Merge "Require DeleteAllKeys to work regardless of rollback resistance tag" into main
diff --git a/automotive/evs/aidl/Android.bp b/automotive/evs/aidl/Android.bp
index 9f5ab97..c990e25 100644
--- a/automotive/evs/aidl/Android.bp
+++ b/automotive/evs/aidl/Android.bp
@@ -52,14 +52,14 @@
version: "1",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
{
version: "2",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
diff --git a/bluetooth/socket/aidl/Android.bp b/bluetooth/socket/aidl/Android.bp
index 44e7f5a..77679f8 100644
--- a/bluetooth/socket/aidl/Android.bp
+++ b/bluetooth/socket/aidl/Android.bp
@@ -26,8 +26,14 @@
vendor_available: true,
host_supported: true,
srcs: ["android/hardware/bluetooth/socket/*.aidl"],
+ imports: [
+ "android.hardware.contexthub-V4",
+ ],
stability: "vintf",
backend: {
+ java: {
+ enabled: false,
+ },
ndk: {
apex_available: [
"//apex_available:platform",
diff --git a/bluetooth/socket/aidl/aidl_api/android.hardware.bluetooth.socket/current/android/hardware/bluetooth/socket/SocketContext.aidl b/bluetooth/socket/aidl/aidl_api/android.hardware.bluetooth.socket/current/android/hardware/bluetooth/socket/SocketContext.aidl
index e5b31c2..6844d31 100644
--- a/bluetooth/socket/aidl/aidl_api/android.hardware.bluetooth.socket/current/android/hardware/bluetooth/socket/SocketContext.aidl
+++ b/bluetooth/socket/aidl/aidl_api/android.hardware.bluetooth.socket/current/android/hardware/bluetooth/socket/SocketContext.aidl
@@ -38,6 +38,5 @@
String name;
int aclConnectionHandle;
android.hardware.bluetooth.socket.ChannelInfo channelInfo;
- long hubId;
- long endpointId;
+ android.hardware.contexthub.EndpointId endpointId;
}
diff --git a/bluetooth/socket/aidl/android/hardware/bluetooth/socket/SocketContext.aidl b/bluetooth/socket/aidl/android/hardware/bluetooth/socket/SocketContext.aidl
index 5e9be31..1f9be07 100644
--- a/bluetooth/socket/aidl/android/hardware/bluetooth/socket/SocketContext.aidl
+++ b/bluetooth/socket/aidl/android/hardware/bluetooth/socket/SocketContext.aidl
@@ -17,6 +17,7 @@
package android.hardware.bluetooth.socket;
import android.hardware.bluetooth.socket.ChannelInfo;
+import android.hardware.contexthub.EndpointId;
/**
* Socket context.
@@ -48,12 +49,7 @@
ChannelInfo channelInfo;
/**
- * The ID of the Hub to which the end point belongs for hardware offload data path.
+ * Unique identifier for an endpoint at the hardware offload data path.
*/
- long hubId;
-
- /**
- * The ID of the Hub endpoint for hardware offload data path.
- */
- long endpointId;
+ EndpointId endpointId;
}
diff --git a/bluetooth/socket/aidl/default/Android.bp b/bluetooth/socket/aidl/default/Android.bp
index 10e673c..a730057 100644
--- a/bluetooth/socket/aidl/default/Android.bp
+++ b/bluetooth/socket/aidl/default/Android.bp
@@ -32,6 +32,7 @@
],
static_libs: [
"android.hardware.bluetooth.socket-V1-ndk",
+ "android.hardware.contexthub-V4-ndk",
"liblog",
],
fuzz_config: {
diff --git a/bluetooth/socket/aidl/vts/Android.bp b/bluetooth/socket/aidl/vts/Android.bp
index fa9e3b1..174dd4b 100644
--- a/bluetooth/socket/aidl/vts/Android.bp
+++ b/bluetooth/socket/aidl/vts/Android.bp
@@ -18,6 +18,7 @@
],
static_libs: [
"android.hardware.bluetooth.socket-V1-ndk",
+ "android.hardware.contexthub-V4-ndk",
"libbluetooth-types",
],
test_suites: [
diff --git a/camera/device/aidl/Android.bp b/camera/device/aidl/Android.bp
index 31c2dbe..9285eef 100644
--- a/camera/device/aidl/Android.bp
+++ b/camera/device/aidl/Android.bp
@@ -40,7 +40,7 @@
"android.hardware.common.fmq-V1",
"android.hardware.camera.common-V1",
"android.hardware.camera.metadata-V1",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
{
@@ -50,7 +50,7 @@
"android.hardware.common.fmq-V1",
"android.hardware.camera.common-V1",
"android.hardware.camera.metadata-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
{
@@ -60,7 +60,7 @@
"android.hardware.common.fmq-V1",
"android.hardware.camera.common-V1",
"android.hardware.camera.metadata-V3",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
diff --git a/contexthub/aidl/Android.bp b/contexthub/aidl/Android.bp
index eaa47c6..674f8af 100644
--- a/contexthub/aidl/Android.bp
+++ b/contexthub/aidl/Android.bp
@@ -33,7 +33,12 @@
sdk_version: "module_current",
},
ndk: {
- apps_enabled: false,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.btservices",
+ ],
+ min_sdk_version: "33",
+ apps_enabled: true,
},
rust: {
enabled: true,
diff --git a/graphics/Android.bp b/graphics/Android.bp
index ac5c17f..8c6b3e5 100644
--- a/graphics/Android.bp
+++ b/graphics/Android.bp
@@ -56,28 +56,28 @@
aidl_interface_defaults {
name: "android.hardware.graphics.common-latest",
imports: [
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
}
rust_defaults {
name: "android.hardware.graphics.common-latest-rust",
rustlibs: [
- "android.hardware.graphics.common-V5-rust",
+ "android.hardware.graphics.common-V6-rust",
],
}
cc_defaults {
name: "android.hardware.graphics.common-ndk_static",
static_libs: [
- "android.hardware.graphics.common-V5-ndk",
+ "android.hardware.graphics.common-V6-ndk",
],
}
cc_defaults {
name: "android.hardware.graphics.common-ndk_shared",
shared_libs: [
- "android.hardware.graphics.common-V5-ndk",
+ "android.hardware.graphics.common-V6-ndk",
],
}
diff --git a/graphics/allocator/aidl/Android.bp b/graphics/allocator/aidl/Android.bp
index 30b341c..3f74b23 100644
--- a/graphics/allocator/aidl/Android.bp
+++ b/graphics/allocator/aidl/Android.bp
@@ -45,7 +45,7 @@
version: "2",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
diff --git a/graphics/composer/aidl/Android.bp b/graphics/composer/aidl/Android.bp
index ace940a..d24897d 100644
--- a/graphics/composer/aidl/Android.bp
+++ b/graphics/composer/aidl/Android.bp
@@ -58,21 +58,21 @@
{
version: "1",
imports: [
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
"android.hardware.common-V2",
],
},
{
version: "2",
imports: [
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
"android.hardware.common-V2",
],
},
{
version: "3",
imports: [
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
"android.hardware.common-V2",
],
},
diff --git a/graphics/mapper/4.0/utils/vts/Android.bp b/graphics/mapper/4.0/utils/vts/Android.bp
index c5f124c..1be460e 100644
--- a/graphics/mapper/4.0/utils/vts/Android.bp
+++ b/graphics/mapper/4.0/utils/vts/Android.bp
@@ -48,7 +48,7 @@
],
export_static_lib_headers: [
"android.hardware.graphics.allocator@4.0",
- "android.hardware.graphics.common-V5-ndk",
+ "android.hardware.graphics.common-V6-ndk",
"android.hardware.graphics.mapper@4.0",
],
export_include_dirs: ["include"],
diff --git a/neuralnetworks/aidl/Android.bp b/neuralnetworks/aidl/Android.bp
index 9589750..45b34e6 100644
--- a/neuralnetworks/aidl/Android.bp
+++ b/neuralnetworks/aidl/Android.bp
@@ -43,28 +43,28 @@
version: "1",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
{
version: "2",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
{
version: "3",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
{
version: "4",
imports: [
"android.hardware.common-V2",
- "android.hardware.graphics.common-V5",
+ "android.hardware.graphics.common-V6",
],
},
diff --git a/radio/aidl/android/hardware/radio/modem/HardwareConfigModem.aidl b/radio/aidl/android/hardware/radio/modem/HardwareConfigModem.aidl
index 4818c9e..0389170 100644
--- a/radio/aidl/android/hardware/radio/modem/HardwareConfigModem.aidl
+++ b/radio/aidl/android/hardware/radio/modem/HardwareConfigModem.aidl
@@ -32,9 +32,12 @@
*/
int rilModel;
/**
- * Bitset value, based on RadioTechnology.
+ * All supported radio technologies.
+ *
+ * Despite the stated type, this is an int bitset: a mask where each bit position represents a
+ * radio technology.
*/
- RadioTechnology rat = RadioTechnology.UNKNOWN;
+ RadioTechnology rat = RadioTechnology.UNKNOWN; // it's really an empty bitmask
/**
* Maximum number of concurrent active voice calls.
*/
diff --git a/security/keymint/aidl/default/hal/lib.rs b/security/keymint/aidl/default/hal/lib.rs
index 621f077..fad807f 100644
--- a/security/keymint/aidl/default/hal/lib.rs
+++ b/security/keymint/aidl/default/hal/lib.rs
@@ -47,11 +47,9 @@
/// Get boot information based on system properties.
pub fn get_boot_info() -> kmr_wire::SetBootInfoRequest {
- // No access to a verified boot key.
- let verified_boot_key = vec![0; 32];
let vbmeta_digest = get_property("ro.boot.vbmeta.digest").unwrap_or_else(|_| "00".repeat(32));
let verified_boot_hash = hex::decode(&vbmeta_digest).unwrap_or_else(|_e| {
- error!("failed to parse hex data in '{}'", vbmeta_digest);
+ error!("failed to parse VBMeta digest hex data in '{vbmeta_digest}': {_e:?}");
vec![0; 32]
});
let device_boot_locked = match get_property("ro.boot.vbmeta.device_state")
@@ -65,6 +63,18 @@
false
}
};
+ let verified_boot_key_digest =
+ get_property("ro.boot.vbmeta.public_key_digest").unwrap_or_else(|_| "00".repeat(32));
+ let verified_boot_key = match device_boot_locked {
+ true => hex::decode(&verified_boot_key_digest).unwrap_or_else(|_e| {
+ error!("Failed to parse Verified Boot key hex data in '{verified_boot_key_digest}': {_e:?}");
+ vec![0; 32]
+ }),
+ // VTS-16+ requires the attested Verified Boot key to be 32 bytes of zeroes when the
+ // bootloader is unlocked, so we ignore the property's value in that case. Behaviour
+ // prior to VTS-16 is unspecified, so it's fine to return the same.
+ false => vec![0; 32],
+ };
let verified_boot_state = match get_property("ro.boot.verifiedbootstate")
.unwrap_or_else(|_| "no-prop".to_string())
.as_str()
diff --git a/security/keymint/support/include/remote_prov/remote_prov_utils.h b/security/keymint/support/include/remote_prov/remote_prov_utils.h
index 6cb00f2..9035d79 100644
--- a/security/keymint/support/include/remote_prov/remote_prov_utils.h
+++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h
@@ -29,6 +29,11 @@
using bytevec = std::vector<uint8_t>;
using namespace cppcose;
+constexpr std::string_view kErrorChallengeMismatch = "challenges do not match";
+constexpr std::string_view kErrorUdsCertsAreRequired = "UdsCerts are required";
+constexpr std::string_view kErrorKeysToSignMismatch = "KeysToSign do not match";
+constexpr std::string_view kErrorDiceChainIsDegenerate = "DICE chain is degenerate";
+
extern bytevec kTestMacKey;
// The Google root key for the Endpoint Encryption Key chain, encoded as COSE_Sign1
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index e11f021..ccb2768 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -123,37 +123,6 @@
return std::make_tuple(std::move(pubX), std::move(pubY));
}
-ErrMsgOr<bytevec> getRawPublicKey(const EVP_PKEY_Ptr& pubKey) {
- if (pubKey.get() == nullptr) {
- return "pkey is null.";
- }
- int keyType = EVP_PKEY_base_id(pubKey.get());
- switch (keyType) {
- case EVP_PKEY_EC: {
- int nid = EVP_PKEY_bits(pubKey.get()) == 384 ? NID_secp384r1 : NID_X9_62_prime256v1;
- auto ecKey = EC_KEY_Ptr(EVP_PKEY_get1_EC_KEY(pubKey.get()));
- if (ecKey.get() == nullptr) {
- return "Failed to get ec key";
- }
- return ecKeyGetPublicKey(ecKey.get(), nid);
- }
- case EVP_PKEY_ED25519: {
- bytevec rawPubKey;
- size_t rawKeySize = 0;
- if (!EVP_PKEY_get_raw_public_key(pubKey.get(), NULL, &rawKeySize)) {
- return "Failed to get raw public key.";
- }
- rawPubKey.resize(rawKeySize);
- if (!EVP_PKEY_get_raw_public_key(pubKey.get(), rawPubKey.data(), &rawKeySize)) {
- return "Failed to get raw public key.";
- }
- return rawPubKey;
- }
- default:
- return "Unknown key type.";
- }
-}
-
ErrMsgOr<std::tuple<bytevec, bytevec>> generateEc256KeyPair() {
auto ec_key = EC_KEY_Ptr(EC_KEY_new());
if (ec_key.get() == nullptr) {
@@ -166,7 +135,7 @@
}
if (EC_KEY_set_group(ec_key.get(), group.get()) != 1 ||
- EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) < 0) {
+ EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) != 1) {
return "Error generating key";
}
@@ -331,17 +300,22 @@
return chain.encode();
}
+bool maybeOverrideAllowAnyMode(bool allowAnyMode) {
+ // Use ro.build.type instead of ro.debuggable because ro.debuggable=1 for VTS testing
+ std::string build_type = ::android::base::GetProperty("ro.build.type", "");
+ if (!build_type.empty() && build_type != "user") {
+ return true;
+ }
+ return allowAnyMode;
+}
+
ErrMsgOr<std::vector<BccEntryData>> validateBcc(const cppbor::Array* bcc,
hwtrust::DiceChain::Kind kind, bool allowAnyMode,
bool allowDegenerate,
const std::string& instanceName) {
auto encodedBcc = bcc->encode();
- // Use ro.build.type instead of ro.debuggable because ro.debuggable=1 for VTS testing
- std::string build_type = ::android::base::GetProperty("ro.build.type", "");
- if (!build_type.empty() && build_type != "user") {
- allowAnyMode = true;
- }
+ allowAnyMode = maybeOverrideAllowAnyMode(allowAnyMode);
auto chain =
hwtrust::DiceChain::Verify(encodedBcc, kind, allowAnyMode, deviceSuffix(instanceName));
@@ -779,233 +753,9 @@
/*isFactory=*/false, allowAnyMode);
}
-ErrMsgOr<X509_Ptr> parseX509Cert(const std::vector<uint8_t>& cert) {
- CRYPTO_BUFFER_Ptr certBuf(CRYPTO_BUFFER_new(cert.data(), cert.size(), nullptr));
- if (!certBuf.get()) {
- return "Failed to create crypto buffer.";
- }
- X509_Ptr result(X509_parse_from_buffer(certBuf.get()));
- if (!result.get()) {
- return "Failed to parse certificate.";
- }
- return result;
-}
-
-std::string getX509IssuerName(const X509_Ptr& cert) {
- char* name = X509_NAME_oneline(X509_get_issuer_name(cert.get()), nullptr, 0);
- std::string result(name);
- OPENSSL_free(name);
- return result;
-}
-
-std::string getX509SubjectName(const X509_Ptr& cert) {
- char* name = X509_NAME_oneline(X509_get_subject_name(cert.get()), nullptr, 0);
- std::string result(name);
- OPENSSL_free(name);
- return result;
-}
-
-// Validates the certificate chain and returns the leaf public key.
-ErrMsgOr<bytevec> validateCertChain(const cppbor::Array& chain) {
- bytevec rawPubKey;
- for (size_t i = 0; i < chain.size(); ++i) {
- // Root must be self-signed.
- size_t signingCertIndex = (i > 0) ? i - 1 : i;
- auto& keyCertItem = chain[i];
- auto& signingCertItem = chain[signingCertIndex];
- if (!keyCertItem || !keyCertItem->asBstr()) {
- return "Key certificate must be a Bstr.";
- }
- if (!signingCertItem || !signingCertItem->asBstr()) {
- return "Signing certificate must be a Bstr.";
- }
-
- auto keyCert = parseX509Cert(keyCertItem->asBstr()->value());
- if (!keyCert) {
- return keyCert.message();
- }
- auto signingCert = parseX509Cert(signingCertItem->asBstr()->value());
- if (!signingCert) {
- return signingCert.message();
- }
-
- EVP_PKEY_Ptr pubKey(X509_get_pubkey(keyCert->get()));
- if (!pubKey.get()) {
- return "Failed to get public key.";
- }
- EVP_PKEY_Ptr signingPubKey(X509_get_pubkey(signingCert->get()));
- if (!signingPubKey.get()) {
- return "Failed to get signing public key.";
- }
-
- if (!X509_verify(keyCert->get(), signingPubKey.get())) {
- return "Verification of certificate " + std::to_string(i) +
- " faile. OpenSSL error string: " + ERR_error_string(ERR_get_error(), NULL);
- }
-
- auto certIssuer = getX509IssuerName(*keyCert);
- auto signerSubj = getX509SubjectName(*signingCert);
- if (certIssuer != signerSubj) {
- return "Certificate " + std::to_string(i) + " has wrong issuer. Signer subject is " +
- signerSubj + " Issuer subject is " + certIssuer;
- }
- if (i == chain.size() - 1) {
- auto key = getRawPublicKey(pubKey);
- if (!key) return key.moveMessage();
- rawPubKey = key.moveValue();
- }
- }
- return rawPubKey;
-}
-
-std::optional<std::string> validateUdsCerts(const cppbor::Map& udsCerts,
- const bytevec& udsCoseKeyBytes) {
- for (const auto& [signerName, udsCertChain] : udsCerts) {
- if (!signerName || !signerName->asTstr()) {
- return "Signer Name must be a Tstr.";
- }
- if (!udsCertChain || !udsCertChain->asArray()) {
- return "UDS certificate chain must be an Array.";
- }
- if (udsCertChain->asArray()->size() < 2) {
- return "UDS certificate chain must have at least two entries: root and leaf.";
- }
-
- auto leafPubKey = validateCertChain(*udsCertChain->asArray());
- if (!leafPubKey) {
- return leafPubKey.message();
- }
- auto coseKey = CoseKey::parse(udsCoseKeyBytes);
- if (!coseKey) {
- return coseKey.moveMessage();
- }
- auto curve = coseKey->getIntValue(CoseKey::CURVE);
- if (!curve) {
- return "CoseKey must contain curve.";
- }
- bytevec udsPub;
- if (curve == CoseKeyCurve::P256 || curve == CoseKeyCurve::P384) {
- auto pubKey = coseKey->getEcPublicKey();
- if (!pubKey) {
- return pubKey.moveMessage();
- }
- // convert public key to uncompressed form by prepending 0x04 at begin.
- pubKey->insert(pubKey->begin(), 0x04);
- udsPub = pubKey.moveValue();
- } else if (curve == CoseKeyCurve::ED25519) {
- auto& pubkey = coseKey->getMap().get(cppcose::CoseKey::PUBKEY_X);
- if (!pubkey || !pubkey->asBstr()) {
- return "Invalid public key.";
- }
- udsPub = pubkey->asBstr()->value();
- } else {
- return "Unknown curve.";
- }
- if (*leafPubKey != udsPub) {
- return "Leaf public key in UDS certificate chain doesn't match UDS public key.";
- }
- }
- return std::nullopt;
-}
-
-ErrMsgOr<std::unique_ptr<cppbor::Array>> parseAndValidateCsrPayload(
- const cppbor::Array& keysToSign, const std::vector<uint8_t>& csrPayload,
- const RpcHardwareInfo& rpcHardwareInfo, bool isFactory) {
- auto [parsedCsrPayload, _, errMsg] = cppbor::parse(csrPayload);
- if (!parsedCsrPayload) {
- return errMsg;
- }
-
- std::unique_ptr<cppbor::Array> parsed(parsedCsrPayload.release()->asArray());
- if (!parsed) {
- return "CSR payload is not a CBOR array.";
- }
-
- if (parsed->size() != 4U) {
- return "CSR payload must contain version, certificate type, device info, keys. "
- "However, the parsed CSR payload has " +
- std::to_string(parsed->size()) + " entries.";
- }
-
- auto signedVersion = parsed->get(0)->asUint();
- auto signedCertificateType = parsed->get(1)->asTstr();
- auto signedDeviceInfo = parsed->get(2)->asMap();
- auto signedKeys = parsed->get(3)->asArray();
-
- if (!signedVersion || signedVersion->value() != 3U) {
- return "CSR payload version must be an unsigned integer and must be equal to 3.";
- }
- if (!signedCertificateType) {
- // Certificate type is allowed to be extendend by vendor, i.e. we can't
- // enforce its value.
- return "Certificate type must be a Tstr.";
- }
- if (!signedDeviceInfo) {
- return "Device info must be an Map.";
- }
- if (!signedKeys) {
- return "Keys must be an Array.";
- }
-
- auto result =
- parseAndValidateDeviceInfo(signedDeviceInfo->encode(), rpcHardwareInfo, isFactory);
- if (!result) {
- return result.message();
- }
-
- if (signedKeys->encode() != keysToSign.encode()) {
- return "Signed keys do not match.";
- }
-
- return std::move(parsed);
-}
-
-ErrMsgOr<bytevec> parseAndValidateAuthenticatedRequestSignedPayload(
- const std::vector<uint8_t>& signedPayload, const std::vector<uint8_t>& challenge) {
- auto [parsedSignedPayload, _, errMsg] = cppbor::parse(signedPayload);
- if (!parsedSignedPayload) {
- return errMsg;
- }
- if (!parsedSignedPayload->asArray()) {
- return "SignedData payload is not a CBOR array.";
- }
- if (parsedSignedPayload->asArray()->size() != 2U) {
- return "SignedData payload must contain the challenge and request. However, the parsed "
- "SignedData payload has " +
- std::to_string(parsedSignedPayload->asArray()->size()) + " entries.";
- }
-
- auto signedChallenge = parsedSignedPayload->asArray()->get(0)->asBstr();
- auto signedRequest = parsedSignedPayload->asArray()->get(1)->asBstr();
-
- if (!signedChallenge) {
- return "Challenge must be a Bstr.";
- }
-
- if (challenge.size() > 64) {
- return "Challenge size must be between 0 and 64 bytes inclusive. "
- "However, challenge is " +
- std::to_string(challenge.size()) + " bytes long.";
- }
-
- auto challengeBstr = cppbor::Bstr(challenge);
- if (*signedChallenge != challengeBstr) {
- return "Signed challenge does not match."
- "\n Actual: " +
- cppbor::prettyPrint(signedChallenge->asBstr(), 64 /* maxBStrSize */) +
- "\nExpected: " + cppbor::prettyPrint(&challengeBstr, 64 /* maxBStrSize */);
- }
-
- if (!signedRequest) {
- return "Request must be a Bstr.";
- }
-
- return signedRequest->value();
-}
-
ErrMsgOr<hwtrust::DiceChain::Kind> getDiceChainKind() {
int vendor_api_level = ::android::base::GetIntProperty("ro.vendor.api_level", -1);
- if (vendor_api_level == __ANDROID_API_T__) {
+ if (vendor_api_level <= __ANDROID_API_T__) {
return hwtrust::DiceChain::Kind::kVsr13;
} else if (vendor_api_level == __ANDROID_API_U__) {
return hwtrust::DiceChain::Kind::kVsr14;
@@ -1018,87 +768,8 @@
}
}
-ErrMsgOr<bytevec> parseAndValidateAuthenticatedRequest(const std::vector<uint8_t>& request,
- const std::vector<uint8_t>& challenge,
- const std::string& instanceName,
- bool allowAnyMode = false,
- bool allowDegenerate = true,
- bool requireUdsCerts = false) {
- auto [parsedRequest, _, csrErrMsg] = cppbor::parse(request);
- if (!parsedRequest) {
- return csrErrMsg;
- }
- if (!parsedRequest->asArray()) {
- return "AuthenticatedRequest is not a CBOR array.";
- }
- if (parsedRequest->asArray()->size() != 4U) {
- return "AuthenticatedRequest must contain version, UDS certificates, DICE chain, and "
- "signed data. However, the parsed AuthenticatedRequest has " +
- std::to_string(parsedRequest->asArray()->size()) + " entries.";
- }
-
- auto version = parsedRequest->asArray()->get(0)->asUint();
- auto udsCerts = parsedRequest->asArray()->get(1)->asMap();
- auto diceCertChain = parsedRequest->asArray()->get(2)->asArray();
- auto signedData = parsedRequest->asArray()->get(3)->asArray();
-
- if (!version || version->value() != 1U) {
- return "AuthenticatedRequest version must be an unsigned integer and must be equal to 1.";
- }
-
- if (!udsCerts) {
- return "AuthenticatedRequest UdsCerts must be a Map.";
- }
- if (requireUdsCerts && udsCerts->size() == 0) {
- return "AuthenticatedRequest UdsCerts must not be empty.";
- }
- if (!diceCertChain) {
- return "AuthenticatedRequest DiceCertChain must be an Array.";
- }
- if (!signedData) {
- return "AuthenticatedRequest SignedData must be an Array.";
- }
-
- // DICE chain is [ pubkey, + DiceChainEntry ].
- auto diceChainKind = getDiceChainKind();
- if (!diceChainKind) {
- return diceChainKind.message();
- }
-
- auto diceContents =
- validateBcc(diceCertChain, *diceChainKind, allowAnyMode, allowDegenerate, instanceName);
- if (!diceContents) {
- return diceContents.message() + "\n" + prettyPrint(diceCertChain);
- }
-
- if (!diceCertChain->get(0)->asMap()) {
- return "AuthenticatedRequest The first entry in DiceCertChain must be a Map.";
- }
- auto udsPub = diceCertChain->get(0)->asMap()->encode();
- auto error = validateUdsCerts(*udsCerts, udsPub);
- if (error) {
- return *error;
- }
-
- if (diceContents->empty()) {
- return "AuthenticatedRequest DiceContents must not be empty.";
- }
- auto& kmDiceKey = diceContents->back().pubKey;
- auto signedPayload = verifyAndParseCoseSign1(signedData, kmDiceKey, /*aad=*/{});
- if (!signedPayload) {
- return signedPayload.message();
- }
-
- auto payload = parseAndValidateAuthenticatedRequestSignedPayload(*signedPayload, challenge);
- if (!payload) {
- return payload.message();
- }
-
- return payload;
-}
-
ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyCsr(
- const cppbor::Array& keysToSign, const std::vector<uint8_t>& csr,
+ const cppbor::Array& keysToSign, const std::vector<uint8_t>& encodedCsr,
const RpcHardwareInfo& rpcHardwareInfo, const std::string& instanceName,
const std::vector<uint8_t>& challenge, bool isFactory, bool allowAnyMode = false,
bool allowDegenerate = true, bool requireUdsCerts = false) {
@@ -1108,14 +779,68 @@
") does not match expected version (3).";
}
- auto csrPayload = parseAndValidateAuthenticatedRequest(
- csr, challenge, instanceName, allowAnyMode, allowDegenerate, requireUdsCerts);
-
- if (!csrPayload) {
- return csrPayload.message();
+ auto diceChainKind = getDiceChainKind();
+ if (!diceChainKind) {
+ return diceChainKind.message();
}
- return parseAndValidateCsrPayload(keysToSign, *csrPayload, rpcHardwareInfo, isFactory);
+ allowAnyMode = maybeOverrideAllowAnyMode(allowAnyMode);
+
+ auto csr = hwtrust::Csr::validate(encodedCsr, *diceChainKind, isFactory, allowAnyMode,
+ deviceSuffix(instanceName));
+
+ if (!csr.ok()) {
+ return csr.error().message();
+ }
+
+ if (!allowDegenerate) {
+ auto diceChain = csr->getDiceChain();
+ if (!diceChain.ok()) {
+ return diceChain.error().message();
+ }
+
+ if (!diceChain->IsProper()) {
+ return kErrorDiceChainIsDegenerate;
+ }
+ }
+
+ if (requireUdsCerts && !csr->hasUdsCerts()) {
+ return kErrorUdsCertsAreRequired;
+ }
+
+ auto equalChallenges = csr->compareChallenge(challenge);
+ if (!equalChallenges.ok()) {
+ return equalChallenges.error().message();
+ }
+
+ if (!*equalChallenges) {
+ return kErrorChallengeMismatch;
+ }
+
+ auto equalKeysToSign = csr->compareKeysToSign(keysToSign.encode());
+ if (!equalKeysToSign.ok()) {
+ return equalKeysToSign.error().message();
+ }
+
+ if (!*equalKeysToSign) {
+ return kErrorKeysToSignMismatch;
+ }
+
+ auto csrPayload = csr->getCsrPayload();
+ if (!csrPayload) {
+ return csrPayload.error().message();
+ }
+
+ auto [csrPayloadDecoded, _, errMsg] = cppbor::parse(*csrPayload);
+ if (!csrPayloadDecoded) {
+ return errMsg;
+ }
+
+ if (!csrPayloadDecoded->asArray()) {
+ return "CSR payload is not an array.";
+ }
+
+ return std::unique_ptr<cppbor::Array>(csrPayloadDecoded.release()->asArray());
}
ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyFactoryCsr(
@@ -1143,8 +868,8 @@
return diceChainKind.message();
}
- auto csr = hwtrust::Csr::validate(encodedCsr, *diceChainKind, false /*allowAnyMode*/,
- deviceSuffix(instanceName));
+ auto csr = hwtrust::Csr::validate(encodedCsr, *diceChainKind, false /*isFactory*/,
+ false /*allowAnyMode*/, deviceSuffix(instanceName));
if (!csr.ok()) {
return csr.error().message();
}
diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp
index 6f6a2d6..4ea8bd8 100644
--- a/security/keymint/support/remote_prov_utils_test.cpp
+++ b/security/keymint/support/remote_prov_utils_test.cpp
@@ -81,75 +81,88 @@
0x50, 0x12, 0x82, 0x37, 0xfe, 0xa4, 0x07, 0xc3, 0xd5, 0xc3, 0x78, 0xcc, 0xf9, 0xef, 0xe1,
0x95, 0x38, 0x9f, 0xb0, 0x79, 0x16, 0x4c, 0x4a, 0x23, 0xc4, 0xdc, 0x35, 0x4e, 0x0f};
+inline const std::vector<uint8_t> kKeysToSignForCsrWithDegenerateDiceChain{
+ 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x1d, 0x94, 0xf2, 0x27,
+ 0xc3, 0x70, 0x01, 0xde, 0x3c, 0xaf, 0x6f, 0xfd, 0x78, 0x08, 0x37, 0x39, 0x21, 0xdd, 0x46,
+ 0x6f, 0x08, 0x4f, 0x77, 0xf7, 0x80, 0x34, 0x30, 0x74, 0x78, 0x69, 0xeb, 0xb1, 0x22, 0x58,
+ 0x20, 0x6b, 0x71, 0xd7, 0x7f, 0x0e, 0x51, 0xb2, 0xc9, 0x3d, 0x1a, 0xa0, 0xe8, 0x7a, 0x0d,
+ 0x57, 0xfc, 0x91, 0xd0, 0x68, 0xf9, 0x33, 0x5f, 0x80, 0x29, 0x00, 0x80, 0x98, 0x78, 0x63,
+ 0x5b, 0x30, 0x24, 0x23, 0x58, 0x20, 0x09, 0x83, 0xa6, 0x5a, 0xbb, 0x3a, 0xf8, 0x90, 0x88,
+ 0x87, 0x16, 0x37, 0xb4, 0xe7, 0x11, 0x9b, 0xcc, 0xbb, 0x15, 0x82, 0xa9, 0x97, 0xa5, 0xad,
+ 0xa9, 0x85, 0x39, 0x30, 0x55, 0x46, 0x99, 0xc6, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01,
+ 0x21, 0x58, 0x20, 0xa8, 0xaa, 0x4b, 0x63, 0x86, 0xf6, 0x5c, 0xe4, 0x28, 0xda, 0x26, 0x3f,
+ 0x9a, 0x42, 0x6e, 0xb9, 0x2b, 0x4d, 0x5a, 0x49, 0x4c, 0x5f, 0x1a, 0xa2, 0x5f, 0xd4, 0x8f,
+ 0x84, 0xd7, 0x25, 0xe4, 0x6c, 0x22, 0x58, 0x20, 0x6b, 0xef, 0xde, 0xd6, 0x04, 0x58, 0x12,
+ 0xdb, 0xf8, 0x90, 0x2c, 0x9c, 0xe0, 0x5e, 0x43, 0xbc, 0xcf, 0x22, 0x01, 0x4d, 0x5c, 0x0c,
+ 0x86, 0x7b, 0x66, 0xd2, 0xa1, 0xfc, 0x69, 0x8a, 0x91, 0xfc, 0x23, 0x58, 0x20, 0x31, 0xaf,
+ 0x30, 0x85, 0x1f, 0x2a, 0x82, 0xe1, 0x9c, 0xda, 0xe5, 0x68, 0xed, 0x79, 0xc1, 0x35, 0x1a,
+ 0x02, 0xb4, 0x8a, 0xd2, 0x4c, 0xc4, 0x70, 0x6b, 0x88, 0x98, 0x23, 0x9e, 0xb3, 0x52, 0xb1};
+
inline const std::vector<uint8_t> kCsrWithDegenerateDiceChain{
- 0x85, 0x01, 0xa0, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x65,
- 0xe0, 0x51, 0x62, 0x45, 0x17, 0xcc, 0xa8, 0x40, 0x41, 0x6d, 0xc0, 0x86, 0x7a, 0x15, 0x6e,
- 0xee, 0x04, 0xae, 0xbd, 0x05, 0x13, 0x36, 0xcb, 0xd2, 0x8d, 0xd8, 0x80, 0x16, 0xc1, 0x69,
- 0x0d, 0x22, 0x58, 0x20, 0xea, 0xa1, 0x37, 0xd5, 0x01, 0xbd, 0xe0, 0x25, 0x6a, 0x3d, 0x4c,
- 0xcd, 0x31, 0xa1, 0x4d, 0xa6, 0x80, 0x82, 0x03, 0x40, 0xe2, 0x88, 0x81, 0x53, 0xc3, 0xb3,
- 0x6d, 0xf7, 0xf4, 0x10, 0xde, 0x96, 0x23, 0x58, 0x20, 0x24, 0x69, 0x44, 0x6e, 0xf5, 0xcc,
- 0x18, 0xfe, 0x63, 0xac, 0x5e, 0x85, 0x9c, 0xfc, 0x9d, 0xfa, 0x90, 0xee, 0x6c, 0xc2, 0x22,
- 0x49, 0x02, 0xc7, 0x93, 0xf4, 0x30, 0xf1, 0x51, 0x11, 0x20, 0x33, 0x84, 0x43, 0xa1, 0x01,
- 0x26, 0xa0, 0x58, 0x97, 0xa5, 0x01, 0x66, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x02, 0x67,
- 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a,
- 0x00, 0x47, 0x44, 0x57, 0x58, 0x70, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58,
- 0x20, 0x65, 0xe0, 0x51, 0x62, 0x45, 0x17, 0xcc, 0xa8, 0x40, 0x41, 0x6d, 0xc0, 0x86, 0x7a,
- 0x15, 0x6e, 0xee, 0x04, 0xae, 0xbd, 0x05, 0x13, 0x36, 0xcb, 0xd2, 0x8d, 0xd8, 0x80, 0x16,
- 0xc1, 0x69, 0x0d, 0x22, 0x58, 0x20, 0xea, 0xa1, 0x37, 0xd5, 0x01, 0xbd, 0xe0, 0x25, 0x6a,
- 0x3d, 0x4c, 0xcd, 0x31, 0xa1, 0x4d, 0xa6, 0x80, 0x82, 0x03, 0x40, 0xe2, 0x88, 0x81, 0x53,
- 0xc3, 0xb3, 0x6d, 0xf7, 0xf4, 0x10, 0xde, 0x96, 0x23, 0x58, 0x20, 0x24, 0x69, 0x44, 0x6e,
- 0xf5, 0xcc, 0x18, 0xfe, 0x63, 0xac, 0x5e, 0x85, 0x9c, 0xfc, 0x9d, 0xfa, 0x90, 0xee, 0x6c,
- 0xc2, 0x22, 0x49, 0x02, 0xc7, 0x93, 0xf4, 0x30, 0xf1, 0x51, 0x11, 0x20, 0x33, 0x3a, 0x00,
- 0x47, 0x44, 0x58, 0x41, 0x20, 0x58, 0x40, 0x16, 0xb9, 0x51, 0xdf, 0x31, 0xad, 0xa0, 0x3d,
- 0x98, 0x40, 0x85, 0xdf, 0xd9, 0xbe, 0xf6, 0x79, 0x62, 0x36, 0x8b, 0x60, 0xaa, 0x79, 0x8e,
- 0x52, 0x04, 0xdd, 0xba, 0x39, 0xa2, 0x58, 0x9c, 0x60, 0xd5, 0x96, 0x51, 0x42, 0xe2, 0xa5,
- 0x57, 0x58, 0xb4, 0x89, 0x2c, 0x94, 0xb9, 0xda, 0xe7, 0x93, 0x85, 0xda, 0x64, 0xa0, 0x52,
- 0xfc, 0x6b, 0xb1, 0x0a, 0xa8, 0x13, 0xd9, 0x84, 0xfb, 0x34, 0x77, 0x84, 0x43, 0xa1, 0x01,
- 0x26, 0xa0, 0x59, 0x02, 0x0f, 0x82, 0x58, 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x59, 0x01, 0xe9, 0x84, 0x03,
- 0x67, 0x6b, 0x65, 0x79, 0x6d, 0x69, 0x6e, 0x74, 0xae, 0x65, 0x62, 0x72, 0x61, 0x6e, 0x64,
- 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x65, 0x66, 0x75, 0x73, 0x65, 0x64, 0x01, 0x65,
- 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x66, 0x64, 0x65, 0x76,
- 0x69, 0x63, 0x65, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x67, 0x70, 0x72, 0x6f, 0x64,
- 0x75, 0x63, 0x74, 0x65, 0x70, 0x69, 0x78, 0x65, 0x6c, 0x68, 0x76, 0x62, 0x5f, 0x73, 0x74,
- 0x61, 0x74, 0x65, 0x65, 0x67, 0x72, 0x65, 0x65, 0x6e, 0x6a, 0x6f, 0x73, 0x5f, 0x76, 0x65,
- 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x31, 0x32, 0x6c, 0x6d, 0x61, 0x6e, 0x75, 0x66, 0x61,
- 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x6d, 0x76,
- 0x62, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x4f, 0x11, 0x22,
- 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x6e, 0x73,
- 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x63, 0x74,
- 0x65, 0x65, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c,
- 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x62, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x6c,
- 0x6f, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x66, 0x6c, 0x6f, 0x63,
- 0x6b, 0x65, 0x64, 0x72, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f, 0x70, 0x61, 0x74, 0x63,
- 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x61, 0x72, 0x76, 0x65,
- 0x6e, 0x64, 0x6f, 0x72, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65,
- 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x63, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21,
- 0x58, 0x20, 0x46, 0xbd, 0xfc, 0xed, 0xa6, 0x94, 0x9a, 0xc4, 0x5e, 0x27, 0xcf, 0x24, 0x25,
- 0xc5, 0x0c, 0x7d, 0xed, 0x8f, 0x21, 0xe0, 0x47, 0x81, 0x5a, 0xdc, 0x3b, 0xd4, 0x9e, 0x13,
- 0xb6, 0x06, 0x36, 0x70, 0x22, 0x58, 0x20, 0x0a, 0xbd, 0xbc, 0x0d, 0x19, 0xba, 0xcc, 0xdc,
- 0x00, 0x64, 0x31, 0x4c, 0x84, 0x66, 0x1d, 0xfb, 0x50, 0xd0, 0xe3, 0xf8, 0x78, 0x9d, 0xf9,
- 0x77, 0x2b, 0x40, 0x6b, 0xb5, 0x8e, 0xd3, 0xf8, 0xa9, 0x23, 0x58, 0x21, 0x00, 0x9c, 0x42,
- 0x3f, 0x79, 0x76, 0xa0, 0xd1, 0x98, 0x58, 0xbb, 0x9b, 0x9e, 0xfb, 0x3b, 0x08, 0xf2, 0xe1,
- 0xa3, 0xfe, 0xf4, 0x21, 0x5b, 0x97, 0x2d, 0xcb, 0x9a, 0x55, 0x1a, 0x7f, 0xa7, 0xc1, 0xa8,
- 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xef, 0xd3, 0x88, 0xc4, 0xbc,
- 0xce, 0x51, 0x4d, 0x4b, 0xd3, 0x81, 0x26, 0xc6, 0xcc, 0x66, 0x3b, 0x12, 0x38, 0xbf, 0x23,
- 0x7a, 0x2e, 0x7f, 0x82, 0xa7, 0x81, 0x74, 0x21, 0xc0, 0x12, 0x79, 0xf4, 0x22, 0x58, 0x20,
- 0xdc, 0x85, 0x6c, 0x1c, 0xcc, 0xf9, 0xf3, 0xe8, 0xff, 0x90, 0xfd, 0x89, 0x03, 0xf5, 0xaf,
- 0x75, 0xa0, 0x79, 0xbb, 0x53, 0x9a, 0x1f, 0x2b, 0x34, 0x86, 0x47, 0x3d, 0x66, 0x2a, 0x07,
- 0x3b, 0x1e, 0x23, 0x58, 0x20, 0x34, 0x7b, 0x15, 0xcc, 0xbf, 0x26, 0xc9, 0x28, 0x0e, 0xee,
- 0xc5, 0x47, 0xac, 0x00, 0xc4, 0x4d, 0x81, 0x2b, 0x1e, 0xac, 0x31, 0xd2, 0x6f, 0x36, 0x85,
- 0xe6, 0xa8, 0xf0, 0x46, 0xfc, 0xd2, 0x83, 0x58, 0x40, 0x55, 0x4c, 0x38, 0xdf, 0xfe, 0x49,
- 0xa8, 0xa0, 0xa5, 0x08, 0xce, 0x2f, 0xe5, 0xf6, 0x6e, 0x2b, 0xc2, 0x95, 0x39, 0xc8, 0xca,
- 0x77, 0xd6, 0xf6, 0x67, 0x24, 0x6b, 0x0e, 0x63, 0x5d, 0x11, 0x97, 0x26, 0x52, 0x30, 0xbc,
- 0x28, 0x1d, 0xbf, 0x2a, 0x3e, 0x8c, 0x90, 0x54, 0xaa, 0xaa, 0xd1, 0x7c, 0x53, 0x7b, 0x48,
- 0x1f, 0x51, 0x50, 0x6c, 0x32, 0xe1, 0x0f, 0x57, 0xea, 0x47, 0x76, 0x85, 0x0c, 0xa1, 0x6b,
- 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x78, 0x3b, 0x62, 0x72,
- 0x61, 0x6e, 0x64, 0x31, 0x2f, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x31, 0x2f, 0x64,
- 0x65, 0x76, 0x69, 0x63, 0x65, 0x31, 0x3a, 0x31, 0x31, 0x2f, 0x69, 0x64, 0x2f, 0x32, 0x30,
- 0x32, 0x31, 0x30, 0x38, 0x30, 0x35, 0x2e, 0x34, 0x32, 0x3a, 0x75, 0x73, 0x65, 0x72, 0x2f,
- 0x72, 0x65, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2d, 0x6b, 0x65, 0x79, 0x73};
+ 0x85, 0x01, 0xa0, 0x82, 0xa5, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xf2,
+ 0xc6, 0x50, 0xd2, 0x42, 0x59, 0xe0, 0x4e, 0x7b, 0xc0, 0x75, 0x41, 0xa2, 0xe9, 0xd0, 0xe8,
+ 0x18, 0xd7, 0xd7, 0x63, 0x7e, 0x41, 0x04, 0x7e, 0x52, 0x1a, 0xb1, 0xb7, 0xdc, 0x13, 0xb3,
+ 0x0f, 0x22, 0x58, 0x20, 0x1a, 0xf3, 0x8b, 0x0f, 0x7a, 0xc6, 0xf2, 0xb8, 0x31, 0x0b, 0x40,
+ 0x9b, 0x7e, 0xb6, 0xd6, 0xec, 0x9c, 0x21, 0xad, 0xde, 0xd1, 0x6c, 0x52, 0xfc, 0x06, 0xf1,
+ 0x39, 0x31, 0xa0, 0x22, 0x65, 0x86, 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x58, 0x74, 0xa5,
+ 0x01, 0x66, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65,
+ 0x63, 0x74, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47, 0x44, 0x57, 0x58,
+ 0x4d, 0xa5, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xf2, 0xc6, 0x50, 0xd2,
+ 0x42, 0x59, 0xe0, 0x4e, 0x7b, 0xc0, 0x75, 0x41, 0xa2, 0xe9, 0xd0, 0xe8, 0x18, 0xd7, 0xd7,
+ 0x63, 0x7e, 0x41, 0x04, 0x7e, 0x52, 0x1a, 0xb1, 0xb7, 0xdc, 0x13, 0xb3, 0x0f, 0x22, 0x58,
+ 0x20, 0x1a, 0xf3, 0x8b, 0x0f, 0x7a, 0xc6, 0xf2, 0xb8, 0x31, 0x0b, 0x40, 0x9b, 0x7e, 0xb6,
+ 0xd6, 0xec, 0x9c, 0x21, 0xad, 0xde, 0xd1, 0x6c, 0x52, 0xfc, 0x06, 0xf1, 0x39, 0x31, 0xa0,
+ 0x22, 0x65, 0x86, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41, 0x20, 0x58, 0x40, 0x1e, 0xdf, 0xe0,
+ 0x1c, 0xca, 0xbb, 0xb2, 0x13, 0xae, 0xe2, 0x49, 0x32, 0x3c, 0x6e, 0x9c, 0x6e, 0xf4, 0x23,
+ 0x87, 0x41, 0x60, 0x04, 0x34, 0xe6, 0x32, 0xe2, 0xf1, 0x22, 0x55, 0xcc, 0x89, 0x4b, 0x4f,
+ 0xdb, 0x05, 0x89, 0x8a, 0x3c, 0x2f, 0x8a, 0x52, 0x84, 0x43, 0xdc, 0x43, 0x62, 0x7e, 0x85,
+ 0xb3, 0xea, 0x49, 0x3b, 0x0b, 0x4a, 0xf0, 0x64, 0xfe, 0x8f, 0x41, 0xb6, 0xd1, 0xcc, 0xe3,
+ 0xf6, 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02, 0x0e, 0x82, 0x58, 0x20, 0x01, 0x02,
+ 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11,
+ 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+ 0x59, 0x01, 0xe8, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79, 0x6d, 0x69, 0x6e, 0x74, 0xae, 0x65,
+ 0x62, 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x65, 0x66, 0x75,
+ 0x73, 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x65, 0x6d, 0x6f, 0x64, 0x65,
+ 0x6c, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65,
+ 0x67, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65, 0x70, 0x69, 0x78, 0x65, 0x6c, 0x68,
+ 0x76, 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65, 0x67, 0x72, 0x65, 0x65, 0x6e, 0x6a,
+ 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x31, 0x32, 0x6c, 0x6d,
+ 0x61, 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x66, 0x47, 0x6f, 0x6f,
+ 0x67, 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x64, 0x69, 0x67, 0x65,
+ 0x73, 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc,
+ 0xdd, 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65,
+ 0x76, 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x5f, 0x70, 0x61,
+ 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x62, 0x70,
+ 0x62, 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74,
+ 0x65, 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d,
+ 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34,
+ 0x8c, 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68,
+ 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x63, 0x82, 0xa6, 0x01, 0x02,
+ 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x1d, 0x94, 0xf2, 0x27, 0xc3, 0x70, 0x01, 0xde,
+ 0x3c, 0xaf, 0x6f, 0xfd, 0x78, 0x08, 0x37, 0x39, 0x21, 0xdd, 0x46, 0x6f, 0x08, 0x4f, 0x77,
+ 0xf7, 0x80, 0x34, 0x30, 0x74, 0x78, 0x69, 0xeb, 0xb1, 0x22, 0x58, 0x20, 0x6b, 0x71, 0xd7,
+ 0x7f, 0x0e, 0x51, 0xb2, 0xc9, 0x3d, 0x1a, 0xa0, 0xe8, 0x7a, 0x0d, 0x57, 0xfc, 0x91, 0xd0,
+ 0x68, 0xf9, 0x33, 0x5f, 0x80, 0x29, 0x00, 0x80, 0x98, 0x78, 0x63, 0x5b, 0x30, 0x24, 0x23,
+ 0x58, 0x20, 0x09, 0x83, 0xa6, 0x5a, 0xbb, 0x3a, 0xf8, 0x90, 0x88, 0x87, 0x16, 0x37, 0xb4,
+ 0xe7, 0x11, 0x9b, 0xcc, 0xbb, 0x15, 0x82, 0xa9, 0x97, 0xa5, 0xad, 0xa9, 0x85, 0x39, 0x30,
+ 0x55, 0x46, 0x99, 0xc6, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xa8,
+ 0xaa, 0x4b, 0x63, 0x86, 0xf6, 0x5c, 0xe4, 0x28, 0xda, 0x26, 0x3f, 0x9a, 0x42, 0x6e, 0xb9,
+ 0x2b, 0x4d, 0x5a, 0x49, 0x4c, 0x5f, 0x1a, 0xa2, 0x5f, 0xd4, 0x8f, 0x84, 0xd7, 0x25, 0xe4,
+ 0x6c, 0x22, 0x58, 0x20, 0x6b, 0xef, 0xde, 0xd6, 0x04, 0x58, 0x12, 0xdb, 0xf8, 0x90, 0x2c,
+ 0x9c, 0xe0, 0x5e, 0x43, 0xbc, 0xcf, 0x22, 0x01, 0x4d, 0x5c, 0x0c, 0x86, 0x7b, 0x66, 0xd2,
+ 0xa1, 0xfc, 0x69, 0x8a, 0x91, 0xfc, 0x23, 0x58, 0x20, 0x31, 0xaf, 0x30, 0x85, 0x1f, 0x2a,
+ 0x82, 0xe1, 0x9c, 0xda, 0xe5, 0x68, 0xed, 0x79, 0xc1, 0x35, 0x1a, 0x02, 0xb4, 0x8a, 0xd2,
+ 0x4c, 0xc4, 0x70, 0x6b, 0x88, 0x98, 0x23, 0x9e, 0xb3, 0x52, 0xb1, 0x58, 0x40, 0x8e, 0x7e,
+ 0xdf, 0x77, 0x13, 0xdb, 0x51, 0xf6, 0xc1, 0x67, 0x52, 0x48, 0x48, 0x79, 0xe6, 0xbc, 0x89,
+ 0xe2, 0xfe, 0x7c, 0x0d, 0x2c, 0x88, 0x3b, 0x23, 0x66, 0x93, 0x7b, 0x94, 0x59, 0xc4, 0x87,
+ 0x16, 0xc4, 0x3a, 0x85, 0x60, 0xe3, 0x62, 0x45, 0x53, 0xa8, 0x1d, 0x4e, 0xa4, 0x2b, 0x61,
+ 0x33, 0x17, 0x71, 0xb6, 0x40, 0x11, 0x7d, 0x23, 0x64, 0xe6, 0x49, 0xbe, 0xa6, 0x85, 0x32,
+ 0x1a, 0x89, 0xa1, 0x6b, 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x70, 0x72, 0x69, 0x6e, 0x74,
+ 0x78, 0x3b, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x31, 0x2f, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63,
+ 0x74, 0x31, 0x2f, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x31, 0x3a, 0x31, 0x31, 0x2f, 0x69,
+ 0x64, 0x2f, 0x32, 0x30, 0x32, 0x31, 0x30, 0x38, 0x30, 0x35, 0x2e, 0x34, 0x32, 0x3a, 0x75,
+ 0x73, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2d, 0x6b, 0x65, 0x79,
+ 0x73};
// The challenge that is in kKeysToSignForCsrWithUdsCerts and kCsrWithUdsCerts
inline const std::vector<uint8_t> kChallenge{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
@@ -158,244 +171,242 @@
0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20};
inline const std::vector<uint8_t> kKeysToSignForCsrWithUdsCerts{
- 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x35, 0xeb, 0x56, 0xed,
- 0x62, 0x13, 0x6a, 0x41, 0x89, 0xf6, 0x72, 0xa6, 0xf1, 0x5c, 0xd1, 0xf6, 0x34, 0xbd, 0x81,
- 0xdb, 0x2e, 0x0b, 0x4d, 0xf6, 0x69, 0x6f, 0xa6, 0xf3, 0xce, 0x27, 0x2c, 0x78, 0x22, 0x58,
- 0x20, 0xac, 0xa9, 0x9f, 0x62, 0x81, 0x58, 0xc7, 0x10, 0xd7, 0xb5, 0xa8, 0xa0, 0x7b, 0x11,
- 0xf5, 0x75, 0xdb, 0xd9, 0xa2, 0x1d, 0x86, 0x34, 0xc6, 0xf4, 0x23, 0x79, 0xcc, 0x8a, 0x87,
- 0x3c, 0xb2, 0xd0, 0x23, 0x58, 0x20, 0x0f, 0x2c, 0x5a, 0xb7, 0xe1, 0x3b, 0x24, 0xa3, 0x4f,
- 0xaa, 0x49, 0x51, 0xfc, 0x8c, 0xd0, 0x35, 0x43, 0x7c, 0x21, 0xfa, 0x7d, 0x56, 0x97, 0x69,
- 0xe1, 0x81, 0xf5, 0x88, 0x15, 0x33, 0xa0, 0x7f, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01,
- 0x21, 0x58, 0x20, 0xb5, 0xcc, 0xd9, 0x4f, 0x7a, 0xe2, 0xca, 0xac, 0xfe, 0xa5, 0x65, 0x0c,
- 0x6a, 0xa8, 0x16, 0x45, 0x40, 0x41, 0x1c, 0xb2, 0x64, 0xcd, 0x34, 0xe8, 0x37, 0x88, 0xb9,
- 0x9a, 0xb3, 0xc3, 0xfd, 0x6a, 0x22, 0x58, 0x20, 0x5e, 0xbe, 0xff, 0x98, 0x60, 0x6e, 0x1d,
- 0x6b, 0x42, 0x60, 0x59, 0xe9, 0x42, 0x95, 0xc8, 0x2e, 0xc5, 0xb6, 0x66, 0x4a, 0x53, 0xf1,
- 0x73, 0x02, 0xcb, 0x89, 0x8a, 0x2a, 0xc9, 0xa5, 0xa3, 0x39, 0x23, 0x58, 0x21, 0x00, 0xdb,
- 0xda, 0x3c, 0x3e, 0x27, 0x71, 0x5e, 0xd0, 0x2b, 0x09, 0xb8, 0x6f, 0xe2, 0x2c, 0xdd, 0x0a,
- 0xbf, 0x1d, 0x94, 0x36, 0xd2, 0x33, 0x88, 0x6e, 0x66, 0x05, 0x21, 0x92, 0x64, 0x79, 0xa9,
- 0x10};
+ 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xd5, 0x0b, 0x27, 0x39,
+ 0xa3, 0xd5, 0xfd, 0xd9, 0x4f, 0x87, 0x4a, 0x97, 0x17, 0x60, 0x6c, 0x63, 0x55, 0x13, 0xa0,
+ 0xf5, 0x1c, 0x2b, 0xe7, 0x0e, 0x8e, 0xdb, 0x76, 0x82, 0x69, 0x5a, 0x46, 0xec, 0x22, 0x58,
+ 0x20, 0xa6, 0x08, 0xb3, 0x57, 0xaa, 0x5f, 0x72, 0x2b, 0xb1, 0xf0, 0x43, 0x52, 0xf4, 0xcb,
+ 0x97, 0x39, 0xfd, 0x54, 0x79, 0xa3, 0xaf, 0x07, 0xb7, 0xbe, 0xbc, 0x93, 0xc1, 0xb6, 0x9b,
+ 0x2f, 0x75, 0x1b, 0x23, 0x58, 0x21, 0x00, 0xb4, 0x59, 0xe3, 0x78, 0x6f, 0x3f, 0xbd, 0xdc,
+ 0x38, 0x8a, 0xa5, 0x7d, 0xbe, 0xe0, 0xce, 0xf9, 0x2e, 0x9a, 0x5b, 0xfc, 0xbd, 0x4d, 0x27,
+ 0x7b, 0xa7, 0xc8, 0xda, 0xaa, 0xe4, 0xcd, 0xf3, 0xd2, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20,
+ 0x01, 0x21, 0x58, 0x20, 0x10, 0x6c, 0xe8, 0x71, 0xa8, 0x78, 0x9d, 0x29, 0xbe, 0xf8, 0x84,
+ 0x39, 0xd4, 0xa2, 0xf5, 0x3e, 0x09, 0xf1, 0xd4, 0x81, 0x59, 0x24, 0x63, 0x07, 0xae, 0x25,
+ 0xad, 0x24, 0x72, 0x0f, 0x8b, 0xd0, 0x22, 0x58, 0x20, 0xe8, 0xba, 0x76, 0x49, 0x7b, 0x97,
+ 0x98, 0xcf, 0xbb, 0x90, 0xfa, 0x30, 0x3a, 0x2d, 0x88, 0xfe, 0x3f, 0xc6, 0x75, 0x05, 0x7b,
+ 0x59, 0xdf, 0x14, 0xd8, 0xde, 0x4d, 0x51, 0x8b, 0x2f, 0x5a, 0xc7, 0x23, 0x58, 0x20, 0x76,
+ 0x11, 0x2f, 0x31, 0xe5, 0xc2, 0xbb, 0xa7, 0x2c, 0x2b, 0x2f, 0x73, 0x16, 0x29, 0xf8, 0x67,
+ 0x66, 0x44, 0x7f, 0x3f, 0x22, 0xa2, 0x40, 0x45, 0x12, 0xac, 0x97, 0x06, 0xc8, 0x66, 0x08,
+ 0xc9, 0x0a};
inline const std::vector<uint8_t> kCsrWithUdsCerts{
- 0x84, 0x01, 0xa1, 0x70, 0x74, 0x65, 0x73, 0x74, 0x2d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x72,
+ 0x85, 0x01, 0xa1, 0x70, 0x74, 0x65, 0x73, 0x74, 0x2d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x72,
0x2d, 0x6e, 0x61, 0x6d, 0x65, 0x82, 0x59, 0x01, 0x6c, 0x30, 0x82, 0x01, 0x68, 0x30, 0x82,
0x01, 0x1a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x7b, 0x30, 0x05, 0x06, 0x03, 0x2b,
0x65, 0x70, 0x30, 0x2b, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c,
0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, 0x12, 0x30,
0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x09, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x52, 0x6f,
- 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x34, 0x31, 0x30, 0x31, 0x37, 0x31, 0x39, 0x32,
- 0x33, 0x30, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x39, 0x32,
- 0x33, 0x30, 0x39, 0x5a, 0x30, 0x2b, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a,
+ 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x34, 0x31, 0x31, 0x31, 0x34, 0x30, 0x39, 0x35,
+ 0x32, 0x30, 0x37, 0x5a, 0x17, 0x0d, 0x34, 0x39, 0x31, 0x31, 0x30, 0x38, 0x30, 0x39, 0x35,
+ 0x32, 0x30, 0x37, 0x5a, 0x30, 0x2b, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a,
0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31,
0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x09, 0x46, 0x61, 0x6b, 0x65, 0x20,
0x52, 0x6f, 0x6f, 0x74, 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21,
- 0x00, 0x20, 0xc5, 0xfa, 0x42, 0xe9, 0x23, 0xd3, 0x72, 0x83, 0x96, 0xc5, 0x73, 0x1e, 0xec,
- 0x07, 0x39, 0x4f, 0xc8, 0xb7, 0xd1, 0x9f, 0x77, 0xb6, 0x0b, 0x59, 0x9e, 0x62, 0xc0, 0xec,
- 0x06, 0x06, 0xad, 0xa3, 0x63, 0x30, 0x61, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04,
- 0x16, 0x04, 0x14, 0xec, 0x36, 0x07, 0x83, 0xf0, 0xda, 0x23, 0xfc, 0x0f, 0xb1, 0x08, 0xd0,
- 0x60, 0x97, 0xc1, 0x9a, 0x14, 0x54, 0xbf, 0x63, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23,
- 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xec, 0x36, 0x07, 0x83, 0xf0, 0xda, 0x23, 0xfc, 0x0f,
- 0xb1, 0x08, 0xd0, 0x60, 0x97, 0xc1, 0x9a, 0x14, 0x54, 0xbf, 0x63, 0x30, 0x0f, 0x06, 0x03,
+ 0x00, 0x54, 0x40, 0x8c, 0x1b, 0x60, 0x39, 0x81, 0xe7, 0x38, 0x87, 0xb9, 0x75, 0x10, 0x30,
+ 0x6a, 0x1b, 0x9b, 0x38, 0x61, 0xa0, 0x94, 0x49, 0xb0, 0xf3, 0xae, 0x39, 0x53, 0x2d, 0x61,
+ 0x8d, 0x6e, 0x59, 0xa3, 0x63, 0x30, 0x61, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04,
+ 0x16, 0x04, 0x14, 0x6d, 0xd5, 0xea, 0x8c, 0xe0, 0x5a, 0x50, 0xd9, 0x36, 0xf3, 0x28, 0xc2,
+ 0x54, 0x1d, 0xfa, 0x9d, 0x94, 0x19, 0x98, 0x76, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23,
+ 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x6d, 0xd5, 0xea, 0x8c, 0xe0, 0x5a, 0x50, 0xd9, 0x36,
+ 0xf3, 0x28, 0xc2, 0x54, 0x1d, 0xfa, 0x9d, 0x94, 0x19, 0x98, 0x76, 0x30, 0x0f, 0x06, 0x03,
0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, 0x04, 0x30,
- 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0x41, 0xfa, 0x27, 0xfd, 0xe3, 0x42,
- 0x89, 0x43, 0x68, 0x92, 0x48, 0x39, 0xb1, 0x93, 0x93, 0x8b, 0x69, 0x16, 0x50, 0xbe, 0xc0,
- 0xc5, 0x83, 0xd6, 0x1e, 0x4b, 0x2f, 0x6e, 0x18, 0x32, 0x78, 0xfe, 0x35, 0x78, 0xed, 0x6d,
- 0xc8, 0x36, 0xb2, 0x4e, 0x0d, 0x10, 0x23, 0xab, 0x28, 0x32, 0xa1, 0xfc, 0x83, 0x2a, 0xa3,
- 0xca, 0xe1, 0xca, 0x82, 0xd2, 0x5f, 0xf1, 0x7f, 0xf2, 0xba, 0xbe, 0x86, 0x0b, 0x59, 0x01,
- 0x70, 0x30, 0x82, 0x01, 0x6c, 0x30, 0x82, 0x01, 0x1e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
+ 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0x1e, 0x27, 0x99, 0xd3, 0x05, 0xa7,
+ 0xd2, 0xc6, 0xad, 0x1f, 0x2c, 0xbd, 0xef, 0x34, 0x18, 0xbd, 0x37, 0xb9, 0x96, 0x57, 0x63,
+ 0x72, 0x7e, 0xf8, 0xe5, 0xa2, 0xb5, 0x9a, 0x20, 0x42, 0x1d, 0x9c, 0x8e, 0xdc, 0x97, 0xd4,
+ 0x3b, 0x65, 0xe0, 0x52, 0xb4, 0x0d, 0x95, 0x59, 0x94, 0x94, 0x7a, 0x31, 0x9e, 0x45, 0x4b,
+ 0x93, 0x3d, 0x5d, 0x88, 0x98, 0xb1, 0x52, 0xf5, 0x46, 0x1c, 0x2a, 0x0b, 0x05, 0x59, 0x01,
+ 0x9f, 0x30, 0x82, 0x01, 0x9b, 0x30, 0x82, 0x01, 0x4d, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
0x02, 0x01, 0xc8, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x30, 0x2b, 0x31, 0x15, 0x30,
0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x6f,
0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
0x09, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x32,
- 0x34, 0x31, 0x30, 0x31, 0x37, 0x31, 0x39, 0x32, 0x33, 0x30, 0x39, 0x5a, 0x17, 0x0d, 0x32,
- 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x39, 0x32, 0x33, 0x30, 0x39, 0x5a, 0x30, 0x2e, 0x31,
+ 0x34, 0x31, 0x31, 0x31, 0x34, 0x30, 0x39, 0x35, 0x32, 0x30, 0x37, 0x5a, 0x17, 0x0d, 0x34,
+ 0x39, 0x31, 0x31, 0x30, 0x38, 0x30, 0x39, 0x35, 0x32, 0x30, 0x37, 0x5a, 0x30, 0x2e, 0x31,
0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20,
0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04,
0x03, 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x68, 0x69, 0x70, 0x73, 0x65, 0x74,
- 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00, 0x14, 0xf4, 0x4a,
- 0x88, 0x56, 0x9f, 0xc0, 0xf5, 0x1f, 0xe5, 0xef, 0xfb, 0xf4, 0x06, 0xbc, 0xb1, 0xe4, 0x4a,
- 0x37, 0xe5, 0x07, 0xf8, 0x65, 0x95, 0x55, 0x54, 0xfd, 0x90, 0xf9, 0x8b, 0xa7, 0xc6, 0xa3,
- 0x63, 0x30, 0x61, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xef,
- 0x05, 0x40, 0x0a, 0x1b, 0x74, 0x3e, 0x4d, 0x2e, 0x22, 0xf5, 0x66, 0x0c, 0xd7, 0xf9, 0xb8,
- 0x8e, 0x81, 0x3d, 0xab, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
- 0x80, 0x14, 0xec, 0x36, 0x07, 0x83, 0xf0, 0xda, 0x23, 0xfc, 0x0f, 0xb1, 0x08, 0xd0, 0x60,
- 0x97, 0xc1, 0x9a, 0x14, 0x54, 0xbf, 0x63, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
- 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d,
- 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, 0x04, 0x30, 0x05, 0x06, 0x03, 0x2b,
- 0x65, 0x70, 0x03, 0x41, 0x00, 0x64, 0x32, 0x42, 0x06, 0xa7, 0x11, 0xb0, 0x67, 0x81, 0x73,
- 0x19, 0x70, 0xb6, 0x60, 0x1c, 0xd2, 0x43, 0xde, 0x42, 0xec, 0x71, 0x4d, 0x6e, 0xa8, 0xed,
- 0x6f, 0xe2, 0x59, 0x3e, 0xa3, 0x45, 0x82, 0x8b, 0x25, 0x25, 0xf9, 0xc6, 0xb3, 0xf5, 0xb5,
- 0x3d, 0x11, 0x7d, 0xcf, 0xf2, 0x50, 0x22, 0xff, 0x2b, 0xc5, 0x14, 0x94, 0x64, 0xbf, 0xbf,
- 0x52, 0x69, 0xb1, 0xfe, 0x07, 0x81, 0x83, 0xb3, 0x0d, 0x82, 0xa5, 0x01, 0x01, 0x03, 0x27,
- 0x20, 0x06, 0x21, 0x58, 0x20, 0x14, 0xf4, 0x4a, 0x88, 0x56, 0x9f, 0xc0, 0xf5, 0x1f, 0xe5,
- 0xef, 0xfb, 0xf4, 0x06, 0xbc, 0xb1, 0xe4, 0x4a, 0x37, 0xe5, 0x07, 0xf8, 0x65, 0x95, 0x55,
- 0x54, 0xfd, 0x90, 0xf9, 0x8b, 0xa7, 0xc6, 0x23, 0x58, 0x20, 0x8d, 0x38, 0x0d, 0x38, 0xcb,
- 0x76, 0x73, 0xef, 0x13, 0xd1, 0x08, 0x02, 0xa5, 0x0e, 0xd2, 0x16, 0xd4, 0x0f, 0x2c, 0x29,
- 0xf8, 0xd0, 0x20, 0xb8, 0x6a, 0x7f, 0xa2, 0xd1, 0x1e, 0xeb, 0xd1, 0x5c, 0x84, 0x43, 0xa1,
- 0x01, 0x27, 0xa0, 0x59, 0x01, 0x27, 0xa9, 0x01, 0x66, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72,
- 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a, 0x00, 0x47, 0x44, 0x50, 0x58,
- 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xc9, 0x35, 0xf7,
+ 0x7e, 0x71, 0xc9, 0xa4, 0xd2, 0x13, 0x58, 0x5a, 0xc1, 0x0c, 0x17, 0xa8, 0x2c, 0x28, 0x99,
+ 0x32, 0x8e, 0x01, 0x45, 0xb8, 0xf1, 0xf4, 0xf8, 0x37, 0x25, 0x4a, 0x25, 0x1f, 0xbf, 0x8f,
+ 0xd8, 0xdf, 0x53, 0xdd, 0x95, 0x7a, 0x90, 0xff, 0xe3, 0x40, 0xbf, 0xda, 0x19, 0x0c, 0x14,
+ 0x41, 0x1c, 0x76, 0x73, 0x4e, 0x86, 0x94, 0x7d, 0x2c, 0x21, 0x5f, 0x5e, 0x05, 0x26, 0x15,
+ 0x4f, 0xa3, 0x63, 0x30, 0x61, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04,
+ 0x14, 0x12, 0x84, 0xe1, 0x31, 0xef, 0xa8, 0xfd, 0xcc, 0xbb, 0x35, 0x22, 0xb9, 0x99, 0xd1,
+ 0xca, 0x64, 0x19, 0x09, 0x54, 0x4c, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18,
+ 0x30, 0x16, 0x80, 0x14, 0x6d, 0xd5, 0xea, 0x8c, 0xe0, 0x5a, 0x50, 0xd9, 0x36, 0xf3, 0x28,
+ 0xc2, 0x54, 0x1d, 0xfa, 0x9d, 0x94, 0x19, 0x98, 0x76, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d,
+ 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e, 0x06, 0x03,
+ 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, 0x04, 0x30, 0x05, 0x06,
+ 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0xc7, 0x93, 0x86, 0x58, 0xb2, 0x31, 0x30, 0x4f,
+ 0x1a, 0x53, 0x06, 0x87, 0x0e, 0xdf, 0xc4, 0xd8, 0x03, 0xf4, 0xaf, 0xa3, 0x2d, 0xfb, 0x7d,
+ 0xab, 0x08, 0x70, 0x47, 0x38, 0x10, 0xc5, 0xa8, 0x5e, 0x67, 0x64, 0xc7, 0xdc, 0x28, 0xe8,
+ 0x63, 0x3c, 0xa7, 0xb8, 0xf9, 0xbe, 0x3e, 0x75, 0xa7, 0x1c, 0xac, 0xc4, 0x81, 0x82, 0x4a,
+ 0x21, 0xf0, 0x89, 0x8e, 0x99, 0xf4, 0x52, 0x23, 0x30, 0x6d, 0x04, 0x82, 0xa5, 0x01, 0x02,
+ 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xc9, 0x35, 0xf7, 0x7e, 0x71, 0xc9, 0xa4, 0xd2,
+ 0x13, 0x58, 0x5a, 0xc1, 0x0c, 0x17, 0xa8, 0x2c, 0x28, 0x99, 0x32, 0x8e, 0x01, 0x45, 0xb8,
+ 0xf1, 0xf4, 0xf8, 0x37, 0x25, 0x4a, 0x25, 0x1f, 0xbf, 0x22, 0x58, 0x20, 0x8f, 0xd8, 0xdf,
+ 0x53, 0xdd, 0x95, 0x7a, 0x90, 0xff, 0xe3, 0x40, 0xbf, 0xda, 0x19, 0x0c, 0x14, 0x41, 0x1c,
+ 0x76, 0x73, 0x4e, 0x86, 0x94, 0x7d, 0x2c, 0x21, 0x5f, 0x5e, 0x05, 0x26, 0x15, 0x4f, 0x84,
+ 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x01, 0x04, 0xa9, 0x01, 0x66, 0x69, 0x73, 0x73, 0x75,
+ 0x65, 0x72, 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a, 0x00, 0x47, 0x44,
+ 0x50, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
- 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x20, 0xb8, 0x96, 0x54, 0xe2, 0x2c,
- 0xa4, 0xd2, 0x4a, 0x9c, 0x0e, 0x45, 0x11, 0xc8, 0xf2, 0x63, 0xf0, 0x66, 0x0d, 0x2e, 0x20,
- 0x48, 0x96, 0x90, 0x14, 0xf4, 0x54, 0x63, 0xc4, 0xf4, 0x39, 0x30, 0x38, 0x3a, 0x00, 0x47,
- 0x44, 0x53, 0x55, 0xa1, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x6e, 0x63, 0x6f, 0x6d, 0x70, 0x6f,
- 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x00, 0x47, 0x44, 0x54, 0x58,
- 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x20, 0xb8, 0x96, 0x54,
+ 0xe2, 0x2c, 0xa4, 0xd2, 0x4a, 0x9c, 0x0e, 0x45, 0x11, 0xc8, 0xf2, 0x63, 0xf0, 0x66, 0x0d,
+ 0x2e, 0x20, 0x48, 0x96, 0x90, 0x14, 0xf4, 0x54, 0x63, 0xc4, 0xf4, 0x39, 0x30, 0x38, 0x3a,
+ 0x00, 0x47, 0x44, 0x53, 0x55, 0xa1, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x6e, 0x63, 0x6f, 0x6d,
+ 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x00, 0x47, 0x44,
+ 0x54, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
- 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47, 0x44, 0x57,
- 0x58, 0x70, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x76, 0x82, 0x58,
- 0xce, 0x99, 0x1c, 0x29, 0xa1, 0x81, 0x3e, 0x22, 0xe3, 0x02, 0x13, 0xea, 0x2a, 0x25, 0x2e,
- 0x20, 0x14, 0xeb, 0x45, 0x0d, 0xb8, 0xdb, 0x8c, 0x38, 0xef, 0xeb, 0x25, 0xd6, 0x31, 0x22,
- 0x58, 0x20, 0xbe, 0x55, 0xba, 0x87, 0x17, 0xc2, 0x5b, 0xb6, 0x56, 0xff, 0x4b, 0xf0, 0x8a,
- 0x98, 0x57, 0x86, 0xa4, 0x36, 0x0a, 0x90, 0x38, 0xce, 0x66, 0xec, 0xcb, 0x25, 0x30, 0x29,
- 0x83, 0x02, 0x02, 0xc0, 0x23, 0x58, 0x20, 0x73, 0xdf, 0xc3, 0x4a, 0xe4, 0x2e, 0xbd, 0x04,
- 0x09, 0xec, 0x91, 0xc7, 0xe7, 0xf1, 0xec, 0x55, 0x10, 0x7e, 0xd1, 0x36, 0x5e, 0x9d, 0x11,
- 0x71, 0x27, 0xee, 0x30, 0x7b, 0x04, 0x45, 0x5f, 0x95, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41,
- 0x20, 0x58, 0x40, 0x44, 0x7f, 0x1a, 0x67, 0x16, 0xa0, 0x49, 0xfe, 0x2c, 0xde, 0x87, 0x38,
- 0xef, 0xb9, 0xe0, 0x19, 0x25, 0x7d, 0xcc, 0x39, 0x53, 0x27, 0xbd, 0x2c, 0x04, 0x6c, 0xe3,
- 0x5c, 0x5e, 0xd6, 0x27, 0x09, 0xb9, 0xf7, 0x8c, 0x2b, 0xd2, 0x68, 0xc3, 0xf1, 0x23, 0xcf,
- 0xc6, 0xfc, 0x21, 0xb3, 0x52, 0x48, 0xe6, 0x8a, 0x89, 0x3e, 0x37, 0x24, 0x13, 0x23, 0x80,
- 0xb2, 0xc7, 0xa7, 0xc6, 0xf1, 0xec, 0x04, 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02,
- 0x0f, 0x82, 0x58, 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a,
- 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x59, 0x01, 0xe9, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79,
- 0x6d, 0x69, 0x6e, 0x74, 0xae, 0x65, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f,
- 0x67, 0x6c, 0x65, 0x65, 0x66, 0x75, 0x73, 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65,
- 0x6c, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66,
- 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x67, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65,
- 0x70, 0x69, 0x78, 0x65, 0x6c, 0x68, 0x76, 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65,
- 0x67, 0x72, 0x65, 0x65, 0x6e, 0x6a, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
- 0x6e, 0x62, 0x31, 0x32, 0x6c, 0x6d, 0x61, 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72,
- 0x65, 0x72, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74,
- 0x61, 0x5f, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66,
- 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72,
- 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62,
- 0x6f, 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c,
- 0x1a, 0x01, 0x34, 0x8c, 0x62, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65,
- 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72,
- 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65,
- 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47,
+ 0x44, 0x57, 0x58, 0x4d, 0xa5, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xb8,
+ 0x42, 0x01, 0xd7, 0xf0, 0xb7, 0x57, 0x98, 0xe3, 0x05, 0xf5, 0xcf, 0xef, 0x7b, 0x38, 0x39,
+ 0x6d, 0x55, 0x68, 0x72, 0xa6, 0x46, 0xd3, 0x16, 0x89, 0x1a, 0x3a, 0x9b, 0xc8, 0xce, 0xc0,
+ 0x1c, 0x22, 0x58, 0x20, 0xd1, 0xd5, 0x0e, 0xb8, 0xd0, 0x99, 0x09, 0x41, 0x63, 0x93, 0x33,
+ 0x20, 0xef, 0x84, 0xbb, 0xf5, 0xc9, 0x27, 0x4b, 0x52, 0x33, 0xa9, 0x07, 0xcc, 0x5d, 0x22,
+ 0xab, 0xf6, 0x8f, 0x2d, 0x15, 0x41, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41, 0x20, 0x58, 0x40,
+ 0xd0, 0x6d, 0xb0, 0xd2, 0x49, 0xc8, 0xd3, 0x81, 0xdd, 0x10, 0x4b, 0xd9, 0x49, 0x45, 0x93,
+ 0x10, 0xd5, 0x1b, 0xc7, 0x59, 0x66, 0x6f, 0x6c, 0x06, 0xb5, 0x72, 0x98, 0x51, 0x2d, 0xed,
+ 0xa0, 0xd9, 0xbb, 0x4a, 0xe6, 0x9b, 0x67, 0x31, 0xd9, 0x27, 0xd0, 0x9c, 0xf8, 0x3d, 0xfc,
+ 0x61, 0x8d, 0x53, 0x13, 0x53, 0x68, 0xb4, 0xb5, 0x41, 0x4c, 0xea, 0x6a, 0x28, 0xbb, 0xcb,
+ 0x63, 0x4d, 0xd0, 0x20, 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02, 0x0f, 0x82, 0x58,
+ 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
+ 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d,
+ 0x1e, 0x1f, 0x20, 0x59, 0x01, 0xe9, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79, 0x6d, 0x69, 0x6e,
+ 0x74, 0xae, 0x65, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+ 0x65, 0x66, 0x75, 0x73, 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x65, 0x6d,
+ 0x6f, 0x64, 0x65, 0x6c, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66, 0x64, 0x65, 0x76,
+ 0x69, 0x63, 0x65, 0x67, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65, 0x70, 0x69, 0x78,
+ 0x65, 0x6c, 0x68, 0x76, 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65, 0x67, 0x72, 0x65,
+ 0x65, 0x6e, 0x6a, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x31,
+ 0x32, 0x6c, 0x6d, 0x61, 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x66,
+ 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x64,
+ 0x69, 0x67, 0x65, 0x73, 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
+ 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79,
+ 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62, 0x6f, 0x6f, 0x74,
0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34,
- 0x8c, 0x63, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x35, 0xeb,
- 0x56, 0xed, 0x62, 0x13, 0x6a, 0x41, 0x89, 0xf6, 0x72, 0xa6, 0xf1, 0x5c, 0xd1, 0xf6, 0x34,
- 0xbd, 0x81, 0xdb, 0x2e, 0x0b, 0x4d, 0xf6, 0x69, 0x6f, 0xa6, 0xf3, 0xce, 0x27, 0x2c, 0x78,
- 0x22, 0x58, 0x20, 0xac, 0xa9, 0x9f, 0x62, 0x81, 0x58, 0xc7, 0x10, 0xd7, 0xb5, 0xa8, 0xa0,
- 0x7b, 0x11, 0xf5, 0x75, 0xdb, 0xd9, 0xa2, 0x1d, 0x86, 0x34, 0xc6, 0xf4, 0x23, 0x79, 0xcc,
- 0x8a, 0x87, 0x3c, 0xb2, 0xd0, 0x23, 0x58, 0x20, 0x0f, 0x2c, 0x5a, 0xb7, 0xe1, 0x3b, 0x24,
- 0xa3, 0x4f, 0xaa, 0x49, 0x51, 0xfc, 0x8c, 0xd0, 0x35, 0x43, 0x7c, 0x21, 0xfa, 0x7d, 0x56,
- 0x97, 0x69, 0xe1, 0x81, 0xf5, 0x88, 0x15, 0x33, 0xa0, 0x7f, 0xa6, 0x01, 0x02, 0x03, 0x26,
- 0x20, 0x01, 0x21, 0x58, 0x20, 0xb5, 0xcc, 0xd9, 0x4f, 0x7a, 0xe2, 0xca, 0xac, 0xfe, 0xa5,
- 0x65, 0x0c, 0x6a, 0xa8, 0x16, 0x45, 0x40, 0x41, 0x1c, 0xb2, 0x64, 0xcd, 0x34, 0xe8, 0x37,
- 0x88, 0xb9, 0x9a, 0xb3, 0xc3, 0xfd, 0x6a, 0x22, 0x58, 0x20, 0x5e, 0xbe, 0xff, 0x98, 0x60,
- 0x6e, 0x1d, 0x6b, 0x42, 0x60, 0x59, 0xe9, 0x42, 0x95, 0xc8, 0x2e, 0xc5, 0xb6, 0x66, 0x4a,
- 0x53, 0xf1, 0x73, 0x02, 0xcb, 0x89, 0x8a, 0x2a, 0xc9, 0xa5, 0xa3, 0x39, 0x23, 0x58, 0x21,
- 0x00, 0xdb, 0xda, 0x3c, 0x3e, 0x27, 0x71, 0x5e, 0xd0, 0x2b, 0x09, 0xb8, 0x6f, 0xe2, 0x2c,
- 0xdd, 0x0a, 0xbf, 0x1d, 0x94, 0x36, 0xd2, 0x33, 0x88, 0x6e, 0x66, 0x05, 0x21, 0x92, 0x64,
- 0x79, 0xa9, 0x10, 0x58, 0x40, 0x87, 0xcf, 0xaa, 0x82, 0x6a, 0xba, 0x25, 0x8b, 0x81, 0xd8,
- 0x14, 0xca, 0xbd, 0xf4, 0x67, 0xdf, 0xc8, 0x2c, 0xa1, 0x04, 0x57, 0x99, 0xa0, 0x54, 0xe7,
- 0x9b, 0xb2, 0xd0, 0xaf, 0xdd, 0x07, 0x46, 0x0a, 0xd7, 0xbd, 0xa7, 0xf9, 0xa8, 0x0c, 0x08,
- 0x1e, 0x9c, 0xae, 0x73, 0x4c, 0x22, 0x6e, 0x56, 0x8b, 0xe4, 0x91, 0x54, 0xa4, 0x7a, 0xb0,
- 0xf5, 0xe4, 0x5d, 0xa9, 0x8f, 0xae, 0x43, 0x95, 0x7a};
+ 0x8c, 0x62, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x73,
+ 0x74, 0x61, 0x74, 0x65, 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72, 0x73, 0x79, 0x73,
+ 0x74, 0x65, 0x6d, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c,
+ 0x1a, 0x01, 0x34, 0x8c, 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x5f, 0x70, 0x61,
+ 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x63, 0x82,
+ 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xd5, 0x0b, 0x27, 0x39, 0xa3,
+ 0xd5, 0xfd, 0xd9, 0x4f, 0x87, 0x4a, 0x97, 0x17, 0x60, 0x6c, 0x63, 0x55, 0x13, 0xa0, 0xf5,
+ 0x1c, 0x2b, 0xe7, 0x0e, 0x8e, 0xdb, 0x76, 0x82, 0x69, 0x5a, 0x46, 0xec, 0x22, 0x58, 0x20,
+ 0xa6, 0x08, 0xb3, 0x57, 0xaa, 0x5f, 0x72, 0x2b, 0xb1, 0xf0, 0x43, 0x52, 0xf4, 0xcb, 0x97,
+ 0x39, 0xfd, 0x54, 0x79, 0xa3, 0xaf, 0x07, 0xb7, 0xbe, 0xbc, 0x93, 0xc1, 0xb6, 0x9b, 0x2f,
+ 0x75, 0x1b, 0x23, 0x58, 0x21, 0x00, 0xb4, 0x59, 0xe3, 0x78, 0x6f, 0x3f, 0xbd, 0xdc, 0x38,
+ 0x8a, 0xa5, 0x7d, 0xbe, 0xe0, 0xce, 0xf9, 0x2e, 0x9a, 0x5b, 0xfc, 0xbd, 0x4d, 0x27, 0x7b,
+ 0xa7, 0xc8, 0xda, 0xaa, 0xe4, 0xcd, 0xf3, 0xd2, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01,
+ 0x21, 0x58, 0x20, 0x10, 0x6c, 0xe8, 0x71, 0xa8, 0x78, 0x9d, 0x29, 0xbe, 0xf8, 0x84, 0x39,
+ 0xd4, 0xa2, 0xf5, 0x3e, 0x09, 0xf1, 0xd4, 0x81, 0x59, 0x24, 0x63, 0x07, 0xae, 0x25, 0xad,
+ 0x24, 0x72, 0x0f, 0x8b, 0xd0, 0x22, 0x58, 0x20, 0xe8, 0xba, 0x76, 0x49, 0x7b, 0x97, 0x98,
+ 0xcf, 0xbb, 0x90, 0xfa, 0x30, 0x3a, 0x2d, 0x88, 0xfe, 0x3f, 0xc6, 0x75, 0x05, 0x7b, 0x59,
+ 0xdf, 0x14, 0xd8, 0xde, 0x4d, 0x51, 0x8b, 0x2f, 0x5a, 0xc7, 0x23, 0x58, 0x20, 0x76, 0x11,
+ 0x2f, 0x31, 0xe5, 0xc2, 0xbb, 0xa7, 0x2c, 0x2b, 0x2f, 0x73, 0x16, 0x29, 0xf8, 0x67, 0x66,
+ 0x44, 0x7f, 0x3f, 0x22, 0xa2, 0x40, 0x45, 0x12, 0xac, 0x97, 0x06, 0xc8, 0x66, 0x08, 0xc9,
+ 0x58, 0x40, 0x11, 0x65, 0x46, 0xfa, 0xbd, 0xe3, 0xd3, 0x1b, 0x0d, 0x78, 0x23, 0x2e, 0x5d,
+ 0x48, 0x3c, 0xab, 0xd3, 0x74, 0xf8, 0x41, 0x88, 0x9b, 0x48, 0xf3, 0x93, 0x06, 0x40, 0x1b,
+ 0x5f, 0x60, 0x7b, 0xbe, 0xd8, 0xa6, 0x65, 0xff, 0x6a, 0x89, 0x24, 0x12, 0x1b, 0xac, 0xa3,
+ 0xd5, 0x37, 0x85, 0x6e, 0x53, 0x8d, 0xa5, 0x07, 0xe7, 0xe7, 0x44, 0x2c, 0xba, 0xa0, 0xbe,
+ 0x1a, 0x43, 0xde, 0x28, 0x59, 0x65, 0xa1, 0x6b, 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x70,
+ 0x72, 0x69, 0x6e, 0x74, 0x78, 0x3b, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x31, 0x2f, 0x70, 0x72,
+ 0x6f, 0x64, 0x75, 0x63, 0x74, 0x31, 0x2f, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x31, 0x3a,
+ 0x31, 0x31, 0x2f, 0x69, 0x64, 0x2f, 0x32, 0x30, 0x32, 0x31, 0x30, 0x38, 0x30, 0x35, 0x2e,
+ 0x34, 0x32, 0x3a, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x6c, 0x65, 0x61, 0x73, 0x65,
+ 0x2d, 0x6b, 0x65, 0x79, 0x73};
inline const std::vector<uint8_t> kKeysToSignForCsrWithoutUdsCerts = {
- 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x50, 0x43, 0xb4, 0xf1,
- 0xc1, 0x7f, 0x17, 0xc6, 0x3b, 0x56, 0x27, 0x63, 0x03, 0x18, 0x78, 0x9d, 0x63, 0x93, 0x3b,
- 0x98, 0xed, 0x55, 0x8c, 0x87, 0x1b, 0xd7, 0x89, 0xb6, 0x81, 0x92, 0x5f, 0x24, 0x22, 0x58,
- 0x20, 0xd5, 0x24, 0x93, 0xda, 0x3e, 0x32, 0x17, 0xfa, 0xe8, 0x8d, 0x1e, 0xa9, 0xe0, 0x84,
- 0x4e, 0x1c, 0x6a, 0xef, 0x9a, 0xe3, 0xbe, 0x1d, 0xf1, 0x14, 0xe0, 0x9e, 0x82, 0xc8, 0x92,
- 0x1a, 0x3a, 0x69, 0x23, 0x58, 0x20, 0x29, 0xcb, 0x16, 0x78, 0x61, 0x35, 0x92, 0x3f, 0x71,
- 0xc4, 0x66, 0x61, 0xd4, 0xd4, 0x20, 0x8a, 0x86, 0x1e, 0xb0, 0x2b, 0x2f, 0x4f, 0x13, 0xb4,
- 0x0d, 0x89, 0x60, 0x87, 0x77, 0xac, 0x1a, 0x0f, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01,
- 0x21, 0x58, 0x20, 0x4b, 0xcc, 0x7a, 0x09, 0x99, 0x76, 0xe7, 0xfa, 0x06, 0xb9, 0x19, 0x22,
- 0x15, 0x3b, 0x9f, 0xa8, 0x34, 0x77, 0x24, 0x27, 0x8c, 0x8a, 0x97, 0x61, 0xf3, 0x6f, 0x29,
- 0x74, 0x4e, 0x9a, 0x66, 0x23, 0x22, 0x58, 0x20, 0x8f, 0xa8, 0xaf, 0x2b, 0x02, 0x3a, 0xd4,
- 0x8a, 0xa2, 0x9d, 0x25, 0xa8, 0x01, 0xe7, 0xbd, 0x61, 0x25, 0x88, 0xb4, 0xc9, 0xce, 0x05,
- 0x43, 0xcc, 0x0d, 0x38, 0x7d, 0xe2, 0xda, 0x03, 0xb3, 0x33, 0x23, 0x58, 0x21, 0x00, 0xc8,
- 0x67, 0xb8, 0xbe, 0xc4, 0x1c, 0xca, 0x3c, 0x73, 0x3c, 0xbf, 0x52, 0xb2, 0x5a, 0x64, 0x9e,
- 0x9f, 0xae, 0xc6, 0x9f, 0x02, 0x2f, 0xee, 0x92, 0x1d, 0xdb, 0x01, 0x77, 0x27, 0x12, 0x84,
- 0x14};
+ 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x11, 0x29, 0x11, 0x96,
+ 0x98, 0x26, 0xb2, 0x3a, 0xf2, 0xf9, 0x95, 0xb7, 0x46, 0xb9, 0x38, 0x6e, 0x5e, 0x3d, 0x5e,
+ 0xb2, 0x19, 0x90, 0xc7, 0xd3, 0xbd, 0x49, 0x47, 0x55, 0xcb, 0xef, 0xeb, 0x89, 0x22, 0x58,
+ 0x20, 0x42, 0x87, 0xea, 0x75, 0x27, 0x42, 0x34, 0xeb, 0xe8, 0xb5, 0x50, 0xdf, 0xb0, 0xbf,
+ 0xef, 0x6b, 0x62, 0x90, 0x5c, 0xd1, 0xe8, 0x2b, 0x4d, 0x02, 0x58, 0xe6, 0xca, 0xda, 0xe6,
+ 0x33, 0x97, 0xff, 0x23, 0x58, 0x21, 0x00, 0x9b, 0x34, 0xdb, 0x1e, 0xe6, 0x53, 0x72, 0xaf,
+ 0x67, 0xb5, 0x5e, 0x9a, 0xee, 0x07, 0x31, 0x77, 0xa3, 0x8b, 0x6a, 0xe9, 0x58, 0x97, 0x04,
+ 0xe2, 0xa2, 0x48, 0x0f, 0xdf, 0x26, 0x4d, 0xe5, 0xbb, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20,
+ 0x01, 0x21, 0x58, 0x20, 0xf9, 0xd7, 0x37, 0x75, 0x6b, 0x55, 0xc7, 0x64, 0xf9, 0xe2, 0x59,
+ 0x8f, 0x11, 0x48, 0xa1, 0xac, 0x95, 0xb1, 0xe3, 0x60, 0xe5, 0xa8, 0xa4, 0x2f, 0xb5, 0xcb,
+ 0x90, 0x1e, 0x9e, 0xcb, 0x4c, 0xab, 0x22, 0x58, 0x20, 0x20, 0xad, 0x7b, 0xeb, 0xba, 0x5d,
+ 0x3c, 0xd5, 0xa3, 0x6d, 0x86, 0x6e, 0x3f, 0x38, 0xb8, 0x44, 0x32, 0x4b, 0xe7, 0x97, 0xea,
+ 0xf8, 0x3d, 0xc2, 0xc0, 0x7c, 0x1b, 0x49, 0xe4, 0x22, 0x23, 0xc7, 0x23, 0x58, 0x20, 0x5f,
+ 0x1f, 0x80, 0xe2, 0xcf, 0x59, 0x1d, 0x7e, 0x98, 0x51, 0x78, 0xbe, 0xf8, 0x88, 0x0b, 0x64,
+ 0x1b, 0xc8, 0xf2, 0x7b, 0x12, 0x22, 0x53, 0xd9, 0xd5, 0x8d, 0x32, 0xe7, 0x7f, 0x0e, 0x97,
+ 0x09};
inline const std::vector<uint8_t> kCsrWithoutUdsCerts{
- 0x84, 0x01, 0xa0, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x38, 0x22, 0x20, 0x02, 0x21, 0x58, 0x30,
- 0x21, 0x09, 0x81, 0xb2, 0x4c, 0x8e, 0x23, 0x63, 0x46, 0xe5, 0x32, 0x1e, 0x1b, 0xa3, 0x39,
- 0x47, 0xd1, 0x19, 0x91, 0xc5, 0xe1, 0xd0, 0x51, 0xa4, 0x4e, 0x6d, 0xfd, 0x21, 0x46, 0xf3,
- 0x65, 0x6b, 0xd3, 0xec, 0x20, 0x21, 0xf8, 0xef, 0x39, 0x50, 0x0a, 0xfc, 0x6d, 0x18, 0xf8,
- 0x90, 0x1c, 0xc8, 0x22, 0x58, 0x30, 0x80, 0x1f, 0xd8, 0xe3, 0x64, 0x51, 0x48, 0x66, 0xa5,
- 0xad, 0x05, 0xcb, 0xe4, 0xee, 0x0f, 0x20, 0xc1, 0xca, 0x84, 0xc2, 0xe0, 0xcc, 0x22, 0x06,
- 0x7c, 0x5e, 0x2c, 0xb3, 0x3b, 0x52, 0xd4, 0xe7, 0xc1, 0xe2, 0x57, 0x9d, 0x8a, 0xa6, 0x5c,
- 0x08, 0xbb, 0x77, 0x07, 0xa8, 0x39, 0xba, 0x9f, 0x5f, 0x23, 0x58, 0x31, 0x00, 0xff, 0x5f,
- 0xa3, 0x03, 0x87, 0x70, 0xe5, 0xf0, 0x69, 0xcd, 0x0a, 0x32, 0x9e, 0x4a, 0xe8, 0x07, 0x1f,
- 0x26, 0xb9, 0x8a, 0x01, 0x83, 0xfe, 0xb9, 0x21, 0x22, 0x49, 0x9d, 0x9f, 0x78, 0x48, 0xf4,
- 0x24, 0x87, 0xe8, 0x4d, 0xab, 0xd5, 0xe9, 0xd6, 0x90, 0x49, 0x4b, 0x42, 0xb4, 0x68, 0xac,
- 0xf1, 0x84, 0x44, 0xa1, 0x01, 0x38, 0x22, 0xa0, 0x59, 0x01, 0x28, 0xa9, 0x01, 0x66, 0x69,
- 0x73, 0x73, 0x75, 0x65, 0x72, 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a,
- 0x00, 0x47, 0x44, 0x50, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x84, 0x01, 0xa0, 0x82, 0xa4, 0x01, 0x01, 0x03, 0x27, 0x20, 0x06, 0x21, 0x58, 0x20, 0xca,
+ 0x73, 0xd6, 0x09, 0x91, 0xec, 0x92, 0x63, 0xee, 0x9f, 0x7c, 0x79, 0x3e, 0x80, 0xa9, 0xc9,
+ 0x4e, 0xf7, 0x3b, 0x5b, 0x41, 0xa4, 0x56, 0xc1, 0x9e, 0xf3, 0x80, 0x16, 0x6d, 0xfe, 0x14,
+ 0x98, 0x84, 0x43, 0xa1, 0x01, 0x27, 0xa0, 0x59, 0x01, 0x04, 0xa9, 0x01, 0x66, 0x69, 0x73,
+ 0x73, 0x75, 0x65, 0x72, 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a, 0x00,
+ 0x47, 0x44, 0x50, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
- 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x20,
- 0xb8, 0x96, 0x54, 0xe2, 0x2c, 0xa4, 0xd2, 0x4a, 0x9c, 0x0e, 0x45, 0x11, 0xc8, 0xf2, 0x63,
- 0xf0, 0x66, 0x0d, 0x2e, 0x20, 0x48, 0x96, 0x90, 0x14, 0xf4, 0x54, 0x63, 0xc4, 0xf4, 0x39,
- 0x30, 0x38, 0x3a, 0x00, 0x47, 0x44, 0x53, 0x55, 0xa1, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x6e,
- 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3a,
- 0x00, 0x47, 0x44, 0x54, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x20, 0xb8,
+ 0x96, 0x54, 0xe2, 0x2c, 0xa4, 0xd2, 0x4a, 0x9c, 0x0e, 0x45, 0x11, 0xc8, 0xf2, 0x63, 0xf0,
+ 0x66, 0x0d, 0x2e, 0x20, 0x48, 0x96, 0x90, 0x14, 0xf4, 0x54, 0x63, 0xc4, 0xf4, 0x39, 0x30,
+ 0x38, 0x3a, 0x00, 0x47, 0x44, 0x53, 0x55, 0xa1, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x6e, 0x63,
+ 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x00,
+ 0x47, 0x44, 0x54, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
- 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01,
- 0x3a, 0x00, 0x47, 0x44, 0x57, 0x58, 0x71, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21,
- 0x58, 0x20, 0x2d, 0x41, 0x43, 0x19, 0xf2, 0x91, 0x58, 0x12, 0x65, 0x2e, 0x96, 0xb5, 0x9d,
- 0x12, 0x18, 0x58, 0x54, 0x11, 0xed, 0x41, 0x30, 0xef, 0xa4, 0xee, 0x69, 0x8f, 0x0c, 0x6e,
- 0xe6, 0x27, 0xc5, 0x20, 0x22, 0x58, 0x20, 0x21, 0x0e, 0x8f, 0x83, 0xe5, 0xeb, 0x40, 0x89,
- 0xc2, 0x0a, 0x43, 0x6c, 0x9f, 0xa8, 0x4e, 0xe0, 0xba, 0x9e, 0xba, 0x4f, 0xe3, 0x27, 0xc4,
- 0xbd, 0x41, 0xa0, 0xd6, 0xe9, 0x55, 0x54, 0x17, 0x78, 0x23, 0x58, 0x21, 0x00, 0xb6, 0x33,
- 0x44, 0x98, 0xa7, 0x1c, 0x90, 0x13, 0xcc, 0x42, 0x71, 0x43, 0x29, 0xe5, 0xe1, 0x57, 0x89,
- 0x7a, 0x39, 0x17, 0x7c, 0xcc, 0x03, 0xac, 0xd3, 0x1b, 0xd2, 0xae, 0x29, 0x5f, 0xd6, 0xf8,
- 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41, 0x20, 0x58, 0x60, 0xc4, 0x54, 0xad, 0x40, 0xa2, 0x07,
- 0xc7, 0x80, 0xbd, 0x41, 0x77, 0x5d, 0xa7, 0xa2, 0xef, 0xef, 0x92, 0x67, 0x24, 0xab, 0xa1,
- 0x4a, 0x5e, 0x4f, 0x73, 0xfb, 0x5c, 0x1f, 0xe6, 0x46, 0x2f, 0xb9, 0x1b, 0x71, 0x86, 0x87,
- 0x29, 0xc4, 0x66, 0xb7, 0x3e, 0x85, 0x13, 0x9a, 0xa3, 0xf8, 0xfc, 0x63, 0x26, 0xe0, 0xba,
- 0x0b, 0xe0, 0x9b, 0x2e, 0x7d, 0x06, 0x06, 0xb8, 0x2f, 0xdd, 0x0c, 0xa5, 0x90, 0x1c, 0x10,
- 0x1c, 0x55, 0xf9, 0x65, 0xf6, 0x26, 0x40, 0x41, 0xaf, 0x5c, 0x16, 0x03, 0xf3, 0xee, 0x8d,
- 0x72, 0x2c, 0x6b, 0x1e, 0xb3, 0x1f, 0x96, 0x97, 0x34, 0x61, 0x0d, 0x5c, 0xe4, 0x94, 0x6a,
- 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02, 0x0f, 0x82, 0x58, 0x20, 0x01, 0x02, 0x03,
- 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
- 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x59,
- 0x01, 0xe9, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79, 0x6d, 0x69, 0x6e, 0x74, 0xae, 0x65, 0x62,
- 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x65, 0x66, 0x75, 0x73,
- 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c,
- 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x67,
- 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65, 0x70, 0x69, 0x78, 0x65, 0x6c, 0x68, 0x76,
- 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65, 0x67, 0x72, 0x65, 0x65, 0x6e, 0x6a, 0x6f,
- 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x31, 0x32, 0x6c, 0x6d, 0x61,
- 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x66, 0x47, 0x6f, 0x6f, 0x67,
- 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x64, 0x69, 0x67, 0x65, 0x73,
- 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd,
- 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76,
- 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x74,
- 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x62, 0x70, 0x62,
- 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65,
- 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a,
+ 0x00, 0x47, 0x44, 0x57, 0x58, 0x4d, 0xa5, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58,
+ 0x20, 0x45, 0x71, 0x10, 0x9a, 0x1b, 0x9c, 0x9f, 0x3c, 0x6e, 0x29, 0xf9, 0x6d, 0xb9, 0x93,
+ 0x4a, 0xf2, 0x88, 0xf1, 0x3a, 0xf7, 0x69, 0xf9, 0xf3, 0x54, 0x91, 0x3a, 0x12, 0x4f, 0xd0,
+ 0xbb, 0xb7, 0x0d, 0x22, 0x58, 0x20, 0x56, 0x8b, 0xb0, 0x0e, 0xd3, 0x8d, 0x12, 0xf5, 0x17,
+ 0xd2, 0x6b, 0x21, 0xdf, 0x4d, 0xb8, 0xaa, 0x17, 0x65, 0x02, 0x4e, 0x5c, 0x0a, 0x77, 0x93,
+ 0x64, 0x1e, 0x8d, 0xbc, 0x6a, 0xa1, 0x26, 0xe7, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41, 0x20,
+ 0x58, 0x40, 0xb0, 0x7b, 0xdd, 0xa5, 0x8e, 0xcb, 0xce, 0xf9, 0x89, 0xfb, 0x21, 0x4b, 0x29,
+ 0x34, 0xff, 0x6b, 0x0e, 0xc1, 0xff, 0x51, 0xba, 0x12, 0x12, 0xa0, 0x93, 0x2c, 0x09, 0xca,
+ 0x3a, 0x02, 0x81, 0x2a, 0x5b, 0x6f, 0x8d, 0x58, 0x21, 0x94, 0x30, 0xde, 0x99, 0x8b, 0x36,
+ 0x69, 0x45, 0xa1, 0x52, 0x5c, 0x7b, 0x36, 0x4f, 0xec, 0x4f, 0x40, 0x5f, 0x10, 0xdf, 0x26,
+ 0x18, 0xea, 0x4b, 0x72, 0x9f, 0x05, 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02, 0x0f,
+ 0x82, 0x58, 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
+ 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x59, 0x01, 0xe9, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79, 0x6d,
+ 0x69, 0x6e, 0x74, 0xae, 0x65, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f, 0x67,
+ 0x6c, 0x65, 0x65, 0x66, 0x75, 0x73, 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c,
+ 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66, 0x64,
+ 0x65, 0x76, 0x69, 0x63, 0x65, 0x67, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65, 0x70,
+ 0x69, 0x78, 0x65, 0x6c, 0x68, 0x76, 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65, 0x67,
+ 0x72, 0x65, 0x65, 0x6e, 0x6a, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+ 0x62, 0x31, 0x32, 0x6c, 0x6d, 0x61, 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72, 0x65,
+ 0x72, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74, 0x61,
+ 0x5f, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69,
+ 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62, 0x6f,
+ 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a,
+ 0x01, 0x34, 0x8c, 0x62, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65, 0x72,
+ 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72, 0x73,
+ 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76,
+ 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x5f,
0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c,
- 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f,
- 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x63, 0x82, 0xa6, 0x01, 0x02, 0x03,
- 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x50, 0x43, 0xb4, 0xf1, 0xc1, 0x7f, 0x17, 0xc6, 0x3b,
- 0x56, 0x27, 0x63, 0x03, 0x18, 0x78, 0x9d, 0x63, 0x93, 0x3b, 0x98, 0xed, 0x55, 0x8c, 0x87,
- 0x1b, 0xd7, 0x89, 0xb6, 0x81, 0x92, 0x5f, 0x24, 0x22, 0x58, 0x20, 0xd5, 0x24, 0x93, 0xda,
- 0x3e, 0x32, 0x17, 0xfa, 0xe8, 0x8d, 0x1e, 0xa9, 0xe0, 0x84, 0x4e, 0x1c, 0x6a, 0xef, 0x9a,
- 0xe3, 0xbe, 0x1d, 0xf1, 0x14, 0xe0, 0x9e, 0x82, 0xc8, 0x92, 0x1a, 0x3a, 0x69, 0x23, 0x58,
- 0x20, 0x29, 0xcb, 0x16, 0x78, 0x61, 0x35, 0x92, 0x3f, 0x71, 0xc4, 0x66, 0x61, 0xd4, 0xd4,
- 0x20, 0x8a, 0x86, 0x1e, 0xb0, 0x2b, 0x2f, 0x4f, 0x13, 0xb4, 0x0d, 0x89, 0x60, 0x87, 0x77,
- 0xac, 0x1a, 0x0f, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x4b, 0xcc,
- 0x7a, 0x09, 0x99, 0x76, 0xe7, 0xfa, 0x06, 0xb9, 0x19, 0x22, 0x15, 0x3b, 0x9f, 0xa8, 0x34,
- 0x77, 0x24, 0x27, 0x8c, 0x8a, 0x97, 0x61, 0xf3, 0x6f, 0x29, 0x74, 0x4e, 0x9a, 0x66, 0x23,
- 0x22, 0x58, 0x20, 0x8f, 0xa8, 0xaf, 0x2b, 0x02, 0x3a, 0xd4, 0x8a, 0xa2, 0x9d, 0x25, 0xa8,
- 0x01, 0xe7, 0xbd, 0x61, 0x25, 0x88, 0xb4, 0xc9, 0xce, 0x05, 0x43, 0xcc, 0x0d, 0x38, 0x7d,
- 0xe2, 0xda, 0x03, 0xb3, 0x33, 0x23, 0x58, 0x21, 0x00, 0xc8, 0x67, 0xb8, 0xbe, 0xc4, 0x1c,
- 0xca, 0x3c, 0x73, 0x3c, 0xbf, 0x52, 0xb2, 0x5a, 0x64, 0x9e, 0x9f, 0xae, 0xc6, 0x9f, 0x02,
- 0x2f, 0xee, 0x92, 0x1d, 0xdb, 0x01, 0x77, 0x27, 0x12, 0x84, 0x14, 0x58, 0x40, 0x6c, 0xd5,
- 0x66, 0x0a, 0x99, 0xdd, 0x32, 0x47, 0x50, 0x1f, 0x5d, 0x46, 0x40, 0x8a, 0x60, 0x25, 0xa0,
- 0x1b, 0x3c, 0x2a, 0xcf, 0xa1, 0x92, 0x1a, 0xdc, 0x81, 0xaa, 0xb0, 0x0f, 0xf2, 0xe6, 0x94,
- 0xce, 0x3d, 0xff, 0xac, 0x25, 0x44, 0xea, 0xf7, 0x0a, 0x89, 0x9d, 0xc4, 0x7e, 0xe5, 0x02,
- 0xa7, 0xb6, 0xc2, 0x40, 0x06, 0x65, 0xc5, 0xff, 0x19, 0xc5, 0xcd, 0x1c, 0xd5, 0x78, 0x01,
- 0xd4, 0xb8};
+ 0x63, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x11, 0x29, 0x11,
+ 0x96, 0x98, 0x26, 0xb2, 0x3a, 0xf2, 0xf9, 0x95, 0xb7, 0x46, 0xb9, 0x38, 0x6e, 0x5e, 0x3d,
+ 0x5e, 0xb2, 0x19, 0x90, 0xc7, 0xd3, 0xbd, 0x49, 0x47, 0x55, 0xcb, 0xef, 0xeb, 0x89, 0x22,
+ 0x58, 0x20, 0x42, 0x87, 0xea, 0x75, 0x27, 0x42, 0x34, 0xeb, 0xe8, 0xb5, 0x50, 0xdf, 0xb0,
+ 0xbf, 0xef, 0x6b, 0x62, 0x90, 0x5c, 0xd1, 0xe8, 0x2b, 0x4d, 0x02, 0x58, 0xe6, 0xca, 0xda,
+ 0xe6, 0x33, 0x97, 0xff, 0x23, 0x58, 0x21, 0x00, 0x9b, 0x34, 0xdb, 0x1e, 0xe6, 0x53, 0x72,
+ 0xaf, 0x67, 0xb5, 0x5e, 0x9a, 0xee, 0x07, 0x31, 0x77, 0xa3, 0x8b, 0x6a, 0xe9, 0x58, 0x97,
+ 0x04, 0xe2, 0xa2, 0x48, 0x0f, 0xdf, 0x26, 0x4d, 0xe5, 0xbb, 0xa6, 0x01, 0x02, 0x03, 0x26,
+ 0x20, 0x01, 0x21, 0x58, 0x20, 0xf9, 0xd7, 0x37, 0x75, 0x6b, 0x55, 0xc7, 0x64, 0xf9, 0xe2,
+ 0x59, 0x8f, 0x11, 0x48, 0xa1, 0xac, 0x95, 0xb1, 0xe3, 0x60, 0xe5, 0xa8, 0xa4, 0x2f, 0xb5,
+ 0xcb, 0x90, 0x1e, 0x9e, 0xcb, 0x4c, 0xab, 0x22, 0x58, 0x20, 0x20, 0xad, 0x7b, 0xeb, 0xba,
+ 0x5d, 0x3c, 0xd5, 0xa3, 0x6d, 0x86, 0x6e, 0x3f, 0x38, 0xb8, 0x44, 0x32, 0x4b, 0xe7, 0x97,
+ 0xea, 0xf8, 0x3d, 0xc2, 0xc0, 0x7c, 0x1b, 0x49, 0xe4, 0x22, 0x23, 0xc7, 0x23, 0x58, 0x20,
+ 0x5f, 0x1f, 0x80, 0xe2, 0xcf, 0x59, 0x1d, 0x7e, 0x98, 0x51, 0x78, 0xbe, 0xf8, 0x88, 0x0b,
+ 0x64, 0x1b, 0xc8, 0xf2, 0x7b, 0x12, 0x22, 0x53, 0xd9, 0xd5, 0x8d, 0x32, 0xe7, 0x7f, 0x0e,
+ 0x97, 0x09, 0x58, 0x40, 0xe1, 0x9a, 0x3f, 0x36, 0x65, 0x7a, 0xfe, 0x1b, 0x99, 0xc9, 0x35,
+ 0x8f, 0xb5, 0x5c, 0xfe, 0x12, 0x9c, 0x6f, 0x0e, 0x97, 0x12, 0xbd, 0x26, 0x32, 0x46, 0xd9,
+ 0x08, 0x6b, 0x7c, 0xa1, 0xd3, 0x47, 0xd6, 0xba, 0xf0, 0x9c, 0xe0, 0x12, 0x37, 0x39, 0x75,
+ 0x88, 0xb5, 0xbe, 0xd8, 0x37, 0x33, 0x9b, 0x26, 0xfc, 0x38, 0x14, 0x28, 0xea, 0x47, 0xcc,
+ 0x1f, 0xf3, 0xfe, 0x44, 0x0c, 0x1e, 0x6f, 0x2b, 0xa1, 0x6b, 0x66, 0x69, 0x6e, 0x67, 0x65,
+ 0x72, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x78, 0x3b, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x31, 0x2f,
+ 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x31, 0x2f, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65,
+ 0x31, 0x3a, 0x31, 0x31, 0x2f, 0x69, 0x64, 0x2f, 0x32, 0x30, 0x32, 0x31, 0x30, 0x38, 0x30,
+ 0x35, 0x2e, 0x34, 0x32, 0x3a, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x6c, 0x65, 0x61,
+ 0x73, 0x65, 0x2d, 0x6b, 0x65, 0x79, 0x73};
const RpcHardwareInfo kRpcHardwareInfo = {.versionNumber = 3};
@@ -640,14 +651,87 @@
ASSERT_FALSE(*result) << "DICE Chain is proper";
}
+TEST(RemoteProvUtils, csrHasUdsCerts) {
+ auto csr = hwtrust::Csr::validate(kCsrWithUdsCerts, hwtrust::DiceChain::Kind::kVsr16,
+ false /*isFactory*/, false /*allowAnyMode*/,
+ deviceSuffix(DEFAULT_INSTANCE_NAME));
+ ASSERT_TRUE(csr.ok()) << csr.error().message();
+ ASSERT_TRUE(csr->hasUdsCerts());
+}
+
+TEST(RemoteProvUtils, csrDoesntHaveUdsCerts) {
+ auto csr = hwtrust::Csr::validate(kCsrWithoutUdsCerts, hwtrust::DiceChain::Kind::kVsr16,
+ false /*isFactory*/, false /*allowAnyMode*/,
+ deviceSuffix(DEFAULT_INSTANCE_NAME));
+ ASSERT_TRUE(csr.ok()) << csr.error().message();
+ ASSERT_FALSE(csr->hasUdsCerts());
+}
+
+TEST(RemoteProvUtils, csrHasCorrectChallenge) {
+ auto csr = hwtrust::Csr::validate(kCsrWithoutUdsCerts, hwtrust::DiceChain::Kind::kVsr16,
+ false /*isFactory*/, false /*allowAnyMode*/,
+ deviceSuffix(DEFAULT_INSTANCE_NAME));
+ ASSERT_TRUE(csr.ok()) << csr.error().message();
+
+ auto equal = csr->compareChallenge(kChallenge);
+ ASSERT_TRUE(equal.ok()) << equal.error().message();
+
+ ASSERT_TRUE(*equal) << kErrorChallengeMismatch;
+
+ auto zeroes = std::vector<uint8_t>(32, 0);
+ auto notEqual = csr->compareChallenge(zeroes);
+ ASSERT_TRUE(notEqual.ok()) << notEqual.error().message();
+
+ ASSERT_FALSE(*notEqual) << "ERROR: challenges are not different";
+}
+
+TEST(RemoteProvUtils, csrHasCorrectKeysToSign) {
+ auto csr = hwtrust::Csr::validate(kCsrWithoutUdsCerts, hwtrust::DiceChain::Kind::kVsr16,
+ false /*isFactory*/, false /*allowAnyMode*/,
+ deviceSuffix(DEFAULT_INSTANCE_NAME));
+ ASSERT_TRUE(csr.ok()) << csr.error().message();
+
+ auto equal = csr->compareKeysToSign(kKeysToSignForCsrWithoutUdsCerts);
+ ASSERT_TRUE(equal.ok()) << equal.error().message();
+ ASSERT_TRUE(*equal) << kErrorKeysToSignMismatch;
+
+ auto zeroes = std::vector<uint8_t>(kKeysToSignForCsrWithoutUdsCerts.size(), 0);
+ auto notEqual = csr->compareKeysToSign(zeroes);
+ ASSERT_TRUE(notEqual.ok()) << notEqual.error().message();
+ ASSERT_FALSE(*notEqual) << kErrorKeysToSignMismatch;
+}
+
+TEST(RemoteProvUtilsTest, allowDegenerateDiceChainWhenDegenerate) {
+ auto [keysToSignPtr, _, errMsg] = cppbor::parse(kKeysToSignForCsrWithDegenerateDiceChain);
+ ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
+
+ const auto keysToSign = keysToSignPtr->asArray();
+ auto csr = verifyFactoryCsr(*keysToSign, kCsrWithDegenerateDiceChain, kRpcHardwareInfo,
+ DEFAULT_INSTANCE_NAME, kChallenge,
+ /*allowDegenerate=*/true, /*requireUdsCerts=*/false);
+ ASSERT_TRUE(csr) << csr.message();
+}
+
+TEST(RemoteProvUtilsTest, disallowDegenerateDiceChainWhenDegenerate) {
+ auto [keysToSignPtr, _, errMsg] = cppbor::parse(kKeysToSignForCsrWithDegenerateDiceChain);
+ ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
+
+ const auto keysToSign = keysToSignPtr->asArray();
+ auto csr = verifyFactoryCsr(*keysToSign, kCsrWithDegenerateDiceChain, kRpcHardwareInfo,
+ DEFAULT_INSTANCE_NAME, kChallenge,
+ /*allowDegenerate=*/false, /*requireUdsCerts=*/false);
+ ASSERT_FALSE(csr);
+ ASSERT_THAT(csr.message(), testing::HasSubstr(kErrorDiceChainIsDegenerate));
+}
+
TEST(RemoteProvUtilsTest, requireUdsCertsWhenPresent) {
auto [keysToSignPtr, _, errMsg] = cppbor::parse(kKeysToSignForCsrWithUdsCerts);
ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
const auto keysToSign = keysToSignPtr->asArray();
- auto csr =
- verifyFactoryCsr(*keysToSign, kCsrWithUdsCerts, kRpcHardwareInfo, "default", kChallenge,
- /*allowDegenerate=*/false, /*requireUdsCerts=*/true);
+ auto csr = verifyFactoryCsr(*keysToSign, kCsrWithUdsCerts, kRpcHardwareInfo,
+ DEFAULT_INSTANCE_NAME, kChallenge,
+ /*allowDegenerate=*/false, /*requireUdsCerts=*/true);
ASSERT_TRUE(csr) << csr.message();
}
@@ -667,13 +751,11 @@
DEFAULT_INSTANCE_NAME, kChallenge, /*allowDegenerate=*/false,
/*requireUdsCerts=*/true);
ASSERT_FALSE(csr);
- ASSERT_THAT(csr.message(), testing::HasSubstr("UdsCerts must not be empty"));
+ ASSERT_THAT(csr.message(), testing::HasSubstr(kErrorUdsCertsAreRequired));
}
TEST(RemoteProvUtilsTest, dontRequireUdsCertsWhenNotPresent) {
- auto [keysToSignPtr, _, errMsg] = cppbor::parse(
- kKeysToSignForCsrWithoutUdsCerts.data(),
- kKeysToSignForCsrWithoutUdsCerts.data() + kKeysToSignForCsrWithoutUdsCerts.size());
+ auto [keysToSignPtr, _, errMsg] = cppbor::parse(kKeysToSignForCsrWithoutUdsCerts);
ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
const auto* keysToSign = keysToSignPtr->asArray();
diff --git a/security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index b9c742a..f0745d7 100644
--- a/security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -999,6 +999,7 @@
std::unique_ptr<cppbor::Array> csrPayload = std::move(*result);
ASSERT_TRUE(csrPayload);
+ ASSERT_TRUE(csrPayload->size() > 2);
auto deviceInfo = csrPayload->get(2)->asMap();
ASSERT_TRUE(deviceInfo);