Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 20:05:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge inbound to mozilla-central r=merge a=merge

Browse Source
This commit is contained in:
Gurzau Raul 2018-01-10 11:58:20 +02:00
commit 2d062bac22
113 changed files with 3315 additions and 1974 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
browser/base/content/test/general/file_trackingUI_6.html
View File

@ -6,7 +6,7 @@
</head>
<body>
<p>Hello there!</p>
<script type="application/javascript; version=1.8">
<script type="application/javascript">
function test_fetch() {
let url = "http://trackertest.org/browser/browser/base/content/test/general/file_trackingUI_6.js";
return fetch(url);

6
devtools/client/debugger/new/README.mozilla
View File

@ -1,9 +1,9 @@
This is the debugger.html project output.
See https://github.com/devtools-html/debugger.html
Version 5.0
Comparison - https://github.com/devtools-html/debugger.html/compare/release-4...release-5
Commit: https://github.com/devtools-html/debugger.html/commit/5ecfc84198524399ae75748bd1a28d2df2b45733
Version 6.0
Comparison - https://github.com/devtools-html/debugger.html/compare/release-5...release-6
Commit: https://github.com/devtools-html/debugger.html/commit/bdfae442a439b5d97767070af5b5f8b3fd00c2fc
Packages:
- babel-plugin-transform-es2015-modules-commonjs @6.26.0

551
devtools/client/debugger/new/debugger.js
View File

@ -40728,8 +40728,6 @@ var _source = __webpack_require__(1356);
var _pause = __webpack_require__(1400);
var _devtoolsContextmenu = __webpack_require__(1413);
var _Close = __webpack_require__(1374);
var _Close2 = _interopRequireDefault(_Close);
@ -40738,6 +40736,10 @@ __webpack_require__(1334);
var _lodash = __webpack_require__(2);
var _BreakpointsContextMenu = __webpack_require__(1805);
var _BreakpointsContextMenu2 = _interopRequireDefault(_BreakpointsContextMenu);
function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
@ -40791,181 +40793,6 @@ class Breakpoints extends _react.PureComponent {
}
}
showContextMenu(e, breakpoint) {
const {
removeBreakpoint,
removeBreakpoints,
removeAllBreakpoints,
toggleBreakpoints,
toggleAllBreakpoints,
toggleDisabledBreakpoint,
setBreakpointCondition,
openConditionalPanel,
breakpoints
} = this.props;
e.preventDefault();
const deleteSelfLabel = L10N.getStr("breakpointMenuItem.deleteSelf2.label");
const deleteAllLabel = L10N.getStr("breakpointMenuItem.deleteAll2.label");
const deleteOthersLabel = L10N.getStr("breakpointMenuItem.deleteOthers2.label");
const enableSelfLabel = L10N.getStr("breakpointMenuItem.enableSelf2.label");
const enableAllLabel = L10N.getStr("breakpointMenuItem.enableAll2.label");
const enableOthersLabel = L10N.getStr("breakpointMenuItem.enableOthers2.label");
const disableSelfLabel = L10N.getStr("breakpointMenuItem.disableSelf2.label");
const disableAllLabel = L10N.getStr("breakpointMenuItem.disableAll2.label");
const disableOthersLabel = L10N.getStr("breakpointMenuItem.disableOthers2.label");
const removeConditionLabel = L10N.getStr("breakpointMenuItem.removeCondition2.label");
const addConditionLabel = L10N.getStr("breakpointMenuItem.addCondition2.label");
const editConditionLabel = L10N.getStr("breakpointMenuItem.editCondition2.label");
const deleteSelfKey = L10N.getStr("breakpointMenuItem.deleteSelf2.accesskey");
const deleteAllKey = L10N.getStr("breakpointMenuItem.deleteAll2.accesskey");
const deleteOthersKey = L10N.getStr("breakpointMenuItem.deleteOthers2.accesskey");
const enableSelfKey = L10N.getStr("breakpointMenuItem.enableSelf2.accesskey");
const enableAllKey = L10N.getStr("breakpointMenuItem.enableAll2.accesskey");
const enableOthersKey = L10N.getStr("breakpointMenuItem.enableOthers2.accesskey");
const disableSelfKey = L10N.getStr("breakpointMenuItem.disableSelf2.accesskey");
const disableAllKey = L10N.getStr("breakpointMenuItem.disableAll2.accesskey");
const disableOthersKey = L10N.getStr("breakpointMenuItem.disableOthers2.accesskey");
const removeConditionKey = L10N.getStr("breakpointMenuItem.removeCondition2.accesskey");
const editConditionKey = L10N.getStr("breakpointMenuItem.editCondition2.accesskey");
const addConditionKey = L10N.getStr("breakpointMenuItem.addCondition2.accesskey");
const otherBreakpoints = breakpoints.filter(b => b !== breakpoint);
const enabledBreakpoints = breakpoints.filter(b => !b.disabled);
const disabledBreakpoints = breakpoints.filter(b => b.disabled);
const otherEnabledBreakpoints = breakpoints.filter(b => !b.disabled && b !== breakpoint);
const otherDisabledBreakpoints = breakpoints.filter(b => b.disabled && b !== breakpoint);
const deleteSelf = {
id: "node-menu-delete-self",
label: deleteSelfLabel,
accesskey: deleteSelfKey,
disabled: false,
click: () => removeBreakpoint(breakpoint.location)
};
const deleteAll = {
id: "node-menu-delete-all",
label: deleteAllLabel,
accesskey: deleteAllKey,
disabled: false,
click: () => removeAllBreakpoints()
};
const deleteOthers = {
id: "node-menu-delete-other",
label: deleteOthersLabel,
accesskey: deleteOthersKey,
disabled: false,
click: () => removeBreakpoints(otherBreakpoints)
};
const enableSelf = {
id: "node-menu-enable-self",
label: enableSelfLabel,
accesskey: enableSelfKey,
disabled: false,
click: () => toggleDisabledBreakpoint(breakpoint.location.line)
};
const enableAll = {
id: "node-menu-enable-all",
label: enableAllLabel,
accesskey: enableAllKey,
disabled: false,
click: () => toggleAllBreakpoints(false)
};
const enableOthers = {
id: "node-menu-enable-others",
label: enableOthersLabel,
accesskey: enableOthersKey,
disabled: false,
click: () => toggleBreakpoints(false, otherDisabledBreakpoints)
};
const disableSelf = {
id: "node-menu-disable-self",
label: disableSelfLabel,
accesskey: disableSelfKey,
disabled: false,
click: () => toggleDisabledBreakpoint(breakpoint.location.line)
};
const disableAll = {
id: "node-menu-disable-all",
label: disableAllLabel,
accesskey: disableAllKey,
disabled: false,
click: () => toggleAllBreakpoints(true)
};
const disableOthers = {
id: "node-menu-disable-others",
label: disableOthersLabel,
accesskey: disableOthersKey,
click: () => toggleBreakpoints(true, otherEnabledBreakpoints)
};
const removeCondition = {
id: "node-menu-remove-condition",
label: removeConditionLabel,
accesskey: removeConditionKey,
disabled: false,
click: () => setBreakpointCondition(breakpoint.location)
};
const addCondition = {
id: "node-menu-add-condition",
label: addConditionLabel,
accesskey: addConditionKey,
click: () => {
this.selectBreakpoint(breakpoint);
openConditionalPanel(breakpoint.location.line);
}
};
const editCondition = {
id: "node-menu-edit-condition",
label: editConditionLabel,
accesskey: editConditionKey,
click: () => {
this.selectBreakpoint(breakpoint);
openConditionalPanel(breakpoint.location.line);
}
};
const hideEnableSelf = !breakpoint.disabled;
const hideEnableAll = disabledBreakpoints.size === 0;
const hideEnableOthers = otherDisabledBreakpoints.size === 0;
const hideDisableAll = enabledBreakpoints.size === 0;
const hideDisableOthers = otherEnabledBreakpoints.size === 0;
const hideDisableSelf = breakpoint.disabled;
const items = [{ item: enableSelf, hidden: () => hideEnableSelf }, { item: enableAll, hidden: () => hideEnableAll }, { item: enableOthers, hidden: () => hideEnableOthers }, {
item: { type: "separator" },
hidden: () => hideEnableSelf && hideEnableAll && hideEnableOthers
}, { item: deleteSelf }, { item: deleteAll }, { item: deleteOthers, hidden: () => breakpoints.size === 1 }, {
item: { type: "separator" },
hidden: () => hideDisableSelf && hideDisableAll && hideDisableOthers
}, { item: disableSelf, hidden: () => hideDisableSelf }, { item: disableAll, hidden: () => hideDisableAll }, { item: disableOthers, hidden: () => hideDisableOthers }, {
item: { type: "separator" }
}, {
item: addCondition,
hidden: () => breakpoint.condition
}, {
item: editCondition,
hidden: () => !breakpoint.condition
}, {
item: removeCondition,
hidden: () => !breakpoint.condition
}];
(0, _devtoolsContextmenu.showMenu)(e, (0, _devtoolsContextmenu.buildMenu)(items));
}
selectBreakpoint(breakpoint) {
this.props.selectLocation(breakpoint.location);
}
@ -41000,7 +40827,7 @@ class Breakpoints extends _react.PureComponent {
}),
key: locationId,
onClick: () => this.selectBreakpoint(breakpoint),
onContextMenu: e => this.showContextMenu(e, breakpoint)
onContextMenu: e => (0, _BreakpointsContextMenu2.default)(_extends({}, this.props, { breakpoint, contextMenuEvent: e }))
},
_react2.default.createElement("input", {
type: "checkbox",
@ -44172,8 +43999,6 @@ var _react2 = _interopRequireDefault(_react);
var _reactRedux = __webpack_require__(1189);
var _redux = __webpack_require__(3);
var _fuzzaldrinPlus = __webpack_require__(161);
var _actions = __webpack_require__(1354);
@ -44211,8 +44036,7 @@ class QuickOpenModal extends _react.Component {
this.searchSources = query => {
if (query == "") {
const results = this.props.sources;
this.setState({ results });
return;
return this.setState({ results });
}
if (this.isGotoSourceQuery()) {
@ -44233,8 +44057,7 @@ class QuickOpenModal extends _react.Component {
results = variables;
}
if (query === "@" || query === "#") {
this.setState({ results });
return;
return this.setState({ results });
}
results = (0, _fuzzaldrinPlus.filter)(results, query.slice(1), {
@ -44268,26 +44091,23 @@ class QuickOpenModal extends _react.Component {
if (item == null) {
return;
}
const { selectLocation, selectedSource, query } = this.props;
if (this.isShortcutQuery()) {
this.setModifier(item);
return;
} else if (this.isGotoSourceQuery()) {
const location = (0, _quickOpen.parseLineColumn)(query);
if (location != null) {
selectLocation(_extends({}, location, { sourceId: item.id }));
}
} else if (this.isSymbolSearch()) {
if (selectedSource == null) {
return;
}
const line = item.location && item.location.start ? item.location.start.line : 0;
selectLocation({ sourceId: selectedSource.get("id"), line });
} else {
selectLocation({ sourceId: item.id, line: 0 });
return this.setModifier(item);
}
this.closeModal();
if (this.isGotoSourceQuery()) {
const location = (0, _quickOpen.parseLineColumn)(this.props.query);
return this.gotoLocation(_extends({}, location, { sourceId: item.id }));
}
if (this.isSymbolSearch()) {
return this.gotoLocation({
line: item.location && item.location.start ? item.location.start.line : 0
});
}
this.gotoLocation({ sourceId: item.id, line: 0 });
};
this.onSelectResultItem = item => {
@ -44298,19 +44118,24 @@ class QuickOpenModal extends _react.Component {
if (this.isVariableQuery()) {
const line = item.location && item.location.start ? item.location.start.line : 0;
selectLocation({ sourceId: selectedSource.get("id"), line });
return selectLocation({
sourceId: selectedSource.get("id"),
line,
column: null
});
}
if (this.isFunctionQuery()) {
highlightLineRange(_extends({}, item.location != null ? { start: item.location.start.line, end: item.location.end.line } : {}, {
return highlightLineRange(_extends({}, item.location != null ? { start: item.location.start.line, end: item.location.end.line } : {}, {
sourceId: selectedSource.get("id")
}));
}
};
this.traverseResults = direction => {
this.traverseResults = e => {
const direction = e.key === "ArrowUp" ? -1 : 1;
const { selectedIndex, results } = this.state;
const resultCount = this.resultCount();
const resultCount = this.getResultCount();
const index = selectedIndex + direction;
const nextIndex = (index + resultCount) % resultCount;
@ -44321,6 +44146,20 @@ class QuickOpenModal extends _react.Component {
}
};
this.gotoLocation = location => {
const { selectLocation, selectedSource } = this.props;
const selectedSourceId = selectedSource ? selectedSource.get("id") : "";
if (location != null) {
const sourceId = location.sourceId ? location.sourceId : selectedSourceId;
selectLocation({
sourceId,
line: location.line,
column: location.column || null
});
this.closeModal();
}
};
this.onChange = e => {
const { selectedSource, setQuickOpenQuery } = this.props;
setQuickOpenQuery(e.target.value);
@ -44332,46 +44171,38 @@ class QuickOpenModal extends _react.Component {
};
this.onKeyDown = e => {
const { selectLocation, selectedSource, enabled, query } = this.props;
const { enabled, query } = this.props;
const { results, selectedIndex } = this.state;
if (!enabled || !results) {
return;
}
const canTraverse = !this.isGotoQuery();
if (e.key === "ArrowUp" && canTraverse) {
return this.traverseResults(-1);
} else if (e.key === "ArrowDown" && canTraverse) {
return this.traverseResults(1);
} else if (e.key === "Enter") {
if (e.key === "Enter") {
if (this.isGotoQuery()) {
if (!selectedSource) {
return;
}
const location = (0, _quickOpen.parseLineColumn)(query);
if (location != null) {
selectLocation(_extends({}, location, { sourceId: selectedSource.get("id") }));
}
} else if (this.isShortcutQuery()) {
this.setModifier(results[selectedIndex]);
return;
} else {
this.selectResultItem(e, results[selectedIndex]);
return this.gotoLocation(location);
}
if (this.isShortcutQuery()) {
return this.setModifier(results[selectedIndex]);
}
return this.selectResultItem(e, results[selectedIndex]);
}
if (e.key === "Tab") {
return this.closeModal();
} else if (e.key === "Tab") {
return this.closeModal();
}
if (["ArrowUp", "ArrowDown"].includes(e.key)) {
return this.traverseResults(e);
}
};
this.resultCount = () => {
this.getResultCount = () => {
const results = this.state.results;
if (results && results.length) {
return results.length;
}
return 0;
return results && results.length ? results.length : 0;
};
this.isFunctionQuery = () => this.props.searchType === "functions";
@ -44408,59 +44239,46 @@ class QuickOpenModal extends _react.Component {
}
}
renderResults() {
const { enabled, searchType } = this.props;
const { selectedIndex, results } = this.state;
if (!enabled || !results) {
return null;
}
// Query helpers
return _react2.default.createElement(_ResultList2.default, _extends({
key: "results",
items: results,
selected: selectedIndex,
selectItem: this.selectResultItem,
ref: "resultList"
}, searchType === "sources" || searchType === "gotoSource" ? { size: "big" } : {}));
}
renderInput() {
const { query, searchType } = this.props;
const summaryMsg = L10N.getFormatStr("sourceSearch.resultsSummary1", this.resultCount());
const showSummary = searchType === "sources" || searchType === "functions" || searchType === "variables" || searchType === "shortcuts";
return _react2.default.createElement(
"div",
{ key: "input", className: "input-wrapper" },
_react2.default.createElement(_SearchInput2.default, _extends({
query: query,
count: this.resultCount(),
placeholder: L10N.getStr("sourceSearch.search")
}, showSummary === true ? { summaryMsg } : {}, {
onChange: this.onChange,
onKeyDown: this.onKeyDown,
handleClose: this.closeModal
}))
);
}
render() {
const { enabled } = this.props;
const { enabled, query, searchType } = this.props;
const { selectedIndex, results } = this.state;
if (!enabled) {
return null;
}
const summaryMsg = L10N.getFormatStr("sourceSearch.resultsSummary1", this.getResultCount());
const showSummary = searchType === "sources" || searchType === "functions" || searchType === "variables" || searchType === "shortcuts";
return _react2.default.createElement(
_Modal2.default,
{ "in": enabled, handleClose: this.closeModal },
this.renderInput(),
this.renderResults()
_react2.default.createElement(_SearchInput2.default, _extends({
query: query,
count: this.getResultCount(),
placeholder: L10N.getStr("sourceSearch.search")
}, showSummary === true ? { summaryMsg } : {}, {
onChange: this.onChange,
onKeyDown: this.onKeyDown,
handleClose: this.closeModal
})),
results && _react2.default.createElement(_ResultList2.default, _extends({
key: "results",
items: results,
selected: selectedIndex,
selectItem: this.selectResultItem,
ref: "resultList"
}, searchType === "sources" || searchType === "gotoSource" ? { size: "big" } : {}))
);
}
}
exports.QuickOpenModal = QuickOpenModal;
exports.QuickOpenModal = QuickOpenModal; /* istanbul ignore next: ignoring testing of redux connection stuff */
function mapStateToProps(state) {
const selectedSource = (0, _selectors.getSelectedSource)(state);
let symbols = null;
@ -44477,7 +44295,8 @@ function mapStateToProps(state) {
};
}
exports.default = (0, _reactRedux.connect)(mapStateToProps, dispatch => (0, _redux.bindActionCreators)(_actions2.default, dispatch))(QuickOpenModal);
/* istanbul ignore next: ignoring testing of redux connection stuff */
exports.default = (0, _reactRedux.connect)(mapStateToProps, _actions2.default)(QuickOpenModal);
/***/ }),
/* 1653 */
@ -49659,6 +49478,198 @@ function mapFrames() {
};
}
/***/ }),
/* 1805 */
/***/ (function(module, exports, __webpack_require__) {
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = showContextMenu;
var _devtoolsContextmenu = __webpack_require__(1413);
function showContextMenu(props) {
const {
removeBreakpoint,
removeBreakpoints,
removeAllBreakpoints,
toggleBreakpoints,
toggleAllBreakpoints,
toggleDisabledBreakpoint,
selectLocation,
setBreakpointCondition,
openConditionalPanel,
breakpoints,
breakpoint,
contextMenuEvent
} = props;
contextMenuEvent.preventDefault();
const deleteSelfLabel = L10N.getStr("breakpointMenuItem.deleteSelf2.label");
const deleteAllLabel = L10N.getStr("breakpointMenuItem.deleteAll2.label");
const deleteOthersLabel = L10N.getStr("breakpointMenuItem.deleteOthers2.label");
const enableSelfLabel = L10N.getStr("breakpointMenuItem.enableSelf2.label");
const enableAllLabel = L10N.getStr("breakpointMenuItem.enableAll2.label");
const enableOthersLabel = L10N.getStr("breakpointMenuItem.enableOthers2.label");
const disableSelfLabel = L10N.getStr("breakpointMenuItem.disableSelf2.label");
const disableAllLabel = L10N.getStr("breakpointMenuItem.disableAll2.label");
const disableOthersLabel = L10N.getStr("breakpointMenuItem.disableOthers2.label");
const removeConditionLabel = L10N.getStr("breakpointMenuItem.removeCondition2.label");
const addConditionLabel = L10N.getStr("breakpointMenuItem.addCondition2.label");
const editConditionLabel = L10N.getStr("breakpointMenuItem.editCondition2.label");
const deleteSelfKey = L10N.getStr("breakpointMenuItem.deleteSelf2.accesskey");
const deleteAllKey = L10N.getStr("breakpointMenuItem.deleteAll2.accesskey");
const deleteOthersKey = L10N.getStr("breakpointMenuItem.deleteOthers2.accesskey");
const enableSelfKey = L10N.getStr("breakpointMenuItem.enableSelf2.accesskey");
const enableAllKey = L10N.getStr("breakpointMenuItem.enableAll2.accesskey");
const enableOthersKey = L10N.getStr("breakpointMenuItem.enableOthers2.accesskey");
const disableSelfKey = L10N.getStr("breakpointMenuItem.disableSelf2.accesskey");
const disableAllKey = L10N.getStr("breakpointMenuItem.disableAll2.accesskey");
const disableOthersKey = L10N.getStr("breakpointMenuItem.disableOthers2.accesskey");
const removeConditionKey = L10N.getStr("breakpointMenuItem.removeCondition2.accesskey");
const editConditionKey = L10N.getStr("breakpointMenuItem.editCondition2.accesskey");
const addConditionKey = L10N.getStr("breakpointMenuItem.addCondition2.accesskey");
const otherBreakpoints = breakpoints.filter(b => b !== breakpoint);
const enabledBreakpoints = breakpoints.filter(b => !b.disabled);
const disabledBreakpoints = breakpoints.filter(b => b.disabled);
const otherEnabledBreakpoints = breakpoints.filter(b => !b.disabled && b !== breakpoint);
const otherDisabledBreakpoints = breakpoints.filter(b => b.disabled && b !== breakpoint);
const deleteSelf = {
id: "node-menu-delete-self",
label: deleteSelfLabel,
accesskey: deleteSelfKey,
disabled: false,
click: () => removeBreakpoint(breakpoint.location)
};
const deleteAll = {
id: "node-menu-delete-all",
label: deleteAllLabel,
accesskey: deleteAllKey,
disabled: false,
click: () => removeAllBreakpoints()
};
const deleteOthers = {
id: "node-menu-delete-other",
label: deleteOthersLabel,
accesskey: deleteOthersKey,
disabled: false,
click: () => removeBreakpoints(otherBreakpoints)
};
const enableSelf = {
id: "node-menu-enable-self",
label: enableSelfLabel,
accesskey: enableSelfKey,
disabled: false,
click: () => toggleDisabledBreakpoint(breakpoint.location.line)
};
const enableAll = {
id: "node-menu-enable-all",
label: enableAllLabel,
accesskey: enableAllKey,
disabled: false,
click: () => toggleAllBreakpoints(false)
};
const enableOthers = {
id: "node-menu-enable-others",
label: enableOthersLabel,
accesskey: enableOthersKey,
disabled: false,
click: () => toggleBreakpoints(false, otherDisabledBreakpoints)
};
const disableSelf = {
id: "node-menu-disable-self",
label: disableSelfLabel,
accesskey: disableSelfKey,
disabled: false,
click: () => toggleDisabledBreakpoint(breakpoint.location.line)
};
const disableAll = {
id: "node-menu-disable-all",
label: disableAllLabel,
accesskey: disableAllKey,
disabled: false,
click: () => toggleAllBreakpoints(true)
};
const disableOthers = {
id: "node-menu-disable-others",
label: disableOthersLabel,
accesskey: disableOthersKey,
click: () => toggleBreakpoints(true, otherEnabledBreakpoints)
};
const removeCondition = {
id: "node-menu-remove-condition",
label: removeConditionLabel,
accesskey: removeConditionKey,
disabled: false,
click: () => setBreakpointCondition(breakpoint.location)
};
const addCondition = {
id: "node-menu-add-condition",
label: addConditionLabel,
accesskey: addConditionKey,
click: () => {
selectLocation(breakpoint.location);
openConditionalPanel(breakpoint.location.line);
}
};
const editCondition = {
id: "node-menu-edit-condition",
label: editConditionLabel,
accesskey: editConditionKey,
click: () => {
selectLocation(breakpoint.location);
openConditionalPanel(breakpoint.location.line);
}
};
const hideEnableSelf = !breakpoint.disabled;
const hideEnableAll = disabledBreakpoints.size === 0;
const hideEnableOthers = otherDisabledBreakpoints.size === 0;
const hideDisableAll = enabledBreakpoints.size === 0;
const hideDisableOthers = otherEnabledBreakpoints.size === 0;
const hideDisableSelf = breakpoint.disabled;
const items = [{ item: enableSelf, hidden: () => hideEnableSelf }, { item: enableAll, hidden: () => hideEnableAll }, { item: enableOthers, hidden: () => hideEnableOthers }, {
item: { type: "separator" },
hidden: () => hideEnableSelf && hideEnableAll && hideEnableOthers
}, { item: deleteSelf }, { item: deleteAll }, { item: deleteOthers, hidden: () => breakpoints.size === 1 }, {
item: { type: "separator" },
hidden: () => hideDisableSelf && hideDisableAll && hideDisableOthers
}, { item: disableSelf, hidden: () => hideDisableSelf }, { item: disableAll, hidden: () => hideDisableAll }, { item: disableOthers, hidden: () => hideDisableOthers }, {
item: { type: "separator" }
}, {
item: addCondition,
hidden: () => breakpoint.condition
}, {
item: editCondition,
hidden: () => !breakpoint.condition
}, {
item: removeCondition,
hidden: () => !breakpoint.condition
}];
(0, _devtoolsContextmenu.showMenu)(contextMenuEvent, (0, _devtoolsContextmenu.buildMenu)(items));
}
/***/ })
/******/ ]);
});

3
devtools/client/debugger/new/test/mochitest/browser.ini
View File

@ -104,8 +104,9 @@ skip-if = os == "win"
[browser_dbg-pretty-print-console.js]
[browser_dbg-pretty-print-paused.js]
[browser_dbg-preview.js]
skip-if = true # regular failures during release in Bug 1415300
skip-if = os == "win"
[browser_dbg-preview-source-maps.js]
skip-if = os == "win"
[browser_dbg-returnvalues.js]
[browser_dbg-scopes-mutations.js]
[browser_dbg-search-file.js]

2
devtools/client/shared/components/test/mochitest/test_HSplitBox_01.html
View File

@ -10,7 +10,7 @@ Basic tests for the HSplitBox component.
<meta charset="utf-8">
<title>Tree component test</title>
<script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
<script type="application/javascript "src="chrome://mochikit/content/tests/SimpleTest/EventUtils.js"></script>
<script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/EventUtils.js"></script>
<link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
<link rel="stylesheet" href="resource://devtools/client/themes/splitters.css" type="text/css"/>
<link rel="stylesheet" href="chrome://devtools/skin/components-h-split-box.css" type="text/css"/>

2
devtools/client/storage/test/storage-cookies-samesite.html
View File

@ -5,7 +5,7 @@
<title>Storage inspector cookie samesite test</title>
</head>
<body>
<script type="application/javascript;version=1.7">
<script type="application/javascript">
"use strict";
let expiresIn24Hours = new Date(Date.now() + 60 * 60 * 24 * 1000).toUTCString();

2
dom/base/nsJSEnvironment.cpp
View File

@ -253,7 +253,7 @@ FindExceptionStackForConsoleReport(nsPIDOMWindowInner* win,
JS::RootingContext* rcx = RootingCx();
JS::RootedObject exceptionObject(rcx, &exceptionValue.toObject());
JSObject* stackObject = ExceptionStackOrNull(exceptionObject);
JSObject* stackObject = JS::ExceptionStackOrNull(exceptionObject);
if (stackObject) {
return stackObject;
}

2
dom/browser-element/mochitest/test_browserElement_inproc_ExposableURI.html
View File

@ -12,7 +12,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=795317
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=795317">Mozilla Bug 795317</a>
<script type="application/javascript;version1.7" src="browserElement_ExposableURI.js"></script>
<script type="application/javascript" src="browserElement_ExposableURI.js"></script>
</body>
</html>

2
dom/browser-element/mochitest/test_browserElement_inproc_LoadEvents.html
View File

@ -12,7 +12,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=710231
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=710231">Mozilla Bug 710231</a>
<script type="application/javascript;version1.7" src="browserElement_LoadEvents.js"></script>
<script type="application/javascript" src="browserElement_LoadEvents.js"></script>
</body>
</html>

2
dom/browser-element/mochitest/test_browserElement_oop_ExposableURI.html
View File

@ -12,7 +12,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=795317
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=795317">Mozilla Bug 795317</a>
<script type="application/javascript;version1.7" src="browserElement_ExposableURI.js"></script>
<script type="application/javascript" src="browserElement_ExposableURI.js"></script>
</body>
</html>

2
dom/browser-element/mochitest/test_browserElement_oop_LoadEvents.html
View File

@ -12,7 +12,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=710231
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=710231">Mozilla Bug 710231</a>
<script type="application/javascript;version1.7" src="browserElement_LoadEvents.js"></script>
<script type="application/javascript" src="browserElement_LoadEvents.js"></script>
</body>
</html>

4
dom/canvas/WebGLContextDraw.cpp
View File

@ -512,6 +512,8 @@ WebGLContext::DrawArraysInstanced(GLenum mode, GLint first, GLsizei vertCount,
if (IsContextLost())
return;
const gl::GLContext::TlsScope inTls(gl);
Maybe<uint32_t> lastVert;
if (!DrawArrays_check(funcName, first, vertCount, instanceCount, &lastVert))
return;
@ -668,6 +670,8 @@ WebGLContext::DrawElementsInstanced(GLenum mode, GLsizei indexCount, GLenum type
if (IsContextLost())
return;
const gl::GLContext::TlsScope inTls(gl);
Maybe<uint32_t> lastVert;
if (!DrawElements_check(funcName, indexCount, type, byteOffset, instanceCount,
&lastVert))

1
dom/html/HTMLFormElement.cpp
View File

@ -579,6 +579,7 @@ HTMLFormElement::DoSubmitOrReset(WidgetEvent* aEvent,
nsresult
HTMLFormElement::DoReset()
{
mEverTriedInvalidSubmit = false;
// JBK walk the elements[] array instead of form frame controls - bug 34297
uint32_t numElements = GetElementCount();
for (uint32_t elementX = 0; elementX < numElements; ++elementX) {

15
dom/html/HTMLScriptElement.cpp
View File

@ -171,9 +171,20 @@ HTMLScriptElement::SetText(const nsAString& aValue, ErrorResult& aRv)
// need to be transfered when modifying
bool
HTMLScriptElement::GetScriptType(nsAString& type)
HTMLScriptElement::GetScriptType(nsAString& aType)
{
return GetAttr(kNameSpaceID_None, nsGkAtoms::type, type);
nsAutoString type;
if (!GetAttr(kNameSpaceID_None, nsGkAtoms::type, type)) {
return false;
}
// ASCII whitespace https://infra.spec.whatwg.org/#ascii-whitespace:
// U+0009 TAB, U+000A LF, U+000C FF, U+000D CR, or U+0020 SPACE.
static const char kASCIIWhitespace[] = "\t\n\f\r ";
type.Trim(kASCIIWhitespace);
aType.Assign(type);
return true;
}
void

38
dom/html/test/forms/test_required_attribute.html
View File

@ -119,6 +119,13 @@ function checkTextareaRequiredValidity()
element.form.reset();
checkSufferingFromBeingMissing(element, false);
SpecialPowers.wrap(element).value = '';
element.form.reportValidity();
checkSufferingFromBeingMissing(element, true);
element.form.reset();
checkSufferingFromBeingMissing(element, false);
// TODO: for the moment, a textarea outside of a document is mutable.
SpecialPowers.wrap(element).value = ''; // To make -moz-ui-valid apply.
element.required = false;
@ -191,6 +198,13 @@ function checkInputRequiredValidity(type)
element.form.reset();
checkSufferingFromBeingMissing(element, false);
SpecialPowers.wrap(element).value = '';
element.form.reportValidity();
checkSufferingFromBeingMissing(element, true);
element.form.reset();
checkSufferingFromBeingMissing(element, false);
element.required = true;
SpecialPowers.wrap(element).value = ''; // To make :-moz-ui-valid apply.
checkSufferingFromBeingMissing(element, true);
@ -228,6 +242,14 @@ function checkInputRequiredValidityForCheckbox()
element.form.reset();
checkSufferingFromBeingMissing(element, false);
element.required = true;
element.checked = false;
element.form.reportValidity();
checkSufferingFromBeingMissing(element, true);
element.form.reset();
checkSufferingFromBeingMissing(element, false);
element.required = true;
element.checked = false;
document.forms[0].removeChild(element);
@ -304,6 +326,14 @@ function checkInputRequiredValidityForRadio()
element2.form.reset();
checkSufferingFromBeingMissing(element2, false);
element2.required = true;
element2.checked = false;
element2.form.reportValidity();
checkSufferingFromBeingMissing(element2, true);
element2.form.reset();
checkSufferingFromBeingMissing(element2, false);
element2.required = true;
element2.checked = false;
document.forms[0].removeChild(element2);
@ -341,6 +371,14 @@ function checkInputRequiredValidityForFile()
element.form.reset();
checkSufferingFromBeingMissing(element, false);
element.required = true;
SpecialPowers.wrap(element).value = '';
element.form.reportValidity();
checkSufferingFromBeingMissing(element, true);
element.form.reset();
checkSufferingFromBeingMissing(element, false);
element.required = true;
SpecialPowers.wrap(element).value = '';
document.forms[0].removeChild(element);

2
dom/html/test/test_checked.html
View File

@ -26,7 +26,7 @@ and
</menu>
</div>
<pre id="test">
<script class="testbody" type="text/javascript; version=1.7">
<script class="testbody" type="text/javascript">
/** Test for Bug 418756 and 617528 **/
var group1;

3
dom/script/ModuleLoadRequest.cpp
View File

@ -29,7 +29,6 @@ NS_IMPL_RELEASE_INHERITED(ModuleLoadRequest, ScriptLoadRequest)
ModuleLoadRequest::ModuleLoadRequest(nsIURI* aURI,
nsIScriptElement* aElement,
ValidJSVersion aValidJSVersion,
CORSMode aCORSMode,
const SRIMetadata& aIntegrity,
nsIURI* aReferrer,
@ -38,7 +37,6 @@ ModuleLoadRequest::ModuleLoadRequest(nsIURI* aURI,
: ScriptLoadRequest(ScriptKind::eModule,
aURI,
aElement,
aValidJSVersion,
aCORSMode,
aIntegrity,
aReferrer,
@ -55,7 +53,6 @@ ModuleLoadRequest::ModuleLoadRequest(nsIURI* aURI,
: ScriptLoadRequest(ScriptKind::eModule,
aURI,
aParent->mElement,
aParent->mValidJSVersion,
aParent->mCORSMode,
SRIMetadata(),
aParent->mURI,

1
dom/script/ModuleLoadRequest.h
View File

@ -45,7 +45,6 @@ public:
// Create a top-level module load request.
ModuleLoadRequest(nsIURI* aURI,
nsIScriptElement* aElement,
ValidJSVersion aValidJSVersion,
CORSMode aCORSMode,
const SRIMetadata& aIntegrity,
nsIURI* aReferrer,

2
dom/script/ScriptLoadRequest.cpp
View File

@ -41,7 +41,6 @@ NS_IMPL_CYCLE_COLLECTION_TRACE_END
ScriptLoadRequest::ScriptLoadRequest(ScriptKind aKind,
nsIURI* aURI,
nsIScriptElement* aElement,
ValidJSVersion aValidJSVersion,
mozilla::CORSMode aCORSMode,
const SRIMetadata& aIntegrity,
nsIURI* aReferrer,
@ -65,7 +64,6 @@ ScriptLoadRequest::ScriptLoadRequest(ScriptKind aKind,
, mScriptText()
, mScriptBytecode()
, mBytecodeOffset(0)
, mValidJSVersion(aValidJSVersion)
, mURI(aURI)
, mLineNo(1)
, mCORSMode(aCORSMode)

7
dom/script/ScriptLoadRequest.h
View File

@ -29,11 +29,6 @@ enum class ScriptKind {
eModule
};
enum class ValidJSVersion : bool {
eInvalid,
eValid
};
/*
* A class that handles loading and evaluation of <script> elements.
*/
@ -54,7 +49,6 @@ public:
ScriptLoadRequest(ScriptKind aKind,
nsIURI* aURI,
nsIScriptElement* aElement,
ValidJSVersion aValidJSVersion,
mozilla::CORSMode aCORSMode,
const SRIMetadata &aIntegrity,
nsIURI* aReferrer,
@ -217,7 +211,6 @@ public:
mozilla::Vector<uint8_t> mScriptBytecode;
uint32_t mBytecodeOffset; // Offset of the bytecode in mScriptBytecode
ValidJSVersion mValidJSVersion;
const nsCOMPtr<nsIURI> mURI;
nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
nsCOMPtr<nsIPrincipal> mOriginPrincipal;

91
dom/script/ScriptLoader.cpp
View File

@ -1059,12 +1059,11 @@ ScriptLoader::StartLoad(ScriptLoadRequest* aRequest)
NS_ENSURE_SUCCESS(rv, rv);
// To avoid decoding issues, the JSVersion is explicitly guarded here, and the
// build-id is part of the JSBytecodeMimeType constant.
// To avoid decoding issues, the build-id is part of the JSBytecodeMimeType
// constant.
aRequest->mCacheInfo = nullptr;
nsCOMPtr<nsICacheInfoChannel> cic(do_QueryInterface(channel));
if (cic && nsContentUtils::IsBytecodeCacheEnabled() &&
aRequest->mValidJSVersion == ValidJSVersion::eValid) {
if (cic && nsContentUtils::IsBytecodeCacheEnabled()) {
if (!aRequest->IsLoadingSource()) {
// Inform the HTTP cache that we prefer to have information coming from the
// bytecode cache instead of the sources, if such entry is already registered.
@ -1174,63 +1173,6 @@ ScriptLoader::PreloadURIComparator::Equals(const PreloadInfo& aPi,
same;
}
/**
* Returns ValidJSVersion::eValid if aVersionStr is a string of the form '1.n',
* n = 0, ..., 8, and ValidJSVersion::eInvalid for other strings.
*/
static ValidJSVersion
ParseJavascriptVersion(const nsAString& aVersionStr)
{
if (aVersionStr.Length() != 3 || aVersionStr[0] != '1' ||
aVersionStr[1] != '.') {
return ValidJSVersion::eInvalid;
}
if ('0' <= aVersionStr[2] && aVersionStr[2] <= '8') {
return ValidJSVersion::eValid;
}
return ValidJSVersion::eInvalid;
}
static inline bool
ParseTypeAttribute(const nsAString& aType, ValidJSVersion* aVersion)
{
MOZ_ASSERT(!aType.IsEmpty());
MOZ_ASSERT(aVersion);
MOZ_ASSERT(*aVersion == ValidJSVersion::eValid);
nsContentTypeParser parser(aType);
nsAutoString mimeType;
nsresult rv = parser.GetType(mimeType);
NS_ENSURE_SUCCESS(rv, false);
if (!nsContentUtils::IsJavascriptMIMEType(mimeType)) {
return false;
}
// Get the version string, and ensure the language supports it.
nsAutoString versionName;
rv = parser.GetParameter("version", versionName);
if (rv == NS_ERROR_INVALID_ARG) {
Telemetry::Accumulate(Telemetry::SCRIPT_LOADED_WITH_VERSION, false);
// Argument not set.
return true;
}
if (NS_FAILED(rv)) {
return false;
}
*aVersion = ParseJavascriptVersion(versionName);
if (*aVersion == ValidJSVersion::eValid) {
Telemetry::Accumulate(Telemetry::SCRIPT_LOADED_WITH_VERSION, true);
return true;
}
return true;
}
static bool
CSPAllowsInlineScript(nsIScriptElement* aElement, nsIDocument* aDocument)
{
@ -1263,7 +1205,6 @@ ScriptLoadRequest*
ScriptLoader::CreateLoadRequest(ScriptKind aKind,
nsIURI* aURI,
nsIScriptElement* aElement,
ValidJSVersion aValidJSVersion,
CORSMode aCORSMode,
const SRIMetadata& aIntegrity,
mozilla::net::ReferrerPolicy aReferrerPolicy)
@ -1272,7 +1213,7 @@ ScriptLoader::CreateLoadRequest(ScriptKind aKind,
if (aKind == ScriptKind::eClassic) {
ScriptLoadRequest* slr = new ScriptLoadRequest(aKind, aURI, aElement,
aValidJSVersion, aCORSMode, aIntegrity,
aCORSMode, aIntegrity,
referrer, aReferrerPolicy);
LOG(("ScriptLoader %p creates ScriptLoadRequest %p", this, slr));
@ -1280,8 +1221,8 @@ ScriptLoader::CreateLoadRequest(ScriptKind aKind,
}
MOZ_ASSERT(aKind == ScriptKind::eModule);
return new ModuleLoadRequest(aURI, aElement, aValidJSVersion, aCORSMode,
aIntegrity, referrer, aReferrerPolicy, this);
return new ModuleLoadRequest(aURI, aElement, aCORSMode, aIntegrity, referrer,
aReferrerPolicy, this);
}
bool
@ -1310,13 +1251,11 @@ ScriptLoader::ProcessScriptElement(nsIScriptElement* aElement)
return false;
}
ValidJSVersion validJSVersion = ValidJSVersion::eValid;
// For classic scripts, check the type attribute to determine language and
// version. If type exists, it trumps the deprecated 'language='
if (scriptKind == ScriptKind::eClassic) {
if (!type.IsEmpty()) {
NS_ENSURE_TRUE(ParseTypeAttribute(type, &validJSVersion), false);
NS_ENSURE_TRUE(nsContentUtils::IsJavascriptMIMEType(type), false);
} else if (!hasType) {
// no 'type=' element
// "language" is a deprecated attribute of HTML, so we check it only for
@ -1429,9 +1368,8 @@ ScriptLoader::ProcessScriptElement(nsIScriptElement* aElement)
principal = scriptContent->NodePrincipal();
}
request = CreateLoadRequest(scriptKind, scriptURI, aElement,
validJSVersion, ourCORSMode, sriMetadata,
ourRefPolicy);
request = CreateLoadRequest(scriptKind, scriptURI, aElement, ourCORSMode,
sriMetadata, ourRefPolicy);
request->mTriggeringPrincipal = Move(principal);
request->mIsInline = false;
request->SetScriptMode(aElement->GetScriptDeferred(),
@ -1456,8 +1394,6 @@ ScriptLoader::ProcessScriptElement(nsIScriptElement* aElement)
NS_ASSERTION(!request->InCompilingStage(),
"Request should not yet be in compiling stage.");
request->mValidJSVersion = validJSVersion;
if (request->IsAsyncScript()) {
AddAsyncRequest(request);
if (request->IsReadyToRun()) {
@ -1560,10 +1496,9 @@ ScriptLoader::ProcessScriptElement(nsIScriptElement* aElement)
}
request = CreateLoadRequest(scriptKind, mDocument->GetDocumentURI(), aElement,
validJSVersion, corsMode,
corsMode,
SRIMetadata(), // SRI doesn't apply
ourRefPolicy);
request->mValidJSVersion = validJSVersion;
request->mIsInline = true;
request->mTriggeringPrincipal = mDocument->NodePrincipal();
request->mLineNo = aElement->GetScriptLineNumber();
@ -2192,10 +2127,6 @@ ScriptLoader::EvaluateScript(ScriptLoadRequest* aRequest)
return NS_ERROR_FAILURE;
}
if (aRequest->mValidJSVersion == ValidJSVersion::eInvalid) {
return NS_OK;
}
// New script entry point required, due to the "Create a script" sub-step of
// http://www.whatwg.org/specs/web-apps/current-work/#execute-the-script-block
nsAutoMicroTask mt;
@ -3210,7 +3141,7 @@ ScriptLoader::PreloadURI(nsIURI* aURI, const nsAString& aCharset,
}
RefPtr<ScriptLoadRequest> request =
CreateLoadRequest(ScriptKind::eClassic, aURI, nullptr, ValidJSVersion::eValid,
CreateLoadRequest(ScriptKind::eClassic, aURI, nullptr,
Element::StringToCORSMode(aCrossOrigin), sriMetadata,
aReferrerPolicy);
request->mTriggeringPrincipal = mDocument->NodePrincipal();

1
dom/script/ScriptLoader.h
View File

@ -342,7 +342,6 @@ private:
ScriptLoadRequest* CreateLoadRequest(ScriptKind aKind,
nsIURI* aURI,
nsIScriptElement* aElement,
ValidJSVersion aValidJSVersion,
mozilla::CORSMode aCORSMode,
const SRIMetadata& aIntegrity,
mozilla::net::ReferrerPolicy aReferrerPolicy);

2
dom/tests/mochitest/bugs/test_bug1171215.html
View File

@ -10,7 +10,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1022869
<script type="application/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<iframe src="about:blank"></iframe>
<script type="text/javascript; version=1.8">
<script type="text/javascript">
var f = document.getElementsByTagName("iframe")[0];

4
dom/tests/mochitest/bugs/test_no_find_showDialog.html
View File

@ -7,7 +7,7 @@
<script type="application/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<iframe src="about:blank"></iframe>
<script type="text/javascript; version=1.8">
<script type="text/javascript">
function checkForFindDialog() {
let chromeScript = SpecialPowers.loadChromeScript(_ => {
@ -89,4 +89,4 @@
<pre id="test">
</pre>
</body>
</html>
</html>

1
dom/tests/mochitest/script/mochitest.ini
View File

@ -4,3 +4,4 @@ support-files =
[test_bug1053321.html]
skip-if = os == 'android' # bug 1386644
[test_whitespace.html]

5
dom/tests/mochitest/script/test_bug1053321.html
View File

@ -23,8 +23,8 @@ are unexpectedly blocked.
<body>
<script>
// No need for an async test, we make it all before window.onload.
//
SimpleTest.waitForExplicitFinish();
// We can't test whether the two scripts have not been executed here, since
// preloads of the two images below (that unblock the two tested <head>
// scripts) may happen sooner than this script executes.
@ -33,6 +33,7 @@ are unexpectedly blocked.
});
window.addEventListener("load", function() {
ok(window.script_executed_async, "Async script executed before onload");
SimpleTest.finish();
}, true);
</script>
<img src="file_blocked_script.sjs?unblock&defer"/>

31
dom/tests/mochitest/script/test_whitespace.html Normal file
View File

@ -0,0 +1,31 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Test for ScriptLoader and type with whitespaces</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<script type="application/javascript">
let passed = false;
let tests = [
[ " application/javascript", true ],
[ "\tapplication/javascript\n\r \t", true ],
];
for (let i = 0; i < tests.length; ++i) {
passed = false;
let script = document.createElement('script');
script.setAttribute('type', tests[i][0]);
script.innerText = "passed = true;";
document.body.appendChild(script);
ok (passed, tests[i][1], "Test " + tests[i][0] + " passed");
}
</script>
</body>
</html>

1
dom/workers/ServiceWorkerEvents.h
View File

@ -7,6 +7,7 @@
#ifndef mozilla_dom_workers_serviceworkerevents_h__
#define mozilla_dom_workers_serviceworkerevents_h__
#include "mozilla/dom/DOMPrefs.h"
#include "mozilla/dom/Event.h"
#include "mozilla/dom/ExtendableEventBinding.h"
#include "mozilla/dom/ExtendableMessageEventBinding.h"

18
dom/workers/ServiceWorkerManager.cpp
View File

@ -2347,7 +2347,8 @@ ServiceWorkerManager::RemoveScopeAndRegistration(ServiceWorkerRegistrationInfo*
// Verify there are no controlled clients for the purged registration.
for (auto iter = swm->mControlledClients.Iter(); !iter.Done(); iter.Next()) {
auto& reg = iter.UserData()->mRegistrationInfo;
if (reg->mScope.Equals(aRegistration->mScope)) {
if (reg->mScope.Equals(aRegistration->mScope) &&
reg->mPrincipal->Equals(aRegistration->mPrincipal)) {
MOZ_DIAGNOSTIC_ASSERT(false,
"controlled client when removing registration");
iter.Remove();
@ -2360,7 +2361,8 @@ ServiceWorkerManager::RemoveScopeAndRegistration(ServiceWorkerRegistrationInfo*
// set when the registration is destroyed.
for (auto iter = swm->mControlledDocuments.Iter(); !iter.Done(); iter.Next()) {
ServiceWorkerRegistrationInfo* reg = iter.UserData();
if (reg->mScope.Equals(aRegistration->mScope)) {
if (reg->mScope.Equals(aRegistration->mScope) &&
reg->mPrincipal->Equals(aRegistration->mPrincipal)) {
iter.Remove();
break;
}
@ -3233,8 +3235,8 @@ already_AddRefed<GenericPromise>
ServiceWorkerManager::MaybeClaimClient(nsIDocument* aDocument,
ServiceWorkerRegistrationInfo* aWorkerRegistration)
{
MOZ_ASSERT(aWorkerRegistration);
MOZ_ASSERT(aWorkerRegistration->GetActive());
MOZ_DIAGNOSTIC_ASSERT(aWorkerRegistration);
MOZ_DIAGNOSTIC_ASSERT(aWorkerRegistration->GetActive());
RefPtr<GenericPromise> ref;
@ -3286,7 +3288,13 @@ ServiceWorkerManager::MaybeClaimClient(nsIDocument* aDoc,
RefPtr<ServiceWorkerRegistrationInfo> registration =
GetRegistration(principal, aServiceWorker.Scope());
if (!registration) {
// While ServiceWorkerManager is distributed across child processes its
// possible for us to sometimes get a claim for a new worker that has
// not propagated to this process yet. For now, simply note that we
// are done. The fix for this is to move the SWM to the parent process
// so there are no consistency errors.
if (NS_WARN_IF(!registration) || NS_WARN_IF(!registration->GetActive())) {
ref = GenericPromise::CreateAndResolve(false, __func__);
return ref.forget();
}

1
dom/workers/test/serviceworkers/browser.ini
View File

@ -18,5 +18,6 @@ support-files =
[browser_multie10s_update.js]
skip-if = !e10s || os != "win" # Bug 1404914
[browser_storage_permission.js]
[browser_unregister_with_containers.js]
[browser_userContextId_openWindow.js]
skip-if = !e10s

3
dom/workers/test/serviceworkers/browser_storage_permission.js
View File

@ -10,6 +10,9 @@ const SW_SCRIPT = BASE_URI + "empty.js";
add_task(async function setup() {
await SpecialPowers.pushPrefEnv({"set": [
// Until the e10s refactor is complete, use a single process to avoid
// service worker propagation race.
["dom.ipc.processCount", 1],
["dom.serviceWorkers.enabled", true],
["dom.serviceWorkers.testing.enabled", true],
]});

138
dom/workers/test/serviceworkers/browser_unregister_with_containers.js Normal file
View File

@ -0,0 +1,138 @@
"use strict";
const { interfaces: Ci } = Components;
const BASE_URI = "http://mochi.test:8888/browser/dom/workers/test/serviceworkers/";
const PAGE_URI = BASE_URI + "empty.html";
const SCOPE = PAGE_URI + "?unregister_with_containers";
const SW_SCRIPT = BASE_URI + "empty.js";
function doRegister(browser) {
return ContentTask.spawn(browser, { script: SW_SCRIPT, scope: SCOPE },
async function(opts) {
let reg = await content.navigator.serviceWorker.register(opts.script,
{ scope: opts.scope });
let worker = reg.installing || reg.waiting || reg.active;
await new Promise(resolve => {
if (worker.state === "activated") {
resolve();
return;
}
worker.addEventListener("statechange", function onStateChange() {
if (worker.state === "activated") {
worker.removeEventListener("statechange", onStateChange);
resolve();
}
});
});
}
);
}
function doUnregister(browser) {
return ContentTask.spawn(browser, SCOPE, async function(uri) {
let reg = await content.navigator.serviceWorker.getRegistration(uri);
let worker = reg.active;
await reg.unregister();
await new Promise(resolve => {
if (worker.state === "redundant") {
resolve();
return;
}
worker.addEventListener("statechange", function onStateChange() {
if (worker.state === "redundant") {
worker.removeEventListener("statechange", onStateChange);
resolve();
}
});
});
});
}
function isControlled(browser) {
return ContentTask.spawn(browser, null, function() {
return !!content.navigator.serviceWorker.controller;
});
}
async function checkControlled(browser) {
let controlled = await isControlled(browser);
ok(controlled, "window should be controlled");
}
async function checkUncontrolled(browser) {
let controlled = await isControlled(browser);
ok(!controlled, "window should not be controlled");
}
add_task(async function test() {
await SpecialPowers.pushPrefEnv({"set": [
// Avoid service worker propagation races by disabling multi-e10s for now.
// This can be removed after the e10s refactor is complete.
["dom.ipc.processCount", 1],
["dom.serviceWorkers.enabled", true],
["dom.serviceWorkers.testing.enabled", true],
]});
// Setup service workers in two different contexts with the same scope.
let containerTab1 = BrowserTestUtils.addTab(gBrowser, PAGE_URI, { userContextId: 1 });
let containerBrowser1 = gBrowser.getBrowserForTab(containerTab1);
await BrowserTestUtils.browserLoaded(containerBrowser1);
let containerTab2 = BrowserTestUtils.addTab(gBrowser, PAGE_URI, { userContextId: 2 });
let containerBrowser2 = gBrowser.getBrowserForTab(containerTab2);
await BrowserTestUtils.browserLoaded(containerBrowser2);
await doRegister(containerBrowser1);
await doRegister(containerBrowser2);
await checkUncontrolled(containerBrowser1);
await checkUncontrolled(containerBrowser2);
// Close the tabs we used to register the service workers. These are not
// controlled.
await BrowserTestUtils.removeTab(containerTab1);
await BrowserTestUtils.removeTab(containerTab2);
// Open a controlled tab in each container.
containerTab1 = BrowserTestUtils.addTab(gBrowser, SCOPE, { userContextId: 1 });
containerBrowser1 = gBrowser.getBrowserForTab(containerTab1);
await BrowserTestUtils.browserLoaded(containerBrowser1);
containerTab2 = BrowserTestUtils.addTab(gBrowser, SCOPE, { userContextId: 2 });
containerBrowser2 = gBrowser.getBrowserForTab(containerTab2);
await BrowserTestUtils.browserLoaded(containerBrowser2);
await checkControlled(containerBrowser1);
await checkControlled(containerBrowser2);
// Remove the first container's controlled tab
await BrowserTestUtils.removeTab(containerTab1);
// Create a new uncontrolled tab for the first container and use it to
// unregister the service worker.
containerTab1 = BrowserTestUtils.addTab(gBrowser, PAGE_URI, { userContextId: 1 });
containerBrowser1 = gBrowser.getBrowserForTab(containerTab1);
await BrowserTestUtils.browserLoaded(containerBrowser1);
await doUnregister(containerBrowser1);
await checkUncontrolled(containerBrowser1);
await checkControlled(containerBrowser2);
// Remove the second container's controlled tab
await BrowserTestUtils.removeTab(containerTab2);
// Create a new uncontrolled tab for the second container and use it to
// unregister the service worker.
containerTab2 = BrowserTestUtils.addTab(gBrowser, PAGE_URI, { userContextId: 2 });
containerBrowser2 = gBrowser.getBrowserForTab(containerTab2);
await BrowserTestUtils.browserLoaded(containerBrowser2);
await doUnregister(containerBrowser2);
await checkUncontrolled(containerBrowser1);
await checkUncontrolled(containerBrowser2);
// Close the two tabs we used to unregister the service worker.
await BrowserTestUtils.removeTab(containerTab1);
await BrowserTestUtils.removeTab(containerTab2);
});

10
dom/xbl/test/test_bug389322.xhtml
View File

@ -105,21 +105,13 @@ function report(testName, success) {
}
]]>
</script>
<script type="text/javascript; version=1.7"><![CDATA[
try {
eval("let x = 1;");
var success = true;
}
catch (e) { success = false; }
report("HTML script tags with explicit version", success)
]]></script>
<script type="text/javascript"><![CDATA[
try {
eval("let x = 1;");
var success = true;
}
catch (e) { success = false; }
is(success, true, "let should work in versionless HTML script tags");
is(success, true, "let should work in HTML script tags");
]]></script>
</pre>
</body>

38
gfx/cairo/cairo/src/cairo-ft-font.c
View File

@ -2705,21 +2705,23 @@ _cairo_ft_font_face_destroy (void *abstract_face)
* font_face <------- unscaled
*/
if (font_face->unscaled &&
font_face->unscaled->from_face &&
font_face->next == NULL &&
font_face->unscaled->faces == font_face &&
CAIRO_REFERENCE_COUNT_GET_VALUE (&font_face->unscaled->base.ref_count) > 1)
if (font_face->unscaled)
{
cairo_font_face_reference (&font_face->base);
CAIRO_MUTEX_LOCK (font_face->unscaled->mutex);
_cairo_unscaled_font_destroy (&font_face->unscaled->base);
font_face->unscaled = NULL;
if (font_face->unscaled->from_face &&
font_face->next == NULL &&
font_face->unscaled->faces == font_face &&
CAIRO_REFERENCE_COUNT_GET_VALUE (&font_face->unscaled->base.ref_count) > 1)
{
cairo_font_face_reference (&font_face->base);
return;
}
CAIRO_MUTEX_UNLOCK (font_face->unscaled->mutex);
_cairo_unscaled_font_destroy (&font_face->unscaled->base);
font_face->unscaled = NULL;
return;
}
if (font_face->unscaled) {
cairo_ft_font_face_t *tmp_face = NULL;
cairo_ft_font_face_t *last_face = NULL;
@ -2738,6 +2740,7 @@ _cairo_ft_font_face_destroy (void *abstract_face)
last_face = tmp_face;
}
CAIRO_MUTEX_UNLOCK (font_face->unscaled->mutex);
_cairo_unscaled_font_destroy (&font_face->unscaled->base);
font_face->unscaled = NULL;
}
@ -2855,6 +2858,8 @@ _cairo_ft_font_face_create (cairo_ft_unscaled_font_t *unscaled,
{
cairo_ft_font_face_t *font_face, **prev_font_face;
CAIRO_MUTEX_LOCK (unscaled->mutex);
/* Looked for an existing matching font face */
for (font_face = unscaled->faces, prev_font_face = &unscaled->faces;
font_face;
@ -2876,15 +2881,19 @@ _cairo_ft_font_face_create (cairo_ft_unscaled_font_t *unscaled,
* from owner to ownee. */
font_face->unscaled = unscaled;
_cairo_unscaled_font_reference (&unscaled->base);
return &font_face->base;
} else
return cairo_font_face_reference (&font_face->base);
} else {
cairo_font_face_reference (&font_face->base);
}
CAIRO_MUTEX_UNLOCK (unscaled->mutex);
return &font_face->base;
}
}
/* No match found, create a new one */
font_face = malloc (sizeof (cairo_ft_font_face_t));
if (unlikely (!font_face)) {
CAIRO_MUTEX_UNLOCK (unscaled->mutex);
_cairo_error_throw (CAIRO_STATUS_NO_MEMORY);
return (cairo_font_face_t *)&_cairo_font_face_nil;
}
@ -2911,6 +2920,7 @@ _cairo_ft_font_face_create (cairo_ft_unscaled_font_t *unscaled,
_cairo_font_face_init (&font_face->base, &_cairo_ft_font_face_backend);
CAIRO_MUTEX_UNLOCK (unscaled->mutex);
return &font_face->base;
}

6
gfx/gl/GLContext.cpp
View File

@ -264,9 +264,9 @@ ChooseDebugFlags(CreateContextFlags createFlags)
GLContext::GLContext(CreateContextFlags flags, const SurfaceCaps& caps,
GLContext* sharedContext, bool isOffscreen, bool useTLSIsCurrent)
: mImplicitMakeCurrent(false),
mUseTLSIsCurrent(ShouldUseTLSIsCurrent(useTLSIsCurrent)),
mIsOffscreen(isOffscreen),
mContextLost(false),
mUseTLSIsCurrent(ShouldUseTLSIsCurrent(useTLSIsCurrent)),
mVersion(0),
mProfile(ContextProfile::Unknown),
mShadingLanguageVersion(0),
@ -3074,9 +3074,7 @@ GLContext::MakeCurrent(bool aForce) const
if (!MakeCurrentImpl())
return false;
if (mUseTLSIsCurrent) {
sCurrentContext.set(reinterpret_cast<uintptr_t>(this));
}
sCurrentContext.set(reinterpret_cast<uintptr_t>(this));
return true;
}

18
gfx/gl/GLContext.h
View File

@ -199,6 +199,23 @@ public:
static MOZ_THREAD_LOCAL(uintptr_t) sCurrentContext;
bool mImplicitMakeCurrent;
bool mUseTLSIsCurrent;
class TlsScope final {
GLContext* const mGL;
const bool mWasTlsOk;
public:
explicit TlsScope(GLContext* const gl)
: mGL(gl)
, mWasTlsOk(gl->mUseTLSIsCurrent)
{
mGL->mUseTLSIsCurrent = true;
}
~TlsScope() {
mGL->mUseTLSIsCurrent = mWasTlsOk;
}
};
// -----------------------------------------------------------------------------
// basic getters
@ -320,7 +337,6 @@ public:
protected:
bool mIsOffscreen;
mutable bool mContextLost;
const bool mUseTLSIsCurrent;
/**
* mVersion store the OpenGL's version, multiplied by 100. For example, if

4
gfx/webrender_bindings/RenderD3D11TextureHostOGL.cpp
View File

@ -209,7 +209,7 @@ RenderDXGITextureHostOGL::DeleteTextureHandle()
mSurface = 0;
}
if (mStream) {
egl->fStreamConsumerReleaseKHR(egl->Display(), mStream);
egl->fDestroyStreamKHR(egl->Display(), mStream);
mStream = 0;
}
@ -417,7 +417,7 @@ RenderDXGIYCbCrTextureHostOGL::DeleteTextureHandle()
mSurfaces[i] = 0;
}
if (mStreams[i]) {
egl->fStreamConsumerReleaseKHR(egl->Display(), mStreams[i]);
egl->fDestroyStreamKHR(egl->Display(), mStreams[i]);
mStreams[i] = 0;
}
}

2
js/rust/build.rs
View File

@ -256,7 +256,7 @@ const WHITELIST_VARS: &'static [&'static str] = &[
/// Functions we want to generate bindings to.
const WHITELIST_FUNCTIONS: &'static [&'static str] = &[
"INTERNED_STRING_TO_JSID",
"ExceptionStackOrNull",
"JS::ExceptionStackOrNull",
"JS_AddExtraGCRootsTracer",
"JS_AddInterruptCallback",
"JS::AddPromiseReactions",

10
js/src/jsapi.h
View File

@ -560,14 +560,19 @@ typedef bool
JS::HandleObject allocationSite, JS::HandleObject incumbentGlobal,
void* data);
namespace JS {
enum class PromiseRejectionHandlingState {
Unhandled,
Handled
};
} /* namespace JS */
typedef void
(* JSPromiseRejectionTrackerCallback)(JSContext* cx, JS::HandleObject promise,
PromiseRejectionHandlingState state, void* data);
JS::PromiseRejectionHandlingState state,
void* data);
typedef void
(* JSProcessPromiseCallback)(JSContext* cx, JS::HandleObject promise);
@ -5806,6 +5811,7 @@ JS_DropExceptionState(JSContext* cx, JSExceptionState* state);
extern JS_PUBLIC_API(JSErrorReport*)
JS_ErrorFromException(JSContext* cx, JS::HandleObject obj);
namespace JS {
/**
* If the given object is an exception object (or an unwrappable
* cross-compartment wrapper for one), return the stack for that exception, if
@ -5816,6 +5822,8 @@ JS_ErrorFromException(JSContext* cx, JS::HandleObject obj);
extern JS_PUBLIC_API(JSObject*)
ExceptionStackOrNull(JS::HandleObject obj);
} /* namespace JS */
/**
* A JS context always has an "owner thread". The owner thread is set when the
* context is created (to the current thread) and practically all entry points

2
js/src/jsexn.cpp
View File

@ -423,7 +423,7 @@ js::ErrorFromException(JSContext* cx, HandleObject objArg)
}
JS_PUBLIC_API(JSObject*)
ExceptionStackOrNull(HandleObject objArg)
JS::ExceptionStackOrNull(HandleObject objArg)
{
JSObject* obj = CheckedUnwrap(objArg);
if (!obj || !obj->is<ErrorObject>()) {

3
js/src/shell/js.cpp
View File

@ -848,7 +848,8 @@ DrainJobQueue(JSContext* cx, unsigned argc, Value* vp)
static void
ForwardingPromiseRejectionTrackerCallback(JSContext* cx, JS::HandleObject promise,
PromiseRejectionHandlingState state, void* data)
JS::PromiseRejectionHandlingState state,
void* data)
{
RootedValue callback(cx, GetShellContext(cx)->promiseRejectionTrackerCallback);
if (callback.isNull()) {

2
js/src/vm/List-inl.h
View File

@ -33,7 +33,7 @@ AppendToList(JSContext* cx, HandleNativeObject list, HandleValue value)
return false;
list->ensureDenseInitializedLength(cx, length, 1);
list->setDenseElement(length, value);
list->setDenseElementWithType(cx, length, value);
return true;
}

4
js/src/vm/Runtime.cpp
View File

@ -753,7 +753,7 @@ JSRuntime::addUnhandledRejectedPromise(JSContext* cx, js::HandleObject promise)
void* data = cx->promiseRejectionTrackerCallbackData;
cx->promiseRejectionTrackerCallback(cx, promise,
PromiseRejectionHandlingState::Unhandled, data);
JS::PromiseRejectionHandlingState::Unhandled, data);
}
void
@ -765,7 +765,7 @@ JSRuntime::removeUnhandledRejectedPromise(JSContext* cx, js::HandleObject promis
void* data = cx->promiseRejectionTrackerCallbackData;
cx->promiseRejectionTrackerCallback(cx, promise,
PromiseRejectionHandlingState::Handled, data);
JS::PromiseRejectionHandlingState::Handled, data);
}
mozilla::non_crypto::XorShift128PlusRNG&

2
layout/style/test/bug453896_iframe.html
View File

@ -5,7 +5,7 @@
<title>Bug 453896 Test middle frame</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="Content-Style-Type" content="text/css">
<script type="application/javascript; version=1.7">
<script type="application/javascript">
function run(test_window)
{

2
layout/style/test/chrome/test_moz_document_rules.html
View File

@ -10,7 +10,7 @@
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=398962">Mozilla Bug 398962</a>
<iframe id="iframe" src="http://mochi.test:8888/tests/layout/style/test/chrome/moz_document_helper.html"></iframe>
<pre id="test">
<script type="application/javascript; version=1.8">
<script type="application/javascript">
var [gStyleSheetService, gIOService] = (function() {
return [

2
layout/style/test/test_addSheet.html
View File

@ -12,7 +12,7 @@
<iframe id="iframe2" src="additional_sheets_helper.html"></iframe>
<pre id="test">
<script type="application/javascript; version=1.8">
<script type="application/javascript">
let gIOService = SpecialPowers.Cc["@mozilla.org/network/io-service;1"]
.getService(SpecialPowers.Ci.nsIIOService);

2
layout/style/test/test_additional_sheets.html
View File

@ -9,7 +9,7 @@
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=737003">Mozilla Bug 737003</a>
<iframe id="iframe" src="additional_sheets_helper.html"></iframe>
<pre id="test">
<script type="application/javascript; version=1.8">
<script type="application/javascript">
var gIOService = SpecialPowers.Cc["@mozilla.org/network/io-service;1"]
.getService(SpecialPowers.Ci.nsIIOService)

2
layout/style/test/test_computed_style_prefs.html
View File

@ -12,7 +12,7 @@
</div>
<pre id="test">
<script type="application/javascript; version=1.7">
<script type="application/javascript">
/** Test that preffed off properties do not appear in computed style **/

2
layout/style/test/test_media_queries_dynamic.html
View File

@ -15,7 +15,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=473400
</div>
<pre id="test">
<script class="testbody" type="application/javascript; version=1.7">
<script class="testbody" type="application/javascript">
/** Test for Bug 473400 **/

3
mobile/android/chrome/content/browser.js
View File

@ -1279,6 +1279,9 @@ var BrowserApp = {
}
}
// Retrieve updated tabIndex again for the removal because the index could
// be changed if a new tab is added by the event listener.
tabIndex = this._tabs.indexOf(aTab);
aTab.destroy();
this._tabs.splice(tabIndex, 1);
},

8
mobile/android/tests/browser/chrome/head.js
View File

@ -5,7 +5,7 @@ function fuzzyEquals(a, b) {
return (Math.abs(a - b) < 1e-6);
}
function promiseBrowserEvent(browser, eventType) {
function promiseBrowserEvent(browser, eventType, options) {
return new Promise((resolve) => {
function handle(event) {
// Since we'll be redirecting, don't make assumptions about the given URL and the loaded URL
@ -15,7 +15,11 @@ function promiseBrowserEvent(browser, eventType) {
}
info("Received event " + eventType + " from browser");
browser.removeEventListener(eventType, handle, true);
resolve(event);
if (options && options.resolveAtNextTick) {
setTimeout(() => resolve(event), 0);
} else {
resolve(event);
}
}
browser.addEventListener(eventType, handle, true);

10
mobile/android/tests/browser/chrome/test_session_form_data.html
View File

@ -96,7 +96,7 @@ add_task(function* test_formdata() {
// Create a new tab.
let tab = gBrowserApp.addTab(URL);
let browser = tab.browser;
yield promiseBrowserEvent(browser, "load");
yield promiseBrowserEvent(browser, "load", { resolveAtNextTick: true });
// Modify form data.
setInputValue(browser, {id: "txt", value: OUTER_VALUE});
@ -151,7 +151,7 @@ add_task(function* test_formdata2() {
// Create a new tab.
let tab = gBrowserApp.addTab(URL);
let browser = tab.browser;
yield promiseBrowserEvent(browser, "load");
yield promiseBrowserEvent(browser, "load", { resolveAtNextTick: true });
// Modify form data.
setInputValue(browser, {id: "txt", value: OUTER_VALUE});
@ -172,7 +172,7 @@ add_task(function* test_formdata2() {
// Restore the closed tab.
let closedTabData = ss.getClosedTabs(gChromeWin)[0];
let browser = ss.undoCloseTab(gChromeWin, closedTabData);
yield promiseBrowserEvent(browser, "load");
yield promiseBrowserEvent(browser, "load", { resolveAtNextTick: true });
// Check the form data.
is(getInputValue(browser, {id: "txt"}), OUTER_VALUE, "outer value restored correctly");
@ -211,7 +211,7 @@ add_task(function* test_formdata_navigation() {
// Create a new tab.
let tab = gBrowserApp.addTab(URL);
let browser = tab.browser;
yield promiseBrowserEvent(browser, "load");
yield promiseBrowserEvent(browser, "load", { resolveAtNextTick: true });
// Modify form data.
setInputValue(browser, {id: "txt", value: OUTER_VALUE});
@ -251,7 +251,7 @@ add_task(function* test_formdata_navigation() {
// Restore the closed tab.
let closedTabData = ss.getClosedTabs(gChromeWin)[0];
let browser = ss.undoCloseTab(gChromeWin, closedTabData);
yield promiseBrowserEvent(browser, "load");
yield promiseBrowserEvent(browser, "load", { resolveAtNextTick: true });
// Check the form data.
is(getInputValue(browser, {id: "txt"}), OUTER_VALUE, "outer value restored correctly");

699
security/apps/AppSignatureVerification.cpp
View File

@ -13,6 +13,7 @@
#include "SharedCertVerifier.h"
#include "certdb.h"
#include "cms.h"
#include "cosec.h"
#include "mozilla/Base64.h"
#include "mozilla/Casting.h"
#include "mozilla/Logging.h"
@ -343,8 +344,10 @@ ReadLine(/*in/out*/ const char* & nextLineStart, /*out*/ nsCString & line,
// The header strings are defined in the JAR specification.
#define JAR_MF_SEARCH_STRING "(M|/M)ETA-INF/(M|m)(ANIFEST|anifest).(MF|mf)$"
#define JAR_COSE_MF_SEARCH_STRING "(M|/M)ETA-INF/cose.manifest$"
#define JAR_SF_SEARCH_STRING "(M|/M)ETA-INF/*.(SF|sf)$"
#define JAR_RSA_SEARCH_STRING "(M|/M)ETA-INF/*.(RSA|rsa)$"
#define JAR_COSE_SEARCH_STRING "(M|/M)ETA-INF/cose.sig$"
#define JAR_META_DIR "META-INF"
#define JAR_MF_HEADER "Manifest-Version: 1.0"
#define JAR_SF_HEADER "Signature-Version: 1.0"
@ -840,17 +843,466 @@ VerifySignature(AppTrustedRoot trustedRoot, const SECItem& buffer,
&pkcs7DataOid));
}
class CoseVerificationContext
{
public:
explicit CoseVerificationContext(AppTrustedRoot aTrustedRoot)
: mTrustedRoot(aTrustedRoot)
, mCertDER(nullptr)
, mCertDERLen(0)
{
}
~CoseVerificationContext() {}
AppTrustedRoot GetTrustedRoot() { return mTrustedRoot; }
nsresult SetCert(SECItem* aCertDER)
{
mCertDERLen = aCertDER->len;
mCertDER = MakeUnique<uint8_t[]>(mCertDERLen);
if (!mCertDER) {
return NS_ERROR_OUT_OF_MEMORY;
}
memcpy(mCertDER.get(), aCertDER->data, mCertDERLen);
return NS_OK;
}
uint8_t* GetCert() { return mCertDER.get(); }
unsigned int GetCertLen() { return mCertDERLen; }
private:
AppTrustedRoot mTrustedRoot;
UniquePtr<uint8_t[]> mCertDER;
unsigned int mCertDERLen;
};
// Verification function called from cose-rust.
// Returns true if everything goes well and the signature and certificate chain
// are good, false in any other case.
bool
CoseVerificationCallback(const uint8_t* aPayload,
size_t aPayloadLen,
const uint8_t** aCertChain,
size_t aCertChainLen,
const size_t* aCertsLen,
const uint8_t* aEECert,
size_t aEECertLen,
const uint8_t* aSignature,
size_t aSignatureLen,
uint8_t aSignatureAlgorithm,
void* ctx)
{
if (!ctx || !aPayload || !aEECert || !aSignature) {
return false;
}
// The ctx here is a pointer to a CoseVerificationContext object
CoseVerificationContext* context = static_cast<CoseVerificationContext*>(ctx);
AppTrustedRoot aTrustedRoot = context->GetTrustedRoot();
CK_MECHANISM_TYPE mechanism;
SECOidTag oid;
uint32_t hash_length;
SECItem param = { siBuffer, nullptr, 0 };
switch (aSignatureAlgorithm) {
case ES256:
mechanism = CKM_ECDSA;
oid = SEC_OID_SHA256;
hash_length = SHA256_LENGTH;
break;
case ES384:
mechanism = CKM_ECDSA;
oid = SEC_OID_SHA384;
hash_length = SHA384_LENGTH;
break;
case ES512:
mechanism = CKM_ECDSA;
oid = SEC_OID_SHA512;
hash_length = SHA512_LENGTH;
break;
default:
return false;
}
uint8_t hashBuf[HASH_LENGTH_MAX];
SECStatus rv = PK11_HashBuf(oid, hashBuf, aPayload, aPayloadLen);
if (rv != SECSuccess) {
return false;
}
SECItem hashItem = { siBuffer, hashBuf, hash_length };
CERTCertDBHandle* dbHandle = CERT_GetDefaultCertDB();
if (!dbHandle) {
return false;
}
SECItem derCert = { siBuffer,
const_cast<uint8_t*>(aEECert),
static_cast<unsigned int>(aEECertLen) };
UniqueCERTCertificate cert(
CERT_NewTempCertificate(dbHandle, &derCert, nullptr, false, true));
if (!cert) {
return false;
}
UniqueSECKEYPublicKey key(CERT_ExtractPublicKey(cert.get()));
if (!key) {
return false;
}
SECItem signatureItem = { siBuffer,
const_cast<uint8_t*>(aSignature),
static_cast<unsigned int>(aSignatureLen) };
rv = PK11_VerifyWithMechanism(
key.get(), mechanism, &param, &signatureItem, &hashItem, nullptr);
if (rv != SECSuccess) {
return false;
}
// Load intermediate certs into NSS so we can verify the cert chain.
UniqueCERTCertList tempCerts(CERT_NewCertList());
for (size_t i = 0; i < aCertChainLen; ++i) {
SECItem derCert = { siBuffer,
const_cast<uint8_t*>(aCertChain[i]),
static_cast<unsigned int>(aCertsLen[i]) };
UniqueCERTCertificate tempCert(
CERT_NewTempCertificate(dbHandle, &derCert, nullptr, false, true));
// Skip certs that we can't parse. If it was one we needed, the verification
// will fail later.
if (!tempCert) {
continue;
}
if (CERT_AddCertToListTail(tempCerts.get(), tempCert.get()) != SECSuccess) {
return false;
}
Unused << tempCert.release();
}
UniqueCERTCertList builtChain;
nsresult nrv = VerifyCertificate(cert.get(), aTrustedRoot, builtChain);
bool result = true;
if (NS_FAILED(nrv)) {
result = false;
}
// Passing back the signing certificate in form of the DER cert.
nrv = context->SetCert(&cert->derCert);
if (NS_FAILED(nrv)) {
result = false;
}
return result;
}
nsresult
VerifyAppManifest(SECOidTag aDigestToUse, nsCOMPtr<nsIZipReader> aZip,
nsTHashtable<nsCStringHashKey>& aIgnoredFiles,
const SECItem& aManifestBuffer)
{
// Allocate the I/O buffer only once per JAR, instead of once per entry, in
// order to minimize malloc/free calls and in order to avoid fragmenting
// memory.
ScopedAutoSECItem buf(128 * 1024);
nsTHashtable<nsCStringHashKey> items;
nsresult rv = ParseMF(BitwiseCast<char*, unsigned char*>(aManifestBuffer.data),
aZip, aDigestToUse, items, buf);
if (NS_FAILED(rv)) {
return rv;
}
// Verify every entry in the file.
nsCOMPtr<nsIUTF8StringEnumerator> entries;
rv = aZip->FindEntries(EmptyCString(), getter_AddRefs(entries));
if (NS_FAILED(rv)) {
return rv;
}
if (!entries) {
return NS_ERROR_UNEXPECTED;
}
for (;;) {
bool hasMore;
rv = entries->HasMore(&hasMore);
NS_ENSURE_SUCCESS(rv, rv);
if (!hasMore) {
break;
}
nsAutoCString entryFilename;
rv = entries->GetNext(entryFilename);
NS_ENSURE_SUCCESS(rv, rv);
MOZ_LOG(gPIPNSSLog,
LogLevel::Debug,
("Verifying digests for %s", entryFilename.get()));
if (entryFilename.Length() == 0) {
return NS_ERROR_SIGNED_JAR_ENTRY_INVALID;
}
// The files that comprise the signature mechanism are not covered by the
// signature. Ignore these files.
if (aIgnoredFiles.Contains(entryFilename)) {
continue;
}
// Entries with names that end in "/" are directory entries, which are not
// signed.
//
// Since bug 1415991 we don't support unpacked JARs. The "/" entries are
// therefore harmless.
if (entryFilename.Last() == '/') {
continue;
}
nsCStringHashKey* item = items.GetEntry(entryFilename);
if (!item) {
return NS_ERROR_SIGNED_JAR_UNSIGNED_ENTRY;
}
// Remove the item so we can check for leftover items later
items.RemoveEntry(item);
}
// We verified that every entry that we require to be signed is signed. But,
// were there any missing entries--that is, entries that are mentioned in the
// manifest but missing from the archive?
if (items.Count() != 0) {
return NS_ERROR_SIGNED_JAR_ENTRY_MISSING;
}
return NS_OK;
}
// This corresponds to the preference "security.signed_app_signatures.policy".
enum class SignaturePolicy {
PKCS7WithSHA1OrSHA256 = 0,
PKCS7WithSHA256 = 1,
// The lowest order bit determines which PKCS#7 algorithms are accepted.
// xxx_0_: SHA-1 and/or SHA-256 PKCS#7 allowed
// xxx_1_: SHA-256 PKCS#7 allowed
// The next two bits determine whether COSE is required and PKCS#7 is allowed
// x_00_x: COSE disabled, ignore files, PKCS#7 must verify
// x_01_x: COSE is verified if present, PKCS#7 must verify
// x_10_x: COSE is required, PKCS#7 must verify if present
// x_11_x: COSE is required, PKCS#7 disabled (fail when present)
class SignaturePolicy
{
public:
explicit SignaturePolicy(int32_t preference)
: mProcessCose(true)
, mCoseRequired(false)
, mProcessPK7(true)
, mPK7Required(true)
, mSHA1Allowed(true)
, mSHA256Allowed(true)
{
mCoseRequired = (preference & 0b100) != 0;
mProcessCose = (preference & 0b110) != 0;
mPK7Required = (preference & 0b100) == 0;
mProcessPK7 = (preference & 0b110) != 0b110;
if ((preference & 0b1) == 0) {
mSHA1Allowed = true;
mSHA256Allowed = true;
} else {
mSHA1Allowed = false;
mSHA256Allowed = true;
}
}
~SignaturePolicy()
{
}
bool ProcessCOSE() { return mProcessCose; }
bool COSERequired() { return mCoseRequired; }
bool PK7Required() { return mPK7Required; }
bool ProcessPK7() { return mProcessPK7; }
bool IsPK7HashAllowed(SECOidTag aHashAlg)
{
if (aHashAlg == SEC_OID_SHA256 && mSHA256Allowed) {
return true;
}
if (aHashAlg == SEC_OID_SHA1 && mSHA1Allowed) {
return true;
}
return false;
}
private:
bool mProcessCose;
bool mCoseRequired;
bool mProcessPK7;
bool mPK7Required;
bool mSHA1Allowed;
bool mSHA256Allowed;
};
nsresult
OpenSignedAppFile(AppTrustedRoot aTrustedRoot, nsIFile* aJarFile,
VerifyCOSESignature(AppTrustedRoot aTrustedRoot, nsIZipReader* aZip,
SignaturePolicy& aPolicy,
nsTHashtable<nsCStringHashKey>& aIgnoredFiles,
/* out */ bool& aVerified,
/* out */ UniqueSECItem* aCoseCertItem)
{
NS_ENSURE_ARG_POINTER(aZip);
NS_ENSURE_ARG_POINTER(aCoseCertItem);
bool required = aPolicy.COSERequired();
aVerified = false;
// Read COSE signature file.
nsAutoCString coseFilename;
ScopedAutoSECItem coseBuffer;
nsresult rv = FindAndLoadOneEntry(
aZip, NS_LITERAL_CSTRING(JAR_COSE_SEARCH_STRING), coseFilename, coseBuffer);
if (NS_FAILED(rv)) {
return required ? NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE : NS_OK;
}
// Verify COSE signature.
nsAutoCString mfFilename;
ScopedAutoSECItem manifestBuffer;
rv = FindAndLoadOneEntry(aZip,
NS_LITERAL_CSTRING(JAR_COSE_MF_SEARCH_STRING),
mfFilename,
manifestBuffer);
if (NS_FAILED(rv)) {
return required ? NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE : rv;
}
MOZ_ASSERT(manifestBuffer.len >= 1);
MOZ_ASSERT(coseBuffer.len >= 1);
CoseVerificationContext context(aTrustedRoot);
bool coseVerification = verify_cose_signature_ffi(manifestBuffer.data,
manifestBuffer.len - 1,
coseBuffer.data,
coseBuffer.len - 1,
&context,
CoseVerificationCallback);
if (!coseVerification) {
return NS_ERROR_SIGNED_JAR_MANIFEST_INVALID;
}
// CoseVerificationCallback sets the context certificate to the first cert
// it encounters.
const SECItem derCert = { siBuffer, context.GetCert(), context.GetCertLen() };
aCoseCertItem->reset(SECITEM_DupItem(&derCert));
if (!aCoseCertItem) {
return NS_ERROR_FAILURE;
}
// aIgnoredFiles contains the PKCS#7 manifest and signature files iff the
// PKCS#7 verification was successful.
aIgnoredFiles.PutEntry(mfFilename);
aIgnoredFiles.PutEntry(coseFilename);
rv = VerifyAppManifest(SEC_OID_SHA256, aZip, aIgnoredFiles, manifestBuffer);
if (NS_FAILED(rv)) {
return rv;
}
aVerified = true;
return NS_OK;
}
nsresult
VerifyPK7Signature(AppTrustedRoot aTrustedRoot, nsIZipReader* aZip,
SignaturePolicy& aPolicy,
/* out */ nsTHashtable<nsCStringHashKey>& aIgnoredFiles,
/* out */ bool& aVerified,
/* out */ UniqueCERTCertList& aBuiltChain)
{
NS_ENSURE_ARG_POINTER(aZip);
bool required = aPolicy.PK7Required();
aVerified = false;
// Signature (RSA) file
nsAutoCString sigFilename;
ScopedAutoSECItem sigBuffer;
nsresult rv = FindAndLoadOneEntry(
aZip, nsLiteralCString(JAR_RSA_SEARCH_STRING), sigFilename, sigBuffer);
if (NS_FAILED(rv)) {
return required ? NS_ERROR_SIGNED_JAR_NOT_SIGNED : NS_OK;
}
// Signature (SF) file
nsAutoCString sfFilename;
ScopedAutoSECItem sfBuffer;
rv = FindAndLoadOneEntry(
aZip, NS_LITERAL_CSTRING(JAR_SF_SEARCH_STRING), sfFilename, sfBuffer);
if (NS_FAILED(rv)) {
return required ? NS_ERROR_SIGNED_JAR_MANIFEST_INVALID : NS_OK;
}
// Calculate both the SHA-1 and SHA-256 hashes of the signature file - we
// don't know what algorithm the PKCS#7 signature used.
Digest sfCalculatedSHA1Digest;
rv = sfCalculatedSHA1Digest.DigestBuf(
SEC_OID_SHA1, sfBuffer.data, sfBuffer.len - 1);
if (NS_FAILED(rv)) {
return rv;
}
Digest sfCalculatedSHA256Digest;
rv = sfCalculatedSHA256Digest.DigestBuf(
SEC_OID_SHA256, sfBuffer.data, sfBuffer.len - 1);
if (NS_FAILED(rv)) {
return rv;
}
// Verify PKCS#7 signature.
// If we get here, the signature has to verify even if PKCS#7 is not required.
sigBuffer.type = siBuffer;
SECOidTag digestToUse;
rv = VerifySignature(aTrustedRoot,
sigBuffer,
sfCalculatedSHA1Digest.get(),
sfCalculatedSHA256Digest.get(),
digestToUse,
aBuiltChain);
if (NS_FAILED(rv)) {
return rv;
}
// Check the digest used for the signature against the policy.
if (!aPolicy.IsPK7HashAllowed(digestToUse)) {
return NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE;
}
nsAutoCString mfDigest;
rv = ParseSF(
BitwiseCast<char*, unsigned char*>(sfBuffer.data), digestToUse, mfDigest);
if (NS_FAILED(rv)) {
return rv;
}
// Read PK7 manifest (MF) file.
ScopedAutoSECItem manifestBuffer;
Digest mfCalculatedDigest;
nsAutoCString mfFilename;
rv = FindAndLoadOneEntry(aZip,
NS_LITERAL_CSTRING(JAR_MF_SEARCH_STRING),
mfFilename,
manifestBuffer,
digestToUse,
&mfCalculatedDigest);
if (NS_FAILED(rv)) {
return rv;
}
nsDependentCSubstring calculatedDigest(
DigestToDependentString(mfCalculatedDigest));
if (!mfDigest.Equals(calculatedDigest)) {
return NS_ERROR_SIGNED_JAR_MANIFEST_INVALID;
}
// Verify PKCS7 manifest file hashes.
aIgnoredFiles.PutEntry(sfFilename);
aIgnoredFiles.PutEntry(sigFilename);
aIgnoredFiles.PutEntry(mfFilename);
rv = VerifyAppManifest(digestToUse, aZip, aIgnoredFiles, manifestBuffer);
if (NS_FAILED(rv)) {
aIgnoredFiles.Clear();
return rv;
}
aVerified = true;
return NS_OK;
}
nsresult
OpenSignedAppFile(AppTrustedRoot aTrustedRoot,
nsIFile* aJarFile,
SignaturePolicy aPolicy,
/*out, optional */ nsIZipReader** aZipReader,
/*out, optional */ nsIX509Cert** aSignerCert)
/* out, optional */ nsIZipReader** aZipReader,
/* out, optional */ nsIX509Cert** aSignerCert)
{
NS_ENSURE_ARG_POINTER(aJarFile);
@ -871,162 +1323,36 @@ OpenSignedAppFile(AppTrustedRoot aTrustedRoot, nsIFile* aJarFile,
rv = zip->Open(aJarFile);
NS_ENSURE_SUCCESS(rv, rv);
// Signature (RSA) file
nsAutoCString sigFilename;
ScopedAutoSECItem sigBuffer;
rv = FindAndLoadOneEntry(zip, nsLiteralCString(JAR_RSA_SEARCH_STRING),
sigFilename, sigBuffer);
if (NS_FAILED(rv)) {
return NS_ERROR_SIGNED_JAR_NOT_SIGNED;
}
bool pk7Verified = false;
bool coseVerified = false;
nsTHashtable<nsCStringHashKey> ignoredFiles;
UniqueCERTCertList pk7BuiltChain;
UniqueSECItem coseCertItem;
// Signature (SF) file
nsAutoCString sfFilename;
ScopedAutoSECItem sfBuffer;
rv = FindAndLoadOneEntry(zip, NS_LITERAL_CSTRING(JAR_SF_SEARCH_STRING),
sfFilename, sfBuffer);
if (NS_FAILED(rv)) {
return NS_ERROR_SIGNED_JAR_MANIFEST_INVALID;
}
// Calculate both the SHA-1 and SHA-256 hashes of the signature file - we
// don't know what algorithm the PKCS#7 signature used.
Digest sfCalculatedSHA1Digest;
rv = sfCalculatedSHA1Digest.DigestBuf(SEC_OID_SHA1, sfBuffer.data,
sfBuffer.len - 1);
if (NS_FAILED(rv)) {
return rv;
}
Digest sfCalculatedSHA256Digest;
rv = sfCalculatedSHA256Digest.DigestBuf(SEC_OID_SHA256, sfBuffer.data,
sfBuffer.len - 1);
if (NS_FAILED(rv)) {
return rv;
}
sigBuffer.type = siBuffer;
UniqueCERTCertList builtChain;
SECOidTag digestToUse;
rv = VerifySignature(aTrustedRoot, sigBuffer, sfCalculatedSHA1Digest.get(),
sfCalculatedSHA256Digest.get(), digestToUse, builtChain);
if (NS_FAILED(rv)) {
return rv;
}
switch (aPolicy) {
case SignaturePolicy::PKCS7WithSHA256:
if (digestToUse != SEC_OID_SHA256) {
return NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE;
}
break;
case SignaturePolicy::PKCS7WithSHA1OrSHA256:
break;
}
nsAutoCString mfDigest;
rv = ParseSF(BitwiseCast<char*, unsigned char*>(sfBuffer.data), digestToUse,
mfDigest);
if (NS_FAILED(rv)) {
return rv;
}
// Manifest (MF) file
nsAutoCString mfFilename;
ScopedAutoSECItem manifestBuffer;
Digest mfCalculatedDigest;
rv = FindAndLoadOneEntry(zip, NS_LITERAL_CSTRING(JAR_MF_SEARCH_STRING),
mfFilename, manifestBuffer, digestToUse,
&mfCalculatedDigest);
if (NS_FAILED(rv)) {
return rv;
}
nsDependentCSubstring calculatedDigest(
DigestToDependentString(mfCalculatedDigest));
if (!mfDigest.Equals(calculatedDigest)) {
return NS_ERROR_SIGNED_JAR_MANIFEST_INVALID;
}
// Allocate the I/O buffer only once per JAR, instead of once per entry, in
// order to minimize malloc/free calls and in order to avoid fragmenting
// memory.
ScopedAutoSECItem buf(128 * 1024);
nsTHashtable<nsCStringHashKey> items;
rv = ParseMF(BitwiseCast<char*, unsigned char*>(manifestBuffer.data), zip,
digestToUse, items, buf);
if (NS_FAILED(rv)) {
return rv;
}
// Verify every entry in the file.
nsCOMPtr<nsIUTF8StringEnumerator> entries;
rv = zip->FindEntries(EmptyCString(), getter_AddRefs(entries));
if (NS_SUCCEEDED(rv) && !entries) {
rv = NS_ERROR_UNEXPECTED;
}
if (NS_FAILED(rv)) {
return rv;
}
for (;;) {
bool hasMore;
rv = entries->HasMore(&hasMore);
NS_ENSURE_SUCCESS(rv, rv);
if (!hasMore) {
break;
// First we have to verify the PKCS#7 signature if there is one.
// This signature covers all files (except for the signature files itself),
// including the COSE signature files. Only when this verification is
// successful the respective files will be ignored in the subsequent COSE
// signature verification.
if (aPolicy.ProcessPK7()) {
rv = VerifyPK7Signature(
aTrustedRoot, zip, aPolicy, ignoredFiles, pk7Verified, pk7BuiltChain);
if (NS_FAILED(rv)) {
return rv;
}
nsAutoCString entryFilename;
rv = entries->GetNext(entryFilename);
NS_ENSURE_SUCCESS(rv, rv);
MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("Verifying digests for %s",
entryFilename.get()));
// The files that comprise the signature mechanism are not covered by the
// signature.
//
// XXX: This is OK for a single signature, but doesn't work for
// multiple signatures, because the metadata for the other signatures
// is not signed either.
if (entryFilename == mfFilename ||
entryFilename == sfFilename ||
entryFilename == sigFilename) {
continue;
}
if (entryFilename.Length() == 0) {
return NS_ERROR_SIGNED_JAR_ENTRY_INVALID;
}
// Entries with names that end in "/" are directory entries, which are not
// signed.
//
// XXX: As long as we don't unpack the JAR into the filesystem, the "/"
// entries are harmless. But, it is not clear what the security
// implications of directory entries are if/when we were to unpackage the
// JAR into the filesystem.
if (entryFilename[entryFilename.Length() - 1] == '/') {
continue;
}
nsCStringHashKey * item = items.GetEntry(entryFilename);
if (!item) {
return NS_ERROR_SIGNED_JAR_UNSIGNED_ENTRY;
}
// Remove the item so we can check for leftover items later
items.RemoveEntry(item);
}
// We verified that every entry that we require to be signed is signed. But,
// were there any missing entries--that is, entries that are mentioned in the
// manifest but missing from the archive?
if (items.Count() != 0) {
return NS_ERROR_SIGNED_JAR_ENTRY_MISSING;
if (aPolicy.ProcessCOSE()) {
rv = VerifyCOSESignature(
aTrustedRoot, zip, aPolicy, ignoredFiles, coseVerified, &coseCertItem);
if (NS_FAILED(rv)) {
return rv;
}
}
if ((aPolicy.PK7Required() && !pk7Verified) ||
(aPolicy.COSERequired() && !coseVerified)) {
return NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE;
}
// Return the reader to the caller if they want it
@ -1037,15 +1363,36 @@ OpenSignedAppFile(AppTrustedRoot aTrustedRoot, nsIFile* aJarFile,
// Return the signer's certificate to the reader if they want it.
// XXX: We should return an nsIX509CertList with the whole validated chain.
if (aSignerCert) {
CERTCertListNode* signerCertNode = CERT_LIST_HEAD(builtChain);
if (!signerCertNode || CERT_LIST_END(signerCertNode, builtChain) ||
!signerCertNode->cert) {
return NS_ERROR_FAILURE;
// The COSE certificate is authoritative.
if (aPolicy.COSERequired() || (coseCertItem && coseCertItem->len != 0)) {
if (!coseCertItem || coseCertItem->len == 0) {
return NS_ERROR_FAILURE;
}
CERTCertDBHandle* dbHandle = CERT_GetDefaultCertDB();
if (!dbHandle) {
return NS_ERROR_FAILURE;
}
UniqueCERTCertificate cert(CERT_NewTempCertificate(
dbHandle, coseCertItem.get(), nullptr, false, true));
if (!cert) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIX509Cert> signerCert = nsNSSCertificate::Create(cert.get());
if (!signerCert) {
return NS_ERROR_OUT_OF_MEMORY;
}
signerCert.forget(aSignerCert);
} else {
CERTCertListNode* signerCertNode = CERT_LIST_HEAD(pk7BuiltChain);
if (!signerCertNode || CERT_LIST_END(signerCertNode, pk7BuiltChain) ||
!signerCertNode->cert) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIX509Cert> signerCert =
nsNSSCertificate::Create(signerCertNode->cert);
NS_ENSURE_TRUE(signerCert, NS_ERROR_OUT_OF_MEMORY);
signerCert.forget(aSignerCert);
}
nsCOMPtr<nsIX509Cert> signerCert =
nsNSSCertificate::Create(signerCertNode->cert);
NS_ENSURE_TRUE(signerCert, NS_ERROR_OUT_OF_MEMORY);
signerCert.forget(aSignerCert);
}
return NS_OK;
@ -1090,8 +1437,7 @@ private:
nsCOMPtr<nsIX509Cert> mSignerCert; // out
};
static const SignaturePolicy sDefaultSignaturePolicy =
SignaturePolicy::PKCS7WithSHA1OrSHA256;
static const int32_t sDefaultSignaturePolicy = 0b10;
} // unnamed namespace
@ -1105,19 +1451,10 @@ nsNSSCertificateDB::OpenSignedAppFileAsync(
if (!NS_IsMainThread()) {
return NS_ERROR_NOT_SAME_THREAD;
}
SignaturePolicy policy =
static_cast<SignaturePolicy>(
Preferences::GetInt("security.signed_app_signatures.policy",
static_cast<int32_t>(sDefaultSignaturePolicy)));
switch (policy) {
case SignaturePolicy::PKCS7WithSHA1OrSHA256:
break;
case SignaturePolicy::PKCS7WithSHA256:
break;
default:
policy = sDefaultSignaturePolicy;
break;
}
int32_t policyInt =
Preferences::GetInt("security.signed_app_signatures.policy",
static_cast<int32_t>(sDefaultSignaturePolicy));
SignaturePolicy policy(policyInt);
RefPtr<OpenSignedAppFileTask> task(new OpenSignedAppFileTask(aTrustedRoot,
aJarFile,
policy,

1
security/apps/moz.build
View File

@ -18,6 +18,7 @@ LOCAL_INCLUDES += [
'/security/certverifier',
'/security/manager/ssl',
'/security/pkix/include',
'/third_party/rust/cose-c/include',
]
DEFINES['NSS_ENABLE_ECC'] = 'True'

15
security/manager/ssl/security-prefs.js
View File

@ -68,10 +68,17 @@ pref("security.pki.cert_short_lifetime_in_days", 10);
pref("security.pki.sha1_enforcement_level", 3);
// This preference controls what signature algorithms are accepted for signed
// apps (i.e. add-ons).
// 0: SHA-1 and/or SHA-256 PKCS#7 allowed
// 1: SHA-256 PKCS#7 allowed
pref("security.signed_app_signatures.policy", 0);
// apps (i.e. add-ons). The number is interpreted as a bit mask with the
// following semantic:
// The lowest order bit determines which PKCS#7 algorithms are accepted.
// xxx_0_: SHA-1 and/or SHA-256 PKCS#7 allowed
// xxx_1_: SHA-256 PKCS#7 allowed
// The next two bits determine whether COSE is required and PKCS#7 is allowed
// x_00_x: COSE disabled, ignore files, PKCS#7 must verify
// x_01_x: COSE is verified if present, PKCS#7 must verify
// x_10_x: COSE is required, PKCS#7 must verify if present
// x_11_x: COSE is required, PKCS#7 disabled (fail when present)
pref("security.signed_app_signatures.policy", 2);
// security.pki.name_matching_mode controls how the platform matches hostnames
// to name information in TLS certificates. The possible values are:

77
security/manager/ssl/tests/gtest/CoseTest.cpp
View File

@ -108,12 +108,12 @@ const uint8_t SIGNATURE[] = {
0x5f, 0x31, 0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02, 0x21,
0x00, 0xff, 0x81, 0xbe, 0xa8, 0x0d, 0x03, 0x36, 0x6b, 0x75, 0xe2, 0x70, 0x6a,
0xac, 0x07, 0x2e, 0x4c, 0xdc, 0xf9, 0xc5, 0x89, 0xc1, 0xcf, 0x88, 0xc2, 0xc8,
0x2a, 0x32, 0xf5, 0x42, 0x0c, 0xfa, 0x0b, 0xa0, 0x58, 0x40, 0xb7, 0x50, 0xae,
0x12, 0x41, 0xb2, 0x62, 0x28, 0x80, 0x0b, 0xaa, 0x99, 0xec, 0x5f, 0x1c, 0x91,
0x2f, 0xd8, 0x65, 0xd0, 0x1c, 0x38, 0x7c, 0x37, 0x63, 0x6d, 0xfa, 0x67, 0x9d,
0x21, 0xff, 0x54, 0x98, 0xf8, 0x97, 0x63, 0xc2, 0x2e, 0x3c, 0xfa, 0x25, 0x28,
0xec, 0x2c, 0x96, 0x8c, 0xca, 0xfc, 0x94, 0xd0, 0xc2, 0x19, 0x28, 0x28, 0x43,
0xe6, 0x64, 0xd4, 0x09, 0x2b, 0x0f, 0x01, 0xc3, 0x6e
0x2a, 0x32, 0xf5, 0x42, 0x0c, 0xfa, 0x0b, 0xa0, 0x58, 0x40, 0x1e, 0x6e, 0x08,
0xdf, 0x8f, 0x4f, 0xd6, 0xab, 0x23, 0xae, 0x84, 0xaa, 0xf3, 0x43, 0x35, 0x9a,
0x53, 0xb9, 0x8b, 0xf9, 0x81, 0xa1, 0xbc, 0x1e, 0x5c, 0x57, 0x5c, 0x0a, 0x20,
0x37, 0xf4, 0x3d, 0x11, 0x08, 0xa0, 0x97, 0x4b, 0x68, 0xa4, 0x0f, 0x80, 0xe9,
0x96, 0x30, 0x04, 0x24, 0x0e, 0x81, 0x3d, 0x2a, 0x8a, 0x64, 0x40, 0x61, 0x5a,
0x19, 0x00, 0xff, 0x74, 0x40, 0x71, 0x82, 0x65, 0xe9
};
// This is a COSE signature generated with the cose rust library (see
@ -308,12 +308,12 @@ const uint8_t SIGNATURE_ES256_PS256[] = {
0x31, 0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02, 0x21, 0x00,
0xff, 0x81, 0xbe, 0xa8, 0x0d, 0x03, 0x36, 0x6b, 0x75, 0xe2, 0x70, 0x6a, 0xac,
0x07, 0x2e, 0x4c, 0xdc, 0xf9, 0xc5, 0x89, 0xc1, 0xcf, 0x88, 0xc2, 0xc8, 0x2a,
0x32, 0xf5, 0x42, 0x0c, 0xfa, 0x0b, 0xa0, 0x58, 0x40, 0xfa, 0xc6, 0xb7, 0xae,
0xec, 0x0b, 0x0b, 0xe2, 0xef, 0xae, 0xf7, 0x9d, 0x64, 0xe5, 0xaf, 0xbb, 0x2c,
0x4b, 0xe8, 0x7c, 0x61, 0xa9, 0x1e, 0xb9, 0x6d, 0x9c, 0xfa, 0xe3, 0x11, 0x77,
0xaf, 0x44, 0x9d, 0xc3, 0xa8, 0xa9, 0xbc, 0x58, 0xed, 0xc5, 0xe5, 0xa1, 0x92,
0x3b, 0x89, 0xa3, 0x3b, 0x1e, 0xbf, 0x6e, 0x33, 0x64, 0x21, 0x0b, 0x97, 0xee,
0xb7, 0xae, 0x84, 0x17, 0x5c, 0xff, 0x27, 0xa0, 0x83, 0x59, 0x02, 0xbb, 0xa2,
0x32, 0xf5, 0x42, 0x0c, 0xfa, 0x0b, 0xa0, 0x58, 0x40, 0xa3, 0xfb, 0x49, 0xe6,
0x45, 0x29, 0x64, 0x76, 0xeb, 0x9d, 0xbd, 0xf5, 0x38, 0x56, 0xbe, 0x6e, 0x31,
0x57, 0x73, 0xc1, 0x2d, 0x3e, 0xac, 0xee, 0xba, 0x55, 0x8e, 0x37, 0xd4, 0xea,
0x80, 0x25, 0x31, 0x99, 0x9f, 0x4a, 0xb0, 0xf9, 0xd8, 0xb0, 0xed, 0x74, 0xfc,
0x8c, 0x02, 0xf0, 0x9f, 0x95, 0xf1, 0xaa, 0x71, 0xcc, 0xd2, 0xe7, 0x1a, 0x6d,
0xd4, 0xed, 0xff, 0xf2, 0x78, 0x09, 0x83, 0x7e, 0x83, 0x59, 0x02, 0xbb, 0xa2,
0x01, 0x38, 0x24, 0x04, 0x59, 0x02, 0xb3, 0x30, 0x82, 0x02, 0xaf, 0x30, 0x82,
0x01, 0x99, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x07, 0x1c, 0x3b, 0x71,
0x08, 0xbe, 0xd7, 0x9f, 0xfd, 0xaf, 0x26, 0xb6, 0x08, 0xa3, 0x99, 0x06, 0x77,
@ -368,26 +368,26 @@ const uint8_t SIGNATURE_ES256_PS256[] = {
0xa0, 0x6b, 0xef, 0xd4, 0x5e, 0xa4, 0x0f, 0x53, 0xe1, 0xbc, 0xb4, 0xc9, 0x37,
0x0e, 0x75, 0xdd, 0x93, 0xe8, 0x0f, 0x18, 0x0a, 0x02, 0x83, 0x17, 0x74, 0xbb,
0x1a, 0x42, 0x5b, 0x63, 0x2c, 0x80, 0x80, 0xa6, 0x84, 0xa0, 0x59, 0x01, 0x00,
0x67, 0xbe, 0xe4, 0x81, 0xed, 0x1e, 0xce, 0x7d, 0x18, 0xf5, 0x85, 0xa2, 0xcb,
0x1d, 0x75, 0x6f, 0x8a, 0x34, 0xaa, 0x6b, 0x58, 0x91, 0xd2, 0xa4, 0x58, 0x4f,
0xe1, 0x8b, 0x6a, 0x36, 0xe1, 0x67, 0x23, 0x2c, 0x5d, 0x7e, 0x05, 0xe2, 0xa0,
0x18, 0xa8, 0x78, 0x7d, 0x85, 0xda, 0x07, 0x60, 0xc6, 0x8e, 0x44, 0x14, 0xad,
0xbc, 0x35, 0x2f, 0xf3, 0xd8, 0xda, 0x34, 0x65, 0x12, 0x45, 0x6a, 0xbe, 0x46,
0x53, 0x09, 0xc8, 0xcc, 0x96, 0x6b, 0x07, 0xd4, 0xc3, 0x4f, 0xd2, 0x7b, 0x88,
0xad, 0x10, 0x3b, 0x93, 0x3c, 0x9a, 0xc4, 0x1a, 0x98, 0x12, 0x2f, 0xf9, 0xc9,
0xb9, 0xd2, 0xda, 0x40, 0xe9, 0x9e, 0xd8, 0x74, 0x2f, 0x02, 0xf1, 0xf0, 0x9a,
0x31, 0x99, 0xb4, 0x82, 0xe1, 0x25, 0xee, 0x3f, 0xf9, 0xd5, 0xbb, 0x10, 0x8b,
0xff, 0x03, 0x0f, 0xcb, 0x96, 0x8f, 0x29, 0x51, 0x71, 0xfc, 0xe2, 0x0e, 0x9c,
0xf7, 0x3d, 0xc0, 0x95, 0xc6, 0x70, 0xfd, 0x8c, 0xb7, 0xf6, 0xa7, 0xfa, 0x7d,
0xd6, 0x44, 0x0b, 0xa3, 0xd3, 0x97, 0xf5, 0xcd, 0x6d, 0xc9, 0x17, 0xc6, 0xcb,
0xd5, 0x82, 0x01, 0x0e, 0xef, 0xb3, 0xbd, 0x33, 0x6e, 0x49, 0x57, 0xb1, 0x38,
0x57, 0x27, 0x91, 0x22, 0x5a, 0xeb, 0x02, 0x97, 0x53, 0xeb, 0x56, 0x01, 0xdc,
0xf9, 0xe9, 0x6c, 0x38, 0x7c, 0x0b, 0x1c, 0x7e, 0x19, 0xc7, 0x4b, 0x9d, 0x30,
0xad, 0x14, 0x2a, 0xb2, 0x07, 0x99, 0x80, 0x40, 0x42, 0x82, 0x49, 0x4e, 0xb5,
0x1a, 0x49, 0xa3, 0x31, 0x7f, 0xd9, 0x78, 0xd1, 0x08, 0x39, 0xaf, 0x0d, 0xeb,
0x8a, 0x93, 0x43, 0xab, 0x3d, 0x3f, 0x9b, 0xe3, 0x25, 0x3b, 0x09, 0xa9, 0x00,
0xfc, 0x98, 0xb9, 0xdc, 0x73, 0x91, 0x87, 0x58, 0x53, 0xd4, 0xc1, 0x8b, 0x05,
0xe6, 0x85, 0xc8, 0x48, 0xb8, 0x7e, 0x23, 0xcf, 0x12
0x51, 0xf4, 0xe6, 0x1c, 0x18, 0x7b, 0x28, 0xa0, 0x1f, 0x63, 0xbf, 0xa5, 0xbd,
0x89, 0x9f, 0xd9, 0x30, 0x46, 0x4b, 0x34, 0x9b, 0x9d, 0x0f, 0xb0, 0x33, 0x11,
0xf8, 0xaa, 0x84, 0x4e, 0xb2, 0xca, 0x29, 0x83, 0x54, 0x28, 0x99, 0x2a, 0x43,
0x7f, 0xe0, 0xe6, 0xd8, 0xdc, 0xd7, 0xf4, 0xb3, 0xd7, 0xf7, 0x39, 0xd5, 0xdc,
0xde, 0xdc, 0x23, 0x78, 0xd7, 0x90, 0xc0, 0x52, 0xf5, 0xd2, 0x14, 0x6f, 0xf9,
0x24, 0x48, 0xc8, 0x75, 0x4a, 0x9a, 0x4c, 0x61, 0x2f, 0x96, 0x4e, 0xc8, 0x02,
0x95, 0x72, 0xef, 0xbc, 0x91, 0xae, 0xf8, 0x23, 0xfb, 0xba, 0x9f, 0xfd, 0xe0,
0x1a, 0x8e, 0xa9, 0x03, 0x16, 0x76, 0xf4, 0xdb, 0x81, 0x5a, 0x69, 0xeb, 0xf5,
0x55, 0xd7, 0x68, 0x28, 0xe4, 0xce, 0xde, 0x1b, 0xb4, 0x90, 0xac, 0x97, 0x07,
0x15, 0xe0, 0xce, 0x5f, 0x3f, 0x89, 0xaf, 0xc1, 0xb8, 0x46, 0x5e, 0x87, 0xa1,
0x8d, 0xa7, 0x44, 0x09, 0x02, 0x4e, 0xbe, 0x6b, 0xfb, 0xab, 0xeb, 0x19, 0x62,
0x9e, 0xb0, 0xef, 0x0a, 0x6b, 0xcf, 0xe0, 0x00, 0xa9, 0x68, 0x2a, 0x8e, 0xfe,
0x8a, 0xb9, 0x57, 0x52, 0xb3, 0x08, 0x80, 0x5e, 0xa6, 0x88, 0x5f, 0x31, 0xd1,
0xe9, 0x6d, 0xf7, 0x54, 0x4e, 0xf8, 0x17, 0xb0, 0x1c, 0xca, 0xa6, 0xa6, 0x80,
0xf8, 0xd8, 0xf5, 0x94, 0xa4, 0xb2, 0xd0, 0x7e, 0xbb, 0x4f, 0xdb, 0x3a, 0x91,
0x5f, 0xb3, 0xc1, 0xfa, 0x60, 0xe4, 0xce, 0xe3, 0xe5, 0x14, 0x1f, 0x9c, 0x01,
0x60, 0xff, 0xe2, 0x09, 0xe6, 0x1a, 0x82, 0x69, 0xb6, 0xeb, 0x52, 0x1e, 0x3d,
0xc7, 0xfd, 0x69, 0x9d, 0x2a, 0xa5, 0xdb, 0xc1, 0x6a, 0x5a, 0x7d, 0x23, 0x2a,
0x00, 0xe4, 0x53, 0x16, 0x8e, 0xc1, 0x56, 0xf5, 0x5a, 0x8d, 0x59, 0x1f, 0x7f,
0xff, 0x77, 0x6f, 0x92, 0xea, 0x5d, 0x31, 0xe9, 0x18
};
// The RSA intermediate certificate that issued the EE cert used in the
@ -630,7 +630,8 @@ verify_callback(const uint8_t* payload,
size_t ee_cert_len,
const uint8_t* signature,
size_t signature_len,
uint8_t signature_algorithm)
uint8_t signature_algorithm,
void* ctx)
{
UniquePK11SlotInfo slot(PK11_GetInternalSlot());
if (!slot) {
@ -703,8 +704,12 @@ TEST_F(psm_COSE, CoseTestingSingleSignature)
{
SECStatus rv = NSS_NoDB_Init(nullptr);
ASSERT_EQ(SECSuccess, rv);
bool result = verify_cose_signature_ffi(
PAYLOAD, sizeof(PAYLOAD), SIGNATURE, sizeof(SIGNATURE), verify_callback);
bool result = verify_cose_signature_ffi(PAYLOAD,
sizeof(PAYLOAD),
SIGNATURE,
sizeof(SIGNATURE),
nullptr,
verify_callback);
ASSERT_TRUE(result);
}
@ -716,6 +721,7 @@ TEST_F(psm_COSE, CoseTestingTwoSignatures)
sizeof(PAYLOAD),
SIGNATURE_ES256_PS256,
sizeof(SIGNATURE_ES256_PS256),
nullptr,
verify_callback);
ASSERT_TRUE(result);
}
@ -731,6 +737,7 @@ TEST_F(psm_COSE, CoseTestingAlteredPayload)
sizeof(altered_payload),
SIGNATURE_ES256_PS256,
sizeof(SIGNATURE_ES256_PS256),
nullptr,
verify_callback);
ASSERT_FALSE(result);
}

118
security/manager/ssl/tests/unit/sign_app.py
View File

@ -121,6 +121,26 @@ def addManifestEntry(filename, hashes, contents, entries):
entry += '%s-Digest: %s\n' % (name, base64hash)
entries.append(entry)
def getCert(subject, keyName, issuerName, ee, issuerKey=""):
"""Helper function to create an X509 cert from a specification.
Takes the subject, the subject key name to use, the issuer name,
a bool whether this is an EE cert or not, and optionally an issuer key
name."""
certSpecification = 'issuer:%s\n' % issuerName + \
'subject:' + subject + '\n' + \
'subjectKey:%s\n' % keyName
if ee:
certSpecification += 'extension:keyUsage:digitalSignature'
else:
certSpecification += 'extension:basicConstraints:cA,\n' + \
'extension:keyUsage:cRLSign,keyCertSign'
if issuerKey:
certSpecification += '\nissuerKey:%s' % issuerKey
certSpecificationStream = StringIO.StringIO()
print >>certSpecificationStream, certSpecification
certSpecificationStream.seek(0)
return pycert.Certificate(certSpecificationStream)
def coseAlgorithmToSignatureParams(coseAlgorithm, issuerName):
"""Given a COSE algorithm ('ES256', 'ES384', 'ES512') and an issuer
name, returns a (algorithm id, pykey.ECCKey, encoded certificate)
@ -138,26 +158,20 @@ def coseAlgorithmToSignatureParams(coseAlgorithm, issuerName):
else:
raise UnknownCOSEAlgorithmError(coseAlgorithm)
key = pykey.ECCKey(keyName)
certSpecification = 'issuer:%s\n' % issuerName + \
'subject: xpcshell signed app test signer\n' + \
'subjectKey:%s\n' % keyName + \
'extension:keyUsage:digitalSignature'
certSpecificationStream = StringIO.StringIO()
print >>certSpecificationStream, certSpecification
certSpecificationStream.seek(0)
cert = pycert.Certificate(certSpecificationStream)
return (algId, key, cert.toDER())
# The subject must differ to avoid errors when importing into NSS later.
ee = getCert('xpcshell signed app test signer ' + keyName, keyName, issuerName, True, 'default')
return (algId, key, ee.toDER())
def signZip(appDirectory, outputFile, issuerName, manifestHashes,
signatureHashes, pkcs7Hashes, doSign, coseAlgorithms):
def signZip(appDirectory, outputFile, issuerName, rootName, manifestHashes,
signatureHashes, pkcs7Hashes, coseAlgorithms, emptySignerInfos):
"""Given a directory containing the files to package up,
an output filename to write to, the name of the issuer of
the signing certificate, a list of hash algorithms to use in
the manifest file, a similar list for the signature file,
a similar list for the pkcs#7 signature, whether or not to
actually sign the resulting package, and a list of COSE
signature algorithms to include, packages up the files in the
directory and creates the output as appropriate."""
the signing certificate, the name of trust anchor, a list of hash algorithms
to use in the manifest file, a similar list for the signature file,
a similar list for the pkcs#7 signature, a list of COSE signature algorithms
to include, and whether the pkcs#7 signer info should be kept empty,
packages up the files in the directory and creates the output
as appropriate."""
# This ensures each manifest file starts with the magic string and
# then a blank line.
mfEntries = ['Manifest-Version: 1.0', '']
@ -171,46 +185,50 @@ def signZip(appDirectory, outputFile, issuerName, manifestHashes,
# Add the entry to the manifest we're building
addManifestEntry(internalPath, manifestHashes, contents, mfEntries)
# Just exit early if we're not actually signing.
if not doSign:
return
if len(coseAlgorithms) > 0:
coseManifest = '\n'.join(mfEntries)
outZip.writestr('META-INF/cose.manifest', coseManifest)
addManifestEntry('META-INF/cose.manifest', manifestHashes,
coseManifest, mfEntries)
intermediates = []
coseIssuerName = issuerName
if rootName:
coseIssuerName = 'xpcshell signed app test issuer'
intermediate = getCert(coseIssuerName, 'default', rootName, False)
intermediate = intermediate.toDER()
intermediates.append(intermediate)
signatures = map(lambda coseAlgorithm:
coseAlgorithmToSignatureParams(coseAlgorithm, issuerName),
coseAlgorithmToSignatureParams(coseAlgorithm, coseIssuerName),
coseAlgorithms)
coseSignatureBytes = coseSig(coseManifest, [], signatures)
coseSignatureBytes = coseSig(coseManifest, intermediates, signatures)
outZip.writestr('META-INF/cose.sig', coseSignatureBytes)
addManifestEntry('META-INF/cose.sig', manifestHashes,
coseSignatureBytes, mfEntries)
mfContents = '\n'.join(mfEntries)
sfContents = 'Signature-Version: 1.0\n'
for (hashFunc, name) in signatureHashes:
base64hash = b64encode(hashFunc(mfContents).digest())
sfContents += '%s-Digest-Manifest: %s\n' % (name, base64hash)
if len(pkcs7Hashes) != 0 or emptySignerInfos:
mfContents = '\n'.join(mfEntries)
sfContents = 'Signature-Version: 1.0\n'
for (hashFunc, name) in signatureHashes:
base64hash = b64encode(hashFunc(mfContents).digest())
sfContents += '%s-Digest-Manifest: %s\n' % (name, base64hash)
cmsSpecification = ''
for name in pkcs7Hashes:
hashFunc, _ = hashNameToFunctionAndIdentifier(name)
cmsSpecification += '%s:%s\n' % (name,
hashFunc(sfContents).hexdigest())
cmsSpecification += 'signer:\n' + \
'issuer:%s\n' % issuerName + \
'subject:xpcshell signed app test signer\n' + \
'extension:keyUsage:digitalSignature'
cmsSpecificationStream = StringIO.StringIO()
print >>cmsSpecificationStream, cmsSpecification
cmsSpecificationStream.seek(0)
cms = pycms.CMS(cmsSpecificationStream)
p7 = cms.toDER()
outZip.writestr('META-INF/A.RSA', p7)
outZip.writestr('META-INF/A.SF', sfContents)
outZip.writestr('META-INF/MANIFEST.MF', mfContents)
cmsSpecification = ''
for name in pkcs7Hashes:
hashFunc, _ = hashNameToFunctionAndIdentifier(name)
cmsSpecification += '%s:%s\n' % (name,
hashFunc(sfContents).hexdigest())
cmsSpecification += 'signer:\n' + \
'issuer:%s\n' % issuerName + \
'subject:xpcshell signed app test signer\n' + \
'extension:keyUsage:digitalSignature'
cmsSpecificationStream = StringIO.StringIO()
print >>cmsSpecificationStream, cmsSpecification
cmsSpecificationStream.seek(0)
cms = pycms.CMS(cmsSpecificationStream)
p7 = cms.toDER()
outZip.writestr('META-INF/A.RSA', p7)
outZip.writestr('META-INF/A.SF', sfContents)
outZip.writestr('META-INF/MANIFEST.MF', mfContents)
class Error(Exception):
"""Base class for exceptions in this module."""
@ -252,10 +270,10 @@ def main(outputFile, appPath, *args):
optional arguments, signs the contents of the directory and
writes the resulting package to the 'file'."""
parser = argparse.ArgumentParser(description='Sign an app.')
parser.add_argument('-n', '--no-sign', action='store_true',
help='Don\'t actually sign - only create zip')
parser.add_argument('-i', '--issuer', action='store', help='Issuer name',
default='xpcshell signed apps test root')
parser.add_argument('-r', '--root', action='store', help='Root name',
default='')
parser.add_argument('-m', '--manifest-hash', action='append',
help='Hash algorithms to use in manifest',
default=[])
@ -277,9 +295,7 @@ def main(outputFile, appPath, *args):
parsed.manifest_hash.append('sha256')
if len(parsed.signature_hash) == 0:
parsed.signature_hash.append('sha256')
if len(parsed.pkcs7_hash) == 0 and not parsed.empty_signerInfos:
parsed.pkcs7_hash.append('sha256')
signZip(appPath, outputFile, parsed.issuer,
signZip(appPath, outputFile, parsed.issuer, parsed.root,
map(hashNameToFunctionAndIdentifier, parsed.manifest_hash),
map(hashNameToFunctionAndIdentifier, parsed.signature_hash),
parsed.pkcs7_hash, not parsed.no_sign, parsed.cose_sign)
parsed.pkcs7_hash, parsed.cose_sign, parsed.empty_signerInfos)

100
security/manager/ssl/tests/unit/test_signed_apps.js
View File

@ -190,8 +190,14 @@ var hashTestcases = [
];
// Policy values for the preference "security.signed_app_signatures.policy"
const PKCS7WithSHA1OrSHA256 = 0;
const PKCS7WithSHA256 = 1;
const PKCS7WithSHA1OrSHA256 = 0b0;
const PKCS7WithSHA256 = 0b1;
const COSEAndPKCS7WithSHA1OrSHA256 = 0b10;
const COSEAndPKCS7WithSHA256 = 0b11;
const COSERequiredAndPKCS7WithSHA1OrSHA256 = 0b100;
const COSERequiredAndPKCS7WithSHA256 = 0b101;
const COSEOnly = 0b110;
const COSEOnlyAgain = 0b111;
function add_signature_test(policy, test) {
// First queue up a test to set the desired policy:
@ -233,6 +239,96 @@ add_signature_test(PKCS7WithSHA1OrSHA256, function () {
getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER)));
});
add_signature_test(COSEAndPKCS7WithSHA1OrSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("cose_signed_with_pkcs7"),
check_open_result("cose_signed_with_pkcs7", Cr.NS_OK));
});
add_signature_test(COSEAndPKCS7WithSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("app_mf-256_sf-256_p7-256"),
check_open_result("no COSE but correct PK#7", Cr.NS_OK));
});
add_signature_test(COSEAndPKCS7WithSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("app_mf-1_sf-256_p7-256"),
check_open_result("no COSE and wrong PK#7 hash", Cr.NS_ERROR_SIGNED_JAR_MANIFEST_INVALID));
});
add_signature_test(COSERequiredAndPKCS7WithSHA1OrSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("app_mf-256_sf-256_p7-256"),
check_open_result("COSE signature missing (SHA1 or 256)", Cr.NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE));
});
add_signature_test(COSERequiredAndPKCS7WithSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("app_mf-256_sf-256_p7-256"),
check_open_result("COSE signature missing (SHA256)", Cr.NS_ERROR_SIGNED_JAR_WRONG_SIGNATURE));
});
add_signature_test(COSERequiredAndPKCS7WithSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("only_cose_signed"),
check_open_result("COSE signature only (PK#7 allowed, not present)", Cr.NS_OK));
});
add_signature_test(COSERequiredAndPKCS7WithSHA1OrSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("only_cose_signed"),
check_open_result("COSE signature only (PK#7 allowed, not present)", Cr.NS_OK));
});
add_signature_test(COSEAndPKCS7WithSHA1OrSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("cose_multiple_signed_with_pkcs7"),
check_open_result("cose_multiple_signed_with_pkcs7", Cr.NS_OK));
});
add_signature_test(COSEAndPKCS7WithSHA1OrSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("cose_int_signed_with_pkcs7"),
check_open_result("COSE signed with an intermediate", Cr.NS_OK));
});
add_signature_test(COSEAndPKCS7WithSHA1OrSHA256, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("only_cose_signed"),
check_open_result("PK7 signature missing", Cr.NS_ERROR_SIGNED_JAR_NOT_SIGNED));
});
add_signature_test(COSEOnly, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("cose_multiple_signed_with_pkcs7"),
check_open_result("Expected only COSE signature", Cr.NS_ERROR_SIGNED_JAR_UNSIGNED_ENTRY));
});
add_signature_test(COSEOnly, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("only_cose_multiple_signed"),
check_open_result("only Multiple COSE signatures", Cr.NS_OK));
});
add_signature_test(COSEOnly, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("only_cose_signed"),
check_open_result("only_cose_signed", Cr.NS_OK));
});
add_signature_test(COSEOnlyAgain, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("only_cose_signed"),
check_open_result("only_cose_signed (again)", Cr.NS_OK));
});
add_signature_test(COSEOnly, function () {
certdb.openSignedAppFileAsync(
Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("cose_signed_with_pkcs7"),
check_open_result("COSE only expected but also PK#7 signed", Cr.NS_ERROR_SIGNED_JAR_UNSIGNED_ENTRY));
});
// Sanity check to ensure a no-op tampering gives a valid result
add_signature_test(PKCS7WithSHA1OrSHA256, function () {
let tampered = tampered_app_path("identity_tampering");

BIN
security/manager/ssl/tests/unit/test_signed_apps/cose_int_signed_with_pkcs7.zip Normal file
View File

Binary file not shown.

BIN
security/manager/ssl/tests/unit/test_signed_apps/cose_multiple_signed.zip
View File

Binary file not shown.

BIN
security/manager/ssl/tests/unit/test_signed_apps/cose_multiple_signed_with_pkcs7.zip Normal file
View File

Binary file not shown.

BIN
security/manager/ssl/tests/unit/test_signed_apps/cose_signed.zip → security/manager/ssl/tests/unit/test_signed_apps/cose_signed_with_pkcs7.zip
View File

Binary file not shown.

13
security/manager/ssl/tests/unit/test_signed_apps/moz.build
View File

@ -37,8 +37,8 @@ def SignedAppFile(name, flags):
#
# Temporarily disabled. See bug 1256495.
#signed_app_files = (
# ['unknown_issuer_app.zip', '-i', 'unknown issuer'],
# ['unsigned_app.zip', '-n'],
# ['unknown_issuer_app.zip', '-i', 'unknown issuer', '-p', 'sha256'],
# ['unsigned_app.zip'],
# ['empty_signerInfos.zip', '-e'],
#)
#
@ -60,7 +60,10 @@ def SignedAppFile(name, flags):
# args.append('-p')
# args.append('sha%s' % p7_alg)
# SignedAppFile(filename, args)
#
# COSE test-cases
#SignedAppFile('cose_signed.zip', ['-c', 'ES256'])
#SignedAppFile('cose_multiple_signed.zip', ['-c', 'ES256', '-c', 'ES384'])
#SignedAppFile('cose_signed_with_pkcs7.zip', ['-c', 'ES256', '-p', 'sha256'])
#SignedAppFile('cose_int_signed_with_pkcs7.zip', ['-c', 'ES256', '-r', 'xpcshell signed apps test root', '-p', 'sha256'])
#SignedAppFile('cose_multiple_signed_with_pkcs7.zip', ['-c', 'ES256', '-c', 'ES384', '-p', 'sha256'])
#SignedAppFile('only_cose_signed.zip', ['-c', 'ES256'])
#SignedAppFile('only_cose_multiple_signed.zip', ['-c', 'ES384', '-c', 'ES256'])

BIN
security/manager/ssl/tests/unit/test_signed_apps/only_cose_multiple_signed.zip Normal file
View File

Binary file not shown.

BIN
security/manager/ssl/tests/unit/test_signed_apps/only_cose_signed.zip Normal file
View File

Binary file not shown.

1
taskcluster/ci/test/web-platform.yml
View File

@ -22,6 +22,7 @@ web-platform-tests:
by-test-platform:
macosx64/opt: 5
macosx64/debug: 10
windows10-64-ccov/debug: 15
default: 12
max-run-time: 7200
e10s:

6
testing/mozharness/mozharness/mozilla/testing/codecoverage.py
View File

@ -159,9 +159,9 @@ class CodeCoverageMixin(object):
if not self.ccov_upload_disabled:
dirs = self.query_abs_dirs()
# Package GCOV coverage data.
file_path_gcda = os.path.join(dirs['abs_blob_upload_dir'], 'code-coverage-gcda.zip')
self.run_command(['zip', '-r', file_path_gcda, '.'], cwd=self.gcov_dir)
# Zip gcda files (will be given in input to grcov).
file_path_gcda = 'code-coverage-gcda.zip'
self.run_command(['zip', '-q', '-0', '-r', file_path_gcda, '.'], cwd=self.gcov_dir)
# Package JSVM coverage data.
file_path_jsvm = os.path.join(dirs['abs_blob_upload_dir'], 'code-coverage-jsvm.zip')

23
testing/web-platform/meta/credential-management/credentialscontainer-create-basics.https.html.ini
View File

@ -1,4 +1,6 @@
[credentialscontainer-create-basics.https.html]
prefs: [security.webauth.webauthn: true]
[navigator.credentials.create() with no argument.]
expected: FAIL
@ -11,36 +13,15 @@
[navigator.credentials.create() with valid HTMLFormElement]
expected: FAIL
[navigator.credentials.create() with bogus password data]
expected: FAIL
[navigator.credentials.create() with valid FederatedCredentialData]
expected: FAIL
[navigator.credentials.create() with bogus federated data]
expected: FAIL
[navigator.credentials.create() with both PasswordCredentialData and FederatedCredentialData]
expected: FAIL
[navigator.credentials.create() with bogus password and federated data]
expected: FAIL
[navigator.credentials.create() with bogus data]
expected: FAIL
[navigator.credentials.create() with bogus publicKey data]
expected: FAIL
[navigator.credentials.create() returns PublicKeyCredential]
expected: FAIL
[navigator.credentials.create() with bogus federated and publicKey data]
expected: FAIL
[navigator.credentials.create() with bogus password and publicKey data]
expected: FAIL
[navigator.credentials.create() with bogus password, federated, and publicKey data]
expected: FAIL

57
testing/web-platform/meta/credential-management/idl.https.html.ini
View File

@ -1,46 +1,9 @@
[idl.https.html]
[CredentialsContainer interface: existence and properties of interface object]
expected: FAIL
[CredentialsContainer interface object length]
expected: FAIL
[CredentialsContainer interface object name]
expected: FAIL
[CredentialsContainer interface: existence and properties of interface prototype object]
expected: FAIL
[CredentialsContainer interface: existence and properties of interface prototype object's "constructor" property]
expected: FAIL
[CredentialsContainer interface: operation get(CredentialRequestOptions)]
expected: FAIL
[CredentialsContainer interface: operation store(Credential)]
expected: FAIL
prefs: [security.webauth.webauthn: true]
[CredentialsContainer interface: operation requireUserMediation()]
expected: FAIL
[CredentialsContainer must be primary interface of navigator.credentials]
expected: FAIL
[Stringification of navigator.credentials]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "get" with the proper type (0)]
expected: FAIL
[CredentialsContainer interface: calling get(CredentialRequestOptions) on navigator.credentials with too few arguments must throw TypeError]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "store" with the proper type (1)]
expected: FAIL
[CredentialsContainer interface: calling store(Credential) on navigator.credentials with too few arguments must throw TypeError]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "requireUserMediation" with the proper type (2)]
expected: FAIL
@ -140,18 +103,9 @@
[Credential interface: new FederatedCredential({ id: "id", provider: "https://example.com", iconURL: "https://example.com/", name: "name" }) must inherit property "type" with the proper type (1)]
expected: FAIL
[CredentialsContainer interface: operation create(CredentialCreationOptions)]
expected: FAIL
[CredentialsContainer interface: operation preventSilentAccess()]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "create" with the proper type (2)]
expected: FAIL
[CredentialsContainer interface: calling create(CredentialCreationOptions) on navigator.credentials with too few arguments must throw TypeError]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "preventSilentAccess" with the proper type (3)]
expected: FAIL
@ -161,15 +115,6 @@
[PasswordCredential interface: new PasswordCredential({ id: "id", password: "pencil", iconURL: "https://example.com/", name: "name" }) must inherit property "password" with the proper type (0)]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "get(CredentialRequestOptions)" with the proper type]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "store(Credential)" with the proper type]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "create(CredentialCreationOptions)" with the proper type]
expected: FAIL
[CredentialsContainer interface: navigator.credentials must inherit property "preventSilentAccess()" with the proper type]
expected: FAIL

192
testing/web-platform/meta/html/semantics/scripting-1/the-script-element/script-type-and-language-js.html.ini
View File

@ -1,194 +1,5 @@
[script-type-and-language-js.html]
[Script should run with type="application/ecmascript\\f"]
expected: FAIL
[Script should run with type="application/javascript\\f"]
expected: FAIL
[Script should run with type="application/x-ecmascript\\f"]
expected: FAIL
[Script should run with type="application/x-javascript\\f"]
expected: FAIL
[Script should run with type="\\fapplication/ecmascript"]
expected: FAIL
[Script should run with type="\\fapplication/javascript"]
expected: FAIL
[Script should run with type="\\fapplication/x-ecmascript"]
expected: FAIL
[Script should run with type="\\fapplication/x-javascript"]
expected: FAIL
[Script shouldn't run with type="application/ecmascript\\0"]
expected: FAIL
[Script shouldn't run with type="application/javascript\\0"]
expected: FAIL
[Script shouldn't run with type="application/x-ecmascript\\0"]
expected: FAIL
[Script shouldn't run with type="application/x-javascript\\0"]
expected: FAIL
[Script shouldn't run with type="application/ecmascript\\0foo"]
expected: FAIL
[Script shouldn't run with type="application/javascript\\0foo"]
expected: FAIL
[Script shouldn't run with type="application/x-ecmascript\\0foo"]
expected: FAIL
[Script shouldn't run with type="application/x-javascript\\0foo"]
expected: FAIL
[Script should run with type="text/ecmascript\\f"]
expected: FAIL
[Script should run with type="text/javascript\\f"]
expected: FAIL
[Script should run with type="text/javascript1.0\\f"]
expected: FAIL
[Script should run with type="text/javascript1.1\\f"]
expected: FAIL
[Script should run with type="text/javascript1.2\\f"]
expected: FAIL
[Script should run with type="text/javascript1.3\\f"]
expected: FAIL
[Script should run with type="text/javascript1.4\\f"]
expected: FAIL
[Script should run with type="text/javascript1.5\\f"]
expected: FAIL
[Script should run with type="text/jscript\\f"]
expected: FAIL
[Script should run with type="text/livescript\\f"]
expected: FAIL
[Script should run with type="text/x-ecmascript\\f"]
expected: FAIL
[Script should run with type="text/x-javascript\\f"]
expected: FAIL
[Script should run with type="\\ftext/ecmascript"]
expected: FAIL
[Script should run with type="\\ftext/javascript"]
expected: FAIL
[Script should run with type="\\ftext/javascript1.0"]
expected: FAIL
[Script should run with type="\\ftext/javascript1.1"]
expected: FAIL
[Script should run with type="\\ftext/javascript1.2"]
expected: FAIL
[Script should run with type="\\ftext/javascript1.3"]
expected: FAIL
[Script should run with type="\\ftext/javascript1.4"]
expected: FAIL
[Script should run with type="\\ftext/javascript1.5"]
expected: FAIL
[Script should run with type="\\ftext/jscript"]
expected: FAIL
[Script should run with type="\\ftext/livescript"]
expected: FAIL
[Script should run with type="\\ftext/x-ecmascript"]
expected: FAIL
[Script should run with type="\\ftext/x-javascript"]
expected: FAIL
[Script shouldn't run with type="text/ecmascript\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.0\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.1\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.2\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.3\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.4\\0"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.5\\0"]
expected: FAIL
[Script shouldn't run with type="text/jscript\\0"]
expected: FAIL
[Script shouldn't run with type="text/livescript\\0"]
expected: FAIL
[Script shouldn't run with type="text/x-ecmascript\\0"]
expected: FAIL
[Script shouldn't run with type="text/x-javascript\\0"]
expected: FAIL
[Script shouldn't run with type="text/ecmascript\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.0\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.1\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.2\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.3\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.4\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/javascript1.5\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/jscript\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/livescript\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/x-ecmascript\\0foo"]
expected: FAIL
[Script shouldn't run with type="text/x-javascript\\0foo"]
[Script shouldn't run with type=" "]
expected: FAIL
[Script should run with language="ecmascript"]
@ -214,4 +25,3 @@
[Script should run with language="X-JAVASCRIPT"]
expected: FAIL

10
testing/web-platform/meta/html/semantics/scripting-1/the-script-element/script-type-and-language-with-params.html.ini
View File

@ -1,10 +0,0 @@
[script-type-and-language-with-params.html]
[A script with a charset param in its type should not run]
expected: FAIL
[A script with an x-test param in its type should not run]
expected: FAIL
[A script with a charset param in its type should not run, even with language=javascript]
expected: FAIL

1
testing/web-platform/meta/webauthn/__dir__.ini Normal file
View File

@ -0,0 +1 @@
prefs: [security.webauth.webauthn:true]

2
third_party/rust/cose-c/.cargo-checksum.json vendored
View File

@ -1 +1 @@
{"files":{"Cargo.toml":"6689411cf004e6ebc4645105de26492adbea6f690f9184119cf1689829ff098a","LICENSE":"1f256ecad192880510e84ad60474eab7589218784b9a50bc7ceee34c2b91f1d5","include/cosec.h":"9e952f6bf578c812e67a93c3c810f4aaa57d365932fe8d01f36f587e8aa32538","src/lib.rs":"d10a17e4840187711d85058bf4afdbfbda88c74a9483921ee48a1bfc0cc5ff70"},"package":"07cc8bb85ec2e93541ef9369b85a4b6fb7732bc7f4854d317eab20e726b0fc2f"}
{"files":{"Cargo.toml":"6e5aa986e80c9f848f8219f46d5e6d445609a3db70da9793f920c56c18814b7d","LICENSE":"1f256ecad192880510e84ad60474eab7589218784b9a50bc7ceee34c2b91f1d5","include/cosec.h":"0c6ebd84b6e1ee61a710f86416fc9092653292479556c713c83f193f26ac09b9","src/lib.rs":"0fef8341439e55682d7a7e50dead28427832b5fbd28ca48f60b00277c8a4b9b1"},"package":"49726015ab0ca765144fcca61e4a7a543a16b795a777fa53f554da2fffff9a94"}

4
third_party/rust/cose-c/Cargo.toml vendored
View File

@ -12,7 +12,7 @@
[package]
name = "cose-c"
version = "0.1.1"
version = "0.1.5"
authors = ["Franziskus Kiefer <franziskuskiefer@gmail.com>"]
description = "C API for the cose crate"
keywords = ["cose", "jose", "cbor"]
@ -23,4 +23,4 @@ repository = "https://github.com/franziskuskiefer/cose-c-api"
name = "cosec"
path = "src/lib.rs"
[dependencies.cose]
version = "0.1.2"
version = "0.1.4"

4
third_party/rust/cose-c/include/cosec.h vendored
View File

@ -22,11 +22,13 @@ typedef bool (*cose_verify_callback)(const uint8_t* payload,
size_t ee_cert_len,
const uint8_t* signature,
size_t signature_len,
uint8_t algorithm);
uint8_t algorithm,
void* ctx);
bool
verify_cose_signature_ffi(const uint8_t* payload,
size_t payload_len,
const uint8_t* signature,
size_t signature_len,
void* ctx,
cose_verify_callback);
}

6
third_party/rust/cose-c/src/lib.rs vendored
View File

@ -7,6 +7,7 @@ extern crate cose;
use std::slice;
use cose::decoder::decode_signature;
use cose::SignatureAlgorithm;
use std::os::raw;
unsafe fn from_raw(ptr: *const u8, len: usize) -> Vec<u8> {
slice::from_raw_parts(ptr, len).to_vec()
@ -21,7 +22,8 @@ type VerifyCallback = extern "C" fn(*const u8, /* payload */
usize, /* signer cert len */
*const u8, /* signature bytes */
usize, /* signature len */
u8 /* signature algorithm */)
u8, /* signature algorithm */
*const raw::c_void /* some context of the app */)
-> bool;
#[no_mangle]
@ -30,6 +32,7 @@ pub extern "C" fn verify_cose_signature_ffi(
payload_len: usize,
cose_signature: *const u8,
cose_signature_len: usize,
ctx: *const raw::c_void,
verify_callback: VerifyCallback,
) -> bool {
if payload.is_null() || cose_signature.is_null() || payload_len == 0 ||
@ -80,6 +83,7 @@ pub extern "C" fn verify_cose_signature_ffi(
signature_bytes.as_ptr(),
signature_bytes.len(),
signature_type,
ctx,
)
});
}

2
third_party/rust/cose/.cargo-checksum.json vendored
View File

@ -1 +1 @@
{"files":{".travis.yml":"be3532bc6d5d823090206ad957c8705436960d1918a2c577342f6914a233ca98","Cargo.toml":"5eb5257aced25840b3af43757478e4dfa38e2f222cb25794ffeeb681b6a46ce2","LICENSE":"1f256ecad192880510e84ad60474eab7589218784b9a50bc7ceee34c2b91f1d5","README.md":"42a12b9a8944a2888ce2622bb03c06850163ab738917414e3413b63be9257a8a","build.rs":"a2b798bbeaf8ef19a9bd8c1e24b3fd3899a5b4b3e121e5e09794e4e2b35971dd","rustfmt.toml":"e97717e906fcd3eeb86dcee52ed26f13e1884597b016a27172229d9c78dd3d57","src/cbor/decoder.rs":"b9e375489131aea75fb461c9ee96e45595e08957c90179f2c449226a31b7e4c5","src/cbor/mod.rs":"f5b767eedbee01b3f697afb2dce777c6043e6fea6f9a7eab8387560caaa40100","src/cbor/serializer.rs":"d86f0123f364046c8c18b45e109437b16c24d29bc7ef01c12a7c465e89878836","src/cbor/test_decoder.rs":"6a47f0f98f54a343f12c78033c94c5892b0a5b5e62de251bef3a722f358978ab","src/cbor/test_serializer.rs":"984fbe0520e77d078fb2e2c60e4e0df077d40ede644b1b92651f3a0696377511","src/cose.rs":"1a5c23f31863c58838f4aa94c2940e9f18252929c990d2a9522490e56593710e","src/decoder.rs":"ce86fd2f72cf02185ea724d63e5cb24aaea9ff6a2f3137c20322764a3ea9d15e","src/nss.rs":"e17101aa957367ee025afd5af37d72a955d9b79098ab7db1631f93b6479230a3","src/test_cose.rs":"35798ef9ee5849204b36a69b07969c0b4f3976d0e44ccfff6f413a2e3684f76b","src/test_nss.rs":"51ececb4a8fd8ddba7e1af179b9326e38a838d4693998092f842db5f30e75703","src/test_setup.rs":"b2c8d5b4a20013fd89bcc9d5732af509331a648a1163a9e44b47e51dde2b6308","src/util.rs":"fbc1a2051230156c2504efcff5044fbf54a6f925aa7dfb97c211208348364425","src/util_test.rs":"49dde5be7202aa2fa3f7ac6d36de189739cd5538e378f5c0a27161b9185e9ca6","tools/certs/certs.md":"7a1acd946f5bb5b9b21ebd7653ef9d5746a1ea237131a69218a91dc26eda545a","tools/certs/certs.sh":"a06e1a7bf99316c7800e388d20c1630da7449937635600d9f21d8d93907011bf","tools/certs/ee-p256.certspec":"5a7246c0abf1ee08edb858ce2fd38010de7785a0e8652f2d9a0b7eee7aa39213","tools/certs/ee-p256.keyspec":"eabd2839f9e57cf2c372e686e5856cf651d7f07d0d396b3699d1d228b5931945","tools/certs/ee-p384.certspec":"d2e4fdd6d8f02f22bffa800ac2b7f899f5d826528e7b7d3248e1abea15cd33bd","tools/certs/ee-p521.certspec":"7ad1fc3cdf024dfa7213f3a2875af0ccfa2bd73fddcfaf73223aa25b24ee2cad","tools/certs/ee-rsa.certspec":"dd69ecbb1cdf322fb8ef6eb50c2f033b62e7983b5448b96f1965eee8f85b7bde","tools/certs/int-p256.certspec":"b42a2286339455626b9a8b6c0811b031bf269440c6fcef7478796d02c5491364","tools/certs/int-rsa.certspec":"a0942438c72a3ce83b54c04e4a5d4bff08036c2c9feb7d75a7105bfa4fdc5499","tools/certs/root-p256.certspec":"99c1bb07505ddfc3ada5737d8a1bf4cff7b1a70a79abda9fd45fc3a6e72061fc","tools/certs/root-rsa.certspec":"67903313b6058aa98be0d98564577b0c878c868b6f2a8758f27bb7af17616d8e"},"package":"ec10816629f38fa557f08e199a3474fab954f4c8d2645550367235afa6e5646b"}
{"files":{".travis.yml":"c05a8cdd57b8969a1ab3547181b3d74079b8493132893c15cf3c4f479327359b","Cargo.toml":"40534ef8d01b0269e2ca3b00c4d14f7523222bc85611ee07afcffea45a71ef4b","LICENSE":"1f256ecad192880510e84ad60474eab7589218784b9a50bc7ceee34c2b91f1d5","README.md":"7b9676ec9ed5d7ac38f461b1b257eb0bd80568e732994fb26fa929ce5fe503af","build.rs":"a2b798bbeaf8ef19a9bd8c1e24b3fd3899a5b4b3e121e5e09794e4e2b35971dd","examples/sign_verify/main.rs":"fbe4b9c73b23e1ef364126f453f749fefb67ab45703bf809a5eed910a25e461e","examples/sign_verify/nss.rs":"a1d133142efc0ac6564f0b9587890587f1ecaa7404ac0c4c8907de6d43de3267","examples/sign_verify/test_nss.rs":"be41ebe0a82b6172297b10c13767e4768f0b613ac331b554f6e8c2c7a20c0bc8","examples/sign_verify/test_setup.rs":"82330118e4284d9bf788dbec9e637ab4a3b53fd4ec9c7efaed0e996ffa084de4","examples/sign_verify/util_test.rs":"48d52f3ca3e93b670a1d69f8443358260c1ae61d7977a59d922696811320d4c3","rustfmt.toml":"e97717e906fcd3eeb86dcee52ed26f13e1884597b016a27172229d9c78dd3d57","src/cose.rs":"104e06843f4cdffe2ca6f42f46c51c79d685c18d2ad92b65811e3ceffbd90e07","src/decoder.rs":"a4d2dcd44d179fabdac6ce99cc3512ece3164ba48beab9f313ad85db466c3a55","src/test_cose.rs":"849ec936a00eb438a08eb85380b3e4ba8d8c5a5cf674b272e0fd8e671ab6d5ca","src/test_setup.rs":"e26f290831343cbb4e2b2ec7d1be34c7b900eb8c87abd6f40629372a87b6e992","src/util.rs":"8cdcdc8a120e71a772af61fa63ffa2d2d2eb572d8a53da3b5f1ce9da784f2662","tools/certs/certs.md":"7a1acd946f5bb5b9b21ebd7653ef9d5746a1ea237131a69218a91dc26eda545a","tools/certs/certs.sh":"a06e1a7bf99316c7800e388d20c1630da7449937635600d9f21d8d93907011bf","tools/certs/ee-p256.certspec":"5a7246c0abf1ee08edb858ce2fd38010de7785a0e8652f2d9a0b7eee7aa39213","tools/certs/ee-p256.keyspec":"eabd2839f9e57cf2c372e686e5856cf651d7f07d0d396b3699d1d228b5931945","tools/certs/ee-p384.certspec":"d2e4fdd6d8f02f22bffa800ac2b7f899f5d826528e7b7d3248e1abea15cd33bd","tools/certs/ee-p521.certspec":"7ad1fc3cdf024dfa7213f3a2875af0ccfa2bd73fddcfaf73223aa25b24ee2cad","tools/certs/ee-rsa.certspec":"dd69ecbb1cdf322fb8ef6eb50c2f033b62e7983b5448b96f1965eee8f85b7bde","tools/certs/int-p256.certspec":"b42a2286339455626b9a8b6c0811b031bf269440c6fcef7478796d02c5491364","tools/certs/int-rsa.certspec":"a0942438c72a3ce83b54c04e4a5d4bff08036c2c9feb7d75a7105bfa4fdc5499","tools/certs/root-p256.certspec":"99c1bb07505ddfc3ada5737d8a1bf4cff7b1a70a79abda9fd45fc3a6e72061fc","tools/certs/root-rsa.certspec":"67903313b6058aa98be0d98564577b0c878c868b6f2a8758f27bb7af17616d8e"},"package":"72fa26cb151d3ae4b70f63d67d0fed57ce04220feafafbae7f503bef7aae590d"}

12
third_party/rust/cose/.travis.yml vendored
View File

@ -1,4 +1,5 @@
sudo: true
dist: trusty
language: rust
cache: cargo
rust:
@ -12,10 +13,10 @@ addons:
- build-essential
- libnss3-dev
install:
#install:
# Apparently cargo install returns a nonzero exit status if
# caching succeeds, so just make this always "succeed".
- (cargo install rustfmt || true)
# - (cargo install rustfmt --force || true)
script:
# The NSS version in Ubuntu is too old. Get a newer one.
@ -24,8 +25,9 @@ script:
wget http://de.archive.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4_4.16-1ubuntu2_amd64.deb
sudo dpkg -i libnspr4_4.16-1ubuntu2_amd64.deb
sudo dpkg -i libnss3_3.32-1ubuntu3_amd64.deb
- |
cargo fmt -- --write-mode=diff
#- |
# cargo fmt -- --write-mode=diff
- |
cargo build --features "$FEATURES" &&
cargo test
cargo test &&
cargo run --example sign_verify

6
third_party/rust/cose/Cargo.toml vendored
View File

@ -12,17 +12,19 @@
[package]
name = "cose"
version = "0.1.2"
version = "0.1.4"
authors = ["Franziskus Kiefer <franziskuskiefer@gmail.com>", "David Keeler <dkeeler@mozilla.com>"]
build = "build.rs"
description = "Library to use COSE (https://tools.ietf.org/html/rfc8152) in Rust"
keywords = ["cose", "jose", "cbor"]
keywords = ["cose", "jose"]
license = "MPL-2.0"
repository = "https://github.com/franziskuskiefer/cose-rust"
[lib]
name = "cose"
path = "src/cose.rs"
[dependencies.moz_cbor]
version = "0.1.0"
[dev-dependencies.scopeguard]
version = "0.3"

11
third_party/rust/cose/README.md vendored
View File

@ -13,3 +13,14 @@ If NSS is not installed in the path, use `NSS_LIB_DIR` to set the library path w
we can find the NSS libraries.
cargo build
### Run Tests and Examples
To run tests and examples you need NSS in your library path. Tests can be run
with
cargo test
and examples with
cargo run --example sign_verify

259
third_party/rust/cose/examples/sign_verify/main.rs vendored Normal file
View File

@ -0,0 +1,259 @@
extern crate moz_cbor as cbor;
extern crate cose;
#[macro_use(defer)]
extern crate scopeguard;
mod nss;
mod test_nss;
mod test_setup;
mod util_test;
use util_test::{sign, verify_signature};
use test_setup as test;
use std::str::FromStr;
use cose::{CoseError, SignatureAlgorithm};
// All keys here are from pykey.py/pycert.py from mozilla-central.
// Certificates can be generated with tools/certs/certs.sh and mozilla-central.
#[derive(Debug)]
pub struct SignatureParameters<'a> {
certificate: &'a [u8],
algorithm: SignatureAlgorithm,
pkcs8: &'a [u8],
}
#[derive(Debug)]
pub struct Signature<'a> {
parameter: &'a SignatureParameters<'a>,
signature_bytes: Vec<u8>,
}
const P256_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::P256_EE,
algorithm: SignatureAlgorithm::ES256,
pkcs8: &test::PKCS8_P256_EE,
};
const P384_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::P384_EE,
algorithm: SignatureAlgorithm::ES384,
pkcs8: &test::PKCS8_P384_EE,
};
const P521_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::P521_EE,
algorithm: SignatureAlgorithm::ES512,
pkcs8: &test::PKCS8_P521_EE,
};
fn test_verify(payload: &[u8], cert_chain: &[&[u8]], params_vec: Vec<SignatureParameters>) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let cose_signature = cose_signature.unwrap();
// Verify signature.
assert!(verify_signature(payload, cose_signature).is_ok());
}
fn test_verify_modified_payload(
payload: &mut [u8],
cert_chain: &[&[u8]],
params_vec: Vec<SignatureParameters>,
) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let cose_signature = cose_signature.unwrap();
// Verify signature.
payload[0] = !payload[0];
let verify_result = verify_signature(payload, cose_signature);
assert!(verify_result.is_err());
assert_eq!(verify_result, Err(CoseError::VerificationFailed));
}
fn test_verify_modified_signature(
payload: &[u8],
cert_chain: &[&[u8]],
params_vec: Vec<SignatureParameters>,
) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let mut cose_signature = cose_signature.unwrap();
// Tamper with the cose signature.
let len = cose_signature.len();
cose_signature[len - 15] = !cose_signature[len - 15];
// Verify signature.
let verify_result = verify_signature(payload, cose_signature);
assert!(verify_result.is_err());
assert_eq!(verify_result, Err(CoseError::VerificationFailed));
}
// This can be used with inconsistent parameters that make the verification fail.
// In particular, the signing key does not match the certificate used to verify.
fn test_verify_verification_fails(
payload: &[u8],
cert_chain: &[&[u8]],
params_vec: Vec<SignatureParameters>,
) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let cose_signature = cose_signature.unwrap();
// Verify signature.
let verify_result = verify_signature(payload, cose_signature);
assert!(verify_result.is_err());
assert_eq!(verify_result, Err(CoseError::VerificationFailed));
}
fn test_cose_sign_verify() {
let payload = b"This is the content.";
// P256
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params_vec = vec![P256_PARAMS];
test_verify(payload, &certs, params_vec);
// P256, no other certs.
let certs: [&[u8]; 0] = [];
let params_vec = vec![P256_PARAMS];
test_verify(payload, &certs, params_vec);
// P384
let params_vec = vec![P384_PARAMS];
test_verify(payload, &certs, params_vec);
// P521
let params_vec = vec![P521_PARAMS];
test_verify(payload, &certs, params_vec);
}
fn test_cose_verify_xpi_signature() {
// This signature was created with sign_app.py from m-c.
test::setup();
assert!(verify_signature(&test::XPI_PAYLOAD, test::XPI_SIGNATURE.to_vec()).is_ok());
}
fn test_cose_sign_verify_modified_payload() {
let mut payload = String::from_str("This is the content.")
.unwrap()
.into_bytes();
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params_vec = vec![P256_PARAMS];
test_verify_modified_payload(&mut payload, &certs, params_vec);
}
fn test_cose_sign_verify_wrong_cert() {
let payload = b"This is the content.";
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params = SignatureParameters {
certificate: &test::P384_EE,
algorithm: SignatureAlgorithm::ES256,
pkcs8: &test::PKCS8_P256_EE,
};
let params_vec = vec![params];
test_verify_verification_fails(payload, &certs, params_vec);
}
fn test_cose_sign_verify_tampered_signature() {
let payload = b"This is the content.";
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params_vec = vec![P256_PARAMS];
test_verify_modified_signature(payload, &certs, params_vec);
}
const RSA_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::RSA_EE,
algorithm: SignatureAlgorithm::PS256,
pkcs8: &test::PKCS8_RSA_EE,
};
fn test_cose_sign_verify_rsa() {
let payload = b"This is the RSA-signed content.";
let certs: [&[u8]; 2] = [&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![RSA_PARAMS];
test_verify(payload, &certs, params_vec);
}
fn test_cose_sign_verify_rsa_modified_payload() {
let mut payload = String::from_str("This is the RSA-signed content.")
.unwrap()
.into_bytes();
let certs: [&[u8]; 2] = [&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![RSA_PARAMS];
test_verify_modified_payload(&mut payload, &certs, params_vec);
}
fn test_cose_sign_verify_rsa_tampered_signature() {
let payload = b"This is the RSA-signed content.";
let certs: [&[u8]; 2] = [&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![RSA_PARAMS];
test_verify_modified_signature(payload, &certs, params_vec);
}
fn test_cose_sign_verify_two_signatures() {
let payload = b"This is the content.";
let certs: [&[u8]; 4] = [&test::P256_ROOT,
&test::P256_INT,
&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![P256_PARAMS,
RSA_PARAMS];
test_verify(payload, &certs, params_vec);
}
fn test_cose_sign_verify_two_signatures_tampered_payload() {
let mut payload = String::from_str("This is the content.")
.unwrap()
.into_bytes();
let certs: [&[u8]; 4] = [&test::P256_ROOT,
&test::P256_INT,
&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![P256_PARAMS,
RSA_PARAMS];
test_verify_modified_payload(&mut payload, &certs, params_vec);
}
fn test_cose_sign_verify_two_signatures_tampered_signature() {
let payload = b"This is the content.";
let certs: [&[u8]; 4] = [&test::P256_ROOT,
&test::P256_INT,
&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![P256_PARAMS,
RSA_PARAMS];
test_verify_modified_signature(payload, &certs, params_vec);
}
fn main() {
// Basic NSS exmaple usage.
test_nss::test_nss_sign_verify();
test_nss::test_nss_sign_verify_different_payload();
test_nss::test_nss_sign_verify_wrong_cert();
// COSE sign/verify example usages.
test_cose_sign_verify_two_signatures_tampered_signature();
test_cose_sign_verify_two_signatures_tampered_payload();
test_cose_sign_verify_two_signatures();
test_cose_sign_verify_rsa_tampered_signature();
test_cose_sign_verify_rsa_modified_payload();
test_cose_sign_verify_rsa();
test_cose_sign_verify_tampered_signature();
test_cose_sign_verify_wrong_cert();
test_cose_sign_verify_modified_payload();
test_cose_verify_xpi_signature();
test_cose_sign_verify();
}

2
third_party/rust/cose/src/nss.rs → third_party/rust/cose/examples/sign_verify/nss.rs vendored
View File

@ -2,7 +2,7 @@ use std::marker::PhantomData;
use std::{mem, ptr};
use std::os::raw;
use std::os::raw::c_char;
use SignatureAlgorithm;
use cose::SignatureAlgorithm;
type SECItemType = raw::c_uint; // TODO: actually an enum - is this the right size?
const SI_BUFFER: SECItemType = 0; // called siBuffer in NSS

9
third_party/rust/cose/src/test_nss.rs → third_party/rust/cose/examples/sign_verify/test_nss.rs vendored
View File

@ -3,8 +3,7 @@ use nss;
use nss::NSSError;
use SignatureAlgorithm;
#[test]
fn test_nss_sign_verify() {
pub fn test_nss_sign_verify() {
test::setup();
let payload = b"sample";
@ -24,8 +23,7 @@ fn test_nss_sign_verify() {
);
}
#[test]
fn test_nss_sign_verify_different_payload() {
pub fn test_nss_sign_verify_different_payload() {
test::setup();
let payload = b"sample";
@ -46,8 +44,7 @@ fn test_nss_sign_verify_different_payload() {
assert_eq!(verify_result, Err(NSSError::SignatureVerificationFailed));
}
#[test]
fn test_nss_sign_verify_wrong_cert() {
pub fn test_nss_sign_verify_wrong_cert() {
test::setup();
let payload = b"sample";

625
third_party/rust/cose/examples/sign_verify/test_setup.rs vendored Normal file
View File

@ -0,0 +1,625 @@
use std::os::raw;
use std::ptr;
use std::sync::{ONCE_INIT, Once};
static START: Once = ONCE_INIT;
type SECStatus = raw::c_int;
const SEC_SUCCESS: SECStatus = 0;
// TODO: ugh this will probably have a platform-specific name...
#[link(name = "nss3")]
extern "C" {
fn NSS_NoDB_Init(configdir: *const u8) -> SECStatus;
}
pub fn setup() {
START.call_once(|| {
let null_ptr: *const u8 = ptr::null();
unsafe {
assert_eq!(NSS_NoDB_Init(null_ptr), SEC_SUCCESS);
}
});
}
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_P256_EE: [u8; 139] = [
0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a,
0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02, 0x01,
0x01, 0x04, 0x20, 0x21, 0x91, 0x40, 0x3d, 0x57, 0x10, 0xbf, 0x15,
0xa2, 0x65, 0x81, 0x8c, 0xd4, 0x2e, 0xd6, 0xfe, 0xdf, 0x09, 0xad,
0xd9, 0x2d, 0x78, 0xb1, 0x8e, 0x7a, 0x1e, 0x9f, 0xeb, 0x95, 0x52,
0x47, 0x02, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf, 0xbb,
0xbb, 0x61, 0xe0, 0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac, 0x87,
0x04, 0xe2, 0xec, 0x05, 0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e, 0x92,
0x3f, 0x2c, 0x4f, 0x79, 0x4b, 0x45, 0x5c, 0x2a, 0x69, 0xd2, 0x33,
0x45, 0x6c, 0x36, 0xc4, 0x11, 0x9d, 0x07, 0x06, 0xe0, 0x0e, 0xed,
0xc8, 0xd1, 0x93, 0x90, 0xd7, 0x99, 0x1b, 0x7b, 0x2d, 0x07, 0xa3,
0x04, 0xea, 0xa0, 0x4a, 0xa6, 0xc0, 0x0a
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P256_EE: [u8; 300] = [
0x30, 0x82, 0x01, 0x28, 0x30, 0x81, 0xcf, 0xa0, 0x03, 0x02, 0x01, 0x02,
0x02, 0x14, 0x2f, 0xc3, 0x5f, 0x05, 0x80, 0xb4, 0x49, 0x45, 0x13, 0x92,
0xd6, 0x93, 0xb7, 0x2d, 0x71, 0x19, 0xc5, 0x8c, 0x40, 0x39, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x13,
0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x69,
0x6e, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f, 0x32,
0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30, 0x30,
0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33, 0x31,
0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30,
0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x65, 0x65, 0x2d, 0x70,
0x32, 0x35, 0x36, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03,
0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf, 0xbb, 0xbb, 0x61, 0xe0,
0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac, 0x87, 0x04, 0xe2, 0xec, 0x05,
0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e, 0x92, 0x3f, 0x2c, 0x4f, 0x79, 0x4b,
0x45, 0x5c, 0x2a, 0x69, 0xd2, 0x33, 0x45, 0x6c, 0x36, 0xc4, 0x11, 0x9d,
0x07, 0x06, 0xe0, 0x0e, 0xed, 0xc8, 0xd1, 0x93, 0x90, 0xd7, 0x99, 0x1b,
0x7b, 0x2d, 0x07, 0xa3, 0x04, 0xea, 0xa0, 0x4a, 0xa6, 0xc0, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48,
0x00, 0x30, 0x45, 0x02, 0x20, 0x5c, 0x75, 0x51, 0x9f, 0x13, 0x11, 0x50,
0xcd, 0x5d, 0x8a, 0xde, 0x20, 0xa3, 0xbc, 0x06, 0x30, 0x91, 0xff, 0xb2,
0x73, 0x75, 0x5f, 0x31, 0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70,
0xe6, 0x02, 0x21, 0x00, 0xff, 0x81, 0xbe, 0xa8, 0x0d, 0x03, 0x36, 0x6b,
0x75, 0xe2, 0x70, 0x6a, 0xac, 0x07, 0x2e, 0x4c, 0xdc, 0xf9, 0xc5, 0x89,
0xc1, 0xcf, 0x88, 0xc2, 0xc8, 0x2a, 0x32, 0xf5, 0x42, 0x0c, 0xfa, 0x0b
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_P384_EE: [u8; 185] = [
0x30, 0x81, 0xb6, 0x02, 0x01, 0x00, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
0x04, 0x81, 0x9e, 0x30, 0x81, 0x9b, 0x02, 0x01, 0x01, 0x04, 0x30, 0x03,
0x5c, 0x7a, 0x1b, 0x10, 0xd9, 0xfa, 0xfe, 0x83, 0x7b, 0x64, 0xad, 0x92,
0xf2, 0x2f, 0x5c, 0xed, 0x07, 0x89, 0x18, 0x65, 0x38, 0x66, 0x9b, 0x5c,
0x6d, 0x87, 0x2c, 0xec, 0x3d, 0x92, 0x61, 0x22, 0xb3, 0x93, 0x77, 0x2b,
0x57, 0x60, 0x2f, 0xf3, 0x13, 0x65, 0xef, 0xe1, 0x39, 0x32, 0x46, 0xa1,
0x64, 0x03, 0x62, 0x00, 0x04, 0xa1, 0x68, 0x72, 0x43, 0x36, 0x2b, 0x5c,
0x7b, 0x18, 0x89, 0xf3, 0x79, 0x15, 0x46, 0x15, 0xa1, 0xc7, 0x3f, 0xb4,
0x8d, 0xee, 0x86, 0x3e, 0x02, 0x29, 0x15, 0xdb, 0x60, 0x8e, 0x25, 0x2d,
0xe4, 0xb7, 0x13, 0x2d, 0xa8, 0xce, 0x98, 0xe8, 0x31, 0x53, 0x4e, 0x6a,
0x9c, 0x0c, 0x0b, 0x09, 0xc8, 0xd6, 0x39, 0xad, 0xe8, 0x32, 0x06, 0xe5,
0xba, 0x81, 0x34, 0x73, 0xa1, 0x1f, 0xa3, 0x30, 0xe0, 0x5d, 0xa8, 0xc9,
0x6e, 0x43, 0x83, 0xfe, 0x27, 0x87, 0x3d, 0xa9, 0x71, 0x03, 0xbe, 0x28,
0x88, 0xcf, 0xf0, 0x02, 0xf0, 0x5a, 0xf7, 0x1a, 0x1f, 0xdd, 0xcc, 0x83,
0x74, 0xaa, 0x6e, 0xa9, 0xce
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_P521_EE: [u8; 240] = [
0x30, 0x81, 0xed, 0x02, 0x01, 0x00, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23,
0x04, 0x81, 0xd5, 0x30, 0x81, 0xd2, 0x02, 0x01, 0x01, 0x04, 0x42, 0x01,
0x4f, 0x32, 0x84, 0xfa, 0x69, 0x8d, 0xd9, 0xfe, 0x11, 0x18, 0xdd, 0x33,
0x18, 0x51, 0xcd, 0xfa, 0xac, 0x5a, 0x38, 0x29, 0x27, 0x8e, 0xb8, 0x99,
0x48, 0x39, 0xde, 0x94, 0x71, 0xc9, 0x40, 0xb8, 0x58, 0xc6, 0x9d, 0x2d,
0x05, 0xe8, 0xc0, 0x17, 0x88, 0xa7, 0xd0, 0xb6, 0xe2, 0x35, 0xaa, 0x5e,
0x78, 0x3f, 0xc1, 0xbe, 0xe8, 0x07, 0xdc, 0xc3, 0x86, 0x5f, 0x92, 0x0e,
0x12, 0xcf, 0x8f, 0x2d, 0x29, 0xa1, 0x81, 0x88, 0x03, 0x81, 0x85, 0x00,
0x04, 0x18, 0x94, 0x55, 0x0d, 0x07, 0x85, 0x93, 0x2e, 0x00, 0xea, 0xa2,
0x3b, 0x69, 0x4f, 0x21, 0x3f, 0x8c, 0x31, 0x21, 0xf8, 0x6d, 0xc9, 0x7a,
0x04, 0xe5, 0xa7, 0x16, 0x7d, 0xb4, 0xe5, 0xbc, 0xd3, 0x71, 0x12, 0x3d,
0x46, 0xe4, 0x5d, 0xb6, 0xb5, 0xd5, 0x37, 0x0a, 0x7f, 0x20, 0xfb, 0x63,
0x31, 0x55, 0xd3, 0x8f, 0xfa, 0x16, 0xd2, 0xbd, 0x76, 0x1d, 0xca, 0xc4,
0x74, 0xb9, 0xa2, 0xf5, 0x02, 0x3a, 0x40, 0x49, 0x31, 0x01, 0xc9, 0x62,
0xcd, 0x4d, 0x2f, 0xdd, 0xf7, 0x82, 0x28, 0x5e, 0x64, 0x58, 0x41, 0x39,
0xc2, 0xf9, 0x1b, 0x47, 0xf8, 0x7f, 0xf8, 0x23, 0x54, 0xd6, 0x63, 0x0f,
0x74, 0x6a, 0x28, 0xa0, 0xdb, 0x25, 0x74, 0x1b, 0x5b, 0x34, 0xa8, 0x28,
0x00, 0x8b, 0x22, 0xac, 0xc2, 0x3f, 0x92, 0x4f, 0xaa, 0xfb, 0xd4, 0xd3,
0x3f, 0x81, 0xea, 0x66, 0x95, 0x6d, 0xfe, 0xaa, 0x2b, 0xfd, 0xfc, 0xf5
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P521_EE: [u8; 367] = [
0x30, 0x82, 0x01, 0x6b, 0x30, 0x82, 0x01, 0x12, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x49, 0xdb, 0x7d, 0xec, 0x87, 0x2b, 0x95, 0xfc, 0xfb,
0x57, 0xfb, 0xc8, 0xd5, 0x57, 0xb7, 0x3a, 0x10, 0xcc, 0xf1, 0x7a, 0x30,
0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30,
0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08,
0x69, 0x6e, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f,
0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31, 0x10,
0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x65, 0x65, 0x2d,
0x70, 0x35, 0x32, 0x31, 0x30, 0x81, 0x9b, 0x30, 0x10, 0x06, 0x07, 0x2a,
0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00,
0x23, 0x03, 0x81, 0x86, 0x00, 0x04, 0x01, 0x4c, 0xdc, 0x9c, 0xac, 0xc4,
0x79, 0x41, 0x09, 0x6b, 0xc9, 0xcc, 0x66, 0x75, 0x2e, 0xc2, 0x7f, 0x59,
0x77, 0x34, 0xfa, 0x66, 0xc6, 0x2b, 0x79, 0x2f, 0x88, 0xc5, 0x19, 0xd6,
0xd3, 0x7f, 0x0d, 0x16, 0xea, 0x1c, 0x48, 0x3a, 0x18, 0x27, 0xa0, 0x10,
0xb9, 0x12, 0x8e, 0x3a, 0x08, 0x07, 0x0c, 0xa3, 0x3e, 0xf5, 0xf5, 0x78,
0x35, 0xb7, 0xc1, 0xba, 0x25, 0x1f, 0x6c, 0xc3, 0x52, 0x1d, 0xc4, 0x2b,
0x01, 0x06, 0x53, 0x45, 0x19, 0x81, 0xb4, 0x45, 0xd3, 0x43, 0xee, 0xd3,
0x78, 0x2a, 0x35, 0xd6, 0xcf, 0xf0, 0xff, 0x48, 0x4f, 0x5a, 0x88, 0x3d,
0x20, 0x9f, 0x1b, 0x90, 0x42, 0xb7, 0x26, 0x70, 0x35, 0x68, 0xb2, 0xf3,
0x26, 0xe1, 0x8b, 0x83, 0x3b, 0xdd, 0x8a, 0xa0, 0x73, 0x43, 0x92, 0xbc,
0xd1, 0x95, 0x01, 0xe1, 0x0d, 0x69, 0x8a, 0x79, 0xf5, 0x3e, 0x11, 0xe0,
0xa2, 0x2b, 0xdd, 0x2a, 0xad, 0x90, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02,
0x20, 0x5c, 0x75, 0x51, 0x9f, 0x13, 0x11, 0x50, 0xcd, 0x5d, 0x8a, 0xde,
0x20, 0xa3, 0xbc, 0x06, 0x30, 0x91, 0xff, 0xb2, 0x73, 0x75, 0x5f, 0x31,
0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02, 0x20, 0x35,
0x20, 0x7c, 0xff, 0x51, 0xf6, 0x68, 0xce, 0x1d, 0x00, 0xf9, 0xcc, 0x7f,
0xa7, 0xbc, 0x79, 0x52, 0xea, 0x56, 0xdf, 0xc1, 0x46, 0x7c, 0x0c, 0xa1,
0x2e, 0x32, 0xb1, 0x69, 0x4b, 0x20, 0xc4
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P384_EE: [u8; 329] = [
0x30, 0x82, 0x01, 0x45, 0x30, 0x81, 0xec, 0xa0, 0x03, 0x02, 0x01, 0x02,
0x02, 0x14, 0x79, 0xe3, 0x1c, 0x60, 0x97, 0xa4, 0x3c, 0x3b, 0x82, 0x11,
0x42, 0x37, 0xaf, 0x57, 0x05, 0xa8, 0xde, 0xd3, 0x40, 0x58, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x13,
0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x69,
0x6e, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f, 0x32,
0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30, 0x30,
0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33, 0x31,
0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30,
0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x65, 0x65, 0x2d, 0x70,
0x33, 0x38, 0x34, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 0x03,
0x62, 0x00, 0x04, 0xa1, 0x68, 0x72, 0x43, 0x36, 0x2b, 0x5c, 0x7b, 0x18,
0x89, 0xf3, 0x79, 0x15, 0x46, 0x15, 0xa1, 0xc7, 0x3f, 0xb4, 0x8d, 0xee,
0x86, 0x3e, 0x02, 0x29, 0x15, 0xdb, 0x60, 0x8e, 0x25, 0x2d, 0xe4, 0xb7,
0x13, 0x2d, 0xa8, 0xce, 0x98, 0xe8, 0x31, 0x53, 0x4e, 0x6a, 0x9c, 0x0c,
0x0b, 0x09, 0xc8, 0xd6, 0x39, 0xad, 0xe8, 0x32, 0x06, 0xe5, 0xba, 0x81,
0x34, 0x73, 0xa1, 0x1f, 0xa3, 0x30, 0xe0, 0x5d, 0xa8, 0xc9, 0x6e, 0x43,
0x83, 0xfe, 0x27, 0x87, 0x3d, 0xa9, 0x71, 0x03, 0xbe, 0x28, 0x88, 0xcf,
0xf0, 0x02, 0xf0, 0x5a, 0xf7, 0x1a, 0x1f, 0xdd, 0xcc, 0x83, 0x74, 0xaa,
0x6e, 0xa9, 0xce, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x5c, 0x75,
0x51, 0x9f, 0x13, 0x11, 0x50, 0xcd, 0x5d, 0x8a, 0xde, 0x20, 0xa3, 0xbc,
0x06, 0x30, 0x91, 0xff, 0xb2, 0x73, 0x75, 0x5f, 0x31, 0x64, 0xec, 0xfd,
0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02, 0x21, 0x00, 0xf3, 0x04, 0x26,
0xf2, 0xfd, 0xbc, 0x89, 0x3f, 0x29, 0x3b, 0x70, 0xbc, 0x72, 0xa6, 0xc2,
0x23, 0xcc, 0x43, 0x4d, 0x84, 0x71, 0xaf, 0x53, 0xe4, 0x4b, 0x3e, 0xc0,
0xbf, 0xe5, 0x68, 0x86, 0x49
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P256_INT: [u8; 332] = [
0x30, 0x82, 0x01, 0x48, 0x30, 0x81, 0xf0, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x43, 0x63, 0x59, 0xad, 0x04, 0x34, 0x56, 0x80,
0x43, 0xec, 0x90, 0x6a, 0xd4, 0x10, 0x64, 0x7c, 0x7f, 0x38, 0x32,
0xe2, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04,
0x03, 0x02, 0x30, 0x14, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x09, 0x72, 0x6f, 0x6f, 0x74, 0x2d, 0x70, 0x32,
0x35, 0x36, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x32, 0x30,
0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18,
0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33, 0x31, 0x30, 0x30,
0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f,
0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x69, 0x6e, 0x74, 0x2d,
0x70, 0x32, 0x35, 0x36, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a,
0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf,
0xbb, 0xbb, 0x61, 0xe0, 0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac,
0x87, 0x04, 0xe2, 0xec, 0x05, 0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e,
0x92, 0x3f, 0x2c, 0x4f, 0x79, 0x4b, 0x45, 0x5c, 0x2a, 0x69, 0xd2,
0x33, 0x45, 0x6c, 0x36, 0xc4, 0x11, 0x9d, 0x07, 0x06, 0xe0, 0x0e,
0xed, 0xc8, 0xd1, 0x93, 0x90, 0xd7, 0x99, 0x1b, 0x7b, 0x2d, 0x07,
0xa3, 0x04, 0xea, 0xa0, 0x4a, 0xa6, 0xc0, 0xa3, 0x1d, 0x30, 0x1b,
0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03,
0x01, 0x01, 0xff, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04,
0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44,
0x02, 0x20, 0x63, 0x59, 0x02, 0x01, 0x89, 0xd7, 0x3e, 0x5b, 0xff,
0xd1, 0x16, 0x4e, 0xe3, 0xe2, 0x0a, 0xe0, 0x4a, 0xd8, 0x75, 0xaf,
0x77, 0x5c, 0x93, 0x60, 0xba, 0x10, 0x1f, 0x97, 0xdd, 0x27, 0x2d,
0x24, 0x02, 0x20, 0x3d, 0x87, 0x0f, 0xac, 0x22, 0x4d, 0x16, 0xd9,
0xa1, 0x95, 0xbb, 0x56, 0xe0, 0x21, 0x05, 0x93, 0xd1, 0x07, 0xb5,
0x25, 0x3b, 0xf4, 0x57, 0x20, 0x87, 0x13, 0xa2, 0xf7, 0x78, 0x15,
0x30, 0xa7
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P256_ROOT: [u8; 334] = [
0x30, 0x82, 0x01, 0x4a, 0x30, 0x81, 0xf1, 0xa0, 0x03, 0x02, 0x01, 0x02,
0x02, 0x14, 0x5f, 0x3f, 0xae, 0x90, 0x49, 0x30, 0x2f, 0x33, 0x6e, 0x95,
0x23, 0xa7, 0xcb, 0x23, 0xd7, 0x65, 0x4f, 0xea, 0x3c, 0xf7, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x14,
0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x09, 0x72,
0x6f, 0x6f, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f,
0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x14, 0x31, 0x12,
0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x09, 0x72, 0x6f, 0x6f,
0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07,
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf, 0xbb,
0xbb, 0x61, 0xe0, 0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac, 0x87, 0x04,
0xe2, 0xec, 0x05, 0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e, 0x92, 0x3f, 0x2c,
0x4f, 0x79, 0x4b, 0x45, 0x5c, 0x2a, 0x69, 0xd2, 0x33, 0x45, 0x6c, 0x36,
0xc4, 0x11, 0x9d, 0x07, 0x06, 0xe0, 0x0e, 0xed, 0xc8, 0xd1, 0x93, 0x90,
0xd7, 0x99, 0x1b, 0x7b, 0x2d, 0x07, 0xa3, 0x04, 0xea, 0xa0, 0x4a, 0xa6,
0xc0, 0xa3, 0x1d, 0x30, 0x1b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13,
0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0b, 0x06, 0x03, 0x55,
0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x0a, 0x06, 0x08,
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30,
0x45, 0x02, 0x20, 0x5c, 0x75, 0x51, 0x9f, 0x13, 0x11, 0x50, 0xcd, 0x5d,
0x8a, 0xde, 0x20, 0xa3, 0xbc, 0x06, 0x30, 0x91, 0xff, 0xb2, 0x73, 0x75,
0x5f, 0x31, 0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02,
0x21, 0x00, 0xc2, 0xe4, 0xc1, 0xa8, 0xe2, 0x89, 0xdc, 0xa1, 0xbb, 0xe7,
0xd5, 0x4f, 0x5c, 0x88, 0xad, 0xeb, 0xa4, 0x78, 0xa1, 0x19, 0xbe, 0x22,
0x54, 0xc8, 0x9f, 0xef, 0xb8, 0x5d, 0xa2, 0x40, 0xd9, 0x8b
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_RSA_EE: [u8; 1218] = [
0x30, 0x82, 0x04, 0xbe, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
0x04, 0xa8, 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
0x01, 0x00, 0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41, 0xfd,
0x6e, 0xb6, 0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea, 0xe4,
0x35, 0x4a, 0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1, 0xc7,
0x25, 0xa8, 0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e, 0x1a,
0x86, 0xf2, 0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71, 0x08,
0x7a, 0xa5, 0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c, 0x02,
0x7e, 0xcd, 0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93, 0xab,
0x20, 0xc3, 0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e, 0xed,
0x15, 0x82, 0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02, 0x3a,
0x8b, 0x2a, 0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd, 0x66,
0x0b, 0x2b, 0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79, 0x90,
0xb1, 0x57, 0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f, 0xa8,
0x37, 0xd3, 0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66, 0x5a,
0xaa, 0x7e, 0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24, 0xcc,
0x1c, 0x6c, 0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12, 0xc0,
0x75, 0x31, 0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad, 0x1d,
0x25, 0xd3, 0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3, 0x7b,
0x2f, 0x22, 0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee, 0x26,
0xd6, 0x25, 0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24, 0x04,
0x2c, 0xbf, 0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31, 0xb8,
0xb3, 0xfe, 0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03, 0xac,
0xda, 0x18, 0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
0x82, 0x01, 0x01, 0x00, 0x9e, 0xcb, 0xce, 0x38, 0x61, 0xa4, 0x54, 0xec,
0xb1, 0xe0, 0xfe, 0x8f, 0x85, 0xdd, 0x43, 0xc9, 0x2f, 0x58, 0x25, 0xce,
0x2e, 0x99, 0x78, 0x84, 0xd0, 0xe1, 0xa9, 0x49, 0xda, 0xa2, 0xc5, 0xac,
0x55, 0x9b, 0x24, 0x04, 0x50, 0xe5, 0xac, 0x9f, 0xe0, 0xc3, 0xe3, 0x1c,
0x0e, 0xef, 0xa6, 0x52, 0x5a, 0x65, 0xf0, 0xc2, 0x21, 0x94, 0x00, 0x4e,
0xe1, 0xab, 0x46, 0x3d, 0xde, 0x9e, 0xe8, 0x22, 0x87, 0xcc, 0x93, 0xe7,
0x46, 0xa9, 0x19, 0x29, 0xc5, 0xe6, 0xac, 0x3d, 0x88, 0x75, 0x3f, 0x6c,
0x25, 0xba, 0x59, 0x79, 0xe7, 0x3e, 0x5d, 0x8f, 0xb2, 0x39, 0x11, 0x1a,
0x3c, 0xda, 0xb8, 0xa4, 0xb0, 0xcd, 0xf5, 0xf9, 0xca, 0xb0, 0x5f, 0x12,
0x33, 0xa3, 0x83, 0x35, 0xc6, 0x4b, 0x55, 0x60, 0x52, 0x5e, 0x7e, 0x3b,
0x92, 0xad, 0x7c, 0x75, 0x04, 0xcf, 0x1d, 0xc7, 0xcb, 0x00, 0x57, 0x88,
0xaf, 0xcb, 0xe1, 0xe8, 0xf9, 0x5d, 0xf7, 0x40, 0x2a, 0x15, 0x15, 0x30,
0xd5, 0x80, 0x83, 0x46, 0x86, 0x4e, 0xb3, 0x70, 0xaa, 0x79, 0x95, 0x6a,
0x58, 0x78, 0x62, 0xcb, 0x53, 0x37, 0x91, 0x30, 0x7f, 0x70, 0xd9, 0x1c,
0x96, 0xd2, 0x2d, 0x00, 0x1a, 0x69, 0x00, 0x9b, 0x92, 0x3c, 0x68, 0x33,
0x88, 0xc9, 0xf3, 0x6c, 0xb9, 0xb5, 0xeb, 0xe6, 0x43, 0x02, 0x04, 0x1c,
0x78, 0xd9, 0x08, 0x20, 0x6b, 0x87, 0x00, 0x9c, 0xb8, 0xca, 0xba, 0xca,
0xd3, 0xdb, 0xdb, 0x27, 0x92, 0xfb, 0x91, 0x1b, 0x2c, 0xf4, 0xdb, 0x66,
0x03, 0x58, 0x5b, 0xe9, 0xae, 0x0c, 0xa3, 0xb8, 0xe6, 0x41, 0x7a, 0xa0,
0x4b, 0x06, 0xe4, 0x70, 0xea, 0x1a, 0x3b, 0x58, 0x1c, 0xa0, 0x3a, 0x67,
0x81, 0xc9, 0x31, 0x5b, 0x62, 0xb3, 0x0e, 0x60, 0x11, 0xf2, 0x24, 0x72,
0x59, 0x46, 0xee, 0xc5, 0x7c, 0x6d, 0x94, 0x41, 0x02, 0x81, 0x81, 0x00,
0xdd, 0x6e, 0x1d, 0x4f, 0xff, 0xeb, 0xf6, 0x8d, 0x88, 0x9c, 0x4d, 0x11,
0x4c, 0xda, 0xaa, 0x9c, 0xaa, 0x63, 0xa5, 0x93, 0x74, 0x28, 0x6c, 0x8a,
0x5c, 0x29, 0xa7, 0x17, 0xbb, 0xa6, 0x03, 0x75, 0x64, 0x4d, 0x5c, 0xaa,
0x67, 0x4c, 0x4b, 0x8b, 0xc7, 0x32, 0x63, 0x58, 0x64, 0x62, 0x20, 0xe4,
0x55, 0x0d, 0x76, 0x08, 0xac, 0x27, 0xd5, 0x5b, 0x6d, 0xb7, 0x4f, 0x8d,
0x81, 0x27, 0xef, 0x8f, 0xa0, 0x90, 0x98, 0xb6, 0x91, 0x47, 0xde, 0x06,
0x55, 0x73, 0x44, 0x7e, 0x18, 0x3d, 0x22, 0xfe, 0x7d, 0x88, 0x5a, 0xce,
0xb5, 0x13, 0xd9, 0x58, 0x1d, 0xd5, 0xe0, 0x7c, 0x1a, 0x90, 0xf5, 0xce,
0x08, 0x79, 0xde, 0x13, 0x13, 0x71, 0xec, 0xef, 0xc9, 0xce, 0x72, 0xe9,
0xc4, 0x3d, 0xc1, 0x27, 0xd2, 0x38, 0x19, 0x0d, 0xe8, 0x11, 0x77, 0x3c,
0xa5, 0xd1, 0x93, 0x01, 0xf4, 0x8c, 0x74, 0x2b, 0x02, 0x81, 0x81, 0x00,
0xd7, 0xa7, 0x73, 0xd9, 0xeb, 0xc3, 0x80, 0xa7, 0x67, 0xd2, 0xfe, 0xc0,
0x93, 0x4a, 0xd4, 0xe8, 0xb5, 0x66, 0x72, 0x40, 0x77, 0x1a, 0xcd, 0xeb,
0xb5, 0xad, 0x79, 0x6f, 0x47, 0x8f, 0xec, 0x4d, 0x45, 0x98, 0x5e, 0xfb,
0xc9, 0x53, 0x29, 0x68, 0x28, 0x9c, 0x8d, 0x89, 0x10, 0x2f, 0xad, 0xf2,
0x1f, 0x34, 0xe2, 0xdd, 0x49, 0x40, 0xeb, 0xa8, 0xc0, 0x9d, 0x6d, 0x1f,
0x16, 0xdc, 0xc2, 0x97, 0x29, 0x77, 0x4c, 0x43, 0x27, 0x5e, 0x92, 0x51,
0xdd, 0xbe, 0x49, 0x09, 0xe1, 0xfd, 0x3b, 0xf1, 0xe4, 0xbe, 0xdf, 0x46,
0xa3, 0x9b, 0x8b, 0x38, 0x33, 0x28, 0xef, 0x4a, 0xe3, 0xb9, 0x5b, 0x92,
0xf2, 0x07, 0x0a, 0xf2, 0x6c, 0x9e, 0x7c, 0x5c, 0x9b, 0x58, 0x7f, 0xed,
0xde, 0x05, 0xe8, 0xe7, 0xd8, 0x6c, 0xa5, 0x78, 0x86, 0xfb, 0x16, 0x58,
0x10, 0xa7, 0x7b, 0x98, 0x45, 0xbc, 0x31, 0x27, 0x02, 0x81, 0x81, 0x00,
0x96, 0x47, 0x2b, 0x41, 0xa6, 0x10, 0xc0, 0xad, 0xe1, 0xaf, 0x22, 0x66,
0xc1, 0x60, 0x0e, 0x36, 0x71, 0x35, 0x5b, 0xa4, 0x2d, 0x4b, 0x5a, 0x0e,
0xb4, 0xe9, 0xd7, 0xeb, 0x35, 0x81, 0x40, 0x0b, 0xa5, 0xdd, 0x13, 0x2c,
0xdb, 0x1a, 0x5e, 0x93, 0x28, 0xc7, 0xbb, 0xc0, 0xbb, 0xb0, 0x15, 0x5e,
0xa1, 0x92, 0x97, 0x2e, 0xdf, 0x97, 0xd1, 0x27, 0x51, 0xd8, 0xfc, 0xf6,
0xae, 0x57, 0x2a, 0x30, 0xb1, 0xea, 0x30, 0x9a, 0x87, 0x12, 0xdd, 0x4e,
0x33, 0x24, 0x1d, 0xb1, 0xee, 0x45, 0x5f, 0xc0, 0x93, 0xf5, 0xbc, 0x9b,
0x59, 0x2d, 0x75, 0x6e, 0x66, 0x21, 0x47, 0x4f, 0x32, 0xc0, 0x7a, 0xf2,
0x2f, 0xb2, 0x75, 0xd3, 0x40, 0x79, 0x2b, 0x32, 0xba, 0x25, 0x90, 0xbb,
0xb2, 0x61, 0xae, 0xfb, 0x95, 0xa2, 0x58, 0xee, 0xa5, 0x37, 0x65, 0x53,
0x15, 0xbe, 0x9c, 0x24, 0xd1, 0x91, 0x99, 0x2d, 0x02, 0x81, 0x80, 0x28,
0xb4, 0x50, 0xa7, 0xa7, 0x5a, 0x85, 0x64, 0x13, 0xb2, 0xbd, 0xa6, 0xf7,
0xa6, 0x3e, 0x3d, 0x96, 0x4f, 0xb9, 0xec, 0xf5, 0x0e, 0x38, 0x23, 0xef,
0x6c, 0xc8, 0xe8, 0xfa, 0x26, 0xee, 0x41, 0x3f, 0x8b, 0x9d, 0x12, 0x05,
0x54, 0x0f, 0x12, 0xbb, 0xe7, 0xa0, 0xc7, 0x68, 0x28, 0xb7, 0xba, 0x65,
0xad, 0x83, 0xcc, 0xa4, 0xd0, 0xfe, 0x2a, 0x22, 0x01, 0x14, 0xe1, 0xb3,
0x5d, 0x03, 0xd5, 0xa8, 0x5b, 0xfe, 0x27, 0x06, 0xbd, 0x50, 0xfc, 0xe6,
0xcf, 0xcd, 0xd5, 0x71, 0xb4, 0x6c, 0xa6, 0x21, 0xb8, 0xed, 0x47, 0xd6,
0x05, 0xbb, 0xe7, 0x65, 0xb0, 0xaa, 0x4a, 0x06, 0x65, 0xac, 0x25, 0x36,
0x4d, 0xa2, 0x01, 0x54, 0x03, 0x2e, 0x12, 0x04, 0xb8, 0x55, 0x9d, 0x3e,
0x34, 0xfb, 0x5b, 0x17, 0x7c, 0x9a, 0x56, 0xff, 0x93, 0x51, 0x0a, 0x5a,
0x4a, 0x62, 0x87, 0xc1, 0x51, 0xde, 0x2d, 0x02, 0x81, 0x80, 0x28, 0x06,
0x7b, 0x93, 0x55, 0x80, 0x1d, 0x2e, 0xf5, 0x2d, 0xfa, 0x96, 0xd8, 0xad,
0xb5, 0x89, 0x67, 0x3c, 0xf8, 0xee, 0x8a, 0x9c, 0x6f, 0xf7, 0x2a, 0xee,
0xab, 0xe9, 0xef, 0x6b, 0xe5, 0x8a, 0x4f, 0x4a, 0xbf, 0x05, 0xf7, 0x88,
0x94, 0x7d, 0xc8, 0x51, 0xfd, 0xaa, 0x34, 0x54, 0x21, 0x47, 0xa7, 0x1a,
0x24, 0x6b, 0xfb, 0x05, 0x4e, 0xe7, 0x6a, 0xa3, 0x46, 0xab, 0xcd, 0x26,
0x92, 0xcf, 0xc9, 0xe4, 0x4c, 0x51, 0xe6, 0xf0, 0x69, 0xc7, 0x35, 0xe0,
0x73, 0xba, 0x01, 0x9f, 0x6a, 0x72, 0x14, 0x96, 0x1c, 0x91, 0xb2, 0x68,
0x71, 0xca, 0xea, 0xbf, 0x8f, 0x06, 0x44, 0x18, 0xa0, 0x26, 0x90, 0xe3,
0x9a, 0x8d, 0x5f, 0xf3, 0x06, 0x7b, 0x7c, 0xdb, 0x7f, 0x50, 0xb1, 0xf5,
0x34, 0x18, 0xa7, 0x03, 0x96, 0x6c, 0x4f, 0xc7, 0x74, 0xbf, 0x74, 0x02,
0xaf, 0x6c, 0x43, 0x24, 0x7f, 0x43
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const RSA_EE: [u8; 691] = [
0x30, 0x82, 0x02, 0xaf, 0x30, 0x82, 0x01, 0x99, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x07, 0x1c, 0x3b, 0x71, 0x08, 0xbe, 0xd7, 0x9f, 0xfd,
0xaf, 0x26, 0xb6, 0x08, 0xa3, 0x99, 0x06, 0x77, 0x69, 0x32, 0x7e, 0x30,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x07, 0x69, 0x6e, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x22, 0x18, 0x0f,
0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x11, 0x31, 0x0f,
0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x06, 0x65, 0x65, 0x2d,
0x72, 0x73, 0x61, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82,
0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00,
0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41, 0xfd, 0x6e, 0xb6,
0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea, 0xe4, 0x35, 0x4a,
0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1, 0xc7, 0x25, 0xa8,
0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e, 0x1a, 0x86, 0xf2,
0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71, 0x08, 0x7a, 0xa5,
0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c, 0x02, 0x7e, 0xcd,
0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93, 0xab, 0x20, 0xc3,
0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e, 0xed, 0x15, 0x82,
0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02, 0x3a, 0x8b, 0x2a,
0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd, 0x66, 0x0b, 0x2b,
0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79, 0x90, 0xb1, 0x57,
0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f, 0xa8, 0x37, 0xd3,
0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66, 0x5a, 0xaa, 0x7e,
0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24, 0xcc, 0x1c, 0x6c,
0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12, 0xc0, 0x75, 0x31,
0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad, 0x1d, 0x25, 0xd3,
0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3, 0x7b, 0x2f, 0x22,
0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee, 0x26, 0xd6, 0x25,
0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24, 0x04, 0x2c, 0xbf,
0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31, 0xb8, 0xb3, 0xfe,
0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03, 0xac, 0xda, 0x18,
0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0b, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x03, 0x82,
0x01, 0x01, 0x00, 0x44, 0x92, 0xbb, 0x8e, 0x83, 0x58, 0x56, 0x2e, 0x7a,
0x86, 0xfa, 0x1d, 0x77, 0x50, 0x3f, 0x45, 0x8d, 0x90, 0xc4, 0x62, 0x27,
0x21, 0x96, 0x5a, 0xef, 0x51, 0x78, 0xd7, 0x7d, 0x0d, 0x02, 0x2d, 0x5a,
0x0e, 0x3c, 0x82, 0x6f, 0x1d, 0x92, 0x87, 0xd5, 0x1a, 0x44, 0xae, 0xa7,
0x92, 0xd1, 0x8b, 0xfa, 0x16, 0x53, 0x7f, 0xa3, 0x22, 0x96, 0x1a, 0x51,
0x8c, 0xeb, 0xa1, 0xe6, 0xf6, 0x37, 0x11, 0xfe, 0x7d, 0x53, 0x3f, 0xae,
0xf0, 0x6b, 0xb9, 0xb1, 0x7a, 0x73, 0x07, 0x14, 0xcf, 0x04, 0x05, 0x93,
0x9e, 0xe3, 0xd2, 0x4d, 0x9d, 0x6d, 0x35, 0x68, 0xf9, 0x36, 0xe5, 0x10,
0x0a, 0x36, 0xd9, 0x48, 0xb0, 0x83, 0xd0, 0xb9, 0x58, 0x74, 0x53, 0xb3,
0xbc, 0x99, 0xab, 0xe1, 0x3e, 0xd5, 0x01, 0x8e, 0xcf, 0x3a, 0x69, 0x93,
0x9e, 0xa7, 0x88, 0xd4, 0xad, 0x95, 0xf9, 0x2a, 0xb4, 0x7f, 0x95, 0x97,
0x86, 0x50, 0x38, 0xb1, 0x04, 0x0a, 0xe4, 0x7a, 0xd5, 0x2d, 0x6c, 0xde,
0x3e, 0x1a, 0x47, 0x17, 0x88, 0x63, 0x20, 0x9d, 0x21, 0x3e, 0x0c, 0x6f,
0xfd, 0x20, 0x54, 0xd0, 0x67, 0xd2, 0x6b, 0x06, 0xfe, 0x60, 0x13, 0x42,
0x3d, 0xb7, 0xca, 0xcb, 0xab, 0x7b, 0x5f, 0x5d, 0x01, 0x56, 0xd3, 0x99,
0x80, 0x0f, 0xde, 0x7f, 0x3a, 0x61, 0x9c, 0xd3, 0x6b, 0x5e, 0xfe, 0xb5,
0xfc, 0x39, 0x8b, 0x8e, 0xf0, 0x8c, 0x8b, 0x65, 0x46, 0x45, 0xff, 0x47,
0x8f, 0xd4, 0xdd, 0xae, 0xc9, 0x72, 0xc7, 0x7f, 0x28, 0x86, 0xf1, 0xf7,
0x6e, 0xcb, 0x86, 0x03, 0xeb, 0x0c, 0x46, 0xe5, 0xa0, 0x6b, 0xef, 0xd4,
0x5e, 0xa4, 0x0f, 0x53, 0xe1, 0xbc, 0xb4, 0xc9, 0x37, 0x0e, 0x75, 0xdd,
0x93, 0xe8, 0x0f, 0x18, 0x0a, 0x02, 0x83, 0x17, 0x74, 0xbb, 0x1a, 0x42,
0x5b, 0x63, 0x2c, 0x80, 0x80, 0xa6, 0x84
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const RSA_INT: [u8; 724] = [
0x30, 0x82, 0x02, 0xd0, 0x30, 0x82, 0x01, 0xba, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x07, 0x10, 0xaf, 0xc4, 0x1a, 0x3a, 0x56, 0x4f, 0xd8,
0xc2, 0xcc, 0x46, 0xd7, 0x5b, 0xdf, 0x1c, 0x4e, 0x2f, 0x49, 0x3a, 0x30,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x08, 0x72, 0x6f, 0x6f, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x22, 0x18,
0x0f, 0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30,
0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32,
0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x69, 0x6e,
0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01,
0x01, 0x00, 0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41, 0xfd,
0x6e, 0xb6, 0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea, 0xe4,
0x35, 0x4a, 0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1, 0xc7,
0x25, 0xa8, 0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e, 0x1a,
0x86, 0xf2, 0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71, 0x08,
0x7a, 0xa5, 0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c, 0x02,
0x7e, 0xcd, 0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93, 0xab,
0x20, 0xc3, 0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e, 0xed,
0x15, 0x82, 0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02, 0x3a,
0x8b, 0x2a, 0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd, 0x66,
0x0b, 0x2b, 0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79, 0x90,
0xb1, 0x57, 0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f, 0xa8,
0x37, 0xd3, 0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66, 0x5a,
0xaa, 0x7e, 0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24, 0xcc,
0x1c, 0x6c, 0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12, 0xc0,
0x75, 0x31, 0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad, 0x1d,
0x25, 0xd3, 0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3, 0x7b,
0x2f, 0x22, 0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee, 0x26,
0xd6, 0x25, 0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24, 0x04,
0x2c, 0xbf, 0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31, 0xb8,
0xb3, 0xfe, 0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03, 0xac,
0xda, 0x18, 0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,
0x1d, 0x30, 0x1b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,
0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f,
0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x0b, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x03, 0x82, 0x01, 0x01, 0x00,
0x5e, 0xba, 0x69, 0x55, 0x9f, 0xf8, 0xeb, 0x16, 0x21, 0x98, 0xde, 0xb7,
0x31, 0x3e, 0x66, 0xe1, 0x3b, 0x0c, 0x29, 0xf7, 0x48, 0x73, 0x05, 0xd9,
0xce, 0x5e, 0x4c, 0xbe, 0x03, 0xc4, 0x51, 0xd6, 0x21, 0x92, 0x40, 0x38,
0xaa, 0x5b, 0x28, 0xb5, 0xa1, 0x10, 0x52, 0x57, 0xff, 0x91, 0x54, 0x82,
0x86, 0x9e, 0x74, 0xd5, 0x3d, 0x82, 0x29, 0xee, 0xd1, 0xcf, 0x93, 0xb1,
0x24, 0x76, 0xbb, 0x95, 0x41, 0x06, 0x7e, 0x40, 0x9b, 0xb4, 0xab, 0x44,
0x34, 0x10, 0x8f, 0xb1, 0x51, 0x6f, 0xc0, 0x89, 0xd1, 0xa3, 0xc4, 0x9f,
0xb3, 0x48, 0xe1, 0xcd, 0x73, 0xad, 0xff, 0x42, 0x5f, 0x76, 0x05, 0x60,
0xc5, 0xe0, 0x45, 0x79, 0x18, 0xa1, 0x19, 0xb8, 0xa7, 0x3a, 0x64, 0xb3,
0x19, 0xba, 0x14, 0xa1, 0xb5, 0xdc, 0x32, 0xec, 0x09, 0x39, 0x58, 0x54,
0x5b, 0x04, 0xdc, 0x1b, 0x66, 0x0d, 0x1d, 0x0d, 0xce, 0x7f, 0xfa, 0x24,
0x52, 0x6a, 0xad, 0xe2, 0xc8, 0x30, 0xaf, 0xf2, 0xaf, 0x63, 0xc5, 0xe2,
0xbf, 0xe2, 0x20, 0x1b, 0x9e, 0xf9, 0x3d, 0xbc, 0xfb, 0x04, 0x8e, 0xda,
0x7a, 0x1a, 0x5d, 0xd3, 0x13, 0xd7, 0x00, 0x8e, 0x9b, 0x5d, 0x85, 0x51,
0xda, 0xd3, 0x91, 0x25, 0xf5, 0x67, 0x85, 0x3e, 0x25, 0x89, 0x5e, 0xcb,
0x89, 0x8a, 0xec, 0x8a, 0xde, 0x8b, 0xf4, 0x33, 0x5f, 0x76, 0xdb, 0x3d,
0xfc, 0x6a, 0x05, 0x21, 0x43, 0xb2, 0x41, 0xd8, 0x33, 0x8d, 0xfd, 0x05,
0x5c, 0x22, 0x0a, 0xf6, 0x90, 0x65, 0x9c, 0x4f, 0x8c, 0x44, 0x9f, 0x2d,
0xca, 0xf3, 0x49, 0x9c, 0x3a, 0x14, 0x88, 0xab, 0xe4, 0xce, 0xb7, 0xbc,
0x95, 0x22, 0x2e, 0xb1, 0x82, 0x4c, 0xbf, 0x83, 0x3e, 0x49, 0x72, 0x03,
0x2a, 0x68, 0xe7, 0x2d, 0xe5, 0x2d, 0x4b, 0x61, 0xb0, 0x8d, 0x0d, 0x0c,
0x87, 0xc6, 0x5c, 0x51
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const RSA_ROOT: [u8; 725] = [
0x30, 0x82, 0x02, 0xd1, 0x30, 0x82, 0x01, 0xbb, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x29, 0x6c, 0x1a, 0xd8, 0x20, 0xcd, 0x74, 0x6d, 0x4b,
0x00, 0xf3, 0x16, 0x88, 0xd9, 0x66, 0x87, 0x5f, 0x28, 0x56, 0x6a, 0x30,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x08, 0x72, 0x6f, 0x6f, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x22, 0x18,
0x0f, 0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30,
0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32,
0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x13, 0x31,
0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x72, 0x6f,
0x6f, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82,
0x01, 0x01, 0x00, 0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41,
0xfd, 0x6e, 0xb6, 0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea,
0xe4, 0x35, 0x4a, 0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1,
0xc7, 0x25, 0xa8, 0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e,
0x1a, 0x86, 0xf2, 0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71,
0x08, 0x7a, 0xa5, 0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c,
0x02, 0x7e, 0xcd, 0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93,
0xab, 0x20, 0xc3, 0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e,
0xed, 0x15, 0x82, 0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02,
0x3a, 0x8b, 0x2a, 0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd,
0x66, 0x0b, 0x2b, 0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79,
0x90, 0xb1, 0x57, 0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f,
0xa8, 0x37, 0xd3, 0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66,
0x5a, 0xaa, 0x7e, 0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24,
0xcc, 0x1c, 0x6c, 0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12,
0xc0, 0x75, 0x31, 0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad,
0x1d, 0x25, 0xd3, 0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3,
0x7b, 0x2f, 0x22, 0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee,
0x26, 0xd6, 0x25, 0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24,
0x04, 0x2c, 0xbf, 0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31,
0xb8, 0xb3, 0xfe, 0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03,
0xac, 0xda, 0x18, 0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01,
0xa3, 0x1d, 0x30, 0x1b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d,
0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x0b, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x03, 0x82, 0x01, 0x01,
0x00, 0x23, 0x2f, 0x9f, 0x72, 0xeb, 0x70, 0x6d, 0x9e, 0x3e, 0x9f, 0xd7,
0x9c, 0xd9, 0x19, 0x7c, 0x99, 0x07, 0xc5, 0x5c, 0x9d, 0xf5, 0x66, 0x9f,
0x28, 0x8d, 0xfe, 0x0e, 0x3f, 0x38, 0x75, 0xed, 0xee, 0x4e, 0x3f, 0xf6,
0x6e, 0x35, 0xe0, 0x95, 0x3f, 0x08, 0x4a, 0x71, 0x5a, 0xf2, 0x4f, 0xc9,
0x96, 0x61, 0x8d, 0x45, 0x4b, 0x97, 0x85, 0xff, 0xb0, 0xe3, 0xbb, 0xb5,
0xd7, 0x7e, 0xfb, 0xd2, 0xfc, 0xec, 0xfe, 0x42, 0x9f, 0x4e, 0x7b, 0xbf,
0x97, 0xbb, 0xb4, 0x3a, 0x93, 0x0b, 0x13, 0x61, 0x90, 0x0c, 0x3a, 0xce,
0xf7, 0x8e, 0xef, 0x80, 0xf5, 0x4a, 0x92, 0xc5, 0xa5, 0x03, 0x78, 0xc2,
0xee, 0xb8, 0x66, 0x60, 0x6b, 0x76, 0x4f, 0x32, 0x5a, 0x1a, 0xa2, 0x4b,
0x7e, 0x2b, 0xa6, 0x1a, 0x89, 0x01, 0xe3, 0xbb, 0x55, 0x13, 0x7c, 0x4c,
0xf4, 0x6a, 0x99, 0x94, 0xd1, 0xa0, 0x84, 0x1c, 0x1a, 0xc2, 0x7b, 0xb4,
0xa0, 0xb0, 0x3b, 0xdc, 0x5a, 0x7b, 0xc7, 0xe0, 0x44, 0xb2, 0x1f, 0x46,
0xd5, 0x8b, 0x39, 0x8b, 0xdc, 0x9e, 0xce, 0xa8, 0x7f, 0x85, 0x1d, 0x4b,
0x63, 0x06, 0x1e, 0x8e, 0xe5, 0xe5, 0x99, 0xd9, 0xf7, 0x4d, 0x89, 0x0b,
0x1d, 0x5c, 0x27, 0x33, 0x66, 0x21, 0xcf, 0x9a, 0xbd, 0x98, 0x68, 0x23,
0x3a, 0x66, 0x9d, 0xd4, 0x46, 0xed, 0x63, 0x58, 0xf3, 0x42, 0xe4, 0x1d,
0xe2, 0x47, 0x65, 0x13, 0x8d, 0xd4, 0x1f, 0x4b, 0x7e, 0xde, 0x11, 0x56,
0xf8, 0x6d, 0x01, 0x0c, 0x99, 0xbd, 0x8d, 0xca, 0x8a, 0x2e, 0xe3, 0x8a,
0x9c, 0x3d, 0x83, 0x8d, 0x69, 0x62, 0x8d, 0x05, 0xea, 0xb7, 0xf5, 0xa3,
0x4b, 0xfc, 0x96, 0xcf, 0x18, 0x21, 0x0a, 0xc7, 0xf3, 0x23, 0x7e, 0x1c,
0xab, 0xe2, 0xa2, 0xd1, 0x83, 0xc4, 0x25, 0x93, 0x37, 0x80, 0xca, 0xda,
0xf0, 0xef, 0x7d, 0x94, 0xb5
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const XPI_SIGNATURE: [u8; 646] = [
0xd8, 0x62, 0x84, 0x43, 0xa1, 0x04, 0x80, 0xa0, 0xf6, 0x81, 0x83, 0x59,
0x02, 0x35, 0xa2, 0x01, 0x26, 0x04, 0x59, 0x02, 0x2e, 0x30, 0x82, 0x02,
0x2a, 0x30, 0x82, 0x01, 0x12, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14,
0x17, 0x03, 0x6b, 0xc1, 0xfe, 0xb4, 0x38, 0xe1, 0x83, 0x8f, 0xe5, 0xa7,
0xca, 0xf1, 0x54, 0x32, 0x4c, 0x8b, 0xf3, 0x05, 0x30, 0x0d, 0x06, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30,
0x29, 0x31, 0x27, 0x30, 0x25, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1e,
0x78, 0x70, 0x63, 0x73, 0x68, 0x65, 0x6c, 0x6c, 0x20, 0x73, 0x69, 0x67,
0x6e, 0x65, 0x64, 0x20, 0x61, 0x70, 0x70, 0x73, 0x20, 0x74, 0x65, 0x73,
0x74, 0x20, 0x72, 0x6f, 0x6f, 0x74, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30,
0x31, 0x35, 0x31, 0x31, 0x32, 0x38, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x38, 0x30, 0x32, 0x30, 0x35, 0x30,
0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x2b, 0x31, 0x29, 0x30, 0x27,
0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x20, 0x20, 0x78, 0x70, 0x63, 0x73,
0x68, 0x65, 0x6c, 0x6c, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x20,
0x61, 0x70, 0x70, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x73, 0x69, 0x67,
0x6e, 0x65, 0x72, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03,
0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf, 0xbb, 0xbb, 0x61, 0xe0,
0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac, 0x87, 0x04, 0xe2, 0xec, 0x05,
0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e, 0x92, 0x3f, 0x2c, 0x4f, 0x79, 0x4b,
0x45, 0x5c, 0x2a, 0x69, 0xd2, 0x33, 0x45, 0x6c, 0x36, 0xc4, 0x11, 0x9d,
0x07, 0x06, 0xe0, 0x0e, 0xed, 0xc8, 0xd1, 0x93, 0x90, 0xd7, 0x99, 0x1b,
0x7b, 0x2d, 0x07, 0xa3, 0x04, 0xea, 0xa0, 0x4a, 0xa6, 0xc0, 0xa3, 0x0f,
0x30, 0x0d, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03,
0x02, 0x07, 0x80, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x4f,
0x5c, 0xcb, 0x1d, 0xea, 0x71, 0x58, 0xfe, 0xe2, 0x49, 0x11, 0x16, 0x65,
0xbc, 0x23, 0x6d, 0xda, 0x46, 0x7e, 0x98, 0x93, 0x5d, 0x48, 0x2a, 0xa0,
0xbb, 0x7f, 0x4e, 0xbd, 0x01, 0x0a, 0x1a, 0x30, 0xff, 0xce, 0x03, 0xf5,
0x9c, 0xd9, 0x84, 0x69, 0x7a, 0x5a, 0xe3, 0x43, 0xd2, 0xd4, 0xbc, 0xab,
0x4d, 0x17, 0x8f, 0x10, 0x6a, 0xcf, 0xde, 0x17, 0x1d, 0x7d, 0x16, 0x03,
0x7e, 0x21, 0xf0, 0x32, 0x02, 0x89, 0x67, 0x32, 0x5a, 0xfe, 0xd5, 0xd9,
0x31, 0x53, 0xdc, 0xd7, 0xba, 0x2a, 0x9f, 0xd3, 0x59, 0x8d, 0x61, 0xb9,
0x6e, 0xf7, 0x6e, 0x86, 0x61, 0xdd, 0xfd, 0xe1, 0x73, 0xfe, 0xef, 0x9d,
0xe9, 0x99, 0x9e, 0x51, 0xe8, 0x5d, 0xf7, 0x48, 0x77, 0x8e, 0xc6, 0xe8,
0x53, 0x05, 0x7b, 0x5c, 0x2c, 0x28, 0xe7, 0x0a, 0x07, 0xbf, 0xea, 0xc1,
0x06, 0x11, 0x0d, 0xe7, 0x60, 0xd0, 0x79, 0x94, 0xe9, 0x26, 0xf1, 0x93,
0x71, 0x7b, 0x5b, 0x02, 0x3b, 0x5d, 0x51, 0xb8, 0x19, 0x38, 0x16, 0xab,
0x48, 0x30, 0xf3, 0xec, 0xd9, 0xd5, 0x8f, 0xc7, 0x9a, 0x02, 0xfd, 0x12,
0x57, 0x82, 0x0e, 0xde, 0xce, 0xfc, 0x50, 0x42, 0x2a, 0x41, 0xc7, 0xc6,
0xa8, 0x80, 0x37, 0x7c, 0xc4, 0x47, 0xad, 0xf5, 0xd8, 0xcb, 0xe8, 0xae,
0x0c, 0x01, 0x80, 0x60, 0x35, 0x93, 0x0a, 0x21, 0x81, 0x33, 0xd1, 0xd6,
0x6a, 0x1b, 0xe7, 0xb6, 0xd9, 0x91, 0x50, 0xc2, 0xbd, 0x16, 0xda, 0xb7,
0x68, 0x60, 0xf2, 0x20, 0xaa, 0x72, 0x8c, 0x76, 0x0a, 0x54, 0x7a, 0x05,
0xd8, 0xa1, 0xcd, 0xe9, 0x07, 0x8a, 0x02, 0x07, 0x4b, 0x87, 0x7d, 0xb5,
0x27, 0xca, 0x38, 0xb3, 0x30, 0xaf, 0x97, 0xe0, 0xb7, 0x35, 0x14, 0x08,
0xab, 0x01, 0xb0, 0x14, 0x08, 0x5c, 0x4b, 0xfb, 0x76, 0x0a, 0x95, 0xfc,
0xb4, 0xb8, 0x34, 0xa0, 0x58, 0x40, 0x5c, 0x75, 0x51, 0x9f, 0x13, 0x11,
0x50, 0xcd, 0x5d, 0x8a, 0xde, 0x20, 0xa3, 0xbc, 0x06, 0x30, 0x91, 0xff,
0xb2, 0x73, 0x75, 0x5f, 0x31, 0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a,
0x70, 0xe6, 0x82, 0x02, 0x0a, 0xe8, 0x69, 0x13, 0xd5, 0xf4, 0x1b, 0xab,
0xb6, 0xbb, 0x59, 0x93, 0x08, 0x48, 0x68, 0x9c, 0xbd, 0x72, 0xc7, 0xcb,
0x37, 0xde, 0x26, 0xbc, 0xe9, 0x83, 0x0e, 0xd8, 0x90, 0xa3
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const XPI_PAYLOAD: [u8; 236] = [
0x4E, 0x61, 0x6D, 0x65, 0x3A, 0x20, 0x6D, 0x61, 0x6E, 0x69, 0x66, 0x65,
0x73, 0x74, 0x2E, 0x6A, 0x73, 0x6F, 0x6E, 0x0A, 0x53, 0x48, 0x41, 0x32,
0x35, 0x36, 0x2D, 0x44, 0x69, 0x67, 0x65, 0x73, 0x74, 0x3A, 0x20, 0x42,
0x54, 0x6E, 0x43, 0x70, 0x54, 0x31, 0x35, 0x34, 0x4E, 0x32, 0x36, 0x52,
0x5A, 0x6D, 0x38, 0x62, 0x68, 0x64, 0x44, 0x34, 0x33, 0x57, 0x58, 0x64,
0x30, 0x74, 0x6A, 0x35, 0x62, 0x67, 0x36, 0x6F, 0x66, 0x4D, 0x31, 0x39,
0x4E, 0x4C, 0x49, 0x30, 0x4F, 0x45, 0x3D, 0x0A, 0x0A, 0x4E, 0x61, 0x6D,
0x65, 0x3A, 0x20, 0x52, 0x45, 0x41, 0x44, 0x4D, 0x45, 0x0A, 0x53, 0x48,
0x41, 0x32, 0x35, 0x36, 0x2D, 0x44, 0x69, 0x67, 0x65, 0x73, 0x74, 0x3A,
0x20, 0x62, 0x59, 0x30, 0x6C, 0x39, 0x78, 0x71, 0x47, 0x4A, 0x59, 0x43,
0x70, 0x71, 0x59, 0x65, 0x4A, 0x30, 0x4B, 0x36, 0x71, 0x34, 0x44, 0x57,
0x55, 0x51, 0x71, 0x75, 0x30, 0x6D, 0x4E, 0x42, 0x46, 0x4D, 0x34, 0x48,
0x34, 0x65, 0x6D, 0x68, 0x6A, 0x69, 0x4A, 0x67, 0x3D, 0x0A, 0x0A, 0x4E,
0x61, 0x6D, 0x65, 0x3A, 0x20, 0x64, 0x61, 0x74, 0x61, 0x2F, 0x69, 0x6D,
0x61, 0x67, 0x65, 0x2E, 0x70, 0x6E, 0x67, 0x0A, 0x53, 0x48, 0x41, 0x32,
0x35, 0x36, 0x2D, 0x44, 0x69, 0x67, 0x65, 0x73, 0x74, 0x3A, 0x20, 0x45,
0x50, 0x6A, 0x6B, 0x4E, 0x5A, 0x77, 0x79, 0x61, 0x39, 0x58, 0x2B, 0x70,
0x72, 0x75, 0x4C, 0x6C, 0x78, 0x47, 0x2B, 0x46, 0x41, 0x43, 0x4C, 0x77,
0x47, 0x43, 0x34, 0x38, 0x58, 0x55, 0x34, 0x53, 0x39, 0x6F, 0x5A, 0x4F,
0x41, 0x30, 0x6C, 0x56, 0x56, 0x51, 0x3D, 0x0A
];

6
third_party/rust/cose/src/util_test.rs → third_party/rust/cose/examples/sign_verify/util_test.rs vendored
View File

@ -4,9 +4,9 @@ use nss;
use {CoseError, Signature, SignatureAlgorithm, SignatureParameters};
use std::collections::BTreeMap;
use cbor::CborType;
use util::get_sig_struct_bytes;
use decoder::decode_signature;
use decoder::{COSE_TYPE_ES256, COSE_TYPE_ES384, COSE_TYPE_ES512, COSE_TYPE_PS256};
use cose::util::get_sig_struct_bytes;
use cose::decoder::decode_signature;
use cose::decoder::{COSE_TYPE_ES256, COSE_TYPE_ES384, COSE_TYPE_ES512, COSE_TYPE_PS256};
/// Converts a `SignatureAlgorithm` to its corresponding `CborType`.
/// See RFC 8152 section 8.1 and RFC 8230 section 5.1.

30
third_party/rust/cose/src/cose.rs vendored
View File

@ -30,11 +30,10 @@
//! }
//! }
//!```
extern crate moz_cbor as cbor;
#[macro_use]
pub mod decoder;
mod cbor;
mod util;
pub mod util;
/// Errors that can be returned from COSE functions.
#[derive(Debug, PartialEq)]
@ -67,32 +66,7 @@ pub enum SignatureAlgorithm {
PS256,
}
#[cfg(test)]
#[macro_use(defer)]
extern crate scopeguard;
#[cfg(test)]
mod nss;
#[cfg(test)]
mod test_setup;
#[cfg(test)]
mod test_nss;
#[cfg(test)]
mod util_test;
#[cfg(test)]
mod test_cose;
#[derive(Debug)]
#[cfg(test)]
pub struct SignatureParameters<'a> {
certificate: &'a [u8],
algorithm: SignatureAlgorithm,
pkcs8: &'a [u8],
}
#[derive(Debug)]
#[cfg(test)]
pub struct Signature<'a> {
parameter: &'a SignatureParameters<'a>,
signature_bytes: Vec<u8>,
}

79
third_party/rust/cose/src/decoder.rs vendored
View File

@ -4,8 +4,9 @@ use cbor::CborType;
use cbor::decoder::decode;
use {CoseError, SignatureAlgorithm};
use util::get_sig_struct_bytes;
use std::collections::BTreeMap;
const COSE_SIGN_TAG: u64 = 98;
pub const COSE_SIGN_TAG: u64 = 98;
/// The result of `decode_signature` holding a decoded COSE signature.
#[derive(Debug)]
@ -22,6 +23,9 @@ pub const COSE_TYPE_ES384: i64 = -35;
pub const COSE_TYPE_ES512: i64 = -36;
pub const COSE_TYPE_PS256: i64 = -37;
pub const COSE_HEADER_ALG: u64 = 1;
pub const COSE_HEADER_KID: u64 = 4;
macro_rules! unpack {
($to:tt, $var:ident) => (
match *$var {
@ -33,18 +37,25 @@ macro_rules! unpack {
)
}
fn get_map_value(map: &CborType, key: &CborType) -> Result<CborType, CoseError> {
match *map {
CborType::Map(ref values) => {
match values.get(key) {
Some(x) => Ok(x.clone()),
_ => Err(CoseError::MissingHeader),
}
}
_ => Err(CoseError::UnexpectedType),
fn get_map_value(
map: &BTreeMap<CborType, CborType>,
key: &CborType,
) -> Result<CborType, CoseError> {
match map.get(key) {
Some(x) => Ok(x.clone()),
_ => Err(CoseError::MissingHeader),
}
}
/// Ensure that the referenced `CborType` is an empty map.
fn ensure_empty_map(map: &CborType) -> Result<(), CoseError> {
let unpacked = unpack!(Map, map);
if !unpacked.is_empty() {
return Err(CoseError::MalformedInput);
}
Ok(())
}
// This syntax is a little unintuitive. Taken together, the two previous definitions essentially
// mean:
//
@ -85,11 +96,18 @@ fn decode_signature_struct(
let protected_signature_header_bytes = unpack!(Bytes, protected_signature_header_serialized);
// Parse the protected signature header.
let protected_signature_header = match decode(&protected_signature_header_bytes) {
let protected_signature_header = &match decode(protected_signature_header_bytes) {
Err(_) => return Err(CoseError::DecodingFailure),
Ok(value) => value,
};
let signature_algorithm = get_map_value(&protected_signature_header, &CborType::Integer(1))?;
let protected_signature_header = unpack!(Map, protected_signature_header);
if protected_signature_header.len() != 2 {
return Err(CoseError::MalformedInput);
}
let signature_algorithm = get_map_value(
protected_signature_header,
&CborType::Integer(COSE_HEADER_ALG),
)?;
let signature_algorithm = match signature_algorithm {
CborType::SignedInteger(val) => {
match val {
@ -103,9 +121,15 @@ fn decode_signature_struct(
_ => return Err(CoseError::UnexpectedType),
};
let ee_cert = &get_map_value(&protected_signature_header, &CborType::Integer(4))?;
let ee_cert = &get_map_value(
protected_signature_header,
&CborType::Integer(COSE_HEADER_KID),
)?;
let ee_cert = unpack!(Bytes, ee_cert).clone();
// The unprotected header section is expected to be an empty map.
ensure_empty_map(&cose_signature[1])?;
// Build signature structure to verify.
let signature_bytes = &cose_signature[2];
let signature_bytes = unpack!(Bytes, signature_bytes).clone();
@ -116,12 +140,21 @@ fn decode_signature_struct(
);
// Read intermediate certificates from protected_body_head.
let protected_body_head = unpack!(Bytes, protected_body_head);
let protected_body_head_map = match decode(protected_body_head) {
// Any tampering of the protected header during transport will be detected
// because it is input to the signature verification.
// Note that a protected header has to be present and hold a kid with an
// empty list of intermediate certificates.
let protected_body_head_bytes = unpack!(Bytes, protected_body_head);
let protected_body_head_map = &match decode(protected_body_head_bytes) {
Ok(value) => value,
Err(_) => return Err(CoseError::DecodingFailure),
};
let intermediate_certs_array = &get_map_value(&protected_body_head_map, &CborType::Integer(4))?;
let protected_body_head_map = unpack!(Map, protected_body_head_map);
if protected_body_head_map.len() != 1 {
return Err(CoseError::MalformedInput);
}
let intermediate_certs_array =
&get_map_value(protected_body_head_map, &CborType::Integer(COSE_HEADER_KID))?;
let intermediate_certs = unpack!(Array, intermediate_certs_array);
let mut certs: Vec<Vec<u8>> = Vec::new();
for cert in intermediate_certs {
@ -154,7 +187,7 @@ fn decode_signature_struct(
///```
pub fn decode_signature(bytes: &[u8], payload: &[u8]) -> Result<Vec<CoseSignature>, CoseError> {
// This has to be a COSE_Sign object, which is a tagged array.
let tagged_cose_sign = match decode(&bytes) {
let tagged_cose_sign = match decode(bytes) {
Err(_) => return Err(CoseError::DecodingFailure),
Ok(value) => value,
};
@ -173,6 +206,16 @@ pub fn decode_signature(bytes: &[u8], payload: &[u8]) -> Result<Vec<CoseSignatur
if cose_sign_array.len() != 4 {
return Err(CoseError::MalformedInput);
}
// The unprotected header section is expected to be an empty map.
ensure_empty_map(&cose_sign_array[1])?;
// The payload is expected to be Null (i.e. this is a detached signature).
match cose_sign_array[2] {
CborType::Null => {}
_ => return Err(CoseError::UnexpectedType),
};
let signatures = &cose_sign_array[3];
let signatures = unpack!(Array, signatures);
@ -183,7 +226,7 @@ pub fn decode_signature(bytes: &[u8], payload: &[u8]) -> Result<Vec<CoseSignatur
}
let mut result = Vec::new();
for cose_signature in signatures {
// cose_sign_array holds the protected body header.
// cose_sign_array[0] holds the protected body header.
let signature = decode_signature_struct(cose_signature, payload, &cose_sign_array[0])?;
result.push(signature);
}

630
third_party/rust/cose/src/test_cose.rs vendored
View File

@ -1,8 +1,8 @@
use test_setup as test;
use util_test::{sign, verify_signature};
use {CoseError, SignatureAlgorithm, SignatureParameters};
use std::str::FromStr;
use decoder::decode_signature;
use {CoseError, SignatureAlgorithm};
use decoder::{COSE_HEADER_ALG, COSE_HEADER_KID, COSE_SIGN_TAG, COSE_TYPE_ES256, decode_signature};
use cbor::CborType;
use std::collections::BTreeMap;
#[test]
fn test_cose_decode() {
@ -15,216 +15,482 @@ fn test_cose_decode() {
assert_eq!(cose_signatures[0].certs[1], test::P256_INT.to_vec());
}
// All keys here are from pykey.py/pycert.py from mozilla-central.
// Certificates can be generated with tools/certs/certs.sh and mozilla-central.
const P256_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::P256_EE,
algorithm: SignatureAlgorithm::ES256,
pkcs8: &test::PKCS8_P256_EE,
};
const P384_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::P384_EE,
algorithm: SignatureAlgorithm::ES384,
pkcs8: &test::PKCS8_P384_EE,
};
const P521_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::P521_EE,
algorithm: SignatureAlgorithm::ES512,
pkcs8: &test::PKCS8_P521_EE,
};
#[cfg(test)]
fn test_verify(payload: &[u8], cert_chain: &[&[u8]], params_vec: Vec<SignatureParameters>) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let cose_signature = cose_signature.unwrap();
// Verify signature.
assert!(verify_signature(payload, cose_signature).is_ok());
fn test_cose_format_error(bytes: &[u8], expected_error: CoseError) {
let payload = vec![0];
let result = decode_signature(bytes, &payload);
assert!(result.is_err());
assert_eq!(result.err(), Some(expected_error));
}
#[cfg(test)]
fn test_verify_modified_payload(
payload: &mut [u8],
cert_chain: &[&[u8]],
params_vec: Vec<SignatureParameters>,
) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let cose_signature = cose_signature.unwrap();
// Verify signature.
payload[0] = !payload[0];
let verify_result = verify_signature(payload, cose_signature);
assert!(verify_result.is_err());
assert_eq!(verify_result, Err(CoseError::VerificationFailed));
// Helper function to take a `Vec<CborType>`, wrap it in a `CborType::Array`, tag it with the
// COSE_Sign tag (COSE_SIGN_TAG = 98), and serialize it to a `Vec<u8>`.
fn wrap_tag_and_encode_array(array: Vec<CborType>) -> Vec<u8> {
CborType::Tag(COSE_SIGN_TAG, Box::new(CborType::Array(array))).serialize()
}
#[cfg(test)]
fn test_verify_modified_signature(
payload: &[u8],
cert_chain: &[&[u8]],
params_vec: Vec<SignatureParameters>,
) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let mut cose_signature = cose_signature.unwrap();
// Tamper with the cose signature.
let len = cose_signature.len();
cose_signature[len - 15] = !cose_signature[len - 15];
// Verify signature.
let verify_result = verify_signature(payload, cose_signature);
assert!(verify_result.is_err());
assert_eq!(verify_result, Err(CoseError::VerificationFailed));
// Helper function to create an encoded protected header for a COSE_Sign or COSE_Signature
// structure.
fn encode_test_protected_header(keys: Vec<CborType>, values: Vec<CborType>) -> Vec<u8> {
assert_eq!(keys.len(), values.len());
let mut map: BTreeMap<CborType, CborType> = BTreeMap::new();
for (key, value) in keys.iter().zip(values) {
map.insert(key.clone(), value.clone());
}
CborType::Map(map).serialize()
}
// This can be used with inconsistent parameters that make the verification fail.
// In particular, the signing key does not match the certificate used to verify.
#[cfg(test)]
fn test_verify_verification_fails(
payload: &[u8],
cert_chain: &[&[u8]],
params_vec: Vec<SignatureParameters>,
) {
test::setup();
let cose_signature = sign(payload, cert_chain, &params_vec);
assert!(cose_signature.is_ok());
let cose_signature = cose_signature.unwrap();
// Helper function to create a test COSE_Signature structure with the given protected header.
fn build_test_cose_signature(protected_header: Vec<u8>) -> CborType {
CborType::Array(vec![CborType::Bytes(protected_header),
CborType::Map(BTreeMap::new()),
CborType::Bytes(Vec::new())])
}
// Verify signature.
let verify_result = verify_signature(payload, cose_signature);
assert!(verify_result.is_err());
assert_eq!(verify_result, Err(CoseError::VerificationFailed));
// Helper function to create the minimally-valid COSE_Sign (i.e. "body") protected header.
fn make_minimally_valid_cose_sign_protected_header() -> Vec<u8> {
encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_KID)],
vec![CborType::Array(Vec::new())],
)
}
// Helper function to create a minimally-valid COSE_Signature (i.e. "body").
fn make_minimally_valid_cose_signature_protected_header() -> Vec<u8> {
encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_ALG),
CborType::Integer(COSE_HEADER_KID)],
vec![CborType::SignedInteger(COSE_TYPE_ES256),
CborType::Bytes(Vec::new())],
)
}
// This tests the minimally-valid COSE_Sign structure according to this implementation.
// The structure must be a CBOR array of length 4 tagged with the integer 98.
// The COSE_Sign protected header must have the `kid` integer key and no others. The value for `kid`
// must be an array (although it may be empty). Each element of the array must be of type bytes.
// The COSE_Sign unprotected header must be an empty map.
// The COSE_Sign payload must be nil.
// The COSE_Sign signatures must be an array with at least one COSE_Signature.
// Each COSE_Signature must be an array of length 3.
// Each COSE_Signature protected header must have the `alg` and `kid` integer keys and no others.
// The value for `alg` must be a valid algorithm identifier. The value for `kid` must be bytes,
// although it may be empty.
// Each COSE_Signature unprotected header must be an empty map.
// Each COSE_Signature signature must be of type bytes (although it may be empty).
#[test]
fn test_cose_sign_minimally_valid() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
let payload = vec![0];
let result = decode_signature(&bytes, &payload);
assert!(result.is_ok());
let decoded = result.unwrap();
assert_eq!(decoded.len(), 1);
assert_eq!(decoded[0].signer_cert.len(), 0);
assert_eq!(decoded[0].certs.len(), 0);
}
#[test]
fn test_cose_sign_verify() {
let payload = b"This is the content.";
// P256
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params_vec = vec![P256_PARAMS];
test_verify(payload, &certs, params_vec);
// P384
let params_vec = vec![P384_PARAMS];
test_verify(payload, &certs, params_vec);
// P521
let params_vec = vec![P521_PARAMS];
test_verify(payload, &certs, params_vec);
fn test_cose_sign_not_tagged() {
let bytes = CborType::Array(vec![CborType::Integer(0)]).serialize();
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_sign_verify_modified_payload() {
let mut payload = String::from_str("This is the content.")
.unwrap()
.into_bytes();
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params_vec = vec![P256_PARAMS];
test_verify_modified_payload(&mut payload, &certs, params_vec);
fn test_cose_sign_wrong_tag() {
// The expected COSE_Sign tag is 98.
let bytes = CborType::Tag(99, Box::new(CborType::Integer(0))).serialize();
test_cose_format_error(&bytes, CoseError::UnexpectedTag);
}
#[test]
fn test_cose_sign_verify_wrong_cert() {
let payload = b"This is the content.";
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params = SignatureParameters {
certificate: &test::P384_EE,
algorithm: SignatureAlgorithm::ES256,
pkcs8: &test::PKCS8_P256_EE,
};
let params_vec = vec![params];
test_verify_verification_fails(payload, &certs, params_vec);
fn test_cose_sign_right_tag_wrong_contents() {
// The COSE_Sign tag is 98, but the contents should be an array.
let bytes = CborType::Tag(98, Box::new(CborType::Integer(0))).serialize();
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_sign_verify_tampered_signature() {
let payload = b"This is the content.";
let certs: [&[u8]; 2] = [&test::P256_ROOT,
&test::P256_INT];
let params_vec = vec![P256_PARAMS];
test_verify_modified_signature(payload, &certs, params_vec);
}
const RSA_PARAMS: SignatureParameters = SignatureParameters {
certificate: &test::RSA_EE,
algorithm: SignatureAlgorithm::PS256,
pkcs8: &test::PKCS8_RSA_EE,
};
#[test]
fn test_cose_sign_verify_rsa() {
let payload = b"This is the RSA-signed content.";
let certs: [&[u8]; 2] = [&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![RSA_PARAMS];
test_verify(payload, &certs, params_vec);
fn test_cose_sign_too_small() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_sign_verify_rsa_modified_payload() {
let mut payload = String::from_str("This is the RSA-signed content.")
.unwrap()
.into_bytes();
let certs: [&[u8]; 2] = [&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![RSA_PARAMS];
test_verify_modified_payload(&mut payload, &certs, params_vec);
fn test_cose_sign_too_large() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(Vec::new()),
CborType::Array(Vec::new())];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_sign_verify_rsa_tampered_signature() {
let payload = b"This is the RSA-signed content.";
let certs: [&[u8]; 2] = [&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![RSA_PARAMS];
test_verify_modified_signature(payload, &certs, params_vec);
fn test_cose_sign_protected_header_empty() {
let body_protected_header = encode_test_protected_header(Vec::new(), Vec::new());
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_sign_verify_two_signatures() {
let payload = b"This is the content.";
let certs: [&[u8]; 4] = [&test::P256_ROOT,
&test::P256_INT,
&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![P256_PARAMS,
RSA_PARAMS];
test_verify(payload, &certs, params_vec);
fn test_cose_sign_protected_header_missing_kid() {
let body_protected_header =
encode_test_protected_header(vec![CborType::Integer(2)], vec![CborType::Integer(2)]);
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MissingHeader);
}
#[test]
fn test_cose_sign_verify_two_signatures_tampered_payload() {
let mut payload = String::from_str("This is the content.")
.unwrap()
.into_bytes();
let certs: [&[u8]; 4] = [&test::P256_ROOT,
&test::P256_INT,
&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![P256_PARAMS,
RSA_PARAMS];
test_verify_modified_payload(&mut payload, &certs, params_vec);
fn test_cose_sign_protected_header_kid_wrong_type() {
let body_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_KID)],
vec![CborType::Integer(2)],
);
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_sign_verify_two_signatures_tampered_signature() {
let payload = b"This is the content.";
let certs: [&[u8]; 4] = [&test::P256_ROOT,
&test::P256_INT,
&test::RSA_ROOT,
&test::RSA_INT];
let params_vec = vec![P256_PARAMS,
RSA_PARAMS];
test_verify_modified_signature(payload, &certs, params_vec);
fn test_cose_sign_protected_header_extra_header_key() {
let body_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_KID),
CborType::Integer(2)],
vec![CborType::Bytes(Vec::new()),
CborType::Integer(2)],
);
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_sign_unprotected_header_wrong_type() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Integer(1),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_sign_unprotected_header_not_empty() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let mut unprotected_header_map: BTreeMap<CborType, CborType> = BTreeMap::new();
unprotected_header_map.insert(CborType::Integer(0), CborType::SignedInteger(-1));
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(unprotected_header_map),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_sign_payload_not_null() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Integer(0),
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_signatures_not_array() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Integer(0)];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_signatures_empty() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(Vec::new())];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_signature_protected_header_wrong_type() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature = CborType::Array(vec![CborType::Null,
CborType::Map(BTreeMap::new()),
CborType::SignedInteger(-1)]);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_signature_protected_header_empty() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(Vec::new(), Vec::new());
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_signature_protected_header_too_large() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = CborType::Array(vec![CborType::Bytes(signature_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Bytes(Vec::new()),
CborType::Null]);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_signature_protected_header_bad_encoding() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
// The bytes here are a truncated integer encoding.
let signature = CborType::Array(vec![CborType::Bytes(vec![0x1a, 0x00, 0x00]),
CborType::Map(BTreeMap::new()),
CborType::Bytes(Vec::new())]);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::DecodingFailure);
}
#[test]
fn test_cose_signature_protected_header_missing_alg() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::Integer(2),
CborType::Integer(COSE_HEADER_KID)],
vec![CborType::SignedInteger(COSE_TYPE_ES256),
CborType::Bytes(Vec::new())],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MissingHeader);
}
#[test]
fn test_cose_signature_protected_header_missing_kid() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_ALG),
CborType::Integer(3)],
vec![CborType::SignedInteger(COSE_TYPE_ES256),
CborType::Bytes(Vec::new())],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MissingHeader);
}
#[test]
fn test_cose_signature_protected_header_wrong_key_types() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::SignedInteger(-1),
CborType::Bytes(vec![0])],
vec![CborType::SignedInteger(COSE_TYPE_ES256),
CborType::Bytes(Vec::new())],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MissingHeader);
}
#[test]
fn test_cose_signature_protected_header_unexpected_alg_type() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_ALG),
CborType::Integer(COSE_HEADER_KID)],
vec![CborType::Integer(10),
CborType::Integer(4)],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_signature_protected_header_unsupported_alg() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_ALG),
CborType::Integer(COSE_HEADER_KID)],
vec![CborType::SignedInteger(-10),
CborType::Bytes(Vec::new())],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedHeaderValue);
}
#[test]
fn test_cose_signature_protected_header_unexpected_kid_type() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_ALG),
CborType::Integer(COSE_HEADER_KID)],
vec![CborType::SignedInteger(COSE_TYPE_ES256),
CborType::Integer(0)],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_signature_protected_header_extra_key() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = encode_test_protected_header(
vec![CborType::Integer(COSE_HEADER_ALG),
CborType::Integer(COSE_HEADER_KID),
CborType::Integer(5)],
vec![CborType::SignedInteger(COSE_TYPE_ES256),
CborType::Bytes(Vec::new()),
CborType::Integer(5)],
);
let signature = build_test_cose_signature(signature_protected_header);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_signature_unprotected_header_wrong_type() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = CborType::Array(vec![CborType::Bytes(signature_protected_header),
CborType::Integer(1),
CborType::Bytes(Vec::new())]);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}
#[test]
fn test_cose_signature_unprotected_header_not_empty() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let mut unprotected_header_map: BTreeMap<CborType, CborType> = BTreeMap::new();
unprotected_header_map.insert(CborType::Integer(0), CborType::SignedInteger(-1));
let signature = CborType::Array(vec![CborType::Bytes(signature_protected_header),
CborType::Map(unprotected_header_map),
CborType::Bytes(Vec::new())]);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::MalformedInput);
}
#[test]
fn test_cose_signature_signature_wrong_type() {
let body_protected_header = make_minimally_valid_cose_sign_protected_header();
let signature_protected_header = make_minimally_valid_cose_signature_protected_header();
let signature = CborType::Array(vec![CborType::Bytes(signature_protected_header),
CborType::Map(BTreeMap::new()),
CborType::SignedInteger(-1)]);
let values = vec![CborType::Bytes(body_protected_header),
CborType::Map(BTreeMap::new()),
CborType::Null,
CborType::Array(vec![signature])];
let bytes = wrap_tag_and_encode_array(values);
test_cose_format_error(&bytes, CoseError::UnexpectedType);
}

477
third_party/rust/cose/src/test_setup.rs vendored
View File

@ -1,182 +1,3 @@
use std::os::raw;
use std::ptr;
use std::sync::{ONCE_INIT, Once};
static START: Once = ONCE_INIT;
type SECStatus = raw::c_int;
const SEC_SUCCESS: SECStatus = 0;
// TODO: ugh this will probably have a platform-specific name...
#[link(name = "nss3")]
extern "C" {
fn NSS_NoDB_Init(configdir: *const u8) -> SECStatus;
}
pub fn setup() {
START.call_once(|| {
let null_ptr: *const u8 = ptr::null();
unsafe {
assert_eq!(NSS_NoDB_Init(null_ptr), SEC_SUCCESS);
}
});
}
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_P256_EE: [u8; 139] = [
0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a,
0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02, 0x01,
0x01, 0x04, 0x20, 0x21, 0x91, 0x40, 0x3d, 0x57, 0x10, 0xbf, 0x15,
0xa2, 0x65, 0x81, 0x8c, 0xd4, 0x2e, 0xd6, 0xfe, 0xdf, 0x09, 0xad,
0xd9, 0x2d, 0x78, 0xb1, 0x8e, 0x7a, 0x1e, 0x9f, 0xeb, 0x95, 0x52,
0x47, 0x02, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf, 0xbb,
0xbb, 0x61, 0xe0, 0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac, 0x87,
0x04, 0xe2, 0xec, 0x05, 0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e, 0x92,
0x3f, 0x2c, 0x4f, 0x79, 0x4b, 0x45, 0x5c, 0x2a, 0x69, 0xd2, 0x33,
0x45, 0x6c, 0x36, 0xc4, 0x11, 0x9d, 0x07, 0x06, 0xe0, 0x0e, 0xed,
0xc8, 0xd1, 0x93, 0x90, 0xd7, 0x99, 0x1b, 0x7b, 0x2d, 0x07, 0xa3,
0x04, 0xea, 0xa0, 0x4a, 0xa6, 0xc0, 0x0a
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P256_EE: [u8; 300] = [
0x30, 0x82, 0x01, 0x28, 0x30, 0x81, 0xcf, 0xa0, 0x03, 0x02, 0x01, 0x02,
0x02, 0x14, 0x2f, 0xc3, 0x5f, 0x05, 0x80, 0xb4, 0x49, 0x45, 0x13, 0x92,
0xd6, 0x93, 0xb7, 0x2d, 0x71, 0x19, 0xc5, 0x8c, 0x40, 0x39, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x13,
0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x69,
0x6e, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f, 0x32,
0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30, 0x30,
0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33, 0x31,
0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30,
0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x65, 0x65, 0x2d, 0x70,
0x32, 0x35, 0x36, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03,
0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xbf, 0xbb, 0xbb, 0x61, 0xe0,
0xf8, 0xf9, 0xb1, 0xa6, 0x0a, 0x59, 0xac, 0x87, 0x04, 0xe2, 0xec, 0x05,
0x0b, 0x42, 0x3e, 0x3c, 0xf7, 0x2e, 0x92, 0x3f, 0x2c, 0x4f, 0x79, 0x4b,
0x45, 0x5c, 0x2a, 0x69, 0xd2, 0x33, 0x45, 0x6c, 0x36, 0xc4, 0x11, 0x9d,
0x07, 0x06, 0xe0, 0x0e, 0xed, 0xc8, 0xd1, 0x93, 0x90, 0xd7, 0x99, 0x1b,
0x7b, 0x2d, 0x07, 0xa3, 0x04, 0xea, 0xa0, 0x4a, 0xa6, 0xc0, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48,
0x00, 0x30, 0x45, 0x02, 0x20, 0x5c, 0x75, 0x51, 0x9f, 0x13, 0x11, 0x50,
0xcd, 0x5d, 0x8a, 0xde, 0x20, 0xa3, 0xbc, 0x06, 0x30, 0x91, 0xff, 0xb2,
0x73, 0x75, 0x5f, 0x31, 0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70,
0xe6, 0x02, 0x21, 0x00, 0xff, 0x81, 0xbe, 0xa8, 0x0d, 0x03, 0x36, 0x6b,
0x75, 0xe2, 0x70, 0x6a, 0xac, 0x07, 0x2e, 0x4c, 0xdc, 0xf9, 0xc5, 0x89,
0xc1, 0xcf, 0x88, 0xc2, 0xc8, 0x2a, 0x32, 0xf5, 0x42, 0x0c, 0xfa, 0x0b
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_P384_EE: [u8; 185] = [
0x30, 0x81, 0xb6, 0x02, 0x01, 0x00, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
0x04, 0x81, 0x9e, 0x30, 0x81, 0x9b, 0x02, 0x01, 0x01, 0x04, 0x30, 0x03,
0x5c, 0x7a, 0x1b, 0x10, 0xd9, 0xfa, 0xfe, 0x83, 0x7b, 0x64, 0xad, 0x92,
0xf2, 0x2f, 0x5c, 0xed, 0x07, 0x89, 0x18, 0x65, 0x38, 0x66, 0x9b, 0x5c,
0x6d, 0x87, 0x2c, 0xec, 0x3d, 0x92, 0x61, 0x22, 0xb3, 0x93, 0x77, 0x2b,
0x57, 0x60, 0x2f, 0xf3, 0x13, 0x65, 0xef, 0xe1, 0x39, 0x32, 0x46, 0xa1,
0x64, 0x03, 0x62, 0x00, 0x04, 0xa1, 0x68, 0x72, 0x43, 0x36, 0x2b, 0x5c,
0x7b, 0x18, 0x89, 0xf3, 0x79, 0x15, 0x46, 0x15, 0xa1, 0xc7, 0x3f, 0xb4,
0x8d, 0xee, 0x86, 0x3e, 0x02, 0x29, 0x15, 0xdb, 0x60, 0x8e, 0x25, 0x2d,
0xe4, 0xb7, 0x13, 0x2d, 0xa8, 0xce, 0x98, 0xe8, 0x31, 0x53, 0x4e, 0x6a,
0x9c, 0x0c, 0x0b, 0x09, 0xc8, 0xd6, 0x39, 0xad, 0xe8, 0x32, 0x06, 0xe5,
0xba, 0x81, 0x34, 0x73, 0xa1, 0x1f, 0xa3, 0x30, 0xe0, 0x5d, 0xa8, 0xc9,
0x6e, 0x43, 0x83, 0xfe, 0x27, 0x87, 0x3d, 0xa9, 0x71, 0x03, 0xbe, 0x28,
0x88, 0xcf, 0xf0, 0x02, 0xf0, 0x5a, 0xf7, 0x1a, 0x1f, 0xdd, 0xcc, 0x83,
0x74, 0xaa, 0x6e, 0xa9, 0xce
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_P521_EE: [u8; 240] = [
0x30, 0x81, 0xed, 0x02, 0x01, 0x00, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23,
0x04, 0x81, 0xd5, 0x30, 0x81, 0xd2, 0x02, 0x01, 0x01, 0x04, 0x42, 0x01,
0x4f, 0x32, 0x84, 0xfa, 0x69, 0x8d, 0xd9, 0xfe, 0x11, 0x18, 0xdd, 0x33,
0x18, 0x51, 0xcd, 0xfa, 0xac, 0x5a, 0x38, 0x29, 0x27, 0x8e, 0xb8, 0x99,
0x48, 0x39, 0xde, 0x94, 0x71, 0xc9, 0x40, 0xb8, 0x58, 0xc6, 0x9d, 0x2d,
0x05, 0xe8, 0xc0, 0x17, 0x88, 0xa7, 0xd0, 0xb6, 0xe2, 0x35, 0xaa, 0x5e,
0x78, 0x3f, 0xc1, 0xbe, 0xe8, 0x07, 0xdc, 0xc3, 0x86, 0x5f, 0x92, 0x0e,
0x12, 0xcf, 0x8f, 0x2d, 0x29, 0xa1, 0x81, 0x88, 0x03, 0x81, 0x85, 0x00,
0x04, 0x18, 0x94, 0x55, 0x0d, 0x07, 0x85, 0x93, 0x2e, 0x00, 0xea, 0xa2,
0x3b, 0x69, 0x4f, 0x21, 0x3f, 0x8c, 0x31, 0x21, 0xf8, 0x6d, 0xc9, 0x7a,
0x04, 0xe5, 0xa7, 0x16, 0x7d, 0xb4, 0xe5, 0xbc, 0xd3, 0x71, 0x12, 0x3d,
0x46, 0xe4, 0x5d, 0xb6, 0xb5, 0xd5, 0x37, 0x0a, 0x7f, 0x20, 0xfb, 0x63,
0x31, 0x55, 0xd3, 0x8f, 0xfa, 0x16, 0xd2, 0xbd, 0x76, 0x1d, 0xca, 0xc4,
0x74, 0xb9, 0xa2, 0xf5, 0x02, 0x3a, 0x40, 0x49, 0x31, 0x01, 0xc9, 0x62,
0xcd, 0x4d, 0x2f, 0xdd, 0xf7, 0x82, 0x28, 0x5e, 0x64, 0x58, 0x41, 0x39,
0xc2, 0xf9, 0x1b, 0x47, 0xf8, 0x7f, 0xf8, 0x23, 0x54, 0xd6, 0x63, 0x0f,
0x74, 0x6a, 0x28, 0xa0, 0xdb, 0x25, 0x74, 0x1b, 0x5b, 0x34, 0xa8, 0x28,
0x00, 0x8b, 0x22, 0xac, 0xc2, 0x3f, 0x92, 0x4f, 0xaa, 0xfb, 0xd4, 0xd3,
0x3f, 0x81, 0xea, 0x66, 0x95, 0x6d, 0xfe, 0xaa, 0x2b, 0xfd, 0xfc, 0xf5
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P521_EE: [u8; 367] = [
0x30, 0x82, 0x01, 0x6b, 0x30, 0x82, 0x01, 0x12, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x49, 0xdb, 0x7d, 0xec, 0x87, 0x2b, 0x95, 0xfc, 0xfb,
0x57, 0xfb, 0xc8, 0xd5, 0x57, 0xb7, 0x3a, 0x10, 0xcc, 0xf1, 0x7a, 0x30,
0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30,
0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08,
0x69, 0x6e, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f,
0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31, 0x10,
0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x65, 0x65, 0x2d,
0x70, 0x35, 0x32, 0x31, 0x30, 0x81, 0x9b, 0x30, 0x10, 0x06, 0x07, 0x2a,
0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00,
0x23, 0x03, 0x81, 0x86, 0x00, 0x04, 0x01, 0x4c, 0xdc, 0x9c, 0xac, 0xc4,
0x79, 0x41, 0x09, 0x6b, 0xc9, 0xcc, 0x66, 0x75, 0x2e, 0xc2, 0x7f, 0x59,
0x77, 0x34, 0xfa, 0x66, 0xc6, 0x2b, 0x79, 0x2f, 0x88, 0xc5, 0x19, 0xd6,
0xd3, 0x7f, 0x0d, 0x16, 0xea, 0x1c, 0x48, 0x3a, 0x18, 0x27, 0xa0, 0x10,
0xb9, 0x12, 0x8e, 0x3a, 0x08, 0x07, 0x0c, 0xa3, 0x3e, 0xf5, 0xf5, 0x78,
0x35, 0xb7, 0xc1, 0xba, 0x25, 0x1f, 0x6c, 0xc3, 0x52, 0x1d, 0xc4, 0x2b,
0x01, 0x06, 0x53, 0x45, 0x19, 0x81, 0xb4, 0x45, 0xd3, 0x43, 0xee, 0xd3,
0x78, 0x2a, 0x35, 0xd6, 0xcf, 0xf0, 0xff, 0x48, 0x4f, 0x5a, 0x88, 0x3d,
0x20, 0x9f, 0x1b, 0x90, 0x42, 0xb7, 0x26, 0x70, 0x35, 0x68, 0xb2, 0xf3,
0x26, 0xe1, 0x8b, 0x83, 0x3b, 0xdd, 0x8a, 0xa0, 0x73, 0x43, 0x92, 0xbc,
0xd1, 0x95, 0x01, 0xe1, 0x0d, 0x69, 0x8a, 0x79, 0xf5, 0x3e, 0x11, 0xe0,
0xa2, 0x2b, 0xdd, 0x2a, 0xad, 0x90, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02,
0x20, 0x5c, 0x75, 0x51, 0x9f, 0x13, 0x11, 0x50, 0xcd, 0x5d, 0x8a, 0xde,
0x20, 0xa3, 0xbc, 0x06, 0x30, 0x91, 0xff, 0xb2, 0x73, 0x75, 0x5f, 0x31,
0x64, 0xec, 0xfd, 0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02, 0x20, 0x35,
0x20, 0x7c, 0xff, 0x51, 0xf6, 0x68, 0xce, 0x1d, 0x00, 0xf9, 0xcc, 0x7f,
0xa7, 0xbc, 0x79, 0x52, 0xea, 0x56, 0xdf, 0xc1, 0x46, 0x7c, 0x0c, 0xa1,
0x2e, 0x32, 0xb1, 0x69, 0x4b, 0x20, 0xc4
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P384_EE: [u8; 329] = [
0x30, 0x82, 0x01, 0x45, 0x30, 0x81, 0xec, 0xa0, 0x03, 0x02, 0x01, 0x02,
0x02, 0x14, 0x79, 0xe3, 0x1c, 0x60, 0x97, 0xa4, 0x3c, 0x3b, 0x82, 0x11,
0x42, 0x37, 0xaf, 0x57, 0x05, 0xa8, 0xde, 0xd3, 0x40, 0x58, 0x30, 0x0a,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x13,
0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x69,
0x6e, 0x74, 0x2d, 0x70, 0x32, 0x35, 0x36, 0x30, 0x22, 0x18, 0x0f, 0x32,
0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30, 0x30,
0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33, 0x31,
0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30,
0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x65, 0x65, 0x2d, 0x70,
0x33, 0x38, 0x34, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 0x03,
0x62, 0x00, 0x04, 0xa1, 0x68, 0x72, 0x43, 0x36, 0x2b, 0x5c, 0x7b, 0x18,
0x89, 0xf3, 0x79, 0x15, 0x46, 0x15, 0xa1, 0xc7, 0x3f, 0xb4, 0x8d, 0xee,
0x86, 0x3e, 0x02, 0x29, 0x15, 0xdb, 0x60, 0x8e, 0x25, 0x2d, 0xe4, 0xb7,
0x13, 0x2d, 0xa8, 0xce, 0x98, 0xe8, 0x31, 0x53, 0x4e, 0x6a, 0x9c, 0x0c,
0x0b, 0x09, 0xc8, 0xd6, 0x39, 0xad, 0xe8, 0x32, 0x06, 0xe5, 0xba, 0x81,
0x34, 0x73, 0xa1, 0x1f, 0xa3, 0x30, 0xe0, 0x5d, 0xa8, 0xc9, 0x6e, 0x43,
0x83, 0xfe, 0x27, 0x87, 0x3d, 0xa9, 0x71, 0x03, 0xbe, 0x28, 0x88, 0xcf,
0xf0, 0x02, 0xf0, 0x5a, 0xf7, 0x1a, 0x1f, 0xdd, 0xcc, 0x83, 0x74, 0xaa,
0x6e, 0xa9, 0xce, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x5c, 0x75,
0x51, 0x9f, 0x13, 0x11, 0x50, 0xcd, 0x5d, 0x8a, 0xde, 0x20, 0xa3, 0xbc,
0x06, 0x30, 0x91, 0xff, 0xb2, 0x73, 0x75, 0x5f, 0x31, 0x64, 0xec, 0xfd,
0xcb, 0x42, 0x80, 0x0a, 0x70, 0xe6, 0x02, 0x21, 0x00, 0xf3, 0x04, 0x26,
0xf2, 0xfd, 0xbc, 0x89, 0x3f, 0x29, 0x3b, 0x70, 0xbc, 0x72, 0xa6, 0xc2,
0x23, 0xcc, 0x43, 0x4d, 0x84, 0x71, 0xaf, 0x53, 0xe4, 0x4b, 0x3e, 0xc0,
0xbf, 0xe5, 0x68, 0x86, 0x49
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const P256_INT: [u8; 332] = [
0x30, 0x82, 0x01, 0x48, 0x30, 0x81, 0xf0, 0xa0, 0x03, 0x02, 0x01,
@ -244,304 +65,6 @@ pub const P256_ROOT: [u8; 334] = [
0x54, 0xc8, 0x9f, 0xef, 0xb8, 0x5d, 0xa2, 0x40, 0xd9, 0x8b
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const PKCS8_RSA_EE: [u8; 1218] = [
0x30, 0x82, 0x04, 0xbe, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
0x04, 0xa8, 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
0x01, 0x00, 0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41, 0xfd,
0x6e, 0xb6, 0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea, 0xe4,
0x35, 0x4a, 0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1, 0xc7,
0x25, 0xa8, 0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e, 0x1a,
0x86, 0xf2, 0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71, 0x08,
0x7a, 0xa5, 0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c, 0x02,
0x7e, 0xcd, 0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93, 0xab,
0x20, 0xc3, 0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e, 0xed,
0x15, 0x82, 0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02, 0x3a,
0x8b, 0x2a, 0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd, 0x66,
0x0b, 0x2b, 0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79, 0x90,
0xb1, 0x57, 0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f, 0xa8,
0x37, 0xd3, 0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66, 0x5a,
0xaa, 0x7e, 0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24, 0xcc,
0x1c, 0x6c, 0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12, 0xc0,
0x75, 0x31, 0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad, 0x1d,
0x25, 0xd3, 0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3, 0x7b,
0x2f, 0x22, 0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee, 0x26,
0xd6, 0x25, 0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24, 0x04,
0x2c, 0xbf, 0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31, 0xb8,
0xb3, 0xfe, 0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03, 0xac,
0xda, 0x18, 0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
0x82, 0x01, 0x01, 0x00, 0x9e, 0xcb, 0xce, 0x38, 0x61, 0xa4, 0x54, 0xec,
0xb1, 0xe0, 0xfe, 0x8f, 0x85, 0xdd, 0x43, 0xc9, 0x2f, 0x58, 0x25, 0xce,
0x2e, 0x99, 0x78, 0x84, 0xd0, 0xe1, 0xa9, 0x49, 0xda, 0xa2, 0xc5, 0xac,
0x55, 0x9b, 0x24, 0x04, 0x50, 0xe5, 0xac, 0x9f, 0xe0, 0xc3, 0xe3, 0x1c,
0x0e, 0xef, 0xa6, 0x52, 0x5a, 0x65, 0xf0, 0xc2, 0x21, 0x94, 0x00, 0x4e,
0xe1, 0xab, 0x46, 0x3d, 0xde, 0x9e, 0xe8, 0x22, 0x87, 0xcc, 0x93, 0xe7,
0x46, 0xa9, 0x19, 0x29, 0xc5, 0xe6, 0xac, 0x3d, 0x88, 0x75, 0x3f, 0x6c,
0x25, 0xba, 0x59, 0x79, 0xe7, 0x3e, 0x5d, 0x8f, 0xb2, 0x39, 0x11, 0x1a,
0x3c, 0xda, 0xb8, 0xa4, 0xb0, 0xcd, 0xf5, 0xf9, 0xca, 0xb0, 0x5f, 0x12,
0x33, 0xa3, 0x83, 0x35, 0xc6, 0x4b, 0x55, 0x60, 0x52, 0x5e, 0x7e, 0x3b,
0x92, 0xad, 0x7c, 0x75, 0x04, 0xcf, 0x1d, 0xc7, 0xcb, 0x00, 0x57, 0x88,
0xaf, 0xcb, 0xe1, 0xe8, 0xf9, 0x5d, 0xf7, 0x40, 0x2a, 0x15, 0x15, 0x30,
0xd5, 0x80, 0x83, 0x46, 0x86, 0x4e, 0xb3, 0x70, 0xaa, 0x79, 0x95, 0x6a,
0x58, 0x78, 0x62, 0xcb, 0x53, 0x37, 0x91, 0x30, 0x7f, 0x70, 0xd9, 0x1c,
0x96, 0xd2, 0x2d, 0x00, 0x1a, 0x69, 0x00, 0x9b, 0x92, 0x3c, 0x68, 0x33,
0x88, 0xc9, 0xf3, 0x6c, 0xb9, 0xb5, 0xeb, 0xe6, 0x43, 0x02, 0x04, 0x1c,
0x78, 0xd9, 0x08, 0x20, 0x6b, 0x87, 0x00, 0x9c, 0xb8, 0xca, 0xba, 0xca,
0xd3, 0xdb, 0xdb, 0x27, 0x92, 0xfb, 0x91, 0x1b, 0x2c, 0xf4, 0xdb, 0x66,
0x03, 0x58, 0x5b, 0xe9, 0xae, 0x0c, 0xa3, 0xb8, 0xe6, 0x41, 0x7a, 0xa0,
0x4b, 0x06, 0xe4, 0x70, 0xea, 0x1a, 0x3b, 0x58, 0x1c, 0xa0, 0x3a, 0x67,
0x81, 0xc9, 0x31, 0x5b, 0x62, 0xb3, 0x0e, 0x60, 0x11, 0xf2, 0x24, 0x72,
0x59, 0x46, 0xee, 0xc5, 0x7c, 0x6d, 0x94, 0x41, 0x02, 0x81, 0x81, 0x00,
0xdd, 0x6e, 0x1d, 0x4f, 0xff, 0xeb, 0xf6, 0x8d, 0x88, 0x9c, 0x4d, 0x11,
0x4c, 0xda, 0xaa, 0x9c, 0xaa, 0x63, 0xa5, 0x93, 0x74, 0x28, 0x6c, 0x8a,
0x5c, 0x29, 0xa7, 0x17, 0xbb, 0xa6, 0x03, 0x75, 0x64, 0x4d, 0x5c, 0xaa,
0x67, 0x4c, 0x4b, 0x8b, 0xc7, 0x32, 0x63, 0x58, 0x64, 0x62, 0x20, 0xe4,
0x55, 0x0d, 0x76, 0x08, 0xac, 0x27, 0xd5, 0x5b, 0x6d, 0xb7, 0x4f, 0x8d,
0x81, 0x27, 0xef, 0x8f, 0xa0, 0x90, 0x98, 0xb6, 0x91, 0x47, 0xde, 0x06,
0x55, 0x73, 0x44, 0x7e, 0x18, 0x3d, 0x22, 0xfe, 0x7d, 0x88, 0x5a, 0xce,
0xb5, 0x13, 0xd9, 0x58, 0x1d, 0xd5, 0xe0, 0x7c, 0x1a, 0x90, 0xf5, 0xce,
0x08, 0x79, 0xde, 0x13, 0x13, 0x71, 0xec, 0xef, 0xc9, 0xce, 0x72, 0xe9,
0xc4, 0x3d, 0xc1, 0x27, 0xd2, 0x38, 0x19, 0x0d, 0xe8, 0x11, 0x77, 0x3c,
0xa5, 0xd1, 0x93, 0x01, 0xf4, 0x8c, 0x74, 0x2b, 0x02, 0x81, 0x81, 0x00,
0xd7, 0xa7, 0x73, 0xd9, 0xeb, 0xc3, 0x80, 0xa7, 0x67, 0xd2, 0xfe, 0xc0,
0x93, 0x4a, 0xd4, 0xe8, 0xb5, 0x66, 0x72, 0x40, 0x77, 0x1a, 0xcd, 0xeb,
0xb5, 0xad, 0x79, 0x6f, 0x47, 0x8f, 0xec, 0x4d, 0x45, 0x98, 0x5e, 0xfb,
0xc9, 0x53, 0x29, 0x68, 0x28, 0x9c, 0x8d, 0x89, 0x10, 0x2f, 0xad, 0xf2,
0x1f, 0x34, 0xe2, 0xdd, 0x49, 0x40, 0xeb, 0xa8, 0xc0, 0x9d, 0x6d, 0x1f,
0x16, 0xdc, 0xc2, 0x97, 0x29, 0x77, 0x4c, 0x43, 0x27, 0x5e, 0x92, 0x51,
0xdd, 0xbe, 0x49, 0x09, 0xe1, 0xfd, 0x3b, 0xf1, 0xe4, 0xbe, 0xdf, 0x46,
0xa3, 0x9b, 0x8b, 0x38, 0x33, 0x28, 0xef, 0x4a, 0xe3, 0xb9, 0x5b, 0x92,
0xf2, 0x07, 0x0a, 0xf2, 0x6c, 0x9e, 0x7c, 0x5c, 0x9b, 0x58, 0x7f, 0xed,
0xde, 0x05, 0xe8, 0xe7, 0xd8, 0x6c, 0xa5, 0x78, 0x86, 0xfb, 0x16, 0x58,
0x10, 0xa7, 0x7b, 0x98, 0x45, 0xbc, 0x31, 0x27, 0x02, 0x81, 0x81, 0x00,
0x96, 0x47, 0x2b, 0x41, 0xa6, 0x10, 0xc0, 0xad, 0xe1, 0xaf, 0x22, 0x66,
0xc1, 0x60, 0x0e, 0x36, 0x71, 0x35, 0x5b, 0xa4, 0x2d, 0x4b, 0x5a, 0x0e,
0xb4, 0xe9, 0xd7, 0xeb, 0x35, 0x81, 0x40, 0x0b, 0xa5, 0xdd, 0x13, 0x2c,
0xdb, 0x1a, 0x5e, 0x93, 0x28, 0xc7, 0xbb, 0xc0, 0xbb, 0xb0, 0x15, 0x5e,
0xa1, 0x92, 0x97, 0x2e, 0xdf, 0x97, 0xd1, 0x27, 0x51, 0xd8, 0xfc, 0xf6,
0xae, 0x57, 0x2a, 0x30, 0xb1, 0xea, 0x30, 0x9a, 0x87, 0x12, 0xdd, 0x4e,
0x33, 0x24, 0x1d, 0xb1, 0xee, 0x45, 0x5f, 0xc0, 0x93, 0xf5, 0xbc, 0x9b,
0x59, 0x2d, 0x75, 0x6e, 0x66, 0x21, 0x47, 0x4f, 0x32, 0xc0, 0x7a, 0xf2,
0x2f, 0xb2, 0x75, 0xd3, 0x40, 0x79, 0x2b, 0x32, 0xba, 0x25, 0x90, 0xbb,
0xb2, 0x61, 0xae, 0xfb, 0x95, 0xa2, 0x58, 0xee, 0xa5, 0x37, 0x65, 0x53,
0x15, 0xbe, 0x9c, 0x24, 0xd1, 0x91, 0x99, 0x2d, 0x02, 0x81, 0x80, 0x28,
0xb4, 0x50, 0xa7, 0xa7, 0x5a, 0x85, 0x64, 0x13, 0xb2, 0xbd, 0xa6, 0xf7,
0xa6, 0x3e, 0x3d, 0x96, 0x4f, 0xb9, 0xec, 0xf5, 0x0e, 0x38, 0x23, 0xef,
0x6c, 0xc8, 0xe8, 0xfa, 0x26, 0xee, 0x41, 0x3f, 0x8b, 0x9d, 0x12, 0x05,
0x54, 0x0f, 0x12, 0xbb, 0xe7, 0xa0, 0xc7, 0x68, 0x28, 0xb7, 0xba, 0x65,
0xad, 0x83, 0xcc, 0xa4, 0xd0, 0xfe, 0x2a, 0x22, 0x01, 0x14, 0xe1, 0xb3,
0x5d, 0x03, 0xd5, 0xa8, 0x5b, 0xfe, 0x27, 0x06, 0xbd, 0x50, 0xfc, 0xe6,
0xcf, 0xcd, 0xd5, 0x71, 0xb4, 0x6c, 0xa6, 0x21, 0xb8, 0xed, 0x47, 0xd6,
0x05, 0xbb, 0xe7, 0x65, 0xb0, 0xaa, 0x4a, 0x06, 0x65, 0xac, 0x25, 0x36,
0x4d, 0xa2, 0x01, 0x54, 0x03, 0x2e, 0x12, 0x04, 0xb8, 0x55, 0x9d, 0x3e,
0x34, 0xfb, 0x5b, 0x17, 0x7c, 0x9a, 0x56, 0xff, 0x93, 0x51, 0x0a, 0x5a,
0x4a, 0x62, 0x87, 0xc1, 0x51, 0xde, 0x2d, 0x02, 0x81, 0x80, 0x28, 0x06,
0x7b, 0x93, 0x55, 0x80, 0x1d, 0x2e, 0xf5, 0x2d, 0xfa, 0x96, 0xd8, 0xad,
0xb5, 0x89, 0x67, 0x3c, 0xf8, 0xee, 0x8a, 0x9c, 0x6f, 0xf7, 0x2a, 0xee,
0xab, 0xe9, 0xef, 0x6b, 0xe5, 0x8a, 0x4f, 0x4a, 0xbf, 0x05, 0xf7, 0x88,
0x94, 0x7d, 0xc8, 0x51, 0xfd, 0xaa, 0x34, 0x54, 0x21, 0x47, 0xa7, 0x1a,
0x24, 0x6b, 0xfb, 0x05, 0x4e, 0xe7, 0x6a, 0xa3, 0x46, 0xab, 0xcd, 0x26,
0x92, 0xcf, 0xc9, 0xe4, 0x4c, 0x51, 0xe6, 0xf0, 0x69, 0xc7, 0x35, 0xe0,
0x73, 0xba, 0x01, 0x9f, 0x6a, 0x72, 0x14, 0x96, 0x1c, 0x91, 0xb2, 0x68,
0x71, 0xca, 0xea, 0xbf, 0x8f, 0x06, 0x44, 0x18, 0xa0, 0x26, 0x90, 0xe3,
0x9a, 0x8d, 0x5f, 0xf3, 0x06, 0x7b, 0x7c, 0xdb, 0x7f, 0x50, 0xb1, 0xf5,
0x34, 0x18, 0xa7, 0x03, 0x96, 0x6c, 0x4f, 0xc7, 0x74, 0xbf, 0x74, 0x02,
0xaf, 0x6c, 0x43, 0x24, 0x7f, 0x43
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const RSA_EE: [u8; 691] = [
0x30, 0x82, 0x02, 0xaf, 0x30, 0x82, 0x01, 0x99, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x07, 0x1c, 0x3b, 0x71, 0x08, 0xbe, 0xd7, 0x9f, 0xfd,
0xaf, 0x26, 0xb6, 0x08, 0xa3, 0x99, 0x06, 0x77, 0x69, 0x32, 0x7e, 0x30,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x07, 0x69, 0x6e, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x22, 0x18, 0x0f,
0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x11, 0x31, 0x0f,
0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x06, 0x65, 0x65, 0x2d,
0x72, 0x73, 0x61, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82,
0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00,
0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41, 0xfd, 0x6e, 0xb6,
0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea, 0xe4, 0x35, 0x4a,
0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1, 0xc7, 0x25, 0xa8,
0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e, 0x1a, 0x86, 0xf2,
0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71, 0x08, 0x7a, 0xa5,
0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c, 0x02, 0x7e, 0xcd,
0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93, 0xab, 0x20, 0xc3,
0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e, 0xed, 0x15, 0x82,
0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02, 0x3a, 0x8b, 0x2a,
0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd, 0x66, 0x0b, 0x2b,
0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79, 0x90, 0xb1, 0x57,
0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f, 0xa8, 0x37, 0xd3,
0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66, 0x5a, 0xaa, 0x7e,
0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24, 0xcc, 0x1c, 0x6c,
0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12, 0xc0, 0x75, 0x31,
0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad, 0x1d, 0x25, 0xd3,
0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3, 0x7b, 0x2f, 0x22,
0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee, 0x26, 0xd6, 0x25,
0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24, 0x04, 0x2c, 0xbf,
0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31, 0xb8, 0xb3, 0xfe,
0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03, 0xac, 0xda, 0x18,
0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0b, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x03, 0x82,
0x01, 0x01, 0x00, 0x44, 0x92, 0xbb, 0x8e, 0x83, 0x58, 0x56, 0x2e, 0x7a,
0x86, 0xfa, 0x1d, 0x77, 0x50, 0x3f, 0x45, 0x8d, 0x90, 0xc4, 0x62, 0x27,
0x21, 0x96, 0x5a, 0xef, 0x51, 0x78, 0xd7, 0x7d, 0x0d, 0x02, 0x2d, 0x5a,
0x0e, 0x3c, 0x82, 0x6f, 0x1d, 0x92, 0x87, 0xd5, 0x1a, 0x44, 0xae, 0xa7,
0x92, 0xd1, 0x8b, 0xfa, 0x16, 0x53, 0x7f, 0xa3, 0x22, 0x96, 0x1a, 0x51,
0x8c, 0xeb, 0xa1, 0xe6, 0xf6, 0x37, 0x11, 0xfe, 0x7d, 0x53, 0x3f, 0xae,
0xf0, 0x6b, 0xb9, 0xb1, 0x7a, 0x73, 0x07, 0x14, 0xcf, 0x04, 0x05, 0x93,
0x9e, 0xe3, 0xd2, 0x4d, 0x9d, 0x6d, 0x35, 0x68, 0xf9, 0x36, 0xe5, 0x10,
0x0a, 0x36, 0xd9, 0x48, 0xb0, 0x83, 0xd0, 0xb9, 0x58, 0x74, 0x53, 0xb3,
0xbc, 0x99, 0xab, 0xe1, 0x3e, 0xd5, 0x01, 0x8e, 0xcf, 0x3a, 0x69, 0x93,
0x9e, 0xa7, 0x88, 0xd4, 0xad, 0x95, 0xf9, 0x2a, 0xb4, 0x7f, 0x95, 0x97,
0x86, 0x50, 0x38, 0xb1, 0x04, 0x0a, 0xe4, 0x7a, 0xd5, 0x2d, 0x6c, 0xde,
0x3e, 0x1a, 0x47, 0x17, 0x88, 0x63, 0x20, 0x9d, 0x21, 0x3e, 0x0c, 0x6f,
0xfd, 0x20, 0x54, 0xd0, 0x67, 0xd2, 0x6b, 0x06, 0xfe, 0x60, 0x13, 0x42,
0x3d, 0xb7, 0xca, 0xcb, 0xab, 0x7b, 0x5f, 0x5d, 0x01, 0x56, 0xd3, 0x99,
0x80, 0x0f, 0xde, 0x7f, 0x3a, 0x61, 0x9c, 0xd3, 0x6b, 0x5e, 0xfe, 0xb5,
0xfc, 0x39, 0x8b, 0x8e, 0xf0, 0x8c, 0x8b, 0x65, 0x46, 0x45, 0xff, 0x47,
0x8f, 0xd4, 0xdd, 0xae, 0xc9, 0x72, 0xc7, 0x7f, 0x28, 0x86, 0xf1, 0xf7,
0x6e, 0xcb, 0x86, 0x03, 0xeb, 0x0c, 0x46, 0xe5, 0xa0, 0x6b, 0xef, 0xd4,
0x5e, 0xa4, 0x0f, 0x53, 0xe1, 0xbc, 0xb4, 0xc9, 0x37, 0x0e, 0x75, 0xdd,
0x93, 0xe8, 0x0f, 0x18, 0x0a, 0x02, 0x83, 0x17, 0x74, 0xbb, 0x1a, 0x42,
0x5b, 0x63, 0x2c, 0x80, 0x80, 0xa6, 0x84
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const RSA_INT: [u8; 724] = [
0x30, 0x82, 0x02, 0xd0, 0x30, 0x82, 0x01, 0xba, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x07, 0x10, 0xaf, 0xc4, 0x1a, 0x3a, 0x56, 0x4f, 0xd8,
0xc2, 0xcc, 0x46, 0xd7, 0x5b, 0xdf, 0x1c, 0x4e, 0x2f, 0x49, 0x3a, 0x30,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x08, 0x72, 0x6f, 0x6f, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x22, 0x18,
0x0f, 0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30,
0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32,
0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x12, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x07, 0x69, 0x6e,
0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01,
0x01, 0x00, 0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41, 0xfd,
0x6e, 0xb6, 0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea, 0xe4,
0x35, 0x4a, 0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1, 0xc7,
0x25, 0xa8, 0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e, 0x1a,
0x86, 0xf2, 0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71, 0x08,
0x7a, 0xa5, 0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c, 0x02,
0x7e, 0xcd, 0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93, 0xab,
0x20, 0xc3, 0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e, 0xed,
0x15, 0x82, 0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02, 0x3a,
0x8b, 0x2a, 0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd, 0x66,
0x0b, 0x2b, 0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79, 0x90,
0xb1, 0x57, 0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f, 0xa8,
0x37, 0xd3, 0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66, 0x5a,
0xaa, 0x7e, 0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24, 0xcc,
0x1c, 0x6c, 0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12, 0xc0,
0x75, 0x31, 0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad, 0x1d,
0x25, 0xd3, 0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3, 0x7b,
0x2f, 0x22, 0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee, 0x26,
0xd6, 0x25, 0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24, 0x04,
0x2c, 0xbf, 0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31, 0xb8,
0xb3, 0xfe, 0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03, 0xac,
0xda, 0x18, 0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,
0x1d, 0x30, 0x1b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,
0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f,
0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x0b, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x03, 0x82, 0x01, 0x01, 0x00,
0x5e, 0xba, 0x69, 0x55, 0x9f, 0xf8, 0xeb, 0x16, 0x21, 0x98, 0xde, 0xb7,
0x31, 0x3e, 0x66, 0xe1, 0x3b, 0x0c, 0x29, 0xf7, 0x48, 0x73, 0x05, 0xd9,
0xce, 0x5e, 0x4c, 0xbe, 0x03, 0xc4, 0x51, 0xd6, 0x21, 0x92, 0x40, 0x38,
0xaa, 0x5b, 0x28, 0xb5, 0xa1, 0x10, 0x52, 0x57, 0xff, 0x91, 0x54, 0x82,
0x86, 0x9e, 0x74, 0xd5, 0x3d, 0x82, 0x29, 0xee, 0xd1, 0xcf, 0x93, 0xb1,
0x24, 0x76, 0xbb, 0x95, 0x41, 0x06, 0x7e, 0x40, 0x9b, 0xb4, 0xab, 0x44,
0x34, 0x10, 0x8f, 0xb1, 0x51, 0x6f, 0xc0, 0x89, 0xd1, 0xa3, 0xc4, 0x9f,
0xb3, 0x48, 0xe1, 0xcd, 0x73, 0xad, 0xff, 0x42, 0x5f, 0x76, 0x05, 0x60,
0xc5, 0xe0, 0x45, 0x79, 0x18, 0xa1, 0x19, 0xb8, 0xa7, 0x3a, 0x64, 0xb3,
0x19, 0xba, 0x14, 0xa1, 0xb5, 0xdc, 0x32, 0xec, 0x09, 0x39, 0x58, 0x54,
0x5b, 0x04, 0xdc, 0x1b, 0x66, 0x0d, 0x1d, 0x0d, 0xce, 0x7f, 0xfa, 0x24,
0x52, 0x6a, 0xad, 0xe2, 0xc8, 0x30, 0xaf, 0xf2, 0xaf, 0x63, 0xc5, 0xe2,
0xbf, 0xe2, 0x20, 0x1b, 0x9e, 0xf9, 0x3d, 0xbc, 0xfb, 0x04, 0x8e, 0xda,
0x7a, 0x1a, 0x5d, 0xd3, 0x13, 0xd7, 0x00, 0x8e, 0x9b, 0x5d, 0x85, 0x51,
0xda, 0xd3, 0x91, 0x25, 0xf5, 0x67, 0x85, 0x3e, 0x25, 0x89, 0x5e, 0xcb,
0x89, 0x8a, 0xec, 0x8a, 0xde, 0x8b, 0xf4, 0x33, 0x5f, 0x76, 0xdb, 0x3d,
0xfc, 0x6a, 0x05, 0x21, 0x43, 0xb2, 0x41, 0xd8, 0x33, 0x8d, 0xfd, 0x05,
0x5c, 0x22, 0x0a, 0xf6, 0x90, 0x65, 0x9c, 0x4f, 0x8c, 0x44, 0x9f, 0x2d,
0xca, 0xf3, 0x49, 0x9c, 0x3a, 0x14, 0x88, 0xab, 0xe4, 0xce, 0xb7, 0xbc,
0x95, 0x22, 0x2e, 0xb1, 0x82, 0x4c, 0xbf, 0x83, 0x3e, 0x49, 0x72, 0x03,
0x2a, 0x68, 0xe7, 0x2d, 0xe5, 0x2d, 0x4b, 0x61, 0xb0, 0x8d, 0x0d, 0x0c,
0x87, 0xc6, 0x5c, 0x51
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const RSA_ROOT: [u8; 725] = [
0x30, 0x82, 0x02, 0xd1, 0x30, 0x82, 0x01, 0xbb, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x29, 0x6c, 0x1a, 0xd8, 0x20, 0xcd, 0x74, 0x6d, 0x4b,
0x00, 0xf3, 0x16, 0x88, 0xd9, 0x66, 0x87, 0x5f, 0x28, 0x56, 0x6a, 0x30,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x08, 0x72, 0x6f, 0x6f, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x22, 0x18,
0x0f, 0x32, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x33, 0x30, 0x30, 0x30,
0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31, 0x31, 0x32,
0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x13, 0x31,
0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x72, 0x6f,
0x6f, 0x74, 0x2d, 0x72, 0x73, 0x61, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82,
0x01, 0x01, 0x00, 0xba, 0x88, 0x51, 0xa8, 0x44, 0x8e, 0x16, 0xd6, 0x41,
0xfd, 0x6e, 0xb6, 0x88, 0x06, 0x36, 0x10, 0x3d, 0x3c, 0x13, 0xd9, 0xea,
0xe4, 0x35, 0x4a, 0xb4, 0xec, 0xf5, 0x68, 0x57, 0x6c, 0x24, 0x7b, 0xc1,
0xc7, 0x25, 0xa8, 0xe0, 0xd8, 0x1f, 0xbd, 0xb1, 0x9c, 0x06, 0x9b, 0x6e,
0x1a, 0x86, 0xf2, 0x6b, 0xe2, 0xaf, 0x5a, 0x75, 0x6b, 0x6a, 0x64, 0x71,
0x08, 0x7a, 0xa5, 0x5a, 0xa7, 0x45, 0x87, 0xf7, 0x1c, 0xd5, 0x24, 0x9c,
0x02, 0x7e, 0xcd, 0x43, 0xfc, 0x1e, 0x69, 0xd0, 0x38, 0x20, 0x29, 0x93,
0xab, 0x20, 0xc3, 0x49, 0xe4, 0xdb, 0xb9, 0x4c, 0xc2, 0x6b, 0x6c, 0x0e,
0xed, 0x15, 0x82, 0x0f, 0xf1, 0x7e, 0xad, 0x69, 0x1a, 0xb1, 0xd3, 0x02,
0x3a, 0x8b, 0x2a, 0x41, 0xee, 0xa7, 0x70, 0xe0, 0x0f, 0x0d, 0x8d, 0xfd,
0x66, 0x0b, 0x2b, 0xb0, 0x24, 0x92, 0xa4, 0x7d, 0xb9, 0x88, 0x61, 0x79,
0x90, 0xb1, 0x57, 0x90, 0x3d, 0xd2, 0x3b, 0xc5, 0xe0, 0xb8, 0x48, 0x1f,
0xa8, 0x37, 0xd3, 0x88, 0x43, 0xef, 0x27, 0x16, 0xd8, 0x55, 0xb7, 0x66,
0x5a, 0xaa, 0x7e, 0x02, 0x90, 0x2f, 0x3a, 0x7b, 0x10, 0x80, 0x06, 0x24,
0xcc, 0x1c, 0x6c, 0x97, 0xad, 0x96, 0x61, 0x5b, 0xb7, 0xe2, 0x96, 0x12,
0xc0, 0x75, 0x31, 0xa3, 0x0c, 0x91, 0xdd, 0xb4, 0xca, 0xf7, 0xfc, 0xad,
0x1d, 0x25, 0xd3, 0x09, 0xef, 0xb9, 0x17, 0x0e, 0xa7, 0x68, 0xe1, 0xb3,
0x7b, 0x2f, 0x22, 0x6f, 0x69, 0xe3, 0xb4, 0x8a, 0x95, 0x61, 0x1d, 0xee,
0x26, 0xd6, 0x25, 0x9d, 0xab, 0x91, 0x08, 0x4e, 0x36, 0xcb, 0x1c, 0x24,
0x04, 0x2c, 0xbf, 0x16, 0x8b, 0x2f, 0xe5, 0xf1, 0x8f, 0x99, 0x17, 0x31,
0xb8, 0xb3, 0xfe, 0x49, 0x23, 0xfa, 0x72, 0x51, 0xc4, 0x31, 0xd5, 0x03,
0xac, 0xda, 0x18, 0x0a, 0x35, 0xed, 0x8d, 0x02, 0x03, 0x01, 0x00, 0x01,
0xa3, 0x1d, 0x30, 0x1b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d,
0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x0b, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x03, 0x82, 0x01, 0x01,
0x00, 0x23, 0x2f, 0x9f, 0x72, 0xeb, 0x70, 0x6d, 0x9e, 0x3e, 0x9f, 0xd7,
0x9c, 0xd9, 0x19, 0x7c, 0x99, 0x07, 0xc5, 0x5c, 0x9d, 0xf5, 0x66, 0x9f,
0x28, 0x8d, 0xfe, 0x0e, 0x3f, 0x38, 0x75, 0xed, 0xee, 0x4e, 0x3f, 0xf6,
0x6e, 0x35, 0xe0, 0x95, 0x3f, 0x08, 0x4a, 0x71, 0x5a, 0xf2, 0x4f, 0xc9,
0x96, 0x61, 0x8d, 0x45, 0x4b, 0x97, 0x85, 0xff, 0xb0, 0xe3, 0xbb, 0xb5,
0xd7, 0x7e, 0xfb, 0xd2, 0xfc, 0xec, 0xfe, 0x42, 0x9f, 0x4e, 0x7b, 0xbf,
0x97, 0xbb, 0xb4, 0x3a, 0x93, 0x0b, 0x13, 0x61, 0x90, 0x0c, 0x3a, 0xce,
0xf7, 0x8e, 0xef, 0x80, 0xf5, 0x4a, 0x92, 0xc5, 0xa5, 0x03, 0x78, 0xc2,
0xee, 0xb8, 0x66, 0x60, 0x6b, 0x76, 0x4f, 0x32, 0x5a, 0x1a, 0xa2, 0x4b,
0x7e, 0x2b, 0xa6, 0x1a, 0x89, 0x01, 0xe3, 0xbb, 0x55, 0x13, 0x7c, 0x4c,
0xf4, 0x6a, 0x99, 0x94, 0xd1, 0xa0, 0x84, 0x1c, 0x1a, 0xc2, 0x7b, 0xb4,
0xa0, 0xb0, 0x3b, 0xdc, 0x5a, 0x7b, 0xc7, 0xe0, 0x44, 0xb2, 0x1f, 0x46,
0xd5, 0x8b, 0x39, 0x8b, 0xdc, 0x9e, 0xce, 0xa8, 0x7f, 0x85, 0x1d, 0x4b,
0x63, 0x06, 0x1e, 0x8e, 0xe5, 0xe5, 0x99, 0xd9, 0xf7, 0x4d, 0x89, 0x0b,
0x1d, 0x5c, 0x27, 0x33, 0x66, 0x21, 0xcf, 0x9a, 0xbd, 0x98, 0x68, 0x23,
0x3a, 0x66, 0x9d, 0xd4, 0x46, 0xed, 0x63, 0x58, 0xf3, 0x42, 0xe4, 0x1d,
0xe2, 0x47, 0x65, 0x13, 0x8d, 0xd4, 0x1f, 0x4b, 0x7e, 0xde, 0x11, 0x56,
0xf8, 0x6d, 0x01, 0x0c, 0x99, 0xbd, 0x8d, 0xca, 0x8a, 0x2e, 0xe3, 0x8a,
0x9c, 0x3d, 0x83, 0x8d, 0x69, 0x62, 0x8d, 0x05, 0xea, 0xb7, 0xf5, 0xa3,
0x4b, 0xfc, 0x96, 0xcf, 0x18, 0x21, 0x0a, 0xc7, 0xf3, 0x23, 0x7e, 0x1c,
0xab, 0xe2, 0xa2, 0xd1, 0x83, 0xc4, 0x25, 0x93, 0x37, 0x80, 0xca, 0xda,
0xf0, 0xef, 0x7d, 0x94, 0xb5
];
#[cfg_attr(rustfmt, rustfmt_skip)]
pub const COSE_SIGNATURE_BYTES: [u8; 1062] = [
0xd8, 0x62, 0x84, 0x59, 0x02, 0xa3, 0xa1, 0x04, 0x82, 0x59, 0x01, 0x4e,

26
third_party/rust/cose/src/util.rs vendored
View File

@ -1,17 +1,17 @@
use cbor::CborType;
// Sig_structure is a CBOR array:
//
// Sig_structure = [
// context : "Signature" / "Signature1" / "CounterSignature",
// body_protected : empty_or_serialized_map,
// ? sign_protected : empty_or_serialized_map,
// external_aad : bstr,
// payload : bstr
// ]
//
// In this case, the context is "Signature". There is no external_aad, so this defaults to a
// zero-length bstr.
/// Sig_structure is a CBOR array:
///
/// Sig_structure = [
/// context : "Signature" / "Signature1" / "CounterSignature",
/// body_protected : empty_or_serialized_map,
/// ? sign_protected : empty_or_serialized_map,
/// external_aad : bstr,
/// payload : bstr
/// ]
///
/// In this case, the context is "Signature". There is no external_aad, so this defaults to a
/// zero-length bstr.
pub fn get_sig_struct_bytes(
protected_body_header_serialized: CborType,
protected_signature_header_serialized: CborType,
@ -20,7 +20,7 @@ pub fn get_sig_struct_bytes(
let sig_structure_array: Vec<CborType> = vec![CborType::String(String::from("Signature")),
protected_body_header_serialized,
protected_signature_header_serialized,
CborType::Bytes(Vec::new()),
CborType::Null,
CborType::Bytes(payload.to_vec())];
CborType::Array(sig_structure_array).serialize()

1
third_party/rust/moz_cbor/.cargo-checksum.json vendored Normal file
View File

@ -0,0 +1 @@
{"files":{".travis.yml":"43ea459b6292b21edfd4589bf83c1c774f56e336df27b1c48066f2333a207c21","Cargo.toml":"a1d8d6927afdd25f903e6d6198fd5577165f15b5cb4a85754626124f9a34d013","LICENSE":"1f256ecad192880510e84ad60474eab7589218784b9a50bc7ceee34c2b91f1d5","README.md":"900075da16923e46236926014f2ce8a0a404dfcedceee43d9ad50e6202ab1184","rustfmt.toml":"e97717e906fcd3eeb86dcee52ed26f13e1884597b016a27172229d9c78dd3d57","src/decoder.rs":"421ade90bb4646fc2229bc0b62aea415e01576abdb64dee7d31d1836b86d6f6b","src/lib.rs":"f5b767eedbee01b3f697afb2dce777c6043e6fea6f9a7eab8387560caaa40100","src/serializer.rs":"edf3d39ef2d70cfc01968d88097897501b110d3db5f7d4e137ec1cd5f6f794d2","src/test_decoder.rs":"29a0b81e8a3e5cf85c97bc04deb421cb2071849aa7b667e9f3537e165b7bef77","src/test_serializer.rs":"3ca4b66feb7dded36ab8755fd0868bed962d689de7a401fc6ae814f12ba40e31"},"package":"9f0dc96d1e40041ad9e6f9986e72e65d45d70dc31cef9d852b47646b2970f238"}

24
third_party/rust/moz_cbor/.travis.yml vendored Normal file
View File

@ -0,0 +1,24 @@
sudo: true
language: rust
cache: cargo
rust:
- stable
- beta
- nightly
addons:
apt:
packages:
- build-essential
install:
# Apparently cargo install returns a nonzero exit status if
# caching succeeds, so just make this always "succeed".
- (cargo install rustfmt || true)
script:
- |
cargo fmt -- --write-mode=diff
- |
cargo build &&
cargo test

23
third_party/rust/moz_cbor/Cargo.toml vendored Normal file
View File

@ -0,0 +1,23 @@
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g. crates.io) dependencies
#
# If you believe there's an error in this file please file an
# issue against the rust-lang/cargo repository. If you're
# editing this file be aware that the upstream Cargo.toml
# will likely look very different (and much more reasonable)
[package]
name = "moz_cbor"
version = "0.1.0"
authors = ["Franziskus Kiefer <franziskuskiefer@gmail.com>"]
description = "Library to use CBOR (https://tools.ietf.org/html/rfc7049) in Rust"
keywords = ["jose", "cbor"]
license = "MPL-2.0"
repository = "https://github.com/franziskuskiefer/cbor-rust"
[features]
default = []

373
third_party/rust/moz_cbor/LICENSE vendored Normal file
View File

@ -0,0 +1,373 @@
Mozilla Public License Version 2.0
==================================
1. Definitions
--------------
1.1. "Contributor"
means each individual or legal entity that creates, contributes to
the creation of, or owns Covered Software.
1.2. "Contributor Version"
means the combination of the Contributions of others (if any) used
by a Contributor and that particular Contributor's Contribution.
1.3. "Contribution"
means Covered Software of a particular Contributor.
1.4. "Covered Software"
means Source Code Form to which the initial Contributor has attached
the notice in Exhibit A, the Executable Form of such Source Code
Form, and Modifications of such Source Code Form, in each case
including portions thereof.
1.5. "Incompatible With Secondary Licenses"
means
(a) that the initial Contributor has attached the notice described
in Exhibit B to the Covered Software; or
(b) that the Covered Software was made available under the terms of
version 1.1 or earlier of the License, but not also under the
terms of a Secondary License.
1.6. "Executable Form"
means any form of the work other than Source Code Form.
1.7. "Larger Work"
means a work that combines Covered Software with other material, in
a separate file or files, that is not Covered Software.
1.8. "License"
means this document.
1.9. "Licensable"
means having the right to grant, to the maximum extent possible,
whether at the time of the initial grant or subsequently, any and
all of the rights conveyed by this License.
1.10. "Modifications"
means any of the following:
(a) any file in Source Code Form that results from an addition to,
deletion from, or modification of the contents of Covered
Software; or
(b) any new file in Source Code Form that contains any Covered
Software.
1.11. "Patent Claims" of a Contributor
means any patent claim(s), including without limitation, method,
process, and apparatus claims, in any patent Licensable by such
Contributor that would be infringed, but for the grant of the
License, by the making, using, selling, offering for sale, having
made, import, or transfer of either its Contributions or its
Contributor Version.
1.12. "Secondary License"
means either the GNU General Public License, Version 2.0, the GNU
Lesser General Public License, Version 2.1, the GNU Affero General
Public License, Version 3.0, or any later versions of those
licenses.
1.13. "Source Code Form"
means the form of the work preferred for making modifications.
1.14. "You" (or "Your")
means an individual or a legal entity exercising rights under this
License. For legal entities, "You" includes any entity that
controls, is controlled by, or is under common control with You. For
purposes of this definition, "control" means (a) the power, direct
or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of more than
fifty percent (50%) of the outstanding shares or beneficial
ownership of such entity.
2. License Grants and Conditions
--------------------------------
2.1. Grants
Each Contributor hereby grants You a world-wide, royalty-free,
non-exclusive license:
(a) under intellectual property rights (other than patent or trademark)
Licensable by such Contributor to use, reproduce, make available,
modify, display, perform, distribute, and otherwise exploit its
Contributions, either on an unmodified basis, with Modifications, or
as part of a Larger Work; and
(b) under Patent Claims of such Contributor to make, use, sell, offer
for sale, have made, import, and otherwise transfer either its
Contributions or its Contributor Version.
2.2. Effective Date
The licenses granted in Section 2.1 with respect to any Contribution
become effective for each Contribution on the date the Contributor first
distributes such Contribution.
2.3. Limitations on Grant Scope
The licenses granted in this Section 2 are the only rights granted under
this License. No additional rights or licenses will be implied from the
distribution or licensing of Covered Software under this License.
Notwithstanding Section 2.1(b) above, no patent license is granted by a
Contributor:
(a) for any code that a Contributor has removed from Covered Software;
or
(b) for infringements caused by: (i) Your and any other third party's
modifications of Covered Software, or (ii) the combination of its
Contributions with other software (except as part of its Contributor
Version); or
(c) under Patent Claims infringed by Covered Software in the absence of
its Contributions.
This License does not grant any rights in the trademarks, service marks,
or logos of any Contributor (except as may be necessary to comply with
the notice requirements in Section 3.4).
2.4. Subsequent Licenses
No Contributor makes additional grants as a result of Your choice to
distribute the Covered Software under a subsequent version of this
License (see Section 10.2) or under the terms of a Secondary License (if
permitted under the terms of Section 3.3).
2.5. Representation
Each Contributor represents that the Contributor believes its
Contributions are its original creation(s) or it has sufficient rights
to grant the rights to its Contributions conveyed by this License.
2.6. Fair Use
This License is not intended to limit any rights You have under
applicable copyright doctrines of fair use, fair dealing, or other
equivalents.
2.7. Conditions
Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
in Section 2.1.
3. Responsibilities
-------------------
3.1. Distribution of Source Form
All distribution of Covered Software in Source Code Form, including any
Modifications that You create or to which You contribute, must be under
the terms of this License. You must inform recipients that the Source
Code Form of the Covered Software is governed by the terms of this
License, and how they can obtain a copy of this License. You may not
attempt to alter or restrict the recipients' rights in the Source Code
Form.
3.2. Distribution of Executable Form
If You distribute Covered Software in Executable Form then:
(a) such Covered Software must also be made available in Source Code
Form, as described in Section 3.1, and You must inform recipients of
the Executable Form how they can obtain a copy of such Source Code
Form by reasonable means in a timely manner, at a charge no more
than the cost of distribution to the recipient; and
(b) You may distribute such Executable Form under the terms of this
License, or sublicense it under different terms, provided that the
license for the Executable Form does not attempt to limit or alter
the recipients' rights in the Source Code Form under this License.
3.3. Distribution of a Larger Work
You may create and distribute a Larger Work under terms of Your choice,
provided that You also comply with the requirements of this License for
the Covered Software. If the Larger Work is a combination of Covered
Software with a work governed by one or more Secondary Licenses, and the
Covered Software is not Incompatible With Secondary Licenses, this
License permits You to additionally distribute such Covered Software
under the terms of such Secondary License(s), so that the recipient of
the Larger Work may, at their option, further distribute the Covered
Software under the terms of either this License or such Secondary
License(s).
3.4. Notices
You may not remove or alter the substance of any license notices
(including copyright notices, patent notices, disclaimers of warranty,
or limitations of liability) contained within the Source Code Form of
the Covered Software, except that You may alter any license notices to
the extent required to remedy known factual inaccuracies.
3.5. Application of Additional Terms
You may choose to offer, and to charge a fee for, warranty, support,
indemnity or liability obligations to one or more recipients of Covered
Software. However, You may do so only on Your own behalf, and not on
behalf of any Contributor. You must make it absolutely clear that any
such warranty, support, indemnity, or liability obligation is offered by
You alone, and You hereby agree to indemnify every Contributor for any
liability incurred by such Contributor as a result of warranty, support,
indemnity or liability terms You offer. You may include additional
disclaimers of warranty and limitations of liability specific to any
jurisdiction.
4. Inability to Comply Due to Statute or Regulation
---------------------------------------------------
If it is impossible for You to comply with any of the terms of this
License with respect to some or all of the Covered Software due to
statute, judicial order, or regulation then You must: (a) comply with
the terms of this License to the maximum extent possible; and (b)
describe the limitations and the code they affect. Such description must
be placed in a text file included with all distributions of the Covered
Software under this License. Except to the extent prohibited by statute
or regulation, such description must be sufficiently detailed for a
recipient of ordinary skill to be able to understand it.
5. Termination
--------------
5.1. The rights granted under this License will terminate automatically
if You fail to comply with any of its terms. However, if You become
compliant, then the rights granted under this License from a particular
Contributor are reinstated (a) provisionally, unless and until such
Contributor explicitly and finally terminates Your grants, and (b) on an
ongoing basis, if such Contributor fails to notify You of the
non-compliance by some reasonable means prior to 60 days after You have
come back into compliance. Moreover, Your grants from a particular
Contributor are reinstated on an ongoing basis if such Contributor
notifies You of the non-compliance by some reasonable means, this is the
first time You have received notice of non-compliance with this License
from such Contributor, and You become compliant prior to 30 days after
Your receipt of the notice.
5.2. If You initiate litigation against any entity by asserting a patent
infringement claim (excluding declaratory judgment actions,
counter-claims, and cross-claims) alleging that a Contributor Version
directly or indirectly infringes any patent, then the rights granted to
You by any and all Contributors for the Covered Software under Section
2.1 of this License shall terminate.
5.3. In the event of termination under Sections 5.1 or 5.2 above, all
end user license agreements (excluding distributors and resellers) which
have been validly granted by You or Your distributors under this License
prior to termination shall survive termination.
************************************************************************
* *
* 6. Disclaimer of Warranty *
* ------------------------- *
* *
* Covered Software is provided under this License on an "as is" *
* basis, without warranty of any kind, either expressed, implied, or *
* statutory, including, without limitation, warranties that the *
* Covered Software is free of defects, merchantable, fit for a *
* particular purpose or non-infringing. The entire risk as to the *
* quality and performance of the Covered Software is with You. *
* Should any Covered Software prove defective in any respect, You *
* (not any Contributor) assume the cost of any necessary servicing, *
* repair, or correction. This disclaimer of warranty constitutes an *
* essential part of this License. No use of any Covered Software is *
* authorized under this License except under this disclaimer. *
* *
************************************************************************
************************************************************************
* *
* 7. Limitation of Liability *
* -------------------------- *
* *
* Under no circumstances and under no legal theory, whether tort *
* (including negligence), contract, or otherwise, shall any *
* Contributor, or anyone who distributes Covered Software as *
* permitted above, be liable to You for any direct, indirect, *
* special, incidental, or consequential damages of any character *
* including, without limitation, damages for lost profits, loss of *
* goodwill, work stoppage, computer failure or malfunction, or any *
* and all other commercial damages or losses, even if such party *
* shall have been informed of the possibility of such damages. This *
* limitation of liability shall not apply to liability for death or *
* personal injury resulting from such party's negligence to the *
* extent applicable law prohibits such limitation. Some *
* jurisdictions do not allow the exclusion or limitation of *
* incidental or consequential damages, so this exclusion and *
* limitation may not apply to You. *
* *
************************************************************************
8. Litigation
-------------
Any litigation relating to this License may be brought only in the
courts of a jurisdiction where the defendant maintains its principal
place of business and such litigation shall be governed by laws of that
jurisdiction, without reference to its conflict-of-law provisions.
Nothing in this Section shall prevent a party's ability to bring
cross-claims or counter-claims.
9. Miscellaneous
----------------
This License represents the complete agreement concerning the subject
matter hereof. If any provision of this License is held to be
unenforceable, such provision shall be reformed only to the extent
necessary to make it enforceable. Any law or regulation which provides
that the language of a contract shall be construed against the drafter
shall not be used to construe this License against a Contributor.
10. Versions of the License
---------------------------
10.1. New Versions
Mozilla Foundation is the license steward. Except as provided in Section
10.3, no one other than the license steward has the right to modify or
publish new versions of this License. Each version will be given a
distinguishing version number.
10.2. Effect of New Versions
You may distribute the Covered Software under the terms of the version
of the License under which You originally received the Covered Software,
or under the terms of any subsequent version published by the license
steward.
10.3. Modified Versions
If you create software not governed by this License, and you want to
create a new license for such software, you may create and use a
modified version of this License if you rename the license and remove
any references to the name of the license steward (except to note that
such modified license differs from this License).
10.4. Distributing Source Code Form that is Incompatible With Secondary
Licenses
If You choose to distribute Source Code Form that is Incompatible With
Secondary Licenses under the terms of this version of the License, the
notice described in Exhibit B of this License must be attached.
Exhibit A - Source Code Form License Notice
-------------------------------------------
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
If it is not possible or desirable to put the notice in a particular
file, then You may include the notice in a location (such as a LICENSE
file in a relevant directory) where a recipient would be likely to look
for such a notice.
You may add additional accurate notices of copyright ownership.
Exhibit B - "Incompatible With Secondary Licenses" Notice
---------------------------------------------------------
This Source Code Form is "Incompatible With Secondary Licenses", as
defined by the Mozilla Public License, v. 2.0.

8
third_party/rust/moz_cbor/README.md vendored Normal file
View File

@ -0,0 +1,8 @@
# cbor-rust
A Rust library for [CBOR](https://tools.ietf.org/html/rfc7049).
[![Build Status](https://travis-ci.org/franziskuskiefer/cbor-rust.svg?branch=master)](https://travis-ci.org/franziskuskiefer/cbor-rust/)
![Maturity Level](https://img.shields.io/badge/maturity-alpha-red.svg)
**THIS IS WORK IN PROGRESS. DO NOT USE YET.**

4
third_party/rust/moz_cbor/rustfmt.toml vendored Normal file
View File

@ -0,0 +1,4 @@
array_layout = "Visual"
array_width = 0
reorder_imported_names = true
array_horizontal_layout_threshold = 0

2
third_party/rust/cose/src/cbor/decoder.rs → third_party/rust/moz_cbor/src/decoder.rs vendored
View File

@ -1,6 +1,6 @@
use std::collections::BTreeMap;
use std::io::{Cursor, Read, Seek, SeekFrom};
use cbor::{CborError, CborType};
use {CborError, CborType};
// We limit the length of any cbor byte array to 128MiB. This is a somewhat
// arbitrary limit that should work on all platforms and is large enough for

0
third_party/rust/cose/src/cbor/mod.rs → third_party/rust/moz_cbor/src/lib.rs vendored
View File

2
third_party/rust/cose/src/cbor/serializer.rs → third_party/rust/moz_cbor/src/serializer.rs vendored
View File

@ -1,5 +1,5 @@
use std::collections::BTreeMap;
use cbor::CborType;
use CborType;
/// Given a vector of bytes to append to, a tag to use, and an unsigned value to encode, uses the
/// CBOR unsigned integer encoding to represent the given value.

4
third_party/rust/cose/src/cbor/test_decoder.rs → third_party/rust/moz_cbor/src/test_decoder.rs vendored
View File

@ -1,5 +1,5 @@
use cbor::decoder::*;
use cbor::*;
use {CborError, CborType};
use decoder::{MAX_ARRAY_SIZE, decode};
use std::collections::BTreeMap;
// First test all the basic types

Some files were not shown because too many files have changed in this diff Show More