]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/regressions/kc-18-find-combined.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.51.3.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / regressions / kc-18-find-combined.c
1 /*
2 * Copyright (c) 2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the xLicense.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // Tests the ability of SecItemCopyMatching to replace the following
26 // deprecated keychain search functions:
27 //
28 // - SecKeychainSearchCreateFromAttributes +
29 // SecKeychainSearchCopyNext [for keys, certificates, passwords]
30 //
31 // - SecIdentitySearchCreate (or SecIdentitySearchCreateWithPolicy) +
32 // SecIdentitySearchCopyNext [for identities]
33 //
34 //
35 // This tool incidentally tests other Security API functions, including:
36 // - SecItemAdd
37 // - SecItemImport
38 // - SecItemDelete
39 // - SecKeyGenerateSymmetric
40 //
41
42 #include <CoreFoundation/CoreFoundation.h>
43 #include <CoreServices/CoreServices.h>
44 #include <Security/Security.h>
45 #include <Security/SecKey.h>
46 #include <Security/SecPolicyPriv.h>
47
48 #include <stdlib.h>
49 #include <string.h>
50 #include <syslog.h>
51 #include <unistd.h>
52 #include <time.h>
53 #include <sys/param.h>
54 #include "test/testenv.h"
55 #include "utilities/SecCFRelease.h"
56
57 #include "keychain_regressions.h"
58 #include "kc-helpers.h"
59
60 /* Following is a 3-element certificate chain
61 * (ROOT_CERT, INTERMEDIATE_CERT, LEAF_CERT)
62 */
63 unsigned char ROOT_CERT[985]={
64 0x30,0x82,0x03,0xD5,0x30,0x82,0x02,0xBD,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x01,
65 0x30,0x0B,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x30,0x81,0x9D,
66 0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,
67 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x52,0x4F,0x4F,0x54,0x31,0x0E,0x30,0x0C,
68 0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,
69 0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,
70 0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,
71 0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,
72 0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,
73 0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,
74 0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,
75 0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x1E,0x17,
76 0x0D,0x30,0x39,0x31,0x32,0x31,0x38,0x31,0x37,0x32,0x39,0x32,0x33,0x5A,0x17,0x0D,
77 0x31,0x30,0x31,0x32,0x31,0x38,0x31,0x37,0x32,0x39,0x32,0x33,0x5A,0x30,0x81,0x9D,
78 0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,
79 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x52,0x4F,0x4F,0x54,0x31,0x0E,0x30,0x0C,
80 0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,
81 0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,
82 0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,
83 0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,
84 0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,
85 0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,
86 0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,
87 0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,
88 0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,
89 0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xB0,0x4C,
90 0x94,0xF7,0x56,0x26,0x91,0xB8,0xD1,0x5B,0x7C,0xEE,0x74,0xCB,0x1F,0x43,0xFE,0x88,
91 0x24,0xAD,0xB0,0x1E,0x85,0x86,0xE9,0x3F,0xE7,0x74,0x40,0x6C,0x4A,0x8E,0x6B,0x50,
92 0x7A,0x1B,0x43,0x9A,0x9E,0xF4,0x81,0xB3,0xF1,0xDB,0x6E,0xD4,0xFA,0xAE,0x06,0xCB,
93 0x7F,0xE6,0xCA,0x06,0x06,0xC4,0x1E,0x2D,0xF3,0xFA,0x67,0xD6,0x95,0x0E,0xAC,0xCA,
94 0x2B,0x25,0x14,0x4C,0x20,0x04,0xB4,0x26,0xAC,0x15,0x62,0x15,0xA6,0x21,0x14,0x51,
95 0xCC,0x77,0x82,0x11,0xD0,0xF8,0xB0,0x06,0xC1,0x0F,0xFB,0x08,0x60,0x53,0x11,0x1F,
96 0x00,0xA8,0x27,0x0E,0x2C,0x2C,0x63,0x34,0x6A,0xC5,0x4B,0x2D,0xCC,0x07,0xF6,0x39,
97 0xDC,0x00,0xCF,0x6E,0x29,0x15,0x3E,0x3F,0x6C,0x89,0xB9,0x48,0x97,0x19,0xA2,0xB8,
98 0x44,0x8D,0x98,0x85,0xF4,0x0B,0x70,0x06,0xD6,0x9A,0x39,0x4F,0x44,0x92,0x73,0x74,
99 0xDF,0x46,0x10,0x9C,0xB5,0xBB,0x69,0xF4,0xE1,0xB5,0x61,0x2E,0xFF,0x92,0xDB,0x47,
100 0x93,0x48,0x45,0xEB,0x7E,0xFA,0xCC,0xDB,0xCE,0x50,0x0A,0xCA,0xAF,0xAB,0x7D,0x09,
101 0x9A,0x1E,0xC4,0x08,0xA1,0xD4,0xB9,0x2A,0x42,0x49,0x10,0x75,0x63,0x4E,0x51,0x3B,
102 0xF7,0xF4,0xCA,0xCB,0x05,0xC9,0xE0,0xC9,0xD3,0x04,0x14,0x81,0xF6,0x9A,0xEE,0x0C,
103 0x2B,0x56,0x87,0x20,0x50,0x27,0x14,0x71,0x1C,0x30,0x18,0x8C,0xDD,0xF4,0xA9,0x41,
104 0x13,0x6D,0xE4,0x41,0xB1,0xE0,0x7E,0x09,0xD7,0x99,0xCE,0xE4,0x7A,0x91,0x65,0xBB,
105 0x3F,0xE1,0xD4,0x07,0x8D,0xA9,0x23,0x0A,0xA4,0x80,0x47,0x58,0xD5,0x25,0x02,0x03,
106 0x01,0x00,0x01,0xA3,0x20,0x30,0x1E,0x30,0x0F,0x06,0x03,0x55,0x1D,0x13,0x01,0x01,
107 0xFF,0x04,0x05,0x30,0x03,0x01,0x01,0xFF,0x30,0x0B,0x06,0x03,0x55,0x1D,0x0F,0x04,
108 0x04,0x03,0x02,0x02,0x84,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,
109 0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x38,0x44,0x10,0xF4,0x24,0x4A,0xAA,
110 0x9F,0x0D,0x37,0x5E,0x75,0xB7,0xF5,0xC5,0x27,0x19,0x57,0xE5,0x25,0x4A,0x44,0x03,
111 0x5F,0x2E,0xD4,0x70,0x69,0xDD,0x55,0xDB,0x47,0x07,0x06,0x3E,0x5D,0xA4,0xBB,0x64,
112 0xE2,0xA6,0x09,0x8B,0x6D,0x0B,0x50,0x33,0x5A,0x92,0x5A,0x5B,0xDF,0x6A,0x9F,0x81,
113 0x5F,0x17,0x95,0xB0,0xC6,0xC3,0xCD,0x6D,0x17,0xDD,0x83,0xC1,0xA5,0xB7,0xCD,0xFF,
114 0xE8,0x13,0x10,0x35,0x85,0x3E,0xCA,0xE4,0xF5,0x22,0x58,0x1E,0x68,0x14,0x62,0x35,
115 0xE4,0x65,0xB4,0xD3,0x42,0x5A,0x03,0x5C,0x2D,0x76,0xD5,0x9B,0xAA,0xCB,0x3A,0xAC,
116 0x55,0x58,0xAD,0x67,0x30,0xDC,0xC3,0xA7,0xA9,0x37,0xBB,0x61,0xA2,0xEA,0x6E,0x0C,
117 0xB0,0x4B,0x0D,0x64,0x3D,0x59,0x3C,0xA3,0xA1,0x73,0x4F,0x33,0xDB,0x6F,0xBF,0x2D,
118 0xB2,0x9D,0xCE,0x05,0x1C,0xF0,0xAB,0x4A,0xB0,0x70,0x5D,0x32,0x20,0x22,0xD7,0x12,
119 0xC0,0x1C,0x0B,0x0D,0xC0,0x72,0x6B,0x6F,0xA4,0xF8,0xAA,0xD2,0x34,0x36,0x63,0x84,
120 0x80,0xF0,0x70,0x5E,0x09,0xEA,0xFF,0x48,0x49,0x85,0x83,0x8E,0x8E,0x6E,0x4C,0x2E,
121 0x2F,0xBB,0xBF,0xDF,0x3B,0x73,0x65,0xA2,0x0D,0x09,0x84,0x8F,0x08,0x86,0x61,0x27,
122 0x58,0xB6,0x7E,0x2D,0xEC,0x08,0xBA,0x40,0x5D,0x20,0x54,0x37,0xDD,0xCC,0xE5,0xDB,
123 0x38,0x68,0xEE,0x56,0x9F,0x92,0xDD,0x03,0x04,0xD2,0x94,0x51,0xD3,0xA9,0x08,0x2E,
124 0x6E,0x25,0x8E,0xBF,0x8A,0xA9,0x2B,0xAD,0x50,0x00,0xA7,0x39,0x11,0x6A,0x9A,0x28,
125 0x99,0x9A,0xB9,0x3B,0xB9,0xB5,0x9C,0x19,0x3A,
126 };
127
128 unsigned char INTERMEDIATE_CERT[1037]={
129 0x30,0x82,0x04,0x09,0x30,0x82,0x02,0xF1,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x02,
130 0x30,0x0B,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x30,0x81,0x9D,
131 0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,
132 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x52,0x4F,0x4F,0x54,0x31,0x0E,0x30,0x0C,
133 0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,
134 0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,
135 0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,
136 0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,
137 0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,
138 0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,
139 0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,
140 0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x1E,0x17,
141 0x0D,0x30,0x39,0x31,0x32,0x31,0x38,0x31,0x37,0x33,0x30,0x35,0x34,0x5A,0x17,0x0D,
142 0x31,0x30,0x31,0x32,0x31,0x38,0x31,0x37,0x33,0x30,0x35,0x34,0x5A,0x30,0x81,0xA5,
143 0x31,0x22,0x30,0x20,0x06,0x03,0x55,0x04,0x03,0x0C,0x19,0x54,0x65,0x73,0x74,0x2D,
144 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x49,0x4E,0x54,0x45,0x52,0x4D,0x45,0x44,
145 0x49,0x41,0x54,0x45,0x31,0x0E,0x30,0x0C,0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,
146 0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,
147 0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,
148 0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
149 0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,
150 0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,
151 0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,
152 0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,
153 0x65,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
154 0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,
155 0x0A,0x02,0x82,0x01,0x01,0x00,0xC4,0xBD,0x46,0x0E,0x0F,0x5C,0x1C,0xA2,0x23,0xD2,
156 0x3B,0x8C,0xC4,0x02,0x52,0x8C,0xD8,0xB1,0xC2,0x58,0x2E,0x84,0xAA,0x6C,0xCB,0x4B,
157 0xE4,0xF1,0xE7,0x48,0x98,0x46,0x6B,0xD0,0x50,0xB0,0xA3,0x1F,0x23,0xC6,0x3C,0x81,
158 0x73,0xE7,0xEA,0xAA,0x55,0xF7,0x37,0x58,0x85,0xF6,0x96,0x0D,0xC0,0x81,0x8D,0x3D,
159 0xD9,0xAD,0xFA,0x32,0x46,0x56,0x4A,0x53,0xF5,0x53,0x34,0x5B,0xFC,0xFC,0x51,0x2A,
160 0x45,0xD4,0xCB,0x53,0xF9,0x58,0xBF,0x7D,0x48,0xB3,0x23,0x41,0xD7,0x93,0x1C,0xC2,
161 0x32,0xE8,0x1C,0x82,0xDC,0xDC,0xCB,0xED,0x0B,0xDA,0x8A,0x1C,0xC0,0x0E,0x83,0x24,
162 0xE6,0x2E,0x68,0xA6,0xB6,0x60,0xEE,0xAF,0xB1,0x07,0xF1,0xC0,0xDB,0x29,0x83,0x9E,
163 0x0C,0xF4,0xCF,0x67,0x5B,0x49,0x3A,0x17,0x7E,0xC1,0xEB,0x75,0x3E,0xDD,0x0F,0x9A,
164 0xC7,0x06,0x60,0x2B,0x18,0xBD,0xAA,0x96,0xD1,0xE1,0x9C,0xF0,0x34,0xFF,0x3E,0x8C,
165 0x4A,0x96,0x5D,0x68,0x7C,0xCF,0xA1,0x14,0xED,0xB1,0x8E,0x10,0x8D,0x1F,0x15,0x22,
166 0x4E,0x8E,0x1A,0xC7,0xAD,0xB9,0x16,0xCB,0x3C,0xCB,0x5D,0xB9,0xAC,0xD9,0xFE,0xAE,
167 0xDE,0x06,0x3B,0xB6,0xA1,0xAA,0x7C,0x91,0x76,0xC6,0xA4,0x81,0xBD,0x29,0x86,0x33,
168 0xA6,0xB5,0x4D,0x28,0x94,0x51,0x81,0x3F,0x68,0x95,0xEB,0x41,0x7A,0xE9,0x87,0xD7,
169 0xDC,0xC8,0xA0,0x5F,0xAB,0x29,0xD9,0xC4,0x08,0xC8,0xA0,0x0B,0x77,0xAC,0x6C,0x21,
170 0x10,0xA4,0xED,0x86,0x78,0x99,0x1F,0xA7,0x23,0x33,0x34,0x89,0x80,0x02,0xBC,0xAF,
171 0xC6,0x3E,0x38,0xFB,0x7C,0x47,0x02,0x03,0x01,0x00,0x01,0xA3,0x4C,0x30,0x4A,0x30,
172 0x0F,0x06,0x03,0x55,0x1D,0x13,0x01,0x01,0xFF,0x04,0x05,0x30,0x03,0x01,0x01,0xFF,
173 0x30,0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,0x01,0xFF,0x04,0x04,0x03,0x02,0x02,0x84,
174 0x30,0x27,0x06,0x03,0x55,0x1D,0x11,0x04,0x20,0x30,0x1E,0x81,0x1C,0x73,0x65,0x63,
175 0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,
176 0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
177 0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x3C,0x66,0x3B,
178 0x9D,0x6E,0xA9,0x0E,0xC9,0xC2,0x6C,0xF4,0x79,0xFB,0xD5,0x6E,0x1F,0x01,0x4E,0x0D,
179 0x2C,0x64,0x7B,0x6E,0xD7,0xC7,0xA7,0x64,0x8B,0xF0,0xCD,0x93,0xCD,0x12,0x29,0x71,
180 0x87,0x3E,0xA3,0x1E,0x7F,0x57,0xC7,0xD9,0xBF,0xD2,0xF2,0x03,0x27,0xD5,0x5E,0xEF,
181 0x59,0xBC,0x91,0x37,0xB4,0x4A,0xEE,0xD2,0x2F,0xEA,0x92,0x07,0xBC,0xEC,0xAC,0x6A,
182 0xF1,0x34,0xA4,0x40,0x61,0x8B,0xB9,0x3D,0xAF,0x5B,0x86,0x6E,0xEE,0x4C,0xCB,0x7F,
183 0x1F,0xD0,0x0F,0x9E,0x5A,0xF0,0x39,0xFD,0x89,0xF3,0x03,0x61,0x5A,0xDF,0x6B,0x5F,
184 0xE3,0x33,0x51,0x80,0x1B,0x61,0xFE,0x7A,0xC7,0x27,0xBF,0x12,0xB5,0x69,0x79,0x1E,
185 0xAD,0x75,0xA8,0xFA,0x94,0xCC,0x22,0x4C,0xF9,0xB4,0xD3,0xD0,0xDC,0x57,0xD3,0x66,
186 0x96,0xDD,0x8A,0xC0,0xE4,0x11,0x5A,0xD9,0xB3,0x76,0x17,0x04,0xDA,0x62,0x71,0x58,
187 0xEA,0x99,0xC3,0x06,0xA7,0xE8,0xDB,0xA9,0x05,0xEC,0xA3,0xCA,0xDA,0x2E,0x77,0x66,
188 0xF4,0xC4,0xD2,0xC6,0xF0,0x5F,0xE6,0x88,0xDF,0x7F,0x23,0xDE,0x7B,0x04,0xA4,0x22,
189 0x45,0xEF,0x0A,0x13,0x79,0x8E,0xE1,0x14,0x22,0x79,0x22,0x86,0x1A,0x4C,0xA7,0xBA,
190 0x06,0x55,0xD9,0x5E,0xF3,0x9C,0xE0,0x1F,0xE3,0xA4,0x1C,0x8E,0x01,0x9F,0x7E,0xEF,
191 0xD2,0xA7,0x8D,0xD6,0x4D,0x1A,0x3D,0xA7,0xB2,0xDB,0x44,0x25,0xB5,0xA6,0x8A,0xD5,
192 0x49,0x87,0x04,0x6C,0x41,0x13,0x88,0x7A,0xFB,0x5E,0x16,0xA2,0x8F,0x37,0x81,0x47,
193 0xD8,0x27,0x3D,0xBD,0xB1,0x3E,0xCE,0x2A,0x07,0x75,0x45,0x5F,0x44,
194 };
195
196 unsigned char LEAF_CERT[1037]={
197 0x30,0x82,0x04,0x09,0x30,0x82,0x02,0xF1,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x03,
198 0x30,0x0B,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x30,0x81,0xA5,
199 0x31,0x22,0x30,0x20,0x06,0x03,0x55,0x04,0x03,0x0C,0x19,0x54,0x65,0x73,0x74,0x2D,
200 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x49,0x4E,0x54,0x45,0x52,0x4D,0x45,0x44,
201 0x49,0x41,0x54,0x45,0x31,0x0E,0x30,0x0C,0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,
202 0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,
203 0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,
204 0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
205 0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,
206 0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,
207 0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,
208 0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,
209 0x65,0x2E,0x63,0x6F,0x6D,0x30,0x1E,0x17,0x0D,0x30,0x39,0x31,0x32,0x31,0x38,0x31,
210 0x37,0x33,0x32,0x31,0x36,0x5A,0x17,0x0D,0x31,0x30,0x31,0x32,0x31,0x38,0x31,0x37,
211 0x33,0x32,0x31,0x36,0x5A,0x30,0x81,0x9D,0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,
212 0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,
213 0x4C,0x45,0x41,0x46,0x31,0x0E,0x30,0x0C,0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,
214 0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,
215 0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,
216 0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
217 0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,
218 0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,
219 0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,
220 0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,
221 0x65,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
222 0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,
223 0x0A,0x02,0x82,0x01,0x01,0x00,0xBF,0x1B,0x87,0x6B,0x10,0xF8,0xF6,0x24,0x07,0x40,
224 0xC3,0xE3,0x81,0x26,0xD6,0xF4,0xFF,0xAA,0x6C,0x26,0xD4,0xBF,0xF7,0x9A,0xF5,0xB8,
225 0x63,0xBD,0x8B,0xFD,0x4B,0xFE,0xFF,0x4B,0xA2,0x15,0x13,0x52,0x84,0x87,0x9E,0x2B,
226 0x32,0x5B,0xF8,0x01,0x28,0x5E,0xF1,0x9C,0xE7,0x52,0xB0,0x89,0xB8,0x4A,0xD0,0x87,
227 0x40,0x0C,0xCD,0xAC,0x11,0x22,0x89,0x44,0x26,0x3B,0x40,0xF3,0x34,0x61,0x14,0x3A,
228 0x94,0xF3,0x1F,0x27,0x62,0xF8,0x8C,0xB4,0xF5,0x1E,0xA6,0x37,0x53,0xB2,0xB3,0x1E,
229 0x35,0xF6,0x00,0x34,0x4B,0x28,0x72,0x5B,0x9D,0xD8,0xEA,0x06,0x91,0x77,0x57,0x38,
230 0x9C,0xA5,0x66,0x5F,0x1A,0x9A,0x0B,0xCC,0x2F,0x2E,0x58,0xA2,0x70,0x66,0xA6,0xEF,
231 0x1B,0x3A,0x0E,0xF0,0x4B,0xA6,0x9D,0x6D,0x63,0xE0,0x1C,0x9C,0x8E,0xFF,0x6F,0x50,
232 0x5F,0x03,0x1A,0x80,0x12,0x4A,0xB6,0x89,0x83,0x5C,0x51,0x9F,0x2F,0xEA,0xE4,0x7F,
233 0x12,0xFB,0xE4,0x92,0xF0,0x8B,0x17,0x35,0x02,0x73,0xA0,0x7D,0xA2,0xB9,0x89,0xE2,
234 0x78,0x52,0xA1,0x08,0x42,0x78,0xD5,0xD3,0x8C,0x3C,0xF2,0x88,0x5E,0x7A,0xCC,0x94,
235 0x80,0x42,0xEA,0xED,0x6E,0x64,0x19,0x5E,0x53,0x05,0xB6,0x60,0xDB,0x81,0x92,0x2C,
236 0x3D,0xD4,0xAF,0xF8,0xED,0xD9,0x28,0xCE,0x0B,0xD9,0xDC,0x20,0x0C,0xA9,0x8D,0xA4,
237 0x54,0xD1,0xDA,0xDE,0x30,0x4A,0x67,0xC6,0xAC,0x4E,0xE3,0xB4,0xD7,0x16,0xF5,0xDC,
238 0xE3,0x52,0xAC,0x01,0x1C,0xB6,0xC1,0x5B,0xB4,0xEA,0x67,0x25,0xFE,0xF6,0x58,0x5C,
239 0xFE,0x88,0x4E,0xCF,0xF1,0x11,0x02,0x03,0x01,0x00,0x01,0xA3,0x4C,0x30,0x4A,0x30,
240 0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,0x01,0xFF,0x04,0x04,0x03,0x02,0x07,0x80,0x30,
241 0x0F,0x06,0x03,0x55,0x1D,0x25,0x04,0x08,0x30,0x06,0x06,0x04,0x55,0x1D,0x25,0x00,
242 0x30,0x27,0x06,0x03,0x55,0x1D,0x11,0x04,0x20,0x30,0x1E,0x81,0x1C,0x73,0x65,0x63,
243 0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,
244 0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
245 0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x1A,0xE5,0xD1,
246 0x13,0x66,0x83,0xC7,0x1A,0xB0,0x50,0xF0,0x1B,0x6E,0x70,0x6E,0x36,0x1A,0x0F,0x12,
247 0x9E,0x0B,0xFD,0x4B,0x79,0xEC,0xAA,0x5E,0x2A,0x37,0x79,0x50,0x97,0x13,0x9E,0xB6,
248 0x43,0xF0,0xD2,0xC6,0xF3,0x43,0x73,0x33,0x6C,0xCB,0x73,0xE5,0xBE,0x4C,0x42,0x6F,
249 0x33,0x76,0x96,0xA2,0x6B,0xA0,0x8D,0xAD,0x46,0xA5,0xD4,0xAC,0x0E,0x55,0x80,0x1A,
250 0x6E,0xAF,0xC2,0x2E,0xB3,0xD4,0x64,0xC3,0x65,0xFA,0x1C,0x42,0x47,0x12,0x9F,0x44,
251 0xD2,0x1F,0xCF,0xA1,0x53,0x49,0x66,0x66,0x14,0x21,0xD4,0x17,0xD1,0x26,0x75,0xAD,
252 0x08,0x93,0x9C,0x3B,0xB7,0x7C,0x03,0x2F,0x76,0x5D,0xB7,0x25,0x83,0x68,0xE3,0x01,
253 0x5C,0xCD,0x87,0x7A,0x71,0x8B,0x8D,0x5D,0x27,0x27,0xF2,0x24,0x56,0x7C,0x7E,0x33,
254 0x8F,0xE6,0x02,0x46,0xAD,0x63,0x28,0x85,0xA2,0x9E,0xEA,0x5A,0xC4,0x92,0xCE,0x76,
255 0xE8,0xD4,0xD4,0x7D,0x48,0x44,0xA4,0x21,0x8C,0xB7,0xC2,0x15,0x80,0x87,0x19,0xB1,
256 0x10,0x6A,0xC7,0x51,0xB7,0x25,0x40,0x26,0x8A,0xCC,0xB6,0x0C,0xE2,0x0D,0xA1,0x40,
257 0x20,0x85,0x0F,0xE5,0xB9,0xB5,0x32,0x10,0xA9,0x5F,0x25,0xCA,0xD2,0x95,0x11,0x54,
258 0x41,0xEA,0xC3,0xBA,0x0C,0x24,0x10,0x28,0xC9,0x09,0xAF,0x7E,0xDF,0x6A,0x2F,0x30,
259 0x49,0x7C,0xB0,0x23,0x46,0xA8,0xDC,0xE3,0x6A,0x17,0x87,0xF7,0xCC,0x3A,0xBD,0x11,
260 0x95,0xC3,0x0A,0x37,0xD1,0x1F,0x20,0xB6,0x1B,0xB2,0xA2,0x45,0xFF,0xC1,0x0D,0x9A,
261 0x56,0xCD,0x5A,0xF6,0x08,0xAA,0xBD,0xAB,0x13,0xC6,0xFD,0xAA,0xEC,
262 };
263
264 /* Test certificate for Code Signing policy
265 */
266 unsigned char Test_codesign[]={
267 0x30, 0x82, 0x03, 0xe3, 0x30, 0x82, 0x02, 0xcb, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x03, 0x01, 0xc8, 0x60, 0x30, 0x0d,
268 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x9d, 0x31, 0x24, 0x30, 0x22,
269 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1b, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x37, 0x38, 0x37, 0x35, 0x38, 0x30, 0x31, 0x20,
270 0x28, 0x43, 0x6f, 0x64, 0x65, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x29, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
271 0x55, 0x04, 0x0a, 0x0c, 0x0b, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x10, 0x30, 0x0e,
272 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x07, 0x43, 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
273 0x55, 0x04, 0x08, 0x0c, 0x02, 0x43, 0x41, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
274 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f,
275 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x6e, 0x6f, 0x62,
276 0x6f, 0x64, 0x79, 0x40, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30,
277 0x34, 0x30, 0x34, 0x32, 0x32, 0x35, 0x35, 0x33, 0x32, 0x5a, 0x17, 0x0d, 0x32, 0x36, 0x30, 0x34, 0x30, 0x32, 0x32, 0x32,
278 0x35, 0x35, 0x33, 0x32, 0x5a, 0x30, 0x81, 0x9d, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1b, 0x54,
279 0x65, 0x73, 0x74, 0x2d, 0x37, 0x38, 0x37, 0x35, 0x38, 0x30, 0x31, 0x20, 0x28, 0x43, 0x6f, 0x64, 0x65, 0x20, 0x53, 0x69,
280 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x29, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0b, 0x41, 0x70, 0x70,
281 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x07, 0x43,
282 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x02, 0x43, 0x41, 0x31,
283 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04,
284 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86,
285 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x6e, 0x6f, 0x62, 0x6f, 0x64, 0x79, 0x40, 0x61, 0x70, 0x70, 0x6c,
286 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
287 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xb0, 0x78,
288 0x41, 0xd5, 0xc0, 0x71, 0x1d, 0x02, 0xc8, 0x57, 0x46, 0xf8, 0xc4, 0x3c, 0x7c, 0xa2, 0x13, 0x45, 0x8a, 0x1b, 0xef, 0x16,
289 0xa6, 0x6f, 0xfe, 0x97, 0xe4, 0x8b, 0x6a, 0x7b, 0x89, 0xd2, 0x50, 0xcb, 0x6b, 0xcc, 0x47, 0x32, 0x9a, 0xd3, 0xf4, 0x19,
290 0x62, 0x70, 0xe6, 0x27, 0xc4, 0x13, 0x5a, 0x60, 0x20, 0x8c, 0xb1, 0xc4, 0xf1, 0x76, 0xcd, 0x06, 0xb3, 0x60, 0x78, 0x4d,
291 0xb2, 0x30, 0xb1, 0x1c, 0x53, 0x36, 0x98, 0x44, 0x84, 0x35, 0x57, 0xe9, 0xbc, 0xb7, 0x2d, 0x17, 0xd7, 0x0c, 0xbc, 0x52,
292 0x9e, 0xfd, 0xe5, 0x32, 0x2a, 0xad, 0x28, 0x36, 0x24, 0x81, 0x87, 0x56, 0xd2, 0x39, 0x66, 0x13, 0x9e, 0x26, 0x44, 0x32,
293 0xa3, 0xa7, 0x8b, 0xe7, 0x33, 0x25, 0xa3, 0x8e, 0x25, 0x14, 0x91, 0xf4, 0x32, 0x1a, 0x97, 0x82, 0xd3, 0x5a, 0xb5, 0x68,
294 0x24, 0x0c, 0x46, 0x89, 0x00, 0x6f, 0xfa, 0x27, 0x03, 0xc6, 0x0b, 0xa2, 0xf0, 0xad, 0xd2, 0xec, 0x35, 0xca, 0x1a, 0xc5,
295 0x76, 0xd4, 0xb2, 0x48, 0x72, 0xf0, 0x34, 0x48, 0xd6, 0x8e, 0xae, 0x37, 0x35, 0x87, 0x60, 0x25, 0x16, 0x71, 0xda, 0x0c,
296 0x71, 0xaa, 0x95, 0xc2, 0xe4, 0x09, 0x91, 0xd9, 0x38, 0x62, 0xee, 0x0c, 0x26, 0x34, 0x7b, 0x6b, 0xbb, 0xf8, 0x33, 0xa1,
297 0x08, 0x71, 0xc1, 0x4a, 0x5f, 0x7d, 0x17, 0x31, 0x25, 0xb7, 0xbe, 0x66, 0xab, 0x28, 0x6e, 0x58, 0x3c, 0xd1, 0x5f, 0xbf,
298 0x8f, 0x48, 0x6e, 0x42, 0x8f, 0x85, 0x1a, 0x9e, 0x6b, 0x79, 0xbf, 0x43, 0xd9, 0xeb, 0x20, 0xa8, 0x1e, 0xf6, 0xe4, 0xaa,
299 0xdb, 0x62, 0x87, 0x02, 0x43, 0xd0, 0x75, 0xa4, 0x14, 0x1d, 0x33, 0x3e, 0x81, 0x5d, 0x7a, 0x7c, 0x4a, 0xdf, 0x3e, 0x79,
300 0x70, 0xca, 0xf5, 0xb6, 0xd8, 0x6d, 0x8e, 0xc7, 0x7f, 0xc7, 0xa0, 0x72, 0x6e, 0x95, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,
301 0x2a, 0x30, 0x28, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30,
302 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
303 0x07, 0x03, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82,
304 0x01, 0x01, 0x00, 0x98, 0x03, 0xa7, 0x17, 0x66, 0x1a, 0xf3, 0x19, 0xd5, 0x7f, 0xac, 0x74, 0x8e, 0xa7, 0x43, 0x6a, 0x14,
305 0xca, 0x5d, 0xa8, 0xf9, 0x8d, 0x22, 0x38, 0x48, 0x1c, 0x10, 0xd8, 0xe6, 0xfe, 0x0e, 0x8e, 0xd4, 0xb5, 0x8e, 0x89, 0xd9,
306 0x95, 0x01, 0xba, 0x11, 0x4c, 0x7b, 0x7c, 0x64, 0x98, 0xd8, 0x4a, 0x11, 0x43, 0x0d, 0x71, 0xbd, 0x9f, 0xd9, 0x33, 0x84,
307 0xa0, 0x3e, 0x9d, 0x6d, 0xa7, 0x72, 0xf0, 0x8d, 0x62, 0x9e, 0x45, 0xc2, 0x91, 0xfe, 0xbb, 0xbf, 0x08, 0x8b, 0x37, 0xd7,
308 0x38, 0x71, 0x8f, 0x17, 0x2d, 0x98, 0x81, 0x16, 0x2d, 0xf6, 0x90, 0x6d, 0x57, 0x64, 0x6b, 0xa0, 0xbc, 0x02, 0xd8, 0xeb,
309 0x63, 0x65, 0x1d, 0x1b, 0x20, 0xe7, 0x73, 0x8f, 0xe0, 0x82, 0x8d, 0x8f, 0xf6, 0x36, 0x08, 0x9d, 0xf3, 0xfd, 0x33, 0x4f,
310 0xd2, 0xb0, 0x6d, 0xb8, 0x50, 0x02, 0x43, 0x2f, 0x90, 0x16, 0xe9, 0xb0, 0x1f, 0x9b, 0x2e, 0x70, 0x10, 0x89, 0xaa, 0xdc,
311 0x18, 0xd7, 0xda, 0x3a, 0xce, 0xb8, 0x8f, 0xa4, 0x42, 0x4e, 0x50, 0x50, 0xa9, 0x19, 0x42, 0x0b, 0x07, 0x7c, 0x33, 0xe5,
312 0x47, 0x40, 0x6a, 0x14, 0x02, 0x1f, 0x1e, 0xcf, 0x66, 0xb2, 0x76, 0x88, 0x0d, 0x49, 0x3a, 0xa5, 0xde, 0xfb, 0x99, 0xfa,
313 0x70, 0xd4, 0x5e, 0xa1, 0x3e, 0x6d, 0x7f, 0x6b, 0x8c, 0x71, 0x79, 0x94, 0xb3, 0x1f, 0xcf, 0xdd, 0x9a, 0x31, 0xfd, 0x26,
314 0x82, 0xa9, 0x94, 0x55, 0x87, 0x17, 0x33, 0xd0, 0x35, 0x3e, 0x80, 0x53, 0x8e, 0xb7, 0x18, 0x86, 0x5b, 0x8b, 0xee, 0x29,
315 0xcf, 0xdf, 0x0e, 0x3f, 0x31, 0x9e, 0x29, 0x44, 0xa8, 0x99, 0xf7, 0xbe, 0x51, 0x3b, 0x53, 0xcd, 0x55, 0xfc, 0xb7, 0x6e,
316 0x50, 0x21, 0xf2, 0xcc, 0x9c, 0x09, 0xe2, 0x6f, 0x4d, 0x15, 0x2f, 0x98, 0xa1, 0x04, 0xc0, 0xeb, 0x4c, 0x98, 0x93
317 };
318 unsigned int Test_7875801__Code_Signing__cer_len = 999;
319
320 /* Test certificate for S/MIME policy (encrypt only, no sign), expires September 2026
321 */
322 unsigned char Test_smime_encryptonly[]={
323 0x30, 0x82, 0x04, 0x07, 0x30, 0x82, 0x02, 0xef, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x04, 0x02, 0xb8, 0x95, 0x23, 0x30,
324 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x9e, 0x31, 0x21, 0x30,
325 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74,
326 0x69, 0x6f, 0x6e, 0x20, 0x28, 0x53, 0x2f, 0x4d, 0x49, 0x4d, 0x45, 0x29, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04,
327 0x07, 0x13, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
328 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x43, 0x41, 0x31, 0x10,
329 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x07, 0x43, 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x14, 0x30, 0x12,
330 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0b, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x23,
331 0x30, 0x21, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x14, 0x73, 0x6d, 0x69, 0x6d, 0x65,
332 0x2d, 0x74, 0x65, 0x73, 0x74, 0x40, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31,
333 0x36, 0x30, 0x39, 0x32, 0x30, 0x31, 0x32, 0x30, 0x32, 0x31, 0x33, 0x5a, 0x17, 0x0d, 0x32, 0x36, 0x30, 0x39, 0x31, 0x38,
334 0x31, 0x32, 0x30, 0x32, 0x31, 0x33, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
335 0x18, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x28, 0x53, 0x2f,
336 0x4d, 0x49, 0x4d, 0x45, 0x29, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x09, 0x43, 0x75, 0x70, 0x65,
337 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b,
338 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x43, 0x41, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0b,
339 0x13, 0x07, 0x43, 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0b,
340 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x23, 0x30, 0x21, 0x06, 0x09, 0x2a, 0x86, 0x48,
341 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x14, 0x73, 0x6d, 0x69, 0x6d, 0x65, 0x2d, 0x74, 0x65, 0x73, 0x74, 0x40, 0x61,
342 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
343 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01,
344 0x00, 0xd5, 0x9e, 0xf0, 0xe6, 0x4e, 0x8d, 0x1d, 0x0f, 0x62, 0x75, 0x1a, 0x5d, 0xd7, 0x19, 0x34, 0xf0, 0x27, 0xaf, 0x35,
345 0xbb, 0x6d, 0xfe, 0x1b, 0xe5, 0xfd, 0xd5, 0x54, 0x77, 0x4a, 0x2f, 0x1d, 0x50, 0x51, 0xbb, 0x6e, 0x55, 0x9e, 0xfe, 0xcd,
346 0x40, 0xe0, 0xe1, 0xa5, 0xfb, 0xef, 0x8c, 0x6b, 0x49, 0x7e, 0x73, 0x5c, 0x19, 0x44, 0xad, 0x50, 0xbc, 0x10, 0xf9, 0x66,
347 0xcf, 0x17, 0xd4, 0x63, 0x8d, 0x6b, 0x4b, 0x61, 0x09, 0x5e, 0xe7, 0xf2, 0xbf, 0x20, 0x78, 0xf4, 0xe4, 0x71, 0x81, 0xba,
348 0xb9, 0xb0, 0x0e, 0x8c, 0x58, 0xfd, 0x23, 0x67, 0x67, 0x38, 0x4b, 0xcd, 0x23, 0xb3, 0x76, 0x20, 0x51, 0x99, 0xb7, 0x7a,
349 0xc4, 0x34, 0xd4, 0xca, 0x50, 0xc1, 0x16, 0x4d, 0xcf, 0x60, 0x3c, 0xc2, 0x29, 0x06, 0x9b, 0x48, 0x35, 0xdb, 0x7e, 0x1a,
350 0xf8, 0x5d, 0x0e, 0x72, 0xa7, 0x01, 0x02, 0xb4, 0x26, 0x40, 0x81, 0xf3, 0xa8, 0x28, 0x0e, 0x53, 0x79, 0x55, 0x19, 0x13,
351 0xe1, 0xd9, 0x41, 0x78, 0xe6, 0x68, 0x96, 0x91, 0xf9, 0xc9, 0xbf, 0x60, 0xd4, 0x88, 0xdf, 0x26, 0x19, 0xc6, 0xd5, 0xc4,
352 0x3f, 0x70, 0x1f, 0xc0, 0x8f, 0x2c, 0x3d, 0x49, 0xba, 0x79, 0xd8, 0xcd, 0x6d, 0xcc, 0x88, 0xde, 0x86, 0xd4, 0x19, 0x89,
353 0x1b, 0x1c, 0xbd, 0xd8, 0xeb, 0xc6, 0x81, 0xdb, 0xb7, 0x57, 0x53, 0xeb, 0x92, 0xbf, 0xf8, 0x1b, 0xd8, 0x4a, 0xe7, 0xee,
354 0x83, 0x01, 0xf7, 0xae, 0xf4, 0x25, 0x2b, 0x6f, 0x17, 0xf4, 0xa0, 0xb8, 0x7f, 0x87, 0x20, 0x4f, 0xfd, 0xac, 0x59, 0x00,
355 0x80, 0x5e, 0x20, 0x02, 0x5a, 0x41, 0x76, 0xf2, 0x57, 0x97, 0x29, 0xa9, 0x87, 0xae, 0x79, 0xb7, 0x3f, 0x95, 0x2f, 0x37,
356 0x6e, 0xbf, 0x1f, 0x6d, 0xe2, 0x27, 0x39, 0x1c, 0xf2, 0x0b, 0x8f, 0xe4, 0xff, 0x60, 0x5d, 0x8f, 0xeb, 0x02, 0x03, 0x01,
357 0x00, 0x01, 0xa3, 0x4b, 0x30, 0x49, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02,
358 0x05, 0x20, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06,
359 0x01, 0x05, 0x05, 0x07, 0x03, 0x04, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x18, 0x30, 0x16, 0x81, 0x14, 0x73,
360 0x6d, 0x69, 0x6d, 0x65, 0x2d, 0x74, 0x65, 0x73, 0x74, 0x40, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30,
361 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x0a,
362 0x49, 0x1f, 0xbe, 0xda, 0xa3, 0x8f, 0x78, 0x2c, 0x19, 0x6d, 0xd1, 0xa4, 0xa8, 0x8d, 0xa1, 0x00, 0xee, 0x8f, 0xa4, 0xd3,
363 0x2b, 0x73, 0xad, 0x46, 0x00, 0x44, 0x40, 0x18, 0xc7, 0x7a, 0xbd, 0x5c, 0x21, 0x80, 0x91, 0xfe, 0xa0, 0x48, 0xfe, 0x00,
364 0x3f, 0xf3, 0xc3, 0xb5, 0x26, 0xf0, 0xf2, 0xfa, 0x6e, 0xf2, 0x64, 0x45, 0x59, 0x41, 0xbd, 0x6f, 0xc2, 0xb6, 0xf8, 0xba,
365 0xc4, 0x75, 0x6a, 0x41, 0xd1, 0x0a, 0x6d, 0x1f, 0xd4, 0xe0, 0xec, 0x77, 0x7a, 0x5f, 0xa8, 0x44, 0x2e, 0xb3, 0x96, 0xe4,
366 0x62, 0x8e, 0xa2, 0x58, 0x85, 0x77, 0x21, 0x4f, 0x70, 0xed, 0x38, 0x5a, 0x69, 0x36, 0x8e, 0xf5, 0x3f, 0x4b, 0x25, 0x40,
367 0xe4, 0x4a, 0x00, 0xef, 0x14, 0xe4, 0xa3, 0xad, 0xaa, 0xbc, 0xdc, 0x18, 0x5f, 0xc5, 0xe9, 0xc1, 0xfe, 0xe4, 0x68, 0x52,
368 0x30, 0x87, 0x1e, 0x80, 0x4d, 0xa6, 0xf5, 0xfd, 0x0d, 0x15, 0x00, 0x06, 0xd8, 0x05, 0x82, 0x2d, 0x94, 0x44, 0x80, 0x8f,
369 0x1b, 0xac, 0x18, 0x9f, 0x51, 0x40, 0x47, 0x29, 0x4f, 0x7b, 0xb8, 0xbb, 0x03, 0xdd, 0x8a, 0x01, 0x4f, 0xd0, 0x4e, 0x21,
370 0xf5, 0xc3, 0x64, 0x2f, 0xa6, 0xe3, 0x81, 0x8d, 0x65, 0xc0, 0x6a, 0x17, 0x1d, 0xc5, 0xdf, 0xa6, 0x07, 0x7c, 0x48, 0x59,
371 0x35, 0x78, 0x02, 0x29, 0xa0, 0xbe, 0x25, 0x39, 0xdf, 0x51, 0x30, 0x7b, 0x2a, 0x19, 0xd0, 0x33, 0xcd, 0x07, 0x61, 0x38,
372 0x18, 0x46, 0xc7, 0x16, 0x8b, 0xcd, 0xa9, 0xbf, 0x22, 0xd0, 0xf7, 0xd1, 0xa4, 0x32, 0x80, 0x9f, 0x2e, 0x17, 0x0a, 0x17,
373 0xbc, 0x48, 0xf3, 0x2c, 0x6d, 0x40, 0x3b, 0xf0, 0xf5, 0x0b, 0x10, 0x98, 0x93, 0x50, 0xcc, 0x46, 0x64, 0x57, 0x6d, 0xb5,
374 0xa0, 0xda, 0x8f, 0xd7, 0xc6, 0x0a, 0x01, 0x1d, 0x89, 0x0b, 0x2f, 0xe3, 0x98, 0xcc, 0x9a
375 };
376 unsigned int Test_Encryption__S_MIME__cer_len = 1035;
377
378 /* Test identity for S/MIME policy (sign only, no encrypt)
379 */
380 unsigned char Test_smime_signonly_p12[] = {
381 0x30, 0x82, 0x0a, 0xdd, 0x02, 0x01, 0x03, 0x30, 0x82, 0x0a, 0xa4, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
382 0x07, 0x01, 0xa0, 0x82, 0x0a, 0x95, 0x04, 0x82, 0x0a, 0x91, 0x30, 0x82, 0x0a, 0x8d, 0x30, 0x82, 0x05, 0x07, 0x06, 0x09,
383 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06, 0xa0, 0x82, 0x04, 0xf8, 0x30, 0x82, 0x04, 0xf4, 0x02, 0x01, 0x00,
384 0x30, 0x82, 0x04, 0xed, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c, 0x06, 0x0a, 0x2a,
385 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06, 0x30, 0x0e, 0x04, 0x08, 0xa7, 0xf8, 0xe5, 0x65, 0x62, 0x31, 0xe0,
386 0xa6, 0x02, 0x02, 0x08, 0x00, 0x80, 0x82, 0x04, 0xc0, 0x2b, 0xf6, 0xdc, 0x0d, 0x1c, 0xce, 0x0d, 0x2a, 0xa8, 0x50, 0x94,
387 0xc5, 0x52, 0x04, 0xa0, 0x07, 0x8b, 0xf2, 0x31, 0x4e, 0x5e, 0xfe, 0xe7, 0x8f, 0x53, 0xac, 0x98, 0x1a, 0x04, 0x08, 0xdc,
388 0xd9, 0xc6, 0xd5, 0xee, 0xbd, 0x43, 0x15, 0x55, 0xf8, 0x03, 0xa7, 0x05, 0x31, 0x7f, 0xee, 0x36, 0xa8, 0x43, 0xdb, 0x09,
389 0x25, 0x61, 0x8e, 0x1c, 0xd2, 0x84, 0x22, 0xc2, 0xf5, 0x2f, 0x29, 0x4b, 0x97, 0xfd, 0x38, 0xb8, 0x4d, 0xde, 0x76, 0x28,
390 0xe9, 0xd9, 0xf7, 0xf1, 0x77, 0xdd, 0x7d, 0x6f, 0x35, 0xf7, 0x73, 0x94, 0xeb, 0x39, 0x5d, 0xaf, 0x92, 0xca, 0x07, 0x39,
391 0xa2, 0x8a, 0xd2, 0xcd, 0xe0, 0x69, 0x5b, 0x2f, 0xc3, 0x29, 0x1c, 0xbb, 0x27, 0x01, 0x83, 0x49, 0xfe, 0x55, 0x75, 0x1f,
392 0x56, 0xf4, 0xf8, 0xed, 0x60, 0xe3, 0xee, 0x10, 0x40, 0x4d, 0x67, 0xdb, 0x1b, 0x4e, 0x0b, 0x03, 0x65, 0xfc, 0x10, 0x9f,
393 0x40, 0x19, 0xcd, 0xe7, 0x5b, 0x6f, 0x8d, 0xf4, 0x21, 0x80, 0x1e, 0x81, 0xae, 0x34, 0xac, 0x70, 0xf5, 0xdd, 0x59, 0xb7,
394 0xd8, 0x31, 0x9f, 0xd9, 0xec, 0x54, 0x8c, 0x93, 0x73, 0x78, 0xbf, 0x5c, 0xf9, 0x29, 0x8b, 0x32, 0xdd, 0x3d, 0xb5, 0xe8,
395 0xdf, 0xe6, 0x78, 0xd2, 0xbe, 0x9d, 0x55, 0x2d, 0xde, 0x23, 0xe4, 0x14, 0xc2, 0x7b, 0x38, 0xce, 0x27, 0x22, 0x0b, 0x6a,
396 0x05, 0x22, 0x27, 0x39, 0x04, 0x99, 0x6f, 0x02, 0x74, 0xc0, 0xc8, 0xcd, 0x8d, 0xa7, 0x76, 0x9f, 0x41, 0x76, 0x6b, 0x97,
397 0x5f, 0x40, 0xc4, 0xa4, 0x77, 0x85, 0x2b, 0x18, 0x94, 0x79, 0xa3, 0x2a, 0x8d, 0x72, 0x5c, 0x8a, 0x15, 0xad, 0x57, 0x87,
398 0xc3, 0x72, 0x83, 0x89, 0x4a, 0xec, 0x92, 0xb6, 0xad, 0xb0, 0x5a, 0xb6, 0x1a, 0x53, 0x61, 0x28, 0x66, 0xfc, 0x9c, 0x4a,
399 0x4f, 0xfd, 0x38, 0x2a, 0x00, 0x55, 0x56, 0x03, 0xff, 0x09, 0xb0, 0xff, 0xbc, 0xa6, 0x78, 0x43, 0x0c, 0x90, 0xc7, 0x6d,
400 0x25, 0x45, 0x73, 0x61, 0x55, 0x24, 0x5d, 0x93, 0x2c, 0x38, 0x4f, 0x8d, 0x68, 0x41, 0xfe, 0xeb, 0xbc, 0xae, 0xee, 0x92,
401 0xa5, 0xbd, 0x6c, 0x1f, 0x4c, 0xe2, 0xb2, 0xc8, 0x42, 0x50, 0x5c, 0xa9, 0xa3, 0x53, 0x46, 0x6b, 0xa1, 0x4e, 0x69, 0x6f,
402 0xe0, 0x12, 0xc4, 0x03, 0x1e, 0xe5, 0xc1, 0xad, 0x8d, 0x57, 0x95, 0xfd, 0x24, 0x85, 0xd7, 0x2b, 0x5d, 0xbb, 0x72, 0x5b,
403 0x62, 0x72, 0x97, 0xdd, 0xb8, 0xb1, 0x7a, 0xf7, 0x42, 0x2c, 0x9f, 0xe2, 0x6e, 0x57, 0x7d, 0xee, 0x72, 0x67, 0xec, 0x98,
404 0x3a, 0x63, 0x44, 0x28, 0x75, 0xce, 0x9b, 0x5e, 0x95, 0xe6, 0x34, 0x7c, 0x1e, 0x56, 0x33, 0x3d, 0x31, 0x69, 0xd6, 0xf7,
405 0x62, 0xa9, 0x7c, 0x0e, 0xf7, 0x9d, 0xf8, 0x7d, 0xfe, 0x86, 0x12, 0x62, 0x18, 0xf1, 0xdd, 0xbf, 0x37, 0x73, 0xb2, 0x0b,
406 0x81, 0xb4, 0x38, 0xcb, 0x93, 0x8c, 0x3a, 0xe6, 0xd6, 0x72, 0x39, 0x09, 0x84, 0x09, 0xd7, 0x14, 0xc1, 0x67, 0x78, 0xc4,
407 0x5a, 0xa3, 0xa6, 0x0b, 0x0c, 0xd8, 0xd4, 0xda, 0xd7, 0xb8, 0x3a, 0x86, 0xcc, 0x44, 0x7d, 0xf6, 0x30, 0x4f, 0x07, 0x9f,
408 0x8a, 0x28, 0x22, 0x89, 0x34, 0xd3, 0x7b, 0xe6, 0x1b, 0xac, 0x9a, 0x11, 0xdd, 0x06, 0x72, 0x6e, 0x3f, 0x39, 0x3f, 0x18,
409 0x92, 0xc8, 0x93, 0xbb, 0x7c, 0x4a, 0x65, 0xad, 0xba, 0xfb, 0x6b, 0x29, 0xe3, 0xd5, 0x0d, 0xfc, 0xf1, 0x05, 0x91, 0x9d,
410 0x3f, 0x86, 0x86, 0xd3, 0xf3, 0x48, 0x8b, 0xba, 0x97, 0x59, 0xaf, 0xfb, 0x06, 0x34, 0x6e, 0x09, 0x5b, 0x4f, 0x4a, 0xdf,
411 0x3c, 0x94, 0xc7, 0x18, 0xb0, 0xf0, 0x23, 0xaf, 0x2f, 0x4e, 0x29, 0xd2, 0x99, 0xc3, 0x5f, 0x43, 0x52, 0xd2, 0x93, 0x1b,
412 0x8c, 0x13, 0x08, 0x5c, 0xa3, 0x5a, 0x68, 0x14, 0x7d, 0xda, 0xad, 0x92, 0xb5, 0xd0, 0x13, 0xe6, 0x21, 0xbc, 0x5b, 0xd5,
413 0xfa, 0x4e, 0xd7, 0x01, 0x8b, 0xa0, 0x9a, 0xfd, 0x02, 0x02, 0xc3, 0x9e, 0x7f, 0xfc, 0xc0, 0x90, 0x2a, 0xdd, 0xac, 0xa0,
414 0x01, 0x92, 0x39, 0x23, 0xb4, 0x3b, 0x2a, 0x13, 0x56, 0xcb, 0x78, 0xf5, 0xe1, 0xac, 0x15, 0x7f, 0x22, 0x38, 0x77, 0x0c,
415 0xa8, 0xfc, 0x46, 0x14, 0x02, 0xbe, 0x28, 0xf2, 0xa4, 0x59, 0x68, 0x01, 0x73, 0x4a, 0x52, 0xea, 0xfe, 0xb8, 0x8e, 0x59,
416 0xf2, 0x41, 0xaa, 0x04, 0x77, 0x20, 0xc6, 0x57, 0x62, 0x60, 0xb3, 0xc0, 0x6b, 0x2b, 0x5b, 0x4d, 0x64, 0x0c, 0xfe, 0x09,
417 0x92, 0x35, 0x9f, 0xde, 0xfe, 0xad, 0x8e, 0xd6, 0xf3, 0x8f, 0xb9, 0xf4, 0x77, 0x0f, 0xed, 0x47, 0x0d, 0x77, 0x59, 0x9c,
418 0xda, 0x7f, 0x40, 0xa1, 0xee, 0x6c, 0xaf, 0x66, 0x69, 0x12, 0x3a, 0x42, 0x98, 0x55, 0x91, 0x34, 0xf8, 0x02, 0x57, 0xf9,
419 0xf1, 0x9c, 0x5e, 0x7f, 0xec, 0x44, 0x14, 0x21, 0x8b, 0x21, 0x98, 0xe8, 0x62, 0x00, 0x0b, 0x9b, 0xe2, 0xc8, 0xff, 0xfe,
420 0xf5, 0xa0, 0xc5, 0x6a, 0x61, 0x75, 0x6f, 0xbf, 0x1f, 0x8d, 0x72, 0xbe, 0x48, 0x1f, 0xdf, 0x58, 0xba, 0x13, 0x33, 0x60,
421 0x8f, 0xc4, 0x5b, 0xf3, 0x70, 0x94, 0xee, 0x25, 0x98, 0x5e, 0x30, 0x40, 0x7f, 0x1c, 0xf6, 0x34, 0xb5, 0x6d, 0x5c, 0xc2,
422 0x45, 0xad, 0x1b, 0x88, 0x9e, 0x10, 0x59, 0x86, 0xcf, 0x49, 0xaa, 0xa4, 0x72, 0xee, 0x1c, 0xeb, 0x21, 0x85, 0x78, 0x5c,
423 0x1a, 0x08, 0x33, 0x6d, 0x52, 0xf3, 0xde, 0x86, 0x64, 0x2a, 0x34, 0x9e, 0x17, 0x16, 0xc5, 0xaf, 0xc9, 0x5a, 0xb0, 0x69,
424 0xcb, 0xdf, 0x6f, 0x23, 0x67, 0xe7, 0x02, 0x93, 0xf8, 0x79, 0x3d, 0xc1, 0x7f, 0x7e, 0xe7, 0x9a, 0xb2, 0xa8, 0x5b, 0x11,
425 0x64, 0x8c, 0x4b, 0x71, 0x29, 0xc4, 0x8c, 0xa5, 0x3b, 0xcf, 0x42, 0x48, 0x41, 0x2b, 0x29, 0x31, 0xc4, 0xfc, 0x21, 0x69,
426 0x10, 0x1e, 0x8c, 0xde, 0x02, 0x45, 0x43, 0x30, 0x4a, 0x9f, 0x4b, 0x8f, 0x4f, 0xf5, 0x63, 0x4f, 0x6d, 0xed, 0x7c, 0x37,
427 0x3f, 0x88, 0x43, 0x01, 0x95, 0xba, 0x49, 0x03, 0xa1, 0xe0, 0xe6, 0xf9, 0x58, 0x3a, 0x50, 0xf3, 0x3f, 0xcf, 0x15, 0xc7,
428 0x30, 0x4b, 0x56, 0xad, 0x74, 0x9e, 0x1d, 0xe1, 0x1f, 0x33, 0x33, 0x10, 0x9f, 0x55, 0xf6, 0xad, 0xf2, 0x07, 0x32, 0x39,
429 0xd4, 0x6e, 0x32, 0xd2, 0xc5, 0xbb, 0x67, 0x7d, 0x77, 0xd3, 0x21, 0xb5, 0xce, 0x5f, 0x07, 0xc4, 0x61, 0x6b, 0x67, 0x1d,
430 0x58, 0x56, 0xf7, 0xa3, 0x99, 0x4f, 0x7a, 0x9d, 0xd3, 0x78, 0x07, 0x7f, 0x4e, 0x24, 0x94, 0x2e, 0x75, 0x46, 0xd0, 0x1e,
431 0x76, 0x77, 0xf1, 0x18, 0x1c, 0xbf, 0x3e, 0xe5, 0x42, 0x45, 0x9c, 0x30, 0x78, 0x64, 0x5e, 0x55, 0x43, 0x42, 0x4e, 0x60,
432 0x1f, 0x57, 0xc3, 0xd3, 0xe3, 0xf4, 0x8b, 0x4c, 0xaf, 0x18, 0xc0, 0xa9, 0xf8, 0xe5, 0xd3, 0x96, 0xe0, 0xd2, 0x0a, 0x05,
433 0xc5, 0x2a, 0x42, 0x16, 0xc9, 0x1d, 0x90, 0xfb, 0x4b, 0x2d, 0x3b, 0xbf, 0x14, 0xfc, 0x7b, 0x47, 0x11, 0xf7, 0x46, 0x7b,
434 0x31, 0xb4, 0x2f, 0x25, 0x89, 0xed, 0x5d, 0x95, 0x7c, 0x0b, 0xe9, 0x89, 0x7a, 0x0a, 0x83, 0xc2, 0x08, 0xcc, 0x61, 0x8d,
435 0x7a, 0xf3, 0x3a, 0x7e, 0x7e, 0xa4, 0x16, 0x36, 0x0e, 0x9e, 0xac, 0xd3, 0x01, 0x0d, 0x60, 0x0c, 0x5e, 0xca, 0x2d, 0xcc,
436 0x59, 0xd8, 0x9d, 0x67, 0xb6, 0xc0, 0x81, 0xa7, 0xcb, 0x64, 0x8f, 0x03, 0x18, 0xc8, 0xba, 0x2b, 0x3d, 0x83, 0x37, 0x7e,
437 0xe2, 0x24, 0x9e, 0xff, 0xef, 0x78, 0x0c, 0x24, 0xaf, 0x90, 0x83, 0x45, 0x29, 0xfd, 0x1c, 0x1e, 0xc3, 0xf9, 0x49, 0x88,
438 0x48, 0xf3, 0xae, 0x22, 0x26, 0x07, 0xa6, 0xc6, 0x50, 0xed, 0xda, 0xb7, 0xb8, 0x4e, 0x1f, 0x6c, 0x7f, 0x9c, 0x54, 0x77,
439 0x0c, 0x66, 0x0b, 0x65, 0x4b, 0xdd, 0x9a, 0x9f, 0x69, 0xdc, 0x9a, 0x3a, 0xfc, 0xa8, 0x1c, 0xb5, 0xcf, 0xfd, 0x9a, 0x9d,
440 0x49, 0x5e, 0xcb, 0xd5, 0xa8, 0xcd, 0x89, 0xa6, 0xd3, 0x26, 0xfd, 0xa3, 0x8f, 0x46, 0xb8, 0x98, 0x63, 0x0d, 0x0a, 0xd8,
441 0x21, 0xed, 0xa5, 0x5f, 0x0a, 0x6e, 0x8b, 0xd1, 0xd7, 0x93, 0xca, 0xa8, 0xc2, 0x54, 0x6d, 0x8e, 0x4a, 0x3a, 0x87, 0x50,
442 0x23, 0x6c, 0x98, 0x4d, 0x61, 0xc9, 0x21, 0xca, 0xfa, 0xe9, 0x14, 0xaf, 0x85, 0x07, 0x66, 0x40, 0xe4, 0x3c, 0x78, 0xcf,
443 0x8f, 0x0d, 0x06, 0xe2, 0xce, 0x5b, 0x38, 0xdd, 0x6c, 0x99, 0x95, 0x7a, 0x3a, 0xaf, 0xfb, 0x82, 0xdb, 0x94, 0x51, 0x6d,
444 0x99, 0xd6, 0x47, 0x41, 0x16, 0x8c, 0x7e, 0x30, 0xb4, 0x86, 0x42, 0xe7, 0xad, 0x38, 0x16, 0x12, 0x3e, 0x6b, 0xcf, 0xb8,
445 0x8f, 0x08, 0x8c, 0xce, 0xc9, 0xf5, 0x5a, 0x6d, 0x6d, 0x1c, 0xef, 0xa3, 0xee, 0x44, 0x1e, 0x48, 0xe4, 0x41, 0xc6, 0xfa,
446 0x38, 0x63, 0xf6, 0x7d, 0x50, 0x59, 0x36, 0x9b, 0x8a, 0xbc, 0x66, 0x9d, 0x3d, 0xac, 0xe0, 0x4a, 0x2b, 0x27, 0xd4, 0x0a,
447 0x5e, 0x8c, 0xd2, 0x03, 0xde, 0x30, 0x82, 0x05, 0x7e, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
448 0xa0, 0x82, 0x05, 0x6f, 0x04, 0x82, 0x05, 0x6b, 0x30, 0x82, 0x05, 0x67, 0x30, 0x82, 0x05, 0x63, 0x06, 0x0b, 0x2a, 0x86,
449 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x04, 0xee, 0x30, 0x82, 0x04, 0xea, 0x30, 0x1c, 0x06,
450 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 0x0e, 0x04, 0x08, 0xe8, 0xe9, 0xa0, 0xff, 0x46,
451 0xbd, 0xb7, 0xbe, 0x02, 0x02, 0x08, 0x00, 0x04, 0x82, 0x04, 0xc8, 0xb7, 0xe8, 0x82, 0xae, 0xfd, 0x43, 0x15, 0xbb, 0xf4,
452 0x94, 0x2d, 0x8d, 0x28, 0x5c, 0x66, 0xc4, 0x78, 0x5b, 0x0f, 0x41, 0xf9, 0x8e, 0x65, 0x3f, 0xf3, 0x06, 0x99, 0x36, 0x70,
453 0xeb, 0x99, 0x38, 0x29, 0x49, 0xea, 0x28, 0xc4, 0x84, 0x11, 0x8c, 0x4f, 0x5e, 0x61, 0x7c, 0x3f, 0xc3, 0x61, 0x16, 0x1b,
454 0xce, 0x50, 0xc9, 0xd6, 0x3e, 0x0e, 0x96, 0x93, 0xd1, 0xf7, 0x1a, 0x79, 0x86, 0x86, 0x22, 0x7e, 0x39, 0xc0, 0x15, 0x49,
455 0x69, 0xc5, 0x56, 0xf9, 0xb6, 0xeb, 0xe0, 0x36, 0x53, 0x01, 0xc1, 0xb9, 0x2d, 0x31, 0xdb, 0xdc, 0x12, 0xe0, 0x1b, 0x85,
456 0x4b, 0x11, 0xfa, 0x74, 0xd5, 0x5b, 0x4a, 0x84, 0xbc, 0x7e, 0x1f, 0xf4, 0x1e, 0x04, 0x75, 0x5e, 0x75, 0x6b, 0xb0, 0x6f,
457 0xc0, 0xb6, 0x5c, 0x0b, 0x93, 0xe7, 0x96, 0x94, 0x4c, 0x17, 0x97, 0xce, 0x4e, 0x2c, 0xe8, 0x48, 0xff, 0x89, 0xd5, 0x8c,
458 0x41, 0xe1, 0x0d, 0xed, 0xb2, 0x82, 0x7a, 0x75, 0x49, 0xbf, 0x0e, 0xf2, 0xec, 0x06, 0x8b, 0xa7, 0x86, 0xd8, 0x95, 0x4a,
459 0x3e, 0x5a, 0x78, 0xea, 0xf3, 0xee, 0xff, 0x5b, 0xc9, 0x21, 0x58, 0x88, 0x2c, 0x84, 0xab, 0x1f, 0x79, 0x07, 0xae, 0x98,
460 0x6a, 0xa0, 0xc9, 0x93, 0x3d, 0x74, 0x67, 0x43, 0x5b, 0x2d, 0xfb, 0x57, 0xc8, 0x24, 0x8e, 0xe6, 0x74, 0x0f, 0x11, 0x53,
461 0x8d, 0x2b, 0xd9, 0xa6, 0x44, 0x11, 0x32, 0xab, 0xec, 0x08, 0xe4, 0x63, 0xb3, 0x19, 0x5d, 0xd2, 0xff, 0x7d, 0x29, 0xb2,
462 0x4e, 0xc0, 0x44, 0x0b, 0xd2, 0x68, 0x4d, 0xc0, 0xbf, 0x24, 0xcd, 0x01, 0x26, 0x31, 0x52, 0xcf, 0x1c, 0x14, 0x8f, 0x70,
463 0x31, 0x1f, 0x68, 0x19, 0xfd, 0x81, 0x09, 0xef, 0xbd, 0xc0, 0xa7, 0xcd, 0xd9, 0x6c, 0xff, 0xf7, 0xb1, 0x11, 0xbb, 0xfa,
464 0x8b, 0x73, 0x22, 0xd9, 0x3a, 0x74, 0xa3, 0x49, 0x54, 0xd7, 0x52, 0x53, 0xd5, 0xaa, 0x1b, 0x72, 0xbd, 0xa6, 0x44, 0x7d,
465 0xed, 0x97, 0xe9, 0xfd, 0xcf, 0x26, 0x2b, 0x3c, 0x3a, 0x00, 0xf7, 0x3f, 0xf7, 0xdc, 0x91, 0x3a, 0x65, 0x5b, 0xcb, 0xba,
466 0x79, 0x5c, 0xb7, 0xfb, 0x79, 0x15, 0xe7, 0x7d, 0x1c, 0xd8, 0xf5, 0x89, 0x0f, 0xb1, 0x5e, 0x8d, 0x96, 0xa2, 0xef, 0x3f,
467 0x8d, 0x27, 0x38, 0x36, 0xd5, 0xcf, 0xe5, 0x67, 0xd0, 0xa9, 0xa5, 0xde, 0x16, 0xe7, 0xe7, 0x62, 0x04, 0x55, 0x66, 0xfd,
468 0x9f, 0xa4, 0x10, 0xcb, 0x30, 0x12, 0x10, 0x24, 0xb4, 0x7f, 0x63, 0x6a, 0x38, 0xd0, 0x9b, 0x77, 0x93, 0x27, 0xda, 0x72,
469 0xeb, 0xdb, 0x79, 0x26, 0x92, 0x60, 0xc5, 0x41, 0xb9, 0xe6, 0xce, 0x08, 0xaf, 0x3e, 0x0f, 0xe6, 0x8d, 0x17, 0x7e, 0x3b,
470 0xbc, 0x37, 0x57, 0x16, 0x54, 0xbe, 0x8c, 0x6a, 0xda, 0xb1, 0x7c, 0x46, 0xee, 0xc7, 0xed, 0x26, 0x76, 0x91, 0x01, 0xd5,
471 0x9c, 0x7b, 0xc2, 0xb7, 0x6f, 0x8c, 0xa1, 0xd1, 0x93, 0x50, 0x0c, 0x27, 0x0c, 0x74, 0xa4, 0x80, 0x7c, 0x3d, 0x28, 0x93,
472 0x21, 0xbe, 0xc9, 0x9f, 0xb5, 0x0a, 0xc8, 0x31, 0x12, 0x25, 0x90, 0x3f, 0x9a, 0x6d, 0x20, 0x02, 0xa0, 0xd6, 0x21, 0x53,
473 0x10, 0x55, 0x19, 0x48, 0x57, 0xf8, 0x2a, 0x48, 0xc4, 0xb5, 0xa1, 0x79, 0xac, 0x53, 0xbd, 0x2b, 0xde, 0x4d, 0xa4, 0x77,
474 0xe4, 0x1f, 0x87, 0x9f, 0x9f, 0xd1, 0x9c, 0x00, 0x8d, 0x7b, 0x83, 0x4a, 0xc4, 0x25, 0xf2, 0xb7, 0xfc, 0xb8, 0x0e, 0x97,
475 0x26, 0x70, 0x26, 0x89, 0x86, 0xe6, 0x15, 0xaa, 0x8f, 0x5e, 0x76, 0xb3, 0x3f, 0x8b, 0x01, 0xda, 0xf5, 0x99, 0x01, 0x32,
476 0xc3, 0x76, 0x19, 0x93, 0xca, 0xda, 0x27, 0xb1, 0x74, 0x0e, 0x84, 0x4b, 0x02, 0x4b, 0x50, 0x31, 0x64, 0x69, 0xd9, 0xa4,
477 0x21, 0x85, 0xfd, 0xab, 0x69, 0xf3, 0x66, 0x40, 0x43, 0x13, 0x4f, 0x58, 0xf5, 0x03, 0x3b, 0xc1, 0xea, 0x40, 0xeb, 0xe4,
478 0xca, 0x63, 0x29, 0xca, 0x41, 0x64, 0x7a, 0x0e, 0xb9, 0x46, 0xf2, 0xcb, 0xa0, 0xf3, 0x3e, 0x35, 0xaf, 0xe1, 0x81, 0xa9,
479 0xd3, 0x0c, 0xef, 0xe9, 0x2d, 0xc4, 0x10, 0x46, 0x24, 0xd0, 0x6d, 0xab, 0xb1, 0xd3, 0xe0, 0x4a, 0x43, 0xcd, 0x3f, 0xa4,
480 0xe4, 0xdc, 0x3e, 0x70, 0x07, 0x62, 0x93, 0x27, 0x32, 0x46, 0x57, 0x85, 0x45, 0x6a, 0xcf, 0x0d, 0xec, 0x08, 0xf0, 0x07,
481 0x6c, 0xb8, 0x87, 0xd1, 0xc5, 0xa3, 0xf0, 0xd6, 0xaf, 0x37, 0x09, 0xff, 0xbc, 0x15, 0x56, 0x60, 0xfc, 0x2a, 0xec, 0xbf,
482 0x8c, 0x22, 0x1c, 0xef, 0xaa, 0xfe, 0x6a, 0x42, 0xa0, 0x41, 0xdd, 0x8d, 0x7d, 0xa8, 0x74, 0xa8, 0xb4, 0xfc, 0x12, 0x2e,
483 0xf2, 0xe6, 0xbe, 0xa6, 0xbc, 0x31, 0x01, 0x40, 0xa4, 0x27, 0xc2, 0x75, 0xbb, 0x12, 0x91, 0xc9, 0x84, 0xa0, 0xd5, 0xff,
484 0xaa, 0x8d, 0x8f, 0x22, 0xd0, 0x05, 0x05, 0x63, 0xe1, 0xa3, 0xa0, 0xfc, 0x7d, 0xb4, 0xd9, 0x26, 0xcf, 0x77, 0x46, 0x36,
485 0x9a, 0xdd, 0x97, 0x8f, 0xc6, 0x79, 0x99, 0x81, 0x47, 0x91, 0x00, 0xe3, 0x88, 0xe4, 0x09, 0xca, 0xb9, 0x2c, 0x66, 0x70,
486 0xa2, 0x1c, 0xc7, 0xb9, 0xfe, 0xd3, 0x3e, 0x8f, 0x52, 0x5a, 0xfb, 0x63, 0x8d, 0x06, 0x36, 0xd9, 0x40, 0xf6, 0x4a, 0x99,
487 0xcf, 0xf6, 0x60, 0x02, 0xb2, 0xff, 0x81, 0x51, 0x44, 0xf7, 0x69, 0x7a, 0xc6, 0xf9, 0x6a, 0xe3, 0x3a, 0xc5, 0x11, 0xc3,
488 0x61, 0xe7, 0x09, 0xdd, 0x88, 0x04, 0x0c, 0x41, 0xbf, 0x41, 0x6e, 0x20, 0x5c, 0xf0, 0x6b, 0x3c, 0x57, 0x3b, 0x03, 0x16,
489 0x25, 0xc7, 0x39, 0x42, 0x4d, 0x32, 0x30, 0xd3, 0x12, 0xbf, 0x85, 0x3b, 0x90, 0x9a, 0x38, 0xe1, 0x6c, 0x32, 0x5b, 0xe5,
490 0xa0, 0x8e, 0xab, 0x7f, 0xcc, 0x36, 0x91, 0x7b, 0xd3, 0x45, 0x47, 0xa5, 0x14, 0x47, 0xb0, 0x0a, 0x0f, 0x29, 0xcd, 0xbc,
491 0x72, 0x2c, 0xc9, 0x47, 0xf4, 0xd7, 0x3e, 0x5c, 0x25, 0x85, 0x9b, 0x7d, 0xa9, 0xf7, 0xdc, 0xec, 0xfe, 0x7b, 0x6b, 0xad,
492 0x00, 0x24, 0xd2, 0x84, 0xd8, 0xd1, 0xc1, 0x2a, 0xde, 0x0d, 0x14, 0x46, 0x87, 0xa6, 0x83, 0x59, 0x6b, 0xde, 0x06, 0xf8,
493 0x1c, 0x81, 0x04, 0x3e, 0x14, 0xac, 0x9a, 0xe4, 0xc4, 0xe1, 0x51, 0xbb, 0xcf, 0xe0, 0xf5, 0xc3, 0x40, 0xdd, 0x1e, 0xae,
494 0x3e, 0x06, 0x45, 0x80, 0x7a, 0x6b, 0x07, 0x58, 0xc1, 0xcf, 0xb3, 0x22, 0xd4, 0xfe, 0xc0, 0x01, 0x86, 0x16, 0x48, 0x5a,
495 0x04, 0xe9, 0x3c, 0xa0, 0xdb, 0x2d, 0x57, 0xec, 0x6f, 0x83, 0x4e, 0x14, 0xcc, 0xf8, 0x01, 0x3b, 0x46, 0x6a, 0xec, 0xd0,
496 0xd3, 0x13, 0x29, 0xf5, 0x61, 0x38, 0x7a, 0x41, 0xd6, 0xca, 0x87, 0x4e, 0x91, 0x67, 0x3a, 0x7f, 0x4e, 0x1e, 0x40, 0x07,
497 0xad, 0x0d, 0x80, 0xac, 0x83, 0xd2, 0x4d, 0xee, 0xc6, 0x81, 0xab, 0x86, 0x58, 0xd0, 0x86, 0x3e, 0x97, 0x95, 0xef, 0xec,
498 0xbe, 0xd6, 0xe9, 0xc1, 0xce, 0x2e, 0xa5, 0xd1, 0x71, 0x1c, 0x7e, 0xb9, 0xa4, 0x5f, 0xcc, 0x12, 0x96, 0x13, 0x50, 0x6d,
499 0x07, 0x8c, 0xa3, 0xa5, 0x40, 0x73, 0xb3, 0x90, 0x70, 0x92, 0x4b, 0x48, 0x95, 0xb7, 0x38, 0x72, 0xe3, 0x9c, 0x1d, 0x1d,
500 0x6b, 0x4a, 0x29, 0xf3, 0xf5, 0x77, 0xfb, 0x5e, 0x44, 0x4e, 0x2b, 0xec, 0xc2, 0x65, 0xd2, 0x4c, 0x6c, 0xad, 0xac, 0xb7,
501 0x64, 0x9a, 0xd2, 0xbf, 0x10, 0x53, 0xdd, 0x2d, 0x48, 0x55, 0x45, 0x9d, 0x64, 0x1d, 0x00, 0x15, 0xd2, 0x20, 0x15, 0x9f,
502 0xcf, 0xc0, 0x72, 0x20, 0xec, 0xf3, 0x55, 0x86, 0x36, 0x8b, 0xac, 0x8f, 0x71, 0x04, 0xc5, 0x17, 0x3b, 0x98, 0x8d, 0x96,
503 0xd9, 0x56, 0x1c, 0x48, 0x5f, 0xd4, 0x32, 0x3d, 0x41, 0x94, 0x54, 0x7b, 0xa8, 0x44, 0xfd, 0x99, 0x9e, 0xbb, 0x22, 0x6d,
504 0x36, 0x57, 0x86, 0x19, 0xc5, 0x09, 0x73, 0x5e, 0x4a, 0xb7, 0x99, 0x2c, 0x51, 0x9d, 0xf3, 0x0e, 0x40, 0x82, 0x9a, 0xc3,
505 0x5e, 0x00, 0x85, 0xf1, 0xa1, 0xe0, 0xe7, 0xf2, 0xcd, 0x7d, 0x6a, 0x3a, 0x10, 0x42, 0x1d, 0x95, 0xb1, 0xc5, 0x9e, 0x76,
506 0x2a, 0x22, 0x00, 0x48, 0x52, 0x07, 0xc7, 0x49, 0xab, 0xa1, 0xd5, 0xa6, 0xe2, 0xc5, 0x51, 0x47, 0x31, 0x80, 0x37, 0xbd,
507 0xb6, 0x91, 0xab, 0xa3, 0x9c, 0xee, 0x9c, 0x1e, 0x69, 0xc7, 0x15, 0x29, 0xf5, 0x8f, 0x12, 0x4f, 0xf4, 0x99, 0xaf, 0x58,
508 0x68, 0x5b, 0x2e, 0x0d, 0x99, 0x25, 0x13, 0xc1, 0xe4, 0xe7, 0x7f, 0x58, 0x16, 0xaa, 0x02, 0xf1, 0xce, 0xde, 0x90, 0x33,
509 0x80, 0x5b, 0xb3, 0xdb, 0xb6, 0x6b, 0xda, 0x77, 0x4b, 0x45, 0xff, 0x73, 0x27, 0x02, 0x79, 0xb3, 0x01, 0xe9, 0x11, 0x64,
510 0x0b, 0x93, 0x17, 0xd5, 0x71, 0x23, 0xdb, 0x2d, 0xbd, 0x06, 0xb5, 0x8a, 0x1e, 0xfd, 0x13, 0xe4, 0x0c, 0xfb, 0x5f, 0xd5,
511 0x68, 0x04, 0xd7, 0xd2, 0xeb, 0x63, 0xc2, 0x2f, 0x7d, 0xfe, 0x9b, 0x24, 0x92, 0xb7, 0x46, 0xab, 0x0e, 0x7c, 0x15, 0xfa,
512 0x0d, 0x1a, 0xdc, 0x65, 0x99, 0xdb, 0xa1, 0x6f, 0x55, 0x90, 0x76, 0xb5, 0x20, 0x8b, 0x6f, 0x31, 0x62, 0x30, 0x3b, 0x06,
513 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14, 0x31, 0x2e, 0x1e, 0x2c, 0x00, 0x54, 0x00, 0x65, 0x00, 0x73,
514 0x00, 0x74, 0x00, 0x2d, 0x00, 0x53, 0x00, 0x69, 0x00, 0x67, 0x00, 0x6e, 0x00, 0x4f, 0x00, 0x6e, 0x00, 0x6c, 0x00, 0x79,
515 0x00, 0x20, 0x00, 0x28, 0x00, 0x53, 0x00, 0x2f, 0x00, 0x4d, 0x00, 0x49, 0x00, 0x4d, 0x00, 0x45, 0x00, 0x29, 0x30, 0x23,
516 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x15, 0x31, 0x16, 0x04, 0x14, 0x60, 0x94, 0x0b, 0x09, 0xd9,
517 0x9c, 0x09, 0x22, 0xc2, 0x15, 0x0e, 0xf8, 0x47, 0x4c, 0x8f, 0xbe, 0xaa, 0x65, 0x51, 0x76, 0x30, 0x30, 0x30, 0x21, 0x30,
518 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x76, 0xa4, 0x2d, 0xf1, 0x67, 0x61, 0x56, 0x63,
519 0xd0, 0x39, 0x34, 0xe3, 0xb4, 0x1c, 0x96, 0xa3, 0xc0, 0x5a, 0xf7, 0xff, 0x04, 0x08, 0x06, 0xe1, 0x19, 0x07, 0xbf, 0xf2,
520 0xb9, 0xbf, 0x02, 0x01, 0x01
521 };
522 unsigned int test_sign_only_smime_p12_len = 2785;
523
524
525 /* Test SSL User identity (PKCS12 data), expires in 2026
526 */
527 unsigned char Test_ssl_user_p12[] = {
528 0x30, 0x82, 0x0a, 0x83, 0x02, 0x01, 0x03, 0x30, 0x82, 0x0a, 0x4a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
529 0x07, 0x01, 0xa0, 0x82, 0x0a, 0x3b, 0x04, 0x82, 0x0a, 0x37, 0x30, 0x82, 0x0a, 0x33, 0x30, 0x82, 0x04, 0xbf, 0x06, 0x09,
530 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06, 0xa0, 0x82, 0x04, 0xb0, 0x30, 0x82, 0x04, 0xac, 0x02, 0x01, 0x00,
531 0x30, 0x82, 0x04, 0xa5, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c, 0x06, 0x0a, 0x2a,
532 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06, 0x30, 0x0e, 0x04, 0x08, 0xe2, 0xcf, 0xcc, 0x9d, 0x17, 0xcd, 0x62,
533 0xa4, 0x02, 0x02, 0x08, 0x00, 0x80, 0x82, 0x04, 0x78, 0xe0, 0x0c, 0xd8, 0xf5, 0x7c, 0xf7, 0x2f, 0x1e, 0xbf, 0x95, 0x6b,
534 0xc1, 0x43, 0x35, 0x3e, 0x8d, 0xdf, 0x65, 0x9b, 0xd8, 0xa0, 0xb2, 0x86, 0xec, 0x38, 0x39, 0x04, 0x72, 0x39, 0x3b, 0xf1,
535 0x5c, 0x1d, 0x1c, 0xac, 0xe6, 0x67, 0xea, 0xce, 0xb2, 0x15, 0xe5, 0xd4, 0xee, 0xe8, 0xf1, 0xad, 0x45, 0x75, 0x6a, 0x07,
536 0xbd, 0xe5, 0x2b, 0x55, 0x89, 0x24, 0xed, 0x65, 0xc7, 0x8e, 0x50, 0xf8, 0x38, 0xef, 0x9c, 0x79, 0x1b, 0xb7, 0xb5, 0x34,
537 0x32, 0x36, 0xa9, 0x1a, 0x65, 0x0f, 0xc4, 0x22, 0x9c, 0x9f, 0xd8, 0x70, 0xe9, 0x8e, 0x59, 0x88, 0x95, 0x86, 0xb0, 0x2c,
538 0xb2, 0xc5, 0x4d, 0x5a, 0x3d, 0x6a, 0xbf, 0x1a, 0x3a, 0x60, 0xbe, 0xde, 0x33, 0xb4, 0x21, 0x86, 0x8b, 0x02, 0x38, 0xf4,
539 0x77, 0x7e, 0x40, 0x9f, 0x0c, 0x55, 0xed, 0x76, 0xfd, 0x60, 0x70, 0x94, 0x3e, 0xf9, 0x01, 0x42, 0xa7, 0x84, 0x0f, 0xfd,
540 0xc0, 0x93, 0x4e, 0xe2, 0x78, 0x13, 0x5d, 0x56, 0x1a, 0x76, 0xf0, 0x99, 0x34, 0x92, 0x0c, 0x3f, 0x19, 0x81, 0x5c, 0x0a,
541 0x6b, 0xcc, 0x19, 0x65, 0x06, 0x88, 0xc9, 0x9c, 0x76, 0xaa, 0xa2, 0x0c, 0x5c, 0x4a, 0x38, 0xcf, 0x6d, 0x79, 0xf6, 0xde,
542 0x39, 0x7a, 0xc9, 0xe6, 0x6c, 0x42, 0xfe, 0xaa, 0xc4, 0xc0, 0x62, 0xa3, 0xda, 0xe1, 0x08, 0x86, 0x79, 0x2d, 0x80, 0x6a,
543 0x5f, 0xa9, 0x79, 0x43, 0xfe, 0xfc, 0xed, 0x08, 0xb3, 0x80, 0x91, 0xa6, 0xe7, 0x9a, 0xc8, 0x77, 0xc7, 0x4c, 0x7e, 0x6a,
544 0x79, 0x76, 0x9f, 0x28, 0x0f, 0x24, 0xd2, 0xee, 0x5e, 0x4f, 0x76, 0xe8, 0xa9, 0xd3, 0x1a, 0xf1, 0xe4, 0x0d, 0xb8, 0x26,
545 0x95, 0x63, 0xd3, 0x59, 0xfb, 0x03, 0x08, 0xea, 0x59, 0x4e, 0xe2, 0x6d, 0x74, 0x47, 0xa2, 0x8b, 0x1c, 0x21, 0x9f, 0x1c,
546 0x68, 0x54, 0x76, 0x78, 0x8a, 0xfa, 0xa3, 0x65, 0x87, 0xd4, 0x6c, 0x16, 0x38, 0xaa, 0xc9, 0x11, 0x58, 0x25, 0x05, 0xba,
547 0x68, 0x92, 0xd8, 0x06, 0x85, 0x19, 0x1e, 0xcc, 0xdb, 0x07, 0x27, 0xa8, 0xe9, 0xec, 0xfb, 0xb9, 0xbd, 0x5e, 0x67, 0x22,
548 0xae, 0xcd, 0xbd, 0xe6, 0xdc, 0x8d, 0x5a, 0xf2, 0x3c, 0xf4, 0x06, 0xa6, 0x0e, 0x98, 0xfc, 0xec, 0x64, 0x05, 0xb8, 0xa5,
549 0xfe, 0x5b, 0x27, 0x41, 0x90, 0xe4, 0x2c, 0x93, 0x38, 0xec, 0xc6, 0xa2, 0x08, 0xe4, 0xab, 0xb2, 0xb5, 0x7b, 0xa6, 0xe0,
550 0x89, 0x97, 0xb6, 0xc0, 0xd4, 0xa8, 0x1f, 0xcb, 0xf4, 0xc6, 0x59, 0xcd, 0xaa, 0x99, 0x40, 0xc6, 0x41, 0x18, 0x3a, 0x95,
551 0x3a, 0x71, 0x06, 0x5c, 0x0d, 0x4c, 0xdf, 0xc2, 0x37, 0x37, 0x78, 0x33, 0x5d, 0x35, 0x7c, 0x0e, 0x33, 0x7c, 0xfd, 0x97,
552 0x18, 0x07, 0xad, 0x54, 0xf0, 0x83, 0xed, 0x20, 0x6c, 0x8a, 0x28, 0x48, 0x29, 0x5c, 0x2c, 0x61, 0x25, 0x87, 0x0b, 0xfc,
553 0x96, 0x8a, 0x51, 0x74, 0x8d, 0x21, 0x0b, 0x6d, 0x6a, 0x88, 0x6c, 0xa5, 0xc0, 0xd7, 0x9a, 0xe7, 0x16, 0x49, 0x66, 0xbf,
554 0xb3, 0x96, 0x73, 0x4d, 0x61, 0x9e, 0x7f, 0x3b, 0x6d, 0x37, 0x5d, 0x31, 0x3f, 0x00, 0x5c, 0x92, 0x20, 0x6e, 0xab, 0x25,
555 0xb3, 0xe9, 0x7a, 0xba, 0xeb, 0xaa, 0x9e, 0xb4, 0xdb, 0xf5, 0x85, 0x51, 0x71, 0xed, 0x5e, 0x4d, 0x04, 0xdc, 0x4d, 0x5d,
556 0x0d, 0x24, 0x74, 0xa4, 0xaf, 0x30, 0x3f, 0x82, 0x0c, 0xe3, 0xfa, 0x21, 0x82, 0x25, 0x29, 0xda, 0x0f, 0x4b, 0x2e, 0x1c,
557 0xb2, 0x06, 0xe7, 0x36, 0x56, 0xb7, 0x4c, 0xf6, 0x37, 0x2c, 0x80, 0xa3, 0x21, 0xdc, 0x3b, 0xa5, 0xed, 0x24, 0x0e, 0x69,
558 0x15, 0xc2, 0x96, 0x0b, 0xa2, 0x72, 0x7a, 0xa4, 0xf8, 0xab, 0x6b, 0xa4, 0xa5, 0x7e, 0x6e, 0x3a, 0xf3, 0x4d, 0x92, 0xba,
559 0x90, 0xf0, 0x9d, 0x20, 0x9f, 0xf4, 0x5c, 0xf6, 0x44, 0x74, 0x6a, 0xc3, 0xc4, 0xed, 0x6d, 0x95, 0x81, 0x53, 0x60, 0xb4,
560 0x80, 0xf4, 0xd3, 0x5f, 0xad, 0xb6, 0x57, 0x9c, 0xb7, 0x59, 0xcc, 0x51, 0x54, 0x5f, 0x67, 0x32, 0x69, 0x63, 0x80, 0x77,
561 0x03, 0x23, 0x07, 0x4f, 0xff, 0x27, 0xd4, 0x52, 0xce, 0xac, 0xba, 0xd5, 0x8d, 0xab, 0xf8, 0xc9, 0x48, 0x01, 0xf7, 0xea,
562 0xf7, 0x76, 0x2e, 0xbc, 0xdd, 0x7b, 0x7f, 0x60, 0x12, 0x72, 0x4f, 0x04, 0x0e, 0x93, 0x5e, 0x7e, 0x15, 0x09, 0x2b, 0xa1,
563 0x2c, 0xa5, 0x9d, 0x36, 0xd4, 0xbf, 0x5c, 0xb1, 0x19, 0xd4, 0x0e, 0x00, 0x0e, 0x05, 0x7a, 0x84, 0xb0, 0xba, 0xe9, 0x8e,
564 0x15, 0x0a, 0xad, 0x4d, 0x8d, 0x1e, 0xff, 0x10, 0x01, 0x43, 0xbf, 0xa9, 0xbf, 0x3b, 0xdf, 0x86, 0x6b, 0xef, 0x86, 0x63,
565 0xfa, 0x9e, 0x28, 0xda, 0xb7, 0x03, 0x2b, 0x0b, 0xce, 0x12, 0x5f, 0xd8, 0x42, 0xfc, 0x4f, 0x63, 0x93, 0xbe, 0xef, 0x11,
566 0x73, 0xd4, 0xc0, 0xbc, 0x23, 0xc2, 0x99, 0xbc, 0x29, 0xe1, 0xd7, 0x4d, 0xc2, 0xe8, 0x3e, 0xb0, 0xaa, 0x96, 0xed, 0xf8,
567 0x48, 0x20, 0x3d, 0xa6, 0xed, 0xc6, 0xa2, 0x8f, 0x89, 0x45, 0x70, 0xbf, 0xf7, 0xee, 0x6f, 0x2a, 0xd1, 0x93, 0xce, 0xad,
568 0x55, 0xfe, 0xe9, 0xa8, 0xfc, 0x94, 0x24, 0x91, 0x98, 0x0a, 0xac, 0x90, 0xa6, 0xa7, 0x27, 0x05, 0x55, 0xb3, 0x3e, 0xa7,
569 0x08, 0xb0, 0x4b, 0x31, 0xb5, 0xe8, 0x9f, 0x67, 0x74, 0x73, 0x3c, 0x42, 0x84, 0x67, 0x84, 0x97, 0x95, 0x33, 0x00, 0xfe,
570 0x69, 0x61, 0x52, 0x05, 0x4c, 0x8b, 0x65, 0x8e, 0x00, 0xf8, 0xd8, 0xe3, 0x40, 0x66, 0x04, 0x06, 0x09, 0x05, 0x93, 0x49,
571 0x18, 0xa5, 0x41, 0x6f, 0xc3, 0x28, 0xaf, 0x30, 0xaf, 0x43, 0xaa, 0x74, 0x73, 0x9f, 0xdc, 0x58, 0x83, 0xe9, 0x42, 0xa8,
572 0x16, 0xdd, 0xce, 0xf9, 0xbe, 0xe9, 0x33, 0xf8, 0xbf, 0x51, 0x08, 0x25, 0xdf, 0x7a, 0xbe, 0x00, 0x8a, 0xd6, 0x82, 0xf3,
573 0xdb, 0xd0, 0x21, 0x48, 0x5c, 0xd5, 0xea, 0x86, 0xd7, 0xff, 0xe0, 0x2f, 0x93, 0xfc, 0x3e, 0xc8, 0xdd, 0xb8, 0x3e, 0x79,
574 0xd4, 0x22, 0xa3, 0xaa, 0xeb, 0x47, 0xec, 0xaf, 0xd8, 0xf1, 0xa8, 0x71, 0x7e, 0xae, 0x85, 0xff, 0xe1, 0x98, 0x7f, 0x59,
575 0x88, 0x1d, 0xaa, 0x11, 0x89, 0xbe, 0x6e, 0x4e, 0xdc, 0x77, 0xf4, 0xe1, 0x14, 0xcc, 0x1c, 0xd4, 0x8a, 0xc3, 0x0c, 0xff,
576 0xb9, 0x12, 0xc1, 0xf3, 0xb6, 0xcc, 0xa2, 0x01, 0x49, 0xad, 0x59, 0x47, 0x17, 0x4a, 0x1a, 0x90, 0xd0, 0x77, 0x77, 0x3e,
577 0xad, 0xdd, 0x58, 0x08, 0x40, 0x92, 0xb6, 0xcf, 0x84, 0x64, 0x72, 0x84, 0x8d, 0x98, 0x9f, 0x64, 0x28, 0x45, 0x1a, 0xb0,
578 0x88, 0x08, 0xaa, 0x7b, 0x11, 0x15, 0x08, 0xc3, 0x56, 0xa5, 0x0d, 0x7e, 0x04, 0x37, 0xe0, 0x62, 0xbb, 0x34, 0xe9, 0x84,
579 0xb2, 0xd0, 0x1a, 0xec, 0xa9, 0x74, 0x9b, 0xf1, 0x0e, 0x30, 0x84, 0xb0, 0x62, 0x17, 0x92, 0x31, 0x0c, 0x11, 0x9e, 0xa0,
580 0xa7, 0x48, 0x9a, 0xd7, 0xa4, 0x29, 0x05, 0xea, 0xf4, 0x11, 0x21, 0xdd, 0x8e, 0x9b, 0x79, 0x4a, 0x9b, 0x5c, 0xeb, 0x8b,
581 0x55, 0x0b, 0x0d, 0x0d, 0x7e, 0xe0, 0x79, 0x2f, 0x03, 0x52, 0xec, 0x4c, 0x63, 0xa0, 0xa8, 0xc2, 0x66, 0x63, 0xda, 0x18,
582 0xad, 0x93, 0xde, 0xb3, 0xb1, 0xe8, 0x08, 0xf8, 0x98, 0x5d, 0x19, 0x40, 0xae, 0xcd, 0x3e, 0xcd, 0x82, 0x09, 0x0c, 0x05,
583 0x5b, 0x84, 0x77, 0xd4, 0xf8, 0x1b, 0x53, 0xa6, 0xf0, 0x93, 0x85, 0x9c, 0x79, 0x43, 0x71, 0x4c, 0x8f, 0x66, 0x05, 0x7f,
584 0xc4, 0x20, 0x95, 0xfe, 0x1b, 0xd6, 0xf4, 0x2d, 0x4d, 0x42, 0xc6, 0x7f, 0x69, 0x69, 0x1e, 0xad, 0xf5, 0x26, 0xdf, 0x85,
585 0x26, 0xed, 0xf3, 0xe1, 0x5c, 0x1a, 0x86, 0x03, 0xbe, 0xd8, 0x96, 0x77, 0x52, 0xd5, 0x4a, 0xb4, 0xf5, 0xfc, 0x0a, 0xb0,
586 0xee, 0xb5, 0x21, 0x8c, 0xa4, 0x56, 0xf9, 0xf9, 0x05, 0x27, 0x49, 0x2d, 0x5d, 0x11, 0xac, 0xa5, 0x33, 0xe6, 0x55, 0x73,
587 0x54, 0xb9, 0xd1, 0x2a, 0xf8, 0x9a, 0x1d, 0xd3, 0x30, 0x90, 0x41, 0x3f, 0x0c, 0xf1, 0x0c, 0xa9, 0xae, 0xd0, 0x4d, 0xec,
588 0x66, 0x66, 0xc8, 0xb5, 0x57, 0xbc, 0xf4, 0xc0, 0xeb, 0x23, 0xb9, 0xc8, 0x8b, 0x43, 0x70, 0x96, 0x2e, 0x20, 0x14, 0x3a,
589 0x70, 0x3a, 0xf7, 0x83, 0xa9, 0x7b, 0x80, 0x6d, 0xc4, 0x76, 0xa5, 0x83, 0xf0, 0x55, 0xa0, 0x78, 0xc4, 0x7f, 0xc4, 0xae,
590 0xf0, 0xa9, 0x65, 0x5c, 0xd5, 0xda, 0xe1, 0xe1, 0x90, 0xb8, 0xa6, 0x07, 0x2e, 0x30, 0x82, 0x05, 0x6c, 0x06, 0x09, 0x2a,
591 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x05, 0x5d, 0x04, 0x82, 0x05, 0x59, 0x30, 0x82, 0x05, 0x55,
592 0x30, 0x82, 0x05, 0x51, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x04,
593 0xee, 0x30, 0x82, 0x04, 0xea, 0x30, 0x1c, 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30,
594 0x0e, 0x04, 0x08, 0x33, 0x8e, 0xe4, 0x7e, 0x74, 0x9d, 0xf7, 0xfa, 0x02, 0x02, 0x08, 0x00, 0x04, 0x82, 0x04, 0xc8, 0x10,
595 0x10, 0x9b, 0xe5, 0xa8, 0xe1, 0x82, 0x43, 0x54, 0xc5, 0xda, 0xfb, 0x4b, 0x57, 0x45, 0xd3, 0x38, 0xfe, 0x8f, 0x95, 0xf7,
596 0x86, 0x7f, 0x50, 0x15, 0x3a, 0x1a, 0xee, 0xcf, 0x8a, 0xa4, 0x67, 0x2a, 0x62, 0x1e, 0x2d, 0x05, 0xab, 0x21, 0x93, 0xdc,
597 0x37, 0xe3, 0xdb, 0x5c, 0xb9, 0x86, 0x7c, 0x78, 0xab, 0x62, 0x1a, 0xea, 0x7d, 0x51, 0x01, 0x72, 0x3f, 0xcd, 0x40, 0x0b,
598 0x97, 0xae, 0x89, 0xe3, 0x97, 0x81, 0x0e, 0x1f, 0x27, 0x36, 0x46, 0x7b, 0x17, 0xd3, 0xe3, 0x93, 0x8c, 0xde, 0xc3, 0xf1,
599 0x05, 0x0f, 0x0c, 0x40, 0x45, 0x53, 0xe9, 0xf5, 0xa9, 0x42, 0xc9, 0x22, 0x8e, 0xa5, 0xd0, 0x3b, 0xbe, 0xf0, 0x1e, 0x39,
600 0x11, 0xc5, 0xf7, 0x19, 0x27, 0x65, 0x56, 0xb4, 0x4d, 0xe8, 0xee, 0xd3, 0x81, 0x21, 0xb4, 0x43, 0x9d, 0x82, 0x24, 0x03,
601 0x81, 0x06, 0xc5, 0xe2, 0x9c, 0x4e, 0x10, 0x4c, 0x5d, 0xda, 0x1a, 0xc0, 0x8b, 0x54, 0x42, 0x3f, 0x6a, 0x9c, 0x9e, 0xad,
602 0xfd, 0xce, 0x62, 0x30, 0xb9, 0xaf, 0x99, 0xc8, 0xea, 0xd7, 0x3c, 0x8d, 0x81, 0x9a, 0xa4, 0x13, 0x11, 0x56, 0x6a, 0x99,
603 0x18, 0x40, 0x95, 0x65, 0x61, 0x54, 0x94, 0x91, 0x69, 0x37, 0x99, 0xa5, 0xd1, 0xce, 0x76, 0x3d, 0x63, 0x52, 0xb9, 0x8a,
604 0x4e, 0xcb, 0x21, 0x8f, 0x6b, 0xe3, 0xe1, 0x2a, 0x6d, 0xdc, 0x58, 0xf7, 0x1b, 0x9b, 0x9b, 0xa1, 0x6a, 0xe4, 0x60, 0xc6,
605 0x6b, 0x55, 0x35, 0x8c, 0x90, 0xfe, 0x12, 0xe2, 0x4a, 0xd3, 0x5d, 0x55, 0xd1, 0x19, 0x47, 0xcd, 0x3a, 0x74, 0xfb, 0xc8,
606 0xfe, 0xb1, 0x82, 0xe9, 0x50, 0xb9, 0x80, 0x77, 0x4a, 0x18, 0xc5, 0xe0, 0x3d, 0x45, 0xe8, 0xf7, 0xd3, 0x96, 0x0f, 0x88,
607 0x09, 0xf0, 0x49, 0xe7, 0xcf, 0x44, 0xfd, 0xe8, 0x33, 0x22, 0x98, 0x7f, 0x06, 0x1b, 0xf7, 0x54, 0xf6, 0xd1, 0xd1, 0x05,
608 0xa8, 0x17, 0x94, 0x41, 0xbf, 0x2b, 0x80, 0xca, 0x41, 0xc5, 0xdc, 0xeb, 0xee, 0x1b, 0xad, 0xbe, 0xae, 0xcf, 0x67, 0x9b,
609 0xfb, 0x88, 0x3d, 0xc0, 0x70, 0xb2, 0xbe, 0x16, 0x7c, 0x35, 0xa9, 0xc5, 0xdc, 0xa0, 0x2d, 0x0a, 0x59, 0x9a, 0x59, 0x51,
610 0x76, 0x35, 0x85, 0x8f, 0xc7, 0xf7, 0x56, 0x0c, 0xdc, 0xc6, 0xe4, 0x6a, 0xe8, 0x26, 0x6f, 0xd4, 0x4e, 0x0a, 0xa5, 0x99,
611 0x3b, 0xcc, 0x0a, 0xa3, 0x44, 0x24, 0x31, 0x28, 0x4f, 0x84, 0xeb, 0x5b, 0x00, 0xf4, 0xa2, 0xf0, 0xdd, 0xfe, 0xe0, 0x57,
612 0x5a, 0x9a, 0xc0, 0x64, 0x9f, 0x9c, 0x5e, 0xf8, 0x42, 0x74, 0x54, 0xe8, 0xc4, 0x3b, 0x70, 0xe3, 0xd3, 0x08, 0x9e, 0x13,
613 0xbd, 0xeb, 0x5f, 0x01, 0xe6, 0x08, 0xb8, 0x6a, 0xae, 0xe8, 0xe3, 0x9a, 0x89, 0x29, 0xb8, 0x2d, 0xb3, 0x29, 0x19, 0xee,
614 0x6e, 0x3d, 0x66, 0xa1, 0x04, 0xbb, 0x17, 0xe1, 0x5b, 0xb7, 0xaa, 0x87, 0x76, 0xe5, 0x88, 0x6c, 0x24, 0x26, 0xdf, 0x69,
615 0x6b, 0x40, 0xd6, 0x42, 0x13, 0xc4, 0x0a, 0x09, 0xfb, 0x92, 0x41, 0x34, 0x85, 0x6a, 0xd9, 0xb2, 0xa6, 0x3b, 0xb2, 0xbd,
616 0xae, 0x50, 0x9a, 0x1a, 0xc4, 0xe1, 0xd7, 0x86, 0x3c, 0xb9, 0xf5, 0x5f, 0x99, 0x2a, 0x2a, 0xfb, 0x64, 0x2e, 0x33, 0xb2,
617 0x2b, 0xb5, 0x0b, 0x87, 0x19, 0x7f, 0xc1, 0xfa, 0xa3, 0x0f, 0x8c, 0xff, 0xda, 0x64, 0x48, 0xa7, 0xe8, 0x85, 0x10, 0x2a,
618 0x61, 0x1d, 0x59, 0xf8, 0x1b, 0x46, 0x8a, 0x7a, 0xa2, 0x44, 0x90, 0xd9, 0x1d, 0xe6, 0xe7, 0x69, 0x53, 0x1c, 0xd6, 0x02,
619 0x27, 0x2c, 0x86, 0xed, 0xbc, 0xe8, 0xf8, 0xb9, 0xbd, 0x8c, 0xd4, 0x12, 0xf0, 0xb9, 0x66, 0x61, 0xf8, 0xda, 0x7c, 0x7c,
620 0xb6, 0x72, 0xa4, 0xd6, 0xd8, 0x84, 0x0b, 0x06, 0x85, 0x25, 0x5e, 0xf8, 0x4d, 0xad, 0xcc, 0x60, 0x00, 0x61, 0xf0, 0xf0,
621 0x38, 0x65, 0xe5, 0x4e, 0xfc, 0xd3, 0x8b, 0x3e, 0xae, 0xf1, 0x29, 0x2e, 0x9f, 0xb1, 0x59, 0x0c, 0x65, 0x03, 0x2e, 0x1f,
622 0x95, 0xd8, 0x07, 0x19, 0x3d, 0x85, 0x27, 0xfa, 0xc5, 0x35, 0xec, 0x69, 0xda, 0x2f, 0x9e, 0x40, 0xa7, 0x5c, 0x0b, 0xed,
623 0xac, 0xc4, 0x99, 0xa3, 0x63, 0xef, 0x73, 0x24, 0x9c, 0x43, 0x1c, 0x45, 0x36, 0xb9, 0x33, 0xf4, 0x2e, 0xbd, 0x7e, 0xb6,
624 0xf0, 0xd1, 0xf6, 0x86, 0xf4, 0x2c, 0x1d, 0xc2, 0xc6, 0x62, 0xcf, 0x6d, 0x70, 0x89, 0x9f, 0x36, 0x26, 0xbe, 0xa3, 0x4b,
625 0x23, 0x00, 0xbc, 0x62, 0x85, 0x35, 0xa4, 0x25, 0x23, 0xae, 0x60, 0x82, 0x02, 0x25, 0xfd, 0x5b, 0x6a, 0xa1, 0x6b, 0x1b,
626 0xcf, 0x42, 0x40, 0xca, 0xee, 0x95, 0x08, 0xd4, 0x5b, 0xa7, 0xc8, 0x29, 0x0b, 0xea, 0xe3, 0x19, 0xb4, 0x85, 0xb7, 0x0d,
627 0xcf, 0x3a, 0x0f, 0x51, 0x15, 0x84, 0x4a, 0x1d, 0xad, 0x7f, 0xd0, 0x41, 0x93, 0x10, 0x31, 0xb1, 0x54, 0xfb, 0x19, 0xad,
628 0x96, 0x09, 0xb8, 0x65, 0x3f, 0xe2, 0x57, 0x40, 0xb5, 0x0c, 0xc9, 0x89, 0x52, 0x56, 0x10, 0xda, 0xe0, 0x10, 0x18, 0x91,
629 0xbb, 0xe2, 0xe3, 0x2c, 0x8e, 0xd7, 0x43, 0x7a, 0xdc, 0xbb, 0x76, 0x67, 0x25, 0x9c, 0x81, 0xec, 0x59, 0x7c, 0xdc, 0xea,
630 0x02, 0x29, 0x80, 0xdf, 0x20, 0xaf, 0xba, 0x26, 0xe1, 0x49, 0xcf, 0x7e, 0x69, 0x36, 0x77, 0xad, 0x0b, 0xcc, 0x7d, 0x10,
631 0x3f, 0x31, 0x60, 0x0e, 0x17, 0x36, 0x8c, 0xbd, 0x4d, 0x80, 0xe8, 0xe7, 0x7a, 0x7a, 0x1e, 0x17, 0x77, 0x79, 0x9a, 0x1f,
632 0xd7, 0x2f, 0x76, 0xf2, 0x4a, 0x52, 0xd9, 0x9f, 0x02, 0x2c, 0xc7, 0xd5, 0x0f, 0x05, 0x8b, 0x59, 0xd9, 0x13, 0xdc, 0x57,
633 0xbb, 0x56, 0xd0, 0xc4, 0x13, 0xac, 0x34, 0x05, 0x19, 0x92, 0xb6, 0x18, 0x12, 0x26, 0xe1, 0xe6, 0xe9, 0x8d, 0x6a, 0xad,
634 0x83, 0x95, 0xcf, 0x7f, 0x91, 0xad, 0xe3, 0x9f, 0x15, 0x05, 0x95, 0x96, 0x8d, 0x80, 0xc3, 0x13, 0x09, 0xac, 0xa4, 0xd9,
635 0xfe, 0xb1, 0xb3, 0x9d, 0x94, 0x49, 0xb9, 0x2d, 0x84, 0x64, 0x4d, 0x75, 0xb8, 0x58, 0x75, 0xec, 0x30, 0x0a, 0xf7, 0x96,
636 0xf3, 0xc8, 0x19, 0xa8, 0xbd, 0x62, 0x14, 0x00, 0xb4, 0x26, 0x35, 0x3f, 0x78, 0x43, 0xb1, 0xab, 0x8f, 0xab, 0xa1, 0xf3,
637 0x43, 0x87, 0xb3, 0x88, 0x1f, 0xc1, 0x89, 0x6c, 0xcf, 0x1f, 0x38, 0x1c, 0xe0, 0x68, 0xcc, 0x93, 0x46, 0x8c, 0xde, 0x4c,
638 0x2c, 0x27, 0x6d, 0xb6, 0x91, 0xa8, 0xc5, 0xee, 0xf7, 0x47, 0x17, 0x5a, 0x11, 0xb2, 0x3a, 0xbc, 0x35, 0xee, 0x05, 0xc3,
639 0x17, 0x63, 0x69, 0x77, 0xbd, 0x43, 0x80, 0x71, 0xe9, 0xd6, 0x8c, 0xdd, 0xef, 0x0a, 0xf8, 0x59, 0x1d, 0x61, 0xd6, 0x19,
640 0x64, 0x71, 0xe7, 0x3c, 0x36, 0xd8, 0x07, 0x5d, 0x6c, 0x0f, 0x28, 0x99, 0xa6, 0x9e, 0x01, 0x1b, 0x4c, 0x9a, 0x5f, 0xde,
641 0x96, 0xb0, 0x61, 0x0a, 0x9c, 0xeb, 0x2a, 0x29, 0x09, 0x1b, 0xaa, 0x62, 0x75, 0x5e, 0xd5, 0x9f, 0xe1, 0x12, 0x69, 0xa2,
642 0x1d, 0xbd, 0x97, 0x10, 0xdd, 0x62, 0xf9, 0x27, 0x47, 0xf2, 0x64, 0x12, 0xce, 0x95, 0xc0, 0xdc, 0xd6, 0x92, 0x48, 0xb4,
643 0xb2, 0x18, 0x78, 0x2e, 0xaf, 0xb0, 0xd7, 0x48, 0x98, 0x29, 0x1b, 0xb9, 0x50, 0xf7, 0x95, 0x26, 0x53, 0xc4, 0xd6, 0x6f,
644 0x26, 0x5f, 0x95, 0x9f, 0x51, 0xf3, 0x96, 0xbc, 0xca, 0xff, 0x0d, 0x8a, 0x69, 0xa5, 0xb0, 0x82, 0x02, 0x3e, 0x77, 0xb7,
645 0x87, 0xea, 0x2a, 0xc0, 0x2e, 0xc7, 0xb6, 0x2c, 0x06, 0x19, 0x8f, 0x84, 0x46, 0xd6, 0x58, 0xf2, 0xb8, 0x8a, 0xdb, 0xd2,
646 0x72, 0xe0, 0xc1, 0xa7, 0xb5, 0xb0, 0xb0, 0x2b, 0x83, 0xbb, 0x3b, 0x85, 0x3d, 0xcc, 0xc2, 0x89, 0x77, 0x65, 0x8d, 0x3c,
647 0x03, 0xbe, 0x84, 0x78, 0xf7, 0x2a, 0x32, 0x9c, 0x02, 0x23, 0x7b, 0x25, 0x42, 0xec, 0x4f, 0x29, 0x77, 0x79, 0xc1, 0x48,
648 0x46, 0xde, 0x76, 0xdb, 0x23, 0x9b, 0x5a, 0xee, 0xc7, 0xd1, 0x40, 0x73, 0x39, 0xa5, 0x23, 0x41, 0x66, 0x4c, 0x24, 0x1f,
649 0xaa, 0xd8, 0xc7, 0x3c, 0xc4, 0xd5, 0xd7, 0x3b, 0x2d, 0x00, 0x1c, 0x49, 0x17, 0x7a, 0xb5, 0x90, 0x6c, 0x6b, 0x43, 0x2f,
650 0x61, 0x6b, 0x8a, 0xdc, 0xb9, 0x58, 0xa8, 0x92, 0x49, 0x3e, 0xe9, 0x32, 0xc9, 0x3c, 0x4e, 0xeb, 0x2e, 0x15, 0xb8, 0x78,
651 0x9f, 0x30, 0x05, 0xd7, 0x4d, 0x71, 0xe8, 0xd0, 0x98, 0x7c, 0xe5, 0x3b, 0xc7, 0x65, 0x27, 0x5b, 0x16, 0x35, 0x77, 0xfc,
652 0x97, 0xf8, 0x1a, 0x07, 0xc2, 0x50, 0x67, 0x71, 0x7d, 0xd4, 0xd6, 0x55, 0x83, 0x8b, 0x15, 0xb1, 0xac, 0xba, 0xba, 0x8c,
653 0x73, 0x6e, 0x58, 0xf9, 0x1a, 0x3a, 0x1b, 0xc0, 0xe5, 0x90, 0x5a, 0xae, 0x96, 0xeb, 0x05, 0xe1, 0x37, 0xaa, 0xeb, 0x0c,
654 0xb9, 0xf2, 0xd4, 0x24, 0x82, 0x70, 0x64, 0x7a, 0x9b, 0x13, 0x27, 0xab, 0xb9, 0x18, 0xc8, 0xc7, 0xa3, 0x36, 0x5c, 0x7d,
655 0xff, 0xb8, 0xde, 0xbb, 0x9b, 0xc8, 0x78, 0xdf, 0xc8, 0x99, 0x39, 0x9e, 0xce, 0x1b, 0xe0, 0x09, 0x53, 0x00, 0x7d, 0xad,
656 0x86, 0x87, 0x8a, 0x31, 0x50, 0x30, 0x29, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14, 0x31, 0x1c,
657 0x1e, 0x1a, 0x00, 0x54, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x20, 0x00, 0x53, 0x00, 0x53, 0x00, 0x4c, 0x00, 0x20,
658 0x00, 0x55, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x30, 0x23, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
659 0x15, 0x31, 0x16, 0x04, 0x14, 0xa6, 0x63, 0xd5, 0xb2, 0xb4, 0x24, 0x91, 0x4c, 0x75, 0xa8, 0x11, 0x34, 0xd7, 0x7f, 0xb0,
660 0xa3, 0x55, 0xd4, 0xfd, 0x9a, 0x30, 0x30, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00,
661 0x04, 0x14, 0x2f, 0xc5, 0x73, 0xe2, 0xe4, 0xb4, 0x77, 0xfb, 0xb5, 0x49, 0x80, 0xcf, 0x13, 0xbe, 0x63, 0x7e, 0xaf, 0xdc,
662 0x2b, 0xae, 0x04, 0x08, 0xdc, 0x37, 0x8d, 0x3f, 0x8d, 0xc5, 0x94, 0x54, 0x02, 0x01, 0x01
663 };
664 unsigned int Test_ssl_user_p12_len = 2695;
665
666
667 /* Test identity (PKCS12 data), SMIME cert, expired in 2008
668 */
669 unsigned char TestIDSMIME2007_p12[2805] = {
670 0x30,0x82,0x0a,0xf1,0x02,0x01,0x03,0x30,0x82,0x0a,0xb8,0x06,0x09,0x2a,0x86,0x48,
671 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x0a,0xa9,0x04,0x82,0x0a,0xa5,0x30,0x82,
672 0x0a,0xa1,0x30,0x82,0x05,0x17,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,
673 0x06,0xa0,0x82,0x05,0x08,0x30,0x82,0x05,0x04,0x02,0x01,0x00,0x30,0x82,0x04,0xfd,
674 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0x30,0x1c,0x06,0x0a,0x2a,
675 0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x06,0x30,0x0e,0x04,0x08,0x3f,0x0b,0xd9,
676 0x3c,0x80,0x6d,0x5e,0x7b,0x02,0x02,0x08,0x00,0x80,0x82,0x04,0xd0,0x08,0x25,0x32,
677 0xdc,0x7b,0xed,0x8a,0x29,0xf8,0x56,0x84,0x51,0x5c,0x6d,0xe6,0xe6,0x34,0xf8,0x03,
678 0xb3,0x80,0xe2,0xf4,0x0e,0x3f,0x1f,0xad,0x12,0x11,0x27,0x56,0xe8,0x89,0x59,0x90,
679 0x03,0xf0,0xa7,0xc2,0xde,0xd0,0x70,0xbf,0x2c,0xea,0x01,0xe7,0xbd,0xba,0xaf,0xfc,
680 0x07,0x84,0x2f,0xdb,0x65,0xa0,0x7b,0x4b,0x6a,0xab,0xe4,0xbd,0xd0,0xbb,0x31,0xaf,
681 0x90,0x8c,0xa8,0x71,0x10,0x23,0x96,0x67,0x44,0xdd,0x02,0x72,0xd2,0x0f,0xca,0xcb,
682 0x4f,0xc2,0x14,0x04,0xfa,0xde,0x31,0xa5,0x2f,0x97,0xc0,0x2a,0xdd,0xdd,0x91,0x62,
683 0xa7,0xf7,0x9b,0x43,0x57,0x7d,0x4d,0x1c,0xb1,0x92,0xba,0xae,0xa1,0x24,0x6c,0x99,
684 0x81,0x49,0x56,0x46,0x8b,0xea,0x7c,0x16,0x19,0x76,0xf7,0x40,0x06,0x82,0xe2,0x5b,
685 0x3f,0xd8,0x2c,0x87,0x60,0xf7,0xae,0xaa,0xa5,0xba,0x96,0xbf,0x5c,0x86,0x57,0x81,
686 0x8d,0xbf,0x6c,0xe1,0xd1,0xb9,0x20,0x93,0x27,0xfc,0xe6,0x35,0x80,0xaa,0xfb,0xe6,
687 0x4b,0xfd,0x4f,0xa4,0x06,0x05,0x46,0x85,0x66,0x15,0xfb,0x83,0x2b,0x42,0x26,0x98,
688 0xc8,0x69,0x24,0xa1,0x71,0xb4,0x56,0x38,0x3d,0x5e,0xc2,0x13,0x34,0xab,0x2f,0xb1,
689 0x33,0x6e,0xf0,0x07,0x80,0xdd,0x0e,0x6f,0x19,0x01,0xaf,0xff,0x5f,0xc3,0xea,0x24,
690 0x5a,0x6d,0xad,0xb3,0x10,0xbb,0x63,0x02,0x14,0x38,0xa9,0x21,0x83,0xb9,0xc3,0x23,
691 0xba,0xfc,0x56,0x76,0x4d,0x46,0x43,0xd1,0x09,0x37,0x1f,0x79,0xe5,0x70,0x93,0xb5,
692 0x0f,0x21,0xe3,0xef,0x0b,0x4d,0x87,0x0c,0x68,0xf5,0x16,0xc0,0x13,0xee,0x28,0xe8,
693 0x49,0xaa,0x60,0x61,0xe5,0x76,0xe6,0x8e,0xd6,0xae,0x52,0x70,0xb2,0x70,0xbf,0xeb,
694 0xd2,0xd8,0xb8,0x92,0x71,0x6e,0xb8,0x59,0xdf,0xee,0xad,0xc1,0x55,0x14,0x4b,0x52,
695 0x0c,0x20,0x4c,0x79,0x93,0x71,0xe6,0xc5,0xbc,0xf3,0xf3,0x14,0x13,0xd0,0xcd,0x1c,
696 0x62,0x21,0xc0,0xcf,0x4e,0xf5,0xda,0x52,0xbf,0x2c,0x86,0x8f,0xb5,0x67,0xf5,0x72,
697 0xbb,0xe9,0xb8,0x86,0x17,0xd9,0x35,0x49,0xae,0x0a,0x99,0x94,0xa5,0xaa,0x96,0xf4,
698 0x95,0xfe,0x4a,0xe2,0x13,0x46,0xcb,0xd9,0x8b,0x48,0x50,0xff,0x34,0x88,0x12,0xe7,
699 0x9b,0x00,0x8d,0x57,0x94,0x44,0xa5,0xe6,0xd1,0x7f,0x34,0xbb,0x33,0x9f,0xc3,0x12,
700 0x3b,0xb2,0xba,0xb6,0xb3,0x15,0x9e,0xaf,0x90,0x5e,0x2e,0x61,0x0d,0xe6,0x02,0x25,
701 0x41,0x55,0x18,0xc9,0x4a,0x5a,0x0a,0xb2,0xf5,0x99,0x8a,0x27,0xc7,0xd7,0x01,0x96,
702 0x9e,0x4c,0x05,0x7f,0x54,0x90,0x08,0x92,0x9c,0xf2,0xbd,0x0d,0x7d,0x37,0x5a,0x57,
703 0x1d,0x5b,0xcb,0xce,0xc1,0x58,0x5e,0x50,0x73,0x4d,0x61,0x28,0x18,0x90,0x2d,0xac,
704 0x91,0x4b,0x5e,0x5f,0x57,0x29,0x58,0x65,0xba,0xa4,0x11,0x92,0xa8,0xf4,0xac,0xa8,
705 0x39,0x1c,0x52,0x14,0x09,0x13,0xdd,0x4e,0xfa,0xef,0xba,0x4f,0x48,0xc3,0x46,0x4e,
706 0xb9,0x8d,0xff,0x5e,0x28,0xb8,0xcc,0x99,0x7f,0x3a,0xdc,0xf4,0x90,0x5c,0x41,0x14,
707 0x4b,0xbc,0x6b,0xa3,0x01,0x78,0x87,0xc1,0x86,0xd7,0xad,0x98,0xa0,0xc6,0x82,0x35,
708 0x76,0x41,0x6f,0xf1,0xee,0x54,0xbd,0xef,0xef,0xfc,0x2b,0x88,0x56,0x61,0xb1,0x93,
709 0xa0,0xe5,0x8e,0x1e,0xb4,0xb1,0x39,0xb3,0xd3,0x85,0xe0,0xa2,0x61,0x4b,0xe8,0x24,
710 0xc3,0xdd,0x48,0x2a,0xfd,0x5a,0x98,0x7a,0x98,0x2a,0xc7,0x81,0x4c,0x3d,0x3b,0x0c,
711 0x42,0x69,0x42,0x87,0xf1,0x5f,0x13,0x47,0xf6,0x89,0xc5,0x5e,0x47,0x84,0x59,0x81,
712 0x97,0xef,0x22,0x79,0x16,0x37,0xdc,0x74,0x66,0x30,0x81,0xbc,0x45,0x21,0xe4,0x75,
713 0x69,0xe4,0x64,0x2b,0x98,0x97,0x61,0xe1,0x34,0xdf,0x4a,0x37,0x65,0x74,0xdc,0xe1,
714 0x71,0x37,0xd6,0x2c,0x54,0x83,0x7a,0x91,0xc4,0xa6,0xfe,0x09,0x12,0xf3,0xf5,0x2b,
715 0xec,0xe9,0x63,0xa3,0x25,0x0f,0x6f,0xd1,0xb0,0x95,0x3f,0x7f,0xab,0xa7,0x25,0x9b,
716 0x85,0xdb,0xcf,0x6e,0x0e,0xc0,0x8d,0xd3,0xca,0x0e,0xd2,0x98,0xeb,0x77,0x39,0xf4,
717 0x1a,0x30,0xe6,0x76,0x6d,0xba,0xc0,0x61,0x55,0x4e,0xbe,0x88,0x32,0xb2,0xae,0x16,
718 0x27,0xbd,0x61,0xc5,0x48,0x26,0x0f,0x05,0x1a,0x42,0xa6,0xd9,0x29,0xf8,0x58,0x96,
719 0x16,0x1d,0xad,0xf4,0x58,0xc6,0x79,0x46,0xdf,0x1f,0x25,0x43,0xaa,0xf5,0xc3,0x1f,
720 0x75,0x36,0x1c,0x17,0xd2,0x4d,0x88,0xf6,0x37,0x35,0x21,0x1f,0x0f,0x45,0x85,0x13,
721 0x50,0x85,0x0a,0xa2,0xb4,0x96,0x7a,0xe4,0x0a,0x27,0x74,0x87,0x1b,0x11,0xaa,0x7c,
722 0x35,0xf6,0xb6,0x49,0x8d,0x58,0x30,0x16,0xb7,0x36,0xd6,0xd8,0x82,0xe6,0x3d,0xa4,
723 0xdf,0xa7,0xc4,0xc7,0xfe,0x81,0x01,0xa6,0xda,0x63,0x10,0x9f,0x2b,0x84,0x14,0x62,
724 0xb8,0x37,0x9b,0xb4,0x3f,0x62,0x6b,0x76,0x36,0x39,0xb7,0x41,0xaf,0xb9,0xc9,0xf8,
725 0xa5,0x20,0x1f,0x0c,0xfc,0x71,0xca,0x6f,0x56,0x4d,0x6b,0x23,0x5b,0xb2,0x77,0x6f,
726 0x83,0xcc,0x8e,0x8c,0x78,0xda,0x4a,0xbf,0x92,0xd4,0x20,0xfe,0x43,0x6a,0xd4,0x7e,
727 0xd5,0x6c,0x56,0xdb,0xf8,0x94,0x01,0xc8,0x6f,0xdb,0x00,0x9c,0x0b,0x4c,0x97,0xa5,
728 0x2b,0xc1,0x46,0x19,0x91,0x34,0x05,0x9b,0x33,0x20,0xb2,0x79,0xe5,0x00,0x3d,0xb2,
729 0x54,0x4f,0xfa,0x23,0xaa,0xfa,0x3d,0x0c,0x83,0xcf,0x81,0xd1,0xd0,0x12,0x03,0x34,
730 0xda,0x6b,0xbb,0x63,0xbe,0x1b,0x3c,0x53,0x91,0x2b,0x7e,0xd7,0x76,0x62,0x6e,0xc9,
731 0xb1,0x3d,0x74,0x9f,0x96,0xfb,0x66,0xad,0x35,0xba,0x23,0x10,0x9b,0xab,0xc3,0x8a,
732 0x87,0xd1,0x0b,0xa2,0x99,0x34,0x8a,0x43,0x90,0xe9,0x65,0xe7,0x69,0x09,0x61,0x5f,
733 0xce,0x42,0x58,0x69,0xdf,0x8b,0x0c,0x5a,0xa0,0x6a,0x25,0x33,0x29,0x9e,0x23,0xbb,
734 0x77,0xf9,0xa4,0x2f,0x66,0x86,0xc5,0x38,0xf6,0x3d,0xcb,0x03,0xbf,0x94,0x9d,0x56,
735 0x73,0x53,0x9d,0xf4,0xc6,0xad,0x22,0x6d,0xff,0x92,0x90,0x63,0x80,0x5b,0xd2,0x4b,
736 0x18,0xcd,0xc5,0xe1,0xdb,0x4d,0x96,0xc4,0x29,0x0b,0x0e,0xb8,0x18,0x53,0x66,0x49,
737 0x20,0x8e,0xef,0x25,0x93,0x48,0x12,0xe6,0x36,0xd4,0x33,0xcc,0x4d,0x99,0xbd,0x94,
738 0x96,0x61,0xb2,0x7a,0x76,0x7f,0xa1,0xd9,0x1b,0x77,0xfc,0xb7,0x54,0xaf,0x6c,0xeb,
739 0xec,0x90,0x15,0x21,0x2f,0xe2,0x40,0x05,0x23,0x0c,0x2a,0xe2,0xda,0xa0,0x9b,0x0c,
740 0xc7,0x8b,0x31,0xd7,0x8e,0x91,0x95,0x39,0x79,0xd7,0x6d,0xbf,0x86,0x24,0x4d,0xcd,
741 0x72,0x43,0x05,0x56,0xc0,0xe1,0x0c,0xed,0x51,0xa3,0xa9,0x85,0x74,0x41,0x20,0xe2,
742 0x37,0x66,0x80,0x40,0x02,0xf2,0x4b,0x60,0x36,0x4f,0xcf,0x12,0x5a,0x22,0xbc,0x6c,
743 0x21,0xb1,0x2f,0x0c,0x4a,0x26,0xc2,0x14,0x23,0xb3,0x91,0x17,0x48,0x9e,0x27,0x6d,
744 0x6a,0x2f,0xaf,0x58,0xe4,0xf7,0x4d,0x40,0x4b,0xd9,0x52,0xa0,0xf6,0x5e,0xc3,0x36,
745 0xda,0xa6,0x27,0x81,0x1e,0x7c,0x61,0x45,0x93,0x1a,0xa6,0x9d,0x16,0x61,0x95,0xed,
746 0x20,0x2c,0x49,0x6d,0x8f,0x8d,0x1a,0x44,0x89,0x0a,0xce,0x3c,0x00,0x9c,0x76,0x76,
747 0xa5,0x0b,0x40,0x52,0xf2,0xb9,0x30,0xae,0xab,0x04,0x41,0xa1,0x30,0x2f,0x43,0x1b,
748 0x68,0xdb,0x7c,0x4d,0x6c,0xe6,0x05,0xfc,0xa4,0xab,0xd2,0x0a,0x75,0x0c,0xd9,0x40,
749 0x09,0xf1,0xcb,0x5e,0x0a,0x09,0x2c,0x75,0xbc,0x79,0xa5,0xd5,0xb5,0xde,0x07,0xfd,
750 0x27,0x31,0x96,0xad,0x66,0xc6,0xa6,0x5e,0x0a,0x57,0x06,0x39,0x03,0xe4,0x84,0x61,
751 0xcf,0x25,0x6c,0xcd,0x56,0xf4,0xe7,0xd1,0xff,0x93,0x6c,0x2d,0xd6,0xcf,0x0d,0xe6,
752 0x1e,0xe5,0x57,0x37,0xa6,0x6d,0xec,0xa1,0xde,0xe8,0x1f,0x64,0x90,0x5e,0x70,0xe2,
753 0xe8,0x05,0x24,0xac,0x36,0xe1,0xea,0x75,0xdf,0x60,0xe2,0xbf,0xc2,0x30,0x82,0x05,
754 0x82,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x05,0x73,
755 0x04,0x82,0x05,0x6f,0x30,0x82,0x05,0x6b,0x30,0x82,0x05,0x67,0x06,0x0b,0x2a,0x86,
756 0x48,0x86,0xf7,0x0d,0x01,0x0c,0x0a,0x01,0x02,0xa0,0x82,0x04,0xee,0x30,0x82,0x04,
757 0xea,0x30,0x1c,0x06,0x0a,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x03,0x30,
758 0x0e,0x04,0x08,0xf4,0xa6,0x0f,0xb4,0x2e,0x8e,0x48,0xa6,0x02,0x02,0x08,0x00,0x04,
759 0x82,0x04,0xc8,0x0a,0x64,0x3b,0x68,0x4a,0x9a,0xf0,0xf6,0x80,0x65,0x2d,0xca,0xa6,
760 0x74,0x33,0x32,0xf3,0x71,0x97,0x27,0x24,0x3c,0xd1,0xaf,0x8b,0xfb,0xee,0x69,0x40,
761 0xfc,0xff,0x45,0x32,0x3a,0x1a,0xd1,0x35,0x2d,0xae,0xce,0xd6,0x84,0x5b,0x2b,0x20,
762 0x91,0xf8,0x26,0xa6,0x13,0x19,0x21,0x3e,0x8d,0xbb,0x30,0xef,0xdd,0x99,0x58,0x00,
763 0x61,0x57,0xe5,0x1b,0xc6,0x96,0xbe,0x7f,0x9e,0x95,0x47,0x7c,0xdf,0xf1,0x09,0x8f,
764 0xb9,0xa8,0x99,0x0d,0xf1,0x2a,0xe0,0xfd,0x08,0x92,0xf7,0x56,0x45,0x2e,0xb0,0xf4,
765 0x2b,0xf9,0x36,0x43,0xb2,0xbf,0x63,0x82,0x59,0x41,0x25,0x70,0xd6,0x49,0xe8,0x15,
766 0x7f,0x77,0x7c,0x7c,0xb3,0xab,0x7e,0xb6,0x16,0xd9,0xf7,0x22,0xa6,0x23,0x00,0x6a,
767 0x0e,0x62,0xfa,0xd6,0xe2,0x51,0x13,0x0e,0x99,0x9e,0x12,0x48,0xfa,0x71,0xea,0x47,
768 0xeb,0xf7,0xd9,0x9d,0x6f,0xa1,0x77,0x55,0xff,0x30,0xf7,0x68,0x33,0xee,0x26,0x16,
769 0xf6,0x43,0x63,0x4e,0xb7,0x16,0x97,0xd3,0x49,0x1c,0xf1,0x9e,0xe0,0xe5,0x77,0x52,
770 0xca,0x13,0x48,0x8f,0x11,0x23,0x0d,0x87,0x38,0xa7,0xf3,0x81,0x65,0x96,0xff,0xc7,
771 0xb4,0x0f,0x39,0x59,0xff,0x39,0x5a,0x55,0x2b,0x7b,0xab,0x34,0x11,0x42,0x47,0x42,
772 0x0c,0xb0,0x71,0x64,0x73,0xa5,0x1d,0x88,0x6e,0xa4,0x61,0x3c,0x67,0x18,0x67,0x2b,
773 0x42,0xa1,0x2e,0x60,0xae,0x82,0x3e,0x37,0xc8,0x2e,0x8a,0x80,0x2e,0x9c,0x5d,0xe4,
774 0x37,0x58,0xcb,0x6e,0x38,0x75,0x76,0x9a,0xaf,0x25,0xd3,0xb2,0xbe,0xf5,0x36,0x4f,
775 0x09,0x05,0xe2,0xe3,0x20,0x03,0x64,0x6f,0x94,0x3b,0xec,0x40,0x8c,0xe1,0x7e,0xed,
776 0x94,0xfa,0xed,0x9c,0x4d,0x1d,0xd7,0x31,0x1b,0x9d,0xf3,0xf5,0x1b,0xa0,0xf9,0xc8,
777 0xd6,0xf0,0x5e,0xe5,0x26,0x17,0x42,0x18,0xd8,0xe3,0x04,0x65,0xdf,0xa3,0xe6,0x16,
778 0x16,0xd5,0xfb,0xbe,0x08,0x1e,0xbf,0xd2,0x0e,0xd5,0x2b,0x4b,0x78,0xb2,0x80,0xf3,
779 0x8c,0xe6,0x74,0x89,0xe8,0xce,0xa6,0x2b,0xa5,0x38,0x1f,0x2f,0x87,0x93,0x51,0x35,
780 0xe8,0xad,0x6c,0x8d,0x95,0xbd,0xc0,0x24,0xa5,0x14,0x25,0x2d,0xdf,0x4e,0x77,0x32,
781 0x68,0xc0,0x91,0xad,0x51,0x95,0x25,0x44,0x7a,0xd7,0x4c,0x75,0xdf,0x73,0xe5,0x2b,
782 0xeb,0x1c,0xd3,0xe9,0x42,0xa7,0x5a,0x58,0x85,0x06,0xf0,0xcb,0x38,0x51,0x6d,0x09,
783 0x57,0x14,0x6f,0xd8,0x55,0x0c,0x7a,0x77,0x7f,0xb5,0x20,0xe8,0xd0,0xbd,0x88,0x5a,
784 0xad,0xe6,0xf5,0x02,0x2c,0x7d,0x0b,0xfb,0xe4,0x07,0xad,0xa2,0xd5,0x0c,0xc5,0xbc,
785 0x66,0xc4,0x19,0x48,0xe8,0xa2,0x60,0xdd,0xd2,0xf8,0x03,0x9a,0xd9,0x68,0x4d,0xa9,
786 0xd8,0xfa,0xda,0xa3,0x6f,0xcc,0x53,0xea,0x11,0x7e,0xa0,0xa8,0x8f,0xec,0xdb,0xc0,
787 0x2a,0x40,0xc6,0x84,0x58,0x4f,0x2a,0x23,0x4c,0xbc,0xfe,0xaa,0x78,0x58,0x9c,0xdd,
788 0x6c,0xd5,0x63,0xe9,0xe6,0x78,0xc2,0x73,0x14,0xd5,0x11,0xc3,0x2a,0xf5,0x8a,0x46,
789 0x78,0xfc,0x5a,0x59,0xc9,0x9a,0x7f,0xba,0x94,0x44,0xb3,0x45,0x83,0x08,0x94,0x4d,
790 0x72,0x0b,0x0f,0xd6,0x89,0x9a,0x75,0x6b,0x31,0xcb,0xeb,0x55,0x85,0x38,0x2c,0x3e,
791 0x9b,0x86,0xf0,0x58,0x0f,0x4c,0x93,0x24,0xec,0xd5,0xa3,0x61,0x3a,0x79,0x76,0xab,
792 0x37,0x63,0x2d,0x79,0xde,0x6d,0xa3,0x7f,0xf2,0xf0,0x8c,0x45,0xe6,0xce,0x97,0xc6,
793 0x88,0xfd,0x93,0xe0,0xf9,0xd0,0x93,0x6a,0x77,0xa4,0x28,0xc3,0x02,0x77,0x87,0xf6,
794 0x22,0xfa,0x2b,0x0b,0x31,0xcf,0xe2,0xce,0xaa,0xd9,0x65,0xa6,0x96,0x53,0x8d,0xc7,
795 0x67,0xaf,0x0c,0x0f,0xbc,0x51,0xdf,0x0b,0xc4,0xf8,0x06,0x46,0x07,0x12,0x95,0xce,
796 0x38,0x8e,0xe7,0x8f,0x8d,0x46,0x68,0xbe,0xa5,0x40,0xdc,0xed,0xab,0x76,0x5c,0x87,
797 0xac,0xb3,0x5f,0xb9,0xfd,0x9d,0x79,0x54,0x28,0xc2,0x19,0x2e,0x46,0x3f,0x1f,0x67,
798 0xe2,0x58,0x30,0x4e,0x89,0xdd,0x2f,0x44,0x59,0xde,0xe4,0xf4,0x0d,0x4c,0x33,0xe4,
799 0x98,0x6d,0xb4,0x1f,0x03,0x6b,0x0f,0x8e,0xde,0x86,0x1b,0x33,0x37,0x74,0x14,0xbe,
800 0xa9,0x4a,0xac,0xf4,0x9b,0xa7,0x37,0xe8,0xdd,0x94,0x67,0x25,0x5c,0xb4,0x5b,0x79,
801 0xfd,0xd3,0x24,0x21,0x11,0xbe,0x76,0x1f,0x98,0x8b,0x73,0x87,0x0c,0x96,0x82,0x59,
802 0x04,0x22,0x8c,0x9b,0x57,0x0c,0xca,0x16,0xb3,0x02,0xc6,0xdc,0x6f,0xd2,0x9c,0xcd,
803 0x0f,0x31,0xea,0x97,0x94,0xf7,0x43,0xfe,0xe2,0x8f,0xc7,0x07,0x98,0x57,0x30,0x72,
804 0x55,0x43,0xca,0xfa,0xde,0x92,0xf9,0x06,0x9e,0x56,0x73,0x80,0x84,0xbb,0x44,0xe5,
805 0x7d,0x04,0xfc,0x49,0x8d,0x28,0xfa,0x91,0xe3,0x50,0x76,0xc2,0xf8,0x87,0x29,0x04,
806 0xa4,0xfd,0xfb,0x28,0x20,0xe3,0x07,0xb6,0xf4,0xbf,0xe7,0xc4,0x6a,0x93,0x8c,0x12,
807 0xda,0x9d,0x9a,0x5d,0x8c,0x0a,0xd7,0xf5,0x9f,0xbd,0x71,0x00,0xfc,0x22,0xea,0xa4,
808 0x45,0x6f,0xd4,0xc6,0x7d,0x7a,0x47,0x38,0x15,0x17,0xc6,0xde,0xb3,0xeb,0x1b,0x9a,
809 0xea,0x94,0xc1,0x74,0xd1,0x65,0x25,0xc1,0x11,0x82,0x5d,0xb3,0x66,0x7f,0x05,0xd3,
810 0xe1,0x0a,0xfe,0x29,0xcf,0xdd,0x18,0x30,0xff,0x00,0x7f,0xef,0xc1,0x50,0x54,0x7c,
811 0x8b,0x89,0x3c,0x6a,0x12,0x9d,0xd4,0x5a,0xcc,0x48,0x76,0xab,0x64,0xd3,0x54,0x36,
812 0x70,0x9e,0x04,0x69,0x3d,0x20,0x9d,0x62,0x5d,0xe6,0x55,0x8e,0xd0,0x53,0x5c,0xb4,
813 0x54,0x79,0x73,0x69,0x6f,0x56,0xfa,0x60,0x1d,0x61,0xeb,0xeb,0x76,0xb4,0xd5,0x7a,
814 0xc9,0x51,0xfc,0xa9,0xed,0x4a,0xfa,0x5c,0x5c,0xb5,0x20,0x6a,0x44,0xf7,0xaa,0xf0,
815 0x27,0x90,0x55,0xda,0x2d,0xb4,0x11,0x59,0x21,0x65,0x0e,0x87,0xd2,0x53,0x21,0xd2,
816 0x81,0x93,0xf7,0xfe,0x3b,0xec,0x49,0x7e,0x1c,0xdc,0xc2,0x8f,0xdb,0xef,0x3c,0x0a,
817 0x40,0x89,0x94,0xf3,0x2d,0x77,0x84,0x15,0x03,0x00,0x29,0xfa,0x1b,0xea,0x55,0x7d,
818 0xdc,0xdb,0x69,0x95,0xe5,0x72,0xa5,0x17,0x8f,0xfb,0xfc,0x86,0xfc,0x72,0x91,0x09,
819 0x9b,0x32,0x1a,0x06,0x5c,0xa5,0x26,0x4b,0x61,0x40,0x97,0x40,0xce,0x17,0xca,0xe7,
820 0x79,0xe6,0xcc,0x6c,0xa3,0x81,0x9c,0x9f,0x36,0x74,0x36,0x9f,0xd9,0x5d,0x3e,0x29,
821 0xa0,0xce,0xa1,0x84,0xf6,0xaf,0x33,0x2b,0x8b,0x32,0xb4,0x45,0xb1,0x3d,0x72,0x87,
822 0x20,0x8c,0x88,0x02,0x0d,0x93,0x50,0xcc,0x31,0xce,0x03,0xf8,0x85,0x4a,0xdc,0xed,
823 0xc0,0xcc,0xb3,0xda,0x06,0xbd,0x12,0xd5,0xfc,0xd2,0xbb,0x75,0x4b,0xca,0xb2,0x77,
824 0x18,0xe1,0x5e,0xf5,0x9f,0x0c,0x8c,0xe2,0x17,0x73,0xe5,0xa3,0x80,0x40,0xd8,0x42,
825 0xb1,0xf7,0xd0,0x04,0x9f,0x2e,0xc2,0x2b,0x9b,0x5e,0xcb,0xae,0xb4,0x5f,0x95,0x53,
826 0xf5,0xc1,0x72,0xf1,0xff,0xa2,0x5a,0xcf,0x1b,0x78,0x5c,0x99,0xdf,0x09,0x24,0xbf,
827 0xbf,0x86,0xc3,0x0e,0x65,0x9a,0xe6,0xdc,0xde,0x88,0x28,0x94,0xd7,0xc0,0x6d,0xf6,
828 0x93,0x52,0xa6,0x7f,0x74,0x92,0x9b,0x0b,0x62,0xd5,0x2c,0xb4,0xad,0x7c,0xc0,0xc6,
829 0x3b,0x1b,0xd2,0xbd,0x89,0xa8,0x64,0x02,0x9c,0x81,0x9a,0xd8,0x51,0x04,0x22,0x10,
830 0x62,0x46,0x38,0xaa,0xaa,0x3b,0x00,0x5c,0xe8,0x58,0x09,0x25,0xf7,0x53,0x1d,0x72,
831 0xab,0x44,0x80,0xb4,0x33,0x91,0xf8,0x8e,0xe1,0x00,0x5c,0x07,0xdb,0x81,0x71,0x25,
832 0x86,0x3b,0xa7,0x8e,0x31,0x02,0x89,0x43,0x8f,0x0a,0xa8,0xac,0x6b,0x2a,0xe3,0xba,
833 0x4d,0xdf,0x8c,0x20,0x46,0xea,0xd4,0x98,0x2f,0x47,0x98,0xfb,0x03,0x5e,0xdd,0x92,
834 0xc5,0x73,0xa2,0x54,0xf7,0x9f,0x5f,0xda,0xb5,0x1d,0xb5,0xab,0x78,0x2b,0x72,0x43,
835 0x07,0x0a,0x34,0x22,0xb6,0x23,0xde,0x90,0x0f,0x85,0x7b,0x31,0x66,0x30,0x3f,0x06,
836 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x14,0x31,0x32,0x1e,0x30,0x00,0x54,
837 0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x20,0x00,0x49,0x00,0x64,0x00,0x65,0x00,0x6e,
838 0x00,0x74,0x00,0x69,0x00,0x74,0x00,0x79,0x00,0x20,0x00,0x53,0x00,0x4d,0x00,0x49,
839 0x00,0x4d,0x00,0x45,0x00,0x20,0x00,0x32,0x00,0x30,0x00,0x30,0x00,0x37,0x30,0x23,
840 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x15,0x31,0x16,0x04,0x14,0x69,
841 0x6e,0x3e,0x79,0x39,0x9b,0x28,0xf4,0x29,0xd4,0x38,0x78,0xcd,0xbd,0x11,0x46,0xb5,
842 0x73,0xec,0x96,0x30,0x30,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,
843 0x05,0x00,0x04,0x14,0x5b,0xc7,0xc7,0x83,0x6c,0xc1,0x23,0xf1,0xeb,0xe8,0xd7,0xc8,
844 0x3f,0x4c,0x59,0x18,0x49,0x61,0xdb,0x72,0x04,0x08,0xde,0xab,0x8d,0x3a,0xff,0xf8,
845 0x2d,0x69,0x02,0x01,0x01
846 };
847
848 /* Test identity (PKCS12 data), SSL cert, expired in 2008
849 */
850 unsigned char TestIDSSL2007_p12[2753] = {
851 0x30,0x82,0x0a,0xbd,0x02,0x01,0x03,0x30,0x82,0x0a,0x84,0x06,0x09,0x2a,0x86,0x48,
852 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x0a,0x75,0x04,0x82,0x0a,0x71,0x30,0x82,
853 0x0a,0x6d,0x30,0x82,0x04,0xe7,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,
854 0x06,0xa0,0x82,0x04,0xd8,0x30,0x82,0x04,0xd4,0x02,0x01,0x00,0x30,0x82,0x04,0xcd,
855 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0x30,0x1c,0x06,0x0a,0x2a,
856 0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x06,0x30,0x0e,0x04,0x08,0x7a,0xe7,0xca,
857 0x1b,0x57,0x26,0xac,0x5e,0x02,0x02,0x08,0x00,0x80,0x82,0x04,0xa0,0x1a,0x44,0x31,
858 0x1c,0x4d,0xa9,0x00,0x7f,0x14,0x71,0x83,0x3b,0x68,0xf8,0xf0,0x6e,0x42,0xd0,0x6a,
859 0x8c,0x02,0xbf,0x6e,0x0c,0xcd,0xee,0x7e,0x48,0xab,0x8b,0x7e,0xc7,0xe4,0x66,0x3f,
860 0x4d,0x3f,0x05,0xcd,0xa5,0x41,0x5c,0xa2,0x2e,0x59,0x4c,0x62,0x4c,0xa7,0xca,0x31,
861 0x10,0xd8,0xc7,0x8c,0xa1,0x6c,0x1d,0x9b,0x27,0x7a,0xa8,0x00,0x7a,0xb9,0xd3,0x4b,
862 0x09,0xf0,0xf7,0x75,0xb6,0x53,0xdf,0x54,0xba,0x2e,0x26,0xf5,0x1c,0x49,0x94,0x72,
863 0xcb,0x06,0xf3,0xa3,0x28,0xcb,0x48,0xb4,0x70,0x4a,0x0a,0xf8,0xfb,0x82,0xad,0x7f,
864 0x50,0x78,0xb7,0x11,0x41,0xd5,0x2b,0x11,0x5c,0x95,0x90,0x0f,0xcb,0xd8,0x95,0xe6,
865 0x77,0x74,0x84,0xe5,0x4c,0x24,0xa0,0xd4,0x7a,0x0a,0xd6,0xc8,0x10,0xa4,0x7a,0xcb,
866 0x5d,0x81,0x61,0x33,0xb7,0x75,0x6a,0x98,0xbe,0xd4,0xaf,0x3c,0x8c,0x61,0x66,0x43,
867 0x6f,0x12,0x4b,0x1e,0x72,0x10,0x76,0xbb,0xc6,0x57,0xbd,0xdb,0x2c,0x99,0xa7,0x53,
868 0x1e,0xe5,0x6a,0x42,0x80,0xb9,0x24,0x4f,0x1a,0x2c,0x96,0x0b,0x64,0xd3,0x63,0x36,
869 0x6f,0x75,0x74,0x8e,0xd0,0x50,0x5d,0xab,0x4b,0xec,0x59,0x04,0xdb,0x23,0xfb,0x9a,
870 0xbf,0xe0,0x88,0x24,0xc6,0x00,0x7e,0xd9,0x12,0x11,0xf0,0xe5,0xe2,0x96,0xb7,0x85,
871 0x6b,0x90,0x03,0xab,0x18,0xa4,0x07,0xcc,0xda,0x19,0x76,0x49,0xde,0x41,0x32,0xda,
872 0x0f,0x9c,0x8d,0xca,0x96,0xbb,0x39,0xbe,0xeb,0x3d,0xb8,0xe6,0xc1,0xea,0xc5,0xa6,
873 0xc3,0x69,0x72,0x96,0x53,0xde,0x36,0x8b,0xee,0x2c,0x6b,0x2e,0x3d,0xad,0xdd,0x9b,
874 0x8a,0xd9,0x1c,0xdd,0x92,0xf3,0x38,0xa7,0xec,0x5d,0xa6,0x46,0x54,0x70,0x71,0x0b,
875 0xa9,0x1a,0x2a,0x54,0x67,0x6e,0x82,0x8e,0xcb,0x5c,0x2d,0x23,0x2f,0x9b,0x0a,0xc8,
876 0xb1,0xf8,0xea,0x9b,0x16,0x72,0xc5,0xf5,0x2c,0x94,0x10,0xdf,0x3f,0xde,0x84,0xa0,
877 0x97,0x96,0xfc,0xd7,0x49,0x4e,0xa6,0x37,0x0c,0x2a,0x39,0x08,0x5e,0xbe,0x58,0x9c,
878 0x94,0x59,0x98,0x71,0x5b,0x30,0x16,0xcc,0x6f,0x64,0xb5,0xe1,0x1e,0x31,0x34,0x6d,
879 0x4a,0xe6,0xb0,0x20,0x31,0x81,0xe4,0x0e,0x48,0x7e,0x4c,0xc4,0xfa,0x9c,0x57,0xf9,
880 0xee,0x58,0xfb,0xc2,0x1b,0xd7,0x96,0xdd,0x91,0x0f,0x86,0x40,0xc9,0x45,0x29,0x07,
881 0x65,0x48,0xd1,0x1d,0xf8,0x1c,0x6d,0x1d,0x5d,0xce,0x76,0xce,0x70,0x33,0x4f,0x1d,
882 0xcc,0x4a,0x87,0xd0,0x9a,0xf3,0xb5,0x40,0xf3,0x35,0xcc,0x89,0x26,0x72,0x94,0x53,
883 0x79,0x59,0xbb,0xe6,0xc4,0x24,0x63,0x46,0x83,0x27,0xb7,0xf8,0xff,0x80,0x4c,0x0a,
884 0x98,0xee,0xe7,0x4a,0x73,0x11,0x90,0xbf,0x94,0x1c,0x03,0x91,0x78,0xe8,0x01,0x3a,
885 0xa1,0xf3,0x53,0xea,0x78,0xb1,0x09,0x4e,0xea,0x2d,0xaa,0xb4,0xce,0xce,0xb1,0xc6,
886 0x51,0xb6,0x59,0x52,0x89,0x7e,0xab,0x4c,0xe3,0xd3,0x9b,0x6b,0xa7,0xf2,0xca,0x70,
887 0x53,0x95,0x8a,0x13,0xfc,0xc0,0xa2,0x24,0xd2,0x94,0xb5,0xe5,0x95,0x38,0x01,0x39,
888 0x0a,0x28,0x1d,0x83,0xd1,0x2a,0x03,0xfa,0xf6,0x6e,0x63,0x80,0x17,0x05,0x18,0x33,
889 0x11,0x56,0xe1,0x7e,0x66,0x94,0xbf,0x1b,0x8b,0x11,0xcf,0x41,0xbf,0x71,0xd9,0xa3,
890 0x6f,0xbb,0xf5,0xae,0x43,0x1d,0x2f,0xf1,0x88,0x00,0x72,0xca,0x49,0x83,0x3e,0xe3,
891 0x87,0x5e,0x0f,0x58,0x97,0xaa,0x2b,0x92,0x40,0xdd,0x8b,0x17,0xce,0xd8,0x11,0x05,
892 0xa4,0x03,0x51,0x0b,0xfa,0x35,0x4c,0xde,0x5b,0xda,0x88,0xdd,0x3a,0xe7,0x93,0x60,
893 0xca,0xe2,0x8e,0x84,0xcd,0x5b,0x6d,0xb6,0x5c,0x53,0xbc,0x85,0x75,0x96,0xaa,0x00,
894 0x06,0x19,0x84,0x66,0x4d,0x41,0x89,0xdd,0x84,0x81,0xbe,0xb6,0xa3,0x69,0x71,0xf4,
895 0x3e,0x31,0x89,0xae,0x9e,0x77,0x68,0xff,0x21,0x78,0xa2,0x43,0xc9,0x0e,0x36,0xe0,
896 0xa0,0xb6,0xae,0x40,0xf1,0xf4,0xe3,0xc8,0xa9,0x89,0x80,0x32,0x45,0x07,0x37,0xf1,
897 0x1d,0xc3,0x1e,0x79,0x0b,0x8b,0x1d,0x7d,0xc9,0xd6,0xa2,0x91,0xc8,0xd8,0x05,0xc0,
898 0xc0,0x25,0x27,0x97,0x5f,0x60,0x3f,0xc7,0xc9,0x3e,0xf2,0xac,0x7e,0x4c,0x4b,0x42,
899 0x15,0x85,0x1a,0xe0,0xe1,0xfa,0xf9,0x27,0xaf,0x8d,0x6f,0x90,0x52,0x33,0x6c,0x55,
900 0xa7,0x9d,0x9c,0x0b,0xc1,0xf8,0xe5,0xa9,0xd7,0x9c,0x81,0xce,0x08,0x49,0x9c,0xb1,
901 0x91,0x00,0xdd,0x6f,0xaf,0x17,0xf8,0x01,0xb5,0x9e,0x53,0x2a,0xa0,0xdd,0x47,0x6e,
902 0xb3,0x1b,0xd3,0x9d,0xc1,0x8c,0x07,0x9b,0x78,0x8c,0x2e,0xad,0xbb,0x7d,0xe1,0x0a,
903 0x11,0x35,0xf7,0xfa,0xf4,0x00,0xf3,0xc2,0xa6,0xf1,0x3f,0xa1,0xdc,0xe1,0xc2,0x2a,
904 0x4b,0x22,0x31,0x20,0x45,0x93,0xbb,0x5e,0xfc,0xe5,0xd7,0xcb,0x69,0x1b,0xad,0x3a,
905 0x48,0x59,0x9c,0xc7,0x74,0xbb,0x79,0x56,0xb7,0x73,0x92,0x54,0x49,0xc9,0xbc,0x5d,
906 0xf2,0x74,0xc8,0x63,0xa8,0x9c,0x99,0x67,0x4d,0x75,0x64,0x10,0x46,0xe7,0x0f,0xf1,
907 0xb0,0x4e,0x8b,0x9d,0x4f,0xa7,0x67,0xe9,0xec,0xbf,0x1b,0x0a,0xfd,0xde,0xe4,0xf6,
908 0xcd,0xba,0x12,0xce,0x4e,0xb5,0x29,0xbf,0x59,0x0b,0xf7,0xea,0xc7,0x7c,0xfb,0xe4,
909 0xe6,0x36,0x86,0x52,0x18,0xf6,0xe5,0x14,0xe1,0x92,0x02,0x98,0x08,0x0f,0xbc,0xd0,
910 0x40,0xf3,0xb1,0x87,0xcc,0x6b,0xee,0xee,0x1a,0x8c,0x40,0x13,0x53,0x9e,0x61,0xb3,
911 0x17,0x02,0x7e,0x97,0x22,0x90,0x6f,0xf0,0x64,0x75,0x42,0xf4,0xf9,0x8f,0x38,0x46,
912 0x27,0x5c,0x14,0x82,0x80,0x71,0xe9,0x7d,0xe9,0xc8,0x32,0xb2,0xae,0xbd,0x90,0x28,
913 0xda,0xc0,0xc1,0x6d,0x06,0x03,0x6c,0x83,0x68,0x3b,0xdf,0xb4,0xb4,0x48,0x04,0x0e,
914 0xbb,0x6e,0xa8,0xa5,0xa5,0x1b,0x36,0xbe,0xfc,0x40,0xd3,0x97,0xc3,0x62,0xb9,0x34,
915 0x94,0xbf,0x01,0xfb,0x21,0xae,0xbb,0xd9,0xdd,0x0d,0xe0,0xf4,0xce,0x25,0x9a,0x7c,
916 0xc4,0x10,0xfc,0xac,0x53,0x1d,0x11,0xdc,0x5c,0x4c,0x6e,0x65,0xb3,0x9c,0xca,0x76,
917 0x3d,0x5d,0x2d,0x21,0x64,0xa6,0x3c,0xc1,0xa1,0x35,0xe7,0x38,0x8b,0x39,0x9f,0x7f,
918 0x93,0x68,0x6f,0xeb,0x96,0x4f,0x7c,0xd3,0x49,0xbe,0x65,0xdb,0x82,0x91,0x2a,0xb4,
919 0x62,0x38,0xdd,0x73,0xa7,0x7f,0x66,0x54,0xfa,0x92,0x65,0xbf,0x71,0xc6,0x62,0x38,
920 0x96,0xe2,0xf4,0x16,0xc6,0xf7,0x7e,0x9d,0x7a,0x4f,0x35,0x5f,0x0e,0x29,0xe6,0x38,
921 0x7b,0x05,0x02,0x61,0xfb,0x16,0xb4,0x43,0xe9,0xb1,0x74,0x3d,0x50,0xe3,0x51,0x5c,
922 0x54,0x5e,0x3e,0xe0,0xb1,0xfe,0x20,0x2d,0xe0,0x05,0x25,0x2f,0x1f,0x9a,0x25,0xe9,
923 0xec,0xb6,0xb8,0x9a,0xe9,0xff,0x3a,0x7a,0xc8,0x53,0xfd,0xc4,0x61,0xb1,0xa1,0x22,
924 0xc6,0x85,0x7a,0x11,0x07,0x84,0xe9,0x58,0x15,0x74,0x33,0x08,0x1f,0x59,0xe9,0x0d,
925 0x7f,0x7e,0x38,0xd9,0x77,0x22,0x46,0xb5,0xfc,0xd5,0x3b,0x1d,0x47,0x7a,0x4a,0x16,
926 0x35,0xa8,0x67,0x99,0x6d,0x72,0x66,0x0d,0xd4,0xb3,0x3b,0xdf,0xb8,0x9f,0x7f,0x59,
927 0x37,0x97,0x65,0xdf,0x79,0x0c,0x15,0xe3,0x14,0x99,0xc0,0x1a,0xcc,0x9a,0x98,0x6a,
928 0xb7,0x59,0x35,0x21,0x31,0x3e,0xf4,0xa2,0xce,0xc4,0xca,0x60,0xf8,0xa0,0x43,0xb6,
929 0xbe,0x8a,0x0a,0x95,0xea,0xe7,0xa0,0xdb,0x4f,0x36,0x22,0xf8,0xb6,0x60,0xff,0x15,
930 0x69,0x45,0x84,0x53,0xad,0x48,0x00,0x0e,0x20,0xb3,0x62,0x07,0xbd,0x02,0x46,0x19,
931 0xf6,0x3d,0xb8,0x55,0x4b,0x5f,0xac,0x3a,0x6a,0x86,0xcf,0x07,0x79,0x30,0x82,0x05,
932 0x7e,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x05,0x6f,
933 0x04,0x82,0x05,0x6b,0x30,0x82,0x05,0x67,0x30,0x82,0x05,0x63,0x06,0x0b,0x2a,0x86,
934 0x48,0x86,0xf7,0x0d,0x01,0x0c,0x0a,0x01,0x02,0xa0,0x82,0x04,0xee,0x30,0x82,0x04,
935 0xea,0x30,0x1c,0x06,0x0a,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x03,0x30,
936 0x0e,0x04,0x08,0xd3,0x22,0x2a,0xd2,0xd9,0xd0,0xd6,0xd3,0x02,0x02,0x08,0x00,0x04,
937 0x82,0x04,0xc8,0x7b,0x88,0x0e,0x83,0x90,0x25,0x3f,0x51,0xab,0x13,0xf1,0x35,0x1f,
938 0xec,0x56,0xcb,0xfc,0x31,0x6b,0xd1,0x1a,0x6c,0x35,0x51,0x31,0xb7,0x27,0x2e,0xe6,
939 0x8c,0x75,0x7d,0xa6,0x58,0xfd,0x08,0x0b,0xe4,0x39,0x63,0xc6,0x3e,0x2d,0xee,0x2b,
940 0xe5,0x58,0x90,0x48,0xb5,0x57,0x38,0x97,0x48,0xf3,0x2c,0xac,0xf1,0xf8,0x10,0x9c,
941 0x56,0x02,0xc7,0x9d,0x7f,0x9e,0xe0,0x9c,0x96,0xe7,0x0c,0x9f,0x54,0xab,0x9f,0x26,
942 0x17,0xac,0x86,0x88,0x5e,0x4a,0x9c,0xce,0xea,0xc8,0x48,0x83,0x0c,0x2e,0xf0,0xa0,
943 0x6c,0x96,0x07,0x26,0x47,0x63,0xc1,0xac,0x27,0xd1,0x1a,0x25,0x88,0x43,0x8e,0x9d,
944 0xe0,0x5f,0x80,0xd9,0xd1,0x1a,0x86,0x92,0x12,0x80,0xe1,0x99,0x13,0xc3,0xab,0x53,
945 0x97,0xbe,0x51,0x17,0xc4,0x5a,0x9d,0xc0,0xcd,0xe4,0xc5,0xd6,0x44,0x56,0xaa,0x8d,
946 0x5b,0x3d,0xc8,0x66,0xaf,0x6c,0xd2,0x96,0xc6,0x83,0x57,0x7a,0x0e,0x66,0x68,0xd6,
947 0x30,0xf0,0xaa,0xde,0x13,0x92,0x5e,0x21,0x2c,0x36,0x96,0x77,0x1f,0xd0,0xaa,0x4b,
948 0x14,0x9f,0x9f,0xe5,0xa4,0x3f,0xbf,0x7a,0x9b,0x38,0xff,0x91,0x1d,0x0d,0xd4,0x32,
949 0x34,0x2b,0x3f,0xd8,0xfb,0x09,0x71,0xdf,0x1b,0x61,0xa3,0x36,0x81,0xaa,0x49,0xa3,
950 0xe4,0x5c,0xc4,0x8d,0xc5,0xab,0xc0,0x43,0xbe,0xc1,0x41,0xa2,0xcc,0x28,0x36,0x65,
951 0xa6,0xb6,0x73,0x96,0x6a,0x5f,0x1a,0xd9,0xb8,0x48,0x49,0x7b,0x12,0xda,0x2a,0xdb,
952 0xaa,0xaf,0x46,0x8b,0x39,0x7e,0xa7,0x78,0x88,0x15,0x95,0x32,0x13,0x76,0xbb,0x2d,
953 0xf5,0xd5,0x41,0x6a,0x9b,0xb8,0xe6,0x6d,0x43,0xa6,0xc3,0x53,0xb7,0xc5,0x68,0x9d,
954 0xa9,0x84,0x30,0x42,0x59,0x33,0x81,0x79,0x22,0x91,0x1e,0x34,0x31,0x9b,0xd4,0xf3,
955 0x2a,0xda,0xe2,0xa3,0x95,0x7a,0x2a,0x9c,0x67,0x57,0xee,0x2b,0x89,0xfc,0x64,0x67,
956 0x00,0x98,0x21,0x63,0xc7,0x19,0x95,0x69,0x9b,0x42,0x73,0x5c,0x68,0x59,0xfc,0x64,
957 0xe5,0x22,0x57,0x54,0x58,0x06,0xff,0xa3,0x87,0x7d,0x05,0xc8,0xc4,0xfd,0xc7,0x29,
958 0x1b,0x1d,0x88,0x0b,0x08,0x96,0x94,0x9b,0xd8,0xee,0x47,0x99,0x06,0xfa,0x64,0x67,
959 0xfd,0xb0,0xb1,0xa1,0xf5,0x26,0x7e,0xb1,0x46,0xb1,0x0c,0x82,0x52,0x5f,0xc5,0x94,
960 0x23,0x75,0xff,0xb3,0x42,0x18,0xa2,0x9f,0x65,0xfb,0x06,0xb0,0x8a,0x29,0xc1,0x6e,
961 0x84,0xd9,0xd4,0x39,0x77,0x02,0x47,0xe3,0x5f,0xf2,0xb4,0x84,0xc0,0x75,0x48,0x4b,
962 0x3a,0xef,0x48,0x2e,0x8d,0xa1,0xe5,0xc6,0x86,0x44,0x00,0xd9,0x4d,0x73,0xed,0x68,
963 0x8c,0x91,0x56,0x3e,0x2c,0x18,0xd0,0x58,0xd8,0x04,0x15,0xe0,0xd8,0xa8,0xe6,0x46,
964 0x36,0x54,0xc5,0x8c,0x2b,0x98,0xa5,0x01,0x73,0xf0,0x67,0x95,0x41,0x4e,0xa3,0xd6,
965 0x8d,0x24,0xc4,0xc3,0x8f,0x28,0x7c,0x76,0x76,0x84,0x6c,0x95,0x94,0x22,0xde,0xe2,
966 0x9d,0xcb,0x37,0xb6,0x97,0x6b,0xf3,0x58,0x1d,0x5a,0x98,0x88,0xac,0xd9,0xb1,0x59,
967 0x16,0x11,0xd8,0x0b,0x68,0xce,0xdf,0x4b,0x1a,0x28,0x3c,0xeb,0x14,0xb2,0x28,0xa7,
968 0xad,0x54,0x55,0xa1,0x6b,0x50,0x86,0x55,0x00,0xae,0xf6,0xdf,0x6b,0xb3,0x42,0xb3,
969 0x7b,0xbb,0x0d,0x91,0x14,0xdb,0x82,0xea,0xe9,0x08,0x9f,0xf6,0x6f,0xd0,0x10,0xd7,
970 0x83,0x1e,0xfc,0x5e,0x58,0xca,0x01,0xdd,0xb4,0xc8,0xbe,0x80,0xe3,0x07,0x71,0x0a,
971 0x74,0x01,0xd4,0xf1,0x50,0xe1,0x51,0x22,0xb1,0x43,0x98,0xf1,0x5e,0xdd,0xb4,0x65,
972 0x5a,0x18,0x0c,0x8b,0x1b,0x4e,0xe1,0xce,0xb1,0x0e,0x81,0xda,0x6b,0x98,0xc4,0xcb,
973 0xd9,0xd2,0xb2,0x1e,0xea,0xac,0x0c,0x08,0x86,0xa4,0x60,0xab,0x84,0x50,0x13,0xf8,
974 0x48,0xfb,0x64,0xf3,0x33,0x88,0x83,0x72,0x22,0xe8,0x6a,0x43,0xd3,0xb4,0xc7,0xd2,
975 0x04,0xed,0x07,0x75,0x26,0x96,0x2d,0x84,0xb9,0x10,0x02,0xd2,0xda,0xc8,0xc8,0x0b,
976 0x95,0xe3,0x69,0x1e,0x57,0x16,0x7a,0xb5,0x1c,0xe7,0x46,0x89,0xfc,0xed,0x49,0x69,
977 0x47,0xb8,0x07,0xe4,0xcb,0xd1,0x52,0xd6,0x8c,0x32,0xaa,0x91,0x8d,0x45,0x19,0xf1,
978 0x54,0x23,0x3c,0x5f,0xcc,0xc7,0x60,0xfc,0x89,0x00,0x9a,0xa3,0xc2,0xf0,0x48,0xda,
979 0xbf,0xe4,0xfd,0x78,0x3b,0x6c,0x2d,0x34,0x91,0x6b,0x0d,0x21,0xb4,0xba,0xe8,0x6d,
980 0x80,0xbc,0xfb,0x91,0xcb,0xce,0x77,0x01,0x4e,0xfe,0x7b,0xf2,0x08,0x78,0x2e,0x3f,
981 0x16,0xd4,0xfd,0xf0,0x76,0x68,0xce,0x43,0xdc,0xb2,0xe2,0x82,0x64,0x8f,0xc8,0x71,
982 0x0f,0x6e,0xc6,0x3b,0x4a,0x6b,0x6a,0xd7,0xf6,0x21,0x46,0xcd,0x05,0xce,0x19,0xab,
983 0x28,0x28,0x55,0x19,0x1d,0x07,0xaf,0x38,0xd9,0x9c,0xdf,0xe8,0x91,0x68,0x16,0xdd,
984 0x36,0x19,0x71,0x46,0x86,0x08,0x0a,0x08,0x34,0xc5,0x3b,0x53,0xaa,0x35,0x27,0x6e,
985 0xe4,0xf3,0xa1,0xd6,0x04,0x78,0xf9,0x63,0xec,0x1e,0xfe,0x30,0x38,0xb3,0xe7,0xd8,
986 0x27,0x9f,0x98,0xd5,0xb9,0x4d,0xb9,0x80,0x4f,0xb0,0x81,0xc6,0xaa,0xc2,0xe6,0xbf,
987 0x98,0x63,0x05,0xc6,0xab,0x4e,0xc8,0x7e,0xf4,0x37,0x68,0xad,0x63,0x08,0x6e,0x8f,
988 0xe5,0xd9,0x62,0x43,0xa3,0x0d,0x61,0x84,0x41,0x02,0xd0,0xc6,0x33,0x19,0x76,0xb8,
989 0x31,0xb1,0x27,0x2f,0x81,0x40,0x71,0x35,0x3c,0xf6,0xf2,0xc7,0x9b,0x85,0x9c,0x2e,
990 0xa0,0xf6,0xd2,0x3a,0xd9,0x7e,0xdd,0x82,0x56,0xf4,0x61,0x97,0x79,0xdb,0x27,0x5d,
991 0xa7,0x5b,0x8d,0x01,0x9d,0x68,0x9b,0x3a,0x4e,0xe1,0x3c,0xaf,0x61,0x0f,0xbf,0xfa,
992 0x61,0x12,0x2f,0xde,0x7a,0x71,0x0a,0xdd,0x6e,0x29,0x11,0x8e,0xa4,0x93,0x31,0x85,
993 0x2a,0x31,0xa8,0xd7,0x3f,0xfb,0xf4,0xd2,0xd4,0x7f,0x0c,0xb2,0x8d,0x63,0x25,0x47,
994 0x18,0x04,0x00,0x28,0x90,0xd3,0xc0,0x7e,0xca,0xfa,0x0d,0xc4,0xab,0xd4,0x7a,0x17,
995 0xb7,0xdc,0xce,0x7d,0xc2,0xe8,0x5b,0x68,0x7c,0xa9,0x3c,0xac,0x4e,0x2c,0xde,0x0c,
996 0x4a,0x09,0x09,0x03,0x77,0x12,0xb9,0x31,0xc9,0x0d,0x6e,0x2b,0xac,0x96,0x7b,0xb0,
997 0x3d,0x37,0x03,0x32,0xc6,0xe1,0x64,0x16,0xc1,0x1b,0xfa,0xa3,0x32,0xe9,0xea,0x25,
998 0x0c,0xa1,0xbf,0xae,0xaa,0xba,0xbd,0x24,0xba,0x9d,0x5f,0x15,0x20,0x59,0x2d,0xe5,
999 0x09,0xe6,0x71,0x70,0xcd,0xf5,0x44,0x12,0xcf,0x17,0x8b,0x33,0x4b,0x67,0x86,0x53,
1000 0xd3,0x66,0x80,0x2e,0xfb,0x6b,0x95,0x38,0x35,0x2d,0x39,0xb8,0x19,0xb7,0x01,0xe0,
1001 0xe2,0x7d,0x29,0xd3,0x89,0xc7,0xc9,0x4f,0xb4,0xf9,0x48,0x20,0x6a,0x40,0xd3,0x71,
1002 0x28,0xf4,0xdf,0x3a,0xff,0xf0,0xd1,0x7a,0x78,0xbd,0x92,0xe4,0xa2,0x05,0x47,0xf5,
1003 0xfa,0x25,0x4f,0x22,0x3f,0x8f,0x85,0x72,0xaa,0x0f,0xfa,0x21,0x84,0x63,0xbc,0xb6,
1004 0xe0,0x49,0x1e,0xdf,0x0a,0xee,0x4b,0xa8,0x96,0xbf,0x2f,0xa7,0x31,0x64,0xc3,0xa1,
1005 0x19,0xe1,0x2b,0x69,0xbf,0x0f,0xcc,0x76,0x49,0x9f,0xdd,0x4e,0xf0,0x77,0xf0,0xae,
1006 0x83,0x20,0xe2,0xd6,0x21,0x1a,0x3a,0x1a,0xb4,0xbf,0x57,0x02,0x9c,0xf6,0xb1,0x47,
1007 0x83,0x59,0x0c,0x43,0xce,0x9a,0x3d,0xb3,0x9b,0x9c,0xd2,0x30,0xcd,0x40,0x58,0xfe,
1008 0xec,0xa9,0x59,0xa8,0xf6,0x28,0x31,0xbf,0xc3,0xfb,0xad,0x37,0x07,0xd4,0x34,0xe7,
1009 0x58,0xfa,0xca,0xe7,0xe3,0xbb,0x3d,0xd8,0xf6,0xd7,0x9c,0xf5,0x6f,0xc0,0xbd,0x9e,
1010 0x3a,0x91,0x30,0x7c,0xe4,0xff,0x8d,0xbe,0x85,0x91,0x27,0x92,0x51,0xdc,0xd6,0x66,
1011 0x7e,0x5a,0xfb,0xf7,0xbe,0x34,0xce,0x5e,0xa4,0x50,0xf1,0x6d,0xc0,0x32,0x3b,0xaa,
1012 0x8c,0x52,0x25,0xcc,0x75,0x26,0x2b,0xa8,0x2f,0x6f,0x02,0x81,0x18,0x07,0x5f,0xbe,
1013 0xc3,0xed,0xa3,0x93,0x73,0xc9,0xd4,0x79,0xec,0x34,0x78,0x31,0x62,0x30,0x3b,0x06,
1014 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x14,0x31,0x2e,0x1e,0x2c,0x00,0x54,
1015 0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x20,0x00,0x49,0x00,0x64,0x00,0x65,0x00,0x6e,
1016 0x00,0x74,0x00,0x69,0x00,0x74,0x00,0x79,0x00,0x20,0x00,0x53,0x00,0x53,0x00,0x4c,
1017 0x00,0x20,0x00,0x32,0x00,0x30,0x00,0x30,0x00,0x37,0x30,0x23,0x06,0x09,0x2a,0x86,
1018 0x48,0x86,0xf7,0x0d,0x01,0x09,0x15,0x31,0x16,0x04,0x14,0xd0,0xcb,0xd6,0x5c,0xe1,
1019 0x73,0x7a,0xb8,0xa8,0x2a,0xf8,0xc9,0xe6,0xdc,0xbb,0xc2,0xec,0x00,0x2e,0x6a,0x30,
1020 0x30,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14,
1021 0x47,0x2e,0x9e,0xca,0x71,0x3b,0x36,0xcf,0x34,0x59,0x7e,0x0a,0x6e,0xe0,0xeb,0x79,
1022 0xcb,0x82,0x47,0x76,0x04,0x08,0xff,0xe9,0xf7,0xee,0x2f,0x48,0xcc,0x24,0x02,0x01,
1023 0x01
1024 };
1025
1026
1027 static int quiet = 0;
1028 static int debug = 0;
1029
1030 #define MAXNAMELEN MAXPATHLEN
1031 #define MAXITEMS INT32_MAX
1032
1033 #pragma mark -- Utility Functions --
1034
1035
1036 static void PrintTestResult(char *testStr, OSStatus status, OSStatus expected)
1037 {
1038 is(status, expected, "%s", testStr);
1039 fflush(stdout);
1040 }
1041
1042
1043 static void PrintStringToMatch(CFStringRef nameStr)
1044 {
1045 char *buf = (char*)malloc(MAXNAMELEN);
1046 if (buf) {
1047 if (CFStringGetCString(nameStr, buf, (CFIndex)MAXNAMELEN, kCFStringEncodingUTF8)) {
1048 fprintf(stdout, "### String to match is \"%s\"\n", buf);
1049 fflush(stdout);
1050 }
1051 free(buf);
1052 }
1053 }
1054
1055
1056 static void PrintSecCertificate(SecCertificateRef certificate)
1057 {
1058 CFStringRef nameStr;
1059 if(!certificate) {
1060 return;
1061 }
1062
1063 OSStatus status = SecCertificateCopyCommonName(certificate, &nameStr);
1064 if (status) {
1065 fprintf(stderr, "### SecCertificateCopyCommonName error %d\n", (int)status);
1066 }
1067 else {
1068 char *buf = (char*)malloc(MAXNAMELEN);
1069 if (buf) {
1070 if (CFStringGetCString(nameStr, buf, (CFIndex)MAXNAMELEN, kCFStringEncodingUTF8)) {
1071 fprintf(stdout, "### Found certificate name: \"%s\"\n", buf);
1072 }
1073 free(buf);
1074 }
1075 CFRelease(nameStr);
1076 }
1077 }
1078
1079
1080 static void PrintSecIdentity(SecIdentityRef identity)
1081 {
1082 SecCertificateRef certRef;
1083 if(!identity) {
1084 return;
1085 }
1086
1087 OSStatus status = SecIdentityCopyCertificate(identity, &certRef);
1088 if (status) {
1089 fprintf(stderr, "### SecIdentityCopyCertificate error %d\n", (int)status);
1090 }
1091 else {
1092 PrintSecCertificate(certRef);
1093 CFRelease(certRef);
1094 }
1095 }
1096
1097
1098 static void PrintCFStringWithFormat(const char *formatStr, CFStringRef inStr)
1099 {
1100 char *buf = (char*)malloc(MAXNAMELEN);
1101 if (buf) {
1102 if (CFStringGetCString(inStr, buf, (CFIndex)MAXNAMELEN, kCFStringEncodingUTF8)) {
1103 fprintf(stdout, formatStr, buf);
1104 fflush(stdout);
1105 }
1106 free(buf);
1107 }
1108 }
1109
1110
1111 static void PrintCFThing(CFTypeRef thing)
1112 {
1113 fprintf(stderr, "### Results: %p\n", (void*)thing);
1114
1115 CFTypeID thingID = (thing) ? CFGetTypeID(thing) : 0;
1116 if (thingID == SecCertificateGetTypeID()) {
1117 // print a SecCertificateRef
1118 PrintSecCertificate((SecCertificateRef)thing);
1119 }
1120 else if (thingID == SecIdentityGetTypeID()) {
1121 // print a SecIdentityRef
1122 PrintSecIdentity((SecIdentityRef)thing);
1123 }
1124 else if (thingID == SecKeychainItemGetTypeID() ||
1125 thingID == SecIdentityGetTypeID() ||
1126 thingID == CFDictionaryGetTypeID() ||
1127 thingID == CFArrayGetTypeID() ||
1128 thingID == CFStringGetTypeID() ||
1129 thingID == CFDataGetTypeID()) {
1130 CFShow(thing);
1131 }
1132 else {
1133 fprintf(stderr, "### ERROR: result is not a supported CFType! (%ld)\n",
1134 thingID);
1135 }
1136 }
1137
1138 //%%% FIXME need to break this up into separate functions
1139 static int TestAddItems(SecKeychainRef keychain)
1140 {
1141 SecCertificateRef certs[5];
1142 CFDataRef tmpData;
1143 OSStatus status;
1144
1145 /* add test leaf */
1146 tmpData = CFDataCreateWithBytesNoCopy(NULL, LEAF_CERT, sizeof(LEAF_CERT), kCFAllocatorNull);
1147 certs[0] = SecCertificateCreateWithData(NULL, tmpData);
1148 CFRelease(tmpData);
1149
1150 /* add test intermediate */
1151 tmpData = CFDataCreateWithBytesNoCopy(NULL, INTERMEDIATE_CERT, sizeof(INTERMEDIATE_CERT), kCFAllocatorNull);
1152 certs[1] = SecCertificateCreateWithData(NULL, tmpData);
1153 CFRelease(tmpData);
1154
1155 /* add test root */
1156 tmpData = CFDataCreateWithBytesNoCopy(NULL, ROOT_CERT, sizeof(ROOT_CERT), kCFAllocatorNull);
1157 certs[2] = SecCertificateCreateWithData(NULL, tmpData);
1158 CFRelease(tmpData);
1159 // will add this below using SecItemAdd instead of SecCertificateAddToKeychain
1160
1161 /* use SecItemAdd to add an array containing certs 1-3 */
1162 CFArrayRef certArray = CFArrayCreate(NULL, (const void**) certs, 3, &kCFTypeArrayCallBacks);
1163 CFMutableDictionaryRef attrs = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
1164 CFDictionaryAddValue(attrs, kSecClass, kSecClassCertificate); // we are adding certificates
1165 CFDictionaryAddValue(attrs, kSecUseItemList, certArray); // add these items (to default keychain, since we aren't specifying one)
1166 CFDictionaryAddValue(attrs, kSecUseKeychain, keychain); // add these to the test keychain
1167 status = SecItemAdd(attrs, NULL);
1168 CFRelease(attrs);
1169 CFRelease(certArray);
1170 ok_status(status, "Unable to add 3 test certificates: error %d\n", (int)status);
1171 if (status && status != errSecDuplicateItem) {
1172 goto error_exit;
1173 }
1174
1175 /* add test cert for S/MIME policy (encrypt only, no sign) */
1176 tmpData = CFDataCreateWithBytesNoCopy(NULL, Test_smime_encryptonly, sizeof(Test_smime_encryptonly), kCFAllocatorNull);
1177 certs[3] = SecCertificateCreateWithData(NULL, tmpData);
1178 CFRelease(tmpData);
1179 status = SecCertificateAddToKeychain(certs[3], keychain);
1180 ok_status(status, "Unable to add test S/MIME certificate: error %d\n", (int)status);
1181 if (status && status != errSecDuplicateItem) {
1182 goto error_exit;
1183 }
1184
1185 /* add test cert for Code Signing policy */
1186 tmpData = CFDataCreateWithBytesNoCopy(NULL, Test_codesign, sizeof(Test_codesign), kCFAllocatorNull);
1187 certs[4] = SecCertificateCreateWithData(NULL, tmpData);
1188 CFRelease(tmpData);
1189 status = SecCertificateAddToKeychain(certs[4], keychain);
1190 ok_status(status, "Unable to add test Code Signing certificate: error %d\n", (int)status);
1191 if (status && status != errSecDuplicateItem) {
1192 goto error_exit;
1193 }
1194
1195 /* import test SSL identity */
1196 {
1197 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, Test_ssl_user_p12, (CFIndex)sizeof(Test_ssl_user_p12), kCFAllocatorNull);
1198 SecExternalFormat format = kSecFormatPKCS12;
1199 SecExternalItemType itemType = kSecItemTypeAggregate;
1200 SecItemImportExportFlags flags = 0;
1201 #if 0
1202 /* deprecated method, using CDSA constants */
1203 SecKeyImportExportParameters keyParams = {
1204 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1205 0, // SecKeyImportExportFlags flags
1206 CFSTR("test"), // CFTypeRef passphrase
1207 CFSTR("title"), // CFStringRef alertTitle
1208 CFSTR("pw:"), // CFStringRef alertPrompt
1209 NULL, // SecAccessRef accessRef (unspecified, use default)
1210 CSSM_KEYUSE_SIGN, // CSSM_KEYUSE keyUsage (0=unspecified)
1211 CSSM_KEYATTR_PERMANENT // CSSM_KEYATTR_FLAGS keyAttributes
1212 };
1213 status = SecKeychainItemImport(p12DataRef,
1214 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1215 #else
1216 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1217 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1218 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1219 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1220 SecItemImportExportKeyParameters keyParams = {
1221 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1222 0, // SecKeyImportExportFlags flags
1223 CFSTR("test"), // CFTypeRef passphrase
1224 CFSTR("title"), // CFStringRef alertTitle
1225 CFSTR("pw:"), // CFStringRef alertPrompt
1226 NULL, // SecAccessRef accessRef (unspecified, use default)
1227 keyUsagesArray, // CFArrayRef keyUsages
1228 keyAttrsArray // CFArrayRef keyAttributes
1229 };
1230 status = SecItemImport(p12DataRef,
1231 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1232 CFReleaseSafe(p12DataRef);
1233 CFRelease(keyUsagesArray);
1234 CFRelease(keyAttrsArray);
1235 #endif
1236 ok_status(status, "Unable to import test SSL identity: error %d\n", (int)status);
1237 if (status && status != errSecDuplicateItem) {
1238 goto error_exit;
1239 }
1240 }
1241
1242 /* import test S/MIME signing identity */
1243 {
1244 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, Test_smime_signonly_p12, (CFIndex)sizeof(Test_smime_signonly_p12), kCFAllocatorNull);
1245 SecExternalFormat format = kSecFormatPKCS12;
1246 SecExternalItemType itemType = kSecItemTypeAggregate;
1247 SecItemImportExportFlags flags = 0;
1248 #if 0
1249 /* deprecated method, using CDSA constants */
1250 SecKeyImportExportParameters keyParams = {
1251 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1252 0, // SecKeyImportExportFlags flags
1253 CFSTR("test"), // CFTypeRef passphrase
1254 CFSTR("title"), // CFStringRef alertTitle
1255 CFSTR("pw:"), // CFStringRef alertPrompt
1256 NULL, // SecAccessRef accessRef (unspecified, use default)
1257 CSSM_KEYUSE_SIGN, // CSSM_KEYUSE keyUsage (0=unspecified)
1258 CSSM_KEYATTR_PERMANENT // CSSM_KEYATTR_FLAGS keyAttributes
1259 };
1260 status = SecKeychainItemImport(p12DataRef,
1261 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1262 #else
1263 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1264 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1265 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1266 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1267 SecItemImportExportKeyParameters keyParams = {
1268 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1269 0, // SecKeyImportExportFlags flags
1270 CFSTR("test"), // CFTypeRef passphrase
1271 CFSTR("title"), // CFStringRef alertTitle
1272 CFSTR("pw:"), // CFStringRef alertPrompt
1273 NULL, // SecAccessRef accessRef (unspecified, use default)
1274 keyUsagesArray, // CFArrayRef keyUsages
1275 keyAttrsArray // CFArrayRef keyAttributes
1276 };
1277 status = SecItemImport(p12DataRef,
1278 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1279 CFReleaseSafe(p12DataRef);
1280 CFRelease(keyUsagesArray);
1281 CFRelease(keyAttrsArray);
1282 #endif
1283 ok_status(status, "Unable to import test S/MIME identity: error %d\n", (int)status);
1284 if (status && status != errSecDuplicateItem) {
1285 goto error_exit;
1286 }
1287 }
1288
1289 /* import expired SSL identity */
1290 {
1291 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, TestIDSSL2007_p12, (CFIndex)sizeof(TestIDSSL2007_p12), kCFAllocatorNull);
1292 SecExternalFormat format = kSecFormatPKCS12;
1293 SecExternalItemType itemType = kSecItemTypeAggregate;
1294 SecItemImportExportFlags flags = 0;
1295 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1296 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1297 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1298 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1299 SecItemImportExportKeyParameters keyParams = {
1300 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1301 0, // SecKeyImportExportFlags flags
1302 CFSTR("test"), // CFTypeRef passphrase
1303 CFSTR("title"), // CFStringRef alertTitle
1304 CFSTR("pw:"), // CFStringRef alertPrompt
1305 NULL, // SecAccessRef accessRef (unspecified, use default)
1306 keyUsagesArray, // CFArrayRef keyUsages
1307 keyAttrsArray // CFArrayRef keyAttributes
1308 };
1309 status = SecItemImport(p12DataRef,
1310 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1311 CFReleaseNull(p12DataRef);
1312 CFRelease(keyUsagesArray);
1313 CFRelease(keyAttrsArray);
1314 ok_status(status, "Unable to import TestIDSSL2007_p12 identity: error %d\n", (int)status);
1315 if (status && status != errSecDuplicateItem) {
1316 goto error_exit;
1317 }
1318 }
1319
1320 /* import expired S/MIME identity */
1321 {
1322 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, TestIDSMIME2007_p12, (CFIndex)sizeof(TestIDSMIME2007_p12), kCFAllocatorNull);
1323 SecExternalFormat format = kSecFormatPKCS12;
1324 SecExternalItemType itemType = kSecItemTypeAggregate;
1325 SecItemImportExportFlags flags = 0;
1326 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1327 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1328 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1329 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1330 SecItemImportExportKeyParameters keyParams = {
1331 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1332 0, // SecKeyImportExportFlags flags
1333 CFSTR("test"), // CFTypeRef passphrase
1334 CFSTR("title"), // CFStringRef alertTitle
1335 CFSTR("pw:"), // CFStringRef alertPrompt
1336 NULL, // SecAccessRef accessRef (unspecified, use default)
1337 keyUsagesArray, // CFArrayRef keyUsages
1338 keyAttrsArray // CFArrayRef keyAttributes
1339 };
1340 status = SecItemImport(p12DataRef,
1341 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1342 CFReleaseSafe(p12DataRef);
1343 CFRelease(keyUsagesArray);
1344 CFRelease(keyAttrsArray);
1345 ok_status(status, "Unable to import TestIDSMIME2007_p12 identity: error %d\n", (int)status);
1346 if (status && status != errSecDuplicateItem) {
1347 goto error_exit;
1348 }
1349 }
1350
1351 /* add generic password items */
1352 status = SecKeychainAddGenericPassword(keychain,
1353 strlen("Test Service 42"), "Test Service 42",
1354 strlen("nobody"), "nobody",
1355 strlen("weakpass"), "weakpass",
1356 NULL);
1357 ok_status(status, "Unable to add \"Test Service 42\" generic password: error %d\n", (int)status);
1358 if (status && status != errSecDuplicateItem) {
1359 goto error_exit;
1360 }
1361 status = SecKeychainAddGenericPassword(keychain,
1362 strlen("Test Service 69"), "Test Service 69",
1363 strlen("nobody"), "nobody",
1364 strlen("weakpass"), "weakpass",
1365 NULL);
1366 ok_status(status, "Unable to add \"Test Service 69\" generic password: error %d\n", (int)status);
1367 if (status && status != errSecDuplicateItem) {
1368 goto error_exit;
1369 }
1370
1371 /* add internet password items */
1372 status = SecKeychainAddInternetPassword(keychain,
1373 strlen("test1.subdomain.apple.com"), "test1.subdomain.apple.com",
1374 0, NULL,
1375 strlen("nobody"), "nobody",
1376 0, NULL,
1377 80, kSecProtocolTypeHTTP, kSecAuthenticationTypeDefault,
1378 strlen("weakpass"), "weakpass",
1379 NULL);
1380 ok_status(status, "Unable to add \"test1.subdomain.apple.com\" internet password: error %d\n", (int)status);
1381 if (status && status != errSecDuplicateItem) {
1382 goto error_exit;
1383 }
1384 status = SecKeychainAddInternetPassword(keychain,
1385 strlen("test2.subdomain.apple.com"), "test2.subdomain.apple.com",
1386 0, NULL,
1387 strlen("nobody"), "nobody",
1388 0, NULL,
1389 443, kSecProtocolTypeHTTPS, kSecAuthenticationTypeDefault,
1390 strlen("weakpass"), "weakpass",
1391 NULL);
1392 ok_status(status, "Unable to add \"test2.subdomain.apple.com\" internet password: error %d\n", (int)status);
1393 if (status && status != errSecDuplicateItem) {
1394 goto error_exit;
1395 }
1396
1397 /* add a Mail password */
1398 status = SecKeychainAddInternetPassword(keychain,
1399 strlen("mail.apple.com"), "mail.apple.com",
1400 0, NULL,
1401 strlen("testacct"), "testacct",
1402 0, NULL,
1403 143, kSecProtocolTypeIMAP, kSecAuthenticationTypeDefault,
1404 strlen("testpass"), "testpass",
1405 NULL);
1406 ok_status(status, "Unable to add \"mail.apple.com\" internet password: error %d\n", (int)status);
1407 if (status && status != errSecDuplicateItem) {
1408 goto error_exit;
1409 }
1410
1411 /* if an item was already in the keychain from a previous run, we can ignore the error */
1412 if (status == errSecDuplicateItem)
1413 status = noErr;
1414
1415 error_exit:
1416
1417 if (keychain) CFRelease(keychain);
1418 PrintTestResult("TestAddItems", status, noErr);
1419
1420 return (int)status;
1421 }
1422
1423
1424 static int CheckResults(CFTypeRef results, CFIndex minMatchesExpected, CFIndex maxMatchesExpected)
1425 {
1426 OSStatus status = noErr;
1427 if (debug) {
1428 PrintCFThing(results);
1429 }
1430 if (minMatchesExpected > 0) {
1431 CFIndex matchesFound;
1432 if (CFGetTypeID(results) == CFArrayGetTypeID()) {
1433 // multiple items returned as an array
1434 matchesFound = CFArrayGetCount(results);
1435 }
1436 else {
1437 // single item returned as either a dictionary or an item reference
1438 matchesFound = (results) ? 1 : 0;
1439 }
1440 if (debug) {
1441 fprintf(stdout, "### Items matched: %d (minimum expected: %d",
1442 (int)matchesFound, (int)minMatchesExpected);
1443 if (maxMatchesExpected < MAXITEMS)
1444 fprintf(stdout, ", maximum expected: %d", (int)minMatchesExpected);
1445 fprintf(stdout, ")\n");
1446 fflush(stdout);
1447 }
1448 if (matchesFound < minMatchesExpected ||
1449 matchesFound > maxMatchesExpected) {
1450 /* should not happen, unless SecItemCopyMatching has a bug */
1451 status = errSecInternalError;
1452 }
1453 if(matchesFound < minMatchesExpected) {
1454 fail("CheckResults: %ld < %ld (minimum required)", matchesFound, minMatchesExpected);
1455 } else if(matchesFound > maxMatchesExpected) {
1456 fail("CheckResults: %ld > %ld (maximum allowed", matchesFound, maxMatchesExpected);
1457 } else {
1458 pass("CheckResults: matches found fall within requirements: %ld <= %ld <= %ld", minMatchesExpected, matchesFound, maxMatchesExpected);
1459 }
1460 }
1461 return (int)status;
1462 }
1463
1464
1465 #pragma mark -- Individual Test Cases --
1466
1467
1468 static int FindCertificateByEmail(SecKeychainRef keychain,
1469 CFStringRef emailStr,
1470 CFTypeRef returnType,
1471 CFTypeRef matchLimit,
1472 CFIndex minMatchesExpected,
1473 OSStatus expected)
1474 {
1475 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1476 &kCFTypeDictionaryKeyCallBacks,
1477 &kCFTypeDictionaryValueCallBacks);
1478
1479 /* set up the query */
1480 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1481 CFDictionaryAddValue( query, kSecMatchEmailAddressIfPresent, emailStr );
1482 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1483 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1484
1485 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1486 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1487 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1488
1489 CFTypeRef results = NULL;
1490 if (debug) {
1491 PrintStringToMatch(emailStr);
1492 }
1493
1494 OSStatus status = SecItemCopyMatching(query, &results);
1495
1496 if (!status && results) {
1497 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1498 CFRelease(results);
1499 }
1500 if (query)
1501 CFRelease(query);
1502
1503 PrintTestResult("FindCertificateByEmail", status, expected);
1504
1505 return (status==expected) ? (int)noErr : (int)status;
1506 }
1507
1508
1509 static int FindCertificateByLabel(SecKeychainRef keychain,
1510 CFStringRef labelStr,
1511 CFTypeRef returnType,
1512 CFTypeRef matchLimit,
1513 CFIndex minMatchesExpected,
1514 CFIndex maxMatchesExpected,
1515 OSStatus expected)
1516 {
1517 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1518 &kCFTypeDictionaryKeyCallBacks,
1519 &kCFTypeDictionaryValueCallBacks);
1520
1521 /* set up the query */
1522 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1523 CFDictionaryAddValue( query, kSecAttrLabel, labelStr );
1524 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1525 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1526
1527 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1528 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1529 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1530
1531 CFTypeRef results = NULL;
1532 if (debug) {
1533 PrintStringToMatch(labelStr);
1534 }
1535
1536 OSStatus status = SecItemCopyMatching(query, &results);
1537
1538 if (!status && results) {
1539 status = CheckResults(results, minMatchesExpected, maxMatchesExpected);
1540 CFRelease(results);
1541 }
1542 if (query)
1543 CFRelease(query);
1544
1545 PrintTestResult("FindCertificateByLabel", status, expected);
1546
1547 return (status==expected) ? (int)noErr : (int)status;
1548 }
1549
1550
1551 static int FindCertificateByNameInSubject(SecKeychainRef keychain,
1552 CFStringRef nameStr,
1553 CFTypeRef matchType,
1554 CFTypeRef returnType,
1555 CFTypeRef matchLimit,
1556 CFIndex minMatchesExpected,
1557 OSStatus expected)
1558 {
1559 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1560 &kCFTypeDictionaryKeyCallBacks,
1561 &kCFTypeDictionaryValueCallBacks);
1562
1563 /* set up the query */
1564 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1565 CFDictionaryAddValue( query, matchType, nameStr );
1566 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1567 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1568
1569 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1570 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1571 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1572
1573 CFTypeRef results = NULL;
1574 if (debug) {
1575 PrintStringToMatch(nameStr);
1576 }
1577
1578 OSStatus status = SecItemCopyMatching(query, &results);
1579
1580 if (!status && results) {
1581 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1582 CFRelease(results);
1583 }
1584 if (query)
1585 CFRelease(query);
1586
1587 PrintTestResult("FindCertificateByNameInSubject", status, expected);
1588
1589 return (status==expected) ? (int)noErr : (int)status;
1590 }
1591
1592
1593 static int FindCertificateByNameAndPolicy(SecKeychainRef keychain,
1594 CFStringRef nameStr,
1595 SecPolicyRef policy,
1596 CFTypeRef returnType,
1597 CFTypeRef matchLimit,
1598 CFIndex matchesExpected,
1599 OSStatus expected)
1600 {
1601 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1602 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1603
1604 const void *keys[] = {
1605 kSecMatchSearchList,
1606 kSecClass,
1607 kSecMatchSubjectContains,
1608 kSecMatchPolicy,
1609 kSecMatchLimit,
1610 returnType
1611 };
1612 const void *values[] = {
1613 searchList,
1614 kSecClassCertificate,
1615 nameStr,
1616 policy,
1617 matchLimit,
1618 kCFBooleanTrue
1619 };
1620
1621 OSStatus status = noErr;
1622 CFTypeRef results = NULL;
1623 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
1624 sizeof(keys) / sizeof(*keys),
1625 &kCFTypeDictionaryKeyCallBacks,
1626 &kCFTypeDictionaryValueCallBacks);
1627
1628 if (debug) {
1629 PrintStringToMatch(nameStr);
1630 PrintStringToMatch(SecPolicyGetName(policy));
1631 }
1632
1633 status = SecItemCopyMatching(query, &results);
1634
1635 if (!status && results) {
1636 status = CheckResults(results, matchesExpected, matchesExpected);
1637 CFRelease(results);
1638 }
1639 if (query)
1640 CFRelease(query);
1641
1642 PrintTestResult("FindCertificateByNameAndPolicy", status, expected);
1643
1644 return (status==expected) ? (int)noErr : (int)status;
1645 }
1646
1647
1648 static int FindCertificateByNameAndValidDate(SecKeychainRef keychain,
1649 CFStringRef nameStr,
1650 CFTypeRef validOnDate,
1651 CFTypeRef returnType,
1652 CFTypeRef matchLimit,
1653 CFIndex minMatchesExpected,
1654 OSStatus expected)
1655 {
1656 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1657 &kCFTypeDictionaryKeyCallBacks,
1658 &kCFTypeDictionaryValueCallBacks);
1659
1660 /* set up the query */
1661 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1662 CFDictionaryAddValue( query, kSecMatchSubjectContains, nameStr );
1663 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate ); // value may be a CFDateRef or a CFNullRef
1664 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1665 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1666
1667 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1668 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1669 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1670
1671 CFTypeRef results = NULL;
1672 if (debug) {
1673 PrintStringToMatch(nameStr);
1674 PrintStringToMatch(CFCopyDescription(validOnDate));
1675 }
1676
1677 OSStatus status = SecItemCopyMatching(query, &results);
1678
1679 if (!status && results) {
1680 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1681 CFRelease(results);
1682 }
1683 if (query)
1684 CFRelease(query);
1685
1686 PrintTestResult("FindCertificateByNameAndValidDate", status, expected);
1687
1688 return (status==expected) ? (int)noErr : (int)status;
1689 }
1690
1691
1692 static int FindCertificateForSMIMEEncryption(SecKeychainRef keychain,
1693 CFStringRef emailAddr,
1694 CFTypeRef validOnDate,
1695 CFTypeRef returnType,
1696 CFTypeRef matchLimit,
1697 CFIndex minMatchesExpected,
1698 CFIndex maxMatchesExpected,
1699 OSStatus expected)
1700 {
1701 /* create a SecPolicyRef for S/MIME */
1702 SecPolicyRef policy = SecPolicyCreateWithOID(kSecPolicyAppleSMIME);
1703 if (policy == NULL)
1704 return errSecPolicyNotFound;
1705
1706 CFMutableDictionaryRef properties = CFDictionaryCreateMutable(NULL, 0,
1707 &kCFTypeDictionaryKeyCallBacks,
1708 &kCFTypeDictionaryValueCallBacks);
1709
1710 /* property 1: must match email address */
1711 CFDictionaryAddValue( properties, kSecPolicyName, emailAddr );
1712 /* property 2: must have "key encipherment" key usage to be used for encryption */
1713 CFDictionaryAddValue( properties, kSecPolicyKU_KeyEncipherment, kCFBooleanTrue );
1714
1715 SecPolicySetProperties(policy, properties);
1716
1717 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1718 &kCFTypeDictionaryKeyCallBacks,
1719 &kCFTypeDictionaryValueCallBacks);
1720
1721 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1722 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1723 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1724
1725 /* set up the query */
1726 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1727 CFDictionaryAddValue( query, kSecMatchPolicy, policy );
1728 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate );
1729 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1730 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1731
1732 CFTypeRef results = NULL;
1733 if (debug) {
1734 PrintStringToMatch(emailAddr);
1735 PrintStringToMatch(CFCopyDescription(kSecPolicyAppleSMIME));
1736 PrintStringToMatch(CFCopyDescription(validOnDate));
1737 }
1738
1739 OSStatus status = SecItemCopyMatching(query, &results);
1740
1741 if (!status && results) {
1742 status = CheckResults(results, minMatchesExpected, maxMatchesExpected);
1743 CFRelease(results);
1744 }
1745 if (query)
1746 CFRelease(query);
1747 if (policy)
1748 CFRelease(policy);
1749 if (properties)
1750 CFRelease(properties);
1751
1752 PrintTestResult("FindCertificateForSMIMEEncryption", status, expected);
1753
1754 return (status==expected) ? (int)noErr : (int)status;
1755 }
1756
1757
1758 static int FindPreferredCertificateForSMIMEEncryption(SecKeychainRef keychain,
1759 CFStringRef emailAddr, CFTypeRef validOnDate)
1760 {
1761 // Note: this function assumes that a preferred certificate has been set up
1762 // previously for the given email address. This is handled in the calling
1763 // function.
1764
1765 OSStatus status = noErr;
1766 SecCertificateRef preferredCertificate = NULL;
1767 SecCertificateRef validatedCertificate = NULL;
1768
1769 // Pass an explicit key usage value to SecCertificateCopyPreferred to test <rdar://8192797>
1770 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanEncrypt, 1, &kCFTypeArrayCallBacks);
1771
1772 preferredCertificate = SecCertificateCopyPreferred(emailAddr, keyUsage);
1773 if (!preferredCertificate)
1774 status = errSecItemNotFound; // our test expects a preferred certificate to exist, so we return an error
1775 if (keyUsage)
1776 CFRelease(keyUsage);
1777
1778 if (!status && preferredCertificate) {
1779 // We found a preferred certificate, but it may have expired.
1780 // Verify the preferred certificate by looking up all certificates which
1781 // are valid for SMIME encryption, and using the kSecMatchItemList query
1782 // parameter to filter out everything but our preferred certificate. If
1783 // we end up with 0 results, the preferred certificate wasn't valid.
1784
1785 // set up the S/MIME policy first to check for the Key Encipherment key usage (needed for encryption)
1786 SecPolicyRef policy = SecPolicyCreateWithOID(kSecPolicyAppleSMIME);
1787 CFDictionaryRef properties = CFDictionaryCreate(kCFAllocatorDefault, (const void **)&kSecPolicyKU_KeyEncipherment, (const void **)&kCFBooleanTrue, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
1788 status = SecPolicySetProperties(policy, properties);
1789 CFRelease(properties);
1790
1791 // set up an item list consisting of just our preferred certificate
1792 CFArrayRef itemList = CFArrayCreate(kCFAllocatorDefault, (const void **)&preferredCertificate, 1, &kCFTypeArrayCallBacks);
1793
1794 // set up the query
1795 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
1796 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1797 CFDictionaryAddValue( query, kSecMatchPolicy, policy );
1798 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate );
1799 CFDictionaryAddValue( query, kSecMatchItemList, itemList );
1800 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne ); // only need to match one item!
1801 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
1802
1803 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1804 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1805 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1806
1807 if (debug) {
1808 PrintStringToMatch(emailAddr);
1809 PrintStringToMatch(CFCopyDescription(validOnDate));
1810 }
1811
1812 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedCertificate);
1813
1814 if (!status && validatedCertificate) {
1815 status = CheckResults(validatedCertificate, 1, 1); // expect exactly 1 result
1816 CFRelease(validatedCertificate);
1817 }
1818 if (query)
1819 CFRelease(query);
1820 if (policy)
1821 CFRelease(policy);
1822 if (itemList)
1823 CFRelease(itemList);
1824 }
1825 else if (!quiet)
1826 fprintf(stderr, "FindPreferredCertificateForSMIMEEncryption: unexpected error %d\n", (int)status);
1827
1828 if (preferredCertificate)
1829 CFRelease(preferredCertificate);
1830
1831 PrintTestResult("FindPreferredCertificateForSMIMEEncryption", status, noErr);
1832
1833 return (status==noErr) ? (int)noErr : (int)status;
1834 }
1835
1836
1837 static int SetPreferredCertificateForSMIMEEncryption(SecKeychainRef keychain, CFStringRef nameStr,
1838 CFStringRef emailAddr)
1839 {
1840 // find the certificate exactly matching the given common name
1841 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1842 &kCFTypeDictionaryKeyCallBacks,
1843 &kCFTypeDictionaryValueCallBacks);
1844
1845 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1846 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1847 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1848
1849 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1850 CFDictionaryAddValue( query, kSecMatchSubjectWholeString, nameStr );
1851 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne );
1852 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
1853
1854 CFTypeRef results = NULL;
1855 OSStatus status = SecItemCopyMatching(query, &results);
1856
1857 if (!quiet && status)
1858 fprintf(stderr, "SetPreferredCertificateForSMIMEEncryption: SecItemCopyMatching error %d\n", (int)status);
1859
1860 if (!status && results) {
1861 // since we asked for kSecMatchLimitOne, the result is a single item
1862 SecCertificateRef certificate = (SecCertificateRef) results;
1863 if (SecCertificateGetTypeID() != CFGetTypeID(certificate)) {
1864 fprintf(stderr, "SetPreferredCertificateForSMIMEEncryption: unexpected result type!\n");
1865 }
1866 else {
1867 // Pass an explicit key usage value to SecCertificateSetPreferred to test <rdar://8192797>
1868 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanEncrypt, 1, &kCFTypeArrayCallBacks);
1869 status = SecCertificateSetPreferred(certificate, emailAddr, keyUsage);
1870 if (!quiet && status)
1871 fprintf(stderr, "SetPreferredCertificateForSMIMEEncryption: SecCertificateSetPreferred error %d\n", (int)status);
1872 if (keyUsage)
1873 CFRelease(keyUsage);
1874 }
1875 CFRelease(results);
1876 }
1877 if (query)
1878 CFRelease(query);
1879
1880 return (status==noErr) ? (int)noErr : (int)status;
1881 }
1882
1883
1884 static int FindIdentityByName(SecKeychainRef keychain,
1885 CFStringRef nameStr,
1886 CFTypeRef returnType,
1887 CFTypeRef matchLimit,
1888 CFIndex matchesExpected,
1889 OSStatus expected)
1890 {
1891 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1892 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1893
1894 const void *keys[] = {
1895 kSecMatchSearchList,
1896 kSecClass,
1897 kSecMatchSubjectContains,
1898 kSecMatchLimit,
1899 returnType
1900 };
1901 const void *values[] = {
1902 searchList,
1903 kSecClassIdentity,
1904 nameStr,
1905 matchLimit,
1906 kCFBooleanTrue
1907 };
1908
1909 OSStatus status = noErr;
1910 CFTypeRef results = NULL;
1911 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
1912 sizeof(keys) / sizeof(*keys),
1913 &kCFTypeDictionaryKeyCallBacks,
1914 &kCFTypeDictionaryValueCallBacks);
1915
1916 if (debug) PrintStringToMatch(nameStr);
1917
1918 status = SecItemCopyMatching(query, &results);
1919
1920 if (!status && results) {
1921 status = CheckResults(results, matchesExpected, matchesExpected);
1922 CFRelease(results);
1923 }
1924 if (query)
1925 CFRelease(query);
1926
1927 PrintTestResult("FindIdentityByName", status, expected);
1928
1929 return (status==expected) ? (int)noErr : (int)status;
1930 }
1931
1932
1933 static int FindIdentityByPolicy(SecKeychainRef keychain,
1934 SecPolicyRef policy,
1935 CFTypeRef returnType,
1936 CFTypeRef matchLimit,
1937 CFIndex minMatchesExpected,
1938 OSStatus expected)
1939 {
1940 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1941 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1942
1943 const void *keys[] = {
1944 kSecMatchSearchList,
1945 kSecClass,
1946 kSecMatchPolicy,
1947 kSecMatchLimit,
1948 returnType
1949 };
1950 const void *values[] = {
1951 searchList,
1952 kSecClassIdentity,
1953 policy,
1954 matchLimit,
1955 kCFBooleanTrue
1956 };
1957
1958 OSStatus status = noErr;
1959 CFTypeRef results = NULL;
1960 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
1961 sizeof(keys) / sizeof(*keys),
1962 &kCFTypeDictionaryKeyCallBacks,
1963 &kCFTypeDictionaryValueCallBacks);
1964
1965 if (debug) PrintStringToMatch(SecPolicyGetName(policy));
1966
1967 status = SecItemCopyMatching(query, &results);
1968
1969 if (!status && results) {
1970 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1971 CFRelease(results);
1972 }
1973 if (query)
1974 CFRelease(query);
1975
1976 PrintTestResult("FindIdentityByPolicy", status, expected);
1977
1978 return (status==expected) ? (int)noErr : (int)status;
1979 }
1980
1981
1982 static int FindIdentityByPolicyAndValidDate(SecKeychainRef keychain,
1983 CFTypeRef policyIdentifier,
1984 Boolean isClientPolicy,
1985 CFTypeRef validOnDate,
1986 CFStringRef forbidStr,
1987 CFTypeRef returnType,
1988 CFTypeRef matchLimit,
1989 CFIndex matchesExpected,
1990 OSStatus expected)
1991 {
1992 /* given the policy OID, create a SecPolicyRef */
1993 SecPolicyRef policy = SecPolicyCreateWithOID(policyIdentifier);
1994 if (policy == NULL)
1995 return errSecPolicyNotFound;
1996 if (isClientPolicy == TRUE) {
1997 /* specify the kSecPolicyClient property key for this policy */
1998 const void *keys[] = { kSecPolicyClient };
1999 const void *values[] = { kCFBooleanTrue };
2000 CFDictionaryRef properties = CFDictionaryCreate(NULL, keys, values,
2001 sizeof(keys) / sizeof(*keys),
2002 &kCFTypeDictionaryKeyCallBacks,
2003 &kCFTypeDictionaryValueCallBacks);
2004 SecPolicySetProperties(policy, properties);
2005 }
2006
2007 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2008 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2009
2010 const void *keys[] = {
2011 kSecMatchSearchList,
2012 kSecClass,
2013 kSecMatchPolicy,
2014 kSecMatchValidOnDate,
2015 kSecMatchLimit,
2016 returnType
2017 };
2018 const void *values[] = {
2019 searchList,
2020 kSecClassIdentity,
2021 policy,
2022 validOnDate,
2023 matchLimit,
2024 kCFBooleanTrue
2025 };
2026
2027 OSStatus status = noErr;
2028 CFTypeRef results = NULL;
2029 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2030 sizeof(keys) / sizeof(*keys),
2031 &kCFTypeDictionaryKeyCallBacks,
2032 &kCFTypeDictionaryValueCallBacks);
2033
2034 if (debug) PrintStringToMatch(CFCopyDescription(policyIdentifier));
2035
2036 status = SecItemCopyMatching(query, &results);
2037
2038 // check returned items for forbidStr as a substring in the label attribute;
2039 // return errSecInternalError if found
2040 if (!status && results && forbidStr) {
2041 if (CFArrayGetTypeID() == CFGetTypeID(results)) {
2042 CFArrayRef items = (CFArrayRef) results;
2043 CFIndex ix, count = CFArrayGetCount(results);
2044 for (ix=0; ix<count; ix++) {
2045 CFTypeRef anItem = (CFTypeRef) CFArrayGetValueAtIndex(items, ix);
2046 if (anItem && CFDictionaryGetTypeID() == CFGetTypeID(anItem)) {
2047 CFDictionaryRef item = (CFDictionaryRef) anItem;
2048 CFStringRef label = NULL;
2049 if (CFDictionaryGetValueIfPresent(item, kSecAttrLabel, (const void **)&label) && label) {
2050 CFRange range = CFStringFind(label, forbidStr, 0);
2051 if (!(range.length < 1)) {
2052 status = errSecInternalError; // shouldn't have found this, but we did.
2053 break;
2054 } // found forbidStr
2055 } // found label attribute
2056 } // item is a dictionary
2057 } // item for-loop
2058 } // result is an array
2059 } // check forbidStr
2060
2061
2062 if (!status && results) {
2063 status = CheckResults(results, matchesExpected, matchesExpected);
2064 CFRelease(results);
2065 }
2066 if (query)
2067 CFRelease(query);
2068 if (policy)
2069 CFRelease(policy);
2070
2071 PrintTestResult("FindIdentityByPolicyAndValidDate", status, expected);
2072
2073 return (status==expected) ? (int)noErr : (int)status;
2074 }
2075
2076
2077 static int FindIdentityByNameAndValidDate(SecKeychainRef keychain,
2078 CFStringRef nameStr,
2079 CFTypeRef validOnDate,
2080 CFTypeRef returnType,
2081 CFTypeRef matchLimit,
2082 CFIndex minMatchesExpected,
2083 OSStatus expected)
2084 {
2085 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2086 &kCFTypeDictionaryKeyCallBacks,
2087 &kCFTypeDictionaryValueCallBacks);
2088
2089 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2090 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2091 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2092
2093 /* set up the query */
2094 CFDictionaryAddValue( query, kSecClass, kSecClassIdentity );
2095 CFDictionaryAddValue( query, kSecMatchSubjectContains, nameStr );
2096 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate ); // value may be a CFDateRef or a CFNullRef
2097 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
2098 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
2099
2100 CFTypeRef results = NULL;
2101 if (debug) {
2102 PrintStringToMatch(nameStr);
2103 PrintStringToMatch(CFCopyDescription(validOnDate));
2104 }
2105
2106 OSStatus status = SecItemCopyMatching(query, &results);
2107
2108 if (!status && results) {
2109 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2110 CFRelease(results);
2111 }
2112 if (query)
2113 CFRelease(query);
2114
2115 PrintTestResult("FindIdentityByNameAndValidDate", status, expected);
2116
2117 return (status==expected) ? (int)noErr : (int)status;
2118 }
2119
2120
2121 static int FindPreferredIdentityForSMIMESigning(SecKeychainRef keychain, CFStringRef emailAddr,
2122 CFTypeRef validOnDate)
2123 {
2124 // Note: this function assumes that a preferred identity has been set up
2125 // previously for the given email address. This is handled in the calling
2126 // function.
2127
2128 OSStatus status = noErr;
2129 SecIdentityRef preferredIdentity = NULL;
2130 SecIdentityRef validatedIdentity = NULL;
2131
2132 // Pass an explicit key usage value to SecIdentityCopyPreferred to test <rdar://8192797>
2133 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanSign, 1, &kCFTypeArrayCallBacks);
2134
2135 preferredIdentity = SecIdentityCopyPreferred(emailAddr, keyUsage, NULL);
2136 isnt(preferredIdentity, NULL, "FindPreferredIdentityForSMIMESigning: SecIdentityCopyPreferred");
2137
2138 if (!preferredIdentity)
2139 status = errSecItemNotFound; // our test expects a preferred identity to exist, so we return an error
2140 if (keyUsage)
2141 CFRelease(keyUsage);
2142
2143 if (!status && preferredIdentity) {
2144 pass("FindPreferredIdentityForSMIMESigning: found a preferred identity");
2145
2146 // We found a preferred identity, but it may have expired.
2147 // Verify the preferred identity by looking up all identities which
2148 // are valid for SMIME signing, and using the kSecMatchItemList query
2149 // parameter to filter out everything but our preferred identity. If
2150 // we end up with 0 results, the preferred identity wasn't valid.
2151
2152 // set up the S/MIME policy first to check for Digital Signature key usage
2153 SecPolicyRef policy = SecPolicyCreateSMIME(kSecSignSMIMEUsage, emailAddr);
2154
2155 // set up an item list consisting of just our preferred identity
2156 CFArrayRef itemList = CFArrayCreate(kCFAllocatorDefault, (const void **)&preferredIdentity, 1, &kCFTypeArrayCallBacks);
2157
2158 // set up the query
2159 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
2160 CFDictionaryAddValue( query, kSecClass, kSecClassIdentity );
2161 CFDictionaryAddValue( query, kSecMatchPolicy, policy );
2162 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate );
2163 CFDictionaryAddValue( query, kSecMatchItemList, itemList );
2164 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne ); // only need to match one item!
2165 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
2166
2167 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2168 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2169 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2170
2171 if (debug) {
2172 PrintStringToMatch(emailAddr);
2173 PrintStringToMatch(CFCopyDescription(validOnDate));
2174 }
2175
2176 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedIdentity);
2177 ok_status(status, "FindPreferredIdentityForSMIMESigning: SecItemCopyMatching");
2178
2179 if (!status && validatedIdentity) {
2180 status = CheckResults(validatedIdentity, 1, 1); // expect exactly 1 result
2181 CFRelease(validatedIdentity);
2182 }
2183 if (query)
2184 CFRelease(query);
2185 if (policy)
2186 CFRelease(policy);
2187 if (itemList)
2188 CFRelease(itemList);
2189 }
2190 else {
2191 fail("FindPreferredIdentityForSMIMESigning: unexpected error %d\n", (int)status);
2192 }
2193
2194 if (preferredIdentity)
2195 CFRelease(preferredIdentity);
2196
2197 PrintTestResult("FindPreferredIdentityForSMIMESigning", status, noErr);
2198
2199 return (status==noErr) ? (int)noErr : (int)status;
2200 }
2201
2202
2203 static int SetPreferredIdentityForSMIMESigning(SecKeychainRef keychain, CFStringRef nameStr,
2204 CFStringRef emailAddr)
2205 {
2206 // find the identity exactly matching the given common name
2207 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2208 &kCFTypeDictionaryKeyCallBacks,
2209 &kCFTypeDictionaryValueCallBacks);
2210
2211 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2212 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2213 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2214
2215 CFDictionaryAddValue( query, kSecClass, kSecClassIdentity );
2216 CFDictionaryAddValue( query, kSecMatchSubjectWholeString, nameStr );
2217 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne );
2218 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
2219
2220 CFTypeRef results = NULL;
2221 OSStatus status = SecItemCopyMatching(query, &results);
2222
2223 ok_status(status, "SetPreferredIdentityForSMIMESigning: SecItemCopyMatching error %d\n", (int)status);
2224
2225 if (!status && results) {
2226 // since we asked for kSecMatchLimitOne, the result is a single SecIdentityRef
2227 SecIdentityRef identity = (SecIdentityRef) results;
2228
2229 is(SecIdentityGetTypeID(),CFGetTypeID(identity), "SetPreferredCertificateForSMIMEEncryption: unexpected result type!\n");
2230
2231 // Pass an explicit key usage value to SecIdentitySetPreferred to test <rdar://8192797>
2232 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanSign, 1, &kCFTypeArrayCallBacks);
2233 status = SecIdentitySetPreferred(identity, emailAddr, keyUsage);
2234 ok_status(status, "SetPreferredIdentityForSMIMESigning: SecIdentitySetPreferred error %d\n", (int)status);
2235 if (keyUsage)
2236 CFRelease(keyUsage);
2237
2238 CFRelease(results);
2239 }
2240 if (query)
2241 CFRelease(query);
2242
2243 return (status==noErr) ? (int)noErr : (int)status;
2244 }
2245
2246
2247 static int FindGenericPasswordByAccount(SecKeychainRef keychain,
2248 CFStringRef accountStr,
2249 CFTypeRef returnType,
2250 CFTypeRef matchLimit,
2251 CFIndex minMatchesExpected,
2252 OSStatus expected)
2253 {
2254 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2255 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2256
2257 const void *keys[] = {
2258 kSecMatchSearchList,
2259 kSecClass,
2260 kSecAttrAccount,
2261 kSecMatchLimit,
2262 returnType
2263 };
2264 const void *values[] = {
2265 searchList,
2266 kSecClassGenericPassword,
2267 accountStr,
2268 matchLimit,
2269 kCFBooleanTrue
2270 };
2271
2272 OSStatus status = noErr;
2273 CFTypeRef results = NULL;
2274 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2275 sizeof(keys) / sizeof(*keys),
2276 &kCFTypeDictionaryKeyCallBacks,
2277 &kCFTypeDictionaryValueCallBacks);
2278
2279 if (debug) PrintStringToMatch(accountStr);
2280
2281 status = SecItemCopyMatching(query, &results);
2282 ok_status(status, "FindGenericPasswordByAccount: SecItemCopyMatching");
2283
2284 if (!status && results) {
2285 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2286 CFRelease(results);
2287 }
2288 if (query)
2289 CFRelease(query);
2290
2291 PrintTestResult("FindGenericPasswordByAccount", status, expected);
2292
2293 return (status==expected) ? (int)noErr : (int)status;
2294 }
2295
2296
2297 static int FindGenericPasswordByAccountAndService(SecKeychainRef keychain,
2298 CFStringRef accountStr,
2299 CFStringRef serviceStr,
2300 CFTypeRef returnType,
2301 CFTypeRef matchLimit,
2302 CFIndex minMatchesExpected,
2303 OSStatus expected)
2304 {
2305 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2306 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2307
2308 const void *keys[] = {
2309 kSecMatchSearchList,
2310 kSecClass,
2311 kSecAttrAccount,
2312 kSecAttrService,
2313 kSecMatchLimit,
2314 returnType
2315 };
2316 const void *values[] = {
2317 searchList,
2318 kSecClassGenericPassword,
2319 accountStr,
2320 serviceStr,
2321 matchLimit,
2322 kCFBooleanTrue
2323 };
2324
2325 OSStatus status = noErr;
2326 CFTypeRef results = NULL;
2327 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2328 sizeof(keys) / sizeof(*keys),
2329 &kCFTypeDictionaryKeyCallBacks,
2330 &kCFTypeDictionaryValueCallBacks);
2331
2332 if (debug) {
2333 PrintStringToMatch(accountStr);
2334 PrintStringToMatch(serviceStr);
2335 }
2336 status = SecItemCopyMatching(query, &results);
2337 ok_status(status, "FindGenericPasswordByAccountAndService: SecItemCopyMatching");
2338
2339 if (!status && results) {
2340 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2341 CFRelease(results);
2342 }
2343 if (query)
2344 CFRelease(query);
2345
2346 PrintTestResult("FindGenericPasswordByAccountAndService", status, expected);
2347
2348 return (status==expected) ? (int)noErr : (int)status;
2349 }
2350
2351
2352 static int FindInternetPasswordByAccount(SecKeychainRef keychain,
2353 CFStringRef accountStr,
2354 CFTypeRef returnType,
2355 CFTypeRef matchLimit,
2356 CFIndex minMatchesExpected,
2357 OSStatus expected)
2358 {
2359 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2360 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2361
2362 const void *keys[] = {
2363 kSecMatchSearchList,
2364 kSecClass,
2365 kSecAttrAccount,
2366 kSecMatchLimit,
2367 returnType
2368 };
2369 const void *values[] = {
2370 searchList,
2371 kSecClassInternetPassword,
2372 accountStr,
2373 matchLimit,
2374 kCFBooleanTrue
2375 };
2376
2377 OSStatus status = noErr;
2378 CFTypeRef results = NULL;
2379 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2380 sizeof(keys) / sizeof(*keys),
2381 &kCFTypeDictionaryKeyCallBacks,
2382 &kCFTypeDictionaryValueCallBacks);
2383
2384 if (debug) PrintStringToMatch(accountStr);
2385
2386 status = SecItemCopyMatching(query, &results);
2387 ok_status(status, "FindInternetPasswordByAccount: SecItemCopyMatching");
2388
2389 if (!status && results) {
2390 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2391 CFRelease(results);
2392 }
2393 if (query)
2394 CFRelease(query);
2395
2396 PrintTestResult("FindInternetPasswordByAccount", status, expected);
2397
2398 return (status==expected) ? (int)noErr : (int)status;
2399 }
2400
2401
2402 static int FindInternetPasswordByAccountAndServer(SecKeychainRef keychain,
2403 CFStringRef accountStr,
2404 CFStringRef serverStr,
2405 CFTypeRef returnType,
2406 CFTypeRef matchLimit,
2407 CFIndex minMatchesExpected,
2408 OSStatus expected)
2409 {
2410 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2411 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2412
2413 const void *keys[] = {
2414 kSecMatchSearchList,
2415 kSecClass,
2416 kSecAttrAccount,
2417 kSecAttrServer,
2418 kSecMatchLimit,
2419 returnType
2420 };
2421 const void *values[] = {
2422 searchList,
2423 kSecClassInternetPassword,
2424 accountStr,
2425 serverStr,
2426 matchLimit,
2427 kCFBooleanTrue
2428 };
2429
2430 OSStatus status = noErr;
2431 CFTypeRef results = NULL;
2432 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2433 sizeof(keys) / sizeof(*keys),
2434 &kCFTypeDictionaryKeyCallBacks,
2435 &kCFTypeDictionaryValueCallBacks);
2436
2437 if (debug) {
2438 PrintStringToMatch(accountStr);
2439 PrintStringToMatch(serverStr);
2440 }
2441 status = SecItemCopyMatching(query, &results);
2442 ok_status(status, "FindInternetPasswordByAccountAndServer: SecItemCopyMatching");
2443
2444 if (!status && results) {
2445 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2446 CFRelease(results);
2447 }
2448 if (query)
2449 CFRelease(query);
2450
2451 PrintTestResult("FindInternetPasswordByAccountAndServer", status, expected);
2452
2453 return (status==expected) ? (int)noErr : (int)status;
2454 }
2455
2456
2457 static int FindMailPassword(SecKeychainRef keychain,
2458 CFStringRef account,
2459 CFStringRef server)
2460 {
2461 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2462 &kCFTypeDictionaryKeyCallBacks,
2463 &kCFTypeDictionaryValueCallBacks);
2464
2465 SInt16 port = 143;
2466 CFNumberRef portNumber = CFNumberCreate(NULL, kCFNumberSInt16Type, &port);
2467
2468 // set up query for a Mail password (IMAP, port 143) for given account and server
2469 CFDictionaryAddValue( query, kSecClass, kSecClassInternetPassword );
2470 CFDictionaryAddValue( query, kSecAttrAccount, account );
2471 CFDictionaryAddValue( query, kSecAttrServer, server );
2472 CFDictionaryAddValue( query, kSecAttrProtocol, kSecAttrProtocolIMAP );
2473 CFDictionaryAddValue( query, kSecAttrPort, portNumber );
2474 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne );
2475 CFDictionaryAddValue( query, kSecReturnData, kCFBooleanTrue );
2476
2477 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2478 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2479 CFDictionaryAddValue(query, kSecMatchSearchList, searchList);
2480
2481 CFTypeRef results = NULL;
2482 OSStatus status = SecItemCopyMatching(query, &results);
2483 ok_status(status, "FindMailPassword: SecItemCopyMatching error %d\n", (int)status);
2484
2485 if (!status && results) {
2486 // since we asked for kSecMatchLimitOne w/kSecReturnData, the result is the found password
2487 CFDataRef password = (CFDataRef) results;
2488 is(CFDataGetTypeID(), CFGetTypeID(password), "FindMailPassword: unexpected result type!\n");
2489
2490 if (debug) CFShow(password);
2491
2492 CFRelease(results);
2493 }
2494 if (query)
2495 CFRelease(query);
2496 if (portNumber)
2497 CFRelease(portNumber);
2498
2499 return (status==noErr) ? (int)noErr : (int)status;
2500 }
2501
2502
2503
2504 const CFStringRef gPrefix = CFSTR("Test Key");
2505 const CFStringRef gLabel = CFSTR("Test AES Encryption Key");
2506 const CFStringRef gUUID = CFSTR("550e8400-e29b-41d4-a716-446655441234");
2507
2508 // CreateSymmetricKey will create a new AES-128 symmetric encryption key
2509 // with the provided label, application label, and application tag.
2510 // Each of those attributes is optional, but only the latter two
2511 // (application label and application tag) are considered part of the
2512 // key's "unique" attribute set. Previously, if you attempted to create a
2513 // key which differs only in the label attribute (but not in the other two)
2514 // then the attempt would fail and leave a "turd" key with no label in your
2515 // keychain: <rdar://8289559>, fixed in 11A268a.
2516
2517 static int CreateSymmetricKey(
2518 SecKeychainRef keychain,
2519 CFStringRef keyLabel,
2520 CFStringRef keyAppLabel,
2521 CFStringRef keyAppTag,
2522 OSStatus expected)
2523 {
2524 OSStatus status;
2525 int keySizeValue = 128;
2526 CFNumberRef keySize = CFNumberCreate(NULL, kCFNumberIntType, &keySizeValue);
2527
2528 // create a SecAccessRef to set up the initial access control settings for this key
2529 // (this step is optional; if omitted, the creating application has access to the key)
2530 // note: the access descriptor should be the same string as will be used for the item's label,
2531 // since it's the string that is displayed by the access confirmation dialog to describe the item.
2532 SecAccessRef access = NULL;
2533 status = SecAccessCreate(gLabel, NULL, &access);
2534
2535 // create a dictionary of parameters describing the key we want to create
2536 CFMutableDictionaryRef params = CFDictionaryCreateMutable(NULL, 0,
2537 &kCFTypeDictionaryKeyCallBacks,
2538 &kCFTypeDictionaryValueCallBacks);
2539
2540 CFDictionaryAddValue( params, kSecClass, kSecClassKey );
2541 CFDictionaryAddValue( params, kSecUseKeychain, keychain );
2542 CFDictionaryAddValue( params, kSecAttrAccess, access );
2543 CFDictionaryAddValue( params, kSecAttrKeyClass, kSecAttrKeyClassSymmetric );
2544 CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeAES );
2545 CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize ); CFReleaseNull(keySize);
2546 CFDictionaryAddValue( params, kSecAttrIsPermanent, kCFBooleanTrue );
2547 CFDictionaryAddValue( params, kSecAttrCanEncrypt, kCFBooleanTrue );
2548 CFDictionaryAddValue( params, kSecAttrCanDecrypt, kCFBooleanTrue );
2549 CFDictionaryAddValue( params, kSecAttrCanWrap, kCFBooleanFalse );
2550 CFDictionaryAddValue( params, kSecAttrCanUnwrap, kCFBooleanFalse );
2551 if (keyLabel)
2552 CFDictionaryAddValue( params, kSecAttrLabel, keyLabel );
2553 if (keyAppLabel)
2554 CFDictionaryAddValue( params, kSecAttrApplicationLabel, keyAppLabel );
2555 if (keyAppTag)
2556 CFDictionaryAddValue( params, kSecAttrApplicationTag, keyAppTag );
2557
2558 // generate the key
2559 CFErrorRef error = NULL;
2560 SecKeyRef key = SecKeyGenerateSymmetric(params, &error);
2561
2562 // print result and clean up
2563 if (debug) {
2564 if (key == NULL) {
2565 CFStringRef desc = (error) ? CFErrorCopyDescription(error) : CFRetain(CFSTR("(no result!"));
2566 PrintCFStringWithFormat("SecKeyGenerateSymmetric failed: %s\n", desc);
2567 CFRelease(desc);
2568 }
2569 else {
2570 CFStringRef desc = CFCopyDescription(key);
2571 PrintCFStringWithFormat("SecKeyGenerateSymmetric succeeded: %s\n", desc);
2572 CFRelease(desc);
2573 }
2574 }
2575 status = (error) ? (OSStatus) CFErrorGetCode(error) : noErr;
2576 // if (status == errSecDuplicateItem)
2577 // status = noErr; // it's OK if the key already exists
2578
2579 if (key) CFRelease(key);
2580 if (error) CFRelease(error);
2581 if (params) CFRelease(params);
2582 if (keychain) CFRelease(keychain);
2583 if (access) CFRelease(access);
2584
2585 PrintTestResult("CreateSymmetricKey", status, expected);
2586
2587 return status;
2588 }
2589
2590
2591 static int FindSymmetricKey(
2592 SecKeychainRef keychain,
2593 CFStringRef keyLabel,
2594 CFStringRef keyAppLabel,
2595 CFStringRef keyAppTag,
2596 OSStatus expected)
2597 {
2598 // create a dictionary of parameters describing the key we want to find,
2599 // and how we want the result to be returned
2600 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2601 &kCFTypeDictionaryKeyCallBacks,
2602 &kCFTypeDictionaryValueCallBacks);
2603
2604 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2605 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2606 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2607
2608 CFDictionaryAddValue( query, kSecClass, kSecClassKey );
2609 CFDictionaryAddValue( query, kSecAttrKeyClass, kSecAttrKeyClassSymmetric );
2610 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne ); // we only want the first match
2611 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue ); // we want the result as a SecKeyRef
2612 CFDictionaryAddValue( query, kSecReturnAttributes, kCFBooleanTrue ); // we also want the found item's attributes
2613 if (keyLabel)
2614 CFDictionaryAddValue( query, kSecAttrLabel, keyLabel );
2615 if (keyAppLabel)
2616 CFDictionaryAddValue( query, kSecAttrApplicationLabel, keyAppLabel );
2617 if (keyAppTag)
2618 CFDictionaryAddValue( query, kSecAttrApplicationLabel, keyAppTag );
2619
2620 CFTypeRef result = NULL;
2621 OSStatus status = SecItemCopyMatching(query, &result);
2622 if(expected == errSecSuccess) {
2623 ok_status(status, "FindSymmetricKey: SecItemCopyMatching");
2624 } else {
2625 is(status, expected, "FindSymmetricKey: SecItemCopyMatching");
2626 }
2627
2628 // print result and clean up
2629 if (debug) {
2630 if (status == noErr) {
2631 fprintf(stdout, "SecItemCopyMatching succeeded; found key\n");
2632 PrintCFThing(result);
2633 }
2634 else if (status == errSecItemNotFound) {
2635 fprintf(stdout, "SecItemCopyMatching: item not found\n");
2636 }
2637 else {
2638 fprintf(stdout, "SecItemCopyMatching: failed! (error %d)\n", (int)status);
2639 }
2640 }
2641
2642 SecKeyRef key = NULL;
2643 if (result) {
2644 // since we asked for both the item reference and the item attributes,
2645 // we expect a dictionary to be returned...
2646 if (CFDictionaryGetTypeID() == CFGetTypeID(result)) {
2647 if (CFDictionaryGetValueIfPresent(result, kSecValueRef, (CFTypeRef*)&key))
2648 CFRetain(key);
2649 }
2650 CFRelease(result); // all done with result dictionary
2651 }
2652
2653 if (key) CFRelease(key);
2654 if (query) CFRelease(query);
2655
2656 PrintTestResult("FindSymmetricKey", status, expected);
2657
2658 return status;
2659 }
2660
2661
2662 static int FindAndDeleteItemsByName(
2663 SecKeychainRef keychain,
2664 CFStringRef nameStr,
2665 CFStringRef accountStr,
2666 CFTypeRef itemClass,
2667 CFTypeRef matchLimit,
2668 CFIndex minMatchesExpected,
2669 OSStatus expected)
2670 {
2671 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2672 &kCFTypeDictionaryKeyCallBacks,
2673 &kCFTypeDictionaryValueCallBacks);
2674
2675 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2676 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2677 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2678
2679 CFTypeRef nameMatchKey;
2680 if (CFEqual(itemClass, kSecClassCertificate) ||
2681 CFEqual(itemClass, kSecClassIdentity)) {
2682 nameMatchKey = kSecMatchSubjectStartsWith; /* must start with nameStr */
2683 }
2684 else {
2685 nameMatchKey = kSecAttrLabel; /* nameStr must exactly match label */
2686 }
2687
2688 /* set up the query */
2689 CFDictionaryAddValue( query, kSecClass, itemClass );
2690 CFDictionaryAddValue( query, nameMatchKey, nameStr);
2691 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit);
2692 if (accountStr) {
2693 CFDictionaryAddValue( query, kSecAttrAccount, accountStr);
2694 }
2695
2696 CFTypeRef results = NULL;
2697 if (debug) {
2698 PrintStringToMatch(nameStr);
2699 }
2700
2701 OSStatus status = SecItemCopyMatching(query, &results);
2702 ok_status(status, "FindAndDeleteItemsByName: SecItemCopyMatching");
2703
2704 if (!status) {
2705 /* Make sure that we found the items we expected to find */
2706 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2707 CFRelease(results);
2708 }
2709
2710 if (!status) {
2711 /* OK, now the real reason we're here... the same query must work for SecItemDelete */
2712 status = SecItemDelete(query);
2713
2714 PrintTestResult("FindAndDeleteItemsByName: deleting items", status, expected);
2715 }
2716
2717 if (!status) {
2718 /* re-run the same query... should find no matching items this time */
2719 status = SecItemCopyMatching(query, &results);
2720 if (!status) {
2721 /* oops... we still found matches using this query */
2722 int count = (int)CFArrayGetCount(results);
2723 is(count, 0, "### FindAndDeleteItemsByName: still found %d items, expected 0\n", count);
2724 CFRelease(results);
2725 }
2726 PrintTestResult("FindAndDeleteItemsByName: find after delete", status, errSecItemNotFound);
2727
2728 status = (status == errSecItemNotFound) ? expected : errSecInternalError;
2729 }
2730
2731 if (query)
2732 CFRelease(query);
2733
2734 return (status==expected) ? (int)noErr : (int)status;
2735 }
2736
2737
2738 #pragma mark -- Test Functions --
2739
2740
2741 static int TestIdentityLookup(SecKeychainRef keychain)
2742 {
2743 int result = 0;
2744
2745 // look up identity by name, want first result as a SecIdentityRef
2746 result += FindIdentityByName(keychain, CFSTR("Test SSL User"), kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2747
2748 // look up existing non-identity certificate by name, expect errSecItemNotFound error
2749 result += FindIdentityByName(keychain, CFSTR("Test-5685316-LEAF"), kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2750
2751 // look up non-existent identity by name, expect errSecItemNotFound error
2752 result += FindIdentityByName(keychain, CFSTR("myxlpytk"), kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2753
2754 /* given the policy OID, create a SecPolicyRef */
2755 const void *keys[] = { kSecPolicyClient };
2756 const void *values[] = { kCFBooleanTrue };
2757 CFDictionaryRef properties = CFDictionaryCreate(NULL, keys, values,
2758 sizeof(keys) / sizeof(*keys),
2759 &kCFTypeDictionaryKeyCallBacks,
2760 &kCFTypeDictionaryValueCallBacks);
2761
2762 SecPolicyRef sslPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleSSL, properties);
2763 SecPolicyRef codeSigningPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleCodeSigning, NULL);
2764
2765 // look up identity by policy, want first result as a SecIdentityRef (should find "Test SSL User" identity)
2766 result += FindIdentityByPolicy(keychain, sslPolicy, kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2767
2768 // look up identity by policy, want first result as a CFDictionary of attributes (should find "Test SSL User" identity)
2769 result += FindIdentityByPolicy(keychain, sslPolicy, kSecReturnAttributes, kSecMatchLimitOne, 1, noErr);
2770
2771 // look up identity by policy, expect errSecItemNotFound error (this assumes no code signing identity is present!)
2772 result += FindIdentityByPolicy(keychain, codeSigningPolicy, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2773
2774 // -------------------------
2775 // test kSecMatchValidOnDate
2776 // -------------------------
2777
2778 // make a valid date which will match at least some identities we used to populate the keychain
2779 CFGregorianDate aCurrentGDate = { 2016, 7, 20, 12, 0, 0 }; // Jul 20 2016 12:00 PM
2780 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
2781 if (FindIdentityByNameAndValidDate(keychain, CFSTR("Test SSL User"), aCurrentDate, kSecReturnRef, kSecMatchLimitAll, 1, noErr))
2782 ++result;
2783 if(aCurrentDate) CFRelease(aCurrentDate);
2784
2785 // make a date in the past which should NOT match any identities (expect errSecItemNotFound)
2786 CFGregorianDate aPastGDate = { 1984, 7, 20, 12, 0, 0 }; // Jul 20 1984 12:00 PM
2787 CFDateRef aPastDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastGDate, NULL));
2788 if (FindIdentityByNameAndValidDate(keychain, CFSTR("Test SSL User"), aPastDate, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
2789 ++result;
2790 if(aPastDate) CFRelease(aPastDate);
2791
2792 // make a date in the future which should NOT match any identities yet (expect errSecItemNotFound)
2793 CFGregorianDate aFutureGDate = { 2034, 7, 20, 12, 0, 0 }; // Jul 20 2034 12:00 PM
2794 CFDateRef aFutureDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aFutureGDate, NULL));
2795 if (FindIdentityByNameAndValidDate(keychain, CFSTR("Test SSL User"), aFutureDate, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
2796 ++result;
2797 if(aFutureDate) CFRelease(aFutureDate);
2798
2799 // make a date in the past which SHOULD match 2 identities we used to populate the keychain
2800 CFGregorianDate aPastValidGDate = { 2007, 12, 20, 12, 0, 0 }; // Dec 20 2007 12:00 PM
2801 CFDateRef aPastValidDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastValidGDate, NULL));
2802 if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), aPastValidDate, kSecReturnRef, kSecMatchLimitAll, 0, noErr))
2803 ++result;
2804 CFReleaseNull(aPastValidDate);
2805
2806 // test the ability of kCFNull to denote "currently valid" (should not find anything, since the " 2007" certs are expired)
2807 if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), kCFNull, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
2808 ++result;
2809
2810
2811 // test Ian's bug: <rdar://8197632>; the 4th argument is a string which should NOT be present in any found items
2812 if (FindIdentityByPolicyAndValidDate(keychain, kSecPolicyAppleSMIME, FALSE, kCFNull, CFSTR(" 2007"), kSecReturnAttributes, kSecMatchLimitAll, 0, errSecSuccess))
2813 ++result;
2814
2815 return result;
2816 }
2817
2818
2819 static int TestCertificateLookup(SecKeychainRef keychain)
2820 {
2821 int result = 0;
2822
2823 //======================================================================
2824 // item attribute tests (kSecItemAttr* keys)
2825 //======================================================================
2826
2827 // %%%TBA: need to flesh out this section with all certificate attributes
2828
2829 // ------------------------------------------
2830 // test kSecAttrIssuer & kSecAttrSerialNumber
2831 // ------------------------------------------
2832
2833 // look up cert by issuer & serial
2834 // %%%TBA -- underlying support was added in <rdar://8131491>; need to implement these keys
2835 //CFDictionarySetValue(query, (const void *)kSecAttrIssuer, (const void *)nameStr);
2836 //CFDictionarySetValue(query, (const void *)kSecAttrSerialNumber, (const void *)nameStr);
2837
2838 // -------------------------
2839 // test kSecAttrSubjectKeyID
2840 // -------------------------
2841
2842 // look up cert by subject key ID
2843 // %%%TBA -- can we get the subject key ID from SecCertificateCopyValues??
2844 //CFDictionarySetValue(query, (const void *)kSecAttrSubjectKeyID, (const void *)nameStr);
2845
2846 // ------------------
2847 // test kSecAttrLabel
2848 // ------------------
2849
2850 // look up cert by label, want array of all results (expect only 1) as SecCertificateRef
2851 result += FindCertificateByLabel(keychain, CFSTR("Test-5685316-LEAF"),
2852 kSecReturnRef, kSecMatchLimitAll, 1, 1, noErr);
2853
2854
2855 //======================================================================
2856 // search attribute tests (kSecMatch* keys)
2857 //======================================================================
2858
2859 // -----------------------------------
2860 // test kSecMatchEmailAddressIfPresent
2861 // -----------------------------------
2862
2863 // look up cert by email, want first result as a SecCertificateRef
2864 result += FindCertificateByEmail(keychain, CFSTR("security-dev@group.apple.com"),
2865 kSecReturnRef, kSecMatchLimitOne, 0, noErr);
2866
2867 // look up cert by email, want first result as a CFDictionaryRef of attributes
2868 result += FindCertificateByEmail(keychain, CFSTR("security-dev@group.apple.com"),
2869 kSecReturnAttributes, kSecMatchLimitOne, 0, noErr);
2870
2871 // -----------------------------
2872 // test kSecMatchSubjectContains
2873 // -----------------------------
2874
2875 // look up cert containing name, want array of all results (expect at least 3) as SecCertificateRef
2876 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316"),
2877 kSecMatchSubjectContains, kSecReturnRef, kSecMatchLimitAll, 3, noErr);
2878
2879 // look up non-existent cert by name, expect errSecItemNotFound error
2880 result += FindCertificateByNameInSubject(keychain, CFSTR("myxlpytk"),
2881 kSecMatchSubjectContains, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2882
2883 // look up cert by name, want array of all results (expect at least 2) as CFDataRef
2884 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316"),
2885 kSecMatchSubjectContains, kSecReturnData, kSecMatchLimitAll, 2, noErr);
2886
2887 // look up cert by name, want array of all results (expect at least 2) as CFDictionaryRef of attributes
2888 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316"),
2889 kSecMatchSubjectContains, kSecReturnAttributes, kSecMatchLimitAll, 2, noErr);
2890
2891 // -------------------------------
2892 // test kSecMatchSubjectStartsWith
2893 // -------------------------------
2894
2895 // look up cert starting with name, want array of all results (expect at least 3) as SecCertificateRef
2896 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-568"),
2897 kSecMatchSubjectStartsWith, kSecReturnRef, kSecMatchLimitAll, 3, noErr);
2898
2899 // look up cert starting with a name which isn't at start, expect errSecItemNotFound error
2900 result += FindCertificateByNameInSubject(keychain, CFSTR("5685316"),
2901 kSecMatchSubjectStartsWith, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2902
2903 // -----------------------------
2904 // test kSecMatchSubjectEndsWith
2905 // -----------------------------
2906
2907 // look up cert ending with name, want array of all results (expect at least 1) as SecCertificateRef
2908 result += FindCertificateByNameInSubject(keychain, CFSTR("LEAF"),
2909 kSecMatchSubjectEndsWith, kSecReturnRef, kSecMatchLimitAll, 1, noErr);
2910
2911 // look up cert ending with a name which isn't at end, expect errSecItemNotFound error
2912 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-"),
2913 kSecMatchSubjectEndsWith, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2914
2915 // --------------------------------
2916 // test kSecMatchSubjectWholeString
2917 // --------------------------------
2918
2919 // look up cert by whole name, want first result (expecting 1) as a SecCertificateRef
2920 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316-LEAF"),
2921 kSecMatchSubjectWholeString, kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2922
2923 // look up cert by whole name (which is a substring in other certs), expect errSecItemNotFound error
2924 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-568"),
2925 kSecMatchSubjectWholeString, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2926
2927 // --------------------
2928 // test kSecMatchPolicy
2929 // --------------------
2930
2931 const void *keys[] = { kSecPolicyClient };
2932 const void *values[] = { kCFBooleanTrue };
2933 CFDictionaryRef properties = CFDictionaryCreate(NULL, keys, values,
2934 sizeof(keys) / sizeof(*keys),
2935 &kCFTypeDictionaryKeyCallBacks,
2936 &kCFTypeDictionaryValueCallBacks);
2937
2938 SecPolicyRef sslPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleSSL, properties);
2939 SecPolicyRef codeSigningPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleCodeSigning, NULL);
2940 SecPolicyRef smimePolicy = SecPolicyCreateWithProperties(kSecPolicyAppleSMIME, NULL);
2941
2942 // look up cert by name and policy (Code Signing), want first result as a SecCertificateRef
2943 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test-7875801"),
2944 codeSigningPolicy,
2945 kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2946
2947 // look up cert by name and policy (S/MIME), want first result as a SecCertificateRef
2948 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test-"),
2949 smimePolicy,
2950 kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2951
2952 // look up cert by name and policy (SSL), want first result as a SecCertificateRef
2953 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test "),
2954 sslPolicy,
2955 kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2956
2957 // look up cert by name and policy, want array of all results as SecCertificateRef
2958 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test-7875801"),
2959 codeSigningPolicy,
2960 kSecReturnAttributes, kSecMatchLimitAll, 1, noErr);
2961
2962 // look up cert by email address for SMIME encryption, date valid today, want array of all results as SecCertificateRef
2963 // (note that a date value of kCFNull is interpreted as the current date)
2964 result += FindCertificateForSMIMEEncryption(keychain, CFSTR("smime-test@apple.com"), kCFNull,
2965 kSecReturnRef, kSecMatchLimitAll, 1, 1, noErr);
2966
2967 CFReleaseSafe(sslPolicy);
2968 CFReleaseSafe(codeSigningPolicy);
2969 CFReleaseSafe(smimePolicy);
2970 CFReleaseSafe(properties);
2971
2972 // -------------------------
2973 // test kSecMatchValidOnDate
2974 // -------------------------
2975
2976 // make a valid date which will match at least 2 certificates we used to populate the keychain
2977 CFGregorianDate aCurrentGDate = { 2010, 7, 20, 12, 0, 0 }; // Jul 20 2010 12:00 PM
2978 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
2979 if (FindCertificateByNameAndValidDate(keychain, CFSTR("Test-"), aCurrentDate, kSecReturnRef, kSecMatchLimitAll, 2, noErr))
2980 ++result;
2981 if(aCurrentDate) CFRelease(aCurrentDate);
2982
2983 // make a date in the past which should NOT match any certificates (expect errSecItemNotFound)
2984 CFGregorianDate aPastGDate = { 1984, 7, 20, 12, 0, 0 }; // Jul 20 1984 12:00 PM
2985 CFDateRef aPastDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastGDate, NULL));
2986 if (FindCertificateByNameAndValidDate(keychain, CFSTR("Test-"), aPastDate, kSecReturnRef, kSecMatchLimitAll, 2, errSecItemNotFound))
2987 ++result;
2988 if(aPastDate) CFRelease(aPastDate);
2989
2990 // make a date in the future which should NOT match any certificates yet (expect errSecItemNotFound)
2991 CFGregorianDate aFutureGDate = { 2034, 7, 20, 12, 0, 0 }; // Jul 20 2034 12:00 PM
2992 CFDateRef aFutureDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aFutureGDate, NULL));
2993 if (FindCertificateByNameAndValidDate(keychain, CFSTR("Test-"), aFutureDate, kSecReturnRef, kSecMatchLimitAll, 2, errSecItemNotFound))
2994 ++result;
2995 if(aFutureDate) CFRelease(aFutureDate);
2996
2997 return result;
2998 }
2999
3000
3001 static int TestPreferredIdentityLookup(SecKeychainRef keychain)
3002 {
3003 int result = 0;
3004
3005 // set a preferred identity first
3006 if (SetPreferredIdentityForSMIMESigning(keychain, CFSTR("Test-SignOnly (S/MIME)"), CFSTR("smime-test@apple.com")))
3007 ++result;
3008
3009 // define a valid date for this preferred identity (typically this would just be kCFNull in a real program, meaning "now")
3010 CFGregorianDate aCurrentGDate = { 2016, 7, 27, 21, 0, 0 }; // Jul 27 2016 9:00 PM
3011 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
3012 if (FindPreferredIdentityForSMIMESigning(keychain, CFSTR("smime-test@apple.com"), aCurrentDate))
3013 ++result;
3014 if(aCurrentDate) CFRelease(aCurrentDate);
3015
3016 // delete identity preference(s) for this email address by setting a NULL identity
3017 ok_status(SecIdentitySetPreferred(NULL, CFSTR("smime-test@apple.com"), 0), "TestPreferredIdentityLookup: SecIdentitySetPreferred");
3018
3019 return result;
3020 }
3021
3022
3023 static int TestPreferredCertificateLookup(SecKeychainRef keychain)
3024 {
3025 int result = 0;
3026
3027 // set a preferred certificate first
3028 if (SetPreferredCertificateForSMIMEEncryption(keychain, CFSTR("Test-Encryption (S/MIME)"), CFSTR("smime-test@apple.com")))
3029 ++result;
3030
3031 // define a valid date for this preferred certificate (typically this would just be kCFNull in a real program, meaning "now")
3032 CFGregorianDate aCurrentGDate = { 2016, 9, 27, 21, 0, 0 }; // September 27 2016 9:00 PM
3033 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
3034 if (FindPreferredCertificateForSMIMEEncryption(keychain, CFSTR("smime-test@apple.com"), aCurrentDate))
3035 ++result;
3036 if(aCurrentDate) CFRelease(aCurrentDate);
3037
3038 // delete certificate preference(s) for this email address by setting a NULL identity
3039 ok_status(SecCertificateSetPreferred(NULL, CFSTR("smime-test@apple.com"), 0), "TestPreferredCertificateLookup: SecCertificateSetPreferred");
3040
3041 return result;
3042 }
3043
3044
3045 static int TestSymmetricKeyLookup(SecKeychainRef keychain)
3046 {
3047 int result = 0;
3048
3049 // look up our symmetric key by label and UUID (it might not exist yet)
3050 if (FindSymmetricKey(keychain, gLabel, gUUID, NULL, errSecItemNotFound) != errSecSuccess) {
3051 // create test key (unique by UUID only)
3052 if (CreateSymmetricKey(keychain, gLabel, gUUID, NULL, errSecSuccess) != errSecSuccess)
3053 ++result;
3054 // look it up again (it should exist now!)
3055 if (FindSymmetricKey(keychain, gLabel, gUUID, NULL, errSecSuccess) != errSecSuccess)
3056 ++result;
3057 }
3058
3059 // now look up a key whose name is derived from today's date
3060 // (so we can make sure on a daily basis that SecKeyGenerateSymmetric is still working)
3061 CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
3062 CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
3063 gPrefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
3064
3065 //
3066 //%%% FIXME Creating a symmetric key with attributes that would duplicate an existing
3067 // key item currently results in a broken <unknown> key which can't be found: <rdar://8289559>
3068 //
3069 //CFStringRef curAppTag = curDateLabel; // i.e. make sure it will be unique, for now
3070 CFStringRef curAppTag = CFSTR("SecItemFind");
3071
3072 // look up our date-based symmetric key by label, UUID, and tag (it might not exist yet)
3073 if (FindSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecItemNotFound) != errSecSuccess) {
3074 // create test key (unique by combination of UUID and application tag)
3075 if (CreateSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecSuccess) != errSecSuccess)
3076 ++result;
3077 // look it up again (it should exist now!)
3078 if (FindSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecSuccess) != errSecSuccess)
3079 ++result;
3080 }
3081
3082 // test handling of duplicate symmetric key items (<rdar://8289559>)
3083 if (CreateSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecDuplicateItem) != errSecDuplicateItem)
3084 ++result;
3085
3086 CFRelease(curDateLabel);
3087
3088 return result;
3089 }
3090
3091
3092 static int TestInternetPasswordLookup(SecKeychainRef keychain)
3093 {
3094 int result = 0;
3095
3096 // look up internet password by account and server, want first result as data
3097 if (FindInternetPasswordByAccountAndServer(keychain, CFSTR("nobody"),
3098 CFSTR("test2.subdomain.apple.com"), kSecReturnData, kSecMatchLimitOne, 1, noErr))
3099 ++result;
3100
3101 // look up internet password by account and server, want dictionary of the item's attributes
3102 if (FindInternetPasswordByAccountAndServer(keychain, CFSTR("nobody"),
3103 CFSTR("test2.subdomain.apple.com"), kSecReturnAttributes, kSecMatchLimitOne, 1, noErr))
3104 ++result;
3105
3106 // look up internet passwords by account, want array of SecKeychainItemRef results
3107 if (FindInternetPasswordByAccount(keychain, CFSTR("nobody"),
3108 kSecReturnRef, kSecMatchLimitAll, 1, noErr))
3109 ++result;
3110
3111 // look up a Mail password for an IMAP account, replacing SecKeychainFindInternetPassword
3112 // (see <rdar://8347516>)
3113 if (FindMailPassword(keychain, CFSTR("testacct"), CFSTR("mail.apple.com")))
3114 ++result;
3115
3116 return result;
3117 }
3118
3119
3120 static int TestGenericPasswordLookup(SecKeychainRef keychain)
3121 {
3122 int result = 0;
3123
3124 // look up generic password by account and service, want first result as data
3125 if (FindGenericPasswordByAccountAndService(keychain, CFSTR("nobody"),
3126 CFSTR("Test Service 42"), kSecReturnData, kSecMatchLimitOne, 1, noErr))
3127 ++result;
3128
3129 // look up generic password by account and service, dictionary of the item's attributes
3130 if (FindGenericPasswordByAccountAndService(keychain, CFSTR("nobody"),
3131 CFSTR("Test Service 42"), kSecReturnAttributes, kSecMatchLimitOne, 1, noErr))
3132 ++result;
3133
3134 // look up generic passwords by account, want array of SecKeychainItemRef results
3135 if (FindGenericPasswordByAccount(keychain, CFSTR("nobody"),
3136 kSecReturnRef, kSecMatchLimitAll, 1, noErr))
3137 ++result;
3138
3139 return result;
3140 }
3141
3142
3143 static int TestUpdateItems(SecKeychainRef keychain)
3144 {
3145 int result = 0;
3146
3147 // test for <rdar://8658820>
3148 // create a new 1024-bit RSA key pair
3149 SecKeyRef publicKey = NULL;
3150 SecKeyRef privateKey = NULL;
3151 CFMutableDictionaryRef params = CFDictionaryCreateMutable(NULL, 0,
3152 &kCFTypeDictionaryKeyCallBacks,
3153 &kCFTypeDictionaryValueCallBacks);
3154 int keySizeValue = 1024;
3155 CFNumberRef keySize = CFNumberCreate(NULL, kCFNumberIntType, &keySizeValue);
3156 CFStringRef keyLabel = CFSTR("AppleID 8658820 test key");
3157 CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeRSA );
3158 CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize ); CFReleaseNull(keySize);
3159 CFDictionaryAddValue( params, kSecAttrLabel, keyLabel );
3160 CFDictionaryAddValue( params, kSecUseKeychain, keychain );
3161 // CFDictionaryAddValue( params, kSecAttrAccess, access );
3162 // %%% note that SecKeyGeneratePair will create the key pair in the default keychain
3163 // if a keychain is not given via the kSecUseKeychain parameter.
3164 OSStatus status = SecKeyGeneratePair(params, &publicKey, &privateKey);
3165 if (status != noErr) {
3166 ++result;
3167 }
3168 PrintTestResult("TestUpdateItems: generating key pair", status, noErr);
3169
3170 // create a query which will match just the private key item (based on its known reference)
3171 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
3172 &kCFTypeDictionaryKeyCallBacks,
3173 &kCFTypeDictionaryValueCallBacks);
3174 CFArrayRef itemList = CFArrayCreate(NULL, (const void**) &privateKey, 1, &kCFTypeArrayCallBacks);
3175 // %%% note that kSecClass seems to be a required query parameter even though
3176 // kSecMatchItemList is provided; that looks like it could be a bug...
3177 CFDictionaryAddValue( query, kSecClass, kSecClassKey );
3178 // CFDictionaryAddValue( query, kSecAttrKeyClass, kSecAttrKeyClassPrivate );
3179 CFDictionaryAddValue( query, kSecMatchItemList, itemList );
3180
3181 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
3182 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
3183 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
3184
3185 // create dictionary of changed attributes for the private key
3186 CFMutableDictionaryRef attrs = CFDictionaryCreateMutable(NULL, 0,
3187 &kCFTypeDictionaryKeyCallBacks,
3188 &kCFTypeDictionaryValueCallBacks);
3189 SecAccessRef access = NULL;
3190 CFStringRef newLabel = CFSTR("AppleID 8658820 test PRIVATE key");
3191 status = SecAccessCreate(newLabel, NULL, &access);
3192 if (status != noErr) {
3193 ++result;
3194 }
3195 PrintTestResult("TestUpdateItems: creating access", status, noErr);
3196 //%%% note that changing the access for this key causes a dialog,
3197 // so leave this out for the moment (uncomment to test that access change works).
3198 // Normally the desired access should be passed into the SecKeyGeneratePair function.
3199 // so there is no need for a dialog later.
3200 // CFDictionaryAddValue( attrs, kSecAttrAccess, access );
3201 CFDictionaryAddValue( attrs, kSecAttrLabel, newLabel );
3202
3203 // update the private key with the new attributes
3204 status = SecItemUpdate( query, attrs );
3205 if (status != noErr) {
3206 ++result;
3207 }
3208 PrintTestResult("TestUpdateItems: updating item", status, noErr);
3209
3210 if (publicKey)
3211 CFRelease(publicKey);
3212 if (privateKey)
3213 CFRelease(privateKey);
3214 if (access)
3215 CFRelease(access);
3216
3217 if (params)
3218 CFRelease(params);
3219 if (query)
3220 CFRelease(query);
3221 if (attrs)
3222 CFRelease(attrs);
3223
3224 return result;
3225 }
3226
3227
3228 static int TestDeleteItems(SecKeychainRef keychain)
3229 {
3230 int result = 0;
3231
3232 // delete our 3 test certificates that start with "Test-5685316-"
3233 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-5685316-"), NULL, kSecClassCertificate, kSecMatchLimitAll, 3, noErr))
3234 ++result;
3235
3236 // delete our 2 test identities that start with "Test Identity S" (fixed by <rdar://8317856>)
3237 if (FindAndDeleteItemsByName(keychain, CFSTR("Test Identity S"), NULL, kSecClassIdentity, kSecMatchLimitAll, 2, noErr))
3238 ++result;
3239
3240 // delete the "Test-SignOnly (S/MIME)" identity
3241 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-SignOnly (S/MIME)"), NULL, kSecClassIdentity, kSecMatchLimitAll, 1, noErr))
3242 ++result;
3243
3244 // delete the "Test-Encryption (S/MIME)" certificate
3245 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-Encryption (S/MIME)"), NULL, kSecClassCertificate, kSecMatchLimitAll, 1, noErr))
3246 ++result;
3247
3248 // delete the "Test-7875801 (Code Signing)" certificate
3249 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-7875801 (Code Signing)"), NULL, kSecClassCertificate, kSecMatchLimitAll, 1, noErr))
3250 ++result;
3251
3252 // delete our test passwords (no partial string matching for password items! need an ER Radar...)
3253 if (FindAndDeleteItemsByName(keychain, CFSTR("Test Service 42"), NULL, kSecClassGenericPassword, kSecMatchLimitAll, 1, noErr))
3254 ++result;
3255 if (FindAndDeleteItemsByName(keychain, CFSTR("Test Service 69"), NULL, kSecClassGenericPassword, kSecMatchLimitAll, 1, noErr))
3256 ++result;
3257 if (FindAndDeleteItemsByName(keychain, CFSTR("test1.subdomain.apple.com"), NULL, kSecClassInternetPassword, kSecMatchLimitAll, 1, noErr))
3258 ++result;
3259 if (FindAndDeleteItemsByName(keychain, CFSTR("test2.subdomain.apple.com"), NULL, kSecClassInternetPassword, kSecMatchLimitAll, 1, noErr))
3260 ++result;
3261 if (FindAndDeleteItemsByName(keychain, CFSTR("mail.apple.com"), CFSTR("testacct"), kSecClassInternetPassword, kSecMatchLimitAll, 1, noErr))
3262 ++result;
3263
3264 // delete our test symmetric keys (no partial string matching for key items! need an ER Radar...)
3265 if (FindAndDeleteItemsByName(keychain, gLabel, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3266 ++result;
3267 CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
3268 CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
3269 gPrefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
3270 if (FindAndDeleteItemsByName(keychain, curDateLabel, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3271 ++result;
3272 CFRelease(curDateLabel);
3273
3274 // delete our test asymmetric key pair (remember we renamed the private key...)
3275 if (FindAndDeleteItemsByName(keychain, CFSTR("AppleID 8658820 test key"), NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3276 ++result;
3277 if (FindAndDeleteItemsByName(keychain, CFSTR("AppleID 8658820 test PRIVATE key"), NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3278 ++result;
3279
3280 return result;
3281 }
3282
3283
3284 int kc_18_find_combined (int argc, char *const *argv)
3285 {
3286 plan_tests(167);
3287
3288 printf("Getting -25308 or -25293? Try unlocking your default keychain; that's where identity and certificate preferences are stored (with no other option).\n");
3289
3290 debug = test_verbose;
3291
3292 SecKeychainRef keychain = createNewKeychain("SecItemTest.keychain", "test");
3293 addToSearchList(keychain);
3294
3295 TestAddItems(keychain);
3296 TestGenericPasswordLookup(keychain);
3297 TestInternetPasswordLookup(keychain);
3298 TestSymmetricKeyLookup(keychain);
3299 TestCertificateLookup(keychain);
3300 TestIdentityLookup(keychain);
3301 TestPreferredIdentityLookup(keychain);
3302 TestPreferredCertificateLookup(keychain);
3303 TestUpdateItems(keychain);
3304 TestDeleteItems(keychain);
3305
3306 ok_status(SecKeychainDelete(keychain), "SecKeychainDelete");
3307 CFReleaseNull(keychain);
3308
3309 deleteTestFiles();
3310 return 0;
3311 }
mirror of Security