0x18, 0xec, 0xbb, 0xb9, 0x32, 0x42, 0x36, 0x03, 0x0e, 0x86, 0x18, + 0x1a, 0x73, 0xe4, 0x5a, 0xfa, 0xb9, 0x97, 0xfd, 0x40, 0xff, 0x54, 0xe4, 0x97, 0x2f, 0x47, 0x56, + 0x55, 0x50, 0xcd, 0x1e, 0xe4, 0x4e, 0x9d, 0x82, 0xc9, 0xb4, 0x47, 0x3a, 0x1b, 0xff, 0x1d, 0xcc, + 0xdb, 0xad, 0x28, 0xb1, 0x4e, 0x65, 0x51, 0x43, 0x7f, 0xf9, 0x4f, 0x27, 0xbc, 0x58, 0xe2, 0x59, + 0xcb, 0xa8, 0xa8, 0x00, 0x0f, 0xda, 0xef, 0x94, 0x06, 0x52, 0x10, 0x18, 0x71, 0xfb, 0x97, 0x41, + 0x88, 0x13, 0xb1, 0x89, 0xa5, 0x25, 0x40, 0xf7, 0x2c, 0x9c, 0x7d, 0xb9, 0x63, 0x0d, 0x64, 0x12, + 0x7a, 0xd5, 0x83, 0xa8, 0xcd, 0x49, 0xf5, 0xb3, 0x19, 0xb9, 0xac, 0x6f, 0xe5, 0xc1, 0x7d, 0xbb, + 0x85, 0xf8, 0x6c, 0x77, 0x4d, 0xc5, 0x0a, 0x81, 0xde, 0x8b, 0xfb, 0x7d, 0xfd, 0x9a, 0x57, 0x22, + 0xd3, 0xf3, 0xa9, 0xa6, 0xe4, 0x10, 0x0a, 0x57, 0x96, 0x92, 0xf8, 0x4c, 0x03, 0x7c, 0xff, 0xfd, + 0x16, 0x14, 0x6b, 0x01, 0xb9, 0xe6, 0xad, 0xaf, 0xa5, 0xe1, 0x1f, 0x23, 0xc0, 0xb1, 0xd8, 0x23, + 0x8d, 0x12, 0x82, 0x9d, 0x50, 0xe0, 0x71, 0xbe, 0x95, 0x87, 0x32, 0xf2, 0x6f, 0x3f, 0x5c, 0x4d, + 0x6f, 0x53, 0x2c, 0x5c, 0xa2, 0x48, 0xc4, 0x73, 0x3f, 0x67, 0x28, 0x11, 0x5b, 0xbf, 0x12, 0x9e, + 0xd8, 0xed, 0x42, 0xd5, 0x51, 0xea, 0xe2, 0x29, 0xd4, 0x90, 0xc6, 0x34, 0x00, 0xa3, 0x3a, 0xd3, + 0xc4, 0x16, 0x27, 0x66, 0x2d, 0xbb, 0xc0, 0x6f, 0xf4, 0x59, 0x3c, 0xab, 0xd9, 0xd0, 0xd9, 0xc7, + 0x0a, 0xb1, 0x39, 0xbb, 0x7e, 0xd1, 0x02, 0x27, 0x0a, 0x7e, 0x7a, 0x67, 0xd7, 0xf3, 0x0c, 0xb0, + 0x29, 0xcd, 0x97, 0x63, 0x84, 0x44, 0x97, 0x70, 0x33, 0x9e, 0xb0, 0x9a, 0x0e, 0x6a, 0xcb, 0xfe, + 0x25, 0x75, 0xe8, 0x72, 0x19, 0x81, 0xd7, 0x0c, 0xf6, 0xef, 0x09, 0xcc, 0x5a, 0xe1, 0xe0, 0xf6, + 0x7b, 0xa5, 0x6a, 0x41, 0x74, 0xc0, 0x84, 0xa7, 0x5a, 0x1f, 0x2d, 0x3f, 0x6e, 0xb0, 0xf8, 0x70, + 0x5e, 0x74, 0x8a, 0x5a, 0xc7, 0x79, 0x76, 0x27, 0x96, 0xda, 0x7a, 0xd7, 0x5c, 0x2a, 0x24, 0x0b, + 0xc3, 0x87, 0x4b, 0x6a, 0xe9, 0x31, 0x24, 0x23, 0xed, 0x9a, 0xee, 0xed, 0x9f, 0x96, 0x35, 0xb5, + 0xb5, 0x9b, 0xf0, 0xdd, 0xc0, 0x8f, 0xfb, 0x17, 0x29, 0xe5, 0xbe, 0x1d, 0x5d, 0x0f, 0x57, 0x12, + 0x31, 0xb7, 0x2c, 0x93, 0x49, 0x79, 0xd8, 0xff, 0x87, 0x97, 0x98, 0xe3, 0x6c, 0x25, 0x07, 0x66, + 0x40, 0xe8, 0xcd, 0xd8, 0x41, 0xcc, 0x01, 0x7e, 0x41, 0x17, 0x89, 0xeb, 0x1c, 0x5f, 0xba, 0x16, + 0x8e, 0xb4, 0xa9, 0x19, 0x98, 0xcb, 0x8f, 0xff, 0xc7, 0x6e, 0x72, 0x57, 0x5e, 0x7a, 0x50, 0xf7, + 0x13, 0x12, 0x00, 0x4c, 0x0f, 0xdc, 0x50, 0x31, 0x89, 0x26, 0xf7, 0x6c, 0x8f, 0xc5, 0x78, 0x19, + 0xd1, 0xb6, 0xef, 0x08, 0x9f, 0x0b, 0xf9, 0xf9, 0x88, 0x2a, 0x2e, 0x62, 0x3e, 0x11, 0xfb, 0xbe, + 0xee, 0xac, 0x30, 0x73, 0xed, 0xea, 0x8e, 0xc1, 0x91, 0x62, 0x9c, 0xd9, 0xec, 0xbf, 0xfc, 0xc0, + 0x7c, 0xe9, 0x52, 0x33, 0x19, 0xd6, 0x40, 0x93, 0x58, 0x02, 0x9a, 0x40, 0x48, 0x4a, 0xe6, 0xc2, + 0xe5, 0xab, 0x08, 0xd1, 0x59, 0xa8, 0xe7, 0x71, 0x0c, 0x37, 0x67, 0xe7, 0x6b, 0x70, 0xe8, 0x35, + 0x5f, 0x34, 0x33, 0x9e, 0xb6, 0x41, 0x01, 0xf5, 0xc0, 0x53, 0x20, 0x30, 0x20, 0x71, 0x0f, 0x54, + 0x3b, 0x3d, 0xac, 0x6b, 0x28, 0x75, 0x51, 0x18, 0x12, 0x26, 0x0c, 0x9e, 0x25, 0x49, 0xf8, 0x6e, + 0x30, 0x82, 0x05, 0xaf, 0x30, 0x82, 0x03, 0x97, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x07, + 0xe8, 0x71, 0x87, 0x40, 0xf6, 0x62, 0x07, 0x86, 0x97, 0xb0, 0xd1, 0xd2, 0xb7, 0x30, 0x41, 0x81, + 0xfc, 0xbd, 0xb8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, + 0x05, 0x00, 0x30, 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, + 0x6e, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, + 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, + 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, + 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x12, 0x30, 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, + 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x03, 0x62, 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x32, + 0x35, 0x30, 0x34, 0x32, 0x38, 0x30, 0x38, 0x30, 0x33, 0x31, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x35, + 0x30, 0x34, 0x32, 0x36, 0x30, 0x38, 0x30, 0x33, 0x31, 0x30, 0x5a, 0x30, 0x67, 0x31, 0x0b, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x63, 0x6e, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0c, 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, + 0x03, 0x62, 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x62, + 0x62, 0x62, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x03, 0x62, 0x62, 0x62, + 0x31, 0x12, 0x30, 0x10, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, + 0x03, 0x62, 0x62, 0x62, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, + 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0f, 0x00, 0x30, 0x82, 0x02, 0x0a, + 0x02, 0x82, 0x02, 0x01, 0x00, 0xd7, 0x25, 0xfc, 0xef, 0x5f, 0xaf, 0xc1, 0x3e, 0x86, 0xbb, 0x90, + 0x2d, 0xcc, 0x7a, 0x2c, 0x27, 0xc3, 0x58, 0x78, 0x78, 0x53, 0x91, 0xfd, 0xe2, 0xa7, 0x97, 0x91, + 0x10, 0xe1, 0x7e, 0xa8, 0xf6, 0xbb, 0x67, 0x2b, 0xa9, 0xfa, 0x4d, 0x7c, 0x17, 0xb2, 0x8b, 0x23, + 0xba, 0x6c, 0xbb, 0xfe, 0x4c, 0x8c, 0x2e, 0x4b, 0x49, 0xd3, 0x34, 0x9f, 0x36, 0xe1, 0x04, 0x75, + 0x28, 0x34, 0x02, 0x9a, 0xda, 0x73, 0xb9, 0x1a, 0xab, 0xd3, 0x0f, 0x2d, 0x3f, 0x9d, 0x42, 0xb9, + 0x39, 0x0d, 0xd0, 0xfa, 0xd3, 0xdb, 0x9b, 0x6b, 0xc5, 0x6a, 0x86, 0xc4, 0x53, 0x05, 0x50, 0x91, + 0x1a, 0xee, 0x25, 0xd1, 0x9f, 0xcb, 0x38, 0xf7, 0x7a, 0x99, 0x7f, 0x7a, 0x67, 0x12, 0x66, 0x02, + 0xbe, 0x6c, 0x9f, 0x50, 0xa7, 0x70, 0x31, 0x42, 0x53, 0x68, 0xfc, 0x9c, 0xe9, 0x6d, 0x58, 0xbb, + 0x8a, 0x4d, 0x44, 0xf0, 0xa1, 0x20, 0x3c, 0x61, 0x7e, 0xad, 0x5e, 0xfc, 0x42, 0x70, 0xbc, 0xff, + 0x23, 0xca, 0xbf, 0xe6, 0x5f, 0xec, 0xb5, 0x20, 0x21, 0x9a, 0x42, 0x38, 0x0e, 0xd5, 0x83, 0x22, + 0x7b, 0x6f, 0x23, 0x33, 0x0a, 0x7f, 0x14, 0xf3, 0x07, 0x0f, 0xba, 0x6a, 0x29, 0x2f, 0xc8, 0x99, + 0xec, 0x8f, 0xc3, 0x0b, 0x8f, 0xf7, 0x3f, 0x9e, 0x42, 0xf7, 0x46, 0x66, 0x95, 0x49, 0x16, 0xbd, + 0x02, 0xcf, 0x7c, 0xf6, 0xb1, 0x1f, 0x9d, 0x59, 0x22, 0xc4, 0xf3, 0x08, 0xb3, 0xfc, 0x2a, 0x6b, + 0x31, 0x29, 0xf5, 0x00, 0x02, 0x20, 0xca, 0x08, 0x97, 0x9f, 0xd3, 0xe6, 0xab, 0x26, 0x29, 0x35, + 0x48, 0x84, 0x99, 0xd8, 0xdb, 0xef, 0xd9, 0x50, 0x95, 0xb3, 0x0c, 0xc4, 0x84, 0xab, 0x39, 0x4c, + 0x0e, 0x50, 0x04, 0x92, 0x97, 0xdf, 0x79, 0x41, 0x21, 0x5a, 0x8b, 0xcb, 0xce, 0x4d, 0x1d, 0xd6, + 0x2f, 0x46, 0x1b, 0x8b, 0x39, 0xcb, 0xe3, 0x3e, 0xcf, 0xb9, 0x60, 0xf4, 0xaf, 0x8b, 0xf7, 0xce, + 0x7a, 0x94, 0x6d, 0xe0, 0x8a, 0x13, 0xb3, 0xbc, 0xeb, 0x62, 0xe6, 0x93, 0x2b, 0x01, 0x01, 0xdd, + 0xce, 0x1b, 0x3a, 0xf2, 0xe9, 0x6b, 0x48, 0x96, 0x82, 0x4b, 0x38, 0x34, 0x0d, 0x6b, 0x8b, 0xe2, + 0xc7, 0x66, 0x37, 0x87, 0x74, 0x24, 0x4d, 0xa2, 0x00, 0x7a, 0x51, 0x55, 0x3a, 0xf5, 0x61, 0x91, + 0xbb, 0x26, 0x43, 0x33, 0xe2, 0xce, 0x7f, 0x80, 0x83, 0x89, 0xcd, 0x7c, 0xfd, 0x6a, 0xf6, 0x4c, + 0xe8, 0xcc, 0x08, 0x6e, 0xd2, 0xb3, 0x85, 0x92, 0x9d, 0x21, 0x6c, 0x6a, 0xb4, 0x82, 0xf6, 0x5d, + 0xaa, 0xfc, 0x38, 0x0e, 0x60, 0x4d, 0xeb, 0x7c, 0x21, 0xa2, 0xc8, 0x0c, 0x1c, 0xb5, 0xd5, 0x24, + 0xaf, 0xa3, 0xaa, 0xf8, 0x2b, 0x92, 0x34, 0xa4, 0xe5, 0x66, 0x83, 0xd8, 0x4b, 0x15, 0xac, 0x66, + 0xf9, 0x06, 0xdb, 0xc8, 0xa7, 0xe2, 0xcf, 0x7b, 0x7b, 0x82, 0x24, 0xfa, 0xd7, 0x04, 0xd5, 0xf2, + 0xbe, 0x2d, 0x92, 0xd0, 0xa9, 0x02, 0xd5, 0x88, 0xe5, 0x5c, 0xca, 0xe6, 0xaa, 0xfb, 0x38, 0xd1, + 0x56, 0xf7, 0xe2, 0x60, 0x9e, 0x84, 0xab, 0xc9, 0x60, 0x11, 0xb1, 0x3c, 0xf4, 0x9b, 0xd5, 0x2f, + 0xf8, 0x2e, 0xe5, 0xe4, 0x71, 0x8d, 0x13, 0x5f, 0x30, 0x55, 0xa2, 0x57, 0x35, 0x40, 0xb1, 0x0a, + 0x65, 0x7a, 0x8c, 0x4b, 0x22, 0x2e, 0xaa, 0x73, 0x97, 0x84, 0x8a, 0xd1, 0x57, 0x66, 0xdf, 0xfd, + 0xe7, 0x9b, 0xe0, 0x62, 0xa6, 0xc0, 0xa6, 0x50, 0xd7, 0x3a, 0x34, 0x78, 0x49, 0xf4, 0x8e, 0x79, + 0xa1, 0x48, 0x6f, 0xe4, 0x42, 0x9c, 0xff, 0x44, 0x6d, 0xe9, 0x25, 0x85, 0x66, 0xfc, 0x12, 0xf1, + 0x11, 0xd9, 0x42, 0xeb, 0x91, 0xb8, 0xdb, 0x68, 0x87, 0x81, 0x87, 0x34, 0x98, 0x79, 0x36, 0x35, + 0x6a, 0x6c, 0xa3, 0xbb, 0x83, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x1d, + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, 0x57, + 0xb9, 0x0a, 0x74, 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x1f, 0x06, + 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x20, 0x56, 0x84, 0xa9, 0x4a, 0x45, + 0x57, 0xb9, 0x0a, 0x74, 0x12, 0xea, 0x66, 0xba, 0x6b, 0xcc, 0xa4, 0xe8, 0xe0, 0xbe, 0x30, 0x0f, + 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, + 0x02, 0x01, 0x00, 0x13, 0x11, 0x48, 0xce, 0x68, 0x7f, 0xb8, 0x7f, 0x99, 0x07, 0x8b, 0x6e, 0x93, + 0xd8, 0xe0, 0x11, 0x37, 0x2c, 0xe4, 0x5e, 0xc3, 0x88, 0xba, 0x5d, 0x42, 0x68, 0x5a, 0x2d, 0x08, + 0x37, 0xef, 0xad, 0x85, 0x61, 0x49, 0x0e, 0xb4, 0xe5, 0xd9, 0xb7, 0x3f, 0xe4, 0xae, 0x54, 0xbe, + 0xae, 0x71, 0xdf, 0xe7, 0xf1, 0xf3, 0xc0, 0x2e, 0x3b, 0x0d, 0xb8, 0xe3, 0x08, 0xf3, 0x32, 0x52, + 0x42, 0x5b, 0x7a, 0x61, 0x52, 0xda, 0xf4, 0x88, 0x14, 0x5c, 0xbc, 0xe4, 0xd6, 0xc0, 0x61, 0x7d, + 0x7c, 0x97, 0x3b, 0x62, 0x50, 0xa1, 0x56, 0x2a, 0x15, 0xa3, 0xe7, 0xe2, 0x04, 0x22, 0xa0, 0x95, + 0xd5, 0x5c, 0x2b, 0x9f, 0xe0, 0xf6, 0xf2, 0xc6, 0x8f, 0x52, 0x62, 0xa7, 0x0a, 0x4c, 0xfb, 0x07, + 0x71, 0xb3, 0xbf, 0xae, 0xf6, 0xf5, 0x9b, 0x67, 0x97, 0x8b, 0xb2, 0x8c, 0xf3, 0xdf, 0x25, 0x33, + 0x42, 0x3b, 0x95, 0xb3, 0xc2, 0xd3, 0x75, 0x4d, 0xb2, 0xf1, 0x21, 0xfc, 0x79, 0x9f, 0x4a, 0xf6, + 0xef, 0xf7, 0x24, 0xf6, 0xda, 0x62, 0x03, 0xf4, 0x06, 0x65, 0xd4, 0x4c, 0xc4, 0xbb, 0x4a, 0x2a, + 0xa0, 0x5b, 0x92, 0xbf, 0xe3, 0x0e, 0x2a, 0xbf, 0x9c, 0x4f, 0x3e, 0xf6, 0x34, 0x2f, 0x5b, 0x08, + 0x87, 0x92, 0x45, 0x53, 0xcf, 0xb5, 0x2d, 0x71, 0xa9, 0x92, 0xfc, 0xe3, 0x44, 0x95, 0x74, 0x22, + 0x99, 0xea, 0x55, 0x6d, 0xe1, 0xa9, 0x21, 0x2a, 0x40, 0x8f, 0x7d, 0x9f, 0xcd, 0x58, 0xc7, 0x48, + 0x3d, 0x30, 0x00, 0x65, 0x6d, 0xd6, 0x61, 0x7f, 0x38, 0xf0, 0x61, 0x73, 0xdf, 0x1f, 0x3d, 0x5f, + 0x34, 0x81, 0x01, 0xff, 0xb0, 0xc6, 0x6f, 0xeb, 0x2d, 0x80, 0xe8, 0x89, 0xef, 0x43, 0x34, 0x5e, + 0x8a, 0xbc, 0xa5, 0x04, 0x9f, 0x87, 0xa1, 0xc2, 0x0a, 0x44, 0x1f, 0x47, 0xe5, 0xa4, 0xab, 0x05, + 0x40, 0x4f, 0x03, 0xd8, 0xb5, 0xb3, 0x87, 0x03, 0x88, 0x47, 0x47, 0x7a, 0xae, 0x7d, 0xcb, 0xbe, + 0xe0, 0xde, 0x77, 0xdd, 0x9d, 0x4e, 0xe9, 0xa4, 0x8e, 0xd9, 0xc9, 0xf2, 0x88, 0x3f, 0x02, 0xde, + 0x53, 0x2f, 0x89, 0x54, 0x42, 0x38, 0x7c, 0xb0, 0xce, 0x3b, 0x31, 0xbc, 0xd6, 0x1d, 0x1c, 0xba, + 0xda, 0xd6, 0x2b, 0x9e, 0x5f, 0xcf, 0x4e, 0xed, 0x6e, 0xc8, 0x56, 0x16, 0xf7, 0xf5, 0xf3, 0x92, + 0x42, 0xf7, 0xe9, 0x21, 0xca, 0xbf, 0xcd, 0xd2, 0x80, 0xcb, 0x87, 0xfb, 0x96, 0x56, 0x87, 0xf9, + 0x08, 0x89, 0xda, 0x43, 0xd7, 0xc4, 0x74, 0x6a, 0x58, 0x29, 0x83, 0x69, 0xb0, 0x8c, 0x5c, 0x5a, + 0xf5, 0x07, 0xda, 0xa0, 0xe7, 0x04, 0x00, 0x2f, 0x35, 0x61, 0x7c, 0x3a, 0xdd, 0xeb, 0xbc, 0x8b, + 0x15, 0x5f, 0xb7, 0xae, 0x76, 0x79, 0x4c, 0xdf, 0x43, 0x43, 0x50, 0xa4, 0x69, 0xa5, 0xf5, 0xd0, + 0xab, 0x0d, 0xb4, 0x01, 0x30, 0xa3, 0x56, 0x3d, 0xdb, 0x09, 0xea, 0xd6, 0xb6, 0xfe, 0xd9, 0x8c, + 0x5c, 0x44, 0x33, 0xd4, 0x77, 0xdb, 0x3d, 0xb7, 0x35, 0x12, 0xc6, 0xa0, 0x61, 0x6c, 0x01, 0x72, + 0x44, 0xe3, 0x99, 0x14, 0x10, 0x88, 0x90, 0x2e, 0xd2, 0xa9, 0x86, 0xc0, 0xf1, 0x13, 0x8f, 0x75, + 0xf9, 0xbe, 0x30, 0xba, 0x37, 0x92, 0x4d, 0xda, 0x7e, 0x18, 0x44, 0x8d, 0x5b, 0xa6, 0x34, 0xe2, + 0x8a, 0xe9, 0x69, 0x6a, 0x59, 0x87, 0x34, 0xa7, 0xd3, 0xa5, 0xc1, 0xb2, 0x0f, 0x2b, 0x95, 0xae, + 0xd0, 0x62, 0xe0, 0x7c, 0x8f, 0xe7, 0x90, 0x1c, 0xfd, 0xd0, 0x32, 0x15, 0x44, 0xdc, 0x61, 0x11, + 0x77, 0x6a, 0x59, 0x56, 0x09, 0x07, 0xae, 0x7a, 0xea, 0x67, 0x33, 0x25, 0x5b, 0x3d, 0x04, 0x56, + 0x7d, 0x2f, 0x73, 0x3b, 0xa6, 0x19, 0x01, 0x83, 0x99, 0x60, 0x42, 0x64, 0x29, 0xd6, 0xef, 0x06, + 0x67, 0x7a, 0xc2, 0x30, 0x82, 0x04, 0x81, 0x30, 0x82, 0x03, 0x69, 0x02, 0x06, 0x01, 0x72, 0xa7, + 0x26, 0x3a, 0xc0, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, + 0x05, 0x00, 0x30, 0x82, 0x01, 0x02, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x43, 0x4e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x02, 0x41, 0x41, + 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x02, 0x41, 0x41, 0x31, 0x0b, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x41, 0x41, 0x31, 0x81, 0xcb, 0x30, 0x81, 0xc8, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x81, 0xc0, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, + 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, + 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, + 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, + 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, + 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, + 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, + 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, + 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, + 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, + 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, + 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, + 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x35, 0x30, 0x35, + 0x31, 0x31, 0x30, 0x37, 0x34, 0x37, 0x34, 0x39, 0x5a, 0x17, 0x0d, 0x33, 0x35, 0x30, 0x35, 0x30, + 0x39, 0x30, 0x37, 0x34, 0x37, 0x34, 0x39, 0x5a, 0x30, 0x82, 0x01, 0x02, 0x31, 0x0b, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0c, 0x02, 0x41, 0x41, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, + 0x02, 0x41, 0x41, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x41, 0x41, + 0x31, 0x81, 0xcb, 0x30, 0x81, 0xc8, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x81, 0xc0, 0xe6, 0xb5, + 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, + 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, + 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, + 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, + 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, + 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, + 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, + 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, + 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, + 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, + 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, + 0xb9, 0xa6, 0xe6, 0xb5, 0x8b, 0xe8, 0xaf, 0x95, 0xe8, 0xaf, 0x81, 0xe4, 0xb9, 0xa6, 0x30, 0x82, + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, + 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xdb, + 0xbd, 0x03, 0xd2, 0x78, 0xf1, 0x00, 0x60, 0x1b, 0x7e, 0x59, 0xa9, 0x80, 0x68, 0x90, 0x5b, 0xd7, + 0x42, 0xd5, 0x61, 0x5a, 0x79, 0x73, 0xd4, 0xc0, 0x4e, 0x09, 0xc3, 0x02, 0xcf, 0x1e, 0xbe, 0xfc, + 0x8e, 0xb1, 0x8e, 0x72, 0x66, 0x00, 0xfd, 0x0a, 0x53, 0xc9, 0x9f, 0xab, 0x0a, 0xc0, 0x54, 0x68, + 0x97, 0x5f, 0xf1, 0x0d, 0x04, 0xcc, 0x3d, 0x20, 0x24, 0x16, 0x07, 0x01, 0xf0, 0x2d, 0x6d, 0x4e, + 0xcf, 0xdb, 0x34, 0x07, 0x3d, 0xd4, 0x1d, 0x26, 0xd6, 0xd4, 0xfb, 0x57, 0xe7, 0xc3, 0x0d, 0x63, + 0x62, 0xd2, 0x26, 0x65, 0xc1, 0x60, 0x57, 0x17, 0x7f, 0xdd, 0x6d, 0xaf, 0x7b, 0x69, 0x81, 0x1f, + 0x04, 0xc1, 0x9e, 0x58, 0x77, 0xa7, 0x89, 0x85, 0xad, 0x83, 0x3f, 0xed, 0x68, 0x2c, 0x24, 0xaf, + 0x87, 0x65, 0x75, 0xf4, 0xa5, 0x75, 0x04, 0xd4, 0x8d, 0x3d, 0x08, 0xb0, 0xa1, 0x75, 0x60, 0xb9, + 0xc3, 0x9b, 0x31, 0x45, 0xec, 0x9b, 0x63, 0x07, 0xb1, 0x80, 0x1a, 0xe1, 0x30, 0x10, 0x00, 0x86, + 0xcd, 0x24, 0x81, 0x8b, 0xf4, 0x9d, 0xa9, 0x53, 0xfd, 0xd9, 0x34, 0x50, 0x66, 0x06, 0x1d, 0x97, + 0xbb, 0x75, 0x16, 0xbf, 0xfe, 0x7c, 0xb1, 0x55, 0x6d, 0x41, 0x2b, 0x71, 0x00, 0x50, 0x17, 0x36, + 0xe7, 0x56, 0xd3, 0x5e, 0xcf, 0xa5, 0x0c, 0xd9, 0x14, 0xf3, 0x3a, 0x46, 0xe1, 0xbe, 0xb6, 0x17, + 0xe1, 0x67, 0xcb, 0x8b, 0x73, 0x94, 0x7f, 0x46, 0xc3, 0x96, 0xbf, 0x18, 0x21, 0xfb, 0x6d, 0x3c, + 0x70, 0xfe, 0x73, 0xf2, 0xcb, 0x6c, 0xdb, 0xa6, 0x89, 0x5f, 0xe7, 0x14, 0xe1, 0xa3, 0x74, 0x4f, + 0x1d, 0xec, 0x5a, 0xce, 0x09, 0x97, 0x09, 0x45, 0xb8, 0xc4, 0xef, 0x06, 0xf3, 0xb0, 0x77, 0x72, + 0x4e, 0x09, 0x96, 0x90, 0xbb, 0x35, 0x78, 0x2a, 0x16, 0x43, 0x81, 0xad, 0x7f, 0xb2, 0x95, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, + 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x65, 0x62, 0x0d, 0xdf, 0x87, 0x17, 0xed, 0x12, + 0x31, 0x4b, 0x9b, 0x56, 0x14, 0xb5, 0x1e, 0xbf, 0x1b, 0x3e, 0xab, 0x9f, 0x51, 0xc0, 0xec, 0x9b, + 0xdd, 0x84, 0xb9, 0x81, 0x86, 0x1f, 0xf7, 0x1e, 0x87, 0x2b, 0x73, 0x39, 0x45, 0x7d, 0x95, 0x9b, + 0x44, 0xfb, 0x7a, 0xb2, 0x2c, 0x44, 0x87, 0x4e, 0xa8, 0x90, 0x8a, 0x29, 0x99, 0xa3, 0x9c, 0x6e, + 0xf0, 0xac, 0x8c, 0x07, 0xa8, 0x78, 0x3a, 0x8c, 0xdf, 0x78, 0x09, 0x3c, 0x5f, 0x63, 0xca, 0x19, + 0xa3, 0x35, 0x34, 0xa7, 0xcb, 0xbe, 0x0d, 0x59, 0x40, 0x99, 0x3a, 0xd3, 0x10, 0x3a, 0x94, 0x2d, + 0x02, 0xd1, 0x68, 0xf7, 0x11, 0x55, 0x95, 0x7f, 0xd9, 0xe2, 0xcf, 0x97, 0x1e, 0x50, 0xad, 0xb6, + 0xa2, 0xa4, 0x6c, 0xe7, 0x36, 0x2f, 0xc5, 0x65, 0x17, 0xd1, 0x21, 0xd1, 0xf7, 0x0f, 0x8a, 0xc3, + 0x13, 0xc6, 0xe5, 0x14, 0x25, 0x26, 0xd8, 0x6e, 0xfc, 0x90, 0x3b, 0x10, 0xdf, 0x22, 0x06, 0x4f, + 0x60, 0x27, 0x9d, 0x8d, 0xdb, 0x9e, 0xab, 0xd1, 0xd8, 0x53, 0xaf, 0xa2, 0xf4, 0xba, 0x11, 0x76, + 0x38, 0xcb, 0xde, 0x83, 0x4d, 0x17, 0x77, 0x27, 0x30, 0x11, 0x78, 0x0d, 0xd1, 0x86, 0x64, 0xdd, + 0x5b, 0x58, 0x6c, 0x23, 0xf6, 0x52, 0x98, 0xb7, 0xbe, 0x9e, 0x2a, 0x68, 0x5b, 0xbe, 0x74, 0x24, + 0x00, 0x39, 0x30, 0x06, 0x3f, 0xc3, 0x51, 0x67, 0xb5, 0xa8, 0x10, 0x60, 0xcd, 0x7b, 0xcc, 0xb3, + 0x3f, 0xa0, 0x88, 0x82, 0x5a, 0x42, 0x26, 0x56, 0x5a, 0x65, 0x88, 0x23, 0x53, 0x8f, 0x2a, 0x69, + 0x15, 0x95, 0x50, 0x06, 0x17, 0x4b, 0x92, 0x98, 0xae, 0xe5, 0xef, 0x5d, 0x65, 0x20, 0xfc, 0x3e, + 0x6d, 0x56, 0xa0, 0x21, 0xe9, 0x6a, 0x6c, 0xb7, 0xc6, 0x6b, 0x86, 0xad, 0xf8, 0xd8, 0x72, 0xfd, + 0xe6, 0x92, 0xae, 0xdf, 0x5f, 0x8d, 0x3e, 0xf2, 0xa1, 0x00, 0x31, 0x00 +}; + +static const struct CmBlob g_p7bUserCert = { sizeof(g_p7bUserCertInfo), const_cast(g_p7bUserCertInfo) }; +static const struct CmBlob g_p7bUserCertTooLongSubj = { + sizeof(g_p7bUserCertTooLongSubjInfo), + const_cast(g_p7bUserCertTooLongSubjInfo) +}; + +#endif /* CM_CERT_DATA_ECC_H */ \ No newline at end of file diff --git a/test/unittest/src/cm_user_cert_test.cpp b/test/unittest/src/cm_user_cert_test.cpp index 92f7442..e2b97cb 100755 --- a/test/unittest/src/cm_user_cert_test.cpp +++ b/test/unittest/src/cm_user_cert_test.cpp @@ -20,6 +20,7 @@ #include "cm_log.h" #include "cm_mem.h" #include "cm_cert_data_user.h" +#include "cm_cert_data_p7b.h" using namespace testing::ext; using namespace CertmanagerTest; @@ -774,6 +775,82 @@ HWTEST_F(CmUserCertTest, InstallUserCertTest026, TestSize.Level0) EXPECT_EQ(ret, CM_SUCCESS) << "Normal uninstall user ca cert test failed, recode:" << ret; } +/** + * @tc.name: InstallUserCertTest027 + * @tc.desc: Test CertManager Install user p7b cert interface function + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmUserCertTest, InstallUserCertTest027, TestSize.Level0) +{ + int32_t ret; + struct CertUriList certUriList = { 0, nullptr }; + + char aliasBuf[] = ""; + struct CmBlob alias027 = { strlen(aliasBuf) + 1, reinterpret_cast(aliasBuf) }; + + struct CmInstallCertInfo installCertInfo = { + .userCert = &g_p7bUserCert, + .certAlias = &alias027, + .userId = TEST_USERID + }; + + ret = CmInstallUserTrustedP7BCert(&installCertInfo, true, &certUriList); + EXPECT_EQ(ret, CM_SUCCESS) << "install p7b user ca cert test failed, recode:" << ret; + EXPECT_EQ(certUriList.certCount == 2, true) << "install p7b user ca cert test failed, certUriList.certCount != 2"; + CM_FREE_PTR(certUriList.uriList); +} + +/** + * @tc.name: InstallUserCertTest028 + * @tc.desc: Test CertManager Install user p7b cert interface function + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmUserCertTest, InstallUserCertTest028, TestSize.Level0) +{ + int32_t ret; + struct CertUriList certUriList = { 0, nullptr }; + + char aliasBuf[] = ""; + struct CmBlob alias028 = { strlen(aliasBuf) + 1, reinterpret_cast(aliasBuf) }; + + struct CmInstallCertInfo installCertInfo = { + .userCert = &userCert[0], + .certAlias = &alias028, + .userId = TEST_USERID + }; + + ret = CmInstallUserTrustedP7BCert(&installCertInfo, true, &certUriList); + EXPECT_EQ(ret, CMR_ERROR_INVALID_CERT_FORMAT) << "install p7b user ca cert test failed, recode:" << ret; + CM_FREE_PTR(certUriList.uriList); +} + +/** + * @tc.name: InstallUserCertTest029 + * @tc.desc: Test CertManager Install user p7b cert interface function + * @tc.type: FUNC + * @tc.require: AR000H0MJ8 /SR000H09N7 + */ +HWTEST_F(CmUserCertTest, InstallUserCertTest029, TestSize.Level0) +{ + int32_t ret; + struct CertUriList certUriList = { 0, nullptr }; + + char aliasBuf[] = ""; + struct CmBlob alias029 = { strlen(aliasBuf) + 1, reinterpret_cast(aliasBuf) }; + + struct CmInstallCertInfo installCertInfo = { + .userCert = &g_p7bUserCertTooLongSubj, + .certAlias = &alias029, + .userId = TEST_USERID + }; + + ret = CmInstallUserTrustedP7BCert(&installCertInfo, true, &certUriList); + EXPECT_EQ(ret, CMR_ERROR_BUFFER_TOO_SMALL) << "install p7b user ca cert test failed, recode:" << ret; + CM_FREE_PTR(certUriList.uriList); +} + /** * @tc.name: UninstallUserCertTest001 * @tc.desc: Test CertManager Uninstall user cert interface base function -- Gitee