From bugbee at SEANET.COM Sat Mar 18 07:48:36 2006 From: bugbee at SEANET.COM (Larry Bugbee) Date: Fri, 17 Mar 2006 22:48:36 -0800 Subject: [PYTHON-CRYPTO] ECDSA example? References: <378F7EA8-3F20-47AE-B43C-7ADC0A73623D@mac.com> Message-ID: Has anyone seen a short ECDSA/SHA-1 signing and verification example using M2Crypto/OpenSSL? A link or a few tips would be most helpful. Thanks, Larry From heikki at OSAFOUNDATION.ORG Sat Mar 18 21:33:38 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Sat, 18 Mar 2006 12:33:38 -0800 Subject: [PYTHON-CRYPTO] ECDSA example? In-Reply-To: References: <378F7EA8-3F20-47AE-B43C-7ADC0A73623D@mac.com> Message-ID: <441C6EA2.4090708@osafoundation.org> Larry Bugbee wrote: > Has anyone seen a short ECDSA/SHA-1 signing and verification example > using M2Crypto/OpenSSL? A link or a few tips would be most helpful. Did you look at the ECDSA signatures and ECDH key agreement unit tests and demos from Arno Bakker, checked in to current M2Crypto trunk (will be included in M2Crypto 0.16)? http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From heikki at OSAFOUNDATION.ORG Sat Mar 18 21:41:21 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Sat, 18 Mar 2006 12:41:21 -0800 Subject: [PYTHON-CRYPTO] Need certificates with non-ASCII data for testing Message-ID: <441C7071.3000608@osafoundation.org> I am working on verifying support (and implementing/fixing what's broken) for non-ASCII certificates etc. in M2Crypto, and I would need sample certificates that include non-ASCII characters in various encodings. If you have something like that available, or know where to get something like this, please add information to https://bugzilla.osafoundation.org/show_bug.cgi?id=3689 Also, I would be interested in certificates for internationalized domain names. Same bug. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From heikki at OSAFOUNDATION.ORG Sat Mar 18 21:44:00 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Sat, 18 Mar 2006 12:44:00 -0800 Subject: [PYTHON-CRYPTO] Need server certificates that include multiple commonName/subjectAltName fields for testing Message-ID: <441C7110.6070503@osafoundation.org> Need server certificates that include multiple commonName/subjectAltName fields for testing. If you have those, or know where to get these, or know sites that use them, please add information to https://bugzilla.osafoundation.org/show_bug.cgi?id=5277 -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From bugbee at SEANET.COM Sun Mar 19 05:24:13 2006 From: bugbee at SEANET.COM (Larry Bugbee) Date: Sat, 18 Mar 2006 20:24:13 -0800 Subject: [PYTHON-CRYPTO] ECDSA example? In-Reply-To: References: Message-ID: On Mar 18, 2006, at 3:00 PM, PYTHON-CRYPTO automatic digest system wrote: > Larry Bugbee wrote: >> Has anyone seen a short ECDSA/SHA-1 signing and verification example >> using M2Crypto/OpenSSL? A link or a few tips would be most helpful. > > Did you look at the ECDSA signatures and ECDH key agreement unit tests > and demos from Arno Bakker, checked in to current M2Crypto trunk (will > be included in M2Crypto 0.16)? > > http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto > > --=20 > Heikki Toivonen Thanks. I did. No go. As per your suggestion I got a fresh copy from svn, installed it, and tried both ./tests/test_ecdsa.py and ./demo/ec/ecdsatest.py Both still failed. Figuring you wouldn't steer me wrong, I went over to my Linux box and did the same thing. Both programs worked flawlessly. :-/ Soooooo.... I need to go figure out OSX. ...again. (OSX 10.4.5, python 2.4.1, gcc 3.3, openssl 0.9.8, swig 1.3.25) I'll let you know. Tx, Larry From bugbee at SEANET.COM Sun Mar 19 06:24:51 2006 From: bugbee at SEANET.COM (Larry Bugbee) Date: Sat, 18 Mar 2006 21:24:51 -0800 Subject: [PYTHON-CRYPTO] ECDSA example? In-Reply-To: <365C66E6-5C5A-431D-BE3F-39272238B18C@mac.com> References: <365C66E6-5C5A-431D-BE3F-39272238B18C@mac.com> Message-ID: On Mar 18, 2006, at 8:24 PM, Larry Bugbee wrote: > I need to go figure out OSX. ...again. (OSX 10.4.5, python 2.4.1, > gcc 3.3, openssl 0.9.8, swig 1.3.25) I'll let you know. After a careful download, recompile and install of openssl 0.9.8a and m2crypto (current svn trunk)... ...all is well. Now, back to my project. :-) Thanks. From bugbee at SEANET.COM Sun Mar 19 20:57:09 2006 From: bugbee at SEANET.COM (Larry Bugbee) Date: Sun, 19 Mar 2006 11:57:09 -0800 Subject: [PYTHON-CRYPTO] sha224, sha256, sha384, sha512 Message-ID: <70A7C264-87B3-4B50-B1C1-88D0B3FF70F8@seanet.com> In the FWIW category.... I wasn't able to get EVP.MessageDigest to accept sha224, sha256, sha384, or sha512 until I added the following lines to SWIG/_evp.i %rename(sha224) EVP_sha224; extern const EVP_MD *EVP_sha224(void); %rename(sha256) EVP_sha256; extern const EVP_MD *EVP_sha256(void); %rename(sha384) EVP_sha384; extern const EVP_MD *EVP_sha384(void); %rename(sha512) EVP_sha512; extern const EVP_MD *EVP_sha512(void); I'm now able to do long-lived signatures with M2Crypto. :-) Again my thanks, Larry From bugbee at SEANET.COM Mon Mar 20 00:40:04 2006 From: bugbee at SEANET.COM (Larry Bugbee) Date: Sun, 19 Mar 2006 15:40:04 -0800 Subject: [PYTHON-CRYPTO] DSA.py tidbit Message-ID: May I suggest the following changes to save_key() and save_params() in DSA.py until implemented? def save_key(self, file, callback=util.passphrase_callback): print 'DSA.save_key() not yet implemented' pass def save_params(self, file): print 'DSA.save_params() not yet implemented' pass Tx, Larry From heikki at OSAFOUNDATION.ORG Mon Mar 20 05:02:27 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Sun, 19 Mar 2006 20:02:27 -0800 Subject: [PYTHON-CRYPTO] sha224, sha256, sha384, sha512 In-Reply-To: <70A7C264-87B3-4B50-B1C1-88D0B3FF70F8@seanet.com> References: <70A7C264-87B3-4B50-B1C1-88D0B3FF70F8@seanet.com> Message-ID: <441E2953.3000203@osafoundation.org> Larry Bugbee wrote: > In the FWIW category.... > > I wasn't able to get EVP.MessageDigest to accept sha224, sha256, sha384, > or sha512 until I added the following lines to SWIG/_evp.i Yup, slated for 0.16, just hadn't gotten there yet. Thanks for finding the functions I needed :) https://bugzilla.osafoundation.org/show_bug.cgi?id=3690 -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From heikki at OSAFOUNDATION.ORG Mon Mar 20 05:05:39 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Sun, 19 Mar 2006 20:05:39 -0800 Subject: [PYTHON-CRYPTO] DSA.py tidbit In-Reply-To: References: Message-ID: <441E2A13.4060602@osafoundation.org> Larry Bugbee wrote: > May I suggest the following changes to save_key() and save_params() in > DSA.py until implemented? > > def save_key(self, file, callback=util.passphrase_callback): > print 'DSA.save_key() not yet implemented' > pass > > def save_params(self, file): > print 'DSA.save_params() not yet implemented' > pass Doh, didn't even know those were unimplemented. Filed a bug for those: https://bugzilla.osafoundation.org/show_bug.cgi?id=5456 -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From patrick.hagelkruys at A-TRUST.AT Tue Mar 21 10:39:31 2006 From: patrick.hagelkruys at A-TRUST.AT (Patrick Hagelkruys) Date: Tue, 21 Mar 2006 10:39:31 +0100 Subject: [PYTHON-CRYPTO] M2Crypto SMIME Mail verification error in Outlook and Thunderbird Message-ID: I tried to digital sign a message with m2crypto and verify it with Outlook. But Outlook (also Thunderbird) failed to verify the signature, because the digital signature of the message is invalid. my code: buf = BIO.MemoryBuffer (msg) s = SMIME.SMIME() s.load_key(from_key, from_cert) p7 = s.sign(buf,SMIME.PKCS7_TEXT) buf = BIO.MemoryBuffer (msg) out = BIO.MemoryBuffer() out.write('From: %s\r\n' % from_addr) out.write('To: %s\r\n' % to_addr) out.write('Subject: %s\r\n' % subject) s.write(out, p7, buf, SMIME.PKCS7_TEXT) smtp = smtplib.SMTP() smtp.connect(smtpd) smtp.login("account","password") smtp.sendmail(from_addr, to_addr, out.read()) smtp.quit() I also tried to modify the above code, but all I get was the following error message from Outlook ?Can?t open this item. An error occurred in the underlying security system.? Does anybody experience the same problem? Anybody tried to verify smime signed messages with outlook or thunderbird? Anybody know how to modify the code to work with Outlook and Thunderbird? From heikki at OSAFOUNDATION.ORG Wed Mar 22 00:16:36 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Tue, 21 Mar 2006 15:16:36 -0800 Subject: [PYTHON-CRYPTO] M2Crypto SMIME Mail verification error in Outlook and Thunderbird In-Reply-To: References: Message-ID: <44208954.5000908@osafoundation.org> Patrick Hagelkruys wrote: > I tried to digital sign a message with m2crypto and verify it with Outlook. > But Outlook (also Thunderbird) failed to verify the signature, because the > digital signature of the message is invalid. I tried the demo/smime.howto/sign.py file, and modified as follows: Index: sign.py =================================================================== --- sign.py (revision 383) +++ sign.py (working copy) @@ -30,8 +30,13 @@ out.write('Subject: M2Crypto S/MIME testing\n') s.write(out, p7, buf) -print out.read() +msg = out.read() +import smtplib +server = smtplib.SMTP('my mail server here') +server.sendmail('my email here', 'my email here', msg) +server.quit() + # Save the PRNG's state. Rand.save_file('randpool.dat') I received that email in Thunderbird and it said the signature is not valid because the cert used to sign the message was issued by an untrusted CA. This was expected, since these are test certificates. If you get this far, next step would be for you to test by creating a CA and singer cert for the test email, and then import the test CA into the trusted authorities in Thunderbird and Outlook. After that step they should recognize it as valid signature. Does it work for you? Please note that interoperability can be tricky; all these programs have specific requirements for certificates for things to work. Google around and/or read the OpenSSL mailinglists to find out if/how other people have solved the interoperability issues. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From cyberhigh at GURUSNETWORK.ORG Wed Mar 22 18:43:52 2006 From: cyberhigh at GURUSNETWORK.ORG (CyBerHigh) Date: Wed, 22 Mar 2006 09:43:52 -0800 Subject: [PYTHON-CRYPTO] PersistentRandomPool save problems Message-ID: <44218CD8.2050508@gurusnetwork.org> I am attempting to use a Persistent random pool with this application of mine. It creates the file but when it is suppose to load from the file again it doesn't. It just creates a knew running of randpool here is an example: >>> import Crypto.Util.randpool >>> ran = Crypto.Util.randpool.PersistentRandomPool('C:\\rand_pool') >>>ran.add_event("403249rq09fja0wefj92Q04FNWafndSLFJLSdfjweIF0924W90JVALNVOIwf029wafewapoifmewapgfnawgrnirwfipwaenkgj;argt;afgnaofvnoatiopw4oiadsfnao") 7 >>>ran.entropy 7 >>> ran.save() >>> b = Crypto.Util.randpool.PersistentRandomPool('C:\\rand_pool') >>> b.entropy 0 >From what I have read b.entropy should be 7 just like ran.entropy is. I am doing something wrong or missing something? From patrick.hagelkruys at A-TRUST.AT Thu Mar 23 14:16:36 2006 From: patrick.hagelkruys at A-TRUST.AT (Patrick Hagelkruys) Date: Thu, 23 Mar 2006 14:16:36 +0100 Subject: [PYTHON-CRYPTO] M2Crypto SMIME Mail verification error in Outlook and Thunderbird Message-ID: I tried the following python code (only openssl no m2crypto) and it works well for me. Outlook and Thunderbird can now verify the signature f=open("message.txt","wt") f.write("zu signierende Nachricht") f.flush() f.close() import os ret = os.spawnl(os.P_WAIT,"C:\\OpenSSL\\bin\\Openssl.exe","C:\\OpenSSL\\bin\\Openssl.exe","smime","-sign","-in","message.txt","-text","-out","signed.txt","-signer","9938094643870006.pem","-passin","password") f=open("signed.txt","rt") msg = "From: hagelkruys at a-trust.at\nTo: hagelkruys at a-trust.at\nSubject: M2Crypto S/MIME testing\n" + f.read() f.close() import smtplib server = smtplib.SMTP('smtp.a-trust.at') server.login("hagelkruys","pato14021984") server.sendmail('hagelkruys at a-trust.at','hagelkruys at a-trust.at',msg) server.quit() From michael at STROEDER.COM Thu Mar 23 09:38:18 2006 From: michael at STROEDER.COM (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 23 Mar 2006 09:38:18 +0100 Subject: [PYTHON-CRYPTO] Need server certificates that include multiple commonName/subjectAltName fields for testing In-Reply-To: <441C7110.6070503@osafoundation.org> References: <441C7110.6070503@osafoundation.org> Message-ID: <44225E7A.3000403@stroeder.com> Heikki Toivonen wrote: > Need server certificates that include multiple commonName/subjectAltName > fields for testing. Do you really need multiple CN attrs in the subject DN of a server cert? Never saw this out in the wild. Which does not mean that it's impossible... ;-) > If you have those, or know where to get these, or > know sites that use them, please add information to > https://bugzilla.osafoundation.org/show_bug.cgi?id=5277 Why don't you create some yourself with OpenSSL? I vaguely remember that someone (Peter Gutmann?) provided a collection of really weird certs which I used when implementing mspki (certificate parsing in web2ldap). Ciao, Michael. From heikki at OSAFOUNDATION.ORG Thu Mar 23 20:35:20 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Thu, 23 Mar 2006 11:35:20 -0800 Subject: [PYTHON-CRYPTO] Need server certificates that include multiple commonName/subjectAltName fields for testing In-Reply-To: <44225E7A.3000403@stroeder.com> References: <441C7110.6070503@osafoundation.org> <44225E7A.3000403@stroeder.com> Message-ID: <4422F878.3010505@osafoundation.org> Michael Str?der wrote: > Heikki Toivonen wrote: >> Need server certificates that include multiple commonName/subjectAltName >> fields for testing. > > Do you really need multiple CN attrs in the subject DN of a server cert? > Never saw this out in the wild. Which does not mean that it's > impossible... ;-) Exactly. If someone knows of such real world usage I want to see it and test against it. > Why don't you create some yourself with OpenSSL? I could, but there are no guarantees they would be exactly like real certs in the wild. I'd rather confirm with real certs that are in use, or part of known-to-be-good test certificates. > I vaguely remember that someone (Peter Gutmann?) provided a collection > of really weird certs which I used when implementing mspki (certificate > parsing in web2ldap). Thanks for the tip, I'll try searching for those. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From heikki at OSAFOUNDATION.ORG Thu Mar 23 20:39:47 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Thu, 23 Mar 2006 11:39:47 -0800 Subject: [PYTHON-CRYPTO] M2Crypto SMIME Mail verification error in Outlook and Thunderbird In-Reply-To: References: Message-ID: <4422F983.9070104@osafoundation.org> Patrick Hagelkruys wrote: > I tried the following python code (only openssl no m2crypto) and it works > well for me. Outlook and Thunderbird can now verify the signature Ok, I filed bug https://bugzilla.osafoundation.org/show_bug.cgi?id=5484 to track down and fix why it doesn't work with M2Crypto. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From michael at STROEDER.COM Thu Mar 23 22:53:06 2006 From: michael at STROEDER.COM (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 23 Mar 2006 22:53:06 +0100 Subject: [PYTHON-CRYPTO] Need server certificates that include multiple commonName/subjectAltName fields for testing In-Reply-To: <4422F878.3010505@osafoundation.org> References: <441C7110.6070503@osafoundation.org> <44225E7A.3000403@stroeder.com> <4422F878.3010505@osafoundation.org> Message-ID: <442318C2.3050601@stroeder.com> Heikki Toivonen wrote: > Michael Str?der wrote: > >>Heikki Toivonen wrote: >> >>>Need server certificates that include multiple commonName/subjectAltName >>>fields for testing. >> >>Do you really need multiple CN attrs in the subject DN of a server cert? >>Never saw this out in the wild. Which does not mean that it's >>impossible... ;-) > > Exactly. If someone knows of such real world usage I want to see it and > test against it. I can't imagine a use-case for it. >>I vaguely remember that someone (Peter Gutmann?) provided a collection >>of really weird certs which I used when implementing mspki (certificate >>parsing in web2ldap). > > Thanks for the tip, I'll try searching for those. Maybe this is of some interest too: http://csrc.nist.gov/pki/testing/ Ciao, Michael. From heikki at OSAFOUNDATION.ORG Thu Mar 23 23:26:09 2006 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Thu, 23 Mar 2006 14:26:09 -0800 Subject: [PYTHON-CRYPTO] Need server certificates that include multiple commonName/subjectAltName fields for testing In-Reply-To: <442318C2.3050601@stroeder.com> References: <441C7110.6070503@osafoundation.org> <44225E7A.3000403@stroeder.com> <4422F878.3010505@osafoundation.org> <442318C2.3050601@stroeder.com> Message-ID: <44232081.1070808@osafoundation.org> Michael Str?der wrote: > Heikki Toivonen wrote: >> Exactly. If someone knows of such real world usage I want to see it and >> test against it. > > I can't imagine a use-case for it. Well, there are cases where additional CN fields should be specified for proxy certs for example (but it probably wouldn't be a hostname). Perhaps more common case is that instead of a wildcard cert you would specify a limited number of hosts an SSL server cert could be deployed at. > http://csrc.nist.gov/pki/testing/ Cool, thanks! -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: From conrad at HEP.CALTECH.EDU Tue Mar 28 22:32:10 2006 From: conrad at HEP.CALTECH.EDU (Conrad Steenberg) Date: Tue, 28 Mar 2006 12:32:10 -0800 Subject: [PYTHON-CRYPTO] Need server certificates that include multiple commonName/subjectAltName fields for testing In-Reply-To: <44232081.1070808@osafoundation.org> References: <441C7110.6070503@osafoundation.org> <44225E7A.3000403@stroeder.com> <4422F878.3010505@osafoundation.org> <442318C2.3050601@stroeder.com> <44232081.1070808@osafoundation.org> Message-ID: <1143577931.4026.1.camel@clarens.caltech.edu> Hi Coming in a little late on the conversation, but Heikki is right, DNs with multiple CN fields are commonly used for proxy (usually short-lived) certificates. See e.g. the attached partial certificate chain. Cheers Conrad On Thu, 2006-03-23 at 14:26 -0800, Heikki Toivonen wrote: > Michael Str?der wrote: > > Heikki Toivonen wrote: > >> Exactly. If someone knows of such real world usage I want to see it and > >> test against it. > > > > I can't imagine a use-case for it. > > Well, there are cases where additional CN fields should be specified for > proxy certs for example (but it probably wouldn't be a hostname). > > Perhaps more common case is that instead of a wildcard cert you would > specify a limited number of hosts an SSL server cert could be deployed at. > > > http://csrc.nist.gov/pki/testing/ > > Cool, thanks! > -- Conrad Steenberg California Institute of Technology | http://conradsteenberg.info -------------- next part -------------- -----BEGIN CERTIFICATE----- MIIDnjCCAoagAwIBAgIJAOSUUJ8BYq0fMA0GCSqGSIb3DQEBBAUAMGIxEzARBgoJ kiaJk/IsZAEZFgNvcmcxGDAWBgoJkiaJk/IsZAEZFghkb2VncmlkczEPMA0GA1UE CxMGUGVvcGxlMSAwHgYDVQQDExdDb25yYWQgU3RlZW5iZXJnIDE3ODk0NzAeFw0w NjAzMjgyMDMwNDZaFw0wNjAzMzAyMDMwNDZaMF0xHzAdBgoJkiaJk/IsZAEZFg9v cmcvREM9ZG9lZ3JpZHMxDzANBgNVBAsTBlBlb3BsZTEpMCcGA1UEAxMgQ29ucmFk IFN0ZWVuYmVyZyAxNzg5NDcvQ049cHJveHkwXDANBgkqhkiG9w0BAQEFAANLADBI AkEAn2aBNvdZecqmZMhmtTFOPN5Ri509WkQbLmX4QfaI/kR0aoOVcvFv05gFJVY3 iZv7bs+JXovx5oyUrAbSMf2MLwIDAQABo4IBIjCCAR4wCQYDVR0TBAIwADAOBgNV HQ8BAf8EBAMCBPAwEQYJYIZIAYb4QgEBBAQDAgXgME0GCWCGSAGG+EIBDQRAFj5D bGFyZW5zLWdlbmVyYXRlZCBjbGllbnQgYW5kIHNlcnZlciBhdXRoZW50aWNhdGlv biBjZXJ0aWZpY2F0ZTB8BgNVHSMEdTBzoW2kazBpMRMwEQYKCZImiZPyLGQBGRYD b3JnMRgwFgYKCZImiZPyLGQBGRYIRE9FR3JpZHMxIDAeBgNVBAsTF0NlcnRpZmlj YXRlIEF1dGhvcml0aWVzMRYwFAYDVQQDEw1ET0VHcmlkcyBDQSAxggIS3jAhBgNV HREEGjAYgRZjb25yYWRAaGVwLmNhbHRlY2guZWR1MA0GCSqGSIb3DQEBBAUAA4IB AQAZXADRvxFNQIF5UVcm6z65klnmi0TJNcJSd2Zp2fZUQCsrqumosy6HzUms5rEK jue/CQJDRTnKj6ff0ArktlJSaPQ5xePhKp4nKuH3i6enJpms0W2TvkS4N6aOXA1e 6KyIAfYG6Ax+jR0vtHjKZz5Lc42VrOdtRtKQWGq8g93pie9SUC5PBAF9JDCfs5Vu E+MgHd14btfKDEtZDAuIRw3bKuKRyNgUBmN4g2XJ2v6ry8sYQiDu04sC3cnIqDno 8faxq0IEtOnoNVjL+gpU7xpeED87+gNZPmcSluaMIroO0PaH1qW7njkAN+kEiFO5 FEpPRoUVfiYDiaHJkra9gMHd -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIDsDCCApigAwIBAgICEt4wDQYJKoZIhvcNAQEFBQAwaTETMBEGCgmSJomT8ixk ARkWA29yZzEYMBYGCgmSJomT8ixkARkWCERPRUdyaWRzMSAwHgYDVQQLExdDZXJ0 aWZpY2F0ZSBBdXRob3JpdGllczEWMBQGA1UEAxMNRE9FR3JpZHMgQ0EgMTAeFw0w NTA2MTMxNDQ1NTZaFw0wNjA2MTMxNDQ1NTZaMGIxEzARBgoJkiaJk/IsZAEZFgNv cmcxGDAWBgoJkiaJk/IsZAEZFghkb2VncmlkczEPMA0GA1UECxMGUGVvcGxlMSAw HgYDVQQDExdDb25yYWQgU3RlZW5iZXJnIDE3ODk0NzCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAJrcrjSsYrPTTYOyC7HsXpfkGt5z2T5AMDbnz54Pf18D VyHxVvVa7AjQF1rAF9mTrn11MBBMkmO5XU5+nHIzscF/51gaTJo8vd32MFPBAovz tqtstCX/OKtySHut8jwDJXX1NI1K35bUjcEjKupL+p/firCRaaMIIRNPBUShG56Q f/BIGZkQjFedMqZ4UuxvEIMzO6G5rLGGjzMJ8TuDzf3Unh8Mzq7d2xb2bi3febqy 38OHOkhf0hOvIgbKiAVRe6phCUyL4dfeJ0pZ4apn5xeut0CIon0LX/Pf+xSJg/tp zD+KzuvR1yPmoSQMnnKj2VDm5jwguWiwbXyff4XsRDsCAwEAAaNpMGcwEQYJYIZI AYb4QgEBBAQDAgXgMA4GA1UdDwEB/wQEAwIE8DAhBgNVHREEGjAYgRZjb25yYWRA aGVwLmNhbHRlY2guZWR1MB8GA1UdIwQYMBaAFMoZHRKObqQ4XULUMQ4I29mNFw1d MA0GCSqGSIb3DQEBBQUAA4IBAQALezjvYPzIysegpwTTj9Aez4K1pooUXqOG4eTL RuoWBigyduiTYYTyBIRZiQd7vip7q+EyeZcS/pt2IOAq0HfLapHleBgKORCwPSB/ hK1VNsxgeLPIM50zDWa9ttkO6GqWk5pkx5NMOm9z9EUkkU0zlpC/jXjUwIXTipWp h9gIUDyj8SE8wuAwXh/FdiYuIT7mlcB74A2g4X1gWHbjMlSr0BsrzQL/v2+HICLE P2II312kCsRzNoc8TQYbw7CtZW0g5siumdye7dSwlyA/oK9R3USP6A6S4L1y8JWW m1TvlmVaAdR6bZwdur63kRiLSF1ZIss8PfZImBtVj7pOSlqH -----END CERTIFICATE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2531 bytes Desc: not available URL: