]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/regressions/kc-18-find-combined.c
Security-58286.200.222.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / regressions / kc-18-find-combined.c
1 /*
2 * Copyright (c) 2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the xLicense.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // Tests the ability of SecItemCopyMatching to replace the following
26 // deprecated keychain search functions:
27 //
28 // - SecKeychainSearchCreateFromAttributes +
29 // SecKeychainSearchCopyNext [for keys, certificates, passwords]
30 //
31 // - SecIdentitySearchCreate (or SecIdentitySearchCreateWithPolicy) +
32 // SecIdentitySearchCopyNext [for identities]
33 //
34 //
35 // This tool incidentally tests other Security API functions, including:
36 // - SecItemAdd
37 // - SecItemImport
38 // - SecItemDelete
39 // - SecKeyGenerateSymmetric
40 //
41
42 #include <CoreFoundation/CoreFoundation.h>
43 #include <CoreServices/CoreServices.h>
44 #include <Security/Security.h>
45 #include <Security/SecKey.h>
46 #include <Security/SecPolicyPriv.h>
47
48 #include <stdlib.h>
49 #include <string.h>
50 #include <syslog.h>
51 #include <unistd.h>
52 #include <time.h>
53 #include <sys/param.h>
54 #include "regressions/test/testenv.h"
55 #include "utilities/SecCFRelease.h"
56
57 #include "keychain_regressions.h"
58 #include "kc-helpers.h"
59
60 /* Following is a 3-element certificate chain
61 * (ROOT_CERT, INTERMEDIATE_CERT, LEAF_CERT)
62 */
63 unsigned char ROOT_CERT[985]={
64 0x30,0x82,0x03,0xD5,0x30,0x82,0x02,0xBD,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x01,
65 0x30,0x0B,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x30,0x81,0x9D,
66 0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,
67 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x52,0x4F,0x4F,0x54,0x31,0x0E,0x30,0x0C,
68 0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,
69 0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,
70 0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,
71 0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,
72 0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,
73 0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,
74 0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,
75 0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x1E,0x17,
76 0x0D,0x30,0x39,0x31,0x32,0x31,0x38,0x31,0x37,0x32,0x39,0x32,0x33,0x5A,0x17,0x0D,
77 0x31,0x30,0x31,0x32,0x31,0x38,0x31,0x37,0x32,0x39,0x32,0x33,0x5A,0x30,0x81,0x9D,
78 0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,
79 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x52,0x4F,0x4F,0x54,0x31,0x0E,0x30,0x0C,
80 0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,
81 0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,
82 0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,
83 0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,
84 0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,
85 0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,
86 0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,
87 0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,
88 0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,
89 0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xB0,0x4C,
90 0x94,0xF7,0x56,0x26,0x91,0xB8,0xD1,0x5B,0x7C,0xEE,0x74,0xCB,0x1F,0x43,0xFE,0x88,
91 0x24,0xAD,0xB0,0x1E,0x85,0x86,0xE9,0x3F,0xE7,0x74,0x40,0x6C,0x4A,0x8E,0x6B,0x50,
92 0x7A,0x1B,0x43,0x9A,0x9E,0xF4,0x81,0xB3,0xF1,0xDB,0x6E,0xD4,0xFA,0xAE,0x06,0xCB,
93 0x7F,0xE6,0xCA,0x06,0x06,0xC4,0x1E,0x2D,0xF3,0xFA,0x67,0xD6,0x95,0x0E,0xAC,0xCA,
94 0x2B,0x25,0x14,0x4C,0x20,0x04,0xB4,0x26,0xAC,0x15,0x62,0x15,0xA6,0x21,0x14,0x51,
95 0xCC,0x77,0x82,0x11,0xD0,0xF8,0xB0,0x06,0xC1,0x0F,0xFB,0x08,0x60,0x53,0x11,0x1F,
96 0x00,0xA8,0x27,0x0E,0x2C,0x2C,0x63,0x34,0x6A,0xC5,0x4B,0x2D,0xCC,0x07,0xF6,0x39,
97 0xDC,0x00,0xCF,0x6E,0x29,0x15,0x3E,0x3F,0x6C,0x89,0xB9,0x48,0x97,0x19,0xA2,0xB8,
98 0x44,0x8D,0x98,0x85,0xF4,0x0B,0x70,0x06,0xD6,0x9A,0x39,0x4F,0x44,0x92,0x73,0x74,
99 0xDF,0x46,0x10,0x9C,0xB5,0xBB,0x69,0xF4,0xE1,0xB5,0x61,0x2E,0xFF,0x92,0xDB,0x47,
100 0x93,0x48,0x45,0xEB,0x7E,0xFA,0xCC,0xDB,0xCE,0x50,0x0A,0xCA,0xAF,0xAB,0x7D,0x09,
101 0x9A,0x1E,0xC4,0x08,0xA1,0xD4,0xB9,0x2A,0x42,0x49,0x10,0x75,0x63,0x4E,0x51,0x3B,
102 0xF7,0xF4,0xCA,0xCB,0x05,0xC9,0xE0,0xC9,0xD3,0x04,0x14,0x81,0xF6,0x9A,0xEE,0x0C,
103 0x2B,0x56,0x87,0x20,0x50,0x27,0x14,0x71,0x1C,0x30,0x18,0x8C,0xDD,0xF4,0xA9,0x41,
104 0x13,0x6D,0xE4,0x41,0xB1,0xE0,0x7E,0x09,0xD7,0x99,0xCE,0xE4,0x7A,0x91,0x65,0xBB,
105 0x3F,0xE1,0xD4,0x07,0x8D,0xA9,0x23,0x0A,0xA4,0x80,0x47,0x58,0xD5,0x25,0x02,0x03,
106 0x01,0x00,0x01,0xA3,0x20,0x30,0x1E,0x30,0x0F,0x06,0x03,0x55,0x1D,0x13,0x01,0x01,
107 0xFF,0x04,0x05,0x30,0x03,0x01,0x01,0xFF,0x30,0x0B,0x06,0x03,0x55,0x1D,0x0F,0x04,
108 0x04,0x03,0x02,0x02,0x84,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,
109 0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x38,0x44,0x10,0xF4,0x24,0x4A,0xAA,
110 0x9F,0x0D,0x37,0x5E,0x75,0xB7,0xF5,0xC5,0x27,0x19,0x57,0xE5,0x25,0x4A,0x44,0x03,
111 0x5F,0x2E,0xD4,0x70,0x69,0xDD,0x55,0xDB,0x47,0x07,0x06,0x3E,0x5D,0xA4,0xBB,0x64,
112 0xE2,0xA6,0x09,0x8B,0x6D,0x0B,0x50,0x33,0x5A,0x92,0x5A,0x5B,0xDF,0x6A,0x9F,0x81,
113 0x5F,0x17,0x95,0xB0,0xC6,0xC3,0xCD,0x6D,0x17,0xDD,0x83,0xC1,0xA5,0xB7,0xCD,0xFF,
114 0xE8,0x13,0x10,0x35,0x85,0x3E,0xCA,0xE4,0xF5,0x22,0x58,0x1E,0x68,0x14,0x62,0x35,
115 0xE4,0x65,0xB4,0xD3,0x42,0x5A,0x03,0x5C,0x2D,0x76,0xD5,0x9B,0xAA,0xCB,0x3A,0xAC,
116 0x55,0x58,0xAD,0x67,0x30,0xDC,0xC3,0xA7,0xA9,0x37,0xBB,0x61,0xA2,0xEA,0x6E,0x0C,
117 0xB0,0x4B,0x0D,0x64,0x3D,0x59,0x3C,0xA3,0xA1,0x73,0x4F,0x33,0xDB,0x6F,0xBF,0x2D,
118 0xB2,0x9D,0xCE,0x05,0x1C,0xF0,0xAB,0x4A,0xB0,0x70,0x5D,0x32,0x20,0x22,0xD7,0x12,
119 0xC0,0x1C,0x0B,0x0D,0xC0,0x72,0x6B,0x6F,0xA4,0xF8,0xAA,0xD2,0x34,0x36,0x63,0x84,
120 0x80,0xF0,0x70,0x5E,0x09,0xEA,0xFF,0x48,0x49,0x85,0x83,0x8E,0x8E,0x6E,0x4C,0x2E,
121 0x2F,0xBB,0xBF,0xDF,0x3B,0x73,0x65,0xA2,0x0D,0x09,0x84,0x8F,0x08,0x86,0x61,0x27,
122 0x58,0xB6,0x7E,0x2D,0xEC,0x08,0xBA,0x40,0x5D,0x20,0x54,0x37,0xDD,0xCC,0xE5,0xDB,
123 0x38,0x68,0xEE,0x56,0x9F,0x92,0xDD,0x03,0x04,0xD2,0x94,0x51,0xD3,0xA9,0x08,0x2E,
124 0x6E,0x25,0x8E,0xBF,0x8A,0xA9,0x2B,0xAD,0x50,0x00,0xA7,0x39,0x11,0x6A,0x9A,0x28,
125 0x99,0x9A,0xB9,0x3B,0xB9,0xB5,0x9C,0x19,0x3A,
126 };
127
128 unsigned char INTERMEDIATE_CERT[1037]={
129 0x30,0x82,0x04,0x09,0x30,0x82,0x02,0xF1,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x02,
130 0x30,0x0B,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x30,0x81,0x9D,
131 0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,
132 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x52,0x4F,0x4F,0x54,0x31,0x0E,0x30,0x0C,
133 0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,
134 0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,
135 0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,
136 0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,
137 0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,
138 0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,
139 0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,
140 0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x1E,0x17,
141 0x0D,0x30,0x39,0x31,0x32,0x31,0x38,0x31,0x37,0x33,0x30,0x35,0x34,0x5A,0x17,0x0D,
142 0x31,0x30,0x31,0x32,0x31,0x38,0x31,0x37,0x33,0x30,0x35,0x34,0x5A,0x30,0x81,0xA5,
143 0x31,0x22,0x30,0x20,0x06,0x03,0x55,0x04,0x03,0x0C,0x19,0x54,0x65,0x73,0x74,0x2D,
144 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x49,0x4E,0x54,0x45,0x52,0x4D,0x45,0x44,
145 0x49,0x41,0x54,0x45,0x31,0x0E,0x30,0x0C,0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,
146 0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,
147 0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,
148 0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
149 0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,
150 0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,
151 0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,
152 0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,
153 0x65,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
154 0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,
155 0x0A,0x02,0x82,0x01,0x01,0x00,0xC4,0xBD,0x46,0x0E,0x0F,0x5C,0x1C,0xA2,0x23,0xD2,
156 0x3B,0x8C,0xC4,0x02,0x52,0x8C,0xD8,0xB1,0xC2,0x58,0x2E,0x84,0xAA,0x6C,0xCB,0x4B,
157 0xE4,0xF1,0xE7,0x48,0x98,0x46,0x6B,0xD0,0x50,0xB0,0xA3,0x1F,0x23,0xC6,0x3C,0x81,
158 0x73,0xE7,0xEA,0xAA,0x55,0xF7,0x37,0x58,0x85,0xF6,0x96,0x0D,0xC0,0x81,0x8D,0x3D,
159 0xD9,0xAD,0xFA,0x32,0x46,0x56,0x4A,0x53,0xF5,0x53,0x34,0x5B,0xFC,0xFC,0x51,0x2A,
160 0x45,0xD4,0xCB,0x53,0xF9,0x58,0xBF,0x7D,0x48,0xB3,0x23,0x41,0xD7,0x93,0x1C,0xC2,
161 0x32,0xE8,0x1C,0x82,0xDC,0xDC,0xCB,0xED,0x0B,0xDA,0x8A,0x1C,0xC0,0x0E,0x83,0x24,
162 0xE6,0x2E,0x68,0xA6,0xB6,0x60,0xEE,0xAF,0xB1,0x07,0xF1,0xC0,0xDB,0x29,0x83,0x9E,
163 0x0C,0xF4,0xCF,0x67,0x5B,0x49,0x3A,0x17,0x7E,0xC1,0xEB,0x75,0x3E,0xDD,0x0F,0x9A,
164 0xC7,0x06,0x60,0x2B,0x18,0xBD,0xAA,0x96,0xD1,0xE1,0x9C,0xF0,0x34,0xFF,0x3E,0x8C,
165 0x4A,0x96,0x5D,0x68,0x7C,0xCF,0xA1,0x14,0xED,0xB1,0x8E,0x10,0x8D,0x1F,0x15,0x22,
166 0x4E,0x8E,0x1A,0xC7,0xAD,0xB9,0x16,0xCB,0x3C,0xCB,0x5D,0xB9,0xAC,0xD9,0xFE,0xAE,
167 0xDE,0x06,0x3B,0xB6,0xA1,0xAA,0x7C,0x91,0x76,0xC6,0xA4,0x81,0xBD,0x29,0x86,0x33,
168 0xA6,0xB5,0x4D,0x28,0x94,0x51,0x81,0x3F,0x68,0x95,0xEB,0x41,0x7A,0xE9,0x87,0xD7,
169 0xDC,0xC8,0xA0,0x5F,0xAB,0x29,0xD9,0xC4,0x08,0xC8,0xA0,0x0B,0x77,0xAC,0x6C,0x21,
170 0x10,0xA4,0xED,0x86,0x78,0x99,0x1F,0xA7,0x23,0x33,0x34,0x89,0x80,0x02,0xBC,0xAF,
171 0xC6,0x3E,0x38,0xFB,0x7C,0x47,0x02,0x03,0x01,0x00,0x01,0xA3,0x4C,0x30,0x4A,0x30,
172 0x0F,0x06,0x03,0x55,0x1D,0x13,0x01,0x01,0xFF,0x04,0x05,0x30,0x03,0x01,0x01,0xFF,
173 0x30,0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,0x01,0xFF,0x04,0x04,0x03,0x02,0x02,0x84,
174 0x30,0x27,0x06,0x03,0x55,0x1D,0x11,0x04,0x20,0x30,0x1E,0x81,0x1C,0x73,0x65,0x63,
175 0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,
176 0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
177 0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x3C,0x66,0x3B,
178 0x9D,0x6E,0xA9,0x0E,0xC9,0xC2,0x6C,0xF4,0x79,0xFB,0xD5,0x6E,0x1F,0x01,0x4E,0x0D,
179 0x2C,0x64,0x7B,0x6E,0xD7,0xC7,0xA7,0x64,0x8B,0xF0,0xCD,0x93,0xCD,0x12,0x29,0x71,
180 0x87,0x3E,0xA3,0x1E,0x7F,0x57,0xC7,0xD9,0xBF,0xD2,0xF2,0x03,0x27,0xD5,0x5E,0xEF,
181 0x59,0xBC,0x91,0x37,0xB4,0x4A,0xEE,0xD2,0x2F,0xEA,0x92,0x07,0xBC,0xEC,0xAC,0x6A,
182 0xF1,0x34,0xA4,0x40,0x61,0x8B,0xB9,0x3D,0xAF,0x5B,0x86,0x6E,0xEE,0x4C,0xCB,0x7F,
183 0x1F,0xD0,0x0F,0x9E,0x5A,0xF0,0x39,0xFD,0x89,0xF3,0x03,0x61,0x5A,0xDF,0x6B,0x5F,
184 0xE3,0x33,0x51,0x80,0x1B,0x61,0xFE,0x7A,0xC7,0x27,0xBF,0x12,0xB5,0x69,0x79,0x1E,
185 0xAD,0x75,0xA8,0xFA,0x94,0xCC,0x22,0x4C,0xF9,0xB4,0xD3,0xD0,0xDC,0x57,0xD3,0x66,
186 0x96,0xDD,0x8A,0xC0,0xE4,0x11,0x5A,0xD9,0xB3,0x76,0x17,0x04,0xDA,0x62,0x71,0x58,
187 0xEA,0x99,0xC3,0x06,0xA7,0xE8,0xDB,0xA9,0x05,0xEC,0xA3,0xCA,0xDA,0x2E,0x77,0x66,
188 0xF4,0xC4,0xD2,0xC6,0xF0,0x5F,0xE6,0x88,0xDF,0x7F,0x23,0xDE,0x7B,0x04,0xA4,0x22,
189 0x45,0xEF,0x0A,0x13,0x79,0x8E,0xE1,0x14,0x22,0x79,0x22,0x86,0x1A,0x4C,0xA7,0xBA,
190 0x06,0x55,0xD9,0x5E,0xF3,0x9C,0xE0,0x1F,0xE3,0xA4,0x1C,0x8E,0x01,0x9F,0x7E,0xEF,
191 0xD2,0xA7,0x8D,0xD6,0x4D,0x1A,0x3D,0xA7,0xB2,0xDB,0x44,0x25,0xB5,0xA6,0x8A,0xD5,
192 0x49,0x87,0x04,0x6C,0x41,0x13,0x88,0x7A,0xFB,0x5E,0x16,0xA2,0x8F,0x37,0x81,0x47,
193 0xD8,0x27,0x3D,0xBD,0xB1,0x3E,0xCE,0x2A,0x07,0x75,0x45,0x5F,0x44,
194 };
195
196 unsigned char LEAF_CERT[1037]={
197 0x30,0x82,0x04,0x09,0x30,0x82,0x02,0xF1,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x03,
198 0x30,0x0B,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x30,0x81,0xA5,
199 0x31,0x22,0x30,0x20,0x06,0x03,0x55,0x04,0x03,0x0C,0x19,0x54,0x65,0x73,0x74,0x2D,
200 0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,0x49,0x4E,0x54,0x45,0x52,0x4D,0x45,0x44,
201 0x49,0x41,0x54,0x45,0x31,0x0E,0x30,0x0C,0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,
202 0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,
203 0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,
204 0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
205 0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,
206 0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,
207 0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,
208 0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,
209 0x65,0x2E,0x63,0x6F,0x6D,0x30,0x1E,0x17,0x0D,0x30,0x39,0x31,0x32,0x31,0x38,0x31,
210 0x37,0x33,0x32,0x31,0x36,0x5A,0x17,0x0D,0x31,0x30,0x31,0x32,0x31,0x38,0x31,0x37,
211 0x33,0x32,0x31,0x36,0x5A,0x30,0x81,0x9D,0x31,0x1A,0x30,0x18,0x06,0x03,0x55,0x04,
212 0x03,0x0C,0x11,0x54,0x65,0x73,0x74,0x2D,0x35,0x36,0x38,0x35,0x33,0x31,0x36,0x2D,
213 0x4C,0x45,0x41,0x46,0x31,0x0E,0x30,0x0C,0x06,0x03,0x55,0x04,0x0A,0x0C,0x05,0x41,
214 0x70,0x70,0x6C,0x65,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0B,0x43,
215 0x6F,0x72,0x65,0x20,0x43,0x72,0x79,0x70,0x74,0x6F,0x31,0x0B,0x30,0x09,0x06,0x03,
216 0x55,0x04,0x08,0x0C,0x02,0x43,0x41,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
217 0x13,0x02,0x55,0x53,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x0C,0x09,0x43,
218 0x75,0x70,0x65,0x72,0x74,0x69,0x6E,0x6F,0x31,0x2B,0x30,0x29,0x06,0x09,0x2A,0x86,
219 0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,0x16,0x1C,0x73,0x65,0x63,0x75,0x72,0x69,0x74,
220 0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,0x61,0x70,0x70,0x6C,
221 0x65,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
222 0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,
223 0x0A,0x02,0x82,0x01,0x01,0x00,0xBF,0x1B,0x87,0x6B,0x10,0xF8,0xF6,0x24,0x07,0x40,
224 0xC3,0xE3,0x81,0x26,0xD6,0xF4,0xFF,0xAA,0x6C,0x26,0xD4,0xBF,0xF7,0x9A,0xF5,0xB8,
225 0x63,0xBD,0x8B,0xFD,0x4B,0xFE,0xFF,0x4B,0xA2,0x15,0x13,0x52,0x84,0x87,0x9E,0x2B,
226 0x32,0x5B,0xF8,0x01,0x28,0x5E,0xF1,0x9C,0xE7,0x52,0xB0,0x89,0xB8,0x4A,0xD0,0x87,
227 0x40,0x0C,0xCD,0xAC,0x11,0x22,0x89,0x44,0x26,0x3B,0x40,0xF3,0x34,0x61,0x14,0x3A,
228 0x94,0xF3,0x1F,0x27,0x62,0xF8,0x8C,0xB4,0xF5,0x1E,0xA6,0x37,0x53,0xB2,0xB3,0x1E,
229 0x35,0xF6,0x00,0x34,0x4B,0x28,0x72,0x5B,0x9D,0xD8,0xEA,0x06,0x91,0x77,0x57,0x38,
230 0x9C,0xA5,0x66,0x5F,0x1A,0x9A,0x0B,0xCC,0x2F,0x2E,0x58,0xA2,0x70,0x66,0xA6,0xEF,
231 0x1B,0x3A,0x0E,0xF0,0x4B,0xA6,0x9D,0x6D,0x63,0xE0,0x1C,0x9C,0x8E,0xFF,0x6F,0x50,
232 0x5F,0x03,0x1A,0x80,0x12,0x4A,0xB6,0x89,0x83,0x5C,0x51,0x9F,0x2F,0xEA,0xE4,0x7F,
233 0x12,0xFB,0xE4,0x92,0xF0,0x8B,0x17,0x35,0x02,0x73,0xA0,0x7D,0xA2,0xB9,0x89,0xE2,
234 0x78,0x52,0xA1,0x08,0x42,0x78,0xD5,0xD3,0x8C,0x3C,0xF2,0x88,0x5E,0x7A,0xCC,0x94,
235 0x80,0x42,0xEA,0xED,0x6E,0x64,0x19,0x5E,0x53,0x05,0xB6,0x60,0xDB,0x81,0x92,0x2C,
236 0x3D,0xD4,0xAF,0xF8,0xED,0xD9,0x28,0xCE,0x0B,0xD9,0xDC,0x20,0x0C,0xA9,0x8D,0xA4,
237 0x54,0xD1,0xDA,0xDE,0x30,0x4A,0x67,0xC6,0xAC,0x4E,0xE3,0xB4,0xD7,0x16,0xF5,0xDC,
238 0xE3,0x52,0xAC,0x01,0x1C,0xB6,0xC1,0x5B,0xB4,0xEA,0x67,0x25,0xFE,0xF6,0x58,0x5C,
239 0xFE,0x88,0x4E,0xCF,0xF1,0x11,0x02,0x03,0x01,0x00,0x01,0xA3,0x4C,0x30,0x4A,0x30,
240 0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,0x01,0xFF,0x04,0x04,0x03,0x02,0x07,0x80,0x30,
241 0x0F,0x06,0x03,0x55,0x1D,0x25,0x04,0x08,0x30,0x06,0x06,0x04,0x55,0x1D,0x25,0x00,
242 0x30,0x27,0x06,0x03,0x55,0x1D,0x11,0x04,0x20,0x30,0x1E,0x81,0x1C,0x73,0x65,0x63,
243 0x75,0x72,0x69,0x74,0x79,0x2D,0x64,0x65,0x76,0x40,0x67,0x72,0x6F,0x75,0x70,0x2E,
244 0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,
245 0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x1A,0xE5,0xD1,
246 0x13,0x66,0x83,0xC7,0x1A,0xB0,0x50,0xF0,0x1B,0x6E,0x70,0x6E,0x36,0x1A,0x0F,0x12,
247 0x9E,0x0B,0xFD,0x4B,0x79,0xEC,0xAA,0x5E,0x2A,0x37,0x79,0x50,0x97,0x13,0x9E,0xB6,
248 0x43,0xF0,0xD2,0xC6,0xF3,0x43,0x73,0x33,0x6C,0xCB,0x73,0xE5,0xBE,0x4C,0x42,0x6F,
249 0x33,0x76,0x96,0xA2,0x6B,0xA0,0x8D,0xAD,0x46,0xA5,0xD4,0xAC,0x0E,0x55,0x80,0x1A,
250 0x6E,0xAF,0xC2,0x2E,0xB3,0xD4,0x64,0xC3,0x65,0xFA,0x1C,0x42,0x47,0x12,0x9F,0x44,
251 0xD2,0x1F,0xCF,0xA1,0x53,0x49,0x66,0x66,0x14,0x21,0xD4,0x17,0xD1,0x26,0x75,0xAD,
252 0x08,0x93,0x9C,0x3B,0xB7,0x7C,0x03,0x2F,0x76,0x5D,0xB7,0x25,0x83,0x68,0xE3,0x01,
253 0x5C,0xCD,0x87,0x7A,0x71,0x8B,0x8D,0x5D,0x27,0x27,0xF2,0x24,0x56,0x7C,0x7E,0x33,
254 0x8F,0xE6,0x02,0x46,0xAD,0x63,0x28,0x85,0xA2,0x9E,0xEA,0x5A,0xC4,0x92,0xCE,0x76,
255 0xE8,0xD4,0xD4,0x7D,0x48,0x44,0xA4,0x21,0x8C,0xB7,0xC2,0x15,0x80,0x87,0x19,0xB1,
256 0x10,0x6A,0xC7,0x51,0xB7,0x25,0x40,0x26,0x8A,0xCC,0xB6,0x0C,0xE2,0x0D,0xA1,0x40,
257 0x20,0x85,0x0F,0xE5,0xB9,0xB5,0x32,0x10,0xA9,0x5F,0x25,0xCA,0xD2,0x95,0x11,0x54,
258 0x41,0xEA,0xC3,0xBA,0x0C,0x24,0x10,0x28,0xC9,0x09,0xAF,0x7E,0xDF,0x6A,0x2F,0x30,
259 0x49,0x7C,0xB0,0x23,0x46,0xA8,0xDC,0xE3,0x6A,0x17,0x87,0xF7,0xCC,0x3A,0xBD,0x11,
260 0x95,0xC3,0x0A,0x37,0xD1,0x1F,0x20,0xB6,0x1B,0xB2,0xA2,0x45,0xFF,0xC1,0x0D,0x9A,
261 0x56,0xCD,0x5A,0xF6,0x08,0xAA,0xBD,0xAB,0x13,0xC6,0xFD,0xAA,0xEC,
262 };
263
264 /* Test certificate for Code Signing policy
265 */
266 unsigned char Test_codesign[]={
267 0x30, 0x82, 0x03, 0xe3, 0x30, 0x82, 0x02, 0xcb, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x03, 0x01, 0xc8, 0x60, 0x30, 0x0d,
268 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x9d, 0x31, 0x24, 0x30, 0x22,
269 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1b, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x37, 0x38, 0x37, 0x35, 0x38, 0x30, 0x31, 0x20,
270 0x28, 0x43, 0x6f, 0x64, 0x65, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x29, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
271 0x55, 0x04, 0x0a, 0x0c, 0x0b, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x10, 0x30, 0x0e,
272 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x07, 0x43, 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
273 0x55, 0x04, 0x08, 0x0c, 0x02, 0x43, 0x41, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
274 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f,
275 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x6e, 0x6f, 0x62,
276 0x6f, 0x64, 0x79, 0x40, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30,
277 0x34, 0x30, 0x34, 0x32, 0x32, 0x35, 0x35, 0x33, 0x32, 0x5a, 0x17, 0x0d, 0x32, 0x36, 0x30, 0x34, 0x30, 0x32, 0x32, 0x32,
278 0x35, 0x35, 0x33, 0x32, 0x5a, 0x30, 0x81, 0x9d, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1b, 0x54,
279 0x65, 0x73, 0x74, 0x2d, 0x37, 0x38, 0x37, 0x35, 0x38, 0x30, 0x31, 0x20, 0x28, 0x43, 0x6f, 0x64, 0x65, 0x20, 0x53, 0x69,
280 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x29, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0b, 0x41, 0x70, 0x70,
281 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x07, 0x43,
282 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x02, 0x43, 0x41, 0x31,
283 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04,
284 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86,
285 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x6e, 0x6f, 0x62, 0x6f, 0x64, 0x79, 0x40, 0x61, 0x70, 0x70, 0x6c,
286 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
287 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xb0, 0x78,
288 0x41, 0xd5, 0xc0, 0x71, 0x1d, 0x02, 0xc8, 0x57, 0x46, 0xf8, 0xc4, 0x3c, 0x7c, 0xa2, 0x13, 0x45, 0x8a, 0x1b, 0xef, 0x16,
289 0xa6, 0x6f, 0xfe, 0x97, 0xe4, 0x8b, 0x6a, 0x7b, 0x89, 0xd2, 0x50, 0xcb, 0x6b, 0xcc, 0x47, 0x32, 0x9a, 0xd3, 0xf4, 0x19,
290 0x62, 0x70, 0xe6, 0x27, 0xc4, 0x13, 0x5a, 0x60, 0x20, 0x8c, 0xb1, 0xc4, 0xf1, 0x76, 0xcd, 0x06, 0xb3, 0x60, 0x78, 0x4d,
291 0xb2, 0x30, 0xb1, 0x1c, 0x53, 0x36, 0x98, 0x44, 0x84, 0x35, 0x57, 0xe9, 0xbc, 0xb7, 0x2d, 0x17, 0xd7, 0x0c, 0xbc, 0x52,
292 0x9e, 0xfd, 0xe5, 0x32, 0x2a, 0xad, 0x28, 0x36, 0x24, 0x81, 0x87, 0x56, 0xd2, 0x39, 0x66, 0x13, 0x9e, 0x26, 0x44, 0x32,
293 0xa3, 0xa7, 0x8b, 0xe7, 0x33, 0x25, 0xa3, 0x8e, 0x25, 0x14, 0x91, 0xf4, 0x32, 0x1a, 0x97, 0x82, 0xd3, 0x5a, 0xb5, 0x68,
294 0x24, 0x0c, 0x46, 0x89, 0x00, 0x6f, 0xfa, 0x27, 0x03, 0xc6, 0x0b, 0xa2, 0xf0, 0xad, 0xd2, 0xec, 0x35, 0xca, 0x1a, 0xc5,
295 0x76, 0xd4, 0xb2, 0x48, 0x72, 0xf0, 0x34, 0x48, 0xd6, 0x8e, 0xae, 0x37, 0x35, 0x87, 0x60, 0x25, 0x16, 0x71, 0xda, 0x0c,
296 0x71, 0xaa, 0x95, 0xc2, 0xe4, 0x09, 0x91, 0xd9, 0x38, 0x62, 0xee, 0x0c, 0x26, 0x34, 0x7b, 0x6b, 0xbb, 0xf8, 0x33, 0xa1,
297 0x08, 0x71, 0xc1, 0x4a, 0x5f, 0x7d, 0x17, 0x31, 0x25, 0xb7, 0xbe, 0x66, 0xab, 0x28, 0x6e, 0x58, 0x3c, 0xd1, 0x5f, 0xbf,
298 0x8f, 0x48, 0x6e, 0x42, 0x8f, 0x85, 0x1a, 0x9e, 0x6b, 0x79, 0xbf, 0x43, 0xd9, 0xeb, 0x20, 0xa8, 0x1e, 0xf6, 0xe4, 0xaa,
299 0xdb, 0x62, 0x87, 0x02, 0x43, 0xd0, 0x75, 0xa4, 0x14, 0x1d, 0x33, 0x3e, 0x81, 0x5d, 0x7a, 0x7c, 0x4a, 0xdf, 0x3e, 0x79,
300 0x70, 0xca, 0xf5, 0xb6, 0xd8, 0x6d, 0x8e, 0xc7, 0x7f, 0xc7, 0xa0, 0x72, 0x6e, 0x95, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,
301 0x2a, 0x30, 0x28, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30,
302 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
303 0x07, 0x03, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82,
304 0x01, 0x01, 0x00, 0x98, 0x03, 0xa7, 0x17, 0x66, 0x1a, 0xf3, 0x19, 0xd5, 0x7f, 0xac, 0x74, 0x8e, 0xa7, 0x43, 0x6a, 0x14,
305 0xca, 0x5d, 0xa8, 0xf9, 0x8d, 0x22, 0x38, 0x48, 0x1c, 0x10, 0xd8, 0xe6, 0xfe, 0x0e, 0x8e, 0xd4, 0xb5, 0x8e, 0x89, 0xd9,
306 0x95, 0x01, 0xba, 0x11, 0x4c, 0x7b, 0x7c, 0x64, 0x98, 0xd8, 0x4a, 0x11, 0x43, 0x0d, 0x71, 0xbd, 0x9f, 0xd9, 0x33, 0x84,
307 0xa0, 0x3e, 0x9d, 0x6d, 0xa7, 0x72, 0xf0, 0x8d, 0x62, 0x9e, 0x45, 0xc2, 0x91, 0xfe, 0xbb, 0xbf, 0x08, 0x8b, 0x37, 0xd7,
308 0x38, 0x71, 0x8f, 0x17, 0x2d, 0x98, 0x81, 0x16, 0x2d, 0xf6, 0x90, 0x6d, 0x57, 0x64, 0x6b, 0xa0, 0xbc, 0x02, 0xd8, 0xeb,
309 0x63, 0x65, 0x1d, 0x1b, 0x20, 0xe7, 0x73, 0x8f, 0xe0, 0x82, 0x8d, 0x8f, 0xf6, 0x36, 0x08, 0x9d, 0xf3, 0xfd, 0x33, 0x4f,
310 0xd2, 0xb0, 0x6d, 0xb8, 0x50, 0x02, 0x43, 0x2f, 0x90, 0x16, 0xe9, 0xb0, 0x1f, 0x9b, 0x2e, 0x70, 0x10, 0x89, 0xaa, 0xdc,
311 0x18, 0xd7, 0xda, 0x3a, 0xce, 0xb8, 0x8f, 0xa4, 0x42, 0x4e, 0x50, 0x50, 0xa9, 0x19, 0x42, 0x0b, 0x07, 0x7c, 0x33, 0xe5,
312 0x47, 0x40, 0x6a, 0x14, 0x02, 0x1f, 0x1e, 0xcf, 0x66, 0xb2, 0x76, 0x88, 0x0d, 0x49, 0x3a, 0xa5, 0xde, 0xfb, 0x99, 0xfa,
313 0x70, 0xd4, 0x5e, 0xa1, 0x3e, 0x6d, 0x7f, 0x6b, 0x8c, 0x71, 0x79, 0x94, 0xb3, 0x1f, 0xcf, 0xdd, 0x9a, 0x31, 0xfd, 0x26,
314 0x82, 0xa9, 0x94, 0x55, 0x87, 0x17, 0x33, 0xd0, 0x35, 0x3e, 0x80, 0x53, 0x8e, 0xb7, 0x18, 0x86, 0x5b, 0x8b, 0xee, 0x29,
315 0xcf, 0xdf, 0x0e, 0x3f, 0x31, 0x9e, 0x29, 0x44, 0xa8, 0x99, 0xf7, 0xbe, 0x51, 0x3b, 0x53, 0xcd, 0x55, 0xfc, 0xb7, 0x6e,
316 0x50, 0x21, 0xf2, 0xcc, 0x9c, 0x09, 0xe2, 0x6f, 0x4d, 0x15, 0x2f, 0x98, 0xa1, 0x04, 0xc0, 0xeb, 0x4c, 0x98, 0x93
317 };
318 unsigned int Test_7875801__Code_Signing__cer_len = 999;
319
320 /* Test certificate for S/MIME policy (encrypt only, no sign), expires September 2026
321 */
322 unsigned char Test_smime_encryptonly[]={
323 0x30, 0x82, 0x04, 0x07, 0x30, 0x82, 0x02, 0xef, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x04, 0x02, 0xb8, 0x95, 0x23, 0x30,
324 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x9e, 0x31, 0x21, 0x30,
325 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74,
326 0x69, 0x6f, 0x6e, 0x20, 0x28, 0x53, 0x2f, 0x4d, 0x49, 0x4d, 0x45, 0x29, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04,
327 0x07, 0x13, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
328 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x43, 0x41, 0x31, 0x10,
329 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x07, 0x43, 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x14, 0x30, 0x12,
330 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0b, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x23,
331 0x30, 0x21, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x14, 0x73, 0x6d, 0x69, 0x6d, 0x65,
332 0x2d, 0x74, 0x65, 0x73, 0x74, 0x40, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31,
333 0x36, 0x30, 0x39, 0x32, 0x30, 0x31, 0x32, 0x30, 0x32, 0x31, 0x33, 0x5a, 0x17, 0x0d, 0x32, 0x36, 0x30, 0x39, 0x31, 0x38,
334 0x31, 0x32, 0x30, 0x32, 0x31, 0x33, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
335 0x18, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x28, 0x53, 0x2f,
336 0x4d, 0x49, 0x4d, 0x45, 0x29, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x09, 0x43, 0x75, 0x70, 0x65,
337 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b,
338 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x43, 0x41, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0b,
339 0x13, 0x07, 0x43, 0x6f, 0x72, 0x65, 0x20, 0x4f, 0x53, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0b,
340 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x23, 0x30, 0x21, 0x06, 0x09, 0x2a, 0x86, 0x48,
341 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x14, 0x73, 0x6d, 0x69, 0x6d, 0x65, 0x2d, 0x74, 0x65, 0x73, 0x74, 0x40, 0x61,
342 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
343 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01,
344 0x00, 0xd5, 0x9e, 0xf0, 0xe6, 0x4e, 0x8d, 0x1d, 0x0f, 0x62, 0x75, 0x1a, 0x5d, 0xd7, 0x19, 0x34, 0xf0, 0x27, 0xaf, 0x35,
345 0xbb, 0x6d, 0xfe, 0x1b, 0xe5, 0xfd, 0xd5, 0x54, 0x77, 0x4a, 0x2f, 0x1d, 0x50, 0x51, 0xbb, 0x6e, 0x55, 0x9e, 0xfe, 0xcd,
346 0x40, 0xe0, 0xe1, 0xa5, 0xfb, 0xef, 0x8c, 0x6b, 0x49, 0x7e, 0x73, 0x5c, 0x19, 0x44, 0xad, 0x50, 0xbc, 0x10, 0xf9, 0x66,
347 0xcf, 0x17, 0xd4, 0x63, 0x8d, 0x6b, 0x4b, 0x61, 0x09, 0x5e, 0xe7, 0xf2, 0xbf, 0x20, 0x78, 0xf4, 0xe4, 0x71, 0x81, 0xba,
348 0xb9, 0xb0, 0x0e, 0x8c, 0x58, 0xfd, 0x23, 0x67, 0x67, 0x38, 0x4b, 0xcd, 0x23, 0xb3, 0x76, 0x20, 0x51, 0x99, 0xb7, 0x7a,
349 0xc4, 0x34, 0xd4, 0xca, 0x50, 0xc1, 0x16, 0x4d, 0xcf, 0x60, 0x3c, 0xc2, 0x29, 0x06, 0x9b, 0x48, 0x35, 0xdb, 0x7e, 0x1a,
350 0xf8, 0x5d, 0x0e, 0x72, 0xa7, 0x01, 0x02, 0xb4, 0x26, 0x40, 0x81, 0xf3, 0xa8, 0x28, 0x0e, 0x53, 0x79, 0x55, 0x19, 0x13,
351 0xe1, 0xd9, 0x41, 0x78, 0xe6, 0x68, 0x96, 0x91, 0xf9, 0xc9, 0xbf, 0x60, 0xd4, 0x88, 0xdf, 0x26, 0x19, 0xc6, 0xd5, 0xc4,
352 0x3f, 0x70, 0x1f, 0xc0, 0x8f, 0x2c, 0x3d, 0x49, 0xba, 0x79, 0xd8, 0xcd, 0x6d, 0xcc, 0x88, 0xde, 0x86, 0xd4, 0x19, 0x89,
353 0x1b, 0x1c, 0xbd, 0xd8, 0xeb, 0xc6, 0x81, 0xdb, 0xb7, 0x57, 0x53, 0xeb, 0x92, 0xbf, 0xf8, 0x1b, 0xd8, 0x4a, 0xe7, 0xee,
354 0x83, 0x01, 0xf7, 0xae, 0xf4, 0x25, 0x2b, 0x6f, 0x17, 0xf4, 0xa0, 0xb8, 0x7f, 0x87, 0x20, 0x4f, 0xfd, 0xac, 0x59, 0x00,
355 0x80, 0x5e, 0x20, 0x02, 0x5a, 0x41, 0x76, 0xf2, 0x57, 0x97, 0x29, 0xa9, 0x87, 0xae, 0x79, 0xb7, 0x3f, 0x95, 0x2f, 0x37,
356 0x6e, 0xbf, 0x1f, 0x6d, 0xe2, 0x27, 0x39, 0x1c, 0xf2, 0x0b, 0x8f, 0xe4, 0xff, 0x60, 0x5d, 0x8f, 0xeb, 0x02, 0x03, 0x01,
357 0x00, 0x01, 0xa3, 0x4b, 0x30, 0x49, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02,
358 0x05, 0x20, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06,
359 0x01, 0x05, 0x05, 0x07, 0x03, 0x04, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x18, 0x30, 0x16, 0x81, 0x14, 0x73,
360 0x6d, 0x69, 0x6d, 0x65, 0x2d, 0x74, 0x65, 0x73, 0x74, 0x40, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30,
361 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x0a,
362 0x49, 0x1f, 0xbe, 0xda, 0xa3, 0x8f, 0x78, 0x2c, 0x19, 0x6d, 0xd1, 0xa4, 0xa8, 0x8d, 0xa1, 0x00, 0xee, 0x8f, 0xa4, 0xd3,
363 0x2b, 0x73, 0xad, 0x46, 0x00, 0x44, 0x40, 0x18, 0xc7, 0x7a, 0xbd, 0x5c, 0x21, 0x80, 0x91, 0xfe, 0xa0, 0x48, 0xfe, 0x00,
364 0x3f, 0xf3, 0xc3, 0xb5, 0x26, 0xf0, 0xf2, 0xfa, 0x6e, 0xf2, 0x64, 0x45, 0x59, 0x41, 0xbd, 0x6f, 0xc2, 0xb6, 0xf8, 0xba,
365 0xc4, 0x75, 0x6a, 0x41, 0xd1, 0x0a, 0x6d, 0x1f, 0xd4, 0xe0, 0xec, 0x77, 0x7a, 0x5f, 0xa8, 0x44, 0x2e, 0xb3, 0x96, 0xe4,
366 0x62, 0x8e, 0xa2, 0x58, 0x85, 0x77, 0x21, 0x4f, 0x70, 0xed, 0x38, 0x5a, 0x69, 0x36, 0x8e, 0xf5, 0x3f, 0x4b, 0x25, 0x40,
367 0xe4, 0x4a, 0x00, 0xef, 0x14, 0xe4, 0xa3, 0xad, 0xaa, 0xbc, 0xdc, 0x18, 0x5f, 0xc5, 0xe9, 0xc1, 0xfe, 0xe4, 0x68, 0x52,
368 0x30, 0x87, 0x1e, 0x80, 0x4d, 0xa6, 0xf5, 0xfd, 0x0d, 0x15, 0x00, 0x06, 0xd8, 0x05, 0x82, 0x2d, 0x94, 0x44, 0x80, 0x8f,
369 0x1b, 0xac, 0x18, 0x9f, 0x51, 0x40, 0x47, 0x29, 0x4f, 0x7b, 0xb8, 0xbb, 0x03, 0xdd, 0x8a, 0x01, 0x4f, 0xd0, 0x4e, 0x21,
370 0xf5, 0xc3, 0x64, 0x2f, 0xa6, 0xe3, 0x81, 0x8d, 0x65, 0xc0, 0x6a, 0x17, 0x1d, 0xc5, 0xdf, 0xa6, 0x07, 0x7c, 0x48, 0x59,
371 0x35, 0x78, 0x02, 0x29, 0xa0, 0xbe, 0x25, 0x39, 0xdf, 0x51, 0x30, 0x7b, 0x2a, 0x19, 0xd0, 0x33, 0xcd, 0x07, 0x61, 0x38,
372 0x18, 0x46, 0xc7, 0x16, 0x8b, 0xcd, 0xa9, 0xbf, 0x22, 0xd0, 0xf7, 0xd1, 0xa4, 0x32, 0x80, 0x9f, 0x2e, 0x17, 0x0a, 0x17,
373 0xbc, 0x48, 0xf3, 0x2c, 0x6d, 0x40, 0x3b, 0xf0, 0xf5, 0x0b, 0x10, 0x98, 0x93, 0x50, 0xcc, 0x46, 0x64, 0x57, 0x6d, 0xb5,
374 0xa0, 0xda, 0x8f, 0xd7, 0xc6, 0x0a, 0x01, 0x1d, 0x89, 0x0b, 0x2f, 0xe3, 0x98, 0xcc, 0x9a
375 };
376 unsigned int Test_Encryption__S_MIME__cer_len = 1035;
377
378 /* Test identity for S/MIME policy (sign only, no encrypt)
379 */
380 unsigned char Test_smime_signonly_p12[] = {
381 0x30, 0x82, 0x0a, 0xdd, 0x02, 0x01, 0x03, 0x30, 0x82, 0x0a, 0xa4, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
382 0x07, 0x01, 0xa0, 0x82, 0x0a, 0x95, 0x04, 0x82, 0x0a, 0x91, 0x30, 0x82, 0x0a, 0x8d, 0x30, 0x82, 0x05, 0x07, 0x06, 0x09,
383 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06, 0xa0, 0x82, 0x04, 0xf8, 0x30, 0x82, 0x04, 0xf4, 0x02, 0x01, 0x00,
384 0x30, 0x82, 0x04, 0xed, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c, 0x06, 0x0a, 0x2a,
385 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06, 0x30, 0x0e, 0x04, 0x08, 0xa7, 0xf8, 0xe5, 0x65, 0x62, 0x31, 0xe0,
386 0xa6, 0x02, 0x02, 0x08, 0x00, 0x80, 0x82, 0x04, 0xc0, 0x2b, 0xf6, 0xdc, 0x0d, 0x1c, 0xce, 0x0d, 0x2a, 0xa8, 0x50, 0x94,
387 0xc5, 0x52, 0x04, 0xa0, 0x07, 0x8b, 0xf2, 0x31, 0x4e, 0x5e, 0xfe, 0xe7, 0x8f, 0x53, 0xac, 0x98, 0x1a, 0x04, 0x08, 0xdc,
388 0xd9, 0xc6, 0xd5, 0xee, 0xbd, 0x43, 0x15, 0x55, 0xf8, 0x03, 0xa7, 0x05, 0x31, 0x7f, 0xee, 0x36, 0xa8, 0x43, 0xdb, 0x09,
389 0x25, 0x61, 0x8e, 0x1c, 0xd2, 0x84, 0x22, 0xc2, 0xf5, 0x2f, 0x29, 0x4b, 0x97, 0xfd, 0x38, 0xb8, 0x4d, 0xde, 0x76, 0x28,
390 0xe9, 0xd9, 0xf7, 0xf1, 0x77, 0xdd, 0x7d, 0x6f, 0x35, 0xf7, 0x73, 0x94, 0xeb, 0x39, 0x5d, 0xaf, 0x92, 0xca, 0x07, 0x39,
391 0xa2, 0x8a, 0xd2, 0xcd, 0xe0, 0x69, 0x5b, 0x2f, 0xc3, 0x29, 0x1c, 0xbb, 0x27, 0x01, 0x83, 0x49, 0xfe, 0x55, 0x75, 0x1f,
392 0x56, 0xf4, 0xf8, 0xed, 0x60, 0xe3, 0xee, 0x10, 0x40, 0x4d, 0x67, 0xdb, 0x1b, 0x4e, 0x0b, 0x03, 0x65, 0xfc, 0x10, 0x9f,
393 0x40, 0x19, 0xcd, 0xe7, 0x5b, 0x6f, 0x8d, 0xf4, 0x21, 0x80, 0x1e, 0x81, 0xae, 0x34, 0xac, 0x70, 0xf5, 0xdd, 0x59, 0xb7,
394 0xd8, 0x31, 0x9f, 0xd9, 0xec, 0x54, 0x8c, 0x93, 0x73, 0x78, 0xbf, 0x5c, 0xf9, 0x29, 0x8b, 0x32, 0xdd, 0x3d, 0xb5, 0xe8,
395 0xdf, 0xe6, 0x78, 0xd2, 0xbe, 0x9d, 0x55, 0x2d, 0xde, 0x23, 0xe4, 0x14, 0xc2, 0x7b, 0x38, 0xce, 0x27, 0x22, 0x0b, 0x6a,
396 0x05, 0x22, 0x27, 0x39, 0x04, 0x99, 0x6f, 0x02, 0x74, 0xc0, 0xc8, 0xcd, 0x8d, 0xa7, 0x76, 0x9f, 0x41, 0x76, 0x6b, 0x97,
397 0x5f, 0x40, 0xc4, 0xa4, 0x77, 0x85, 0x2b, 0x18, 0x94, 0x79, 0xa3, 0x2a, 0x8d, 0x72, 0x5c, 0x8a, 0x15, 0xad, 0x57, 0x87,
398 0xc3, 0x72, 0x83, 0x89, 0x4a, 0xec, 0x92, 0xb6, 0xad, 0xb0, 0x5a, 0xb6, 0x1a, 0x53, 0x61, 0x28, 0x66, 0xfc, 0x9c, 0x4a,
399 0x4f, 0xfd, 0x38, 0x2a, 0x00, 0x55, 0x56, 0x03, 0xff, 0x09, 0xb0, 0xff, 0xbc, 0xa6, 0x78, 0x43, 0x0c, 0x90, 0xc7, 0x6d,
400 0x25, 0x45, 0x73, 0x61, 0x55, 0x24, 0x5d, 0x93, 0x2c, 0x38, 0x4f, 0x8d, 0x68, 0x41, 0xfe, 0xeb, 0xbc, 0xae, 0xee, 0x92,
401 0xa5, 0xbd, 0x6c, 0x1f, 0x4c, 0xe2, 0xb2, 0xc8, 0x42, 0x50, 0x5c, 0xa9, 0xa3, 0x53, 0x46, 0x6b, 0xa1, 0x4e, 0x69, 0x6f,
402 0xe0, 0x12, 0xc4, 0x03, 0x1e, 0xe5, 0xc1, 0xad, 0x8d, 0x57, 0x95, 0xfd, 0x24, 0x85, 0xd7, 0x2b, 0x5d, 0xbb, 0x72, 0x5b,
403 0x62, 0x72, 0x97, 0xdd, 0xb8, 0xb1, 0x7a, 0xf7, 0x42, 0x2c, 0x9f, 0xe2, 0x6e, 0x57, 0x7d, 0xee, 0x72, 0x67, 0xec, 0x98,
404 0x3a, 0x63, 0x44, 0x28, 0x75, 0xce, 0x9b, 0x5e, 0x95, 0xe6, 0x34, 0x7c, 0x1e, 0x56, 0x33, 0x3d, 0x31, 0x69, 0xd6, 0xf7,
405 0x62, 0xa9, 0x7c, 0x0e, 0xf7, 0x9d, 0xf8, 0x7d, 0xfe, 0x86, 0x12, 0x62, 0x18, 0xf1, 0xdd, 0xbf, 0x37, 0x73, 0xb2, 0x0b,
406 0x81, 0xb4, 0x38, 0xcb, 0x93, 0x8c, 0x3a, 0xe6, 0xd6, 0x72, 0x39, 0x09, 0x84, 0x09, 0xd7, 0x14, 0xc1, 0x67, 0x78, 0xc4,
407 0x5a, 0xa3, 0xa6, 0x0b, 0x0c, 0xd8, 0xd4, 0xda, 0xd7, 0xb8, 0x3a, 0x86, 0xcc, 0x44, 0x7d, 0xf6, 0x30, 0x4f, 0x07, 0x9f,
408 0x8a, 0x28, 0x22, 0x89, 0x34, 0xd3, 0x7b, 0xe6, 0x1b, 0xac, 0x9a, 0x11, 0xdd, 0x06, 0x72, 0x6e, 0x3f, 0x39, 0x3f, 0x18,
409 0x92, 0xc8, 0x93, 0xbb, 0x7c, 0x4a, 0x65, 0xad, 0xba, 0xfb, 0x6b, 0x29, 0xe3, 0xd5, 0x0d, 0xfc, 0xf1, 0x05, 0x91, 0x9d,
410 0x3f, 0x86, 0x86, 0xd3, 0xf3, 0x48, 0x8b, 0xba, 0x97, 0x59, 0xaf, 0xfb, 0x06, 0x34, 0x6e, 0x09, 0x5b, 0x4f, 0x4a, 0xdf,
411 0x3c, 0x94, 0xc7, 0x18, 0xb0, 0xf0, 0x23, 0xaf, 0x2f, 0x4e, 0x29, 0xd2, 0x99, 0xc3, 0x5f, 0x43, 0x52, 0xd2, 0x93, 0x1b,
412 0x8c, 0x13, 0x08, 0x5c, 0xa3, 0x5a, 0x68, 0x14, 0x7d, 0xda, 0xad, 0x92, 0xb5, 0xd0, 0x13, 0xe6, 0x21, 0xbc, 0x5b, 0xd5,
413 0xfa, 0x4e, 0xd7, 0x01, 0x8b, 0xa0, 0x9a, 0xfd, 0x02, 0x02, 0xc3, 0x9e, 0x7f, 0xfc, 0xc0, 0x90, 0x2a, 0xdd, 0xac, 0xa0,
414 0x01, 0x92, 0x39, 0x23, 0xb4, 0x3b, 0x2a, 0x13, 0x56, 0xcb, 0x78, 0xf5, 0xe1, 0xac, 0x15, 0x7f, 0x22, 0x38, 0x77, 0x0c,
415 0xa8, 0xfc, 0x46, 0x14, 0x02, 0xbe, 0x28, 0xf2, 0xa4, 0x59, 0x68, 0x01, 0x73, 0x4a, 0x52, 0xea, 0xfe, 0xb8, 0x8e, 0x59,
416 0xf2, 0x41, 0xaa, 0x04, 0x77, 0x20, 0xc6, 0x57, 0x62, 0x60, 0xb3, 0xc0, 0x6b, 0x2b, 0x5b, 0x4d, 0x64, 0x0c, 0xfe, 0x09,
417 0x92, 0x35, 0x9f, 0xde, 0xfe, 0xad, 0x8e, 0xd6, 0xf3, 0x8f, 0xb9, 0xf4, 0x77, 0x0f, 0xed, 0x47, 0x0d, 0x77, 0x59, 0x9c,
418 0xda, 0x7f, 0x40, 0xa1, 0xee, 0x6c, 0xaf, 0x66, 0x69, 0x12, 0x3a, 0x42, 0x98, 0x55, 0x91, 0x34, 0xf8, 0x02, 0x57, 0xf9,
419 0xf1, 0x9c, 0x5e, 0x7f, 0xec, 0x44, 0x14, 0x21, 0x8b, 0x21, 0x98, 0xe8, 0x62, 0x00, 0x0b, 0x9b, 0xe2, 0xc8, 0xff, 0xfe,
420 0xf5, 0xa0, 0xc5, 0x6a, 0x61, 0x75, 0x6f, 0xbf, 0x1f, 0x8d, 0x72, 0xbe, 0x48, 0x1f, 0xdf, 0x58, 0xba, 0x13, 0x33, 0x60,
421 0x8f, 0xc4, 0x5b, 0xf3, 0x70, 0x94, 0xee, 0x25, 0x98, 0x5e, 0x30, 0x40, 0x7f, 0x1c, 0xf6, 0x34, 0xb5, 0x6d, 0x5c, 0xc2,
422 0x45, 0xad, 0x1b, 0x88, 0x9e, 0x10, 0x59, 0x86, 0xcf, 0x49, 0xaa, 0xa4, 0x72, 0xee, 0x1c, 0xeb, 0x21, 0x85, 0x78, 0x5c,
423 0x1a, 0x08, 0x33, 0x6d, 0x52, 0xf3, 0xde, 0x86, 0x64, 0x2a, 0x34, 0x9e, 0x17, 0x16, 0xc5, 0xaf, 0xc9, 0x5a, 0xb0, 0x69,
424 0xcb, 0xdf, 0x6f, 0x23, 0x67, 0xe7, 0x02, 0x93, 0xf8, 0x79, 0x3d, 0xc1, 0x7f, 0x7e, 0xe7, 0x9a, 0xb2, 0xa8, 0x5b, 0x11,
425 0x64, 0x8c, 0x4b, 0x71, 0x29, 0xc4, 0x8c, 0xa5, 0x3b, 0xcf, 0x42, 0x48, 0x41, 0x2b, 0x29, 0x31, 0xc4, 0xfc, 0x21, 0x69,
426 0x10, 0x1e, 0x8c, 0xde, 0x02, 0x45, 0x43, 0x30, 0x4a, 0x9f, 0x4b, 0x8f, 0x4f, 0xf5, 0x63, 0x4f, 0x6d, 0xed, 0x7c, 0x37,
427 0x3f, 0x88, 0x43, 0x01, 0x95, 0xba, 0x49, 0x03, 0xa1, 0xe0, 0xe6, 0xf9, 0x58, 0x3a, 0x50, 0xf3, 0x3f, 0xcf, 0x15, 0xc7,
428 0x30, 0x4b, 0x56, 0xad, 0x74, 0x9e, 0x1d, 0xe1, 0x1f, 0x33, 0x33, 0x10, 0x9f, 0x55, 0xf6, 0xad, 0xf2, 0x07, 0x32, 0x39,
429 0xd4, 0x6e, 0x32, 0xd2, 0xc5, 0xbb, 0x67, 0x7d, 0x77, 0xd3, 0x21, 0xb5, 0xce, 0x5f, 0x07, 0xc4, 0x61, 0x6b, 0x67, 0x1d,
430 0x58, 0x56, 0xf7, 0xa3, 0x99, 0x4f, 0x7a, 0x9d, 0xd3, 0x78, 0x07, 0x7f, 0x4e, 0x24, 0x94, 0x2e, 0x75, 0x46, 0xd0, 0x1e,
431 0x76, 0x77, 0xf1, 0x18, 0x1c, 0xbf, 0x3e, 0xe5, 0x42, 0x45, 0x9c, 0x30, 0x78, 0x64, 0x5e, 0x55, 0x43, 0x42, 0x4e, 0x60,
432 0x1f, 0x57, 0xc3, 0xd3, 0xe3, 0xf4, 0x8b, 0x4c, 0xaf, 0x18, 0xc0, 0xa9, 0xf8, 0xe5, 0xd3, 0x96, 0xe0, 0xd2, 0x0a, 0x05,
433 0xc5, 0x2a, 0x42, 0x16, 0xc9, 0x1d, 0x90, 0xfb, 0x4b, 0x2d, 0x3b, 0xbf, 0x14, 0xfc, 0x7b, 0x47, 0x11, 0xf7, 0x46, 0x7b,
434 0x31, 0xb4, 0x2f, 0x25, 0x89, 0xed, 0x5d, 0x95, 0x7c, 0x0b, 0xe9, 0x89, 0x7a, 0x0a, 0x83, 0xc2, 0x08, 0xcc, 0x61, 0x8d,
435 0x7a, 0xf3, 0x3a, 0x7e, 0x7e, 0xa4, 0x16, 0x36, 0x0e, 0x9e, 0xac, 0xd3, 0x01, 0x0d, 0x60, 0x0c, 0x5e, 0xca, 0x2d, 0xcc,
436 0x59, 0xd8, 0x9d, 0x67, 0xb6, 0xc0, 0x81, 0xa7, 0xcb, 0x64, 0x8f, 0x03, 0x18, 0xc8, 0xba, 0x2b, 0x3d, 0x83, 0x37, 0x7e,
437 0xe2, 0x24, 0x9e, 0xff, 0xef, 0x78, 0x0c, 0x24, 0xaf, 0x90, 0x83, 0x45, 0x29, 0xfd, 0x1c, 0x1e, 0xc3, 0xf9, 0x49, 0x88,
438 0x48, 0xf3, 0xae, 0x22, 0x26, 0x07, 0xa6, 0xc6, 0x50, 0xed, 0xda, 0xb7, 0xb8, 0x4e, 0x1f, 0x6c, 0x7f, 0x9c, 0x54, 0x77,
439 0x0c, 0x66, 0x0b, 0x65, 0x4b, 0xdd, 0x9a, 0x9f, 0x69, 0xdc, 0x9a, 0x3a, 0xfc, 0xa8, 0x1c, 0xb5, 0xcf, 0xfd, 0x9a, 0x9d,
440 0x49, 0x5e, 0xcb, 0xd5, 0xa8, 0xcd, 0x89, 0xa6, 0xd3, 0x26, 0xfd, 0xa3, 0x8f, 0x46, 0xb8, 0x98, 0x63, 0x0d, 0x0a, 0xd8,
441 0x21, 0xed, 0xa5, 0x5f, 0x0a, 0x6e, 0x8b, 0xd1, 0xd7, 0x93, 0xca, 0xa8, 0xc2, 0x54, 0x6d, 0x8e, 0x4a, 0x3a, 0x87, 0x50,
442 0x23, 0x6c, 0x98, 0x4d, 0x61, 0xc9, 0x21, 0xca, 0xfa, 0xe9, 0x14, 0xaf, 0x85, 0x07, 0x66, 0x40, 0xe4, 0x3c, 0x78, 0xcf,
443 0x8f, 0x0d, 0x06, 0xe2, 0xce, 0x5b, 0x38, 0xdd, 0x6c, 0x99, 0x95, 0x7a, 0x3a, 0xaf, 0xfb, 0x82, 0xdb, 0x94, 0x51, 0x6d,
444 0x99, 0xd6, 0x47, 0x41, 0x16, 0x8c, 0x7e, 0x30, 0xb4, 0x86, 0x42, 0xe7, 0xad, 0x38, 0x16, 0x12, 0x3e, 0x6b, 0xcf, 0xb8,
445 0x8f, 0x08, 0x8c, 0xce, 0xc9, 0xf5, 0x5a, 0x6d, 0x6d, 0x1c, 0xef, 0xa3, 0xee, 0x44, 0x1e, 0x48, 0xe4, 0x41, 0xc6, 0xfa,
446 0x38, 0x63, 0xf6, 0x7d, 0x50, 0x59, 0x36, 0x9b, 0x8a, 0xbc, 0x66, 0x9d, 0x3d, 0xac, 0xe0, 0x4a, 0x2b, 0x27, 0xd4, 0x0a,
447 0x5e, 0x8c, 0xd2, 0x03, 0xde, 0x30, 0x82, 0x05, 0x7e, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
448 0xa0, 0x82, 0x05, 0x6f, 0x04, 0x82, 0x05, 0x6b, 0x30, 0x82, 0x05, 0x67, 0x30, 0x82, 0x05, 0x63, 0x06, 0x0b, 0x2a, 0x86,
449 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x04, 0xee, 0x30, 0x82, 0x04, 0xea, 0x30, 0x1c, 0x06,
450 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 0x0e, 0x04, 0x08, 0xe8, 0xe9, 0xa0, 0xff, 0x46,
451 0xbd, 0xb7, 0xbe, 0x02, 0x02, 0x08, 0x00, 0x04, 0x82, 0x04, 0xc8, 0xb7, 0xe8, 0x82, 0xae, 0xfd, 0x43, 0x15, 0xbb, 0xf4,
452 0x94, 0x2d, 0x8d, 0x28, 0x5c, 0x66, 0xc4, 0x78, 0x5b, 0x0f, 0x41, 0xf9, 0x8e, 0x65, 0x3f, 0xf3, 0x06, 0x99, 0x36, 0x70,
453 0xeb, 0x99, 0x38, 0x29, 0x49, 0xea, 0x28, 0xc4, 0x84, 0x11, 0x8c, 0x4f, 0x5e, 0x61, 0x7c, 0x3f, 0xc3, 0x61, 0x16, 0x1b,
454 0xce, 0x50, 0xc9, 0xd6, 0x3e, 0x0e, 0x96, 0x93, 0xd1, 0xf7, 0x1a, 0x79, 0x86, 0x86, 0x22, 0x7e, 0x39, 0xc0, 0x15, 0x49,
455 0x69, 0xc5, 0x56, 0xf9, 0xb6, 0xeb, 0xe0, 0x36, 0x53, 0x01, 0xc1, 0xb9, 0x2d, 0x31, 0xdb, 0xdc, 0x12, 0xe0, 0x1b, 0x85,
456 0x4b, 0x11, 0xfa, 0x74, 0xd5, 0x5b, 0x4a, 0x84, 0xbc, 0x7e, 0x1f, 0xf4, 0x1e, 0x04, 0x75, 0x5e, 0x75, 0x6b, 0xb0, 0x6f,
457 0xc0, 0xb6, 0x5c, 0x0b, 0x93, 0xe7, 0x96, 0x94, 0x4c, 0x17, 0x97, 0xce, 0x4e, 0x2c, 0xe8, 0x48, 0xff, 0x89, 0xd5, 0x8c,
458 0x41, 0xe1, 0x0d, 0xed, 0xb2, 0x82, 0x7a, 0x75, 0x49, 0xbf, 0x0e, 0xf2, 0xec, 0x06, 0x8b, 0xa7, 0x86, 0xd8, 0x95, 0x4a,
459 0x3e, 0x5a, 0x78, 0xea, 0xf3, 0xee, 0xff, 0x5b, 0xc9, 0x21, 0x58, 0x88, 0x2c, 0x84, 0xab, 0x1f, 0x79, 0x07, 0xae, 0x98,
460 0x6a, 0xa0, 0xc9, 0x93, 0x3d, 0x74, 0x67, 0x43, 0x5b, 0x2d, 0xfb, 0x57, 0xc8, 0x24, 0x8e, 0xe6, 0x74, 0x0f, 0x11, 0x53,
461 0x8d, 0x2b, 0xd9, 0xa6, 0x44, 0x11, 0x32, 0xab, 0xec, 0x08, 0xe4, 0x63, 0xb3, 0x19, 0x5d, 0xd2, 0xff, 0x7d, 0x29, 0xb2,
462 0x4e, 0xc0, 0x44, 0x0b, 0xd2, 0x68, 0x4d, 0xc0, 0xbf, 0x24, 0xcd, 0x01, 0x26, 0x31, 0x52, 0xcf, 0x1c, 0x14, 0x8f, 0x70,
463 0x31, 0x1f, 0x68, 0x19, 0xfd, 0x81, 0x09, 0xef, 0xbd, 0xc0, 0xa7, 0xcd, 0xd9, 0x6c, 0xff, 0xf7, 0xb1, 0x11, 0xbb, 0xfa,
464 0x8b, 0x73, 0x22, 0xd9, 0x3a, 0x74, 0xa3, 0x49, 0x54, 0xd7, 0x52, 0x53, 0xd5, 0xaa, 0x1b, 0x72, 0xbd, 0xa6, 0x44, 0x7d,
465 0xed, 0x97, 0xe9, 0xfd, 0xcf, 0x26, 0x2b, 0x3c, 0x3a, 0x00, 0xf7, 0x3f, 0xf7, 0xdc, 0x91, 0x3a, 0x65, 0x5b, 0xcb, 0xba,
466 0x79, 0x5c, 0xb7, 0xfb, 0x79, 0x15, 0xe7, 0x7d, 0x1c, 0xd8, 0xf5, 0x89, 0x0f, 0xb1, 0x5e, 0x8d, 0x96, 0xa2, 0xef, 0x3f,
467 0x8d, 0x27, 0x38, 0x36, 0xd5, 0xcf, 0xe5, 0x67, 0xd0, 0xa9, 0xa5, 0xde, 0x16, 0xe7, 0xe7, 0x62, 0x04, 0x55, 0x66, 0xfd,
468 0x9f, 0xa4, 0x10, 0xcb, 0x30, 0x12, 0x10, 0x24, 0xb4, 0x7f, 0x63, 0x6a, 0x38, 0xd0, 0x9b, 0x77, 0x93, 0x27, 0xda, 0x72,
469 0xeb, 0xdb, 0x79, 0x26, 0x92, 0x60, 0xc5, 0x41, 0xb9, 0xe6, 0xce, 0x08, 0xaf, 0x3e, 0x0f, 0xe6, 0x8d, 0x17, 0x7e, 0x3b,
470 0xbc, 0x37, 0x57, 0x16, 0x54, 0xbe, 0x8c, 0x6a, 0xda, 0xb1, 0x7c, 0x46, 0xee, 0xc7, 0xed, 0x26, 0x76, 0x91, 0x01, 0xd5,
471 0x9c, 0x7b, 0xc2, 0xb7, 0x6f, 0x8c, 0xa1, 0xd1, 0x93, 0x50, 0x0c, 0x27, 0x0c, 0x74, 0xa4, 0x80, 0x7c, 0x3d, 0x28, 0x93,
472 0x21, 0xbe, 0xc9, 0x9f, 0xb5, 0x0a, 0xc8, 0x31, 0x12, 0x25, 0x90, 0x3f, 0x9a, 0x6d, 0x20, 0x02, 0xa0, 0xd6, 0x21, 0x53,
473 0x10, 0x55, 0x19, 0x48, 0x57, 0xf8, 0x2a, 0x48, 0xc4, 0xb5, 0xa1, 0x79, 0xac, 0x53, 0xbd, 0x2b, 0xde, 0x4d, 0xa4, 0x77,
474 0xe4, 0x1f, 0x87, 0x9f, 0x9f, 0xd1, 0x9c, 0x00, 0x8d, 0x7b, 0x83, 0x4a, 0xc4, 0x25, 0xf2, 0xb7, 0xfc, 0xb8, 0x0e, 0x97,
475 0x26, 0x70, 0x26, 0x89, 0x86, 0xe6, 0x15, 0xaa, 0x8f, 0x5e, 0x76, 0xb3, 0x3f, 0x8b, 0x01, 0xda, 0xf5, 0x99, 0x01, 0x32,
476 0xc3, 0x76, 0x19, 0x93, 0xca, 0xda, 0x27, 0xb1, 0x74, 0x0e, 0x84, 0x4b, 0x02, 0x4b, 0x50, 0x31, 0x64, 0x69, 0xd9, 0xa4,
477 0x21, 0x85, 0xfd, 0xab, 0x69, 0xf3, 0x66, 0x40, 0x43, 0x13, 0x4f, 0x58, 0xf5, 0x03, 0x3b, 0xc1, 0xea, 0x40, 0xeb, 0xe4,
478 0xca, 0x63, 0x29, 0xca, 0x41, 0x64, 0x7a, 0x0e, 0xb9, 0x46, 0xf2, 0xcb, 0xa0, 0xf3, 0x3e, 0x35, 0xaf, 0xe1, 0x81, 0xa9,
479 0xd3, 0x0c, 0xef, 0xe9, 0x2d, 0xc4, 0x10, 0x46, 0x24, 0xd0, 0x6d, 0xab, 0xb1, 0xd3, 0xe0, 0x4a, 0x43, 0xcd, 0x3f, 0xa4,
480 0xe4, 0xdc, 0x3e, 0x70, 0x07, 0x62, 0x93, 0x27, 0x32, 0x46, 0x57, 0x85, 0x45, 0x6a, 0xcf, 0x0d, 0xec, 0x08, 0xf0, 0x07,
481 0x6c, 0xb8, 0x87, 0xd1, 0xc5, 0xa3, 0xf0, 0xd6, 0xaf, 0x37, 0x09, 0xff, 0xbc, 0x15, 0x56, 0x60, 0xfc, 0x2a, 0xec, 0xbf,
482 0x8c, 0x22, 0x1c, 0xef, 0xaa, 0xfe, 0x6a, 0x42, 0xa0, 0x41, 0xdd, 0x8d, 0x7d, 0xa8, 0x74, 0xa8, 0xb4, 0xfc, 0x12, 0x2e,
483 0xf2, 0xe6, 0xbe, 0xa6, 0xbc, 0x31, 0x01, 0x40, 0xa4, 0x27, 0xc2, 0x75, 0xbb, 0x12, 0x91, 0xc9, 0x84, 0xa0, 0xd5, 0xff,
484 0xaa, 0x8d, 0x8f, 0x22, 0xd0, 0x05, 0x05, 0x63, 0xe1, 0xa3, 0xa0, 0xfc, 0x7d, 0xb4, 0xd9, 0x26, 0xcf, 0x77, 0x46, 0x36,
485 0x9a, 0xdd, 0x97, 0x8f, 0xc6, 0x79, 0x99, 0x81, 0x47, 0x91, 0x00, 0xe3, 0x88, 0xe4, 0x09, 0xca, 0xb9, 0x2c, 0x66, 0x70,
486 0xa2, 0x1c, 0xc7, 0xb9, 0xfe, 0xd3, 0x3e, 0x8f, 0x52, 0x5a, 0xfb, 0x63, 0x8d, 0x06, 0x36, 0xd9, 0x40, 0xf6, 0x4a, 0x99,
487 0xcf, 0xf6, 0x60, 0x02, 0xb2, 0xff, 0x81, 0x51, 0x44, 0xf7, 0x69, 0x7a, 0xc6, 0xf9, 0x6a, 0xe3, 0x3a, 0xc5, 0x11, 0xc3,
488 0x61, 0xe7, 0x09, 0xdd, 0x88, 0x04, 0x0c, 0x41, 0xbf, 0x41, 0x6e, 0x20, 0x5c, 0xf0, 0x6b, 0x3c, 0x57, 0x3b, 0x03, 0x16,
489 0x25, 0xc7, 0x39, 0x42, 0x4d, 0x32, 0x30, 0xd3, 0x12, 0xbf, 0x85, 0x3b, 0x90, 0x9a, 0x38, 0xe1, 0x6c, 0x32, 0x5b, 0xe5,
490 0xa0, 0x8e, 0xab, 0x7f, 0xcc, 0x36, 0x91, 0x7b, 0xd3, 0x45, 0x47, 0xa5, 0x14, 0x47, 0xb0, 0x0a, 0x0f, 0x29, 0xcd, 0xbc,
491 0x72, 0x2c, 0xc9, 0x47, 0xf4, 0xd7, 0x3e, 0x5c, 0x25, 0x85, 0x9b, 0x7d, 0xa9, 0xf7, 0xdc, 0xec, 0xfe, 0x7b, 0x6b, 0xad,
492 0x00, 0x24, 0xd2, 0x84, 0xd8, 0xd1, 0xc1, 0x2a, 0xde, 0x0d, 0x14, 0x46, 0x87, 0xa6, 0x83, 0x59, 0x6b, 0xde, 0x06, 0xf8,
493 0x1c, 0x81, 0x04, 0x3e, 0x14, 0xac, 0x9a, 0xe4, 0xc4, 0xe1, 0x51, 0xbb, 0xcf, 0xe0, 0xf5, 0xc3, 0x40, 0xdd, 0x1e, 0xae,
494 0x3e, 0x06, 0x45, 0x80, 0x7a, 0x6b, 0x07, 0x58, 0xc1, 0xcf, 0xb3, 0x22, 0xd4, 0xfe, 0xc0, 0x01, 0x86, 0x16, 0x48, 0x5a,
495 0x04, 0xe9, 0x3c, 0xa0, 0xdb, 0x2d, 0x57, 0xec, 0x6f, 0x83, 0x4e, 0x14, 0xcc, 0xf8, 0x01, 0x3b, 0x46, 0x6a, 0xec, 0xd0,
496 0xd3, 0x13, 0x29, 0xf5, 0x61, 0x38, 0x7a, 0x41, 0xd6, 0xca, 0x87, 0x4e, 0x91, 0x67, 0x3a, 0x7f, 0x4e, 0x1e, 0x40, 0x07,
497 0xad, 0x0d, 0x80, 0xac, 0x83, 0xd2, 0x4d, 0xee, 0xc6, 0x81, 0xab, 0x86, 0x58, 0xd0, 0x86, 0x3e, 0x97, 0x95, 0xef, 0xec,
498 0xbe, 0xd6, 0xe9, 0xc1, 0xce, 0x2e, 0xa5, 0xd1, 0x71, 0x1c, 0x7e, 0xb9, 0xa4, 0x5f, 0xcc, 0x12, 0x96, 0x13, 0x50, 0x6d,
499 0x07, 0x8c, 0xa3, 0xa5, 0x40, 0x73, 0xb3, 0x90, 0x70, 0x92, 0x4b, 0x48, 0x95, 0xb7, 0x38, 0x72, 0xe3, 0x9c, 0x1d, 0x1d,
500 0x6b, 0x4a, 0x29, 0xf3, 0xf5, 0x77, 0xfb, 0x5e, 0x44, 0x4e, 0x2b, 0xec, 0xc2, 0x65, 0xd2, 0x4c, 0x6c, 0xad, 0xac, 0xb7,
501 0x64, 0x9a, 0xd2, 0xbf, 0x10, 0x53, 0xdd, 0x2d, 0x48, 0x55, 0x45, 0x9d, 0x64, 0x1d, 0x00, 0x15, 0xd2, 0x20, 0x15, 0x9f,
502 0xcf, 0xc0, 0x72, 0x20, 0xec, 0xf3, 0x55, 0x86, 0x36, 0x8b, 0xac, 0x8f, 0x71, 0x04, 0xc5, 0x17, 0x3b, 0x98, 0x8d, 0x96,
503 0xd9, 0x56, 0x1c, 0x48, 0x5f, 0xd4, 0x32, 0x3d, 0x41, 0x94, 0x54, 0x7b, 0xa8, 0x44, 0xfd, 0x99, 0x9e, 0xbb, 0x22, 0x6d,
504 0x36, 0x57, 0x86, 0x19, 0xc5, 0x09, 0x73, 0x5e, 0x4a, 0xb7, 0x99, 0x2c, 0x51, 0x9d, 0xf3, 0x0e, 0x40, 0x82, 0x9a, 0xc3,
505 0x5e, 0x00, 0x85, 0xf1, 0xa1, 0xe0, 0xe7, 0xf2, 0xcd, 0x7d, 0x6a, 0x3a, 0x10, 0x42, 0x1d, 0x95, 0xb1, 0xc5, 0x9e, 0x76,
506 0x2a, 0x22, 0x00, 0x48, 0x52, 0x07, 0xc7, 0x49, 0xab, 0xa1, 0xd5, 0xa6, 0xe2, 0xc5, 0x51, 0x47, 0x31, 0x80, 0x37, 0xbd,
507 0xb6, 0x91, 0xab, 0xa3, 0x9c, 0xee, 0x9c, 0x1e, 0x69, 0xc7, 0x15, 0x29, 0xf5, 0x8f, 0x12, 0x4f, 0xf4, 0x99, 0xaf, 0x58,
508 0x68, 0x5b, 0x2e, 0x0d, 0x99, 0x25, 0x13, 0xc1, 0xe4, 0xe7, 0x7f, 0x58, 0x16, 0xaa, 0x02, 0xf1, 0xce, 0xde, 0x90, 0x33,
509 0x80, 0x5b, 0xb3, 0xdb, 0xb6, 0x6b, 0xda, 0x77, 0x4b, 0x45, 0xff, 0x73, 0x27, 0x02, 0x79, 0xb3, 0x01, 0xe9, 0x11, 0x64,
510 0x0b, 0x93, 0x17, 0xd5, 0x71, 0x23, 0xdb, 0x2d, 0xbd, 0x06, 0xb5, 0x8a, 0x1e, 0xfd, 0x13, 0xe4, 0x0c, 0xfb, 0x5f, 0xd5,
511 0x68, 0x04, 0xd7, 0xd2, 0xeb, 0x63, 0xc2, 0x2f, 0x7d, 0xfe, 0x9b, 0x24, 0x92, 0xb7, 0x46, 0xab, 0x0e, 0x7c, 0x15, 0xfa,
512 0x0d, 0x1a, 0xdc, 0x65, 0x99, 0xdb, 0xa1, 0x6f, 0x55, 0x90, 0x76, 0xb5, 0x20, 0x8b, 0x6f, 0x31, 0x62, 0x30, 0x3b, 0x06,
513 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14, 0x31, 0x2e, 0x1e, 0x2c, 0x00, 0x54, 0x00, 0x65, 0x00, 0x73,
514 0x00, 0x74, 0x00, 0x2d, 0x00, 0x53, 0x00, 0x69, 0x00, 0x67, 0x00, 0x6e, 0x00, 0x4f, 0x00, 0x6e, 0x00, 0x6c, 0x00, 0x79,
515 0x00, 0x20, 0x00, 0x28, 0x00, 0x53, 0x00, 0x2f, 0x00, 0x4d, 0x00, 0x49, 0x00, 0x4d, 0x00, 0x45, 0x00, 0x29, 0x30, 0x23,
516 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x15, 0x31, 0x16, 0x04, 0x14, 0x60, 0x94, 0x0b, 0x09, 0xd9,
517 0x9c, 0x09, 0x22, 0xc2, 0x15, 0x0e, 0xf8, 0x47, 0x4c, 0x8f, 0xbe, 0xaa, 0x65, 0x51, 0x76, 0x30, 0x30, 0x30, 0x21, 0x30,
518 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x76, 0xa4, 0x2d, 0xf1, 0x67, 0x61, 0x56, 0x63,
519 0xd0, 0x39, 0x34, 0xe3, 0xb4, 0x1c, 0x96, 0xa3, 0xc0, 0x5a, 0xf7, 0xff, 0x04, 0x08, 0x06, 0xe1, 0x19, 0x07, 0xbf, 0xf2,
520 0xb9, 0xbf, 0x02, 0x01, 0x01
521 };
522 unsigned int test_sign_only_smime_p12_len = 2785;
523
524
525 /* Test SSL User identity (PKCS12 data), expires in 2026
526 */
527 unsigned char Test_ssl_user_p12[] = {
528 0x30, 0x82, 0x0a, 0x83, 0x02, 0x01, 0x03, 0x30, 0x82, 0x0a, 0x4a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
529 0x07, 0x01, 0xa0, 0x82, 0x0a, 0x3b, 0x04, 0x82, 0x0a, 0x37, 0x30, 0x82, 0x0a, 0x33, 0x30, 0x82, 0x04, 0xbf, 0x06, 0x09,
530 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06, 0xa0, 0x82, 0x04, 0xb0, 0x30, 0x82, 0x04, 0xac, 0x02, 0x01, 0x00,
531 0x30, 0x82, 0x04, 0xa5, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c, 0x06, 0x0a, 0x2a,
532 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06, 0x30, 0x0e, 0x04, 0x08, 0xe2, 0xcf, 0xcc, 0x9d, 0x17, 0xcd, 0x62,
533 0xa4, 0x02, 0x02, 0x08, 0x00, 0x80, 0x82, 0x04, 0x78, 0xe0, 0x0c, 0xd8, 0xf5, 0x7c, 0xf7, 0x2f, 0x1e, 0xbf, 0x95, 0x6b,
534 0xc1, 0x43, 0x35, 0x3e, 0x8d, 0xdf, 0x65, 0x9b, 0xd8, 0xa0, 0xb2, 0x86, 0xec, 0x38, 0x39, 0x04, 0x72, 0x39, 0x3b, 0xf1,
535 0x5c, 0x1d, 0x1c, 0xac, 0xe6, 0x67, 0xea, 0xce, 0xb2, 0x15, 0xe5, 0xd4, 0xee, 0xe8, 0xf1, 0xad, 0x45, 0x75, 0x6a, 0x07,
536 0xbd, 0xe5, 0x2b, 0x55, 0x89, 0x24, 0xed, 0x65, 0xc7, 0x8e, 0x50, 0xf8, 0x38, 0xef, 0x9c, 0x79, 0x1b, 0xb7, 0xb5, 0x34,
537 0x32, 0x36, 0xa9, 0x1a, 0x65, 0x0f, 0xc4, 0x22, 0x9c, 0x9f, 0xd8, 0x70, 0xe9, 0x8e, 0x59, 0x88, 0x95, 0x86, 0xb0, 0x2c,
538 0xb2, 0xc5, 0x4d, 0x5a, 0x3d, 0x6a, 0xbf, 0x1a, 0x3a, 0x60, 0xbe, 0xde, 0x33, 0xb4, 0x21, 0x86, 0x8b, 0x02, 0x38, 0xf4,
539 0x77, 0x7e, 0x40, 0x9f, 0x0c, 0x55, 0xed, 0x76, 0xfd, 0x60, 0x70, 0x94, 0x3e, 0xf9, 0x01, 0x42, 0xa7, 0x84, 0x0f, 0xfd,
540 0xc0, 0x93, 0x4e, 0xe2, 0x78, 0x13, 0x5d, 0x56, 0x1a, 0x76, 0xf0, 0x99, 0x34, 0x92, 0x0c, 0x3f, 0x19, 0x81, 0x5c, 0x0a,
541 0x6b, 0xcc, 0x19, 0x65, 0x06, 0x88, 0xc9, 0x9c, 0x76, 0xaa, 0xa2, 0x0c, 0x5c, 0x4a, 0x38, 0xcf, 0x6d, 0x79, 0xf6, 0xde,
542 0x39, 0x7a, 0xc9, 0xe6, 0x6c, 0x42, 0xfe, 0xaa, 0xc4, 0xc0, 0x62, 0xa3, 0xda, 0xe1, 0x08, 0x86, 0x79, 0x2d, 0x80, 0x6a,
543 0x5f, 0xa9, 0x79, 0x43, 0xfe, 0xfc, 0xed, 0x08, 0xb3, 0x80, 0x91, 0xa6, 0xe7, 0x9a, 0xc8, 0x77, 0xc7, 0x4c, 0x7e, 0x6a,
544 0x79, 0x76, 0x9f, 0x28, 0x0f, 0x24, 0xd2, 0xee, 0x5e, 0x4f, 0x76, 0xe8, 0xa9, 0xd3, 0x1a, 0xf1, 0xe4, 0x0d, 0xb8, 0x26,
545 0x95, 0x63, 0xd3, 0x59, 0xfb, 0x03, 0x08, 0xea, 0x59, 0x4e, 0xe2, 0x6d, 0x74, 0x47, 0xa2, 0x8b, 0x1c, 0x21, 0x9f, 0x1c,
546 0x68, 0x54, 0x76, 0x78, 0x8a, 0xfa, 0xa3, 0x65, 0x87, 0xd4, 0x6c, 0x16, 0x38, 0xaa, 0xc9, 0x11, 0x58, 0x25, 0x05, 0xba,
547 0x68, 0x92, 0xd8, 0x06, 0x85, 0x19, 0x1e, 0xcc, 0xdb, 0x07, 0x27, 0xa8, 0xe9, 0xec, 0xfb, 0xb9, 0xbd, 0x5e, 0x67, 0x22,
548 0xae, 0xcd, 0xbd, 0xe6, 0xdc, 0x8d, 0x5a, 0xf2, 0x3c, 0xf4, 0x06, 0xa6, 0x0e, 0x98, 0xfc, 0xec, 0x64, 0x05, 0xb8, 0xa5,
549 0xfe, 0x5b, 0x27, 0x41, 0x90, 0xe4, 0x2c, 0x93, 0x38, 0xec, 0xc6, 0xa2, 0x08, 0xe4, 0xab, 0xb2, 0xb5, 0x7b, 0xa6, 0xe0,
550 0x89, 0x97, 0xb6, 0xc0, 0xd4, 0xa8, 0x1f, 0xcb, 0xf4, 0xc6, 0x59, 0xcd, 0xaa, 0x99, 0x40, 0xc6, 0x41, 0x18, 0x3a, 0x95,
551 0x3a, 0x71, 0x06, 0x5c, 0x0d, 0x4c, 0xdf, 0xc2, 0x37, 0x37, 0x78, 0x33, 0x5d, 0x35, 0x7c, 0x0e, 0x33, 0x7c, 0xfd, 0x97,
552 0x18, 0x07, 0xad, 0x54, 0xf0, 0x83, 0xed, 0x20, 0x6c, 0x8a, 0x28, 0x48, 0x29, 0x5c, 0x2c, 0x61, 0x25, 0x87, 0x0b, 0xfc,
553 0x96, 0x8a, 0x51, 0x74, 0x8d, 0x21, 0x0b, 0x6d, 0x6a, 0x88, 0x6c, 0xa5, 0xc0, 0xd7, 0x9a, 0xe7, 0x16, 0x49, 0x66, 0xbf,
554 0xb3, 0x96, 0x73, 0x4d, 0x61, 0x9e, 0x7f, 0x3b, 0x6d, 0x37, 0x5d, 0x31, 0x3f, 0x00, 0x5c, 0x92, 0x20, 0x6e, 0xab, 0x25,
555 0xb3, 0xe9, 0x7a, 0xba, 0xeb, 0xaa, 0x9e, 0xb4, 0xdb, 0xf5, 0x85, 0x51, 0x71, 0xed, 0x5e, 0x4d, 0x04, 0xdc, 0x4d, 0x5d,
556 0x0d, 0x24, 0x74, 0xa4, 0xaf, 0x30, 0x3f, 0x82, 0x0c, 0xe3, 0xfa, 0x21, 0x82, 0x25, 0x29, 0xda, 0x0f, 0x4b, 0x2e, 0x1c,
557 0xb2, 0x06, 0xe7, 0x36, 0x56, 0xb7, 0x4c, 0xf6, 0x37, 0x2c, 0x80, 0xa3, 0x21, 0xdc, 0x3b, 0xa5, 0xed, 0x24, 0x0e, 0x69,
558 0x15, 0xc2, 0x96, 0x0b, 0xa2, 0x72, 0x7a, 0xa4, 0xf8, 0xab, 0x6b, 0xa4, 0xa5, 0x7e, 0x6e, 0x3a, 0xf3, 0x4d, 0x92, 0xba,
559 0x90, 0xf0, 0x9d, 0x20, 0x9f, 0xf4, 0x5c, 0xf6, 0x44, 0x74, 0x6a, 0xc3, 0xc4, 0xed, 0x6d, 0x95, 0x81, 0x53, 0x60, 0xb4,
560 0x80, 0xf4, 0xd3, 0x5f, 0xad, 0xb6, 0x57, 0x9c, 0xb7, 0x59, 0xcc, 0x51, 0x54, 0x5f, 0x67, 0x32, 0x69, 0x63, 0x80, 0x77,
561 0x03, 0x23, 0x07, 0x4f, 0xff, 0x27, 0xd4, 0x52, 0xce, 0xac, 0xba, 0xd5, 0x8d, 0xab, 0xf8, 0xc9, 0x48, 0x01, 0xf7, 0xea,
562 0xf7, 0x76, 0x2e, 0xbc, 0xdd, 0x7b, 0x7f, 0x60, 0x12, 0x72, 0x4f, 0x04, 0x0e, 0x93, 0x5e, 0x7e, 0x15, 0x09, 0x2b, 0xa1,
563 0x2c, 0xa5, 0x9d, 0x36, 0xd4, 0xbf, 0x5c, 0xb1, 0x19, 0xd4, 0x0e, 0x00, 0x0e, 0x05, 0x7a, 0x84, 0xb0, 0xba, 0xe9, 0x8e,
564 0x15, 0x0a, 0xad, 0x4d, 0x8d, 0x1e, 0xff, 0x10, 0x01, 0x43, 0xbf, 0xa9, 0xbf, 0x3b, 0xdf, 0x86, 0x6b, 0xef, 0x86, 0x63,
565 0xfa, 0x9e, 0x28, 0xda, 0xb7, 0x03, 0x2b, 0x0b, 0xce, 0x12, 0x5f, 0xd8, 0x42, 0xfc, 0x4f, 0x63, 0x93, 0xbe, 0xef, 0x11,
566 0x73, 0xd4, 0xc0, 0xbc, 0x23, 0xc2, 0x99, 0xbc, 0x29, 0xe1, 0xd7, 0x4d, 0xc2, 0xe8, 0x3e, 0xb0, 0xaa, 0x96, 0xed, 0xf8,
567 0x48, 0x20, 0x3d, 0xa6, 0xed, 0xc6, 0xa2, 0x8f, 0x89, 0x45, 0x70, 0xbf, 0xf7, 0xee, 0x6f, 0x2a, 0xd1, 0x93, 0xce, 0xad,
568 0x55, 0xfe, 0xe9, 0xa8, 0xfc, 0x94, 0x24, 0x91, 0x98, 0x0a, 0xac, 0x90, 0xa6, 0xa7, 0x27, 0x05, 0x55, 0xb3, 0x3e, 0xa7,
569 0x08, 0xb0, 0x4b, 0x31, 0xb5, 0xe8, 0x9f, 0x67, 0x74, 0x73, 0x3c, 0x42, 0x84, 0x67, 0x84, 0x97, 0x95, 0x33, 0x00, 0xfe,
570 0x69, 0x61, 0x52, 0x05, 0x4c, 0x8b, 0x65, 0x8e, 0x00, 0xf8, 0xd8, 0xe3, 0x40, 0x66, 0x04, 0x06, 0x09, 0x05, 0x93, 0x49,
571 0x18, 0xa5, 0x41, 0x6f, 0xc3, 0x28, 0xaf, 0x30, 0xaf, 0x43, 0xaa, 0x74, 0x73, 0x9f, 0xdc, 0x58, 0x83, 0xe9, 0x42, 0xa8,
572 0x16, 0xdd, 0xce, 0xf9, 0xbe, 0xe9, 0x33, 0xf8, 0xbf, 0x51, 0x08, 0x25, 0xdf, 0x7a, 0xbe, 0x00, 0x8a, 0xd6, 0x82, 0xf3,
573 0xdb, 0xd0, 0x21, 0x48, 0x5c, 0xd5, 0xea, 0x86, 0xd7, 0xff, 0xe0, 0x2f, 0x93, 0xfc, 0x3e, 0xc8, 0xdd, 0xb8, 0x3e, 0x79,
574 0xd4, 0x22, 0xa3, 0xaa, 0xeb, 0x47, 0xec, 0xaf, 0xd8, 0xf1, 0xa8, 0x71, 0x7e, 0xae, 0x85, 0xff, 0xe1, 0x98, 0x7f, 0x59,
575 0x88, 0x1d, 0xaa, 0x11, 0x89, 0xbe, 0x6e, 0x4e, 0xdc, 0x77, 0xf4, 0xe1, 0x14, 0xcc, 0x1c, 0xd4, 0x8a, 0xc3, 0x0c, 0xff,
576 0xb9, 0x12, 0xc1, 0xf3, 0xb6, 0xcc, 0xa2, 0x01, 0x49, 0xad, 0x59, 0x47, 0x17, 0x4a, 0x1a, 0x90, 0xd0, 0x77, 0x77, 0x3e,
577 0xad, 0xdd, 0x58, 0x08, 0x40, 0x92, 0xb6, 0xcf, 0x84, 0x64, 0x72, 0x84, 0x8d, 0x98, 0x9f, 0x64, 0x28, 0x45, 0x1a, 0xb0,
578 0x88, 0x08, 0xaa, 0x7b, 0x11, 0x15, 0x08, 0xc3, 0x56, 0xa5, 0x0d, 0x7e, 0x04, 0x37, 0xe0, 0x62, 0xbb, 0x34, 0xe9, 0x84,
579 0xb2, 0xd0, 0x1a, 0xec, 0xa9, 0x74, 0x9b, 0xf1, 0x0e, 0x30, 0x84, 0xb0, 0x62, 0x17, 0x92, 0x31, 0x0c, 0x11, 0x9e, 0xa0,
580 0xa7, 0x48, 0x9a, 0xd7, 0xa4, 0x29, 0x05, 0xea, 0xf4, 0x11, 0x21, 0xdd, 0x8e, 0x9b, 0x79, 0x4a, 0x9b, 0x5c, 0xeb, 0x8b,
581 0x55, 0x0b, 0x0d, 0x0d, 0x7e, 0xe0, 0x79, 0x2f, 0x03, 0x52, 0xec, 0x4c, 0x63, 0xa0, 0xa8, 0xc2, 0x66, 0x63, 0xda, 0x18,
582 0xad, 0x93, 0xde, 0xb3, 0xb1, 0xe8, 0x08, 0xf8, 0x98, 0x5d, 0x19, 0x40, 0xae, 0xcd, 0x3e, 0xcd, 0x82, 0x09, 0x0c, 0x05,
583 0x5b, 0x84, 0x77, 0xd4, 0xf8, 0x1b, 0x53, 0xa6, 0xf0, 0x93, 0x85, 0x9c, 0x79, 0x43, 0x71, 0x4c, 0x8f, 0x66, 0x05, 0x7f,
584 0xc4, 0x20, 0x95, 0xfe, 0x1b, 0xd6, 0xf4, 0x2d, 0x4d, 0x42, 0xc6, 0x7f, 0x69, 0x69, 0x1e, 0xad, 0xf5, 0x26, 0xdf, 0x85,
585 0x26, 0xed, 0xf3, 0xe1, 0x5c, 0x1a, 0x86, 0x03, 0xbe, 0xd8, 0x96, 0x77, 0x52, 0xd5, 0x4a, 0xb4, 0xf5, 0xfc, 0x0a, 0xb0,
586 0xee, 0xb5, 0x21, 0x8c, 0xa4, 0x56, 0xf9, 0xf9, 0x05, 0x27, 0x49, 0x2d, 0x5d, 0x11, 0xac, 0xa5, 0x33, 0xe6, 0x55, 0x73,
587 0x54, 0xb9, 0xd1, 0x2a, 0xf8, 0x9a, 0x1d, 0xd3, 0x30, 0x90, 0x41, 0x3f, 0x0c, 0xf1, 0x0c, 0xa9, 0xae, 0xd0, 0x4d, 0xec,
588 0x66, 0x66, 0xc8, 0xb5, 0x57, 0xbc, 0xf4, 0xc0, 0xeb, 0x23, 0xb9, 0xc8, 0x8b, 0x43, 0x70, 0x96, 0x2e, 0x20, 0x14, 0x3a,
589 0x70, 0x3a, 0xf7, 0x83, 0xa9, 0x7b, 0x80, 0x6d, 0xc4, 0x76, 0xa5, 0x83, 0xf0, 0x55, 0xa0, 0x78, 0xc4, 0x7f, 0xc4, 0xae,
590 0xf0, 0xa9, 0x65, 0x5c, 0xd5, 0xda, 0xe1, 0xe1, 0x90, 0xb8, 0xa6, 0x07, 0x2e, 0x30, 0x82, 0x05, 0x6c, 0x06, 0x09, 0x2a,
591 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x05, 0x5d, 0x04, 0x82, 0x05, 0x59, 0x30, 0x82, 0x05, 0x55,
592 0x30, 0x82, 0x05, 0x51, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x04,
593 0xee, 0x30, 0x82, 0x04, 0xea, 0x30, 0x1c, 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30,
594 0x0e, 0x04, 0x08, 0x33, 0x8e, 0xe4, 0x7e, 0x74, 0x9d, 0xf7, 0xfa, 0x02, 0x02, 0x08, 0x00, 0x04, 0x82, 0x04, 0xc8, 0x10,
595 0x10, 0x9b, 0xe5, 0xa8, 0xe1, 0x82, 0x43, 0x54, 0xc5, 0xda, 0xfb, 0x4b, 0x57, 0x45, 0xd3, 0x38, 0xfe, 0x8f, 0x95, 0xf7,
596 0x86, 0x7f, 0x50, 0x15, 0x3a, 0x1a, 0xee, 0xcf, 0x8a, 0xa4, 0x67, 0x2a, 0x62, 0x1e, 0x2d, 0x05, 0xab, 0x21, 0x93, 0xdc,
597 0x37, 0xe3, 0xdb, 0x5c, 0xb9, 0x86, 0x7c, 0x78, 0xab, 0x62, 0x1a, 0xea, 0x7d, 0x51, 0x01, 0x72, 0x3f, 0xcd, 0x40, 0x0b,
598 0x97, 0xae, 0x89, 0xe3, 0x97, 0x81, 0x0e, 0x1f, 0x27, 0x36, 0x46, 0x7b, 0x17, 0xd3, 0xe3, 0x93, 0x8c, 0xde, 0xc3, 0xf1,
599 0x05, 0x0f, 0x0c, 0x40, 0x45, 0x53, 0xe9, 0xf5, 0xa9, 0x42, 0xc9, 0x22, 0x8e, 0xa5, 0xd0, 0x3b, 0xbe, 0xf0, 0x1e, 0x39,
600 0x11, 0xc5, 0xf7, 0x19, 0x27, 0x65, 0x56, 0xb4, 0x4d, 0xe8, 0xee, 0xd3, 0x81, 0x21, 0xb4, 0x43, 0x9d, 0x82, 0x24, 0x03,
601 0x81, 0x06, 0xc5, 0xe2, 0x9c, 0x4e, 0x10, 0x4c, 0x5d, 0xda, 0x1a, 0xc0, 0x8b, 0x54, 0x42, 0x3f, 0x6a, 0x9c, 0x9e, 0xad,
602 0xfd, 0xce, 0x62, 0x30, 0xb9, 0xaf, 0x99, 0xc8, 0xea, 0xd7, 0x3c, 0x8d, 0x81, 0x9a, 0xa4, 0x13, 0x11, 0x56, 0x6a, 0x99,
603 0x18, 0x40, 0x95, 0x65, 0x61, 0x54, 0x94, 0x91, 0x69, 0x37, 0x99, 0xa5, 0xd1, 0xce, 0x76, 0x3d, 0x63, 0x52, 0xb9, 0x8a,
604 0x4e, 0xcb, 0x21, 0x8f, 0x6b, 0xe3, 0xe1, 0x2a, 0x6d, 0xdc, 0x58, 0xf7, 0x1b, 0x9b, 0x9b, 0xa1, 0x6a, 0xe4, 0x60, 0xc6,
605 0x6b, 0x55, 0x35, 0x8c, 0x90, 0xfe, 0x12, 0xe2, 0x4a, 0xd3, 0x5d, 0x55, 0xd1, 0x19, 0x47, 0xcd, 0x3a, 0x74, 0xfb, 0xc8,
606 0xfe, 0xb1, 0x82, 0xe9, 0x50, 0xb9, 0x80, 0x77, 0x4a, 0x18, 0xc5, 0xe0, 0x3d, 0x45, 0xe8, 0xf7, 0xd3, 0x96, 0x0f, 0x88,
607 0x09, 0xf0, 0x49, 0xe7, 0xcf, 0x44, 0xfd, 0xe8, 0x33, 0x22, 0x98, 0x7f, 0x06, 0x1b, 0xf7, 0x54, 0xf6, 0xd1, 0xd1, 0x05,
608 0xa8, 0x17, 0x94, 0x41, 0xbf, 0x2b, 0x80, 0xca, 0x41, 0xc5, 0xdc, 0xeb, 0xee, 0x1b, 0xad, 0xbe, 0xae, 0xcf, 0x67, 0x9b,
609 0xfb, 0x88, 0x3d, 0xc0, 0x70, 0xb2, 0xbe, 0x16, 0x7c, 0x35, 0xa9, 0xc5, 0xdc, 0xa0, 0x2d, 0x0a, 0x59, 0x9a, 0x59, 0x51,
610 0x76, 0x35, 0x85, 0x8f, 0xc7, 0xf7, 0x56, 0x0c, 0xdc, 0xc6, 0xe4, 0x6a, 0xe8, 0x26, 0x6f, 0xd4, 0x4e, 0x0a, 0xa5, 0x99,
611 0x3b, 0xcc, 0x0a, 0xa3, 0x44, 0x24, 0x31, 0x28, 0x4f, 0x84, 0xeb, 0x5b, 0x00, 0xf4, 0xa2, 0xf0, 0xdd, 0xfe, 0xe0, 0x57,
612 0x5a, 0x9a, 0xc0, 0x64, 0x9f, 0x9c, 0x5e, 0xf8, 0x42, 0x74, 0x54, 0xe8, 0xc4, 0x3b, 0x70, 0xe3, 0xd3, 0x08, 0x9e, 0x13,
613 0xbd, 0xeb, 0x5f, 0x01, 0xe6, 0x08, 0xb8, 0x6a, 0xae, 0xe8, 0xe3, 0x9a, 0x89, 0x29, 0xb8, 0x2d, 0xb3, 0x29, 0x19, 0xee,
614 0x6e, 0x3d, 0x66, 0xa1, 0x04, 0xbb, 0x17, 0xe1, 0x5b, 0xb7, 0xaa, 0x87, 0x76, 0xe5, 0x88, 0x6c, 0x24, 0x26, 0xdf, 0x69,
615 0x6b, 0x40, 0xd6, 0x42, 0x13, 0xc4, 0x0a, 0x09, 0xfb, 0x92, 0x41, 0x34, 0x85, 0x6a, 0xd9, 0xb2, 0xa6, 0x3b, 0xb2, 0xbd,
616 0xae, 0x50, 0x9a, 0x1a, 0xc4, 0xe1, 0xd7, 0x86, 0x3c, 0xb9, 0xf5, 0x5f, 0x99, 0x2a, 0x2a, 0xfb, 0x64, 0x2e, 0x33, 0xb2,
617 0x2b, 0xb5, 0x0b, 0x87, 0x19, 0x7f, 0xc1, 0xfa, 0xa3, 0x0f, 0x8c, 0xff, 0xda, 0x64, 0x48, 0xa7, 0xe8, 0x85, 0x10, 0x2a,
618 0x61, 0x1d, 0x59, 0xf8, 0x1b, 0x46, 0x8a, 0x7a, 0xa2, 0x44, 0x90, 0xd9, 0x1d, 0xe6, 0xe7, 0x69, 0x53, 0x1c, 0xd6, 0x02,
619 0x27, 0x2c, 0x86, 0xed, 0xbc, 0xe8, 0xf8, 0xb9, 0xbd, 0x8c, 0xd4, 0x12, 0xf0, 0xb9, 0x66, 0x61, 0xf8, 0xda, 0x7c, 0x7c,
620 0xb6, 0x72, 0xa4, 0xd6, 0xd8, 0x84, 0x0b, 0x06, 0x85, 0x25, 0x5e, 0xf8, 0x4d, 0xad, 0xcc, 0x60, 0x00, 0x61, 0xf0, 0xf0,
621 0x38, 0x65, 0xe5, 0x4e, 0xfc, 0xd3, 0x8b, 0x3e, 0xae, 0xf1, 0x29, 0x2e, 0x9f, 0xb1, 0x59, 0x0c, 0x65, 0x03, 0x2e, 0x1f,
622 0x95, 0xd8, 0x07, 0x19, 0x3d, 0x85, 0x27, 0xfa, 0xc5, 0x35, 0xec, 0x69, 0xda, 0x2f, 0x9e, 0x40, 0xa7, 0x5c, 0x0b, 0xed,
623 0xac, 0xc4, 0x99, 0xa3, 0x63, 0xef, 0x73, 0x24, 0x9c, 0x43, 0x1c, 0x45, 0x36, 0xb9, 0x33, 0xf4, 0x2e, 0xbd, 0x7e, 0xb6,
624 0xf0, 0xd1, 0xf6, 0x86, 0xf4, 0x2c, 0x1d, 0xc2, 0xc6, 0x62, 0xcf, 0x6d, 0x70, 0x89, 0x9f, 0x36, 0x26, 0xbe, 0xa3, 0x4b,
625 0x23, 0x00, 0xbc, 0x62, 0x85, 0x35, 0xa4, 0x25, 0x23, 0xae, 0x60, 0x82, 0x02, 0x25, 0xfd, 0x5b, 0x6a, 0xa1, 0x6b, 0x1b,
626 0xcf, 0x42, 0x40, 0xca, 0xee, 0x95, 0x08, 0xd4, 0x5b, 0xa7, 0xc8, 0x29, 0x0b, 0xea, 0xe3, 0x19, 0xb4, 0x85, 0xb7, 0x0d,
627 0xcf, 0x3a, 0x0f, 0x51, 0x15, 0x84, 0x4a, 0x1d, 0xad, 0x7f, 0xd0, 0x41, 0x93, 0x10, 0x31, 0xb1, 0x54, 0xfb, 0x19, 0xad,
628 0x96, 0x09, 0xb8, 0x65, 0x3f, 0xe2, 0x57, 0x40, 0xb5, 0x0c, 0xc9, 0x89, 0x52, 0x56, 0x10, 0xda, 0xe0, 0x10, 0x18, 0x91,
629 0xbb, 0xe2, 0xe3, 0x2c, 0x8e, 0xd7, 0x43, 0x7a, 0xdc, 0xbb, 0x76, 0x67, 0x25, 0x9c, 0x81, 0xec, 0x59, 0x7c, 0xdc, 0xea,
630 0x02, 0x29, 0x80, 0xdf, 0x20, 0xaf, 0xba, 0x26, 0xe1, 0x49, 0xcf, 0x7e, 0x69, 0x36, 0x77, 0xad, 0x0b, 0xcc, 0x7d, 0x10,
631 0x3f, 0x31, 0x60, 0x0e, 0x17, 0x36, 0x8c, 0xbd, 0x4d, 0x80, 0xe8, 0xe7, 0x7a, 0x7a, 0x1e, 0x17, 0x77, 0x79, 0x9a, 0x1f,
632 0xd7, 0x2f, 0x76, 0xf2, 0x4a, 0x52, 0xd9, 0x9f, 0x02, 0x2c, 0xc7, 0xd5, 0x0f, 0x05, 0x8b, 0x59, 0xd9, 0x13, 0xdc, 0x57,
633 0xbb, 0x56, 0xd0, 0xc4, 0x13, 0xac, 0x34, 0x05, 0x19, 0x92, 0xb6, 0x18, 0x12, 0x26, 0xe1, 0xe6, 0xe9, 0x8d, 0x6a, 0xad,
634 0x83, 0x95, 0xcf, 0x7f, 0x91, 0xad, 0xe3, 0x9f, 0x15, 0x05, 0x95, 0x96, 0x8d, 0x80, 0xc3, 0x13, 0x09, 0xac, 0xa4, 0xd9,
635 0xfe, 0xb1, 0xb3, 0x9d, 0x94, 0x49, 0xb9, 0x2d, 0x84, 0x64, 0x4d, 0x75, 0xb8, 0x58, 0x75, 0xec, 0x30, 0x0a, 0xf7, 0x96,
636 0xf3, 0xc8, 0x19, 0xa8, 0xbd, 0x62, 0x14, 0x00, 0xb4, 0x26, 0x35, 0x3f, 0x78, 0x43, 0xb1, 0xab, 0x8f, 0xab, 0xa1, 0xf3,
637 0x43, 0x87, 0xb3, 0x88, 0x1f, 0xc1, 0x89, 0x6c, 0xcf, 0x1f, 0x38, 0x1c, 0xe0, 0x68, 0xcc, 0x93, 0x46, 0x8c, 0xde, 0x4c,
638 0x2c, 0x27, 0x6d, 0xb6, 0x91, 0xa8, 0xc5, 0xee, 0xf7, 0x47, 0x17, 0x5a, 0x11, 0xb2, 0x3a, 0xbc, 0x35, 0xee, 0x05, 0xc3,
639 0x17, 0x63, 0x69, 0x77, 0xbd, 0x43, 0x80, 0x71, 0xe9, 0xd6, 0x8c, 0xdd, 0xef, 0x0a, 0xf8, 0x59, 0x1d, 0x61, 0xd6, 0x19,
640 0x64, 0x71, 0xe7, 0x3c, 0x36, 0xd8, 0x07, 0x5d, 0x6c, 0x0f, 0x28, 0x99, 0xa6, 0x9e, 0x01, 0x1b, 0x4c, 0x9a, 0x5f, 0xde,
641 0x96, 0xb0, 0x61, 0x0a, 0x9c, 0xeb, 0x2a, 0x29, 0x09, 0x1b, 0xaa, 0x62, 0x75, 0x5e, 0xd5, 0x9f, 0xe1, 0x12, 0x69, 0xa2,
642 0x1d, 0xbd, 0x97, 0x10, 0xdd, 0x62, 0xf9, 0x27, 0x47, 0xf2, 0x64, 0x12, 0xce, 0x95, 0xc0, 0xdc, 0xd6, 0x92, 0x48, 0xb4,
643 0xb2, 0x18, 0x78, 0x2e, 0xaf, 0xb0, 0xd7, 0x48, 0x98, 0x29, 0x1b, 0xb9, 0x50, 0xf7, 0x95, 0x26, 0x53, 0xc4, 0xd6, 0x6f,
644 0x26, 0x5f, 0x95, 0x9f, 0x51, 0xf3, 0x96, 0xbc, 0xca, 0xff, 0x0d, 0x8a, 0x69, 0xa5, 0xb0, 0x82, 0x02, 0x3e, 0x77, 0xb7,
645 0x87, 0xea, 0x2a, 0xc0, 0x2e, 0xc7, 0xb6, 0x2c, 0x06, 0x19, 0x8f, 0x84, 0x46, 0xd6, 0x58, 0xf2, 0xb8, 0x8a, 0xdb, 0xd2,
646 0x72, 0xe0, 0xc1, 0xa7, 0xb5, 0xb0, 0xb0, 0x2b, 0x83, 0xbb, 0x3b, 0x85, 0x3d, 0xcc, 0xc2, 0x89, 0x77, 0x65, 0x8d, 0x3c,
647 0x03, 0xbe, 0x84, 0x78, 0xf7, 0x2a, 0x32, 0x9c, 0x02, 0x23, 0x7b, 0x25, 0x42, 0xec, 0x4f, 0x29, 0x77, 0x79, 0xc1, 0x48,
648 0x46, 0xde, 0x76, 0xdb, 0x23, 0x9b, 0x5a, 0xee, 0xc7, 0xd1, 0x40, 0x73, 0x39, 0xa5, 0x23, 0x41, 0x66, 0x4c, 0x24, 0x1f,
649 0xaa, 0xd8, 0xc7, 0x3c, 0xc4, 0xd5, 0xd7, 0x3b, 0x2d, 0x00, 0x1c, 0x49, 0x17, 0x7a, 0xb5, 0x90, 0x6c, 0x6b, 0x43, 0x2f,
650 0x61, 0x6b, 0x8a, 0xdc, 0xb9, 0x58, 0xa8, 0x92, 0x49, 0x3e, 0xe9, 0x32, 0xc9, 0x3c, 0x4e, 0xeb, 0x2e, 0x15, 0xb8, 0x78,
651 0x9f, 0x30, 0x05, 0xd7, 0x4d, 0x71, 0xe8, 0xd0, 0x98, 0x7c, 0xe5, 0x3b, 0xc7, 0x65, 0x27, 0x5b, 0x16, 0x35, 0x77, 0xfc,
652 0x97, 0xf8, 0x1a, 0x07, 0xc2, 0x50, 0x67, 0x71, 0x7d, 0xd4, 0xd6, 0x55, 0x83, 0x8b, 0x15, 0xb1, 0xac, 0xba, 0xba, 0x8c,
653 0x73, 0x6e, 0x58, 0xf9, 0x1a, 0x3a, 0x1b, 0xc0, 0xe5, 0x90, 0x5a, 0xae, 0x96, 0xeb, 0x05, 0xe1, 0x37, 0xaa, 0xeb, 0x0c,
654 0xb9, 0xf2, 0xd4, 0x24, 0x82, 0x70, 0x64, 0x7a, 0x9b, 0x13, 0x27, 0xab, 0xb9, 0x18, 0xc8, 0xc7, 0xa3, 0x36, 0x5c, 0x7d,
655 0xff, 0xb8, 0xde, 0xbb, 0x9b, 0xc8, 0x78, 0xdf, 0xc8, 0x99, 0x39, 0x9e, 0xce, 0x1b, 0xe0, 0x09, 0x53, 0x00, 0x7d, 0xad,
656 0x86, 0x87, 0x8a, 0x31, 0x50, 0x30, 0x29, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14, 0x31, 0x1c,
657 0x1e, 0x1a, 0x00, 0x54, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x20, 0x00, 0x53, 0x00, 0x53, 0x00, 0x4c, 0x00, 0x20,
658 0x00, 0x55, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x30, 0x23, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
659 0x15, 0x31, 0x16, 0x04, 0x14, 0xa6, 0x63, 0xd5, 0xb2, 0xb4, 0x24, 0x91, 0x4c, 0x75, 0xa8, 0x11, 0x34, 0xd7, 0x7f, 0xb0,
660 0xa3, 0x55, 0xd4, 0xfd, 0x9a, 0x30, 0x30, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00,
661 0x04, 0x14, 0x2f, 0xc5, 0x73, 0xe2, 0xe4, 0xb4, 0x77, 0xfb, 0xb5, 0x49, 0x80, 0xcf, 0x13, 0xbe, 0x63, 0x7e, 0xaf, 0xdc,
662 0x2b, 0xae, 0x04, 0x08, 0xdc, 0x37, 0x8d, 0x3f, 0x8d, 0xc5, 0x94, 0x54, 0x02, 0x01, 0x01
663 };
664 unsigned int Test_ssl_user_p12_len = 2695;
665
666
667 /* Test identity (PKCS12 data), SMIME cert, expired in 2008
668 */
669 unsigned char TestIDSMIME2007_p12[2805] = {
670 0x30,0x82,0x0a,0xf1,0x02,0x01,0x03,0x30,0x82,0x0a,0xb8,0x06,0x09,0x2a,0x86,0x48,
671 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x0a,0xa9,0x04,0x82,0x0a,0xa5,0x30,0x82,
672 0x0a,0xa1,0x30,0x82,0x05,0x17,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,
673 0x06,0xa0,0x82,0x05,0x08,0x30,0x82,0x05,0x04,0x02,0x01,0x00,0x30,0x82,0x04,0xfd,
674 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0x30,0x1c,0x06,0x0a,0x2a,
675 0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x06,0x30,0x0e,0x04,0x08,0x3f,0x0b,0xd9,
676 0x3c,0x80,0x6d,0x5e,0x7b,0x02,0x02,0x08,0x00,0x80,0x82,0x04,0xd0,0x08,0x25,0x32,
677 0xdc,0x7b,0xed,0x8a,0x29,0xf8,0x56,0x84,0x51,0x5c,0x6d,0xe6,0xe6,0x34,0xf8,0x03,
678 0xb3,0x80,0xe2,0xf4,0x0e,0x3f,0x1f,0xad,0x12,0x11,0x27,0x56,0xe8,0x89,0x59,0x90,
679 0x03,0xf0,0xa7,0xc2,0xde,0xd0,0x70,0xbf,0x2c,0xea,0x01,0xe7,0xbd,0xba,0xaf,0xfc,
680 0x07,0x84,0x2f,0xdb,0x65,0xa0,0x7b,0x4b,0x6a,0xab,0xe4,0xbd,0xd0,0xbb,0x31,0xaf,
681 0x90,0x8c,0xa8,0x71,0x10,0x23,0x96,0x67,0x44,0xdd,0x02,0x72,0xd2,0x0f,0xca,0xcb,
682 0x4f,0xc2,0x14,0x04,0xfa,0xde,0x31,0xa5,0x2f,0x97,0xc0,0x2a,0xdd,0xdd,0x91,0x62,
683 0xa7,0xf7,0x9b,0x43,0x57,0x7d,0x4d,0x1c,0xb1,0x92,0xba,0xae,0xa1,0x24,0x6c,0x99,
684 0x81,0x49,0x56,0x46,0x8b,0xea,0x7c,0x16,0x19,0x76,0xf7,0x40,0x06,0x82,0xe2,0x5b,
685 0x3f,0xd8,0x2c,0x87,0x60,0xf7,0xae,0xaa,0xa5,0xba,0x96,0xbf,0x5c,0x86,0x57,0x81,
686 0x8d,0xbf,0x6c,0xe1,0xd1,0xb9,0x20,0x93,0x27,0xfc,0xe6,0x35,0x80,0xaa,0xfb,0xe6,
687 0x4b,0xfd,0x4f,0xa4,0x06,0x05,0x46,0x85,0x66,0x15,0xfb,0x83,0x2b,0x42,0x26,0x98,
688 0xc8,0x69,0x24,0xa1,0x71,0xb4,0x56,0x38,0x3d,0x5e,0xc2,0x13,0x34,0xab,0x2f,0xb1,
689 0x33,0x6e,0xf0,0x07,0x80,0xdd,0x0e,0x6f,0x19,0x01,0xaf,0xff,0x5f,0xc3,0xea,0x24,
690 0x5a,0x6d,0xad,0xb3,0x10,0xbb,0x63,0x02,0x14,0x38,0xa9,0x21,0x83,0xb9,0xc3,0x23,
691 0xba,0xfc,0x56,0x76,0x4d,0x46,0x43,0xd1,0x09,0x37,0x1f,0x79,0xe5,0x70,0x93,0xb5,
692 0x0f,0x21,0xe3,0xef,0x0b,0x4d,0x87,0x0c,0x68,0xf5,0x16,0xc0,0x13,0xee,0x28,0xe8,
693 0x49,0xaa,0x60,0x61,0xe5,0x76,0xe6,0x8e,0xd6,0xae,0x52,0x70,0xb2,0x70,0xbf,0xeb,
694 0xd2,0xd8,0xb8,0x92,0x71,0x6e,0xb8,0x59,0xdf,0xee,0xad,0xc1,0x55,0x14,0x4b,0x52,
695 0x0c,0x20,0x4c,0x79,0x93,0x71,0xe6,0xc5,0xbc,0xf3,0xf3,0x14,0x13,0xd0,0xcd,0x1c,
696 0x62,0x21,0xc0,0xcf,0x4e,0xf5,0xda,0x52,0xbf,0x2c,0x86,0x8f,0xb5,0x67,0xf5,0x72,
697 0xbb,0xe9,0xb8,0x86,0x17,0xd9,0x35,0x49,0xae,0x0a,0x99,0x94,0xa5,0xaa,0x96,0xf4,
698 0x95,0xfe,0x4a,0xe2,0x13,0x46,0xcb,0xd9,0x8b,0x48,0x50,0xff,0x34,0x88,0x12,0xe7,
699 0x9b,0x00,0x8d,0x57,0x94,0x44,0xa5,0xe6,0xd1,0x7f,0x34,0xbb,0x33,0x9f,0xc3,0x12,
700 0x3b,0xb2,0xba,0xb6,0xb3,0x15,0x9e,0xaf,0x90,0x5e,0x2e,0x61,0x0d,0xe6,0x02,0x25,
701 0x41,0x55,0x18,0xc9,0x4a,0x5a,0x0a,0xb2,0xf5,0x99,0x8a,0x27,0xc7,0xd7,0x01,0x96,
702 0x9e,0x4c,0x05,0x7f,0x54,0x90,0x08,0x92,0x9c,0xf2,0xbd,0x0d,0x7d,0x37,0x5a,0x57,
703 0x1d,0x5b,0xcb,0xce,0xc1,0x58,0x5e,0x50,0x73,0x4d,0x61,0x28,0x18,0x90,0x2d,0xac,
704 0x91,0x4b,0x5e,0x5f,0x57,0x29,0x58,0x65,0xba,0xa4,0x11,0x92,0xa8,0xf4,0xac,0xa8,
705 0x39,0x1c,0x52,0x14,0x09,0x13,0xdd,0x4e,0xfa,0xef,0xba,0x4f,0x48,0xc3,0x46,0x4e,
706 0xb9,0x8d,0xff,0x5e,0x28,0xb8,0xcc,0x99,0x7f,0x3a,0xdc,0xf4,0x90,0x5c,0x41,0x14,
707 0x4b,0xbc,0x6b,0xa3,0x01,0x78,0x87,0xc1,0x86,0xd7,0xad,0x98,0xa0,0xc6,0x82,0x35,
708 0x76,0x41,0x6f,0xf1,0xee,0x54,0xbd,0xef,0xef,0xfc,0x2b,0x88,0x56,0x61,0xb1,0x93,
709 0xa0,0xe5,0x8e,0x1e,0xb4,0xb1,0x39,0xb3,0xd3,0x85,0xe0,0xa2,0x61,0x4b,0xe8,0x24,
710 0xc3,0xdd,0x48,0x2a,0xfd,0x5a,0x98,0x7a,0x98,0x2a,0xc7,0x81,0x4c,0x3d,0x3b,0x0c,
711 0x42,0x69,0x42,0x87,0xf1,0x5f,0x13,0x47,0xf6,0x89,0xc5,0x5e,0x47,0x84,0x59,0x81,
712 0x97,0xef,0x22,0x79,0x16,0x37,0xdc,0x74,0x66,0x30,0x81,0xbc,0x45,0x21,0xe4,0x75,
713 0x69,0xe4,0x64,0x2b,0x98,0x97,0x61,0xe1,0x34,0xdf,0x4a,0x37,0x65,0x74,0xdc,0xe1,
714 0x71,0x37,0xd6,0x2c,0x54,0x83,0x7a,0x91,0xc4,0xa6,0xfe,0x09,0x12,0xf3,0xf5,0x2b,
715 0xec,0xe9,0x63,0xa3,0x25,0x0f,0x6f,0xd1,0xb0,0x95,0x3f,0x7f,0xab,0xa7,0x25,0x9b,
716 0x85,0xdb,0xcf,0x6e,0x0e,0xc0,0x8d,0xd3,0xca,0x0e,0xd2,0x98,0xeb,0x77,0x39,0xf4,
717 0x1a,0x30,0xe6,0x76,0x6d,0xba,0xc0,0x61,0x55,0x4e,0xbe,0x88,0x32,0xb2,0xae,0x16,
718 0x27,0xbd,0x61,0xc5,0x48,0x26,0x0f,0x05,0x1a,0x42,0xa6,0xd9,0x29,0xf8,0x58,0x96,
719 0x16,0x1d,0xad,0xf4,0x58,0xc6,0x79,0x46,0xdf,0x1f,0x25,0x43,0xaa,0xf5,0xc3,0x1f,
720 0x75,0x36,0x1c,0x17,0xd2,0x4d,0x88,0xf6,0x37,0x35,0x21,0x1f,0x0f,0x45,0x85,0x13,
721 0x50,0x85,0x0a,0xa2,0xb4,0x96,0x7a,0xe4,0x0a,0x27,0x74,0x87,0x1b,0x11,0xaa,0x7c,
722 0x35,0xf6,0xb6,0x49,0x8d,0x58,0x30,0x16,0xb7,0x36,0xd6,0xd8,0x82,0xe6,0x3d,0xa4,
723 0xdf,0xa7,0xc4,0xc7,0xfe,0x81,0x01,0xa6,0xda,0x63,0x10,0x9f,0x2b,0x84,0x14,0x62,
724 0xb8,0x37,0x9b,0xb4,0x3f,0x62,0x6b,0x76,0x36,0x39,0xb7,0x41,0xaf,0xb9,0xc9,0xf8,
725 0xa5,0x20,0x1f,0x0c,0xfc,0x71,0xca,0x6f,0x56,0x4d,0x6b,0x23,0x5b,0xb2,0x77,0x6f,
726 0x83,0xcc,0x8e,0x8c,0x78,0xda,0x4a,0xbf,0x92,0xd4,0x20,0xfe,0x43,0x6a,0xd4,0x7e,
727 0xd5,0x6c,0x56,0xdb,0xf8,0x94,0x01,0xc8,0x6f,0xdb,0x00,0x9c,0x0b,0x4c,0x97,0xa5,
728 0x2b,0xc1,0x46,0x19,0x91,0x34,0x05,0x9b,0x33,0x20,0xb2,0x79,0xe5,0x00,0x3d,0xb2,
729 0x54,0x4f,0xfa,0x23,0xaa,0xfa,0x3d,0x0c,0x83,0xcf,0x81,0xd1,0xd0,0x12,0x03,0x34,
730 0xda,0x6b,0xbb,0x63,0xbe,0x1b,0x3c,0x53,0x91,0x2b,0x7e,0xd7,0x76,0x62,0x6e,0xc9,
731 0xb1,0x3d,0x74,0x9f,0x96,0xfb,0x66,0xad,0x35,0xba,0x23,0x10,0x9b,0xab,0xc3,0x8a,
732 0x87,0xd1,0x0b,0xa2,0x99,0x34,0x8a,0x43,0x90,0xe9,0x65,0xe7,0x69,0x09,0x61,0x5f,
733 0xce,0x42,0x58,0x69,0xdf,0x8b,0x0c,0x5a,0xa0,0x6a,0x25,0x33,0x29,0x9e,0x23,0xbb,
734 0x77,0xf9,0xa4,0x2f,0x66,0x86,0xc5,0x38,0xf6,0x3d,0xcb,0x03,0xbf,0x94,0x9d,0x56,
735 0x73,0x53,0x9d,0xf4,0xc6,0xad,0x22,0x6d,0xff,0x92,0x90,0x63,0x80,0x5b,0xd2,0x4b,
736 0x18,0xcd,0xc5,0xe1,0xdb,0x4d,0x96,0xc4,0x29,0x0b,0x0e,0xb8,0x18,0x53,0x66,0x49,
737 0x20,0x8e,0xef,0x25,0x93,0x48,0x12,0xe6,0x36,0xd4,0x33,0xcc,0x4d,0x99,0xbd,0x94,
738 0x96,0x61,0xb2,0x7a,0x76,0x7f,0xa1,0xd9,0x1b,0x77,0xfc,0xb7,0x54,0xaf,0x6c,0xeb,
739 0xec,0x90,0x15,0x21,0x2f,0xe2,0x40,0x05,0x23,0x0c,0x2a,0xe2,0xda,0xa0,0x9b,0x0c,
740 0xc7,0x8b,0x31,0xd7,0x8e,0x91,0x95,0x39,0x79,0xd7,0x6d,0xbf,0x86,0x24,0x4d,0xcd,
741 0x72,0x43,0x05,0x56,0xc0,0xe1,0x0c,0xed,0x51,0xa3,0xa9,0x85,0x74,0x41,0x20,0xe2,
742 0x37,0x66,0x80,0x40,0x02,0xf2,0x4b,0x60,0x36,0x4f,0xcf,0x12,0x5a,0x22,0xbc,0x6c,
743 0x21,0xb1,0x2f,0x0c,0x4a,0x26,0xc2,0x14,0x23,0xb3,0x91,0x17,0x48,0x9e,0x27,0x6d,
744 0x6a,0x2f,0xaf,0x58,0xe4,0xf7,0x4d,0x40,0x4b,0xd9,0x52,0xa0,0xf6,0x5e,0xc3,0x36,
745 0xda,0xa6,0x27,0x81,0x1e,0x7c,0x61,0x45,0x93,0x1a,0xa6,0x9d,0x16,0x61,0x95,0xed,
746 0x20,0x2c,0x49,0x6d,0x8f,0x8d,0x1a,0x44,0x89,0x0a,0xce,0x3c,0x00,0x9c,0x76,0x76,
747 0xa5,0x0b,0x40,0x52,0xf2,0xb9,0x30,0xae,0xab,0x04,0x41,0xa1,0x30,0x2f,0x43,0x1b,
748 0x68,0xdb,0x7c,0x4d,0x6c,0xe6,0x05,0xfc,0xa4,0xab,0xd2,0x0a,0x75,0x0c,0xd9,0x40,
749 0x09,0xf1,0xcb,0x5e,0x0a,0x09,0x2c,0x75,0xbc,0x79,0xa5,0xd5,0xb5,0xde,0x07,0xfd,
750 0x27,0x31,0x96,0xad,0x66,0xc6,0xa6,0x5e,0x0a,0x57,0x06,0x39,0x03,0xe4,0x84,0x61,
751 0xcf,0x25,0x6c,0xcd,0x56,0xf4,0xe7,0xd1,0xff,0x93,0x6c,0x2d,0xd6,0xcf,0x0d,0xe6,
752 0x1e,0xe5,0x57,0x37,0xa6,0x6d,0xec,0xa1,0xde,0xe8,0x1f,0x64,0x90,0x5e,0x70,0xe2,
753 0xe8,0x05,0x24,0xac,0x36,0xe1,0xea,0x75,0xdf,0x60,0xe2,0xbf,0xc2,0x30,0x82,0x05,
754 0x82,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x05,0x73,
755 0x04,0x82,0x05,0x6f,0x30,0x82,0x05,0x6b,0x30,0x82,0x05,0x67,0x06,0x0b,0x2a,0x86,
756 0x48,0x86,0xf7,0x0d,0x01,0x0c,0x0a,0x01,0x02,0xa0,0x82,0x04,0xee,0x30,0x82,0x04,
757 0xea,0x30,0x1c,0x06,0x0a,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x03,0x30,
758 0x0e,0x04,0x08,0xf4,0xa6,0x0f,0xb4,0x2e,0x8e,0x48,0xa6,0x02,0x02,0x08,0x00,0x04,
759 0x82,0x04,0xc8,0x0a,0x64,0x3b,0x68,0x4a,0x9a,0xf0,0xf6,0x80,0x65,0x2d,0xca,0xa6,
760 0x74,0x33,0x32,0xf3,0x71,0x97,0x27,0x24,0x3c,0xd1,0xaf,0x8b,0xfb,0xee,0x69,0x40,
761 0xfc,0xff,0x45,0x32,0x3a,0x1a,0xd1,0x35,0x2d,0xae,0xce,0xd6,0x84,0x5b,0x2b,0x20,
762 0x91,0xf8,0x26,0xa6,0x13,0x19,0x21,0x3e,0x8d,0xbb,0x30,0xef,0xdd,0x99,0x58,0x00,
763 0x61,0x57,0xe5,0x1b,0xc6,0x96,0xbe,0x7f,0x9e,0x95,0x47,0x7c,0xdf,0xf1,0x09,0x8f,
764 0xb9,0xa8,0x99,0x0d,0xf1,0x2a,0xe0,0xfd,0x08,0x92,0xf7,0x56,0x45,0x2e,0xb0,0xf4,
765 0x2b,0xf9,0x36,0x43,0xb2,0xbf,0x63,0x82,0x59,0x41,0x25,0x70,0xd6,0x49,0xe8,0x15,
766 0x7f,0x77,0x7c,0x7c,0xb3,0xab,0x7e,0xb6,0x16,0xd9,0xf7,0x22,0xa6,0x23,0x00,0x6a,
767 0x0e,0x62,0xfa,0xd6,0xe2,0x51,0x13,0x0e,0x99,0x9e,0x12,0x48,0xfa,0x71,0xea,0x47,
768 0xeb,0xf7,0xd9,0x9d,0x6f,0xa1,0x77,0x55,0xff,0x30,0xf7,0x68,0x33,0xee,0x26,0x16,
769 0xf6,0x43,0x63,0x4e,0xb7,0x16,0x97,0xd3,0x49,0x1c,0xf1,0x9e,0xe0,0xe5,0x77,0x52,
770 0xca,0x13,0x48,0x8f,0x11,0x23,0x0d,0x87,0x38,0xa7,0xf3,0x81,0x65,0x96,0xff,0xc7,
771 0xb4,0x0f,0x39,0x59,0xff,0x39,0x5a,0x55,0x2b,0x7b,0xab,0x34,0x11,0x42,0x47,0x42,
772 0x0c,0xb0,0x71,0x64,0x73,0xa5,0x1d,0x88,0x6e,0xa4,0x61,0x3c,0x67,0x18,0x67,0x2b,
773 0x42,0xa1,0x2e,0x60,0xae,0x82,0x3e,0x37,0xc8,0x2e,0x8a,0x80,0x2e,0x9c,0x5d,0xe4,
774 0x37,0x58,0xcb,0x6e,0x38,0x75,0x76,0x9a,0xaf,0x25,0xd3,0xb2,0xbe,0xf5,0x36,0x4f,
775 0x09,0x05,0xe2,0xe3,0x20,0x03,0x64,0x6f,0x94,0x3b,0xec,0x40,0x8c,0xe1,0x7e,0xed,
776 0x94,0xfa,0xed,0x9c,0x4d,0x1d,0xd7,0x31,0x1b,0x9d,0xf3,0xf5,0x1b,0xa0,0xf9,0xc8,
777 0xd6,0xf0,0x5e,0xe5,0x26,0x17,0x42,0x18,0xd8,0xe3,0x04,0x65,0xdf,0xa3,0xe6,0x16,
778 0x16,0xd5,0xfb,0xbe,0x08,0x1e,0xbf,0xd2,0x0e,0xd5,0x2b,0x4b,0x78,0xb2,0x80,0xf3,
779 0x8c,0xe6,0x74,0x89,0xe8,0xce,0xa6,0x2b,0xa5,0x38,0x1f,0x2f,0x87,0x93,0x51,0x35,
780 0xe8,0xad,0x6c,0x8d,0x95,0xbd,0xc0,0x24,0xa5,0x14,0x25,0x2d,0xdf,0x4e,0x77,0x32,
781 0x68,0xc0,0x91,0xad,0x51,0x95,0x25,0x44,0x7a,0xd7,0x4c,0x75,0xdf,0x73,0xe5,0x2b,
782 0xeb,0x1c,0xd3,0xe9,0x42,0xa7,0x5a,0x58,0x85,0x06,0xf0,0xcb,0x38,0x51,0x6d,0x09,
783 0x57,0x14,0x6f,0xd8,0x55,0x0c,0x7a,0x77,0x7f,0xb5,0x20,0xe8,0xd0,0xbd,0x88,0x5a,
784 0xad,0xe6,0xf5,0x02,0x2c,0x7d,0x0b,0xfb,0xe4,0x07,0xad,0xa2,0xd5,0x0c,0xc5,0xbc,
785 0x66,0xc4,0x19,0x48,0xe8,0xa2,0x60,0xdd,0xd2,0xf8,0x03,0x9a,0xd9,0x68,0x4d,0xa9,
786 0xd8,0xfa,0xda,0xa3,0x6f,0xcc,0x53,0xea,0x11,0x7e,0xa0,0xa8,0x8f,0xec,0xdb,0xc0,
787 0x2a,0x40,0xc6,0x84,0x58,0x4f,0x2a,0x23,0x4c,0xbc,0xfe,0xaa,0x78,0x58,0x9c,0xdd,
788 0x6c,0xd5,0x63,0xe9,0xe6,0x78,0xc2,0x73,0x14,0xd5,0x11,0xc3,0x2a,0xf5,0x8a,0x46,
789 0x78,0xfc,0x5a,0x59,0xc9,0x9a,0x7f,0xba,0x94,0x44,0xb3,0x45,0x83,0x08,0x94,0x4d,
790 0x72,0x0b,0x0f,0xd6,0x89,0x9a,0x75,0x6b,0x31,0xcb,0xeb,0x55,0x85,0x38,0x2c,0x3e,
791 0x9b,0x86,0xf0,0x58,0x0f,0x4c,0x93,0x24,0xec,0xd5,0xa3,0x61,0x3a,0x79,0x76,0xab,
792 0x37,0x63,0x2d,0x79,0xde,0x6d,0xa3,0x7f,0xf2,0xf0,0x8c,0x45,0xe6,0xce,0x97,0xc6,
793 0x88,0xfd,0x93,0xe0,0xf9,0xd0,0x93,0x6a,0x77,0xa4,0x28,0xc3,0x02,0x77,0x87,0xf6,
794 0x22,0xfa,0x2b,0x0b,0x31,0xcf,0xe2,0xce,0xaa,0xd9,0x65,0xa6,0x96,0x53,0x8d,0xc7,
795 0x67,0xaf,0x0c,0x0f,0xbc,0x51,0xdf,0x0b,0xc4,0xf8,0x06,0x46,0x07,0x12,0x95,0xce,
796 0x38,0x8e,0xe7,0x8f,0x8d,0x46,0x68,0xbe,0xa5,0x40,0xdc,0xed,0xab,0x76,0x5c,0x87,
797 0xac,0xb3,0x5f,0xb9,0xfd,0x9d,0x79,0x54,0x28,0xc2,0x19,0x2e,0x46,0x3f,0x1f,0x67,
798 0xe2,0x58,0x30,0x4e,0x89,0xdd,0x2f,0x44,0x59,0xde,0xe4,0xf4,0x0d,0x4c,0x33,0xe4,
799 0x98,0x6d,0xb4,0x1f,0x03,0x6b,0x0f,0x8e,0xde,0x86,0x1b,0x33,0x37,0x74,0x14,0xbe,
800 0xa9,0x4a,0xac,0xf4,0x9b,0xa7,0x37,0xe8,0xdd,0x94,0x67,0x25,0x5c,0xb4,0x5b,0x79,
801 0xfd,0xd3,0x24,0x21,0x11,0xbe,0x76,0x1f,0x98,0x8b,0x73,0x87,0x0c,0x96,0x82,0x59,
802 0x04,0x22,0x8c,0x9b,0x57,0x0c,0xca,0x16,0xb3,0x02,0xc6,0xdc,0x6f,0xd2,0x9c,0xcd,
803 0x0f,0x31,0xea,0x97,0x94,0xf7,0x43,0xfe,0xe2,0x8f,0xc7,0x07,0x98,0x57,0x30,0x72,
804 0x55,0x43,0xca,0xfa,0xde,0x92,0xf9,0x06,0x9e,0x56,0x73,0x80,0x84,0xbb,0x44,0xe5,
805 0x7d,0x04,0xfc,0x49,0x8d,0x28,0xfa,0x91,0xe3,0x50,0x76,0xc2,0xf8,0x87,0x29,0x04,
806 0xa4,0xfd,0xfb,0x28,0x20,0xe3,0x07,0xb6,0xf4,0xbf,0xe7,0xc4,0x6a,0x93,0x8c,0x12,
807 0xda,0x9d,0x9a,0x5d,0x8c,0x0a,0xd7,0xf5,0x9f,0xbd,0x71,0x00,0xfc,0x22,0xea,0xa4,
808 0x45,0x6f,0xd4,0xc6,0x7d,0x7a,0x47,0x38,0x15,0x17,0xc6,0xde,0xb3,0xeb,0x1b,0x9a,
809 0xea,0x94,0xc1,0x74,0xd1,0x65,0x25,0xc1,0x11,0x82,0x5d,0xb3,0x66,0x7f,0x05,0xd3,
810 0xe1,0x0a,0xfe,0x29,0xcf,0xdd,0x18,0x30,0xff,0x00,0x7f,0xef,0xc1,0x50,0x54,0x7c,
811 0x8b,0x89,0x3c,0x6a,0x12,0x9d,0xd4,0x5a,0xcc,0x48,0x76,0xab,0x64,0xd3,0x54,0x36,
812 0x70,0x9e,0x04,0x69,0x3d,0x20,0x9d,0x62,0x5d,0xe6,0x55,0x8e,0xd0,0x53,0x5c,0xb4,
813 0x54,0x79,0x73,0x69,0x6f,0x56,0xfa,0x60,0x1d,0x61,0xeb,0xeb,0x76,0xb4,0xd5,0x7a,
814 0xc9,0x51,0xfc,0xa9,0xed,0x4a,0xfa,0x5c,0x5c,0xb5,0x20,0x6a,0x44,0xf7,0xaa,0xf0,
815 0x27,0x90,0x55,0xda,0x2d,0xb4,0x11,0x59,0x21,0x65,0x0e,0x87,0xd2,0x53,0x21,0xd2,
816 0x81,0x93,0xf7,0xfe,0x3b,0xec,0x49,0x7e,0x1c,0xdc,0xc2,0x8f,0xdb,0xef,0x3c,0x0a,
817 0x40,0x89,0x94,0xf3,0x2d,0x77,0x84,0x15,0x03,0x00,0x29,0xfa,0x1b,0xea,0x55,0x7d,
818 0xdc,0xdb,0x69,0x95,0xe5,0x72,0xa5,0x17,0x8f,0xfb,0xfc,0x86,0xfc,0x72,0x91,0x09,
819 0x9b,0x32,0x1a,0x06,0x5c,0xa5,0x26,0x4b,0x61,0x40,0x97,0x40,0xce,0x17,0xca,0xe7,
820 0x79,0xe6,0xcc,0x6c,0xa3,0x81,0x9c,0x9f,0x36,0x74,0x36,0x9f,0xd9,0x5d,0x3e,0x29,
821 0xa0,0xce,0xa1,0x84,0xf6,0xaf,0x33,0x2b,0x8b,0x32,0xb4,0x45,0xb1,0x3d,0x72,0x87,
822 0x20,0x8c,0x88,0x02,0x0d,0x93,0x50,0xcc,0x31,0xce,0x03,0xf8,0x85,0x4a,0xdc,0xed,
823 0xc0,0xcc,0xb3,0xda,0x06,0xbd,0x12,0xd5,0xfc,0xd2,0xbb,0x75,0x4b,0xca,0xb2,0x77,
824 0x18,0xe1,0x5e,0xf5,0x9f,0x0c,0x8c,0xe2,0x17,0x73,0xe5,0xa3,0x80,0x40,0xd8,0x42,
825 0xb1,0xf7,0xd0,0x04,0x9f,0x2e,0xc2,0x2b,0x9b,0x5e,0xcb,0xae,0xb4,0x5f,0x95,0x53,
826 0xf5,0xc1,0x72,0xf1,0xff,0xa2,0x5a,0xcf,0x1b,0x78,0x5c,0x99,0xdf,0x09,0x24,0xbf,
827 0xbf,0x86,0xc3,0x0e,0x65,0x9a,0xe6,0xdc,0xde,0x88,0x28,0x94,0xd7,0xc0,0x6d,0xf6,
828 0x93,0x52,0xa6,0x7f,0x74,0x92,0x9b,0x0b,0x62,0xd5,0x2c,0xb4,0xad,0x7c,0xc0,0xc6,
829 0x3b,0x1b,0xd2,0xbd,0x89,0xa8,0x64,0x02,0x9c,0x81,0x9a,0xd8,0x51,0x04,0x22,0x10,
830 0x62,0x46,0x38,0xaa,0xaa,0x3b,0x00,0x5c,0xe8,0x58,0x09,0x25,0xf7,0x53,0x1d,0x72,
831 0xab,0x44,0x80,0xb4,0x33,0x91,0xf8,0x8e,0xe1,0x00,0x5c,0x07,0xdb,0x81,0x71,0x25,
832 0x86,0x3b,0xa7,0x8e,0x31,0x02,0x89,0x43,0x8f,0x0a,0xa8,0xac,0x6b,0x2a,0xe3,0xba,
833 0x4d,0xdf,0x8c,0x20,0x46,0xea,0xd4,0x98,0x2f,0x47,0x98,0xfb,0x03,0x5e,0xdd,0x92,
834 0xc5,0x73,0xa2,0x54,0xf7,0x9f,0x5f,0xda,0xb5,0x1d,0xb5,0xab,0x78,0x2b,0x72,0x43,
835 0x07,0x0a,0x34,0x22,0xb6,0x23,0xde,0x90,0x0f,0x85,0x7b,0x31,0x66,0x30,0x3f,0x06,
836 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x14,0x31,0x32,0x1e,0x30,0x00,0x54,
837 0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x20,0x00,0x49,0x00,0x64,0x00,0x65,0x00,0x6e,
838 0x00,0x74,0x00,0x69,0x00,0x74,0x00,0x79,0x00,0x20,0x00,0x53,0x00,0x4d,0x00,0x49,
839 0x00,0x4d,0x00,0x45,0x00,0x20,0x00,0x32,0x00,0x30,0x00,0x30,0x00,0x37,0x30,0x23,
840 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x15,0x31,0x16,0x04,0x14,0x69,
841 0x6e,0x3e,0x79,0x39,0x9b,0x28,0xf4,0x29,0xd4,0x38,0x78,0xcd,0xbd,0x11,0x46,0xb5,
842 0x73,0xec,0x96,0x30,0x30,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,
843 0x05,0x00,0x04,0x14,0x5b,0xc7,0xc7,0x83,0x6c,0xc1,0x23,0xf1,0xeb,0xe8,0xd7,0xc8,
844 0x3f,0x4c,0x59,0x18,0x49,0x61,0xdb,0x72,0x04,0x08,0xde,0xab,0x8d,0x3a,0xff,0xf8,
845 0x2d,0x69,0x02,0x01,0x01
846 };
847
848 /* Test identity (PKCS12 data), SSL cert, expired in 2008
849 */
850 unsigned char TestIDSSL2007_p12[2753] = {
851 0x30,0x82,0x0a,0xbd,0x02,0x01,0x03,0x30,0x82,0x0a,0x84,0x06,0x09,0x2a,0x86,0x48,
852 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x0a,0x75,0x04,0x82,0x0a,0x71,0x30,0x82,
853 0x0a,0x6d,0x30,0x82,0x04,0xe7,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,
854 0x06,0xa0,0x82,0x04,0xd8,0x30,0x82,0x04,0xd4,0x02,0x01,0x00,0x30,0x82,0x04,0xcd,
855 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0x30,0x1c,0x06,0x0a,0x2a,
856 0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x06,0x30,0x0e,0x04,0x08,0x7a,0xe7,0xca,
857 0x1b,0x57,0x26,0xac,0x5e,0x02,0x02,0x08,0x00,0x80,0x82,0x04,0xa0,0x1a,0x44,0x31,
858 0x1c,0x4d,0xa9,0x00,0x7f,0x14,0x71,0x83,0x3b,0x68,0xf8,0xf0,0x6e,0x42,0xd0,0x6a,
859 0x8c,0x02,0xbf,0x6e,0x0c,0xcd,0xee,0x7e,0x48,0xab,0x8b,0x7e,0xc7,0xe4,0x66,0x3f,
860 0x4d,0x3f,0x05,0xcd,0xa5,0x41,0x5c,0xa2,0x2e,0x59,0x4c,0x62,0x4c,0xa7,0xca,0x31,
861 0x10,0xd8,0xc7,0x8c,0xa1,0x6c,0x1d,0x9b,0x27,0x7a,0xa8,0x00,0x7a,0xb9,0xd3,0x4b,
862 0x09,0xf0,0xf7,0x75,0xb6,0x53,0xdf,0x54,0xba,0x2e,0x26,0xf5,0x1c,0x49,0x94,0x72,
863 0xcb,0x06,0xf3,0xa3,0x28,0xcb,0x48,0xb4,0x70,0x4a,0x0a,0xf8,0xfb,0x82,0xad,0x7f,
864 0x50,0x78,0xb7,0x11,0x41,0xd5,0x2b,0x11,0x5c,0x95,0x90,0x0f,0xcb,0xd8,0x95,0xe6,
865 0x77,0x74,0x84,0xe5,0x4c,0x24,0xa0,0xd4,0x7a,0x0a,0xd6,0xc8,0x10,0xa4,0x7a,0xcb,
866 0x5d,0x81,0x61,0x33,0xb7,0x75,0x6a,0x98,0xbe,0xd4,0xaf,0x3c,0x8c,0x61,0x66,0x43,
867 0x6f,0x12,0x4b,0x1e,0x72,0x10,0x76,0xbb,0xc6,0x57,0xbd,0xdb,0x2c,0x99,0xa7,0x53,
868 0x1e,0xe5,0x6a,0x42,0x80,0xb9,0x24,0x4f,0x1a,0x2c,0x96,0x0b,0x64,0xd3,0x63,0x36,
869 0x6f,0x75,0x74,0x8e,0xd0,0x50,0x5d,0xab,0x4b,0xec,0x59,0x04,0xdb,0x23,0xfb,0x9a,
870 0xbf,0xe0,0x88,0x24,0xc6,0x00,0x7e,0xd9,0x12,0x11,0xf0,0xe5,0xe2,0x96,0xb7,0x85,
871 0x6b,0x90,0x03,0xab,0x18,0xa4,0x07,0xcc,0xda,0x19,0x76,0x49,0xde,0x41,0x32,0xda,
872 0x0f,0x9c,0x8d,0xca,0x96,0xbb,0x39,0xbe,0xeb,0x3d,0xb8,0xe6,0xc1,0xea,0xc5,0xa6,
873 0xc3,0x69,0x72,0x96,0x53,0xde,0x36,0x8b,0xee,0x2c,0x6b,0x2e,0x3d,0xad,0xdd,0x9b,
874 0x8a,0xd9,0x1c,0xdd,0x92,0xf3,0x38,0xa7,0xec,0x5d,0xa6,0x46,0x54,0x70,0x71,0x0b,
875 0xa9,0x1a,0x2a,0x54,0x67,0x6e,0x82,0x8e,0xcb,0x5c,0x2d,0x23,0x2f,0x9b,0x0a,0xc8,
876 0xb1,0xf8,0xea,0x9b,0x16,0x72,0xc5,0xf5,0x2c,0x94,0x10,0xdf,0x3f,0xde,0x84,0xa0,
877 0x97,0x96,0xfc,0xd7,0x49,0x4e,0xa6,0x37,0x0c,0x2a,0x39,0x08,0x5e,0xbe,0x58,0x9c,
878 0x94,0x59,0x98,0x71,0x5b,0x30,0x16,0xcc,0x6f,0x64,0xb5,0xe1,0x1e,0x31,0x34,0x6d,
879 0x4a,0xe6,0xb0,0x20,0x31,0x81,0xe4,0x0e,0x48,0x7e,0x4c,0xc4,0xfa,0x9c,0x57,0xf9,
880 0xee,0x58,0xfb,0xc2,0x1b,0xd7,0x96,0xdd,0x91,0x0f,0x86,0x40,0xc9,0x45,0x29,0x07,
881 0x65,0x48,0xd1,0x1d,0xf8,0x1c,0x6d,0x1d,0x5d,0xce,0x76,0xce,0x70,0x33,0x4f,0x1d,
882 0xcc,0x4a,0x87,0xd0,0x9a,0xf3,0xb5,0x40,0xf3,0x35,0xcc,0x89,0x26,0x72,0x94,0x53,
883 0x79,0x59,0xbb,0xe6,0xc4,0x24,0x63,0x46,0x83,0x27,0xb7,0xf8,0xff,0x80,0x4c,0x0a,
884 0x98,0xee,0xe7,0x4a,0x73,0x11,0x90,0xbf,0x94,0x1c,0x03,0x91,0x78,0xe8,0x01,0x3a,
885 0xa1,0xf3,0x53,0xea,0x78,0xb1,0x09,0x4e,0xea,0x2d,0xaa,0xb4,0xce,0xce,0xb1,0xc6,
886 0x51,0xb6,0x59,0x52,0x89,0x7e,0xab,0x4c,0xe3,0xd3,0x9b,0x6b,0xa7,0xf2,0xca,0x70,
887 0x53,0x95,0x8a,0x13,0xfc,0xc0,0xa2,0x24,0xd2,0x94,0xb5,0xe5,0x95,0x38,0x01,0x39,
888 0x0a,0x28,0x1d,0x83,0xd1,0x2a,0x03,0xfa,0xf6,0x6e,0x63,0x80,0x17,0x05,0x18,0x33,
889 0x11,0x56,0xe1,0x7e,0x66,0x94,0xbf,0x1b,0x8b,0x11,0xcf,0x41,0xbf,0x71,0xd9,0xa3,
890 0x6f,0xbb,0xf5,0xae,0x43,0x1d,0x2f,0xf1,0x88,0x00,0x72,0xca,0x49,0x83,0x3e,0xe3,
891 0x87,0x5e,0x0f,0x58,0x97,0xaa,0x2b,0x92,0x40,0xdd,0x8b,0x17,0xce,0xd8,0x11,0x05,
892 0xa4,0x03,0x51,0x0b,0xfa,0x35,0x4c,0xde,0x5b,0xda,0x88,0xdd,0x3a,0xe7,0x93,0x60,
893 0xca,0xe2,0x8e,0x84,0xcd,0x5b,0x6d,0xb6,0x5c,0x53,0xbc,0x85,0x75,0x96,0xaa,0x00,
894 0x06,0x19,0x84,0x66,0x4d,0x41,0x89,0xdd,0x84,0x81,0xbe,0xb6,0xa3,0x69,0x71,0xf4,
895 0x3e,0x31,0x89,0xae,0x9e,0x77,0x68,0xff,0x21,0x78,0xa2,0x43,0xc9,0x0e,0x36,0xe0,
896 0xa0,0xb6,0xae,0x40,0xf1,0xf4,0xe3,0xc8,0xa9,0x89,0x80,0x32,0x45,0x07,0x37,0xf1,
897 0x1d,0xc3,0x1e,0x79,0x0b,0x8b,0x1d,0x7d,0xc9,0xd6,0xa2,0x91,0xc8,0xd8,0x05,0xc0,
898 0xc0,0x25,0x27,0x97,0x5f,0x60,0x3f,0xc7,0xc9,0x3e,0xf2,0xac,0x7e,0x4c,0x4b,0x42,
899 0x15,0x85,0x1a,0xe0,0xe1,0xfa,0xf9,0x27,0xaf,0x8d,0x6f,0x90,0x52,0x33,0x6c,0x55,
900 0xa7,0x9d,0x9c,0x0b,0xc1,0xf8,0xe5,0xa9,0xd7,0x9c,0x81,0xce,0x08,0x49,0x9c,0xb1,
901 0x91,0x00,0xdd,0x6f,0xaf,0x17,0xf8,0x01,0xb5,0x9e,0x53,0x2a,0xa0,0xdd,0x47,0x6e,
902 0xb3,0x1b,0xd3,0x9d,0xc1,0x8c,0x07,0x9b,0x78,0x8c,0x2e,0xad,0xbb,0x7d,0xe1,0x0a,
903 0x11,0x35,0xf7,0xfa,0xf4,0x00,0xf3,0xc2,0xa6,0xf1,0x3f,0xa1,0xdc,0xe1,0xc2,0x2a,
904 0x4b,0x22,0x31,0x20,0x45,0x93,0xbb,0x5e,0xfc,0xe5,0xd7,0xcb,0x69,0x1b,0xad,0x3a,
905 0x48,0x59,0x9c,0xc7,0x74,0xbb,0x79,0x56,0xb7,0x73,0x92,0x54,0x49,0xc9,0xbc,0x5d,
906 0xf2,0x74,0xc8,0x63,0xa8,0x9c,0x99,0x67,0x4d,0x75,0x64,0x10,0x46,0xe7,0x0f,0xf1,
907 0xb0,0x4e,0x8b,0x9d,0x4f,0xa7,0x67,0xe9,0xec,0xbf,0x1b,0x0a,0xfd,0xde,0xe4,0xf6,
908 0xcd,0xba,0x12,0xce,0x4e,0xb5,0x29,0xbf,0x59,0x0b,0xf7,0xea,0xc7,0x7c,0xfb,0xe4,
909 0xe6,0x36,0x86,0x52,0x18,0xf6,0xe5,0x14,0xe1,0x92,0x02,0x98,0x08,0x0f,0xbc,0xd0,
910 0x40,0xf3,0xb1,0x87,0xcc,0x6b,0xee,0xee,0x1a,0x8c,0x40,0x13,0x53,0x9e,0x61,0xb3,
911 0x17,0x02,0x7e,0x97,0x22,0x90,0x6f,0xf0,0x64,0x75,0x42,0xf4,0xf9,0x8f,0x38,0x46,
912 0x27,0x5c,0x14,0x82,0x80,0x71,0xe9,0x7d,0xe9,0xc8,0x32,0xb2,0xae,0xbd,0x90,0x28,
913 0xda,0xc0,0xc1,0x6d,0x06,0x03,0x6c,0x83,0x68,0x3b,0xdf,0xb4,0xb4,0x48,0x04,0x0e,
914 0xbb,0x6e,0xa8,0xa5,0xa5,0x1b,0x36,0xbe,0xfc,0x40,0xd3,0x97,0xc3,0x62,0xb9,0x34,
915 0x94,0xbf,0x01,0xfb,0x21,0xae,0xbb,0xd9,0xdd,0x0d,0xe0,0xf4,0xce,0x25,0x9a,0x7c,
916 0xc4,0x10,0xfc,0xac,0x53,0x1d,0x11,0xdc,0x5c,0x4c,0x6e,0x65,0xb3,0x9c,0xca,0x76,
917 0x3d,0x5d,0x2d,0x21,0x64,0xa6,0x3c,0xc1,0xa1,0x35,0xe7,0x38,0x8b,0x39,0x9f,0x7f,
918 0x93,0x68,0x6f,0xeb,0x96,0x4f,0x7c,0xd3,0x49,0xbe,0x65,0xdb,0x82,0x91,0x2a,0xb4,
919 0x62,0x38,0xdd,0x73,0xa7,0x7f,0x66,0x54,0xfa,0x92,0x65,0xbf,0x71,0xc6,0x62,0x38,
920 0x96,0xe2,0xf4,0x16,0xc6,0xf7,0x7e,0x9d,0x7a,0x4f,0x35,0x5f,0x0e,0x29,0xe6,0x38,
921 0x7b,0x05,0x02,0x61,0xfb,0x16,0xb4,0x43,0xe9,0xb1,0x74,0x3d,0x50,0xe3,0x51,0x5c,
922 0x54,0x5e,0x3e,0xe0,0xb1,0xfe,0x20,0x2d,0xe0,0x05,0x25,0x2f,0x1f,0x9a,0x25,0xe9,
923 0xec,0xb6,0xb8,0x9a,0xe9,0xff,0x3a,0x7a,0xc8,0x53,0xfd,0xc4,0x61,0xb1,0xa1,0x22,
924 0xc6,0x85,0x7a,0x11,0x07,0x84,0xe9,0x58,0x15,0x74,0x33,0x08,0x1f,0x59,0xe9,0x0d,
925 0x7f,0x7e,0x38,0xd9,0x77,0x22,0x46,0xb5,0xfc,0xd5,0x3b,0x1d,0x47,0x7a,0x4a,0x16,
926 0x35,0xa8,0x67,0x99,0x6d,0x72,0x66,0x0d,0xd4,0xb3,0x3b,0xdf,0xb8,0x9f,0x7f,0x59,
927 0x37,0x97,0x65,0xdf,0x79,0x0c,0x15,0xe3,0x14,0x99,0xc0,0x1a,0xcc,0x9a,0x98,0x6a,
928 0xb7,0x59,0x35,0x21,0x31,0x3e,0xf4,0xa2,0xce,0xc4,0xca,0x60,0xf8,0xa0,0x43,0xb6,
929 0xbe,0x8a,0x0a,0x95,0xea,0xe7,0xa0,0xdb,0x4f,0x36,0x22,0xf8,0xb6,0x60,0xff,0x15,
930 0x69,0x45,0x84,0x53,0xad,0x48,0x00,0x0e,0x20,0xb3,0x62,0x07,0xbd,0x02,0x46,0x19,
931 0xf6,0x3d,0xb8,0x55,0x4b,0x5f,0xac,0x3a,0x6a,0x86,0xcf,0x07,0x79,0x30,0x82,0x05,
932 0x7e,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x82,0x05,0x6f,
933 0x04,0x82,0x05,0x6b,0x30,0x82,0x05,0x67,0x30,0x82,0x05,0x63,0x06,0x0b,0x2a,0x86,
934 0x48,0x86,0xf7,0x0d,0x01,0x0c,0x0a,0x01,0x02,0xa0,0x82,0x04,0xee,0x30,0x82,0x04,
935 0xea,0x30,0x1c,0x06,0x0a,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x0c,0x01,0x03,0x30,
936 0x0e,0x04,0x08,0xd3,0x22,0x2a,0xd2,0xd9,0xd0,0xd6,0xd3,0x02,0x02,0x08,0x00,0x04,
937 0x82,0x04,0xc8,0x7b,0x88,0x0e,0x83,0x90,0x25,0x3f,0x51,0xab,0x13,0xf1,0x35,0x1f,
938 0xec,0x56,0xcb,0xfc,0x31,0x6b,0xd1,0x1a,0x6c,0x35,0x51,0x31,0xb7,0x27,0x2e,0xe6,
939 0x8c,0x75,0x7d,0xa6,0x58,0xfd,0x08,0x0b,0xe4,0x39,0x63,0xc6,0x3e,0x2d,0xee,0x2b,
940 0xe5,0x58,0x90,0x48,0xb5,0x57,0x38,0x97,0x48,0xf3,0x2c,0xac,0xf1,0xf8,0x10,0x9c,
941 0x56,0x02,0xc7,0x9d,0x7f,0x9e,0xe0,0x9c,0x96,0xe7,0x0c,0x9f,0x54,0xab,0x9f,0x26,
942 0x17,0xac,0x86,0x88,0x5e,0x4a,0x9c,0xce,0xea,0xc8,0x48,0x83,0x0c,0x2e,0xf0,0xa0,
943 0x6c,0x96,0x07,0x26,0x47,0x63,0xc1,0xac,0x27,0xd1,0x1a,0x25,0x88,0x43,0x8e,0x9d,
944 0xe0,0x5f,0x80,0xd9,0xd1,0x1a,0x86,0x92,0x12,0x80,0xe1,0x99,0x13,0xc3,0xab,0x53,
945 0x97,0xbe,0x51,0x17,0xc4,0x5a,0x9d,0xc0,0xcd,0xe4,0xc5,0xd6,0x44,0x56,0xaa,0x8d,
946 0x5b,0x3d,0xc8,0x66,0xaf,0x6c,0xd2,0x96,0xc6,0x83,0x57,0x7a,0x0e,0x66,0x68,0xd6,
947 0x30,0xf0,0xaa,0xde,0x13,0x92,0x5e,0x21,0x2c,0x36,0x96,0x77,0x1f,0xd0,0xaa,0x4b,
948 0x14,0x9f,0x9f,0xe5,0xa4,0x3f,0xbf,0x7a,0x9b,0x38,0xff,0x91,0x1d,0x0d,0xd4,0x32,
949 0x34,0x2b,0x3f,0xd8,0xfb,0x09,0x71,0xdf,0x1b,0x61,0xa3,0x36,0x81,0xaa,0x49,0xa3,
950 0xe4,0x5c,0xc4,0x8d,0xc5,0xab,0xc0,0x43,0xbe,0xc1,0x41,0xa2,0xcc,0x28,0x36,0x65,
951 0xa6,0xb6,0x73,0x96,0x6a,0x5f,0x1a,0xd9,0xb8,0x48,0x49,0x7b,0x12,0xda,0x2a,0xdb,
952 0xaa,0xaf,0x46,0x8b,0x39,0x7e,0xa7,0x78,0x88,0x15,0x95,0x32,0x13,0x76,0xbb,0x2d,
953 0xf5,0xd5,0x41,0x6a,0x9b,0xb8,0xe6,0x6d,0x43,0xa6,0xc3,0x53,0xb7,0xc5,0x68,0x9d,
954 0xa9,0x84,0x30,0x42,0x59,0x33,0x81,0x79,0x22,0x91,0x1e,0x34,0x31,0x9b,0xd4,0xf3,
955 0x2a,0xda,0xe2,0xa3,0x95,0x7a,0x2a,0x9c,0x67,0x57,0xee,0x2b,0x89,0xfc,0x64,0x67,
956 0x00,0x98,0x21,0x63,0xc7,0x19,0x95,0x69,0x9b,0x42,0x73,0x5c,0x68,0x59,0xfc,0x64,
957 0xe5,0x22,0x57,0x54,0x58,0x06,0xff,0xa3,0x87,0x7d,0x05,0xc8,0xc4,0xfd,0xc7,0x29,
958 0x1b,0x1d,0x88,0x0b,0x08,0x96,0x94,0x9b,0xd8,0xee,0x47,0x99,0x06,0xfa,0x64,0x67,
959 0xfd,0xb0,0xb1,0xa1,0xf5,0x26,0x7e,0xb1,0x46,0xb1,0x0c,0x82,0x52,0x5f,0xc5,0x94,
960 0x23,0x75,0xff,0xb3,0x42,0x18,0xa2,0x9f,0x65,0xfb,0x06,0xb0,0x8a,0x29,0xc1,0x6e,
961 0x84,0xd9,0xd4,0x39,0x77,0x02,0x47,0xe3,0x5f,0xf2,0xb4,0x84,0xc0,0x75,0x48,0x4b,
962 0x3a,0xef,0x48,0x2e,0x8d,0xa1,0xe5,0xc6,0x86,0x44,0x00,0xd9,0x4d,0x73,0xed,0x68,
963 0x8c,0x91,0x56,0x3e,0x2c,0x18,0xd0,0x58,0xd8,0x04,0x15,0xe0,0xd8,0xa8,0xe6,0x46,
964 0x36,0x54,0xc5,0x8c,0x2b,0x98,0xa5,0x01,0x73,0xf0,0x67,0x95,0x41,0x4e,0xa3,0xd6,
965 0x8d,0x24,0xc4,0xc3,0x8f,0x28,0x7c,0x76,0x76,0x84,0x6c,0x95,0x94,0x22,0xde,0xe2,
966 0x9d,0xcb,0x37,0xb6,0x97,0x6b,0xf3,0x58,0x1d,0x5a,0x98,0x88,0xac,0xd9,0xb1,0x59,
967 0x16,0x11,0xd8,0x0b,0x68,0xce,0xdf,0x4b,0x1a,0x28,0x3c,0xeb,0x14,0xb2,0x28,0xa7,
968 0xad,0x54,0x55,0xa1,0x6b,0x50,0x86,0x55,0x00,0xae,0xf6,0xdf,0x6b,0xb3,0x42,0xb3,
969 0x7b,0xbb,0x0d,0x91,0x14,0xdb,0x82,0xea,0xe9,0x08,0x9f,0xf6,0x6f,0xd0,0x10,0xd7,
970 0x83,0x1e,0xfc,0x5e,0x58,0xca,0x01,0xdd,0xb4,0xc8,0xbe,0x80,0xe3,0x07,0x71,0x0a,
971 0x74,0x01,0xd4,0xf1,0x50,0xe1,0x51,0x22,0xb1,0x43,0x98,0xf1,0x5e,0xdd,0xb4,0x65,
972 0x5a,0x18,0x0c,0x8b,0x1b,0x4e,0xe1,0xce,0xb1,0x0e,0x81,0xda,0x6b,0x98,0xc4,0xcb,
973 0xd9,0xd2,0xb2,0x1e,0xea,0xac,0x0c,0x08,0x86,0xa4,0x60,0xab,0x84,0x50,0x13,0xf8,
974 0x48,0xfb,0x64,0xf3,0x33,0x88,0x83,0x72,0x22,0xe8,0x6a,0x43,0xd3,0xb4,0xc7,0xd2,
975 0x04,0xed,0x07,0x75,0x26,0x96,0x2d,0x84,0xb9,0x10,0x02,0xd2,0xda,0xc8,0xc8,0x0b,
976 0x95,0xe3,0x69,0x1e,0x57,0x16,0x7a,0xb5,0x1c,0xe7,0x46,0x89,0xfc,0xed,0x49,0x69,
977 0x47,0xb8,0x07,0xe4,0xcb,0xd1,0x52,0xd6,0x8c,0x32,0xaa,0x91,0x8d,0x45,0x19,0xf1,
978 0x54,0x23,0x3c,0x5f,0xcc,0xc7,0x60,0xfc,0x89,0x00,0x9a,0xa3,0xc2,0xf0,0x48,0xda,
979 0xbf,0xe4,0xfd,0x78,0x3b,0x6c,0x2d,0x34,0x91,0x6b,0x0d,0x21,0xb4,0xba,0xe8,0x6d,
980 0x80,0xbc,0xfb,0x91,0xcb,0xce,0x77,0x01,0x4e,0xfe,0x7b,0xf2,0x08,0x78,0x2e,0x3f,
981 0x16,0xd4,0xfd,0xf0,0x76,0x68,0xce,0x43,0xdc,0xb2,0xe2,0x82,0x64,0x8f,0xc8,0x71,
982 0x0f,0x6e,0xc6,0x3b,0x4a,0x6b,0x6a,0xd7,0xf6,0x21,0x46,0xcd,0x05,0xce,0x19,0xab,
983 0x28,0x28,0x55,0x19,0x1d,0x07,0xaf,0x38,0xd9,0x9c,0xdf,0xe8,0x91,0x68,0x16,0xdd,
984 0x36,0x19,0x71,0x46,0x86,0x08,0x0a,0x08,0x34,0xc5,0x3b,0x53,0xaa,0x35,0x27,0x6e,
985 0xe4,0xf3,0xa1,0xd6,0x04,0x78,0xf9,0x63,0xec,0x1e,0xfe,0x30,0x38,0xb3,0xe7,0xd8,
986 0x27,0x9f,0x98,0xd5,0xb9,0x4d,0xb9,0x80,0x4f,0xb0,0x81,0xc6,0xaa,0xc2,0xe6,0xbf,
987 0x98,0x63,0x05,0xc6,0xab,0x4e,0xc8,0x7e,0xf4,0x37,0x68,0xad,0x63,0x08,0x6e,0x8f,
988 0xe5,0xd9,0x62,0x43,0xa3,0x0d,0x61,0x84,0x41,0x02,0xd0,0xc6,0x33,0x19,0x76,0xb8,
989 0x31,0xb1,0x27,0x2f,0x81,0x40,0x71,0x35,0x3c,0xf6,0xf2,0xc7,0x9b,0x85,0x9c,0x2e,
990 0xa0,0xf6,0xd2,0x3a,0xd9,0x7e,0xdd,0x82,0x56,0xf4,0x61,0x97,0x79,0xdb,0x27,0x5d,
991 0xa7,0x5b,0x8d,0x01,0x9d,0x68,0x9b,0x3a,0x4e,0xe1,0x3c,0xaf,0x61,0x0f,0xbf,0xfa,
992 0x61,0x12,0x2f,0xde,0x7a,0x71,0x0a,0xdd,0x6e,0x29,0x11,0x8e,0xa4,0x93,0x31,0x85,
993 0x2a,0x31,0xa8,0xd7,0x3f,0xfb,0xf4,0xd2,0xd4,0x7f,0x0c,0xb2,0x8d,0x63,0x25,0x47,
994 0x18,0x04,0x00,0x28,0x90,0xd3,0xc0,0x7e,0xca,0xfa,0x0d,0xc4,0xab,0xd4,0x7a,0x17,
995 0xb7,0xdc,0xce,0x7d,0xc2,0xe8,0x5b,0x68,0x7c,0xa9,0x3c,0xac,0x4e,0x2c,0xde,0x0c,
996 0x4a,0x09,0x09,0x03,0x77,0x12,0xb9,0x31,0xc9,0x0d,0x6e,0x2b,0xac,0x96,0x7b,0xb0,
997 0x3d,0x37,0x03,0x32,0xc6,0xe1,0x64,0x16,0xc1,0x1b,0xfa,0xa3,0x32,0xe9,0xea,0x25,
998 0x0c,0xa1,0xbf,0xae,0xaa,0xba,0xbd,0x24,0xba,0x9d,0x5f,0x15,0x20,0x59,0x2d,0xe5,
999 0x09,0xe6,0x71,0x70,0xcd,0xf5,0x44,0x12,0xcf,0x17,0x8b,0x33,0x4b,0x67,0x86,0x53,
1000 0xd3,0x66,0x80,0x2e,0xfb,0x6b,0x95,0x38,0x35,0x2d,0x39,0xb8,0x19,0xb7,0x01,0xe0,
1001 0xe2,0x7d,0x29,0xd3,0x89,0xc7,0xc9,0x4f,0xb4,0xf9,0x48,0x20,0x6a,0x40,0xd3,0x71,
1002 0x28,0xf4,0xdf,0x3a,0xff,0xf0,0xd1,0x7a,0x78,0xbd,0x92,0xe4,0xa2,0x05,0x47,0xf5,
1003 0xfa,0x25,0x4f,0x22,0x3f,0x8f,0x85,0x72,0xaa,0x0f,0xfa,0x21,0x84,0x63,0xbc,0xb6,
1004 0xe0,0x49,0x1e,0xdf,0x0a,0xee,0x4b,0xa8,0x96,0xbf,0x2f,0xa7,0x31,0x64,0xc3,0xa1,
1005 0x19,0xe1,0x2b,0x69,0xbf,0x0f,0xcc,0x76,0x49,0x9f,0xdd,0x4e,0xf0,0x77,0xf0,0xae,
1006 0x83,0x20,0xe2,0xd6,0x21,0x1a,0x3a,0x1a,0xb4,0xbf,0x57,0x02,0x9c,0xf6,0xb1,0x47,
1007 0x83,0x59,0x0c,0x43,0xce,0x9a,0x3d,0xb3,0x9b,0x9c,0xd2,0x30,0xcd,0x40,0x58,0xfe,
1008 0xec,0xa9,0x59,0xa8,0xf6,0x28,0x31,0xbf,0xc3,0xfb,0xad,0x37,0x07,0xd4,0x34,0xe7,
1009 0x58,0xfa,0xca,0xe7,0xe3,0xbb,0x3d,0xd8,0xf6,0xd7,0x9c,0xf5,0x6f,0xc0,0xbd,0x9e,
1010 0x3a,0x91,0x30,0x7c,0xe4,0xff,0x8d,0xbe,0x85,0x91,0x27,0x92,0x51,0xdc,0xd6,0x66,
1011 0x7e,0x5a,0xfb,0xf7,0xbe,0x34,0xce,0x5e,0xa4,0x50,0xf1,0x6d,0xc0,0x32,0x3b,0xaa,
1012 0x8c,0x52,0x25,0xcc,0x75,0x26,0x2b,0xa8,0x2f,0x6f,0x02,0x81,0x18,0x07,0x5f,0xbe,
1013 0xc3,0xed,0xa3,0x93,0x73,0xc9,0xd4,0x79,0xec,0x34,0x78,0x31,0x62,0x30,0x3b,0x06,
1014 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x14,0x31,0x2e,0x1e,0x2c,0x00,0x54,
1015 0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x20,0x00,0x49,0x00,0x64,0x00,0x65,0x00,0x6e,
1016 0x00,0x74,0x00,0x69,0x00,0x74,0x00,0x79,0x00,0x20,0x00,0x53,0x00,0x53,0x00,0x4c,
1017 0x00,0x20,0x00,0x32,0x00,0x30,0x00,0x30,0x00,0x37,0x30,0x23,0x06,0x09,0x2a,0x86,
1018 0x48,0x86,0xf7,0x0d,0x01,0x09,0x15,0x31,0x16,0x04,0x14,0xd0,0xcb,0xd6,0x5c,0xe1,
1019 0x73,0x7a,0xb8,0xa8,0x2a,0xf8,0xc9,0xe6,0xdc,0xbb,0xc2,0xec,0x00,0x2e,0x6a,0x30,
1020 0x30,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14,
1021 0x47,0x2e,0x9e,0xca,0x71,0x3b,0x36,0xcf,0x34,0x59,0x7e,0x0a,0x6e,0xe0,0xeb,0x79,
1022 0xcb,0x82,0x47,0x76,0x04,0x08,0xff,0xe9,0xf7,0xee,0x2f,0x48,0xcc,0x24,0x02,0x01,
1023 0x01
1024 };
1025
1026
1027 static int quiet = 0;
1028 static int debug = 0;
1029
1030 #define MAXNAMELEN MAXPATHLEN
1031 #define MAXITEMS INT32_MAX
1032
1033 #pragma mark -- Utility Functions --
1034
1035
1036 static void PrintTestResult(char *testStr, OSStatus status, OSStatus expected)
1037 {
1038 is(status, expected, "%s", testStr);
1039 fflush(stdout);
1040 }
1041
1042
1043 static void PrintStringToMatch(CFStringRef nameStr)
1044 {
1045 char *buf = (char*)malloc(MAXNAMELEN);
1046 if (buf) {
1047 if (CFStringGetCString(nameStr, buf, (CFIndex)MAXNAMELEN, kCFStringEncodingUTF8)) {
1048 fprintf(stdout, "### String to match is \"%s\"\n", buf);
1049 fflush(stdout);
1050 }
1051 free(buf);
1052 }
1053 }
1054
1055 static void PrintStringToMatchRelease(CFStringRef CF_CONSUMED nameStr)
1056 {
1057 PrintStringToMatch(nameStr);
1058 CFReleaseNull(nameStr);
1059 }
1060
1061
1062 static void PrintSecCertificate(SecCertificateRef certificate)
1063 {
1064 CFStringRef nameStr;
1065 if(!certificate) {
1066 return;
1067 }
1068
1069 OSStatus status = SecCertificateCopyCommonName(certificate, &nameStr);
1070 if (status) {
1071 fprintf(stderr, "### SecCertificateCopyCommonName error %d\n", (int)status);
1072 }
1073 else {
1074 char *buf = (char*)malloc(MAXNAMELEN);
1075 if (buf) {
1076 if (CFStringGetCString(nameStr, buf, (CFIndex)MAXNAMELEN, kCFStringEncodingUTF8)) {
1077 fprintf(stdout, "### Found certificate name: \"%s\"\n", buf);
1078 }
1079 free(buf);
1080 }
1081 CFRelease(nameStr);
1082 }
1083 }
1084
1085
1086 static void PrintSecIdentity(SecIdentityRef identity)
1087 {
1088 SecCertificateRef certRef;
1089 if(!identity) {
1090 return;
1091 }
1092
1093 OSStatus status = SecIdentityCopyCertificate(identity, &certRef);
1094 if (status) {
1095 fprintf(stderr, "### SecIdentityCopyCertificate error %d\n", (int)status);
1096 }
1097 else {
1098 PrintSecCertificate(certRef);
1099 CFRelease(certRef);
1100 }
1101 }
1102
1103
1104 static void PrintCFStringWithFormat(const char *formatStr, CFStringRef inStr)
1105 {
1106 char *buf = (char*)malloc(MAXNAMELEN);
1107 if (buf) {
1108 if (CFStringGetCString(inStr, buf, (CFIndex)MAXNAMELEN, kCFStringEncodingUTF8)) {
1109 fprintf(stdout, formatStr, buf);
1110 fflush(stdout);
1111 }
1112 free(buf);
1113 }
1114 }
1115
1116
1117 static void PrintCFThing(CFTypeRef thing)
1118 {
1119 fprintf(stderr, "### Results: %p\n", (void*)thing);
1120
1121 CFTypeID thingID = (thing) ? CFGetTypeID(thing) : 0;
1122 if (thingID == SecCertificateGetTypeID()) {
1123 // print a SecCertificateRef
1124 PrintSecCertificate((SecCertificateRef)thing);
1125 }
1126 else if (thingID == SecIdentityGetTypeID()) {
1127 // print a SecIdentityRef
1128 PrintSecIdentity((SecIdentityRef)thing);
1129 }
1130 else if (thingID == SecKeychainItemGetTypeID() ||
1131 thingID == SecIdentityGetTypeID() ||
1132 thingID == CFDictionaryGetTypeID() ||
1133 thingID == CFArrayGetTypeID() ||
1134 thingID == CFStringGetTypeID() ||
1135 thingID == CFDataGetTypeID()) {
1136 CFShow(thing);
1137 }
1138 else {
1139 fprintf(stderr, "### ERROR: result is not a supported CFType! (%ld)\n",
1140 thingID);
1141 }
1142 }
1143
1144 //%%% FIXME need to break this up into separate functions
1145 static int TestAddItems(SecKeychainRef keychain)
1146 {
1147 SecCertificateRef certs[5];
1148 CFDataRef tmpData;
1149 OSStatus status;
1150
1151 /* add test leaf */
1152 tmpData = CFDataCreateWithBytesNoCopy(NULL, LEAF_CERT, sizeof(LEAF_CERT), kCFAllocatorNull);
1153 certs[0] = SecCertificateCreateWithData(NULL, tmpData);
1154 CFRelease(tmpData);
1155
1156 /* add test intermediate */
1157 tmpData = CFDataCreateWithBytesNoCopy(NULL, INTERMEDIATE_CERT, sizeof(INTERMEDIATE_CERT), kCFAllocatorNull);
1158 certs[1] = SecCertificateCreateWithData(NULL, tmpData);
1159 CFRelease(tmpData);
1160
1161 /* add test root */
1162 tmpData = CFDataCreateWithBytesNoCopy(NULL, ROOT_CERT, sizeof(ROOT_CERT), kCFAllocatorNull);
1163 certs[2] = SecCertificateCreateWithData(NULL, tmpData);
1164 CFRelease(tmpData);
1165 // will add this below using SecItemAdd instead of SecCertificateAddToKeychain
1166
1167 /* use SecItemAdd to add an array containing certs 1-3 */
1168 CFArrayRef certArray = CFArrayCreate(NULL, (const void**) certs, 3, &kCFTypeArrayCallBacks);
1169 CFMutableDictionaryRef attrs = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
1170 CFDictionaryAddValue(attrs, kSecClass, kSecClassCertificate); // we are adding certificates
1171 CFDictionaryAddValue(attrs, kSecUseItemList, certArray); // add these items (to default keychain, since we aren't specifying one)
1172 CFDictionaryAddValue(attrs, kSecUseKeychain, keychain); // add these to the test keychain
1173 status = SecItemAdd(attrs, NULL);
1174 CFRelease(attrs);
1175 CFRelease(certArray);
1176 ok_status(status, "Unable to add 3 test certificates: error %d\n", (int)status);
1177 if (status && status != errSecDuplicateItem) {
1178 goto error_exit;
1179 }
1180
1181 /* add test cert for S/MIME policy (encrypt only, no sign) */
1182 tmpData = CFDataCreateWithBytesNoCopy(NULL, Test_smime_encryptonly, sizeof(Test_smime_encryptonly), kCFAllocatorNull);
1183 certs[3] = SecCertificateCreateWithData(NULL, tmpData);
1184 CFRelease(tmpData);
1185 status = SecCertificateAddToKeychain(certs[3], keychain);
1186 ok_status(status, "Unable to add test S/MIME certificate: error %d\n", (int)status);
1187 if (status && status != errSecDuplicateItem) {
1188 goto error_exit;
1189 }
1190
1191 /* add test cert for Code Signing policy */
1192 tmpData = CFDataCreateWithBytesNoCopy(NULL, Test_codesign, sizeof(Test_codesign), kCFAllocatorNull);
1193 certs[4] = SecCertificateCreateWithData(NULL, tmpData);
1194 CFRelease(tmpData);
1195 status = SecCertificateAddToKeychain(certs[4], keychain);
1196 ok_status(status, "Unable to add test Code Signing certificate: error %d\n", (int)status);
1197 if (status && status != errSecDuplicateItem) {
1198 goto error_exit;
1199 }
1200
1201 /* import test SSL identity */
1202 {
1203 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, Test_ssl_user_p12, (CFIndex)sizeof(Test_ssl_user_p12), kCFAllocatorNull);
1204 SecExternalFormat format = kSecFormatPKCS12;
1205 SecExternalItemType itemType = kSecItemTypeAggregate;
1206 SecItemImportExportFlags flags = 0;
1207 #if 0
1208 /* deprecated method, using CDSA constants */
1209 SecKeyImportExportParameters keyParams = {
1210 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1211 0, // SecKeyImportExportFlags flags
1212 CFSTR("test"), // CFTypeRef passphrase
1213 CFSTR("title"), // CFStringRef alertTitle
1214 CFSTR("pw:"), // CFStringRef alertPrompt
1215 NULL, // SecAccessRef accessRef (unspecified, use default)
1216 CSSM_KEYUSE_SIGN, // CSSM_KEYUSE keyUsage (0=unspecified)
1217 CSSM_KEYATTR_PERMANENT // CSSM_KEYATTR_FLAGS keyAttributes
1218 };
1219 status = SecKeychainItemImport(p12DataRef,
1220 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1221 #else
1222 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1223 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1224 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1225 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1226 SecItemImportExportKeyParameters keyParams = {
1227 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1228 0, // SecKeyImportExportFlags flags
1229 CFSTR("test"), // CFTypeRef passphrase
1230 CFSTR("title"), // CFStringRef alertTitle
1231 CFSTR("pw:"), // CFStringRef alertPrompt
1232 NULL, // SecAccessRef accessRef (unspecified, use default)
1233 keyUsagesArray, // CFArrayRef keyUsages
1234 keyAttrsArray // CFArrayRef keyAttributes
1235 };
1236 status = SecItemImport(p12DataRef,
1237 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1238 CFReleaseSafe(p12DataRef);
1239 CFRelease(keyUsagesArray);
1240 CFRelease(keyAttrsArray);
1241 #endif
1242 ok_status(status, "Unable to import test SSL identity: error %d\n", (int)status);
1243 if (status && status != errSecDuplicateItem) {
1244 goto error_exit;
1245 }
1246 }
1247
1248 /* import test S/MIME signing identity */
1249 {
1250 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, Test_smime_signonly_p12, (CFIndex)sizeof(Test_smime_signonly_p12), kCFAllocatorNull);
1251 SecExternalFormat format = kSecFormatPKCS12;
1252 SecExternalItemType itemType = kSecItemTypeAggregate;
1253 SecItemImportExportFlags flags = 0;
1254 #if 0
1255 /* deprecated method, using CDSA constants */
1256 SecKeyImportExportParameters keyParams = {
1257 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1258 0, // SecKeyImportExportFlags flags
1259 CFSTR("test"), // CFTypeRef passphrase
1260 CFSTR("title"), // CFStringRef alertTitle
1261 CFSTR("pw:"), // CFStringRef alertPrompt
1262 NULL, // SecAccessRef accessRef (unspecified, use default)
1263 CSSM_KEYUSE_SIGN, // CSSM_KEYUSE keyUsage (0=unspecified)
1264 CSSM_KEYATTR_PERMANENT // CSSM_KEYATTR_FLAGS keyAttributes
1265 };
1266 status = SecKeychainItemImport(p12DataRef,
1267 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1268 #else
1269 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1270 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1271 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1272 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1273 SecItemImportExportKeyParameters keyParams = {
1274 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1275 0, // SecKeyImportExportFlags flags
1276 CFSTR("test"), // CFTypeRef passphrase
1277 CFSTR("title"), // CFStringRef alertTitle
1278 CFSTR("pw:"), // CFStringRef alertPrompt
1279 NULL, // SecAccessRef accessRef (unspecified, use default)
1280 keyUsagesArray, // CFArrayRef keyUsages
1281 keyAttrsArray // CFArrayRef keyAttributes
1282 };
1283 status = SecItemImport(p12DataRef,
1284 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1285 CFReleaseSafe(p12DataRef);
1286 CFRelease(keyUsagesArray);
1287 CFRelease(keyAttrsArray);
1288 #endif
1289 ok_status(status, "Unable to import test S/MIME identity: error %d\n", (int)status);
1290 if (status && status != errSecDuplicateItem) {
1291 goto error_exit;
1292 }
1293 }
1294
1295 /* import expired SSL identity */
1296 {
1297 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, TestIDSSL2007_p12, (CFIndex)sizeof(TestIDSSL2007_p12), kCFAllocatorNull);
1298 SecExternalFormat format = kSecFormatPKCS12;
1299 SecExternalItemType itemType = kSecItemTypeAggregate;
1300 SecItemImportExportFlags flags = 0;
1301 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1302 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1303 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1304 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1305 SecItemImportExportKeyParameters keyParams = {
1306 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1307 0, // SecKeyImportExportFlags flags
1308 CFSTR("test"), // CFTypeRef passphrase
1309 CFSTR("title"), // CFStringRef alertTitle
1310 CFSTR("pw:"), // CFStringRef alertPrompt
1311 NULL, // SecAccessRef accessRef (unspecified, use default)
1312 keyUsagesArray, // CFArrayRef keyUsages
1313 keyAttrsArray // CFArrayRef keyAttributes
1314 };
1315 status = SecItemImport(p12DataRef,
1316 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1317 CFReleaseNull(p12DataRef);
1318 CFRelease(keyUsagesArray);
1319 CFRelease(keyAttrsArray);
1320 ok_status(status, "Unable to import TestIDSSL2007_p12 identity: error %d\n", (int)status);
1321 if (status && status != errSecDuplicateItem) {
1322 goto error_exit;
1323 }
1324 }
1325
1326 /* import expired S/MIME identity */
1327 {
1328 CFDataRef p12DataRef = CFDataCreateWithBytesNoCopy(NULL, TestIDSMIME2007_p12, (CFIndex)sizeof(TestIDSMIME2007_p12), kCFAllocatorNull);
1329 SecExternalFormat format = kSecFormatPKCS12;
1330 SecExternalItemType itemType = kSecItemTypeAggregate;
1331 SecItemImportExportFlags flags = 0;
1332 CFTypeRef keyUsages[1] = { kSecAttrCanSign };
1333 CFArrayRef keyUsagesArray = CFArrayCreate(NULL, keyUsages, 1, &kCFTypeArrayCallBacks);
1334 CFTypeRef keyAttrs[1] = { kSecAttrIsPermanent };
1335 CFArrayRef keyAttrsArray = CFArrayCreate(NULL, keyAttrs, 1, &kCFTypeArrayCallBacks);
1336 SecItemImportExportKeyParameters keyParams = {
1337 SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION, // uint32_t version
1338 0, // SecKeyImportExportFlags flags
1339 CFSTR("test"), // CFTypeRef passphrase
1340 CFSTR("title"), // CFStringRef alertTitle
1341 CFSTR("pw:"), // CFStringRef alertPrompt
1342 NULL, // SecAccessRef accessRef (unspecified, use default)
1343 keyUsagesArray, // CFArrayRef keyUsages
1344 keyAttrsArray // CFArrayRef keyAttributes
1345 };
1346 status = SecItemImport(p12DataRef,
1347 NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
1348 CFReleaseSafe(p12DataRef);
1349 CFRelease(keyUsagesArray);
1350 CFRelease(keyAttrsArray);
1351 ok_status(status, "Unable to import TestIDSMIME2007_p12 identity: error %d\n", (int)status);
1352 if (status && status != errSecDuplicateItem) {
1353 goto error_exit;
1354 }
1355 }
1356
1357 /* add generic password items */
1358 status = SecKeychainAddGenericPassword(keychain,
1359 strlen("Test Service 42"), "Test Service 42",
1360 strlen("nobody"), "nobody",
1361 strlen("weakpass"), "weakpass",
1362 NULL);
1363 ok_status(status, "Unable to add \"Test Service 42\" generic password: error %d\n", (int)status);
1364 if (status && status != errSecDuplicateItem) {
1365 goto error_exit;
1366 }
1367 status = SecKeychainAddGenericPassword(keychain,
1368 strlen("Test Service 69"), "Test Service 69",
1369 strlen("nobody"), "nobody",
1370 strlen("weakpass"), "weakpass",
1371 NULL);
1372 ok_status(status, "Unable to add \"Test Service 69\" generic password: error %d\n", (int)status);
1373 if (status && status != errSecDuplicateItem) {
1374 goto error_exit;
1375 }
1376
1377 /* add internet password items */
1378 status = SecKeychainAddInternetPassword(keychain,
1379 strlen("test1.subdomain.apple.com"), "test1.subdomain.apple.com",
1380 0, NULL,
1381 strlen("nobody"), "nobody",
1382 0, NULL,
1383 80, kSecProtocolTypeHTTP, kSecAuthenticationTypeDefault,
1384 strlen("weakpass"), "weakpass",
1385 NULL);
1386 ok_status(status, "Unable to add \"test1.subdomain.apple.com\" internet password: error %d\n", (int)status);
1387 if (status && status != errSecDuplicateItem) {
1388 goto error_exit;
1389 }
1390 status = SecKeychainAddInternetPassword(keychain,
1391 strlen("test2.subdomain.apple.com"), "test2.subdomain.apple.com",
1392 0, NULL,
1393 strlen("nobody"), "nobody",
1394 0, NULL,
1395 443, kSecProtocolTypeHTTPS, kSecAuthenticationTypeDefault,
1396 strlen("weakpass"), "weakpass",
1397 NULL);
1398 ok_status(status, "Unable to add \"test2.subdomain.apple.com\" internet password: error %d\n", (int)status);
1399 if (status && status != errSecDuplicateItem) {
1400 goto error_exit;
1401 }
1402
1403 /* add a Mail password */
1404 status = SecKeychainAddInternetPassword(keychain,
1405 strlen("mail.apple.com"), "mail.apple.com",
1406 0, NULL,
1407 strlen("testacct"), "testacct",
1408 0, NULL,
1409 143, kSecProtocolTypeIMAP, kSecAuthenticationTypeDefault,
1410 strlen("testpass"), "testpass",
1411 NULL);
1412 ok_status(status, "Unable to add \"mail.apple.com\" internet password: error %d\n", (int)status);
1413 if (status && status != errSecDuplicateItem) {
1414 goto error_exit;
1415 }
1416
1417 /* if an item was already in the keychain from a previous run, we can ignore the error */
1418 if (status == errSecDuplicateItem)
1419 status = noErr;
1420
1421 error_exit:
1422
1423 if (keychain) CFRelease(keychain);
1424 PrintTestResult("TestAddItems", status, noErr);
1425
1426 return (int)status;
1427 }
1428
1429
1430 static int CheckResults(CFTypeRef results, CFIndex minMatchesExpected, CFIndex maxMatchesExpected)
1431 {
1432 OSStatus status = noErr;
1433 if (debug) {
1434 PrintCFThing(results);
1435 }
1436 if (minMatchesExpected > 0) {
1437 CFIndex matchesFound;
1438 if (CFGetTypeID(results) == CFArrayGetTypeID()) {
1439 // multiple items returned as an array
1440 matchesFound = CFArrayGetCount(results);
1441 }
1442 else {
1443 // single item returned as either a dictionary or an item reference
1444 matchesFound = (results) ? 1 : 0;
1445 }
1446 if (debug) {
1447 fprintf(stdout, "### Items matched: %d (minimum expected: %d",
1448 (int)matchesFound, (int)minMatchesExpected);
1449 if (maxMatchesExpected < MAXITEMS)
1450 fprintf(stdout, ", maximum expected: %d", (int)minMatchesExpected);
1451 fprintf(stdout, ")\n");
1452 fflush(stdout);
1453 }
1454 if (matchesFound < minMatchesExpected ||
1455 matchesFound > maxMatchesExpected) {
1456 /* should not happen, unless SecItemCopyMatching has a bug */
1457 status = errSecInternalError;
1458 }
1459 if(matchesFound < minMatchesExpected) {
1460 fail("CheckResults: %ld < %ld (minimum required)", matchesFound, minMatchesExpected);
1461 } else if(matchesFound > maxMatchesExpected) {
1462 fail("CheckResults: %ld > %ld (maximum allowed", matchesFound, maxMatchesExpected);
1463 } else {
1464 pass("CheckResults: matches found fall within requirements: %ld <= %ld <= %ld", minMatchesExpected, matchesFound, maxMatchesExpected);
1465 }
1466 }
1467 return (int)status;
1468 }
1469
1470
1471 #pragma mark -- Individual Test Cases --
1472
1473
1474 static int FindCertificateByEmail(SecKeychainRef keychain,
1475 CFStringRef emailStr,
1476 CFTypeRef returnType,
1477 CFTypeRef matchLimit,
1478 CFIndex minMatchesExpected,
1479 OSStatus expected)
1480 {
1481 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1482 &kCFTypeDictionaryKeyCallBacks,
1483 &kCFTypeDictionaryValueCallBacks);
1484
1485 /* set up the query */
1486 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1487 CFDictionaryAddValue( query, kSecMatchEmailAddressIfPresent, emailStr );
1488 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1489 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1490
1491 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1492 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1493 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1494
1495 CFTypeRef results = NULL;
1496 if (debug) {
1497 PrintStringToMatch(emailStr);
1498 }
1499
1500 OSStatus status = SecItemCopyMatching(query, &results);
1501
1502 if (!status && results) {
1503 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1504 CFRelease(results);
1505 }
1506 if (query)
1507 CFRelease(query);
1508
1509 PrintTestResult("FindCertificateByEmail", status, expected);
1510
1511 return (status==expected) ? (int)noErr : (int)status;
1512 }
1513
1514
1515 static int FindCertificateByLabel(SecKeychainRef keychain,
1516 CFStringRef labelStr,
1517 CFTypeRef returnType,
1518 CFTypeRef matchLimit,
1519 CFIndex minMatchesExpected,
1520 CFIndex maxMatchesExpected,
1521 OSStatus expected)
1522 {
1523 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1524 &kCFTypeDictionaryKeyCallBacks,
1525 &kCFTypeDictionaryValueCallBacks);
1526
1527 /* set up the query */
1528 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1529 CFDictionaryAddValue( query, kSecAttrLabel, labelStr );
1530 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1531 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1532
1533 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1534 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1535 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1536
1537 CFTypeRef results = NULL;
1538 if (debug) {
1539 PrintStringToMatch(labelStr);
1540 }
1541
1542 OSStatus status = SecItemCopyMatching(query, &results);
1543
1544 if (!status && results) {
1545 status = CheckResults(results, minMatchesExpected, maxMatchesExpected);
1546 CFRelease(results);
1547 }
1548 if (query)
1549 CFRelease(query);
1550
1551 PrintTestResult("FindCertificateByLabel", status, expected);
1552
1553 return (status==expected) ? (int)noErr : (int)status;
1554 }
1555
1556
1557 static int FindCertificateByNameInSubject(SecKeychainRef keychain,
1558 CFStringRef nameStr,
1559 CFTypeRef matchType,
1560 CFTypeRef returnType,
1561 CFTypeRef matchLimit,
1562 CFIndex minMatchesExpected,
1563 OSStatus expected)
1564 {
1565 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1566 &kCFTypeDictionaryKeyCallBacks,
1567 &kCFTypeDictionaryValueCallBacks);
1568
1569 /* set up the query */
1570 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1571 CFDictionaryAddValue( query, matchType, nameStr );
1572 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1573 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1574
1575 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1576 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1577 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1578
1579 CFTypeRef results = NULL;
1580 if (debug) {
1581 PrintStringToMatch(nameStr);
1582 }
1583
1584 OSStatus status = SecItemCopyMatching(query, &results);
1585
1586 if (!status && results) {
1587 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1588 CFRelease(results);
1589 }
1590 if (query)
1591 CFRelease(query);
1592
1593 PrintTestResult("FindCertificateByNameInSubject", status, expected);
1594
1595 return (status==expected) ? (int)noErr : (int)status;
1596 }
1597
1598
1599 static int FindCertificateByNameAndPolicy(SecKeychainRef keychain,
1600 CFStringRef nameStr,
1601 SecPolicyRef policy,
1602 CFTypeRef returnType,
1603 CFTypeRef matchLimit,
1604 CFIndex matchesExpected,
1605 OSStatus expected)
1606 {
1607 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1608 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1609
1610 const void *keys[] = {
1611 kSecMatchSearchList,
1612 kSecClass,
1613 kSecMatchSubjectContains,
1614 kSecMatchPolicy,
1615 kSecMatchLimit,
1616 returnType
1617 };
1618 const void *values[] = {
1619 searchList,
1620 kSecClassCertificate,
1621 nameStr,
1622 policy,
1623 matchLimit,
1624 kCFBooleanTrue
1625 };
1626
1627 OSStatus status = noErr;
1628 CFTypeRef results = NULL;
1629 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
1630 sizeof(keys) / sizeof(*keys),
1631 &kCFTypeDictionaryKeyCallBacks,
1632 &kCFTypeDictionaryValueCallBacks);
1633
1634 if (debug) {
1635 PrintStringToMatch(nameStr);
1636 PrintStringToMatch(SecPolicyGetName(policy));
1637 }
1638
1639 status = SecItemCopyMatching(query, &results);
1640
1641 if (!status && results) {
1642 status = CheckResults(results, matchesExpected, matchesExpected);
1643 CFRelease(results);
1644 }
1645 if (query)
1646 CFRelease(query);
1647
1648 PrintTestResult("FindCertificateByNameAndPolicy", status, expected);
1649
1650 return (status==expected) ? (int)noErr : (int)status;
1651 }
1652
1653
1654 static int FindCertificateByNameAndValidDate(SecKeychainRef keychain,
1655 CFStringRef nameStr,
1656 CFTypeRef validOnDate,
1657 CFTypeRef returnType,
1658 CFTypeRef matchLimit,
1659 CFIndex minMatchesExpected,
1660 OSStatus expected)
1661 {
1662 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1663 &kCFTypeDictionaryKeyCallBacks,
1664 &kCFTypeDictionaryValueCallBacks);
1665
1666 /* set up the query */
1667 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1668 CFDictionaryAddValue( query, kSecMatchSubjectContains, nameStr );
1669 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate ); // value may be a CFDateRef or a CFNullRef
1670 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1671 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1672
1673 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1674 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1675 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1676
1677 CFTypeRef results = NULL;
1678 if (debug) {
1679 PrintStringToMatch(nameStr);
1680 PrintStringToMatchRelease(CFCopyDescription(validOnDate));
1681 }
1682
1683 OSStatus status = SecItemCopyMatching(query, &results);
1684
1685 if (!status && results) {
1686 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1687 CFRelease(results);
1688 }
1689 if (query)
1690 CFRelease(query);
1691
1692 PrintTestResult("FindCertificateByNameAndValidDate", status, expected);
1693
1694 return (status==expected) ? (int)noErr : (int)status;
1695 }
1696
1697
1698 static int FindCertificateForSMIMEEncryption(SecKeychainRef keychain,
1699 CFStringRef emailAddr,
1700 CFTypeRef validOnDate,
1701 CFTypeRef returnType,
1702 CFTypeRef matchLimit,
1703 CFIndex minMatchesExpected,
1704 CFIndex maxMatchesExpected,
1705 OSStatus expected)
1706 {
1707 /* create a SecPolicyRef for S/MIME */
1708 SecPolicyRef policy = SecPolicyCreateWithOID(kSecPolicyAppleSMIME);
1709 if (policy == NULL)
1710 return errSecPolicyNotFound;
1711
1712 CFMutableDictionaryRef properties = CFDictionaryCreateMutable(NULL, 0,
1713 &kCFTypeDictionaryKeyCallBacks,
1714 &kCFTypeDictionaryValueCallBacks);
1715
1716 /* property 1: must match email address */
1717 CFDictionaryAddValue( properties, kSecPolicyName, emailAddr );
1718 /* property 2: must have "key encipherment" key usage to be used for encryption */
1719 CFDictionaryAddValue( properties, kSecPolicyKU_KeyEncipherment, kCFBooleanTrue );
1720
1721 SecPolicySetProperties(policy, properties);
1722
1723 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1724 &kCFTypeDictionaryKeyCallBacks,
1725 &kCFTypeDictionaryValueCallBacks);
1726
1727 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1728 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1729 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1730
1731 /* set up the query */
1732 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1733 CFDictionaryAddValue( query, kSecMatchPolicy, policy );
1734 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate );
1735 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
1736 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
1737
1738 CFTypeRef results = NULL;
1739 if (debug) {
1740 PrintStringToMatch(emailAddr);
1741 PrintStringToMatchRelease(CFCopyDescription(kSecPolicyAppleSMIME));
1742 PrintStringToMatchRelease(CFCopyDescription(validOnDate));
1743 }
1744
1745 OSStatus status = SecItemCopyMatching(query, &results);
1746
1747 if (!status && results) {
1748 status = CheckResults(results, minMatchesExpected, maxMatchesExpected);
1749 CFRelease(results);
1750 }
1751 if (query)
1752 CFRelease(query);
1753 if (policy)
1754 CFRelease(policy);
1755 if (properties)
1756 CFRelease(properties);
1757
1758 PrintTestResult("FindCertificateForSMIMEEncryption", status, expected);
1759
1760 return (status==expected) ? (int)noErr : (int)status;
1761 }
1762
1763
1764 static int FindPreferredCertificateForSMIMEEncryption(SecKeychainRef keychain,
1765 CFStringRef emailAddr, CFTypeRef validOnDate)
1766 {
1767 // Note: this function assumes that a preferred certificate has been set up
1768 // previously for the given email address. This is handled in the calling
1769 // function.
1770
1771 OSStatus status = noErr;
1772 SecCertificateRef preferredCertificate = NULL;
1773 SecCertificateRef validatedCertificate = NULL;
1774
1775 // Pass an explicit key usage value to SecCertificateCopyPreferred to test <rdar://8192797>
1776 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanEncrypt, 1, &kCFTypeArrayCallBacks);
1777
1778 preferredCertificate = SecCertificateCopyPreferred(emailAddr, keyUsage);
1779 if (!preferredCertificate)
1780 status = errSecItemNotFound; // our test expects a preferred certificate to exist, so we return an error
1781 if (keyUsage)
1782 CFRelease(keyUsage);
1783
1784 if (!status && preferredCertificate) {
1785 // We found a preferred certificate, but it may have expired.
1786 // Verify the preferred certificate by looking up all certificates which
1787 // are valid for SMIME encryption, and using the kSecMatchItemList query
1788 // parameter to filter out everything but our preferred certificate. If
1789 // we end up with 0 results, the preferred certificate wasn't valid.
1790
1791 // set up the S/MIME policy first to check for the Key Encipherment key usage (needed for encryption)
1792 SecPolicyRef policy = SecPolicyCreateWithOID(kSecPolicyAppleSMIME);
1793 CFDictionaryRef properties = CFDictionaryCreate(kCFAllocatorDefault, (const void **)&kSecPolicyKU_KeyEncipherment, (const void **)&kCFBooleanTrue, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
1794 status = SecPolicySetProperties(policy, properties);
1795 CFRelease(properties);
1796
1797 // set up an item list consisting of just our preferred certificate
1798 CFArrayRef itemList = CFArrayCreate(kCFAllocatorDefault, (const void **)&preferredCertificate, 1, &kCFTypeArrayCallBacks);
1799
1800 // set up the query
1801 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
1802 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1803 CFDictionaryAddValue( query, kSecMatchPolicy, policy );
1804 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate );
1805 CFDictionaryAddValue( query, kSecMatchItemList, itemList );
1806 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne ); // only need to match one item!
1807 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
1808
1809 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1810 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1811 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1812
1813 if (debug) {
1814 PrintStringToMatch(emailAddr);
1815 PrintStringToMatchRelease(CFCopyDescription(validOnDate));
1816 }
1817
1818 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedCertificate);
1819
1820 if (!status && validatedCertificate) {
1821 status = CheckResults(validatedCertificate, 1, 1); // expect exactly 1 result
1822 CFRelease(validatedCertificate);
1823 }
1824 if (query)
1825 CFRelease(query);
1826 if (policy)
1827 CFRelease(policy);
1828 if (itemList)
1829 CFRelease(itemList);
1830 }
1831 else if (!quiet)
1832 fprintf(stderr, "FindPreferredCertificateForSMIMEEncryption: unexpected error %d\n", (int)status);
1833
1834 if (preferredCertificate)
1835 CFRelease(preferredCertificate);
1836
1837 PrintTestResult("FindPreferredCertificateForSMIMEEncryption", status, noErr);
1838
1839 return (status==noErr) ? (int)noErr : (int)status;
1840 }
1841
1842
1843 static int SetPreferredCertificateForSMIMEEncryption(SecKeychainRef keychain, CFStringRef nameStr,
1844 CFStringRef emailAddr)
1845 {
1846 // find the certificate exactly matching the given common name
1847 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
1848 &kCFTypeDictionaryKeyCallBacks,
1849 &kCFTypeDictionaryValueCallBacks);
1850
1851 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1852 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1853 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
1854
1855 CFDictionaryAddValue( query, kSecClass, kSecClassCertificate );
1856 CFDictionaryAddValue( query, kSecMatchSubjectWholeString, nameStr );
1857 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne );
1858 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
1859
1860 CFTypeRef results = NULL;
1861 OSStatus status = SecItemCopyMatching(query, &results);
1862
1863 if (!quiet && status)
1864 fprintf(stderr, "SetPreferredCertificateForSMIMEEncryption: SecItemCopyMatching error %d\n", (int)status);
1865
1866 if (!status && results) {
1867 // since we asked for kSecMatchLimitOne, the result is a single item
1868 SecCertificateRef certificate = (SecCertificateRef) results;
1869 if (SecCertificateGetTypeID() != CFGetTypeID(certificate)) {
1870 fprintf(stderr, "SetPreferredCertificateForSMIMEEncryption: unexpected result type!\n");
1871 }
1872 else {
1873 // Pass an explicit key usage value to SecCertificateSetPreferred to test <rdar://8192797>
1874 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanEncrypt, 1, &kCFTypeArrayCallBacks);
1875 status = SecCertificateSetPreferred(certificate, emailAddr, keyUsage);
1876 if (!quiet && status)
1877 fprintf(stderr, "SetPreferredCertificateForSMIMEEncryption: SecCertificateSetPreferred error %d\n", (int)status);
1878 if (keyUsage)
1879 CFRelease(keyUsage);
1880 }
1881 CFRelease(results);
1882 }
1883 if (query)
1884 CFRelease(query);
1885
1886 return (status==noErr) ? (int)noErr : (int)status;
1887 }
1888
1889
1890 static int FindIdentityByName(SecKeychainRef keychain,
1891 CFStringRef nameStr,
1892 CFTypeRef returnType,
1893 CFTypeRef matchLimit,
1894 CFIndex matchesExpected,
1895 OSStatus expected)
1896 {
1897 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1898 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1899
1900 const void *keys[] = {
1901 kSecMatchSearchList,
1902 kSecClass,
1903 kSecMatchSubjectContains,
1904 kSecMatchLimit,
1905 returnType
1906 };
1907 const void *values[] = {
1908 searchList,
1909 kSecClassIdentity,
1910 nameStr,
1911 matchLimit,
1912 kCFBooleanTrue
1913 };
1914
1915 OSStatus status = noErr;
1916 CFTypeRef results = NULL;
1917 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
1918 sizeof(keys) / sizeof(*keys),
1919 &kCFTypeDictionaryKeyCallBacks,
1920 &kCFTypeDictionaryValueCallBacks);
1921
1922 if (debug) PrintStringToMatch(nameStr);
1923
1924 status = SecItemCopyMatching(query, &results);
1925
1926 if (!status && results) {
1927 status = CheckResults(results, matchesExpected, matchesExpected);
1928 CFRelease(results);
1929 }
1930 if (query)
1931 CFRelease(query);
1932
1933 PrintTestResult("FindIdentityByName", status, expected);
1934
1935 return (status==expected) ? (int)noErr : (int)status;
1936 }
1937
1938
1939 static int FindIdentityByPolicy(SecKeychainRef keychain,
1940 SecPolicyRef policy,
1941 CFTypeRef returnType,
1942 CFTypeRef matchLimit,
1943 CFIndex minMatchesExpected,
1944 OSStatus expected)
1945 {
1946 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
1947 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
1948
1949 const void *keys[] = {
1950 kSecMatchSearchList,
1951 kSecClass,
1952 kSecMatchPolicy,
1953 kSecMatchLimit,
1954 returnType
1955 };
1956 const void *values[] = {
1957 searchList,
1958 kSecClassIdentity,
1959 policy,
1960 matchLimit,
1961 kCFBooleanTrue
1962 };
1963
1964 OSStatus status = noErr;
1965 CFTypeRef results = NULL;
1966 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
1967 sizeof(keys) / sizeof(*keys),
1968 &kCFTypeDictionaryKeyCallBacks,
1969 &kCFTypeDictionaryValueCallBacks);
1970
1971 if (debug) PrintStringToMatch(SecPolicyGetName(policy));
1972
1973 status = SecItemCopyMatching(query, &results);
1974
1975 if (!status && results) {
1976 status = CheckResults(results, minMatchesExpected, MAXITEMS);
1977 CFRelease(results);
1978 }
1979 if (query)
1980 CFRelease(query);
1981
1982 PrintTestResult("FindIdentityByPolicy", status, expected);
1983
1984 return (status==expected) ? (int)noErr : (int)status;
1985 }
1986
1987
1988 static int FindIdentityByPolicyAndValidDate(SecKeychainRef keychain,
1989 CFTypeRef policyIdentifier,
1990 Boolean isClientPolicy,
1991 CFTypeRef validOnDate,
1992 CFStringRef forbidStr,
1993 CFTypeRef returnType,
1994 CFTypeRef matchLimit,
1995 CFIndex matchesExpected,
1996 OSStatus expected)
1997 {
1998 /* given the policy OID, create a SecPolicyRef */
1999 SecPolicyRef policy = SecPolicyCreateWithOID(policyIdentifier);
2000 if (policy == NULL)
2001 return errSecPolicyNotFound;
2002 if (isClientPolicy == TRUE) {
2003 /* specify the kSecPolicyClient property key for this policy */
2004 const void *keys[] = { kSecPolicyClient };
2005 const void *values[] = { kCFBooleanTrue };
2006 CFDictionaryRef properties = CFDictionaryCreate(NULL, keys, values,
2007 sizeof(keys) / sizeof(*keys),
2008 &kCFTypeDictionaryKeyCallBacks,
2009 &kCFTypeDictionaryValueCallBacks);
2010 SecPolicySetProperties(policy, properties);
2011 }
2012
2013 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2014 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2015
2016 const void *keys[] = {
2017 kSecMatchSearchList,
2018 kSecClass,
2019 kSecMatchPolicy,
2020 kSecMatchValidOnDate,
2021 kSecMatchLimit,
2022 returnType
2023 };
2024 const void *values[] = {
2025 searchList,
2026 kSecClassIdentity,
2027 policy,
2028 validOnDate,
2029 matchLimit,
2030 kCFBooleanTrue
2031 };
2032
2033 OSStatus status = noErr;
2034 CFTypeRef results = NULL;
2035 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2036 sizeof(keys) / sizeof(*keys),
2037 &kCFTypeDictionaryKeyCallBacks,
2038 &kCFTypeDictionaryValueCallBacks);
2039
2040 if (debug) PrintStringToMatchRelease(CFCopyDescription(policyIdentifier));
2041
2042 status = SecItemCopyMatching(query, &results);
2043
2044 // check returned items for forbidStr as a substring in the label attribute;
2045 // return errSecInternalError if found
2046 if (!status && results && forbidStr) {
2047 if (CFArrayGetTypeID() == CFGetTypeID(results)) {
2048 CFArrayRef items = (CFArrayRef) results;
2049 CFIndex ix, count = CFArrayGetCount(results);
2050 for (ix=0; ix<count; ix++) {
2051 CFTypeRef anItem = (CFTypeRef) CFArrayGetValueAtIndex(items, ix);
2052 if (anItem && CFDictionaryGetTypeID() == CFGetTypeID(anItem)) {
2053 CFDictionaryRef item = (CFDictionaryRef) anItem;
2054 CFStringRef label = NULL;
2055 if (CFDictionaryGetValueIfPresent(item, kSecAttrLabel, (const void **)&label) && label) {
2056 CFRange range = CFStringFind(label, forbidStr, 0);
2057 if (!(range.length < 1)) {
2058 status = errSecInternalError; // shouldn't have found this, but we did.
2059 break;
2060 } // found forbidStr
2061 } // found label attribute
2062 } // item is a dictionary
2063 } // item for-loop
2064 } // result is an array
2065 } // check forbidStr
2066
2067
2068 if (!status && results) {
2069 status = CheckResults(results, matchesExpected, matchesExpected);
2070 CFRelease(results);
2071 }
2072 if (query)
2073 CFRelease(query);
2074 if (policy)
2075 CFRelease(policy);
2076
2077 PrintTestResult("FindIdentityByPolicyAndValidDate", status, expected);
2078
2079 return (status==expected) ? (int)noErr : (int)status;
2080 }
2081
2082
2083 static int FindIdentityByNameAndValidDate(SecKeychainRef keychain,
2084 CFStringRef nameStr,
2085 CFTypeRef validOnDate,
2086 CFTypeRef returnType,
2087 CFTypeRef matchLimit,
2088 CFIndex minMatchesExpected,
2089 OSStatus expected)
2090 {
2091 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2092 &kCFTypeDictionaryKeyCallBacks,
2093 &kCFTypeDictionaryValueCallBacks);
2094
2095 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2096 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2097 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2098
2099 /* set up the query */
2100 CFDictionaryAddValue( query, kSecClass, kSecClassIdentity );
2101 CFDictionaryAddValue( query, kSecMatchSubjectContains, nameStr );
2102 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate ); // value may be a CFDateRef or a CFNullRef
2103 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit );
2104 CFDictionaryAddValue( query, returnType, kCFBooleanTrue );
2105
2106 CFTypeRef results = NULL;
2107 if (debug) {
2108 PrintStringToMatch(nameStr);
2109 PrintStringToMatchRelease(CFCopyDescription(validOnDate));
2110 }
2111
2112 OSStatus status = SecItemCopyMatching(query, &results);
2113
2114 if (!status && results) {
2115 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2116 CFRelease(results);
2117 }
2118 if (query)
2119 CFRelease(query);
2120
2121 PrintTestResult("FindIdentityByNameAndValidDate", status, expected);
2122
2123 return (status==expected) ? (int)noErr : (int)status;
2124 }
2125
2126
2127 static int FindPreferredIdentityForSMIMESigning(SecKeychainRef keychain, CFStringRef emailAddr,
2128 CFTypeRef validOnDate)
2129 {
2130 // Note: this function assumes that a preferred identity has been set up
2131 // previously for the given email address. This is handled in the calling
2132 // function.
2133
2134 OSStatus status = noErr;
2135 SecIdentityRef preferredIdentity = NULL;
2136 SecIdentityRef validatedIdentity = NULL;
2137
2138 // Pass an explicit key usage value to SecIdentityCopyPreferred to test <rdar://8192797>
2139 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanSign, 1, &kCFTypeArrayCallBacks);
2140
2141 preferredIdentity = SecIdentityCopyPreferred(emailAddr, keyUsage, NULL);
2142 isnt(preferredIdentity, NULL, "FindPreferredIdentityForSMIMESigning: SecIdentityCopyPreferred");
2143
2144 if (!preferredIdentity)
2145 status = errSecItemNotFound; // our test expects a preferred identity to exist, so we return an error
2146 if (keyUsage)
2147 CFRelease(keyUsage);
2148
2149 if (!status && preferredIdentity) {
2150 pass("FindPreferredIdentityForSMIMESigning: found a preferred identity");
2151
2152 // We found a preferred identity, but it may have expired.
2153 // Verify the preferred identity by looking up all identities which
2154 // are valid for SMIME signing, and using the kSecMatchItemList query
2155 // parameter to filter out everything but our preferred identity. If
2156 // we end up with 0 results, the preferred identity wasn't valid.
2157
2158 // set up the S/MIME policy first to check for Digital Signature key usage
2159 SecPolicyRef policy = SecPolicyCreateSMIME(kSecSignSMIMEUsage, emailAddr);
2160
2161 // set up an item list consisting of just our preferred identity
2162 CFArrayRef itemList = CFArrayCreate(kCFAllocatorDefault, (const void **)&preferredIdentity, 1, &kCFTypeArrayCallBacks);
2163
2164 // set up the query
2165 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
2166 CFDictionaryAddValue( query, kSecClass, kSecClassIdentity );
2167 CFDictionaryAddValue( query, kSecMatchPolicy, policy );
2168 CFDictionaryAddValue( query, kSecMatchValidOnDate, validOnDate );
2169 CFDictionaryAddValue( query, kSecMatchItemList, itemList );
2170 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne ); // only need to match one item!
2171 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
2172
2173 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2174 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2175 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2176
2177 if (debug) {
2178 PrintStringToMatch(emailAddr);
2179 PrintStringToMatchRelease(CFCopyDescription(validOnDate));
2180 }
2181
2182 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedIdentity);
2183 ok_status(status, "FindPreferredIdentityForSMIMESigning: SecItemCopyMatching");
2184
2185 if (!status && validatedIdentity) {
2186 status = CheckResults(validatedIdentity, 1, 1); // expect exactly 1 result
2187 CFRelease(validatedIdentity);
2188 }
2189 if (query)
2190 CFRelease(query);
2191 if (policy)
2192 CFRelease(policy);
2193 if (itemList)
2194 CFRelease(itemList);
2195 }
2196 else {
2197 fail("FindPreferredIdentityForSMIMESigning: unexpected error %d\n", (int)status);
2198 }
2199
2200 if (preferredIdentity)
2201 CFRelease(preferredIdentity);
2202
2203 PrintTestResult("FindPreferredIdentityForSMIMESigning", status, noErr);
2204
2205 return (status==noErr) ? (int)noErr : (int)status;
2206 }
2207
2208
2209 static int SetPreferredIdentityForSMIMESigning(SecKeychainRef keychain, CFStringRef nameStr,
2210 CFStringRef emailAddr)
2211 {
2212 // find the identity exactly matching the given common name
2213 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2214 &kCFTypeDictionaryKeyCallBacks,
2215 &kCFTypeDictionaryValueCallBacks);
2216
2217 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2218 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2219 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2220
2221 CFDictionaryAddValue( query, kSecClass, kSecClassIdentity );
2222 CFDictionaryAddValue( query, kSecMatchSubjectWholeString, nameStr );
2223 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne );
2224 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue );
2225
2226 CFTypeRef results = NULL;
2227 OSStatus status = SecItemCopyMatching(query, &results);
2228
2229 ok_status(status, "SetPreferredIdentityForSMIMESigning: SecItemCopyMatching error %d\n", (int)status);
2230
2231 if (!status && results) {
2232 // since we asked for kSecMatchLimitOne, the result is a single SecIdentityRef
2233 SecIdentityRef identity = (SecIdentityRef) results;
2234
2235 is(SecIdentityGetTypeID(),CFGetTypeID(identity), "SetPreferredCertificateForSMIMEEncryption: unexpected result type!\n");
2236
2237 // Pass an explicit key usage value to SecIdentitySetPreferred to test <rdar://8192797>
2238 CFArrayRef keyUsage = CFArrayCreate(kCFAllocatorDefault, (const void **)&kSecAttrCanSign, 1, &kCFTypeArrayCallBacks);
2239 status = SecIdentitySetPreferred(identity, emailAddr, keyUsage);
2240 ok_status(status, "SetPreferredIdentityForSMIMESigning: SecIdentitySetPreferred error %d\n", (int)status);
2241 if (keyUsage)
2242 CFRelease(keyUsage);
2243
2244 CFRelease(results);
2245 }
2246 if (query)
2247 CFRelease(query);
2248
2249 return (status==noErr) ? (int)noErr : (int)status;
2250 }
2251
2252
2253 static int FindGenericPasswordByAccount(SecKeychainRef keychain,
2254 CFStringRef accountStr,
2255 CFTypeRef returnType,
2256 CFTypeRef matchLimit,
2257 CFIndex minMatchesExpected,
2258 OSStatus expected)
2259 {
2260 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2261 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2262
2263 const void *keys[] = {
2264 kSecMatchSearchList,
2265 kSecClass,
2266 kSecAttrAccount,
2267 kSecMatchLimit,
2268 returnType
2269 };
2270 const void *values[] = {
2271 searchList,
2272 kSecClassGenericPassword,
2273 accountStr,
2274 matchLimit,
2275 kCFBooleanTrue
2276 };
2277
2278 OSStatus status = noErr;
2279 CFTypeRef results = NULL;
2280 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2281 sizeof(keys) / sizeof(*keys),
2282 &kCFTypeDictionaryKeyCallBacks,
2283 &kCFTypeDictionaryValueCallBacks);
2284
2285 if (debug) PrintStringToMatch(accountStr);
2286
2287 status = SecItemCopyMatching(query, &results);
2288 ok_status(status, "FindGenericPasswordByAccount: SecItemCopyMatching");
2289
2290 if (!status && results) {
2291 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2292 CFRelease(results);
2293 }
2294 if (query)
2295 CFRelease(query);
2296
2297 PrintTestResult("FindGenericPasswordByAccount", status, expected);
2298
2299 return (status==expected) ? (int)noErr : (int)status;
2300 }
2301
2302
2303 static int FindGenericPasswordByAccountAndService(SecKeychainRef keychain,
2304 CFStringRef accountStr,
2305 CFStringRef serviceStr,
2306 CFTypeRef returnType,
2307 CFTypeRef matchLimit,
2308 CFIndex minMatchesExpected,
2309 OSStatus expected)
2310 {
2311 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2312 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2313
2314 const void *keys[] = {
2315 kSecMatchSearchList,
2316 kSecClass,
2317 kSecAttrAccount,
2318 kSecAttrService,
2319 kSecMatchLimit,
2320 returnType
2321 };
2322 const void *values[] = {
2323 searchList,
2324 kSecClassGenericPassword,
2325 accountStr,
2326 serviceStr,
2327 matchLimit,
2328 kCFBooleanTrue
2329 };
2330
2331 OSStatus status = noErr;
2332 CFTypeRef results = NULL;
2333 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2334 sizeof(keys) / sizeof(*keys),
2335 &kCFTypeDictionaryKeyCallBacks,
2336 &kCFTypeDictionaryValueCallBacks);
2337
2338 if (debug) {
2339 PrintStringToMatch(accountStr);
2340 PrintStringToMatch(serviceStr);
2341 }
2342 status = SecItemCopyMatching(query, &results);
2343 ok_status(status, "FindGenericPasswordByAccountAndService: SecItemCopyMatching");
2344
2345 if (!status && results) {
2346 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2347 CFRelease(results);
2348 }
2349 if (query)
2350 CFRelease(query);
2351
2352 PrintTestResult("FindGenericPasswordByAccountAndService", status, expected);
2353
2354 return (status==expected) ? (int)noErr : (int)status;
2355 }
2356
2357
2358 static int FindInternetPasswordByAccount(SecKeychainRef keychain,
2359 CFStringRef accountStr,
2360 CFTypeRef returnType,
2361 CFTypeRef matchLimit,
2362 CFIndex minMatchesExpected,
2363 OSStatus expected)
2364 {
2365 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2366 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2367
2368 const void *keys[] = {
2369 kSecMatchSearchList,
2370 kSecClass,
2371 kSecAttrAccount,
2372 kSecMatchLimit,
2373 returnType
2374 };
2375 const void *values[] = {
2376 searchList,
2377 kSecClassInternetPassword,
2378 accountStr,
2379 matchLimit,
2380 kCFBooleanTrue
2381 };
2382
2383 OSStatus status = noErr;
2384 CFTypeRef results = NULL;
2385 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2386 sizeof(keys) / sizeof(*keys),
2387 &kCFTypeDictionaryKeyCallBacks,
2388 &kCFTypeDictionaryValueCallBacks);
2389
2390 if (debug) PrintStringToMatch(accountStr);
2391
2392 status = SecItemCopyMatching(query, &results);
2393 ok_status(status, "FindInternetPasswordByAccount: SecItemCopyMatching");
2394
2395 if (!status && results) {
2396 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2397 CFRelease(results);
2398 }
2399 if (query)
2400 CFRelease(query);
2401
2402 PrintTestResult("FindInternetPasswordByAccount", status, expected);
2403
2404 return (status==expected) ? (int)noErr : (int)status;
2405 }
2406
2407
2408 static int FindInternetPasswordByAccountAndServer(SecKeychainRef keychain,
2409 CFStringRef accountStr,
2410 CFStringRef serverStr,
2411 CFTypeRef returnType,
2412 CFTypeRef matchLimit,
2413 CFIndex minMatchesExpected,
2414 OSStatus expected)
2415 {
2416 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2417 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2418
2419 const void *keys[] = {
2420 kSecMatchSearchList,
2421 kSecClass,
2422 kSecAttrAccount,
2423 kSecAttrServer,
2424 kSecMatchLimit,
2425 returnType
2426 };
2427 const void *values[] = {
2428 searchList,
2429 kSecClassInternetPassword,
2430 accountStr,
2431 serverStr,
2432 matchLimit,
2433 kCFBooleanTrue
2434 };
2435
2436 OSStatus status = noErr;
2437 CFTypeRef results = NULL;
2438 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
2439 sizeof(keys) / sizeof(*keys),
2440 &kCFTypeDictionaryKeyCallBacks,
2441 &kCFTypeDictionaryValueCallBacks);
2442
2443 if (debug) {
2444 PrintStringToMatch(accountStr);
2445 PrintStringToMatch(serverStr);
2446 }
2447 status = SecItemCopyMatching(query, &results);
2448 ok_status(status, "FindInternetPasswordByAccountAndServer: SecItemCopyMatching");
2449
2450 if (!status && results) {
2451 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2452 CFRelease(results);
2453 }
2454 if (query)
2455 CFRelease(query);
2456
2457 PrintTestResult("FindInternetPasswordByAccountAndServer", status, expected);
2458
2459 return (status==expected) ? (int)noErr : (int)status;
2460 }
2461
2462
2463 static int FindMailPassword(SecKeychainRef keychain,
2464 CFStringRef account,
2465 CFStringRef server)
2466 {
2467 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2468 &kCFTypeDictionaryKeyCallBacks,
2469 &kCFTypeDictionaryValueCallBacks);
2470
2471 SInt16 port = 143;
2472 CFNumberRef portNumber = CFNumberCreate(NULL, kCFNumberSInt16Type, &port);
2473
2474 // set up query for a Mail password (IMAP, port 143) for given account and server
2475 CFDictionaryAddValue( query, kSecClass, kSecClassInternetPassword );
2476 CFDictionaryAddValue( query, kSecAttrAccount, account );
2477 CFDictionaryAddValue( query, kSecAttrServer, server );
2478 CFDictionaryAddValue( query, kSecAttrProtocol, kSecAttrProtocolIMAP );
2479 CFDictionaryAddValue( query, kSecAttrPort, portNumber );
2480 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne );
2481 CFDictionaryAddValue( query, kSecReturnData, kCFBooleanTrue );
2482
2483 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2484 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2485 CFDictionaryAddValue(query, kSecMatchSearchList, searchList);
2486
2487 CFTypeRef results = NULL;
2488 OSStatus status = SecItemCopyMatching(query, &results);
2489 ok_status(status, "FindMailPassword: SecItemCopyMatching error %d\n", (int)status);
2490
2491 if (!status && results) {
2492 // since we asked for kSecMatchLimitOne w/kSecReturnData, the result is the found password
2493 CFDataRef password = (CFDataRef) results;
2494 is(CFDataGetTypeID(), CFGetTypeID(password), "FindMailPassword: unexpected result type!\n");
2495
2496 if (debug) CFShow(password);
2497
2498 CFRelease(results);
2499 }
2500 if (query)
2501 CFRelease(query);
2502 if (portNumber)
2503 CFRelease(portNumber);
2504
2505 return (status==noErr) ? (int)noErr : (int)status;
2506 }
2507
2508
2509
2510 const CFStringRef g18Prefix = CFSTR("Test Key");
2511 const CFStringRef g18Label = CFSTR("Test AES Encryption Key");
2512 const CFStringRef g18UUID = CFSTR("550e8400-e29b-41d4-a716-446655441234");
2513
2514 // CreateSymmetricKey will create a new AES-128 symmetric encryption key
2515 // with the provided label, application label, and application tag.
2516 // Each of those attributes is optional, but only the latter two
2517 // (application label and application tag) are considered part of the
2518 // key's "unique" attribute set. Previously, if you attempted to create a
2519 // key which differs only in the label attribute (but not in the other two)
2520 // then the attempt would fail and leave a "turd" key with no label in your
2521 // keychain: <rdar://8289559>, fixed in 11A268a.
2522
2523 static int CreateSymmetricKey(
2524 SecKeychainRef keychain,
2525 CFStringRef keyLabel,
2526 CFStringRef keyAppLabel,
2527 CFStringRef keyAppTag,
2528 OSStatus expected)
2529 {
2530 OSStatus status;
2531 int keySizeValue = 128;
2532 CFNumberRef keySize = CFNumberCreate(NULL, kCFNumberIntType, &keySizeValue);
2533
2534 // create a SecAccessRef to set up the initial access control settings for this key
2535 // (this step is optional; if omitted, the creating application has access to the key)
2536 // note: the access descriptor should be the same string as will be used for the item's label,
2537 // since it's the string that is displayed by the access confirmation dialog to describe the item.
2538 SecAccessRef access = NULL;
2539 status = SecAccessCreate(g18Label, NULL, &access);
2540
2541 // create a dictionary of parameters describing the key we want to create
2542 CFMutableDictionaryRef params = CFDictionaryCreateMutable(NULL, 0,
2543 &kCFTypeDictionaryKeyCallBacks,
2544 &kCFTypeDictionaryValueCallBacks);
2545
2546 CFDictionaryAddValue( params, kSecClass, kSecClassKey );
2547 CFDictionaryAddValue( params, kSecUseKeychain, keychain );
2548 CFDictionaryAddValue( params, kSecAttrAccess, access );
2549 CFDictionaryAddValue( params, kSecAttrKeyClass, kSecAttrKeyClassSymmetric );
2550 CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeAES );
2551 CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize ); CFReleaseNull(keySize);
2552 CFDictionaryAddValue( params, kSecAttrIsPermanent, kCFBooleanTrue );
2553 CFDictionaryAddValue( params, kSecAttrCanEncrypt, kCFBooleanTrue );
2554 CFDictionaryAddValue( params, kSecAttrCanDecrypt, kCFBooleanTrue );
2555 CFDictionaryAddValue( params, kSecAttrCanWrap, kCFBooleanFalse );
2556 CFDictionaryAddValue( params, kSecAttrCanUnwrap, kCFBooleanFalse );
2557 if (keyLabel)
2558 CFDictionaryAddValue( params, kSecAttrLabel, keyLabel );
2559 if (keyAppLabel)
2560 CFDictionaryAddValue( params, kSecAttrApplicationLabel, keyAppLabel );
2561 if (keyAppTag)
2562 CFDictionaryAddValue( params, kSecAttrApplicationTag, keyAppTag );
2563
2564 // generate the key
2565 CFErrorRef error = NULL;
2566 SecKeyRef key = SecKeyGenerateSymmetric(params, &error);
2567
2568 // print result and clean up
2569 if (debug) {
2570 if (key == NULL) {
2571 CFStringRef desc = (error) ? CFErrorCopyDescription(error) : CFRetain(CFSTR("(no result!"));
2572 PrintCFStringWithFormat("SecKeyGenerateSymmetric failed: %s\n", desc);
2573 CFRelease(desc);
2574 }
2575 else {
2576 CFStringRef desc = CFCopyDescription(key);
2577 PrintCFStringWithFormat("SecKeyGenerateSymmetric succeeded: %s\n", desc);
2578 CFRelease(desc);
2579 }
2580 }
2581 status = (error) ? (OSStatus) CFErrorGetCode(error) : noErr;
2582 // if (status == errSecDuplicateItem)
2583 // status = noErr; // it's OK if the key already exists
2584
2585 if (key) CFRelease(key);
2586 if (error) CFRelease(error);
2587 if (params) CFRelease(params);
2588 if (keychain) CFRelease(keychain);
2589 if (access) CFRelease(access);
2590
2591 PrintTestResult("CreateSymmetricKey", status, expected);
2592
2593 return status;
2594 }
2595
2596
2597 static int FindSymmetricKey(
2598 SecKeychainRef keychain,
2599 CFStringRef keyLabel,
2600 CFStringRef keyAppLabel,
2601 CFStringRef keyAppTag,
2602 OSStatus expected)
2603 {
2604 // create a dictionary of parameters describing the key we want to find,
2605 // and how we want the result to be returned
2606 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2607 &kCFTypeDictionaryKeyCallBacks,
2608 &kCFTypeDictionaryValueCallBacks);
2609
2610 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2611 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2612 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2613
2614 CFDictionaryAddValue( query, kSecClass, kSecClassKey );
2615 CFDictionaryAddValue( query, kSecAttrKeyClass, kSecAttrKeyClassSymmetric );
2616 CFDictionaryAddValue( query, kSecMatchLimit, kSecMatchLimitOne ); // we only want the first match
2617 CFDictionaryAddValue( query, kSecReturnRef, kCFBooleanTrue ); // we want the result as a SecKeyRef
2618 CFDictionaryAddValue( query, kSecReturnAttributes, kCFBooleanTrue ); // we also want the found item's attributes
2619 if (keyLabel)
2620 CFDictionaryAddValue( query, kSecAttrLabel, keyLabel );
2621 if (keyAppLabel)
2622 CFDictionaryAddValue( query, kSecAttrApplicationLabel, keyAppLabel );
2623 if (keyAppTag)
2624 CFDictionaryAddValue( query, kSecAttrApplicationLabel, keyAppTag );
2625
2626 CFTypeRef result = NULL;
2627 OSStatus status = SecItemCopyMatching(query, &result);
2628 if(expected == errSecSuccess) {
2629 ok_status(status, "FindSymmetricKey: SecItemCopyMatching");
2630 } else {
2631 is(status, expected, "FindSymmetricKey: SecItemCopyMatching");
2632 }
2633
2634 // print result and clean up
2635 if (debug) {
2636 if (status == noErr) {
2637 fprintf(stdout, "SecItemCopyMatching succeeded; found key\n");
2638 PrintCFThing(result);
2639 }
2640 else if (status == errSecItemNotFound) {
2641 fprintf(stdout, "SecItemCopyMatching: item not found\n");
2642 }
2643 else {
2644 fprintf(stdout, "SecItemCopyMatching: failed! (error %d)\n", (int)status);
2645 }
2646 }
2647
2648 SecKeyRef key = NULL;
2649 if (result) {
2650 // since we asked for both the item reference and the item attributes,
2651 // we expect a dictionary to be returned...
2652 if (CFDictionaryGetTypeID() == CFGetTypeID(result)) {
2653 if (CFDictionaryGetValueIfPresent(result, kSecValueRef, (CFTypeRef*)&key))
2654 CFRetain(key);
2655 }
2656 CFRelease(result); // all done with result dictionary
2657 }
2658
2659 if (key) CFRelease(key);
2660 if (query) CFRelease(query);
2661
2662 PrintTestResult("FindSymmetricKey", status, expected);
2663
2664 return status;
2665 }
2666
2667
2668 static int FindAndDeleteItemsByName(
2669 SecKeychainRef keychain,
2670 CFStringRef nameStr,
2671 CFStringRef accountStr,
2672 CFTypeRef itemClass,
2673 CFTypeRef matchLimit,
2674 CFIndex minMatchesExpected,
2675 OSStatus expected)
2676 {
2677 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
2678 &kCFTypeDictionaryKeyCallBacks,
2679 &kCFTypeDictionaryValueCallBacks);
2680
2681 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
2682 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
2683 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
2684
2685 CFTypeRef nameMatchKey;
2686 if (CFEqual(itemClass, kSecClassCertificate) ||
2687 CFEqual(itemClass, kSecClassIdentity)) {
2688 nameMatchKey = kSecMatchSubjectStartsWith; /* must start with nameStr */
2689 }
2690 else {
2691 nameMatchKey = kSecAttrLabel; /* nameStr must exactly match label */
2692 }
2693
2694 /* set up the query */
2695 CFDictionaryAddValue( query, kSecClass, itemClass );
2696 CFDictionaryAddValue( query, nameMatchKey, nameStr);
2697 CFDictionaryAddValue( query, kSecMatchLimit, matchLimit);
2698 if (accountStr) {
2699 CFDictionaryAddValue( query, kSecAttrAccount, accountStr);
2700 }
2701
2702 CFTypeRef results = NULL;
2703 if (debug) {
2704 PrintStringToMatch(nameStr);
2705 }
2706
2707 OSStatus status = SecItemCopyMatching(query, &results);
2708 ok_status(status, "FindAndDeleteItemsByName: SecItemCopyMatching");
2709
2710 if (!status) {
2711 /* Make sure that we found the items we expected to find */
2712 status = CheckResults(results, minMatchesExpected, MAXITEMS);
2713 CFRelease(results);
2714 }
2715
2716 if (!status) {
2717 /* OK, now the real reason we're here... the same query must work for SecItemDelete */
2718 status = SecItemDelete(query);
2719
2720 PrintTestResult("FindAndDeleteItemsByName: deleting items", status, expected);
2721 }
2722
2723 if (!status) {
2724 /* re-run the same query... should find no matching items this time */
2725 status = SecItemCopyMatching(query, &results);
2726 if (!status) {
2727 /* oops... we still found matches using this query */
2728 int count = (int)CFArrayGetCount(results);
2729 is(count, 0, "### FindAndDeleteItemsByName: still found %d items, expected 0\n", count);
2730 CFRelease(results);
2731 }
2732 PrintTestResult("FindAndDeleteItemsByName: find after delete", status, errSecItemNotFound);
2733
2734 status = (status == errSecItemNotFound) ? expected : errSecInternalError;
2735 }
2736
2737 if (query)
2738 CFRelease(query);
2739
2740 return (status==expected) ? (int)noErr : (int)status;
2741 }
2742
2743
2744 #pragma mark -- Test Functions --
2745
2746
2747 static int TestIdentityLookup(SecKeychainRef keychain)
2748 {
2749 int result = 0;
2750
2751 // look up identity by name, want first result as a SecIdentityRef
2752 result += FindIdentityByName(keychain, CFSTR("Test SSL User"), kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2753
2754 // look up existing non-identity certificate by name, expect errSecItemNotFound error
2755 result += FindIdentityByName(keychain, CFSTR("Test-5685316-LEAF"), kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2756
2757 // look up non-existent identity by name, expect errSecItemNotFound error
2758 result += FindIdentityByName(keychain, CFSTR("myxlpytk"), kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2759
2760 /* given the policy OID, create a SecPolicyRef */
2761 const void *keys[] = { kSecPolicyClient };
2762 const void *values[] = { kCFBooleanTrue };
2763 CFDictionaryRef properties = CFDictionaryCreate(NULL, keys, values,
2764 sizeof(keys) / sizeof(*keys),
2765 &kCFTypeDictionaryKeyCallBacks,
2766 &kCFTypeDictionaryValueCallBacks);
2767
2768 SecPolicyRef sslPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleSSL, properties);
2769 SecPolicyRef codeSigningPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleCodeSigning, NULL);
2770
2771 // look up identity by policy, want first result as a SecIdentityRef (should find "Test SSL User" identity)
2772 result += FindIdentityByPolicy(keychain, sslPolicy, kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2773
2774 // look up identity by policy, want first result as a CFDictionary of attributes (should find "Test SSL User" identity)
2775 result += FindIdentityByPolicy(keychain, sslPolicy, kSecReturnAttributes, kSecMatchLimitOne, 1, noErr);
2776 CFReleaseNull(sslPolicy);
2777
2778 // look up identity by policy, expect errSecItemNotFound error (this assumes no code signing identity is present!)
2779 result += FindIdentityByPolicy(keychain, codeSigningPolicy, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2780 CFReleaseNull(codeSigningPolicy);
2781
2782 // -------------------------
2783 // test kSecMatchValidOnDate
2784 // -------------------------
2785
2786 // make a valid date which will match at least some identities we used to populate the keychain
2787 CFGregorianDate aCurrentGDate = { 2016, 7, 20, 12, 0, 0 }; // Jul 20 2016 12:00 PM
2788 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
2789 if (FindIdentityByNameAndValidDate(keychain, CFSTR("Test SSL User"), aCurrentDate, kSecReturnRef, kSecMatchLimitAll, 1, noErr))
2790 ++result;
2791 if(aCurrentDate) CFRelease(aCurrentDate);
2792
2793 // make a date in the past which should NOT match any identities (expect errSecItemNotFound)
2794 CFGregorianDate aPastGDate = { 1984, 7, 20, 12, 0, 0 }; // Jul 20 1984 12:00 PM
2795 CFDateRef aPastDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastGDate, NULL));
2796 if (FindIdentityByNameAndValidDate(keychain, CFSTR("Test SSL User"), aPastDate, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
2797 ++result;
2798 if(aPastDate) CFRelease(aPastDate);
2799
2800 // make a date in the future which should NOT match any identities yet (expect errSecItemNotFound)
2801 CFGregorianDate aFutureGDate = { 2034, 7, 20, 12, 0, 0 }; // Jul 20 2034 12:00 PM
2802 CFDateRef aFutureDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aFutureGDate, NULL));
2803 if (FindIdentityByNameAndValidDate(keychain, CFSTR("Test SSL User"), aFutureDate, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
2804 ++result;
2805 if(aFutureDate) CFRelease(aFutureDate);
2806
2807 // make a date in the past which SHOULD match 2 identities we used to populate the keychain
2808 CFGregorianDate aPastValidGDate = { 2007, 12, 20, 12, 0, 0 }; // Dec 20 2007 12:00 PM
2809 CFDateRef aPastValidDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastValidGDate, NULL));
2810 if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), aPastValidDate, kSecReturnRef, kSecMatchLimitAll, 0, noErr))
2811 ++result;
2812 CFReleaseNull(aPastValidDate);
2813
2814 // test the ability of kCFNull to denote "currently valid" (should not find anything, since the " 2007" certs are expired)
2815 if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), kCFNull, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
2816 ++result;
2817
2818
2819 // test Ian's bug: <rdar://8197632>; the 4th argument is a string which should NOT be present in any found items
2820 if (FindIdentityByPolicyAndValidDate(keychain, kSecPolicyAppleSMIME, FALSE, kCFNull, CFSTR(" 2007"), kSecReturnAttributes, kSecMatchLimitAll, 0, errSecSuccess))
2821 ++result;
2822
2823 return result;
2824 }
2825
2826
2827 static int TestCertificateLookup(SecKeychainRef keychain)
2828 {
2829 int result = 0;
2830
2831 //======================================================================
2832 // item attribute tests (kSecItemAttr* keys)
2833 //======================================================================
2834
2835 // %%%TBA: need to flesh out this section with all certificate attributes
2836
2837 // ------------------------------------------
2838 // test kSecAttrIssuer & kSecAttrSerialNumber
2839 // ------------------------------------------
2840
2841 // look up cert by issuer & serial
2842 // %%%TBA -- underlying support was added in <rdar://8131491>; need to implement these keys
2843 //CFDictionarySetValue(query, (const void *)kSecAttrIssuer, (const void *)nameStr);
2844 //CFDictionarySetValue(query, (const void *)kSecAttrSerialNumber, (const void *)nameStr);
2845
2846 // -------------------------
2847 // test kSecAttrSubjectKeyID
2848 // -------------------------
2849
2850 // look up cert by subject key ID
2851 // %%%TBA -- can we get the subject key ID from SecCertificateCopyValues??
2852 //CFDictionarySetValue(query, (const void *)kSecAttrSubjectKeyID, (const void *)nameStr);
2853
2854 // ------------------
2855 // test kSecAttrLabel
2856 // ------------------
2857
2858 // look up cert by label, want array of all results (expect only 1) as SecCertificateRef
2859 result += FindCertificateByLabel(keychain, CFSTR("Test-5685316-LEAF"),
2860 kSecReturnRef, kSecMatchLimitAll, 1, 1, noErr);
2861
2862
2863 //======================================================================
2864 // search attribute tests (kSecMatch* keys)
2865 //======================================================================
2866
2867 // -----------------------------------
2868 // test kSecMatchEmailAddressIfPresent
2869 // -----------------------------------
2870
2871 // look up cert by email, want first result as a SecCertificateRef
2872 result += FindCertificateByEmail(keychain, CFSTR("security-dev@group.apple.com"),
2873 kSecReturnRef, kSecMatchLimitOne, 0, noErr);
2874
2875 // look up cert by email, want first result as a CFDictionaryRef of attributes
2876 result += FindCertificateByEmail(keychain, CFSTR("security-dev@group.apple.com"),
2877 kSecReturnAttributes, kSecMatchLimitOne, 0, noErr);
2878
2879 // -----------------------------
2880 // test kSecMatchSubjectContains
2881 // -----------------------------
2882
2883 // look up cert containing name, want array of all results (expect at least 3) as SecCertificateRef
2884 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316"),
2885 kSecMatchSubjectContains, kSecReturnRef, kSecMatchLimitAll, 3, noErr);
2886
2887 // look up non-existent cert by name, expect errSecItemNotFound error
2888 result += FindCertificateByNameInSubject(keychain, CFSTR("myxlpytk"),
2889 kSecMatchSubjectContains, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2890
2891 // look up cert by name, want array of all results (expect at least 2) as CFDataRef
2892 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316"),
2893 kSecMatchSubjectContains, kSecReturnData, kSecMatchLimitAll, 2, noErr);
2894
2895 // look up cert by name, want array of all results (expect at least 2) as CFDictionaryRef of attributes
2896 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316"),
2897 kSecMatchSubjectContains, kSecReturnAttributes, kSecMatchLimitAll, 2, noErr);
2898
2899 // -------------------------------
2900 // test kSecMatchSubjectStartsWith
2901 // -------------------------------
2902
2903 // look up cert starting with name, want array of all results (expect at least 3) as SecCertificateRef
2904 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-568"),
2905 kSecMatchSubjectStartsWith, kSecReturnRef, kSecMatchLimitAll, 3, noErr);
2906
2907 // look up cert starting with a name which isn't at start, expect errSecItemNotFound error
2908 result += FindCertificateByNameInSubject(keychain, CFSTR("5685316"),
2909 kSecMatchSubjectStartsWith, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2910
2911 // -----------------------------
2912 // test kSecMatchSubjectEndsWith
2913 // -----------------------------
2914
2915 // look up cert ending with name, want array of all results (expect at least 1) as SecCertificateRef
2916 result += FindCertificateByNameInSubject(keychain, CFSTR("LEAF"),
2917 kSecMatchSubjectEndsWith, kSecReturnRef, kSecMatchLimitAll, 1, noErr);
2918
2919 // look up cert ending with a name which isn't at end, expect errSecItemNotFound error
2920 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-"),
2921 kSecMatchSubjectEndsWith, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2922
2923 // --------------------------------
2924 // test kSecMatchSubjectWholeString
2925 // --------------------------------
2926
2927 // look up cert by whole name, want first result (expecting 1) as a SecCertificateRef
2928 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-5685316-LEAF"),
2929 kSecMatchSubjectWholeString, kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2930
2931 // look up cert by whole name (which is a substring in other certs), expect errSecItemNotFound error
2932 result += FindCertificateByNameInSubject(keychain, CFSTR("Test-568"),
2933 kSecMatchSubjectWholeString, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
2934
2935 // --------------------
2936 // test kSecMatchPolicy
2937 // --------------------
2938
2939 const void *keys[] = { kSecPolicyClient };
2940 const void *values[] = { kCFBooleanTrue };
2941 CFDictionaryRef properties = CFDictionaryCreate(NULL, keys, values,
2942 sizeof(keys) / sizeof(*keys),
2943 &kCFTypeDictionaryKeyCallBacks,
2944 &kCFTypeDictionaryValueCallBacks);
2945
2946 SecPolicyRef sslPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleSSL, properties);
2947 SecPolicyRef codeSigningPolicy = SecPolicyCreateWithProperties(kSecPolicyAppleCodeSigning, NULL);
2948 SecPolicyRef smimePolicy = SecPolicyCreateWithProperties(kSecPolicyAppleSMIME, NULL);
2949
2950 // look up cert by name and policy (Code Signing), want first result as a SecCertificateRef
2951 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test-7875801"),
2952 codeSigningPolicy,
2953 kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2954
2955 // look up cert by name and policy (S/MIME), want first result as a SecCertificateRef
2956 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test-"),
2957 smimePolicy,
2958 kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2959
2960 // look up cert by name and policy (SSL), want first result as a SecCertificateRef
2961 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test "),
2962 sslPolicy,
2963 kSecReturnRef, kSecMatchLimitOne, 1, noErr);
2964
2965 // look up cert by name and policy, want array of all results as SecCertificateRef
2966 result += FindCertificateByNameAndPolicy(keychain, CFSTR("Test-7875801"),
2967 codeSigningPolicy,
2968 kSecReturnAttributes, kSecMatchLimitAll, 1, noErr);
2969
2970 // look up cert by email address for SMIME encryption, date valid today, want array of all results as SecCertificateRef
2971 // (note that a date value of kCFNull is interpreted as the current date)
2972 result += FindCertificateForSMIMEEncryption(keychain, CFSTR("smime-test@apple.com"), kCFNull,
2973 kSecReturnRef, kSecMatchLimitAll, 1, 1, noErr);
2974
2975 CFReleaseSafe(sslPolicy);
2976 CFReleaseSafe(codeSigningPolicy);
2977 CFReleaseSafe(smimePolicy);
2978 CFReleaseSafe(properties);
2979
2980 // -------------------------
2981 // test kSecMatchValidOnDate
2982 // -------------------------
2983
2984 // make a valid date which will match at least 2 certificates we used to populate the keychain
2985 CFGregorianDate aCurrentGDate = { 2010, 7, 20, 12, 0, 0 }; // Jul 20 2010 12:00 PM
2986 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
2987 if (FindCertificateByNameAndValidDate(keychain, CFSTR("Test-"), aCurrentDate, kSecReturnRef, kSecMatchLimitAll, 2, noErr))
2988 ++result;
2989 if(aCurrentDate) CFRelease(aCurrentDate);
2990
2991 // make a date in the past which should NOT match any certificates (expect errSecItemNotFound)
2992 CFGregorianDate aPastGDate = { 1984, 7, 20, 12, 0, 0 }; // Jul 20 1984 12:00 PM
2993 CFDateRef aPastDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastGDate, NULL));
2994 if (FindCertificateByNameAndValidDate(keychain, CFSTR("Test-"), aPastDate, kSecReturnRef, kSecMatchLimitAll, 2, errSecItemNotFound))
2995 ++result;
2996 if(aPastDate) CFRelease(aPastDate);
2997
2998 // make a date in the future which should NOT match any certificates yet (expect errSecItemNotFound)
2999 CFGregorianDate aFutureGDate = { 2034, 7, 20, 12, 0, 0 }; // Jul 20 2034 12:00 PM
3000 CFDateRef aFutureDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aFutureGDate, NULL));
3001 if (FindCertificateByNameAndValidDate(keychain, CFSTR("Test-"), aFutureDate, kSecReturnRef, kSecMatchLimitAll, 2, errSecItemNotFound))
3002 ++result;
3003 if(aFutureDate) CFRelease(aFutureDate);
3004
3005 return result;
3006 }
3007
3008
3009 static int TestPreferredIdentityLookup(SecKeychainRef keychain)
3010 {
3011 int result = 0;
3012
3013 // set a preferred identity first
3014 if (SetPreferredIdentityForSMIMESigning(keychain, CFSTR("Test-SignOnly (S/MIME)"), CFSTR("smime-test@apple.com")))
3015 ++result;
3016
3017 // define a valid date for this preferred identity (typically this would just be kCFNull in a real program, meaning "now")
3018 CFGregorianDate aCurrentGDate = { 2016, 7, 27, 21, 0, 0 }; // Jul 27 2016 9:00 PM
3019 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
3020 if (FindPreferredIdentityForSMIMESigning(keychain, CFSTR("smime-test@apple.com"), aCurrentDate))
3021 ++result;
3022 if(aCurrentDate) CFRelease(aCurrentDate);
3023
3024 // delete identity preference(s) for this email address by setting a NULL identity
3025 ok_status(SecIdentitySetPreferred(NULL, CFSTR("smime-test@apple.com"), 0), "TestPreferredIdentityLookup: SecIdentitySetPreferred");
3026
3027 return result;
3028 }
3029
3030
3031 static int TestPreferredCertificateLookup(SecKeychainRef keychain)
3032 {
3033 int result = 0;
3034
3035 // set a preferred certificate first
3036 if (SetPreferredCertificateForSMIMEEncryption(keychain, CFSTR("Test-Encryption (S/MIME)"), CFSTR("smime-test@apple.com")))
3037 ++result;
3038
3039 // define a valid date for this preferred certificate (typically this would just be kCFNull in a real program, meaning "now")
3040 CFGregorianDate aCurrentGDate = { 2016, 9, 27, 21, 0, 0 }; // September 27 2016 9:00 PM
3041 CFDateRef aCurrentDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aCurrentGDate, NULL));
3042 if (FindPreferredCertificateForSMIMEEncryption(keychain, CFSTR("smime-test@apple.com"), aCurrentDate))
3043 ++result;
3044 if(aCurrentDate) CFRelease(aCurrentDate);
3045
3046 // delete certificate preference(s) for this email address by setting a NULL identity
3047 ok_status(SecCertificateSetPreferred(NULL, CFSTR("smime-test@apple.com"), 0), "TestPreferredCertificateLookup: SecCertificateSetPreferred");
3048
3049 return result;
3050 }
3051
3052
3053 static int TestSymmetricKeyLookup(SecKeychainRef keychain)
3054 {
3055 int result = 0;
3056
3057 // look up our symmetric key by label and UUID (it might not exist yet)
3058 if (FindSymmetricKey(keychain, g18Label, g18UUID, NULL, errSecItemNotFound) != errSecSuccess) {
3059 // create test key (unique by UUID only)
3060 if (CreateSymmetricKey(keychain, g18Label, g18UUID, NULL, errSecSuccess) != errSecSuccess)
3061 ++result;
3062 // look it up again (it should exist now!)
3063 if (FindSymmetricKey(keychain, g18Label, g18UUID, NULL, errSecSuccess) != errSecSuccess)
3064 ++result;
3065 }
3066
3067 // now look up a key whose name is derived from today's date
3068 // (so we can make sure on a daily basis that SecKeyGenerateSymmetric is still working)
3069 CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
3070 CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
3071 g18Prefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
3072
3073 //
3074 //%%% FIXME Creating a symmetric key with attributes that would duplicate an existing
3075 // key item currently results in a broken <unknown> key which can't be found: <rdar://8289559>
3076 //
3077 //CFStringRef curAppTag = curDateLabel; // i.e. make sure it will be unique, for now
3078 CFStringRef curAppTag = CFSTR("SecItemFind");
3079
3080 // look up our date-based symmetric key by label, UUID, and tag (it might not exist yet)
3081 if (FindSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecItemNotFound) != errSecSuccess) {
3082 // create test key (unique by combination of UUID and application tag)
3083 if (CreateSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecSuccess) != errSecSuccess)
3084 ++result;
3085 // look it up again (it should exist now!)
3086 if (FindSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecSuccess) != errSecSuccess)
3087 ++result;
3088 }
3089
3090 // test handling of duplicate symmetric key items (<rdar://8289559>)
3091 if (CreateSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecDuplicateItem) != errSecDuplicateItem)
3092 ++result;
3093
3094 CFRelease(curDateLabel);
3095
3096 return result;
3097 }
3098
3099
3100 static int TestInternetPasswordLookup(SecKeychainRef keychain)
3101 {
3102 int result = 0;
3103
3104 // look up internet password by account and server, want first result as data
3105 if (FindInternetPasswordByAccountAndServer(keychain, CFSTR("nobody"),
3106 CFSTR("test2.subdomain.apple.com"), kSecReturnData, kSecMatchLimitOne, 1, noErr))
3107 ++result;
3108
3109 // look up internet password by account and server, want dictionary of the item's attributes
3110 if (FindInternetPasswordByAccountAndServer(keychain, CFSTR("nobody"),
3111 CFSTR("test2.subdomain.apple.com"), kSecReturnAttributes, kSecMatchLimitOne, 1, noErr))
3112 ++result;
3113
3114 // look up internet passwords by account, want array of SecKeychainItemRef results
3115 if (FindInternetPasswordByAccount(keychain, CFSTR("nobody"),
3116 kSecReturnRef, kSecMatchLimitAll, 1, noErr))
3117 ++result;
3118
3119 // look up a Mail password for an IMAP account, replacing SecKeychainFindInternetPassword
3120 // (see <rdar://8347516>)
3121 if (FindMailPassword(keychain, CFSTR("testacct"), CFSTR("mail.apple.com")))
3122 ++result;
3123
3124 return result;
3125 }
3126
3127
3128 static int TestGenericPasswordLookup(SecKeychainRef keychain)
3129 {
3130 int result = 0;
3131
3132 // look up generic password by account and service, want first result as data
3133 if (FindGenericPasswordByAccountAndService(keychain, CFSTR("nobody"),
3134 CFSTR("Test Service 42"), kSecReturnData, kSecMatchLimitOne, 1, noErr))
3135 ++result;
3136
3137 // look up generic password by account and service, dictionary of the item's attributes
3138 if (FindGenericPasswordByAccountAndService(keychain, CFSTR("nobody"),
3139 CFSTR("Test Service 42"), kSecReturnAttributes, kSecMatchLimitOne, 1, noErr))
3140 ++result;
3141
3142 // look up generic passwords by account, want array of SecKeychainItemRef results
3143 if (FindGenericPasswordByAccount(keychain, CFSTR("nobody"),
3144 kSecReturnRef, kSecMatchLimitAll, 1, noErr))
3145 ++result;
3146
3147 return result;
3148 }
3149
3150
3151 static int TestUpdateItems(SecKeychainRef keychain)
3152 {
3153 int result = 0;
3154
3155 // test for <rdar://8658820>
3156 // create a new 1024-bit RSA key pair
3157 SecKeyRef publicKey = NULL;
3158 SecKeyRef privateKey = NULL;
3159 CFMutableDictionaryRef params = CFDictionaryCreateMutable(NULL, 0,
3160 &kCFTypeDictionaryKeyCallBacks,
3161 &kCFTypeDictionaryValueCallBacks);
3162 int keySizeValue = 1024;
3163 CFNumberRef keySize = CFNumberCreate(NULL, kCFNumberIntType, &keySizeValue);
3164 CFStringRef keyLabel = CFSTR("AppleID 8658820 test key");
3165 CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeRSA );
3166 CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize ); CFReleaseNull(keySize);
3167 CFDictionaryAddValue( params, kSecAttrLabel, keyLabel );
3168 CFDictionaryAddValue( params, kSecUseKeychain, keychain );
3169 // CFDictionaryAddValue( params, kSecAttrAccess, access );
3170 // %%% note that SecKeyGeneratePair will create the key pair in the default keychain
3171 // if a keychain is not given via the kSecUseKeychain parameter.
3172 OSStatus status = SecKeyGeneratePair(params, &publicKey, &privateKey);
3173 if (status != noErr) {
3174 ++result;
3175 }
3176 PrintTestResult("TestUpdateItems: generating key pair", status, noErr);
3177
3178 // create a query which will match just the private key item (based on its known reference)
3179 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0,
3180 &kCFTypeDictionaryKeyCallBacks,
3181 &kCFTypeDictionaryValueCallBacks);
3182 CFArrayRef itemList = CFArrayCreate(NULL, (const void**) &privateKey, 1, &kCFTypeArrayCallBacks);
3183 // %%% note that kSecClass seems to be a required query parameter even though
3184 // kSecMatchItemList is provided; that looks like it could be a bug...
3185 CFDictionaryAddValue( query, kSecClass, kSecClassKey );
3186 // CFDictionaryAddValue( query, kSecAttrKeyClass, kSecAttrKeyClassPrivate );
3187 CFDictionaryAddValue( query, kSecMatchItemList, itemList );
3188
3189 CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks);
3190 CFArrayAppendValue((CFMutableArrayRef)searchList, keychain);
3191 CFDictionarySetValue(query, kSecMatchSearchList, searchList);
3192
3193 // create dictionary of changed attributes for the private key
3194 CFMutableDictionaryRef attrs = CFDictionaryCreateMutable(NULL, 0,
3195 &kCFTypeDictionaryKeyCallBacks,
3196 &kCFTypeDictionaryValueCallBacks);
3197 SecAccessRef access = NULL;
3198 CFStringRef newLabel = CFSTR("AppleID 8658820 test PRIVATE key");
3199 status = SecAccessCreate(newLabel, NULL, &access);
3200 if (status != noErr) {
3201 ++result;
3202 }
3203 PrintTestResult("TestUpdateItems: creating access", status, noErr);
3204 //%%% note that changing the access for this key causes a dialog,
3205 // so leave this out for the moment (uncomment to test that access change works).
3206 // Normally the desired access should be passed into the SecKeyGeneratePair function.
3207 // so there is no need for a dialog later.
3208 // CFDictionaryAddValue( attrs, kSecAttrAccess, access );
3209 CFDictionaryAddValue( attrs, kSecAttrLabel, newLabel );
3210
3211 // update the private key with the new attributes
3212 status = SecItemUpdate( query, attrs );
3213 if (status != noErr) {
3214 ++result;
3215 }
3216 PrintTestResult("TestUpdateItems: updating item", status, noErr);
3217
3218 if (publicKey)
3219 CFRelease(publicKey);
3220 if (privateKey)
3221 CFRelease(privateKey);
3222 if (access)
3223 CFRelease(access);
3224
3225 if (params)
3226 CFRelease(params);
3227 if (query)
3228 CFRelease(query);
3229 if (attrs)
3230 CFRelease(attrs);
3231
3232 return result;
3233 }
3234
3235
3236 static int TestDeleteItems(SecKeychainRef keychain)
3237 {
3238 int result = 0;
3239
3240 // delete our 3 test certificates that start with "Test-5685316-"
3241 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-5685316-"), NULL, kSecClassCertificate, kSecMatchLimitAll, 3, noErr))
3242 ++result;
3243
3244 // delete our 2 test identities that start with "Test Identity S" (fixed by <rdar://8317856>)
3245 if (FindAndDeleteItemsByName(keychain, CFSTR("Test Identity S"), NULL, kSecClassIdentity, kSecMatchLimitAll, 2, noErr))
3246 ++result;
3247
3248 // delete the "Test-SignOnly (S/MIME)" identity
3249 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-SignOnly (S/MIME)"), NULL, kSecClassIdentity, kSecMatchLimitAll, 1, noErr))
3250 ++result;
3251
3252 // delete the "Test-Encryption (S/MIME)" certificate
3253 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-Encryption (S/MIME)"), NULL, kSecClassCertificate, kSecMatchLimitAll, 1, noErr))
3254 ++result;
3255
3256 // delete the "Test-7875801 (Code Signing)" certificate
3257 if (FindAndDeleteItemsByName(keychain, CFSTR("Test-7875801 (Code Signing)"), NULL, kSecClassCertificate, kSecMatchLimitAll, 1, noErr))
3258 ++result;
3259
3260 // delete our test passwords (no partial string matching for password items! need an ER Radar...)
3261 if (FindAndDeleteItemsByName(keychain, CFSTR("Test Service 42"), NULL, kSecClassGenericPassword, kSecMatchLimitAll, 1, noErr))
3262 ++result;
3263 if (FindAndDeleteItemsByName(keychain, CFSTR("Test Service 69"), NULL, kSecClassGenericPassword, kSecMatchLimitAll, 1, noErr))
3264 ++result;
3265 if (FindAndDeleteItemsByName(keychain, CFSTR("test1.subdomain.apple.com"), NULL, kSecClassInternetPassword, kSecMatchLimitAll, 1, noErr))
3266 ++result;
3267 if (FindAndDeleteItemsByName(keychain, CFSTR("test2.subdomain.apple.com"), NULL, kSecClassInternetPassword, kSecMatchLimitAll, 1, noErr))
3268 ++result;
3269 if (FindAndDeleteItemsByName(keychain, CFSTR("mail.apple.com"), CFSTR("testacct"), kSecClassInternetPassword, kSecMatchLimitAll, 1, noErr))
3270 ++result;
3271
3272 // delete our test symmetric keys (no partial string matching for key items! need an ER Radar...)
3273 if (FindAndDeleteItemsByName(keychain, g18Label, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3274 ++result;
3275 CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
3276 CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
3277 g18Prefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
3278 if (FindAndDeleteItemsByName(keychain, curDateLabel, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3279 ++result;
3280 CFRelease(curDateLabel);
3281
3282 // delete our test asymmetric key pair (remember we renamed the private key...)
3283 if (FindAndDeleteItemsByName(keychain, CFSTR("AppleID 8658820 test key"), NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3284 ++result;
3285 if (FindAndDeleteItemsByName(keychain, CFSTR("AppleID 8658820 test PRIVATE key"), NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
3286 ++result;
3287
3288 return result;
3289 }
3290
3291
3292 int kc_18_find_combined (int argc, char *const *argv)
3293 {
3294 plan_tests(167);
3295
3296 printf("Getting -25308 or -25293? Try unlocking your default keychain; that's where identity and certificate preferences are stored (with no other option).\n");
3297
3298 debug = test_verbose;
3299
3300 SecKeychainRef keychain = createNewKeychain("SecItemTest.keychain", "test");
3301 addToSearchList(keychain);
3302
3303 TestAddItems(keychain);
3304 TestGenericPasswordLookup(keychain);
3305 TestInternetPasswordLookup(keychain);
3306 TestSymmetricKeyLookup(keychain);
3307 TestCertificateLookup(keychain);
3308 TestIdentityLookup(keychain);
3309 TestPreferredIdentityLookup(keychain);
3310 TestPreferredCertificateLookup(keychain);
3311 TestUpdateItems(keychain);
3312 TestDeleteItems(keychain);
3313
3314 ok_status(SecKeychainDelete(keychain), "SecKeychainDelete");
3315 CFReleaseNull(keychain);
3316
3317 deleteTestFiles();
3318 return 0;
3319 }