summaryrefslogtreecommitdiff
path: root/libnm-util
diff options
context:
space:
mode:
authorDan Williams <dcbw@redhat.com>2009-10-29 22:46:20 -0700
committerDan Williams <dcbw@redhat.com>2009-10-29 22:46:20 -0700
commitf496f3f9b94911edb176f617e5cb44845e4cecd3 (patch)
tree7edfef140210bb961e26f7c09d26c0e4f2280314 /libnm-util
parentacd1620e84883af585ef04200c65df18b5771e32 (diff)
Revert "libnm-util: fix NSS padding checking and add testcase"
This reverts commit 32bcb0049cc1fe03382b25ee2d0255c9d89ed12f.
Diffstat (limited to 'libnm-util')
-rw-r--r--libnm-util/crypto_nss.c69
-rw-r--r--libnm-util/tests/Makefile.am11
-rw-r--r--libnm-util/tests/certs/test2-cert.p12bin4136 -> 0 bytes
-rw-r--r--libnm-util/tests/certs/test2_ca_cert.pem27
-rw-r--r--libnm-util/tests/certs/test2_key_and_cert.pem119
5 files changed, 17 insertions, 209 deletions
diff --git a/libnm-util/crypto_nss.c b/libnm-util/crypto_nss.c
index be2884c3a9..8cbdd9f525 100644
--- a/libnm-util/crypto_nss.c
+++ b/libnm-util/crypto_nss.c
@@ -18,7 +18,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
- * (C) Copyright 2007 - 2009 Red Hat, Inc.
+ * (C) Copyright 2007 - 2008 Red Hat, Inc.
*/
#include "config.h"
@@ -147,7 +147,8 @@ crypto_decrypt (const char *cipher,
GError **error)
{
char *output = NULL;
- int decrypted_len = 0;
+ int tmp1_len = 0;
+ unsigned int tmp2_len = 0;
CK_MECHANISM_TYPE cipher_mech;
PK11SlotInfo *slot = NULL;
SECItem key_item;
@@ -156,16 +157,13 @@ crypto_decrypt (const char *cipher,
PK11Context *ctx = NULL;
SECStatus s;
gboolean success = FALSE;
- unsigned int pad_len = 0, extra = 0;
- guint32 i, real_iv_len = 0;
+ gsize len;
- if (!strcmp (cipher, CIPHER_DES_EDE3_CBC)) {
+ if (!strcmp (cipher, CIPHER_DES_EDE3_CBC))
cipher_mech = CKM_DES3_CBC_PAD;
- real_iv_len = 8;
- } else if (!strcmp (cipher, CIPHER_DES_CBC)) {
+ else if (!strcmp (cipher, CIPHER_DES_CBC))
cipher_mech = CKM_DES_CBC_PAD;
- real_iv_len = 8;
- } else {
+ else {
g_set_error (error, NM_CRYPTO_ERROR,
NM_CRYPTO_ERR_UNKNOWN_CIPHER,
_("Private key cipher '%s' was unknown."),
@@ -173,15 +171,7 @@ crypto_decrypt (const char *cipher,
return NULL;
}
- if (iv_len < real_iv_len) {
- g_set_error (error, NM_CRYPTO_ERROR,
- NM_CRYPTO_ERR_RAW_IV_INVALID,
- _("Invalid IV length (must be at least %d)."),
- real_iv_len);
- return NULL;
- }
-
- output = g_malloc0 (data->len);
+ output = g_malloc0 (data->len + 1);
if (!output) {
g_set_error (error, NM_CRYPTO_ERROR,
NM_CRYPTO_ERR_OUT_OF_MEMORY,
@@ -208,7 +198,7 @@ crypto_decrypt (const char *cipher,
}
key_item.data = (unsigned char *) iv;
- key_item.len = real_iv_len;
+ key_item.len = iv_len;
sec_param = PK11_ParamFromIV (cipher_mech, &key_item);
if (!sec_param) {
g_set_error (error, NM_CRYPTO_ERROR,
@@ -227,7 +217,7 @@ crypto_decrypt (const char *cipher,
s = PK11_CipherOp (ctx,
(unsigned char *) output,
- &decrypted_len,
+ &tmp1_len,
data->len,
data->data,
data->len);
@@ -239,17 +229,10 @@ crypto_decrypt (const char *cipher,
goto out;
}
- if (decrypted_len > data->len) {
- g_set_error (error, NM_CRYPTO_ERROR,
- NM_CRYPTO_ERR_CIPHER_DECRYPT_FAILED,
- _("Failed to decrypt the private key: decrypted data too large."));
- goto out;
- }
-
s = PK11_DigestFinal (ctx,
- (unsigned char *) (output + decrypted_len),
- &extra,
- data->len - decrypted_len);
+ (unsigned char *) (output + tmp1_len),
+ &tmp2_len,
+ data->len - tmp1_len);
if (s != SECSuccess) {
g_set_error (error, NM_CRYPTO_ERROR,
NM_CRYPTO_ERR_CIPHER_DECRYPT_FAILED,
@@ -257,30 +240,12 @@ crypto_decrypt (const char *cipher,
PORT_GetError ());
goto out;
}
- decrypted_len += extra;
- pad_len = data->len - decrypted_len;
-
- /* Check if the padding at the end of the decrypted data is valid */
- if (pad_len == 0 || pad_len > real_iv_len) {
- g_set_error (error, NM_CRYPTO_ERROR,
- NM_CRYPTO_ERR_CIPHER_DECRYPT_FAILED,
- _("Failed to decrypt the private key: unexpected padding length."));
+ len = tmp1_len + tmp2_len;
+ if (len > data->len)
goto out;
- }
-
- /* Validate tail padding; last byte is the padding size, and all pad bytes
- * should contain the padding size.
- */
- for (i = pad_len; i > 0; i--) {
- if (output[data->len - i] != pad_len) {
- g_set_error (error, NM_CRYPTO_ERROR,
- NM_CRYPTO_ERR_CIPHER_DECRYPT_FAILED,
- _("Failed to decrypt the private key."));
- goto out;
- }
- }
- *out_len = decrypted_len;
+ *out_len = len;
+ output[*out_len] = '\0';
success = TRUE;
out:
diff --git a/libnm-util/tests/Makefile.am b/libnm-util/tests/Makefile.am
index b8046036d4..1cf19cbc46 100644
--- a/libnm-util/tests/Makefile.am
+++ b/libnm-util/tests/Makefile.am
@@ -33,8 +33,6 @@ if WITH_TESTS
check-local: test-settings-defaults test-crypto
$(abs_builddir)/test-settings-defaults
-
-# Cert with 8 bytes of tail padding
$(abs_builddir)/test-crypto \
$(top_srcdir)/libnm-util/tests/certs/test_ca_cert.pem \
$(top_srcdir)/libnm-util/tests/certs/test_key_and_cert.pem \
@@ -43,14 +41,5 @@ check-local: test-settings-defaults test-crypto
$(top_srcdir)/libnm-util/tests/certs/test-cert.p12 \
"test"
-# Cert with only 6 bytes of tail padding
- $(abs_builddir)/test-crypto \
- $(top_srcdir)/libnm-util/tests/certs/test2_ca_cert.pem \
- $(top_srcdir)/libnm-util/tests/certs/test2_key_and_cert.pem \
- $(top_srcdir)/libnm-util/tests/certs/test2_key_and_cert.pem \
- "12345testing" \
- $(top_srcdir)/libnm-util/tests/certs/test2-cert.p12 \
- "12345testing"
-
endif
diff --git a/libnm-util/tests/certs/test2-cert.p12 b/libnm-util/tests/certs/test2-cert.p12
deleted file mode 100644
index 9d5732b0a9..0000000000
--- a/libnm-util/tests/certs/test2-cert.p12
+++ /dev/null
Binary files differ
diff --git a/libnm-util/tests/certs/test2_ca_cert.pem b/libnm-util/tests/certs/test2_ca_cert.pem
deleted file mode 100644
index 9a487ca4b4..0000000000
--- a/libnm-util/tests/certs/test2_ca_cert.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEpDCCA4ygAwIBAgIJANDnVhixAO1GMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
-VQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czERMA8GA1UEBxMIV2VzdGZv
-cmQxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xFDASBgNVBAsTC0VuZ2luZWVyaW5n
-MRAwDgYDVQQDEwdlYXB0ZXN0MRgwFgYJKoZIhvcNAQkBFglpdEBpdC5jb20wHhcN
-MDcxMTA5MTU0ODI1WhcNMTcxMTA2MTU0ODI1WjCBkjELMAkGA1UEBhMCVVMxFjAU
-BgNVBAgTDU1hc3NhY2h1c2V0dHMxETAPBgNVBAcTCFdlc3Rmb3JkMRYwFAYDVQQK
-Ew1SZWQgSGF0LCBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEQMA4GA1UEAxMH
-ZWFwdGVzdDEYMBYGCSqGSIb3DQEJARYJaXRAaXQuY29tMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAz9zRLSiQyQangDgEliEP8xSpnPJS7GjXzrkZS3sk
-gZLuVuwoFeZRq3Hsrq/wGd/vM0KUFNmEaMc+47jnuv0UHQcQ45ZACO7s4/Aflhzj
-lkmud/z06hVknIzjXmvS6q2ttCviHsXnfokl+wAxuUhsd+le0xjP9H1jXny4YBuS
-jP+yGUz7PL4w1sFFghKIPrlB7m4GkFbQRqvH7FSJg86GWopPwJvNvIzhOZiO1a1D
-CAAL4Ru3jxtNFxqWT87C/qUEe/2Qb7jtNyqFcKfwZyZh4u1bo0c8bjErlUZERbWz
-zM3hTFypuw+i2v+0h3A8/Xb0hTjcHkUoJgfSdbsOLC5TOwIDAQABo4H6MIH3MB0G
-A1UdDgQWBBR+UOaH4e8nrEuMcEXJl7UN5r/wDTCBxwYDVR0jBIG/MIG8gBR+UOaH
-4e8nrEuMcEXJl7UN5r/wDaGBmKSBlTCBkjELMAkGA1UEBhMCVVMxFjAUBgNVBAgT
-DU1hc3NhY2h1c2V0dHMxETAPBgNVBAcTCFdlc3Rmb3JkMRYwFAYDVQQKEw1SZWQg
-SGF0LCBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEQMA4GA1UEAxMHZWFwdGVz
-dDEYMBYGCSqGSIb3DQEJARYJaXRAaXQuY29tggkA0OdWGLEA7UYwDAYDVR0TBAUw
-AwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAmE2jqUymfxN2Vv7bPafoK/EpZwGPxu+z
-phRFsgUgWVzidc/GtOxN81LduJ+ow8MEbQIabo4JV/MdKzuPuhAHToAQdeb0LIWa
-p59vTIZiVhUt0cMAbQwKcTnfmDnXw9wytvtKgeAXJq0Jd6F+uNXTiR1btlYLZqmF
-oSu54cHQlXpUT9z0BnQ8eXd7m0TwfzGQkTHQI7xBa87lZDAkJaTlhv7fR5vPmJYY
-0LiXii71ce+4hxdlp7hQfwQ2sb8FPY3RlVboTRD0CvGaWypWhdSZnS790dBXgZOs
-NCge6NGuHzW5LtiZE9ppuv8qJysVcIFdAqt8dkx58ksOqFcARCerXw==
------END CERTIFICATE-----
diff --git a/libnm-util/tests/certs/test2_key_and_cert.pem b/libnm-util/tests/certs/test2_key_and_cert.pem
deleted file mode 100644
index a668596eef..0000000000
--- a/libnm-util/tests/certs/test2_key_and_cert.pem
+++ /dev/null
@@ -1,119 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,5FA2D6D6242C26D0
-
-dyNdbh115sczbUEhiaGYJ6fazyvJss5thPFEmkP6aftYlvXY6vPtc++xFCCktiSd
-qFVEyi6oDyV4iGPmX7pCJ0e+pSI6uFNXKFtxh5/+/wXZcOEMCvfu7w2IrvYF2LHY
-qJDljcISSRxeINuYO7TETD5fLLRKj2X9vwwkwVN02b2N5jsrm6Bt//WbatqSB3ln
-FHyQhVKkvdl9Hr1XNmEfgGfZSxxDoPu1DjhtZ5ja2LZj64C2CXdI0oq2wcAVvQNn
-rZeeg9sinQJkz9rwsNaWqlYw4X+YD2JRSwZuvwkWRydYMwgb1XS/jCxtuFF8NXWP
-RBAOAZZUy7onzohsJHVVa05wCKQ4klo+PEfI3vn7BeuHyciCc0eFqGRvz8eFDybH
-ZdPbU/3vGp+mOB7gd27TptttTCQQy9uM5CIyovNSYsAIw1Z583Ea4q8eXgzkgD6D
-isCqkGXMfPbNXU3myQGDnQwWRi2CqX+rXM8PJUhdewLAlmHRz/aYSuql2BRixJKx
-eASzmFBYdAjrvafda5D+xTyJwXEwdq/HlqMK9cY28ZbNrzA2Kor2X23EKC1+VG8k
-B67OsfUhW27j4u6aV5JdLf87OtF3mHFRR+Lzs7i7LYvJ8ACE+jiIi7PboZjK5Oiv
-JqTK0BwDaeNYjkd6jiJh8It/ReMbLk65J3eldOklN0VMPYiqcQnHvSPC2DD1YAy+
-Rv/JVj6TvzvgEAj+hgH6MAAF6u3ARj6+10DlvhUubkOC5RztLKReu8B+427TuuDb
-T03gFpHD6X9IqSiq/QfYFyHFojCVSrv6wDZOcHc1s71kpJ8R14YIVe+DrrZN/0D4
-M631jdNg3JARMZXcXTHrghGIdPmOtrsRyTTRZuGoVup/DW9MRzOzCTMSNCX8T+eq
-13HMSNQEO9lMwy0sYeO5c7sjHY4K1ubZuVE1mvXq4JLz3YxXJIvgp8TUvqDnAsK+
-Fv63bDoTg5Tq63XvnaKc7Lawneyg5ZAMzPN3nM0/1EZcn/2ICI5c4Yepc5t63EI5
-KytuXx86Mcx234enj3uMeuM22POQ1SnKOef6dFzK/CE8J8eUEY/aDhX4eBl/s3nd
-U4+aaFKYz3HTazePayt2SC6rP/KKMmS14q59bOQA1DiWxCvmA2ypRyP87fV5DstH
-I53RD5xp1P38iaO8U/divD0W2dkv748s9DQqYrHPtWALT9esxNU07CgB8Zt070si
-7pzjQ8FDCZ8ygDmwWGNSBz1nA90Cpd6gAFDrep7HAtDE4qgNfokycpaJZkXBei/U
-tC4tWYRbqDEsEbeBHvQRJzzqWzk9e/P4fQoelM3aryKzKLG5z7KvywVifKMLECQ+
-tIpzoRp06nuTA/O+iLFdkCy3JEWszfvvOwTwtIIV6+3s8TU0k9MmzEe3rGL+QqT/
-Tf+9/dN5LK+LWyc99BfmCOrBuFtQmHyEXkfe6EuFYEwj0B2ZfnLCon6cdRujjK7H
-IJslC1B/cBVqG3KCrbBzjeygKfJ5Ijo72oXZJOCFTLeJefZKGGWJCp9nG9h9Wrcf
-fEN/mj3wBvTa90/PYFj9NuaBtrvMF8Rn9XDeYPq2JGL8YkNdPuO8A+2Yko8wcvST
------END RSA PRIVATE KEY-----
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 2 (0x2)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=US, ST=Massachusetts, L=Westford, O=Red Hat, Inc., OU=Engineering, CN=eaptest/emailAddress=it@it.com
- Validity
- Not Before: Nov 9 15:50:14 2007 GMT
- Not After : Nov 6 15:50:14 2017 GMT
- Subject: C=US, ST=Massachusetts, O=Red Hat, Inc., OU=Engineering, CN=client/emailAddress=it@it.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:b0:8f:4f:1c:93:d4:43:e7:87:b7:22:33:55:a8:
- 35:a1:c4:01:b0:f1:ed:26:23:96:ab:65:c2:c2:54:
- db:79:22:03:ad:3f:6f:22:e3:63:3f:f4:21:6d:fa:
- 88:c8:8f:1a:ce:55:49:7c:98:33:6a:67:8a:8d:d9:
- 34:b0:c3:42:f4:72:a4:45:43:05:72:5d:0c:d3:42:
- f8:9c:66:3b:b8:f8:77:ea:f6:b6:94:d7:cc:5d:62:
- 34:2a:14:48:0a:bc:65:94:f5:7a:63:98:6c:88:4c:
- 25:d8:95:f1:40:3d:00:d2:fb:43:28:fa:02:fb:2c:
- 80:b3:e1:33:e7:8c:ce:8a:a0:1b:3d:04:4d:bc:a1:
- b6:a2:42:8b:8e:f3:5b:4a:72:34:7d:8d:ba:d8:46:
- 22:35:da:5c:f8:dd:fc:6d:9e:59:22:b7:6b:e7:78:
- 56:54:9f:4c:d1:e2:4a:23:a3:bc:04:ea:46:6b:70:
- 8a:fb:fe:8a:73:ca:36:d5:f3:e9:17:e3:22:d5:b3:
- 70:05:e7:f7:37:b7:21:b5:90:53:27:27:ea:36:9b:
- 00:ff:35:b0:66:3d:dc:a9:2f:95:d2:21:18:98:4f:
- 28:07:09:70:20:a8:b1:82:aa:a5:df:ae:0f:e3:36:
- be:68:8c:9e:80:d3:33:d0:f5:84:17:d9:0f:eb:9d:
- af:0b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- 71:AB:BB:91:B7:04:DE:43:35:36:07:8A:35:CA:BE:5C:3E:EB:B1:09
- X509v3 Authority Key Identifier:
- keyid:7E:50:E6:87:E1:EF:27:AC:4B:8C:70:45:C9:97:B5:0D:E6:BF:F0:0D
- DirName:/C=US/ST=Massachusetts/L=Westford/O=Red Hat, Inc./OU=Engineering/CN=eaptest/emailAddress=it@it.com
- serial:D0:E7:56:18:B1:00:ED:46
-
- Signature Algorithm: md5WithRSAEncryption
- ce:43:6d:f7:f8:4a:66:fd:8a:2c:41:a6:e0:03:0e:60:30:d4:
- 41:01:ba:46:ba:81:97:64:68:83:25:9c:e1:2c:03:8b:2d:ca:
- 85:cf:bc:fa:ca:22:c4:59:28:23:8f:ff:50:94:60:1c:90:dd:
- 75:f4:d4:ea:8c:fa:61:61:08:35:4a:8f:aa:a7:e9:3d:76:e9:
- 08:28:55:01:c4:03:42:c7:ad:58:bb:ee:94:f7:09:b3:9a:9b:
- 8b:d0:25:95:18:a6:22:d5:2c:fc:b7:bb:91:0c:7c:03:7f:9b:
- 85:de:b0:e4:95:a8:73:94:27:0a:11:4e:e3:67:ae:2b:cc:e7:
- 51:29:10:23:57:5c:3e:e7:ea:47:e0:f0:8f:5b:a2:9f:26:cf:
- 7f:b5:7c:44:b1:7b:83:67:3c:41:ae:c6:66:64:e0:d2:ef:57:
- a4:5c:1b:94:11:ce:28:e5:91:51:ef:e1:98:b7:3b:9a:cc:f7:
- b9:85:76:eb:a8:2b:15:4a:cc:1a:a3:42:fa:be:1c:ce:b8:eb:
- ee:12:d7:2f:e4:a8:cf:eb:2a:8f:78:e8:91:88:fa:c2:98:75:
- 6a:4c:92:3f:2e:0d:e1:20:39:36:c6:2c:be:67:30:c3:f3:c3:
- 65:81:ac:e3:3c:19:6a:21:ee:ea:f5:22:66:74:b2:07:53:7c:
- 9a:0c:24:a6
------BEGIN CERTIFICATE-----
-MIIEtDCCA5ygAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCVVMx
-FjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxETAPBgNVBAcTCFdlc3Rmb3JkMRYwFAYD
-VQQKEw1SZWQgSGF0LCBJbmMuMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEQMA4GA1UE
-AxMHZWFwdGVzdDEYMBYGCSqGSIb3DQEJARYJaXRAaXQuY29tMB4XDTA3MTEwOTE1
-NTAxNFoXDTE3MTEwNjE1NTAxNFowfjELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1h
-c3NhY2h1c2V0dHMxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xFDASBgNVBAsTC0Vu
-Z2luZWVyaW5nMQ8wDQYDVQQDEwZjbGllbnQxGDAWBgkqhkiG9w0BCQEWCWl0QGl0
-LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCPTxyT1EPnh7ci
-M1WoNaHEAbDx7SYjlqtlwsJU23kiA60/byLjYz/0IW36iMiPGs5VSXyYM2pnio3Z
-NLDDQvRypEVDBXJdDNNC+JxmO7j4d+r2tpTXzF1iNCoUSAq8ZZT1emOYbIhMJdiV
-8UA9ANL7Qyj6AvssgLPhM+eMzoqgGz0ETbyhtqJCi47zW0pyNH2NuthGIjXaXPjd
-/G2eWSK3a+d4VlSfTNHiSiOjvATqRmtwivv+inPKNtXz6RfjItWzcAXn9ze3IbWQ
-Uycn6jabAP81sGY93KkvldIhGJhPKAcJcCCosYKqpd+uD+M2vmiMnoDTM9D1hBfZ
-D+udrwsCAwEAAaOCASYwggEiMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9w
-ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRxq7uRtwTeQzU2
-B4o1yr5cPuuxCTCBxwYDVR0jBIG/MIG8gBR+UOaH4e8nrEuMcEXJl7UN5r/wDaGB
-mKSBlTCBkjELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxETAP
-BgNVBAcTCFdlc3Rmb3JkMRYwFAYDVQQKEw1SZWQgSGF0LCBJbmMuMRQwEgYDVQQL
-EwtFbmdpbmVlcmluZzEQMA4GA1UEAxMHZWFwdGVzdDEYMBYGCSqGSIb3DQEJARYJ
-aXRAaXQuY29tggkA0OdWGLEA7UYwDQYJKoZIhvcNAQEEBQADggEBAM5Dbff4Smb9
-iixBpuADDmAw1EEBuka6gZdkaIMlnOEsA4styoXPvPrKIsRZKCOP/1CUYByQ3XX0
-1OqM+mFhCDVKj6qn6T126QgoVQHEA0LHrVi77pT3CbOam4vQJZUYpiLVLPy3u5EM
-fAN/m4XesOSVqHOUJwoRTuNnrivM51EpECNXXD7n6kfg8I9bop8mz3+1fESxe4Nn
-PEGuxmZk4NLvV6RcG5QRzijlkVHv4Zi3O5rM97mFduuoKxVKzBqjQvq+HM646+4S
-1y/kqM/rKo946JGI+sKYdWpMkj8uDeEgOTbGLL5nMMPzw2WBrOM8GWoh7ur1ImZ0
-sgdTfJoMJKY=
------END CERTIFICATE-----
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-24 09:17:48 +0000