X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..02b2aca600d4a0fe6fb259262bd6808ef889acde:/OSX/sec/Security/Regressions/secitem/si-22-sectrust-iap.c diff --git a/OSX/sec/Security/Regressions/secitem/si-22-sectrust-iap.c b/OSX/sec/Security/Regressions/secitem/si-22-sectrust-iap.c index dcb64ccf..934d1161 100644 --- a/OSX/sec/Security/Regressions/secitem/si-22-sectrust-iap.c +++ b/OSX/sec/Security/Regressions/secitem/si-22-sectrust-iap.c @@ -1,532 +1,23 @@ /* - * Copyright (c) 2006-2010,2012-2014 Apple Inc. All Rights Reserved. + * Copyright (c) 2006-2017 Apple Inc. All Rights Reserved. */ +#include #include #include #include #include #include #include +#include #include #include -#include "Security_regressions.h" +#include "shared_regressions.h" -/* - subject= /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple iPod Accessories Certification Authority - issuer= /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA - serial=16 -*/ -const uint8_t _iAP1CA[] = { - 0x30, 0x82, 0x03, 0xfe, 0x30, 0x82, 0x02, 0xe6, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x16, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, - 0x62, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, - 0x0a, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20, 0x49, - 0x6e, 0x63, 0x2e, 0x31, 0x26, 0x30, 0x24, 0x06, - 0x03, 0x55, 0x04, 0x0b, 0x13, 0x1d, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x43, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x74, 0x79, 0x31, 0x16, 0x30, 0x14, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x13, 0x0d, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x52, 0x6f, 0x6f, 0x74, - 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x30, - 0x37, 0x30, 0x32, 0x31, 0x34, 0x32, 0x32, 0x31, - 0x38, 0x30, 0x38, 0x5a, 0x17, 0x0d, 0x32, 0x32, - 0x30, 0x32, 0x31, 0x34, 0x32, 0x32, 0x31, 0x38, - 0x30, 0x38, 0x5a, 0x30, 0x81, 0x83, 0x31, 0x0b, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0a, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x2e, - 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x1d, 0x41, 0x70, 0x70, 0x6c, 0x65, - 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, - 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x41, - 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, - 0x31, 0x37, 0x30, 0x35, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x13, 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x65, - 0x20, 0x69, 0x50, 0x6f, 0x64, 0x20, 0x41, 0x63, - 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x69, 0x65, - 0x73, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, - 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, - 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, - 0x79, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, - 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, - 0x01, 0x00, 0xa1, 0xf6, 0xca, 0xdb, 0x3d, 0x4a, - 0x5a, 0x3e, 0xef, 0x74, 0x78, 0xf1, 0xb7, 0xb0, - 0x32, 0x82, 0x1f, 0x90, 0xc6, 0x08, 0xdf, 0xaa, - 0x3b, 0xd2, 0xcb, 0x0f, 0xe6, 0x37, 0x13, 0xf8, - 0xff, 0x71, 0xfc, 0x28, 0x86, 0x24, 0x36, 0x85, - 0x3f, 0xd0, 0x1d, 0x9c, 0xd0, 0x9c, 0xb2, 0x5d, - 0x20, 0x41, 0xdc, 0xb0, 0xd8, 0xa8, 0x86, 0x3c, - 0x42, 0x3c, 0xbe, 0x5a, 0x48, 0xdf, 0x34, 0x74, - 0x9a, 0x61, 0x05, 0x0d, 0xce, 0xc8, 0x25, 0x14, - 0xc8, 0x0a, 0xcd, 0xbd, 0xba, 0x12, 0x1b, 0x3b, - 0x41, 0x13, 0x8e, 0x38, 0x65, 0x1d, 0xac, 0x1d, - 0xd5, 0x38, 0x95, 0x9d, 0x3a, 0xd0, 0x79, 0x5c, - 0x66, 0x9c, 0x47, 0x4b, 0x2c, 0xb8, 0x44, 0x3b, - 0x7e, 0x8b, 0x68, 0x39, 0x3e, 0x46, 0xc1, 0xb8, - 0xc0, 0x85, 0xd6, 0x84, 0xfb, 0x0e, 0xa6, 0xdd, - 0x34, 0x06, 0xda, 0x1c, 0x78, 0xd9, 0xc4, 0x63, - 0x11, 0x1b, 0xcf, 0x20, 0x15, 0xd2, 0x7a, 0xef, - 0x60, 0x40, 0xdf, 0xba, 0xe0, 0x05, 0x45, 0x41, - 0x82, 0x0e, 0x9b, 0x78, 0x2d, 0x2a, 0xb4, 0x94, - 0xb5, 0xca, 0x79, 0xcd, 0xdb, 0xb5, 0x95, 0x02, - 0xbe, 0x55, 0x2c, 0x36, 0x21, 0xaf, 0x6e, 0x39, - 0xb6, 0x76, 0x5a, 0xec, 0x5d, 0x6a, 0xf3, 0xcc, - 0xfa, 0x90, 0x8a, 0x15, 0x77, 0xbb, 0xba, 0x5c, - 0x2b, 0xa1, 0x87, 0xf8, 0x0e, 0x70, 0x5d, 0x23, - 0x01, 0x08, 0x79, 0xef, 0xab, 0xd7, 0x91, 0x38, - 0x81, 0x35, 0xb3, 0x07, 0xd4, 0x79, 0xa2, 0x25, - 0xa7, 0xf7, 0x90, 0x75, 0xeb, 0xeb, 0x71, 0xa2, - 0xd0, 0xc1, 0xab, 0x02, 0x06, 0xf9, 0x07, 0x08, - 0x97, 0x35, 0xda, 0x7e, 0x4d, 0x61, 0x51, 0x75, - 0x92, 0xf6, 0x19, 0xf5, 0xdf, 0xfb, 0xc9, 0xa5, - 0x4e, 0x9b, 0x8a, 0x14, 0x11, 0x4c, 0x10, 0x74, - 0x83, 0xaf, 0x2f, 0xfc, 0xb6, 0xd6, 0x6b, 0x57, - 0x46, 0x1d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, - 0x81, 0x9c, 0x30, 0x81, 0x99, 0x30, 0x0e, 0x06, - 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, - 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0f, 0x06, - 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, - 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, - 0x14, 0xff, 0x4b, 0x1a, 0x43, 0x9a, 0xf5, 0x19, - 0x96, 0xab, 0x18, 0x00, 0x2b, 0x61, 0xc9, 0xee, - 0x40, 0x9d, 0x8e, 0xc7, 0x04, 0x30, 0x1f, 0x06, - 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, - 0x80, 0x14, 0x2b, 0xd0, 0x69, 0x47, 0x94, 0x76, - 0x09, 0xfe, 0xf4, 0x6b, 0x8d, 0x2e, 0x40, 0xa6, - 0xf7, 0x47, 0x4d, 0x7f, 0x08, 0x5e, 0x30, 0x36, - 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x2f, 0x30, - 0x2d, 0x30, 0x2b, 0xa0, 0x29, 0xa0, 0x27, 0x86, - 0x25, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, - 0x77, 0x77, 0x77, 0x2e, 0x61, 0x70, 0x70, 0x6c, - 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x70, - 0x70, 0x6c, 0x65, 0x63, 0x61, 0x2f, 0x72, 0x6f, - 0x6f, 0x74, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x0d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, - 0x01, 0x00, 0x9e, 0xb4, 0xaf, 0x3d, 0xb7, 0x61, - 0xe0, 0x64, 0xc3, 0x86, 0x27, 0xd2, 0x3f, 0xe9, - 0xe4, 0x08, 0x50, 0x77, 0xa2, 0x81, 0x09, 0x8c, - 0x7d, 0xb7, 0xd0, 0x54, 0x52, 0xde, 0xfe, 0x8d, - 0x48, 0xf2, 0x86, 0xc1, 0x17, 0xe5, 0x1a, 0x5d, - 0x29, 0x20, 0xd3, 0x81, 0xca, 0xee, 0xc8, 0xa3, - 0x61, 0xb3, 0x90, 0x9f, 0x73, 0xe8, 0xe3, 0xc8, - 0xbc, 0xa7, 0x12, 0xb4, 0x8c, 0x2d, 0xaa, 0xf5, - 0x39, 0x27, 0x19, 0xf5, 0xfb, 0xf9, 0x14, 0x7b, - 0x3a, 0xb4, 0x78, 0x1a, 0x9a, 0x4c, 0x96, 0xeb, - 0x36, 0xc7, 0xfe, 0xb5, 0xe7, 0x14, 0x7e, 0x6c, - 0x4f, 0xa8, 0x22, 0xba, 0x23, 0x82, 0xf0, 0xce, - 0xfa, 0x09, 0x7b, 0x8a, 0x0d, 0x5a, 0x61, 0x21, - 0x74, 0x7a, 0xca, 0xc2, 0xca, 0x6b, 0xc2, 0x63, - 0x40, 0x77, 0x23, 0x2b, 0x8f, 0xa0, 0x29, 0x5c, - 0xeb, 0xad, 0xfc, 0xcc, 0xdc, 0x5a, 0x42, 0x42, - 0x2e, 0xc8, 0x4f, 0xb4, 0x90, 0xd2, 0x6e, 0xfc, - 0x4f, 0x8a, 0x0e, 0xa8, 0xb7, 0x83, 0x5c, 0x5c, - 0x12, 0x02, 0x15, 0x17, 0xa8, 0x65, 0x7d, 0x5a, - 0x28, 0x2b, 0x69, 0x5f, 0x76, 0x9e, 0x2f, 0xe0, - 0x9e, 0xec, 0x41, 0x57, 0x97, 0xc5, 0x0f, 0x9a, - 0xa0, 0x70, 0xb8, 0x2c, 0x8f, 0x6d, 0x80, 0xb5, - 0x46, 0xec, 0xe8, 0x58, 0xb0, 0x04, 0x40, 0x3c, - 0xc3, 0x62, 0x8a, 0x0a, 0xb7, 0xa9, 0x5b, 0x58, - 0x7d, 0xea, 0x7b, 0x8c, 0xff, 0xf7, 0xf8, 0xbf, - 0xd2, 0xc1, 0x95, 0x76, 0x05, 0xd7, 0x5d, 0x16, - 0x4d, 0xf1, 0x1e, 0x7d, 0xb2, 0x81, 0x10, 0xe8, - 0x47, 0x74, 0x12, 0xf1, 0xe6, 0x60, 0x3f, 0xe3, - 0x6f, 0xb6, 0xa4, 0xc6, 0xe1, 0x08, 0xb3, 0xe4, - 0x7d, 0x98, 0xf1, 0xfb, 0xd0, 0x42, 0xb2, 0x59, - 0x26, 0x17, 0xfb, 0x72, 0x6b, 0x05, 0xa9, 0xac, - 0x94, 0xbf, 0x88, 0x0a, 0x09, 0xef, 0xd2, 0xa5, - 0x25, 0xae -}; - -/* - subject= /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple iPod Accessories Certification Authority - issuer= /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA - serial=16 -*/ -const uint8_t _iAP2CA[] = { - 0x30, 0x82, 0x03, 0xfe, 0x30, 0x82, 0x02, 0xe6, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x16, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, - 0x62, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, - 0x0a, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20, 0x49, - 0x6e, 0x63, 0x2e, 0x31, 0x26, 0x30, 0x24, 0x06, - 0x03, 0x55, 0x04, 0x0b, 0x13, 0x1d, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x43, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x74, 0x79, 0x31, 0x16, 0x30, 0x14, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x13, 0x0d, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x52, 0x6f, 0x6f, 0x74, - 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x30, - 0x37, 0x30, 0x32, 0x31, 0x34, 0x32, 0x32, 0x31, - 0x38, 0x30, 0x38, 0x5a, 0x17, 0x0d, 0x32, 0x32, - 0x30, 0x32, 0x31, 0x34, 0x32, 0x32, 0x31, 0x38, - 0x30, 0x38, 0x5a, 0x30, 0x81, 0x83, 0x31, 0x0b, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0a, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x2e, - 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x1d, 0x41, 0x70, 0x70, 0x6c, 0x65, - 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, - 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x41, - 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, - 0x31, 0x37, 0x30, 0x35, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x13, 0x2e, 0x41, 0x70, 0x70, 0x6c, 0x65, - 0x20, 0x69, 0x50, 0x6f, 0x64, 0x20, 0x41, 0x63, - 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x69, 0x65, - 0x73, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, - 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, - 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, - 0x79, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, - 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, - 0x01, 0x00, 0xa1, 0xf6, 0xca, 0xdb, 0x3d, 0x4a, - 0x5a, 0x3e, 0xef, 0x74, 0x78, 0xf1, 0xb7, 0xb0, - 0x32, 0x82, 0x1f, 0x90, 0xc6, 0x08, 0xdf, 0xaa, - 0x3b, 0xd2, 0xcb, 0x0f, 0xe6, 0x37, 0x13, 0xf8, - 0xff, 0x71, 0xfc, 0x28, 0x86, 0x24, 0x36, 0x85, - 0x3f, 0xd0, 0x1d, 0x9c, 0xd0, 0x9c, 0xb2, 0x5d, - 0x20, 0x41, 0xdc, 0xb0, 0xd8, 0xa8, 0x86, 0x3c, - 0x42, 0x3c, 0xbe, 0x5a, 0x48, 0xdf, 0x34, 0x74, - 0x9a, 0x61, 0x05, 0x0d, 0xce, 0xc8, 0x25, 0x14, - 0xc8, 0x0a, 0xcd, 0xbd, 0xba, 0x12, 0x1b, 0x3b, - 0x41, 0x13, 0x8e, 0x38, 0x65, 0x1d, 0xac, 0x1d, - 0xd5, 0x38, 0x95, 0x9d, 0x3a, 0xd0, 0x79, 0x5c, - 0x66, 0x9c, 0x47, 0x4b, 0x2c, 0xb8, 0x44, 0x3b, - 0x7e, 0x8b, 0x68, 0x39, 0x3e, 0x46, 0xc1, 0xb8, - 0xc0, 0x85, 0xd6, 0x84, 0xfb, 0x0e, 0xa6, 0xdd, - 0x34, 0x06, 0xda, 0x1c, 0x78, 0xd9, 0xc4, 0x63, - 0x11, 0x1b, 0xcf, 0x20, 0x15, 0xd2, 0x7a, 0xef, - 0x60, 0x40, 0xdf, 0xba, 0xe0, 0x05, 0x45, 0x41, - 0x82, 0x0e, 0x9b, 0x78, 0x2d, 0x2a, 0xb4, 0x94, - 0xb5, 0xca, 0x79, 0xcd, 0xdb, 0xb5, 0x95, 0x02, - 0xbe, 0x55, 0x2c, 0x36, 0x21, 0xaf, 0x6e, 0x39, - 0xb6, 0x76, 0x5a, 0xec, 0x5d, 0x6a, 0xf3, 0xcc, - 0xfa, 0x90, 0x8a, 0x15, 0x77, 0xbb, 0xba, 0x5c, - 0x2b, 0xa1, 0x87, 0xf8, 0x0e, 0x70, 0x5d, 0x23, - 0x01, 0x08, 0x79, 0xef, 0xab, 0xd7, 0x91, 0x38, - 0x81, 0x35, 0xb3, 0x07, 0xd4, 0x79, 0xa2, 0x25, - 0xa7, 0xf7, 0x90, 0x75, 0xeb, 0xeb, 0x71, 0xa2, - 0xd0, 0xc1, 0xab, 0x02, 0x06, 0xf9, 0x07, 0x08, - 0x97, 0x35, 0xda, 0x7e, 0x4d, 0x61, 0x51, 0x75, - 0x92, 0xf6, 0x19, 0xf5, 0xdf, 0xfb, 0xc9, 0xa5, - 0x4e, 0x9b, 0x8a, 0x14, 0x11, 0x4c, 0x10, 0x74, - 0x83, 0xaf, 0x2f, 0xfc, 0xb6, 0xd6, 0x6b, 0x57, - 0x46, 0x1d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, - 0x81, 0x9c, 0x30, 0x81, 0x99, 0x30, 0x0e, 0x06, - 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, - 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0f, 0x06, - 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, - 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, - 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, - 0x14, 0xff, 0x4b, 0x1a, 0x43, 0x9a, 0xf5, 0x19, - 0x96, 0xab, 0x18, 0x00, 0x2b, 0x61, 0xc9, 0xee, - 0x40, 0x9d, 0x8e, 0xc7, 0x04, 0x30, 0x1f, 0x06, - 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, - 0x80, 0x14, 0x2b, 0xd0, 0x69, 0x47, 0x94, 0x76, - 0x09, 0xfe, 0xf4, 0x6b, 0x8d, 0x2e, 0x40, 0xa6, - 0xf7, 0x47, 0x4d, 0x7f, 0x08, 0x5e, 0x30, 0x36, - 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x2f, 0x30, - 0x2d, 0x30, 0x2b, 0xa0, 0x29, 0xa0, 0x27, 0x86, - 0x25, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, - 0x77, 0x77, 0x77, 0x2e, 0x61, 0x70, 0x70, 0x6c, - 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x70, - 0x70, 0x6c, 0x65, 0x63, 0x61, 0x2f, 0x72, 0x6f, - 0x6f, 0x74, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x0d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, - 0x01, 0x00, 0x9e, 0xb4, 0xaf, 0x3d, 0xb7, 0x61, - 0xe0, 0x64, 0xc3, 0x86, 0x27, 0xd2, 0x3f, 0xe9, - 0xe4, 0x08, 0x50, 0x77, 0xa2, 0x81, 0x09, 0x8c, - 0x7d, 0xb7, 0xd0, 0x54, 0x52, 0xde, 0xfe, 0x8d, - 0x48, 0xf2, 0x86, 0xc1, 0x17, 0xe5, 0x1a, 0x5d, - 0x29, 0x20, 0xd3, 0x81, 0xca, 0xee, 0xc8, 0xa3, - 0x61, 0xb3, 0x90, 0x9f, 0x73, 0xe8, 0xe3, 0xc8, - 0xbc, 0xa7, 0x12, 0xb4, 0x8c, 0x2d, 0xaa, 0xf5, - 0x39, 0x27, 0x19, 0xf5, 0xfb, 0xf9, 0x14, 0x7b, - 0x3a, 0xb4, 0x78, 0x1a, 0x9a, 0x4c, 0x96, 0xeb, - 0x36, 0xc7, 0xfe, 0xb5, 0xe7, 0x14, 0x7e, 0x6c, - 0x4f, 0xa8, 0x22, 0xba, 0x23, 0x82, 0xf0, 0xce, - 0xfa, 0x09, 0x7b, 0x8a, 0x0d, 0x5a, 0x61, 0x21, - 0x74, 0x7a, 0xca, 0xc2, 0xca, 0x6b, 0xc2, 0x63, - 0x40, 0x77, 0x23, 0x2b, 0x8f, 0xa0, 0x29, 0x5c, - 0xeb, 0xad, 0xfc, 0xcc, 0xdc, 0x5a, 0x42, 0x42, - 0x2e, 0xc8, 0x4f, 0xb4, 0x90, 0xd2, 0x6e, 0xfc, - 0x4f, 0x8a, 0x0e, 0xa8, 0xb7, 0x83, 0x5c, 0x5c, - 0x12, 0x02, 0x15, 0x17, 0xa8, 0x65, 0x7d, 0x5a, - 0x28, 0x2b, 0x69, 0x5f, 0x76, 0x9e, 0x2f, 0xe0, - 0x9e, 0xec, 0x41, 0x57, 0x97, 0xc5, 0x0f, 0x9a, - 0xa0, 0x70, 0xb8, 0x2c, 0x8f, 0x6d, 0x80, 0xb5, - 0x46, 0xec, 0xe8, 0x58, 0xb0, 0x04, 0x40, 0x3c, - 0xc3, 0x62, 0x8a, 0x0a, 0xb7, 0xa9, 0x5b, 0x58, - 0x7d, 0xea, 0x7b, 0x8c, 0xff, 0xf7, 0xf8, 0xbf, - 0xd2, 0xc1, 0x95, 0x76, 0x05, 0xd7, 0x5d, 0x16, - 0x4d, 0xf1, 0x1e, 0x7d, 0xb2, 0x81, 0x10, 0xe8, - 0x47, 0x74, 0x12, 0xf1, 0xe6, 0x60, 0x3f, 0xe3, - 0x6f, 0xb6, 0xa4, 0xc6, 0xe1, 0x08, 0xb3, 0xe4, - 0x7d, 0x98, 0xf1, 0xfb, 0xd0, 0x42, 0xb2, 0x59, - 0x26, 0x17, 0xfb, 0x72, 0x6b, 0x05, 0xa9, 0xac, - 0x94, 0xbf, 0x88, 0x0a, 0x09, 0xef, 0xd2, 0xa5, - 0x25, 0xae -}; +#include "si-22-sectrust-iap.h" -/* - subject= /C=US/O=Apple Inc./OU=Apple iPod Accessories/CN=IPA_3333AA070313AA06AA0007AA000001 - issuer= /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple iPod Accessories Certification Authority - serial=3333AA070313AA06AA0007AA000001 -*/ -const uint8_t _leaf0[] = { - 0x30, 0x82, 0x03, 0x59, 0x30, 0x82, 0x02, 0x41, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0f, 0x33, - 0x33, 0xaa, 0x07, 0x03, 0x13, 0xaa, 0x06, 0xaa, - 0x00, 0x07, 0xaa, 0x00, 0x00, 0x01, 0x30, 0x0d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x81, 0x83, - 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, - 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0a, - 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20, 0x49, 0x6e, - 0x63, 0x2e, 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, - 0x55, 0x04, 0x0b, 0x13, 0x1d, 0x41, 0x70, 0x70, - 0x6c, 0x65, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, - 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x74, 0x79, 0x31, 0x37, 0x30, 0x35, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x13, 0x2e, 0x41, 0x70, 0x70, - 0x6c, 0x65, 0x20, 0x69, 0x50, 0x6f, 0x64, 0x20, - 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, - 0x69, 0x65, 0x73, 0x20, 0x43, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x74, 0x79, 0x30, 0x1e, 0x17, 0x0d, 0x30, - 0x37, 0x30, 0x33, 0x31, 0x33, 0x32, 0x31, 0x31, - 0x37, 0x32, 0x36, 0x5a, 0x17, 0x0d, 0x31, 0x35, - 0x30, 0x33, 0x31, 0x33, 0x32, 0x31, 0x31, 0x37, - 0x32, 0x36, 0x5a, 0x30, 0x70, 0x31, 0x0b, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, - 0x55, 0x04, 0x0a, 0x13, 0x0a, 0x41, 0x70, 0x70, - 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, - 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x0b, - 0x13, 0x16, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20, - 0x69, 0x50, 0x6f, 0x64, 0x20, 0x41, 0x63, 0x63, - 0x65, 0x73, 0x73, 0x6f, 0x72, 0x69, 0x65, 0x73, - 0x31, 0x2b, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x14, 0x22, 0x49, 0x50, 0x41, 0x5f, 0x33, - 0x33, 0x33, 0x33, 0x41, 0x41, 0x30, 0x37, 0x30, - 0x33, 0x31, 0x33, 0x41, 0x41, 0x30, 0x36, 0x41, - 0x41, 0x30, 0x30, 0x30, 0x37, 0x41, 0x41, 0x30, - 0x30, 0x30, 0x30, 0x30, 0x31, 0x30, 0x81, 0x9f, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, - 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, - 0x81, 0x00, 0xcb, 0x76, 0xe3, 0xa7, 0x3b, 0xf0, - 0x42, 0xd5, 0x48, 0x93, 0x62, 0x0a, 0x10, 0x17, - 0x37, 0xb9, 0xc8, 0x52, 0xdd, 0xde, 0x8a, 0x40, - 0xa0, 0xf8, 0xda, 0xe8, 0x64, 0x0a, 0x67, 0xf5, - 0x8f, 0x91, 0xa6, 0xb5, 0x93, 0xe8, 0xc2, 0x28, - 0xb3, 0xac, 0xf4, 0xaf, 0x40, 0xc6, 0xbb, 0x49, - 0x85, 0x5a, 0x7c, 0x1b, 0x42, 0xc3, 0x3c, 0xc8, - 0x95, 0x36, 0x0b, 0x85, 0xbe, 0x36, 0x85, 0xb7, - 0x0d, 0x04, 0x0e, 0x4e, 0x4c, 0x3c, 0x28, 0xfb, - 0x03, 0x78, 0x42, 0xac, 0xf1, 0x9e, 0xad, 0x22, - 0x7c, 0x86, 0xd3, 0xa6, 0x0e, 0xc8, 0x42, 0xbd, - 0x9c, 0x7c, 0xd9, 0x2c, 0xe4, 0x1f, 0xd5, 0x91, - 0x4e, 0x9d, 0xb7, 0xff, 0x83, 0x2e, 0x06, 0x3e, - 0xd4, 0x95, 0xe4, 0x0e, 0x8e, 0x2d, 0x46, 0x8f, - 0xcf, 0xe6, 0x32, 0xce, 0x47, 0x56, 0x57, 0x97, - 0x1a, 0x87, 0xc8, 0xd4, 0xf3, 0x32, 0xf9, 0xd6, - 0x80, 0x83, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, - 0x60, 0x30, 0x5e, 0x30, 0x0e, 0x06, 0x03, 0x55, - 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, - 0x02, 0x03, 0xb8, 0x30, 0x0c, 0x06, 0x03, 0x55, - 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, - 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, - 0x04, 0x16, 0x04, 0x14, 0x71, 0x53, 0x3f, 0x7f, - 0x72, 0x47, 0xbb, 0xe3, 0x60, 0xd9, 0xd9, 0xd8, - 0x39, 0x6d, 0x8d, 0x33, 0xa3, 0x74, 0xc3, 0x59, - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, - 0x18, 0x30, 0x16, 0x80, 0x14, 0xff, 0x4b, 0x1a, - 0x43, 0x9a, 0xf5, 0x19, 0x96, 0xab, 0x18, 0x00, - 0x2b, 0x61, 0xc9, 0xee, 0x40, 0x9d, 0x8e, 0xc7, - 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, - 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x01, 0x00, 0x0f, 0xd9, 0x40, - 0x27, 0x1c, 0x00, 0x01, 0x2d, 0x4c, 0x67, 0xa6, - 0x0d, 0x74, 0xa8, 0xbd, 0xf6, 0x97, 0x16, 0x46, - 0xb1, 0x02, 0xd7, 0x51, 0xf6, 0x02, 0xc1, 0x0f, - 0xb1, 0x34, 0x8a, 0xcb, 0xb7, 0x81, 0x29, 0xbd, - 0x7b, 0x67, 0xa3, 0xe6, 0x49, 0x3d, 0xbb, 0x3e, - 0x0d, 0x26, 0x75, 0x1d, 0xdc, 0x37, 0xa7, 0x38, - 0x86, 0xd8, 0x81, 0x5a, 0xc5, 0xaf, 0xcd, 0xd6, - 0xcb, 0x0e, 0xba, 0x53, 0x28, 0x57, 0x83, 0x16, - 0x23, 0xcc, 0x11, 0x01, 0x0e, 0x18, 0x4d, 0xfe, - 0x29, 0x1b, 0x7c, 0x3f, 0x33, 0xd5, 0x4b, 0x7c, - 0x74, 0xb5, 0xfd, 0x62, 0xc5, 0x45, 0xec, 0x08, - 0xe4, 0xc0, 0xd3, 0xce, 0xba, 0xb0, 0x04, 0x0d, - 0x7c, 0xef, 0x5c, 0x3f, 0x92, 0xdc, 0x45, 0x24, - 0xa3, 0x02, 0xfe, 0xa4, 0x60, 0x15, 0x28, 0x43, - 0x1b, 0x46, 0x51, 0x1f, 0x9f, 0x0d, 0x89, 0x62, - 0x6c, 0x30, 0xe2, 0x2b, 0xf7, 0x8c, 0x7b, 0xd6, - 0xe3, 0x71, 0x11, 0xd1, 0xe5, 0xf5, 0x83, 0xae, - 0xd8, 0xeb, 0x5a, 0x40, 0xb6, 0x09, 0x00, 0x53, - 0x8f, 0xaf, 0x4d, 0xa7, 0x3d, 0x50, 0xb0, 0x1b, - 0x88, 0x6b, 0x9d, 0x18, 0x79, 0x1e, 0xcb, 0xbf, - 0x86, 0xba, 0xde, 0x48, 0x28, 0x3a, 0x53, 0x17, - 0x59, 0x2d, 0xc2, 0x98, 0xe0, 0xe7, 0x54, 0x03, - 0xd0, 0x1d, 0xfb, 0xc1, 0xca, 0x68, 0x43, 0x2d, - 0x23, 0xc3, 0xa3, 0x12, 0x04, 0x89, 0x77, 0x41, - 0xb8, 0x96, 0x3f, 0xdc, 0x00, 0x73, 0x07, 0xd0, - 0xa6, 0x8c, 0x35, 0x45, 0xb4, 0x07, 0x69, 0xf8, - 0x79, 0x6e, 0x7b, 0x04, 0x6d, 0x0f, 0x95, 0x20, - 0x5b, 0x76, 0x17, 0x78, 0x91, 0x91, 0xa4, 0xbe, - 0x6d, 0x5c, 0xe9, 0x71, 0x12, 0x68, 0x6c, 0xb7, - 0xa4, 0x36, 0xc3, 0x82, 0xcf, 0x65, 0x7d, 0xe3, - 0x50, 0x92, 0x02, 0x54, 0x3d, 0xfe, 0x16, 0x8d, - 0x4f, 0xe0, 0x11, 0xe0, 0xb5 -}; - -/* - subject= /C=US/O=Apple Computer, Inc./OU=Apple Computer iPod Accessories/CN=IPA_3333AA070313AA06AA0011AA000001 - issuer= /C=US/O=Apple Computer, Inc./OU=Apple Computer Certificate Authority/CN=Apple iPod Accessories Certificate Authority - serial=3333AA070313AA06AA0011AA000001 -*/ -const uint8_t _leaf1[] = { - 0x30, 0x82, 0x03, 0x7c, 0x30, 0x82, 0x02, 0x64, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0f, 0x33, - 0x33, 0xaa, 0x07, 0x03, 0x13, 0xaa, 0x06, 0xaa, - 0x00, 0x11, 0xaa, 0x00, 0x00, 0x01, 0x30, 0x0d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x81, 0x92, - 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x1d, 0x30, - 0x1b, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x14, - 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20, 0x43, 0x6f, - 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72, 0x2c, 0x20, - 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x2d, 0x30, 0x2b, - 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x24, 0x41, - 0x70, 0x70, 0x6c, 0x65, 0x20, 0x43, 0x6f, 0x6d, - 0x70, 0x75, 0x74, 0x65, 0x72, 0x20, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, - 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x74, 0x79, 0x31, 0x35, 0x30, 0x33, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x13, 0x2c, 0x41, 0x70, - 0x70, 0x6c, 0x65, 0x20, 0x69, 0x50, 0x6f, 0x64, - 0x20, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, - 0x72, 0x69, 0x65, 0x73, 0x20, 0x43, 0x65, 0x72, - 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, - 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x74, 0x79, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x37, - 0x30, 0x33, 0x31, 0x33, 0x32, 0x31, 0x32, 0x37, - 0x33, 0x35, 0x5a, 0x17, 0x0d, 0x31, 0x35, 0x30, - 0x33, 0x31, 0x33, 0x32, 0x31, 0x32, 0x37, 0x33, - 0x35, 0x5a, 0x30, 0x81, 0x83, 0x31, 0x0b, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x03, - 0x55, 0x04, 0x0a, 0x13, 0x14, 0x41, 0x70, 0x70, - 0x6c, 0x65, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x75, - 0x74, 0x65, 0x72, 0x2c, 0x20, 0x49, 0x6e, 0x63, - 0x2e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, - 0x04, 0x0b, 0x13, 0x1f, 0x41, 0x70, 0x70, 0x6c, - 0x65, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, - 0x65, 0x72, 0x20, 0x69, 0x50, 0x6f, 0x64, 0x20, - 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, - 0x69, 0x65, 0x73, 0x31, 0x2b, 0x30, 0x29, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x14, 0x22, 0x49, 0x50, - 0x41, 0x5f, 0x33, 0x33, 0x33, 0x33, 0x41, 0x41, - 0x30, 0x37, 0x30, 0x33, 0x31, 0x33, 0x41, 0x41, - 0x30, 0x36, 0x41, 0x41, 0x30, 0x30, 0x31, 0x31, - 0x41, 0x41, 0x30, 0x30, 0x30, 0x30, 0x30, 0x31, - 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, - 0x89, 0x02, 0x81, 0x81, 0x00, 0x91, 0x66, 0xdb, - 0x40, 0x0e, 0xc4, 0xe5, 0x8d, 0xb3, 0x86, 0xfd, - 0x36, 0x06, 0x38, 0xcc, 0x83, 0xa4, 0xd7, 0xff, - 0x14, 0xa6, 0x77, 0x3b, 0x63, 0x7a, 0xae, 0xe8, - 0x76, 0xdb, 0xd8, 0x2f, 0x7c, 0x70, 0x84, 0xe8, - 0x0a, 0x63, 0x33, 0xa7, 0xcb, 0x0e, 0x17, 0x94, - 0x80, 0x39, 0xb7, 0xe6, 0x16, 0x0c, 0xa7, 0x1f, - 0x7d, 0x11, 0x02, 0x76, 0xda, 0x1d, 0x0b, 0xed, - 0x8d, 0x2a, 0xeb, 0x60, 0xcf, 0x55, 0x85, 0xbd, - 0x92, 0x32, 0xc9, 0xc9, 0xb2, 0x16, 0xea, 0xba, - 0xa8, 0xc8, 0x8c, 0xe4, 0x93, 0x7a, 0x0a, 0xaa, - 0x40, 0x24, 0x0f, 0x96, 0xc7, 0xc5, 0x95, 0x21, - 0xd9, 0xb0, 0x98, 0x51, 0x8d, 0xe4, 0xc6, 0x63, - 0x6e, 0x73, 0x92, 0xab, 0x77, 0xe9, 0x71, 0xaf, - 0x0e, 0x50, 0xa3, 0xb4, 0x68, 0xa8, 0x82, 0x67, - 0x88, 0xf9, 0xa5, 0xc8, 0x68, 0x7b, 0x49, 0x36, - 0x72, 0xee, 0x06, 0x1a, 0x95, 0x02, 0x03, 0x01, - 0x00, 0x01, 0xa3, 0x60, 0x30, 0x5e, 0x30, 0x0e, - 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, - 0x04, 0x04, 0x03, 0x02, 0x03, 0xb8, 0x30, 0x0c, - 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, - 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, - 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xde, - 0x6a, 0x9d, 0x5e, 0x83, 0x77, 0xa6, 0xfe, 0xa9, - 0x65, 0x30, 0x5f, 0x98, 0xe8, 0xa4, 0x7c, 0xde, - 0x0a, 0xb3, 0x48, 0x30, 0x1f, 0x06, 0x03, 0x55, - 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, - 0xc9, 0xaa, 0x84, 0x6b, 0x06, 0xb8, 0x76, 0xe2, - 0x96, 0x4f, 0xe7, 0x27, 0x02, 0xd7, 0x2e, 0x3b, - 0xda, 0xf7, 0xb0, 0x18, 0x30, 0x0d, 0x06, 0x09, - 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, - 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, - 0x96, 0x07, 0x3b, 0x68, 0xe8, 0x2f, 0x97, 0xa5, - 0x42, 0xff, 0x9d, 0x34, 0xfd, 0x3a, 0xd2, 0x01, - 0x69, 0xd7, 0x67, 0x46, 0x9a, 0x7d, 0x56, 0xe0, - 0x7f, 0x91, 0xee, 0xc3, 0x5c, 0xd2, 0x51, 0x54, - 0xe3, 0xd2, 0x17, 0x08, 0xb2, 0xbc, 0xcd, 0x85, - 0xf8, 0x8e, 0xad, 0x49, 0x53, 0xe1, 0x07, 0x5a, - 0x9b, 0x03, 0xa2, 0x35, 0xca, 0xcf, 0xc6, 0xb6, - 0xc9, 0x71, 0x53, 0xbc, 0x2e, 0xa3, 0x1b, 0x03, - 0x5c, 0x55, 0x57, 0xa3, 0x10, 0xbc, 0x15, 0x81, - 0xd5, 0xe6, 0xa3, 0xb8, 0x21, 0x50, 0x2e, 0x44, - 0xd4, 0xea, 0x71, 0x17, 0xe5, 0xfc, 0x71, 0xc3, - 0xf9, 0xe8, 0x99, 0x98, 0xf3, 0x5f, 0xff, 0xb2, - 0x8e, 0xc7, 0x56, 0x74, 0x46, 0xec, 0x63, 0x3f, - 0x4a, 0xa6, 0x9c, 0x85, 0x7c, 0x08, 0x61, 0x32, - 0xb7, 0x35, 0x36, 0x01, 0x0c, 0xce, 0xd8, 0xe3, - 0xc4, 0x6a, 0x0d, 0xf2, 0x25, 0x56, 0x59, 0xba, - 0x88, 0x1b, 0xb4, 0x21, 0x80, 0xb9, 0x69, 0x9e, - 0x93, 0xf7, 0xb1, 0x22, 0x19, 0x8b, 0x8b, 0xd8, - 0xbd, 0xdc, 0x0c, 0xa7, 0x69, 0x4b, 0x5b, 0xe9, - 0xd7, 0x7a, 0x1d, 0xef, 0x37, 0x0d, 0x24, 0xdc, - 0xa7, 0x67, 0xbc, 0x0d, 0xe1, 0x0d, 0x28, 0xa0, - 0xb8, 0x83, 0x28, 0x6a, 0x8a, 0xd6, 0x59, 0x40, - 0x4a, 0xf1, 0x06, 0x0d, 0x75, 0xb9, 0x81, 0x4b, - 0x4c, 0x2d, 0xcb, 0x57, 0xe0, 0x7a, 0x32, 0x5b, - 0xe0, 0xea, 0xdd, 0x0c, 0xdc, 0xfd, 0x5e, 0x7e, - 0xb0, 0x77, 0x07, 0x0d, 0xa7, 0x14, 0x0b, 0x41, - 0x94, 0x4f, 0x10, 0x3e, 0xa5, 0x0c, 0x68, 0x3f, - 0x8c, 0x70, 0x5c, 0x29, 0xb7, 0xe9, 0xfc, 0x09, - 0x35, 0x5c, 0x2d, 0xb3, 0xa9, 0x4f, 0x51, 0xb0, - 0xa7, 0xd5, 0xad, 0x3f, 0xe2, 0xa2, 0x4c, 0x73, - 0xfc, 0x2f, 0x6e, 0x21, 0x38, 0xe5, 0xbb, 0x8b, - 0x57, 0x51, 0xe5, 0x9b, 0x8b, 0xa6, 0xaa, 0x0b -}; - -#define CFReleaseSafe(CF) { CFTypeRef _cf = (CF); if (_cf) CFRelease(_cf); } - -/* Test basic add delete update copy matching stuff. */ -static void tests(void) +static void test_v1(void) { SecTrustRef trust; SecCertificateRef iAP1CA, iAP2CA, leaf0, leaf1; @@ -552,8 +43,8 @@ static void tests(void) }; CFArrayRef anchors = CFArrayCreate(NULL, v_anchors, array_size(v_anchors), NULL); - CFArrayRef certs0 = CFArrayCreate(NULL, (const void **)&leaf0, 1, NULL); - CFArrayRef certs1 = CFArrayCreate(NULL, (const void **)&leaf1, 1, NULL); + CFArrayRef certs0 = CFArrayCreate(NULL, (const void **)&leaf0, 1, &kCFTypeArrayCallBacks); + CFArrayRef certs1 = CFArrayCreate(NULL, (const void **)&leaf1, 1, &kCFTypeArrayCallBacks); ok_status(SecTrustCreateWithCertificates(certs0, policy, &trust), "create trust for leaf0"); ok_status(SecTrustSetAnchorCertificates(trust, anchors), "set anchors"); @@ -572,12 +63,7 @@ static void tests(void) ok_status(SecTrustCreateWithCertificates(certs1, policy, &trust), "create trust for leaf1"); ok_status(SecTrustSetAnchorCertificates(trust, anchors), "set anchors"); ok_status(SecTrustEvaluate(trust, &trustResult), "evaluate trust"); - TODO: - { - todo("We need the actual iAP1 intermediate"); - is_status(trustResult, kSecTrustResultUnspecified, - "trust is kSecTrustResultUnspecified"); - } + is_status(trustResult, kSecTrustResultUnspecified, "trust is kSecTrustResultUnspecified"); CFReleaseSafe(anchors); CFReleaseSafe(certs1); @@ -591,12 +77,262 @@ static void tests(void) CFReleaseSafe(date); } +static void test_v3(void) { + SecCertificateRef v3CA = NULL, v3leaf = NULL; + isnt(v3CA = SecCertificateCreateWithBytes(NULL, _v3ca, sizeof(_v3ca)), + NULL, "create v3 CA"); + isnt(v3leaf = SecCertificateCreateWithBytes(NULL, _v3leaf, sizeof(_v3leaf)), + NULL, "create v3leaf"); + + /* Test v3 certs meet iAP policy */ + SecPolicyRef policy = NULL; + SecTrustRef trust = NULL; + CFArrayRef certs = NULL, anchors = NULL; + CFDateRef date = NULL; + SecTrustResultType trustResult; + + certs = CFArrayCreate(NULL, (const void **)&v3leaf, 1, &kCFTypeArrayCallBacks); + anchors = CFArrayCreate(NULL, (const void **)&v3CA, 1, &kCFTypeArrayCallBacks); + policy = SecPolicyCreateiAP(); + ok_status(SecTrustCreateWithCertificates(certs, policy, &trust), "create trust ref"); + ok_status(SecTrustSetAnchorCertificates(trust, anchors), "set anchor"); + ok(date = CFDateCreate(NULL, 484000000.0), "create date"); /* 3 May 2016 */ + if (!date) { goto trustFail; } + ok_status(SecTrustSetVerifyDate(trust, date), "set verify date"); + ok_status(SecTrustEvaluate(trust, &trustResult), "evaluate"); + is_status(trustResult, kSecTrustResultUnspecified, "trust is kSecTrustResultUnspecified"); + + /* Test v3 certs fail iAP SW Auth policy */ + CFReleaseNull(policy); + CFReleaseNull(trust); + policy = SecPolicyCreateiAPSWAuth(); + require_noerr(SecTrustCreateWithCertificates(certs, policy, &trust), trustFail); + require_noerr(SecTrustSetAnchorCertificates(trust, anchors), trustFail); + require_noerr(SecTrustSetVerifyDate(trust, date), trustFail); + require_noerr(SecTrustEvaluate(trust, &trustResult), trustFail); + is_status(trustResult, kSecTrustResultRecoverableTrustFailure, "trust is kSecTrustResultRecoverableTrustFailure"); + +trustFail: + CFReleaseSafe(policy); + CFReleaseSafe(trust); + CFReleaseSafe(certs); + CFReleaseSafe(anchors); + CFReleaseSafe(date); + + /* Test interface for determining iAuth version */ + SecCertificateRef leaf0 = NULL, leaf1 = NULL; + isnt(leaf0 = SecCertificateCreateWithBytes(NULL, _leaf0, sizeof(_leaf0)), + NULL, "create leaf0"); + isnt(leaf1 = SecCertificateCreateWithBytes(NULL, _leaf1, sizeof(_leaf1)), + NULL, "create leaf1"); + + is_status(SecCertificateGetiAuthVersion(leaf0), kSeciAuthVersion2, "v2 certificate"); + is_status(SecCertificateGetiAuthVersion(leaf1), kSeciAuthVersion2, "v2 certificate"); + is_status(SecCertificateGetiAuthVersion(v3leaf), kSeciAuthVersion3, "v3 certificate"); + + CFReleaseSafe(leaf0); + CFReleaseSafe(leaf1); + + /* Test the extension-copying interface */ + CFDataRef extensionData = NULL; + uint8_t extensionValue[32] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x0A, + }; + ok(extensionData = SecCertificateCopyiAPAuthCapabilities(v3leaf), + "copy iAuthv3 extension data"); + is(CFDataGetLength(extensionData), 32, "compare expected size"); + is(memcmp(extensionValue, CFDataGetBytePtr(extensionData), 32), 0, + "compare expected output"); + CFReleaseNull(extensionData); + + /* Test extension-copying interface with a malformed extension. */ + uint8_t extensionValue2[32] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x04, + }; + SecCertificateRef malformedV3leaf = NULL; + isnt(malformedV3leaf = SecCertificateCreateWithBytes(NULL, _malformedV3Leaf, sizeof(_malformedV3Leaf)), + NULL, "create malformed v3 leaf"); + ok(extensionData = SecCertificateCopyiAPAuthCapabilities(malformedV3leaf), + "copy iAuthv3 extension data for malformed leaf"); + is(CFDataGetLength(extensionData), 32, "compare expected size"); + is(memcmp(extensionValue2, CFDataGetBytePtr(extensionData), 32), 0, + "compare expected output"); + CFReleaseNull(extensionData); + CFReleaseNull(malformedV3leaf); + CFReleaseSafe(v3leaf); + CFReleaseSafe(v3CA); +} + +static void test_sw_auth_trust(void) { + SecCertificateRef sw_auth_test_CA = NULL, sw_auth_test_leaf = NULL; + isnt(sw_auth_test_CA = SecCertificateCreateWithBytes(NULL, _iAPSWAuthTestRoot, sizeof(_iAPSWAuthTestRoot)), + NULL, "create sw auth test ca"); + isnt(sw_auth_test_leaf = SecCertificateCreateWithBytes(NULL, _iAPSWAuth_leaf, sizeof(_iAPSWAuth_leaf)), + NULL, "create sw auth leaf"); + + /* Test SW Auth certs meet iAP SW Auth policy */ + SecPolicyRef policy = NULL; + SecTrustRef trust = NULL; + CFArrayRef certs = NULL, anchors = NULL; + CFDateRef date = NULL; + SecTrustResultType trustResult; + + certs = CFArrayCreate(NULL, (const void **)&sw_auth_test_leaf, 1, &kCFTypeArrayCallBacks); + anchors = CFArrayCreate(NULL, (const void **)&sw_auth_test_CA, 1, &kCFTypeArrayCallBacks); + policy = SecPolicyCreateiAPSWAuth(); + require_noerr(SecTrustCreateWithCertificates(certs, policy, &trust), trustFail); + require_noerr(SecTrustSetAnchorCertificates(trust, anchors), trustFail); + require(date = CFDateCreate(NULL, 530000000.0), trustFail); /* 17 Oct 2017, BEFORE issuance */ + require_noerr(SecTrustSetVerifyDate(trust, date), trustFail); + require_noerr(SecTrustEvaluate(trust, &trustResult), trustFail); + is_status(trustResult, kSecTrustResultUnspecified, "trust is kSecTrustResultUnspecified"); + + /* Test SW Auth certs fail iAP policy */ + CFReleaseNull(policy); + CFReleaseNull(trust); + policy = SecPolicyCreateiAP(); + require_noerr(SecTrustCreateWithCertificates(certs, policy, &trust), trustFail); + require_noerr(SecTrustSetAnchorCertificates(trust, anchors), trustFail); + require_noerr(SecTrustSetVerifyDate(trust, date), trustFail); + require_noerr(SecTrustEvaluate(trust, &trustResult), trustFail); + is_status(trustResult, kSecTrustResultRecoverableTrustFailure, "trust is kSecTrustResultRecoverableTrustFailure"); + + /* Test SW Auth certs fail when not-yet-valid with expiration check */ + CFReleaseNull(policy); + CFReleaseNull(trust); + policy = SecPolicyCreateiAPSWAuthWithExpiration(true); + require_noerr(SecTrustCreateWithCertificates(certs, policy, &trust), trustFail); + require_noerr(SecTrustSetAnchorCertificates(trust, anchors), trustFail); + require_noerr(SecTrustSetVerifyDate(trust, date), trustFail); + require_noerr(SecTrustEvaluate(trust, &trustResult), trustFail); + is_status(trustResult, kSecTrustResultRecoverableTrustFailure, "trust is kSecTrustResultRecoverableTrustFailure"); + +trustFail: + CFReleaseSafe(policy); + CFReleaseSafe(trust); + CFReleaseSafe(certs); + CFReleaseSafe(anchors); + CFReleaseSafe(date); + CFReleaseSafe(sw_auth_test_CA); + CFReleaseSafe(sw_auth_test_leaf); +} + +static void test_sw_auth_cert(void) { + SecCertificateRef good_leaf = NULL, bad_leaf = NULL; + isnt(good_leaf = SecCertificateCreateWithBytes(NULL, _iAPSWAuth_leaf, sizeof(_iAPSWAuth_leaf)), + NULL, "create good iAP SW Auth cert"); + isnt(bad_leaf = SecCertificateCreateWithBytes(NULL, _malformed_iAPSWAuth_leaf, sizeof(_malformed_iAPSWAuth_leaf)), + NULL, "create bad iAP SW Auth cert"); + + /* Test Auth version interface */ + ok(SecCertificateGetiAuthVersion(good_leaf) == kSeciAuthVersionSW, "Get version of well-formed SW Auth cert"); + ok(SecCertificateGetiAuthVersion(bad_leaf) == kSeciAuthVersionSW, "Get version of malformed SW Auth cert"); + + /* Test extension copying with malformed extensions */ + is(SecCertificateCopyiAPSWAuthCapabilities(bad_leaf, kSeciAPSWAuthGeneralCapabilities), NULL, + "Fail to get capabilities of malformed SW auth cert"); + is(SecCertificateCopyiAPSWAuthCapabilities(bad_leaf, kSeciAPSWAuthAirPlayCapabilities), NULL, + "Fail to get AirPlay capabilities of malformed SW auth cert"); + is(SecCertificateCopyiAPSWAuthCapabilities(bad_leaf, kSeciAPSWAuthHomeKitCapabilities), NULL, + "Fail to get HomeKit capabilities of malformed SW auth cert"); + + uint8_t byte0 = 0x00; + uint8_t byte1 = 0x01; + CFDataRef data0 = CFDataCreate(NULL, &byte0, 1); + CFDataRef data1 = CFDataCreate(NULL, &byte1, 1); + + /* Test extension copying with well-formed extensions */ + CFDataRef extensionValue = NULL; + isnt(extensionValue = SecCertificateCopyiAPSWAuthCapabilities(good_leaf, kSeciAPSWAuthGeneralCapabilities), NULL, + "Get capabilities of well-formed SW auth cert"); + ok(CFEqual(extensionValue, data1), "Got correct general extension value"); + CFReleaseNull(extensionValue); + + isnt(extensionValue = SecCertificateCopyiAPSWAuthCapabilities(good_leaf, kSeciAPSWAuthAirPlayCapabilities), NULL, + "Get AirPlay capabilities of well-formed SW auth cert"); + ok(CFEqual(extensionValue, data0), "Got correct AirPlay extension value"); + CFReleaseNull(extensionValue); + + isnt(extensionValue = SecCertificateCopyiAPSWAuthCapabilities(good_leaf, kSeciAPSWAuthHomeKitCapabilities), NULL, + "Get capabilities of well-formed SW auth cert"); + ok(CFEqual(extensionValue, data1), "Got correct HomeKit extension value"); + CFReleaseNull(extensionValue); + + CFReleaseNull(good_leaf); + CFReleaseNull(bad_leaf); + CFReleaseNull(data0); + CFReleaseNull(data1); +} + +static void test_component_type_cert(void) { + SecCertificateRef batteryCA = NULL, nonComponent = NULL; + isnt(batteryCA = SecCertificateCreateWithBytes(NULL, _componentCABattery, sizeof(_componentCABattery)), + NULL, "create battery component CA cert"); + isnt(nonComponent = SecCertificateCreateWithBytes(NULL, _iAP2CA, sizeof(_iAP2CA)), + NULL, "create non-component cert"); + + CFStringRef componentType = NULL; + isnt(componentType = SecCertificateCopyComponentType(batteryCA), NULL, "Get component type"); + ok(CFEqual(componentType, CFSTR("Battery")), "Got correct component type"); + CFReleaseNull(componentType); + + is(componentType = SecCertificateCopyComponentType(nonComponent), NULL, "Get component type"); + + CFReleaseNull(batteryCA); + CFReleaseNull(nonComponent); +} + +static void test_component_type_trust(void) { + SecCertificateRef leaf = NULL, subCA = NULL, root = NULL; + SecPolicyRef policy = NULL; + SecTrustRef trust = NULL; + CFMutableArrayRef certs = NULL; + CFArrayRef anchors = NULL; + CFDateRef date = NULL; + SecTrustResultType trustResult; + + isnt(leaf = SecCertificateCreateWithBytes(NULL, _batteryLeaf, sizeof(_batteryLeaf)), + NULL, "create battery leaf"); + isnt(subCA = SecCertificateCreateWithBytes(NULL, _componentCABattery, sizeof(_componentCABattery)), + NULL, "create battery subCA"); + isnt(root = SecCertificateCreateWithBytes(NULL, _componentRoot, sizeof(_componentRoot)), + NULL, "create component root"); + + /* Test Battery component certs meet component policy */ + certs = CFArrayCreateMutable(NULL, 2, &kCFTypeArrayCallBacks); + CFArrayAppendValue(certs, leaf); + CFArrayAppendValue(certs, subCA); + anchors = CFArrayCreate(NULL, (const void **)&root, 1, &kCFTypeArrayCallBacks); + policy = SecPolicyCreateAppleComponentCertificate(NULL); + require_noerr(SecTrustCreateWithCertificates(certs, policy, &trust), trustFail); + require_noerr(SecTrustSetAnchorCertificates(trust, anchors), trustFail); + require(date = CFDateCreate(NULL, 576000000.0), trustFail); /* April 3, 2019 at 9:00:00 AM PDT */ + require_noerr(SecTrustSetVerifyDate(trust, date), trustFail); + require_noerr(SecTrustEvaluate(trust, &trustResult), trustFail); + is_status(trustResult, kSecTrustResultUnspecified, "trust is kSecTrustResultUnspecified"); + +trustFail: + CFReleaseNull(leaf); + CFReleaseNull(subCA); + CFReleaseNull(root); + CFReleaseNull(date); + CFReleaseNull(policy); + CFReleaseNull(trust); +} + + int si_22_sectrust_iap(int argc, char *const *argv) { - plan_tests(14); - + plan_tests(14+21+5+13+5+4); - tests(); + test_v1(); + test_v3(); + test_sw_auth_trust(); + test_sw_auth_cert(); + test_component_type_cert(); + test_component_type_trust(); return 0; }