Revision: 18296
http://sourceforge.net/p/edk2/code/18296
Author: vanjeff
Date: 2015-08-25 05:52:47 +0000 (Tue, 25 Aug 2015)
Log Message:
-----------
Copy the head revision r18255 from main trunk.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <[email protected]>
Signed-off-by: Hao Wu <[email protected]>
Revision Links:
--------------
http://sourceforge.net/p/edk2/code/18255
Modified Paths:
--------------
branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.c
branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.h
branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.inf
branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/DhVerify.c
branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/HashVerify.c
branches/UDK2014.SP1/CryptoPkg/Contributions.txt
branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dec
branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dsc
branches/UDK2014.SP1/CryptoPkg/Include/Library/BaseCryptLib.h
branches/UDK2014.SP1/CryptoPkg/Include/OpenSslSupport.h
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptPkcs7VerifyNull.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptX509Null.c
branches/UDK2014.SP1/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
branches/UDK2014.SP1/CryptoPkg/Library/OpensslLib/Install.cmd
branches/UDK2014.SP1/CryptoPkg/Library/OpensslLib/Install.sh
branches/UDK2014.SP1/CryptoPkg/Library/OpensslLib/OpensslLib.inf
branches/UDK2014.SP1/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
Added Paths:
-----------
branches/UDK2014.SP1/CryptoPkg/.gitignore
branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/TSVerify.c
branches/UDK2014.SP1/CryptoPkg/Include/memory.h
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512Null.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptTsNull.c
branches/UDK2014.SP1/CryptoPkg/Library/IntrinsicLib/Ia32/
branches/UDK2014.SP1/CryptoPkg/Library/IntrinsicLib/Ia32/MathLShiftS64.S
branches/UDK2014.SP1/CryptoPkg/Library/IntrinsicLib/Ia32/MathLShiftS64.c
branches/UDK2014.SP1/CryptoPkg/Library/IntrinsicLib/Ia32/MathRShiftU64.S
branches/UDK2014.SP1/CryptoPkg/Library/IntrinsicLib/Ia32/MathRShiftU64.c
branches/UDK2014.SP1/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2d.patch
Removed Paths:
-------------
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/SysCall/Ia32/
branches/UDK2014.SP1/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch
Added: branches/UDK2014.SP1/CryptoPkg/.gitignore
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/.gitignore (rev 0)
+++ branches/UDK2014.SP1/CryptoPkg/.gitignore 2015-08-25 05:52:47 UTC (rev
18296)
@@ -0,0 +1,2 @@
+Include/openssl
+Library/OpensslLib/openssl-*/
Modified: branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -1,7 +1,7 @@
-/** @file
+/** @file
Application for Cryptographic Primitives Validation.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -73,6 +73,11 @@
return Status;
}
+ Status = ValidateTSCounterSignature ();
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
Status = ValidateCryptDh ();
if (EFI_ERROR (Status)) {
return Status;
@@ -84,4 +89,4 @@
}
return EFI_SUCCESS;
-}
+}
\ No newline at end of file
Modified: branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.h
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.h
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.h
2015-08-25 05:52:47 UTC (rev 18296)
@@ -1,7 +1,7 @@
-/** @file
+/** @file
Application for Cryptographic Primitives Validation.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -109,6 +109,18 @@
);
/**
+ Validate UEFI-OpenSSL RFC3161 Timestamp CounterSignature Verification
Interfaces.
+
+ @retval EFI_SUCCESS Validation succeeded.
+ @retval EFI_ABORTED Validation failed.
+
+**/
+EFI_STATUS
+ValidateTSCounterSignature (
+ VOID
+ );
+
+/**
Validate UEFI-OpenSSL DH Interfaces.
@retval EFI_SUCCESS Validation succeeded.
@@ -132,4 +144,4 @@
VOID
);
-#endif
+#endif
\ No newline at end of file
Modified: branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.inf
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.inf
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/Cryptest.inf
2015-08-25 05:52:47 UTC (rev 18296)
@@ -38,6 +38,7 @@
RsaVerify.c
RsaVerify2.c
AuthenticodeVerify.c
+ TSVerify.c
DhVerify.c
RandVerify.c
@@ -57,4 +58,4 @@
[UserExtensions.TianoCore."ExtraFiles"]
CryptestExtra.uni
-
\ No newline at end of file
+
Modified: branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/DhVerify.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/DhVerify.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/DhVerify.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -1,7 +1,7 @@
-/** @file
+/** @file
Application for Diffie-Hellman Primitives Validation.
-Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -42,6 +42,14 @@
Print (L"\nUEFI-OpenSSL DH Engine Testing:\n");
//
+ // Initialize Key Length
+ //
+ PublicKey1Length = sizeof (PublicKey1);
+ PublicKey2Length = sizeof (PublicKey2);
+ Key1Length = sizeof (Key1);
+ Key2Length = sizeof (Key2);
+
+ //
// Generate & Initialize DH Context
//
Print (L"- Context1 ... ");
@@ -114,4 +122,4 @@
Print (L"[Pass]\n");
return EFI_SUCCESS;
-}
+}
\ No newline at end of file
Modified: branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/HashVerify.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/HashVerify.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/HashVerify.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -1,7 +1,7 @@
-/** @file
+/** @file
Application for Hash Primitives Validation.
-Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -54,6 +54,25 @@
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61,
0xf2, 0x00, 0x15, 0xad
};
+//
+// Result for SHA-384("abc"). (From "D.1 SHA-384 Example" of NIST FIPS 180-2)
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha384Digest[SHA384_DIGEST_SIZE] = {
+ 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, 0xb5, 0xa0, 0x3d, 0x69,
0x9a, 0xc6, 0x50, 0x07,
+ 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, 0x1a, 0x8b, 0x60, 0x5a,
0x43, 0xff, 0x5b, 0xed,
+ 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, 0x58, 0xba, 0xec, 0xa1,
0x34, 0xc8, 0x25, 0xa7
+ };
+
+//
+// Result for SHA-512("abc"). (From "C.1 SHA-512 Example" of NIST FIPS 180-2)
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Sha512Digest[SHA512_DIGEST_SIZE] = {
+ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 0x73, 0x49,
0xae, 0x20, 0x41, 0x31,
+ 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6,
0x4b, 0x55, 0xd3, 0x9a,
+ 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23,
0xa3, 0xfe, 0xeb, 0xbd,
+ 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f,
0xa5, 0x4c, 0xa4, 0x9f
+ };
+
/**
Validate UEFI-OpenSSL Digest Interfaces.
@@ -76,7 +95,7 @@
DataSize = AsciiStrLen (HashData);
Print (L"- MD4: ");
-
+
//
// MD4 Digest Validation
//
@@ -234,6 +253,86 @@
}
Print (L"[Pass]\n");
-
+
+ Print (L"- SHA384: ");
+
+ //
+ // SHA384 Digest Validation
+ //
+ ZeroMem (Digest, MAX_DIGEST_SIZE);
+ CtxSize = Sha384GetContextSize ();
+ HashCtx = AllocatePool (CtxSize);
+
+ Print (L"Init... ");
+ Status = Sha384Init (HashCtx);
+ if (!Status) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ Print (L"Update... ");
+ Status = Sha384Update (HashCtx, HashData, DataSize);
+ if (!Status) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ Print (L"Finalize... ");
+ Status = Sha384Final (HashCtx, Digest);
+ if (!Status) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ FreePool (HashCtx);
+
+ Print (L"Check Value... ");
+ if (CompareMem (Digest, Sha384Digest, SHA384_DIGEST_SIZE) != 0) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ Print (L"[Pass]\n");
+
+ Print (L"- SHA512: ");
+
+ //
+ // SHA512 Digest Validation
+ //
+ ZeroMem (Digest, MAX_DIGEST_SIZE);
+ CtxSize = Sha512GetContextSize ();
+ HashCtx = AllocatePool (CtxSize);
+
+ Print (L"Init... ");
+ Status = Sha512Init (HashCtx);
+ if (!Status) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ Print (L"Update... ");
+ Status = Sha512Update (HashCtx, HashData, DataSize);
+ if (!Status) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ Print (L"Finalize... ");
+ Status = Sha512Final (HashCtx, Digest);
+ if (!Status) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ FreePool (HashCtx);
+
+ Print (L"Check Value... ");
+ if (CompareMem (Digest, Sha512Digest, SHA512_DIGEST_SIZE) != 0) {
+ Print (L"[Fail]");
+ return EFI_ABORTED;
+ }
+
+ Print (L"[Pass]\n");
+
return EFI_SUCCESS;
}
Added: branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/TSVerify.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/TSVerify.c
(rev 0)
+++ branches/UDK2014.SP1/CryptoPkg/Application/Cryptest/TSVerify.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -0,0 +1,501 @@
+/** @file
+ Sample Implementation for RFC3161 Time Stamping Verification.
+
+Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD
License
+which accompanies this distribution. The full text of the license may be
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "Cryptest.h"
+
+//
+// Sample Authenticode Data with RFC3161 time stamping signature.
+// The data retrieved from one signed sample UEFI image, which is generated by
MSFT's signtool
+// utility in conjunction with RFC3161 timestamping, as the following command:
+// signtool sign /ac <xxx.cer> / f <xxx.pfx> /p <pass> /fd <digestAlg>
+// /tr http://timestamp.comodoca.com/rfc3161 sample.efi
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 AuthenticodeWithTS[] = {
+ 0x30, 0x82, 0x0c, 0x00, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x07, 0x02, 0xa0,
+ 0x82, 0x0b, 0xf1, 0x30, 0x82, 0x0b, 0xed, 0x02, 0x01, 0x01, 0x31, 0x0f,
0x30, 0x0d, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x30,
0x78, 0x06, 0x0a, 0x2b,
+ 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04, 0xa0, 0x6a, 0x30,
0x68, 0x30, 0x33, 0x06,
+ 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f, 0x30,
0x25, 0x03, 0x01, 0x00,
+ 0xa0, 0x20, 0xa2, 0x1e, 0x80, 0x1c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c,
0x00, 0x4f, 0x00, 0x62,
+ 0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x74, 0x00, 0x65,
0x00, 0x3e, 0x00, 0x3e,
+ 0x00, 0x3e, 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
0x65, 0x03, 0x04, 0x02,
+ 0x01, 0x05, 0x00, 0x04, 0x20, 0x1e, 0x9e, 0x74, 0x31, 0xe1, 0x3e, 0x51,
0x46, 0xab, 0xce, 0x10,
+ 0x0d, 0x7c, 0x38, 0x66, 0x34, 0xd4, 0xdd, 0x04, 0xa5, 0xe7, 0x75, 0x40,
0xdd, 0x99, 0x73, 0xf3,
+ 0x2a, 0x54, 0x3e, 0xa8, 0x18, 0xa0, 0x82, 0x01, 0xee, 0x30, 0x82, 0x01,
0xea, 0x30, 0x82, 0x01,
+ 0x57, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x2c, 0x65, 0xcf, 0xcf,
0xdd, 0x61, 0x7b, 0xa4,
+ 0x41, 0xad, 0x26, 0x1b, 0x63, 0xce, 0x91, 0x0f, 0x30, 0x09, 0x06, 0x05,
0x2b, 0x0e, 0x03, 0x02,
+ 0x1d, 0x05, 0x00, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55,
0x04, 0x03, 0x13, 0x08,
+ 0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d,
0x31, 0x34, 0x30, 0x37,
+ 0x32, 0x38, 0x30, 0x37, 0x33, 0x38, 0x35, 0x39, 0x5a, 0x17, 0x0d, 0x33,
0x39, 0x31, 0x32, 0x33,
+ 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x12, 0x31, 0x10,
0x30, 0x0e, 0x06, 0x03,
+ 0x55, 0x04, 0x03, 0x13, 0x07, 0x54, 0x65, 0x73, 0x74, 0x53, 0x75, 0x62,
0x30, 0x81, 0x9f, 0x30,
+ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
0x05, 0x00, 0x03, 0x81,
+ 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0x94, 0xa6, 0x02,
0x15, 0x87, 0xd6, 0xbf,
+ 0x71, 0xe8, 0xc6, 0x68, 0xf6, 0x9f, 0x66, 0x09, 0x6c, 0xe7, 0x39, 0x52,
0xf4, 0x4e, 0xaf, 0xf5,
+ 0xe0, 0xba, 0x0f, 0xfd, 0xe6, 0x77, 0xa9, 0x71, 0x5b, 0x5c, 0x92, 0x50,
0x1d, 0xfd, 0x9b, 0x6e,
+ 0x52, 0x92, 0x9e, 0x3a, 0x75, 0x86, 0x41, 0x2a, 0x41, 0x30, 0x1b, 0x67,
0x66, 0x91, 0xde, 0x71,
+ 0x84, 0xe0, 0x90, 0xc3, 0x50, 0x36, 0x78, 0xb5, 0xa0, 0x1e, 0x72, 0xde,
0xe7, 0x66, 0x42, 0x4f,
+ 0x59, 0x5e, 0x3d, 0xf3, 0x85, 0x82, 0x0b, 0xa8, 0x26, 0x2d, 0xd9, 0xe3,
0x14, 0xda, 0x9d, 0x2e,
+ 0x3f, 0x53, 0x4d, 0x8d, 0x10, 0xbf, 0xa4, 0x7c, 0xe5, 0xaf, 0x3a, 0xa6,
0xaf, 0x49, 0x64, 0xb0,
+ 0x60, 0x17, 0x87, 0x71, 0x77, 0x59, 0x52, 0xe5, 0x5a, 0xed, 0x96, 0x7d,
0x7e, 0x5d, 0xc1, 0xef,
+ 0x6b, 0xfb, 0x80, 0xc5, 0x2b, 0x10, 0xfe, 0xe7, 0xd3, 0x02, 0x03, 0x01,
0x00, 0x01, 0xa3, 0x48,
+ 0x30, 0x46, 0x30, 0x44, 0x06, 0x03, 0x55, 0x1d, 0x01, 0x04, 0x3d, 0x30,
0x3b, 0x80, 0x10, 0x19,
+ 0x8d, 0x48, 0xa1, 0xb9, 0xf3, 0x5e, 0x3c, 0x13, 0xb4, 0x08, 0xb6, 0xd9,
0xf3, 0x4f, 0x0a, 0xa1,
+ 0x15, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03,
0x13, 0x08, 0x54, 0x65,
+ 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x82, 0x10, 0x27, 0xcb, 0x16, 0x33,
0x8b, 0xed, 0x4d, 0xa8,
+ 0x47, 0xf0, 0x86, 0x47, 0x10, 0xef, 0x15, 0xd9, 0x30, 0x09, 0x06, 0x05,
0x2b, 0x0e, 0x03, 0x02,
+ 0x1d, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x51, 0x94, 0xed, 0x7a, 0x5c,
0x0b, 0x34, 0x16, 0x9c,
+ 0xf4, 0x5f, 0x88, 0x16, 0xa8, 0x4b, 0x13, 0xfc, 0xa4, 0x0a, 0xc7, 0xd9,
0x20, 0xb1, 0x93, 0xc5,
+ 0x81, 0x4f, 0x35, 0x3a, 0x89, 0x10, 0x04, 0xc4, 0xcc, 0x10, 0x34, 0xc3,
0x15, 0x57, 0x06, 0x97,
+ 0xee, 0x06, 0x2f, 0xf3, 0x24, 0xa1, 0xe6, 0x3a, 0x89, 0x4d, 0xb4, 0x7b,
0x12, 0x87, 0x90, 0x8c,
+ 0xfc, 0x5b, 0xb0, 0xf0, 0xdd, 0xaa, 0x3a, 0x24, 0x6d, 0x55, 0x47, 0x8a,
0xf2, 0x61, 0x08, 0x7a,
+ 0x59, 0x5f, 0x6e, 0x7b, 0xcb, 0x34, 0xbe, 0xb6, 0x5d, 0xcb, 0x60, 0xae,
0xc4, 0xda, 0x62, 0xbb,
+ 0x7f, 0x17, 0x1e, 0x73, 0xd1, 0x4e, 0x9f, 0x6e, 0xd3, 0xc8, 0x35, 0x58,
0x30, 0xd2, 0x89, 0xe5,
+ 0x22, 0x5e, 0x86, 0xac, 0x7a, 0x56, 0xd6, 0x70, 0xdb, 0x54, 0x10, 0x6c,
0xd3, 0xd5, 0x38, 0xfb,
+ 0x69, 0xcb, 0x4f, 0x36, 0x83, 0xc2, 0xe8, 0x31, 0x82, 0x09, 0x69, 0x30,
0x82, 0x09, 0x65, 0x02,
+ 0x01, 0x01, 0x30, 0x27, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03,
0x55, 0x04, 0x03, 0x13,
+ 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x02, 0x10, 0x2c,
0x65, 0xcf, 0xcf, 0xdd,
+ 0x61, 0x7b, 0xa4, 0x41, 0xad, 0x26, 0x1b, 0x63, 0xce, 0x91, 0x0f, 0x30,
0x0d, 0x06, 0x09, 0x60,
+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0xa0, 0x5e,
0x30, 0x10, 0x06, 0x0a,
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0c, 0x31, 0x02,
0x30, 0x00, 0x30, 0x19,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03, 0x31,
0x0c, 0x06, 0x0a, 0x2b,
+ 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04, 0x30, 0x2f, 0x06,
0x09, 0x2a, 0x86, 0x48,
+ 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31, 0x22, 0x04, 0x20, 0x97, 0x6e,
0x29, 0x47, 0xc4, 0x03,
+ 0x68, 0x70, 0x1c, 0x99, 0x2c, 0x61, 0xb0, 0xbc, 0xde, 0x77, 0xe1, 0xa1,
0xeb, 0x4c, 0x1c, 0xac,
+ 0x4c, 0x64, 0xf6, 0x43, 0x96, 0x94, 0x0b, 0xc0, 0xbb, 0x03, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86,
+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x81, 0x80,
0x85, 0x93, 0xad, 0x93,
+ 0x92, 0x9e, 0xa4, 0x94, 0x30, 0x02, 0xe1, 0xc8, 0xcd, 0x37, 0xb2, 0xe1,
0xcb, 0xb2, 0x0f, 0x1c,
+ 0x67, 0xd1, 0xc9, 0xeb, 0x4d, 0x68, 0x85, 0x97, 0x5a, 0xa6, 0x0c, 0x03,
0xc7, 0x86, 0xae, 0xb3,
+ 0x35, 0xb4, 0x1d, 0x0e, 0x95, 0x5f, 0xed, 0x37, 0x13, 0x6b, 0x1e, 0x94,
0x80, 0xf1, 0xac, 0x55,
+ 0x73, 0xd1, 0x31, 0xf9, 0xad, 0x13, 0x7b, 0x26, 0xbf, 0xe7, 0x55, 0x7b,
0xb2, 0xf9, 0x21, 0x42,
+ 0x23, 0x64, 0xe6, 0x45, 0x03, 0x67, 0xcb, 0x42, 0xd3, 0x71, 0x3f, 0xd5,
0x29, 0x17, 0x4b, 0x49,
+ 0x45, 0x0e, 0x8b, 0xba, 0x1f, 0x15, 0x5a, 0x7f, 0x7b, 0x5e, 0x9b, 0x22,
0x46, 0xa7, 0x9c, 0x0d,
+ 0x25, 0x9c, 0x76, 0x25, 0x02, 0xc8, 0x15, 0x00, 0x51, 0xe6, 0x73, 0x39,
0xac, 0x8d, 0x41, 0x7b,
+ 0xc8, 0x42, 0xc9, 0xdb, 0x1b, 0x16, 0x13, 0xf6, 0x44, 0x32, 0xef, 0x17,
0xa1, 0x82, 0x08, 0x34,
+ 0x30, 0x82, 0x08, 0x30, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82,
0x37, 0x03, 0x03, 0x01,
+ 0x31, 0x82, 0x08, 0x20,
+ 0x30, 0x82, 0x08, 0x1c, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x07, 0x02, 0xa0,
+ 0x82, 0x08, 0x0d, 0x30, 0x82, 0x08, 0x09, 0x02, 0x01, 0x03, 0x31, 0x0b,
0x30, 0x09, 0x06, 0x05,
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x30, 0x81, 0xf6, 0x06, 0x0b,
0x2a, 0x86, 0x48, 0x86,
+ 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04, 0xa0, 0x81, 0xe6, 0x04, 0x81,
0xe3, 0x30, 0x81, 0xe0,
+ 0x02, 0x01, 0x01, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xb2, 0x31,
0x02, 0x01, 0x01, 0x30,
+ 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00,
0x04, 0x14, 0xcd, 0x06,
+ 0xf0, 0xbd, 0x8b, 0xcd, 0x5c, 0x2e, 0x5a, 0x7c, 0x42, 0x56, 0x2c, 0x20,
0x4a, 0x15, 0xcb, 0x1d,
+ 0x8b, 0x0e, 0x02, 0x15, 0x00, 0xb6, 0xff, 0x47, 0x05, 0xb6, 0x2d, 0x15,
0xac, 0x3f, 0x5d, 0xd9,
+ 0xcf, 0x9d, 0x54, 0x35, 0x56, 0x7c, 0xc1, 0x6e, 0x8b, 0x18, 0x0f, 0x32,
0x30, 0x31, 0x34, 0x30,
+ 0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0xa0, 0x81,
0x83, 0xa4, 0x81, 0x80,
+ 0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x47, 0x42, 0x31,
+ 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72,
0x65, 0x61, 0x74, 0x65,
+ 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72,
0x31, 0x10, 0x30, 0x0e,
+ 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f,
0x72, 0x64, 0x31, 0x1a,
+ 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d,
0x4f, 0x44, 0x4f, 0x20,
+ 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x31, 0x24,
0x30, 0x22, 0x06, 0x03,
+ 0x55, 0x04, 0x03, 0x13, 0x1b, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20,
0x54, 0x69, 0x6d, 0x65,
+ 0x20, 0x53, 0x74, 0x61, 0x6d, 0x70, 0x69, 0x6e, 0x67, 0x20, 0x53, 0x69,
0x67, 0x6e, 0x65, 0x72,
+ 0xa0, 0x82, 0x04, 0x97, 0x30, 0x82, 0x04, 0x93, 0x30, 0x82, 0x03, 0x7b,
0xa0, 0x03, 0x02, 0x01,
+ 0x02, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c,
0xe1, 0x42, 0xd2, 0xa2,
+ 0x87, 0x07, 0xbe, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x05,
+ 0x05, 0x00, 0x30, 0x81, 0x95, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02,
+ 0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13,
0x02, 0x55, 0x54, 0x31,
+ 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x0e, 0x53, 0x61,
0x6c, 0x74, 0x20, 0x4c,
+ 0x61, 0x6b, 0x65, 0x20, 0x43, 0x69, 0x74, 0x79, 0x31, 0x1e, 0x30, 0x1c,
0x06, 0x03, 0x55, 0x04,
+ 0x0a, 0x13, 0x15, 0x54, 0x68, 0x65, 0x20, 0x55, 0x53, 0x45, 0x52, 0x54,
0x52, 0x55, 0x53, 0x54,
+ 0x20, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, 0x21, 0x30, 0x1f,
0x06, 0x03, 0x55, 0x04,
+ 0x0b, 0x13, 0x18, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77,
0x77, 0x2e, 0x75, 0x73,
+ 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x31,
0x1d, 0x30, 0x1b, 0x06,
+ 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53,
0x45, 0x52, 0x46, 0x69,
+ 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x30, 0x1e,
0x17, 0x0d, 0x31, 0x30,
+ 0x30, 0x35, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17,
0x0d, 0x31, 0x35, 0x30,
+ 0x35, 0x31, 0x30, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x7e,
0x31, 0x0b, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1b, 0x30,
0x19, 0x06, 0x03, 0x55,
+ 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20,
0x4d, 0x61, 0x6e, 0x63,
+ 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x07, 0x13,
+ 0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a, 0x30, 0x18,
0x06, 0x03, 0x55, 0x04,
+ 0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x41,
0x20, 0x4c, 0x69, 0x6d,
+ 0x69, 0x74, 0x65, 0x64, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04,
0x03, 0x13, 0x1b, 0x43,
+ 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65, 0x20, 0x53,
0x74, 0x61, 0x6d, 0x70,
+ 0x69, 0x6e, 0x67, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x30, 0x82,
0x01, 0x22, 0x30, 0x0d,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
0x00, 0x03, 0x82, 0x01,
+ 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbc,
0x35, 0xa0, 0x36, 0x70,
+ 0x22, 0x81, 0x11, 0xc3, 0xb2, 0x83, 0xb9, 0xd3, 0x28, 0xc6, 0x36, 0xcd,
0x25, 0x6b, 0xa9, 0x7b,
+ 0xb2, 0x1c, 0xf6, 0x9b, 0x51, 0x9c, 0xef, 0x35, 0xf4, 0xed, 0x08, 0x8e,
0x5e, 0x38, 0x08, 0xf8,
+ 0x77, 0x3c, 0x0a, 0x42, 0xe0, 0xf3, 0x70, 0xdc, 0xa3, 0xd7, 0xca, 0xf5,
0x4c, 0x0b, 0xcf, 0xff,
+ 0x22, 0x9c, 0x0a, 0x7e, 0x68, 0xd6, 0x09, 0xa2, 0x2a, 0x84, 0x7b, 0xa6,
0x9d, 0xb4, 0xa9, 0xc1,
+ 0x33, 0xe2, 0xef, 0x1f, 0x17, 0x48, 0xca, 0x3a, 0xcd, 0x46, 0xe6, 0xc5,
0xaa, 0x77, 0xbd, 0xe3,
+ 0x77, 0x9a, 0xfa, 0x47, 0x53, 0x40, 0x28, 0x59, 0x43, 0x93, 0xf1, 0xa4,
0x81, 0xea, 0xef, 0x80,
+ 0xb5, 0x4f, 0xa7, 0x08, 0xce, 0xba, 0x6e, 0xbc, 0xca, 0x76, 0x0c, 0x97,
0x64, 0x59, 0x86, 0x24,
+ 0xbb, 0x3d, 0x82, 0x90, 0xa8, 0x55, 0xb1, 0x92, 0xd3, 0xa0, 0xa7, 0x05,
0xac, 0x9f, 0x53, 0x25,
+ 0x08, 0x10, 0x47, 0x99, 0xcd, 0x98, 0xde, 0x68, 0xe5, 0xb4, 0x50, 0x78,
0xa3, 0xaf, 0x01, 0xcc,
+ 0x59, 0x43, 0x58, 0xe4, 0x76, 0x6e, 0x7e, 0xac, 0xc7, 0xe2, 0x9e, 0x1f,
0x4f, 0xb0, 0x47, 0x2d,
+ 0xc8, 0x0c, 0xa3, 0x49, 0x27, 0x80, 0x75, 0x8c, 0xbb, 0x06, 0x91, 0x65,
0x0f, 0x90, 0x9b, 0xf4,
+ 0xba, 0xd1, 0x81, 0xc8, 0x5c, 0x6a, 0xec, 0x14, 0xe9, 0x25, 0x09, 0xbf,
0x23, 0x16, 0xf4, 0x95,
+ 0x46, 0x40, 0x40, 0x21, 0xbb, 0x83, 0x96, 0xfd, 0x86, 0x1f, 0x7a, 0xc8,
0x0d, 0x10, 0x8e, 0xa2,
+ 0xf8, 0x19, 0x07, 0x58, 0x7f, 0x9f, 0xbd, 0x37, 0x02, 0x60, 0xf2, 0xa4,
0xe9, 0x9d, 0x44, 0x3f,
+ 0x30, 0x05, 0xe4, 0xa7, 0x70, 0x99, 0x51, 0x9a, 0xe8, 0x17, 0xf1, 0x55,
0xca, 0xb2, 0x61, 0x89,
+ 0x65, 0x46, 0xa7, 0x6a, 0xf2, 0x58, 0x46, 0x7e, 0xaa, 0xa0, 0x07, 0x02,
0x03, 0x01, 0x00, 0x01,
+ 0xa3, 0x81, 0xf4, 0x30, 0x81, 0xf1, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d,
0x23, 0x04, 0x18, 0x30,
+ 0x16, 0x80, 0x14, 0xda, 0xed, 0x64, 0x74, 0x14, 0x9c, 0x14, 0x3c, 0xab,
0xdd, 0x99, 0xa9, 0xbd,
+ 0x5b, 0x28, 0x4d, 0x8b, 0x3c, 0xc9, 0xd8, 0x30, 0x1d, 0x06, 0x03, 0x55,
0x1d, 0x0e, 0x04, 0x16,
+ 0x04, 0x14, 0x2e, 0x2d, 0xb0, 0x0a, 0x44, 0x4a, 0xd3, 0x87, 0xc0, 0x02,
0x07, 0xce, 0x97, 0x7d,
+ 0x50, 0x62, 0x20, 0xfd, 0x0f, 0x83, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d,
0x0f, 0x01, 0x01, 0xff,
+ 0x04, 0x04, 0x03, 0x02, 0x06, 0xc0, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d,
0x13, 0x01, 0x01, 0xff,
+ 0x04, 0x02, 0x30, 0x00, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01,
0x01, 0xff, 0x04, 0x0c,
+ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08,
0x30, 0x42, 0x06, 0x03,
+ 0x55, 0x1d, 0x1f, 0x04, 0x3b, 0x30, 0x39, 0x30, 0x37, 0xa0, 0x35, 0xa0,
0x33, 0x86, 0x31, 0x68,
+ 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x75, 0x73,
0x65, 0x72, 0x74, 0x72,
+ 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x55, 0x54, 0x4e, 0x2d,
0x55, 0x53, 0x45, 0x52,
+ 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74,
0x2e, 0x63, 0x72, 0x6c,
+ 0x30, 0x35, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01,
0x04, 0x29, 0x30, 0x27,
+ 0x30, 0x25, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
0x86, 0x19, 0x68, 0x74,
+ 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x75, 0x73,
0x65, 0x72, 0x74, 0x72,
+ 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7,
+ 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xc8,
0xfb, 0x63, 0xf8, 0x0b,
+ 0x75, 0x75, 0x2c, 0x3a, 0xf1, 0xf2, 0x13, 0xa7, 0x2d, 0xb6, 0xa3, 0x1a,
0x9c, 0xad, 0x01, 0x07,
+ 0xd3, 0x34, 0x8e, 0x77, 0xe0, 0xc2, 0x6e, 0xae, 0x02, 0x5d, 0x48, 0x4f,
0xa4, 0xd2, 0x21, 0xb6,
+ 0x36, 0xfd, 0x2a, 0x35, 0x43, 0x7c, 0x6b, 0xdf, 0x80, 0x87, 0x0b, 0x15,
0xf0, 0x76, 0x32, 0x00,
+ 0xb4, 0xce, 0xb5, 0x67, 0xa4, 0x2f, 0x2f, 0x20, 0x1b, 0x9c, 0x54, 0x9e,
0x83, 0x3f, 0x1f, 0x5f,
+ 0x14, 0x95, 0x62, 0x82, 0x0f, 0x22, 0x41, 0x22, 0x1f, 0x70, 0xb3, 0xf3,
0xf7, 0x42, 0xde, 0x6c,
+ 0x51, 0xcd, 0x4b, 0xf8, 0x21, 0xac, 0x9b, 0x3b, 0x8c, 0xb1, 0xe5, 0xe6,
0x28, 0x8f, 0xce, 0x2a,
+ 0x8a, 0xf9, 0xaa, 0x52, 0x4d, 0x8c, 0x5b, 0x77, 0xba, 0x4d, 0x5a, 0x58,
0xdb, 0xbb, 0x6a, 0x04,
+ 0xcc, 0x52, 0x1e, 0x9d, 0xe2, 0x28, 0x37, 0x0e, 0xbb, 0xe7, 0x0e, 0x91,
0xc7, 0xf8, 0xdb, 0xf1,
+ 0x81, 0x98, 0xeb, 0xcd, 0x37, 0xb3, 0x0e, 0xab, 0x65, 0xd3, 0x62, 0xec,
0x3a, 0xa5, 0x76, 0xeb,
+ 0x13, 0xa8, 0x35, 0x93, 0xc9, 0x2e, 0x0a, 0x01, 0xec, 0xc0, 0xe8, 0xcc,
0x3d, 0x7e, 0xb6, 0xeb,
+ 0xe2, 0xc1, 0xec, 0xd3, 0x14, 0x92, 0x82, 0x66, 0x87, 0x50, 0xdc, 0xfd,
0x50, 0x97, 0xac, 0xb3,
+ 0x4a, 0x76, 0x73, 0x06, 0xc4, 0x86, 0x11, 0x3a, 0xb3, 0x5f, 0x43, 0x04,
0x52, 0x6f, 0xea, 0xb3,
+ 0xd0, 0x74, 0x36, 0x4c, 0xca, 0xf1, 0x1b, 0x79, 0x84, 0x37, 0x70, 0x63,
0xad, 0x74, 0xb9, 0xaa,
+ 0x0e, 0xf3, 0x98, 0xb0, 0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10,
0xf2, 0x39, 0x64, 0x9b,
+ 0xae, 0x4f, 0x0a, 0x2c, 0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d,
0x1a, 0x93, 0x5f, 0x1f,
+ 0xae, 0xf1, 0xa6, 0xf0, 0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x31,
0x82, 0x02, 0x61, 0x30,
+ 0x82, 0x02, 0x5d, 0x02, 0x01, 0x01, 0x30, 0x81, 0xaa, 0x30, 0x81, 0x95,
0x31, 0x0b, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b, 0x30,
0x09, 0x06, 0x03, 0x55,
+ 0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03,
0x55, 0x04, 0x07, 0x13,
+ 0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c, 0x61, 0x6b, 0x65, 0x20, 0x43,
0x69, 0x74, 0x79, 0x31,
+ 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x54, 0x68,
0x65, 0x20, 0x55, 0x53,
+ 0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54, 0x20, 0x4e, 0x65, 0x74, 0x77,
0x6f, 0x72, 0x6b, 0x31,
+ 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x18, 0x68, 0x74,
0x74, 0x70, 0x3a, 0x2f,
+ 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75,
0x73, 0x74, 0x2e, 0x63,
+ 0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
0x14, 0x55, 0x54, 0x4e,
+ 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f,
0x62, 0x6a, 0x65, 0x63,
+ 0x74, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c,
0xe1, 0x42, 0xd2, 0xa2,
+ 0x87, 0x07, 0xbe, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x05, 0x00, 0xa0, 0x81,
+ 0x8c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x09, 0x03, 0x31, 0x0d,
+ 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01,
0x04, 0x30, 0x1c, 0x06,
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05, 0x31, 0x0f,
0x17, 0x0d, 0x31, 0x34,
+ 0x30, 0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0x30,
0x23, 0x06, 0x09, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31, 0x16, 0x04, 0x14,
0x7a, 0xad, 0x35, 0xdc,
+ 0x5b, 0xd6, 0x00, 0xd7, 0x44, 0xac, 0x80, 0x8f, 0x4f, 0xb6, 0xb4, 0x03,
0x62, 0x34, 0x53, 0xdc,
+ 0x30, 0x2b, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
0x10, 0x02, 0x0c, 0x31,
+ 0x1c, 0x30, 0x1a, 0x30, 0x18, 0x30, 0x16, 0x04, 0x14, 0x3d, 0xbb, 0x6d,
0xb5, 0x08, 0x5c, 0x6d,
+ 0xd5, 0xa1, 0xca, 0x7f, 0x9c, 0xf8, 0x4e, 0xcb, 0x1a, 0x39, 0x10, 0xca,
0xc8, 0x30, 0x0d, 0x06,
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
0x04, 0x82, 0x01, 0x00,
+ 0x73, 0x64, 0xb9, 0xa3, 0x54, 0x6f, 0x50, 0x97, 0x01, 0xa7, 0xf6, 0x0d,
0xb8, 0xce, 0x4b, 0xaa,
+ 0x43, 0xa2, 0x8f, 0xa3, 0xea, 0x93, 0xf2, 0xa3, 0xd0, 0x46, 0xde, 0xdd,
0x45, 0xe5, 0x94, 0x5a,
+ 0x45, 0xc2, 0x13, 0x1b, 0x90, 0x9b, 0xcf, 0x73, 0xcd, 0x28, 0x70, 0xf0,
0xf4, 0x54, 0xb5, 0x2d,
+ 0x31, 0xf9, 0xf3, 0x2d, 0x38, 0x78, 0xfe, 0x68, 0xea, 0x3c, 0xc0, 0xbe,
0x0b, 0x5a, 0x91, 0x49,
+ 0x63, 0xeb, 0x26, 0x32, 0x5b, 0x86, 0xcf, 0xe5, 0x8a, 0xa5, 0x9d, 0xe6,
0x4b, 0x57, 0x91, 0x8f,
+ 0x3c, 0xdc, 0xa6, 0x53, 0xd8, 0xdb, 0x8a, 0xfd, 0x3e, 0x7e, 0x19, 0x6f,
0x27, 0x72, 0x95, 0xc2,
+ 0x79, 0x73, 0xdf, 0xfb, 0x08, 0x5c, 0x5b, 0xc8, 0xb7, 0x94, 0x75, 0x88,
0x7a, 0x9a, 0x85, 0x9f,
+ 0x1b, 0xa3, 0x98, 0x30, 0x91, 0xee, 0xc0, 0x52, 0xd2, 0x75, 0x9c, 0xcb,
0x45, 0x0d, 0x94, 0x43,
+ 0x67, 0x7a, 0x49, 0x1c, 0xb1, 0x89, 0x9d, 0x6e, 0xfa, 0x87, 0xd2, 0x4d,
0x6e, 0x74, 0x90, 0xf5,
+ 0x80, 0x8c, 0x92, 0xda, 0xd9, 0xa1, 0x48, 0x20, 0x31, 0x02, 0x79, 0xde,
0xe3, 0xbd, 0x09, 0x04,
+ 0xa8, 0xd4, 0x99, 0xd7, 0x3b, 0xea, 0xf8, 0xdf, 0xb3, 0xb9, 0xd7, 0xa3,
0x36, 0xa1, 0xdb, 0xd3,
+ 0xec, 0x65, 0x8c, 0xb8, 0x8f, 0xfb, 0xd6, 0xef, 0x9c, 0x32, 0x3e, 0xab,
0x20, 0x74, 0xb9, 0x65,
+ 0x4c, 0xc6, 0x15, 0x2f, 0x31, 0x2a, 0x34, 0x3e, 0x84, 0x09, 0xb4, 0x75,
0xbc, 0xbe, 0xaf, 0xb3,
+ 0x9e, 0x85, 0xf1, 0xbb, 0x99, 0x1a, 0x07, 0xbd, 0x20, 0xa6, 0xed, 0xcf,
0xd1, 0xa6, 0x9a, 0x22,
+ 0xb2, 0x6d, 0x75, 0xf4, 0x23, 0x58, 0x13, 0x78, 0x73, 0x1a, 0xb2, 0x84,
0xde, 0xad, 0xe8, 0x6d,
+ 0xe6, 0xe7, 0x5c, 0xb6, 0xe6, 0x5b, 0x10, 0x37, 0x1f, 0xe3, 0x6e, 0xbd,
0x83, 0xd7, 0x51, 0xb1,
+ 0x00, 0x00, 0x00, 0x00, 0x0a
+ };
+
+//
+// The RFC3161 timestamping counterSignature retrieved from the above
AuthenticodeWithTS.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TSCounterSignature[] = {
+ 0x30, 0x82, 0x08, 0x1c, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x07, 0x02, 0xa0,
+ 0x82, 0x08, 0x0d, 0x30, 0x82, 0x08, 0x09, 0x02, 0x01, 0x03, 0x31, 0x0b,
0x30, 0x09, 0x06, 0x05,
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x30, 0x81, 0xf6, 0x06, 0x0b,
0x2a, 0x86, 0x48, 0x86,
+ 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04, 0xa0, 0x81, 0xe6, 0x04, 0x81,
0xe3, 0x30, 0x81, 0xe0,
+ 0x02, 0x01, 0x01, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xb2, 0x31,
0x02, 0x01, 0x01, 0x30,
+ 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00,
0x04, 0x14, 0xcd, 0x06,
+ 0xf0, 0xbd, 0x8b, 0xcd, 0x5c, 0x2e, 0x5a, 0x7c, 0x42, 0x56, 0x2c, 0x20,
0x4a, 0x15, 0xcb, 0x1d,
+ 0x8b, 0x0e, 0x02, 0x15, 0x00, 0xb6, 0xff, 0x47, 0x05, 0xb6, 0x2d, 0x15,
0xac, 0x3f, 0x5d, 0xd9,
+ 0xcf, 0x9d, 0x54, 0x35, 0x56, 0x7c, 0xc1, 0x6e, 0x8b, 0x18, 0x0f, 0x32,
0x30, 0x31, 0x34, 0x30,
+ 0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0xa0, 0x81,
0x83, 0xa4, 0x81, 0x80,
+ 0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x47, 0x42, 0x31,
+ 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x12, 0x47, 0x72,
0x65, 0x61, 0x74, 0x65,
+ 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63, 0x68, 0x65, 0x73, 0x74, 0x65, 0x72,
0x31, 0x10, 0x30, 0x0e,
+ 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f,
0x72, 0x64, 0x31, 0x1a,
+ 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d,
0x4f, 0x44, 0x4f, 0x20,
+ 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x31, 0x24,
0x30, 0x22, 0x06, 0x03,
+ 0x55, 0x04, 0x03, 0x13, 0x1b, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20,
0x54, 0x69, 0x6d, 0x65,
+ 0x20, 0x53, 0x74, 0x61, 0x6d, 0x70, 0x69, 0x6e, 0x67, 0x20, 0x53, 0x69,
0x67, 0x6e, 0x65, 0x72,
+ 0xa0, 0x82, 0x04, 0x97, 0x30, 0x82, 0x04, 0x93, 0x30, 0x82, 0x03, 0x7b,
0xa0, 0x03, 0x02, 0x01,
+ 0x02, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c,
0xe1, 0x42, 0xd2, 0xa2,
+ 0x87, 0x07, 0xbe, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x05,
+ 0x05, 0x00, 0x30, 0x81, 0x95, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02,
+ 0x55, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13,
0x02, 0x55, 0x54, 0x31,
+ 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x0e, 0x53, 0x61,
0x6c, 0x74, 0x20, 0x4c,
+ 0x61, 0x6b, 0x65, 0x20, 0x43, 0x69, 0x74, 0x79, 0x31, 0x1e, 0x30, 0x1c,
0x06, 0x03, 0x55, 0x04,
+ 0x0a, 0x13, 0x15, 0x54, 0x68, 0x65, 0x20, 0x55, 0x53, 0x45, 0x52, 0x54,
0x52, 0x55, 0x53, 0x54,
+ 0x20, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, 0x21, 0x30, 0x1f,
0x06, 0x03, 0x55, 0x04,
+ 0x0b, 0x13, 0x18, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77,
0x77, 0x2e, 0x75, 0x73,
+ 0x65, 0x72, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x31,
0x1d, 0x30, 0x1b, 0x06,
+ 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53,
0x45, 0x52, 0x46, 0x69,
+ 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x30, 0x1e,
0x17, 0x0d, 0x31, 0x30,
+ 0x30, 0x35, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17,
0x0d, 0x31, 0x35, 0x30,
+ 0x35, 0x31, 0x30, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x7e,
0x31, 0x0b, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1b, 0x30,
0x19, 0x06, 0x03, 0x55,
+ 0x04, 0x08, 0x13, 0x12, 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20,
0x4d, 0x61, 0x6e, 0x63,
+ 0x68, 0x65, 0x73, 0x74, 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x07, 0x13,
+ 0x07, 0x53, 0x61, 0x6c, 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a, 0x30, 0x18,
0x06, 0x03, 0x55, 0x04,
+ 0x0a, 0x13, 0x11, 0x43, 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x41,
0x20, 0x4c, 0x69, 0x6d,
+ 0x69, 0x74, 0x65, 0x64, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04,
0x03, 0x13, 0x1b, 0x43,
+ 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65, 0x20, 0x53,
0x74, 0x61, 0x6d, 0x70,
+ 0x69, 0x6e, 0x67, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x30, 0x82,
0x01, 0x22, 0x30, 0x0d,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
0x00, 0x03, 0x82, 0x01,
+ 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbc,
0x35, 0xa0, 0x36, 0x70,
+ 0x22, 0x81, 0x11, 0xc3, 0xb2, 0x83, 0xb9, 0xd3, 0x28, 0xc6, 0x36, 0xcd,
0x25, 0x6b, 0xa9, 0x7b,
+ 0xb2, 0x1c, 0xf6, 0x9b, 0x51, 0x9c, 0xef, 0x35, 0xf4, 0xed, 0x08, 0x8e,
0x5e, 0x38, 0x08, 0xf8,
+ 0x77, 0x3c, 0x0a, 0x42, 0xe0, 0xf3, 0x70, 0xdc, 0xa3, 0xd7, 0xca, 0xf5,
0x4c, 0x0b, 0xcf, 0xff,
+ 0x22, 0x9c, 0x0a, 0x7e, 0x68, 0xd6, 0x09, 0xa2, 0x2a, 0x84, 0x7b, 0xa6,
0x9d, 0xb4, 0xa9, 0xc1,
+ 0x33, 0xe2, 0xef, 0x1f, 0x17, 0x48, 0xca, 0x3a, 0xcd, 0x46, 0xe6, 0xc5,
0xaa, 0x77, 0xbd, 0xe3,
+ 0x77, 0x9a, 0xfa, 0x47, 0x53, 0x40, 0x28, 0x59, 0x43, 0x93, 0xf1, 0xa4,
0x81, 0xea, 0xef, 0x80,
+ 0xb5, 0x4f, 0xa7, 0x08, 0xce, 0xba, 0x6e, 0xbc, 0xca, 0x76, 0x0c, 0x97,
0x64, 0x59, 0x86, 0x24,
+ 0xbb, 0x3d, 0x82, 0x90, 0xa8, 0x55, 0xb1, 0x92, 0xd3, 0xa0, 0xa7, 0x05,
0xac, 0x9f, 0x53, 0x25,
+ 0x08, 0x10, 0x47, 0x99, 0xcd, 0x98, 0xde, 0x68, 0xe5, 0xb4, 0x50, 0x78,
0xa3, 0xaf, 0x01, 0xcc,
+ 0x59, 0x43, 0x58, 0xe4, 0x76, 0x6e, 0x7e, 0xac, 0xc7, 0xe2, 0x9e, 0x1f,
0x4f, 0xb0, 0x47, 0x2d,
+ 0xc8, 0x0c, 0xa3, 0x49, 0x27, 0x80, 0x75, 0x8c, 0xbb, 0x06, 0x91, 0x65,
0x0f, 0x90, 0x9b, 0xf4,
+ 0xba, 0xd1, 0x81, 0xc8, 0x5c, 0x6a, 0xec, 0x14, 0xe9, 0x25, 0x09, 0xbf,
0x23, 0x16, 0xf4, 0x95,
+ 0x46, 0x40, 0x40, 0x21, 0xbb, 0x83, 0x96, 0xfd, 0x86, 0x1f, 0x7a, 0xc8,
0x0d, 0x10, 0x8e, 0xa2,
+ 0xf8, 0x19, 0x07, 0x58, 0x7f, 0x9f, 0xbd, 0x37, 0x02, 0x60, 0xf2, 0xa4,
0xe9, 0x9d, 0x44, 0x3f,
+ 0x30, 0x05, 0xe4, 0xa7, 0x70, 0x99, 0x51, 0x9a, 0xe8, 0x17, 0xf1, 0x55,
0xca, 0xb2, 0x61, 0x89,
+ 0x65, 0x46, 0xa7, 0x6a, 0xf2, 0x58, 0x46, 0x7e, 0xaa, 0xa0, 0x07, 0x02,
0x03, 0x01, 0x00, 0x01,
+ 0xa3, 0x81, 0xf4, 0x30, 0x81, 0xf1, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d,
0x23, 0x04, 0x18, 0x30,
+ 0x16, 0x80, 0x14, 0xda, 0xed, 0x64, 0x74, 0x14, 0x9c, 0x14, 0x3c, 0xab,
0xdd, 0x99, 0xa9, 0xbd,
+ 0x5b, 0x28, 0x4d, 0x8b, 0x3c, 0xc9, 0xd8, 0x30, 0x1d, 0x06, 0x03, 0x55,
0x1d, 0x0e, 0x04, 0x16,
+ 0x04, 0x14, 0x2e, 0x2d, 0xb0, 0x0a, 0x44, 0x4a, 0xd3, 0x87, 0xc0, 0x02,
0x07, 0xce, 0x97, 0x7d,
+ 0x50, 0x62, 0x20, 0xfd, 0x0f, 0x83, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d,
0x0f, 0x01, 0x01, 0xff,
+ 0x04, 0x04, 0x03, 0x02, 0x06, 0xc0, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d,
0x13, 0x01, 0x01, 0xff,
+ 0x04, 0x02, 0x30, 0x00, 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01,
0x01, 0xff, 0x04, 0x0c,
+ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08,
0x30, 0x42, 0x06, 0x03,
+ 0x55, 0x1d, 0x1f, 0x04, 0x3b, 0x30, 0x39, 0x30, 0x37, 0xa0, 0x35, 0xa0,
0x33, 0x86, 0x31, 0x68,
+ 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x75, 0x73,
0x65, 0x72, 0x74, 0x72,
+ 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x55, 0x54, 0x4e, 0x2d,
0x55, 0x53, 0x45, 0x52,
+ 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74,
0x2e, 0x63, 0x72, 0x6c,
+ 0x30, 0x35, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01,
0x04, 0x29, 0x30, 0x27,
+ 0x30, 0x25, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
0x86, 0x19, 0x68, 0x74,
+ 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x75, 0x73,
0x65, 0x72, 0x74, 0x72,
+ 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7,
+ 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xc8,
0xfb, 0x63, 0xf8, 0x0b,
+ 0x75, 0x75, 0x2c, 0x3a, 0xf1, 0xf2, 0x13, 0xa7, 0x2d, 0xb6, 0xa3, 0x1a,
0x9c, 0xad, 0x01, 0x07,
+ 0xd3, 0x34, 0x8e, 0x77, 0xe0, 0xc2, 0x6e, 0xae, 0x02, 0x5d, 0x48, 0x4f,
0xa4, 0xd2, 0x21, 0xb6,
+ 0x36, 0xfd, 0x2a, 0x35, 0x43, 0x7c, 0x6b, 0xdf, 0x80, 0x87, 0x0b, 0x15,
0xf0, 0x76, 0x32, 0x00,
+ 0xb4, 0xce, 0xb5, 0x67, 0xa4, 0x2f, 0x2f, 0x20, 0x1b, 0x9c, 0x54, 0x9e,
0x83, 0x3f, 0x1f, 0x5f,
+ 0x14, 0x95, 0x62, 0x82, 0x0f, 0x22, 0x41, 0x22, 0x1f, 0x70, 0xb3, 0xf3,
0xf7, 0x42, 0xde, 0x6c,
+ 0x51, 0xcd, 0x4b, 0xf8, 0x21, 0xac, 0x9b, 0x3b, 0x8c, 0xb1, 0xe5, 0xe6,
0x28, 0x8f, 0xce, 0x2a,
+ 0x8a, 0xf9, 0xaa, 0x52, 0x4d, 0x8c, 0x5b, 0x77, 0xba, 0x4d, 0x5a, 0x58,
0xdb, 0xbb, 0x6a, 0x04,
+ 0xcc, 0x52, 0x1e, 0x9d, 0xe2, 0x28, 0x37, 0x0e, 0xbb, 0xe7, 0x0e, 0x91,
0xc7, 0xf8, 0xdb, 0xf1,
+ 0x81, 0x98, 0xeb, 0xcd, 0x37, 0xb3, 0x0e, 0xab, 0x65, 0xd3, 0x62, 0xec,
0x3a, 0xa5, 0x76, 0xeb,
+ 0x13, 0xa8, 0x35, 0x93, 0xc9, 0x2e, 0x0a, 0x01, 0xec, 0xc0, 0xe8, 0xcc,
0x3d, 0x7e, 0xb6, 0xeb,
+ 0xe2, 0xc1, 0xec, 0xd3, 0x14, 0x92, 0x82, 0x66, 0x87, 0x50, 0xdc, 0xfd,
0x50, 0x97, 0xac, 0xb3,
+ 0x4a, 0x76, 0x73, 0x06, 0xc4, 0x86, 0x11, 0x3a, 0xb3, 0x5f, 0x43, 0x04,
0x52, 0x6f, 0xea, 0xb3,
+ 0xd0, 0x74, 0x36, 0x4c, 0xca, 0xf1, 0x1b, 0x79, 0x84, 0x37, 0x70, 0x63,
0xad, 0x74, 0xb9, 0xaa,
+ 0x0e, 0xf3, 0x98, 0xb0, 0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10,
0xf2, 0x39, 0x64, 0x9b,
+ 0xae, 0x4f, 0x0a, 0x2c, 0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d,
0x1a, 0x93, 0x5f, 0x1f,
+ 0xae, 0xf1, 0xa6, 0xf0, 0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x31,
0x82, 0x02, 0x61, 0x30,
+ 0x82, 0x02, 0x5d, 0x02, 0x01, 0x01, 0x30, 0x81, 0xaa, 0x30, 0x81, 0x95,
0x31, 0x0b, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0b, 0x30,
0x09, 0x06, 0x03, 0x55,
+ 0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03,
0x55, 0x04, 0x07, 0x13,
+ 0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c, 0x61, 0x6b, 0x65, 0x20, 0x43,
0x69, 0x74, 0x79, 0x31,
+ 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x54, 0x68,
0x65, 0x20, 0x55, 0x53,
+ 0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54, 0x20, 0x4e, 0x65, 0x74, 0x77,
0x6f, 0x72, 0x6b, 0x31,
+ 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x18, 0x68, 0x74,
0x74, 0x70, 0x3a, 0x2f,
+ 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72, 0x75,
0x73, 0x74, 0x2e, 0x63,
+ 0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
0x14, 0x55, 0x54, 0x4e,
+ 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69, 0x72, 0x73, 0x74, 0x2d, 0x4f,
0x62, 0x6a, 0x65, 0x63,
+ 0x74, 0x02, 0x10, 0x47, 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c,
0xe1, 0x42, 0xd2, 0xa2,
+ 0x87, 0x07, 0xbe, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x05, 0x00, 0xa0, 0x81,
+ 0x8c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x09, 0x03, 0x31, 0x0d,
+ 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01,
0x04, 0x30, 0x1c, 0x06,
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05, 0x31, 0x0f,
0x17, 0x0d, 0x31, 0x34,
+ 0x30, 0x37, 0x32, 0x38, 0x30, 0x38, 0x35, 0x30, 0x30, 0x33, 0x5a, 0x30,
0x23, 0x06, 0x09, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31, 0x16, 0x04, 0x14,
0x7a, 0xad, 0x35, 0xdc,
+ 0x5b, 0xd6, 0x00, 0xd7, 0x44, 0xac, 0x80, 0x8f, 0x4f, 0xb6, 0xb4, 0x03,
0x62, 0x34, 0x53, 0xdc,
+ 0x30, 0x2b, 0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
0x10, 0x02, 0x0c, 0x31,
+ 0x1c, 0x30, 0x1a, 0x30, 0x18, 0x30, 0x16, 0x04, 0x14, 0x3d, 0xbb, 0x6d,
0xb5, 0x08, 0x5c, 0x6d,
+ 0xd5, 0xa1, 0xca, 0x7f, 0x9c, 0xf8, 0x4e, 0xcb, 0x1a, 0x39, 0x10, 0xca,
0xc8, 0x30, 0x0d, 0x06,
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
0x04, 0x82, 0x01, 0x00,
+ 0x73, 0x64, 0xb9, 0xa3, 0x54, 0x6f, 0x50, 0x97, 0x01, 0xa7, 0xf6, 0x0d,
0xb8, 0xce, 0x4b, 0xaa,
+ 0x43, 0xa2, 0x8f, 0xa3, 0xea, 0x93, 0xf2, 0xa3, 0xd0, 0x46, 0xde, 0xdd,
0x45, 0xe5, 0x94, 0x5a,
+ 0x45, 0xc2, 0x13, 0x1b, 0x90, 0x9b, 0xcf, 0x73, 0xcd, 0x28, 0x70, 0xf0,
0xf4, 0x54, 0xb5, 0x2d,
+ 0x31, 0xf9, 0xf3, 0x2d, 0x38, 0x78, 0xfe, 0x68, 0xea, 0x3c, 0xc0, 0xbe,
0x0b, 0x5a, 0x91, 0x49,
+ 0x63, 0xeb, 0x26, 0x32, 0x5b, 0x86, 0xcf, 0xe5, 0x8a, 0xa5, 0x9d, 0xe6,
0x4b, 0x57, 0x91, 0x8f,
+ 0x3c, 0xdc, 0xa6, 0x53, 0xd8, 0xdb, 0x8a, 0xfd, 0x3e, 0x7e, 0x19, 0x6f,
0x27, 0x72, 0x95, 0xc2,
+ 0x79, 0x73, 0xdf, 0xfb, 0x08, 0x5c, 0x5b, 0xc8, 0xb7, 0x94, 0x75, 0x88,
0x7a, 0x9a, 0x85, 0x9f,
+ 0x1b, 0xa3, 0x98, 0x30, 0x91, 0xee, 0xc0, 0x52, 0xd2, 0x75, 0x9c, 0xcb,
0x45, 0x0d, 0x94, 0x43,
+ 0x67, 0x7a, 0x49, 0x1c, 0xb1, 0x89, 0x9d, 0x6e, 0xfa, 0x87, 0xd2, 0x4d,
0x6e, 0x74, 0x90, 0xf5,
+ 0x80, 0x8c, 0x92, 0xda, 0xd9, 0xa1, 0x48, 0x20, 0x31, 0x02, 0x79, 0xde,
0xe3, 0xbd, 0x09, 0x04,
+ 0xa8, 0xd4, 0x99, 0xd7, 0x3b, 0xea, 0xf8, 0xdf, 0xb3, 0xb9, 0xd7, 0xa3,
0x36, 0xa1, 0xdb, 0xd3,
+ 0xec, 0x65, 0x8c, 0xb8, 0x8f, 0xfb, 0xd6, 0xef, 0x9c, 0x32, 0x3e, 0xab,
0x20, 0x74, 0xb9, 0x65,
+ 0x4c, 0xc6, 0x15, 0x2f, 0x31, 0x2a, 0x34, 0x3e, 0x84, 0x09, 0xb4, 0x75,
0xbc, 0xbe, 0xaf, 0xb3,
+ 0x9e, 0x85, 0xf1, 0xbb, 0x99, 0x1a, 0x07, 0xbd, 0x20, 0xa6, 0xed, 0xcf,
0xd1, 0xa6, 0x9a, 0x22,
+ 0xb2, 0x6d, 0x75, 0xf4, 0x23, 0x58, 0x13, 0x78, 0x73, 0x1a, 0xb2, 0x84,
0xde, 0xad, 0xe8, 0x6d,
+ 0xe6, 0xe7, 0x5c, 0xb6, 0xe6, 0x5b, 0x10, 0x37, 0x1f, 0xe3, 0x6e, 0xbd,
0x83, 0xd7, 0x51, 0xb1,
+ 0x00, 0x00, 0x00, 0x00, 0x0a
+ };
+
+//
+// The Comodo Time Stamping Signer Certificate Used for the verification of
TimeStamp signature.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TSTrustedCert[] = {
+ 0x30, 0x82, 0x04, 0x93, 0x30, 0x82, 0x03, 0x7b, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x10, 0x47,
+ 0x8a, 0x8e, 0xfb, 0x59, 0xe1, 0xd8, 0x3f, 0x0c, 0xe1, 0x42, 0xd2, 0xa2,
0x87, 0x07, 0xbe, 0x30,
+ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
0x05, 0x00, 0x30, 0x81,
+ 0x95, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x0b,
+ 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x02, 0x55, 0x54, 0x31,
0x17, 0x30, 0x15, 0x06,
+ 0x03, 0x55, 0x04, 0x07, 0x13, 0x0e, 0x53, 0x61, 0x6c, 0x74, 0x20, 0x4c,
0x61, 0x6b, 0x65, 0x20,
+ 0x43, 0x69, 0x74, 0x79, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04,
0x0a, 0x13, 0x15, 0x54,
+ 0x68, 0x65, 0x20, 0x55, 0x53, 0x45, 0x52, 0x54, 0x52, 0x55, 0x53, 0x54,
0x20, 0x4e, 0x65, 0x74,
+ 0x77, 0x6f, 0x72, 0x6b, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04,
0x0b, 0x13, 0x18, 0x68,
+ 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x75, 0x73,
0x65, 0x72, 0x74, 0x72,
+ 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1d, 0x30, 0x1b, 0x06,
0x03, 0x55, 0x04, 0x03,
+ 0x13, 0x14, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52, 0x46, 0x69,
0x72, 0x73, 0x74, 0x2d,
+ 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x30,
0x30, 0x35, 0x31, 0x30,
+ 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x35, 0x30,
0x35, 0x31, 0x30, 0x32,
+ 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x7e, 0x31, 0x0b, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04,
+ 0x06, 0x13, 0x02, 0x47, 0x42, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55,
0x04, 0x08, 0x13, 0x12,
+ 0x47, 0x72, 0x65, 0x61, 0x74, 0x65, 0x72, 0x20, 0x4d, 0x61, 0x6e, 0x63,
0x68, 0x65, 0x73, 0x74,
+ 0x65, 0x72, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
0x07, 0x53, 0x61, 0x6c,
+ 0x66, 0x6f, 0x72, 0x64, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04,
0x0a, 0x13, 0x11, 0x43,
+ 0x4f, 0x4d, 0x4f, 0x44, 0x4f, 0x20, 0x43, 0x41, 0x20, 0x4c, 0x69, 0x6d,
0x69, 0x74, 0x65, 0x64,
+ 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1b, 0x43,
0x4f, 0x4d, 0x4f, 0x44,
+ 0x4f, 0x20, 0x54, 0x69, 0x6d, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6d, 0x70,
0x69, 0x6e, 0x67, 0x20,
+ 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86,
+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01,
0x0f, 0x00, 0x30, 0x82,
+ 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbc, 0x35, 0xa0, 0x36, 0x70,
0x22, 0x81, 0x11, 0xc3,
+ 0xb2, 0x83, 0xb9, 0xd3, 0x28, 0xc6, 0x36, 0xcd, 0x25, 0x6b, 0xa9, 0x7b,
0xb2, 0x1c, 0xf6, 0x9b,
+ 0x51, 0x9c, 0xef, 0x35, 0xf4, 0xed, 0x08, 0x8e, 0x5e, 0x38, 0x08, 0xf8,
0x77, 0x3c, 0x0a, 0x42,
+ 0xe0, 0xf3, 0x70, 0xdc, 0xa3, 0xd7, 0xca, 0xf5, 0x4c, 0x0b, 0xcf, 0xff,
0x22, 0x9c, 0x0a, 0x7e,
+ 0x68, 0xd6, 0x09, 0xa2, 0x2a, 0x84, 0x7b, 0xa6, 0x9d, 0xb4, 0xa9, 0xc1,
0x33, 0xe2, 0xef, 0x1f,
+ 0x17, 0x48, 0xca, 0x3a, 0xcd, 0x46, 0xe6, 0xc5, 0xaa, 0x77, 0xbd, 0xe3,
0x77, 0x9a, 0xfa, 0x47,
+ 0x53, 0x40, 0x28, 0x59, 0x43, 0x93, 0xf1, 0xa4, 0x81, 0xea, 0xef, 0x80,
0xb5, 0x4f, 0xa7, 0x08,
+ 0xce, 0xba, 0x6e, 0xbc, 0xca, 0x76, 0x0c, 0x97, 0x64, 0x59, 0x86, 0x24,
0xbb, 0x3d, 0x82, 0x90,
+ 0xa8, 0x55, 0xb1, 0x92, 0xd3, 0xa0, 0xa7, 0x05, 0xac, 0x9f, 0x53, 0x25,
0x08, 0x10, 0x47, 0x99,
+ 0xcd, 0x98, 0xde, 0x68, 0xe5, 0xb4, 0x50, 0x78, 0xa3, 0xaf, 0x01, 0xcc,
0x59, 0x43, 0x58, 0xe4,
+ 0x76, 0x6e, 0x7e, 0xac, 0xc7, 0xe2, 0x9e, 0x1f, 0x4f, 0xb0, 0x47, 0x2d,
0xc8, 0x0c, 0xa3, 0x49,
+ 0x27, 0x80, 0x75, 0x8c, 0xbb, 0x06, 0x91, 0x65, 0x0f, 0x90, 0x9b, 0xf4,
0xba, 0xd1, 0x81, 0xc8,
+ 0x5c, 0x6a, 0xec, 0x14, 0xe9, 0x25, 0x09, 0xbf, 0x23, 0x16, 0xf4, 0x95,
0x46, 0x40, 0x40, 0x21,
+ 0xbb, 0x83, 0x96, 0xfd, 0x86, 0x1f, 0x7a, 0xc8, 0x0d, 0x10, 0x8e, 0xa2,
0xf8, 0x19, 0x07, 0x58,
+ 0x7f, 0x9f, 0xbd, 0x37, 0x02, 0x60, 0xf2, 0xa4, 0xe9, 0x9d, 0x44, 0x3f,
0x30, 0x05, 0xe4, 0xa7,
+ 0x70, 0x99, 0x51, 0x9a, 0xe8, 0x17, 0xf1, 0x55, 0xca, 0xb2, 0x61, 0x89,
0x65, 0x46, 0xa7, 0x6a,
+ 0xf2, 0x58, 0x46, 0x7e, 0xaa, 0xa0, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
0xa3, 0x81, 0xf4, 0x30,
+ 0x81, 0xf1, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
0x16, 0x80, 0x14, 0xda,
+ 0xed, 0x64, 0x74, 0x14, 0x9c, 0x14, 0x3c, 0xab, 0xdd, 0x99, 0xa9, 0xbd,
0x5b, 0x28, 0x4d, 0x8b,
+ 0x3c, 0xc9, 0xd8, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
0x04, 0x14, 0x2e, 0x2d,
+ 0xb0, 0x0a, 0x44, 0x4a, 0xd3, 0x87, 0xc0, 0x02, 0x07, 0xce, 0x97, 0x7d,
0x50, 0x62, 0x20, 0xfd,
+ 0x0f, 0x83, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff,
0x04, 0x04, 0x03, 0x02,
+ 0x06, 0xc0, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
0x04, 0x02, 0x30, 0x00,
+ 0x30, 0x16, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x01, 0x01, 0xff, 0x04, 0x0c,
0x30, 0x0a, 0x06, 0x08,
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08, 0x30, 0x42, 0x06, 0x03,
0x55, 0x1d, 0x1f, 0x04,
+ 0x3b, 0x30, 0x39, 0x30, 0x37, 0xa0, 0x35, 0xa0, 0x33, 0x86, 0x31, 0x68,
0x74, 0x74, 0x70, 0x3a,
+ 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
0x75, 0x73, 0x74, 0x2e,
+ 0x63, 0x6f, 0x6d, 0x2f, 0x55, 0x54, 0x4e, 0x2d, 0x55, 0x53, 0x45, 0x52,
0x46, 0x69, 0x72, 0x73,
+ 0x74, 0x2d, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x2e, 0x63, 0x72, 0x6c,
0x30, 0x35, 0x06, 0x08,
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x29, 0x30, 0x27,
0x30, 0x25, 0x06, 0x08,
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x19, 0x68, 0x74,
0x74, 0x70, 0x3a, 0x2f,
+ 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x74, 0x72,
0x75, 0x73, 0x74, 0x2e,
+ 0x63, 0x6f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x05,
+ 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xc8, 0xfb, 0x63, 0xf8, 0x0b,
0x75, 0x75, 0x2c, 0x3a,
+ 0xf1, 0xf2, 0x13, 0xa7, 0x2d, 0xb6, 0xa3, 0x1a, 0x9c, 0xad, 0x01, 0x07,
0xd3, 0x34, 0x8e, 0x77,
+ 0xe0, 0xc2, 0x6e, 0xae, 0x02, 0x5d, 0x48, 0x4f, 0xa4, 0xd2, 0x21, 0xb6,
0x36, 0xfd, 0x2a, 0x35,
+ 0x43, 0x7c, 0x6b, 0xdf, 0x80, 0x87, 0x0b, 0x15, 0xf0, 0x76, 0x32, 0x00,
0xb4, 0xce, 0xb5, 0x67,
+ 0xa4, 0x2f, 0x2f, 0x20, 0x1b, 0x9c, 0x54, 0x9e, 0x83, 0x3f, 0x1f, 0x5f,
0x14, 0x95, 0x62, 0x82,
+ 0x0f, 0x22, 0x41, 0x22, 0x1f, 0x70, 0xb3, 0xf3, 0xf7, 0x42, 0xde, 0x6c,
0x51, 0xcd, 0x4b, 0xf8,
+ 0x21, 0xac, 0x9b, 0x3b, 0x8c, 0xb1, 0xe5, 0xe6, 0x28, 0x8f, 0xce, 0x2a,
0x8a, 0xf9, 0xaa, 0x52,
+ 0x4d, 0x8c, 0x5b, 0x77, 0xba, 0x4d, 0x5a, 0x58, 0xdb, 0xbb, 0x6a, 0x04,
0xcc, 0x52, 0x1e, 0x9d,
+ 0xe2, 0x28, 0x37, 0x0e, 0xbb, 0xe7, 0x0e, 0x91, 0xc7, 0xf8, 0xdb, 0xf1,
0x81, 0x98, 0xeb, 0xcd,
+ 0x37, 0xb3, 0x0e, 0xab, 0x65, 0xd3, 0x62, 0xec, 0x3a, 0xa5, 0x76, 0xeb,
0x13, 0xa8, 0x35, 0x93,
+ 0xc9, 0x2e, 0x0a, 0x01, 0xec, 0xc0, 0xe8, 0xcc, 0x3d, 0x7e, 0xb6, 0xeb,
0xe2, 0xc1, 0xec, 0xd3,
+ 0x14, 0x92, 0x82, 0x66, 0x87, 0x50, 0xdc, 0xfd, 0x50, 0x97, 0xac, 0xb3,
0x4a, 0x76, 0x73, 0x06,
+ 0xc4, 0x86, 0x11, 0x3a, 0xb3, 0x5f, 0x43, 0x04, 0x52, 0x6f, 0xea, 0xb3,
0xd0, 0x74, 0x36, 0x4c,
+ 0xca, 0xf1, 0x1b, 0x79, 0x84, 0x37, 0x70, 0x63, 0xad, 0x74, 0xb9, 0xaa,
0x0e, 0xf3, 0x98, 0xb0,
+ 0x86, 0x08, 0xeb, 0xdb, 0xe0, 0x1f, 0x8c, 0x10, 0xf2, 0x39, 0x64, 0x9b,
0xae, 0x4f, 0x0a, 0x2c,
+ 0x92, 0x8a, 0x4f, 0x18, 0xb5, 0x91, 0xe5, 0x8d, 0x1a, 0x93, 0x5f, 0x1f,
0xae, 0xf1, 0xa6, 0xf0,
+ 0x2e, 0x97, 0xd0, 0xd2, 0xf6, 0x2b, 0x3c, 0x0a
+ };
+
+/**
+ Validate MSFT Authenticode & Timestamping CounterSignature.
+
+ @retval TRUE Validation succeeded.
+ @retval FALSE Validation failed.
+
+**/
+BOOLEAN
+VerifyTSCounterSignature (
+ VOID
+ )
+{
+ BOOLEAN Status;
+ EFI_TIME SigningTime;
+
+ Status = FALSE;
+
+ Print (L"\n- Verify RFC3161 TimeStamp CounterSignature in PE/COFF
Authenticode ... ");
+ //
+ // Verify RFC3161 Timestamp CounterSignature.
+ //
+ Status = ImageTimestampVerify (
+ AuthenticodeWithTS,
+ sizeof (AuthenticodeWithTS),
+ TSTrustedCert,
+ sizeof (TSTrustedCert),
+ &SigningTime
+ );
+ if (Status) {
+ Print (L"[Pass]\n");
+ Print (L" --> The PE/COFF was signed at <%t>", &SigningTime);
+ } else {
+ Print (L"[Fail]");
+ }
+
+ return Status;
+}
+
+/**
+ Validate UEFI-OpenSSL RFC3161 Timestamp CounterSignature Verification
Interfaces.
+
+ @retval EFI_SUCCESS Validation succeeded.
+ @retval EFI_ABORTED Validation failed.
+
+**/
+EFI_STATUS
+ValidateTSCounterSignature (
+ VOID
+ )
+{
+ BOOLEAN Status;
+
+ Print (L"\nUEFI-OpenSSL RFC3161 Timestamp Signature Testing: ");
+
+ Status = VerifyTSCounterSignature ();
+
+ Print (L"\n");
+
+ if (Status) {
+ return EFI_SUCCESS;
+ } else {
+ return EFI_ABORTED;
+ }
+}
Modified: branches/UDK2014.SP1/CryptoPkg/Contributions.txt
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Contributions.txt 2015-08-25 03:11:06 UTC
(rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Contributions.txt 2015-08-25 05:52:47 UTC
(rev 18296)
@@ -34,9 +34,9 @@
Contributions using other licenses might be accepted, but further
review will be required.
-=======================================
-= Change Description / Commit Message =
-=======================================
+=====================================================
+= Change Description / Commit Message / Patch Email =
+=====================================================
Your change description should use the standard format for a
commit message, and must include your "Signed-off-by" signature
@@ -44,8 +44,33 @@
== Sample Change Description / Commit Message =
-=== Definitions for sample change description ===
+=== Start of sample patch email message ===
+From: Contributor Name <[email protected]>
+Subject: [PATCH] CodeModule: Brief-single-line-summary
+
+Full-commit-message
+
+Contributed-under: TianoCore Contribution Agreement 1.0
+Signed-off-by: Contributor Name <[email protected]>
+---
+
+An extra message for the patch email which will not be considered part
+of the commit message can be added here.
+
+Patch content inline or attached
+
+=== End of sample patch email message ===
+
+=== Notes for sample patch email ===
+
+* The first line of commit message is taken from the email's subject
+ line following [PATCH]. The remaining portion of the commit message
+ is the email's content until the '---' line.
+* git format-patch is one way to create this format
+
+=== Definitions for sample patch email ===
+
* "CodeModule" is a short idenfier for the affected code. For
example MdePkg, or MdeModulePkg UsbBusDxe.
* "Brief-single-line-summary" is a short summary of the change.
@@ -58,15 +83,6 @@
* "Signed-off-by" is the contributor's signature identifying them
by their real/legal name and their email address.
-=== Start of sample change description / commit message ===
-CodeModule: Brief-single-line-summary
-
-Full-commit-message
-
-Contributed-under: TianoCore Contribution Agreement 1.0
-Signed-off-by: Contributor Name <[email protected]>
-=== End of sample change description / commit message ===
-
========================================
= TianoCore Contribution Agreement 1.0 =
========================================
Modified: branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dec
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dec 2015-08-25 03:11:06 UTC
(rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dec 2015-08-25 05:52:47 UTC
(rev 18296)
@@ -4,7 +4,7 @@
# This Package provides cryptographic-related libraries for UEFI security
modules.
# It also provides a test application to test libraries.
#
-# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -20,7 +20,7 @@
PACKAGE_NAME = CryptoPkg
PACKAGE_UNI_FILE = CryptoPkg.uni
PACKAGE_GUID = 36470E80-36F2-4ba0-8CC8-937C7D9FF888
- PACKAGE_VERSION = 0.94
+ PACKAGE_VERSION = 0.96
[Includes]
Include
Modified: branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dsc
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dsc 2015-08-25 03:11:06 UTC
(rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/CryptoPkg.dsc 2015-08-25 05:52:47 UTC
(rev 18296)
@@ -1,7 +1,7 @@
## @file
# Cryptographic Library Package for UEFI Security Implementation.
#
-# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -20,7 +20,7 @@
[Defines]
PLATFORM_NAME = CryptoPkg
PLATFORM_GUID = E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6
- PLATFORM_VERSION = 0.94
+ PLATFORM_VERSION = 0.96
DSC_SPECIFICATION = 0x00010005
OUTPUT_DIRECTORY = Build/CryptoPkg
SUPPORTED_ARCHITECTURES = IA32|X64|IPF|ARM|AARCH64
Modified: branches/UDK2014.SP1/CryptoPkg/Include/Library/BaseCryptLib.h
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Include/Library/BaseCryptLib.h
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Include/Library/BaseCryptLib.h
2015-08-25 05:52:47 UTC (rev 18296)
@@ -4,7 +4,7 @@
primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
functionality enabling.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -18,6 +18,8 @@
#ifndef __BASE_CRYPT_LIB_H__
#define __BASE_CRYPT_LIB_H__
+#include <Uefi/UefiBaseType.h>
+
///
/// MD4 digest size in bytes
///
@@ -39,6 +41,16 @@
#define SHA256_DIGEST_SIZE 32
///
+/// SHA-384 digest size in bytes
+///
+#define SHA384_DIGEST_SIZE 48
+
+///
+/// SHA-512 digest size in bytes
+///
+#define SHA512_DIGEST_SIZE 64
+
+///
/// TDES block size in bytes
///
#define TDES_BLOCK_SIZE 8
@@ -513,7 +525,216 @@
OUT UINT8 *HashValue
);
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-384
hash operations.
+ @return The size, in bytes, of the context buffer required for SHA-384 hash
operations.
+
+**/
+UINTN
+EFIAPI
+Sha384GetContextSize (
+ VOID
+ );
+
+/**
+ Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash
context for
+ subsequent use.
+
+ If Sha384Context is NULL, then return FALSE.
+
+ @param[out] Sha384Context Pointer to SHA-384 context being initialized.
+
+ @retval TRUE SHA-384 context initialization succeeded.
+ @retval FALSE SHA-384 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Init (
+ OUT VOID *Sha384Context
+ );
+
+/**
+ Makes a copy of an existing SHA-384 context.
+
+ If Sha384Context is NULL, then return FALSE.
+ If NewSha384Context is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] Sha384Context Pointer to SHA-384 context being copied.
+ @param[out] NewSha384Context Pointer to new SHA-384 context.
+
+ @retval TRUE SHA-384 context copy succeeded.
+ @retval FALSE SHA-384 context copy failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Duplicate (
+ IN CONST VOID *Sha384Context,
+ OUT VOID *NewSha384Context
+ );
+
+/**
+ Digests the input data and updates SHA-384 context.
+
+ This function performs SHA-384 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or
discontinuous data streams.
+ SHA-384 context should be already correctly intialized by Sha384Init(), and
should not be finalized
+ by Sha384Final(). Behavior with invalid context is undefined.
+
+ If Sha384Context is NULL, then return FALSE.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[in] Data Pointer to the buffer containing the data to
be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE SHA-384 data digest succeeded.
+ @retval FALSE SHA-384 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Update (
+ IN OUT VOID *Sha384Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ );
+
+/**
+ Completes computation of the SHA-384 digest value.
+
+ This function completes SHA-384 hash computation and retrieves the digest
value into
+ the specified memory. After this function has been called, the SHA-384
context cannot
+ be used again.
+ SHA-384 context should be already correctly intialized by Sha384Init(), and
should not be
+ finalized by Sha384Final(). Behavior with invalid SHA-384 context is
undefined.
+
+ If Sha384Context is NULL, then return FALSE.
+ If HashValue is NULL, then return FALSE.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[out] HashValue Pointer to a buffer that receives the
SHA-384 digest
+ value (48 bytes).
+
+ @retval TRUE SHA-384 digest computation succeeded.
+ @retval FALSE SHA-384 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Final (
+ IN OUT VOID *Sha384Context,
+ OUT UINT8 *HashValue
+ );
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-512
hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-512 hash
operations.
+
+**/
+UINTN
+EFIAPI
+Sha512GetContextSize (
+ VOID
+ );
+
+/**
+ Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash
context for
+ subsequent use.
+
+ If Sha512Context is NULL, then return FALSE.
+
+ @param[out] Sha512Context Pointer to SHA-512 context being initialized.
+
+ @retval TRUE SHA-512 context initialization succeeded.
+ @retval FALSE SHA-512 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Init (
+ OUT VOID *Sha512Context
+ );
+
+/**
+ Makes a copy of an existing SHA-512 context.
+
+ If Sha512Context is NULL, then return FALSE.
+ If NewSha512Context is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] Sha512Context Pointer to SHA-512 context being copied.
+ @param[out] NewSha512Context Pointer to new SHA-512 context.
+
+ @retval TRUE SHA-512 context copy succeeded.
+ @retval FALSE SHA-512 context copy failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Duplicate (
+ IN CONST VOID *Sha512Context,
+ OUT VOID *NewSha512Context
+ );
+
+/**
+ Digests the input data and updates SHA-512 context.
+
+ This function performs SHA-512 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or
discontinuous data streams.
+ SHA-512 context should be already correctly intialized by Sha512Init(), and
should not be finalized
+ by Sha512Final(). Behavior with invalid context is undefined.
+
+ If Sha512Context is NULL, then return FALSE.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[in] Data Pointer to the buffer containing the data to
be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE SHA-512 data digest succeeded.
+ @retval FALSE SHA-512 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Update (
+ IN OUT VOID *Sha512Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ );
+
+/**
+ Completes computation of the SHA-512 digest value.
+
+ This function completes SHA-512 hash computation and retrieves the digest
value into
+ the specified memory. After this function has been called, the SHA-512
context cannot
+ be used again.
+ SHA-512 context should be already correctly intialized by Sha512Init(), and
should not be
+ finalized by Sha512Final(). Behavior with invalid SHA-512 context is
undefined.
+
+ If Sha512Context is NULL, then return FALSE.
+ If HashValue is NULL, then return FALSE.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[out] HashValue Pointer to a buffer that receives the
SHA-512 digest
+ value (64 bytes).
+
+ @retval TRUE SHA-512 digest computation succeeded.
+ @retval FALSE SHA-512 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Final (
+ IN OUT VOID *Sha512Context,
+ OUT UINT8 *HashValue
+ );
+
//=====================================================================================
// MAC (Message Authentication Code) Primitive
//=====================================================================================
@@ -754,7 +975,6 @@
OUT UINT8 *HmacValue
);
-
//=====================================================================================
// Symmetric Cryptography Primitive
//=====================================================================================
@@ -1395,7 +1615,7 @@
@param[in, out] RsaContext Pointer to RSA context being set.
@param[in] ModulusLength Length of RSA modulus N in bits.
@param[in] PublicExponent Pointer to RSA public exponent.
- @param[in] PublicExponentSize Size of RSA public exponent buffer in
bytes.
+ @param[in] PublicExponentSize Size of RSA public exponent buffer in
bytes.
@retval TRUE RSA key component was generated successfully.
@retval FALSE Invalid RSA key component tag.
@@ -1413,6 +1633,8 @@
/**
Validates key components of RSA context.
+ NOTE: This function performs integrity checks on all the RSA key material, so
+ the RSA key structure must contain all the private key data.
This function validates key compoents of RSA context in following aspects:
- Whether p is a prime
@@ -1519,7 +1741,6 @@
@retval TRUE RSA Private Key was retrieved successfully.
@retval FALSE Invalid PEM key data or incorrect password.
@retval FALSE This interface is not supported.
-
**/
BOOLEAN
@@ -1642,13 +1863,13 @@
If X509Stack is NULL, then return FALSE.
If this interface is not supported, then return FALSE.
- @param[in, out] X509Stack On input, pointer to an existing X509 stack
object.
+ @param[in, out] X509Stack On input, pointer to an existing or NULL X509
stack object.
On output, pointer to the X509 stack object with
new
inserted X509 certificate.
@param ... A list of DER-encoded single certificate data
followed
by certificate size. A NULL terminates the list.
The
pairs are the arguments to
X509ConstructCertificate().
-
+
@retval TRUE The X509 stack construction succeeded.
@retval FALSE The construction operation failed.
@retval FALSE This interface is not supported.
@@ -1658,7 +1879,7 @@
EFIAPI
X509ConstructCertificateStack (
IN OUT UINT8 **X509Stack,
- ...
+ ...
);
/**
@@ -1690,6 +1911,32 @@
);
/**
+ Retrieve the TBSCertificate from one given X.509 certificate.
+
+ @param[in] Cert Pointer to the given DER-encoded X509
certificate.
+ @param[in] CertSize Size of the X509 certificate in bytes.
+ @param[out] TBSCert DER-Encoded To-Be-Signed certificate.
+ @param[out] TBSCertSize Size of the TBS certificate in bytes.
+
+ If Cert is NULL, then return FALSE.
+ If TBSCert is NULL, then return FALSE.
+ If TBSCertSize is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @retval TRUE The TBSCertificate was retrieved successfully.
+ @retval FALSE Invalid X.509 certificate.
+
+**/
+BOOLEAN
+EFIAPI
+X509GetTBSCert (
+ IN CONST UINT8 *Cert,
+ IN UINTN CertSize,
+ OUT UINT8 **TBSCert,
+ OUT UINTN *TBSCertSize
+ );
+
+/**
Get the signer's certificates from PKCS#7 signed data as described in "PKCS
#7:
Cryptographic Message Syntax Standard". The input signed data could be
wrapped
in a ContentInfo structure.
@@ -1811,6 +2058,35 @@
);
/**
+ Extracts the attached content from a PKCS#7 signed data if existed. The
input signed
+ data could be wrapped in a ContentInfo structure.
+
+ If P7Data, Content, or ContentSize is NULL, then return FALSE. If P7Length
overflow,
+ then return FAlSE. If the P7Data is not correctly formatted, then return
FALSE.
+
+ Caution: This function may receive untrusted input. So this function will do
+ basic check for PKCS#7 data structure.
+
+ @param[in] P7Data Pointer to the PKCS#7 signed data to process.
+ @param[in] P7Length Length of the PKCS#7 signed data in bytes.
+ @param[out] Content Pointer to the extracted content from the PKCS#7
signedData.
+ It's caller's responsiblity to free the buffer.
+ @param[out] ContentSize The size of the extracted content in bytes.
+
+ @retval TRUE The P7Data was correctly formatted for processing.
+ @retval FALSE The P7Data was not correctly formatted for
processing.
+
+*/
+BOOLEAN
+EFIAPI
+Pkcs7GetAttachedContent (
+ IN CONST UINT8 *P7Data,
+ IN UINTN P7Length,
+ OUT VOID **Content,
+ OUT UINTN *ContentSize
+ );
+
+/**
Verifies the validility of a PE/COFF Authenticode Signature as described in
"Windows
Authenticode Portable Executable Signature Format".
@@ -1845,6 +2121,36 @@
IN UINTN HashSize
);
+/**
+ Verifies the validility of a RFC3161 Timestamp CounterSignature embedded in
PE/COFF Authenticode
+ signature.
+
+ If AuthData is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] AuthData Pointer to the Authenticode Signature retrieved
from signed
+ PE/COFF image to be verified.
+ @param[in] DataSize Size of the Authenticode Signature in bytes.
+ @param[in] TsaCert Pointer to a trusted/root TSA certificate encoded
in DER, which
+ is used for TSA certificate chain verification.
+ @param[in] CertSize Size of the trusted certificate in bytes.
+ @param[out] SigningTime Return the time of timestamp generation time if the
timestamp
+ signature is valid.
+
+ @retval TRUE The specified Authenticode includes a valid RFC3161
Timestamp CounterSignature.
+ @retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified
Authenticode data.
+
+**/
+BOOLEAN
+EFIAPI
+ImageTimestampVerify (
+ IN CONST UINT8 *AuthData,
+ IN UINTN DataSize,
+ IN CONST UINT8 *TsaCert,
+ IN UINTN CertSize,
+ OUT EFI_TIME *SigningTime
+ );
+
//=====================================================================================
// DH Key Exchange Primitive
//=====================================================================================
@@ -1882,7 +2188,7 @@
Given generator g, and length of prime number p in bits, this function
generates p,
and sets DH context according to value of g and p.
-
+
Before this function can be invoked, pseudorandom number generator must be
correctly
initialized by RandomSeed().
@@ -1945,7 +2251,7 @@
/**
Generates DH public key.
- This function generates random secret exponent, and computes the public key,
which is
+ This function generates random secret exponent, and computes the public key,
which is
returned via parameter PublicKey and PublicKeySize. DH context is updated
accordingly.
If the PublicKey buffer is too small to hold the public key, FALSE is
returned and
PublicKeySize is set to the required buffer size to obtain the public key.
Modified: branches/UDK2014.SP1/CryptoPkg/Include/OpenSslSupport.h
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Include/OpenSslSupport.h 2015-08-25
03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Include/OpenSslSupport.h 2015-08-25
05:52:47 UTC (rev 18296)
@@ -1,7 +1,7 @@
/** @file
Root include file to support building OpenSSL Crypto Library.
-Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -72,7 +72,7 @@
portably, hence it is provided by a Standard C header file.
For pre-Standard C compilers, here is a version that usually works
(but watch out!): */
-#define offsetof(type, member) ( (int) & ((type*)0) -> member )
+#define offsetof(type, member) OFFSET_OF (type, member)
//
// Basic types from EFI Application Toolkit required to buiild Open SSL
@@ -109,6 +109,11 @@
char *tm_zone; /* timezone abbreviation */
};
+struct timeval {
+ long tv_sec; /* time value, in seconds */
+ long tv_usec; /* time value, in microseconds */
+} timeval;
+
struct dirent {
UINT32 d_fileno; /* file number of entry */
UINT16 d_reclen; /* length of this record */
@@ -240,5 +245,6 @@
#define assert(expression)
#define localtime(timer) NULL
#define gmtime_r(timer,result) (result = NULL)
+#define atoi(nptr) AsciiStrDecimalToUintn(nptr)
#endif
Added: branches/UDK2014.SP1/CryptoPkg/Include/memory.h
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Include/memory.h
(rev 0)
+++ branches/UDK2014.SP1/CryptoPkg/Include/memory.h 2015-08-25 05:52:47 UTC
(rev 18296)
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD
License
+which accompanies this distribution. The full text of the license may be
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <OpenSslSupport.h>
+
Modified: branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
2015-08-25 05:52:47 UTC (rev 18296)
@@ -3,7 +3,7 @@
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
-# This external input must be validated carefully to avoid security issues
such as
+# This external input must be validated carefully to avoid security issues
such as
# buffer overflow or integer overflow.
#
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
@@ -11,10 +11,10 @@
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
# http://opensource.org/licenses/bsd-license.php
-#
+#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
IMPLIED.
-#
+#
##
[Defines]
@@ -38,6 +38,7 @@
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
+ Hash/CryptSha512.c
Hmac/CryptHmacMd5.c
Hmac/CryptHmacSha1.c
Cipher/CryptAes.c
@@ -50,6 +51,7 @@
Pk/CryptDh.c
Pk/CryptX509.c
Pk/CryptAuthenticode.c
+ Pk/CryptTs.c
Pem/CryptPem.c
SysCall/CrtWrapper.c
@@ -57,24 +59,6 @@
SysCall/BaseMemAllocation.c
[Sources.Ia32]
- SysCall/Ia32/MathMultS64x64.c | MSFT
- SysCall/Ia32/MathDivU64x64.c | MSFT
- SysCall/Ia32/MathReminderU64x64.c | MSFT
- SysCall/Ia32/MathLShiftS64.c | MSFT
- SysCall/Ia32/MathRShiftU64.c | MSFT
-
- SysCall/Ia32/MathMultS64x64.c | INTEL
- SysCall/Ia32/MathDivU64x64.c | INTEL
- SysCall/Ia32/MathReminderU64x64.c | INTEL
- SysCall/Ia32/MathLShiftS64.c | INTEL
- SysCall/Ia32/MathRShiftU64.c | INTEL
-
- SysCall/Ia32/MathMultS64x64.S | GCC
- SysCall/Ia32/MathDivU64x64.S | GCC
- SysCall/Ia32/MathReminderU64x64.S | GCC
- SysCall/Ia32/MathLShiftS64.S | GCC
- SysCall/Ia32/MathRShiftU64.S | GCC
-
Rand/CryptRandTsc.c
[Sources.X64]
@@ -107,4 +91,7 @@
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
+ # suppress the following warnings so we do not break the build with
warnings-as-errors:
+ # C4305: truncation from type1 to type2 (Introduced by RFC3161 Timestamp
ASN.1 declarations)
+ MSFT:*_*_*_CC_FLAGS = /wd4305
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))"
"-D__declspec(t)=__attribute__((t))"
Modified: branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -56,7 +56,7 @@
//
// Check input parameters.
//
- if ((Md5Context == NULL)) {
+ if (Md5Context == NULL) {
return FALSE;
}
Added: branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
(rev 0)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -0,0 +1,354 @@
+/** @file
+ SHA-384 and SHA-512 Digest Wrapper Implementations over OpenSSL.
+
+Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD
License
+which accompanies this distribution. The full text of the license may be
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include <openssl/sha.h>
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-384
hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-384 hash
operations.
+
+**/
+UINTN
+EFIAPI
+Sha384GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves OpenSSL SHA-384 Context Size
+ //
+ return (UINTN) (sizeof (SHA512_CTX));
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash
context for
+ subsequent use.
+
+ If Sha384Context is NULL, then return FALSE.
+
+ @param[out] Sha384Context Pointer to SHA-384 context being initialized.
+
+ @retval TRUE SHA-384 context initialization succeeded.
+ @retval FALSE SHA-384 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Init (
+ OUT VOID *Sha384Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-384 Context Initialization
+ //
+ return (BOOLEAN) (SHA384_Init ((SHA512_CTX *) Sha384Context));
+}
+
+/**
+ Makes a copy of an existing SHA-384 context.
+
+ If Sha384Context is NULL, then return FALSE.
+ If NewSha384Context is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] Sha384Context Pointer to SHA-384 context being copied.
+ @param[out] NewSha384Context Pointer to new SHA-384 context.
+
+ @retval TRUE SHA-384 context copy succeeded.
+ @retval FALSE SHA-384 context copy failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Duplicate (
+ IN CONST VOID *Sha384Context,
+ OUT VOID *NewSha384Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL || NewSha384Context == NULL) {
+ return FALSE;
+ }
+
+ CopyMem (NewSha384Context, Sha384Context, sizeof (SHA512_CTX));
+
+ return TRUE;
+}
+
+/**
+ Digests the input data and updates SHA-384 context.
+
+ This function performs SHA-384 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or
discontinuous data streams.
+ SHA-384 context should be already correctly intialized by Sha384Init(), and
should not be finalized
+ by Sha384Final(). Behavior with invalid context is undefined.
+
+ If Sha384Context is NULL, then return FALSE.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[in] Data Pointer to the buffer containing the data to
be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE SHA-384 data digest succeeded.
+ @retval FALSE SHA-384 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Update (
+ IN OUT VOID *Sha384Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Check invalid parameters, in case that only DataLength was checked in
OpenSSL
+ //
+ if (Data == NULL && DataSize != 0) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-384 Hash Update
+ //
+ return (BOOLEAN) (SHA384_Update ((SHA512_CTX *) Sha384Context, Data,
DataSize));
+}
+
+/**
+ Completes computation of the SHA-384 digest value.
+
+ This function completes SHA-384 hash computation and retrieves the digest
value into
+ the specified memory. After this function has been called, the SHA-384
context cannot
+ be used again.
+ SHA-384 context should be already correctly intialized by Sha384Init(), and
should not be
+ finalized by Sha384Final(). Behavior with invalid SHA-384 context is
undefined.
+
+ If Sha384Context is NULL, then return FALSE.
+ If HashValue is NULL, then return FALSE.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[out] HashValue Pointer to a buffer that receives the
SHA-384 digest
+ value (48 bytes).
+
+ @retval TRUE SHA-384 digest computation succeeded.
+ @retval FALSE SHA-384 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Final (
+ IN OUT VOID *Sha384Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL || HashValue == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-384 Hash Finalization
+ //
+ return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha384Context));
+}
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-512
hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-512 hash
operations.
+
+**/
+UINTN
+EFIAPI
+Sha512GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves OpenSSL SHA-512 Context Size
+ //
+ return (UINTN) (sizeof (SHA512_CTX));
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash
context for
+ subsequent use.
+
+ If Sha512Context is NULL, then return FALSE.
+
+ @param[out] Sha512Context Pointer to SHA-512 context being initialized.
+
+ @retval TRUE SHA-512 context initialization succeeded.
+ @retval FALSE SHA-512 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Init (
+ OUT VOID *Sha512Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-512 Context Initialization
+ //
+ return (BOOLEAN) (SHA512_Init ((SHA512_CTX *) Sha512Context));
+}
+
+/**
+ Makes a copy of an existing SHA-512 context.
+
+ If Sha512Context is NULL, then return FALSE.
+ If NewSha512Context is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] Sha512Context Pointer to SHA-512 context being copied.
+ @param[out] NewSha512Context Pointer to new SHA-512 context.
+
+ @retval TRUE SHA-512 context copy succeeded.
+ @retval FALSE SHA-512 context copy failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Duplicate (
+ IN CONST VOID *Sha512Context,
+ OUT VOID *NewSha512Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL || NewSha512Context == NULL) {
+ return FALSE;
+ }
+
+ CopyMem (NewSha512Context, Sha512Context, sizeof (SHA512_CTX));
+
+ return TRUE;
+}
+
+/**
+ Digests the input data and updates SHA-512 context.
+
+ This function performs SHA-512 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or
discontinuous data streams.
+ SHA-512 context should be already correctly intialized by Sha512Init(), and
should not be finalized
+ by Sha512Final(). Behavior with invalid context is undefined.
+
+ If Sha512Context is NULL, then return FALSE.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[in] Data Pointer to the buffer containing the data to
be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE SHA-512 data digest succeeded.
+ @retval FALSE SHA-512 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Update (
+ IN OUT VOID *Sha512Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Check invalid parameters, in case that only DataLength was checked in
OpenSSL
+ //
+ if (Data == NULL && DataSize != 0) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-512 Hash Update
+ //
+ return (BOOLEAN) (SHA512_Update ((SHA512_CTX *) Sha512Context, Data,
DataSize));
+}
+
+/**
+ Completes computation of the SHA-512 digest value.
+
+ This function completes SHA-512 hash computation and retrieves the digest
value into
+ the specified memory. After this function has been called, the SHA-512
context cannot
+ be used again.
+ SHA-512 context should be already correctly intialized by Sha512Init(), and
should not be
+ finalized by Sha512Final(). Behavior with invalid SHA-512 context is
undefined.
+
+ If Sha512Context is NULL, then return FALSE.
+ If HashValue is NULL, then return FALSE.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[out] HashValue Pointer to a buffer that receives the
SHA-512 digest
+ value (64 bytes).
+
+ @retval TRUE SHA-512 digest computation succeeded.
+ @retval FALSE SHA-512 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Final (
+ IN OUT VOID *Sha512Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL || HashValue == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-512 Hash Finalization
+ //
+ return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha512Context));
+}
Added:
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512Null.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512Null.c
(rev 0)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512Null.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -0,0 +1,231 @@
+/** @file
+ SHA-384 and SHA-512 Digest Wrapper Implementations which does not provide
real capabilities.
+
+Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD
License
+which accompanies this distribution. The full text of the license may be
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-384
hash operations.
+
+ Return zero to indicate this interface is not supported.
+
+ @retval 0 This interface is not supported.
+
+**/
+UINTN
+EFIAPI
+Sha384GetContextSize (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash
context for
+ subsequent use.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[out] Sha384Context Pointer to SHA-384 context being initialized.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Init (
+ OUT VOID *Sha384Context
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Makes a copy of an existing SHA-384 context.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[in] Sha384Context Pointer to SHA-384 context being copied.
+ @param[out] NewSha384Context Pointer to new SHA-384 context.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Duplicate (
+ IN CONST VOID *Sha384Context,
+ OUT VOID *NewSha384Context
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Digests the input data and updates SHA-384 context.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[in] Data Pointer to the buffer containing the data to
be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Update (
+ IN OUT VOID *Sha384Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Completes computation of the SHA-384 digest value.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[out] HashValue Pointer to a buffer that receives the
SHA-384 digest
+ value (48 bytes).
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Final (
+ IN OUT VOID *Sha384Context,
+ OUT UINT8 *HashValue
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-512
hash operations.
+
+ Return zero to indicate this interface is not supported.
+
+ @retval 0 This interface is not supported.
+
+**/
+UINTN
+EFIAPI
+Sha512GetContextSize (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash
context for
+ subsequent use.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[out] Sha512Context Pointer to SHA-512 context being initialized.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Init (
+ OUT VOID *Sha512Context
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Makes a copy of an existing SHA-512 context.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[in] Sha512Context Pointer to SHA-512 context being copied.
+ @param[out] NewSha512Context Pointer to new SHA-512 context.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Duplicate (
+ IN CONST VOID *Sha512Context,
+ OUT VOID *NewSha512Context
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Digests the input data and updates SHA-512 context.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[in] Data Pointer to the buffer containing the data to
be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Update (
+ IN OUT VOID *Sha512Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Completes computation of the SHA-512 digest value.
+
+ Return FALSE to indicate this interface is not supported.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[out] HashValue Pointer to a buffer that receives the
SHA-512 digest
+ value (64 bytes).
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Final (
+ IN OUT VOID *Sha512Context,
+ OUT UINT8 *HashValue
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
Modified: branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
2015-08-25 05:52:47 UTC (rev 18296)
@@ -3,24 +3,25 @@
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
-# This external input must be validated carefully to avoid security issues
such as
+# This external input must be validated carefully to avoid security issues
such as
# buffer overflow or integer overflow.
#
-# Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-# TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
functions,
-# Diffie-Hellman functions, X.509 certificate handler functions, authenticode
-# signature verification functions, PEM handler functions, and pseudorandom
number
-# generator functions are not supported in this instance.
+# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest
functions,
+# HMAC-MD5 functions, HMAC-SHA1 functions, AES/TDES/ARC4 functions, RSA
external
+# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
X.509
+# certificate handler functions, authenticode signature verification
functions,
+# PEM handler functions, and pseudorandom number generator functions are not
+# supported in this instance.
#
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
# http://opensource.org/licenses/bsd-license.php
-#
+#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
IMPLIED.
-#
+#
##
[Defines]
@@ -43,6 +44,7 @@
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
+ Hash/CryptSha512Null.c
Hmac/CryptHmacMd5Null.c
Hmac/CryptHmacSha1Null.c
Cipher/CryptAesNull.c
@@ -57,6 +59,7 @@
Pk/CryptDhNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
+ Pk/CryptTsNull.c
Pem/CryptPemNull.c
Rand/CryptRandNull.c
@@ -65,26 +68,6 @@
SysCall/ConstantTimeClock.c
SysCall/BaseMemAllocation.c
-
-[Sources.Ia32]
- SysCall/Ia32/MathMultS64x64.c | MSFT
- SysCall/Ia32/MathDivU64x64.c | MSFT
- SysCall/Ia32/MathReminderU64x64.c | MSFT
- SysCall/Ia32/MathLShiftS64.c | MSFT
- SysCall/Ia32/MathRShiftU64.c | MSFT
-
- SysCall/Ia32/MathMultS64x64.c | INTEL
- SysCall/Ia32/MathDivU64x64.c | INTEL
- SysCall/Ia32/MathReminderU64x64.c | INTEL
- SysCall/Ia32/MathLShiftS64.c | INTEL
- SysCall/Ia32/MathRShiftU64.c | INTEL
-
- SysCall/Ia32/MathMultS64x64.S | GCC
- SysCall/Ia32/MathDivU64x64.S | GCC
- SysCall/Ia32/MathReminderU64x64.S | GCC
- SysCall/Ia32/MathLShiftS64.S | GCC
- SysCall/Ia32/MathRShiftU64.S | GCC
-
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
@@ -102,4 +85,3 @@
#
[BuildOptions]
GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))"
"-D__declspec(t)=__attribute__((t))"
-
Modified:
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -9,7 +9,7 @@
AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check
for
data structure.
-Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -72,6 +72,7 @@
{
BOOLEAN Status;
PKCS7 *Pkcs7;
+ CONST UINT8 *Temp;
CONST UINT8 *OrigAuthData;
UINT8 *SpcIndirectDataContent;
UINT8 Asn1Byte;
@@ -96,7 +97,8 @@
//
// Retrieve & Parse PKCS#7 Data (DER encoding) from Authenticode Signature
//
- Pkcs7 = d2i_PKCS7 (NULL, &AuthData, (int)DataSize);
+ Temp = AuthData;
+ Pkcs7 = d2i_PKCS7 (NULL, &Temp, (int)DataSize);
if (Pkcs7 == NULL) {
goto _Exit;
}
@@ -123,7 +125,7 @@
// Un-matched SPC_INDIRECT_DATA_OBJID.
//
goto _Exit;
- }
+ }
SpcIndirectDataContent = (UINT8
*)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
@@ -135,16 +137,27 @@
if ((Asn1Byte & 0x80) == 0) {
//
- // Short Form of Length Encoding
+ // Short Form of Length Encoding (Length < 128)
//
ContentSize = (UINTN) (Asn1Byte & 0x7F);
//
// Skip the SEQUENCE Tag;
//
SpcIndirectDataContent += 2;
+
+ } else if ((Asn1Byte & 0x81) == 0x81) {
+ //
+ // Long Form of Length Encoding (128 <= Length < 255, Single Octet)
+ //
+ ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2));
+ //
+ // Skip the SEQUENCE Tag;
+ //
+ SpcIndirectDataContent += 3;
+
} else if ((Asn1Byte & 0x82) == 0x82) {
//
- // Long Form of Length Encoding, only support two bytes.
+ // Long Form of Length Encoding (Length > 255, Two Octet)
//
ContentSize = (UINTN) (*(UINT8 *)(SpcIndirectDataContent + 2));
ContentSize = (ContentSize << 8) + (UINTN)(*(UINT8
*)(SpcIndirectDataContent + 3));
@@ -152,6 +165,7 @@
// Skip the SEQUENCE Tag;
//
SpcIndirectDataContent += 4;
+
} else {
goto _Exit;
}
Modified:
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -1,7 +1,7 @@
/** @file
PKCS#7 SignedData Sign Wrapper Implementation over OpenSSL.
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -116,9 +116,9 @@
if (Key == NULL) {
goto _Exit;
}
- Key->save_type = EVP_PKEY_RSA;
- Key->type = EVP_PKEY_type (EVP_PKEY_RSA);
- Key->pkey.rsa = (RSA *) RsaContext;
+ if (EVP_PKEY_assign_RSA (Key, (RSA *) RsaContext) == 0) {
+ goto _Exit;
+ }
//
// Convert the data to be signed to BIO format.
@@ -175,7 +175,7 @@
}
CopyMem (*SignedData, P7Data + 19, *SignedDataSize);
-
+
OPENSSL_free (P7Data);
Status = TRUE;
Modified:
branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
===================================================================
--- branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
2015-08-25 03:11:06 UTC (rev 18295)
+++ branches/UDK2014.SP1/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
2015-08-25 05:52:47 UTC (rev 18296)
@@ -10,7 +10,7 @@
WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
Variable and will do basic check for data structure.
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -123,7 +123,7 @@
@param[in] P7Length Length of the PKCS#7 message in bytes.
@param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise
return FALSE.
- @param[out] WrapData If return status of this function is TRUE:
+ @param[out] WrapData If return status of this function is TRUE:
1) when WrapFlag is TRUE, pointer to P7Data.
2) when WrapFlag is FALSE, pointer to a new
ContentInfo
structure. It's caller's responsibility to free this
@@ -227,7 +227,7 @@
@param[in] X509Stack Pointer to a X509 stack object.
@param[out] Cert Pointer to a X509 certificate.
@param[out] CertSize Length of output X509 certificate in bytes.
-
+
@retval TRUE The X509 stack pop succeeded.
@retval FALSE The pop operation failed.
@@ -273,7 +273,7 @@
goto _Exit;
}
- Length = ((BUF_MEM *) CertBio->ptr)->length;
+ Length = (INT32)(((BUF_MEM *) CertBio->ptr)->length);
if (Length <= 0) {
goto _Exit;
}
@@ -343,7 +343,7 @@
PKCS7 *Pkcs7;
BOOLEAN Status;
UINT8 *SignedData;
- UINT8 *Temp;
+ CONST UINT8 *Temp;
UINTN SignedDataSize;
BOOLEAN Wrapped;
STACK_OF(X509) *Stack;
@@ -359,7 +359,7 @@
(TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) {
return FALSE;
}
-
+
Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData,
&SignedDataSize);
if (!Status) {
return Status;
@@ -410,7 +410,7 @@
//
BufferSize = sizeof (UINT8);
OldSize = BufferSize;
-
+
for (Index = 0; ; Index++) {
Status = X509PopCertificate (Stack, &SingleCert, &SingleCertSize);
if (!Status) {
@@ -455,7 +455,7 @@
*CertStack = CertBuf;
*StackLength = BufferSize;
Status = TRUE;
- }
+ }
_Exit:
//
@@ -485,7 +485,7 @@
if (OldBuf != NULL) {
free (OldBuf);
}
-
+
return Status;
}
@@ -549,18 +549,18 @@
X509 *Cert;
@@ Diff output truncated at 100000 characters. @@
------------------------------------------------------------------------------
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
