jcs.org
mutt stable branch with some hacks
S/MIME support. From Oliver Ehli <elmy@acm.org> and Mike Schiraldi <raldi@research.netsol.com>.
+9662
-797
+10
-33
Makefile.am
+10
-33
Makefile.am
···
15
15
16
16
BUILT_SOURCES = keymap_defs.h patchlist.c
17
17
18
-
bin_PROGRAMS = mutt @DOTLOCK_TARGET@ @PGPAUX_TARGET@
18
+
bin_PROGRAMS = mutt @DOTLOCK_TARGET@ @PGPAUX_TARGET@ @SMIMEAUX_TARGET@
19
19
mutt_SOURCES = $(BUILT_SOURCES) \
20
20
addrbook.c alias.c attach.c base64.c browser.c buffy.c color.c \
21
21
commands.c complete.c compose.c copy.c curs_lib.c curs_main.c date.c \
···
56
56
57
57
CPPFLAGS=@CPPFLAGS@ -I$(includedir)
58
58
59
-
non_us_sources = pgp.c pgpinvoke.c pgpkey.c pgplib.c sha1.c \
60
-
pgpmicalg.c gnupgparse.c sha1.h \
61
-
doc/language.txt doc/language50.txt OPS.PGP doc/PGP-Notes.txt \
62
-
OPS.MIX remailer.c remailer.h pgpewrap.c \
63
-
contrib/pgp2.rc contrib/pgp5.rc contrib/gpg.rc \
64
-
mutt_ssl.c mutt_ssl.h README.SSL mutt_ssl_nss.c \
65
-
pgppacket.c pgppacket.h
66
59
67
60
EXTRA_mutt_SOURCES = account.c md5c.c mutt_sasl.c mutt_socket.c mutt_ssl.c \
68
-
mutt_tunnel.c pop.c pop_auth.c pop_lib.c pgp.c pgpinvoke.c pgpkey.c \
61
+
mutt_tunnel.c pop.c pop_auth.c pop_lib.c crypt.c smime.c pgp.c pgpinvoke.c pgpkey.c \
69
62
pgplib.c sha1.c pgpmicalg.c gnupgparse.c resize.c dotlock.c remailer.c \
70
63
browser.h mbyte.h remailer.h url.h mutt_ssl_nss.c pgppacket.c
71
64
72
-
EXTRA_DIST = COPYRIGHT GPL OPS OPS.PGP TODO configure acconfig.h account.h \
65
+
EXTRA_DIST = COPYRIGHT GPL OPS OPS.PGP OPS.CRYPT OPS.SMIME TODO \
66
+
configure acconfig.h account.h \
73
67
attach.h buffy.h charset.h copy.h dotlock.h functions.h gen_defs \
74
68
globals.h hash.h history.h init.h keymap.h \
75
69
mailbox.h mapping.h md5.h mime.h mutt.h mutt_curses.h mutt_menu.h \
···
77
71
mx.h pager.h pgp.h pop.h protos.h reldate.h rfc1524.h rfc2047.h \
78
72
rfc2231.h rfc822.h sha1.h sort.h mime.types VERSION prepare \
79
73
_regex.h OPS.MIX README.SECURITY remailer.c remailer.h browser.h \
80
-
mbyte.h lib.h extlib.c pgpewrap.c pgplib.h Muttrc.head Muttrc \
81
-
makedoc.c stamp-doc-rc README.SSL \
74
+
mbyte.h lib.h extlib.c pgpewrap.c smime_keys.pl pgplib.h Muttrc.head Muttrc \
75
+
makedoc.c stamp-doc-rc README.SSL crypt.h \
82
76
muttbug pgppacket.h depcomp ascii.h BEWARE PATCHES patchlist.sh
83
77
84
78
mutt_dotlock_SOURCES = mutt_dotlock.c
···
104
98
flea: muttbug.sh
105
99
cp muttbug.sh flea
106
100
chmod +x flea
101
+
102
+
smime_keys: smime_keys.pl
103
+
cp smime_keys.pl smime_keys
104
+
chmod +x smime_keys
107
105
108
106
Makefile: $(BUILT_SOURCES)
109
107
···
155
153
156
154
dist-hook:
157
155
-for file in $(BUILT_SOURCES) ; do rm -f $(distdir)/$$file ; done
158
-
159
-
us-distdir: distdir dist-hook
160
-
mv $(distdir) $(distdir)-us
161
-
find $(distdir)-us -type f -print | while read f ; do \
162
-
cp $$f `dirname $$f`/_`basename $$f`.$$$$ && \
163
-
rm $$f && mv `dirname $$f`/_`basename $$f`.$$$$ $$f ; \
164
-
done
165
-
166
-
167
-
us-dist: us-distdir
168
-
for file in $(distdir)-us/*.c $(distdir)-us/*.h ; do \
169
-
$(srcdir)/reap.pl HAVE_PGP < $$file | $(srcdir)/reap.pl MIXMASTER | $(srcdir)/reap.pl USE_SSL > $$file.n && rm $$file && mv $$file.n $$file ; \
170
-
done
171
-
for file in $(non_us_sources) ; do \
172
-
echo "/* This file is only available in the international mutt version */" \
173
-
> $(distdir)-us/$$file ; \
174
-
done
175
-
echo "This version of mutt may be exported from the US."> $(distdir)-us/EXPORTABLE
176
-
-chmod -R a+r $(distdir)-us
177
-
GZIP=$(GZIP) $(TAR) chozf $(distdir)-us.tar.gz $(distdir)-us
178
-
-rm -rf $(distdir)-us
179
156
180
157
mutt-dist:
181
158
(cd $(srcdir) && ./build-release )
+4
OPS.CRYPT
+4
OPS.CRYPT
-4
OPS.PGP
-4
OPS.PGP
···
1
1
OP_COMPOSE_ATTACH_KEY "attach a PGP public key"
2
2
OP_COMPOSE_PGP_MENU "show PGP options"
3
-
OP_EXTRACT_KEYS "extract PGP public keys"
4
-
OP_FORGET_PASSPHRASE "wipe PGP passphrase from memory"
5
3
OP_MAIL_KEY "mail a PGP public key"
6
4
OP_VERIFY_KEY "verify a PGP public key"
7
5
OP_VIEW_ID "view the key's user id"
8
-
OP_DECRYPT_SAVE "make decrypted copy and delete"
9
-
OP_DECRYPT_COPY "make decrypted copy"
10
6
OP_CHECK_TRADITIONAL "check for classic pgp"
+1
OPS.SMIME
+1
OPS.SMIME
···
1
+
OP_COMPOSE_SMIME_MENU "show S/MIME options"
+8
-3
attach.c
+8
-3
attach.c
···
32
32
#include "pgp.h"
33
33
#endif
34
34
35
+
#ifdef HAVE_SMIME
36
+
#include "smime.h"
37
+
#endif
38
+
35
39
#include <ctype.h>
36
40
#include <stdlib.h>
37
41
#include <unistd.h>
···
413
417
int unlink_tempfile = 0;
414
418
415
419
is_message = mutt_is_message_type(a->type, a->subtype);
416
-
#ifdef HAVE_PGP
417
-
if (is_message && a->hdr && (a->hdr->pgp & PGPENCRYPT) && !pgp_valid_passphrase())
420
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
421
+
if (is_message && a->hdr && (a->hdr->security & ENCRYPT) &&
422
+
!crypt_valid_passphrase(a->hdr->security))
418
423
return (rc);
419
-
#endif /* HAVE_PGP */
424
+
#endif /* HAVE_PGP || HAVE_SMIME */
420
425
use_mailcap = (flag == M_MAILCAP ||
421
426
(flag == M_REGULAR && mutt_needs_mailcap (a)));
422
427
snprintf (type, sizeof (type), "%s/%s", TYPE (a), a->subtype);
+103
-50
commands.c
+103
-50
commands.c
···
45
45
#endif
46
46
47
47
48
+
#ifdef HAVE_SMIME
49
+
#include "smime.h"
50
+
#endif
51
+
52
+
48
53
49
54
#include <errno.h>
50
55
#include <unistd.h>
···
76
81
mutt_parse_mime_message (Context, cur);
77
82
mutt_message_hook (Context, cur, M_MESSAGEHOOK);
78
83
79
-
#ifdef HAVE_PGP
84
+
#if defined (HAVE_PGP) || defined (HAVE_SMIME)
80
85
/* see if PGP is needed for this message. if so, we should exit curses */
81
-
if (cur->pgp)
86
+
if (cur->security)
82
87
{
83
-
if (cur->pgp & PGPENCRYPT)
88
+
if (cur->security & ENCRYPT)
84
89
{
85
-
if (!pgp_valid_passphrase ())
90
+
#ifdef HAVE_SMIME
91
+
if (cur->env->to && cur->security & APPLICATION_SMIME)
92
+
smime_getkeys (cur->env->to->mailbox);
93
+
#endif
94
+
if(!crypt_valid_passphrase(cur->security))
86
95
return 0;
87
96
88
97
cmflags |= M_CM_VERIFY;
89
98
}
90
-
else if (cur->pgp & PGPSIGN)
99
+
else if (cur->security & SIGN)
91
100
{
92
101
/* find out whether or not the verify signature */
93
102
if (query_quadoption (OPT_VERIFYSIG, _("Verify PGP signature?")) == M_YES)
···
97
106
}
98
107
}
99
108
100
-
if ((cmflags & M_CM_VERIFY) || (cur->pgp & PGPENCRYPT))
109
+
if (cmflags & M_CM_VERIFY || cur->security & ENCRYPT)
101
110
{
102
-
if (cur->env->from)
103
-
pgp_invoke_getkeys (cur->env->from);
111
+
#ifdef HAVE_PGP
112
+
if (cur->security & APPLICATION_PGP)
113
+
{
114
+
if (cur->env->from)
115
+
pgp_invoke_getkeys (cur->env->from);
116
+
117
+
mutt_message _("Invoking PGP...");
118
+
}
119
+
#endif
104
120
105
-
mutt_message _("Invoking PGP...");
121
+
#ifdef HAVE_SMIME
122
+
if (cur->security & APPLICATION_SMIME)
123
+
mutt_message _("Invoking OpenSSL...");
124
+
#endif
106
125
}
126
+
#endif /* defined (HAVE_PGP) || defined (HAVE_SMIME) */
107
127
108
-
#endif
109
128
110
129
mutt_mktemp (tempfile);
111
130
if ((fpout = safe_fopen (tempfile, "w")) == NULL)
···
153
172
if (fpfilterout != NULL && mutt_wait_filter (filterpid) != 0)
154
173
mutt_any_key_to_continue (NULL);
155
174
156
-
#ifdef HAVE_PGP
175
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
157
176
/* update PGP information for this message */
158
-
cur->pgp |= pgp_query (cur->content);
177
+
cur->security |= crypt_query (cur->content);
178
+
159
179
#endif
160
180
161
181
if (builtin)
162
182
{
163
183
pager_t info;
184
+
#ifdef HAVE_SMIME
185
+
char *smime_signer;
186
+
187
+
if (cur->security & APPLICATION_SMIME && (cmflags & M_CM_VERIFY))
188
+
{
189
+
if (cur->security & GOODSIGN)
190
+
{
191
+
if (!(smime_signer = smime_verify_sender(cur)))
192
+
mutt_message ( _("S/MIME signature successfully verified."));
193
+
else
194
+
mutt_error ( _("S/MIME certificate owner does not match sender."));
195
+
}
196
+
else if (cur->security & SIGN || cur->security & BADSIGN)
197
+
mutt_error ( _("S/MIME signature could NOT be verified."));
198
+
}
199
+
#endif
164
200
165
201
#ifdef HAVE_PGP
166
-
if (cmflags & M_CM_VERIFY)
167
-
mutt_message ((cur->pgp & PGPGOODSIGN) ?
202
+
if (cur->security & APPLICATION_PGP && (cmflags & M_CM_VERIFY))
203
+
mutt_message ((cur->security & GOODSIGN) ?
168
204
_("PGP signature successfully verified.") :
169
205
_("PGP signature could NOT be verified."));
170
206
#endif
···
282
318
283
319
pipe_set_flags (decode, print, &cmflags, &chflags);
284
320
285
-
#ifdef HAVE_PGP
286
-
287
-
if (decode && (h->pgp & PGPENCRYPT))
288
-
{
289
-
if (!pgp_valid_passphrase())
290
-
return;
291
-
endwin();
292
-
}
293
-
321
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
322
+
if (decode && h->security & ENCRYPT)
323
+
{
324
+
if(!crypt_valid_passphrase(h->security))
325
+
return;
326
+
endwin ();
327
+
}
294
328
#endif
329
+
295
330
296
331
if (decode)
297
332
mutt_parse_mime_message (Context, h);
···
313
348
pid_t thepid;
314
349
FILE *fpout;
315
350
316
-
mutt_endwin (NULL);
351
+
/* mutt_endwin (NULL);
352
+
353
+
is this really needed here ?
354
+
it makes the screen flicker on pgp and s/mime messages,
355
+
before asking for a passphrase...
356
+
Oliver Ehli */
317
357
if (h)
318
358
{
319
359
320
360
mutt_message_hook (Context, h, M_MESSAGEHOOK);
321
361
322
-
#ifdef HAVE_PGP
362
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
323
363
if (decode)
324
364
{
325
365
mutt_parse_mime_message (Context, h);
326
-
if(h->pgp & PGPENCRYPT && !pgp_valid_passphrase())
366
+
if(h->security & ENCRYPT && !crypt_valid_passphrase(h->security))
327
367
return 1;
328
368
}
329
369
mutt_endwin (NULL);
···
336
376
}
337
377
338
378
pipe_msg (h, fpout, decode, print);
339
-
safe_fclose (&fpout);
379
+
fclose (fpout);
340
380
rc = mutt_wait_filter (thepid);
341
381
}
342
382
else
···
344
384
345
385
346
386
347
-
#ifdef HAVE_PGP
387
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
348
388
349
389
if (decode)
350
390
{
···
353
393
{
354
394
mutt_message_hook (Context, Context->hdrs[Context->v2r[i]], M_MESSAGEHOOK);
355
395
mutt_parse_mime_message(Context, Context->hdrs[Context->v2r[i]]);
356
-
if (Context->hdrs[Context->v2r[i]]->pgp & PGPENCRYPT &&
357
-
!pgp_valid_passphrase())
396
+
if (Context->hdrs[Context->v2r[i]]->security & ENCRYPT &&
397
+
!crypt_valid_passphrase(Context->hdrs[Context->v2r[i]]->security))
358
398
return 1;
359
399
}
360
400
}
···
576
616
*cmflags = 0;
577
617
*chflags = CH_UPDATE_LEN;
578
618
579
-
#ifdef HAVE_PGP
580
-
if (!decode && decrypt && (hdr->pgp & PGPENCRYPT))
619
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
620
+
if (!decode && decrypt && (hdr->security & ENCRYPT))
581
621
{
622
+
#ifdef HAVE_PGP
582
623
if (mutt_is_multipart_encrypted(hdr->content))
583
624
{
584
625
*chflags = CH_NONEWLINE | CH_XMIT | CH_MIME;
585
626
*cmflags = M_CM_DECODE_PGP;
586
627
}
587
-
else if (mutt_is_application_pgp(hdr->content) & PGPENCRYPT)
628
+
else if (mutt_is_application_pgp(hdr->content) & ENCRYPT)
588
629
decode = 1;
589
-
}
630
+
#endif
631
+
#if defined(HAVE_PGP) && defined(HAVE_SMIME)
632
+
else
590
633
#endif
634
+
#ifdef HAVE_SMIME
635
+
if (mutt_is_application_smime(hdr->content) & ENCRYPT)
636
+
{
637
+
*chflags = CH_NONEWLINE | CH_XMIT | CH_MIME;
638
+
*cmflags = M_CM_DECODE_SMIME;
639
+
}
640
+
#endif
641
+
}
642
+
#endif /* defined(HAVE_PGP) || defined(HAVE_SMIME) */
591
643
592
644
if (decode)
593
645
{
···
628
680
int decode, int decrypt, int *redraw)
629
681
{
630
682
int i, need_buffy_cleanup;
631
-
#ifdef HAVE_PGP
632
-
int need_passphrase = 0;
683
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
684
+
int need_passphrase = 0, app=0;
633
685
#endif
634
686
char prompt[SHORT_STRING], buf[_POSIX_PATH_MAX];
635
687
CONTEXT ctx;
···
651
703
(delete ? _("Save%s to mailbox") : _("Copy%s to mailbox"))),
652
704
h ? "" : _(" tagged"));
653
705
706
+
654
707
if (h)
655
708
{
656
-
#ifdef HAVE_PGP
657
-
need_passphrase = h->pgp & PGPENCRYPT;
709
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
710
+
need_passphrase = h->security & ENCRYPT;
711
+
app = h->security;
658
712
#endif
659
713
mutt_message_hook (Context, h, M_MESSAGEHOOK);
660
714
mutt_default_save (buf, sizeof (buf), h);
···
672
726
}
673
727
}
674
728
729
+
675
730
if (h)
676
731
{
677
732
mutt_message_hook (Context, h, M_MESSAGEHOOK);
678
733
mutt_default_save (buf, sizeof (buf), h);
679
-
#ifdef HAVE_PGP
680
-
need_passphrase |= h->pgp & PGPENCRYPT;
734
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
735
+
need_passphrase = h->security & ENCRYPT;
736
+
app = h->security;
681
737
#endif
682
738
h = NULL;
683
739
}
···
712
768
if (!mutt_save_confirm (buf, &st))
713
769
return -1;
714
770
715
-
#ifdef HAVE_PGP
716
-
if(need_passphrase && (decode || decrypt) && !pgp_valid_passphrase())
771
+
if (need_passphrase && (decode || decrypt) && !crypt_valid_passphrase(app))
717
772
return -1;
718
-
#endif
719
773
720
774
mutt_message (_("Copying to %s..."), buf);
721
775
···
865
919
if (fp && (is_multipart (b) || mutt_is_message_type (b->type, b->subtype)))
866
920
mutt_parse_part (fp, b);
867
921
868
-
#ifdef HAVE_PGP
922
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
869
923
if (h)
870
924
{
871
925
if (h->content == b)
872
-
h->pgp = 0;
873
-
h->pgp |= pgp_query (b);
926
+
h->security = 0;
927
+
928
+
h->security |= crypt_query (b);
929
+
#endif
874
930
}
875
-
#endif /* HAVE_PGP */
876
-
877
931
}
878
932
879
933
880
934
#ifdef HAVE_PGP
881
-
882
935
static int _mutt_check_traditional_pgp (HEADER *h, int *redraw)
883
936
{
884
937
MESSAGE *msg;
···
889
942
return 0;
890
943
if (pgp_check_traditional (msg->fp, h->content, 0))
891
944
{
892
-
h->pgp = pgp_query (h->content);
945
+
h->security = crypt_query (h->content);
893
946
*redraw |= REDRAW_FULL;
894
947
rv = 1;
895
948
}
+191
-29
compose.c
+191
-29
compose.c
···
58
58
HDR_MIX,
59
59
#endif
60
60
61
-
#ifdef HAVE_PGP
62
-
HDR_PGP,
63
-
HDR_PGPSIGINFO,
61
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
62
+
HDR_CRYPT,
63
+
HDR_CRYPTINFO,
64
64
#endif
65
-
66
65
67
66
HDR_ATTACH = (HDR_FCC + 5) /* where to start printing the attachments */
68
67
};
···
103
102
104
103
105
104
105
+
#ifdef HAVE_SMIME
106
+
#include "smime.h"
107
+
#endif
108
+
106
109
#ifdef HAVE_PGP
107
110
#include "pgp.h"
111
+
#endif
108
112
109
-
static void redraw_pgp_lines (int pgp)
113
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
114
+
115
+
static void redraw_crypt_lines (HEADER *msg)
110
116
{
111
-
mvaddstr (HDR_PGP, 0, " PGP: ");
112
-
if ((pgp & (PGPENCRYPT | PGPSIGN)) == (PGPENCRYPT | PGPSIGN))
117
+
#ifdef HAVE_SMIME
118
+
int off = 0;
119
+
#endif
120
+
121
+
#if defined(HAVE_PGP) && defined(HAVE_SMIME)
122
+
if (!msg->security)
123
+
mvaddstr (HDR_CRYPT, 0, "Security: ");
124
+
else if (msg->security & APPLICATION_SMIME)
125
+
mvaddstr (HDR_CRYPT, 0, " S/MIME: ");
126
+
else if (msg->security & APPLICATION_PGP)
127
+
mvaddstr (HDR_CRYPT, 0, " PGP: ");
128
+
#else
129
+
#ifdef HAVE_SMIME
130
+
mvaddstr (HDR_CRYPT, 0, " S/MIME: ");
131
+
#endif
132
+
#ifdef HAVE_PGP
133
+
mvaddstr (HDR_CRYPT, 0, " PGP: ");
134
+
#endif
135
+
#endif
136
+
137
+
138
+
if ((msg->security & (ENCRYPT | SIGN)) == (ENCRYPT | SIGN))
113
139
addstr (_("Sign, Encrypt"));
114
-
else if (pgp & PGPENCRYPT)
140
+
else if (msg->security & ENCRYPT)
115
141
addstr (_("Encrypt"));
116
-
else if (pgp & PGPSIGN)
142
+
else if (msg->security & SIGN)
117
143
addstr (_("Sign"));
118
144
else
119
145
addstr (_("Clear"));
120
146
clrtoeol ();
121
147
122
-
move (HDR_PGPSIGINFO, 0);
148
+
move (HDR_CRYPTINFO, 0);
123
149
clrtoeol ();
124
-
if (pgp & PGPSIGN)
150
+
#ifdef HAVE_PGP
151
+
if (msg->security & APPLICATION_PGP && msg->security & SIGN)
125
152
printw ("%s%s", _(" sign as: "), PgpSignAs ? PgpSignAs : _("<default>"));
153
+
#endif
154
+
#ifdef HAVE_SMIME
155
+
if (msg->security & APPLICATION_SMIME && msg->security & SIGN) {
156
+
printw ("%s%s", _(" sign as: "), SmimeSignAs ? SmimeSignAs : _("<default>"));
157
+
}
158
+
if (msg->security & APPLICATION_SMIME && (msg->security & ENCRYPT)) {
159
+
mvprintw (HDR_CRYPTINFO, 40, "%s%s", _("Encrypt with: "),
160
+
NONULL(SmimeCryptAlg));
161
+
off = 20;
162
+
}
163
+
#endif
126
164
}
165
+
#endif /* defined(HAVE_PGP) || defined(HAVE_SMIME) */
127
166
128
-
static int pgp_send_menu (int bits, int *redraw)
167
+
168
+
169
+
#ifdef HAVE_PGP
170
+
static int pgp_send_menu (HEADER *msg, int *redraw)
129
171
{
130
172
pgp_key_t *p;
131
173
char input_signas[SHORT_STRING];
132
174
133
-
switch (mutt_multi_choice (_("(e)ncrypt, (s)ign, sign (a)s, (b)oth, or (f)orget it? "),
175
+
switch (mutt_multi_choice (_("PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or (f)orget it? "),
134
176
_("esabf")))
135
177
{
136
178
case 1: /* (e)ncrypt */
137
-
bits |= PGPENCRYPT;
179
+
msg->security |= PGPENCRYPT;
138
180
break;
139
181
140
182
case 2: /* (s)ign */
141
-
bits |= PGPSIGN;
183
+
msg->security |= PGPSIGN;
142
184
break;
143
185
144
186
case 3: /* sign (a)s */
145
187
146
188
unset_option(OPTPGPCHECKTRUST);
147
189
148
-
if ((p = pgp_ask_for_key (_("Sign as: "), NULL, KEYFLAG_CANSIGN, PGP_SECRING)))
190
+
if ((p = pgp_ask_for_key (_("Sign as: "), NULL, KEYFLAG_CANSIGN, PGP_PUBRING)))
149
191
{
150
192
snprintf (input_signas, sizeof (input_signas), "0x%s", pgp_keyid (p));
151
193
mutt_str_replace (&PgpSignAs, input_signas);
152
194
pgp_free_key (&p);
153
195
154
-
bits |= PGPSIGN;
196
+
msg->security |= PGPSIGN;
155
197
156
198
pgp_void_passphrase (); /* probably need a different passphrase */
157
199
}
158
200
else
159
201
{
160
-
bits &= ~PGPSIGN;
202
+
msg->security &= ~PGPSIGN;
161
203
}
162
204
163
205
*redraw = REDRAW_FULL;
164
206
break;
165
207
166
208
case 4: /* (b)oth */
167
-
bits = PGPENCRYPT | PGPSIGN;
209
+
msg->security = PGPENCRYPT | PGPSIGN;
168
210
break;
169
211
170
212
case 5: /* (f)orget it */
171
-
bits = 0;
213
+
msg->security = 0;
172
214
break;
173
215
}
174
-
if (!*redraw)
175
-
redraw_pgp_lines (bits);
176
-
return (bits);
216
+
217
+
if(*redraw)
218
+
redraw_crypt_lines (msg);
219
+
return (msg->security);
177
220
}
178
221
#endif /* HAVE_PGP */
222
+
223
+
224
+
225
+
#ifdef HAVE_SMIME
226
+
227
+
static int smime_send_menu (HEADER *msg, int *redraw)
228
+
{
229
+
char *p;
230
+
231
+
switch (mutt_multi_choice (_("S/MIME (e)ncrypt, (s)ign, encrypt (w)ith, sign (a)s, (b)oth, or (f)orget it? "),
232
+
_("ewsabf")))
233
+
{
234
+
case 1: /* (e)ncrypt */
235
+
msg->security |= SMIMEENCRYPT;
236
+
break;
237
+
238
+
case 2: /* encrypt (w)ith */
239
+
msg->security |= SMIMEENCRYPT;
240
+
switch (mutt_multi_choice (_("1: DES, 2: Tripple-DES, 3: RC2-40,"
241
+
" 4: RC2-64, 5: RC2-128, or (f)orget it? "),
242
+
_("12345f"))) {
243
+
case 1:
244
+
mutt_str_replace (&SmimeCryptAlg, "des");
245
+
break;
246
+
case 2:
247
+
mutt_str_replace (&SmimeCryptAlg, "des3");
248
+
break;
249
+
case 3:
250
+
mutt_str_replace (&SmimeCryptAlg, "rc2-40");
251
+
break;
252
+
case 4:
253
+
mutt_str_replace (&SmimeCryptAlg, "rc2-64");
254
+
break;
255
+
case 5:
256
+
mutt_str_replace (&SmimeCryptAlg, "rc2-128");
257
+
break;
258
+
case 6: /* forget it */
259
+
break;
260
+
}
261
+
break;
262
+
263
+
case 3: /* (s)ign */
264
+
265
+
if(!SmimeSignAs)
266
+
mutt_message("Can\'t sign: No key specified. use sign(as).");
267
+
else
268
+
msg->security |= SMIMESIGN;
269
+
break;
270
+
271
+
case 4: /* sign (a)s */
272
+
273
+
if ((p = smime_ask_for_key (_("Sign as: "), NULL, 0))) {
274
+
p[mutt_strlen (p)-1] = '\0';
275
+
mutt_str_replace (&SmimeSignAs, p);
276
+
277
+
msg->security |= SMIMESIGN;
278
+
279
+
/* probably need a different passphrase */
280
+
smime_void_passphrase ();
281
+
}
282
+
else
283
+
msg->security &= ~SMIMESIGN;
284
+
285
+
*redraw = REDRAW_FULL;
286
+
break;
287
+
288
+
case 5: /* (b)oth */
289
+
msg->security = SMIMEENCRYPT | SMIMESIGN;
290
+
break;
291
+
292
+
case 6: /* (f)orget it */
293
+
msg->security = 0;
294
+
break;
295
+
}
296
+
297
+
if(*redraw)
298
+
redraw_crypt_lines (msg);
299
+
return (msg->security);
300
+
}
301
+
#endif /* HAVE_SMIME */
179
302
180
303
#ifdef MIXMASTER
181
304
···
269
392
270
393
271
394
272
-
#ifdef HAVE_PGP
273
-
redraw_pgp_lines (msg->pgp);
274
-
#endif /* HAVE_PGP */
395
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
396
+
redraw_crypt_lines (msg);
397
+
#endif /* HAVE_PGP || HAVE_SMIE */
398
+
275
399
276
400
#ifdef MIXMASTER
277
401
redraw_mix_line (msg->chain);
···
1190
1314
#ifdef HAVE_PGP
1191
1315
case OP_COMPOSE_PGP_MENU:
1192
1316
1193
-
msg->pgp = pgp_send_menu (msg->pgp, &menu->redraw);
1317
+
#ifdef HAVE_SMIME
1318
+
if (msg->security & APPLICATION_SMIME)
1319
+
{
1320
+
if (mutt_yesorno (_("S/MIME already selected. Clear & continue ? "),
1321
+
M_YES) == M_NO)
1322
+
{
1323
+
mutt_clear_error ();
1324
+
break;
1325
+
}
1326
+
msg->security = 0;
1327
+
}
1328
+
#endif /* HAVE_SMIME */
1329
+
msg->security = pgp_send_menu (msg, &menu->redraw);
1330
+
redraw_crypt_lines (msg);
1194
1331
break;
1332
+
#endif /* HAVE_PGP */
1333
+
1195
1334
1335
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1196
1336
case OP_FORGET_PASSPHRASE:
1197
1337
1198
-
mutt_forget_passphrase ();
1338
+
crypt_forget_passphrase ();
1199
1339
break;
1200
1340
1201
-
#endif /* HAVE_PGP */
1341
+
#endif /* HAVE_(PGP||SMIME) */
1342
+
1343
+
1344
+
#ifdef HAVE_SMIME
1345
+
case OP_COMPOSE_SMIME_MENU:
1346
+
1347
+
#ifdef HAVE_PGP
1348
+
if (msg->security & APPLICATION_PGP)
1349
+
{
1350
+
if (mutt_yesorno (_("PGP already selected. Clear & continue ? "),
1351
+
M_YES) == M_NO)
1352
+
{
1353
+
mutt_clear_error ();
1354
+
break;
1355
+
}
1356
+
msg->security = 0;
1357
+
}
1358
+
#endif /* HAVE_pgp */
1359
+
msg->security = smime_send_menu(msg, &menu->redraw);
1360
+
redraw_crypt_lines (msg);
1361
+
break;
1362
+
1363
+
#endif /* HAVE_SMIME */
1202
1364
1203
1365
1204
1366
#ifdef MIXMASTER
+19
configure.in
+19
configure.in
···
79
79
OPS="$OPS \$(srcdir)/OPS.PGP"
80
80
fi
81
81
82
+
AC_ARG_ENABLE(smime, [ --disable-smime Disable SMIME support],
83
+
[ if test x$enableval = xno ; then
84
+
have_smime=no
85
+
fi
86
+
])
87
+
88
+
if test x$have_smime != xno ; then
89
+
AC_DEFINE(HAVE_SMIME,1,[ Define if you want S/MIME support. ])
90
+
MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS smime.o "
91
+
OPS="$OPS \$(srcdir)/OPS.SMIME"
92
+
SMIMEAUX_TARGET="smime_keys"
93
+
fi
94
+
95
+
if test x$HAVE_SMIME != xno -o x$HAVE_PGP != xno ; then
96
+
MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS crypt.o "
97
+
OPS="$OPS \$(srcdir)/OPS.CRYPT"
98
+
fi
99
+
82
100
AC_ARG_WITH(mixmaster, [ --with-mixmaster[=PATH] Include Mixmaster support],
83
101
[if test -x "$withval" ; then
84
102
MIXMASTER="$withval"
···
95
113
AC_SUBST(OPS)
96
114
97
115
AC_SUBST(PGPAUX_TARGET)
116
+
AC_SUBST(SMIMEAUX_TARGET)
98
117
99
118
AC_DEFINE_UNQUOTED(SUBVERSION,"$SUBVERSION",[ Is this the international version? ])
100
119
AC_SUBST(SUBVERSION)
+2
-1
contrib/Makefile.in
+2
-1
contrib/Makefile.in
···
21
21
subdir = contrib
22
22
23
23
SAMPLES = Mush.rc Pine.rc gpg.rc pgp2.rc pgp5.rc pgp6.rc Tin.rc \
24
-
sample.muttrc sample.mailcap sample.muttrc-tlr
24
+
sample.muttrc sample.mailcap sample.muttrc-tlr smime.rc \
25
+
ca-bundle.crt
25
26
26
27
DISTFILES = Makefile.in language.txt language50.txt \
27
28
patch.slang-1.2.2.keypad.1 \
+4599
contrib/ca-bundle.crt
+4599
contrib/ca-bundle.crt
···
1
+
##
2
+
## ca-bundle.crt -- Bundle of CA Root Certificates
3
+
## Last Modified: Thu Mar 2 09:32:46 CET 2000
4
+
##
5
+
## This is a bundle of X.509 certificates of public
6
+
## Certificate Authorities (CA). These were automatically
7
+
## extracted from Netscape Communicator 4.72's certificate database
8
+
## (the file `cert7.db'). It contains the certificates in both
9
+
## plain text and PEM format and therefore can be directly used
10
+
## with an Apache+mod_ssl webserver for SSL client authentication.
11
+
## Just configure this file as the SSLCACertificateFile.
12
+
##
13
+
## (SKIPME)
14
+
##
15
+
16
+
ABAecom (sub., Am. Bankers Assn.) Root CA
17
+
=========================================
18
+
MD5 Fingerprint: 82:12:F7:89:E1:0B:91:60:A4:B6:22:9F:94:68:11:92
19
+
PEM Data:
20
+
-----BEGIN CERTIFICATE-----
21
+
MIID+DCCAuCgAwIBAgIRANAeQJAAACdLAAAAAQAAAAQwDQYJKoZIhvcNAQEFBQAw
22
+
gYwxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIEwRVdGFoMRcwFQYDVQQHEw5TYWx0IExh
23
+
a2UgQ2l0eTEYMBYGA1UEChMPWGNlcnQgRVogYnkgRFNUMRgwFgYDVQQDEw9YY2Vy
24
+
dCBFWiBieSBEU1QxITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAe
25
+
Fw05OTA3MTQxNjE0MThaFw0wOTA3MTExNjE0MThaMIGMMQswCQYDVQQGEwJVUzEN
26
+
MAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxGDAWBgNVBAoT
27
+
D1hjZXJ0IEVaIGJ5IERTVDEYMBYGA1UEAxMPWGNlcnQgRVogYnkgRFNUMSEwHwYJ
28
+
KoZIhvcNAQkBFhJjYUBkaWdzaWd0cnVzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUA
29
+
A4IBDwAwggEKAoIBAQCtVBjetL/3reh0qu2LfI/C1HUa1YS5tmL8ie/kl2GS+x24
30
+
4VpHNJ6eBiL70+o4y7iLB/caoBd3B1owHNQpOCDXJ0DYUJNDv9IYoil2BXKqa7Zp
31
+
mKt5Hhxl9WqL/MUWqqJy2mDtTm4ZJXoKHTDjUJtCPETrobAgHtsCfv49H7/QAIrb
32
+
QHamGKUVp1e2UsIBF5h3j4qBxhq0airmr6nWAKzP2BVJfNsbof6B+of505DBAsD5
33
+
0ELpkWglX8a/hznplQBgKL+DLMDnXrbXNhbnYId26OcnsiUNi3rlqh3lWc3OCw5v
34
+
xsic4xDZhTnTt5v6xrp8dNJddVardKSiUb9SfO5xAgMBAAGjUzBRMA8GA1UdEwEB
35
+
/wQFMAMBAf8wHwYDVR0jBBgwFoAUCCBsZuuBCmxc1bWmPEHdHJaRJ3cwHQYDVR0O
36
+
BBYEFAggbGbrgQpsXNW1pjxB3RyWkSd3MA0GCSqGSIb3DQEBBQUAA4IBAQBah1iP
37
+
Lat2IWtUDNnxQfZOzSue4x+boy1/2St9WMhnpCn16ezVvZY/o3P4xFs2fNBjLDQ5
38
+
m0i4PW/2FMWeY+anNG7T6DOzxzwYbiOuQ5KZP5jFaTDxNjutuTCC1rZZFpYCCykS
39
+
YbQRifcML5SQhZgonFNsfmPdc/QZ/0qB0bJSI/08SjTOWhvgUIrtT4GV2GDn5MQN
40
+
u1g+WPdOaG8+Z8nLepcWJ+xCYRR2uwDF6wg9FX9LtiJdhzuQ9PPA/jez6dliDMDD
41
+
Wa9gvR8N26E0HzDEPYutsB0Ek+1f1eS/IDAE9EjpMwHRLpAnUrOb3jocq6mXf5vr
42
+
wo3CbezcE9NGxXl8
43
+
-----END CERTIFICATE-----
44
+
Certificate Ingredients:
45
+
Data:
46
+
Version: 3 (0x2)
47
+
Serial Number:
48
+
d0:1e:40:90:00:00:27:4b:00:00:00:01:00:00:00:04
49
+
Signature Algorithm: sha1WithRSAEncryption
50
+
Issuer: C=US, ST=Utah, L=Salt Lake City, O=Xcert EZ by DST, CN=Xcert EZ by DST/Email=ca@digsigtrust.com
51
+
Validity
52
+
Not Before: Jul 14 16:14:18 1999 GMT
53
+
Not After : Jul 11 16:14:18 2009 GMT
54
+
Subject: C=US, ST=Utah, L=Salt Lake City, O=Xcert EZ by DST, CN=Xcert EZ by DST/Email=ca@digsigtrust.com
55
+
Subject Public Key Info:
56
+
Public Key Algorithm: rsaEncryption
57
+
RSA Public Key: (2048 bit)
58
+
Modulus (2048 bit):
59
+
00:ad:54:18:de:b4:bf:f7:ad:e8:74:aa:ed:8b:7c:
60
+
8f:c2:d4:75:1a:d5:84:b9:b6:62:fc:89:ef:e4:97:
61
+
61:92:fb:1d:b8:e1:5a:47:34:9e:9e:06:22:fb:d3:
62
+
ea:38:cb:b8:8b:07:f7:1a:a0:17:77:07:5a:30:1c:
63
+
d4:29:38:20:d7:27:40:d8:50:93:43:bf:d2:18:a2:
64
+
29:76:05:72:aa:6b:b6:69:98:ab:79:1e:1c:65:f5:
65
+
6a:8b:fc:c5:16:aa:a2:72:da:60:ed:4e:6e:19:25:
66
+
7a:0a:1d:30:e3:50:9b:42:3c:44:eb:a1:b0:20:1e:
67
+
db:02:7e:fe:3d:1f:bf:d0:00:8a:db:40:76:a6:18:
68
+
a5:15:a7:57:b6:52:c2:01:17:98:77:8f:8a:81:c6:
69
+
1a:b4:6a:2a:e6:af:a9:d6:00:ac:cf:d8:15:49:7c:
70
+
db:1b:a1:fe:81:fa:87:f9:d3:90:c1:02:c0:f9:d0:
71
+
42:e9:91:68:25:5f:c6:bf:87:39:e9:95:00:60:28:
72
+
bf:83:2c:c0:e7:5e:b6:d7:36:16:e7:60:87:76:e8:
73
+
e7:27:b2:25:0d:8b:7a:e5:aa:1d:e5:59:cd:ce:0b:
74
+
0e:6f:c6:c8:9c:e3:10:d9:85:39:d3:b7:9b:fa:c6:
75
+
ba:7c:74:d2:5d:75:56:ab:74:a4:a2:51:bf:52:7c:
76
+
ee:71
77
+
Exponent: 65537 (0x10001)
78
+
X509v3 extensions:
79
+
X509v3 Basic Constraints: critical
80
+
CA:TRUE
81
+
X509v3 Authority Key Identifier:
82
+
keyid:08:20:6C:66:EB:81:0A:6C:5C:D5:B5:A6:3C:41:DD:1C:96:91:27:77
83
+
84
+
X509v3 Subject Key Identifier:
85
+
08:20:6C:66:EB:81:0A:6C:5C:D5:B5:A6:3C:41:DD:1C:96:91:27:77
86
+
Signature Algorithm: sha1WithRSAEncryption
87
+
5a:87:58:8f:2d:ab:76:21:6b:54:0c:d9:f1:41:f6:4e:cd:2b:
88
+
9e:e3:1f:9b:a3:2d:7f:d9:2b:7d:58:c8:67:a4:29:f5:e9:ec:
89
+
d5:bd:96:3f:a3:73:f8:c4:5b:36:7c:d0:63:2c:34:39:9b:48:
90
+
b8:3d:6f:f6:14:c5:9e:63:e6:a7:34:6e:d3:e8:33:b3:c7:3c:
91
+
18:6e:23:ae:43:92:99:3f:98:c5:69:30:f1:36:3b:ad:b9:30:
92
+
82:d6:b6:59:16:96:02:0b:29:12:61:b4:11:89:f7:0c:2f:94:
93
+
90:85:98:28:9c:53:6c:7e:63:dd:73:f4:19:ff:4a:81:d1:b2:
94
+
52:23:fd:3c:4a:34:ce:5a:1b:e0:50:8a:ed:4f:81:95:d8:60:
95
+
e7:e4:c4:0d:bb:58:3e:58:f7:4e:68:6f:3e:67:c9:cb:7a:97:
96
+
16:27:ec:42:61:14:76:bb:00:c5:eb:08:3d:15:7f:4b:b6:22:
97
+
5d:87:3b:90:f4:f3:c0:fe:37:b3:e9:d9:62:0c:c0:c3:59:af:
98
+
60:bd:1f:0d:db:a1:34:1f:30:c4:3d:8b:ad:b0:1d:04:93:ed:
99
+
5f:d5:e4:bf:20:30:04:f4:48:e9:33:01:d1:2e:90:27:52:b3:
100
+
9b:de:3a:1c:ab:a9:97:7f:9b:eb:c2:8d:c2:6d:ec:dc:13:d3:
101
+
46:c5:79:7c
102
+
103
+
ANX Network CA by DST
104
+
=====================
105
+
MD5 Fingerprint: A8:ED:DE:EB:93:88:66:D8:2F:C3:BD:1D:BE:45:BE:4D
106
+
PEM Data:
107
+
-----BEGIN CERTIFICATE-----
108
+
MIIDTTCCAragAwIBAgIENm6ibzANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJV
109
+
UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMR0wGwYDVQQL
110
+
ExREU1QgKEFOWCBOZXR3b3JrKSBDQTAeFw05ODEyMDkxNTQ2NDhaFw0xODEyMDkx
111
+
NjE2NDhaMFIxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVy
112
+
ZSBUcnVzdCBDby4xHTAbBgNVBAsTFERTVCAoQU5YIE5ldHdvcmspIENBMIGdMA0G
113
+
CSqGSIb3DQEBAQUAA4GLADCBhwKBgQC0SBGAWKDVpZkP9jcsRLZu0XzzKmueEbaI
114
+
IwRccSWeahJ3EW6/aDllqPay9qIYsokVoGe3eowiSGv2hDQftsr3G3LL8ltI04ce
115
+
InYTBLSsbJZ/5w4IyTJRMC3VgOghZ7rzXggkLAdZnZAa7kbJtaQelrRBkdR/0o04
116
+
JrBvQ24JfQIBA6OCATAwggEsMBEGCWCGSAGG+EIBAQQEAwIABzB0BgNVHR8EbTBr
117
+
MGmgZ6BlpGMwYTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0
118
+
dXJlIFRydXN0IENvLjEdMBsGA1UECxMURFNUIChBTlggTmV0d29yaykgQ0ExDTAL
119
+
BgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxNTQ2NDhagQ8yMDE4MTIw
120
+
OTE1NDY0OFowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFIwWVXDMFgpTZMKlhKqz
121
+
ZBdDP4I2MB0GA1UdDgQWBBSMFlVwzBYKU2TCpYSqs2QXQz+CNjAMBgNVHRMEBTAD
122
+
AQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GB
123
+
AEklyWCxDF+pORDTxTRVfc95wynr3vnCQPnoVsXwL+z02exIUbhjOF6TbhiWhbnK
124
+
UJykuOpmJmiThW9vTHHQvnoLPDG5975pnhDX0UDorBZxq66rOOFwscqSFuBdhaYY
125
+
gAYAnOGmGEJRp2hoWe8mlF+tMQz+KR4XAYQ3W+gSMqNd
126
+
-----END CERTIFICATE-----
127
+
Certificate Ingredients:
128
+
Data:
129
+
Version: 3 (0x2)
130
+
Serial Number: 913220207 (0x366ea26f)
131
+
Signature Algorithm: sha1WithRSAEncryption
132
+
Issuer: C=US, O=Digital Signature Trust Co., OU=DST (ANX Network) CA
133
+
Validity
134
+
Not Before: Dec 9 15:46:48 1998 GMT
135
+
Not After : Dec 9 16:16:48 2018 GMT
136
+
Subject: C=US, O=Digital Signature Trust Co., OU=DST (ANX Network) CA
137
+
Subject Public Key Info:
138
+
Public Key Algorithm: rsaEncryption
139
+
RSA Public Key: (1024 bit)
140
+
Modulus (1024 bit):
141
+
00:b4:48:11:80:58:a0:d5:a5:99:0f:f6:37:2c:44:
142
+
b6:6e:d1:7c:f3:2a:6b:9e:11:b6:88:23:04:5c:71:
143
+
25:9e:6a:12:77:11:6e:bf:68:39:65:a8:f6:b2:f6:
144
+
a2:18:b2:89:15:a0:67:b7:7a:8c:22:48:6b:f6:84:
145
+
34:1f:b6:ca:f7:1b:72:cb:f2:5b:48:d3:87:1e:22:
146
+
76:13:04:b4:ac:6c:96:7f:e7:0e:08:c9:32:51:30:
147
+
2d:d5:80:e8:21:67:ba:f3:5e:08:24:2c:07:59:9d:
148
+
90:1a:ee:46:c9:b5:a4:1e:96:b4:41:91:d4:7f:d2:
149
+
8d:38:26:b0:6f:43:6e:09:7d
150
+
Exponent: 3 (0x3)
151
+
X509v3 extensions:
152
+
Netscape Cert Type:
153
+
SSL CA, S/MIME CA, Object Signing CA
154
+
X509v3 CRL Distribution Points:
155
+
DirName:/C=US/O=Digital Signature Trust Co./OU=DST (ANX Network) CA/CN=CRL1
156
+
157
+
X509v3 Private Key Usage Period:
158
+
Not Before: Dec 9 15:46:48 1998 GMT, Not After: Dec 9 15:46:48 2018 GMT
159
+
X509v3 Key Usage:
160
+
Certificate Sign, CRL Sign
161
+
X509v3 Authority Key Identifier:
162
+
keyid:8C:16:55:70:CC:16:0A:53:64:C2:A5:84:AA:B3:64:17:43:3F:82:36
163
+
164
+
X509v3 Subject Key Identifier:
165
+
8C:16:55:70:CC:16:0A:53:64:C2:A5:84:AA:B3:64:17:43:3F:82:36
166
+
X509v3 Basic Constraints:
167
+
CA:TRUE
168
+
1.2.840.113533.7.65.0:
169
+
0
170
+
..V4.0....
171
+
Signature Algorithm: sha1WithRSAEncryption
172
+
49:25:c9:60:b1:0c:5f:a9:39:10:d3:c5:34:55:7d:cf:79:c3:
173
+
29:eb:de:f9:c2:40:f9:e8:56:c5:f0:2f:ec:f4:d9:ec:48:51:
174
+
b8:63:38:5e:93:6e:18:96:85:b9:ca:50:9c:a4:b8:ea:66:26:
175
+
68:93:85:6f:6f:4c:71:d0:be:7a:0b:3c:31:b9:f7:be:69:9e:
176
+
10:d7:d1:40:e8:ac:16:71:ab:ae:ab:38:e1:70:b1:ca:92:16:
177
+
e0:5d:85:a6:18:80:06:00:9c:e1:a6:18:42:51:a7:68:68:59:
178
+
ef:26:94:5f:ad:31:0c:fe:29:1e:17:01:84:37:5b:e8:12:32:
179
+
a3:5d
180
+
181
+
American Express CA
182
+
===================
183
+
MD5 Fingerprint: 1C:D5:8E:82:BE:70:55:8E:39:61:DF:AD:51:DB:6B:A0
184
+
PEM Data:
185
+
-----BEGIN CERTIFICATE-----
186
+
MIICkDCCAfkCAgCNMA0GCSqGSIb3DQEBBAUAMIGPMQswCQYDVQQGEwJVUzEnMCUG
187
+
A1UEChMeQW1lcmljYW4gRXhwcmVzcyBDb21wYW55LCBJbmMuMSYwJAYDVQQLEx1B
188
+
bWVyaWNhbiBFeHByZXNzIFRlY2hub2xvZ2llczEvMC0GA1UEAxMmQW1lcmljYW4g
189
+
RXhwcmVzcyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNOTgwODE0MjIwMTAwWhcN
190
+
MDYwODE0MjM1OTAwWjCBjzELMAkGA1UEBhMCVVMxJzAlBgNVBAoTHkFtZXJpY2Fu
191
+
IEV4cHJlc3MgQ29tcGFueSwgSW5jLjEmMCQGA1UECxMdQW1lcmljYW4gRXhwcmVz
192
+
cyBUZWNobm9sb2dpZXMxLzAtBgNVBAMTJkFtZXJpY2FuIEV4cHJlc3MgQ2VydGlm
193
+
aWNhdGUgQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ8kmS
194
+
hcr9FSm1BrZE7PyIo/KGzv8UTyQckvnCI8HOQ99dNMi4FOzVKnCRSZXXVs2U8amT
195
+
0Ggi3E19oApyKkfqJfCFAF82VGHPC/k3Wmed6R/pZD9wlWGn0DAC3iYopGYDBOkw
196
+
+48zB/lvYYeictvzaHhjZlmpybdm4RWySDYs+QIDAQABMA0GCSqGSIb3DQEBBAUA
197
+
A4GBAGgXYrhzi0xs60qlPqvlnS7SzYoHV/PGWZd2Fxf4Uo4nk9hY2Chs9KIEeorC
198
+
diSxArTfKPL386infiNIYYj0EWiuJl32oUtTJWrYKhQCDuCHIG6eGVxzkAsj4jGX
199
+
Iz/VIqLTBnvaN/XXtUFEF3pFAtmFRWbWjsfwegyZYiJpW+3S
200
+
-----END CERTIFICATE-----
201
+
Certificate Ingredients:
202
+
Data:
203
+
Version: 1 (0x0)
204
+
Serial Number: 141 (0x8d)
205
+
Signature Algorithm: md5WithRSAEncryption
206
+
Issuer: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Certificate Authority
207
+
Validity
208
+
Not Before: Aug 14 22:01:00 1998 GMT
209
+
Not After : Aug 14 23:59:00 2006 GMT
210
+
Subject: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Certificate Authority
211
+
Subject Public Key Info:
212
+
Public Key Algorithm: rsaEncryption
213
+
RSA Public Key: (1024 bit)
214
+
Modulus (1024 bit):
215
+
00:c9:f2:49:92:85:ca:fd:15:29:b5:06:b6:44:ec:
216
+
fc:88:a3:f2:86:ce:ff:14:4f:24:1c:92:f9:c2:23:
217
+
c1:ce:43:df:5d:34:c8:b8:14:ec:d5:2a:70:91:49:
218
+
95:d7:56:cd:94:f1:a9:93:d0:68:22:dc:4d:7d:a0:
219
+
0a:72:2a:47:ea:25:f0:85:00:5f:36:54:61:cf:0b:
220
+
f9:37:5a:67:9d:e9:1f:e9:64:3f:70:95:61:a7:d0:
221
+
30:02:de:26:28:a4:66:03:04:e9:30:fb:8f:33:07:
222
+
f9:6f:61:87:a2:72:db:f3:68:78:63:66:59:a9:c9:
223
+
b7:66:e1:15:b2:48:36:2c:f9
224
+
Exponent: 65537 (0x10001)
225
+
Signature Algorithm: md5WithRSAEncryption
226
+
68:17:62:b8:73:8b:4c:6c:eb:4a:a5:3e:ab:e5:9d:2e:d2:cd:
227
+
8a:07:57:f3:c6:59:97:76:17:17:f8:52:8e:27:93:d8:58:d8:
228
+
28:6c:f4:a2:04:7a:8a:c2:76:24:b1:02:b4:df:28:f2:f7:f3:
229
+
a8:a7:7e:23:48:61:88:f4:11:68:ae:26:5d:f6:a1:4b:53:25:
230
+
6a:d8:2a:14:02:0e:e0:87:20:6e:9e:19:5c:73:90:0b:23:e2:
231
+
31:97:23:3f:d5:22:a2:d3:06:7b:da:37:f5:d7:b5:41:44:17:
232
+
7a:45:02:d9:85:45:66:d6:8e:c7:f0:7a:0c:99:62:22:69:5b:
233
+
ed:d2
234
+
235
+
American Express Global CA
236
+
==========================
237
+
MD5 Fingerprint: 63:1B:66:93:8C:F3:66:CB:3C:79:57:DC:05:49:EA:DB
238
+
PEM Data:
239
+
-----BEGIN CERTIFICATE-----
240
+
MIIEBDCCAuygAwIBAgICAIUwDQYJKoZIhvcNAQEFBQAwgZYxCzAJBgNVBAYTAlVT
241
+
MScwJQYDVQQKEx5BbWVyaWNhbiBFeHByZXNzIENvbXBhbnksIEluYy4xJjAkBgNV
242
+
BAsTHUFtZXJpY2FuIEV4cHJlc3MgVGVjaG5vbG9naWVzMTYwNAYDVQQDEy1BbWVy
243
+
aWNhbiBFeHByZXNzIEdsb2JhbCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNOTgw
244
+
ODE0MTkwNjAwWhcNMTMwODE0MjM1OTAwWjCBljELMAkGA1UEBhMCVVMxJzAlBgNV
245
+
BAoTHkFtZXJpY2FuIEV4cHJlc3MgQ29tcGFueSwgSW5jLjEmMCQGA1UECxMdQW1l
246
+
cmljYW4gRXhwcmVzcyBUZWNobm9sb2dpZXMxNjA0BgNVBAMTLUFtZXJpY2FuIEV4
247
+
cHJlc3MgR2xvYmFsIENlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcN
248
+
AQEBBQADggEPADCCAQoCggEBAPAkJmYu++tKc3FTiUfLJjxTkpRMysKFtQ34w1e9
249
+
Lyofahi3V68MABb6oLaQpvcaoS5mJsdoo4qTaWa1RlYtHYLqkAwKIsKJUI0F89Sr
250
+
c0HwzxKsKLRvFJSWWUuekHWG3+JH6+HpT0N+h8onGGaetcFAZX38YW+tm3LPqV7Y
251
+
8/nabpEQ+ky16n4g3qk5L/WI5IpvNcYgnCuGRjMK/DFVpWusFkDpzTVZbzIEw3u1
252
+
D3t3cPNIuypSgs6vKW3xEW9t5gcAAe+a8yYNpnkTZ6/4qxx1rJG1a75AsN6cDLFp
253
+
hRlxkRNFyt/R/eayypaDedvFuKpbepALeFY+xteflEgR9a0CAwEAAaNaMFgwEgYD
254
+
VR0TAQH/BAgwBgEB/wIBBTAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0gBBAwDjAMBgoq
255
+
hkiG+Q8KAQUBMBkGA1UdDgQSBBBXRzV7NicRqAj8L0Yl6yRpMA0GCSqGSIb3DQEB
256
+
BQUAA4IBAQDHYUWoinG5vjTpIXshzVYTmNUwY+kYqkuSFb8LHbvskmnFLsNhi+gw
257
+
RcsQRsFzOFyLGdIr80DrfHKzLh4n43WVihybLsSVBYZy0FX0oZJSeVzb9Pjc5dcS
258
+
sUDHPIbkMWVKyjfG3nZXGWlMRmn8Kq0WN3qTrPchSy3766lQy8HRQAjaA2mHpzde
259
+
VcHF7cTjjgwml5tcV0ty4/IDBdACOyYDQJCevgtbSQx48dVMVSng9v1MA6lUAjLR
260
+
V1qFrEPtWzsWX6C/NdtLnnvo/+cNPDuom0lBRvVzTv+SZSGDE1Vx60k8f4gawhIo
261
+
JaFGS0E3l3/sjvHUoZbCILZerakcHhGg
262
+
-----END CERTIFICATE-----
263
+
Certificate Ingredients:
264
+
Data:
265
+
Version: 3 (0x2)
266
+
Serial Number: 133 (0x85)
267
+
Signature Algorithm: sha1WithRSAEncryption
268
+
Issuer: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Global Certificate Authority
269
+
Validity
270
+
Not Before: Aug 14 19:06:00 1998 GMT
271
+
Not After : Aug 14 23:59:00 2013 GMT
272
+
Subject: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Global Certificate Authority
273
+
Subject Public Key Info:
274
+
Public Key Algorithm: rsaEncryption
275
+
RSA Public Key: (2048 bit)
276
+
Modulus (2048 bit):
277
+
00:f0:24:26:66:2e:fb:eb:4a:73:71:53:89:47:cb:
278
+
26:3c:53:92:94:4c:ca:c2:85:b5:0d:f8:c3:57:bd:
279
+
2f:2a:1f:6a:18:b7:57:af:0c:00:16:fa:a0:b6:90:
280
+
a6:f7:1a:a1:2e:66:26:c7:68:a3:8a:93:69:66:b5:
281
+
46:56:2d:1d:82:ea:90:0c:0a:22:c2:89:50:8d:05:
282
+
f3:d4:ab:73:41:f0:cf:12:ac:28:b4:6f:14:94:96:
283
+
59:4b:9e:90:75:86:df:e2:47:eb:e1:e9:4f:43:7e:
284
+
87:ca:27:18:66:9e:b5:c1:40:65:7d:fc:61:6f:ad:
285
+
9b:72:cf:a9:5e:d8:f3:f9:da:6e:91:10:fa:4c:b5:
286
+
ea:7e:20:de:a9:39:2f:f5:88:e4:8a:6f:35:c6:20:
287
+
9c:2b:86:46:33:0a:fc:31:55:a5:6b:ac:16:40:e9:
288
+
cd:35:59:6f:32:04:c3:7b:b5:0f:7b:77:70:f3:48:
289
+
bb:2a:52:82:ce:af:29:6d:f1:11:6f:6d:e6:07:00:
290
+
01:ef:9a:f3:26:0d:a6:79:13:67:af:f8:ab:1c:75:
291
+
ac:91:b5:6b:be:40:b0:de:9c:0c:b1:69:85:19:71:
292
+
91:13:45:ca:df:d1:fd:e6:b2:ca:96:83:79:db:c5:
293
+
b8:aa:5b:7a:90:0b:78:56:3e:c6:d7:9f:94:48:11:
294
+
f5:ad
295
+
Exponent: 65537 (0x10001)
296
+
X509v3 extensions:
297
+
X509v3 Basic Constraints: critical
298
+
CA:TRUE, pathlen:5
299
+
X509v3 Key Usage: critical
300
+
Certificate Sign, CRL Sign
301
+
X509v3 Certificate Policies:
302
+
Policy: 1.2.840.113807.10.1.5.1
303
+
304
+
X509v3 Subject Key Identifier:
305
+
57:47:35:7B:36:27:11:A8:08:FC:2F:46:25:EB:24:69
306
+
Signature Algorithm: sha1WithRSAEncryption
307
+
c7:61:45:a8:8a:71:b9:be:34:e9:21:7b:21:cd:56:13:98:d5:
308
+
30:63:e9:18:aa:4b:92:15:bf:0b:1d:bb:ec:92:69:c5:2e:c3:
309
+
61:8b:e8:30:45:cb:10:46:c1:73:38:5c:8b:19:d2:2b:f3:40:
310
+
eb:7c:72:b3:2e:1e:27:e3:75:95:8a:1c:9b:2e:c4:95:05:86:
311
+
72:d0:55:f4:a1:92:52:79:5c:db:f4:f8:dc:e5:d7:12:b1:40:
312
+
c7:3c:86:e4:31:65:4a:ca:37:c6:de:76:57:19:69:4c:46:69:
313
+
fc:2a:ad:16:37:7a:93:ac:f7:21:4b:2d:fb:eb:a9:50:cb:c1:
314
+
d1:40:08:da:03:69:87:a7:37:5e:55:c1:c5:ed:c4:e3:8e:0c:
315
+
26:97:9b:5c:57:4b:72:e3:f2:03:05:d0:02:3b:26:03:40:90:
316
+
9e:be:0b:5b:49:0c:78:f1:d5:4c:55:29:e0:f6:fd:4c:03:a9:
317
+
54:02:32:d1:57:5a:85:ac:43:ed:5b:3b:16:5f:a0:bf:35:db:
318
+
4b:9e:7b:e8:ff:e7:0d:3c:3b:a8:9b:49:41:46:f5:73:4e:ff:
319
+
92:65:21:83:13:55:71:eb:49:3c:7f:88:1a:c2:12:28:25:a1:
320
+
46:4b:41:37:97:7f:ec:8e:f1:d4:a1:96:c2:20:b6:5e:ad:a9:
321
+
1c:1e:11:a0
322
+
323
+
BelSign Object Publishing CA
324
+
============================
325
+
MD5 Fingerprint: 8A:02:F8:DF:B8:E1:84:9F:5A:C2:60:24:65:D1:73:FB
326
+
PEM Data:
327
+
-----BEGIN CERTIFICATE-----
328
+
MIIDAzCCAmygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBuzELMAkGA1UEBhMCQkUx
329
+
ETAPBgNVBAcTCEJydXNzZWxzMRMwEQYDVQQKEwpCZWxTaWduIE5WMTgwNgYDVQQL
330
+
Ey9CZWxTaWduIE9iamVjdCBQdWJsaXNoaW5nIENlcnRpZmljYXRlIEF1dGhvcml0
331
+
eTElMCMGA1UEAxMcQmVsU2lnbiBPYmplY3QgUHVibGlzaGluZyBDQTEjMCEGCSqG
332
+
SIb3DQEJARYUd2VibWFzdGVyQGJlbHNpZ24uYmUwHhcNOTcwOTE5MjIwMzAwWhcN
333
+
MDcwOTE5MjIwMzAwWjCBuzELMAkGA1UEBhMCQkUxETAPBgNVBAcTCEJydXNzZWxz
334
+
MRMwEQYDVQQKEwpCZWxTaWduIE5WMTgwNgYDVQQLEy9CZWxTaWduIE9iamVjdCBQ
335
+
dWJsaXNoaW5nIENlcnRpZmljYXRlIEF1dGhvcml0eTElMCMGA1UEAxMcQmVsU2ln
336
+
biBPYmplY3QgUHVibGlzaGluZyBDQTEjMCEGCSqGSIb3DQEJARYUd2VibWFzdGVy
337
+
QGJlbHNpZ24uYmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMQuH7a/7oJA
338
+
3fm3LkHVngWxWtAmfGJVA5v8y2HeS+/+6Jn+h7mIz5DaDwk8dt8Xl7bLPyVF/bS8
339
+
WAC+sFq2FIeP7mdkrR2Ig7tnn2VhAFgIgFCfgMkx9iqQHC33SmwQ9iNDXTgJYIhX
340
+
As0WbBj8zfuSKnfQnpOjXYhk0Mj4XVRRAgMBAAGjFTATMBEGCWCGSAGG+EIBAQQE
341
+
AwIABzANBgkqhkiG9w0BAQQFAAOBgQBjdhd8lvBTpV0BHFPOKcJ+daxMDaIIc7Rq
342
+
Mf0CBhSZ3FQEpL/IloafMUMyJVf2hfYluze+oXkjyVcGJXFrRU/49AJAFoIir1Tq
343
+
Mij2De6ZuksIUQ9uhiMhTC0liIHELg7xEyw4ipUCJMM6lWPkk45IuwhHcl+u5jpa
344
+
R9Zxxp6aUg==
345
+
-----END CERTIFICATE-----
346
+
Certificate Ingredients:
347
+
Data:
348
+
Version: 3 (0x2)
349
+
Serial Number: 1 (0x1)
350
+
Signature Algorithm: md5WithRSAEncryption
351
+
Issuer: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Object Publishing Certificate Authority, CN=BelSign Object Publishing CA/Email=webmaster@belsign.be
352
+
Validity
353
+
Not Before: Sep 19 22:03:00 1997 GMT
354
+
Not After : Sep 19 22:03:00 2007 GMT
355
+
Subject: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Object Publishing Certificate Authority, CN=BelSign Object Publishing CA/Email=webmaster@belsign.be
356
+
Subject Public Key Info:
357
+
Public Key Algorithm: rsaEncryption
358
+
RSA Public Key: (1024 bit)
359
+
Modulus (1024 bit):
360
+
00:c4:2e:1f:b6:bf:ee:82:40:dd:f9:b7:2e:41:d5:
361
+
9e:05:b1:5a:d0:26:7c:62:55:03:9b:fc:cb:61:de:
362
+
4b:ef:fe:e8:99:fe:87:b9:88:cf:90:da:0f:09:3c:
363
+
76:df:17:97:b6:cb:3f:25:45:fd:b4:bc:58:00:be:
364
+
b0:5a:b6:14:87:8f:ee:67:64:ad:1d:88:83:bb:67:
365
+
9f:65:61:00:58:08:80:50:9f:80:c9:31:f6:2a:90:
366
+
1c:2d:f7:4a:6c:10:f6:23:43:5d:38:09:60:88:57:
367
+
02:cd:16:6c:18:fc:cd:fb:92:2a:77:d0:9e:93:a3:
368
+
5d:88:64:d0:c8:f8:5d:54:51
369
+
Exponent: 65537 (0x10001)
370
+
X509v3 extensions:
371
+
Netscape Cert Type:
372
+
SSL CA, S/MIME CA, Object Signing CA
373
+
Signature Algorithm: md5WithRSAEncryption
374
+
63:76:17:7c:96:f0:53:a5:5d:01:1c:53:ce:29:c2:7e:75:ac:
375
+
4c:0d:a2:08:73:b4:6a:31:fd:02:06:14:99:dc:54:04:a4:bf:
376
+
c8:96:86:9f:31:43:32:25:57:f6:85:f6:25:bb:37:be:a1:79:
377
+
23:c9:57:06:25:71:6b:45:4f:f8:f4:02:40:16:82:22:af:54:
378
+
ea:32:28:f6:0d:ee:99:ba:4b:08:51:0f:6e:86:23:21:4c:2d:
379
+
25:88:81:c4:2e:0e:f1:13:2c:38:8a:95:02:24:c3:3a:95:63:
380
+
e4:93:8e:48:bb:08:47:72:5f:ae:e6:3a:5a:47:d6:71:c6:9e:
381
+
9a:52
382
+
383
+
BelSign Secure Server CA
384
+
========================
385
+
MD5 Fingerprint: 3D:5E:82:C6:D9:AD:D9:8B:93:6B:0C:10:B9:49:0A:B1
386
+
PEM Data:
387
+
-----BEGIN CERTIFICATE-----
388
+
MIIC8zCCAlygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBszELMAkGA1UEBhMCQkUx
389
+
ETAPBgNVBAcTCEJydXNzZWxzMRMwEQYDVQQKEwpCZWxTaWduIE5WMTQwMgYDVQQL
390
+
EytCZWxTaWduIFNlY3VyZSBTZXJ2ZXIgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSEw
391
+
HwYDVQQDExhCZWxTaWduIFNlY3VyZSBTZXJ2ZXIgQ0ExIzAhBgkqhkiG9w0BCQEW
392
+
FHdlYm1hc3RlckBiZWxzaWduLmJlMB4XDTk3MDcxNjIyMDA1NFoXDTA3MDcxNjIy
393
+
MDA1NFowgbMxCzAJBgNVBAYTAkJFMREwDwYDVQQHEwhCcnVzc2VsczETMBEGA1UE
394
+
ChMKQmVsU2lnbiBOVjE0MDIGA1UECxMrQmVsU2lnbiBTZWN1cmUgU2VydmVyIENl
395
+
cnRpZmljYXRlIEF1dGhvcml0eTEhMB8GA1UEAxMYQmVsU2lnbiBTZWN1cmUgU2Vy
396
+
dmVyIENBMSMwIQYJKoZIhvcNAQkBFhR3ZWJtYXN0ZXJAYmVsc2lnbi5iZTCBnzAN
397
+
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1gESeJL4BEJ/yccig/x8R3AwK0kLPjZA
398
+
kCjaIXODU/LE0RZAwFP/rqbGJLMnbaWzPTl3XagG9ubpvGMRTgZlcAqdk/miQIt/
399
+
SoQOjRax1swIZBIM4ChLyKWEkBf7EUYu1qeFGMsYrmOasFgG9ADP+MQJGjUMofnu
400
+
Sv1t3v4mpTsCAwEAAaMVMBMwEQYJYIZIAYb4QgEBBAQDAgCgMA0GCSqGSIb3DQEB
401
+
BAUAA4GBAGw9mcMF4h3K5S2qaIWLQDEgZhNo5lg6idCNdbLFYth9go/32TKBd/Y1
402
+
W4UpzmeyubwrGXjP84f9RvGVdbIJVwMwwXrNckdxgMp9ncllPEcRIn36BwsoeKGT
403
+
6AVFSOIyMko96FMcELfHc4wHUOH5yStTQfWDjeUJOUqOA2KqQGOL
404
+
-----END CERTIFICATE-----
405
+
Certificate Ingredients:
406
+
Data:
407
+
Version: 3 (0x2)
408
+
Serial Number: 1 (0x1)
409
+
Signature Algorithm: md5WithRSAEncryption
410
+
Issuer: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Secure Server Certificate Authority, CN=BelSign Secure Server CA/Email=webmaster@belsign.be
411
+
Validity
412
+
Not Before: Jul 16 22:00:54 1997 GMT
413
+
Not After : Jul 16 22:00:54 2007 GMT
414
+
Subject: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Secure Server Certificate Authority, CN=BelSign Secure Server CA/Email=webmaster@belsign.be
415
+
Subject Public Key Info:
416
+
Public Key Algorithm: rsaEncryption
417
+
RSA Public Key: (1024 bit)
418
+
Modulus (1024 bit):
419
+
00:d6:01:12:78:92:f8:04:42:7f:c9:c7:22:83:fc:
420
+
7c:47:70:30:2b:49:0b:3e:36:40:90:28:da:21:73:
421
+
83:53:f2:c4:d1:16:40:c0:53:ff:ae:a6:c6:24:b3:
422
+
27:6d:a5:b3:3d:39:77:5d:a8:06:f6:e6:e9:bc:63:
423
+
11:4e:06:65:70:0a:9d:93:f9:a2:40:8b:7f:4a:84:
424
+
0e:8d:16:b1:d6:cc:08:64:12:0c:e0:28:4b:c8:a5:
425
+
84:90:17:fb:11:46:2e:d6:a7:85:18:cb:18:ae:63:
426
+
9a:b0:58:06:f4:00:cf:f8:c4:09:1a:35:0c:a1:f9:
427
+
ee:4a:fd:6d:de:fe:26:a5:3b
428
+
Exponent: 65537 (0x10001)
429
+
X509v3 extensions:
430
+
Netscape Cert Type:
431
+
SSL Client, S/MIME
432
+
Signature Algorithm: md5WithRSAEncryption
433
+
6c:3d:99:c3:05:e2:1d:ca:e5:2d:aa:68:85:8b:40:31:20:66:
434
+
13:68:e6:58:3a:89:d0:8d:75:b2:c5:62:d8:7d:82:8f:f7:d9:
435
+
32:81:77:f6:35:5b:85:29:ce:67:b2:b9:bc:2b:19:78:cf:f3:
436
+
87:fd:46:f1:95:75:b2:09:57:03:30:c1:7a:cd:72:47:71:80:
437
+
ca:7d:9d:c9:65:3c:47:11:22:7d:fa:07:0b:28:78:a1:93:e8:
438
+
05:45:48:e2:32:32:4a:3d:e8:53:1c:10:b7:c7:73:8c:07:50:
439
+
e1:f9:c9:2b:53:41:f5:83:8d:e5:09:39:4a:8e:03:62:aa:40:
440
+
63:8b
441
+
442
+
Deutsche Telekom AG Root CA
443
+
===========================
444
+
MD5 Fingerprint: 77:DE:04:94:77:D0:0C:5F:A7:B1:F4:30:18:87:FB:55
445
+
PEM Data:
446
+
-----BEGIN CERTIFICATE-----
447
+
MIICjjCCAfegAwIBAgIBBjANBgkqhkiG9w0BAQQFADBtMQswCQYDVQQGEwJERTEc
448
+
MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEdMBsGA1UECxMUVGVsZVNlYyBU
449
+
cnVzdCBDZW50ZXIxITAfBgNVBAMTGERldXRzY2hlIFRlbGVrb20gUm9vdCBDQTAe
450
+
Fw05ODEyMDkwOTExMDBaFw0wNDEyMDkyMzU5MDBaMG0xCzAJBgNVBAYTAkRFMRww
451
+
GgYDVQQKExNEZXV0c2NoZSBUZWxla29tIEFHMR0wGwYDVQQLExRUZWxlU2VjIFRy
452
+
dXN0IENlbnRlcjEhMB8GA1UEAxMYRGV1dHNjaGUgVGVsZWtvbSBSb290IENBMIGf
453
+
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdBSz5BbO5EtdpcffqVjAIVxRDe7sa
454
+
nG0vV2HX4vVEa+42QZb2ZM7hwbK5pBQEmFDocPiONZp9ScFhHVmu2gYYlX2tzuyp
455
+
vtEYD0CRdiqj5f3+iRX0V/fgVdp1rQD0LME1zLRDJlViRC4BJZyKW/DB0AA1eP41
456
+
3pRAZHiDocw5iQIDAQABoz4wPDAPBgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQE
457
+
AwIBBjAZBgNVHQ4EEgQQLIdZH4sTgLL5hp0+En5YljANBgkqhkiG9w0BAQQFAAOB
458
+
gQAP/nO1B4hvoAuJ6spQH5TelCsLJ15P9RyVJtqMllStGZE3Q12ryYuzzW+YOT3t
459
+
3TXjcbftE5OD6IblKTMTE7w1e/0oL3BZ1dO0jSgTWTvI1XT5RcIHYKq4GFT5pWj/
460
+
1wXVj7YFMS5BSvQQH2BHGguLGU2SVyDS71AZ6M3QcLy8Ng==
461
+
-----END CERTIFICATE-----
462
+
Certificate Ingredients:
463
+
Data:
464
+
Version: 3 (0x2)
465
+
Serial Number: 6 (0x6)
466
+
Signature Algorithm: md5WithRSAEncryption
467
+
Issuer: C=DE, O=Deutsche Telekom AG, OU=TeleSec Trust Center, CN=Deutsche Telekom Root CA
468
+
Validity
469
+
Not Before: Dec 9 09:11:00 1998 GMT
470
+
Not After : Dec 9 23:59:00 2004 GMT
471
+
Subject: C=DE, O=Deutsche Telekom AG, OU=TeleSec Trust Center, CN=Deutsche Telekom Root CA
472
+
Subject Public Key Info:
473
+
Public Key Algorithm: rsaEncryption
474
+
RSA Public Key: (1024 bit)
475
+
Modulus (1024 bit):
476
+
00:dd:05:2c:f9:05:b3:b9:12:d7:69:71:f7:ea:56:
477
+
30:08:57:14:43:7b:bb:1a:9c:6d:2f:57:61:d7:e2:
478
+
f5:44:6b:ee:36:41:96:f6:64:ce:e1:c1:b2:b9:a4:
479
+
14:04:98:50:e8:70:f8:8e:35:9a:7d:49:c1:61:1d:
480
+
59:ae:da:06:18:95:7d:ad:ce:ec:a9:be:d1:18:0f:
481
+
40:91:76:2a:a3:e5:fd:fe:89:15:f4:57:f7:e0:55:
482
+
da:75:ad:00:f4:2c:c1:35:cc:b4:43:26:55:62:44:
483
+
2e:01:25:9c:8a:5b:f0:c1:d0:00:35:78:fe:35:de:
484
+
94:40:64:78:83:a1:cc:39:89
485
+
Exponent: 65537 (0x10001)
486
+
X509v3 extensions:
487
+
X509v3 Basic Constraints:
488
+
CA:TRUE, pathlen:5
489
+
X509v3 Key Usage: critical
490
+
Certificate Sign, CRL Sign
491
+
X509v3 Subject Key Identifier:
492
+
2C:87:59:1F:8B:13:80:B2:F9:86:9D:3E:12:7E:58:96
493
+
Signature Algorithm: md5WithRSAEncryption
494
+
0f:fe:73:b5:07:88:6f:a0:0b:89:ea:ca:50:1f:94:de:94:2b:
495
+
0b:27:5e:4f:f5:1c:95:26:da:8c:96:54:ad:19:91:37:43:5d:
496
+
ab:c9:8b:b3:cd:6f:98:39:3d:ed:dd:35:e3:71:b7:ed:13:93:
497
+
83:e8:86:e5:29:33:13:13:bc:35:7b:fd:28:2f:70:59:d5:d3:
498
+
b4:8d:28:13:59:3b:c8:d5:74:f9:45:c2:07:60:aa:b8:18:54:
499
+
f9:a5:68:ff:d7:05:d5:8f:b6:05:31:2e:41:4a:f4:10:1f:60:
500
+
47:1a:0b:8b:19:4d:92:57:20:d2:ef:50:19:e8:cd:d0:70:bc:
501
+
bc:36
502
+
503
+
Digital Signature Trust Co. Global CA 1
504
+
=======================================
505
+
MD5 Fingerprint: 25:7A:BA:83:2E:B6:A2:0B:DA:FE:F5:02:0F:08:D7:AD
506
+
PEM Data:
507
+
-----BEGIN CERTIFICATE-----
508
+
MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
509
+
UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
510
+
EwhEU1RDQSBFMTAeFw05ODEyMTAxODEwMjNaFw0xODEyMTAxODQwMjNaMEYxCzAJ
511
+
BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
512
+
ETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCg
513
+
bIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlREmlvMVW5SXIACH7TpWJENySZ
514
+
j9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+LthzfNHwJmm8fOR6Hh8AMthyUQncWlV
515
+
Sn5JTe2io74CTADKAqjuAQIxZA9SLRN0dja1erQtcQIBA6OCASQwggEgMBEGCWCG
516
+
SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
517
+
JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
518
+
RFNUQ0EgRTExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMTAxODEw
519
+
MjNagQ8yMDE4MTIxMDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFGp5
520
+
fpFpRhgTCgJ3pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i
521
+
+DAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
522
+
SIb3DQEBBQUAA4GBACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lN
523
+
QseSJqBcNJo4cvj9axY+IO6CizEqkzaFI4iKPANo08kJD038bKTaKHKTDomAsH3+
524
+
gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4RbyhkwS7hp86W0N6w4pl
525
+
-----END CERTIFICATE-----
526
+
Certificate Ingredients:
527
+
Data:
528
+
Version: 3 (0x2)
529
+
Serial Number: 913315222 (0x36701596)
530
+
Signature Algorithm: sha1WithRSAEncryption
531
+
Issuer: C=US, O=Digital Signature Trust Co., OU=DSTCA E1
532
+
Validity
533
+
Not Before: Dec 10 18:10:23 1998 GMT
534
+
Not After : Dec 10 18:40:23 2018 GMT
535
+
Subject: C=US, O=Digital Signature Trust Co., OU=DSTCA E1
536
+
Subject Public Key Info:
537
+
Public Key Algorithm: rsaEncryption
538
+
RSA Public Key: (1024 bit)
539
+
Modulus (1024 bit):
540
+
00:a0:6c:81:a9:cf:34:1e:24:dd:fe:86:28:cc:de:
541
+
83:2f:f9:5e:d4:42:d2:e8:74:60:66:13:98:06:1c:
542
+
a9:51:12:69:6f:31:55:b9:49:72:00:08:7e:d3:a5:
543
+
62:44:37:24:99:8f:d9:83:48:8f:99:6d:95:13:bb:
544
+
43:3b:2e:49:4e:88:37:c1:bb:58:7f:fe:e1:bd:f8:
545
+
bb:61:cd:f3:47:c0:99:a6:f1:f3:91:e8:78:7c:00:
546
+
cb:61:c9:44:27:71:69:55:4a:7e:49:4d:ed:a2:a3:
547
+
be:02:4c:00:ca:02:a8:ee:01:02:31:64:0f:52:2d:
548
+
13:74:76:36:b5:7a:b4:2d:71
549
+
Exponent: 3 (0x3)
550
+
X509v3 extensions:
551
+
Netscape Cert Type:
552
+
SSL CA, S/MIME CA, Object Signing CA
553
+
X509v3 CRL Distribution Points:
554
+
DirName:/C=US/O=Digital Signature Trust Co./OU=DSTCA E1/CN=CRL1
555
+
556
+
X509v3 Private Key Usage Period:
557
+
Not Before: Dec 10 18:10:23 1998 GMT, Not After: Dec 10 18:10:23 2018 GMT
558
+
X509v3 Key Usage:
559
+
Certificate Sign, CRL Sign
560
+
X509v3 Authority Key Identifier:
561
+
keyid:6A:79:7E:91:69:46:18:13:0A:02:77:A5:59:5B:60:98:25:0E:A2:F8
562
+
563
+
X509v3 Subject Key Identifier:
564
+
6A:79:7E:91:69:46:18:13:0A:02:77:A5:59:5B:60:98:25:0E:A2:F8
565
+
X509v3 Basic Constraints:
566
+
CA:TRUE
567
+
1.2.840.113533.7.65.0:
568
+
0
569
+
..V4.0....
570
+
Signature Algorithm: sha1WithRSAEncryption
571
+
22:12:d8:7a:1d:dc:81:06:b6:09:65:b2:87:c8:1f:5e:b4:2f:
572
+
e9:c4:1e:f2:3c:c1:bb:04:90:11:4a:83:4e:7e:93:b9:4d:42:
573
+
c7:92:26:a0:5c:34:9a:38:72:f8:fd:6b:16:3e:20:ee:82:8b:
574
+
31:2a:93:36:85:23:88:8a:3c:03:68:d3:c9:09:0f:4d:fc:6c:
575
+
a4:da:28:72:93:0e:89:80:b0:7d:fe:80:6f:65:6d:18:33:97:
576
+
8b:c2:6b:89:ee:60:3d:c8:9b:ef:7f:2b:32:62:73:93:cb:3c:
577
+
e3:7b:e2:76:78:45:bc:a1:93:04:bb:86:9f:3a:5b:43:7a:c3:
578
+
8a:65
579
+
580
+
Digital Signature Trust Co. Global CA 2
581
+
=======================================
582
+
MD5 Fingerprint: 6C:C9:A7:6E:47:F1:0C:E3:53:3B:78:4C:4D:C2:6A:C5
583
+
PEM Data:
584
+
-----BEGIN CERTIFICATE-----
585
+
MIID2DCCAsACEQDQHkCLAAACfAAAAAIAAAABMA0GCSqGSIb3DQEBBQUAMIGpMQsw
586
+
CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
587
+
dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
588
+
CxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDExITAfBgkqhkiG9w0B
589
+
CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODEyMDExODE4NTVaFw0wODExMjgx
590
+
ODE4NTVaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
591
+
U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
592
+
IENvLjERMA8GA1UECxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDEx
593
+
ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
594
+
AQEBBQADggEPADCCAQoCggEBANLGJrbnpT3BxGjVUG9TxW9JEwm4ryxIjRRqoxdf
595
+
WvnTLnUv2Chi0ZMv/E3Uq4flCMeZ55I/db3rJbQVwZsZPdJEjdd0IG03Ao9pk1uK
596
+
xBmd9LIO/BZsubEFkoPRhSxglD5FVaDZqwgh5mDoO3TymVBRaNADLbGAvqPYUrBE
597
+
zUNKcI5YhZXhTizWLUFv1oTnyJhEykfbLCSlaSbPa7gnYsP0yXqSI+0TZ4KuRS5F
598
+
5X5yP4WdlGIQ5jyRoa13AOAV7POEgHJ6jm5gl8ckWRA0g1vhpaRptlc1HHhZxtMv
599
+
OnNn7pTKBBMFYgZwI7P0fO5F2WQLW0mqpEPOJsREEmy43XkCAwEAATANBgkqhkiG
600
+
9w0BAQUFAAOCAQEAojeyP2n714Z5VEkxlTMr89EJFEliYIalsBHiUMIdBlc+Legz
601
+
ZL6bqq1fG03UmZWii5rJYnK1aerZWKs17RWiQ9a2vAd5ZWRzfdd5ynvVWlHG4VME
602
+
lo04z6MXrDlxawHDi1M8Y+nuecDkvpIyZHqzH5eUYr3qsiAVlfuX8ngvYzZAOONG
603
+
Dx3drJXK50uQe7FLqdTF65raqtWjlBRGjS0f8zrWkzr2Pnn86Oawde3uPclwx12q
604
+
gUtGJRzHbBXjlU4PqjI3lAoXJJIThFjSY28r9+ZbYgsTF7ANUkz+/m9c4pFuHf2k
605
+
Ytdo+o56T9II2pPc8JIRetDccpMMc5NihWjQ9A==
606
+
-----END CERTIFICATE-----
607
+
Certificate Ingredients:
608
+
Data:
609
+
Version: 1 (0x0)
610
+
Serial Number:
611
+
d0:1e:40:8b:00:00:02:7c:00:00:00:02:00:00:00:01
612
+
Signature Algorithm: sha1WithRSAEncryption
613
+
Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X1, CN=DST RootCA X1/Email=ca@digsigtrust.com
614
+
Validity
615
+
Not Before: Dec 1 18:18:55 1998 GMT
616
+
Not After : Nov 28 18:18:55 2008 GMT
617
+
Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X1, CN=DST RootCA X1/Email=ca@digsigtrust.com
618
+
Subject Public Key Info:
619
+
Public Key Algorithm: rsaEncryption
620
+
RSA Public Key: (2048 bit)
621
+
Modulus (2048 bit):
622
+
00:d2:c6:26:b6:e7:a5:3d:c1:c4:68:d5:50:6f:53:
623
+
c5:6f:49:13:09:b8:af:2c:48:8d:14:6a:a3:17:5f:
624
+
5a:f9:d3:2e:75:2f:d8:28:62:d1:93:2f:fc:4d:d4:
625
+
ab:87:e5:08:c7:99:e7:92:3f:75:bd:eb:25:b4:15:
626
+
c1:9b:19:3d:d2:44:8d:d7:74:20:6d:37:02:8f:69:
627
+
93:5b:8a:c4:19:9d:f4:b2:0e:fc:16:6c:b9:b1:05:
628
+
92:83:d1:85:2c:60:94:3e:45:55:a0:d9:ab:08:21:
629
+
e6:60:e8:3b:74:f2:99:50:51:68:d0:03:2d:b1:80:
630
+
be:a3:d8:52:b0:44:cd:43:4a:70:8e:58:85:95:e1:
631
+
4e:2c:d6:2d:41:6f:d6:84:e7:c8:98:44:ca:47:db:
632
+
2c:24:a5:69:26:cf:6b:b8:27:62:c3:f4:c9:7a:92:
633
+
23:ed:13:67:82:ae:45:2e:45:e5:7e:72:3f:85:9d:
634
+
94:62:10:e6:3c:91:a1:ad:77:00:e0:15:ec:f3:84:
635
+
80:72:7a:8e:6e:60:97:c7:24:59:10:34:83:5b:e1:
636
+
a5:a4:69:b6:57:35:1c:78:59:c6:d3:2f:3a:73:67:
637
+
ee:94:ca:04:13:05:62:06:70:23:b3:f4:7c:ee:45:
638
+
d9:64:0b:5b:49:aa:a4:43:ce:26:c4:44:12:6c:b8:
639
+
dd:79
640
+
Exponent: 65537 (0x10001)
641
+
Signature Algorithm: sha1WithRSAEncryption
642
+
a2:37:b2:3f:69:fb:d7:86:79:54:49:31:95:33:2b:f3:d1:09:
643
+
14:49:62:60:86:a5:b0:11:e2:50:c2:1d:06:57:3e:2d:e8:33:
644
+
64:be:9b:aa:ad:5f:1b:4d:d4:99:95:a2:8b:9a:c9:62:72:b5:
645
+
69:ea:d9:58:ab:35:ed:15:a2:43:d6:b6:bc:07:79:65:64:73:
646
+
7d:d7:79:ca:7b:d5:5a:51:c6:e1:53:04:96:8d:38:cf:a3:17:
647
+
ac:39:71:6b:01:c3:8b:53:3c:63:e9:ee:79:c0:e4:be:92:32:
648
+
64:7a:b3:1f:97:94:62:bd:ea:b2:20:15:95:fb:97:f2:78:2f:
649
+
63:36:40:38:e3:46:0f:1d:dd:ac:95:ca:e7:4b:90:7b:b1:4b:
650
+
a9:d4:c5:eb:9a:da:aa:d5:a3:94:14:46:8d:2d:1f:f3:3a:d6:
651
+
93:3a:f6:3e:79:fc:e8:e6:b0:75:ed:ee:3d:c9:70:c7:5d:aa:
652
+
81:4b:46:25:1c:c7:6c:15:e3:95:4e:0f:aa:32:37:94:0a:17:
653
+
24:92:13:84:58:d2:63:6f:2b:f7:e6:5b:62:0b:13:17:b0:0d:
654
+
52:4c:fe:fe:6f:5c:e2:91:6e:1d:fd:a4:62:d7:68:fa:8e:7a:
655
+
4f:d2:08:da:93:dc:f0:92:11:7a:d0:dc:72:93:0c:73:93:62:
656
+
85:68:d0:f4
657
+
658
+
Digital Signature Trust Co. Global CA 3
659
+
=======================================
660
+
MD5 Fingerprint: 93:C2:8E:11:7B:D4:F3:03:19:BD:28:75:13:4A:45:4A
661
+
PEM Data:
662
+
-----BEGIN CERTIFICATE-----
663
+
MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
664
+
UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
665
+
EwhEU1RDQSBFMjAeFw05ODEyMDkxOTE3MjZaFw0xODEyMDkxOTQ3MjZaMEYxCzAJ
666
+
BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
667
+
ETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC/
668
+
k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fBw18DW9Fvrn5C6mYjuGODVvso
669
+
LeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87eZfCocfdPJmyMvMa1795JJ/9IKn3o
670
+
TQPMx7JSxhcxEzu1TdvIxPbDDyQq2gyd55FbgM2UnQIBA6OCASQwggEgMBEGCWCG
671
+
SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
672
+
JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
673
+
RFNUQ0EgRTIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxOTE3
674
+
MjZagQ8yMDE4MTIwOTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFB6C
675
+
TShlgDzJQW6sNS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5
676
+
WzAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
677
+
SIb3DQEBBQUAA4GBAEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHR
678
+
xdf0CiUPPXiBng+xZ8SQTGPdXqfiup/1902lMXucKS1M/mQ+7LZT/uqb7YLbdHVL
679
+
B3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1mPnHfxsb1gYgAlihw6ID
680
+
-----END CERTIFICATE-----
681
+
Certificate Ingredients:
682
+
Data:
683
+
Version: 3 (0x2)
684
+
Serial Number: 913232846 (0x366ed3ce)
685
+
Signature Algorithm: sha1WithRSAEncryption
686
+
Issuer: C=US, O=Digital Signature Trust Co., OU=DSTCA E2
687
+
Validity
688
+
Not Before: Dec 9 19:17:26 1998 GMT
689
+
Not After : Dec 9 19:47:26 2018 GMT
690
+
Subject: C=US, O=Digital Signature Trust Co., OU=DSTCA E2
691
+
Subject Public Key Info:
692
+
Public Key Algorithm: rsaEncryption
693
+
RSA Public Key: (1024 bit)
694
+
Modulus (1024 bit):
695
+
00:bf:93:8f:17:92:ef:33:13:18:eb:10:7f:4e:16:
696
+
bf:ff:06:8f:2a:85:bc:5e:f9:24:a6:24:88:b6:03:
697
+
b7:c1:c3:5f:03:5b:d1:6f:ae:7e:42:ea:66:23:b8:
698
+
63:83:56:fb:28:2d:e1:38:8b:b4:ee:a8:01:e1:ce:
699
+
1c:b6:88:2a:22:46:85:fb:9f:a7:70:a9:47:14:3f:
700
+
ce:de:65:f0:a8:71:f7:4f:26:6c:8c:bc:c6:b5:ef:
701
+
de:49:27:ff:48:2a:7d:e8:4d:03:cc:c7:b2:52:c6:
702
+
17:31:13:3b:b5:4d:db:c8:c4:f6:c3:0f:24:2a:da:
703
+
0c:9d:e7:91:5b:80:cd:94:9d
704
+
Exponent: 3 (0x3)
705
+
X509v3 extensions:
706
+
Netscape Cert Type:
707
+
SSL CA, S/MIME CA, Object Signing CA
708
+
X509v3 CRL Distribution Points:
709
+
DirName:/C=US/O=Digital Signature Trust Co./OU=DSTCA E2/CN=CRL1
710
+
711
+
X509v3 Private Key Usage Period:
712
+
Not Before: Dec 9 19:17:26 1998 GMT, Not After: Dec 9 19:17:26 2018 GMT
713
+
X509v3 Key Usage:
714
+
Certificate Sign, CRL Sign
715
+
X509v3 Authority Key Identifier:
716
+
keyid:1E:82:4D:28:65:80:3C:C9:41:6E:AC:35:2E:5A:CB:DE:EE:F8:39:5B
717
+
718
+
X509v3 Subject Key Identifier:
719
+
1E:82:4D:28:65:80:3C:C9:41:6E:AC:35:2E:5A:CB:DE:EE:F8:39:5B
720
+
X509v3 Basic Constraints:
721
+
CA:TRUE
722
+
1.2.840.113533.7.65.0:
723
+
0
724
+
..V4.0....
725
+
Signature Algorithm: sha1WithRSAEncryption
726
+
47:8d:83:ad:62:f2:db:b0:9e:45:22:05:b9:a2:d6:03:0e:38:
727
+
72:e7:9e:fc:7b:e6:93:b6:9a:a5:a2:94:c8:34:1d:91:d1:c5:
728
+
d7:f4:0a:25:0f:3d:78:81:9e:0f:b1:67:c4:90:4c:63:dd:5e:
729
+
a7:e2:ba:9f:f5:f7:4d:a5:31:7b:9c:29:2d:4c:fe:64:3e:ec:
730
+
b6:53:fe:ea:9b:ed:82:db:74:75:4b:07:79:6e:1e:d8:19:83:
731
+
73:de:f5:3e:d0:b5:de:e7:4b:68:7d:43:2e:2a:20:e1:7e:a0:
732
+
78:44:9e:08:f5:98:f9:c7:7f:1b:1b:d6:06:20:02:58:a1:c3:
733
+
a2:03
734
+
735
+
Digital Signature Trust Co. Global CA 4
736
+
=======================================
737
+
MD5 Fingerprint: CD:3B:3D:62:5B:09:B8:09:36:87:9E:12:2F:71:64:BA
738
+
PEM Data:
739
+
-----BEGIN CERTIFICATE-----
740
+
MIID2DCCAsACEQDQHkCLAAB3bQAAAAEAAAAEMA0GCSqGSIb3DQEBBQUAMIGpMQsw
741
+
CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
742
+
dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
743
+
CxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIxITAfBgkqhkiG9w0B
744
+
CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODExMzAyMjQ2MTZaFw0wODExMjcy
745
+
MjQ2MTZaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
746
+
U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
747
+
IENvLjERMA8GA1UECxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIx
748
+
ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
749
+
AQEBBQADggEPADCCAQoCggEBANx18IzAdZaawGIfJvfE4Zrq4FZzW5nNAUSoCLbV
750
+
p9oaBBg5kkp4o4HC9Xd6ULRw/5qrxsfKboNPQpj7Jgva3G3WqZlVUmfpKAOS3OWw
751
+
BZoPFflrWXJW8vo5/Kpo7g8fEIMv/J36F5bdguPmRX3AS4BEH+0s4IT9kVySVGkl
752
+
5WJp3OXuAFK9MwutdQKFp2RQLcUZGTDAJtvJ0/0uma1ZtQtN1EGuhUhDWdy3qOKi
753
+
3sOP17ihYqZoUFLkzzGnlIXan0YyF1bl8utmPRL/Q9uY73fPy4GNNLHGUEom0eQ+
754
+
QVCvbK4iNC7Va26Dunm4dmVI2gkpZGMiuftHdoWMhkTLCdsCAwEAATANBgkqhkiG
755
+
9w0BAQUFAAOCAQEAtTYOXeFhKFoRZcA/gwN5Tb4opgsHAlKFzfiR0BBstWogWxyQ
756
+
2TA8xkieil5k+aFxd+8EJx8H6+Qm93N0yUQYGmbT4EOvkTvRyyzYdFQ6HE3K1GjN
757
+
I3wdEJ5F6fYAbqbNGf9PLCmPV03Ed5K+4EwJ+11EhmYhqLkyolbV6YyDfFk/xPEL
758
+
553snr2cGA4+wjl5KLcDDQjLxufZATdQEOzMYRZA1K8xdHv8PzGn0EdzMzkbzE5q
759
+
10mDEQb+64JYMzJM8FasHpwvVpp7wUocpf1VNs78lk30sPDst2yC7S8xmUJMqbIN
760
+
uBVd8d+6ybVK1GSYsyapMMj9puyrliGtf8J4tg==
761
+
-----END CERTIFICATE-----
762
+
Certificate Ingredients:
763
+
Data:
764
+
Version: 1 (0x0)
765
+
Serial Number:
766
+
d0:1e:40:8b:00:00:77:6d:00:00:00:01:00:00:00:04
767
+
Signature Algorithm: sha1WithRSAEncryption
768
+
Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X2, CN=DST RootCA X2/Email=ca@digsigtrust.com
769
+
Validity
770
+
Not Before: Nov 30 22:46:16 1998 GMT
771
+
Not After : Nov 27 22:46:16 2008 GMT
772
+
Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X2, CN=DST RootCA X2/Email=ca@digsigtrust.com
773
+
Subject Public Key Info:
774
+
Public Key Algorithm: rsaEncryption
775
+
RSA Public Key: (2048 bit)
776
+
Modulus (2048 bit):
777
+
00:dc:75:f0:8c:c0:75:96:9a:c0:62:1f:26:f7:c4:
778
+
e1:9a:ea:e0:56:73:5b:99:cd:01:44:a8:08:b6:d5:
779
+
a7:da:1a:04:18:39:92:4a:78:a3:81:c2:f5:77:7a:
780
+
50:b4:70:ff:9a:ab:c6:c7:ca:6e:83:4f:42:98:fb:
781
+
26:0b:da:dc:6d:d6:a9:99:55:52:67:e9:28:03:92:
782
+
dc:e5:b0:05:9a:0f:15:f9:6b:59:72:56:f2:fa:39:
783
+
fc:aa:68:ee:0f:1f:10:83:2f:fc:9d:fa:17:96:dd:
784
+
82:e3:e6:45:7d:c0:4b:80:44:1f:ed:2c:e0:84:fd:
785
+
91:5c:92:54:69:25:e5:62:69:dc:e5:ee:00:52:bd:
786
+
33:0b:ad:75:02:85:a7:64:50:2d:c5:19:19:30:c0:
787
+
26:db:c9:d3:fd:2e:99:ad:59:b5:0b:4d:d4:41:ae:
788
+
85:48:43:59:dc:b7:a8:e2:a2:de:c3:8f:d7:b8:a1:
789
+
62:a6:68:50:52:e4:cf:31:a7:94:85:da:9f:46:32:
790
+
17:56:e5:f2:eb:66:3d:12:ff:43:db:98:ef:77:cf:
791
+
cb:81:8d:34:b1:c6:50:4a:26:d1:e4:3e:41:50:af:
792
+
6c:ae:22:34:2e:d5:6b:6e:83:ba:79:b8:76:65:48:
793
+
da:09:29:64:63:22:b9:fb:47:76:85:8c:86:44:cb:
794
+
09:db
795
+
Exponent: 65537 (0x10001)
796
+
Signature Algorithm: sha1WithRSAEncryption
797
+
b5:36:0e:5d:e1:61:28:5a:11:65:c0:3f:83:03:79:4d:be:28:
798
+
a6:0b:07:02:52:85:cd:f8:91:d0:10:6c:b5:6a:20:5b:1c:90:
799
+
d9:30:3c:c6:48:9e:8a:5e:64:f9:a1:71:77:ef:04:27:1f:07:
800
+
eb:e4:26:f7:73:74:c9:44:18:1a:66:d3:e0:43:af:91:3b:d1:
801
+
cb:2c:d8:74:54:3a:1c:4d:ca:d4:68:cd:23:7c:1d:10:9e:45:
802
+
e9:f6:00:6e:a6:cd:19:ff:4f:2c:29:8f:57:4d:c4:77:92:be:
803
+
e0:4c:09:fb:5d:44:86:66:21:a8:b9:32:a2:56:d5:e9:8c:83:
804
+
7c:59:3f:c4:f1:0b:e7:9d:ec:9e:bd:9c:18:0e:3e:c2:39:79:
805
+
28:b7:03:0d:08:cb:c6:e7:d9:01:37:50:10:ec:cc:61:16:40:
806
+
d4:af:31:74:7b:fc:3f:31:a7:d0:47:73:33:39:1b:cc:4e:6a:
807
+
d7:49:83:11:06:fe:eb:82:58:33:32:4c:f0:56:ac:1e:9c:2f:
808
+
56:9a:7b:c1:4a:1c:a5:fd:55:36:ce:fc:96:4d:f4:b0:f0:ec:
809
+
b7:6c:82:ed:2f:31:99:42:4c:a9:b2:0d:b8:15:5d:f1:df:ba:
810
+
c9:b5:4a:d4:64:98:b3:26:a9:30:c8:fd:a6:ec:ab:96:21:ad:
811
+
7f:c2:78:b6
812
+
813
+
Entrust Worldwide by DST
814
+
========================
815
+
MD5 Fingerprint: B4:65:22:0A:7C:AD:DF:41:B7:D5:44:D5:AD:FA:9A:75
816
+
PEM Data:
817
+
-----BEGIN CERTIFICATE-----
818
+
MIIDRzCCArCgAwIBAgIENm3FGDANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJV
819
+
UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRswGQYDVQQL
820
+
ExJEU1QtRW50cnVzdCBHVEkgQ0EwHhcNOTgxMjA5MDAwMjI0WhcNMTgxMjA5MDAz
821
+
MjI0WjBQMQswCQYDVQQGEwJVUzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUg
822
+
VHJ1c3QgQ28uMRswGQYDVQQLExJEU1QtRW50cnVzdCBHVEkgQ0EwgZ0wDQYJKoZI
823
+
hvcNAQEBBQADgYsAMIGHAoGBALYd90uNDxPjEvUJ/gYyDq9MQfV91Ec9KgrfgwXe
824
+
3n3mAxb2UTrLRxpKrX7E/R20vnSKeN0Lg460hBPE+/htKa6h4Q8PQ+O1XmBp+oOU
825
+
/Hnm3Hbt0UQrjv0Su/4XdxcMie2n71F9xO04wzujevviTaBgtfL9E2XTxuw/vjWc
826
+
PSLvAgEDo4IBLjCCASowEQYJYIZIAYb4QgEBBAQDAgAHMHIGA1UdHwRrMGkwZ6Bl
827
+
oGOkYTBfMQswCQYDVQQGEwJVUzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUg
828
+
VHJ1c3QgQ28uMRswGQYDVQQLExJEU1QtRW50cnVzdCBHVEkgQ0ExDTALBgNVBAMT
829
+
BENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkwMDAyMjRagQ8yMDE4MTIwOTAwMDIy
830
+
NFowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFJOaRMrQeFOAKUkE38evMz+ZdV+u
831
+
MB0GA1UdDgQWBBSTmkTK0HhTgClJBN/HrzM/mXVfrjAMBgNVHRMEBTADAQH/MBkG
832
+
CSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GBAGSJzAOn
833
+
3AryWCDn/RegKHLNh7DNmLUkR2MzMRAQsu+KV3KuTAPgZ5+sYEOEIsGpo+Wxp94J
834
+
1M8NeEYjW49Je/4TIpeU6nJI4SwgeJbpZkUZywllY2E/0UmYsXYQVdVjSmZLpAdr
835
+
3nt/ueaTWxoCW4AO3Y0Y1Iqjwmjxo+AY0U5M
836
+
-----END CERTIFICATE-----
837
+
Certificate Ingredients:
838
+
Data:
839
+
Version: 3 (0x2)
840
+
Serial Number: 913163544 (0x366dc518)
841
+
Signature Algorithm: sha1WithRSAEncryption
842
+
Issuer: C=US, O=Digital Signature Trust Co., OU=DST-Entrust GTI CA
843
+
Validity
844
+
Not Before: Dec 9 00:02:24 1998 GMT
845
+
Not After : Dec 9 00:32:24 2018 GMT
846
+
Subject: C=US, O=Digital Signature Trust Co., OU=DST-Entrust GTI CA
847
+
Subject Public Key Info:
848
+
Public Key Algorithm: rsaEncryption
849
+
RSA Public Key: (1024 bit)
850
+
Modulus (1024 bit):
851
+
00:b6:1d:f7:4b:8d:0f:13:e3:12:f5:09:fe:06:32:
852
+
0e:af:4c:41:f5:7d:d4:47:3d:2a:0a:df:83:05:de:
853
+
de:7d:e6:03:16:f6:51:3a:cb:47:1a:4a:ad:7e:c4:
854
+
fd:1d:b4:be:74:8a:78:dd:0b:83:8e:b4:84:13:c4:
855
+
fb:f8:6d:29:ae:a1:e1:0f:0f:43:e3:b5:5e:60:69:
856
+
fa:83:94:fc:79:e6:dc:76:ed:d1:44:2b:8e:fd:12:
857
+
bb:fe:17:77:17:0c:89:ed:a7:ef:51:7d:c4:ed:38:
858
+
c3:3b:a3:7a:fb:e2:4d:a0:60:b5:f2:fd:13:65:d3:
859
+
c6:ec:3f:be:35:9c:3d:22:ef
860
+
Exponent: 3 (0x3)
861
+
X509v3 extensions:
862
+
Netscape Cert Type:
863
+
SSL CA, S/MIME CA, Object Signing CA
864
+
X509v3 CRL Distribution Points:
865
+
DirName:/C=US/O=Digital Signature Trust Co./OU=DST-Entrust GTI CA/CN=CRL1
866
+
867
+
X509v3 Private Key Usage Period:
868
+
Not Before: Dec 9 00:02:24 1998 GMT, Not After: Dec 9 00:02:24 2018 GMT
869
+
X509v3 Key Usage:
870
+
Certificate Sign, CRL Sign
871
+
X509v3 Authority Key Identifier:
872
+
keyid:93:9A:44:CA:D0:78:53:80:29:49:04:DF:C7:AF:33:3F:99:75:5F:AE
873
+
874
+
X509v3 Subject Key Identifier:
875
+
93:9A:44:CA:D0:78:53:80:29:49:04:DF:C7:AF:33:3F:99:75:5F:AE
876
+
X509v3 Basic Constraints:
877
+
CA:TRUE
878
+
1.2.840.113533.7.65.0:
879
+
0
880
+
..V4.0....
881
+
Signature Algorithm: sha1WithRSAEncryption
882
+
64:89:cc:03:a7:dc:0a:f2:58:20:e7:fd:17:a0:28:72:cd:87:
883
+
b0:cd:98:b5:24:47:63:33:31:10:10:b2:ef:8a:57:72:ae:4c:
884
+
03:e0:67:9f:ac:60:43:84:22:c1:a9:a3:e5:b1:a7:de:09:d4:
885
+
cf:0d:78:46:23:5b:8f:49:7b:fe:13:22:97:94:ea:72:48:e1:
886
+
2c:20:78:96:e9:66:45:19:cb:09:65:63:61:3f:d1:49:98:b1:
887
+
76:10:55:d5:63:4a:66:4b:a4:07:6b:de:7b:7f:b9:e6:93:5b:
888
+
1a:02:5b:80:0e:dd:8d:18:d4:8a:a3:c2:68:f1:a3:e0:18:d1:
889
+
4e:4c
890
+
891
+
Entrust.net Premium 2048 Secure Server CA
892
+
=========================================
893
+
MD5 Fingerprint: BA:21:EA:20:D6:DD:DB:8F:C1:57:8B:40:AD:A1:FC:FC
894
+
PEM Data:
895
+
-----BEGIN CERTIFICATE-----
896
+
MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
897
+
RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
898
+
bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
899
+
IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
900
+
ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0xOTEy
901
+
MjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
902
+
LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
903
+
YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
904
+
A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp
905
+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
906
+
K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe
907
+
sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX
908
+
MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT
909
+
XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/
910
+
HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH
911
+
4QIDAQABo3QwcjARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB0RGA
912
+
vtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdERgL7YibkIozH5oSQJFrlwMB0G
913
+
CSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA
914
+
WUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFhfGPjK50xA3B20qMo
915
+
oPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVUKcgF7bISKo30Axv/55IQ
916
+
h7A6tcOdBTcSo8f0FbnVpDkWm1M6I5HxqIKiaohowXkCIryqptau37AUX7iH0N18
917
+
f3v/rxzP5tsHrV7bhZ3QKw0z2wTR5klAEyt2+z7pnIkPFc4YsIV4IU9rTw76NmfN
918
+
B/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjXOP/swNlQ8C5LWK5Gb9Auw2DaclVy
919
+
vUxFnmG6v4SBkgPR0ml8xQ==
920
+
-----END CERTIFICATE-----
921
+
Certificate Ingredients:
922
+
Data:
923
+
Version: 3 (0x2)
924
+
Serial Number: 946059622 (0x3863b966)
925
+
Signature Algorithm: sha1WithRSAEncryption
926
+
Issuer: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
927
+
Validity
928
+
Not Before: Dec 24 17:50:51 1999 GMT
929
+
Not After : Dec 24 18:20:51 2019 GMT
930
+
Subject: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
931
+
Subject Public Key Info:
932
+
Public Key Algorithm: rsaEncryption
933
+
RSA Public Key: (2048 bit)
934
+
Modulus (2048 bit):
935
+
00:ad:4d:4b:a9:12:86:b2:ea:a3:20:07:15:16:64:
936
+
2a:2b:4b:d1:bf:0b:4a:4d:8e:ed:80:76:a5:67:b7:
937
+
78:40:c0:73:42:c8:68:c0:db:53:2b:dd:5e:b8:76:
938
+
98:35:93:8b:1a:9d:7c:13:3a:0e:1f:5b:b7:1e:cf:
939
+
e5:24:14:1e:b1:81:a9:8d:7d:b8:cc:6b:4b:03:f1:
940
+
02:0c:dc:ab:a5:40:24:00:7f:74:94:a1:9d:08:29:
941
+
b3:88:0b:f5:87:77:9d:55:cd:e4:c3:7e:d7:6a:64:
942
+
ab:85:14:86:95:5b:97:32:50:6f:3d:c8:ba:66:0c:
943
+
e3:fc:bd:b8:49:c1:76:89:49:19:fd:c0:a8:bd:89:
944
+
a3:67:2f:c6:9f:bc:71:19:60:b8:2d:e9:2c:c9:90:
945
+
76:66:7b:94:e2:af:78:d6:65:53:5d:3c:d6:9c:b2:
946
+
cf:29:03:f9:2f:a4:50:b2:d4:48:ce:05:32:55:8a:
947
+
fd:b2:64:4c:0e:e4:98:07:75:db:7f:df:b9:08:55:
948
+
60:85:30:29:f9:7b:48:a4:69:86:e3:35:3f:1e:86:
949
+
5d:7a:7a:15:bd:ef:00:8e:15:22:54:17:00:90:26:
950
+
93:bc:0e:49:68:91:bf:f8:47:d3:9d:95:42:c1:0e:
951
+
4d:df:6f:26:cf:c3:18:21:62:66:43:70:d6:d5:c0:
952
+
07:e1
953
+
Exponent: 65537 (0x10001)
954
+
X509v3 extensions:
955
+
Netscape Cert Type:
956
+
SSL CA, S/MIME CA, Object Signing CA
957
+
X509v3 Authority Key Identifier:
958
+
keyid:55:E4:81:D1:11:80:BE:D8:89:B9:08:A3:31:F9:A1:24:09:16:B9:70
959
+
960
+
X509v3 Subject Key Identifier:
961
+
55:E4:81:D1:11:80:BE:D8:89:B9:08:A3:31:F9:A1:24:09:16:B9:70
962
+
1.2.840.113533.7.65.0:
963
+
0...V5.0:4.0....
964
+
Signature Algorithm: sha1WithRSAEncryption
965
+
59:47:ac:21:84:8a:17:c9:9c:89:53:1e:ba:80:85:1a:c6:3c:
966
+
4e:3e:b1:9c:b6:7c:c6:92:5d:18:64:02:e3:d3:06:08:11:61:
967
+
7c:63:e3:2b:9d:31:03:70:76:d2:a3:28:a0:f4:bb:9a:63:73:
968
+
ed:6d:e5:2a:db:ed:14:a9:2b:c6:36:11:d0:2b:eb:07:8b:a5:
969
+
da:9e:5c:19:9d:56:12:f5:54:29:c8:05:ed:b2:12:2a:8d:f4:
970
+
03:1b:ff:e7:92:10:87:b0:3a:b5:c3:9d:05:37:12:a3:c7:f4:
971
+
15:b9:d5:a4:39:16:9b:53:3a:23:91:f1:a8:82:a2:6a:88:68:
972
+
c1:79:02:22:bc:aa:a6:d6:ae:df:b0:14:5f:b8:87:d0:dd:7c:
973
+
7f:7b:ff:af:1c:cf:e6:db:07:ad:5e:db:85:9d:d0:2b:0d:33:
974
+
db:04:d1:e6:49:40:13:2b:76:fb:3e:e9:9c:89:0f:15:ce:18:
975
+
b0:85:78:21:4f:6b:4f:0e:fa:36:67:cd:07:f2:ff:08:d0:e2:
976
+
de:d9:bf:2a:af:b8:87:86:21:3c:04:ca:b7:94:68:7f:cf:3c:
977
+
e9:98:d7:38:ff:ec:c0:d9:50:f0:2e:4b:58:ae:46:6f:d0:2e:
978
+
c3:60:da:72:55:72:bd:4c:45:9e:61:ba:bf:84:81:92:03:d1:
979
+
d2:69:7c:c5
980
+
981
+
Entrust.net Secure Personal CA
982
+
==============================
983
+
MD5 Fingerprint: 0C:41:2F:13:5B:A0:54:F5:96:66:2D:7E:CD:0E:03:F4
984
+
PEM Data:
985
+
-----BEGIN CERTIFICATE-----
986
+
MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UEBhMC
987
+
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50cnVzdC5u
988
+
ZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBsaW1pdHMgbGlh
989
+
Yi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV
990
+
BAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
991
+
Fw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBaMIHJMQswCQYDVQQGEwJVUzEU
992
+
MBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9D
993
+
bGllbnRfQ0FfSW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjEl
994
+
MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMq
995
+
RW50cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0G
996
+
CSqGSIb3DQEBAQUAA4GLADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo
997
+
6oT9n3V5z8GKUZSvx1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux
998
+
5zDeg7K6PvHViTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zm
999
+
AqTmT173iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSC
1000
+
ARkwggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50
1001
+
cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5m
1002
+
by9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMp
1003
+
IDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQg
1004
+
Q2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCyg
1005
+
KqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9DbGllbnQxLmNybDArBgNV
1006
+
HRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkxMDEyMTkyNDMwWjALBgNVHQ8E
1007
+
BAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW/O5bs8qZdIuV6kwwHQYDVR0OBBYE
1008
+
FMT7nCl7l81MlvzuW7PKmXSLlepMMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EA
1009
+
BAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7
1010
+
pFuPeJoSSJn59DXeDDYHAmsQOokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzz
1011
+
wy5E97BnRqqS5TvaHBkUODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/a
1012
+
EkP/TOYGJqibGapEPHayXOw=
1013
+
-----END CERTIFICATE-----
1014
+
Certificate Ingredients:
1015
+
Data:
1016
+
Version: 3 (0x2)
1017
+
Serial Number: 939758062 (0x380391ee)
1018
+
Signature Algorithm: md5WithRSAEncryption
1019
+
Issuer: C=US, O=Entrust.net, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Client Certification Authority
1020
+
Validity
1021
+
Not Before: Oct 12 19:24:30 1999 GMT
1022
+
Not After : Oct 12 19:54:30 2019 GMT
1023
+
Subject: C=US, O=Entrust.net, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Client Certification Authority
1024
+
Subject Public Key Info:
1025
+
Public Key Algorithm: rsaEncryption
1026
+
RSA Public Key: (1024 bit)
1027
+
Modulus (1024 bit):
1028
+
00:c8:3a:99:5e:31:17:df:ac:27:6f:90:7b:e4:19:
1029
+
ff:45:a3:34:c2:db:c1:a8:4f:f0:68:ea:84:fd:9f:
1030
+
75:79:cf:c1:8a:51:94:af:c7:57:03:47:64:9e:ad:
1031
+
82:1b:5a:da:7f:37:78:47:bb:37:98:12:96:ce:c6:
1032
+
13:7d:ef:d2:0c:30:51:a9:39:9e:55:f8:fb:b1:e7:
1033
+
30:de:83:b2:ba:3e:f1:d5:89:3b:3b:85:ba:aa:74:
1034
+
2c:fe:3f:31:6e:af:91:95:6e:06:d4:07:4d:4b:2c:
1035
+
56:47:18:04:52:da:0e:10:93:bf:63:90:9b:e1:df:
1036
+
8c:e6:02:a4:e6:4f:5e:f7:8b
1037
+
Exponent: 3 (0x3)
1038
+
X509v3 extensions:
1039
+
Netscape Cert Type:
1040
+
SSL CA, S/MIME CA, Object Signing CA
1041
+
X509v3 CRL Distribution Points:
1042
+
DirName:/C=US/O=Entrust.net/OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab./OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Client Certification Authority/CN=CRL1
1043
+
URI:http://www.entrust.net/CRL/Client1.crl
1044
+
1045
+
X509v3 Private Key Usage Period:
1046
+
Not Before: Oct 12 19:24:30 1999 GMT, Not After: Oct 12 19:24:30 2019 GMT
1047
+
X509v3 Key Usage:
1048
+
Certificate Sign, CRL Sign
1049
+
X509v3 Authority Key Identifier:
1050
+
keyid:C4:FB:9C:29:7B:97:CD:4C:96:FC:EE:5B:B3:CA:99:74:8B:95:EA:4C
1051
+
1052
+
X509v3 Subject Key Identifier:
1053
+
C4:FB:9C:29:7B:97:CD:4C:96:FC:EE:5B:B3:CA:99:74:8B:95:EA:4C
1054
+
X509v3 Basic Constraints:
1055
+
CA:TRUE
1056
+
1.2.840.113533.7.65.0:
1057
+
0
1058
+
..V4.0....
1059
+
Signature Algorithm: md5WithRSAEncryption
1060
+
3f:ae:8a:f1:d7:66:03:05:9e:3e:fa:ea:1c:46:bb:a4:5b:8f:
1061
+
78:9a:12:48:99:f9:f4:35:de:0c:36:07:02:6b:10:3a:89:14:
1062
+
81:9c:31:a6:7c:b2:41:b2:6a:e7:07:01:a1:4b:f9:9f:25:3b:
1063
+
96:ca:99:c3:3e:a1:51:1c:f3:c3:2e:44:f7:b0:67:46:aa:92:
1064
+
e5:3b:da:1c:19:14:38:30:d5:e2:a2:31:25:2e:f1:ec:45:38:
1065
+
ed:f8:06:58:03:73:62:b0:10:31:8f:40:bf:64:e0:5c:3e:c5:
1066
+
4f:1f:da:12:43:ff:4c:e6:06:26:a8:9b:19:aa:44:3c:76:b2:
1067
+
5c:ec
1068
+
1069
+
Entrust.net Secure Server CA
1070
+
============================
1071
+
MD5 Fingerprint: DF:F2:80:73:CC:F1:E6:61:73:FC:F5:42:E9:C5:7C:EE
1072
+
PEM Data:
1073
+
-----BEGIN CERTIFICATE-----
1074
+
MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
1075
+
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
1076
+
ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
1077
+
KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
1078
+
ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
1079
+
MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
1080
+
ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
1081
+
b3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF
1082
+
bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUg
1083
+
U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUA
1084
+
A4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/
1085
+
I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3
1086
+
wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OC
1087
+
AdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHb
1088
+
oIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5
1089
+
BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
1090
+
dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVk
1091
+
MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
1092
+
b24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu
1093
+
dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0
1094
+
MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8Bdi
1095
+
E1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAa
1096
+
MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
1097
+
hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
1098
+
95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
1099
+
2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
1100
+
-----END CERTIFICATE-----
1101
+
Certificate Ingredients:
1102
+
Data:
1103
+
Version: 3 (0x2)
1104
+
Serial Number: 927650371 (0x374ad243)
1105
+
Signature Algorithm: sha1WithRSAEncryption
1106
+
Issuer: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
1107
+
Validity
1108
+
Not Before: May 25 16:09:40 1999 GMT
1109
+
Not After : May 25 16:39:40 2019 GMT
1110
+
Subject: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
1111
+
Subject Public Key Info:
1112
+
Public Key Algorithm: rsaEncryption
1113
+
RSA Public Key: (1024 bit)
1114
+
Modulus (1024 bit):
1115
+
00:cd:28:83:34:54:1b:89:f3:0f:af:37:91:31:ff:
1116
+
af:31:60:c9:a8:e8:b2:10:68:ed:9f:e7:93:36:f1:
1117
+
0a:64:bb:47:f5:04:17:3f:23:47:4d:c5:27:19:81:
1118
+
26:0c:54:72:0d:88:2d:d9:1f:9a:12:9f:bc:b3:71:
1119
+
d3:80:19:3f:47:66:7b:8c:35:28:d2:b9:0a:df:24:
1120
+
da:9c:d6:50:79:81:7a:5a:d3:37:f7:c2:4a:d8:29:
1121
+
92:26:64:d1:e4:98:6c:3a:00:8a:f5:34:9b:65:f8:
1122
+
ed:e3:10:ff:fd:b8:49:58:dc:a0:de:82:39:6b:81:
1123
+
b1:16:19:61:b9:54:b6:e6:43
1124
+
Exponent: 3 (0x3)
1125
+
X509v3 extensions:
1126
+
Netscape Cert Type:
1127
+
SSL CA, S/MIME CA, Object Signing CA
1128
+
X509v3 CRL Distribution Points:
1129
+
DirName:/C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority/CN=CRL1
1130
+
URI:http://www.entrust.net/CRL/net1.crl
1131
+
1132
+
X509v3 Private Key Usage Period:
1133
+
Not Before: May 25 16:09:40 1999 GMT, Not After: May 25 16:09:40 2019 GMT
1134
+
X509v3 Key Usage:
1135
+
Certificate Sign, CRL Sign
1136
+
X509v3 Authority Key Identifier:
1137
+
keyid:F0:17:62:13:55:3D:B3:FF:0A:00:6B:FB:50:84:97:F3:ED:62:D0:1A
1138
+
1139
+
X509v3 Subject Key Identifier:
1140
+
F0:17:62:13:55:3D:B3:FF:0A:00:6B:FB:50:84:97:F3:ED:62:D0:1A
1141
+
X509v3 Basic Constraints:
1142
+
CA:TRUE
1143
+
1.2.840.113533.7.65.0:
1144
+
0
1145
+
..V4.0....
1146
+
Signature Algorithm: sha1WithRSAEncryption
1147
+
90:dc:30:02:fa:64:74:c2:a7:0a:a5:7c:21:8d:34:17:a8:fb:
1148
+
47:0e:ff:25:7c:8d:13:0a:fb:e4:98:b5:ef:8c:f8:c5:10:0d:
1149
+
f7:92:be:f1:c3:d5:d5:95:6a:04:bb:2c:ce:26:36:65:c8:31:
1150
+
c6:e7:ee:3f:e3:57:75:84:7a:11:ef:46:4f:18:f4:d3:98:bb:
1151
+
a8:87:32:ba:72:f6:3c:e2:3d:9f:d7:1d:d9:c3:60:43:8c:58:
1152
+
0e:22:96:2f:62:a3:2c:1f:ba:ad:05:ef:ab:32:78:87:a0:54:
1153
+
73:19:b5:5c:05:f9:52:3e:6d:2d:45:0b:f7:0a:93:ea:ed:06:
1154
+
f9:b2
1155
+
1156
+
Equifax Premium CA
1157
+
==================
1158
+
MD5 Fingerprint: A9:E9:A8:9D:0E:73:E3:B1:2F:37:0D:E8:48:3F:86:ED
1159
+
PEM Data:
1160
+
-----BEGIN CERTIFICATE-----
1161
+
MIIDIzCCAoygAwIBAgIENeHvHjANBgkqhkiG9w0BAQUFADBPMQswCQYDVQQGEwJV
1162
+
UzEQMA4GA1UEChMHRXF1aWZheDEuMCwGA1UECxMlRXF1aWZheCBQcmVtaXVtIENl
1163
+
cnRpZmljYXRlIEF1dGhvcml0eTAeFw05ODA4MjQyMjU0MjNaFw0xODA4MjQyMjU0
1164
+
MjNaME8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFcXVpZmF4MS4wLAYDVQQLEyVF
1165
+
cXVpZmF4IFByZW1pdW0gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIGfMA0GCSqGSIb3
1166
+
DQEBAQUAA4GNADCBiQKBgQDOoQaOBswIC8GGqN4g1Q0O0Q3En+pq2bPCMkdAb4qI
1167
+
pAm9OCwd5svmpPM269rrvPxkswf2Lbyqzp8ZSGhK/PWiRX4JEPWPs0lcIwY56hOL
1168
+
uAvNkR12X9k3oUT7X5DyZ7PNGJlDH3YSawLylYM4Q8L2YjTKyXhdX9LYupr/vhBg
1169
+
WwIDAQABo4IBCjCCAQYwcQYDVR0fBGowaDBmoGSgYqRgMF4xCzAJBgNVBAYTAlVT
1170
+
MRAwDgYDVQQKEwdFcXVpZmF4MS4wLAYDVQQLEyVFcXVpZmF4IFByZW1pdW0gQ2Vy
1171
+
dGlmaWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIw
1172
+
MTgwODI0MjI1NDIzWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUFe6yKFmrbuX4
1173
+
z4uB9CThrj91G5gwHQYDVR0OBBYEFBXusihZq27l+M+LgfQk4a4/dRuYMAwGA1Ud
1174
+
EwQFMAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEB
1175
+
BQUAA4GBAL0LnCepA9so3JipS9DRjqeoGlqR4Jzx9xh8LiKeNh/JqLXNRkpu+jUH
1176
+
G4YI65/iqPmdQS06rlxctl80BOv8KmCw+3TkhellOJbuFcfGd2MSvYpoH6tsfdrK
1177
+
XBPO6snrCVzFc+cSAdXZUwee4A+W8Iu0u0VIn4bFGVWgy5bFA/xI
1178
+
-----END CERTIFICATE-----
1179
+
Certificate Ingredients:
1180
+
Data:
1181
+
Version: 3 (0x2)
1182
+
Serial Number: 903999262 (0x35e1ef1e)
1183
+
Signature Algorithm: sha1WithRSAEncryption
1184
+
Issuer: C=US, O=Equifax, OU=Equifax Premium Certificate Authority
1185
+
Validity
1186
+
Not Before: Aug 24 22:54:23 1998 GMT
1187
+
Not After : Aug 24 22:54:23 2018 GMT
1188
+
Subject: C=US, O=Equifax, OU=Equifax Premium Certificate Authority
1189
+
Subject Public Key Info:
1190
+
Public Key Algorithm: rsaEncryption
1191
+
RSA Public Key: (1024 bit)
1192
+
Modulus (1024 bit):
1193
+
00:ce:a1:06:8e:06:cc:08:0b:c1:86:a8:de:20:d5:
1194
+
0d:0e:d1:0d:c4:9f:ea:6a:d9:b3:c2:32:47:40:6f:
1195
+
8a:88:a4:09:bd:38:2c:1d:e6:cb:e6:a4:f3:36:eb:
1196
+
da:eb:bc:fc:64:b3:07:f6:2d:bc:aa:ce:9f:19:48:
1197
+
68:4a:fc:f5:a2:45:7e:09:10:f5:8f:b3:49:5c:23:
1198
+
06:39:ea:13:8b:b8:0b:cd:91:1d:76:5f:d9:37:a1:
1199
+
44:fb:5f:90:f2:67:b3:cd:18:99:43:1f:76:12:6b:
1200
+
02:f2:95:83:38:43:c2:f6:62:34:ca:c9:78:5d:5f:
1201
+
d2:d8:ba:9a:ff:be:10:60:5b
1202
+
Exponent: 65537 (0x10001)
1203
+
X509v3 extensions:
1204
+
X509v3 CRL Distribution Points:
1205
+
DirName:/C=US/O=Equifax/OU=Equifax Premium Certificate Authority/CN=CRL1
1206
+
1207
+
X509v3 Private Key Usage Period:
1208
+
Not After: Aug 24 22:54:23 2018 GMT
1209
+
X509v3 Key Usage:
1210
+
Certificate Sign, CRL Sign
1211
+
X509v3 Authority Key Identifier:
1212
+
keyid:15:EE:B2:28:59:AB:6E:E5:F8:CF:8B:81:F4:24:E1:AE:3F:75:1B:98
1213
+
1214
+
X509v3 Subject Key Identifier:
1215
+
15:EE:B2:28:59:AB:6E:E5:F8:CF:8B:81:F4:24:E1:AE:3F:75:1B:98
1216
+
X509v3 Basic Constraints:
1217
+
CA:TRUE
1218
+
1.2.840.113533.7.65.0:
1219
+
0...V3.0c....
1220
+
Signature Algorithm: sha1WithRSAEncryption
1221
+
bd:0b:9c:27:a9:03:db:28:dc:98:a9:4b:d0:d1:8e:a7:a8:1a:
1222
+
5a:91:e0:9c:f1:f7:18:7c:2e:22:9e:36:1f:c9:a8:b5:cd:46:
1223
+
4a:6e:fa:35:07:1b:86:08:eb:9f:e2:a8:f9:9d:41:2d:3a:ae:
1224
+
5c:5c:b6:5f:34:04:eb:fc:2a:60:b0:fb:74:e4:85:e9:65:38:
1225
+
96:ee:15:c7:c6:77:63:12:bd:8a:68:1f:ab:6c:7d:da:ca:5c:
1226
+
13:ce:ea:c9:eb:09:5c:c5:73:e7:12:01:d5:d9:53:07:9e:e0:
1227
+
0f:96:f0:8b:b4:bb:45:48:9f:86:c5:19:55:a0:cb:96:c5:03:
1228
+
fc:48
1229
+
1230
+
Equifax Secure CA
1231
+
=================
1232
+
MD5 Fingerprint: 67:CB:9D:C0:13:24:8A:82:9B:B2:17:1E:D1:1B:EC:D4
1233
+
PEM Data:
1234
+
-----BEGIN CERTIFICATE-----
1235
+
MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
1236
+
UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
1237
+
dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
1238
+
MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
1239
+
dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
1240
+
AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
1241
+
BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
1242
+
cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
1243
+
AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
1244
+
MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
1245
+
aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
1246
+
ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
1247
+
IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
1248
+
MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
1249
+
A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
1250
+
7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
1251
+
1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
1252
+
-----END CERTIFICATE-----
1253
+
Certificate Ingredients:
1254
+
Data:
1255
+
Version: 3 (0x2)
1256
+
Serial Number: 903804111 (0x35def4cf)
1257
+
Signature Algorithm: sha1WithRSAEncryption
1258
+
Issuer: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1259
+
Validity
1260
+
Not Before: Aug 22 16:41:51 1998 GMT
1261
+
Not After : Aug 22 16:41:51 2018 GMT
1262
+
Subject: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1263
+
Subject Public Key Info:
1264
+
Public Key Algorithm: rsaEncryption
1265
+
RSA Public Key: (1024 bit)
1266
+
Modulus (1024 bit):
1267
+
00:c1:5d:b1:58:67:08:62:ee:a0:9a:2d:1f:08:6d:
1268
+
91:14:68:98:0a:1e:fe:da:04:6f:13:84:62:21:c3:
1269
+
d1:7c:ce:9f:05:e0:b8:01:f0:4e:34:ec:e2:8a:95:
1270
+
04:64:ac:f1:6b:53:5f:05:b3:cb:67:80:bf:42:02:
1271
+
8e:fe:dd:01:09:ec:e1:00:14:4f:fc:fb:f0:0c:dd:
1272
+
43:ba:5b:2b:e1:1f:80:70:99:15:57:93:16:f1:0f:
1273
+
97:6a:b7:c2:68:23:1c:cc:4d:59:30:ac:51:1e:3b:
1274
+
af:2b:d6:ee:63:45:7b:c5:d9:5f:50:d2:e3:50:0f:
1275
+
3a:88:e7:bf:14:fd:e0:c7:b9
1276
+
Exponent: 65537 (0x10001)
1277
+
X509v3 extensions:
1278
+
X509v3 CRL Distribution Points:
1279
+
DirName:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority/CN=CRL1
1280
+
1281
+
X509v3 Private Key Usage Period:
1282
+
Not After: Aug 22 16:41:51 2018 GMT
1283
+
X509v3 Key Usage:
1284
+
Certificate Sign, CRL Sign
1285
+
X509v3 Authority Key Identifier:
1286
+
keyid:48:E6:68:F9:2B:D2:B2:95:D7:47:D8:23:20:10:4F:33:98:90:9F:D4
1287
+
1288
+
X509v3 Subject Key Identifier:
1289
+
48:E6:68:F9:2B:D2:B2:95:D7:47:D8:23:20:10:4F:33:98:90:9F:D4
1290
+
X509v3 Basic Constraints:
1291
+
CA:TRUE
1292
+
1.2.840.113533.7.65.0:
1293
+
0...V3.0c....
1294
+
Signature Algorithm: sha1WithRSAEncryption
1295
+
58:ce:29:ea:fc:f7:de:b5:ce:02:b9:17:b5:85:d1:b9:e3:e0:
1296
+
95:cc:25:31:0d:00:a6:92:6e:7f:b6:92:63:9e:50:95:d1:9a:
1297
+
6f:e4:11:de:63:85:6e:98:ee:a8:ff:5a:c8:d3:55:b2:66:71:
1298
+
57:de:c0:21:eb:3d:2a:a7:23:49:01:04:86:42:7b:fc:ee:7f:
1299
+
a2:16:52:b5:67:67:d3:40:db:3b:26:58:b2:28:77:3d:ae:14:
1300
+
77:61:d6:fa:2a:66:27:a0:0d:fa:a7:73:5c:ea:70:f1:94:21:
1301
+
65:44:5f:fa:fc:ef:29:68:a9:a2:87:79:ef:79:ef:4f:ac:07:
1302
+
77:38
1303
+
1304
+
GTE CyberTrust Global Root
1305
+
==========================
1306
+
MD5 Fingerprint: CA:3D:D3:68:F1:03:5C:D0:32:FA:B8:2B:59:E8:5A:DB
1307
+
PEM Data:
1308
+
-----BEGIN CERTIFICATE-----
1309
+
MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
1310
+
VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
1311
+
bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
1312
+
b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
1313
+
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
1314
+
cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
1315
+
b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
1316
+
iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
1317
+
r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
1318
+
04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
1319
+
GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
1320
+
3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
1321
+
lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
1322
+
-----END CERTIFICATE-----
1323
+
Certificate Ingredients:
1324
+
Data:
1325
+
Version: 1 (0x0)
1326
+
Serial Number: 421 (0x1a5)
1327
+
Signature Algorithm: md5WithRSAEncryption
1328
+
Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1329
+
Validity
1330
+
Not Before: Aug 13 00:29:00 1998 GMT
1331
+
Not After : Aug 13 23:59:00 2018 GMT
1332
+
Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1333
+
Subject Public Key Info:
1334
+
Public Key Algorithm: rsaEncryption
1335
+
RSA Public Key: (1024 bit)
1336
+
Modulus (1024 bit):
1337
+
00:95:0f:a0:b6:f0:50:9c:e8:7a:c7:88:cd:dd:17:
1338
+
0e:2e:b0:94:d0:1b:3d:0e:f6:94:c0:8a:94:c7:06:
1339
+
c8:90:97:c8:b8:64:1a:7a:7e:6c:3c:53:e1:37:28:
1340
+
73:60:7f:b2:97:53:07:9f:53:f9:6d:58:94:d2:af:
1341
+
8d:6d:88:67:80:e6:ed:b2:95:cf:72:31:ca:a5:1c:
1342
+
72:ba:5c:02:e7:64:42:e7:f9:a9:2c:d6:3a:0d:ac:
1343
+
8d:42:aa:24:01:39:e6:9c:3f:01:85:57:0d:58:87:
1344
+
45:f8:d3:85:aa:93:69:26:85:70:48:80:3f:12:15:
1345
+
c7:79:b4:1f:05:2f:3b:62:99
1346
+
Exponent: 65537 (0x10001)
1347
+
Signature Algorithm: md5WithRSAEncryption
1348
+
6d:eb:1b:09:e9:5e:d9:51:db:67:22:61:a4:2a:3c:48:77:e3:
1349
+
a0:7c:a6:de:73:a2:14:03:85:3d:fb:ab:0e:30:c5:83:16:33:
1350
+
81:13:08:9e:7b:34:4e:df:40:c8:74:d7:b9:7d:dc:f4:76:55:
1351
+
7d:9b:63:54:18:e9:f0:ea:f3:5c:b1:d9:8b:42:1e:b9:c0:95:
1352
+
4e:ba:fa:d5:e2:7c:f5:68:61:bf:8e:ec:05:97:5f:5b:b0:d7:
1353
+
a3:85:34:c4:24:a7:0d:0f:95:93:ef:cb:94:d8:9e:1f:9d:5c:
1354
+
85:6d:c7:aa:ae:4f:1f:22:b5:cd:95:ad:ba:a7:cc:f9:ab:0b:
1355
+
7a:7f
1356
+
1357
+
GTE CyberTrust Japan Root CA
1358
+
============================
1359
+
MD5 Fingerprint: DE:AB:FF:43:2A:65:37:06:9B:28:B5:7A:E8:84:D3:8E
1360
+
PEM Data:
1361
+
-----BEGIN CERTIFICATE-----
1362
+
MIICETCCAXoCAU4wDQYJKoZIhvcNAQEEBQAwUTELMAkGA1UEBhMCSlAxHzAdBgNV
1363
+
BAoTFkN5YmVyVHJ1c3QgSmFwYW4sIEluYy4xITAfBgNVBAMTGEN5YmVyVHJ1c3Qg
1364
+
SkFQQU4gUm9vdCBDQTAeFw05ODA4MDQwNzU3MDBaFw0wMzA4MDQyMzU5MDBaMFEx
1365
+
CzAJBgNVBAYTAkpQMR8wHQYDVQQKExZDeWJlclRydXN0IEphcGFuLCBJbmMuMSEw
1366
+
HwYDVQQDExhDeWJlclRydXN0IEpBUEFOIFJvb3QgQ0EwgZ8wDQYJKoZIhvcNAQEB
1367
+
BQADgY0AMIGJAoGBALet/MpHEHaJ/Wes5HMGfIFLHda1fA5Hr+ymVHWoxP1lr+fI
1368
+
sbFsNDWN97lkVygLIVredP7ceC6GRhJMfxEf3JO9X75mmIa4t+xtSdOQ2eF5AFZo
1369
+
uq1sHyw7H8ksjEOwBELqgXOmzjN1RQ2KRXIvqldV5AfDQ+J1Og+8PNCEzrrvAgMB
1370
+
AAEwDQYJKoZIhvcNAQEEBQADgYEAt6ZkowyAPBzE2O5BO+WGpJ5gXdYBMqhqZC0g
1371
+
cEC6ck5m+gdlTgOOC/1W4K07IKcy+rISHoDfHuN6GMxX2+bJNGDvdesQFtCkLnDY
1372
+
JCO4pXdzQvkHOt0BbAiTBzUmECVgKf8J5WSfabkWSfNc3SRjRpMNsFM2dbxIILsZ
1373
+
to/QIv0=
1374
+
-----END CERTIFICATE-----
1375
+
Certificate Ingredients:
1376
+
Data:
1377
+
Version: 1 (0x0)
1378
+
Serial Number: 78 (0x4e)
1379
+
Signature Algorithm: md5WithRSAEncryption
1380
+
Issuer: C=JP, O=CyberTrust Japan, Inc., CN=CyberTrust JAPAN Root CA
1381
+
Validity
1382
+
Not Before: Aug 4 07:57:00 1998 GMT
1383
+
Not After : Aug 4 23:59:00 2003 GMT
1384
+
Subject: C=JP, O=CyberTrust Japan, Inc., CN=CyberTrust JAPAN Root CA
1385
+
Subject Public Key Info:
1386
+
Public Key Algorithm: rsaEncryption
1387
+
RSA Public Key: (1024 bit)
1388
+
Modulus (1024 bit):
1389
+
00:b7:ad:fc:ca:47:10:76:89:fd:67:ac:e4:73:06:
1390
+
7c:81:4b:1d:d6:b5:7c:0e:47:af:ec:a6:54:75:a8:
1391
+
c4:fd:65:af:e7:c8:b1:b1:6c:34:35:8d:f7:b9:64:
1392
+
57:28:0b:21:5a:de:74:fe:dc:78:2e:86:46:12:4c:
1393
+
7f:11:1f:dc:93:bd:5f:be:66:98:86:b8:b7:ec:6d:
1394
+
49:d3:90:d9:e1:79:00:56:68:ba:ad:6c:1f:2c:3b:
1395
+
1f:c9:2c:8c:43:b0:04:42:ea:81:73:a6:ce:33:75:
1396
+
45:0d:8a:45:72:2f:aa:57:55:e4:07:c3:43:e2:75:
1397
+
3a:0f:bc:3c:d0:84:ce:ba:ef
1398
+
Exponent: 65537 (0x10001)
1399
+
Signature Algorithm: md5WithRSAEncryption
1400
+
b7:a6:64:a3:0c:80:3c:1c:c4:d8:ee:41:3b:e5:86:a4:9e:60:
1401
+
5d:d6:01:32:a8:6a:64:2d:20:70:40:ba:72:4e:66:fa:07:65:
1402
+
4e:03:8e:0b:fd:56:e0:ad:3b:20:a7:32:fa:b2:12:1e:80:df:
1403
+
1e:e3:7a:18:cc:57:db:e6:c9:34:60:ef:75:eb:10:16:d0:a4:
1404
+
2e:70:d8:24:23:b8:a5:77:73:42:f9:07:3a:dd:01:6c:08:93:
1405
+
07:35:26:10:25:60:29:ff:09:e5:64:9f:69:b9:16:49:f3:5c:
1406
+
dd:24:63:46:93:0d:b0:53:36:75:bc:48:20:bb:19:b6:8f:d0:
1407
+
22:fd
1408
+
1409
+
GTE CyberTrust Japan Secure Server CA
1410
+
=====================================
1411
+
MD5 Fingerprint: DD:0D:0D:B4:78:4B:7D:CE:30:0A:A6:35:C6:AB:4C:88
1412
+
PEM Data:
1413
+
-----BEGIN CERTIFICATE-----
1414
+
MIICIzCCAYwCAU8wDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCSlAxHzAdBgNV
1415
+
BAoTFkN5YmVyVHJ1c3QgSmFwYW4sIEluYy4xKjAoBgNVBAMTIUN5YmVyVHJ1c3Qg
1416
+
SkFQQU4gU2VjdXJlIFNlcnZlciBDQTAeFw05ODA4MDQwODA2MzJaFw0wMzA4MDQy
1417
+
MzU5MDBaMFoxCzAJBgNVBAYTAkpQMR8wHQYDVQQKExZDeWJlclRydXN0IEphcGFu
1418
+
LCBJbmMuMSowKAYDVQQDEyFDeWJlclRydXN0IEpBUEFOIFNlY3VyZSBTZXJ2ZXIg
1419
+
Q0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKwmo6G4b2rALBL52zEFkuf9
1420
+
+tSBtLjVKtWQ+vBDZfwSFcrs27lh3jNjN0+vADx/kjcbGHPlnzyI8RoTRP558sMm
1421
+
lQ8L8J4UByFsV8Jdw+JRsM2LX81fhjj4eZc57Oi/Ui6xXqqprozt7tfIty4xi7Q5
1422
+
kjt8gScHGgFEL0lzILbJAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAaB17Eu5aeSkx
1423
+
ygGsi1CpJ5ksAPw4Ghz/wtXwE/4bpzn1gBTrUfrAjXuEG1musTVRbqE+1xvsoJ7f
1424
+
4KWCluOxP9io8ct5gI738ESZfhT1I6MR42hLBTZuiOOrhqo4UwNCO9O5+eC/BenT
1425
+
X8NKp7b9t12QSfiasq1mpoIAk65g/yA=
1426
+
-----END CERTIFICATE-----
1427
+
Certificate Ingredients:
1428
+
Data:
1429
+
Version: 1 (0x0)
1430
+
Serial Number: 79 (0x4f)
1431
+
Signature Algorithm: md5WithRSAEncryption
1432
+
Issuer: C=JP, O=CyberTrust Japan, Inc., CN=CyberTrust JAPAN Secure Server CA
1433
+
Validity
1434
+
Not Before: Aug 4 08:06:32 1998 GMT
1435
+
Not After : Aug 4 23:59:00 2003 GMT
1436
+
Subject: C=JP, O=CyberTrust Japan, Inc., CN=CyberTrust JAPAN Secure Server CA
1437
+
Subject Public Key Info:
1438
+
Public Key Algorithm: rsaEncryption
1439
+
RSA Public Key: (1024 bit)
1440
+
Modulus (1024 bit):
1441
+
00:ac:26:a3:a1:b8:6f:6a:c0:2c:12:f9:db:31:05:
1442
+
92:e7:fd:fa:d4:81:b4:b8:d5:2a:d5:90:fa:f0:43:
1443
+
65:fc:12:15:ca:ec:db:b9:61:de:33:63:37:4f:af:
1444
+
00:3c:7f:92:37:1b:18:73:e5:9f:3c:88:f1:1a:13:
1445
+
44:fe:79:f2:c3:26:95:0f:0b:f0:9e:14:07:21:6c:
1446
+
57:c2:5d:c3:e2:51:b0:cd:8b:5f:cd:5f:86:38:f8:
1447
+
79:97:39:ec:e8:bf:52:2e:b1:5e:aa:a9:ae:8c:ed:
1448
+
ee:d7:c8:b7:2e:31:8b:b4:39:92:3b:7c:81:27:07:
1449
+
1a:01:44:2f:49:73:20:b6:c9
1450
+
Exponent: 65537 (0x10001)
1451
+
Signature Algorithm: md5WithRSAEncryption
1452
+
68:1d:7b:12:ee:5a:79:29:31:ca:01:ac:8b:50:a9:27:99:2c:
1453
+
00:fc:38:1a:1c:ff:c2:d5:f0:13:fe:1b:a7:39:f5:80:14:eb:
1454
+
51:fa:c0:8d:7b:84:1b:59:ae:b1:35:51:6e:a1:3e:d7:1b:ec:
1455
+
a0:9e:df:e0:a5:82:96:e3:b1:3f:d8:a8:f1:cb:79:80:8e:f7:
1456
+
f0:44:99:7e:14:f5:23:a3:11:e3:68:4b:05:36:6e:88:e3:ab:
1457
+
86:aa:38:53:03:42:3b:d3:b9:f9:e0:bf:05:e9:d3:5f:c3:4a:
1458
+
a7:b6:fd:b7:5d:90:49:f8:9a:b2:ad:66:a6:82:00:93:ae:60:
1459
+
ff:20
1460
+
1461
+
GTE CyberTrust Root 2
1462
+
=====================
1463
+
MD5 Fingerprint: BA:ED:17:57:9A:4B:FF:7C:F9:C9:1F:A2:CD:1A:D6:87
1464
+
PEM Data:
1465
+
-----BEGIN CERTIFICATE-----
1466
+
MIICUDCCAbkCAgGbMA0GCSqGSIb3DQEBBAUAMHAxCzAJBgNVBAYTAlVTMRgwFgYD
1467
+
VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
1468
+
bHV0aW9ucywgSW5jLjEeMBwGA1UEAxMVR1RFIEN5YmVyVHJ1c3QgUm9vdCAyMB4X
1469
+
DTk4MDgxMTExMzUwN1oXDTA4MDgxMTExMjIxNlowcDELMAkGA1UEBhMCVVMxGDAW
1470
+
BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
1471
+
U29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290IDIw
1472
+
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANksTE4vaRoj41a6886EwAnAefFE
1473
+
XzMfFZF/iogouCRFzI8YzR900bWPcUzWMfZzloSUQMWpg2Akfa9vNLdLTMIJgDtF
1474
+
BJ7EPMQndXsADKFkR7UUXYJLUTpYu0RMPdPlBjjoYVyYeLuAs5zacoJioN+cX+v5
1475
+
T3fCzGAYAGs0giWzAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAo2SRbxDt526iQkCU
1476
+
eM74FAjR+kOF60bNkhTQ7y4tNjkY2brJJ4gp6UgXb/jBqshhbS39QC11QzCXOfgU
1477
+
ZL1v72OoK0LfsloNJex7N9jOkSmCFvnoYqLhdsQCfd0li5jh9g1gjPZZkEBRRNHC
1478
+
+xkkHhc5a3QhFTPWVdeCHnAsJ6g=
1479
+
-----END CERTIFICATE-----
1480
+
Certificate Ingredients:
1481
+
Data:
1482
+
Version: 1 (0x0)
1483
+
Serial Number: 411 (0x19b)
1484
+
Signature Algorithm: md5WithRSAEncryption
1485
+
Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 2
1486
+
Validity
1487
+
Not Before: Aug 11 11:35:07 1998 GMT
1488
+
Not After : Aug 11 11:22:16 2008 GMT
1489
+
Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 2
1490
+
Subject Public Key Info:
1491
+
Public Key Algorithm: rsaEncryption
1492
+
RSA Public Key: (1024 bit)
1493
+
Modulus (1024 bit):
1494
+
00:d9:2c:4c:4e:2f:69:1a:23:e3:56:ba:f3:ce:84:
1495
+
c0:09:c0:79:f1:44:5f:33:1f:15:91:7f:8a:88:28:
1496
+
b8:24:45:cc:8f:18:cd:1f:74:d1:b5:8f:71:4c:d6:
1497
+
31:f6:73:96:84:94:40:c5:a9:83:60:24:7d:af:6f:
1498
+
34:b7:4b:4c:c2:09:80:3b:45:04:9e:c4:3c:c4:27:
1499
+
75:7b:00:0c:a1:64:47:b5:14:5d:82:4b:51:3a:58:
1500
+
bb:44:4c:3d:d3:e5:06:38:e8:61:5c:98:78:bb:80:
1501
+
b3:9c:da:72:82:62:a0:df:9c:5f:eb:f9:4f:77:c2:
1502
+
cc:60:18:00:6b:34:82:25:b3
1503
+
Exponent: 65537 (0x10001)
1504
+
Signature Algorithm: md5WithRSAEncryption
1505
+
a3:64:91:6f:10:ed:e7:6e:a2:42:40:94:78:ce:f8:14:08:d1:
1506
+
fa:43:85:eb:46:cd:92:14:d0:ef:2e:2d:36:39:18:d9:ba:c9:
1507
+
27:88:29:e9:48:17:6f:f8:c1:aa:c8:61:6d:2d:fd:40:2d:75:
1508
+
43:30:97:39:f8:14:64:bd:6f:ef:63:a8:2b:42:df:b2:5a:0d:
1509
+
25:ec:7b:37:d8:ce:91:29:82:16:f9:e8:62:a2:e1:76:c4:02:
1510
+
7d:dd:25:8b:98:e1:f6:0d:60:8c:f6:59:90:40:51:44:d1:c2:
1511
+
fb:19:24:1e:17:39:6b:74:21:15:33:d6:55:d7:82:1e:70:2c:
1512
+
27:a8
1513
+
1514
+
GTE CyberTrust Root 3
1515
+
=====================
1516
+
MD5 Fingerprint: DB:81:96:57:AE:64:61:EF:77:A7:83:C4:51:24:3C:87
1517
+
PEM Data:
1518
+
-----BEGIN CERTIFICATE-----
1519
+
MIICUDCCAbkCAgGXMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVTMRgwFgYD
1520
+
VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
1521
+
bHV0aW9ucywgSW5jLjEeMBwGA1UEAxMVR1RFIEN5YmVyVHJ1c3QgUm9vdCAzMB4X
1522
+
DTk4MDgxMDE5NTkwOFoXDTA4MDgxMDE5MzYzOVowcDELMAkGA1UEBhMCVVMxGDAW
1523
+
BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
1524
+
U29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290IDMw
1525
+
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOHzsSsLztwU2TSXYlASVmOETFP6
1526
+
wIXP+sHdD955E39T+6oOYN3iYr/G7k6ZNKpoQzWZ+KP982O9AVRqnrI6lix7eCjG
1527
+
WrWNGhUY/eOMLqJQCVtx1g21GB8ZjgQpk5N4q18U53NC8gMMV6IbUDsLu1ngoDoD
1528
+
7icbWky5sAjKuRqJAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAheutlCAG6bKiazvy
1529
+
ZuvjS7gSJgXl9JGo3IfcmPSUwfRhvdWcbFFzlV7QvdfmRdw8z0aE1ee57ORnY24A
1530
+
KHdxXUoF6bl8hszCRLveKUja6t29F58dUQGo6BResVf3/9qPzpX+Le0yEnf/fGph
1531
+
la4xcgYI8PnzDY7i76hTXZEDg94=
1532
+
-----END CERTIFICATE-----
1533
+
Certificate Ingredients:
1534
+
Data:
1535
+
Version: 1 (0x0)
1536
+
Serial Number: 407 (0x197)
1537
+
Signature Algorithm: sha1WithRSAEncryption
1538
+
Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 3
1539
+
Validity
1540
+
Not Before: Aug 10 19:59:08 1998 GMT
1541
+
Not After : Aug 10 19:36:39 2008 GMT
1542
+
Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 3
1543
+
Subject Public Key Info:
1544
+
Public Key Algorithm: rsaEncryption
1545
+
RSA Public Key: (1024 bit)
1546
+
Modulus (1024 bit):
1547
+
00:e1:f3:b1:2b:0b:ce:dc:14:d9:34:97:62:50:12:
1548
+
56:63:84:4c:53:fa:c0:85:cf:fa:c1:dd:0f:de:79:
1549
+
13:7f:53:fb:aa:0e:60:dd:e2:62:bf:c6:ee:4e:99:
1550
+
34:aa:68:43:35:99:f8:a3:fd:f3:63:bd:01:54:6a:
1551
+
9e:b2:3a:96:2c:7b:78:28:c6:5a:b5:8d:1a:15:18:
1552
+
fd:e3:8c:2e:a2:50:09:5b:71:d6:0d:b5:18:1f:19:
1553
+
8e:04:29:93:93:78:ab:5f:14:e7:73:42:f2:03:0c:
1554
+
57:a2:1b:50:3b:0b:bb:59:e0:a0:3a:03:ee:27:1b:
1555
+
5a:4c:b9:b0:08:ca:b9:1a:89
1556
+
Exponent: 65537 (0x10001)
1557
+
Signature Algorithm: sha1WithRSAEncryption
1558
+
85:eb:ad:94:20:06:e9:b2:a2:6b:3b:f2:66:eb:e3:4b:b8:12:
1559
+
26:05:e5:f4:91:a8:dc:87:dc:98:f4:94:c1:f4:61:bd:d5:9c:
1560
+
6c:51:73:95:5e:d0:bd:d7:e6:45:dc:3c:cf:46:84:d5:e7:b9:
1561
+
ec:e4:67:63:6e:00:28:77:71:5d:4a:05:e9:b9:7c:86:cc:c2:
1562
+
44:bb:de:29:48:da:ea:dd:bd:17:9f:1d:51:01:a8:e8:14:5e:
1563
+
b1:57:f7:ff:da:8f:ce:95:fe:2d:ed:32:12:77:ff:7c:6a:61:
1564
+
95:ae:31:72:06:08:f0:f9:f3:0d:8e:e2:ef:a8:53:5d:91:03:
1565
+
83:de
1566
+
1567
+
GTE CyberTrust Root 4
1568
+
=====================
1569
+
MD5 Fingerprint: 33:43:02:B1:B9:E0:73:B1:B1:20:CA:CB:C7:84:03:50
1570
+
PEM Data:
1571
+
-----BEGIN CERTIFICATE-----
1572
+
MIIDVTCCAj0CAgGoMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVTMRgwFgYD
1573
+
VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
1574
+
bHV0aW9ucywgSW5jLjEeMBwGA1UEAxMVR1RFIEN5YmVyVHJ1c3QgUm9vdCA0MB4X
1575
+
DTk4MDgxMzEzNTEwMFoXDTEzMDgxMzIzNTkwMFowcDELMAkGA1UEBhMCVVMxGDAW
1576
+
BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
1577
+
U29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290IDQw
1578
+
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6nSJuf9pmPDlCsaMqb9P3
1579
+
vK6sMVrXEZBHuZ0ZLvnzGyKgw+GnusT8XgqUS5haSybkH/Tc8/6OiNxsLXx3hyZQ
1580
+
wF5OqCih6hdpT03GAQ7amg0GViYVtqRdejWvje14Uob5OKuzAdPaBZaxtlCrwKGu
1581
+
F1P6QzkgcWUj223Etu2YRYPX0vbiqWv7+XXM78WrcZY16N+OkZuoEHUft84Tjmuz
1582
+
lneXGpEvxyxpmfAPKmgAmHZEG4wo0uuO9IO0f6QlXmw72cZo1WG41F4xB7VbkDVS
1583
+
V3sXIO0tuB6OiDk+Usvf8FyxZbulErSQY79xnTLB2r9QSpW+BjrEK+vNmHZETQvl
1584
+
AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAEOvHIfJSbpliTRJPOoHO0eiedSgO5Bs
1585
+
3n+oVMPoTEAyvMjsHOXZrEC6/Iw/wnOc9GTq36ntTlvIAWDuOW1DJ/N/qgjS/k5v
1586
+
FDJNfeQ0gKU1xNZGULQ7oC1lH09lfjQoLcCndn0xyQ0zFvYgGSARULsDzHBtlrfv
1587
+
TKfaNhXPu03UltyITWyY7blz/ihXoO1k+AqBKXP29pcyhzm0ge/ZTRoHNPe6QjXe
1588
+
V9xc1vfF6wonDIGmwtBoTv2SW0iD9haKjzZb7TFsP0F6cfeSPzGkCkBM84biYcE8
1589
+
SYEtpbjvupcPvCsdm4ny0o4eTYbywqv2LZnAGyoNobZP+SxYTT19Nwo=
1590
+
-----END CERTIFICATE-----
1591
+
Certificate Ingredients:
1592
+
Data:
1593
+
Version: 1 (0x0)
1594
+
Serial Number: 424 (0x1a8)
1595
+
Signature Algorithm: sha1WithRSAEncryption
1596
+
Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 4
1597
+
Validity
1598
+
Not Before: Aug 13 13:51:00 1998 GMT
1599
+
Not After : Aug 13 23:59:00 2013 GMT
1600
+
Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 4
1601
+
Subject Public Key Info:
1602
+
Public Key Algorithm: rsaEncryption
1603
+
RSA Public Key: (2048 bit)
1604
+
Modulus (2048 bit):
1605
+
00:ba:9d:22:6e:7f:da:66:3c:39:42:b1:a3:2a:6f:
1606
+
d3:f7:bc:ae:ac:31:5a:d7:11:90:47:b9:9d:19:2e:
1607
+
f9:f3:1b:22:a0:c3:e1:a7:ba:c4:fc:5e:0a:94:4b:
1608
+
98:5a:4b:26:e4:1f:f4:dc:f3:fe:8e:88:dc:6c:2d:
1609
+
7c:77:87:26:50:c0:5e:4e:a8:28:a1:ea:17:69:4f:
1610
+
4d:c6:01:0e:da:9a:0d:06:56:26:15:b6:a4:5d:7a:
1611
+
35:af:8d:ed:78:52:86:f9:38:ab:b3:01:d3:da:05:
1612
+
96:b1:b6:50:ab:c0:a1:ae:17:53:fa:43:39:20:71:
1613
+
65:23:db:6d:c4:b6:ed:98:45:83:d7:d2:f6:e2:a9:
1614
+
6b:fb:f9:75:cc:ef:c5:ab:71:96:35:e8:df:8e:91:
1615
+
9b:a8:10:75:1f:b7:ce:13:8e:6b:b3:96:77:97:1a:
1616
+
91:2f:c7:2c:69:99:f0:0f:2a:68:00:98:76:44:1b:
1617
+
8c:28:d2:eb:8e:f4:83:b4:7f:a4:25:5e:6c:3b:d9:
1618
+
c6:68:d5:61:b8:d4:5e:31:07:b5:5b:90:35:52:57:
1619
+
7b:17:20:ed:2d:b8:1e:8e:88:39:3e:52:cb:df:f0:
1620
+
5c:b1:65:bb:a5:12:b4:90:63:bf:71:9d:32:c1:da:
1621
+
bf:50:4a:95:be:06:3a:c4:2b:eb:cd:98:76:44:4d:
1622
+
0b:e5
1623
+
Exponent: 65537 (0x10001)
1624
+
Signature Algorithm: sha1WithRSAEncryption
1625
+
43:af:1c:87:c9:49:ba:65:89:34:49:3c:ea:07:3b:47:a2:79:
1626
+
d4:a0:3b:90:6c:de:7f:a8:54:c3:e8:4c:40:32:bc:c8:ec:1c:
1627
+
e5:d9:ac:40:ba:fc:8c:3f:c2:73:9c:f4:64:ea:df:a9:ed:4e:
1628
+
5b:c8:01:60:ee:39:6d:43:27:f3:7f:aa:08:d2:fe:4e:6f:14:
1629
+
32:4d:7d:e4:34:80:a5:35:c4:d6:46:50:b4:3b:a0:2d:65:1f:
1630
+
4f:65:7e:34:28:2d:c0:a7:76:7d:31:c9:0d:33:16:f6:20:19:
1631
+
20:11:50:bb:03:cc:70:6d:96:b7:ef:4c:a7:da:36:15:cf:bb:
1632
+
4d:d4:96:dc:88:4d:6c:98:ed:b9:73:fe:28:57:a0:ed:64:f8:
1633
+
0a:81:29:73:f6:f6:97:32:87:39:b4:81:ef:d9:4d:1a:07:34:
1634
+
f7:ba:42:35:de:57:dc:5c:d6:f7:c5:eb:0a:27:0c:81:a6:c2:
1635
+
d0:68:4e:fd:92:5b:48:83:f6:16:8a:8f:36:5b:ed:31:6c:3f:
1636
+
41:7a:71:f7:92:3f:31:a4:0a:40:4c:f3:86:e2:61:c1:3c:49:
1637
+
81:2d:a5:b8:ef:ba:97:0f:bc:2b:1d:9b:89:f2:d2:8e:1e:4d:
1638
+
86:f2:c2:ab:f6:2d:99:c0:1b:2a:0d:a1:b6:4f:f9:2c:58:4d:
1639
+
3d:7d:37:0a
1640
+
1641
+
GTE CyberTrust Root 5
1642
+
=====================
1643
+
MD5 Fingerprint: 7D:6C:86:E4:FC:4D:D1:0B:00:BA:22:BB:4E:7C:6A:8E
1644
+
PEM Data:
1645
+
-----BEGIN CERTIFICATE-----
1646
+
MIIDtjCCAp6gAwIBAgICAbYwDQYJKoZIhvcNAQEFBQAwcDELMAkGA1UEBhMCVVMx
1647
+
GDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1
1648
+
c3QgU29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290
1649
+
IDUwHhcNOTgwODE0MTQ1MDAwWhcNMTMwODE0MjM1OTAwWjBwMQswCQYDVQQGEwJV
1650
+
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
1651
+
cnVzdCBTb2x1dGlvbnMsIEluYy4xHjAcBgNVBAMTFUdURSBDeWJlclRydXN0IFJv
1652
+
b3QgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALwSbj+KfHqXAewe
1653
+
uzlaAvR4RKJIG457SVJ6uHtHs6+Um2+7lvoramVcuByUc76/iQoigO5X/IwFu3Cf
1654
+
lzkE2qOHXKjlyq/AM5rVN1xLrOSA0KYjYPv9ci6UncfOwgQy73hgXe2thw9FZR48
1655
+
mgqavl0dmezn8tHGehfZrZtUln/EfGC/haoVNR1A2hG87FQhKC0joajwzy3N3fx+
1656
+
D17hZQdWywe00lboXjHMGGPEhtIthc+Tkqtt/mg5+95zvYb45EZ66p8My/QZ/mO8
1657
+
0Sx7iDM29uThnAxTgWAc2i6rlqkWiBNQmbK9Vd8VMH7o5Zj7cH5stQf8/Ea30O03
1658
+
ln4y/iECAwEAAaNaMFgwEgYDVR0TAQH/BAgwBgEB/wIBBTAOBgNVHQ8BAf8EBAMC
1659
+
AQYwFwYDVR0gBBAwDjAMBgoqhkiG+GMBAgEDMBkGA1UdDgQSBBB2CkkhOEyf3vjE
1660
+
ScdxcZGdMA0GCSqGSIb3DQEBBQUAA4IBAQBBOtQYW9q43iEc4Y4J5fFoNP/elvQH
1661
+
9ac886xKsZv6kvqb7eYyIapKdsXcTzjl39WG5NXIdn2Y17HNj021kSNsi4rr6nzv
1662
+
FJTExvAfSi0ycWMrY5EmAgm2gB3t4sy4f9uHY8jh0GwmsTUdQGYQG82VVBgzYewT
1663
+
T9oT95mvPtDPjqZyorPDBZrJJ32SzH5SjbOrcG2eiZ9N6xp1wpiq1QIW1wyKvyXk
1664
+
6y28mOlYOBl8uTf+2+KZCHMGx5eDan0QAS8yuRcFSmXmL86+XlOmgumaUwqEdC2D
1665
+
ysiUFnZflGEo8IWnObvXi9moshMdVAk0JH0ggX1mfqKQdFwQxr3sqxvC
1666
+
-----END CERTIFICATE-----
1667
+
Certificate Ingredients:
1668
+
Data:
1669
+
Version: 3 (0x2)
1670
+
Serial Number: 438 (0x1b6)
1671
+
Signature Algorithm: sha1WithRSAEncryption
1672
+
Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 5
1673
+
Validity
1674
+
Not Before: Aug 14 14:50:00 1998 GMT
1675
+
Not After : Aug 14 23:59:00 2013 GMT
1676
+
Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 5
1677
+
Subject Public Key Info:
1678
+
Public Key Algorithm: rsaEncryption
1679
+
RSA Public Key: (2048 bit)
1680
+
Modulus (2048 bit):
1681
+
00:bc:12:6e:3f:8a:7c:7a:97:01:ec:1e:bb:39:5a:
1682
+
02:f4:78:44:a2:48:1b:8e:7b:49:52:7a:b8:7b:47:
1683
+
b3:af:94:9b:6f:bb:96:fa:2b:6a:65:5c:b8:1c:94:
1684
+
73:be:bf:89:0a:22:80:ee:57:fc:8c:05:bb:70:9f:
1685
+
97:39:04:da:a3:87:5c:a8:e5:ca:af:c0:33:9a:d5:
1686
+
37:5c:4b:ac:e4:80:d0:a6:23:60:fb:fd:72:2e:94:
1687
+
9d:c7:ce:c2:04:32:ef:78:60:5d:ed:ad:87:0f:45:
1688
+
65:1e:3c:9a:0a:9a:be:5d:1d:99:ec:e7:f2:d1:c6:
1689
+
7a:17:d9:ad:9b:54:96:7f:c4:7c:60:bf:85:aa:15:
1690
+
35:1d:40:da:11:bc:ec:54:21:28:2d:23:a1:a8:f0:
1691
+
cf:2d:cd:dd:fc:7e:0f:5e:e1:65:07:56:cb:07:b4:
1692
+
d2:56:e8:5e:31:cc:18:63:c4:86:d2:2d:85:cf:93:
1693
+
92:ab:6d:fe:68:39:fb:de:73:bd:86:f8:e4:46:7a:
1694
+
ea:9f:0c:cb:f4:19:fe:63:bc:d1:2c:7b:88:33:36:
1695
+
f6:e4:e1:9c:0c:53:81:60:1c:da:2e:ab:96:a9:16:
1696
+
88:13:50:99:b2:bd:55:df:15:30:7e:e8:e5:98:fb:
1697
+
70:7e:6c:b5:07:fc:fc:46:b7:d0:ed:37:96:7e:32:
1698
+
fe:21
1699
+
Exponent: 65537 (0x10001)
1700
+
X509v3 extensions:
1701
+
X509v3 Basic Constraints: critical
1702
+
CA:TRUE, pathlen:5
1703
+
X509v3 Key Usage: critical
1704
+
Certificate Sign, CRL Sign
1705
+
X509v3 Certificate Policies:
1706
+
Policy: 1.2.840.113763.1.2.1.3
1707
+
1708
+
X509v3 Subject Key Identifier:
1709
+
76:0A:49:21:38:4C:9F:DE:F8:C4:49:C7:71:71:91:9D
1710
+
Signature Algorithm: sha1WithRSAEncryption
1711
+
41:3a:d4:18:5b:da:b8:de:21:1c:e1:8e:09:e5:f1:68:34:ff:
1712
+
de:96:f4:07:f5:a7:3c:f3:ac:4a:b1:9b:fa:92:fa:9b:ed:e6:
1713
+
32:21:aa:4a:76:c5:dc:4f:38:e5:df:d5:86:e4:d5:c8:76:7d:
1714
+
98:d7:b1:cd:8f:4d:b5:91:23:6c:8b:8a:eb:ea:7c:ef:14:94:
1715
+
c4:c6:f0:1f:4a:2d:32:71:63:2b:63:91:26:02:09:b6:80:1d:
1716
+
ed:e2:cc:b8:7f:db:87:63:c8:e1:d0:6c:26:b1:35:1d:40:66:
1717
+
10:1b:cd:95:54:18:33:61:ec:13:4f:da:13:f7:99:af:3e:d0:
1718
+
cf:8e:a6:72:a2:b3:c3:05:9a:c9:27:7d:92:cc:7e:52:8d:b3:
1719
+
ab:70:6d:9e:89:9f:4d:eb:1a:75:c2:98:aa:d5:02:16:d7:0c:
1720
+
8a:bf:25:e4:eb:2d:bc:98:e9:58:38:19:7c:b9:37:fe:db:e2:
1721
+
99:08:73:06:c7:97:83:6a:7d:10:01:2f:32:b9:17:05:4a:65:
1722
+
e6:2f:ce:be:5e:53:a6:82:e9:9a:53:0a:84:74:2d:83:ca:c8:
1723
+
94:16:76:5f:94:61:28:f0:85:a7:39:bb:d7:8b:d9:a8:b2:13:
1724
+
1d:54:09:34:24:7d:20:81:7d:66:7e:a2:90:74:5c:10:c6:bd:
1725
+
ec:ab:1b:c2
1726
+
1727
+
GTE CyberTrust Root CA
1728
+
======================
1729
+
MD5 Fingerprint: C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
1730
+
PEM Data:
1731
+
-----BEGIN CERTIFICATE-----
1732
+
MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
1733
+
VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
1734
+
b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
1735
+
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
1736
+
cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
1737
+
RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
1738
+
ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
1739
+
1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
1740
+
dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
1741
+
IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
1742
+
bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
1743
+
-----END CERTIFICATE-----
1744
+
Certificate Ingredients:
1745
+
Data:
1746
+
Version: 1 (0x0)
1747
+
Serial Number: 419 (0x1a3)
1748
+
Signature Algorithm: md5WithRSAEncryption
1749
+
Issuer: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
1750
+
Validity
1751
+
Not Before: Feb 23 23:01:00 1996 GMT
1752
+
Not After : Feb 23 23:59:00 2006 GMT
1753
+
Subject: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
1754
+
Subject Public Key Info:
1755
+
Public Key Algorithm: rsaEncryption
1756
+
RSA Public Key: (1024 bit)
1757
+
Modulus (1024 bit):
1758
+
00:b8:e6:4f:ba:db:98:7c:71:7c:af:44:b7:d3:0f:
1759
+
46:d9:64:e5:93:c1:42:8e:c7:ba:49:8d:35:2d:7a:
1760
+
e7:8b:bd:e5:05:31:59:c6:b1:2f:0a:0c:fb:9f:a7:
1761
+
3f:a2:09:66:84:56:1e:37:29:1b:87:e9:7e:0c:ca:
1762
+
9a:9f:a5:7f:f5:15:94:a3:d5:a2:46:82:d8:68:4c:
1763
+
d1:37:15:06:68:af:bd:f8:b0:b3:f0:29:f5:95:5a:
1764
+
09:16:61:77:0a:22:25:d4:4f:45:aa:c7:bd:e5:96:
1765
+
df:f9:d4:a8:8e:42:cc:24:c0:1e:91:27:4a:b5:6d:
1766
+
06:80:63:39:c4:a2:5e:38:03
1767
+
Exponent: 65537 (0x10001)
1768
+
Signature Algorithm: md5WithRSAEncryption
1769
+
12:b3:75:c6:5f:1d:e1:61:55:80:00:d4:81:4b:7b:31:0f:23:
1770
+
63:e7:3d:f3:03:f9:f4:36:a8:bb:d9:e3:a5:97:4d:ea:2b:29:
1771
+
e0:d6:6a:73:81:e6:c0:89:a3:d3:f1:e0:a5:a5:22:37:9a:63:
1772
+
c2:48:20:b4:db:72:e3:c8:f6:d9:7c:be:b1:af:53:da:14:b4:
1773
+
21:b8:d6:d5:96:e3:fe:4e:0c:59:62:b6:9a:4a:f9:42:dd:8c:
1774
+
6f:81:a9:71:ff:f4:0a:72:6d:6d:44:0e:9d:f3:74:74:a8:d5:
1775
+
34:49:e9:5e:9e:e9:b4:7a:e1:e5:5a:1f:84:30:9c:d3:9f:a5:
1776
+
25:d8
1777
+
1778
+
GlobalSign Partners CA
1779
+
======================
1780
+
MD5 Fingerprint: 3C:75:CD:4C:BD:A9:D0:8A:79:4F:50:16:37:84:F4:2B
1781
+
PEM Data:
1782
+
-----BEGIN CERTIFICATE-----
1783
+
MIIDnjCCAoagAwIBAgILAgAAAAAA1ni50a8wDQYJKoZIhvcNAQEEBQAwVzELMAkG
1784
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
1785
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05OTAxMjgxMjAw
1786
+
MDBaFw0wOTAxMjgxMjAwMDBaMF8xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
1787
+
YWxTaWduIG52LXNhMRQwEgYDVQQLEwtQYXJ0bmVycyBDQTEfMB0GA1UEAxMWR2xv
1788
+
YmFsU2lnbiBQYXJ0bmVycyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
1789
+
ggEBANIs+DKsShJ6N8gpkaWujG4eDsA0M4jlM3EWHHiEaMMYNFAuFj6xlIJPsZqf
1790
+
APjGETXGaXuYAq0ABohs50wzKACIJ0Yfh7NxdWO8MruI3mYYDlAGk7T2vBQ3MD0i
1791
+
3z3/dX7ZChrFn7P80KyzCHqJ0wHoAFznSgs9TXsmordiBovaRt2TFz8/WwJLC7aI
1792
+
IBGSAK27xy7U40Wu9YlafI2krYVkMsAnjMbyioCShiRWWY10aKKDQrOePVBBhm8g
1793
+
bvb9ztMZ4zLMj+2aXm0fKPVSrG4YXvg90ZLlumwBiEsK8i3eZTMFQqBMqjF2vv2/
1794
+
gXj5cRxGXi0VlS0wWY5MQdFiqz0CAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgAGMB0G
1795
+
A1UdDgQWBBRDJI1wFQhiVZxPDEAXXYZeD6JM+zAfBgNVHSMEGDAWgBRge2YaRQ2X
1796
+
yolQL30EzTSo//z9SzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA4IB
1797
+
AQBm7bSIaRGZgiGDrKFti5uErQ8tyB6Mynt+rarUjt4H1p5Fx6W4nAc5YCVVGsBP
1798
+
GeXPFylJiRg1ZuXrKEBOV8mvs+S4IAWjO5VQkUmUKX0s5YhBpUWIXp2CJ/fS71u1
1799
+
T5++/jVlLFVkn+FR2iJhd7pYTo/GeVlZbjCAok+QbiELrdBoOZAQm+0iZW8eETjm
1800
+
f4zS8zltR9Uh6Op1OkHRrfYWnV0LIb3zH2MGJR3BHzVxLOsgGdXBsOw95W/tAgc/
1801
+
E3tmktZEwZj3X1CLelvCb22w0fjldKBAN6MlD+Q9ymQxk5BcMHu5OTGaXkzNuUFP
1802
+
UOQ9OK7IZtnHO11RR6ybq/Kt
1803
+
-----END CERTIFICATE-----
1804
+
Certificate Ingredients:
1805
+
Data:
1806
+
Version: 3 (0x2)
1807
+
Serial Number:
1808
+
02:00:00:00:00:00:d6:78:b9:d1:af
1809
+
Signature Algorithm: md5WithRSAEncryption
1810
+
Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1811
+
Validity
1812
+
Not Before: Jan 28 12:00:00 1999 GMT
1813
+
Not After : Jan 28 12:00:00 2009 GMT
1814
+
Subject: C=BE, O=GlobalSign nv-sa, OU=Partners CA, CN=GlobalSign Partners CA
1815
+
Subject Public Key Info:
1816
+
Public Key Algorithm: rsaEncryption
1817
+
RSA Public Key: (2048 bit)
1818
+
Modulus (2048 bit):
1819
+
00:d2:2c:f8:32:ac:4a:12:7a:37:c8:29:91:a5:ae:
1820
+
8c:6e:1e:0e:c0:34:33:88:e5:33:71:16:1c:78:84:
1821
+
68:c3:18:34:50:2e:16:3e:b1:94:82:4f:b1:9a:9f:
1822
+
00:f8:c6:11:35:c6:69:7b:98:02:ad:00:06:88:6c:
1823
+
e7:4c:33:28:00:88:27:46:1f:87:b3:71:75:63:bc:
1824
+
32:bb:88:de:66:18:0e:50:06:93:b4:f6:bc:14:37:
1825
+
30:3d:22:df:3d:ff:75:7e:d9:0a:1a:c5:9f:b3:fc:
1826
+
d0:ac:b3:08:7a:89:d3:01:e8:00:5c:e7:4a:0b:3d:
1827
+
4d:7b:26:a2:b7:62:06:8b:da:46:dd:93:17:3f:3f:
1828
+
5b:02:4b:0b:b6:88:20:11:92:00:ad:bb:c7:2e:d4:
1829
+
e3:45:ae:f5:89:5a:7c:8d:a4:ad:85:64:32:c0:27:
1830
+
8c:c6:f2:8a:80:92:86:24:56:59:8d:74:68:a2:83:
1831
+
42:b3:9e:3d:50:41:86:6f:20:6e:f6:fd:ce:d3:19:
1832
+
e3:32:cc:8f:ed:9a:5e:6d:1f:28:f5:52:ac:6e:18:
1833
+
5e:f8:3d:d1:92:e5:ba:6c:01:88:4b:0a:f2:2d:de:
1834
+
65:33:05:42:a0:4c:aa:31:76:be:fd:bf:81:78:f9:
1835
+
71:1c:46:5e:2d:15:95:2d:30:59:8e:4c:41:d1:62:
1836
+
ab:3d
1837
+
Exponent: 65537 (0x10001)
1838
+
X509v3 extensions:
1839
+
X509v3 Key Usage: critical
1840
+
Certificate Sign, CRL Sign
1841
+
X509v3 Subject Key Identifier:
1842
+
43:24:8D:70:15:08:62:55:9C:4F:0C:40:17:5D:86:5E:0F:A2:4C:FB
1843
+
X509v3 Authority Key Identifier:
1844
+
keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
1845
+
1846
+
X509v3 Basic Constraints: critical
1847
+
CA:TRUE
1848
+
Signature Algorithm: md5WithRSAEncryption
1849
+
66:ed:b4:88:69:11:99:82:21:83:ac:a1:6d:8b:9b:84:ad:0f:
1850
+
2d:c8:1e:8c:ca:7b:7e:ad:aa:d4:8e:de:07:d6:9e:45:c7:a5:
1851
+
b8:9c:07:39:60:25:55:1a:c0:4f:19:e5:cf:17:29:49:89:18:
1852
+
35:66:e5:eb:28:40:4e:57:c9:af:b3:e4:b8:20:05:a3:3b:95:
1853
+
50:91:49:94:29:7d:2c:e5:88:41:a5:45:88:5e:9d:82:27:f7:
1854
+
d2:ef:5b:b5:4f:9f:be:fe:35:65:2c:55:64:9f:e1:51:da:22:
1855
+
61:77:ba:58:4e:8f:c6:79:59:59:6e:30:80:a2:4f:90:6e:21:
1856
+
0b:ad:d0:68:39:90:10:9b:ed:22:65:6f:1e:11:38:e6:7f:8c:
1857
+
d2:f3:39:6d:47:d5:21:e8:ea:75:3a:41:d1:ad:f6:16:9d:5d:
1858
+
0b:21:bd:f3:1f:63:06:25:1d:c1:1f:35:71:2c:eb:20:19:d5:
1859
+
c1:b0:ec:3d:e5:6f:ed:02:07:3f:13:7b:66:92:d6:44:c1:98:
1860
+
f7:5f:50:8b:7a:5b:c2:6f:6d:b0:d1:f8:e5:74:a0:40:37:a3:
1861
+
25:0f:e4:3d:ca:64:31:93:90:5c:30:7b:b9:39:31:9a:5e:4c:
1862
+
cd:b9:41:4f:50:e4:3d:38:ae:c8:66:d9:c7:3b:5d:51:47:ac:
1863
+
9b:ab:f2:ad
1864
+
1865
+
GlobalSign Primary Class 1 CA
1866
+
=============================
1867
+
MD5 Fingerprint: 5C:AC:59:01:A4:86:53:CB:10:66:B5:D6:D6:71:FF:01
1868
+
PEM Data:
1869
+
-----BEGIN CERTIFICATE-----
1870
+
MIIDrDCCApSgAwIBAgILAgAAAAAA1ni4N88wDQYJKoZIhvcNAQEEBQAwVzELMAkG
1871
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
1872
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MTUxMjAw
1873
+
MDBaFw0wOTAxMjgxMjAwMDBaMG0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
1874
+
YWxTaWduIG52LXNhMRswGQYDVQQLExJQcmltYXJ5IENsYXNzIDEgQ0ExJjAkBgNV
1875
+
BAMTHUdsb2JhbFNpZ24gUHJpbWFyeSBDbGFzcyAxIENBMIIBIjANBgkqhkiG9w0B
1876
+
AQEFAAOCAQ8AMIIBCgKCAQEAvSA1R9Eo1gijEjkjRw29cCFSDlcxlaY0V2vsfkN5
1877
+
wwZSSM28taGZvdgfMrzP125ybS53IpCCTkuPmgwBQprZcFm2nR/mY9EMrR1O+IWB
1878
+
+a7vn6ZSYUR5GnVF4GFWRW1CjD1yy6akErea9dZg0GBQs46mpuy09BLNf6jO77Ph
1879
+
hTD+csTm53eznlhB1lGDiAfGtmlPNt7RC0g/vdafIXRkbycGPkv9Dqabv6RIV4yQ
1880
+
7okYCwKBGL5n/lNgiCe6o3M0S1pWtN5zBe2Yll3sSudA/EsJYuvQ4zFPhdF6q1ln
1881
+
K/uID+uqg701/WEn7GYOQlf3acIM7/xqwm5J2o9BOK5IqQIDAQABo2MwYTAOBgNV
1882
+
HQ8BAf8EBAMCAAYwHQYDVR0OBBYEFPzgZvZaNZnrQB7SuB5DvJiOH4rDMB8GA1Ud
1883
+
IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
1884
+
KoZIhvcNAQEEBQADggEBAJujCETO8pCdcfMyswVqterPKZjeVT6gFn0GekTWr9L6
1885
+
E1iM+BzHqx20G+9paJhcCDmP4Pf7SMwh57gz2wWqNCRsSuXpe2Deg7MfCr5BdfzM
1886
+
MEi3wSYdBDOqtnjtKsu6VpcybvcxlS5G8hTuJ8f3Yom5XFrTOIpk9Te08bM0ctXV
1887
+
IT1L13iT1zFmNR6j2EdJbxyt4YB/+JgkbHOsDsIadwKjJge3x2tdvILVKkgdY89Q
1888
+
Mqb7HBhHFQpbDFw4JJoEmKgISF98NIdjqy2NTAB3lBt2uvUWGKMVry+U9ikAdsEV
1889
+
F9PpN0121MtLKVkkrNpKoOpj3l9Usfrz0UXLxWS0cyE=
1890
+
-----END CERTIFICATE-----
1891
+
Certificate Ingredients:
1892
+
Data:
1893
+
Version: 3 (0x2)
1894
+
Serial Number:
1895
+
02:00:00:00:00:00:d6:78:b8:37:cf
1896
+
Signature Algorithm: md5WithRSAEncryption
1897
+
Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1898
+
Validity
1899
+
Not Before: Sep 15 12:00:00 1998 GMT
1900
+
Not After : Jan 28 12:00:00 2009 GMT
1901
+
Subject: C=BE, O=GlobalSign nv-sa, OU=Primary Class 1 CA, CN=GlobalSign Primary Class 1 CA
1902
+
Subject Public Key Info:
1903
+
Public Key Algorithm: rsaEncryption
1904
+
RSA Public Key: (2048 bit)
1905
+
Modulus (2048 bit):
1906
+
00:bd:20:35:47:d1:28:d6:08:a3:12:39:23:47:0d:
1907
+
bd:70:21:52:0e:57:31:95:a6:34:57:6b:ec:7e:43:
1908
+
79:c3:06:52:48:cd:bc:b5:a1:99:bd:d8:1f:32:bc:
1909
+
cf:d7:6e:72:6d:2e:77:22:90:82:4e:4b:8f:9a:0c:
1910
+
01:42:9a:d9:70:59:b6:9d:1f:e6:63:d1:0c:ad:1d:
1911
+
4e:f8:85:81:f9:ae:ef:9f:a6:52:61:44:79:1a:75:
1912
+
45:e0:61:56:45:6d:42:8c:3d:72:cb:a6:a4:12:b7:
1913
+
9a:f5:d6:60:d0:60:50:b3:8e:a6:a6:ec:b4:f4:12:
1914
+
cd:7f:a8:ce:ef:b3:e1:85:30:fe:72:c4:e6:e7:77:
1915
+
b3:9e:58:41:d6:51:83:88:07:c6:b6:69:4f:36:de:
1916
+
d1:0b:48:3f:bd:d6:9f:21:74:64:6f:27:06:3e:4b:
1917
+
fd:0e:a6:9b:bf:a4:48:57:8c:90:ee:89:18:0b:02:
1918
+
81:18:be:67:fe:53:60:88:27:ba:a3:73:34:4b:5a:
1919
+
56:b4:de:73:05:ed:98:96:5d:ec:4a:e7:40:fc:4b:
1920
+
09:62:eb:d0:e3:31:4f:85:d1:7a:ab:59:67:2b:fb:
1921
+
88:0f:eb:aa:83:bd:35:fd:61:27:ec:66:0e:42:57:
1922
+
f7:69:c2:0c:ef:fc:6a:c2:6e:49:da:8f:41:38:ae:
1923
+
48:a9
1924
+
Exponent: 65537 (0x10001)
1925
+
X509v3 extensions:
1926
+
X509v3 Key Usage: critical
1927
+
Certificate Sign, CRL Sign
1928
+
X509v3 Subject Key Identifier:
1929
+
FC:E0:66:F6:5A:35:99:EB:40:1E:D2:B8:1E:43:BC:98:8E:1F:8A:C3
1930
+
X509v3 Authority Key Identifier:
1931
+
keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
1932
+
1933
+
X509v3 Basic Constraints: critical
1934
+
CA:TRUE
1935
+
Signature Algorithm: md5WithRSAEncryption
1936
+
9b:a3:08:44:ce:f2:90:9d:71:f3:32:b3:05:6a:b5:ea:cf:29:
1937
+
98:de:55:3e:a0:16:7d:06:7a:44:d6:af:d2:fa:13:58:8c:f8:
1938
+
1c:c7:ab:1d:b4:1b:ef:69:68:98:5c:08:39:8f:e0:f7:fb:48:
1939
+
cc:21:e7:b8:33:db:05:aa:34:24:6c:4a:e5:e9:7b:60:de:83:
1940
+
b3:1f:0a:be:41:75:fc:cc:30:48:b7:c1:26:1d:04:33:aa:b6:
1941
+
78:ed:2a:cb:ba:56:97:32:6e:f7:31:95:2e:46:f2:14:ee:27:
1942
+
c7:f7:62:89:b9:5c:5a:d3:38:8a:64:f5:37:b4:f1:b3:34:72:
1943
+
d5:d5:21:3d:4b:d7:78:93:d7:31:66:35:1e:a3:d8:47:49:6f:
1944
+
1c:ad:e1:80:7f:f8:98:24:6c:73:ac:0e:c2:1a:77:02:a3:26:
1945
+
07:b7:c7:6b:5d:bc:82:d5:2a:48:1d:63:cf:50:32:a6:fb:1c:
1946
+
18:47:15:0a:5b:0c:5c:38:24:9a:04:98:a8:08:48:5f:7c:34:
1947
+
87:63:ab:2d:8d:4c:00:77:94:1b:76:ba:f5:16:18:a3:15:af:
1948
+
2f:94:f6:29:00:76:c1:15:17:d3:e9:37:4d:76:d4:cb:4b:29:
1949
+
59:24:ac:da:4a:a0:ea:63:de:5f:54:b1:fa:f3:d1:45:cb:c5:
1950
+
64:b4:73:21
1951
+
1952
+
GlobalSign Primary Class 2 CA
1953
+
=============================
1954
+
MD5 Fingerprint: A9:A9:42:59:7E:BE:5A:94:E4:2C:C6:8B:1C:2A:44:B6
1955
+
PEM Data:
1956
+
-----BEGIN CERTIFICATE-----
1957
+
MIIDrDCCApSgAwIBAgILAgAAAAAA1ni4jY0wDQYJKoZIhvcNAQEEBQAwVzELMAkG
1958
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
1959
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05OTAxMjgxMjAw
1960
+
MDBaFw0wOTAxMjgxMjAwMDBaMG0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
1961
+
YWxTaWduIG52LXNhMRswGQYDVQQLExJQcmltYXJ5IENsYXNzIDIgQ0ExJjAkBgNV
1962
+
BAMTHUdsb2JhbFNpZ24gUHJpbWFyeSBDbGFzcyAyIENBMIIBIjANBgkqhkiG9w0B
1963
+
AQEFAAOCAQ8AMIIBCgKCAQEAkoz+7/RFjhdBbvzYvyFvqwadUsEsAJ0/joW4f0qP
1964
+
vaBjKspJJ65agvR04lWS/8LRqnmitvrVnYIET8ayxl5jpzq62O7rim+ftrsoQcAi
1965
+
+05IGgaS17/Xz7nZvThPOw1EblVB/vwJ29i/844h8egStfYTpdPGTJMisAL/7h0M
1966
+
xKhrT3VoVujcKBJQ96gknS4kOfsJBd7lo2RJIdBofnEwkbFg4Dn0UPh6TZgAa3x5
1967
+
uk7OSuK6Nh23xTYVlZxkQupfxLr1QAW+4TpZvYSnGbjeTVNQzgfR0lHT7w2BbObn
1968
+
bctdfD98zOxPgycl/3BQ9oNZdYQGZlgs3omNAKZJ+aVDdwIDAQABo2MwYTAOBgNV
1969
+
HQ8BAf8EBAMCAAYwHQYDVR0OBBYEFHznsrEs3rGna+l2DOGj/U5sx7n2MB8GA1Ud
1970
+
IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
1971
+
KoZIhvcNAQEEBQADggEBAGPdWc6KeaqYnU7FiWQ3foqTZy8Q6m8nw413bfJcVpQZ
1972
+
GmlgMEZdj/JtRTyONZd8L7hR4uiJvYjPJxwINFyIwWgk25GF5M/7+0ON6CUBG8QO
1973
+
9wBCSIYfJAhYWoyN8mtHLGiRsWlC/Q2NySbmkoamZG6Sxc4+PH1x4yOkq8fVqKnf
1974
+
gqc76IbVw08Y40TQ4NzzxWgu/qUvBYTIfkdCU2uHSv4y/14+cIy3qBXMF8L/RuzQ
1975
+
7C20bhIoqflA6evUZpdTqWlVwKmqsi7N0Wn0vvi7fGnuVKbbnvtapj7+mu+UUUt1
1976
+
7tjU4ZrxAlYTiQ6nQouWi4UMG4W+Jq6rppm8IvFz30I=
1977
+
-----END CERTIFICATE-----
1978
+
Certificate Ingredients:
1979
+
Data:
1980
+
Version: 3 (0x2)
1981
+
Serial Number:
1982
+
02:00:00:00:00:00:d6:78:b8:8d:8d
1983
+
Signature Algorithm: md5WithRSAEncryption
1984
+
Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1985
+
Validity
1986
+
Not Before: Jan 28 12:00:00 1999 GMT
1987
+
Not After : Jan 28 12:00:00 2009 GMT
1988
+
Subject: C=BE, O=GlobalSign nv-sa, OU=Primary Class 2 CA, CN=GlobalSign Primary Class 2 CA
1989
+
Subject Public Key Info:
1990
+
Public Key Algorithm: rsaEncryption
1991
+
RSA Public Key: (2048 bit)
1992
+
Modulus (2048 bit):
1993
+
00:92:8c:fe:ef:f4:45:8e:17:41:6e:fc:d8:bf:21:
1994
+
6f:ab:06:9d:52:c1:2c:00:9d:3f:8e:85:b8:7f:4a:
1995
+
8f:bd:a0:63:2a:ca:49:27:ae:5a:82:f4:74:e2:55:
1996
+
92:ff:c2:d1:aa:79:a2:b6:fa:d5:9d:82:04:4f:c6:
1997
+
b2:c6:5e:63:a7:3a:ba:d8:ee:eb:8a:6f:9f:b6:bb:
1998
+
28:41:c0:22:fb:4e:48:1a:06:92:d7:bf:d7:cf:b9:
1999
+
d9:bd:38:4f:3b:0d:44:6e:55:41:fe:fc:09:db:d8:
2000
+
bf:f3:8e:21:f1:e8:12:b5:f6:13:a5:d3:c6:4c:93:
2001
+
22:b0:02:ff:ee:1d:0c:c4:a8:6b:4f:75:68:56:e8:
2002
+
dc:28:12:50:f7:a8:24:9d:2e:24:39:fb:09:05:de:
2003
+
e5:a3:64:49:21:d0:68:7e:71:30:91:b1:60:e0:39:
2004
+
f4:50:f8:7a:4d:98:00:6b:7c:79:ba:4e:ce:4a:e2:
2005
+
ba:36:1d:b7:c5:36:15:95:9c:64:42:ea:5f:c4:ba:
2006
+
f5:40:05:be:e1:3a:59:bd:84:a7:19:b8:de:4d:53:
2007
+
50:ce:07:d1:d2:51:d3:ef:0d:81:6c:e6:e7:6d:cb:
2008
+
5d:7c:3f:7c:cc:ec:4f:83:27:25:ff:70:50:f6:83:
2009
+
59:75:84:06:66:58:2c:de:89:8d:00:a6:49:f9:a5:
2010
+
43:77
2011
+
Exponent: 65537 (0x10001)
2012
+
X509v3 extensions:
2013
+
X509v3 Key Usage: critical
2014
+
Certificate Sign, CRL Sign
2015
+
X509v3 Subject Key Identifier:
2016
+
7C:E7:B2:B1:2C:DE:B1:A7:6B:E9:76:0C:E1:A3:FD:4E:6C:C7:B9:F6
2017
+
X509v3 Authority Key Identifier:
2018
+
keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
2019
+
2020
+
X509v3 Basic Constraints: critical
2021
+
CA:TRUE
2022
+
Signature Algorithm: md5WithRSAEncryption
2023
+
63:dd:59:ce:8a:79:aa:98:9d:4e:c5:89:64:37:7e:8a:93:67:
2024
+
2f:10:ea:6f:27:c3:8d:77:6d:f2:5c:56:94:19:1a:69:60:30:
2025
+
46:5d:8f:f2:6d:45:3c:8e:35:97:7c:2f:b8:51:e2:e8:89:bd:
2026
+
88:cf:27:1c:08:34:5c:88:c1:68:24:db:91:85:e4:cf:fb:fb:
2027
+
43:8d:e8:25:01:1b:c4:0e:f7:00:42:48:86:1f:24:08:58:5a:
2028
+
8c:8d:f2:6b:47:2c:68:91:b1:69:42:fd:0d:8d:c9:26:e6:92:
2029
+
86:a6:64:6e:92:c5:ce:3e:3c:7d:71:e3:23:a4:ab:c7:d5:a8:
2030
+
a9:df:82:a7:3b:e8:86:d5:c3:4f:18:e3:44:d0:e0:dc:f3:c5:
2031
+
68:2e:fe:a5:2f:05:84:c8:7e:47:42:53:6b:87:4a:fe:32:ff:
2032
+
5e:3e:70:8c:b7:a8:15:cc:17:c2:ff:46:ec:d0:ec:2d:b4:6e:
2033
+
12:28:a9:f9:40:e9:eb:d4:66:97:53:a9:69:55:c0:a9:aa:b2:
2034
+
2e:cd:d1:69:f4:be:f8:bb:7c:69:ee:54:a6:db:9e:fb:5a:a6:
2035
+
3e:fe:9a:ef:94:51:4b:75:ee:d8:d4:e1:9a:f1:02:56:13:89:
2036
+
0e:a7:42:8b:96:8b:85:0c:1b:85:be:26:ae:ab:a6:99:bc:22:
2037
+
f1:73:df:42
2038
+
2039
+
GlobalSign Primary Class 3 CA
2040
+
=============================
2041
+
MD5 Fingerprint: 98:12:A3:4B:95:A9:96:64:94:E7:50:8C:3E:E1:83:5A
2042
+
PEM Data:
2043
+
-----BEGIN CERTIFICATE-----
2044
+
MIIDrDCCApSgAwIBAgILAgAAAAAA1ni41sMwDQYJKoZIhvcNAQEEBQAwVzELMAkG
2045
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
2046
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05OTAxMjgxMjAw
2047
+
MDBaFw0wOTAxMjgxMjAwMDBaMG0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
2048
+
YWxTaWduIG52LXNhMRswGQYDVQQLExJQcmltYXJ5IENsYXNzIDMgQ0ExJjAkBgNV
2049
+
BAMTHUdsb2JhbFNpZ24gUHJpbWFyeSBDbGFzcyAzIENBMIIBIjANBgkqhkiG9w0B
2050
+
AQEFAAOCAQ8AMIIBCgKCAQEAkV5WZdbAwAScv0fEXHt6MQH5WJaZ4xyEL9xWj631
2051
+
WYHVQ2ZdWpOMdcqp5xHBURAUYMks1HuvxneGq3onrm+VuQvKtkb7fhr0DRRt0slO
2052
+
sq7wVPZcQEw2SHToVIxlZhCnvSu3II0FSa14fdIkI1Dj8LR5mwE5/6870y3u4UmN
2053
+
jS88akFFL5vjPeES5JF1ns+gPjySgW+KLhjc4PKMjP2H2Qf0QJTJTk9D32dWb70D
2054
+
UHyZZ6S5PJFsAm6E1vxG98xvGD4X8O8LZBZX5qyG8UiqQ8HJJ3hzREXihX26/7Ph
2055
+
+xsFpEs7mRIlAVAUaq9d6sgM7uTa7EuLXGgTldzDtTA61wIDAQABo2MwYTAOBgNV
2056
+
HQ8BAf8EBAMCAAYwHQYDVR0OBBYEFMw2zBe0RZEv7c87MEh3+7UUmb7jMB8GA1Ud
2057
+
IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
2058
+
KoZIhvcNAQEEBQADggEBAFeyVMy9lRdkYIm2U5EMRZLDPahsw8yyGPV4QXTYfaMn
2059
+
r3cNWT6UHWn6idMMvRoB9D/o4Hcagiha5mLXt+M2yQ6feuPC08xZiQzvFovwNnci
2060
+
yqS2t8FCZwFAY8znOGSHWxSWZnstFO69SW3/d9DiTlvTgMJND8q4nYGXpzRux+Oc
2061
+
SOW0qkX19mVMSPISwtKTjMIVJPMrUv/jCK64btYsEs85yxIq56l7X5g9o+HMpmOJ
2062
+
XH0xdfnV1l3y0NQ9355xqA7c5CCXeOZ/U6QNUU+OOwOuow1aTcN55zVYcELJXqFe
2063
+
tNkio0RTNaTQz3OAxc+fVph2+RRMd4eCydx+XTTVNnU=
2064
+
-----END CERTIFICATE-----
2065
+
Certificate Ingredients:
2066
+
Data:
2067
+
Version: 3 (0x2)
2068
+
Serial Number:
2069
+
02:00:00:00:00:00:d6:78:b8:d6:c3
2070
+
Signature Algorithm: md5WithRSAEncryption
2071
+
Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
2072
+
Validity
2073
+
Not Before: Jan 28 12:00:00 1999 GMT
2074
+
Not After : Jan 28 12:00:00 2009 GMT
2075
+
Subject: C=BE, O=GlobalSign nv-sa, OU=Primary Class 3 CA, CN=GlobalSign Primary Class 3 CA
2076
+
Subject Public Key Info:
2077
+
Public Key Algorithm: rsaEncryption
2078
+
RSA Public Key: (2048 bit)
2079
+
Modulus (2048 bit):
2080
+
00:91:5e:56:65:d6:c0:c0:04:9c:bf:47:c4:5c:7b:
2081
+
7a:31:01:f9:58:96:99:e3:1c:84:2f:dc:56:8f:ad:
2082
+
f5:59:81:d5:43:66:5d:5a:93:8c:75:ca:a9:e7:11:
2083
+
c1:51:10:14:60:c9:2c:d4:7b:af:c6:77:86:ab:7a:
2084
+
27:ae:6f:95:b9:0b:ca:b6:46:fb:7e:1a:f4:0d:14:
2085
+
6d:d2:c9:4e:b2:ae:f0:54:f6:5c:40:4c:36:48:74:
2086
+
e8:54:8c:65:66:10:a7:bd:2b:b7:20:8d:05:49:ad:
2087
+
78:7d:d2:24:23:50:e3:f0:b4:79:9b:01:39:ff:af:
2088
+
3b:d3:2d:ee:e1:49:8d:8d:2f:3c:6a:41:45:2f:9b:
2089
+
e3:3d:e1:12:e4:91:75:9e:cf:a0:3e:3c:92:81:6f:
2090
+
8a:2e:18:dc:e0:f2:8c:8c:fd:87:d9:07:f4:40:94:
2091
+
c9:4e:4f:43:df:67:56:6f:bd:03:50:7c:99:67:a4:
2092
+
b9:3c:91:6c:02:6e:84:d6:fc:46:f7:cc:6f:18:3e:
2093
+
17:f0:ef:0b:64:16:57:e6:ac:86:f1:48:aa:43:c1:
2094
+
c9:27:78:73:44:45:e2:85:7d:ba:ff:b3:e1:fb:1b:
2095
+
05:a4:4b:3b:99:12:25:01:50:14:6a:af:5d:ea:c8:
2096
+
0c:ee:e4:da:ec:4b:8b:5c:68:13:95:dc:c3:b5:30:
2097
+
3a:d7
2098
+
Exponent: 65537 (0x10001)
2099
+
X509v3 extensions:
2100
+
X509v3 Key Usage: critical
2101
+
Certificate Sign, CRL Sign
2102
+
X509v3 Subject Key Identifier:
2103
+
CC:36:CC:17:B4:45:91:2F:ED:CF:3B:30:48:77:FB:B5:14:99:BE:E3
2104
+
X509v3 Authority Key Identifier:
2105
+
keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
2106
+
2107
+
X509v3 Basic Constraints: critical
2108
+
CA:TRUE
2109
+
Signature Algorithm: md5WithRSAEncryption
2110
+
57:b2:54:cc:bd:95:17:64:60:89:b6:53:91:0c:45:92:c3:3d:
2111
+
a8:6c:c3:cc:b2:18:f5:78:41:74:d8:7d:a3:27:af:77:0d:59:
2112
+
3e:94:1d:69:fa:89:d3:0c:bd:1a:01:f4:3f:e8:e0:77:1a:82:
2113
+
28:5a:e6:62:d7:b7:e3:36:c9:0e:9f:7a:e3:c2:d3:cc:59:89:
2114
+
0c:ef:16:8b:f0:36:77:22:ca:a4:b6:b7:c1:42:67:01:40:63:
2115
+
cc:e7:38:64:87:5b:14:96:66:7b:2d:14:ee:bd:49:6d:ff:77:
2116
+
d0:e2:4e:5b:d3:80:c2:4d:0f:ca:b8:9d:81:97:a7:34:6e:c7:
2117
+
e3:9c:48:e5:b4:aa:45:f5:f6:65:4c:48:f2:12:c2:d2:93:8c:
2118
+
c2:15:24:f3:2b:52:ff:e3:08:ae:b8:6e:d6:2c:12:cf:39:cb:
2119
+
12:2a:e7:a9:7b:5f:98:3d:a3:e1:cc:a6:63:89:5c:7d:31:75:
2120
+
f9:d5:d6:5d:f2:d0:d4:3d:df:9e:71:a8:0e:dc:e4:20:97:78:
2121
+
e6:7f:53:a4:0d:51:4f:8e:3b:03:ae:a3:0d:5a:4d:c3:79:e7:
2122
+
35:58:70:42:c9:5e:a1:5e:b4:d9:22:a3:44:53:35:a4:d0:cf:
2123
+
73:80:c5:cf:9f:56:98:76:f9:14:4c:77:87:82:c9:dc:7e:5d:
2124
+
34:d5:36:75
2125
+
2126
+
GlobalSign Root CA
2127
+
==================
2128
+
MD5 Fingerprint: AB:BF:EA:E3:6B:29:A6:CC:A6:78:35:99:EF:AD:2B:80
2129
+
PEM Data:
2130
+
-----BEGIN CERTIFICATE-----
2131
+
MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG
2132
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
2133
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
2134
+
MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
2135
+
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
2136
+
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
2137
+
jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
2138
+
xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
2139
+
1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
2140
+
snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
2141
+
U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
2142
+
9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQU
2143
+
YHtmGkUNl8qJUC99BM00qP/8/UswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
2144
+
AQQFAAOCAQEArqqf/LfSyx9fOSkoGJ40yWxPbxrwZKJwSk8ThptgKJ7ogUmYfQq7
2145
+
5bCdPTbbjwVR/wkxKh/diXeeDy5slQTthsu0AD+EAk2AaioteAuubyuig0SDH81Q
2146
+
gkwkr733pbTIWg/050deSY43lv6aiAU62cDbKYfmGZZHpzqmjIs8d/5GY6dT2iHR
2147
+
rH5Jokvmw2dZL7OKDrssvamqQnw1wdh/1acxOk5jQzmvCLBhNIzTmKlDNPYPhyk7
2148
+
ncJWWJh3w/cbrPad+D6qp1RF8PX51TFl/mtYnHGzHtdS6jIX/EBgHcl5JLL2bP2o
2149
+
Zg6C3ZjL2sJETy6ge/L3ayx2EYRGinij4w==
2150
+
-----END CERTIFICATE-----
2151
+
Certificate Ingredients:
2152
+
Data:
2153
+
Version: 3 (0x2)
2154
+
Serial Number:
2155
+
02:00:00:00:00:00:d6:78:b7:94:05
2156
+
Signature Algorithm: md5WithRSAEncryption
2157
+
Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
2158
+
Validity
2159
+
Not Before: Sep 1 12:00:00 1998 GMT
2160
+
Not After : Jan 28 12:00:00 2014 GMT
2161
+
Subject: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
2162
+
Subject Public Key Info:
2163
+
Public Key Algorithm: rsaEncryption
2164
+
RSA Public Key: (2048 bit)
2165
+
Modulus (2048 bit):
2166
+
00:da:0e:e6:99:8d:ce:a3:e3:4f:8a:7e:fb:f1:8b:
2167
+
83:25:6b:ea:48:1f:f1:2a:b0:b9:95:11:04:bd:f0:
2168
+
63:d1:e2:67:66:cf:1c:dd:cf:1b:48:2b:ee:8d:89:
2169
+
8e:9a:af:29:80:65:ab:e9:c7:2d:12:cb:ab:1c:4c:
2170
+
70:07:a1:3d:0a:30:cd:15:8d:4f:f8:dd:d4:8c:50:
2171
+
15:1c:ef:50:ee:c4:2e:f7:fc:e9:52:f2:91:7d:e0:
2172
+
6d:d5:35:30:8e:5e:43:73:f2:41:e9:d5:6a:e3:b2:
2173
+
89:3a:56:39:38:6f:06:3c:88:69:5b:2a:4d:c5:a7:
2174
+
54:b8:6c:89:cc:9b:f9:3c:ca:e5:fd:89:f5:12:3c:
2175
+
92:78:96:d6:dc:74:6e:93:44:61:d1:8d:c7:46:b2:
2176
+
75:0e:86:e8:19:8a:d5:6d:6c:d5:78:16:95:a2:e9:
2177
+
c8:0a:38:eb:f2:24:13:4f:73:54:93:13:85:3a:1b:
2178
+
bc:1e:34:b5:8b:05:8c:b9:77:8b:b1:db:1f:20:91:
2179
+
ab:09:53:6e:90:ce:7b:37:74:b9:70:47:91:22:51:
2180
+
63:16:79:ae:b1:ae:41:26:08:c8:19:2b:d1:46:aa:
2181
+
48:d6:64:2a:d7:83:34:ff:2c:2a:c1:6c:19:43:4a:
2182
+
07:85:e7:d3:7c:f6:21:68:ef:ea:f2:52:9f:7f:93:
2183
+
90:cf
2184
+
Exponent: 65537 (0x10001)
2185
+
X509v3 extensions:
2186
+
X509v3 Key Usage: critical
2187
+
Certificate Sign, CRL Sign
2188
+
X509v3 Subject Key Identifier:
2189
+
60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
2190
+
X509v3 Basic Constraints: critical
2191
+
CA:TRUE
2192
+
Signature Algorithm: md5WithRSAEncryption
2193
+
ae:aa:9f:fc:b7:d2:cb:1f:5f:39:29:28:18:9e:34:c9:6c:4f:
2194
+
6f:1a:f0:64:a2:70:4a:4f:13:86:9b:60:28:9e:e8:81:49:98:
2195
+
7d:0a:bb:e5:b0:9d:3d:36:db:8f:05:51:ff:09:31:2a:1f:dd:
2196
+
89:77:9e:0f:2e:6c:95:04:ed:86:cb:b4:00:3f:84:02:4d:80:
2197
+
6a:2a:2d:78:0b:ae:6f:2b:a2:83:44:83:1f:cd:50:82:4c:24:
2198
+
af:bd:f7:a5:b4:c8:5a:0f:f4:e7:47:5e:49:8e:37:96:fe:9a:
2199
+
88:05:3a:d9:c0:db:29:87:e6:19:96:47:a7:3a:a6:8c:8b:3c:
2200
+
77:fe:46:63:a7:53:da:21:d1:ac:7e:49:a2:4b:e6:c3:67:59:
2201
+
2f:b3:8a:0e:bb:2c:bd:a9:aa:42:7c:35:c1:d8:7f:d5:a7:31:
2202
+
3a:4e:63:43:39:af:08:b0:61:34:8c:d3:98:a9:43:34:f6:0f:
2203
+
87:29:3b:9d:c2:56:58:98:77:c3:f7:1b:ac:f6:9d:f8:3e:aa:
2204
+
a7:54:45:f0:f5:f9:d5:31:65:fe:6b:58:9c:71:b3:1e:d7:52:
2205
+
ea:32:17:fc:40:60:1d:c9:79:24:b2:f6:6c:fd:a8:66:0e:82:
2206
+
dd:98:cb:da:c2:44:4f:2e:a0:7b:f2:f7:6b:2c:76:11:84:46:
2207
+
8a:78:a3:e3
2208
+
2209
+
National Retail Federation by DST
2210
+
=================================
2211
+
MD5 Fingerprint: AD:8E:0F:9E:01:6B:A0:C5:74:D5:0C:D3:68:65:4F:1E
2212
+
PEM Data:
2213
+
-----BEGIN CERTIFICATE-----
2214
+
MIIEAjCCAuoCEQDQHkCKAAACfAAAAAMAAAABMA0GCSqGSIb3DQEBBQUAMIG+MQsw
2215
+
CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
2216
+
dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEjMCEGA1UE
2217
+
CxMaTmF0aW9uYWwgUmV0YWlsIEZlZGVyYXRpb24xGTAXBgNVBAMTEERTVCAoTlJG
2218
+
KSBSb290Q0ExITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05
2219
+
ODEyMTExNjE0MTZaFw0wODEyMDgxNjE0MTZaMIG+MQswCQYDVQQGEwJ1czENMAsG
2220
+
A1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0Rp
2221
+
Z2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEjMCEGA1UECxMaTmF0aW9uYWwgUmV0
2222
+
YWlsIEZlZGVyYXRpb24xGTAXBgNVBAMTEERTVCAoTlJGKSBSb290Q0ExITAfBgkq
2223
+
hkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
2224
+
ggEPADCCAQoCggEBANmsm3f6UNPM3LlArLlyagCHI/wPliHQJq/k4rVf+tOmfSEw
2225
+
LswXgo+YdPxnpKbfiJeiQin1p9sRk/teIzDCqrwi50Eb5e0l3sg/295XRXhARoOy
2226
+
1Ro93w9FbdVjAnXYL8Zuq5WRdDcNy00JXNHUWzra3Q7Ia5nY1TnM34VVxJJTAqPh
2227
+
94DJcKPa3DPEf6JHCBw1lh+hAxwwg/TEzP+Yw7BGRKLAv63b0oH2TJgsp14k84bK
2228
+
Y9W6ffCawErQG1ju7Klnz2kCbCLAYCws0cgg6sgt+92cu8tRTNznVwQ7VJsRpTJ0
2229
+
7HQB85AVWy98LJNluWZntIGINeWekRh/gahByMsCAwEAATANBgkqhkiG9w0BAQUF
2230
+
AAOCAQEAhF4LO+ygjRyb0DwdcWnkGn9kvoFlYcWMatd8AHTgemJV7SR84GHj8t0U
2231
+
5hFugw7h6qmegK2aIL/gV37V0LWEYy3ZGOS9GzUsXq5hdqpnhTs44TGBHzF/5tf4
2232
+
W9K7Y3mGxIzF3gqu19H8AXT/trYNYoFnHLsm+CSA4Fxe2KSKOo99y/+So/18qTJp
2233
+
B1hYYUKZUgOxOD3GcW9s8uh9BqrBfFPLGi2IT8mpp6xpb/ekH9h0gfVKv7FVt9N3
2234
+
OKdvwkrI4nOJ01dy4UMvcjz2H7f4BEpuwemUF+SXF/QOE4ZvjavoXy20/2zWorQf
2235
+
7LmUaqoSTxrd9Xe1JYzyigrx/FJbWA==
2236
+
-----END CERTIFICATE-----
2237
+
Certificate Ingredients:
2238
+
Data:
2239
+
Version: 1 (0x0)
2240
+
Serial Number:
2241
+
d0:1e:40:8a:00:00:02:7c:00:00:00:03:00:00:00:01
2242
+
Signature Algorithm: sha1WithRSAEncryption
2243
+
Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=National Retail Federation, CN=DST (NRF) RootCA/Email=ca@digsigtrust.com
2244
+
Validity
2245
+
Not Before: Dec 11 16:14:16 1998 GMT
2246
+
Not After : Dec 8 16:14:16 2008 GMT
2247
+
Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=National Retail Federation, CN=DST (NRF) RootCA/Email=ca@digsigtrust.com
2248
+
Subject Public Key Info:
2249
+
Public Key Algorithm: rsaEncryption
2250
+
RSA Public Key: (2048 bit)
2251
+
Modulus (2048 bit):
2252
+
00:d9:ac:9b:77:fa:50:d3:cc:dc:b9:40:ac:b9:72:
2253
+
6a:00:87:23:fc:0f:96:21:d0:26:af:e4:e2:b5:5f:
2254
+
fa:d3:a6:7d:21:30:2e:cc:17:82:8f:98:74:fc:67:
2255
+
a4:a6:df:88:97:a2:42:29:f5:a7:db:11:93:fb:5e:
2256
+
23:30:c2:aa:bc:22:e7:41:1b:e5:ed:25:de:c8:3f:
2257
+
db:de:57:45:78:40:46:83:b2:d5:1a:3d:df:0f:45:
2258
+
6d:d5:63:02:75:d8:2f:c6:6e:ab:95:91:74:37:0d:
2259
+
cb:4d:09:5c:d1:d4:5b:3a:da:dd:0e:c8:6b:99:d8:
2260
+
d5:39:cc:df:85:55:c4:92:53:02:a3:e1:f7:80:c9:
2261
+
70:a3:da:dc:33:c4:7f:a2:47:08:1c:35:96:1f:a1:
2262
+
03:1c:30:83:f4:c4:cc:ff:98:c3:b0:46:44:a2:c0:
2263
+
bf:ad:db:d2:81:f6:4c:98:2c:a7:5e:24:f3:86:ca:
2264
+
63:d5:ba:7d:f0:9a:c0:4a:d0:1b:58:ee:ec:a9:67:
2265
+
cf:69:02:6c:22:c0:60:2c:2c:d1:c8:20:ea:c8:2d:
2266
+
fb:dd:9c:bb:cb:51:4c:dc:e7:57:04:3b:54:9b:11:
2267
+
a5:32:74:ec:74:01:f3:90:15:5b:2f:7c:2c:93:65:
2268
+
b9:66:67:b4:81:88:35:e5:9e:91:18:7f:81:a8:41:
2269
+
c8:cb
2270
+
Exponent: 65537 (0x10001)
2271
+
Signature Algorithm: sha1WithRSAEncryption
2272
+
84:5e:0b:3b:ec:a0:8d:1c:9b:d0:3c:1d:71:69:e4:1a:7f:64:
2273
+
be:81:65:61:c5:8c:6a:d7:7c:00:74:e0:7a:62:55:ed:24:7c:
2274
+
e0:61:e3:f2:dd:14:e6:11:6e:83:0e:e1:ea:a9:9e:80:ad:9a:
2275
+
20:bf:e0:57:7e:d5:d0:b5:84:63:2d:d9:18:e4:bd:1b:35:2c:
2276
+
5e:ae:61:76:aa:67:85:3b:38:e1:31:81:1f:31:7f:e6:d7:f8:
2277
+
5b:d2:bb:63:79:86:c4:8c:c5:de:0a:ae:d7:d1:fc:01:74:ff:
2278
+
b6:b6:0d:62:81:67:1c:bb:26:f8:24:80:e0:5c:5e:d8:a4:8a:
2279
+
3a:8f:7d:cb:ff:92:a3:fd:7c:a9:32:69:07:58:58:61:42:99:
2280
+
52:03:b1:38:3d:c6:71:6f:6c:f2:e8:7d:06:aa:c1:7c:53:cb:
2281
+
1a:2d:88:4f:c9:a9:a7:ac:69:6f:f7:a4:1f:d8:74:81:f5:4a:
2282
+
bf:b1:55:b7:d3:77:38:a7:6f:c2:4a:c8:e2:73:89:d3:57:72:
2283
+
e1:43:2f:72:3c:f6:1f:b7:f8:04:4a:6e:c1:e9:94:17:e4:97:
2284
+
17:f4:0e:13:86:6f:8d:ab:e8:5f:2d:b4:ff:6c:d6:a2:b4:1f:
2285
+
ec:b9:94:6a:aa:12:4f:1a:dd:f5:77:b5:25:8c:f2:8a:0a:f1:
2286
+
fc:52:5b:58
2287
+
2288
+
TC TrustCenter, Germany, Class 0 CA
2289
+
===================================
2290
+
MD5 Fingerprint: 35:85:49:8E:6E:57:FE:BD:97:F1:C9:46:23:3A:B6:7D
2291
+
PEM Data:
2292
+
-----BEGIN CERTIFICATE-----
2293
+
MIIENTCCA56gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBvDELMAkGA1UEBhMCREUx
2294
+
EDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxOjA4BgNVBAoTMVRD
2295
+
IFRydXN0Q2VudGVyIGZvciBTZWN1cml0eSBpbiBEYXRhIE5ldHdvcmtzIEdtYkgx
2296
+
IjAgBgNVBAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDAgQ0ExKTAnBgkqhkiG9w0B
2297
+
CQEWGmNlcnRpZmljYXRlQHRydXN0Y2VudGVyLmRlMB4XDTk4MDMwOTEzNTQ0OFoX
2298
+
DTA1MTIzMTEzNTQ0OFowgbwxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJn
2299
+
MRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFUQyBUcnVzdENlbnRlciBmb3Ig
2300
+
U2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVz
2301
+
dENlbnRlciBDbGFzcyAwIENBMSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0
2302
+
cnVzdGNlbnRlci5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA333mvr/V
2303
+
8C9tTg7R4I0LfztU6IrisJ8oxYrGubMzJ/UnyhpMVBJrtLJGsx1Ls/QhC0sCLqHC
2304
+
NJyFoMR4EdvbaycrCSoYTkDMn3EZZ5l0onw/wdiLI8hjO4ohq1zeHvSN3LQYwwVz
2305
+
9Gq0ofoBCCsBD203W6o4hmc51+Vf+uR+zKMCAwEAAaOCAUMwggE/MEAGCWCGSAGG
2306
+
+EIBAwQzFjFodHRwczovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL2NoZWNr
2307
+
LXJldi5jZ2k/MEAGCWCGSAGG+EIBBAQzFjFodHRwczovL3d3dy50cnVzdGNlbnRl
2308
+
ci5kZS9jZ2ktYmluL2NoZWNrLXJldi5jZ2k/MDwGCWCGSAGG+EIBBwQvFi1odHRw
2309
+
czovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL1JlbmV3LmNnaT8wPgYJYIZI
2310
+
AYb4QgEIBDEWL2h0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lcy9p
2311
+
bmRleC5odG1sMCgGCWCGSAGG+EIBDQQbFhlUQyBUcnVzdENlbnRlciBDbGFzcyAw
2312
+
IENBMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQQFAAOBgQBNB39fCTAZ
2313
+
kqoFR3qUdVQqrs/82AxC4UU4KySVssqHynnEw5eQXmIYxsk4YUxoNdNMFBHrxM2h
2314
+
qdjFnmgnMgc1RQT4XyGgYB4cAEgEWNLFy65tMm49d5WMhcflrlCddUp7/wsneepN
2315
+
pFn/7FrqJqU5g6TReM6nqX683SvKEpMDSg==
2316
+
-----END CERTIFICATE-----
2317
+
Certificate Ingredients:
2318
+
Data:
2319
+
Version: 3 (0x2)
2320
+
Serial Number: 1 (0x1)
2321
+
Signature Algorithm: md5WithRSAEncryption
2322
+
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 0 CA/Email=certificate@trustcenter.de
2323
+
Validity
2324
+
Not Before: Mar 9 13:54:48 1998 GMT
2325
+
Not After : Dec 31 13:54:48 2005 GMT
2326
+
Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 0 CA/Email=certificate@trustcenter.de
2327
+
Subject Public Key Info:
2328
+
Public Key Algorithm: rsaEncryption
2329
+
RSA Public Key: (1024 bit)
2330
+
Modulus (1024 bit):
2331
+
00:df:7d:e6:be:bf:d5:f0:2f:6d:4e:0e:d1:e0:8d:
2332
+
0b:7f:3b:54:e8:8a:e2:b0:9f:28:c5:8a:c6:b9:b3:
2333
+
33:27:f5:27:ca:1a:4c:54:12:6b:b4:b2:46:b3:1d:
2334
+
4b:b3:f4:21:0b:4b:02:2e:a1:c2:34:9c:85:a0:c4:
2335
+
78:11:db:db:6b:27:2b:09:2a:18:4e:40:cc:9f:71:
2336
+
19:67:99:74:a2:7c:3f:c1:d8:8b:23:c8:63:3b:8a:
2337
+
21:ab:5c:de:1e:f4:8d:dc:b4:18:c3:05:73:f4:6a:
2338
+
b4:a1:fa:01:08:2b:01:0f:6d:37:5b:aa:38:86:67:
2339
+
39:d7:e5:5f:fa:e4:7e:cc:a3
2340
+
Exponent: 65537 (0x10001)
2341
+
X509v3 extensions:
2342
+
Netscape Revocation Url:
2343
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2344
+
Netscape CA Revocation Url:
2345
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2346
+
Netscape Renewal Url:
2347
+
https://www.trustcenter.de/cgi-bin/Renew.cgi?
2348
+
Netscape CA Policy Url:
2349
+
http://www.trustcenter.de/guidelines/index.html
2350
+
Netscape Comment:
2351
+
TC TrustCenter Class 0 CA
2352
+
Netscape Cert Type:
2353
+
SSL CA, S/MIME CA, Object Signing CA
2354
+
Signature Algorithm: md5WithRSAEncryption
2355
+
4d:07:7f:5f:09:30:19:92:aa:05:47:7a:94:75:54:2a:ae:cf:
2356
+
fc:d8:0c:42:e1:45:38:2b:24:95:b2:ca:87:ca:79:c4:c3:97:
2357
+
90:5e:62:18:c6:c9:38:61:4c:68:35:d3:4c:14:11:eb:c4:cd:
2358
+
a1:a9:d8:c5:9e:68:27:32:07:35:45:04:f8:5f:21:a0:60:1e:
2359
+
1c:00:48:04:58:d2:c5:cb:ae:6d:32:6e:3d:77:95:8c:85:c7:
2360
+
e5:ae:50:9d:75:4a:7b:ff:0b:27:79:ea:4d:a4:59:ff:ec:5a:
2361
+
ea:26:a5:39:83:a4:d1:78:ce:a7:a9:7e:bc:dd:2b:ca:12:93:
2362
+
03:4a
2363
+
2364
+
TC TrustCenter, Germany, Class 1 CA
2365
+
===================================
2366
+
MD5 Fingerprint: 64:3F:F8:3E:52:14:4A:59:BA:93:56:04:0B:23:02:D1
2367
+
PEM Data:
2368
+
-----BEGIN CERTIFICATE-----
2369
+
MIIENTCCA56gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBvDELMAkGA1UEBhMCREUx
2370
+
EDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxOjA4BgNVBAoTMVRD
2371
+
IFRydXN0Q2VudGVyIGZvciBTZWN1cml0eSBpbiBEYXRhIE5ldHdvcmtzIEdtYkgx
2372
+
IjAgBgNVBAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDEgQ0ExKTAnBgkqhkiG9w0B
2373
+
CQEWGmNlcnRpZmljYXRlQHRydXN0Y2VudGVyLmRlMB4XDTk4MDMwOTEzNTYzM1oX
2374
+
DTA1MTIzMTEzNTYzM1owgbwxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJn
2375
+
MRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFUQyBUcnVzdENlbnRlciBmb3Ig
2376
+
U2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVz
2377
+
dENlbnRlciBDbGFzcyAxIENBMSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0
2378
+
cnVzdGNlbnRlci5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsCnrtHaz
2379
+
rte2W7Re573jsZxJBFdboavZfxMb/bphq9jncd8tAJRdUUh9I+91YoSQPAofWRF0
2380
+
L46Apf0wAj0pUs1yGkkhnLzLUo5IoWOWyBCFMGlXdEXAWobG1T3gaFd9MWokjUWX
2381
+
PjF+aGYybiRt7DI2yUHK8DFEyKNhyhugNh8CAwEAAaOCAUMwggE/MEAGCWCGSAGG
2382
+
+EIBAwQzFjFodHRwczovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL2NoZWNr
2383
+
LXJldi5jZ2k/MEAGCWCGSAGG+EIBBAQzFjFodHRwczovL3d3dy50cnVzdGNlbnRl
2384
+
ci5kZS9jZ2ktYmluL2NoZWNrLXJldi5jZ2k/MDwGCWCGSAGG+EIBBwQvFi1odHRw
2385
+
czovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL1JlbmV3LmNnaT8wPgYJYIZI
2386
+
AYb4QgEIBDEWL2h0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lcy9p
2387
+
bmRleC5odG1sMCgGCWCGSAGG+EIBDQQbFhlUQyBUcnVzdENlbnRlciBDbGFzcyAx
2388
+
IENBMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQQFAAOBgQAFQlImpAwn
2389
+
AUSsXCUowkRCVAi5HcU+bFlmxLNOUKf4+JZ1oZZ16BY4oM1dbvp5pxt7HR7DALlm
2390
+
vlrWYg/n8nu470zgwD9Zrjm3hAmeq/GpLmtp4q3M8up4CQUgOEJxGH7Hspfm1QIF
2391
+
BlajX/GqwsRP/vfvFg+d7KqFzz0pJPEEzQ==
2392
+
-----END CERTIFICATE-----
2393
+
Certificate Ingredients:
2394
+
Data:
2395
+
Version: 3 (0x2)
2396
+
Serial Number: 2 (0x2)
2397
+
Signature Algorithm: md5WithRSAEncryption
2398
+
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 1 CA/Email=certificate@trustcenter.de
2399
+
Validity
2400
+
Not Before: Mar 9 13:56:33 1998 GMT
2401
+
Not After : Dec 31 13:56:33 2005 GMT
2402
+
Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 1 CA/Email=certificate@trustcenter.de
2403
+
Subject Public Key Info:
2404
+
Public Key Algorithm: rsaEncryption
2405
+
RSA Public Key: (1024 bit)
2406
+
Modulus (1024 bit):
2407
+
00:b0:29:eb:b4:76:b3:ae:d7:b6:5b:b4:5e:e7:bd:
2408
+
e3:b1:9c:49:04:57:5b:a1:ab:d9:7f:13:1b:fd:ba:
2409
+
61:ab:d8:e7:71:df:2d:00:94:5d:51:48:7d:23:ef:
2410
+
75:62:84:90:3c:0a:1f:59:11:74:2f:8e:80:a5:fd:
2411
+
30:02:3d:29:52:cd:72:1a:49:21:9c:bc:cb:52:8e:
2412
+
48:a1:63:96:c8:10:85:30:69:57:74:45:c0:5a:86:
2413
+
c6:d5:3d:e0:68:57:7d:31:6a:24:8d:45:97:3e:31:
2414
+
7e:68:66:32:6e:24:6d:ec:32:36:c9:41:ca:f0:31:
2415
+
44:c8:a3:61:ca:1b:a0:36:1f
2416
+
Exponent: 65537 (0x10001)
2417
+
X509v3 extensions:
2418
+
Netscape Revocation Url:
2419
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2420
+
Netscape CA Revocation Url:
2421
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2422
+
Netscape Renewal Url:
2423
+
https://www.trustcenter.de/cgi-bin/Renew.cgi?
2424
+
Netscape CA Policy Url:
2425
+
http://www.trustcenter.de/guidelines/index.html
2426
+
Netscape Comment:
2427
+
TC TrustCenter Class 1 CA
2428
+
Netscape Cert Type:
2429
+
SSL CA, S/MIME CA, Object Signing CA
2430
+
Signature Algorithm: md5WithRSAEncryption
2431
+
05:42:52:26:a4:0c:27:01:44:ac:5c:25:28:c2:44:42:54:08:
2432
+
b9:1d:c5:3e:6c:59:66:c4:b3:4e:50:a7:f8:f8:96:75:a1:96:
2433
+
75:e8:16:38:a0:cd:5d:6e:fa:79:a7:1b:7b:1d:1e:c3:00:b9:
2434
+
66:be:5a:d6:62:0f:e7:f2:7b:b8:ef:4c:e0:c0:3f:59:ae:39:
2435
+
b7:84:09:9e:ab:f1:a9:2e:6b:69:e2:ad:cc:f2:ea:78:09:05:
2436
+
20:38:42:71:18:7e:c7:b2:97:e6:d5:02:05:06:56:a3:5f:f1:
2437
+
aa:c2:c4:4f:fe:f7:ef:16:0f:9d:ec:aa:85:cf:3d:29:24:f1:
2438
+
04:cd
2439
+
2440
+
TC TrustCenter, Germany, Class 2 CA
2441
+
===================================
2442
+
MD5 Fingerprint: E1:E9:96:53:77:E1:F0:38:A0:02:AB:94:C6:95:7B:FC
2443
+
PEM Data:
2444
+
-----BEGIN CERTIFICATE-----
2445
+
MIIENTCCA56gAwIBAgIBAzANBgkqhkiG9w0BAQQFADCBvDELMAkGA1UEBhMCREUx
2446
+
EDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxOjA4BgNVBAoTMVRD
2447
+
IFRydXN0Q2VudGVyIGZvciBTZWN1cml0eSBpbiBEYXRhIE5ldHdvcmtzIEdtYkgx
2448
+
IjAgBgNVBAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDIgQ0ExKTAnBgkqhkiG9w0B
2449
+
CQEWGmNlcnRpZmljYXRlQHRydXN0Y2VudGVyLmRlMB4XDTk4MDMwOTEzNTc0NFoX
2450
+
DTA1MTIzMTEzNTc0NFowgbwxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJn
2451
+
MRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFUQyBUcnVzdENlbnRlciBmb3Ig
2452
+
U2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVz
2453
+
dENlbnRlciBDbGFzcyAyIENBMSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0
2454
+
cnVzdGNlbnRlci5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2jjo7TIA
2455
+
KXGDAQ2/jAHc2satOaSpii/Vi1xoX1DGYvVmvcqRIuyqHVHXPbNRsoNOXctJsPBM
2456
+
VeVrLceFCzAckk6C1MoC7fdvvtzg4xS4BVPymvRWi1qehZPRtIJWrk27qEtXFrz+
2457
+
+Fie+CmNsHvNeMlPrItnDPGc+/xXm1dcTw0CAwEAAaOCAUMwggE/MEAGCWCGSAGG
2458
+
+EIBAwQzFjFodHRwczovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL2NoZWNr
2459
+
LXJldi5jZ2k/MEAGCWCGSAGG+EIBBAQzFjFodHRwczovL3d3dy50cnVzdGNlbnRl
2460
+
ci5kZS9jZ2ktYmluL2NoZWNrLXJldi5jZ2k/MDwGCWCGSAGG+EIBBwQvFi1odHRw
2461
+
czovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL1JlbmV3LmNnaT8wPgYJYIZI
2462
+
AYb4QgEIBDEWL2h0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lcy9p
2463
+
bmRleC5odG1sMCgGCWCGSAGG+EIBDQQbFhlUQyBUcnVzdENlbnRlciBDbGFzcyAy
2464
+
IENBMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQQFAAOBgQCJG/Tv6Tji
2465
+
bAz2zW9JzinM+6YP+Y0+lUbW/EcyibLIBmF60ucNEwKUC9mLVkf0u+fFX3v0Y0yu
2466
+
fDTqDaKpsyyF8+P+J1QQkrCPksGYQhhwSNtOLOsNJGjk0fe+Cakph7vo2tw+o4hC
2467
+
MfXR43+u2I4AWnSYsE/G/yN7XHMAeMnbTg==
2468
+
-----END CERTIFICATE-----
2469
+
Certificate Ingredients:
2470
+
Data:
2471
+
Version: 3 (0x2)
2472
+
Serial Number: 3 (0x3)
2473
+
Signature Algorithm: md5WithRSAEncryption
2474
+
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 2 CA/Email=certificate@trustcenter.de
2475
+
Validity
2476
+
Not Before: Mar 9 13:57:44 1998 GMT
2477
+
Not After : Dec 31 13:57:44 2005 GMT
2478
+
Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 2 CA/Email=certificate@trustcenter.de
2479
+
Subject Public Key Info:
2480
+
Public Key Algorithm: rsaEncryption
2481
+
RSA Public Key: (1024 bit)
2482
+
Modulus (1024 bit):
2483
+
00:da:38:e8:ed:32:00:29:71:83:01:0d:bf:8c:01:
2484
+
dc:da:c6:ad:39:a4:a9:8a:2f:d5:8b:5c:68:5f:50:
2485
+
c6:62:f5:66:bd:ca:91:22:ec:aa:1d:51:d7:3d:b3:
2486
+
51:b2:83:4e:5d:cb:49:b0:f0:4c:55:e5:6b:2d:c7:
2487
+
85:0b:30:1c:92:4e:82:d4:ca:02:ed:f7:6f:be:dc:
2488
+
e0:e3:14:b8:05:53:f2:9a:f4:56:8b:5a:9e:85:93:
2489
+
d1:b4:82:56:ae:4d:bb:a8:4b:57:16:bc:fe:f8:58:
2490
+
9e:f8:29:8d:b0:7b:cd:78:c9:4f:ac:8b:67:0c:f1:
2491
+
9c:fb:fc:57:9b:57:5c:4f:0d
2492
+
Exponent: 65537 (0x10001)
2493
+
X509v3 extensions:
2494
+
Netscape Revocation Url:
2495
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2496
+
Netscape CA Revocation Url:
2497
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2498
+
Netscape Renewal Url:
2499
+
https://www.trustcenter.de/cgi-bin/Renew.cgi?
2500
+
Netscape CA Policy Url:
2501
+
http://www.trustcenter.de/guidelines/index.html
2502
+
Netscape Comment:
2503
+
TC TrustCenter Class 2 CA
2504
+
Netscape Cert Type:
2505
+
SSL CA, S/MIME CA, Object Signing CA
2506
+
Signature Algorithm: md5WithRSAEncryption
2507
+
89:1b:f4:ef:e9:38:e2:6c:0c:f6:cd:6f:49:ce:29:cc:fb:a6:
2508
+
0f:f9:8d:3e:95:46:d6:fc:47:32:89:b2:c8:06:61:7a:d2:e7:
2509
+
0d:13:02:94:0b:d9:8b:56:47:f4:bb:e7:c5:5f:7b:f4:63:4c:
2510
+
ae:7c:34:ea:0d:a2:a9:b3:2c:85:f3:e3:fe:27:54:10:92:b0:
2511
+
8f:92:c1:98:42:18:70:48:db:4e:2c:eb:0d:24:68:e4:d1:f7:
2512
+
be:09:a9:29:87:bb:e8:da:dc:3e:a3:88:42:31:f5:d1:e3:7f:
2513
+
ae:d8:8e:00:5a:74:98:b0:4f:c6:ff:23:7b:5c:73:00:78:c9:
2514
+
db:4e
2515
+
2516
+
TC TrustCenter, Germany, Class 3 CA
2517
+
===================================
2518
+
MD5 Fingerprint: 62:AB:B6:15:4A:B4:B0:16:77:FF:AE:CF:16:16:2B:8C
2519
+
PEM Data:
2520
+
-----BEGIN CERTIFICATE-----
2521
+
MIIENTCCA56gAwIBAgIBBDANBgkqhkiG9w0BAQQFADCBvDELMAkGA1UEBhMCREUx
2522
+
EDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxOjA4BgNVBAoTMVRD
2523
+
IFRydXN0Q2VudGVyIGZvciBTZWN1cml0eSBpbiBEYXRhIE5ldHdvcmtzIEdtYkgx
2524
+
IjAgBgNVBAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExKTAnBgkqhkiG9w0B
2525
+
CQEWGmNlcnRpZmljYXRlQHRydXN0Y2VudGVyLmRlMB4XDTk4MDMwOTEzNTg0OVoX
2526
+
DTA1MTIzMTEzNTg0OVowgbwxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJn
2527
+
MRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFUQyBUcnVzdENlbnRlciBmb3Ig
2528
+
U2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVz
2529
+
dENlbnRlciBDbGFzcyAzIENBMSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0
2530
+
cnVzdGNlbnRlci5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtrTBNQUu
2531
+
DY3soEBqHA4nplCSa1AbB94u53bM4Nr8hKhejGNqK03ZTgJ2EcEL8o15ygC28bAO
2532
+
1/ukFz2vq2l6lie/rzOhmipZqsS1NwjyEqUxtkP1MpZxKCirjSiG37vu4wx9MNbD
2533
+
UquPXSeca8Cj5wVrV0lEs27qZM/SjnpQd3cCAwEAAaOCAUMwggE/MEAGCWCGSAGG
2534
+
+EIBAwQzFjFodHRwczovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL2NoZWNr
2535
+
LXJldi5jZ2k/MEAGCWCGSAGG+EIBBAQzFjFodHRwczovL3d3dy50cnVzdGNlbnRl
2536
+
ci5kZS9jZ2ktYmluL2NoZWNrLXJldi5jZ2k/MDwGCWCGSAGG+EIBBwQvFi1odHRw
2537
+
czovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL1JlbmV3LmNnaT8wPgYJYIZI
2538
+
AYb4QgEIBDEWL2h0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lcy9p
2539
+
bmRleC5odG1sMCgGCWCGSAGG+EIBDQQbFhlUQyBUcnVzdENlbnRlciBDbGFzcyAz
2540
+
IENBMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQQFAAOBgQCEhlBieaAn
2541
+
4SW6CbE0DxMJ7S3Ko+aV+TCszRelzj2Xnex8jyZ/wGHKIveR3Tw2WZqbdfe85Mjt
2542
+
7AK2IqfzLPHIknhttu7FKOyAIE+5awjnL6eGHn2xCJ9UuQA3PKDYGsiWHPQyFJw5
2543
+
lbfu8ENJwl7oy3lvU7/7SYos2EvZVfIScA==
2544
+
-----END CERTIFICATE-----
2545
+
Certificate Ingredients:
2546
+
Data:
2547
+
Version: 3 (0x2)
2548
+
Serial Number: 4 (0x4)
2549
+
Signature Algorithm: md5WithRSAEncryption
2550
+
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 3 CA/Email=certificate@trustcenter.de
2551
+
Validity
2552
+
Not Before: Mar 9 13:58:49 1998 GMT
2553
+
Not After : Dec 31 13:58:49 2005 GMT
2554
+
Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 3 CA/Email=certificate@trustcenter.de
2555
+
Subject Public Key Info:
2556
+
Public Key Algorithm: rsaEncryption
2557
+
RSA Public Key: (1024 bit)
2558
+
Modulus (1024 bit):
2559
+
00:b6:b4:c1:35:05:2e:0d:8d:ec:a0:40:6a:1c:0e:
2560
+
27:a6:50:92:6b:50:1b:07:de:2e:e7:76:cc:e0:da:
2561
+
fc:84:a8:5e:8c:63:6a:2b:4d:d9:4e:02:76:11:c1:
2562
+
0b:f2:8d:79:ca:00:b6:f1:b0:0e:d7:fb:a4:17:3d:
2563
+
af:ab:69:7a:96:27:bf:af:33:a1:9a:2a:59:aa:c4:
2564
+
b5:37:08:f2:12:a5:31:b6:43:f5:32:96:71:28:28:
2565
+
ab:8d:28:86:df:bb:ee:e3:0c:7d:30:d6:c3:52:ab:
2566
+
8f:5d:27:9c:6b:c0:a3:e7:05:6b:57:49:44:b3:6e:
2567
+
ea:64:cf:d2:8e:7a:50:77:77
2568
+
Exponent: 65537 (0x10001)
2569
+
X509v3 extensions:
2570
+
Netscape Revocation Url:
2571
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2572
+
Netscape CA Revocation Url:
2573
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2574
+
Netscape Renewal Url:
2575
+
https://www.trustcenter.de/cgi-bin/Renew.cgi?
2576
+
Netscape CA Policy Url:
2577
+
http://www.trustcenter.de/guidelines/index.html
2578
+
Netscape Comment:
2579
+
TC TrustCenter Class 3 CA
2580
+
Netscape Cert Type:
2581
+
SSL CA, S/MIME CA, Object Signing CA
2582
+
Signature Algorithm: md5WithRSAEncryption
2583
+
84:86:50:62:79:a0:27:e1:25:ba:09:b1:34:0f:13:09:ed:2d:
2584
+
ca:a3:e6:95:f9:30:ac:cd:17:a5:ce:3d:97:9d:ec:7c:8f:26:
2585
+
7f:c0:61:ca:22:f7:91:dd:3c:36:59:9a:9b:75:f7:bc:e4:c8:
2586
+
ed:ec:02:b6:22:a7:f3:2c:f1:c8:92:78:6d:b6:ee:c5:28:ec:
2587
+
80:20:4f:b9:6b:08:e7:2f:a7:86:1e:7d:b1:08:9f:54:b9:00:
2588
+
37:3c:a0:d8:1a:c8:96:1c:f4:32:14:9c:39:95:b7:ee:f0:43:
2589
+
49:c2:5e:e8:cb:79:6f:53:bf:fb:49:8a:2c:d8:4b:d9:55:f2:
2590
+
12:70
2591
+
2592
+
TC TrustCenter, Germany, Class 4 CA
2593
+
===================================
2594
+
MD5 Fingerprint: BF:AF:EC:C4:DA:F9:30:F9:CA:35:CA:25:E4:3F:8D:89
2595
+
PEM Data:
2596
+
-----BEGIN CERTIFICATE-----
2597
+
MIIENTCCA56gAwIBAgIBBTANBgkqhkiG9w0BAQQFADCBvDELMAkGA1UEBhMCREUx
2598
+
EDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxOjA4BgNVBAoTMVRD
2599
+
IFRydXN0Q2VudGVyIGZvciBTZWN1cml0eSBpbiBEYXRhIE5ldHdvcmtzIEdtYkgx
2600
+
IjAgBgNVBAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDQgQ0ExKTAnBgkqhkiG9w0B
2601
+
CQEWGmNlcnRpZmljYXRlQHRydXN0Y2VudGVyLmRlMB4XDTk4MDMwOTE0MDAyMFoX
2602
+
DTA1MTIzMTE0MDAyMFowgbwxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJn
2603
+
MRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFUQyBUcnVzdENlbnRlciBmb3Ig
2604
+
U2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVz
2605
+
dENlbnRlciBDbGFzcyA0IENBMSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0
2606
+
cnVzdGNlbnRlci5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvy9j1jZ7
2607
+
sg3TVfVkbOYlXca0yBS6JTiD61ZipVWpZaP0I5nCS7nQzVRnpqOgo6kzK3bkva13
2608
+
su1cEnTDxbYPUppyk0OQYmYVD0Wl3eDduG9AblfBeXKjYKq6dh0SiVNa/AK+4QkT
2609
+
xUov3D2LGa3XiyRF+0z0zVw1HSlMUfPybFUCAwEAAaOCAUMwggE/MEAGCWCGSAGG
2610
+
+EIBAwQzFjFodHRwczovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL2NoZWNr
2611
+
LXJldi5jZ2k/MEAGCWCGSAGG+EIBBAQzFjFodHRwczovL3d3dy50cnVzdGNlbnRl
2612
+
ci5kZS9jZ2ktYmluL2NoZWNrLXJldi5jZ2k/MDwGCWCGSAGG+EIBBwQvFi1odHRw
2613
+
czovL3d3dy50cnVzdGNlbnRlci5kZS9jZ2ktYmluL1JlbmV3LmNnaT8wPgYJYIZI
2614
+
AYb4QgEIBDEWL2h0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lcy9p
2615
+
bmRleC5odG1sMCgGCWCGSAGG+EIBDQQbFhlUQyBUcnVzdENlbnRlciBDbGFzcyA0
2616
+
IENBMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQQFAAOBgQCUaBQbJZ4p
2617
+
mbGyI9JEs5Wf0Z5VBN3jL4IzVZZ3GZ0rnmUc+orjx48l/LEeVUYPj/9PNy+kdlmm
2618
+
ZOvVFnC93ZUzDKQNJOtkULRDEfJDvg1xmCLsAa/s98dcccN1kVgZ6N2g9LTxvBBK
2619
+
85O0Bkm7H2bSvXRH4Zr569erbR+64R0s2g==
2620
+
-----END CERTIFICATE-----
2621
+
Certificate Ingredients:
2622
+
Data:
2623
+
Version: 3 (0x2)
2624
+
Serial Number: 5 (0x5)
2625
+
Signature Algorithm: md5WithRSAEncryption
2626
+
Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 4 CA/Email=certificate@trustcenter.de
2627
+
Validity
2628
+
Not Before: Mar 9 14:00:20 1998 GMT
2629
+
Not After : Dec 31 14:00:20 2005 GMT
2630
+
Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 4 CA/Email=certificate@trustcenter.de
2631
+
Subject Public Key Info:
2632
+
Public Key Algorithm: rsaEncryption
2633
+
RSA Public Key: (1024 bit)
2634
+
Modulus (1024 bit):
2635
+
00:bf:2f:63:d6:36:7b:b2:0d:d3:55:f5:64:6c:e6:
2636
+
25:5d:c6:b4:c8:14:ba:25:38:83:eb:56:62:a5:55:
2637
+
a9:65:a3:f4:23:99:c2:4b:b9:d0:cd:54:67:a6:a3:
2638
+
a0:a3:a9:33:2b:76:e4:bd:ad:77:b2:ed:5c:12:74:
2639
+
c3:c5:b6:0f:52:9a:72:93:43:90:62:66:15:0f:45:
2640
+
a5:dd:e0:dd:b8:6f:40:6e:57:c1:79:72:a3:60:aa:
2641
+
ba:76:1d:12:89:53:5a:fc:02:be:e1:09:13:c5:4a:
2642
+
2f:dc:3d:8b:19:ad:d7:8b:24:45:fb:4c:f4:cd:5c:
2643
+
35:1d:29:4c:51:f3:f2:6c:55
2644
+
Exponent: 65537 (0x10001)
2645
+
X509v3 extensions:
2646
+
Netscape Revocation Url:
2647
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2648
+
Netscape CA Revocation Url:
2649
+
https://www.trustcenter.de/cgi-bin/check-rev.cgi?
2650
+
Netscape Renewal Url:
2651
+
https://www.trustcenter.de/cgi-bin/Renew.cgi?
2652
+
Netscape CA Policy Url:
2653
+
http://www.trustcenter.de/guidelines/index.html
2654
+
Netscape Comment:
2655
+
TC TrustCenter Class 4 CA
2656
+
Netscape Cert Type:
2657
+
SSL CA, S/MIME CA, Object Signing CA
2658
+
Signature Algorithm: md5WithRSAEncryption
2659
+
94:68:14:1b:25:9e:29:99:b1:b2:23:d2:44:b3:95:9f:d1:9e:
2660
+
55:04:dd:e3:2f:82:33:55:96:77:19:9d:2b:9e:65:1c:fa:8a:
2661
+
e3:c7:8f:25:fc:b1:1e:55:46:0f:8f:ff:4f:37:2f:a4:76:59:
2662
+
a6:64:eb:d5:16:70:bd:dd:95:33:0c:a4:0d:24:eb:64:50:b4:
2663
+
43:11:f2:43:be:0d:71:98:22:ec:01:af:ec:f7:c7:5c:71:c3:
2664
+
75:91:58:19:e8:dd:a0:f4:b4:f1:bc:10:4a:f3:93:b4:06:49:
2665
+
bb:1f:66:d2:bd:74:47:e1:9a:f9:eb:d7:ab:6d:1f:ba:e1:1d:
2666
+
2c:da
2667
+
2668
+
Thawte Personal Basic CA
2669
+
========================
2670
+
MD5 Fingerprint: E6:0B:D2:C9:CA:2D:88:DB:1A:71:0E:4B:78:EB:02:41
2671
+
PEM Data:
2672
+
-----BEGIN CERTIFICATE-----
2673
+
MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCWkEx
2674
+
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
2675
+
VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
2676
+
ZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBlcnNvbmFsIEJhc2lj
2677
+
IENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNpY0B0aGF3dGUuY29tMB4X
2678
+
DTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgcsxCzAJBgNVBAYTAlpBMRUw
2679
+
EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE
2680
+
ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
2681
+
dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQZXJzb25hbCBCYXNpYyBD
2682
+
QTEoMCYGCSqGSIb3DQEJARYZcGVyc29uYWwtYmFzaWNAdGhhd3RlLmNvbTCBnzAN
2683
+
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvLyTU23AUE+CFeZIlDWmWr5vQvoPR+53
2684
+
dXLdjUmbllegeNTKP1GzaQuRdhciB5dqxFGTS+CN7zeVoQxN2jSQHReJl+A1OFdK
2685
+
wPQIcOk8RHtQfmGakOMj04gRRif1CwcOu93RfyAKiLlWCy4cgNrx454p7xS9CkT7
2686
+
G1sY0b8jkyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQF
2687
+
AAOBgQAt4plrsD16iddZopQBHyvdEktTwq1/qqcAXJFAVyVKOKqEcLnZgA+le1z7
2688
+
c8a914phXAPjLSeoF+CEhULcXpvGt7Jtu3Sv5D/Lp7ew4F2+eIMllNLbgQ95B21P
2689
+
9DkVWlIBe94y1k049hJcBlDfBVu9FEuh3ym6O0GN92NWod8isQ==
2690
+
-----END CERTIFICATE-----
2691
+
Certificate Ingredients:
2692
+
Data:
2693
+
Version: 3 (0x2)
2694
+
Serial Number: 0 (0x0)
2695
+
Signature Algorithm: md5WithRSAEncryption
2696
+
Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA/Email=personal-basic@thawte.com
2697
+
Validity
2698
+
Not Before: Jan 1 00:00:00 1996 GMT
2699
+
Not After : Dec 31 23:59:59 2020 GMT
2700
+
Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA/Email=personal-basic@thawte.com
2701
+
Subject Public Key Info:
2702
+
Public Key Algorithm: rsaEncryption
2703
+
RSA Public Key: (1024 bit)
2704
+
Modulus (1024 bit):
2705
+
00:bc:bc:93:53:6d:c0:50:4f:82:15:e6:48:94:35:
2706
+
a6:5a:be:6f:42:fa:0f:47:ee:77:75:72:dd:8d:49:
2707
+
9b:96:57:a0:78:d4:ca:3f:51:b3:69:0b:91:76:17:
2708
+
22:07:97:6a:c4:51:93:4b:e0:8d:ef:37:95:a1:0c:
2709
+
4d:da:34:90:1d:17:89:97:e0:35:38:57:4a:c0:f4:
2710
+
08:70:e9:3c:44:7b:50:7e:61:9a:90:e3:23:d3:88:
2711
+
11:46:27:f5:0b:07:0e:bb:dd:d1:7f:20:0a:88:b9:
2712
+
56:0b:2e:1c:80:da:f1:e3:9e:29:ef:14:bd:0a:44:
2713
+
fb:1b:5b:18:d1:bf:23:93:21
2714
+
Exponent: 65537 (0x10001)
2715
+
X509v3 extensions:
2716
+
X509v3 Basic Constraints: critical
2717
+
CA:TRUE
2718
+
Signature Algorithm: md5WithRSAEncryption
2719
+
2d:e2:99:6b:b0:3d:7a:89:d7:59:a2:94:01:1f:2b:dd:12:4b:
2720
+
53:c2:ad:7f:aa:a7:00:5c:91:40:57:25:4a:38:aa:84:70:b9:
2721
+
d9:80:0f:a5:7b:5c:fb:73:c6:bd:d7:8a:61:5c:03:e3:2d:27:
2722
+
a8:17:e0:84:85:42:dc:5e:9b:c6:b7:b2:6d:bb:74:af:e4:3f:
2723
+
cb:a7:b7:b0:e0:5d:be:78:83:25:94:d2:db:81:0f:79:07:6d:
2724
+
4f:f4:39:15:5a:52:01:7b:de:32:d6:4d:38:f6:12:5c:06:50:
2725
+
df:05:5b:bd:14:4b:a1:df:29:ba:3b:41:8d:f7:63:56:a1:df:
2726
+
22:b1
2727
+
2728
+
Thawte Personal Freemail CA
2729
+
===========================
2730
+
MD5 Fingerprint: 1E:74:C3:86:3C:0C:35:C5:3E:C2:7F:EF:3C:AA:3C:D9
2731
+
PEM Data:
2732
+
-----BEGIN CERTIFICATE-----
2733
+
MIIDLTCCApagAwIBAgIBADANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkEx
2734
+
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
2735
+
VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
2736
+
ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt
2737
+
YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
2738
+
Y29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgdExCzAJBgNVBAYT
2739
+
AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa
2740
+
MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
2741
+
b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG
2742
+
cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhh
2743
+
d3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfY
2744
+
DFG26nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5E
2745
+
rHzmj+hND3EfQDimAKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVq
2746
+
uzgkCGqYx7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zAN
2747
+
BgkqhkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk8E0RYNBvjWBYYawmu1I1XAjP
2748
+
MPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBHH7UNKOgCneSa
2749
+
/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr5PjRznei
2750
+
gQ==
2751
+
-----END CERTIFICATE-----
2752
+
Certificate Ingredients:
2753
+
Data:
2754
+
Version: 3 (0x2)
2755
+
Serial Number: 0 (0x0)
2756
+
Signature Algorithm: md5WithRSAEncryption
2757
+
Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Freemail CA/Email=personal-freemail@thawte.com
2758
+
Validity
2759
+
Not Before: Jan 1 00:00:00 1996 GMT
2760
+
Not After : Dec 31 23:59:59 2020 GMT
2761
+
Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Freemail CA/Email=personal-freemail@thawte.com
2762
+
Subject Public Key Info:
2763
+
Public Key Algorithm: rsaEncryption
2764
+
RSA Public Key: (1024 bit)
2765
+
Modulus (1024 bit):
2766
+
00:d4:69:d7:d4:b0:94:64:5b:71:e9:47:d8:0c:51:
2767
+
b6:ea:72:91:b0:84:5e:7d:2d:0d:8f:7b:12:df:85:
2768
+
25:75:28:74:3a:42:2c:63:27:9f:95:7b:4b:ef:7e:
2769
+
19:87:1d:86:ea:a3:dd:b9:ce:96:64:1a:c2:14:6e:
2770
+
44:ac:7c:e6:8f:e8:4d:0f:71:1f:40:38:a6:00:a3:
2771
+
87:78:f6:f9:94:86:5e:ad:ea:c0:5e:76:eb:d9:14:
2772
+
a3:5d:6e:7a:7c:0c:a5:4b:55:7f:06:19:29:7f:9e:
2773
+
9a:26:d5:6a:bb:38:24:08:6a:98:c7:b1:da:a3:98:
2774
+
91:fd:79:db:e5:5a:c4:1c:b9
2775
+
Exponent: 65537 (0x10001)
2776
+
X509v3 extensions:
2777
+
X509v3 Basic Constraints: critical
2778
+
CA:TRUE
2779
+
Signature Algorithm: md5WithRSAEncryption
2780
+
c7:ec:92:7e:4e:f8:f5:96:a5:67:62:2a:a4:f0:4d:11:60:d0:
2781
+
6f:8d:60:58:61:ac:26:bb:52:35:5c:08:cf:30:fb:a8:4a:96:
2782
+
8a:1f:62:42:23:8c:17:0f:f4:ba:64:9c:17:ac:47:29:df:9d:
2783
+
98:5e:d2:6c:60:71:5c:a2:ac:dc:79:e3:e7:6e:00:47:1f:b5:
2784
+
0d:28:e8:02:9d:e4:9a:fd:13:f4:a6:d9:7c:b1:f8:dc:5f:23:
2785
+
26:09:91:80:73:d0:14:1b:de:43:a9:83:25:f2:e6:9c:2f:15:
2786
+
ca:fe:a6:ab:8a:07:75:8b:0c:dd:51:84:6b:e4:f8:d1:ce:77:
2787
+
a2:81
2788
+
2789
+
Thawte Personal Premium CA
2790
+
==========================
2791
+
MD5 Fingerprint: 3A:B2:DE:22:9A:20:93:49:F9:ED:C8:D2:8A:E7:68:0D
2792
+
PEM Data:
2793
+
-----BEGIN CERTIFICATE-----
2794
+
MIIDKTCCApKgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBzzELMAkGA1UEBhMCWkEx
2795
+
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
2796
+
VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
2797
+
ZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3RlIFBlcnNvbmFsIFByZW1p
2798
+
dW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXByZW1pdW1AdGhhd3RlLmNv
2799
+
bTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEyMzU5NTlaMIHPMQswCQYDVQQGEwJa
2800
+
QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAY
2801
+
BgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9u
2802
+
IFNlcnZpY2VzIERpdmlzaW9uMSMwIQYDVQQDExpUaGF3dGUgUGVyc29uYWwgUHJl
2803
+
bWl1bSBDQTEqMCgGCSqGSIb3DQEJARYbcGVyc29uYWwtcHJlbWl1bUB0aGF3dGUu
2804
+
Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJZtn4B0TPuYwu8KHvE0Vs
2805
+
Bd/eJxZRNkERbGw77f4QfRKe5ZtCmv5gMcNmt3M6SK5O0DI3lIi1DbbZ8/JE2dWI
2806
+
Et12TfIa/G8jHnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8fAHB8Zs8QJQi6+u4A6UYD
2807
+
ZicRFTuqW/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
2808
+
SIb3DQEBBAUAA4GBAGk2ifc0KjNyL2071CKyuG+axTZmDhs8obF1Wub9NdP4qPIH
2809
+
b4Vnjt4rueIXsDqg8A6iAJrf8xQVbrvIhVqYgPn/vnQdPfP+MCXRNzRn+qVxeTBh
2810
+
KXLA4CxM+1bkOqhv5TJZUtt1KFBZDPgLGeSs2a+WjS9Q2wfD6h+rM+D1KzGJ
2811
+
-----END CERTIFICATE-----
2812
+
Certificate Ingredients:
2813
+
Data:
2814
+
Version: 3 (0x2)
2815
+
Serial Number: 0 (0x0)
2816
+
Signature Algorithm: md5WithRSAEncryption
2817
+
Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA/Email=personal-premium@thawte.com
2818
+
Validity
2819
+
Not Before: Jan 1 00:00:00 1996 GMT
2820
+
Not After : Dec 31 23:59:59 2020 GMT
2821
+
Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA/Email=personal-premium@thawte.com
2822
+
Subject Public Key Info:
2823
+
Public Key Algorithm: rsaEncryption
2824
+
RSA Public Key: (1024 bit)
2825
+
Modulus (1024 bit):
2826
+
00:c9:66:d9:f8:07:44:cf:b9:8c:2e:f0:a1:ef:13:
2827
+
45:6c:05:df:de:27:16:51:36:41:11:6c:6c:3b:ed:
2828
+
fe:10:7d:12:9e:e5:9b:42:9a:fe:60:31:c3:66:b7:
2829
+
73:3a:48:ae:4e:d0:32:37:94:88:b5:0d:b6:d9:f3:
2830
+
f2:44:d9:d5:88:12:dd:76:4d:f2:1a:fc:6f:23:1e:
2831
+
7a:f1:d8:98:45:4e:07:10:ef:16:42:d0:43:75:6d:
2832
+
4a:de:e2:aa:c9:31:ff:1f:00:70:7c:66:cf:10:25:
2833
+
08:ba:fa:ee:00:e9:46:03:66:27:11:15:3b:aa:5b:
2834
+
f2:98:dd:36:42:b2:da:88:75
2835
+
Exponent: 65537 (0x10001)
2836
+
X509v3 extensions:
2837
+
X509v3 Basic Constraints: critical
2838
+
CA:TRUE
2839
+
Signature Algorithm: md5WithRSAEncryption
2840
+
69:36:89:f7:34:2a:33:72:2f:6d:3b:d4:22:b2:b8:6f:9a:c5:
2841
+
36:66:0e:1b:3c:a1:b1:75:5a:e6:fd:35:d3:f8:a8:f2:07:6f:
2842
+
85:67:8e:de:2b:b9:e2:17:b0:3a:a0:f0:0e:a2:00:9a:df:f3:
2843
+
14:15:6e:bb:c8:85:5a:98:80:f9:ff:be:74:1d:3d:f3:fe:30:
2844
+
25:d1:37:34:67:fa:a5:71:79:30:61:29:72:c0:e0:2c:4c:fb:
2845
+
56:e4:3a:a8:6f:e5:32:59:52:db:75:28:50:59:0c:f8:0b:19:
2846
+
e4:ac:d9:af:96:8d:2f:50:db:07:c3:ea:1f:ab:33:e0:f5:2b:
2847
+
31:89
2848
+
2849
+
Thawte Premium Server CA
2850
+
========================
2851
+
MD5 Fingerprint: 06:9F:69:79:16:66:90:02:1B:8C:8C:A2:C3:07:6F:3A
2852
+
PEM Data:
2853
+
-----BEGIN CERTIFICATE-----
2854
+
MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
2855
+
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
2856
+
VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
2857
+
biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
2858
+
dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
2859
+
MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
2860
+
MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
2861
+
A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
2862
+
b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
2863
+
cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
2864
+
bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
2865
+
VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
2866
+
ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
2867
+
uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
2868
+
9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
2869
+
hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
2870
+
pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
2871
+
-----END CERTIFICATE-----
2872
+
Certificate Ingredients:
2873
+
Data:
2874
+
Version: 3 (0x2)
2875
+
Serial Number: 1 (0x1)
2876
+
Signature Algorithm: md5WithRSAEncryption
2877
+
Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/Email=premium-server@thawte.com
2878
+
Validity
2879
+
Not Before: Aug 1 00:00:00 1996 GMT
2880
+
Not After : Dec 31 23:59:59 2020 GMT
2881
+
Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/Email=premium-server@thawte.com
2882
+
Subject Public Key Info:
2883
+
Public Key Algorithm: rsaEncryption
2884
+
RSA Public Key: (1024 bit)
2885
+
Modulus (1024 bit):
2886
+
00:d2:36:36:6a:8b:d7:c2:5b:9e:da:81:41:62:8f:
2887
+
38:ee:49:04:55:d6:d0:ef:1c:1b:95:16:47:ef:18:
2888
+
48:35:3a:52:f4:2b:6a:06:8f:3b:2f:ea:56:e3:af:
2889
+
86:8d:9e:17:f7:9e:b4:65:75:02:4d:ef:cb:09:a2:
2890
+
21:51:d8:9b:d0:67:d0:ba:0d:92:06:14:73:d4:93:
2891
+
cb:97:2a:00:9c:5c:4e:0c:bc:fa:15:52:fc:f2:44:
2892
+
6e:da:11:4a:6e:08:9f:2f:2d:e3:f9:aa:3a:86:73:
2893
+
b6:46:53:58:c8:89:05:bd:83:11:b8:73:3f:aa:07:
2894
+
8d:f4:42:4d:e7:40:9d:1c:37
2895
+
Exponent: 65537 (0x10001)
2896
+
X509v3 extensions:
2897
+
X509v3 Basic Constraints: critical
2898
+
CA:TRUE
2899
+
Signature Algorithm: md5WithRSAEncryption
2900
+
26:48:2c:16:c2:58:fa:e8:16:74:0c:aa:aa:5f:54:3f:f2:d7:
2901
+
c9:78:60:5e:5e:6e:37:63:22:77:36:7e:b2:17:c4:34:b9:f5:
2902
+
08:85:fc:c9:01:38:ff:4d:be:f2:16:42:43:e7:bb:5a:46:fb:
2903
+
c1:c6:11:1f:f1:4a:b0:28:46:c9:c3:c4:42:7d:bc:fa:ab:59:
2904
+
6e:d5:b7:51:88:11:e3:a4:85:19:6b:82:4c:a4:0c:12:ad:e9:
2905
+
a4:ae:3f:f1:c3:49:65:9a:8c:c5:c8:3e:25:b7:94:99:bb:92:
2906
+
32:71:07:f0:86:5e:ed:50:27:a6:0d:a6:23:f9:bb:cb:a6:07:
2907
+
14:42
2908
+
2909
+
Thawte Server CA
2910
+
================
2911
+
MD5 Fingerprint: C5:70:C4:A2:ED:53:78:0C:C8:10:53:81:64:CB:D0:1D
2912
+
PEM Data:
2913
+
-----BEGIN CERTIFICATE-----
2914
+
MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
2915
+
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
2916
+
VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
2917
+
biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
2918
+
MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
2919
+
MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
2920
+
DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
2921
+
dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
2922
+
cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
2923
+
DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
2924
+
gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
2925
+
yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
2926
+
L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
2927
+
EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
2928
+
7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
2929
+
QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
2930
+
qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
2931
+
-----END CERTIFICATE-----
2932
+
Certificate Ingredients:
2933
+
Data:
2934
+
Version: 3 (0x2)
2935
+
Serial Number: 1 (0x1)
2936
+
Signature Algorithm: md5WithRSAEncryption
2937
+
Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/Email=server-certs@thawte.com
2938
+
Validity
2939
+
Not Before: Aug 1 00:00:00 1996 GMT
2940
+
Not After : Dec 31 23:59:59 2020 GMT
2941
+
Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/Email=server-certs@thawte.com
2942
+
Subject Public Key Info:
2943
+
Public Key Algorithm: rsaEncryption
2944
+
RSA Public Key: (1024 bit)
2945
+
Modulus (1024 bit):
2946
+
00:d3:a4:50:6e:c8:ff:56:6b:e6:cf:5d:b6:ea:0c:
2947
+
68:75:47:a2:aa:c2:da:84:25:fc:a8:f4:47:51:da:
2948
+
85:b5:20:74:94:86:1e:0f:75:c9:e9:08:61:f5:06:
2949
+
6d:30:6e:15:19:02:e9:52:c0:62:db:4d:99:9e:e2:
2950
+
6a:0c:44:38:cd:fe:be:e3:64:09:70:c5:fe:b1:6b:
2951
+
29:b6:2f:49:c8:3b:d4:27:04:25:10:97:2f:e7:90:
2952
+
6d:c0:28:42:99:d7:4c:43:de:c3:f5:21:6d:54:9f:
2953
+
5d:c3:58:e1:c0:e4:d9:5b:b0:b8:dc:b4:7b:df:36:
2954
+
3a:c2:b5:66:22:12:d6:87:0d
2955
+
Exponent: 65537 (0x10001)
2956
+
X509v3 extensions:
2957
+
X509v3 Basic Constraints: critical
2958
+
CA:TRUE
2959
+
Signature Algorithm: md5WithRSAEncryption
2960
+
07:fa:4c:69:5c:fb:95:cc:46:ee:85:83:4d:21:30:8e:ca:d9:
2961
+
a8:6f:49:1a:e6:da:51:e3:60:70:6c:84:61:11:a1:1a:c8:48:
2962
+
3e:59:43:7d:4f:95:3d:a1:8b:b7:0b:62:98:7a:75:8a:dd:88:
2963
+
4e:4e:9e:40:db:a8:cc:32:74:b9:6f:0d:c6:e3:b3:44:0b:d9:
2964
+
8a:6f:9a:29:9b:99:18:28:3b:d1:e3:40:28:9a:5a:3c:d5:b5:
2965
+
e7:20:1b:8b:ca:a4:ab:8d:e9:51:d9:e2:4c:2c:59:a9:da:b9:
2966
+
b2:75:1b:f6:42:f2:ef:c7:f2:18:f9:89:bc:a3:ff:8a:23:2e:
2967
+
70:47
2968
+
2969
+
Thawte Universal CA Root
2970
+
========================
2971
+
MD5 Fingerprint: 17:AF:71:16:52:7B:73:65:22:05:29:28:84:71:9D:13
2972
+
PEM Data:
2973
+
-----BEGIN CERTIFICATE-----
2974
+
MIIRIjCCCQoCAQAwDQYJKoZIhvcNAQEFBQAwVzEPMA0GA1UEChMGVGhhd3RlMSEw
2975
+
HwYDVQQLExhUaGF3dGUgVW5pdmVyc2FsIENBIFJvb3QxITAfBgNVBAMTGFRoYXd0
2976
+
ZSBVbml2ZXJzYWwgQ0EgUm9vdDAeFw05OTEyMDUxMzU2MDVaFw0zNzA0MDMxMzU2
2977
+
MDVaMFcxDzANBgNVBAoTBlRoYXd0ZTEhMB8GA1UECxMYVGhhd3RlIFVuaXZlcnNh
2978
+
bCBDQSBSb290MSEwHwYDVQQDExhUaGF3dGUgVW5pdmVyc2FsIENBIFJvb3Qwgggi
2979
+
MA0GCSqGSIb3DQEBAQUAA4IIDwAwgggKAoIIAQDiiQVtw3+tpok6/7vHzZ03seHS
2980
+
IR6bYSoV53tXT1U80Lv52T0+przstK1TmhYC6wty/Yryj0QFxevT5b22RDnm+0e/
2981
+
ap4KlRjiaOLWltYhrYj99Rf109pCpZDtKZWWdTrah6HU9dOH3gVipuNmdJLPpby7
2982
+
32j/cXVWQVk16zNaZlHy0qMKwYzOc1wRby2MlYyRsf3P5a1WlcyFkoOQVUHJwnft
2983
+
+aN0QgpoCPPQ0WX9Zyw0/yR/53nIBzslV92kDJg9vuDMGWXb8lSir0LUneKuhCMl
2984
+
CTMStWoedsSL2UkAbF66H/Ib2mfKJ6qjRCMbg4LO8qsz7VSk3MmrWWXROA7BPhtn
2985
+
j9Z1AeBVIt12d+yO3fTPeSJtuVcD9ZkIpzw+NPvEF64jWM0k8yPKagIolAGBNLRs
2986
+
a66LGsOj0gk8FlT1Nl8k459KoeJkxhbDpoF6JDZHjsFeDvv5FXgE1g5Z2Z1YZmLS
2987
+
lCkyMsh4uWb2tVbhbMYUS5ZSWZECJGpVR9c/tiMaYHeXLuJAr54EV56tEcXJQ3Dv
2988
+
SLRerBxpLi6C1VuLvoK+GRRe5w0ix1Eb/x6b8TCPcTEGszQnj196ZoJPii0Tq0LP
2989
+
IVael45mNg+Wm+Ur9AKpKmqMLMTDuHAsLSkeP1B3Hm0qVORVCpE4ocW1ZqJ2Wu4P
2990
+
v7Rn4ShuD+E2oYLRv9R34cRnMpN4yOdUU/4jeeZozCaQ9hBjXSpvkS2kczJRIfK7
2991
+
Fd+qJAhIBt6hnia/uoO/fKTIoIy90v+8hGknEyQYxEUYIyZeGBTKLoiHYqNT5iG3
2992
+
uIV7moW7FSZy+Ln3anQPST+SvqkFt5knv78JF0uZTK0REHzfdDH2jyZfqoiuOFfI
2993
+
VS3T+9gbUZm+JRs6usB9G+3O0km5z/PFfYmQgdhpSCAQo/jvklEYMosRGMA/G4VW
2994
+
zlfJ8oJkxt8CCS5KES+xJ203UvDwFmHxZ43fh3Kvh9rP+1CUbtSUheuKLOoh9ZZK
2995
+
RNXgzmp0RE3QBdOHFe020KSLZlVwk+5HBsF+LqUYeWfzKIXxcPcOg6R+VJ5adjLL
2996
+
ZRu4zfvIKAPSVJHRp8WFQwgXdqXmL2cI2KGigi0M+MGvY9RQd21rRkpBhdWQX3kt
2997
+
xOzXEYdAiuFo4mT4VTL7b5Ms2nfZIcEX5TYsTn6Qf6yUKzJnvjhQdriuQbnXIcUJ
2998
+
TGDIo1HENJtXN9/LyTNXi+v7dp8ZTcVqHypFrivtL42npQDLBPolYi50SBvKKoy6
2999
+
27Z+9rsCfKnD21h4ob/w/hoQVRHO6GlOlmXGFwPWB2iMVIKuHCJVP/H0CZcowEb3
3000
+
TgslHfcH1wkdOhhXODvoMwbnj3hGHlv1BrbsuKYN8boTS9YYIN1pM0ozFa64yJiK
3001
+
JyyTvC377jO/ZuZNurabBlVgl0u8RM1+9KHYqi/AAighFmJ42whU8vz0NOPGjxxD
3002
+
V86QGkvcLjsokYk/eto1HY4s7kns9DOtyVOojJ8EUz4kHFLJEvliV6O87izrQHwg
3003
+
I3ArlflzF4rRwRxpprc4mmf3cB16WgxAz2IPhTzCAk5+tfbFKimEsx83KuGqckLE
3004
+
7Wsaj5IcXb7R8lvyq6qp0vW4pEErK5FuEkjKmNg3jcjtADC1tgROfpzahOzA+nvl
3005
+
HYikU0awlORcG6ElLA9IUneXCWzsWxgzgwLlgn7NhSEwEf0nT8/kHuw/pVds6Sow
3006
+
GSqI5cNpOKtvOXF/hOFBw+HMKokgUi6DD2w5P0stFqwt8CSsAHP0m7MGPwW4FIUf
3007
+
q55cPJ5inQ5tO4AJ/ALqopd0ysf541bhw8qlpprAkOAkElPSwovavu0CQ15n4YmY
3008
+
ee7LqsrDG9znpUalfGsWh7ZaKNfbJzxepb22Ud0fQ887Jsg6jSVhwUn0PBvJROqv
3009
+
HMIrlAEqDjDRW4srR+XD0QQDmw45LNYn1OZwWtl1zyrYyQAF5BOI7MM5+4dhMDZD
3010
+
A8ienKIGwi/F/PCAY7FUBKBMqS7G9XZ62NDk1JQR5RW1eAbcuICPmakgMz0QhUxl
3011
+
Cco+WF5gk5qqYl3AUQYcXWCgDZxLQ/anFiGkh6rywS7ukjC4nt/fEAGLhglw2Gyo
3012
+
t1AeFpa092f9NTohkCoyxwB7TQcQCbkvc9gYfmeZBE8G/FDHhZudQJ2zljf6pdyy
3013
+
ck7vTgks/ZH9Tfe7pqE+q3uiA0CmqVUn4vr5Gc6HdarxdTbz87iR+JHDi3UTjkxl
3014
+
mhY5auU06HqWWX81sAD9W2n8Qyb69Shu/ofZfiT7tKCCblSi/66/YrT0cgHCy5hH
3015
+
mOFMtReAgM6PpijuHkVq+9/xHfxaO9bq9GwdYklXO4qPhurwUwTOnBZo/7q5/IgP
3016
+
R/cCRHJAuMo7LVOd3DxWjFl7aBosjXG7bADHGs5vQJKxoy8P2UTyo3Aunu4OrjLQ
3017
+
Oz6LB+rmebNcKeJ9a6he+Vox6AiWoowDmEbxuH2QVCbtdmL+numabl7JScdcNFMp
3018
+
VNns5EbhgDt12d/7edWH8bqe6xnOTFJz5luHriVPOXnMxrj5EHvs8JtxpAWg0ynT
3019
+
Tn8f9C0oeMxVlXsekS/MVhhzi7LbvGkH5tDYT+2i/1iFo23gSlO3Z32NDFxbe3co
3020
+
AjVEegTTKEPIazAXXTK4KTW6dto7FEp2GFik+JI8nk0zb0ZrCNkxSGjd9PskVjSy
3021
+
z2lmvkjSimYizfJpzcJTE0UpQSLWXZgftqSyo8LuAi9RG9yDpOxwJajUCGEyb+Sh
3022
+
gS58Y3L6KWW8cETPXQIDAQABMA0GCSqGSIb3DQEBBQUAA4IIAQBVmjRqIgZpCUUz
3023
+
x66pXMcJTpuGvEGQ1JRS9s0jKZRLIs3ovf6dzVLyve2rh8mrq0YEtL2iPyIwR1DA
3024
+
S4x2DwP1ktKxLcR6NZzJc4frpp/eD3ON03+Z2LqPb8Tzvhqui6KUNpDi5euNBfT8
3025
+
Zd+V8cSUTRdW1588j1A853e/lYYmZPtq/8ba6YyuQrtp5TPG2OkNxlUhScEMtKP5
3026
+
m0tc3oNPQQPOKnloOH3wVEkg9bYQ/wjcM2aWm/8G3gCe185WQ5pR/HDN9vBRo7fN
3027
+
tFyFYs1xt8YrIyvdw25AQvo3/zcc9npXlIeFI9fUycdfwU0vyQ3XXOycJe6eMIKR
3028
+
lnK4dR34CWhXl7ItS+4l7HokKe5y1JwT26vcAwrYShTJCFdEXaG1U4A08hSXz1Le
3029
+
og6KEOkU79BgvmGh8SVd1RhzP5MQypbus0DS26NVz1dapQ5PdUff6veQmm31cC4d
3030
+
FBw3ZARZULDccoZvnDc9XSivc1Xv0u4kdHQT79zbMUn7P2P10wg+M6XnnQreUyxR
3031
+
jmfbm0FlQVC91KSWbIe8EuCUx9PA5MtzWACD4awnhdadU51cvQo+A0OcDJH1bXv4
3032
+
QHJ1qxF2kSvhxqofcGl2cBUJ/pPQ1i23FWqbZ1y0aZ8lpn2K+30iqXHyzk6MuCEt
3033
+
3v5BcQ3/nexzprsHT4gOWEcufqnCx3jdunqeTuAwTmNvhdQgQen6/kNF5/uverLO
3034
+
pAUdIppYht/kzkyp/tgWpW/72M5We/XWIO/kR81jJP+5vvFIo8EBcua9wK3tJg3K
3035
+
NJ/8Ai0gTwUgriE9DMIgPD/wBITcz4n9uSWRjtBD5rMgq1wt1UCeoEvY9LLMffFY
3036
+
Co6H7YisNpbkVqARivKa0LNXozS7Gas44XRrIsQxzgHVGzbjHjhMM5PfQONZV06s
3037
+
bnseWj3FHVusyBCCNQIisvx16BCRjcR9eJNHnhydrGtiAliM1hwj1q94woCcpKok
3038
+
VBS1FJjG+CsaJMtxMgrimw5pa91+jGTRLmPvDn+xPohMnVXlyW4XBLdB/72KQcsl
3039
+
MW9Edz9HsfyBiAeOBUkgtxHZaQMqA525M4Sa399640Zzo9iijFMZiFVMdLj2RIQr
3040
+
0RQtTjkukmj/afyFYhvrVU/vJYRiRZnW2E5vP1MIfR0GlYGAf09OdDaYteKHcJjc
3041
+
1/XcUhXmxtZ5ljl/j5XPq4BTrRsLRUAO1Bi9LN6Kd3b98kRHxiHQ5HTw2BgFyHww
3042
+
csff8bv8AjCp9EImWQ2TBYKhc+005ThdzVCQ/pT8E7y9/KiiiKdzxLKo0V2IxAKi
3043
+
evEEyf6MdMnvHWRBn6welmdkrKsoQced98CYG24HwmR9WoNmVig2nOf7HHcOKKDE
3044
+
92t5OQQghMdXk7wboOq860LlqBH+/KxlzP34KIj0pZrlc1HgqJsNA3dO5eCYs4ja
3045
+
febGnnwUZsEuU0qSBzegfuk9CeQVfM/9uEGl755mncReBx2H+EGt6ucv0kFjGDf5
3046
+
FONN0OX3Q/0V4/k2cwYm3wFPqcNO3iBGd5i0eiQrO3UrTliNm12kxxagvDKIP6GD
3047
+
8wDI+NhY6WNdTCu18HJB2Kt3N9ZydK62NpzIpoNJS+DJVgspvgAwy93WyEKKANns
3048
+
FdE0cfJbZIf2J9K364awkL8p2yGeNozjIC+VI1FsG8Kk1ebYAkNnoP6bUANEf7vk
3049
+
ctXR5NqPkhRk+10UEBJKlQbJZQgpyiGjJjgRySffcGcE/cpIMn9jskV0MVBPh9kg
3050
+
cNIhcLHWEJ0zXXiDkW1Vguza5GJjx4FG1xllcipDGZC41yNNTBzgRKlmZ6zucXkn
3051
+
Jnhtcg71XUsjtXx8ZekXxjoLDd1eHlHDhrjsf8cnSqVG6GotGcGHo8uZk4dkolUU
3052
+
TLdDpZPX59JOeUDKZZlGPT96gHqIaswe5WszRvRQwNUfCbjNii6hJ+tdc6foawrl
3053
+
V4IqsPziVFJW8KupEsYjlgcknOC8RqW0IATaCZNj5dQuwn7FMe21FXSGF7mz8yaK
3054
+
HQJq2ho/6LrxBG2UUVTiWrRZgx1g0C1zzAe1Joz518aIke+Az10PoWDLRdRCItGx
3055
+
cB390LcwkDrGSG1n5TLaj9vjqOMdICWiHOFMuaT2xj9cWA27xrJ3ARaRnxcGDbdA
3056
+
PsyPjpxL4J1+mx4Fq4gi+tMoG1cUZEo+JCw4TSFpAHMu0FUtdPIV6JRDPkAqxsa5
3057
+
alveoswYUFRdTiqFbPaSiykZfufqSuAiKyW892bPd5pBdPI8FA10afVQg83NLyHb
3058
+
IkaK0PdRGpVX8gWLGhntO0XoNsJufvtXIgAfBlOprpPGj3EqMUWS545t5pkiwIP8
3059
+
79xXZndPojYx+6ETjeXKo5V9AQxkcDtTQmiAx7udqAA1aZgMqGfYQ+Wqz5XgUZWk
3060
+
Fz9CnbgEztN5ecjTihYykuDXou7XN0wvrLh7vkX28RgznHs3piTZvECrAOnDN4ur
3061
+
2LbzXoFOsBRrBz4f7ML2RCKVu7Pmb9b5cGW6CoNlqg4TL4MTI1OLQBb6zi/8TQT4
3062
+
69isxTbCFVdIOOxVs7Qeuq3SQgYXDXPIV6a+lk2p8sD7eiEc9clwqYKQtfEM1HkQ
3063
+
voGm6VxhnHd5mqTDNyZXN8lSLPoI/9BfxmHA9Ha+/N5Oz6tRmXHH33701s8GVhkT
3064
+
UwttdFlIGZtTBS2dMlTT5SxTi2Q+1GR744AJFMz+FkZja3Fp+PnLJ/aIVLxFs84C
3065
+
yJTuQFv5QgLC/7DYLOsof17JJgGZpw==
3066
+
-----END CERTIFICATE-----
3067
+
Certificate Ingredients:
3068
+
Data:
3069
+
Version: 1 (0x0)
3070
+
Serial Number: 0 (0x0)
3071
+
Signature Algorithm: sha1WithRSAEncryption
3072
+
Issuer: O=Thawte, OU=Thawte Universal CA Root, CN=Thawte Universal CA Root
3073
+
Validity
3074
+
Not Before: Dec 5 13:56:05 1999 GMT
3075
+
Not After : Apr 3 13:56:05 2037 GMT
3076
+
Subject: O=Thawte, OU=Thawte Universal CA Root, CN=Thawte Universal CA Root
3077
+
Subject Public Key Info:
3078
+
Public Key Algorithm: rsaEncryption
3079
+
RSA Public Key: (16384 bit)
3080
+
Modulus (16384 bit):
3081
+
00:e2:89:05:6d:c3:7f:ad:a6:89:3a:ff:bb:c7:cd:
3082
+
9d:37:b1:e1:d2:21:1e:9b:61:2a:15:e7:7b:57:4f:
3083
+
55:3c:d0:bb:f9:d9:3d:3e:a6:bc:ec:b4:ad:53:9a:
3084
+
16:02:eb:0b:72:fd:8a:f2:8f:44:05:c5:eb:d3:e5:
3085
+
bd:b6:44:39:e6:fb:47:bf:6a:9e:0a:95:18:e2:68:
3086
+
e2:d6:96:d6:21:ad:88:fd:f5:17:f5:d3:da:42:a5:
3087
+
90:ed:29:95:96:75:3a:da:87:a1:d4:f5:d3:87:de:
3088
+
05:62:a6:e3:66:74:92:cf:a5:bc:bb:df:68:ff:71:
3089
+
75:56:41:59:35:eb:33:5a:66:51:f2:d2:a3:0a:c1:
3090
+
8c:ce:73:5c:11:6f:2d:8c:95:8c:91:b1:fd:cf:e5:
3091
+
ad:56:95:cc:85:92:83:90:55:41:c9:c2:77:ed:f9:
3092
+
a3:74:42:0a:68:08:f3:d0:d1:65:fd:67:2c:34:ff:
3093
+
24:7f:e7:79:c8:07:3b:25:57:dd:a4:0c:98:3d:be:
3094
+
e0:cc:19:65:db:f2:54:a2:af:42:d4:9d:e2:ae:84:
3095
+
23:25:09:33:12:b5:6a:1e:76:c4:8b:d9:49:00:6c:
3096
+
5e:ba:1f:f2:1b:da:67:ca:27:aa:a3:44:23:1b:83:
3097
+
82:ce:f2:ab:33:ed:54:a4:dc:c9:ab:59:65:d1:38:
3098
+
0e:c1:3e:1b:67:8f:d6:75:01:e0:55:22:dd:76:77:
3099
+
ec:8e:dd:f4:cf:79:22:6d:b9:57:03:f5:99:08:a7:
3100
+
3c:3e:34:fb:c4:17:ae:23:58:cd:24:f3:23:ca:6a:
3101
+
02:28:94:01:81:34:b4:6c:6b:ae:8b:1a:c3:a3:d2:
3102
+
09:3c:16:54:f5:36:5f:24:e3:9f:4a:a1:e2:64:c6:
3103
+
16:c3:a6:81:7a:24:36:47:8e:c1:5e:0e:fb:f9:15:
3104
+
78:04:d6:0e:59:d9:9d:58:66:62:d2:94:29:32:32:
3105
+
c8:78:b9:66:f6:b5:56:e1:6c:c6:14:4b:96:52:59:
3106
+
91:02:24:6a:55:47:d7:3f:b6:23:1a:60:77:97:2e:
3107
+
e2:40:af:9e:04:57:9e:ad:11:c5:c9:43:70:ef:48:
3108
+
b4:5e:ac:1c:69:2e:2e:82:d5:5b:8b:be:82:be:19:
3109
+
14:5e:e7:0d:22:c7:51:1b:ff:1e:9b:f1:30:8f:71:
3110
+
31:06:b3:34:27:8f:5f:7a:66:82:4f:8a:2d:13:ab:
3111
+
42:cf:21:56:9e:97:8e:66:36:0f:96:9b:e5:2b:f4:
3112
+
02:a9:2a:6a:8c:2c:c4:c3:b8:70:2c:2d:29:1e:3f:
3113
+
50:77:1e:6d:2a:54:e4:55:0a:91:38:a1:c5:b5:66:
3114
+
a2:76:5a:ee:0f:bf:b4:67:e1:28:6e:0f:e1:36:a1:
3115
+
82:d1:bf:d4:77:e1:c4:67:32:93:78:c8:e7:54:53:
3116
+
fe:23:79:e6:68:cc:26:90:f6:10:63:5d:2a:6f:91:
3117
+
2d:a4:73:32:51:21:f2:bb:15:df:aa:24:08:48:06:
3118
+
de:a1:9e:26:bf:ba:83:bf:7c:a4:c8:a0:8c:bd:d2:
3119
+
ff:bc:84:69:27:13:24:18:c4:45:18:23:26:5e:18:
3120
+
14:ca:2e:88:87:62:a3:53:e6:21:b7:b8:85:7b:9a:
3121
+
85:bb:15:26:72:f8:b9:f7:6a:74:0f:49:3f:92:be:
3122
+
a9:05:b7:99:27:bf:bf:09:17:4b:99:4c:ad:11:10:
3123
+
7c:df:74:31:f6:8f:26:5f:aa:88:ae:38:57:c8:55:
3124
+
2d:d3:fb:d8:1b:51:99:be:25:1b:3a:ba:c0:7d:1b:
3125
+
ed:ce:d2:49:b9:cf:f3:c5:7d:89:90:81:d8:69:48:
3126
+
20:10:a3:f8:ef:92:51:18:32:8b:11:18:c0:3f:1b:
3127
+
85:56:ce:57:c9:f2:82:64:c6:df:02:09:2e:4a:11:
3128
+
2f:b1:27:6d:37:52:f0:f0:16:61:f1:67:8d:df:87:
3129
+
72:af:87:da:cf:fb:50:94:6e:d4:94:85:eb:8a:2c:
3130
+
ea:21:f5:96:4a:44:d5:e0:ce:6a:74:44:4d:d0:05:
3131
+
d3:87:15:ed:36:d0:a4:8b:66:55:70:93:ee:47:06:
3132
+
c1:7e:2e:a5:18:79:67:f3:28:85:f1:70:f7:0e:83:
3133
+
a4:7e:54:9e:5a:76:32:cb:65:1b:b8:cd:fb:c8:28:
3134
+
03:d2:54:91:d1:a7:c5:85:43:08:17:76:a5:e6:2f:
3135
+
67:08:d8:a1:a2:82:2d:0c:f8:c1:af:63:d4:50:77:
3136
+
6d:6b:46:4a:41:85:d5:90:5f:79:2d:c4:ec:d7:11:
3137
+
87:40:8a:e1:68:e2:64:f8:55:32:fb:6f:93:2c:da:
3138
+
77:d9:21:c1:17:e5:36:2c:4e:7e:90:7f:ac:94:2b:
3139
+
32:67:be:38:50:76:b8:ae:41:b9:d7:21:c5:09:4c:
3140
+
60:c8:a3:51:c4:34:9b:57:37:df:cb:c9:33:57:8b:
3141
+
eb:fb:76:9f:19:4d:c5:6a:1f:2a:45:ae:2b:ed:2f:
3142
+
8d:a7:a5:00:cb:04:fa:25:62:2e:74:48:1b:ca:2a:
3143
+
8c:ba:db:b6:7e:f6:bb:02:7c:a9:c3:db:58:78:a1:
3144
+
bf:f0:fe:1a:10:55:11:ce:e8:69:4e:96:65:c6:17:
3145
+
03:d6:07:68:8c:54:82:ae:1c:22:55:3f:f1:f4:09:
3146
+
97:28:c0:46:f7:4e:0b:25:1d:f7:07:d7:09:1d:3a:
3147
+
18:57:38:3b:e8:33:06:e7:8f:78:46:1e:5b:f5:06:
3148
+
b6:ec:b8:a6:0d:f1:ba:13:4b:d6:18:20:dd:69:33:
3149
+
4a:33:15:ae:b8:c8:98:8a:27:2c:93:bc:2d:fb:ee:
3150
+
33:bf:66:e6:4d:ba:b6:9b:06:55:60:97:4b:bc:44:
3151
+
cd:7e:f4:a1:d8:aa:2f:c0:02:28:21:16:62:78:db:
3152
+
08:54:f2:fc:f4:34:e3:c6:8f:1c:43:57:ce:90:1a:
3153
+
4b:dc:2e:3b:28:91:89:3f:7a:da:35:1d:8e:2c:ee:
3154
+
49:ec:f4:33:ad:c9:53:a8:8c:9f:04:53:3e:24:1c:
3155
+
52:c9:12:f9:62:57:a3:bc:ee:2c:eb:40:7c:20:23:
3156
+
70:2b:95:f9:73:17:8a:d1:c1:1c:69:a6:b7:38:9a:
3157
+
67:f7:70:1d:7a:5a:0c:40:cf:62:0f:85:3c:c2:02:
3158
+
4e:7e:b5:f6:c5:2a:29:84:b3:1f:37:2a:e1:aa:72:
3159
+
42:c4:ed:6b:1a:8f:92:1c:5d:be:d1:f2:5b:f2:ab:
3160
+
aa:a9:d2:f5:b8:a4:41:2b:2b:91:6e:12:48:ca:98:
3161
+
d8:37:8d:c8:ed:00:30:b5:b6:04:4e:7e:9c:da:84:
3162
+
ec:c0:fa:7b:e5:1d:88:a4:53:46:b0:94:e4:5c:1b:
3163
+
a1:25:2c:0f:48:52:77:97:09:6c:ec:5b:18:33:83:
3164
+
02:e5:82:7e:cd:85:21:30:11:fd:27:4f:cf:e4:1e:
3165
+
ec:3f:a5:57:6c:e9:2a:30:19:2a:88:e5:c3:69:38:
3166
+
ab:6f:39:71:7f:84:e1:41:c3:e1:cc:2a:89:20:52:
3167
+
2e:83:0f:6c:39:3f:4b:2d:16:ac:2d:f0:24:ac:00:
3168
+
73:f4:9b:b3:06:3f:05:b8:14:85:1f:ab:9e:5c:3c:
3169
+
9e:62:9d:0e:6d:3b:80:09:fc:02:ea:a2:97:74:ca:
3170
+
c7:f9:e3:56:e1:c3:ca:a5:a6:9a:c0:90:e0:24:12:
3171
+
53:d2:c2:8b:da:be:ed:02:43:5e:67:e1:89:98:79:
3172
+
ee:cb:aa:ca:c3:1b:dc:e7:a5:46:a5:7c:6b:16:87:
3173
+
b6:5a:28:d7:db:27:3c:5e:a5:bd:b6:51:dd:1f:43:
3174
+
cf:3b:26:c8:3a:8d:25:61:c1:49:f4:3c:1b:c9:44:
3175
+
ea:af:1c:c2:2b:94:01:2a:0e:30:d1:5b:8b:2b:47:
3176
+
e5:c3:d1:04:03:9b:0e:39:2c:d6:27:d4:e6:70:5a:
3177
+
d9:75:cf:2a:d8:c9:00:05:e4:13:88:ec:c3:39:fb:
3178
+
87:61:30:36:43:03:c8:9e:9c:a2:06:c2:2f:c5:fc:
3179
+
f0:80:63:b1:54:04:a0:4c:a9:2e:c6:f5:76:7a:d8:
3180
+
d0:e4:d4:94:11:e5:15:b5:78:06:dc:b8:80:8f:99:
3181
+
a9:20:33:3d:10:85:4c:65:09:ca:3e:58:5e:60:93:
3182
+
9a:aa:62:5d:c0:51:06:1c:5d:60:a0:0d:9c:4b:43:
3183
+
f6:a7:16:21:a4:87:aa:f2:c1:2e:ee:92:30:b8:9e:
3184
+
df:df:10:01:8b:86:09:70:d8:6c:a8:b7:50:1e:16:
3185
+
96:b4:f7:67:fd:35:3a:21:90:2a:32:c7:00:7b:4d:
3186
+
07:10:09:b9:2f:73:d8:18:7e:67:99:04:4f:06:fc:
3187
+
50:c7:85:9b:9d:40:9d:b3:96:37:fa:a5:dc:b2:72:
3188
+
4e:ef:4e:09:2c:fd:91:fd:4d:f7:bb:a6:a1:3e:ab:
3189
+
7b:a2:03:40:a6:a9:55:27:e2:fa:f9:19:ce:87:75:
3190
+
aa:f1:75:36:f3:f3:b8:91:f8:91:c3:8b:75:13:8e:
3191
+
4c:65:9a:16:39:6a:e5:34:e8:7a:96:59:7f:35:b0:
3192
+
00:fd:5b:69:fc:43:26:fa:f5:28:6e:fe:87:d9:7e:
3193
+
24:fb:b4:a0:82:6e:54:a2:ff:ae:bf:62:b4:f4:72:
3194
+
01:c2:cb:98:47:98:e1:4c:b5:17:80:80:ce:8f:a6:
3195
+
28:ee:1e:45:6a:fb:df:f1:1d:fc:5a:3b:d6:ea:f4:
3196
+
6c:1d:62:49:57:3b:8a:8f:86:ea:f0:53:04:ce:9c:
3197
+
16:68:ff:ba:b9:fc:88:0f:47:f7:02:44:72:40:b8:
3198
+
ca:3b:2d:53:9d:dc:3c:56:8c:59:7b:68:1a:2c:8d:
3199
+
71:bb:6c:00:c7:1a:ce:6f:40:92:b1:a3:2f:0f:d9:
3200
+
44:f2:a3:70:2e:9e:ee:0e:ae:32:d0:3b:3e:8b:07:
3201
+
ea:e6:79:b3:5c:29:e2:7d:6b:a8:5e:f9:5a:31:e8:
3202
+
08:96:a2:8c:03:98:46:f1:b8:7d:90:54:26:ed:76:
3203
+
62:fe:9e:e9:9a:6e:5e:c9:49:c7:5c:34:53:29:54:
3204
+
d9:ec:e4:46:e1:80:3b:75:d9:df:fb:79:d5:87:f1:
3205
+
ba:9e:eb:19:ce:4c:52:73:e6:5b:87:ae:25:4f:39:
3206
+
79:cc:c6:b8:f9:10:7b:ec:f0:9b:71:a4:05:a0:d3:
3207
+
29:d3:4e:7f:1f:f4:2d:28:78:cc:55:95:7b:1e:91:
3208
+
2f:cc:56:18:73:8b:b2:db:bc:69:07:e6:d0:d8:4f:
3209
+
ed:a2:ff:58:85:a3:6d:e0:4a:53:b7:67:7d:8d:0c:
3210
+
5c:5b:7b:77:28:02:35:44:7a:04:d3:28:43:c8:6b:
3211
+
30:17:5d:32:b8:29:35:ba:76:da:3b:14:4a:76:18:
3212
+
58:a4:f8:92:3c:9e:4d:33:6f:46:6b:08:d9:31:48:
3213
+
68:dd:f4:fb:24:56:34:b2:cf:69:66:be:48:d2:8a:
3214
+
66:22:cd:f2:69:cd:c2:53:13:45:29:41:22:d6:5d:
3215
+
98:1f:b6:a4:b2:a3:c2:ee:02:2f:51:1b:dc:83:a4:
3216
+
ec:70:25:a8:d4:08:61:32:6f:e4:a1:81:2e:7c:63:
3217
+
72:fa:29:65:bc:70:44:cf:5d
3218
+
Exponent: 65537 (0x10001)
3219
+
Signature Algorithm: sha1WithRSAEncryption
3220
+
55:9a:34:6a:22:06:69:09:45:33:c7:ae:a9:5c:c7:09:4e:9b:
3221
+
86:bc:41:90:d4:94:52:f6:cd:23:29:94:4b:22:cd:e8:bd:fe:
3222
+
9d:cd:52:f2:bd:ed:ab:87:c9:ab:ab:46:04:b4:bd:a2:3f:22:
3223
+
30:47:50:c0:4b:8c:76:0f:03:f5:92:d2:b1:2d:c4:7a:35:9c:
3224
+
c9:73:87:eb:a6:9f:de:0f:73:8d:d3:7f:99:d8:ba:8f:6f:c4:
3225
+
f3:be:1a:ae:8b:a2:94:36:90:e2:e5:eb:8d:05:f4:fc:65:df:
3226
+
95:f1:c4:94:4d:17:56:d7:9f:3c:8f:50:3c:e7:77:bf:95:86:
3227
+
26:64:fb:6a:ff:c6:da:e9:8c:ae:42:bb:69:e5:33:c6:d8:e9:
3228
+
0d:c6:55:21:49:c1:0c:b4:a3:f9:9b:4b:5c:de:83:4f:41:03:
3229
+
ce:2a:79:68:38:7d:f0:54:49:20:f5:b6:10:ff:08:dc:33:66:
3230
+
96:9b:ff:06:de:00:9e:d7:ce:56:43:9a:51:fc:70:cd:f6:f0:
3231
+
51:a3:b7:cd:b4:5c:85:62:cd:71:b7:c6:2b:23:2b:dd:c3:6e:
3232
+
40:42:fa:37:ff:37:1c:f6:7a:57:94:87:85:23:d7:d4:c9:c7:
3233
+
5f:c1:4d:2f:c9:0d:d7:5c:ec:9c:25:ee:9e:30:82:91:96:72:
3234
+
b8:75:1d:f8:09:68:57:97:b2:2d:4b:ee:25:ec:7a:24:29:ee:
3235
+
72:d4:9c:13:db:ab:dc:03:0a:d8:4a:14:c9:08:57:44:5d:a1:
3236
+
b5:53:80:34:f2:14:97:cf:52:de:a2:0e:8a:10:e9:14:ef:d0:
3237
+
60:be:61:a1:f1:25:5d:d5:18:73:3f:93:10:ca:96:ee:b3:40:
3238
+
d2:db:a3:55:cf:57:5a:a5:0e:4f:75:47:df:ea:f7:90:9a:6d:
3239
+
f5:70:2e:1d:14:1c:37:64:04:59:50:b0:dc:72:86:6f:9c:37:
3240
+
3d:5d:28:af:73:55:ef:d2:ee:24:74:74:13:ef:dc:db:31:49:
3241
+
fb:3f:63:f5:d3:08:3e:33:a5:e7:9d:0a:de:53:2c:51:8e:67:
3242
+
db:9b:41:65:41:50:bd:d4:a4:96:6c:87:bc:12:e0:94:c7:d3:
3243
+
c0:e4:cb:73:58:00:83:e1:ac:27:85:d6:9d:53:9d:5c:bd:0a:
3244
+
3e:03:43:9c:0c:91:f5:6d:7b:f8:40:72:75:ab:11:76:91:2b:
3245
+
e1:c6:aa:1f:70:69:76:70:15:09:fe:93:d0:d6:2d:b7:15:6a:
3246
+
9b:67:5c:b4:69:9f:25:a6:7d:8a:fb:7d:22:a9:71:f2:ce:4e:
3247
+
8c:b8:21:2d:de:fe:41:71:0d:ff:9d:ec:73:a6:bb:07:4f:88:
3248
+
0e:58:47:2e:7e:a9:c2:c7:78:dd:ba:7a:9e:4e:e0:30:4e:63:
3249
+
6f:85:d4:20:41:e9:fa:fe:43:45:e7:fb:af:7a:b2:ce:a4:05:
3250
+
1d:22:9a:58:86:df:e4:ce:4c:a9:fe:d8:16:a5:6f:fb:d8:ce:
3251
+
56:7b:f5:d6:20:ef:e4:47:cd:63:24:ff:b9:be:f1:48:a3:c1:
3252
+
01:72:e6:bd:c0:ad:ed:26:0d:ca:34:9f:fc:02:2d:20:4f:05:
3253
+
20:ae:21:3d:0c:c2:20:3c:3f:f0:04:84:dc:cf:89:fd:b9:25:
3254
+
91:8e:d0:43:e6:b3:20:ab:5c:2d:d5:40:9e:a0:4b:d8:f4:b2:
3255
+
cc:7d:f1:58:0a:8e:87:ed:88:ac:36:96:e4:56:a0:11:8a:f2:
3256
+
9a:d0:b3:57:a3:34:bb:19:ab:38:e1:74:6b:22:c4:31:ce:01:
3257
+
d5:1b:36:e3:1e:38:4c:33:93:df:40:e3:59:57:4e:ac:6e:7b:
3258
+
1e:5a:3d:c5:1d:5b:ac:c8:10:82:35:02:22:b2:fc:75:e8:10:
3259
+
91:8d:c4:7d:78:93:47:9e:1c:9d:ac:6b:62:02:58:8c:d6:1c:
3260
+
23:d6:af:78:c2:80:9c:a4:aa:24:54:14:b5:14:98:c6:f8:2b:
3261
+
1a:24:cb:71:32:0a:e2:9b:0e:69:6b:dd:7e:8c:64:d1:2e:63:
3262
+
ef:0e:7f:b1:3e:88:4c:9d:55:e5:c9:6e:17:04:b7:41:ff:bd:
3263
+
8a:41:cb:25:31:6f:44:77:3f:47:b1:fc:81:88:07:8e:05:49:
3264
+
20:b7:11:d9:69:03:2a:03:9d:b9:33:84:9a:df:df:7a:e3:46:
3265
+
73:a3:d8:a2:8c:53:19:88:55:4c:74:b8:f6:44:84:2b:d1:14:
3266
+
2d:4e:39:2e:92:68:ff:69:fc:85:62:1b:eb:55:4f:ef:25:84:
3267
+
62:45:99:d6:d8:4e:6f:3f:53:08:7d:1d:06:95:81:80:7f:4f:
3268
+
4e:74:36:98:b5:e2:87:70:98:dc:d7:f5:dc:52:15:e6:c6:d6:
3269
+
79:96:39:7f:8f:95:cf:ab:80:53:ad:1b:0b:45:40:0e:d4:18:
3270
+
bd:2c:de:8a:77:76:fd:f2:44:47:c6:21:d0:e4:74:f0:d8:18:
3271
+
05:c8:7c:30:72:c7:df:f1:bb:fc:02:30:a9:f4:42:26:59:0d:
3272
+
93:05:82:a1:73:ed:34:e5:38:5d:cd:50:90:fe:94:fc:13:bc:
3273
+
bd:fc:a8:a2:88:a7:73:c4:b2:a8:d1:5d:88:c4:02:a2:7a:f1:
3274
+
04:c9:fe:8c:74:c9:ef:1d:64:41:9f:ac:1e:96:67:64:ac:ab:
3275
+
28:41:c7:9d:f7:c0:98:1b:6e:07:c2:64:7d:5a:83:66:56:28:
3276
+
36:9c:e7:fb:1c:77:0e:28:a0:c4:f7:6b:79:39:04:20:84:c7:
3277
+
57:93:bc:1b:a0:ea:bc:eb:42:e5:a8:11:fe:fc:ac:65:cc:fd:
3278
+
f8:28:88:f4:a5:9a:e5:73:51:e0:a8:9b:0d:03:77:4e:e5:e0:
3279
+
98:b3:88:da:7d:e6:c6:9e:7c:14:66:c1:2e:53:4a:92:07:37:
3280
+
a0:7e:e9:3d:09:e4:15:7c:cf:fd:b8:41:a5:ef:9e:66:9d:c4:
3281
+
5e:07:1d:87:f8:41:ad:ea:e7:2f:d2:41:63:18:37:f9:14:e3:
3282
+
4d:d0:e5:f7:43:fd:15:e3:f9:36:73:06:26:df:01:4f:a9:c3:
3283
+
4e:de:20:46:77:98:b4:7a:24:2b:3b:75:2b:4e:58:8d:9b:5d:
3284
+
a4:c7:16:a0:bc:32:88:3f:a1:83:f3:00:c8:f8:d8:58:e9:63:
3285
+
5d:4c:2b:b5:f0:72:41:d8:ab:77:37:d6:72:74:ae:b6:36:9c:
3286
+
c8:a6:83:49:4b:e0:c9:56:0b:29:be:00:30:cb:dd:d6:c8:42:
3287
+
8a:00:d9:ec:15:d1:34:71:f2:5b:64:87:f6:27:d2:b7:eb:86:
3288
+
b0:90:bf:29:db:21:9e:36:8c:e3:20:2f:95:23:51:6c:1b:c2:
3289
+
a4:d5:e6:d8:02:43:67:a0:fe:9b:50:03:44:7f:bb:e4:72:d5:
3290
+
d1:e4:da:8f:92:14:64:fb:5d:14:10:12:4a:95:06:c9:65:08:
3291
+
29:ca:21:a3:26:38:11:c9:27:df:70:67:04:fd:ca:48:32:7f:
3292
+
63:b2:45:74:31:50:4f:87:d9:20:70:d2:21:70:b1:d6:10:9d:
3293
+
33:5d:78:83:91:6d:55:82:ec:da:e4:62:63:c7:81:46:d7:19:
3294
+
65:72:2a:43:19:90:b8:d7:23:4d:4c:1c:e0:44:a9:66:67:ac:
3295
+
ee:71:79:27:26:78:6d:72:0e:f5:5d:4b:23:b5:7c:7c:65:e9:
3296
+
17:c6:3a:0b:0d:dd:5e:1e:51:c3:86:b8:ec:7f:c7:27:4a:a5:
3297
+
46:e8:6a:2d:19:c1:87:a3:cb:99:93:87:64:a2:55:14:4c:b7:
3298
+
43:a5:93:d7:e7:d2:4e:79:40:ca:65:99:46:3d:3f:7a:80:7a:
3299
+
88:6a:cc:1e:e5:6b:33:46:f4:50:c0:d5:1f:09:b8:cd:8a:2e:
3300
+
a1:27:eb:5d:73:a7:e8:6b:0a:e5:57:82:2a:b0:fc:e2:54:52:
3301
+
56:f0:ab:a9:12:c6:23:96:07:24:9c:e0:bc:46:a5:b4:20:04:
3302
+
da:09:93:63:e5:d4:2e:c2:7e:c5:31:ed:b5:15:74:86:17:b9:
3303
+
b3:f3:26:8a:1d:02:6a:da:1a:3f:e8:ba:f1:04:6d:94:51:54:
3304
+
e2:5a:b4:59:83:1d:60:d0:2d:73:cc:07:b5:26:8c:f9:d7:c6:
3305
+
88:91:ef:80:cf:5d:0f:a1:60:cb:45:d4:42:22:d1:b1:70:1d:
3306
+
fd:d0:b7:30:90:3a:c6:48:6d:67:e5:32:da:8f:db:e3:a8:e3:
3307
+
1d:20:25:a2:1c:e1:4c:b9:a4:f6:c6:3f:5c:58:0d:bb:c6:b2:
3308
+
77:01:16:91:9f:17:06:0d:b7:40:3e:cc:8f:8e:9c:4b:e0:9d:
3309
+
7e:9b:1e:05:ab:88:22:fa:d3:28:1b:57:14:64:4a:3e:24:2c:
3310
+
38:4d:21:69:00:73:2e:d0:55:2d:74:f2:15:e8:94:43:3e:40:
3311
+
2a:c6:c6:b9:6a:5b:de:a2:cc:18:50:54:5d:4e:2a:85:6c:f6:
3312
+
92:8b:29:19:7e:e7:ea:4a:e0:22:2b:25:bc:f7:66:cf:77:9a:
3313
+
41:74:f2:3c:14:0d:74:69:f5:50:83:cd:cd:2f:21:db:22:46:
3314
+
8a:d0:f7:51:1a:95:57:f2:05:8b:1a:19:ed:3b:45:e8:36:c2:
3315
+
6e:7e:fb:57:22:00:1f:06:53:a9:ae:93:c6:8f:71:2a:31:45:
3316
+
92:e7:8e:6d:e6:99:22:c0:83:fc:ef:dc:57:66:77:4f:a2:36:
3317
+
31:fb:a1:13:8d:e5:ca:a3:95:7d:01:0c:64:70:3b:53:42:68:
3318
+
80:c7:bb:9d:a8:00:35:69:98:0c:a8:67:d8:43:e5:aa:cf:95:
3319
+
e0:51:95:a4:17:3f:42:9d:b8:04:ce:d3:79:79:c8:d3:8a:16:
3320
+
32:92:e0:d7:a2:ee:d7:37:4c:2f:ac:b8:7b:be:45:f6:f1:18:
3321
+
33:9c:7b:37:a6:24:d9:bc:40:ab:00:e9:c3:37:8b:ab:d8:b6:
3322
+
f3:5e:81:4e:b0:14:6b:07:3e:1f:ec:c2:f6:44:22:95:bb:b3:
3323
+
e6:6f:d6:f9:70:65:ba:0a:83:65:aa:0e:13:2f:83:13:23:53:
3324
+
8b:40:16:fa:ce:2f:fc:4d:04:f8:eb:d8:ac:c5:36:c2:15:57:
3325
+
48:38:ec:55:b3:b4:1e:ba:ad:d2:42:06:17:0d:73:c8:57:a6:
3326
+
be:96:4d:a9:f2:c0:fb:7a:21:1c:f5:c9:70:a9:82:90:b5:f1:
3327
+
0c:d4:79:10:be:81:a6:e9:5c:61:9c:77:79:9a:a4:c3:37:26:
3328
+
57:37:c9:52:2c:fa:08:ff:d0:5f:c6:61:c0:f4:76:be:fc:de:
3329
+
4e:cf:ab:51:99:71:c7:df:7e:f4:d6:cf:06:56:19:13:53:0b:
3330
+
6d:74:59:48:19:9b:53:05:2d:9d:32:54:d3:e5:2c:53:8b:64:
3331
+
3e:d4:64:7b:e3:80:09:14:cc:fe:16:46:63:6b:71:69:f8:f9:
3332
+
cb:27:f6:88:54:bc:45:b3:ce:02:c8:94:ee:40:5b:f9:42:02:
3333
+
c2:ff:b0:d8:2c:eb:28:7f:5e:c9:26:01:99:a7
3334
+
3335
+
UPS Document Exchange by DST
3336
+
============================
3337
+
MD5 Fingerprint: 78:A5:FB:10:4B:E4:63:2E:D2:6B:FB:F2:B6:C2:4B:8E
3338
+
PEM Data:
3339
+
-----BEGIN CERTIFICATE-----
3340
+
MIID+DCCAuACEQDQHkCLAAACfAAAAAcAAAABMA0GCSqGSIb3DQEBBQUAMIG5MQsw
3341
+
CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
3342
+
dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEeMBwGA1UE
3343
+
CxMVVW5pdGVkIFBhcmNlbCBTZXJ2aWNlMRkwFwYDVQQDExBEU1QgKFVQUykgUm9v
3344
+
dENBMSEwHwYJKoZIhvcNAQkBFhJjYUBkaWdzaWd0cnVzdC5jb20wHhcNOTgxMjEw
3345
+
MDAyNTQ2WhcNMDgxMjA3MDAyNTQ2WjCBuTELMAkGA1UEBhMCdXMxDTALBgNVBAgT
3346
+
BFV0YWgxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MSQwIgYDVQQKExtEaWdpdGFs
3347
+
IFNpZ25hdHVyZSBUcnVzdCBDby4xHjAcBgNVBAsTFVVuaXRlZCBQYXJjZWwgU2Vy
3348
+
dmljZTEZMBcGA1UEAxMQRFNUIChVUFMpIFJvb3RDQTEhMB8GCSqGSIb3DQEJARYS
3349
+
Y2FAZGlnc2lndHJ1c3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
3350
+
AQEA7xfsrynm2SsnwNt7JJ9m9ASjwq0KyrDNhCuqN/OAoWDvQo/lXXdfV0JU3Svb
3351
+
YbJxXpN7b1/rJCvnpPLr8XOzC431Wdcy36yQjk4xuiVNtgym8eWvDOHlb1IDFcHf
3352
+
vn5KpqYYRnA/76dNqNz1dNlhekA8oZQo6sKUiMs3FQUZPJViuhwt+yiM0ciekjxb
3353
+
EVQ7eNlHO5stSuY+e2vf9PYFzyj2upg2AJ48N4UKnN63pIXFY/23YhRtFx7MioCF
3354
+
QjIRsCHinXfJgBZBnuvlFIl/t8O8T8Gfh5uW7GP2+ZBWDpWjIwqMZNqbuxx3sExd
3355
+
5sjo9X15LVckP8zjPSyYzxKfFwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQC7OI4E
3356
+
IiZYDiFEVsy9WXwpaMtcD8iGVD+BeKetj8xG9xxUuHktW3IFaugh0OwdHf6kNFG+
3357
+
7u3OzJwWaOJddXMIQzGRahArEMJLafjJrZio/bjv9qvwXyHvy4VrCe0vSGa1YHLA
3358
+
6KDHmNsO9xtzjTQICnvFd2KqMCObsB6LgJhU3AWHs6liWfyLtxWarETszzUa9w8u
3359
+
XZJLAch77qA37eQdgg2ZQUMXrdTVyuP5fReiAdAwD0C53LkEgmmDtvkP+gaS96j0
3360
+
1hcc8F5/xCnI5uHi/zZoIVGu/6m6hJKtinsz2JDSwXltMzM5dKwbOHGfLAeQ6h3g
3361
+
04lfy+8UjSdUpb1G
3362
+
-----END CERTIFICATE-----
3363
+
Certificate Ingredients:
3364
+
Data:
3365
+
Version: 1 (0x0)
3366
+
Serial Number:
3367
+
d0:1e:40:8b:00:00:02:7c:00:00:00:07:00:00:00:01
3368
+
Signature Algorithm: sha1WithRSAEncryption
3369
+
Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=United Parcel Service, CN=DST (UPS) RootCA/Email=ca@digsigtrust.com
3370
+
Validity
3371
+
Not Before: Dec 10 00:25:46 1998 GMT
3372
+
Not After : Dec 7 00:25:46 2008 GMT
3373
+
Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=United Parcel Service, CN=DST (UPS) RootCA/Email=ca@digsigtrust.com
3374
+
Subject Public Key Info:
3375
+
Public Key Algorithm: rsaEncryption
3376
+
RSA Public Key: (2048 bit)
3377
+
Modulus (2048 bit):
3378
+
00:ef:17:ec:af:29:e6:d9:2b:27:c0:db:7b:24:9f:
3379
+
66:f4:04:a3:c2:ad:0a:ca:b0:cd:84:2b:aa:37:f3:
3380
+
80:a1:60:ef:42:8f:e5:5d:77:5f:57:42:54:dd:2b:
3381
+
db:61:b2:71:5e:93:7b:6f:5f:eb:24:2b:e7:a4:f2:
3382
+
eb:f1:73:b3:0b:8d:f5:59:d7:32:df:ac:90:8e:4e:
3383
+
31:ba:25:4d:b6:0c:a6:f1:e5:af:0c:e1:e5:6f:52:
3384
+
03:15:c1:df:be:7e:4a:a6:a6:18:46:70:3f:ef:a7:
3385
+
4d:a8:dc:f5:74:d9:61:7a:40:3c:a1:94:28:ea:c2:
3386
+
94:88:cb:37:15:05:19:3c:95:62:ba:1c:2d:fb:28:
3387
+
8c:d1:c8:9e:92:3c:5b:11:54:3b:78:d9:47:3b:9b:
3388
+
2d:4a:e6:3e:7b:6b:df:f4:f6:05:cf:28:f6:ba:98:
3389
+
36:00:9e:3c:37:85:0a:9c:de:b7:a4:85:c5:63:fd:
3390
+
b7:62:14:6d:17:1e:cc:8a:80:85:42:32:11:b0:21:
3391
+
e2:9d:77:c9:80:16:41:9e:eb:e5:14:89:7f:b7:c3:
3392
+
bc:4f:c1:9f:87:9b:96:ec:63:f6:f9:90:56:0e:95:
3393
+
a3:23:0a:8c:64:da:9b:bb:1c:77:b0:4c:5d:e6:c8:
3394
+
e8:f5:7d:79:2d:57:24:3f:cc:e3:3d:2c:98:cf:12:
3395
+
9f:17
3396
+
Exponent: 65537 (0x10001)
3397
+
Signature Algorithm: sha1WithRSAEncryption
3398
+
bb:38:8e:04:22:26:58:0e:21:44:56:cc:bd:59:7c:29:68:cb:
3399
+
5c:0f:c8:86:54:3f:81:78:a7:ad:8f:cc:46:f7:1c:54:b8:79:
3400
+
2d:5b:72:05:6a:e8:21:d0:ec:1d:1d:fe:a4:34:51:be:ee:ed:
3401
+
ce:cc:9c:16:68:e2:5d:75:73:08:43:31:91:6a:10:2b:10:c2:
3402
+
4b:69:f8:c9:ad:98:a8:fd:b8:ef:f6:ab:f0:5f:21:ef:cb:85:
3403
+
6b:09:ed:2f:48:66:b5:60:72:c0:e8:a0:c7:98:db:0e:f7:1b:
3404
+
73:8d:34:08:0a:7b:c5:77:62:aa:30:23:9b:b0:1e:8b:80:98:
3405
+
54:dc:05:87:b3:a9:62:59:fc:8b:b7:15:9a:ac:44:ec:cf:35:
3406
+
1a:f7:0f:2e:5d:92:4b:01:c8:7b:ee:a0:37:ed:e4:1d:82:0d:
3407
+
99:41:43:17:ad:d4:d5:ca:e3:f9:7d:17:a2:01:d0:30:0f:40:
3408
+
b9:dc:b9:04:82:69:83:b6:f9:0f:fa:06:92:f7:a8:f4:d6:17:
3409
+
1c:f0:5e:7f:c4:29:c8:e6:e1:e2:ff:36:68:21:51:ae:ff:a9:
3410
+
ba:84:92:ad:8a:7b:33:d8:90:d2:c1:79:6d:33:33:39:74:ac:
3411
+
1b:38:71:9f:2c:07:90:ea:1d:e0:d3:89:5f:cb:ef:14:8d:27:
3412
+
54:a5:bd:46
3413
+
3414
+
ValiCert Class 1 VA
3415
+
===================
3416
+
MD5 Fingerprint: 65:58:AB:15:AD:57:6C:1E:A8:A7:B5:69:AC:BF:FF:EB
3417
+
PEM Data:
3418
+
-----BEGIN CERTIFICATE-----
3419
+
MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
3420
+
IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
3421
+
BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
3422
+
aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
3423
+
9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNTIyMjM0OFoXDTE5MDYy
3424
+
NTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
3425
+
azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
3426
+
YXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
3427
+
Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
3428
+
cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9Y
3429
+
LqdUHAZu9OqNSLwxlBfw8068srg1knaw0KWlAdcAAxIiGQj4/xEjm84H9b9pGib+
3430
+
TunRf50sQB1ZaG6m+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCmDuJWBQ8Y
3431
+
TfwggtFzVXSNdnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0
3432
+
LBwGlN+VYH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLW
3433
+
I8sogTLDAHkY7FkXicnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPw
3434
+
nXS3qT6gpf+2SQMT2iLM7XGCK5nPOrf1LXLI
3435
+
-----END CERTIFICATE-----
3436
+
Certificate Ingredients:
3437
+
Data:
3438
+
Version: 1 (0x0)
3439
+
Serial Number: 1 (0x1)
3440
+
Signature Algorithm: sha1WithRSAEncryption
3441
+
Issuer: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 1 Policy Validation Authority, CN=http://www.valicert.com//Email=info@valicert.com
3442
+
Validity
3443
+
Not Before: Jun 25 22:23:48 1999 GMT
3444
+
Not After : Jun 25 22:23:48 2019 GMT
3445
+
Subject: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 1 Policy Validation Authority, CN=http://www.valicert.com//Email=info@valicert.com
3446
+
Subject Public Key Info:
3447
+
Public Key Algorithm: rsaEncryption
3448
+
RSA Public Key: (1024 bit)
3449
+
Modulus (1024 bit):
3450
+
00:d8:59:82:7a:89:b8:96:ba:a6:2f:68:6f:58:2e:
3451
+
a7:54:1c:06:6e:f4:ea:8d:48:bc:31:94:17:f0:f3:
3452
+
4e:bc:b2:b8:35:92:76:b0:d0:a5:a5:01:d7:00:03:
3453
+
12:22:19:08:f8:ff:11:23:9b:ce:07:f5:bf:69:1a:
3454
+
26:fe:4e:e9:d1:7f:9d:2c:40:1d:59:68:6e:a6:f8:
3455
+
58:b0:9d:1a:8f:d3:3f:f1:dc:19:06:81:a8:0e:e0:
3456
+
3a:dd:c8:53:45:09:06:e6:0f:70:c3:fa:40:a6:0e:
3457
+
e2:56:05:0f:18:4d:fc:20:82:d1:73:55:74:8d:76:
3458
+
72:a0:1d:9d:1d:c0:dd:3f:71
3459
+
Exponent: 65537 (0x10001)
3460
+
Signature Algorithm: sha1WithRSAEncryption
3461
+
50:68:3d:49:f4:2c:1c:06:94:df:95:60:7f:96:7b:17:fe:4f:
3462
+
71:ad:64:c8:dd:77:d2:ef:59:55:e8:3f:e8:8e:05:2a:21:f2:
3463
+
07:d2:b5:a7:52:fe:9c:b1:b6:e2:5b:77:17:40:ea:72:d6:23:
3464
+
cb:28:81:32:c3:00:79:18:ec:59:17:89:c9:c6:6a:1e:71:c9:
3465
+
fd:b7:74:a5:25:45:69:c5:48:ab:19:e1:45:8a:25:6b:19:ee:
3466
+
e5:bb:12:f5:7f:f7:a6:8d:51:c3:f0:9d:74:b7:a9:3e:a0:a5:
3467
+
ff:b6:49:03:13:da:22:cc:ed:71:82:2b:99:cf:3a:b7:f5:2d:
3468
+
72:c8
3469
+
3470
+
ValiCert Class 2 VA
3471
+
===================
3472
+
MD5 Fingerprint: A9:23:75:9B:BA:49:36:6E:31:C2:DB:F2:E7:66:BA:87
3473
+
PEM Data:
3474
+
-----BEGIN CERTIFICATE-----
3475
+
MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
3476
+
IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
3477
+
BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
3478
+
aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
3479
+
9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy
3480
+
NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
3481
+
azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
3482
+
YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
3483
+
Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
3484
+
cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY
3485
+
dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9
3486
+
WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS
3487
+
v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v
3488
+
UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu
3489
+
IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC
3490
+
W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd
3491
+
-----END CERTIFICATE-----
3492
+
Certificate Ingredients:
3493
+
Data:
3494
+
Version: 1 (0x0)
3495
+
Serial Number: 1 (0x1)
3496
+
Signature Algorithm: sha1WithRSAEncryption
3497
+
Issuer: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com//Email=info@valicert.com
3498
+
Validity
3499
+
Not Before: Jun 26 00:19:54 1999 GMT
3500
+
Not After : Jun 26 00:19:54 2019 GMT
3501
+
Subject: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com//Email=info@valicert.com
3502
+
Subject Public Key Info:
3503
+
Public Key Algorithm: rsaEncryption
3504
+
RSA Public Key: (1024 bit)
3505
+
Modulus (1024 bit):
3506
+
00:ce:3a:71:ca:e5:ab:c8:59:92:55:d7:ab:d8:74:
3507
+
0e:f9:ee:d9:f6:55:47:59:65:47:0e:05:55:dc:eb:
3508
+
98:36:3c:5c:53:5d:d3:30:cf:38:ec:bd:41:89:ed:
3509
+
25:42:09:24:6b:0a:5e:b3:7c:dd:52:2d:4c:e6:d4:
3510
+
d6:7d:5a:59:a9:65:d4:49:13:2d:24:4d:1c:50:6f:
3511
+
b5:c1:85:54:3b:fe:71:e4:d3:5c:42:f9:80:e0:91:
3512
+
1a:0a:5b:39:36:67:f3:3f:55:7c:1b:3f:b4:5f:64:
3513
+
73:34:e3:b4:12:bf:87:64:f8:da:12:ff:37:27:c1:
3514
+
b3:43:bb:ef:7b:6e:2e:69:f7
3515
+
Exponent: 65537 (0x10001)
3516
+
Signature Algorithm: sha1WithRSAEncryption
3517
+
3b:7f:50:6f:6f:50:94:99:49:62:38:38:1f:4b:f8:a5:c8:3e:
3518
+
a7:82:81:f6:2b:c7:e8:c5:ce:e8:3a:10:82:cb:18:00:8e:4d:
3519
+
bd:a8:58:7f:a1:79:00:b5:bb:e9:8d:af:41:d9:0f:34:ee:21:
3520
+
81:19:a0:32:49:28:f4:c4:8e:56:d5:52:33:fd:50:d5:7e:99:
3521
+
6c:03:e4:c9:4c:fc:cb:6c:ab:66:b3:4a:21:8c:e5:b5:0c:32:
3522
+
3e:10:b2:cc:6c:a1:dc:9a:98:4c:02:5b:f3:ce:b9:9e:a5:72:
3523
+
0e:4a:b7:3f:3c:e6:16:68:f8:be:ed:74:4c:bc:5b:d5:62:1f:
3524
+
43:dd
3525
+
3526
+
ValiCert Class 3 VA
3527
+
===================
3528
+
MD5 Fingerprint: A2:6F:53:B7:EE:40:DB:4A:68:E7:FA:18:D9:10:4B:72
3529
+
PEM Data:
3530
+
-----BEGIN CERTIFICATE-----
3531
+
MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
3532
+
IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
3533
+
BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
3534
+
aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
3535
+
9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy
3536
+
NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
3537
+
azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
3538
+
YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
3539
+
Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
3540
+
cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD
3541
+
cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs
3542
+
2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY
3543
+
JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE
3544
+
Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ
3545
+
n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A
3546
+
PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu
3547
+
-----END CERTIFICATE-----
3548
+
Certificate Ingredients:
3549
+
Data:
3550
+
Version: 1 (0x0)
3551
+
Serial Number: 1 (0x1)
3552
+
Signature Algorithm: sha1WithRSAEncryption
3553
+
Issuer: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com//Email=info@valicert.com
3554
+
Validity
3555
+
Not Before: Jun 26 00:22:33 1999 GMT
3556
+
Not After : Jun 26 00:22:33 2019 GMT
3557
+
Subject: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com//Email=info@valicert.com
3558
+
Subject Public Key Info:
3559
+
Public Key Algorithm: rsaEncryption
3560
+
RSA Public Key: (1024 bit)
3561
+
Modulus (1024 bit):
3562
+
00:e3:98:51:96:1c:e8:d5:b1:06:81:6a:57:c3:72:
3563
+
75:93:ab:cf:9e:a6:fc:f3:16:52:d6:2d:4d:9f:35:
3564
+
44:a8:2e:04:4d:07:49:8a:38:29:f5:77:37:e7:b7:
3565
+
ab:5d:df:36:71:14:99:8f:dc:c2:92:f1:e7:60:92:
3566
+
97:ec:d8:48:dc:bf:c1:02:20:c6:24:a4:28:4c:30:
3567
+
5a:76:6d:b1:5c:f3:dd:de:9e:10:71:a1:88:c7:5b:
3568
+
9b:41:6d:ca:b0:b8:8e:15:ee:ad:33:2b:cf:47:04:
3569
+
5c:75:71:0a:98:24:98:29:a7:49:59:a5:dd:f8:b7:
3570
+
43:62:61:f3:d3:e2:d0:55:3f
3571
+
Exponent: 65537 (0x10001)
3572
+
Signature Algorithm: sha1WithRSAEncryption
3573
+
56:bb:02:58:84:67:08:2c:df:1f:db:7b:49:33:f5:d3:67:9d:
3574
+
f4:b4:0a:10:b3:c9:c5:2c:e2:92:6a:71:78:27:f2:70:83:42:
3575
+
d3:3e:cf:a9:54:f4:f1:d8:92:16:8c:d1:04:cb:4b:ab:c9:9f:
3576
+
45:ae:3c:8a:a9:b0:71:33:5d:c8:c5:57:df:af:a8:35:b3:7f:
3577
+
89:87:e9:e8:25:92:b8:7f:85:7a:ae:d6:bc:1e:37:58:2a:67:
3578
+
c9:91:cf:2a:81:3e:ed:c6:39:df:c0:3e:19:9c:19:cc:13:4d:
3579
+
82:41:b5:8c:de:e0:3d:60:08:20:0f:45:7e:6b:a2:7f:a3:8c:
3580
+
15:ee
3581
+
3582
+
VeriSign Class 4 Primary CA
3583
+
===========================
3584
+
MD5 Fingerprint: 1B:D1:AD:17:8B:7F:22:13:24:F5:26:E2:5D:4E:B9:10
3585
+
PEM Data:
3586
+
-----BEGIN CERTIFICATE-----
3587
+
MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
3588
+
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
3589
+
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
3590
+
Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
3591
+
biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
3592
+
Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
3593
+
9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
3594
+
IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
3595
+
O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
3596
+
AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
3597
+
g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
3598
+
yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
3599
+
-----END CERTIFICATE-----
3600
+
Certificate Ingredients:
3601
+
Data:
3602
+
Version: 1 (0x0)
3603
+
Serial Number:
3604
+
02:a6:00:00:01
3605
+
Signature Algorithm: md2WithRSAEncryption
3606
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority
3607
+
Validity
3608
+
Not Before: Jan 29 00:00:00 1996 GMT
3609
+
Not After : Dec 31 23:59:59 1999 GMT
3610
+
Subject: C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority
3611
+
Subject Public Key Info:
3612
+
Public Key Algorithm: rsaEncryption
3613
+
RSA Public Key: (1024 bit)
3614
+
Modulus (1024 bit):
3615
+
00:d0:b2:75:f6:78:d0:ae:5a:50:f4:e9:50:a9:9f:
3616
+
8c:d7:ef:91:94:70:e8:d2:24:90:76:89:85:d6:df:
3617
+
ac:e6:01:17:32:80:f0:9d:93:47:bc:9a:65:9d:1f:
3618
+
97:ae:bf:e9:86:75:63:20:89:bd:80:58:9d:04:0c:
3619
+
9d:a8:c1:24:e9:0b:e5:31:78:bd:fc:2d:0c:37:6a:
3620
+
9e:78:80:e9:46:75:f9:ed:a3:fb:13:7b:c8:c1:4c:
3621
+
d2:a3:ef:f5:3c:b0:62:8f:4a:5d:3b:dd:95:67:8f:
3622
+
13:b9:c1:3c:d6:a7:26:9b:ec:c3:3b:7a:d9:4d:bc:
3623
+
6d:9b:e8:15:01:e3:f0:47:a9
3624
+
Exponent: 65537 (0x10001)
3625
+
Signature Algorithm: md2WithRSAEncryption
3626
+
53:dd:d3:f0:9c:24:7e:40:aa:e2:fc:00:1a:d7:da:0c:fc:32:
3627
+
61:b8:15:0d:96:f3:fa:57:1b:7f:33:7c:af:e9:98:9a:61:c8:
3628
+
7a:b3:b7:ff:b1:dc:99:83:dc:ac:12:fc:70:c9:1f:38:42:ed:
3629
+
44:f6:80:2e:5b:6b:33:69:ac:9c:d3:5c:e7:5f:5a:18:c7:b1:
3630
+
2d:79:04:96:41:91:99:41:b1:3c:0d:ba:84:39:c6:3b:97:f0:
3631
+
26:c9:8e:ee:bd:cc:42:95:ff:1e:c7:02:3f:54:0c:78:f5:bc:
3632
+
aa:60:7c:02:69:e8:dc:ac:e2:02:76:61:c4:3e:03:ea:d2:8a:
3633
+
24:d1
3634
+
3635
+
Verisign Class 1 Public Primary Certification Authority
3636
+
=======================================================
3637
+
MD5 Fingerprint: 97:60:E8:57:5F:D3:50:47:E5:43:0C:94:36:8A:B0:62
3638
+
PEM Data:
3639
+
-----BEGIN CERTIFICATE-----
3640
+
MIICPTCCAaYCEQDNun9W8N/kvFT+IqyzcqpVMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
3641
+
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
3642
+
c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
3643
+
NjAxMjkwMDAwMDBaFw0yODA4MDEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
3644
+
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJp
3645
+
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
3646
+
jQAwgYkCgYEA5Rm/baNWYS2ZSHH2Z965jeu3noaACpEO+jglr0aIguVzqKCbJF0N
3647
+
H8xlbgyw0FaEGIeaBpsQoXPftFg5a27B9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR
3648
+
4k5FVmkfeAKA2txHkSm7NsljXMXg1y2He6G3MrB7MLoqLzGq7qNn2tsCAwEAATAN
3649
+
BgkqhkiG9w0BAQIFAAOBgQBMP7iLxmjf7kMzDl3ppssHhE16M/+SG/Q2rdiVIjZo
3650
+
EWx8QszznC7EBz8UsA9P/5CSdvnivErpj82ggAr3xSnxgiJduLHdgSOjeyUVRjB5
3651
+
FvjqBUuUfx3CHMjjt/QQQDwTw18fU+hI5Ia0e6E1sHslurjTjqs/OJ0ANACY89Fx
3652
+
lA==
3653
+
-----END CERTIFICATE-----
3654
+
Certificate Ingredients:
3655
+
Data:
3656
+
Version: 1 (0x0)
3657
+
Serial Number:
3658
+
cd:ba:7f:56:f0:df:e4:bc:54:fe:22:ac:b3:72:aa:55
3659
+
Signature Algorithm: md2WithRSAEncryption
3660
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority
3661
+
Validity
3662
+
Not Before: Jan 29 00:00:00 1996 GMT
3663
+
Not After : Aug 1 23:59:59 2028 GMT
3664
+
Subject: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority
3665
+
Subject Public Key Info:
3666
+
Public Key Algorithm: rsaEncryption
3667
+
RSA Public Key: (1024 bit)
3668
+
Modulus (1024 bit):
3669
+
00:e5:19:bf:6d:a3:56:61:2d:99:48:71:f6:67:de:
3670
+
b9:8d:eb:b7:9e:86:80:0a:91:0e:fa:38:25:af:46:
3671
+
88:82:e5:73:a8:a0:9b:24:5d:0d:1f:cc:65:6e:0c:
3672
+
b0:d0:56:84:18:87:9a:06:9b:10:a1:73:df:b4:58:
3673
+
39:6b:6e:c1:f6:15:d5:a8:a8:3f:aa:12:06:8d:31:
3674
+
ac:7f:b0:34:d7:8f:34:67:88:09:cd:14:11:e2:4e:
3675
+
45:56:69:1f:78:02:80:da:dc:47:91:29:bb:36:c9:
3676
+
63:5c:c5:e0:d7:2d:87:7b:a1:b7:32:b0:7b:30:ba:
3677
+
2a:2f:31:aa:ee:a3:67:da:db
3678
+
Exponent: 65537 (0x10001)
3679
+
Signature Algorithm: md2WithRSAEncryption
3680
+
4c:3f:b8:8b:c6:68:df:ee:43:33:0e:5d:e9:a6:cb:07:84:4d:
3681
+
7a:33:ff:92:1b:f4:36:ad:d8:95:22:36:68:11:6c:7c:42:cc:
3682
+
f3:9c:2e:c4:07:3f:14:b0:0f:4f:ff:90:92:76:f9:e2:bc:4a:
3683
+
e9:8f:cd:a0:80:0a:f7:c5:29:f1:82:22:5d:b8:b1:dd:81:23:
3684
+
a3:7b:25:15:46:30:79:16:f8:ea:05:4b:94:7f:1d:c2:1c:c8:
3685
+
e3:b7:f4:10:40:3c:13:c3:5f:1f:53:e8:48:e4:86:b4:7b:a1:
3686
+
35:b0:7b:25:ba:b8:d3:8e:ab:3f:38:9d:00:34:00:98:f3:d1:
3687
+
71:94
3688
+
3689
+
Verisign Class 1 Public Primary Certification Authority - G2
3690
+
============================================================
3691
+
MD5 Fingerprint: F2:7D:E9:54:E4:A3:22:0D:76:9F:E7:0B:BB:B3:24:2B
3692
+
PEM Data:
3693
+
-----BEGIN CERTIFICATE-----
3694
+
MIIDAjCCAmsCEDnKVIn+UCIy/jLZ2/sbhBkwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
3695
+
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
3696
+
c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
3697
+
MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
3698
+
emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
3699
+
DTk4MDUxODAwMDAwMFoXDTE4MDUxODIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
3700
+
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMg
3701
+
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
3702
+
YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
3703
+
MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
3704
+
AQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYK
3705
+
VdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSm
3706
+
Fc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQID
3707
+
AQABMA0GCSqGSIb3DQEBBQUAA4GBAIv3GhDOdlwHq4OZ3BeAbzQ5XZg+a3Is4cei
3708
+
e0ApuXiIukzFo2penm574/ICQQxmvq37rqIUzpLzojSLtLK2JPLl1eDI5WJthHvL
3709
+
vrsDi3xXyvA3qZCviu4Dvh0onNkmdqDNxJ1O8K4HFtW+r1cIatCgQkJCHvQgzKV4
3710
+
gpUmOIpH
3711
+
-----END CERTIFICATE-----
3712
+
Certificate Ingredients:
3713
+
Data:
3714
+
Version: 1 (0x0)
3715
+
Serial Number:
3716
+
39:ca:54:89:fe:50:22:32:fe:32:d9:db:fb:1b:84:19
3717
+
Signature Algorithm: sha1WithRSAEncryption
3718
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
3719
+
Validity
3720
+
Not Before: May 18 00:00:00 1998 GMT
3721
+
Not After : May 18 23:59:59 2018 GMT
3722
+
Subject: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
3723
+
Subject Public Key Info:
3724
+
Public Key Algorithm: rsaEncryption
3725
+
RSA Public Key: (1024 bit)
3726
+
Modulus (1024 bit):
3727
+
00:aa:d0:ba:be:16:2d:b8:83:d4:ca:d2:0f:bc:76:
3728
+
31:ca:94:d8:1d:93:8c:56:02:bc:d9:6f:1a:6f:52:
3729
+
36:6e:75:56:0a:55:d3:df:43:87:21:11:65:8a:7e:
3730
+
8f:bd:21:de:6b:32:3f:1b:84:34:95:05:9d:41:35:
3731
+
eb:92:eb:96:dd:aa:59:3f:01:53:6d:99:4f:ed:e5:
3732
+
e2:2a:5a:90:c1:b9:c4:a6:15:cf:c8:45:eb:a6:5d:
3733
+
8e:9c:3e:f0:64:24:76:a5:cd:ab:1a:6f:b6:d8:7b:
3734
+
51:61:6e:a6:7f:87:c8:e2:b7:e5:34:dc:41:88:ea:
3735
+
09:40:be:73:92:3d:6b:e7:75
3736
+
Exponent: 65537 (0x10001)
3737
+
Signature Algorithm: sha1WithRSAEncryption
3738
+
8b:f7:1a:10:ce:76:5c:07:ab:83:99:dc:17:80:6f:34:39:5d:
3739
+
98:3e:6b:72:2c:e1:c7:a2:7b:40:29:b9:78:88:ba:4c:c5:a3:
3740
+
6a:5e:9e:6e:7b:e3:f2:02:41:0c:66:be:ad:fb:ae:a2:14:ce:
3741
+
92:f3:a2:34:8b:b4:b2:b6:24:f2:e5:d5:e0:c8:e5:62:6d:84:
3742
+
7b:cb:be:bb:03:8b:7c:57:ca:f0:37:a9:90:af:8a:ee:03:be:
3743
+
1d:28:9c:d9:26:76:a0:cd:c4:9d:4e:f0:ae:07:16:d5:be:af:
3744
+
57:08:6a:d0:a0:42:42:42:1e:f4:20:cc:a5:78:82:95:26:38:
3745
+
8a:47
3746
+
3747
+
Verisign Class 1 Public Primary Certification Authority - G3
3748
+
============================================================
3749
+
MD5 Fingerprint: B1:47:BC:18:57:D1:18:A0:78:2D:EC:71:E8:2A:95:73
3750
+
PEM Data:
3751
+
-----BEGIN CERTIFICATE-----
3752
+
MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
3753
+
CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
3754
+
cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
3755
+
LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
3756
+
aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
3757
+
dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
3758
+
VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
3759
+
aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
3760
+
bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
3761
+
IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
3762
+
LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4
3763
+
nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO
3764
+
8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV
3765
+
ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb
3766
+
PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2
3767
+
6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr
3768
+
n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a
3769
+
qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4
3770
+
wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3
3771
+
ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs
3772
+
pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4
3773
+
E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g==
3774
+
-----END CERTIFICATE-----
3775
+
Certificate Ingredients:
3776
+
Data:
3777
+
Version: 1 (0x0)
3778
+
Serial Number:
3779
+
8b:5b:75:56:84:54:85:0b:00:cf:af:38:48:ce:b1:a4
3780
+
Signature Algorithm: sha1WithRSAEncryption
3781
+
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 1 Public Primary Certification Authority - G3
3782
+
Validity
3783
+
Not Before: Oct 1 00:00:00 1999 GMT
3784
+
Not After : Jul 16 23:59:59 2036 GMT
3785
+
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 1 Public Primary Certification Authority - G3
3786
+
Subject Public Key Info:
3787
+
Public Key Algorithm: rsaEncryption
3788
+
RSA Public Key: (2048 bit)
3789
+
Modulus (2048 bit):
3790
+
00:dd:84:d4:b9:b4:f9:a7:d8:f3:04:78:9c:de:3d:
3791
+
dc:6c:13:16:d9:7a:dd:24:51:66:c0:c7:26:59:0d:
3792
+
ac:06:08:c2:94:d1:33:1f:f0:83:35:1f:6e:1b:c8:
3793
+
de:aa:6e:15:4e:54:27:ef:c4:6d:1a:ec:0b:e3:0e:
3794
+
f0:44:a5:57:c7:40:58:1e:a3:47:1f:71:ec:60:f6:
3795
+
6d:94:c8:18:39:ed:fe:42:18:56:df:e4:4c:49:10:
3796
+
78:4e:01:76:35:63:12:36:dd:66:bc:01:04:36:a3:
3797
+
55:68:d5:a2:36:09:ac:ab:21:26:54:06:ad:3f:ca:
3798
+
14:e0:ac:ca:ad:06:1d:95:e2:f8:9d:f1:e0:60:ff:
3799
+
c2:7f:75:2b:4c:cc:da:fe:87:99:21:ea:ba:fe:3e:
3800
+
54:d7:d2:59:78:db:3c:6e:cf:a0:13:00:1a:b8:27:
3801
+
a1:e4:be:67:96:ca:a0:c5:b3:9c:dd:c9:75:9e:eb:
3802
+
30:9a:5f:a3:cd:d9:ae:78:19:3f:23:e9:5c:db:29:
3803
+
bd:ad:55:c8:1b:54:8c:63:f6:e8:a6:ea:c7:37:12:
3804
+
5c:a3:29:1e:02:d9:db:1f:3b:b4:d7:0f:56:47:81:
3805
+
15:04:4a:af:83:27:d1:c5:58:88:c1:dd:f6:aa:a7:
3806
+
a3:18:da:68:aa:6d:11:51:e1:bf:65:6b:9f:96:76:
3807
+
d1:3d
3808
+
Exponent: 65537 (0x10001)
3809
+
Signature Algorithm: sha1WithRSAEncryption
3810
+
ab:66:8d:d7:b3:ba:c7:9a:b6:e6:55:d0:05:f1:9f:31:8d:5a:
3811
+
aa:d9:aa:46:26:0f:71:ed:a5:ad:53:56:62:01:47:2a:44:e9:
3812
+
fe:3f:74:0b:13:9b:b9:f4:4d:1b:b2:d1:5f:b2:b6:d2:88:5c:
3813
+
b3:9f:cd:cb:d4:a7:d9:60:95:84:3a:f8:c1:37:1d:61:ca:e7:
3814
+
b0:c5:e5:91:da:54:a6:ac:31:81:ae:97:de:cd:08:ac:b8:c0:
3815
+
97:80:7f:6e:72:a4:e7:69:13:95:65:1f:c4:93:3c:fd:79:8f:
3816
+
04:d4:3e:4f:ea:f7:9e:ce:cd:67:7c:4f:65:02:ff:91:85:54:
3817
+
73:c7:ff:36:f7:86:2d:ec:d0:5e:4f:ff:11:9f:72:06:d6:b8:
3818
+
1a:f1:4c:0d:26:65:e2:44:80:1e:c7:9f:e3:dd:e8:0a:da:ec:
3819
+
a5:20:80:69:68:a1:4f:7e:e1:6b:cf:07:41:fa:83:8e:bc:38:
3820
+
dd:b0:2e:11:b1:6b:b2:42:cc:9a:bc:f9:48:22:79:4a:19:0f:
3821
+
b2:1c:3e:20:74:d9:6a:c3:be:f2:28:78:13:56:79:4f:6d:50:
3822
+
ea:1b:b0:b5:57:b1:37:66:58:23:f3:dc:0f:df:0a:87:c4:ef:
3823
+
86:05:d5:38:14:60:99:a3:4b:de:06:96:71:2c:f2:db:b6:1f:
3824
+
a4:ef:3f:ee
3825
+
3826
+
Verisign Class 2 Public Primary Certification Authority
3827
+
=======================================================
3828
+
MD5 Fingerprint: B3:9C:25:B1:C3:2E:32:53:80:15:30:9D:4D:02:77:3E
3829
+
PEM Data:
3830
+
-----BEGIN CERTIFICATE-----
3831
+
MIICPDCCAaUCEC0b/EoXjaOR6+f/9YtFvgswDQYJKoZIhvcNAQECBQAwXzELMAkG
3832
+
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
3833
+
cyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
3834
+
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
3835
+
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAyIFB1YmxpYyBQcmlt
3836
+
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
3837
+
ADCBiQKBgQC2WoujDWojg4BrzzmH9CETMwZMJaLtVRKXxaeAufqDwSCg+i8VDXyh
3838
+
YGt+eSz6Bg86rvYbb7HS/y8oUl+DfUvEerf4Zh+AVPy3wo5ZShRXRtGak75BkQO7
3839
+
FYCTXOvnzAhsPz6zSvz/S2wj1VCCJkQZjiPDceoZJEcEnnW/yKYAHwIDAQABMA0G
3840
+
CSqGSIb3DQEBAgUAA4GBAIobK/o5wXTXXtgZZKJYSi034DNHD6zt96rbHuSLBlxg
3841
+
J8pFUs4W7z8GZOeUaHxgMxURaa+dYo2jA1Rrpr7l7gUYYAS/QoD90KioHgE796Nc
3842
+
r6Pc5iaAIzy4RHT3Cq5Ji2F4zCS/iIqnDupzGUH9TQPwiNHleI2lKk/2lw0Xd8rY
3843
+
-----END CERTIFICATE-----
3844
+
Certificate Ingredients:
3845
+
Data:
3846
+
Version: 1 (0x0)
3847
+
Serial Number:
3848
+
2d:1b:fc:4a:17:8d:a3:91:eb:e7:ff:f5:8b:45:be:0b
3849
+
Signature Algorithm: md2WithRSAEncryption
3850
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority
3851
+
Validity
3852
+
Not Before: Jan 29 00:00:00 1996 GMT
3853
+
Not After : Aug 1 23:59:59 2028 GMT
3854
+
Subject: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority
3855
+
Subject Public Key Info:
3856
+
Public Key Algorithm: rsaEncryption
3857
+
RSA Public Key: (1024 bit)
3858
+
Modulus (1024 bit):
3859
+
00:b6:5a:8b:a3:0d:6a:23:83:80:6b:cf:39:87:f4:
3860
+
21:13:33:06:4c:25:a2:ed:55:12:97:c5:a7:80:b9:
3861
+
fa:83:c1:20:a0:fa:2f:15:0d:7c:a1:60:6b:7e:79:
3862
+
2c:fa:06:0f:3a:ae:f6:1b:6f:b1:d2:ff:2f:28:52:
3863
+
5f:83:7d:4b:c4:7a:b7:f8:66:1f:80:54:fc:b7:c2:
3864
+
8e:59:4a:14:57:46:d1:9a:93:be:41:91:03:bb:15:
3865
+
80:93:5c:eb:e7:cc:08:6c:3f:3e:b3:4a:fc:ff:4b:
3866
+
6c:23:d5:50:82:26:44:19:8e:23:c3:71:ea:19:24:
3867
+
47:04:9e:75:bf:c8:a6:00:1f
3868
+
Exponent: 65537 (0x10001)
3869
+
Signature Algorithm: md2WithRSAEncryption
3870
+
8a:1b:2b:fa:39:c1:74:d7:5e:d8:19:64:a2:58:4a:2d:37:e0:
3871
+
33:47:0f:ac:ed:f7:aa:db:1e:e4:8b:06:5c:60:27:ca:45:52:
3872
+
ce:16:ef:3f:06:64:e7:94:68:7c:60:33:15:11:69:af:9d:62:
3873
+
8d:a3:03:54:6b:a6:be:e5:ee:05:18:60:04:bf:42:80:fd:d0:
3874
+
a8:a8:1e:01:3b:f7:a3:5c:af:a3:dc:e6:26:80:23:3c:b8:44:
3875
+
74:f7:0a:ae:49:8b:61:78:cc:24:bf:88:8a:a7:0e:ea:73:19:
3876
+
41:fd:4d:03:f0:88:d1:e5:78:8d:a5:2a:4f:f6:97:0d:17:77:
3877
+
ca:d8
3878
+
3879
+
Verisign Class 2 Public Primary Certification Authority - G2
3880
+
============================================================
3881
+
MD5 Fingerprint: 2D:BB:E5:25:D3:D1:65:82:3A:B7:0E:FA:E6:EB:E2:E1
3882
+
PEM Data:
3883
+
-----BEGIN CERTIFICATE-----
3884
+
MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
3885
+
CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
3886
+
YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
3887
+
MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
3888
+
aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
3889
+
Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
3890
+
MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
3891
+
IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
3892
+
KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
3893
+
eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
3894
+
AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
3895
+
HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
3896
+
DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
3897
+
AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
3898
+
nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
3899
+
rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
3900
+
jBJ7xUS0rg==
3901
+
-----END CERTIFICATE-----
3902
+
Certificate Ingredients:
3903
+
Data:
3904
+
Version: 1 (0x0)
3905
+
Serial Number:
3906
+
b9:2f:60:cc:88:9f:a1:7a:46:09:b8:5b:70:6c:8a:af
3907
+
Signature Algorithm: sha1WithRSAEncryption
3908
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
3909
+
Validity
3910
+
Not Before: May 18 00:00:00 1998 GMT
3911
+
Not After : Aug 1 23:59:59 2028 GMT
3912
+
Subject: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
3913
+
Subject Public Key Info:
3914
+
Public Key Algorithm: rsaEncryption
3915
+
RSA Public Key: (1024 bit)
3916
+
Modulus (1024 bit):
3917
+
00:a7:88:01:21:74:2c:e7:1a:03:f0:98:e1:97:3c:
3918
+
0f:21:08:f1:9c:db:97:e9:9a:fc:c2:04:06:13:be:
3919
+
5f:52:c8:cc:1e:2c:12:56:2c:b8:01:69:2c:cc:99:
3920
+
1f:ad:b0:96:ae:79:04:f2:13:39:c1:7b:98:ba:08:
3921
+
2c:e8:c2:84:13:2c:aa:69:e9:09:f4:c7:a9:02:a4:
3922
+
42:c2:23:4f:4a:d8:f0:0e:a2:fb:31:6c:c9:e6:6f:
3923
+
99:27:07:f5:e6:f4:4c:78:9e:6d:eb:46:86:fa:b9:
3924
+
86:c9:54:f2:b2:c4:af:d4:46:1c:5a:c9:15:30:ff:
3925
+
0d:6c:f5:2d:0e:6d:ce:7f:77
3926
+
Exponent: 65537 (0x10001)
3927
+
Signature Algorithm: sha1WithRSAEncryption
3928
+
72:2e:f9:7f:d1:f1:71:fb:c4:9e:f6:c5:5e:51:8a:40:98:b8:
3929
+
68:f8:9b:1c:83:d8:e2:9d:bd:ff:ed:a1:e6:66:ea:2f:09:f4:
3930
+
ca:d7:ea:a5:2b:95:f6:24:60:86:4d:44:2e:83:a5:c4:2d:a0:
3931
+
d3:ae:78:69:6f:72:da:6c:ae:08:f0:63:92:37:e6:bb:c4:30:
3932
+
17:ad:77:cc:49:35:aa:cf:d8:8f:d1:be:b7:18:96:47:73:6a:
3933
+
54:22:34:64:2d:b6:16:9b:59:5b:b4:51:59:3a:b3:0b:14:f4:
3934
+
12:df:67:a0:f4:ad:32:64:5e:b1:46:72:27:8c:12:7b:c5:44:
3935
+
b4:ae
3936
+
3937
+
Verisign Class 2 Public Primary Certification Authority - G3
3938
+
============================================================
3939
+
MD5 Fingerprint: F8:BE:C4:63:22:C9:A8:46:74:8B:B8:1D:1E:4A:2B:F6
3940
+
PEM Data:
3941
+
-----BEGIN CERTIFICATE-----
3942
+
MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
3943
+
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
3944
+
aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s
3945
+
IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp
3946
+
Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
3947
+
eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV
3948
+
BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp
3949
+
Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu
3950
+
Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g
3951
+
Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
3952
+
IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU
3953
+
J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO
3954
+
JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY
3955
+
wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o
3956
+
koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN
3957
+
qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E
3958
+
Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe
3959
+
xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u
3960
+
7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU
3961
+
sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI
3962
+
sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP
3963
+
cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
3964
+
-----END CERTIFICATE-----
3965
+
Certificate Ingredients:
3966
+
Data:
3967
+
Version: 1 (0x0)
3968
+
Serial Number:
3969
+
61:70:cb:49:8c:5f:98:45:29:e7:b0:a6:d9:50:5b:7a
3970
+
Signature Algorithm: sha1WithRSAEncryption
3971
+
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 2 Public Primary Certification Authority - G3
3972
+
Validity
3973
+
Not Before: Oct 1 00:00:00 1999 GMT
3974
+
Not After : Jul 16 23:59:59 2036 GMT
3975
+
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 2 Public Primary Certification Authority - G3
3976
+
Subject Public Key Info:
3977
+
Public Key Algorithm: rsaEncryption
3978
+
RSA Public Key: (2048 bit)
3979
+
Modulus (2048 bit):
3980
+
00:af:0a:0d:c2:d5:2c:db:67:b9:2d:e5:94:27:dd:
3981
+
a5:be:e0:b0:4d:8f:b3:61:56:3c:d6:7c:c3:f4:cd:
3982
+
3e:86:cb:a2:88:e2:e1:d8:a4:69:c5:b5:e2:bf:c1:
3983
+
a6:47:50:5e:46:39:8b:d5:96:ba:b5:6f:14:bf:10:
3984
+
ce:27:13:9e:05:47:9b:31:7a:13:d8:1f:d9:d3:02:
3985
+
37:8b:ad:2c:47:f0:8e:81:06:a7:0d:30:0c:eb:f7:
3986
+
3c:0f:20:1d:dc:72:46:ee:a5:02:c8:5b:c3:c9:56:
3987
+
69:4c:c5:18:c1:91:7b:0b:d5:13:00:9b:bc:ef:c3:
3988
+
48:3e:46:60:20:85:2a:d5:90:b6:cd:8b:a0:cc:32:
3989
+
dd:b7:fd:40:55:b2:50:1c:56:ae:cc:8d:77:4d:c7:
3990
+
20:4d:a7:31:76:ef:68:92:8a:90:1e:08:81:56:b2:
3991
+
ad:69:a3:52:d0:cb:1c:c4:23:3d:1f:99:fe:4c:e8:
3992
+
16:63:8e:c6:08:8e:f6:31:f6:d2:fa:e5:76:dd:b5:
3993
+
1c:92:a3:49:cd:cd:01:cd:68:cd:a9:69:ba:a3:eb:
3994
+
1d:0d:9c:a4:20:a6:c1:a0:c5:d1:46:4c:17:6d:d2:
3995
+
ac:66:3f:96:8c:e0:84:d4:36:ff:22:59:c5:f9:11:
3996
+
60:a8:5f:04:7d:f2:1a:f6:25:42:61:0f:c4:4a:b8:
3997
+
3e:89
3998
+
Exponent: 65537 (0x10001)
3999
+
Signature Algorithm: sha1WithRSAEncryption
4000
+
34:26:15:3c:c0:8d:4d:43:49:1d:bd:e9:21:92:d7:66:9c:b7:
4001
+
de:c5:b8:d0:e4:5d:5f:76:22:c0:26:f9:84:3a:3a:f9:8c:b5:
4002
+
fb:ec:60:f1:e8:ce:04:b0:c8:dd:a7:03:8f:30:f3:98:df:a4:
4003
+
e6:a4:31:df:d3:1c:0b:46:dc:72:20:3f:ae:ee:05:3c:a4:33:
4004
+
3f:0b:39:ac:70:78:73:4b:99:2b:df:30:c2:54:b0:a8:3b:55:
4005
+
a1:fe:16:28:cd:42:bd:74:6e:80:db:27:44:a7:ce:44:5d:d4:
4006
+
1b:90:98:0d:1e:42:94:b1:00:2c:04:d0:74:a3:02:05:22:63:
4007
+
63:cd:83:b5:fb:c1:6d:62:6b:69:75:fd:5d:70:41:b9:f5:bf:
4008
+
7c:df:be:c1:32:73:22:21:8b:58:81:7b:15:91:7a:ba:e3:64:
4009
+
48:b0:7f:fb:36:25:da:95:d0:f1:24:14:17:dd:18:80:6b:46:
4010
+
23:39:54:f5:8e:62:09:04:1d:94:90:a6:9b:e6:25:e2:42:45:
4011
+
aa:b8:90:ad:be:08:8f:a9:0b:42:18:94:cf:72:39:e1:b1:43:
4012
+
e0:28:cf:b7:e7:5a:6c:13:6b:49:b3:ff:e3:18:7c:89:8b:33:
4013
+
5d:ac:33:d7:a7:f9:da:3a:55:c9:58:10:f9:aa:ef:5a:b6:cf:
4014
+
4b:4b:df:2a
4015
+
4016
+
Verisign Class 3 Public Primary Certification Authority
4017
+
=======================================================
4018
+
MD5 Fingerprint: 10:FC:63:5D:F6:26:3E:0D:F3:25:BE:5F:79:CD:67:67
4019
+
PEM Data:
4020
+
-----BEGIN CERTIFICATE-----
4021
+
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
4022
+
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
4023
+
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
4024
+
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
4025
+
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
4026
+
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
4027
+
ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
4028
+
BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
4029
+
I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
4030
+
CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
4031
+
lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
4032
+
AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
4033
+
-----END CERTIFICATE-----
4034
+
Certificate Ingredients:
4035
+
Data:
4036
+
Version: 1 (0x0)
4037
+
Serial Number:
4038
+
70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
4039
+
Signature Algorithm: md2WithRSAEncryption
4040
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
4041
+
Validity
4042
+
Not Before: Jan 29 00:00:00 1996 GMT
4043
+
Not After : Aug 1 23:59:59 2028 GMT
4044
+
Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
4045
+
Subject Public Key Info:
4046
+
Public Key Algorithm: rsaEncryption
4047
+
RSA Public Key: (1024 bit)
4048
+
Modulus (1024 bit):
4049
+
00:c9:5c:59:9e:f2:1b:8a:01:14:b4:10:df:04:40:
4050
+
db:e3:57:af:6a:45:40:8f:84:0c:0b:d1:33:d9:d9:
4051
+
11:cf:ee:02:58:1f:25:f7:2a:a8:44:05:aa:ec:03:
4052
+
1f:78:7f:9e:93:b9:9a:00:aa:23:7d:d6:ac:85:a2:
4053
+
63:45:c7:72:27:cc:f4:4c:c6:75:71:d2:39:ef:4f:
4054
+
42:f0:75:df:0a:90:c6:8e:20:6f:98:0f:f8:ac:23:
4055
+
5f:70:29:36:a4:c9:86:e7:b1:9a:20:cb:53:a5:85:
4056
+
e7:3d:be:7d:9a:fe:24:45:33:dc:76:15:ed:0f:a2:
4057
+
71:64:4c:65:2e:81:68:45:a7
4058
+
Exponent: 65537 (0x10001)
4059
+
Signature Algorithm: md2WithRSAEncryption
4060
+
bb:4c:12:2b:cf:2c:26:00:4f:14:13:dd:a6:fb:fc:0a:11:84:
4061
+
8c:f3:28:1c:67:92:2f:7c:b6:c5:fa:df:f0:e8:95:bc:1d:8f:
4062
+
6c:2c:a8:51:cc:73:d8:a4:c0:53:f0:4e:d6:26:c0:76:01:57:
4063
+
81:92:5e:21:f1:d1:b1:ff:e7:d0:21:58:cd:69:17:e3:44:1c:
4064
+
9c:19:44:39:89:5c:dc:9c:00:0f:56:8d:02:99:ed:a2:90:45:
4065
+
4c:e4:bb:10:a4:3d:f0:32:03:0e:f1:ce:f8:e8:c9:51:8c:e6:
4066
+
62:9f:e6:9f:c0:7d:b7:72:9c:c9:36:3a:6b:9f:4e:a8:ff:64:
4067
+
0d:64
4068
+
4069
+
Verisign Class 3 Public Primary Certification Authority - G2
4070
+
============================================================
4071
+
MD5 Fingerprint: A2:33:9B:4C:74:78:73:D4:6C:E7:C1:F3:8D:CB:5C:E9
4072
+
PEM Data:
4073
+
-----BEGIN CERTIFICATE-----
4074
+
MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
4075
+
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
4076
+
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
4077
+
MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
4078
+
emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
4079
+
DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
4080
+
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg
4081
+
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
4082
+
YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
4083
+
MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
4084
+
AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4
4085
+
pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0
4086
+
13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID
4087
+
AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk
4088
+
U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i
4089
+
F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY
4090
+
oJ2daZH9
4091
+
-----END CERTIFICATE-----
4092
+
Certificate Ingredients:
4093
+
Data:
4094
+
Version: 1 (0x0)
4095
+
Serial Number:
4096
+
7d:d9:fe:07:cf:a8:1e:b7:10:79:67:fb:a7:89:34:c6
4097
+
Signature Algorithm: sha1WithRSAEncryption
4098
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
4099
+
Validity
4100
+
Not Before: May 18 00:00:00 1998 GMT
4101
+
Not After : Aug 1 23:59:59 2028 GMT
4102
+
Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
4103
+
Subject Public Key Info:
4104
+
Public Key Algorithm: rsaEncryption
4105
+
RSA Public Key: (1024 bit)
4106
+
Modulus (1024 bit):
4107
+
00:cc:5e:d1:11:5d:5c:69:d0:ab:d3:b9:6a:4c:99:
4108
+
1f:59:98:30:8e:16:85:20:46:6d:47:3f:d4:85:20:
4109
+
84:e1:6d:b3:f8:a4:ed:0c:f1:17:0f:3b:f9:a7:f9:
4110
+
25:d7:c1:cf:84:63:f2:7c:63:cf:a2:47:f2:c6:5b:
4111
+
33:8e:64:40:04:68:c1:80:b9:64:1c:45:77:c7:d8:
4112
+
6e:f5:95:29:3c:50:e8:34:d7:78:1f:a8:ba:6d:43:
4113
+
91:95:8f:45:57:5e:7e:c5:fb:ca:a4:04:eb:ea:97:
4114
+
37:54:30:6f:bb:01:47:32:33:cd:dc:57:9b:64:69:
4115
+
61:f8:9b:1d:1c:89:4f:5c:67
4116
+
Exponent: 65537 (0x10001)
4117
+
Signature Algorithm: sha1WithRSAEncryption
4118
+
51:4d:cd:be:5c:cb:98:19:9c:15:b2:01:39:78:2e:4d:0f:67:
4119
+
70:70:99:c6:10:5a:94:a4:53:4d:54:6d:2b:af:0d:5d:40:8b:
4120
+
64:d3:d7:ee:de:56:61:92:5f:a6:c4:1d:10:61:36:d3:2c:27:
4121
+
3c:e8:29:09:b9:11:64:74:cc:b5:73:9f:1c:48:a9:bc:61:01:
4122
+
ee:e2:17:a6:0c:e3:40:08:3b:0e:e7:eb:44:73:2a:9a:f1:69:
4123
+
92:ef:71:14:c3:39:ac:71:a7:91:09:6f:e4:71:06:b3:ba:59:
4124
+
57:26:79:00:f6:f8:0d:a2:33:30:28:d4:aa:58:a0:9d:9d:69:
4125
+
91:fd
4126
+
4127
+
Verisign Class 3 Public Primary Certification Authority - G3
4128
+
============================================================
4129
+
MD5 Fingerprint: CD:68:B6:A7:C7:C4:CE:75:E0:1D:4F:57:44:61:92:09
4130
+
PEM Data:
4131
+
-----BEGIN CERTIFICATE-----
4132
+
MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
4133
+
CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
4134
+
cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
4135
+
LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
4136
+
aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
4137
+
dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
4138
+
VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
4139
+
aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
4140
+
bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
4141
+
IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
4142
+
LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
4143
+
N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
4144
+
KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
4145
+
kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
4146
+
CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
4147
+
Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
4148
+
imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
4149
+
2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
4150
+
DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
4151
+
/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
4152
+
F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
4153
+
TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
4154
+
-----END CERTIFICATE-----
4155
+
Certificate Ingredients:
4156
+
Data:
4157
+
Version: 1 (0x0)
4158
+
Serial Number:
4159
+
9b:7e:06:49:a3:3e:62:b9:d5:ee:90:48:71:29:ef:57
4160
+
Signature Algorithm: sha1WithRSAEncryption
4161
+
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
4162
+
Validity
4163
+
Not Before: Oct 1 00:00:00 1999 GMT
4164
+
Not After : Jul 16 23:59:59 2036 GMT
4165
+
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
4166
+
Subject Public Key Info:
4167
+
Public Key Algorithm: rsaEncryption
4168
+
RSA Public Key: (2048 bit)
4169
+
Modulus (2048 bit):
4170
+
00:cb:ba:9c:52:fc:78:1f:1a:1e:6f:1b:37:73:bd:
4171
+
f8:c9:6b:94:12:30:4f:f0:36:47:f5:d0:91:0a:f5:
4172
+
17:c8:a5:61:c1:16:40:4d:fb:8a:61:90:e5:76:20:
4173
+
c1:11:06:7d:ab:2c:6e:a6:f5:11:41:8e:fa:2d:ad:
4174
+
2a:61:59:a4:67:26:4c:d0:e8:bc:52:5b:70:20:04:
4175
+
58:d1:7a:c9:a4:69:bc:83:17:64:ad:05:8b:bc:d0:
4176
+
58:ce:8d:8c:f5:eb:f0:42:49:0b:9d:97:27:67:32:
4177
+
6e:e1:ae:93:15:1c:70:bc:20:4d:2f:18:de:92:88:
4178
+
e8:6c:85:57:11:1a:e9:7e:e3:26:11:54:a2:45:96:
4179
+
55:83:ca:30:89:e8:dc:d8:a3:ed:2a:80:3f:7f:79:
4180
+
65:57:3e:15:20:66:08:2f:95:93:bf:aa:47:2f:a8:
4181
+
46:97:f0:12:e2:fe:c2:0a:2b:51:e6:76:e6:b7:46:
4182
+
b7:e2:0d:a6:cc:a8:c3:4c:59:55:89:e6:e8:53:5c:
4183
+
1c:ea:9d:f0:62:16:0b:a7:c9:5f:0c:f0:de:c2:76:
4184
+
ce:af:f7:6a:f2:fa:41:a6:a2:33:14:c9:e5:7a:63:
4185
+
d3:9e:62:37:d5:85:65:9e:0e:e6:53:24:74:1b:5e:
4186
+
1d:12:53:5b:c7:2c:e7:83:49:3b:15:ae:8a:68:b9:
4187
+
57:97
4188
+
Exponent: 65537 (0x10001)
4189
+
Signature Algorithm: sha1WithRSAEncryption
4190
+
11:14:96:c1:ab:92:08:f7:3f:2f:c9:b2:fe:e4:5a:9f:64:de:
4191
+
db:21:4f:86:99:34:76:36:57:dd:d0:15:2f:c5:ad:7f:15:1f:
4192
+
37:62:73:3e:d4:e7:5f:ce:17:03:db:35:fa:2b:db:ae:60:09:
4193
+
5f:1e:5f:8f:6e:bb:0b:3d:ea:5a:13:1e:0c:60:6f:b5:c0:b5:
4194
+
23:22:2e:07:0b:cb:a9:74:cb:47:bb:1d:c1:d7:a5:6b:cc:2f:
4195
+
d2:42:fd:49:dd:a7:89:cf:53:ba:da:00:5a:28:bf:82:df:f8:
4196
+
ba:13:1d:50:86:82:fd:8e:30:8f:29:46:b0:1e:3d:35:da:38:
4197
+
62:16:18:4a:ad:e6:b6:51:6c:de:af:62:eb:01:d0:1e:24:fe:
4198
+
7a:8f:12:1a:12:68:b8:fb:66:99:14:14:45:5c:ae:e7:ae:69:
4199
+
17:81:2b:5a:37:c9:5e:2a:f4:c6:e2:a1:5c:54:9b:a6:54:00:
4200
+
cf:f0:f1:c1:c7:98:30:1a:3b:36:16:db:a3:6e:ea:fd:ad:b2:
4201
+
c2:da:ef:02:47:13:8a:c0:f1:b3:31:ad:4f:1c:e1:4f:9c:af:
4202
+
0f:0c:9d:f7:78:0d:d8:f4:35:56:80:da:b7:6d:17:8f:9d:1e:
4203
+
81:64:e1:fe:c5:45:ba:ad:6b:b9:0a:7a:4e:4f:4b:84:ee:4b:
4204
+
f1:7d:dd:11
4205
+
4206
+
Verisign Class 4 Public Primary Certification Authority - G2
4207
+
============================================================
4208
+
MD5 Fingerprint: 26:6D:2C:19:98:B6:70:68:38:50:54:19:EC:90:34:60
4209
+
PEM Data:
4210
+
-----BEGIN CERTIFICATE-----
4211
+
MIIDAjCCAmsCEDKIjprS9esTR/h/xCA3JfgwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
4212
+
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
4213
+
c3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
4214
+
MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
4215
+
emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
4216
+
DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
4217
+
FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgNCBQdWJsaWMg
4218
+
UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
4219
+
YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
4220
+
MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
4221
+
AQUAA4GNADCBiQKBgQC68OTP+cSuhVS5B1f5j8V/aBH4xBewRNzjMHPVKmIquNDM
4222
+
HO0oW369atyzkSTKQWI8/AIBvxwWMZQFl3Zuoq29YRdsTjCG8FE3KlDHqGKB3FtK
4223
+
qsGgtG7rL+VXxbErQHDbWk2hjh+9Ax/YA9SPTJlxvOKCzFjomDqG04Y48wApHwID
4224
+
AQABMA0GCSqGSIb3DQEBBQUAA4GBAIWMEsGnuVAVess+rLhDityq3RS6iYF+ATwj
4225
+
cSGIL4LcY/oCRaxFWdcqWERbt5+BO5JoPeI3JPV7bI92NZYJqFmduc4jq3TWg/0y
4226
+
cyfYaT5DdPauxYma51N86Xv2S/PBZYPejYqcPIiNOVn8qj8ijaHBZlCBckztImRP
4227
+
T8qAkbYp
4228
+
-----END CERTIFICATE-----
4229
+
Certificate Ingredients:
4230
+
Data:
4231
+
Version: 1 (0x0)
4232
+
Serial Number:
4233
+
32:88:8e:9a:d2:f5:eb:13:47:f8:7f:c4:20:37:25:f8
4234
+
Signature Algorithm: sha1WithRSAEncryption
4235
+
Issuer: C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
4236
+
Validity
4237
+
Not Before: May 18 00:00:00 1998 GMT
4238
+
Not After : Aug 1 23:59:59 2028 GMT
4239
+
Subject: C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
4240
+
Subject Public Key Info:
4241
+
Public Key Algorithm: rsaEncryption
4242
+
RSA Public Key: (1024 bit)
4243
+
Modulus (1024 bit):
4244
+
00:ba:f0:e4:cf:f9:c4:ae:85:54:b9:07:57:f9:8f:
4245
+
c5:7f:68:11:f8:c4:17:b0:44:dc:e3:30:73:d5:2a:
4246
+
62:2a:b8:d0:cc:1c:ed:28:5b:7e:bd:6a:dc:b3:91:
4247
+
24:ca:41:62:3c:fc:02:01:bf:1c:16:31:94:05:97:
4248
+
76:6e:a2:ad:bd:61:17:6c:4e:30:86:f0:51:37:2a:
4249
+
50:c7:a8:62:81:dc:5b:4a:aa:c1:a0:b4:6e:eb:2f:
4250
+
e5:57:c5:b1:2b:40:70:db:5a:4d:a1:8e:1f:bd:03:
4251
+
1f:d8:03:d4:8f:4c:99:71:bc:e2:82:cc:58:e8:98:
4252
+
3a:86:d3:86:38:f3:00:29:1f
4253
+
Exponent: 65537 (0x10001)
4254
+
Signature Algorithm: sha1WithRSAEncryption
4255
+
85:8c:12:c1:a7:b9:50:15:7a:cb:3e:ac:b8:43:8a:dc:aa:dd:
4256
+
14:ba:89:81:7e:01:3c:23:71:21:88:2f:82:dc:63:fa:02:45:
4257
+
ac:45:59:d7:2a:58:44:5b:b7:9f:81:3b:92:68:3d:e2:37:24:
4258
+
f5:7b:6c:8f:76:35:96:09:a8:59:9d:b9:ce:23:ab:74:d6:83:
4259
+
fd:32:73:27:d8:69:3e:43:74:f6:ae:c5:89:9a:e7:53:7c:e9:
4260
+
7b:f6:4b:f3:c1:65:83:de:8d:8a:9c:3c:88:8d:39:59:fc:aa:
4261
+
3f:22:8d:a1:c1:66:50:81:72:4c:ed:22:64:4f:4f:ca:80:91:
4262
+
b6:29
4263
+
4264
+
Verisign Class 4 Public Primary Certification Authority - G3
4265
+
============================================================
4266
+
MD5 Fingerprint: DB:C8:F2:27:2E:B1:EA:6A:29:23:5D:FE:56:3E:33:DF
4267
+
PEM Data:
4268
+
-----BEGIN CERTIFICATE-----
4269
+
MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
4270
+
CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
4271
+
cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
4272
+
LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
4273
+
aWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
4274
+
dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
4275
+
VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
4276
+
aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
4277
+
bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
4278
+
IENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
4279
+
LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3LpRFpxlmr8Y+1
4280
+
GQ9Wzsy1HyDkniYlS+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaStBO3IFsJ
4281
+
+mGuqPKljYXCKtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0Gbd
4282
+
U6LM8BDcVHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLm
4283
+
NxdLMEYH5IBtptiWLugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XY
4284
+
ufTsgsbSPZUd5cBPhMnZo0QoBmrXRazwa2rvTl/4EYIeOGM0ZlDUPpNz+jDDZq3/
4285
+
ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAj/ola09b5KROJ1WrIhVZPMq1
4286
+
CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXttmhwwjIDLk5Mq
4287
+
g6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csKvE+MW8VLADsfKoKm
4288
+
fjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluPQSjA1egtTaRezarZ7c7c
4289
+
2NU8Qh0XwRJdRTjDOPP8hS6DRkiy1yBfkjaP53kPmF6Z6PDQpLv1U70qzlmwr25/
4290
+
bLvSHgCwIe34QWKCudiyxLtGUPMxxY8BqHTr9Xgn2uf3ZkPznoM+IKrDNWCRzg==
4291
+
-----END CERTIFICATE-----
4292
+
Certificate Ingredients:
4293
+
Data:
4294
+
Version: 1 (0x0)
4295
+
Serial Number:
4296
+
ec:a0:a7:8b:6e:75:6a:01:cf:c4:7c:cc:2f:94:5e:d7
4297
+
Signature Algorithm: sha1WithRSAEncryption
4298
+
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 4 Public Primary Certification Authority - G3
4299
+
Validity
4300
+
Not Before: Oct 1 00:00:00 1999 GMT
4301
+
Not After : Jul 16 23:59:59 2036 GMT
4302
+
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 4 Public Primary Certification Authority - G3
4303
+
Subject Public Key Info:
4304
+
Public Key Algorithm: rsaEncryption
4305
+
RSA Public Key: (2048 bit)
4306
+
Modulus (2048 bit):
4307
+
00:ad:cb:a5:11:69:c6:59:ab:f1:8f:b5:19:0f:56:
4308
+
ce:cc:b5:1f:20:e4:9e:26:25:4b:e0:73:65:89:59:
4309
+
de:d0:83:e4:f5:0f:b5:bb:ad:f1:7c:e8:21:fc:e4:
4310
+
e8:0c:ee:7c:45:22:19:76:92:b4:13:b7:20:5b:09:
4311
+
fa:61:ae:a8:f2:a5:8d:85:c2:2a:d6:de:66:36:d2:
4312
+
9b:02:f4:a8:92:60:7c:9c:69:b4:8f:24:1e:d0:86:
4313
+
52:f6:32:9c:41:58:1e:22:bd:cd:45:62:95:08:6e:
4314
+
d0:66:dd:53:a2:cc:f0:10:dc:54:73:8b:04:a1:46:
4315
+
33:33:5c:17:40:b9:9e:4d:d3:f3:be:55:83:e8:b1:
4316
+
89:8e:5a:7c:9a:96:22:90:3b:88:25:f2:d2:53:88:
4317
+
02:0c:0b:78:f2:e6:37:17:4b:30:46:07:e4:80:6d:
4318
+
a6:d8:96:2e:e8:2c:f8:11:b3:38:0d:66:a6:9b:ea:
4319
+
c9:23:5b:db:8e:e2:f3:13:8e:1a:59:2d:aa:02:f0:
4320
+
ec:a4:87:66:dc:c1:3f:f5:d8:b9:f4:ec:82:c6:d2:
4321
+
3d:95:1d:e5:c0:4f:84:c9:d9:a3:44:28:06:6a:d7:
4322
+
45:ac:f0:6b:6a:ef:4e:5f:f8:11:82:1e:38:63:34:
4323
+
66:50:d4:3e:93:73:fa:30:c3:66:ad:ff:93:2d:97:
4324
+
ef:03
4325
+
Exponent: 65537 (0x10001)
4326
+
Signature Algorithm: sha1WithRSAEncryption
4327
+
8f:fa:25:6b:4f:5b:e4:a4:4e:27:55:ab:22:15:59:3c:ca:b5:
4328
+
0a:d4:4a:db:ab:dd:a1:5f:53:c5:a0:57:39:c2:ce:47:2b:be:
4329
+
3a:c8:56:bf:c2:d9:27:10:3a:b1:05:3c:c0:77:31:bb:3a:d3:
4330
+
05:7b:6d:9a:1c:30:8c:80:cb:93:93:2a:83:ab:05:51:82:02:
4331
+
00:11:67:6b:f3:88:61:47:5f:03:93:d5:5b:0d:e0:f1:d4:a1:
4332
+
32:35:85:b2:3a:db:b0:82:ab:d1:cb:0a:bc:4f:8c:5b:c5:4b:
4333
+
00:3b:1f:2a:82:a6:7e:36:85:dc:7e:3c:67:00:b5:e4:3b:52:
4334
+
e0:a8:eb:5d:15:f9:c6:6d:f0:ad:1d:0e:85:b7:a9:9a:73:14:
4335
+
5a:5b:8f:41:28:c0:d5:e8:2d:4d:a4:5e:cd:aa:d9:ed:ce:dc:
4336
+
d8:d5:3c:42:1d:17:c1:12:5d:45:38:c3:38:f3:fc:85:2e:83:
4337
+
46:48:b2:d7:20:5f:92:36:8f:e7:79:0f:98:5e:99:e8:f0:d0:
4338
+
a4:bb:f5:53:bd:2a:ce:59:b0:af:6e:7f:6c:bb:d2:1e:00:b0:
4339
+
21:ed:f8:41:62:82:b9:d8:b2:c4:bb:46:50:f3:31:c5:8f:01:
4340
+
a8:74:eb:f5:78:27:da:e7:f7:66:43:f3:9e:83:3e:20:aa:c3:
4341
+
35:60:91:ce
4342
+
4343
+
Verisign/RSA Commercial CA
4344
+
==========================
4345
+
MD5 Fingerprint: 5A:0B:DD:42:9E:B2:B4:62:97:32:7F:7F:0A:AA:9A:39
4346
+
PEM Data:
4347
+
-----BEGIN CERTIFICATE-----
4348
+
MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
4349
+
HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
4350
+
Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
4351
+
OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
4352
+
ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
4353
+
IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
4354
+
975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
4355
+
touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
4356
+
7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
4357
+
9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
4358
+
0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
4359
+
MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
4360
+
-----END CERTIFICATE-----
4361
+
Certificate Ingredients:
4362
+
Data:
4363
+
Version: 1 (0x0)
4364
+
Serial Number:
4365
+
02:41:00:00:16
4366
+
Signature Algorithm: md2WithRSAEncryption
4367
+
Issuer: C=US, O=RSA Data Security, Inc., OU=Commercial Certification Authority
4368
+
Validity
4369
+
Not Before: Nov 4 18:58:34 1994 GMT
4370
+
Not After : Nov 3 18:58:34 1999 GMT
4371
+
Subject: C=US, O=RSA Data Security, Inc., OU=Commercial Certification Authority
4372
+
Subject Public Key Info:
4373
+
Public Key Algorithm: rsaEncryption
4374
+
RSA Public Key: (1000 bit)
4375
+
Modulus (1000 bit):
4376
+
00:a4:fb:81:62:7b:ce:10:27:dd:e8:f7:be:6c:6e:
4377
+
c6:70:99:db:b8:d5:05:03:69:28:82:9c:72:7f:96:
4378
+
3f:8e:ec:ac:29:92:3f:8a:14:f8:42:76:be:bd:5d:
4379
+
03:b9:90:d4:d0:bc:06:b2:51:33:5f:c4:c2:bf:b6:
4380
+
8b:8f:99:b6:62:22:60:dd:db:df:20:82:b4:ca:a2:
4381
+
2f:2d:50:ed:94:32:de:e0:55:8d:d4:68:e2:e0:4c:
4382
+
d2:cd:05:16:2e:95:66:5c:61:52:38:1e:51:a8:82:
4383
+
a1:c4:ef:25:e9:0a:e6:8b:2b:8e:31:66:d9:f8:d9:
4384
+
fd:bd:3b:69:d9:eb
4385
+
Exponent: 65537 (0x10001)
4386
+
Signature Algorithm: md2WithRSAEncryption
4387
+
76:b5:b6:10:fe:23:f7:f7:59:62:4b:b0:5f:9c:c1:68:bc:49:
4388
+
bb:b3:49:6f:21:47:5d:2b:9d:54:c4:00:28:3f:98:b9:f2:8a:
4389
+
83:9b:60:7f:eb:50:c7:ab:05:10:2d:3d:ed:38:02:c1:a5:48:
4390
+
d2:fe:65:a0:c0:bc:ea:a6:23:16:66:6c:1b:24:a9:f3:ec:79:
4391
+
35:18:4f:26:c8:e3:af:50:4a:c7:a7:31:6b:d0:7c:18:9d:50:
4392
+
bf:a9:26:fa:26:2b:46:9c:14:a9:bb:5b:30:98:42:28:b5:4b:
4393
+
53:bb:43:09:92:40:ba:a8:aa:5a:a4:c6:b6:8b:57:4d:c5
4394
+
4395
+
Verisign/RSA Secure Server CA
4396
+
=============================
4397
+
MD5 Fingerprint: 74:7B:82:03:43:F0:00:9E:6B:B3:EC:47:BF:85:A5:93
4398
+
PEM Data:
4399
+
-----BEGIN CERTIFICATE-----
4400
+
MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
4401
+
A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
4402
+
VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
4403
+
MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
4404
+
BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
4405
+
dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
4406
+
ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
4407
+
0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
4408
+
uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
4409
+
hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
4410
+
YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
4411
+
1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
4412
+
-----END CERTIFICATE-----
4413
+
Certificate Ingredients:
4414
+
Data:
4415
+
Version: 1 (0x0)
4416
+
Serial Number:
4417
+
02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
4418
+
Signature Algorithm: md2WithRSAEncryption
4419
+
Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
4420
+
Validity
4421
+
Not Before: Nov 9 00:00:00 1994 GMT
4422
+
Not After : Jan 7 23:59:59 2010 GMT
4423
+
Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
4424
+
Subject Public Key Info:
4425
+
Public Key Algorithm: rsaEncryption
4426
+
RSA Public Key: (1000 bit)
4427
+
Modulus (1000 bit):
4428
+
00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
4429
+
01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
4430
+
e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
4431
+
37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
4432
+
4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
4433
+
65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
4434
+
b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
4435
+
54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
4436
+
dd:2d:d6:c8:1e:7b
4437
+
Exponent: 65537 (0x10001)
4438
+
Signature Algorithm: md2WithRSAEncryption
4439
+
65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
4440
+
c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
4441
+
b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
4442
+
c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
4443
+
4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
4444
+
16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
4445
+
f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
4446
+
4447
+
CA WEB.DE TrustCenter
4448
+
=======================================
4449
+
MD5 Fingerprint=BD:D4:F5:1A:7D:70:46:50:DB:6F:4D:68:41:83:99:93
4450
+
PEM-Data:
4451
+
-----BEGIN CERTIFICATE-----
4452
+
MIIH1TCCBb2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjTELMAkGA1UEBhMCREUx
4453
+
GjAYBgNVBAcTEUQtNzYyMjcgS2FybHNydWhlMRIwEAYDVQQKEwlXRUIuREUgQUcx
4454
+
FDASBgNVBAsTC1RydXN0Q2VudGVyMRswGQYDVQQDExJXRUIuREUgVHJ1c3RDZW50
4455
+
ZXIxGzAZBgkqhkiG9w0BCQEWDHRydXN0QHdlYi5kZTAeFw05OTA2MjMwOTE5NTRa
4456
+
Fw0wOTA2MjAwOTE5NTRaMIGNMQswCQYDVQQGEwJERTEaMBgGA1UEBxMRRC03NjIy
4457
+
NyBLYXJsc3J1aGUxEjAQBgNVBAoTCVdFQi5ERSBBRzEUMBIGA1UECxMLVHJ1c3RD
4458
+
ZW50ZXIxGzAZBgNVBAMTEldFQi5ERSBUcnVzdENlbnRlcjEbMBkGCSqGSIb3DQEJ
4459
+
ARYMdHJ1c3RAd2ViLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
4460
+
wSWKmSp6XW+aYJsfYWhvxNgo3uViORtbNcpnkcLeAA4zobLEdqno80YInjFgWq8d
4461
+
f5U6jOFIAzPdRCFqsj6LQDppQq22q/sal4rOVVt3t6XlWgDBfF8K+iQEQQd2TNMS
4462
+
J7pd+MUY2IyBGjGqGINRKsoU/sd1nwPRm2tv3VhIlDOcxhJIx9pm2+hNmaJEz55a
4463
+
ma+sQl8+odtfsNNrYv1LitbqELP/hsRwWzE30m1cHvcy6yczH0GmKB8seSD69qjK
4464
+
HJlYa+qPrSjIwEhhUNOcoNx227B9ZJFETrTdW2q5vp4BAPoX2nvRm5ynAdaHn0LI
4465
+
pYrhwpEiTb121ksguyDH+AasBMZ6gVP0qTvI9awRfUPyZsxWXeBDaNpw2zkqnIaj
4466
+
QIlXzVYKSBaR4TSDQ9L+bYNDSCyERdSFyJeQ2UPL/jxuS94jIbGiWE07X7wuSoA2
4467
+
BB0NKtUviZT/jyNzOGfu2TNcHkjc6x6NQMJanxKO5VZDfnfQUyWshQb99IelpjsS
4468
+
tPc//U04zMfEoJFvhosBIXKwthN7F7WE7KRhILTBwX2i+4d2doVA25OZHlcZI1L5
4469
+
K391IzzqeJdrM4Nrc0MnAsRY+sZJVmUi8u9lHsxCjMht3DpJ1JALGhj7hTDPsxjX
4470
+
eGAUZIbq9rQ/fhN0UxXkO/wQfWVsq1ZO3XfgL4tE5OkCAwEAAaOCAjwwggI4MAwG
4471
+
A1UdEwQFMAMBAf8wSQYDVR0gBEIwQDA+BgtghkgBhvhFAQcBATAvMC0GCCsGAQUF
4472
+
BwIBFiFodHRwOi8vdHJ1c3Qud2ViLmRlL0hpbGZlL1BvbGljeS8wggEpBglghkgB
4473
+
hvhCAQ0EggEaFoIBFlRydXN0Q2VudGVyIHZvbiBXRUIuREUgLSBSb290LVplcnRp
4474
+
ZmlrYXQKCkRpZSBOdXR6dW5nIGRpZXNlcyBaZXJ0aWZpa2F0ZXMgd2lyZCB2b24g
4475
+
ZGVuIEFsbGdlbWVpbmVuIEdlc2No5GZ0c2JlZGluZ3VuZ2VuIChBR0IpIC8gWmVy
4476
+
dGlmaXppZXJ1bmdzcmljaHRsaW5pZW4gZGVzIFdFQi5ERSBUcnVzdENlbnRlcnMg
4477
+
Z2VyZWdlbHQuCkRpZSBBR0JzIHVuZCBaZXJ0aWZpemllcnVuZ3NyaWNodGxpbmll
4478
+
biBzaW5kIHVudGVyIGh0dHA6Ly90cnVzdC53ZWIuZGUvSGlsZmUvIGVpbnNlaGJh
4479
+
ci4KMBoGCWCGSAGG+EIBCAQNFgsvSGlsZmUvQUdCLzAWBglghkgBhvhCAQcECRYH
4480
+
L3JuLz9zPTAWBglghkgBhvhCAQMECRYHL3J2Lz9zPTAjBglghkgBhvhCAQIEFhYU
4481
+
aHR0cHM6Ly90cnVzdC53ZWIuZGUwEQYJYIZIAYb4QgEBBAQDAgAHMCwGCWCGSAGG
4482
+
+EIBBAQfFh1odHRwczovL3RydXN0LndlYi5kZS9ydkNBLz9zPTANBgkqhkiG9w0B
4483
+
AQQFAAOCAgEALT0XbRQJA+pMrUUT4tm1nCnPkm3+iz6Av2tf3BcONJrNVDgQGDN4
4484
+
HL3iRMfLZvzSuvJ06BXl3ogqAkSUJxfBd7fYRi+rhgjKxuJZwUNS06a0eGlo12ol
4485
+
G4DOz2VrNFDmRzEIRv6DgnnIj7cjo9MPefFi/RJgRHQYP33dyP9dycKKsA0Q7xAI
4486
+
6JvBduOaeAx/LrGE2JkcPk26oDkpPDFOh5FoQ6LffwFv5086IIa6uK6X9QPdwtzy
4487
+
apBp0YXeB/S+o2ggwA4n88Ht+U/aBbsCEoy6tbdosLqmLD2SkE4rFNJNBPLcw37o
4488
+
ITLKogpZnIEYWaz0Tcavvk90ytaCP5vXmSaQSjmeUQCgK/cXJwfp1QRUhkG4UU+U
4489
+
CvsmnhmGnwQLrnpUgQehw1M/KP2bRr9akBVIabic+yjKOUJuap1uhOosaQjsThgq
4490
+
9uqYIYZGS9YjN50kRjxndbNuJVuhMgJSDCPE+74feCcySfjhVxGVJVnJUDQZoqVW
4491
+
/NqHaR07wAB6D1b+inaaKyz58Nw3D6yzBxpttZDTguWn+ry5eN6Um1Ez22Fs65Uo
4492
+
eszLk3hHFUnImzdd5QtFJ40JGxuiZoCpZhyJNpAvGUwUMsbdrY+iEqisKGVF07rQ
4493
+
D2H0VMBBKfqZr4BilkYTmnnciBN7OhOg2VDnyUNHxiIr3dT12oviZU8=
4494
+
-----END CERTIFICATE-----
4495
+
Certificate:
4496
+
Data:
4497
+
Version: 3 (0x2)
4498
+
Serial Number: 1 (0x1)
4499
+
Signature Algorithm: md5WithRSAEncryption
4500
+
Issuer: C=DE, L=D-76227 Karlsruhe, O=WEB.DE AG, OU=TrustCenter, CN=WEB.DE TrustCenter/Email=trust@web.de
4501
+
Validity
4502
+
Not Before: Jun 23 09:19:54 1999 GMT
4503
+
Not After : Jun 20 09:19:54 2009 GMT
4504
+
Subject: C=DE, L=D-76227 Karlsruhe, O=WEB.DE AG, OU=TrustCenter, CN=WEB.DE TrustCenter/Email=trust@web.de
4505
+
Subject Public Key Info:
4506
+
Public Key Algorithm: rsaEncryption
4507
+
RSA Public Key: (4096 bit)
4508
+
Modulus (4096 bit):
4509
+
00:c1:25:8a:99:2a:7a:5d:6f:9a:60:9b:1f:61:68:
4510
+
6f:c4:d8:28:de:e5:62:39:1b:5b:35:ca:67:91:c2:
4511
+
de:00:0e:33:a1:b2:c4:76:a9:e8:f3:46:08:9e:31:
4512
+
60:5a:af:1d:7f:95:3a:8c:e1:48:03:33:dd:44:21:
4513
+
6a:b2:3e:8b:40:3a:69:42:ad:b6:ab:fb:1a:97:8a:
4514
+
ce:55:5b:77:b7:a5:e5:5a:00:c1:7c:5f:0a:fa:24:
4515
+
04:41:07:76:4c:d3:12:27:ba:5d:f8:c5:18:d8:8c:
4516
+
81:1a:31:aa:18:83:51:2a:ca:14:fe:c7:75:9f:03:
4517
+
d1:9b:6b:6f:dd:58:48:94:33:9c:c6:12:48:c7:da:
4518
+
66:db:e8:4d:99:a2:44:cf:9e:5a:99:af:ac:42:5f:
4519
+
3e:a1:db:5f:b0:d3:6b:62:fd:4b:8a:d6:ea:10:b3:
4520
+
ff:86:c4:70:5b:31:37:d2:6d:5c:1e:f7:32:eb:27:
4521
+
33:1f:41:a6:28:1f:2c:79:20:fa:f6:a8:ca:1c:99:
4522
+
58:6b:ea:8f:ad:28:c8:c0:48:61:50:d3:9c:a0:dc:
4523
+
76:db:b0:7d:64:91:44:4e:b4:dd:5b:6a:b9:be:9e:
4524
+
01:00:fa:17:da:7b:d1:9b:9c:a7:01:d6:87:9f:42:
4525
+
c8:a5:8a:e1:c2:91:22:4d:bd:76:d6:4b:20:bb:20:
4526
+
c7:f8:06:ac:04:c6:7a:81:53:f4:a9:3b:c8:f5:ac:
4527
+
11:7d:43:f2:66:cc:56:5d:e0:43:68:da:70:db:39:
4528
+
2a:9c:86:a3:40:89:57:cd:56:0a:48:16:91:e1:34:
4529
+
83:43:d2:fe:6d:83:43:48:2c:84:45:d4:85:c8:97:
4530
+
90:d9:43:cb:fe:3c:6e:4b:de:23:21:b1:a2:58:4d:
4531
+
3b:5f:bc:2e:4a:80:36:04:1d:0d:2a:d5:2f:89:94:
4532
+
ff:8f:23:73:38:67:ee:d9:33:5c:1e:48:dc:eb:1e:
4533
+
8d:40:c2:5a:9f:12:8e:e5:56:43:7e:77:d0:53:25:
4534
+
ac:85:06:fd:f4:87:a5:a6:3b:12:b4:f7:3f:fd:4d:
4535
+
38:cc:c7:c4:a0:91:6f:86:8b:01:21:72:b0:b6:13:
4536
+
7b:17:b5:84:ec:a4:61:20:b4:c1:c1:7d:a2:fb:87:
4537
+
76:76:85:40:db:93:99:1e:57:19:23:52:f9:2b:7f:
4538
+
75:23:3c:ea:78:97:6b:33:83:6b:73:43:27:02:c4:
4539
+
58:fa:c6:49:56:65:22:f2:ef:65:1e:cc:42:8c:c8:
4540
+
6d:dc:3a:49:d4:90:0b:1a:18:fb:85:30:cf:b3:18:
4541
+
d7:78:60:14:64:86:ea:f6:b4:3f:7e:13:74:53:15:
4542
+
e4:3b:fc:10:7d:65:6c:ab:56:4e:dd:77:e0:2f:8b:
4543
+
44:e4:e9
4544
+
Exponent: 65537 (0x10001)
4545
+
X509v3 extensions:
4546
+
X509v3 Basic Constraints:
4547
+
CA:TRUE
4548
+
X509v3 Certificate Policies:
4549
+
Policy: 2.16.840.1.113733.1.7.1.1
4550
+
CPS: http://trust.web.de/Hilfe/Policy/
4551
+
4552
+
Netscape Comment:
4553
+
TrustCenter von WEB.DE - Root-Zertifikat
4554
+
4555
+
Die Nutzung dieses Zertifikates wird von den Allgemeinen Gesch�ftsbedingungen (AGB) / Zertifizierungsrichtlinien des WEB.DE TrustCenters geregelt.
4556
+
Die AGBs und Zertifizierungsrichtlinien sind unter http://trust.web.de/Hilfe/ einsehbar.
4557
+
4558
+
Netscape CA Policy Url:
4559
+
/Hilfe/AGB/
4560
+
Netscape Renewal Url:
4561
+
/rn/?s=
4562
+
Netscape Revocation Url:
4563
+
/rv/?s=
4564
+
Netscape Base Url:
4565
+
https://trust.web.de
4566
+
Netscape Cert Type:
4567
+
SSL CA, S/MIME CA, Object Signing CA
4568
+
Netscape CA Revocation Url:
4569
+
https://trust.web.de/rvCA/?s=
4570
+
Signature Algorithm: md5WithRSAEncryption
4571
+
2d:3d:17:6d:14:09:03:ea:4c:ad:45:13:e2:d9:b5:9c:29:cf:
4572
+
92:6d:fe:8b:3e:80:bf:6b:5f:dc:17:0e:34:9a:cd:54:38:10:
4573
+
18:33:78:1c:bd:e2:44:c7:cb:66:fc:d2:ba:f2:74:e8:15:e5:
4574
+
de:88:2a:02:44:94:27:17:c1:77:b7:d8:46:2f:ab:86:08:ca:
4575
+
c6:e2:59:c1:43:52:d3:a6:b4:78:69:68:d7:6a:25:1b:80:ce:
4576
+
cf:65:6b:34:50:e6:47:31:08:46:fe:83:82:79:c8:8f:b7:23:
4577
+
a3:d3:0f:79:f1:62:fd:12:60:44:74:18:3f:7d:dd:c8:ff:5d:
4578
+
c9:c2:8a:b0:0d:10:ef:10:08:e8:9b:c1:76:e3:9a:78:0c:7f:
4579
+
2e:b1:84:d8:99:1c:3e:4d:ba:a0:39:29:3c:31:4e:87:91:68:
4580
+
43:a2:df:7f:01:6f:e7:4f:3a:20:86:ba:b8:ae:97:f5:03:dd:
4581
+
c2:dc:f2:6a:90:69:d1:85:de:07:f4:be:a3:68:20:c0:0e:27:
4582
+
f3:c1:ed:f9:4f:da:05:bb:02:12:8c:ba:b5:b7:68:b0:ba:a6:
4583
+
2c:3d:92:90:4e:2b:14:d2:4d:04:f2:dc:c3:7e:e8:21:32:ca:
4584
+
a2:0a:59:9c:81:18:59:ac:f4:4d:c6:af:be:4f:74:ca:d6:82:
4585
+
3f:9b:d7:99:26:90:4a:39:9e:51:00:a0:2b:f7:17:27:07:e9:
4586
+
d5:04:54:86:41:b8:51:4f:94:0a:fb:26:9e:19:86:9f:04:0b:
4587
+
ae:7a:54:81:07:a1:c3:53:3f:28:fd:9b:46:bf:5a:90:15:48:
4588
+
69:b8:9c:fb:28:ca:39:42:6e:6a:9d:6e:84:ea:2c:69:08:ec:
4589
+
4e:18:2a:f6:ea:98:21:86:46:4b:d6:23:37:9d:24:46:3c:67:
4590
+
75:b3:6e:25:5b:a1:32:02:52:0c:23:c4:fb:be:1f:78:27:32:
4591
+
49:f8:e1:57:11:95:25:59:c9:50:34:19:a2:a5:56:fc:da:87:
4592
+
69:1d:3b:c0:00:7a:0f:56:fe:8a:76:9a:2b:2c:f9:f0:dc:37:
4593
+
0f:ac:b3:07:1a:6d:b5:90:d3:82:e5:a7:fa:bc:b9:78:de:94:
4594
+
9b:51:33:db:61:6c:eb:95:28:7a:cc:cb:93:78:47:15:49:c8:
4595
+
9b:37:5d:e5:0b:45:27:8d:09:1b:1b:a2:66:80:a9:66:1c:89:
4596
+
36:90:2f:19:4c:14:32:c6:dd:ad:8f:a2:12:a8:ac:28:65:45:
4597
+
d3:ba:d0:0f:61:f4:54:c0:41:29:fa:99:af:80:62:96:46:13:
4598
+
9a:79:dc:88:13:7b:3a:13:a0:d9:50:e7:c9:43:47:c6:22:2b:
4599
+
dd:d4:f5:da:8b:e2:65:4f
+92
contrib/smime.rc
+92
contrib/smime.rc
···
1
+
# -*-muttrc-*-
2
+
## The following options are only available if you have
3
+
## compiled in S/MIME support
4
+
5
+
set smime_is_default
6
+
7
+
# Passphrase expiration
8
+
set smime_timeout=300
9
+
10
+
# Global crypto options -- these affect PGP operations as well.
11
+
set crypt_autosign = yes
12
+
set crypt_replyencrypt = yes
13
+
set crypt_replysign = yes
14
+
set crypt_replysignencrypted = yes
15
+
set crypt_verify_sig = yes
16
+
17
+
# Section A: Key Management.
18
+
19
+
# The (default) keyfile for signing/decrypting. Uncomment the following
20
+
# line and replace the keyid with your own.
21
+
#set smime_sign_as="12345678.0"
22
+
23
+
# Path to where all known certificates go. (must exist!)
24
+
set smime_certificates="~/.smime/certificates"
25
+
26
+
# Path to where all private keys go. (must exist!)
27
+
set smime_keys="~/.smime/keys"
28
+
29
+
# These are used to extract a certificate from a message.
30
+
# First generate a PKCS#7 structure from the message.
31
+
set smime_pk7out_command="openssl smime -verify -in %f -noverify -pk7out"
32
+
33
+
# Extract the included certificate(s) from a PKCS#7 structure.
34
+
set smime_get_cert_command="openssl pkcs7 -print_certs -in %f"
35
+
36
+
# Extract the signer's certificate only from a S/MIME signature (sender verification)
37
+
set smime_get_signer_cert_command="openssl smime -verify -in %f -noverify -signer %c -out /dev/null"
38
+
39
+
# This is used to get a filename for certificates that get stored in the
40
+
# above directory
41
+
set smime_hash_cert_command="openssl x509 -in %f -noout -hash"
42
+
43
+
# This is used to get the email address the certificate was issued to.
44
+
set smime_get_cert_email_command="openssl x509 -in %f -noout -email"
45
+
46
+
47
+
48
+
# Sction B: Outgoing messages
49
+
50
+
# Algorithm to use for encryption.
51
+
# valid choices are rc2-40, rc2-64, rc2-128, des, des3
52
+
set smime_encrypt_with="des3"
53
+
54
+
# Encrypt a message. Input file is a MIME entity.
55
+
set smime_encrypt_command="openssl smime -encrypt -%a -outform DER -in %f %c"
56
+
57
+
# Sign.
58
+
set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER"
59
+
60
+
61
+
62
+
#Section C: Incoming messages
63
+
64
+
# Decrypt a message. Output is a MIME entity.
65
+
set smime_decrypt_command="openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c"
66
+
67
+
# Verify a signature of type multipart/signed
68
+
set smime_verify_command="openssl smime -verify -inform DER -in %s -CAfile ~/.smime/ca-bundle.crt -content %f"
69
+
70
+
# Verify a signature of type application/x-pkcs7-mime
71
+
set smime_verify_opaque_command="openssl smime -verify -inform DER -in %s -CAfile ~/.smime/ca-bundle.crt"
72
+
73
+
74
+
75
+
# Section D: Alternatives
76
+
77
+
# Sign. If you wish to NOT include the certificate your CA used in signing
78
+
# your public key, use this command instead.
79
+
# set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -outform DER"
80
+
#
81
+
# In order to verify the signature only and skip checking the certificate chain:
82
+
#
83
+
# set smime_verify_command="openssl smime -verify -inform DER -in %s -content %f -noverify"
84
+
# set smime_verify_opaque_command="openssl smime -verify -inform DER -in %s -noverify"
85
+
#
86
+
# setup with the directory flag:
87
+
#
88
+
# Verify a signature of type multipart/signed
89
+
# set smime_verify_command="openssl smime -verify -inform DER -in %s -CApath ~/.smime/root_certs -content %f"
90
+
#
91
+
# Verify a signature of type application/x-pkcs7-mime
92
+
# set smime_verify_opaque_command="openssl smime -verify -inform DER -in %s -CApath ~/.smime/root_certs"
+24
-7
copy.c
+24
-7
copy.c
···
27
27
#include "pgp.h"
28
28
#endif
29
29
30
+
#ifdef HAVE_SMIME
31
+
#include "smime.h"
32
+
#endif
33
+
30
34
#include <string.h>
31
35
#include <stdlib.h>
32
36
#include <ctype.h>
···
527
531
if (flags & M_CM_CHARCONV)
528
532
s.flags |= M_CHARCONV;
529
533
530
-
#ifdef HAVE_PGP
534
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
531
535
if (flags & M_CM_VERIFY)
532
536
s.flags |= M_VERIFY;
533
537
#endif
534
538
535
539
mutt_body_handler (body, &s);
536
540
}
537
-
#ifdef HAVE_PGP
538
-
else if ((flags & M_CM_DECODE_PGP) && (hdr->pgp & PGPENCRYPT) &&
539
-
hdr->content->type == TYPEMULTIPART)
541
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
542
+
else if ((flags & M_CM_DECODE_CRYPT) && (hdr->security & ENCRYPT))
540
543
{
541
544
BODY *cur;
542
545
FILE *fp;
543
546
544
-
if (pgp_decrypt_mime (fpin, &fp, hdr->content, &cur))
545
-
return (-1);
546
-
fputs ("Mime-Version: 1.0\n", fpout);
547
+
#ifdef HAVE_PGP
548
+
if ((flags & M_CM_DECODE_PGP) && (hdr->security & APPLICATION_PGP) &&
549
+
hdr->content->type == TYPEMULTIPART)
550
+
{
551
+
if (pgp_decrypt_mime (fpin, &fp, hdr->content, &cur))
552
+
return (-1);
553
+
fputs ("Mime-Version: 1.0\n", fpout);
554
+
}
555
+
#endif
556
+
#ifdef HAVE_SMIME
557
+
if ((flags & M_CM_DECODE_SMIME) && (hdr->security & APPLICATION_SMIME)
558
+
&& hdr->content->type == TYPEAPPLICATION)
559
+
{
560
+
if (smime_decrypt_mime (fpin, &fp, hdr->content, &cur))
561
+
return (-1);
562
+
}
563
+
#endif
547
564
mutt_write_mime_header (cur, fpout);
548
565
fputc ('\n', fpout);
549
566
+21
-1
copy.h
+21
-1
copy.h
···
29
29
30
30
#ifdef HAVE_PGP
31
31
#define M_CM_DECODE_PGP (1<<8) /* used for decoding PGP messages */
32
-
#define M_CM_VERIFY (1<<9) /* do signature verification */
32
+
#define M_CM_DECODE_CRYPT (1<<8)
33
+
#endif
34
+
35
+
36
+
#ifdef HAVE_SMIME
37
+
#ifdef M_CM_DECODE_CRYPT
38
+
#undef M_CM_DECODE_CRYPT
33
39
#endif
40
+
#define M_CM_DECODE_SMIME (1<<9) /* used for decoding S/MIME messages */
41
+
#ifdef HAVE_PGP
42
+
#undef M_CM_DECODE_CRYPT
43
+
#define M_CM_DECODE_CRYPT (M_CM_DECODE_PGP | M_CM_DECODE_SMIME)
44
+
#else
45
+
#define M_CM_DECODE_CRYPT (1<<9) /* used for decoding S/MIME messages */
46
+
#endif
47
+
#endif
48
+
49
+
50
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
51
+
#define M_CM_VERIFY (1<<10) /* do signature verification */
52
+
#endif
53
+
34
54
35
55
36
56
+770
crypt.c
+770
crypt.c
···
1
+
/*
2
+
* Copyright (C) 1996,1997 Michael R. Elkins <me@cs.hmc.edu>
3
+
* Copyright (C) 1999-2000 Thomas Roessler <roessler@guug.de>
4
+
* Copyright (C) 2001 Thomas Roessler <roessler@guug.de>
5
+
* Oliver Ehli <elmy@acm.org>
6
+
*
7
+
* This program is free software; you can redistribute it and/or modify
8
+
* it under the terms of the GNU General Public License as published by
9
+
* the Free Software Foundation; either version 2 of the License, or
10
+
* (at your option) any later version.
11
+
*
12
+
* This program is distributed in the hope that it will be useful,
13
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
+
* GNU General Public License for more details.
16
+
*
17
+
* You should have received a copy of the GNU General Public License
18
+
* along with this program; if not, write to the Free Software
19
+
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
20
+
*/
21
+
22
+
23
+
#include "mutt.h"
24
+
#include "mutt_curses.h"
25
+
#include "crypt.h"
26
+
#include "mime.h"
27
+
#include "copy.h"
28
+
29
+
#include <sys/wait.h>
30
+
#include <string.h>
31
+
#include <stdlib.h>
32
+
#include <unistd.h>
33
+
#include <sys/stat.h>
34
+
#include <errno.h>
35
+
#include <ctype.h>
36
+
37
+
#ifdef HAVE_PGP
38
+
#include "pgp.h"
39
+
#endif
40
+
41
+
#ifdef HAVE_SMIME
42
+
#include "smime.h"
43
+
#endif
44
+
45
+
#ifdef HAVE_LOCALE_H
46
+
#include <locale.h>
47
+
#endif
48
+
49
+
#ifdef HAVE_SYS_TIME_H
50
+
# include <sys/time.h>
51
+
#endif
52
+
53
+
#ifdef HAVE_SYS_RESOURCE_H
54
+
# include <sys/resource.h>
55
+
#endif
56
+
57
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
58
+
59
+
60
+
/* print the current time to avoid spoofing of the signature output */
61
+
void crypt_current_time(STATE *s, char *app_name)
62
+
{
63
+
time_t t;
64
+
char p[STRING], tmp[STRING];
65
+
66
+
t = time(NULL);
67
+
setlocale (LC_TIME, "");
68
+
snprintf (tmp, sizeof (tmp), _("[-- %s output follows(current time: %%c) --]\n"), NONULL(app_name));
69
+
strftime (p, sizeof (p), tmp, localtime (&t));
70
+
setlocale (LC_TIME, "C");
71
+
state_attach_puts (p, s);
72
+
}
73
+
74
+
75
+
76
+
void crypt_forget_passphrase (void)
77
+
{
78
+
79
+
#ifdef HAVE_PGP
80
+
pgp_void_passphrase ();
81
+
#endif
82
+
83
+
#ifdef HAVE_SMIME
84
+
smime_void_passphrase ();
85
+
#endif
86
+
87
+
mutt_message _("Passphrase(s) forgotten.");
88
+
}
89
+
90
+
91
+
# if defined(HAVE_SETRLIMIT) && (!defined(DEBUG))
92
+
93
+
static void disable_coredumps (void)
94
+
{
95
+
struct rlimit rl = {0, 0};
96
+
static short done = 0;
97
+
98
+
if (!done)
99
+
{
100
+
setrlimit (RLIMIT_CORE, &rl);
101
+
done = 1;
102
+
}
103
+
}
104
+
105
+
# endif /* HAVE_SETRLIMIT */
106
+
107
+
108
+
int crypt_valid_passphrase(int flags)
109
+
{
110
+
time_t now = time (NULL);
111
+
112
+
# if defined(HAVE_SETRLIMIT) &&(!defined(DEBUG))
113
+
disable_coredumps ();
114
+
# endif
115
+
116
+
117
+
#ifdef HAVE_PGP
118
+
if (flags & APPLICATION_PGP)
119
+
{
120
+
extern char PgpPass[STRING];
121
+
extern time_t PgpExptime;
122
+
123
+
if (now < PgpExptime) return 1; /* just use the cached copy. */
124
+
pgp_void_passphrase ();
125
+
126
+
if (mutt_get_password (_("Enter PGP passphrase:"), PgpPass, sizeof (PgpPass)) == 0)
127
+
{
128
+
PgpExptime = time (NULL) + PgpTimeout;
129
+
return (1);
130
+
}
131
+
else
132
+
PgpExptime = 0;
133
+
}
134
+
#endif
135
+
#ifdef HAVE_SMIME
136
+
if (flags & APPLICATION_SMIME)
137
+
{
138
+
extern char SmimePass[STRING];
139
+
extern time_t SmimeExptime;
140
+
141
+
if (now < SmimeExptime) return (1);
142
+
smime_void_passphrase ();
143
+
144
+
if (mutt_get_password (_("Enter SMIME passphrase:"), SmimePass,
145
+
sizeof (SmimePass)) == 0)
146
+
{
147
+
SmimeExptime = time (NULL) + SmimeTimeout;
148
+
return (1);
149
+
}
150
+
else
151
+
SmimeExptime = 0;
152
+
}
153
+
#endif
154
+
return (0);
155
+
}
156
+
157
+
158
+
159
+
int mutt_protect (HEADER *msg, char *keylist)
160
+
{
161
+
BODY *pbody = NULL, *tmp_pbody = NULL;
162
+
#ifdef HAVE_SMIME
163
+
BODY *tmp_smime_pbody = NULL;
164
+
#endif
165
+
#ifdef HAVE_PGP
166
+
BODY *tmp_pgp_pbody = NULL;
167
+
int traditional = 0;
168
+
int flags = msg->security, i;
169
+
#endif
170
+
if ((msg->security & SIGN) && !crypt_valid_passphrase (msg->security))
171
+
return (-1);
172
+
173
+
#ifdef HAVE_PGP
174
+
if (msg->security & APPLICATION_PGP)
175
+
{
176
+
if ((msg->content->type == TYPETEXT) &&
177
+
!mutt_strcasecmp (msg->content->subtype, "plain") &&
178
+
((flags & ENCRYPT) || (msg->content->content && msg->content->content->hibin == 0)))
179
+
{
180
+
if ((i = query_quadoption (OPT_PGPTRADITIONAL, _("Create an application/pgp message?"))) == -1)
181
+
return -1;
182
+
else if (i == M_YES)
183
+
traditional = 1;
184
+
}
185
+
if (traditional)
186
+
{
187
+
mutt_message _("Invoking PGP...");
188
+
if (!(pbody = pgp_traditional_encryptsign (msg->content, flags, keylist)))
189
+
return -1;
190
+
191
+
msg->content = pbody;
192
+
return 0;
193
+
}
194
+
}
195
+
#endif
196
+
197
+
if (!isendwin ()) mutt_endwin (NULL);
198
+
199
+
#ifdef HAVE_SMIME
200
+
tmp_smime_pbody = msg->content;
201
+
#endif
202
+
203
+
204
+
if (msg->security & SIGN)
205
+
{
206
+
#ifdef HAVE_SMIME
207
+
if (msg->security & APPLICATION_SMIME)
208
+
{
209
+
if (!(tmp_pbody = smime_sign_message (msg->content)))
210
+
return -1;
211
+
pbody = tmp_smime_pbody = tmp_pbody;
212
+
}
213
+
#endif
214
+
#ifdef HAVE_PGP
215
+
if ((msg->security & APPLICATION_PGP) &&
216
+
(!(flags & ENCRYPT) || option (OPTPGPRETAINABLESIG)))
217
+
{
218
+
if (!(tmp_pbody = pgp_sign_message (msg->content)))
219
+
return -1;
220
+
221
+
flags &= ~SIGN;
222
+
pbody = tmp_pgp_pbody = tmp_pbody;
223
+
}
224
+
#endif
225
+
226
+
#if defined(HAVE_SMIME) && defined(HAVE_PGP)
227
+
if ((msg->security & APPLICATION_SMIME) &&
228
+
(msg->security & APPLICATION_PGP))
229
+
{
230
+
/* here comes the draft ;-) */
231
+
}
232
+
#endif
233
+
}
234
+
235
+
236
+
if (msg->security & ENCRYPT)
237
+
{
238
+
#ifdef HAVE_SMIME
239
+
if (msg->security & APPLICATION_SMIME)
240
+
{
241
+
if (!(tmp_pbody = smime_build_smime_entity (tmp_smime_pbody, keylist)))
242
+
{
243
+
/* signed ? free it! */
244
+
return (-1);
245
+
}
246
+
/* free tmp_body if messages was signed AND encrypted ... */
247
+
if (tmp_smime_pbody != msg->content && tmp_smime_pbody != tmp_pbody)
248
+
{
249
+
/* detatch and dont't delete msg->content,
250
+
which tmp_smime_pbody->parts after signing. */
251
+
tmp_smime_pbody->parts = tmp_smime_pbody->parts->next;
252
+
msg->content->next = NULL;
253
+
mutt_free_body (&tmp_smime_pbody);
254
+
}
255
+
pbody = tmp_pbody;
256
+
}
257
+
#endif
258
+
259
+
#ifdef HAVE_PGP
260
+
if (msg->security & APPLICATION_PGP)
261
+
{
262
+
if (!(pbody = pgp_encrypt_message (msg->content, keylist, flags & SIGN)))
263
+
{
264
+
265
+
/* did we perform a retainable signature? */
266
+
if (flags != msg->security)
267
+
{
268
+
/* remove the outer multipart layer */
269
+
msg->content = mutt_remove_multipart (msg->content);
270
+
/* get rid of the signature */
271
+
mutt_free_body (&msg->content->next);
272
+
}
273
+
274
+
return (-1);
275
+
}
276
+
277
+
/* destroy temporary signature envelope when doing retainable
278
+
* signatures.
279
+
*/
280
+
if (flags != msg->security)
281
+
{
282
+
mutt_remove_multipart (msg->content);
283
+
mutt_free_body (&msg->content->next);
284
+
}
285
+
}
286
+
#endif
287
+
}
288
+
289
+
if(pbody)
290
+
msg->content = pbody;
291
+
292
+
return 0;
293
+
}
294
+
295
+
296
+
297
+
298
+
int mutt_is_multipart_signed (BODY *b)
299
+
{
300
+
char *p;
301
+
302
+
if (!b || !(b->type == TYPEMULTIPART) ||
303
+
!b->subtype || mutt_strcasecmp(b->subtype, "signed"))
304
+
return 0;
305
+
306
+
if (!(p = mutt_get_parameter("protocol", b->parameter)))
307
+
return 0;
308
+
309
+
if (!(mutt_strcasecmp (p, "multipart/mixed")))
310
+
return SIGN;
311
+
312
+
#ifdef HAVE_PGP
313
+
if (!(mutt_strcasecmp (p, "application/pgp-signature")))
314
+
return PGPSIGN;
315
+
#endif
316
+
317
+
#ifdef HAVE_SMIME
318
+
if (!(mutt_strcasecmp(p, "application/x-pkcs7-signature")))
319
+
return SMIMESIGN;
320
+
#endif
321
+
322
+
return 0;
323
+
}
324
+
325
+
326
+
int mutt_is_multipart_encrypted (BODY *b)
327
+
{
328
+
int ret=0;
329
+
#ifdef HAVE_PGP
330
+
ret = pgp_is_multipart_encrypted (b);
331
+
#endif
332
+
333
+
return ret;
334
+
}
335
+
336
+
337
+
338
+
339
+
int crypt_query (BODY *m)
340
+
{
341
+
int t = 0;
342
+
343
+
344
+
if (m->type == TYPEAPPLICATION)
345
+
{
346
+
#ifdef HAVE_PGP
347
+
t |= mutt_is_application_pgp(m);
348
+
#endif
349
+
#ifdef HAVE_SMIME
350
+
t |= mutt_is_application_smime(m);
351
+
if (t && m->goodsig) t |= GOODSIGN;
352
+
if (t && m->badsig) t |= BADSIGN;
353
+
#endif
354
+
}
355
+
356
+
if (m->type == TYPEMULTIPART)
357
+
{
358
+
t |= mutt_is_multipart_encrypted(m);
359
+
t |= mutt_is_multipart_signed (m);
360
+
361
+
if (t && m->goodsig) t |= GOODSIGN;
362
+
}
363
+
364
+
if (m->type == TYPEMULTIPART || m->type == TYPEMESSAGE)
365
+
{
366
+
BODY *p;
367
+
368
+
for (p = m->parts; p; p = p->next)
369
+
t |= crypt_query (p) & ~GOODSIGN;
370
+
}
371
+
372
+
return t;
373
+
}
374
+
375
+
376
+
377
+
378
+
int crypt_write_signed(BODY *a, STATE *s, const char *tempfile)
379
+
{
380
+
FILE *fp;
381
+
int c;
382
+
short hadcr;
383
+
size_t bytes;
384
+
385
+
if (!(fp = safe_fopen (tempfile, "w")))
386
+
{
387
+
mutt_perror (tempfile);
388
+
return -1;
389
+
}
390
+
391
+
fseek (s->fpin, a->hdr_offset, 0);
392
+
bytes = a->length + a->offset - a->hdr_offset;
393
+
hadcr = 0;
394
+
while (bytes > 0)
395
+
{
396
+
if ((c = fgetc (s->fpin)) == EOF)
397
+
break;
398
+
399
+
bytes--;
400
+
401
+
if (c == '\r')
402
+
hadcr = 1;
403
+
else
404
+
{
405
+
if (c == '\n' && !hadcr)
406
+
fputc ('\r', fp);
407
+
408
+
hadcr = 0;
409
+
}
410
+
411
+
fputc (c, fp);
412
+
413
+
}
414
+
fclose (fp);
415
+
416
+
return 0;
417
+
}
418
+
419
+
420
+
421
+
void convert_to_7bit (BODY *a)
422
+
{
423
+
while (a)
424
+
{
425
+
if (a->type == TYPEMULTIPART)
426
+
{
427
+
if (a->encoding != ENC7BIT)
428
+
{
429
+
a->encoding = ENC7BIT;
430
+
convert_to_7bit(a->parts);
431
+
}
432
+
#ifdef HAVE_PGP
433
+
else if (option (OPTPGPSTRICTENC))
434
+
convert_to_7bit (a->parts);
435
+
#endif
436
+
}
437
+
else if (a->type == TYPEMESSAGE &&
438
+
mutt_strcasecmp(a->subtype, "delivery-status"))
439
+
{
440
+
if(a->encoding != ENC7BIT)
441
+
mutt_message_to_7bit (a, NULL);
442
+
}
443
+
else if (a->encoding == ENC8BIT)
444
+
a->encoding = ENCQUOTEDPRINTABLE;
445
+
else if (a->encoding == ENCBINARY)
446
+
a->encoding = ENCBASE64;
447
+
else if (a->content && a->encoding != ENCBASE64 &&
448
+
(a->content->from || (a->content->space &&
449
+
option (OPTPGPSTRICTENC))))
450
+
a->encoding = ENCQUOTEDPRINTABLE;
451
+
a = a->next;
452
+
}
453
+
}
454
+
455
+
456
+
457
+
458
+
void crypt_extract_keys_from_messages (HEADER * h)
459
+
{
460
+
int i;
461
+
char tempfname[_POSIX_PATH_MAX], *mbox;
462
+
ADDRESS *tmp = NULL;
463
+
FILE *fpout;
464
+
465
+
mutt_mktemp (tempfname);
466
+
if (!(fpout = safe_fopen (tempfname, "w")))
467
+
{
468
+
mutt_perror (tempfname);
469
+
return;
470
+
}
471
+
472
+
#ifdef HAVE_PGP
473
+
set_option (OPTDONTHANDLEPGPKEYS);
474
+
#endif
475
+
476
+
if (!h)
477
+
{
478
+
for (i = 0; i < Context->vcount; i++)
479
+
{
480
+
if (Context->hdrs[Context->v2r[i]]->tagged)
481
+
{
482
+
mutt_parse_mime_message (Context, Context->hdrs[Context->v2r[i]]);
483
+
if (Context->hdrs[Context->v2r[i]]->security & ENCRYPT &&
484
+
!crypt_valid_passphrase (Context->hdrs[Context->v2r[i]]->security))
485
+
{
486
+
fclose (fpout);
487
+
break;
488
+
}
489
+
#ifdef HAVE_PGP
490
+
if (Context->hdrs[Context->v2r[i]]->security & APPLICATION_PGP)
491
+
{
492
+
mutt_copy_message (fpout, Context, Context->hdrs[Context->v2r[i]],
493
+
M_CM_DECODE|M_CM_CHARCONV, 0);
494
+
fflush(fpout);
495
+
496
+
mutt_endwin (_("Trying to extract PGP keys...\n"));
497
+
pgp_invoke_import (tempfname);
498
+
}
499
+
#endif
500
+
#ifdef HAVE_SMIME
501
+
if (Context->hdrs[Context->v2r[i]]->security & APPLICATION_SMIME)
502
+
{
503
+
if (Context->hdrs[Context->v2r[i]]->security & ENCRYPT)
504
+
mutt_copy_message (fpout, Context, Context->hdrs[Context->v2r[i]],
505
+
M_CM_NOHEADER|M_CM_DECODE_CRYPT|M_CM_DECODE_SMIME, 0);
506
+
else
507
+
mutt_copy_message (fpout, Context,
508
+
Context->hdrs[Context->v2r[i]], 0, 0);
509
+
fflush(fpout);
510
+
511
+
if (Context->hdrs[Context->v2r[i]]->env->from)
512
+
tmp = mutt_expand_aliases (h->env->from);
513
+
else if (Context->hdrs[Context->v2r[i]]->env->sender)
514
+
tmp = mutt_expand_aliases (Context->hdrs[Context->v2r[i]]->env->sender);
515
+
mbox = tmp ? tmp->mailbox : NULL;
516
+
if (mbox)
517
+
{
518
+
mutt_endwin (_("Trying to extract S/MIME certificates...\n"));
519
+
smime_invoke_import (tempfname, mbox);
520
+
tmp = NULL;
521
+
}
522
+
}
523
+
#endif
524
+
rewind (fpout);
525
+
}
526
+
}
527
+
}
528
+
else
529
+
{
530
+
mutt_parse_mime_message (Context, h);
531
+
if (!(h->security & ENCRYPT && !crypt_valid_passphrase (h->security)))
532
+
{
533
+
#ifdef HAVE_PGP
534
+
if (h->security & APPLICATION_PGP)
535
+
{
536
+
mutt_copy_message (fpout, Context, h, M_CM_DECODE|M_CM_CHARCONV, 0);
537
+
fflush(fpout);
538
+
mutt_message (_("Trying to extract PGP keys...\n"));
539
+
pgp_invoke_import (tempfname);
540
+
}
541
+
#endif
542
+
#ifdef HAVE_SMIME
543
+
if (h->security & APPLICATION_SMIME)
544
+
{
545
+
if (h->security & ENCRYPT)
546
+
mutt_copy_message (fpout, Context, h, M_CM_NOHEADER|M_CM_DECODE_CRYPT|M_CM_DECODE_SMIME, 0);
547
+
else
548
+
mutt_copy_message (fpout, Context, h, 0, 0);
549
+
550
+
fflush(fpout);
551
+
if (h->env->from) tmp = mutt_expand_aliases (h->env->from);
552
+
else if (h->env->sender) tmp = mutt_expand_aliases (h->env->sender);
553
+
mbox = tmp ? tmp->mailbox : NULL;
554
+
if (mbox) /* else ? */
555
+
{
556
+
mutt_message (_("Trying to extract S/MIME certificates...\n"));
557
+
smime_invoke_import (tempfname, mbox);
558
+
}
559
+
}
560
+
#endif
561
+
}
562
+
}
563
+
564
+
fclose (fpout);
565
+
mutt_any_key_to_continue (NULL);
566
+
567
+
mutt_unlink (tempfname);
568
+
569
+
#ifdef HAVE_PGP
570
+
unset_option (OPTDONTHANDLEPGPKEYS);
571
+
#endif
572
+
}
573
+
574
+
575
+
576
+
int crypt_get_keys (HEADER *msg, char **keylist)
577
+
{
578
+
/* Do a quick check to make sure that we can find all of the encryption
579
+
* keys if the user has requested this service.
580
+
*/
581
+
582
+
#ifdef HAVE_SMIME
583
+
extern char *smime_findKeys (ADDRESS *to, ADDRESS *cc, ADDRESS *bcc);
584
+
#endif
585
+
#ifdef HAVE_PGP
586
+
extern char *pgp_findKeys (ADDRESS *to, ADDRESS *cc, ADDRESS *bcc);
587
+
588
+
set_option (OPTPGPCHECKTRUST);
589
+
590
+
#endif
591
+
592
+
*keylist = NULL;
593
+
594
+
595
+
if (msg->security & ENCRYPT)
596
+
{
597
+
#ifdef HAVE_PGP
598
+
if (msg->security & APPLICATION_PGP)
599
+
{
600
+
if ((*keylist = pgp_findKeys (msg->env->to, msg->env->cc,
601
+
msg->env->bcc)) == NULL)
602
+
return (-1);
603
+
unset_option (OPTPGPCHECKTRUST);
604
+
}
605
+
#endif
606
+
#ifdef HAVE_SMIME
607
+
if (msg->security & APPLICATION_SMIME)
608
+
{
609
+
if ((*keylist = smime_findKeys (msg->env->to, msg->env->cc,
610
+
msg->env->bcc)) == NULL)
611
+
return (-1);
612
+
}
613
+
#endif
614
+
}
615
+
616
+
return (0);
617
+
}
618
+
619
+
620
+
621
+
static void crypt_fetch_signatures (BODY ***signatures, BODY *a, int *n)
622
+
{
623
+
for (; a; a = a->next)
624
+
{
625
+
if (a->type == TYPEMULTIPART)
626
+
crypt_fetch_signatures (signatures, a->parts, n);
627
+
else
628
+
{
629
+
if((*n % 5) == 0)
630
+
safe_realloc ((void **) signatures, (*n + 6) * sizeof (BODY **));
631
+
632
+
(*signatures)[(*n)++] = a;
633
+
}
634
+
}
635
+
}
636
+
637
+
638
+
/*
639
+
* This routine verifies a "multipart/signed" body.
640
+
*/
641
+
642
+
void mutt_signed_handler (BODY *a, STATE *s)
643
+
{
644
+
char tempfile[_POSIX_PATH_MAX];
645
+
char *protocol;
646
+
int protocol_major = TYPEOTHER;
647
+
char *protocol_minor = NULL;
648
+
649
+
BODY *b = a;
650
+
BODY **signatures = NULL;
651
+
int sigcnt = 0;
652
+
int i;
653
+
short goodsig = 1;
654
+
655
+
protocol = mutt_get_parameter ("protocol", a->parameter);
656
+
a = a->parts;
657
+
658
+
/* extract the protocol information */
659
+
660
+
if (protocol)
661
+
{
662
+
char major[STRING];
663
+
char *t;
664
+
665
+
if ((protocol_minor = strchr (protocol, '/'))) protocol_minor++;
666
+
667
+
strfcpy (major, protocol, sizeof(major));
668
+
if((t = strchr(major, '/')))
669
+
*t = '\0';
670
+
671
+
protocol_major = mutt_check_mime_type (major);
672
+
}
673
+
674
+
/* consistency check */
675
+
676
+
if (!(a && a->next && a->next->type == protocol_major &&
677
+
!mutt_strcasecmp (a->next->subtype, protocol_minor)))
678
+
{
679
+
state_attach_puts (_("[-- Error: Inconsistent multipart/signed structure! --]\n\n"), s);
680
+
mutt_body_handler (a, s);
681
+
return;
682
+
}
683
+
684
+
685
+
#ifdef HAVE_PGP
686
+
if (protocol_major == TYPEAPPLICATION &&
687
+
!mutt_strcasecmp (protocol_minor, "pgp-signature"));
688
+
#endif
689
+
#if defined(HAVE_PGP) && defined(HAVE_SMIME)
690
+
else
691
+
#endif
692
+
#ifdef HAVE_SMIME
693
+
if (protocol_major == TYPEAPPLICATION &&
694
+
!mutt_strcasecmp (protocol_minor, "x-pkcs7-signature"));
695
+
696
+
#endif
697
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
698
+
else
699
+
#endif
700
+
if (protocol_major == TYPEMULTIPART &&
701
+
!mutt_strcasecmp (protocol_minor, "mixed"));
702
+
703
+
else
704
+
{
705
+
state_printf (s, _("[-- Error: Unknown multipart/signed protocol %s! --]\n\n"), protocol);
706
+
mutt_body_handler (a, s);
707
+
return;
708
+
}
709
+
710
+
if (s->flags & M_DISPLAY)
711
+
{
712
+
713
+
crypt_fetch_signatures (&signatures, a->next, &sigcnt);
714
+
715
+
if (sigcnt)
716
+
{
717
+
mutt_mktemp (tempfile);
718
+
if (crypt_write_signed (a, s, tempfile) == 0)
719
+
{
720
+
for (i = 0; i < sigcnt; i++)
721
+
{
722
+
#ifdef HAVE_PGP
723
+
if (signatures[i]->type == TYPEAPPLICATION
724
+
&& !mutt_strcasecmp (signatures[i]->subtype, "pgp-signature"))
725
+
{
726
+
if (pgp_verify_one (signatures[i], s, tempfile) != 0)
727
+
goodsig = 0;
728
+
729
+
continue;
730
+
}
731
+
#endif
732
+
#ifdef HAVE_SMIME
733
+
if (signatures[i]->type == TYPEAPPLICATION
734
+
&& !mutt_strcasecmp(signatures[i]->subtype, "x-pkcs7-signature"))
735
+
{
736
+
if (smime_verify_one (signatures[i], s, tempfile) != 0)
737
+
goodsig = 0;
738
+
739
+
continue;
740
+
}
741
+
#endif
742
+
state_printf (s, _("[-- Warning: We can't verify %s/%s signatures. --]\n\n"),
743
+
TYPE(signatures[i]), signatures[i]->subtype);
744
+
}
745
+
}
746
+
747
+
mutt_unlink (tempfile);
748
+
749
+
b->goodsig = goodsig;
750
+
b->badsig = goodsig;
751
+
752
+
/* Now display the signed body */
753
+
state_attach_puts (_("[-- The following data is signed --]\n\n"), s);
754
+
755
+
756
+
safe_free((void **) &signatures);
757
+
}
758
+
else
759
+
state_attach_puts (_("[-- Warning: Can't find any signatures. --]\n\n"), s);
760
+
}
761
+
762
+
mutt_body_handler (a, s);
763
+
764
+
if (s->flags & M_DISPLAY && sigcnt)
765
+
state_attach_puts (_("\n[-- End of signed data --]\n"), s);
766
+
}
767
+
768
+
769
+
770
+
#endif
+62
crypt.h
+62
crypt.h
···
1
+
/*
2
+
* Copyright (C) 1996,1997 Michael R. Elkins <me@cs.hmc.edu>
3
+
* Copyright (C) 1999-2000 Thomas Roessler <roessler@guug.de>
4
+
* Copyright (C) 2001 Thomas Roessler <roessler@guug.de>
5
+
* Oliver Ehli <elmy@acm.org>
6
+
*
7
+
* This program is free software; you can redistribute it and/or modify
8
+
* it under the terms of the GNU General Public License as published by
9
+
* the Free Software Foundation; either version 2 of the License, or
10
+
* (at your option) any later version.
11
+
*
12
+
* This program is distributed in the hope that it will be useful,
13
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
+
* GNU General Public License for more details.
16
+
*
17
+
* You should have received a copy of the GNU General Public License
18
+
* along with this program; if not, write to the Free Software
19
+
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
20
+
*/
21
+
22
+
23
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
24
+
25
+
#define ENCRYPT (1 << 0)
26
+
#define SIGN (1 << 1)
27
+
#define GOODSIGN (1 << 2)
28
+
#define BADSIGN (1 << 3)
29
+
30
+
int mutt_protect (HEADER *, char *);
31
+
32
+
int mutt_is_multipart_encrypted (BODY *);
33
+
34
+
int mutt_is_multipart_signed (BODY *);
35
+
36
+
void mutt_signed_handler (BODY *, STATE *);
37
+
38
+
int mutt_parse_crypt_hdr (char *, int);
39
+
40
+
int crypt_query (BODY *);
41
+
42
+
void crypt_extract_keys_from_messages (HEADER *);
43
+
44
+
int crypt_get_keys (HEADER *, char **);
45
+
46
+
47
+
void crypt_forget_passphrase (void);
48
+
49
+
int crypt_valid_passphrase (int);
50
+
51
+
52
+
int crypt_write_signed(BODY *, STATE *, const char *);
53
+
54
+
void convert_to_7bit (BODY *);
55
+
56
+
57
+
/* private ? */
58
+
59
+
void crypt_current_time(STATE *, char *);
60
+
61
+
62
+
#endif
+17
-7
curs_main.c
+17
-7
curs_main.c
···
39
39
#include "pgp.h"
40
40
#endif
41
41
42
+
#ifdef HAVE_SMIME
43
+
#include "smime.h"
44
+
#endif
45
+
42
46
43
47
44
48
···
1207
1211
case OP_SAVE:
1208
1212
case OP_DECODE_COPY:
1209
1213
case OP_DECODE_SAVE:
1210
-
#ifdef HAVE_PGP
1214
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1211
1215
case OP_DECRYPT_COPY:
1212
1216
case OP_DECRYPT_SAVE:
1213
1217
#endif
1214
1218
CHECK_MSGCOUNT;
1215
1219
CHECK_VISIBLE;
1216
1220
if (mutt_save_message (tag ? NULL : CURHDR,
1217
-
#ifdef HAVE_PGP
1221
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1218
1222
(op == OP_DECRYPT_SAVE) ||
1219
1223
#endif
1220
1224
(op == OP_SAVE) || (op == OP_DECODE_SAVE),
1221
1225
(op == OP_DECODE_SAVE) || (op == OP_DECODE_COPY),
1222
-
#ifdef HAVE_PGP
1226
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1223
1227
(op == OP_DECRYPT_SAVE) || (op == OP_DECRYPT_COPY) ||
1224
1228
#endif
1225
1229
0,
1226
1230
&menu->redraw) == 0 &&
1227
1231
(op == OP_SAVE || op == OP_DECODE_SAVE
1228
-
#ifdef HAVE_PGP
1232
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1229
1233
|| op == OP_DECRYPT_SAVE
1230
1234
#endif
1231
1235
))
···
1723
1727
1724
1728
1725
1729
1726
-
#ifdef HAVE_PGP
1730
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1727
1731
case OP_FORGET_PASSPHRASE:
1728
1732
1729
-
mutt_forget_passphrase ();
1733
+
crypt_forget_passphrase ();
1730
1734
break;
1731
1735
#endif /* HAVE_PGP */
1732
1736
···
1770
1774
ci_send_message (SENDKEY, NULL, NULL, NULL, NULL);
1771
1775
menu->redraw = REDRAW_FULL;
1772
1776
break;
1777
+
#endif /* HAVE_PGP */
1778
+
1773
1779
1780
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1774
1781
case OP_EXTRACT_KEYS:
1775
1782
1776
1783
CHECK_MSGCOUNT;
1777
1784
CHECK_VISIBLE;
1778
-
pgp_extract_keys_from_messages(tag ? NULL : CURHDR);
1785
+
crypt_extract_keys_from_messages(tag ? NULL : CURHDR);
1779
1786
menu->redraw = REDRAW_FULL;
1780
1787
break;
1781
1788
1789
+
#endif /* HAVE_PGP || HAVE_SMIME */
1790
+
1791
+
#ifdef HAVE_PGP
1782
1792
case OP_CHECK_TRADITIONAL:
1783
1793
1784
1794
CHECK_MSGCOUNT;
+3
-2
doc/Makefile.in
+3
-2
doc/Makefile.in
···
51
51
stamp-doc-sgml \
52
52
stamp-doc-man \
53
53
instdoc.sh.in \
54
-
patch-notes.txt
54
+
patch-notes.txt \
55
+
smime-notes.txt
55
56
56
57
srcdir_DOCFILES = PGP-Notes.txt applying-patches.txt \
57
-
devel-notes.txt patch-notes.txt
58
+
devel-notes.txt patch-notes.txt smime-notes.txt
58
59
59
60
60
61
topsrcdir_DOCFILES = COPYRIGHT GPL INSTALL ChangeLog \
+76
doc/smime-notes.txt
+76
doc/smime-notes.txt
···
1
+
From raldi@research.netsol.com Thu Jan 24 18:33:03 2002
2
+
Date: Thu, 24 Jan 2002 11:44:40 -0500
3
+
From: Mike Schiraldi <raldi@research.netsol.com>
4
+
To: Thomas Roessler <roessler@does-not-exist.org>
5
+
Subject: Re: Where's the S/MIME patch? ;-)
6
+
User-Agent: Mutt/1.3.27i
7
+
Mime-Version: 1.0
8
+
9
+
I wanted to test this patch off CVS, but with or without the patch, i
10
+
couldn't get autoconf/automake/aclocal/configure to work.
11
+
12
+
13
+
Files:
14
+
15
+
smime.patch -- the S/MIME patch
16
+
smime_keys.pl -- the perl script
17
+
smime.rc -- a bunch of commands you'll need to source into your .muttrc
18
+
19
+
ca-bundle.crt -- a collection of root certificates
20
+
21
+
color.patch -- the color patch
22
+
color.rc -- the muttrc commands it uses
23
+
24
+
Okay, here's what you do:
25
+
26
+
Apply smime.patch.
27
+
28
+
Build.
29
+
30
+
Get yourself a certificate (You can get one for free from www.thawte.com, or
31
+
i could buy you a VeriSign certificate, or you could go to one of our
32
+
competitors). The way this process works, the certificate will be installed
33
+
"into" your web browser.
34
+
35
+
Assuming you're using Mozilla on Linux, follow the instructions at
36
+
www.verisignlabs.com/Projects/smime_docs/linux.html to export the
37
+
certificate into a file called cert.p12.
38
+
39
+
Run smime_keys.pl add_p12 cert.p12
40
+
41
+
* When the script asks for the "Import password", enter the one you
42
+
provided when you exported the certificate.
43
+
44
+
* When it asks for a "PEM pass phrase", make up a new password. Every
45
+
time you sign or decrypt a message, mutt will ask for the PEM pass
46
+
phrase.
47
+
48
+
* Finally, when the script asks for a label, enter an easy-to-remember
49
+
name for the certificate, such as "me". The script output will include
50
+
a line like:
51
+
52
+
added private key: /home/raldi/.smime/keys/12345678.0 for raldi@verisignlabs.com
53
+
54
+
The number is your keyid. You will need this number in the next step.
55
+
56
+
Put your keyid into smime.muttrc's smime_sign_as line.
57
+
58
+
Source smime.muttrc into your .muttrc
59
+
60
+
61
+
You probably want to import the trusted roots in ca-bundle.crt. Use
62
+
"smime_keys.pl add_root" to do so. That makes you trust anything that was
63
+
ultimately signed by one of them.
64
+
65
+
To try out the color patch, just apply it and source the color.rc. You can
66
+
see the results in any folder with signed messages.
67
+
68
+
69
+
--
70
+
Mike Schiraldi
71
+
VeriSign Applied Research
72
+
73
+
74
+
75
+
76
+
+23
-4
functions.h
+23
-4
functions.h
···
135
135
{ "parent-message", OP_MAIN_PARENT_MESSAGE, "P" },
136
136
137
137
138
-
#ifdef HAVE_PGP
139
-
{ "check-traditional-pgp", OP_CHECK_TRADITIONAL, "\033P" },
138
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
140
139
{ "extract-keys", OP_EXTRACT_KEYS, "\013" },
141
140
{ "forget-passphrase", OP_FORGET_PASSPHRASE, "\006" },
141
+
#ifdef HAVE_PGP
142
+
{ "check-traditional-pgp", OP_CHECK_TRADITIONAL, "\033P" },
142
143
{ "mail-key", OP_MAIL_KEY, "\033k" },
144
+
#endif
143
145
{ "decrypt-copy", OP_DECRYPT_COPY, NULL },
144
146
{ "decrypt-save", OP_DECRYPT_SAVE, NULL },
145
147
#endif
···
229
231
230
232
#ifdef HAVE_PGP
231
233
{ "check-traditional-pgp", OP_CHECK_TRADITIONAL, "\033P" },
234
+
{ "mail-key", OP_MAIL_KEY, "\033k" },
235
+
#endif
236
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
232
237
{ "extract-keys", OP_EXTRACT_KEYS, "\013" },
233
238
{ "forget-passphrase",OP_FORGET_PASSPHRASE, "\006" },
234
-
{ "mail-key", OP_MAIL_KEY, "\033k" },
235
239
{ "decrypt-copy", OP_DECRYPT_COPY, NULL },
236
240
{ "decrypt-save", OP_DECRYPT_SAVE, NULL },
237
241
#endif
···
264
268
265
269
#ifdef HAVE_PGP
266
270
{ "check-traditional-pgp", OP_CHECK_TRADITIONAL, "\033P" },
271
+
#endif
272
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
267
273
{ "extract-keys", OP_EXTRACT_KEYS, "\013" },
268
274
{ "forget-passphrase", OP_FORGET_PASSPHRASE, "\006" },
269
275
#endif
···
311
317
312
318
#ifdef HAVE_PGP
313
319
{ "attach-key", OP_COMPOSE_ATTACH_KEY, "\033k" },
320
+
{ "pgp-menu", OP_COMPOSE_PGP_MENU, "p" },
321
+
#endif
322
+
323
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
314
324
{ "forget-passphrase",OP_FORGET_PASSPHRASE, "\006" },
315
-
{ "pgp-menu", OP_COMPOSE_PGP_MENU, "p" },
325
+
#endif
326
+
327
+
#ifdef HAVE_SMIME
328
+
{ "smime-menu", OP_COMPOSE_SMIME_MENU, "S" },
316
329
#endif
317
330
318
331
#ifdef MIXMASTER
···
401
414
};
402
415
#endif /* HAVE_PGP */
403
416
417
+
#ifdef HAVE_SMIME
418
+
/* Don't know an useful key binding yet. But. just in case, adding this already */
419
+
struct binding_t OpSmime[] = {
420
+
{ NULL, 0, NULL }
421
+
};
422
+
#endif
404
423
405
424
#ifdef MIXMASTER
406
425
struct binding_t OpMix[] = {
+3
globals.h
+3
globals.h
+31
-15
handler.c
+31
-15
handler.c
···
37
37
#include "pgp.h"
38
38
#endif
39
39
40
+
#ifdef HAVE_SMIME
41
+
#include "smime.h"
42
+
#endif
43
+
40
44
41
45
#define BUFI_SIZE 1000
42
46
#define BUFO_SIZE 2000
···
1385
1389
1386
1390
1387
1391
1388
-
#ifdef HAVE_PGP
1392
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1389
1393
if (ascii_strcasecmp (a->subtype, "signed") == 0 ||
1390
1394
ascii_strcasecmp (a->subtype, "encrypted") == 0)
1391
1395
return (1);
···
1407
1411
1408
1412
1409
1413
1410
-
#ifdef HAVE_PGP
1414
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1411
1415
else if (a->type == TYPEAPPLICATION)
1412
1416
{
1417
+
#ifdef HAVE_PGP
1413
1418
if (mutt_is_application_pgp(a))
1414
1419
return (1);
1420
+
#ifdef HAVE_SMIME
1421
+
if (mutt_is_application_smime(a))
1422
+
return (1);
1423
+
#endif
1424
+
#endif
1415
1425
}
1416
1426
#endif
1427
+
1428
+
1417
1429
1418
1430
1419
1431
···
1797
1809
1798
1810
1799
1811
1800
-
#ifdef HAVE_PGP
1812
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1801
1813
char *p;
1802
-
#endif /* HAVE_PGP */
1814
+
#endif /* HAVE_(PGP||SMIME) */
1803
1815
1804
1816
1805
1817
···
1808
1820
1809
1821
1810
1822
1811
-
#ifdef HAVE_PGP
1823
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1812
1824
else if (ascii_strcasecmp ("signed", b->subtype) == 0)
1813
1825
{
1814
1826
p = mutt_get_parameter ("protocol", b->parameter);
1815
1827
1816
1828
if (!p)
1817
1829
mutt_error _("Error: multipart/signed has no protocol.");
1818
-
else if (ascii_strcasecmp ("application/pgp-signature", p) == 0 ||
1819
-
ascii_strcasecmp ("multipart/mixed", p) == 0)
1820
-
{
1821
-
if (s->flags & M_VERIFY)
1822
-
handler = pgp_signed_handler;
1823
-
}
1830
+
else if (s->flags & M_VERIFY)
1831
+
handler = mutt_signed_handler;
1824
1832
}
1825
-
else if (ascii_strcasecmp ("encrypted", b->subtype) == 0)
1833
+
#ifdef HAVE_PGP
1834
+
else if (mutt_strcasecmp ("encrypted", b->subtype) == 0)
1826
1835
{
1827
1836
p = mutt_get_parameter ("protocol", b->parameter);
1828
1837
···
1832
1841
handler = pgp_encrypted_handler;
1833
1842
}
1834
1843
#endif /* HAVE_PGP */
1835
-
1844
+
#endif /* HAVE_(PGP||SMIME) */
1836
1845
1837
1846
1838
1847
if (!handler)
···
1841
1850
1842
1851
1843
1852
1844
-
#ifdef HAVE_PGP
1853
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1845
1854
else if (b->type == TYPEAPPLICATION)
1846
1855
{
1856
+
#ifdef HAVE_PGP
1847
1857
if (mutt_is_application_pgp(b))
1848
1858
handler = pgp_application_pgp_handler;
1859
+
#endif /* HAVE_PGP */
1860
+
#ifdef HAVE_SMIME
1861
+
if (mutt_is_application_smime(b))
1862
+
handler = smime_application_smime_handler;
1863
+
#endif /* HAVE_SMIME */
1849
1864
}
1850
-
#endif /* HAVE_PGP */
1865
+
#endif /* HAVE_(PGP||SMIME) */
1866
+
1851
1867
1852
1868
1853
1869
+11
-5
hdrline.c
+11
-5
hdrline.c
···
26
26
#include "pgp.h"
27
27
#endif
28
28
29
+
#ifdef HAVE_SMIME
30
+
#include "smime.h"
31
+
#endif
32
+
29
33
30
34
31
35
#include <ctype.h>
···
618
622
619
623
ch = ' ';
620
624
621
-
#ifdef HAVE_PGP
622
-
if (hdr->pgp & PGPGOODSIGN)
625
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
626
+
if (hdr->security & GOODSIGN)
623
627
ch = 'S';
624
-
else if (hdr->pgp & PGPENCRYPT)
628
+
else if (hdr->security & ENCRYPT)
625
629
ch = 'P';
626
-
else if (hdr->pgp & PGPSIGN)
630
+
else if (hdr->security & SIGN)
627
631
ch = 's';
628
-
else if (hdr->pgp & PGPKEY)
632
+
#ifdef HAVE_PGP
633
+
else if (hdr->security & PGPKEY)
629
634
ch = 'K';
635
+
#endif
630
636
#endif
631
637
632
638
snprintf (buf2, sizeof (buf2),
+1
-1
headers.c
+1
-1
headers.c
+8
-5
hook.c
+8
-5
hook.c
···
87
87
memset (&pattern, 0, sizeof (pattern));
88
88
pattern.data = safe_strdup (path);
89
89
}
90
-
else if (DefaultHook && (data & (M_FOLDERHOOK | M_MBOXHOOK | M_SENDHOOK |
91
-
M_FCCHOOK | M_SAVEHOOK | M_MESSAGEHOOK)))
90
+
else if (DefaultHook && !(data & M_CHARSETHOOK)
91
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
92
+
&& !(data & M_CRYPTHOOK)
93
+
#endif /* HAVE_PGP */
94
+
)
92
95
{
93
96
char tmp[HUGE_STRING];
94
97
···
441
444
return _mutt_string_hook (chs, M_ICONVHOOK);
442
445
}
443
446
444
-
#ifdef HAVE_PGP
445
-
char *mutt_pgp_hook (ADDRESS *adr)
447
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
448
+
char *mutt_crypt_hook (ADDRESS *adr)
446
449
{
447
-
return _mutt_string_hook (adr->mailbox, M_PGPHOOK);
450
+
return _mutt_string_hook (adr->mailbox, M_CRYPTHOOK);
448
451
}
449
452
#endif /* HAVE_PGP */
450
453
+3
-3
imap/message.c
+3
-3
imap/message.c
···
378
378
h->content->length = ftell (msg->fp) - h->content->offset;
379
379
380
380
/* This needs to be done in case this is a multipart message */
381
-
#ifdef HAVE_PGP
382
-
h->pgp = pgp_query (h->content);
383
-
#endif /* HAVE_PGP */
381
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
382
+
h->security = crypt_query (h->content);
383
+
#endif
384
384
385
385
mutt_clear_error();
386
386
rewind (msg->fp);
+5
init.c
+5
init.c
+209
-43
init.h
+209
-43
init.h
···
90
90
# ifndef HAVE_PGP
91
91
# define HAVE_PGP
92
92
# endif
93
+
# ifndef HAVE_SMIME
94
+
# define HAVE_SMIME
95
+
# endif
93
96
# ifndef USE_POP
94
97
# define USE_POP
95
98
# endif
···
501
504
** This variable controls whether or not attachments on outgoing messages
502
505
** are saved along with the main body of your message.
503
506
*/
504
-
#ifdef HAVE_PGP
507
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
505
508
{ "fcc_clear", DT_BOOL, R_NONE, OPTFCCCLEAR, 0 },
506
509
/*
507
510
** .pp
···
1146
1149
*/
1147
1150
1148
1151
1149
-
#ifdef HAVE_PGP
1150
-
1151
-
{ "pgp_autosign", DT_BOOL, R_NONE, OPTPGPAUTOSIGN, 0 },
1152
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1153
+
# ifdef HAVE_PGP
1154
+
{ "pgp_autosign", DT_SYN, R_NONE, UL "crypt_autosign", 0 },
1155
+
# endif
1156
+
{ "crypt_autosign", DT_BOOL, R_NONE, OPTCRYPTAUTOSIGN, 0 },
1152
1157
/*
1153
1158
** .pp
1154
-
** Setting this variable will cause Mutt to always attempt to PGP/MIME
1155
-
** sign outgoing messages. This can be overridden by use of the \fIpgp-
1156
-
** menu\fP, when signing is not required or encryption is requested as
1157
-
** well.
1159
+
** Setting this variable will cause Mutt to always attempt to
1160
+
** cryptographically sign outgoing messages. This can be overridden
1161
+
** by use of the \fIpgp-menu\fP, when signing is not required or
1162
+
** encryption is requested as well. IF ``$$smime_is_default'' is set,
1163
+
** then OpenSSL is used instead to create S/MIME messages and settings can
1164
+
** be overridden by use of the \fIsmime-menu\fP.
1158
1165
*/
1159
-
{ "pgp_autoencrypt", DT_BOOL, R_NONE, OPTPGPAUTOENCRYPT, 0 },
1166
+
# ifdef HAVE_PGP
1167
+
{ "pgp_autoencrypt", DT_SYN, R_NONE, UL "crypt_autoencrypt", 0 },
1168
+
# endif
1169
+
{ "crypt_autoencrypt", DT_BOOL, R_NONE, OPTCRYPTAUTOENCRYPT, 0 },
1160
1170
/*
1161
1171
** .pp
1162
1172
** Setting this variable will cause Mutt to always attempt to PGP/MIME
1163
1173
** encrypt outgoing messages. This is probably only useful in connection
1164
1174
** to the \fIsend-hook\fP command. It can be overridden by use of the
1165
1175
** \fIpgp-menu\fP, when encryption is not required or signing is
1166
-
** requested as well.
1176
+
** requested as well. IF ``$$smime_is_default'' is set, then
1177
+
** OpenSSL is used instead to create S/MIME messages and settings can
1178
+
** be overridden by use of the \fIsmime-menu\fP.
1167
1179
*/
1180
+
#ifdef HAVE_PGP
1168
1181
{ "pgp_ignore_subkeys", DT_BOOL, R_NONE, OPTPGPIGNORESUB, 1},
1169
1182
/*
1170
1183
** .pp
···
1172
1185
** the principal key will inherit the subkeys' capabilities. Unset this
1173
1186
** if you want to play interesting key selection games.
1174
1187
*/
1188
+
#endif
1189
+
#ifdef HAVE_PGP
1190
+
{ "pgp_replyencrypt", DT_SYN, R_NONE, UL "crypt_replyencrypt", 0 },
1191
+
#endif
1192
+
{ "crypt_replyencrypt", DT_BOOL, R_NONE, OPTCRYPTREPLYENCRYPT, 0 },
1193
+
/*
1194
+
** .pp
1195
+
** If set, automatically PGP or OpenSSL encrypt replies to messages which are
1196
+
** encrypted.
1197
+
*/
1198
+
#ifdef HAVE_PGP
1199
+
{ "pgp_replysign", DT_SYN, R_NONE, UL "crypt_replysign", 0 },
1200
+
#endif
1201
+
{ "crypt_replysign", DT_BOOL, R_NONE, OPTCRYPTREPLYSIGN, 0 },
1202
+
/*
1203
+
** .pp
1204
+
** If set, automatically PGP or OpenSSL sign replies to messages which are
1205
+
** signed.
1206
+
** .pp
1207
+
** \fBNote:\fP this does not work on messages that are encrypted
1208
+
** \fBand\fP signed!
1209
+
*/
1210
+
#ifdef HAVE_PGP
1211
+
{ "pgp_replysignencrypted", DT_SYN, R_NONE, UL "crypt_replysignencrypted", 0},
1212
+
#endif
1213
+
{ "crypt_replysignencrypted", DT_BOOL, R_NONE, OPTCRYPTREPLYSIGNENCRYPTED, 0 },
1214
+
/*
1215
+
** .pp
1216
+
** If set, automatically PGP/OpenSSL sign replies to messages which are
1217
+
** encrypted. This makes sense in combination with
1218
+
** ``$$crypt_replyencrypt'', because it allows you to sign all messages
1219
+
** which are automatically encrypted. This works around the problem
1220
+
** noted in ``$$crypt_replysign'', that mutt is not able to find out
1221
+
** whether an encrypted message is also signed.
1222
+
*/
1223
+
#ifdef HAVE_PGP
1224
+
{ "pgp_verify_sig", DT_SYN, R_NONE, UL "crypt_verify_sig", 0},
1225
+
#endif
1226
+
{ "crypt_verify_sig", DT_QUAD, R_NONE, OPT_VERIFYSIG, M_YES },
1227
+
/*
1228
+
** .pp
1229
+
** If ``yes'', always attempt to verify PGP/MIME or S/MIME signatures.
1230
+
** If ``ask'', ask whether or not to verify the signature.
1231
+
** If ``no'', never attempt to verify cryptographic signatures.
1232
+
*/
1233
+
#endif /* defined(HAVE_PGP) || defined(HAVE_SMIME) */
1234
+
#ifdef HAVE_SMIME
1235
+
{ "smime_is_default", DT_BOOL, R_NONE, OPTSMIMEISDEFAULT, 0},
1236
+
/*
1237
+
** .pp
1238
+
** The default behaviour of mutt is to use PGP on all auto-sign/encryption
1239
+
** operations. To override and to use OpenSSL instead this must be set.
1240
+
** However, this has no effect while replying, since mutt will automatically
1241
+
** select the same application that was used to sign/encrypt the original
1242
+
** message.
1243
+
*/
1244
+
#endif
1245
+
#ifdef HAVE_PGP
1175
1246
{ "pgp_entry_format", DT_STR, R_NONE, UL &PgpEntryFormat, UL "%4n %t%f %4l/0x%k %-4a %2c %u" },
1176
1247
/*
1177
1248
** .pp
···
1204
1275
** .pp
1205
1276
** If set, use 64 bit PGP key IDs. Unset uses the normal 32 bit Key IDs.
1206
1277
*/
1207
-
{ "pgp_replyencrypt", DT_BOOL, R_NONE, OPTPGPREPLYENCRYPT, 1 },
1208
-
/*
1209
-
** .pp
1210
-
** If set, automatically PGP encrypt replies to messages which are
1211
-
** encrypted.
1212
-
*/
1213
-
{ "pgp_replysign", DT_BOOL, R_NONE, OPTPGPREPLYSIGN, 0 },
1214
-
/*
1215
-
** .pp
1216
-
** If set, automatically PGP sign replies to messages which are signed.
1217
-
** .pp
1218
-
** \fBNote:\fP this does not work on messages that are encrypted
1219
-
** \fBand\fP signed!
1220
-
*/
1221
-
{ "pgp_replysignencrypted", DT_BOOL, R_NONE, OPTPGPREPLYSIGNENCRYPTED, 0 },
1222
-
/*
1223
-
** .pp
1224
-
** If set, automatically PGP sign replies to messages which are
1225
-
** encrypted. This makes sense in combination with
1226
-
** ``$$pgp_replyencrypt'', because it allows you to sign all messages
1227
-
** which are automatically encrypted. This works around the problem
1228
-
** noted in ``$$pgp_replysign'', that mutt is not able to find out
1229
-
** whether an encrypted message is also signed.
1230
-
*/
1231
1278
{ "pgp_retainable_sigs", DT_BOOL, R_NONE, OPTPGPRETAINABLESIG, 0 },
1232
1279
/*
1233
1280
** .pp
···
1265
1312
** .pp
1266
1313
** The number of seconds after which a cached passphrase will expire if
1267
1314
** not used.
1268
-
*/
1269
-
{ "pgp_verify_sig", DT_QUAD, R_NONE, OPT_VERIFYSIG, M_YES },
1270
-
/*
1271
-
** .pp
1272
-
** If ``yes'', always attempt to verify PGP/MIME signatures. If ``ask-yes''
1273
-
** or ``ask-no'',
1274
-
** ask whether or not to verify the signature. If ``no'', never attempt
1275
-
** to verify PGP/MIME signatures.
1276
1315
*/
1277
1316
{ "pgp_sort_keys", DT_SORT|DT_SORT_KEYS, R_NONE, UL &PgpSortKeys, SORT_ADDRESS },
1278
1317
/*
···
1418
1457
*/
1419
1458
#endif /* HAVE_PGP */
1420
1459
1460
+
#ifdef HAVE_SMIME
1461
+
{ "smime_timeout", DT_NUM, R_NONE, UL &SmimeTimeout, 300 },
1462
+
/*
1463
+
** .pp
1464
+
** The number of seconds after which a cached passphrase will expire if
1465
+
** not used.
1466
+
*/
1467
+
{ "smime_encrypt_with", DT_STR, R_NONE, UL &SmimeCryptAlg, 0 },
1468
+
/*
1469
+
** .pp
1470
+
** This sets the algorithm that should be used for encryption.
1471
+
** Valid choices are "des", "des3", "rc2-40", "rc2-64", "rc2-128".
1472
+
** If unset "3des" (TrippleDES) is used.
1473
+
*/
1474
+
{ "smime_keys", DT_PATH, R_NONE, UL &SmimeKeys, 0 },
1475
+
/*
1476
+
** .pp
1477
+
** Since there is no pubring/secring as with PGP, mutt has to handle
1478
+
** storage ad retrieval of keys by itself. This is very basic right now,
1479
+
** and stores keys and certificates in two different directories, both
1480
+
** named as the hash-value retrieved from OpenSSl. There is an index file
1481
+
** which contains mailbox-address keyid pai, and which can be manually
1482
+
** edited.
1483
+
*/
1484
+
{ "smime_certificates", DT_PATH, R_NONE, UL &SmimeCertificates, 0 },
1485
+
/*
1486
+
** .pp
1487
+
** Since there is no pubring/secring as with PGP, mutt has to handle
1488
+
** storage ad retrieval of keys by itself. This is very basic right now,
1489
+
** and stores keys and certificates in two different directories, both
1490
+
** named as the hash-value retrieved from OpenSSl. There is an index file
1491
+
** which contains mailbox-address keyid pai, and which can be manually
1492
+
** edited.
1493
+
*/
1494
+
{ "smime_decrypt_command", DT_STR, R_NONE, UL &SmimeDecryptCommand, 0},
1495
+
/*
1496
+
** .pp
1497
+
** This format strings specifies a command which is used to decrypt
1498
+
** application/x-pkcs7-mime attachments.
1499
+
** .pp
1500
+
** The OpenSSL command formats have their own set of printf-like sequences
1501
+
** similar to PGP's:
1502
+
** .pp
1503
+
** .dl
1504
+
** .dt %f .dd Expands to the name of a file containing a message.
1505
+
** .dt %s .dd Expands to the name of a file containing the signature part
1506
+
** . of a multipart/signed attachment when verifying it.
1507
+
** .dt %k .dd The key-pair specified with $$smime_sign_as.
1508
+
** .dt %c .dd One or more certificate IDs.
1509
+
** .dt %a .dd The algorithm used for encryption.
1510
+
** .de
1511
+
** .pp
1512
+
** For examples on how to configure these formats, see the smime.rc
1513
+
** the samples/ subdirectory which has been installed on your system
1514
+
** alongside the documentation.
1515
+
*/
1516
+
{ "smime_verify_command", DT_STR, R_NONE, UL &SmimeVerifyCommand, 0},
1517
+
/*
1518
+
** .pp
1519
+
** This command is used to verify S/MIME signatures of type multipart/signed.
1520
+
*/
1521
+
{ "smime_verify_opaque_command", DT_STR, R_NONE, UL &SmimeVerifyOpaqueCommand, 0},
1522
+
/*
1523
+
** .pp
1524
+
** This command is used to verify S/MIME signatures of type
1525
+
** application/x-pkcs7-mime.
1526
+
*/
1527
+
{ "smime_sign_command", DT_STR, R_NONE, UL &SmimeSignCommand, 0},
1528
+
/*
1529
+
** .pp
1530
+
** This command is used to created S/MIME signatures of type
1531
+
** multipart/signed, which can be read by all mail clients.
1532
+
*/
1533
+
{ "smime_sign_opaque_command", DT_STR, R_NONE, UL &SmimeSignOpaqueCommand, 0},
1534
+
/*
1535
+
** .pp
1536
+
** This command is used to created S/MIME signatures of type
1537
+
** applicatipn/x-pkcs7-signature, which can only be handled by mail
1538
+
** clients supporting the S/MIME extension
1539
+
*/
1540
+
{ "smime_encrypt_command", DT_STR, R_NONE, UL &SmimeEncryptCommand, 0},
1541
+
/*
1542
+
** .pp
1543
+
** This command is used to create encrypted S/MIME messages.
1544
+
*/
1545
+
{ "smime_pk7out_command", DT_STR, R_NONE, UL &SmimePk7outCommand, 0},
1546
+
/*
1547
+
** .pp
1548
+
** This command is used to extract PKCS7 structures of S/MIME signatures,
1549
+
** in Order to extract the public X509 certificate(s).
1550
+
*/
1551
+
{ "smime_get_cert_command", DT_STR, R_NONE, UL &SmimeGetCertCommand, 0},
1552
+
/*
1553
+
** .pp
1554
+
** This command is used to extract X509 certificates from a PKCS7 structure.
1555
+
*/
1556
+
{ "smime_get_signer_cert_command", DT_STR, R_NONE, UL &SmimeGetSignerCertCommand, 0},
1557
+
/*
1558
+
** .pp
1559
+
** This command is used to extract only the signers X509 certificate from a S/MIME signature,
1560
+
** so that the certificate's owner may get compared to the email's from field.
1561
+
*/
1562
+
{ "smime_hash_cert_command", DT_STR, R_NONE, UL &SmimeHashCertCommand, 0},
1563
+
/*
1564
+
** .pp
1565
+
** This command is used to calculate a hash value used for storing
1566
+
** X509 certificates.
1567
+
*/
1568
+
{ "smime_get_cert_email_command", DT_STR, R_NONE, UL &SmimeGetCertEmailCommand, 0},
1569
+
/*
1570
+
** .pp
1571
+
** This command is used to extract the mail address used for storing
1572
+
** X509 certificates, abd for verification purposes (to see if the
1573
+
** certifacate was issued for the sender's mailbox.
1574
+
*/
1575
+
{ "smime_sign_as", DT_STR, R_NONE, UL &SmimeSignAs, 0 },
1576
+
/*
1577
+
** .pp
1578
+
** This is the default key-pair to use vor signing. This must be set to the
1579
+
** keyid (the hash-value, OpenSSL generates) to work properly (key handling
1580
+
** is very limited right now.)
1581
+
*/
1582
+
#endif /* HAVE_SMIME */
1583
+
1421
1584
#if defined(USE_SSL)||defined(USE_NSS)
1422
1585
# ifndef USE_NSS
1423
1586
{ "ssl_starttls", DT_QUAD, R_NONE, OPT_SSLSTARTTLS, M_YES },
···
2460
2623
{ "mono", mutt_parse_mono, 0 },
2461
2624
{ "my_hdr", parse_my_hdr, 0 },
2462
2625
#ifdef HAVE_PGP
2463
-
{ "pgp-hook", mutt_parse_hook, M_PGPHOOK },
2626
+
{ "pgp-hook", mutt_parse_hook, M_CRYPTHOOK },
2627
+
#endif
2628
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2629
+
{ "crypt-hook", mutt_parse_hook, M_CRYPTHOOK },
2464
2630
#endif /* HAVE_PGP */
2465
2631
{ "push", mutt_parse_push, 0 },
2466
2632
{ "reset", parse_set, M_SET_RESET },
+8
keymap.c
+8
keymap.c
···
43
43
{ "pgp", MENU_PGP },
44
44
#endif
45
45
46
+
#ifdef HAVE_SMIME
47
+
{ "smime", MENU_SMIME },
48
+
#endif
49
+
46
50
#ifdef MIXMASTER
47
51
{ "mix", MENU_MIX },
48
52
#endif
···
531
535
532
536
#ifdef HAVE_PGP
533
537
create_bindings (OpPgp, MENU_PGP);
538
+
#endif
539
+
540
+
#ifdef HAVE_SMIME
541
+
create_bindings (OpSmime, MENU_SMIME);
534
542
#endif
535
543
536
544
#ifdef MIXMASTER
+8
keymap.h
+8
keymap.h
···
65
65
MENU_PGP,
66
66
#endif
67
67
68
+
#ifdef HAVE_SMIME
69
+
MENU_SMIME,
70
+
#endif
71
+
68
72
#ifdef MIXMASTER
69
73
MENU_MIX,
70
74
#endif
···
105
109
#ifdef HAVE_PGP
106
110
extern struct binding_t OpPgp[];
107
111
#endif /* HAVE_PGP */
112
+
113
+
#ifdef HAVE_SMIME
114
+
extern struct binding_t OpSmime[];
115
+
#endif /* HAVE_SMIME */
108
116
109
117
#ifdef MIXMASTER
110
118
extern struct binding_t OpMix[];
+11
main.c
+11
main.c
+22
-13
mutt.h
+22
-13
mutt.h
···
139
139
#define M_CHARSETHOOK (1<<5)
140
140
#define M_ICONVHOOK (1<<6)
141
141
#define M_MESSAGEHOOK (1<<7)
142
-
#ifdef HAVE_PGP
143
-
#define M_PGPHOOK (1<<8)
142
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
143
+
#define M_CRYPTHOOK (1<<8)
144
144
#endif
145
145
#define M_ACCOUNTHOOK (1<<9)
146
146
···
253
253
enum
254
254
{
255
255
256
-
#ifdef HAVE_PGP
256
+
#if defined(HAVE_PGP)|| defined(HAVE_SMIME)
257
257
OPT_VERIFYSIG, /* verify PGP signatures */
258
+
#ifdef HAVE_PGP
258
259
OPT_PGPTRADITIONAL, /* create old-style PGP messages */
260
+
#endif
259
261
#endif
260
262
261
263
#ifdef USE_SSL
···
411
413
412
414
/* PGP options */
413
415
416
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
417
+
OPTCRYPTAUTOSIGN,
418
+
OPTCRYPTAUTOENCRYPT,
419
+
OPTCRYPTREPLYENCRYPT,
420
+
OPTCRYPTREPLYSIGN,
421
+
OPTCRYPTREPLYSIGNENCRYPTED,
422
+
#ifdef HAVE_SMIME
423
+
OPTSMIMEISDEFAULT,
424
+
#endif
414
425
#ifdef HAVE_PGP
415
-
OPTPGPAUTOSIGN,
416
-
OPTPGPAUTOENCRYPT,
417
426
OPTPGPIGNORESUB,
418
427
OPTPGPLONGIDS,
419
-
OPTPGPREPLYENCRYPT,
420
-
OPTPGPREPLYSIGN,
421
-
OPTPGPREPLYSIGNENCRYPTED,
428
+
#endif
422
429
#if 0
423
430
OPTPGPENCRYPTSELF,
424
431
#endif
···
600
607
* set when in send-mode.
601
608
*/
602
609
603
-
#ifdef HAVE_PGP
604
-
unsigned int goodsig : 1; /* good PGP signature */
610
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
611
+
unsigned int goodsig : 1; /* good cryptographic signature */
612
+
unsigned int badsig : 1; /* bad cryptographic signature (needed to check encrypted s/mime-signatures */
605
613
#endif
606
614
607
615
unsigned int collapsed : 1; /* used by recvattach */
···
610
618
611
619
typedef struct header
612
620
{
613
-
#ifdef HAVE_PGP
614
-
unsigned int pgp : 4;
621
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
622
+
unsigned int security : 7; /* bit 0-4: flags, bit 5,6: application.
623
+
see: crypt.h pgplib.h, smime.h */
615
624
#endif
616
625
617
626
unsigned int mime : 1; /* has a Mime-Version header? */
···
791
800
792
801
793
802
794
-
#ifdef HAVE_PGP
803
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
795
804
#define M_VERIFY (1<<1) /* perform signature verification */
796
805
#endif
797
806
+11
-2
muttlib.c
+11
-2
muttlib.c
···
28
28
29
29
#ifdef USE_IMAP
30
30
#include "imap.h"
31
-
#endif
31
+
#endif
32
32
33
33
#ifdef HAVE_PGP
34
34
#include "pgp.h"
35
+
#endif
36
+
37
+
#ifdef HAVE_SMIME
38
+
#include "smime.h"
35
39
#endif
36
40
37
41
#include <string.h>
···
594
598
case TYPEAPPLICATION:
595
599
if(mutt_is_application_pgp(m))
596
600
return 0;
601
+
#endif /* HAVE_PGP */
602
+
603
+
#ifdef HAVE_SMIME
604
+
if(mutt_is_application_smime(m))
605
+
return 0;
597
606
break;
598
-
#endif /* HAVE_PGP */
607
+
#endif /* HAVE_SMIME */
599
608
600
609
601
610
case TYPEMULTIPART:
+7
-3
mx.c
+7
-3
mx.c
···
30
30
#include "pgp.h"
31
31
#endif
32
32
33
+
#ifdef HAVE_SMIME
34
+
#include "smime.h"
35
+
#endif
36
+
33
37
#ifdef USE_IMAP
34
38
#include "imap.h"
35
39
#endif
···
1570
1574
1571
1575
1572
1576
1573
-
#ifdef HAVE_PGP
1577
+
#ifdef HAVE_PGP || defined(HAVE_SMIME)
1574
1578
/* NOTE: this _must_ be done before the check for mailcap! */
1575
-
h->pgp = pgp_query (h->content);
1576
-
#endif /* HAVE_PGP */
1579
+
h->security = crypt_query (h->content);
1580
+
#endif /* HAVE_PGP || HAVE_SMIME */
1577
1581
1578
1582
if (!ctx->pattern)
1579
1583
{
+19
-12
pager.c
+19
-12
pager.c
···
38
38
#include "pgp.h"
39
39
#endif
40
40
41
+
#ifdef HAVE_SMIME
42
+
#include "smime.h"
43
+
#endif
44
+
41
45
42
46
43
47
···
2383
2387
redraw = REDRAW_FULL;
2384
2388
break;
2385
2389
2386
-
#ifdef HAVE_PGP
2390
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2387
2391
case OP_DECRYPT_SAVE:
2388
2392
#endif
2389
2393
case OP_SAVE:
···
2396
2400
case OP_COPY_MESSAGE:
2397
2401
case OP_DECODE_SAVE:
2398
2402
case OP_DECODE_COPY:
2399
-
#ifdef HAVE_PGP
2403
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2400
2404
case OP_DECRYPT_COPY:
2401
2405
#endif
2402
2406
CHECK_MODE(IsHeader (extra));
2403
2407
if (mutt_save_message (extra->hdr,
2404
-
#ifdef HAVE_PGP
2408
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2405
2409
(ch == OP_DECRYPT_SAVE) ||
2406
2410
#endif
2407
2411
(ch == OP_SAVE) || (ch == OP_DECODE_SAVE),
2408
2412
(ch == OP_DECODE_SAVE) || (ch == OP_DECODE_COPY),
2409
-
#ifdef HAVE_PGP
2413
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2410
2414
(ch == OP_DECRYPT_SAVE) || (ch == OP_DECRYPT_COPY) ||
2411
2415
#endif
2412
2416
0,
2413
2417
&redraw) == 0 && (ch == OP_SAVE || ch == OP_DECODE_SAVE
2414
-
#ifdef HAVE_PGP
2418
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2415
2419
|| ch == OP_DECRYPT_SAVE
2416
2420
#endif
2417
2421
))
···
2517
2521
2518
2522
2519
2523
#ifdef HAVE_PGP
2520
-
case OP_FORGET_PASSPHRASE:
2521
-
mutt_forget_passphrase ();
2522
-
break;
2523
-
2524
2524
case OP_MAIL_KEY:
2525
2525
CHECK_MODE(IsHeader(extra));
2526
2526
CHECK_ATTACH;
2527
2527
ci_send_message (SENDKEY, NULL, NULL, extra->ctx, extra->hdr);
2528
2528
redraw = REDRAW_FULL;
2529
2529
break;
2530
-
2530
+
#endif /* HAVE_PGP || HAVE_SMIME */
2531
+
2532
+
2533
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
2534
+
case OP_FORGET_PASSPHRASE:
2535
+
crypt_forget_passphrase ();
2536
+
break;
2537
+
2531
2538
case OP_EXTRACT_KEYS:
2532
2539
CHECK_MODE(IsHeader(extra));
2533
-
pgp_extract_keys_from_messages(extra->hdr);
2540
+
crypt_extract_keys_from_messages(extra->hdr);
2534
2541
redraw = REDRAW_FULL;
2535
2542
break;
2536
-
#endif /* HAVE_PGP */
2543
+
#endif /* HAVE_PGP || HAVE_SMIME */
2537
2544
2538
2545
2539
2546
+7
-5
parse.c
+7
-5
parse.c
···
28
28
#include "pgp.h"
29
29
#endif /* HAVE_PGP */
30
30
31
+
#ifdef HAVE_SMIME
32
+
#include "smime.h"
33
+
#endif /* HAVE_SMIME */
34
+
31
35
32
36
33
37
#include <string.h>
···
934
938
{
935
939
mutt_parse_part (msg->fp, cur->content);
936
940
937
-
938
-
#ifdef HAVE_PGP
939
-
cur->pgp = pgp_query (cur->content);
940
-
#endif /* HAVE_PGP */
941
-
941
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
942
+
cur->security = crypt_query (cur->content);
943
+
#endif
942
944
943
945
mx_close_message (&msg);
944
946
}
+9
-5
pattern.c
+9
-5
pattern.c
···
35
35
#include "pgp.h"
36
36
#endif
37
37
38
+
#ifdef HAVE_SMIME
39
+
#include "smime.h"
40
+
#endif
41
+
38
42
39
43
40
44
static int eat_regexp (pattern_t *pat, BUFFER *, BUFFER *);
···
173
177
174
178
175
179
176
-
#ifdef HAVE_PGP
177
-
if (h->pgp & PGPENCRYPT && !pgp_valid_passphrase())
180
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
181
+
if (h->security & ENCRYPT && !crypt_valid_passphrase(h->security))
178
182
{
179
183
mx_close_message (&msg);
180
184
if (fp)
···
1043
1047
return (pat->not ^ (h->collapsed && h->num_hidden > 1));
1044
1048
#ifdef HAVE_PGP
1045
1049
case M_PGP_SIGN:
1046
-
return (pat->not ^ (h->pgp & PGPSIGN));
1050
+
return (pat->not ^ (h->security & APPLICATION_PGP && h->security & SIGN));
1047
1051
case M_PGP_ENCRYPT:
1048
-
return (pat->not ^ (h->pgp & PGPENCRYPT));
1052
+
return (pat->not ^ (h->security & APPLICATION_PGP && h->security & ENCRYPT));
1049
1053
case M_PGP_KEY:
1050
-
return (pat->not ^ (h->pgp & PGPKEY));
1054
+
return (pat->not ^ (h->security & APPLICATION_PGP && h->security & PGPKEY));
1051
1055
#endif
1052
1056
case M_XLABEL:
1053
1057
return (pat->not ^ (h->env->x_label && regexec (pat->rx, h->env->x_label, 0, NULL, 0) == 0));
+19
-398
pgp.c
+19
-398
pgp.c
···
53
53
54
54
#ifdef HAVE_PGP
55
55
56
+
#include "crypt.h"
57
+
58
+
56
59
57
60
char PgpPass[STRING];
58
-
static time_t PgpExptime = 0; /* when does the cached passphrase expire? */
61
+
time_t PgpExptime = 0; /* when does the cached passphrase expire? */
59
62
60
63
void pgp_void_passphrase (void)
61
64
{
···
63
66
PgpExptime = 0;
64
67
}
65
68
66
-
# if defined(HAVE_SETRLIMIT) && (!defined(DEBUG))
67
69
68
-
static void disable_coredumps (void)
69
-
{
70
-
struct rlimit rl = {0, 0};
71
-
static short done = 0;
72
-
73
-
if (!done)
74
-
{
75
-
setrlimit (RLIMIT_CORE, &rl);
76
-
done = 1;
77
-
}
78
-
}
79
-
80
-
# endif /* HAVE_SETRLIMIT */
81
-
82
-
int pgp_valid_passphrase (void)
83
-
{
84
-
time_t now = time (NULL);
85
-
86
-
# if defined(HAVE_SETRLIMIT) && (!defined(DEBUG))
87
-
disable_coredumps ();
88
-
# endif
89
-
90
-
if (now < PgpExptime) return 1; /* just use the cached copy. */
91
-
pgp_void_passphrase ();
92
-
93
-
if (mutt_get_password (_("Enter PGP passphrase:"), PgpPass, sizeof (PgpPass)) == 0)
94
-
{
95
-
PgpExptime = time (NULL) + PgpTimeout;
96
-
return (1);
97
-
}
98
-
else
99
-
{
100
-
PgpExptime = 0;
101
-
return (0);
102
-
}
103
-
/* not reached */
104
-
}
105
-
106
-
void mutt_forget_passphrase (void)
70
+
void pgp_forget_passphrase (void)
107
71
{
108
72
pgp_void_passphrase ();
109
73
mutt_message _("PGP passphrase forgotten.");
···
130
94
* Routines for handing PGP input.
131
95
*/
132
96
133
-
/* print the current time to avoid spoofing of the signature output */
134
-
static void pgp_current_time (STATE *s)
135
-
{
136
-
time_t t;
137
-
char p[STRING];
138
-
139
-
t = time (NULL);
140
-
setlocale (LC_TIME, "");
141
-
strftime (p, sizeof (p),
142
-
_("[-- PGP output follows (current time: %c) --]\n"),
143
-
localtime (&t));
144
-
setlocale (LC_TIME, "C");
145
-
state_attach_puts (p, s);
146
-
}
147
97
148
98
149
99
/* Copy PGP output messages and look for signs of a good signature */
···
378
328
safe_fclose (&pgpin);
379
329
380
330
if (s->flags & M_DISPLAY)
381
-
pgp_current_time (s);
331
+
crypt_current_time (s, "PGP");
382
332
383
333
rv = mutt_wait_filter (thepid);
384
334
···
547
497
return rv;
548
498
}
549
499
550
-
int mutt_is_multipart_signed (BODY *b)
551
-
{
552
-
char *p;
553
-
554
-
if (!b || b->type != TYPEMULTIPART ||
555
-
!b->subtype || ascii_strcasecmp (b->subtype, "signed") ||
556
-
!(p = mutt_get_parameter ("protocol", b->parameter)) ||
557
-
(ascii_strcasecmp (p, "application/pgp-signature")
558
-
&& ascii_strcasecmp (p, "multipart/mixed")))
559
-
return 0;
560
-
561
-
return PGPSIGN;
562
-
}
563
-
564
500
565
-
int mutt_is_multipart_encrypted (BODY *b)
501
+
int pgp_is_multipart_encrypted (BODY *b)
566
502
{
567
503
char *p;
568
504
···
604
540
return t;
605
541
}
606
542
607
-
int pgp_query (BODY *m)
608
-
{
609
-
int t = 0;
610
543
611
-
t |= mutt_is_application_pgp (m);
612
544
613
-
if ((t & (PGPSIGN|PGPENCRYPT)) && m->goodsig)
614
-
t |= PGPGOODSIGN|PGPSIGN;
615
-
else if (m->type == TYPEMULTIPART)
616
-
{
617
-
if (mutt_is_multipart_signed(m))
618
-
t |= PGPSIGN;
619
-
else if (mutt_is_multipart_encrypted(m))
620
-
t |= PGPENCRYPT;
621
545
622
-
if (m->goodsig &&
623
-
(mutt_is_multipart_signed (m) || mutt_is_multipart_encrypted (m)))
624
-
t |= PGPGOODSIGN;
625
-
}
626
-
627
-
if (m->type == TYPEMULTIPART || m->type == TYPEMESSAGE)
628
-
{
629
-
BODY *p;
630
-
631
-
for (p = m->parts; p; p = p->next)
632
-
t |= pgp_query(p) & ~PGPGOODSIGN;
633
-
}
634
-
635
-
return t;
636
-
}
637
-
638
-
static void pgp_fetch_signatures (BODY ***signatures, BODY *a, int *n)
639
-
{
640
-
for (; a; a = a->next)
641
-
{
642
-
if(a->type == TYPEMULTIPART)
643
-
pgp_fetch_signatures (signatures, a->parts, n);
644
-
else
645
-
{
646
-
if((*n % 5) == 0)
647
-
safe_realloc((void **) signatures, (*n + 6) * sizeof(BODY **));
648
-
649
-
(*signatures)[(*n)++] = a;
650
-
}
651
-
}
652
-
}
653
-
654
-
static int pgp_write_signed(BODY *a, STATE *s, const char *tempfile)
655
-
{
656
-
FILE *fp;
657
-
int c;
658
-
short hadcr;
659
-
size_t bytes;
660
-
661
-
if(!(fp = safe_fopen (tempfile, "w")))
662
-
{
663
-
mutt_perror(tempfile);
664
-
return -1;
665
-
}
666
-
667
-
fseek (s->fpin, a->hdr_offset, 0);
668
-
bytes = a->length + a->offset - a->hdr_offset;
669
-
hadcr = 0;
670
-
while (bytes > 0)
671
-
{
672
-
if((c = fgetc(s->fpin)) == EOF)
673
-
break;
674
-
675
-
bytes--;
676
-
677
-
if(c == '\r')
678
-
hadcr = 1;
679
-
else
680
-
{
681
-
if(c == '\n' && !hadcr)
682
-
fputc('\r', fp);
683
-
684
-
hadcr = 0;
685
-
}
686
-
687
-
fputc(c, fp);
688
-
689
-
}
690
-
fclose (fp);
691
-
692
-
return 0;
693
-
}
694
-
695
-
696
-
static int pgp_verify_one (BODY *sigbdy, STATE *s, const char *tempfile)
546
+
int pgp_verify_one (BODY *sigbdy, STATE *s, const char *tempfile)
697
547
{
698
548
char sigfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
699
549
FILE *fp, *pgpout, *pgperr;
···
721
571
return -1;
722
572
}
723
573
724
-
pgp_current_time (s);
574
+
crypt_current_time (s, "PGP");
725
575
726
576
if((thepid = pgp_invoke_verify (NULL, &pgpout, NULL,
727
577
-1, -1, fileno(pgperr),
···
756
606
return badsig;
757
607
}
758
608
759
-
/*
760
-
* This routine verifies a PGP/MIME signed body.
761
-
*/
762
-
void pgp_signed_handler (BODY *a, STATE *s)
763
-
{
764
-
char tempfile[_POSIX_PATH_MAX];
765
-
char *protocol;
766
-
int protocol_major = TYPEOTHER;
767
-
char *protocol_minor = NULL;
768
-
769
-
BODY *b = a;
770
-
BODY **signatures = NULL;
771
-
int sigcnt = 0;
772
-
int i;
773
-
short goodsig = 1;
774
-
775
-
protocol = mutt_get_parameter ("protocol", a->parameter);
776
-
a = a->parts;
777
-
778
-
/* extract the protocol information */
779
-
780
-
if (protocol)
781
-
{
782
-
char major[STRING];
783
-
char *t;
784
-
785
-
if ((protocol_minor = strchr(protocol, '/'))) protocol_minor++;
786
-
787
-
strfcpy(major, protocol, sizeof(major));
788
-
if((t = strchr(major, '/')))
789
-
*t = '\0';
790
-
791
-
protocol_major = mutt_check_mime_type (major);
792
-
}
793
-
794
-
/* consistency check */
795
-
796
-
if (!(a && a->next && a->next->type == protocol_major &&
797
-
!ascii_strcasecmp(a->next->subtype, protocol_minor)))
798
-
{
799
-
state_attach_puts(_("[-- Error: Inconsistent multipart/signed structure! --]\n\n"), s);
800
-
mutt_body_handler (a, s);
801
-
return;
802
-
}
803
-
804
-
if(!(protocol_major == TYPEAPPLICATION && !ascii_strcasecmp(protocol_minor, "pgp-signature"))
805
-
&& !(protocol_major == TYPEMULTIPART && !ascii_strcasecmp(protocol_minor, "mixed")))
806
-
{
807
-
state_mark_attach (s);
808
-
state_printf(s, _("[-- Error: Unknown multipart/signed protocol %s! --]\n\n"), protocol);
809
-
mutt_body_handler (a, s);
810
-
return;
811
-
}
812
-
813
-
if (s->flags & M_DISPLAY)
814
-
{
815
-
816
-
pgp_fetch_signatures(&signatures, a->next, &sigcnt);
817
-
818
-
if (sigcnt)
819
-
{
820
-
mutt_mktemp (tempfile);
821
-
if (pgp_write_signed (a, s, tempfile) == 0)
822
-
{
823
-
for (i = 0; i < sigcnt; i++)
824
-
{
825
-
if (signatures[i]->type == TYPEAPPLICATION
826
-
&& !ascii_strcasecmp(signatures[i]->subtype, "pgp-signature"))
827
-
{
828
-
if (pgp_verify_one (signatures[i], s, tempfile) != 0)
829
-
goodsig = 0;
830
-
}
831
-
else
832
-
{
833
-
state_mark_attach (s);
834
-
state_printf (s, _("[-- Warning: We can't verify %s/%s signatures. --]\n\n"),
835
-
TYPE(signatures[i]), signatures[i]->subtype);
836
-
}
837
-
}
838
-
}
839
-
840
-
mutt_unlink (tempfile);
841
-
842
-
b->goodsig = goodsig;
843
-
844
-
dprint (2, (debugfile, "pgp_signed_handler: goodsig = %d\n", goodsig));
845
-
846
-
/* Now display the signed body */
847
-
state_attach_puts (_("[-- The following data is signed --]\n\n"), s);
848
-
849
-
850
-
safe_free((void **) &signatures);
851
-
}
852
-
else
853
-
state_attach_puts (_("[-- Warning: Can't find any signatures. --]\n\n"), s);
854
-
}
855
-
856
-
mutt_body_handler (a, s);
857
-
858
-
if (s->flags & M_DISPLAY && sigcnt)
859
-
{
860
-
state_putc ('\n', s);
861
-
state_attach_puts (_("[-- End of signed data --]\n"), s);
862
-
}
863
-
}
864
609
865
610
/* Extract pgp public keys from messages or attachments */
866
611
···
873
618
if (h)
874
619
{
875
620
mutt_parse_mime_message (Context, h);
876
-
if(h->pgp & PGPENCRYPT && !pgp_valid_passphrase ())
621
+
if(h->security & PGPENCRYPT && !pgp_valid_passphrase ())
877
622
return;
878
623
}
879
624
···
893
638
if (Context->hdrs[Context->v2r[i]]->tagged)
894
639
{
895
640
mutt_parse_mime_message (Context, Context->hdrs[Context->v2r[i]]);
896
-
if (Context->hdrs[Context->v2r[i]]->pgp & PGPENCRYPT
641
+
if (Context->hdrs[Context->v2r[i]]->security & PGPENCRYPT
897
642
&& !pgp_valid_passphrase())
898
643
{
899
644
fclose (fpout);
···
907
652
else
908
653
{
909
654
mutt_parse_mime_message (Context, h);
910
-
if (h->pgp & PGPENCRYPT && !pgp_valid_passphrase())
655
+
if (h->security & PGPENCRYPT && !pgp_valid_passphrase())
911
656
{
912
657
fclose (fpout);
913
658
goto bailout;
···
1132
877
return;
1133
878
}
1134
879
1135
-
if (s->flags & M_DISPLAY) pgp_current_time (s);
880
+
if (s->flags & M_DISPLAY) crypt_current_time (s, "PGP");
1136
881
1137
882
if ((tattach = pgp_decrypt_part (a, s, fpout, p)) != NULL)
1138
883
{
···
1171
916
* Routines for sending PGP/MIME messages.
1172
917
*/
1173
918
1174
-
static void convert_to_7bit (BODY *a)
1175
-
{
1176
-
while (a)
1177
-
{
1178
-
if (a->type == TYPEMULTIPART)
1179
-
{
1180
-
if (a->encoding != ENC7BIT)
1181
-
{
1182
-
a->encoding = ENC7BIT;
1183
-
convert_to_7bit(a->parts);
1184
-
}
1185
-
else if (option (OPTPGPSTRICTENC))
1186
-
convert_to_7bit (a->parts);
1187
-
}
1188
-
else if (a->type == TYPEMESSAGE
1189
-
&& ascii_strcasecmp(a->subtype, "delivery-status"))
1190
-
{
1191
-
if(a->encoding != ENC7BIT)
1192
-
mutt_message_to_7bit(a, NULL);
1193
-
}
1194
-
else if (a->encoding == ENC8BIT)
1195
-
a->encoding = ENCQUOTEDPRINTABLE;
1196
-
else if (a->encoding == ENCBINARY)
1197
-
a->encoding = ENCBASE64;
1198
-
else if (a->content && a->encoding != ENCBASE64 &&
1199
-
(a->content->from || (a->content->space &&
1200
-
option (OPTPGPSTRICTENC))))
1201
-
a->encoding = ENCQUOTEDPRINTABLE;
1202
-
a = a->next;
1203
-
}
1204
-
}
1205
919
1206
-
static BODY *pgp_sign_message (BODY *a)
920
+
BODY *pgp_sign_message (BODY *a)
1207
921
{
1208
922
BODY *t;
1209
923
char buffer[LONG_STRING];
···
1362
1076
q = p;
1363
1077
k_info = NULL;
1364
1078
1365
-
if ((keyID = mutt_pgp_hook (p)) != NULL)
1079
+
if ((keyID = mutt_crypt_hook (p)) != NULL)
1366
1080
{
1367
1081
int r;
1368
1082
snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID, p->mailbox);
···
1425
1139
/* Warning: "a" is no longer freed in this routine, you need
1426
1140
* to free it later. This is necessary for $fcc_attach. */
1427
1141
1428
-
static BODY *pgp_encrypt_message (BODY *a, char *keylist, int sign)
1142
+
BODY *pgp_encrypt_message (BODY *a, char *keylist, int sign)
1429
1143
{
1430
1144
char buf[LONG_STRING];
1431
1145
char tempfile[_POSIX_PATH_MAX], pgperrfile[_POSIX_PATH_MAX];
···
1543
1257
return (t);
1544
1258
}
1545
1259
1546
-
static BODY *pgp_traditional_encryptsign (BODY *a, int flags, char *keylist)
1260
+
BODY *pgp_traditional_encryptsign (BODY *a, int flags, char *keylist)
1547
1261
{
1548
1262
BODY *b;
1549
1263
···
1608
1322
return NULL;
1609
1323
}
1610
1324
1611
-
if (flags & PGPSIGN)
1325
+
if (flags & SIGN)
1612
1326
fprintf (pgpin, "%s\n", PgpPass);
1613
1327
fclose (pgpin);
1614
1328
···
1652
1366
b->subtype = safe_strdup ("pgp");
1653
1367
1654
1368
mutt_set_parameter ("format", "text", &b->parameter);
1655
-
mutt_set_parameter ("x-action", flags & PGPENCRYPT ? "encrypt" : "sign",
1369
+
mutt_set_parameter ("x-action", flags & ENCRYPT ? "encrypt" : "sign",
1656
1370
&b->parameter);
1657
1371
1658
1372
b->filename = safe_strdup (pgpoutfile);
···
1671
1385
1672
1386
1673
1387
1674
-
int pgp_get_keys (HEADER *msg, char **pgpkeylist)
1675
-
{
1676
-
/* Do a quick check to make sure that we can find all of the encryption
1677
-
* keys if the user has requested this service.
1678
-
*/
1679
-
1680
-
set_option (OPTPGPCHECKTRUST);
1681
-
1682
-
*pgpkeylist = NULL;
1683
-
if (msg->pgp & PGPENCRYPT)
1684
-
{
1685
-
if ((*pgpkeylist = pgp_findKeys (msg->env->to, msg->env->cc,
1686
-
msg->env->bcc)) == NULL)
1687
-
return (-1);
1688
-
}
1689
-
1690
-
return (0);
1691
-
}
1692
-
1693
-
int pgp_protect (HEADER *msg, char *pgpkeylist)
1694
-
{
1695
-
BODY *pbody = NULL;
1696
-
int flags = msg->pgp;
1697
-
int traditional = 0;
1698
-
int i;
1699
-
1700
-
if ((msg->pgp & PGPSIGN) && !pgp_valid_passphrase ())
1701
-
return (-1);
1702
-
1703
-
if ((msg->content->type == TYPETEXT) &&
1704
-
!ascii_strcasecmp (msg->content->subtype, "plain") &&
1705
-
((flags & PGPENCRYPT) || (msg->content->content && msg->content->content->hibin == 0)))
1706
-
{
1707
-
if ((i = query_quadoption (OPT_PGPTRADITIONAL, _("Create an application/pgp message?"))) == -1)
1708
-
return -1;
1709
-
else if (i == M_YES)
1710
-
traditional = 1;
1711
-
}
1712
-
1713
-
mutt_message _("Invoking PGP...");
1714
-
1715
-
if (!isendwin ())
1716
-
mutt_endwin (NULL);
1717
-
1718
-
if (traditional)
1719
-
{
1720
-
if (!(pbody = pgp_traditional_encryptsign (msg->content, flags, pgpkeylist)))
1721
-
return -1;
1722
-
1723
-
msg->content = pbody;
1724
-
return 0;
1725
-
}
1726
-
1727
-
if ((flags & PGPSIGN) && (!(flags & PGPENCRYPT) || option (OPTPGPRETAINABLESIG)))
1728
-
{
1729
-
if (!(pbody = pgp_sign_message (msg->content)))
1730
-
return -1;
1731
-
1732
-
msg->content = pbody;
1733
-
flags &= ~PGPSIGN;
1734
-
}
1735
-
1736
-
if (flags & PGPENCRYPT)
1737
-
{
1738
-
if (!(pbody = pgp_encrypt_message (msg->content, pgpkeylist, flags & PGPSIGN)))
1739
-
{
1740
-
1741
-
/* did we perform a retainable signature? */
1742
-
if (flags != msg->pgp)
1743
-
{
1744
-
/* remove the outer multipart layer */
1745
-
msg->content = mutt_remove_multipart (msg->content);
1746
-
/* get rid of the signature */
1747
-
mutt_free_body (&msg->content->next);
1748
-
}
1749
-
1750
-
return (-1);
1751
-
}
1752
-
1753
-
/* destroy temporary signature envelope when doing retainable
1754
-
* signatures.
1755
-
*/
1756
-
if (flags != msg->pgp)
1757
-
{
1758
-
mutt_remove_multipart (msg->content);
1759
-
mutt_free_body (&msg->content->next);
1760
-
}
1761
-
1762
-
msg->content = pbody;
1763
-
}
1764
-
1765
-
return (0);
1766
-
}
1767
1388
1768
1389
#endif /* HAVE_PGP */
+18
-10
pgp.h
+18
-10
pgp.h
···
19
19
20
20
#ifdef HAVE_PGP
21
21
22
+
#include "crypt.h"
22
23
#include "pgplib.h"
23
24
24
25
WHERE REGEXP PgpGoodSign;
···
57
58
58
59
int mutt_check_pgp (HEADER * h);
59
60
int mutt_is_application_pgp (BODY *);
60
-
int mutt_is_multipart_encrypted (BODY *);
61
-
int mutt_is_multipart_signed (BODY *);
62
-
int mutt_parse_pgp_hdr (char *, int);
61
+
62
+
int pgp_is_multipart_encrypted (BODY *);
63
+
64
+
63
65
int pgp_decrypt_mime (FILE *, FILE **, BODY *, BODY **);
64
-
int pgp_get_keys (HEADER *, char **);
65
-
int pgp_protect (HEADER *, char *);
66
-
int pgp_query (BODY *);
66
+
67
67
/* int pgp_string_matches_hint (const char *s, LIST * hints); */
68
-
int pgp_valid_passphrase (void);
68
+
69
+
#define pgp_valid_passphrase() crypt_valid_passphrase(APPLICATION_PGP)
69
70
70
71
/* pgp_key_t *gpg_get_candidates (struct pgp_vinfo *, pgp_ring_t, LIST *); */
71
72
pgp_key_t *pgp_ask_for_key (char *, char *, short, pgp_ring_t);
···
73
74
pgp_key_t *pgp_getkeybyaddr (ADDRESS *, short, pgp_ring_t);
74
75
pgp_key_t *pgp_getkeybystr (char *, short, pgp_ring_t);
75
76
76
-
void mutt_forget_passphrase (void);
77
+
void pgp_forget_passphrase (void);
77
78
void pgp_application_pgp_handler (BODY *, STATE *);
78
79
void pgp_encrypted_handler (BODY *, STATE *);
79
80
void pgp_extract_keys_from_attachment_list (FILE * fp, int tag, BODY * top);
80
-
void pgp_extract_keys_from_messages (HEADER * hdr);
81
-
void pgp_signed_handler (BODY *, STATE *);
82
81
void pgp_void_passphrase (void);
82
+
83
83
84
84
85
85
···
116
116
117
117
void pgp_invoke_import (const char *fname);
118
118
void pgp_invoke_getkeys (ADDRESS *);
119
+
120
+
121
+
/* private ? */
122
+
int pgp_verify_one (BODY *, STATE *, const char *);
123
+
BODY *pgp_traditional_encryptsign (BODY *, int, char *);
124
+
BODY *pgp_encrypt_message (BODY *, char *, int);
125
+
BODY *pgp_sign_message (BODY *);
126
+
119
127
120
128
#endif /* HAVE_PGP */
+6
-4
pgplib.h
+6
-4
pgplib.h
···
19
19
20
20
#ifdef HAVE_PGP
21
21
22
-
#define PGPENCRYPT (1 << 0)
23
-
#define PGPSIGN (1 << 1)
24
-
#define PGPKEY (1 << 2)
25
-
#define PGPGOODSIGN (1 << 3)
22
+
#define APPLICATION_PGP (1 << 5)
23
+
24
+
#define PGPENCRYPT (APPLICATION_PGP | ENCRYPT)
25
+
#define PGPSIGN (APPLICATION_PGP | SIGN)
26
+
#define PGPGOODSIGN (APPLICATION_PGP | GOODSIGN)
27
+
#define PGPKEY (APPLICATION_PGP | (1 << 3))
26
28
27
29
#define KEYFLAG_CANSIGN (1 << 0)
28
30
#define KEYFLAG_CANENCRYPT (1 << 1)
+7
-3
pop.c
+7
-3
pop.c
···
24
24
#include "pgp.h"
25
25
#endif
26
26
27
+
#ifdef HAVE_SMIME
28
+
#include "smime.h"
29
+
#endif
30
+
27
31
#include <string.h>
28
32
#include <unistd.h>
29
33
···
438
442
h->content->length = ftell (msg->fp) - h->content->offset;
439
443
440
444
/* This needs to be done in case this is a multipart message */
441
-
#ifdef HAVE_PGP
442
-
h->pgp = pgp_query (h->content);
443
-
#endif /* HAVE_PGP */
445
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
446
+
h->security = crypt_query (h->content);
447
+
#endif
444
448
445
449
mutt_clear_error();
446
450
rewind (msg->fp);
+70
-10
postpone.c
+70
-10
postpone.c
···
47
47
#include "pgp.h"
48
48
#endif /* HAVE_PGP */
49
49
50
+
#ifdef HAVE_SMIME
51
+
#include "smime.h"
52
+
#endif /* HAVE_SMIME */
53
+
50
54
51
55
static short PostCount = 0;
52
56
static CONTEXT *PostContext = NULL;
···
334
338
*/
335
339
|| mutt_strncmp ("X-Mutt-PGP:", tmp->data, 11) == 0)
336
340
{
337
-
hdr->pgp = mutt_parse_pgp_hdr (strchr (tmp->data, ':') + 1, 1);
341
+
hdr->security = mutt_parse_crypt_hdr (strchr (tmp->data, ':') + 1, 1);
342
+
hdr->security |= APPLICATION_PGP;
338
343
339
344
/* remove the pgp field */
340
345
next = tmp->next;
···
348
353
}
349
354
#endif /* HAVE_PGP */
350
355
356
+
357
+
#ifdef HAVE_SMIME
358
+
else if (mutt_strncmp ("X-Mutt-SMIME:", tmp->data, 13) == 0)
359
+
{
360
+
hdr->security = mutt_parse_crypt_hdr (strchr (tmp->data, ':') + 1, 1);
361
+
hdr->security |= APPLICATION_SMIME;
362
+
363
+
/* remove the smime field */
364
+
next = tmp->next;
365
+
if (last)
366
+
last->next = tmp->next;
367
+
else
368
+
hdr->env->userhdrs = tmp->next;
369
+
tmp->next = NULL;
370
+
mutt_free_list (&tmp);
371
+
tmp = next;
372
+
}
373
+
#endif /* HAVE_SMIME */
374
+
375
+
351
376
#ifdef MIXMASTER
352
377
else if (mutt_strncmp ("X-Mutt-Mix:", tmp->data, 11) == 0)
353
378
{
···
383
408
384
409
385
410
386
-
#ifdef HAVE_PGP
411
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
387
412
388
-
int mutt_parse_pgp_hdr (char *p, int set_signas)
413
+
int mutt_parse_crypt_hdr (char *p, int set_signas)
389
414
{
390
415
int pgp = 0;
391
416
char pgp_sign_as[LONG_STRING] = "\0", *q;
417
+
char smime_cryptalg[LONG_STRING] = "\0";
392
418
393
419
SKIPWS (p);
394
420
for (; *p; p++)
···
398
424
{
399
425
case 'e':
400
426
case 'E':
401
-
pgp |= PGPENCRYPT;
427
+
pgp |= ENCRYPT;
402
428
break;
403
429
404
430
case 's':
405
431
case 'S':
406
-
pgp |= PGPSIGN;
432
+
pgp |= SIGN;
407
433
q = pgp_sign_as;
408
434
409
435
if (*(p+1) == '<')
···
443
469
444
470
break;
445
471
472
+
473
+
case 'c':
474
+
case 'C':
475
+
q = smime_cryptalg;
476
+
477
+
if(*(p+1) == '<')
478
+
{
479
+
for(p += 2; *p && *p != '>' && q < smime_cryptalg + sizeof(smime_cryptalg) - 1;
480
+
*q++ = *p++)
481
+
;
482
+
483
+
if(*p != '>')
484
+
{
485
+
mutt_error _("Illegal S/MIME header");
486
+
return 0;
487
+
}
488
+
}
489
+
490
+
*q = '\0';
491
+
break;
492
+
446
493
default:
447
494
mutt_error _("Illegal PGP header");
448
495
return 0;
···
450
497
451
498
}
452
499
500
+
/* the cryptalg field must not be empty */
501
+
#ifdef HAVE_SMIME
502
+
if (*smime_cryptalg)
503
+
mutt_str_replace (&SmimeCryptAlg, smime_cryptalg);
504
+
#endif /* HAVE_SMIME */
505
+
506
+
#ifdef HAVE_PGP
453
507
if (set_signas || *pgp_sign_as)
454
508
mutt_str_replace (&PgpSignAs, pgp_sign_as);
509
+
#endif /* HAVE_PGP */
455
510
456
511
return pgp;
457
512
}
458
-
#endif /* HAVE_PGP */
513
+
#endif /* HAVE_PGP || HAVE_SMIME */
514
+
515
+
459
516
460
517
int mutt_prepare_template (FILE *fp, CONTEXT *ctx, HEADER *newhdr, HEADER *hdr,
461
518
short weed)
···
509
566
510
567
#ifdef HAVE_PGP
511
568
/* decrypt pgp/mime encoded messages */
512
-
if ((hdr->pgp & PGPENCRYPT) &&
569
+
if ((hdr->security & APPLICATION_PGP) &&
513
570
mutt_is_multipart_encrypted (newhdr->content))
514
571
{
515
-
newhdr->pgp |= PGPENCRYPT;
572
+
newhdr->security |= PGPENCRYPT;
516
573
if (!pgp_valid_passphrase())
517
574
goto err;
518
575
···
531
588
532
589
mutt_clear_error ();
533
590
}
591
+
#endif
592
+
593
+
#if defined(HAVE_PGP)|| defined(HAVE_SMIME)
534
594
535
595
/*
536
596
* remove a potential multipart/signed layer - useful when
···
539
599
540
600
if (mutt_is_multipart_signed (newhdr->content))
541
601
{
542
-
newhdr->pgp |= PGPSIGN;
543
-
602
+
newhdr->security |= SIGN;
603
+
544
604
/* destroy the signature */
545
605
mutt_free_body (&newhdr->content->parts->next);
546
606
newhdr->content = mutt_remove_multipart (newhdr->content);
+2
-2
protos.h
+2
-2
protos.h
···
134
134
char *mutt_get_body_charset (char *, size_t, BODY *);
135
135
char *mutt_get_name (ADDRESS *);
136
136
char *mutt_get_parameter (const char *, PARAMETER *);
137
-
#ifdef HAVE_PGP
138
-
char *mutt_pgp_hook (ADDRESS *);
137
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
138
+
char *mutt_crypt_hook (ADDRESS *);
139
139
#endif /* HAVE_PGP */
140
140
char *mutt_make_date (char *, size_t);
141
141
+47
-22
recvattach.c
+47
-22
recvattach.c
···
34
34
#include "pgp.h"
35
35
#endif
36
36
37
+
#ifdef HAVE_SMIME
38
+
#include "smime.h"
39
+
#endif
40
+
37
41
38
42
39
43
#include <ctype.h>
···
835
839
836
840
837
841
838
-
#ifdef HAVE_PGP
839
-
int pgp = 0;
842
+
843
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
844
+
int secured = 0;
840
845
#endif
841
846
842
847
···
862
867
863
868
864
869
870
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
871
+
if (hdr->security & ENCRYPT)
872
+
{
873
+
if (!crypt_valid_passphrase(hdr->security))
874
+
{
875
+
mx_close_message (&msg);
876
+
return;
877
+
}
878
+
#ifdef HAVE_SMIME
879
+
if (hdr->security & APPLICATION_SMIME)
880
+
{
881
+
if (hdr->env->to)
882
+
smime_getkeys (hdr->env->to->mailbox);
883
+
884
+
if (mutt_is_application_smime(hdr->content))
885
+
secured = ! smime_decrypt_mime (msg->fp, &fp, hdr->content, &cur);
886
+
}
887
+
#endif
865
888
#ifdef HAVE_PGP
866
-
if((hdr->pgp & PGPENCRYPT) && !pgp_valid_passphrase())
867
-
{
868
-
mx_close_message (&msg);
869
-
return;
870
-
}
871
-
872
-
if ((hdr->pgp & PGPENCRYPT) && mutt_is_multipart_encrypted(hdr->content))
873
-
{
874
-
if (pgp_decrypt_mime (msg->fp, &fp, hdr->content, &cur))
889
+
if (hdr->security & APPLICATION_PGP)
890
+
{
891
+
if (mutt_is_multipart_encrypted(hdr->content))
892
+
secured = !pgp_decrypt_mime (msg->fp, &fp, hdr->content, &cur);
893
+
}
894
+
#endif
895
+
896
+
if (!secured)
875
897
{
876
898
mx_close_message (&msg);
877
899
return;
878
900
}
879
-
pgp = 1;
880
901
}
881
902
else
882
-
#endif /* HAVE_PGP */
903
+
#endif /* HAVE_SMIME || HAVVE_PGP */
883
904
{
884
905
fp = msg->fp;
885
906
cur = hdr->content;
···
934
955
break;
935
956
936
957
937
-
#ifdef HAVE_PGP
958
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
938
959
case OP_FORGET_PASSPHRASE:
939
-
mutt_forget_passphrase ();
960
+
crypt_forget_passphrase ();
940
961
break;
962
+
#endif
941
963
964
+
965
+
#ifdef HAVE_PGP
942
966
case OP_EXTRACT_KEYS:
943
967
pgp_extract_keys_from_attachment_list (fp, menu->tagprefix,
944
968
menu->tagprefix ? cur : idx[menu->current]->content);
···
949
973
if (pgp_check_traditional (fp, menu->tagprefix ? cur : idx[menu->current]->content,
950
974
menu->tagprefix))
951
975
{
952
-
hdr->pgp = pgp_query (cur);
976
+
hdr->security = crypt_query (cur);
953
977
menu->redraw = REDRAW_FULL;
954
978
}
955
979
break;
···
991
1015
992
1016
993
1017
994
-
#ifdef HAVE_PGP
995
-
if (hdr->pgp)
1018
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1019
+
if (hdr->security)
996
1020
{
997
1021
mutt_message _(
998
-
"Deletion of attachments from PGP messages is unsupported.");
1022
+
"Deletion of attachments from encrypted messages is unsupported.");
999
1023
}
1000
1024
else
1001
1025
#endif
···
1126
1150
1127
1151
1128
1152
1129
-
#ifdef HAVE_PGP
1130
-
if (pgp)
1153
+
1154
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1155
+
if (secured)
1131
1156
{
1132
1157
fclose (fp);
1133
1158
mutt_free_body (&cur);
1134
1159
}
1135
-
#endif /* HAVE_PGP */
1160
+
#endif /* HAVE_PGP || HAVE_SMIME */
1136
1161
1137
1162
1138
1163
+65
-82
send.c
+65
-82
send.c
···
41
41
#include "pgp.h"
42
42
#endif
43
43
44
+
#ifdef HAVE_SMIME
45
+
#include "smime.h"
46
+
#endif
47
+
44
48
#ifdef MIXMASTER
45
49
#include "remailer.h"
46
50
#endif
···
343
347
mutt_message_hook (ctx, cur, M_MESSAGEHOOK);
344
348
345
349
#ifdef HAVE_PGP
346
-
if ((cur->pgp & PGPENCRYPT) && option (OPTFORWDECODE))
350
+
if ((cur->security & ENCRYPT) && option (OPTFORWDECODE))
347
351
{
348
352
/* make sure we have the user's passphrase before proceeding... */
349
-
pgp_valid_passphrase ();
353
+
crypt_valid_passphrase (cur->security);
350
354
}
351
-
#endif /* HAVE_PGP */
355
+
#endif /* HAVE_SMIME */
352
356
353
357
mutt_forward_intro (out, cur);
354
358
···
397
401
int chflags = CH_DECODE;
398
402
399
403
#ifdef HAVE_PGP
400
-
if (cur->pgp)
401
-
{
402
-
if (cur->pgp & PGPENCRYPT)
404
+
if (cur->security & ENCRYPT)
403
405
{
404
406
/* make sure we have the user's passphrase before proceeding... */
405
-
pgp_valid_passphrase ();
407
+
crypt_valid_passphrase (cur->security);
406
408
}
407
-
}
408
-
#endif /* HAVE_PGP */
409
+
#endif /* HAVE_SMIME */
409
410
410
411
mutt_parse_mime_message (ctx, cur);
411
412
mutt_message_hook (ctx, cur, M_MESSAGEHOOK);
···
801
802
802
803
803
804
804
-
#ifdef HAVE_PGP
805
+
#if defined(HAVE_PGP)
806
+
/* || defined(HAVE_SMIME) */
805
807
else if (flags & SENDKEY)
806
808
{
807
809
BODY *tmp;
810
+
#ifdef HAVE_PGP
808
811
if ((tmp = pgp_make_key_attachment (NULL)) == NULL)
809
812
return -1;
813
+
#endif
810
814
811
815
tmp->next = msg->content;
812
816
msg->content = tmp;
···
1021
1025
return ci_send_message (SENDRESEND, msg, NULL, ctx, cur);
1022
1026
}
1023
1027
1024
-
#ifdef HAVE_PGP
1025
-
1026
-
static int _set_pgp_flags (HEADER *cur)
1027
-
{
1028
-
int flags = 0;
1029
-
1030
-
if (option (OPTPGPREPLYENCRYPT) && cur && cur->pgp & PGPENCRYPT)
1031
-
flags |= PGPENCRYPT;
1032
-
if (option (OPTPGPREPLYSIGN) && cur && cur->pgp & PGPSIGN)
1033
-
flags |= PGPSIGN;
1034
-
if (option (OPTPGPREPLYSIGNENCRYPTED) && cur && cur->pgp & PGPENCRYPT)
1035
-
flags |= PGPSIGN;
1036
-
1037
-
return flags;
1038
-
1039
-
}
1040
-
1041
-
static int set_pgp_flags (HEADER *cur, CONTEXT *ctx)
1042
-
{
1043
-
int i;
1044
-
int flags = 0;
1045
-
1046
-
if (cur)
1047
-
return _set_pgp_flags (cur);
1048
-
1049
-
if (!ctx)
1050
-
return 0;
1051
-
1052
-
for (i = 0; i < ctx->vcount; i++)
1053
-
{
1054
-
cur = ctx->hdrs[ctx->v2r[i]];
1055
-
if (cur->tagged)
1056
-
flags |= _set_pgp_flags (cur);
1057
-
}
1058
-
1059
-
return flags;
1060
-
}
1061
-
1062
-
#endif /* HAVE_PGP */
1063
-
1064
1028
int
1065
1029
ci_send_message (int flags, /* send mode */
1066
1030
HEADER *msg, /* template to use for new message */
···
1074
1038
BODY *pbody;
1075
1039
int i, killfrom = 0;
1076
1040
1077
-
#ifdef HAVE_PGP
1041
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1078
1042
BODY *save_content = NULL;
1079
1043
BODY *clear_content = NULL;
1080
1044
char *pgpkeylist = NULL;
···
1244
1208
* can take effect.
1245
1209
*/
1246
1210
1247
-
#ifdef HAVE_PGP
1211
+
#if defined(HAVE_PGP)|| defined(HAVE_SMIME)
1248
1212
if (! (flags & SENDMAILX))
1249
1213
{
1250
-
if (option (OPTPGPAUTOSIGN))
1251
-
msg->pgp |= PGPSIGN;
1252
-
if (option (OPTPGPAUTOENCRYPT))
1253
-
msg->pgp |= PGPENCRYPT;
1214
+
if (option (OPTCRYPTAUTOSIGN))
1215
+
msg->security |= SIGN;
1216
+
if (option (OPTCRYPTAUTOENCRYPT))
1217
+
msg->security |= ENCRYPT;
1218
+
if (option (OPTCRYPTREPLYENCRYPT) && cur && cur->security & ENCRYPT)
1219
+
msg->security |= ENCRYPT;
1220
+
if (option (OPTCRYPTREPLYSIGN) && cur && cur->security & SIGN)
1221
+
msg->security |= SIGN;
1222
+
if (option (OPTCRYPTREPLYSIGNENCRYPTED) && cur && cur->security & ENCRYPT)
1223
+
msg->security |= SIGN;
1254
1224
1255
-
msg->pgp |= set_pgp_flags (cur, ctx);
1225
+
#ifdef HAVE_PGP
1226
+
if (msg->security)
1227
+
msg->security |= APPLICATION_PGP; // default is PGP
1228
+
#endif
1229
+
1230
+
#ifdef HAVE_SMIME
1231
+
if (msg->security && ((cur && cur->security & APPLICATION_SMIME) ||
1232
+
option (OPTSMIMEISDEFAULT)))
1233
+
{
1234
+
#ifdef HAVE_PGP
1235
+
/* if not both.. */
1236
+
msg->security ^= APPLICATION_PGP;
1237
+
#endif
1238
+
msg->security |= APPLICATION_SMIME;
1239
+
}
1240
+
#endif /* HAVE_SMIME */
1256
1241
}
1257
-
1258
-
#endif /* HAVE_PGP */
1259
-
1242
+
#endif /* HAVE_PGP || HAVE_SMIME */
1260
1243
1261
1244
1262
1245
···
1414
1397
1415
1398
encode_descriptions (msg->content, 1);
1416
1399
1417
-
#ifdef HAVE_PGP
1418
-
if (msg->pgp)
1400
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1401
+
if (msg->security)
1419
1402
{
1420
1403
/* save the decrypted attachments */
1421
1404
clear_content = msg->content;
1422
1405
1423
-
if ((pgp_get_keys (msg, &pgpkeylist) == -1) ||
1424
-
(pgp_protect (msg, pgpkeylist) == -1))
1406
+
if ((crypt_get_keys (msg, &pgpkeylist) == -1) ||
1407
+
mutt_protect (msg, pgpkeylist) == -1)
1425
1408
{
1426
1409
msg->content = mutt_remove_multipart (msg->content);
1427
1410
···
1472
1455
if (*fcc && mutt_strcmp ("/dev/null", fcc) != 0)
1473
1456
{
1474
1457
BODY *tmpbody = msg->content;
1475
-
#ifdef HAVE_PGP
1458
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1476
1459
BODY *save_sig = NULL;
1477
1460
BODY *save_parts = NULL;
1478
1461
#endif /* HAVE_PGP */
1479
1462
1480
-
#ifdef HAVE_PGP
1481
-
if (msg->pgp && option (OPTFCCCLEAR))
1463
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1464
+
if (msg->security && option (OPTFCCCLEAR))
1482
1465
msg->content = clear_content;
1483
1466
#endif
1484
1467
1485
1468
/* check to see if the user wants copies of all attachments */
1486
1469
if (!option (OPTFCCATTACH) && msg->content->type == TYPEMULTIPART)
1487
1470
{
1488
-
#ifdef HAVE_PGP
1471
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1489
1472
if (mutt_strcmp (msg->content->subtype, "encrypted") == 0 ||
1490
1473
mutt_strcmp (msg->content->subtype, "signed") == 0)
1491
1474
{
1492
1475
if (clear_content->type == TYPEMULTIPART)
1493
1476
{
1494
-
if (!(msg->pgp & PGPENCRYPT) && (msg->pgp & PGPSIGN))
1477
+
if(!(msg->security & ENCRYPT) && (msg->security & SIGN))
1495
1478
{
1496
1479
/* save initial signature and attachments */
1497
1480
save_sig = msg->content->parts->next;
···
1501
1484
/* this means writing only the main part */
1502
1485
msg->content = clear_content->parts;
1503
1486
1504
-
if (pgp_protect (msg, pgpkeylist) == -1)
1487
+
if (mutt_protect (msg, pgpkeylist) == -1)
1505
1488
{
1506
1489
/* we can't do much about it at this point, so
1507
1490
* fallback to saving the whole thing to fcc
···
1515
1498
}
1516
1499
}
1517
1500
else
1518
-
#endif /* HAVE_PGP */
1501
+
#endif /* HAVE_PGP || HAVE_SMIME */
1519
1502
msg->content = msg->content->parts;
1520
1503
}
1521
1504
1522
-
#ifdef HAVE_PGP
1505
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1523
1506
full_fcc:
1524
-
#endif /* HAVE_PGP */
1507
+
#endif /* HAVE_PGP || HAVE_SMIME */
1525
1508
if (msg->content)
1526
1509
mutt_write_fcc (fcc, msg, NULL, 0, NULL);
1527
1510
1528
1511
msg->content = tmpbody;
1529
1512
1530
-
#ifdef HAVE_PGP
1513
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1531
1514
if (save_sig)
1532
1515
{
1533
1516
/* cleanup the second signature structures */
···
1548
1531
mutt_free_body (&save_content);
1549
1532
}
1550
1533
1551
-
#endif /* HAVE_PGP */
1534
+
#endif /* HAVE_PGP || HAVE_SMIME */
1552
1535
}
1553
1536
1554
1537
···
1556
1539
{
1557
1540
if (!(flags & SENDBATCH))
1558
1541
{
1559
-
#ifdef HAVE_PGP
1560
-
if ((msg->pgp & PGPENCRYPT) ||
1561
-
((msg->pgp & PGPSIGN) && msg->content->type == TYPEAPPLICATION))
1542
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1543
+
if ((msg->security & ENCRYPT) ||
1544
+
((msg->security & SIGN) && msg->content->type == TYPEAPPLICATION))
1562
1545
{
1563
1546
mutt_free_body (&msg->content); /* destroy PGP data */
1564
1547
msg->content = clear_content; /* restore clear text. */
1565
1548
}
1566
-
else if ((msg->pgp & PGPSIGN) && msg->content->type == TYPEMULTIPART)
1549
+
else if ((msg->security & SIGN) && msg->content->type == TYPEMULTIPART)
1567
1550
{
1568
1551
mutt_free_body (&msg->content->parts->next); /* destroy sig */
1569
1552
msg->content = mutt_remove_multipart (msg->content); /* remove multipart */
···
1583
1566
else if (!option (OPTNOCURSES) && ! (flags & SENDMAILX))
1584
1567
mutt_message (i == 0 ? _("Mail sent.") : _("Sending in background."));
1585
1568
1586
-
#ifdef HAVE_PGP
1587
-
if (msg->pgp & PGPENCRYPT)
1569
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1570
+
if (msg->security & ENCRYPT)
1588
1571
{
1589
1572
/* cleanup structures from the first encryption */
1590
1573
mutt_free_body (&clear_content);
1591
1574
FREE (&pgpkeylist);
1592
1575
}
1593
-
#endif /* HAVE_PGP */
1576
+
#endif
1594
1577
1595
1578
if (flags & SENDREPLY)
1596
1579
{
+55
-13
sendlib.c
+55
-13
sendlib.c
···
119
119
#endif /* HAVE_PGP */
120
120
121
121
122
+
#ifdef HAVE_SMIME
123
+
#include "smime.h"
124
+
#endif /* HAVE_SMIME */
125
+
126
+
122
127
123
128
#define DISPOSITION(X) X==DISPATTACH?"attachment":"inline"
124
129
···
1286
1291
BODY *body;
1287
1292
FILE *fp;
1288
1293
int cmflags, chflags;
1289
-
#ifdef HAVE_PGP
1290
-
int pgp = hdr->pgp;
1294
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1295
+
int pgp = hdr->security;
1291
1296
#endif
1292
1297
1293
-
#ifdef HAVE_PGP
1298
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1294
1299
if ((option(OPTMIMEFORWDECODE) || option(OPTFORWDECRYPT)) &&
1295
-
(hdr->pgp & PGPENCRYPT) && !pgp_valid_passphrase())
1296
-
return (NULL);
1297
-
#endif /* HAVE_PGP */
1300
+
(hdr->security & ENCRYPT)) {
1301
+
if (!crypt_valid_passphrase(hdr->security))
1302
+
return (NULL);
1303
+
}
1304
+
#endif /* defined(HAVE_PGP) || defined(HAVE_SMIME) */
1298
1305
1299
1306
mutt_mktemp (buffer);
1300
1307
if ((fp = safe_fopen (buffer, "w+")) == NULL)
···
1321
1328
#ifdef HAVE_PGP
1322
1329
pgp &= ~PGPENCRYPT;
1323
1330
#endif
1331
+
#ifdef HAVE_SMIME
1332
+
pgp &= ~SMIMEENCRYPT;
1333
+
#endif
1324
1334
}
1325
-
#ifdef HAVE_PGP
1335
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1326
1336
else
1327
1337
if (option (OPTFORWDECRYPT)
1328
-
&& (hdr->pgp & PGPENCRYPT))
1338
+
&& (hdr->security & ENCRYPT))
1329
1339
{
1340
+
#ifdef HAVE_PGP
1330
1341
if (mutt_is_multipart_encrypted (hdr->content))
1331
1342
{
1332
1343
chflags |= CH_MIME | CH_NONEWLINE;
···
1339
1350
cmflags = M_CM_DECODE | M_CM_CHARCONV;
1340
1351
pgp &= ~PGPENCRYPT;
1341
1352
}
1353
+
#endif
1354
+
#if defined(HAVE_PGP) && defined(HAVE_SMIME)
1355
+
else
1356
+
#endif
1357
+
#ifdef HAVE_SMIME
1358
+
if (mutt_is_application_smime (hdr->content) & SMIMEENCRYPT)
1359
+
{
1360
+
chflags |= CH_MIME | CH_TXTPLAIN;
1361
+
cmflags = M_CM_DECODE | M_CM_CHARCONV;
1362
+
pgp &= ~SMIMEENCRYPT;
1363
+
}
1364
+
#endif
1342
1365
}
1343
1366
#endif
1344
1367
···
1351
1374
body->hdr->offset = 0;
1352
1375
/* we don't need the user headers here */
1353
1376
body->hdr->env = mutt_read_rfc822_header(fp, body->hdr, 0, 0);
1354
-
#ifdef HAVE_PGP
1355
-
body->hdr->pgp = pgp;
1377
+
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
1378
+
body->hdr->security = pgp;
1356
1379
#endif /* HAVE_PGP */
1357
1380
mutt_update_encoding (body);
1358
1381
body->parts = body->hdr->content;
···
2356
2379
2357
2380
#ifdef HAVE_PGP
2358
2381
/* (postponment) if the mail is to be signed or encrypted, save this info */
2359
-
if (post && (hdr->pgp & (PGPENCRYPT | PGPSIGN)))
2382
+
if (post && (hdr->security & APPLICATION_PGP))
2360
2383
{
2361
2384
fputs ("X-Mutt-PGP: ", msg->fp);
2362
-
if (hdr->pgp & PGPENCRYPT)
2385
+
if (hdr->security & ENCRYPT)
2363
2386
fputc ('E', msg->fp);
2364
-
if (hdr->pgp & PGPSIGN)
2387
+
if (hdr->security & SIGN)
2365
2388
{
2366
2389
fputc ('S', msg->fp);
2367
2390
if (PgpSignAs && *PgpSignAs)
···
2370
2393
fputc ('\n', msg->fp);
2371
2394
}
2372
2395
#endif /* HAVE_PGP */
2396
+
2397
+
#ifdef HAVE_SMIME
2398
+
/* (postponment) if the mail is to be signed or encrypted, save this info */
2399
+
if (post && (hdr->security & APPLICATION_SMIME))
2400
+
{
2401
+
fputs ("X-Mutt-SMIME: ", msg->fp);
2402
+
if (hdr->security & ENCRYPT) {
2403
+
fputc ('E', msg->fp);
2404
+
if (SmimeCryptAlg && *SmimeCryptAlg)
2405
+
fprintf (msg->fp, "C<%s>", SmimeCryptAlg);
2406
+
}
2407
+
if (hdr->security & SIGN) {
2408
+
fputc ('S', msg->fp);
2409
+
if (SmimeSignAs && *SmimeSignAs)
2410
+
fprintf (msg->fp, "<%s>", SmimeSignAs);
2411
+
}
2412
+
fputc ('\n', msg->fp);
2413
+
}
2414
+
#endif /* HAVE_SMIME */
2373
2415
2374
2416
#ifdef MIXMASTER
2375
2417
/* (postponement) if the mail is to be sent through a mixmaster
+1995
smime.c
+1995
smime.c
···
1
+
/*
2
+
* Copyright (C) 2001 Oliver Ehli <elmy@acm.org>
3
+
*
4
+
* This program is free software; you can redistribute it and/or modify
5
+
* it under the terms of the GNU General Public License as published by
6
+
* the Free Software Foundation; either version 2 of the License, or
7
+
* (at your option) any later version.
8
+
*
9
+
* This program is distributed in the hope that it will be useful,
10
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
11
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
+
* GNU General Public License for more details.
13
+
*
14
+
* You should have received a copy of the GNU General Public License
15
+
* along with this program; if not, write to the Free Software
16
+
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
17
+
*/
18
+
19
+
#include "mutt.h"
20
+
#include "mutt_curses.h"
21
+
#include "mutt_menu.h"
22
+
#include "smime.h"
23
+
#include "mime.h"
24
+
#include "copy.h"
25
+
26
+
#include <sys/wait.h>
27
+
#include <string.h>
28
+
#include <stdlib.h>
29
+
#include <unistd.h>
30
+
#include <sys/stat.h>
31
+
#include <errno.h>
32
+
#include <ctype.h>
33
+
34
+
#ifdef HAVE_LOCALE_H
35
+
#include <locale.h>
36
+
#endif
37
+
38
+
#ifdef HAVE_SYS_TIME_H
39
+
# include <sys/time.h>
40
+
#endif
41
+
42
+
#ifdef HAVE_SYS_RESOURCE_H
43
+
# include <sys/resource.h>
44
+
#endif
45
+
46
+
#ifdef HAVE_SMIME
47
+
48
+
#include "crypt.h"
49
+
50
+
51
+
struct smime_command_context {
52
+
const char *key; /* %k */
53
+
const char *cryptalg; /* %a */
54
+
const char *fname; /* %f */
55
+
const char *sig_fname; /* %s */
56
+
const char *certificates; /* %c */
57
+
const char *intermediates; /* %i */
58
+
};
59
+
60
+
61
+
typedef struct {
62
+
unsigned int hash;
63
+
char suffix;
64
+
char email[256];
65
+
char nick[256];
66
+
char trust; /* i=Invalid r=revoked e=expired u=unverified v=verified t=trusted */
67
+
short public; /* 1=public 0=private */
68
+
} smime_id;
69
+
70
+
71
+
char SmimePass[STRING];
72
+
time_t SmimeExptime = 0; /* when does the cached passphrase expire? */
73
+
74
+
75
+
static char SmimeKeyToUse[_POSIX_PATH_MAX];
76
+
static char SmimeCertToUse[_POSIX_PATH_MAX];
77
+
static char SmimeIntermediateToUse[_POSIX_PATH_MAX];
78
+
79
+
80
+
/*
81
+
* Queries and passphrase handling.
82
+
*/
83
+
84
+
85
+
86
+
87
+
/* these are copies from pgp.c */
88
+
89
+
90
+
void smime_void_passphrase (void)
91
+
{
92
+
memset (SmimePass, 0, sizeof (SmimePass));
93
+
SmimeExptime = 0;
94
+
}
95
+
96
+
97
+
98
+
int mutt_is_application_smime (BODY *m)
99
+
{
100
+
char *t=NULL;
101
+
int len, complain=0;
102
+
103
+
if (m->type & TYPEAPPLICATION && m->subtype)
104
+
{
105
+
if (!mutt_strcasecmp (m->subtype, "x-pkcs7-mime"))
106
+
{
107
+
if ((t = mutt_get_parameter ("smime-type", m->parameter)))
108
+
{
109
+
if (!mutt_strcasecmp (t, "enveloped-data"))
110
+
return SMIMEENCRYPT;
111
+
else if (!mutt_strcasecmp (t, "signed-data"))
112
+
return (SMIMESIGN|SMIMEOPAQUE);
113
+
else return 0;
114
+
}
115
+
complain = 1;
116
+
}
117
+
else if (mutt_strcasecmp (m->subtype, "octet-stream"))
118
+
return 0;
119
+
120
+
t = mutt_get_parameter ("name", m->parameter);
121
+
122
+
if (!t) t = m->d_filename;
123
+
if (!t) t = m->filename;
124
+
if (!t) {
125
+
if (complain)
126
+
mutt_message (_("S/MIME messages with no hints on content are unsupported."));
127
+
return 0;
128
+
}
129
+
130
+
/* no .p7c, .p10 support yet. */
131
+
132
+
len = mutt_strlen (t) - 4;
133
+
if (len > 0 && *(t+len) == '.')
134
+
{
135
+
len++;
136
+
if (!mutt_strcasecmp ((t+len), "p7m"))
137
+
#if 0
138
+
return SMIMEENCRYPT;
139
+
#else
140
+
/* Not sure if this is the correct thing to do, but
141
+
it's required for compatibility with Outlook */
142
+
return (SMIMESIGN|SMIMEOPAQUE);
143
+
#endif
144
+
else if (!mutt_strcasecmp ((t+len), "p7s"))
145
+
return (SMIMESIGN|SMIMEOPAQUE);
146
+
}
147
+
}
148
+
149
+
return 0;
150
+
}
151
+
152
+
153
+
154
+
155
+
156
+
157
+
/*
158
+
* The OpenSSL interface
159
+
*/
160
+
161
+
/* This is almost identical to ppgp's invoking interface. */
162
+
163
+
static const char *_mutt_fmt_smime_command (char *dest,
164
+
size_t destlen,
165
+
char op,
166
+
const char *src,
167
+
const char *prefix,
168
+
const char *ifstring,
169
+
const char *elsestring,
170
+
unsigned long data,
171
+
format_flag flags)
172
+
{
173
+
char fmt[16];
174
+
struct smime_command_context *cctx = (struct smime_command_context *) data;
175
+
int optional = (flags & M_FORMAT_OPTIONAL);
176
+
177
+
switch (op)
178
+
{
179
+
case 'c':
180
+
{ /* certificate (list) */
181
+
if (!optional) {
182
+
snprintf (fmt, sizeof (fmt), "%%%ss", prefix);
183
+
snprintf (dest, destlen, fmt, NONULL(cctx->certificates));
184
+
}
185
+
else if (!cctx->certificates)
186
+
optional = 0;
187
+
break;
188
+
}
189
+
190
+
case 'i':
191
+
{ /* intermediate certificates */
192
+
if (!optional) {
193
+
snprintf (fmt, sizeof (fmt), "%%%ss", prefix);
194
+
snprintf (dest, destlen, fmt, NONULL(cctx->intermediates));
195
+
}
196
+
else if (!cctx->intermediates)
197
+
optional = 0;
198
+
break;
199
+
}
200
+
201
+
case 's':
202
+
{ /* detached signature */
203
+
if (!optional)
204
+
{
205
+
snprintf (fmt, sizeof (fmt), "%%%ss", prefix);
206
+
snprintf (dest, destlen, fmt, NONULL (cctx->sig_fname));
207
+
}
208
+
else if (!cctx->sig_fname)
209
+
optional = 0;
210
+
break;
211
+
}
212
+
213
+
case 'k':
214
+
{ /* private key */
215
+
if (!optional)
216
+
{
217
+
snprintf (fmt, sizeof (fmt), "%%%ss", prefix);
218
+
snprintf (dest, destlen, fmt, NONULL (cctx->key));
219
+
}
220
+
else if (!cctx->key)
221
+
optional = 0;
222
+
break;
223
+
}
224
+
225
+
case 'a':
226
+
{ /* algorithm for encryption */
227
+
if (!optional) {
228
+
snprintf (fmt, sizeof (fmt), "%%%ss", prefix);
229
+
snprintf (dest, destlen, fmt, NONULL (cctx->cryptalg));
230
+
}
231
+
else if (!cctx->key)
232
+
optional = 0;
233
+
break;
234
+
}
235
+
236
+
case 'f':
237
+
{ /* file to process */
238
+
if (!optional)
239
+
{
240
+
snprintf (fmt, sizeof (fmt), "%%%ss", prefix);
241
+
snprintf (dest, destlen, fmt, NONULL (cctx->fname));
242
+
}
243
+
else if (!cctx->fname)
244
+
optional = 0;
245
+
break;
246
+
}
247
+
248
+
default:
249
+
*dest = '\0';
250
+
break;
251
+
}
252
+
253
+
if (optional)
254
+
mutt_FormatString (dest, destlen, ifstring, _mutt_fmt_smime_command,
255
+
data, 0);
256
+
else if (flags & M_FORMAT_OPTIONAL)
257
+
mutt_FormatString (dest, destlen, elsestring, _mutt_fmt_smime_command,
258
+
data, 0);
259
+
260
+
return (src);
261
+
}
262
+
263
+
264
+
265
+
static void mutt_smime_command (char *d, size_t dlen,
266
+
struct smime_command_context *cctx, const char *fmt)
267
+
{
268
+
mutt_FormatString (d, dlen, NONULL(fmt), _mutt_fmt_smime_command,
269
+
(unsigned long) cctx, 0);
270
+
dprint (2,(debugfile, "mutt_smime_command: %s\n", d));
271
+
}
272
+
273
+
274
+
275
+
276
+
static pid_t smime_invoke (FILE **smimein, FILE **smimeout, FILE **smimeerr,
277
+
int smimeinfd, int smimeoutfd, int smimeerrfd,
278
+
const char *fname,
279
+
const char *sig_fname,
280
+
const char *cryptalg,
281
+
const char *key,
282
+
const char *certificates,
283
+
const char *intermediates,
284
+
const char *format)
285
+
{
286
+
struct smime_command_context cctx;
287
+
char cmd[HUGE_STRING];
288
+
289
+
memset (&cctx, 0, sizeof (cctx));
290
+
291
+
if (!format || !*format)
292
+
return (pid_t) -1;
293
+
294
+
cctx.fname = fname;
295
+
cctx.sig_fname = sig_fname;
296
+
cctx.key = key;
297
+
cctx.cryptalg = cryptalg;
298
+
cctx.certificates = certificates;
299
+
cctx.intermediates = intermediates;
300
+
301
+
mutt_smime_command (cmd, sizeof (cmd), &cctx, format);
302
+
303
+
return mutt_create_filter_fd (cmd, smimein, smimeout, smimeerr,
304
+
smimeinfd, smimeoutfd, smimeerrfd);
305
+
}
306
+
307
+
308
+
309
+
310
+
311
+
312
+
/*
313
+
* Key and certificate handling.
314
+
*/
315
+
316
+
317
+
318
+
/*
319
+
Search the certificate index for given mailbox.
320
+
return certificate file name.
321
+
*/
322
+
323
+
static void smime_entry (char *s, size_t l, MUTTMENU * menu, int num)
324
+
{
325
+
smime_id *Table = (smime_id*) menu->data;
326
+
smime_id this = Table[num];
327
+
char* truststate;
328
+
switch(this.trust) {
329
+
case 't':
330
+
truststate = N_("Trusted ");
331
+
break;
332
+
case 'v':
333
+
truststate = N_("Verified ");
334
+
break;
335
+
case 'u':
336
+
truststate = N_("Unverified");
337
+
break;
338
+
case 'e':
339
+
truststate = N_("Expired ");
340
+
break;
341
+
case 'r':
342
+
truststate = N_("Revoked ");
343
+
break;
344
+
case 'i':
345
+
truststate = N_("Invalid ");
346
+
break;
347
+
default:
348
+
truststate = N_("Unknown ");
349
+
}
350
+
if (this.public)
351
+
snprintf(s, l, "0x%.8X%i %s %-35.35s %s", this.hash, this.suffix, _(truststate), this.email, this.nick);
352
+
else
353
+
snprintf(s, l, "0x%.8X%i %-35.35s %s", this.hash, this.suffix, this.email, this.nick);
354
+
}
355
+
356
+
357
+
358
+
359
+
360
+
char* smime_ask_for_key (char *prompt, char *mailbox, short public)
361
+
{
362
+
char *fname;
363
+
smime_id *Table;
364
+
long cert_num; /* Will contain the number of certificates.
365
+
* To be able to get it, the .index file will be read twice... */
366
+
char index_file[_POSIX_PATH_MAX];
367
+
FILE *index;
368
+
char buf[256];
369
+
char fields[5][STRING];
370
+
int numFields, hash_suffix, done, cur; /* The current entry */
371
+
MUTTMENU* menu;
372
+
unsigned int hash;
373
+
char helpstr[128];
374
+
char qry[256];
375
+
char title[256];
376
+
377
+
if (!prompt) prompt = _("Enter keyID:");
378
+
snprintf(index_file, sizeof (index_file), "%s/.index",
379
+
public ? NONULL(SmimeCertificates) : NONULL(SmimeKeys));
380
+
381
+
index = fopen(index_file, "r");
382
+
if (index == NULL) return NULL;
383
+
/* Count Lines */
384
+
cert_num = 0;
385
+
while (!feof(index)) {
386
+
if (fgets(buf, sizeof(buf), index)) cert_num++;
387
+
}
388
+
fclose(index);
389
+
390
+
FOREVER
391
+
{
392
+
*qry = 0;
393
+
if (mutt_get_field(prompt,
394
+
qry, sizeof(qry), 0))
395
+
return NULL;
396
+
snprintf(title, sizeof(title), "S/MIME certificates matching \"%s\".",
397
+
qry);
398
+
399
+
400
+
index = fopen(index_file, "r");
401
+
if (!index) return NULL; /* should never happen */
402
+
/* Read Entries */
403
+
cur = 0;
404
+
Table = safe_malloc(sizeof (smime_id) * cert_num);
405
+
while (!feof(index)) {
406
+
numFields = fscanf (index, "%s %x.%i %s", fields[0], &hash,
407
+
&hash_suffix, fields[2]);
408
+
if (public)
409
+
fscanf (index, "%s %s\n", fields[3], fields[4]);
410
+
411
+
/* 0=email 1=name 2=nick 3=intermediate 4=trust */
412
+
if (numFields < 2) continue;
413
+
414
+
/* Check if query matches this certificate */
415
+
if (!mutt_stristr(fields[0], qry) &&
416
+
!mutt_stristr(fields[2], qry))
417
+
continue;
418
+
419
+
Table[cur].hash = hash;
420
+
Table[cur].suffix = hash_suffix;
421
+
strncpy(Table[cur].email, fields[0], sizeof(Table[cur].email));
422
+
strncpy(Table[cur].nick, fields[2], sizeof(Table[cur].nick));
423
+
Table[cur].trust = *fields[4];
424
+
Table[cur].public = public;
425
+
426
+
cur++;
427
+
}
428
+
fclose(index);
429
+
430
+
/* Make Helpstring */
431
+
helpstr[0] = 0;
432
+
mutt_make_help (buf, sizeof (buf), _("Exit "), MENU_SMIME, OP_EXIT);
433
+
strcat (helpstr, buf);
434
+
mutt_make_help (buf, sizeof (buf), _("Select "), MENU_SMIME,
435
+
OP_GENERIC_SELECT_ENTRY);
436
+
strcat (helpstr, buf);
437
+
mutt_make_help (buf, sizeof(buf), _("Help"), MENU_SMIME, OP_HELP);
438
+
strcat (helpstr, buf);
439
+
440
+
/* Create the menu */
441
+
menu = mutt_new_menu();
442
+
menu->max = cur;
443
+
menu->make_entry = smime_entry;
444
+
menu->menu = MENU_SMIME;
445
+
menu->help = helpstr;
446
+
menu->data = Table;
447
+
menu->title = title;
448
+
/* sorting keys might be done later - TODO */
449
+
450
+
mutt_clear_error();
451
+
452
+
done = 0;
453
+
hash = 0;
454
+
while (!done) {
455
+
switch (mutt_menuLoop (menu)) {
456
+
case OP_GENERIC_SELECT_ENTRY:
457
+
cur = menu->current;
458
+
hash = 1;
459
+
done = 1;
460
+
break;
461
+
case OP_EXIT:
462
+
hash = 0;
463
+
done = 1;
464
+
break;
465
+
}
466
+
}
467
+
if (hash) {
468
+
fname = safe_malloc(14); /* Hash + '.' + Suffix + \n + \0 */
469
+
sprintf(fname, "%.8x.%i\n", Table[cur].hash, Table[cur].suffix);
470
+
}
471
+
else fname = NULL;
472
+
473
+
mutt_menuDestroy (&menu);
474
+
safe_free ((void**)&Table);
475
+
set_option (OPTNEEDREDRAW);
476
+
477
+
if (fname) return fname;
478
+
}
479
+
}
480
+
481
+
482
+
483
+
484
+
char *smime_get_field_from_db (char *mailbox, char *query, short public)
485
+
{
486
+
int addr_len, query_len, found = 0, ask = 0, choice = 0;
487
+
char cert_path[_POSIX_PATH_MAX];
488
+
char buf[LONG_STRING], prompt[STRING];
489
+
char fields[5][STRING];
490
+
int numFields;
491
+
struct stat info;
492
+
char *key=NULL, key_trust_level = 0;
493
+
FILE *fp;
494
+
495
+
if(!mailbox && !query) return(NULL);
496
+
497
+
addr_len = mailbox ? mutt_strlen (mailbox) : 0;
498
+
query_len = query ? mutt_strlen (query) : 0;
499
+
500
+
/* index-file format:
501
+
mailbox certfile label issuer_certfile trust_flags\n
502
+
503
+
\n is also copied here, serving as delimitation.
504
+
505
+
certfile is a hash value generated by openssl.
506
+
Note that this was done according to the OpenSSL
507
+
specs on their CA-directory.
508
+
509
+
*/
510
+
snprintf (cert_path, sizeof (cert_path),_("%s/.index"),
511
+
(public ? NONULL(SmimeCertificates) : NONULL(SmimeKeys)));
512
+
513
+
if (!stat (cert_path, &info))
514
+
{
515
+
if ((fp = safe_fopen (cert_path, "r")) == NULL)
516
+
{
517
+
mutt_perror (cert_path);
518
+
return (NULL);
519
+
}
520
+
521
+
while (fgets (buf, sizeof (buf) - 1, fp) != NULL)
522
+
if (mailbox && !(mutt_strncasecmp (mailbox, buf, addr_len)))
523
+
{
524
+
numFields = sscanf (buf, "%s %s %s %s %s\n", fields[0], fields[1],
525
+
fields[2], fields[3], fields[4]);
526
+
if (numFields < 2)
527
+
continue;
528
+
if (mailbox && public &&
529
+
(!fields[4] ||
530
+
*fields[4] == 'i' || *fields[4] == 'e' || *fields[4] == 'r'))
531
+
continue;
532
+
533
+
if (found)
534
+
{
535
+
if (public && *fields[4] == 'u' )
536
+
snprintf (prompt, sizeof (prompt),
537
+
_("ID %s is unverified. Do you want to use it for %s ?"),
538
+
fields[1], mailbox);
539
+
else if (public && *fields[4] == 'v' )
540
+
snprintf (prompt, sizeof (prompt),
541
+
_("Use (untrusted!) ID %s for %s ?"),
542
+
fields[1], mailbox);
543
+
else
544
+
snprintf (prompt, sizeof (prompt), _("Use ID %s for %s ?"),
545
+
fields[1], mailbox);
546
+
if ((choice = mutt_yesorno (prompt, M_NO)) == -1)
547
+
{
548
+
found = 0;
549
+
ask = 0;
550
+
safe_free((void **) &key);
551
+
key = NULL;
552
+
break;
553
+
}
554
+
else if (choice == M_NO)
555
+
{
556
+
ask = 1;
557
+
continue;
558
+
}
559
+
else if (choice == M_YES)
560
+
{
561
+
snprintf (key,mutt_strlen(key), fields[1]);
562
+
ask = 0;
563
+
break;
564
+
}
565
+
}
566
+
else
567
+
{
568
+
key = safe_calloc(1, mutt_strlen(fields[1])+2);
569
+
if (public) key_trust_level = *fields[4];
570
+
snprintf(key, mutt_strlen(fields[1])+1, "%s", fields[1]);
571
+
}
572
+
found = 1;
573
+
}
574
+
else if(query)
575
+
{
576
+
numFields = sscanf (buf, "%s %s %s %s %s\n", fields[0], fields[1],
577
+
fields[2], fields[3], fields[4]);
578
+
579
+
/* query = label: return certificate. */
580
+
if (numFields >= 3 &&
581
+
!(mutt_strncasecmp (query, fields[2], query_len)))
582
+
{
583
+
ask = 0;
584
+
key = safe_calloc(1, mutt_strlen(fields[1])+2);
585
+
snprintf(key, mutt_strlen(fields[1])+1, "%s", fields[1]);
586
+
}
587
+
/* query = certificate: return intermediate certificate. */
588
+
else if (numFields >= 4 &&
589
+
!(mutt_strncasecmp (query, fields[1], query_len)))
590
+
{
591
+
ask = 0;
592
+
key = safe_calloc(1, mutt_strlen(fields[3])+2);
593
+
snprintf(key, mutt_strlen(fields[3])+1, "%s", fields[3]);
594
+
}
595
+
}
596
+
597
+
fclose (fp);
598
+
599
+
if (ask)
600
+
{
601
+
if (public && *fields[4] == 'u' )
602
+
snprintf (prompt, sizeof (prompt),
603
+
_("ID %s is unverified. Do you want to use it for %s ?"),
604
+
fields[1], mailbox);
605
+
else if (public && *fields[4] == 'v' )
606
+
snprintf (prompt, sizeof (prompt),
607
+
_("Use (untrusted!) ID %s for %s ?"),
608
+
fields[1], mailbox);
609
+
else
610
+
snprintf (prompt, sizeof(prompt), _("Use ID %s for %s ?"), key,
611
+
mailbox);
612
+
choice = mutt_yesorno (prompt, M_NO);
613
+
if (choice == -1 || choice == M_NO)
614
+
{
615
+
safe_free ((void **) &key);
616
+
key = NULL;
617
+
}
618
+
}
619
+
else if (key_trust_level)
620
+
{
621
+
if (key_trust_level == 'u' )
622
+
{
623
+
snprintf (prompt, sizeof (prompt),
624
+
_("ID %s is unverified. Do you want to use it for %s ?"),
625
+
key, mailbox);
626
+
choice = mutt_yesorno (prompt, M_NO);
627
+
if (choice != M_YES)
628
+
{
629
+
safe_free ((void **) &key);
630
+
key = NULL;
631
+
}
632
+
633
+
}
634
+
else if (key_trust_level == 'v' )
635
+
{
636
+
snprintf (prompt, sizeof (prompt),
637
+
_("Warning: You have not yet decided to trust ID %s. (any key to continue)"), key);
638
+
639
+
mutt_error (prompt);
640
+
mutt_any_key_to_continue ("");
641
+
/* mutt_any_key_to_continue (prompt); */
642
+
}
643
+
}
644
+
645
+
}
646
+
647
+
if (key)
648
+
{
649
+
key[mutt_strlen(key)+1] = 0;
650
+
key[mutt_strlen(key)] = '\n';
651
+
}
652
+
653
+
return key;
654
+
}
655
+
656
+
657
+
658
+
659
+
/*
660
+
This sets the '*ToUse' variables for an upcoming decryption, where
661
+
the reuquired key is different from SmimeSignAs.
662
+
*/
663
+
664
+
static int SmimeFirstTime = 1; /* sucks... */
665
+
void smime_getkeys (char *mailbox)
666
+
{
667
+
char *k = smime_get_field_from_db (mailbox, NULL, 0);
668
+
char buf[STRING];
669
+
670
+
if (!k)
671
+
{
672
+
snprintf(buf, sizeof(buf), "Enter keyID for \'%s\':",
673
+
mailbox);
674
+
k = smime_ask_for_key(buf, mailbox, 0);
675
+
}
676
+
677
+
if (k)
678
+
{
679
+
k[mutt_strlen (k)-1] = '\0';
680
+
681
+
/* the key used last time. */
682
+
if (!SmimeFirstTime &&
683
+
!mutt_strcasecmp (k, SmimeKeyToUse + mutt_strlen (SmimeKeys)+1))
684
+
{
685
+
safe_free ((void **) &k);
686
+
return;
687
+
}
688
+
else smime_void_passphrase ();
689
+
690
+
SmimeFirstTime = 0;
691
+
snprintf (SmimeKeyToUse, sizeof (SmimeKeyToUse), "%s/%s",
692
+
NONULL(SmimeKeys), k);
693
+
694
+
snprintf (SmimeCertToUse, sizeof (SmimeCertToUse), "%s/%s",
695
+
NONULL(SmimeCertificates), k);
696
+
697
+
if (mutt_strcasecmp (k, SmimeSignAs))
698
+
{
699
+
endwin ();
700
+
mutt_clear_error ();
701
+
snprintf (buf, sizeof (buf), "This message seems to require key"
702
+
" \'%s\'. (Any key to continue)", k);
703
+
mutt_any_key_to_continue (buf);
704
+
endwin ();
705
+
smime_void_passphrase ();
706
+
}
707
+
708
+
safe_free ((void **) &k);
709
+
return;
710
+
}
711
+
712
+
if (!SmimeFirstTime && !mutt_strcasecmp (SmimeSignAs, SmimeKeyToUse +
713
+
mutt_strlen (SmimeKeys)+1))
714
+
return;
715
+
else if (!SmimeFirstTime) smime_void_passphrase ();
716
+
else if (SmimeFirstTime) SmimeFirstTime = 0;
717
+
718
+
snprintf (SmimeKeyToUse, sizeof (SmimeKeyToUse), "%s/%s",
719
+
NONULL (SmimeKeys), SmimeSignAs);
720
+
721
+
snprintf (SmimeCertToUse, sizeof (SmimeCertToUse), "%s/%s",
722
+
NONULL (SmimeCertificates), SmimeSignAs);
723
+
}
724
+
725
+
726
+
727
+
/* This routine attempts to find the keyids of the recipients of a message.
728
+
* It returns NULL if any of the keys can not be found.
729
+
*/
730
+
731
+
char *smime_findKeys (ADDRESS *to, ADDRESS *cc, ADDRESS *bcc)
732
+
{
733
+
char *keyID, *keylist = NULL;
734
+
size_t keylist_size = 0;
735
+
size_t keylist_used = 0;
736
+
ADDRESS *tmp = NULL, *addr = NULL;
737
+
ADDRESS **last = &tmp;
738
+
ADDRESS *p, *q;
739
+
int i;
740
+
741
+
const char *fqdn = mutt_fqdn (1);
742
+
743
+
for (i = 0; i < 3; i++)
744
+
{
745
+
switch (i)
746
+
{
747
+
case 0: p = to; break;
748
+
case 1: p = cc; break;
749
+
case 2: p = bcc; break;
750
+
default: abort ();
751
+
}
752
+
753
+
*last = rfc822_cpy_adr (p);
754
+
while (*last)
755
+
last = &((*last)->next);
756
+
}
757
+
758
+
if (fqdn)
759
+
rfc822_qualify (tmp, fqdn);
760
+
761
+
tmp = mutt_remove_duplicates (tmp);
762
+
763
+
for (p = tmp; p ; p = p->next)
764
+
{
765
+
char buf[LONG_STRING];
766
+
767
+
q = p;
768
+
769
+
if ((keyID = smime_get_field_from_db (q->mailbox, NULL, 1)) == NULL)
770
+
{
771
+
snprintf(buf, sizeof(buf),
772
+
_("Enter keyID for \'%s\':"),
773
+
q->mailbox);
774
+
keyID = smime_ask_for_key(buf, q->mailbox, 1);
775
+
}
776
+
if(!keyID)
777
+
{
778
+
snprintf (buf, sizeof (buf), _("No (valid) certificate found for %s."),
779
+
q->mailbox);
780
+
mutt_message (buf);
781
+
safe_free ((void **)&keylist);
782
+
rfc822_free_address (&tmp);
783
+
rfc822_free_address (&addr);
784
+
return NULL;
785
+
}
786
+
787
+
keylist_size += mutt_strlen (keyID) + 1;
788
+
safe_realloc ((void **)&keylist, keylist_size);
789
+
sprintf (keylist + keylist_used, "%s", keyID);
790
+
keylist_used = mutt_strlen (keylist);
791
+
792
+
rfc822_free_address (&addr);
793
+
794
+
}
795
+
rfc822_free_address (&tmp);
796
+
return (keylist);
797
+
}
798
+
799
+
800
+
801
+
802
+
803
+
804
+
static int smime_check_cert_email (char *certificate, char *mailbox)
805
+
{
806
+
FILE *fpout = NULL, *fperr = NULL;
807
+
char tmpfname[_POSIX_PATH_MAX];
808
+
char email[STRING];
809
+
int ret = 0;
810
+
pid_t thepid;
811
+
812
+
mutt_mktemp (tmpfname);
813
+
if ((fperr = safe_fopen (tmpfname, "w+")) == NULL)
814
+
{
815
+
mutt_perror (tmpfname);
816
+
return 1;
817
+
}
818
+
mutt_unlink (tmpfname);
819
+
820
+
mutt_mktemp (tmpfname);
821
+
if ((fpout = safe_fopen (tmpfname, "w+")) == NULL)
822
+
{
823
+
fclose (fperr);
824
+
mutt_perror (tmpfname);
825
+
return 1;
826
+
}
827
+
mutt_unlink (tmpfname);
828
+
829
+
if ((thepid = smime_invoke (NULL, NULL, NULL,
830
+
-1, fileno (fpout), fileno (fperr),
831
+
certificate, NULL, NULL, NULL, NULL, NULL,
832
+
SmimeGetCertEmailCommand))== -1)
833
+
{
834
+
mutt_message (_("Error: unable to create OpenSSL subprocess!"));
835
+
fclose (fperr);
836
+
fclose (fpout);
837
+
return 1;
838
+
}
839
+
840
+
mutt_wait_filter (thepid);
841
+
842
+
fflush (fpout);
843
+
rewind (fpout);
844
+
rewind (fperr);
845
+
fflush (fperr);
846
+
847
+
848
+
if (!(fgets (email, sizeof (email), fpout)))
849
+
{
850
+
mutt_copy_stream (fperr, stdout);
851
+
fclose (fpout);
852
+
fclose (fperr);
853
+
mutt_endwin(NULL);
854
+
printf ("Alert: No mailbox specified in certificate.\n");
855
+
return 1;
856
+
}
857
+
*(email+mutt_strlen(email)-1) = '\0';
858
+
859
+
860
+
if(mutt_strncasecmp (email, mailbox, mutt_strlen (mailbox)))
861
+
{
862
+
mutt_endwin(NULL);
863
+
printf ("Alert: Certificate belongs to \"%s\".\n"
864
+
" But sender was \"%s\".\n", email, mailbox);
865
+
ret = 1;
866
+
}
867
+
868
+
fclose (fpout);
869
+
fclose (fperr);
870
+
871
+
return ret;
872
+
}
873
+
874
+
875
+
/* Add a certificate and update index file. */
876
+
877
+
static void smime_add_certificate (char *certificate, char *mailbox, short public)
878
+
{
879
+
FILE *fpin = NULL, *fpout = NULL, *fperr = NULL;
880
+
char tmpfname[_POSIX_PATH_MAX], dest[_POSIX_PATH_MAX];
881
+
char buf[LONG_STRING], hashval[STRING], *tmpKey;
882
+
struct stat info;
883
+
int i = 0;
884
+
pid_t thepid;
885
+
886
+
887
+
if (smime_check_cert_email (certificate, mailbox))
888
+
{
889
+
printf ("Certificate *NOT* added.\n");
890
+
return;
891
+
}
892
+
893
+
mutt_mktemp (tmpfname);
894
+
if ((fperr = safe_fopen (tmpfname, "w+")) == NULL)
895
+
{
896
+
mutt_perror (tmpfname);
897
+
return;
898
+
}
899
+
mutt_unlink (tmpfname);
900
+
901
+
mutt_mktemp (tmpfname);
902
+
if ((fpout = safe_fopen (tmpfname, "w+")) == NULL)
903
+
{
904
+
fclose (fperr);
905
+
mutt_perror (tmpfname);
906
+
return;
907
+
}
908
+
mutt_unlink (tmpfname);
909
+
910
+
/*
911
+
OpenSSl can create a hash value of the certificate's subject.
912
+
This and a concatenated integer make up the certificat's
913
+
'unique id' and also its filename.
914
+
*/
915
+
916
+
if ((thepid = smime_invoke (NULL, NULL, NULL,
917
+
-1, fileno (fpout), fileno (fperr),
918
+
certificate, NULL, NULL, NULL, NULL, NULL,
919
+
SmimeHashCertCommand))== -1)
920
+
{
921
+
mutt_message (_("Error: unable to create OpenSSL subprocess!"));
922
+
fclose (fperr);
923
+
fclose (fpout);
924
+
return;
925
+
}
926
+
927
+
mutt_wait_filter (thepid);
928
+
929
+
fflush (fpout);
930
+
rewind (fpout);
931
+
rewind (fperr);
932
+
fflush (fperr);
933
+
934
+
if (!(fgets (hashval, sizeof (hashval), fpout)))
935
+
{
936
+
mutt_copy_stream (fperr, stdout);
937
+
fclose (fpout);
938
+
fclose (fperr);
939
+
return;
940
+
}
941
+
fclose (fpout);
942
+
fclose (fperr);
943
+
944
+
*(hashval+mutt_strlen(hashval)-1) = '\0';
945
+
946
+
while (1)
947
+
{
948
+
snprintf (dest, sizeof (dest), _("%s/%s.%d"), NONULL(SmimeCertificates),
949
+
hashval, i);
950
+
951
+
if (stat (dest, &info))
952
+
break;
953
+
else
954
+
i++;
955
+
}
956
+
957
+
if ((fpout = safe_fopen (dest, "w+")) == NULL)
958
+
{
959
+
mutt_perror (dest);
960
+
return;
961
+
}
962
+
963
+
if ((fpin = safe_fopen (certificate, "r")) == NULL)
964
+
{
965
+
mutt_perror (certificate);
966
+
fclose (fpout);
967
+
mutt_unlink (dest);
968
+
return;
969
+
}
970
+
971
+
mutt_copy_stream (fpin, fpout);
972
+
fclose (fpout);
973
+
fclose (fpin);
974
+
975
+
976
+
/*
977
+
Now check if the mailbox is already found with the certificate's
978
+
hash value.
979
+
980
+
openssl uses md5 fingerprints to check wether two keys are identical.
981
+
I have to add that.
982
+
983
+
*/
984
+
985
+
tmpKey = smime_get_field_from_db (mailbox, NULL, public);
986
+
987
+
/* check if hash values are identical => same certificate ? */
988
+
/* perhaps we should ask for permission to overwrite ? */
989
+
/* what about revoked certificates anyway ? */
990
+
991
+
/* reminder: openssl checks md5 - fingerprint for equality. add this. */
992
+
993
+
if (tmpKey && !mutt_strncmp (tmpKey, hashval, mutt_strlen (hashval)))
994
+
{
995
+
mutt_endwin(NULL);
996
+
printf ("Certificate \"%s\" exists for \"%s\".\n", hashval, mailbox);
997
+
mutt_unlink (dest);
998
+
return;
999
+
}
1000
+
1001
+
/* append to index. */
1002
+
snprintf (tmpfname, sizeof (tmpfname), _("%s/.index"),
1003
+
(public ? NONULL(SmimeCertificates) : NONULL(SmimeKeys)));
1004
+
1005
+
if (!stat (tmpfname, &info))
1006
+
{
1007
+
if ((fpout = safe_fopen (tmpfname, "a")) == NULL)
1008
+
{
1009
+
mutt_perror (tmpfname);
1010
+
mutt_unlink (dest);
1011
+
return;
1012
+
}
1013
+
/*
1014
+
? = unknown issuer, - = unassigned label,
1015
+
u = undefined trust settings.
1016
+
*/
1017
+
snprintf (buf, sizeof (buf), _("%s %s.%d - ? u\n"), mailbox, hashval, i);
1018
+
fputs (buf, fpout);
1019
+
1020
+
snprintf (buf, sizeof (buf), "Successfully added certificate"
1021
+
" \"%s\" for \"%s\". ", hashval, mailbox);
1022
+
mutt_message (buf);
1023
+
1024
+
fclose (fpout);
1025
+
}
1026
+
1027
+
return;
1028
+
}
1029
+
1030
+
1031
+
1032
+
1033
+
static char *smime_extract_certificate (char *infile, int split)
1034
+
{
1035
+
FILE *fpout = NULL, *fperr = NULL;
1036
+
char pk7out[_POSIX_PATH_MAX], certfile[_POSIX_PATH_MAX];
1037
+
char tmpfname[_POSIX_PATH_MAX];
1038
+
pid_t thepid;
1039
+
int empty;
1040
+
1041
+
1042
+
mutt_mktemp (tmpfname);
1043
+
if ((fperr = safe_fopen (tmpfname, "w+")) == NULL)
1044
+
{
1045
+
mutt_perror (tmpfname);
1046
+
return NULL;
1047
+
}
1048
+
mutt_unlink (tmpfname);
1049
+
1050
+
mutt_mktemp (pk7out);
1051
+
if ((fpout = safe_fopen (pk7out, "w+")) == NULL)
1052
+
{
1053
+
fclose (fperr);
1054
+
mutt_perror (pk7out);
1055
+
return NULL;
1056
+
}
1057
+
1058
+
/* Step 1: Convert the signature to a PKCS#7 structure, as we can't
1059
+
extract the full set of certificates directly.
1060
+
*/
1061
+
if ((thepid = smime_invoke (NULL, NULL, NULL,
1062
+
-1, fileno (fpout), fileno (fperr),
1063
+
infile, NULL, NULL, NULL, NULL, NULL,
1064
+
SmimePk7outCommand))== -1)
1065
+
{
1066
+
mutt_any_key_to_continue (_("Error: unable to create OpenSSL subprocess!"));
1067
+
fclose (fperr);
1068
+
fclose (fpout);
1069
+
mutt_unlink (pk7out);
1070
+
return NULL;
1071
+
}
1072
+
1073
+
mutt_wait_filter (thepid);
1074
+
1075
+
1076
+
fflush (fpout);
1077
+
rewind (fpout);
1078
+
rewind (fperr);
1079
+
fflush (fperr);
1080
+
empty = (fgetc (fpout) == EOF);
1081
+
if (empty)
1082
+
{
1083
+
mutt_perror (pk7out);
1084
+
mutt_copy_stream (fperr, stdout);
1085
+
fclose (fpout);
1086
+
fclose (fperr);
1087
+
mutt_unlink (pk7out);
1088
+
return NULL;
1089
+
1090
+
}
1091
+
1092
+
1093
+
fclose (fpout);
1094
+
mutt_mktemp (certfile);
1095
+
if ((fpout = safe_fopen (certfile, "w+")) == NULL)
1096
+
{
1097
+
fclose (fperr);
1098
+
mutt_unlink (pk7out);
1099
+
mutt_perror (certfile);
1100
+
return NULL;
1101
+
}
1102
+
1103
+
/* Step 2: Extract the certificates from a PKCS#7 structure.
1104
+
*/
1105
+
if ((thepid = smime_invoke (NULL, NULL, NULL,
1106
+
-1, fileno (fpout), fileno (fperr),
1107
+
pk7out, NULL, NULL, NULL, NULL, NULL,
1108
+
SmimeGetCertCommand))== -1)
1109
+
{
1110
+
mutt_any_key_to_continue (_("Error: unable to create OpenSSL subprocess!"));
1111
+
fclose (fperr);
1112
+
fclose (fpout);
1113
+
mutt_unlink (pk7out);
1114
+
mutt_unlink (certfile);
1115
+
return NULL;
1116
+
}
1117
+
1118
+
mutt_wait_filter (thepid);
1119
+
1120
+
mutt_unlink (pk7out);
1121
+
1122
+
fflush (fpout);
1123
+
rewind (fpout);
1124
+
rewind (fperr);
1125
+
fflush (fperr);
1126
+
empty = (fgetc (fpout) == EOF);
1127
+
if (empty)
1128
+
{
1129
+
mutt_copy_stream (fperr, stdout);
1130
+
fclose (fpout);
1131
+
fclose (fperr);
1132
+
mutt_unlink (certfile);
1133
+
return NULL;
1134
+
}
1135
+
1136
+
fclose (fpout);
1137
+
fclose (fperr);
1138
+
1139
+
return safe_strdup (certfile);
1140
+
}
1141
+
1142
+
1143
+
1144
+
1145
+
static char *smime_extract_signer_certificate (char *infile, int split)
1146
+
{
1147
+
FILE *fpout = NULL, *fperr = NULL;
1148
+
char pk7out[_POSIX_PATH_MAX], certfile[_POSIX_PATH_MAX];
1149
+
char tmpfname[_POSIX_PATH_MAX];
1150
+
pid_t thepid;
1151
+
int empty;
1152
+
1153
+
1154
+
mutt_mktemp (tmpfname);
1155
+
if ((fperr = safe_fopen (tmpfname, "w+")) == NULL)
1156
+
{
1157
+
mutt_perror (tmpfname);
1158
+
return NULL;
1159
+
}
1160
+
mutt_unlink (tmpfname);
1161
+
1162
+
1163
+
mutt_mktemp (certfile);
1164
+
if ((fpout = safe_fopen (certfile, "w+")) == NULL)
1165
+
{
1166
+
fclose (fperr);
1167
+
mutt_perror (certfile);
1168
+
return NULL;
1169
+
}
1170
+
1171
+
/* Extract signer's certificate
1172
+
*/
1173
+
if ((thepid = smime_invoke (NULL, NULL, NULL,
1174
+
-1, -1, fileno (fperr),
1175
+
infile, NULL, NULL, NULL, certfile, NULL,
1176
+
SmimeGetSignerCertCommand))== -1)
1177
+
{
1178
+
mutt_any_key_to_continue (_("Error: unable to create OpenSSL subprocess!"));
1179
+
fclose (fperr);
1180
+
fclose (fpout);
1181
+
mutt_unlink (pk7out);
1182
+
mutt_unlink (certfile);
1183
+
return NULL;
1184
+
}
1185
+
1186
+
mutt_wait_filter (thepid);
1187
+
1188
+
fflush (fpout);
1189
+
rewind (fpout);
1190
+
rewind (fperr);
1191
+
fflush (fperr);
1192
+
empty = (fgetc (fpout) == EOF);
1193
+
if (empty)
1194
+
{
1195
+
mutt_copy_stream (fperr, stdout);
1196
+
fclose (fpout);
1197
+
fclose (fperr);
1198
+
mutt_unlink (certfile);
1199
+
return NULL;
1200
+
1201
+
}
1202
+
1203
+
fclose (fpout);
1204
+
fclose (fperr);
1205
+
1206
+
return safe_strdup (certfile);
1207
+
}
1208
+
1209
+
1210
+
1211
+
1212
+
void smime_invoke_import (char *infile, char *mailbox)
1213
+
{
1214
+
char *certfile = NULL;
1215
+
1216
+
if ((certfile = smime_extract_certificate(infile, FALSE)))
1217
+
{
1218
+
smime_add_certificate (certfile, mailbox, 1);
1219
+
mutt_unlink (certfile);
1220
+
safe_free((void **)&certfile);
1221
+
}
1222
+
1223
+
return;
1224
+
}
1225
+
1226
+
1227
+
1228
+
int smime_verify_sender(HEADER *h)
1229
+
{
1230
+
char *mbox = NULL, *certfile, tempfname[_POSIX_PATH_MAX];
1231
+
FILE *fpout;
1232
+
int retval=1;
1233
+
1234
+
mutt_mktemp (tempfname);
1235
+
if (!(fpout = safe_fopen (tempfname, "w")))
1236
+
{
1237
+
mutt_perror (tempfname);
1238
+
return 1;
1239
+
}
1240
+
1241
+
if(h->security & ENCRYPT)
1242
+
mutt_copy_message (fpout, Context, h,
1243
+
M_CM_DECODE_CRYPT & M_CM_DECODE_SMIME,
1244
+
CH_WEED|CH_NONEWLINE);
1245
+
else
1246
+
mutt_copy_message (fpout, Context, h, 0, 0);
1247
+
1248
+
fflush(fpout);
1249
+
fclose (fpout);
1250
+
1251
+
if (h->env->from)
1252
+
{
1253
+
h->env->from = mutt_expand_aliases (h->env->from);
1254
+
mbox = h->env->from->mailbox;
1255
+
}
1256
+
else if (h->env->sender)
1257
+
{
1258
+
h->env->sender = mutt_expand_aliases (h->env->sender);
1259
+
mbox = h->env->sender->mailbox;
1260
+
}
1261
+
1262
+
if (mbox)
1263
+
{
1264
+
if ((certfile = smime_extract_signer_certificate(tempfname,TRUE)))
1265
+
{
1266
+
mutt_unlink(tempfname);
1267
+
if (smime_check_cert_email (certfile, mbox))
1268
+
mutt_any_key_to_continue(NULL);
1269
+
else
1270
+
retval = 0;
1271
+
mutt_unlink(certfile);
1272
+
safe_free((void **)&certfile);
1273
+
}
1274
+
else
1275
+
mutt_any_key_to_continue("no certfile");
1276
+
}
1277
+
else
1278
+
mutt_any_key_to_continue("no mbox");
1279
+
1280
+
mutt_unlink(tempfname);
1281
+
return retval;
1282
+
}
1283
+
1284
+
1285
+
1286
+
1287
+
1288
+
1289
+
1290
+
1291
+
1292
+
/*
1293
+
* Creating S/MIME - bodies.
1294
+
*/
1295
+
1296
+
1297
+
1298
+
1299
+
static
1300
+
pid_t smime_invoke_encrypt (FILE **smimein, FILE **smimeout, FILE **smimeerr,
1301
+
int smimeinfd, int smimeoutfd, int smimeerrfd,
1302
+
const char *fname, const char *uids)
1303
+
{
1304
+
return smime_invoke (smimein, smimeout, smimeerr,
1305
+
smimeinfd, smimeoutfd, smimeerrfd,
1306
+
fname, NULL, SmimeCryptAlg, NULL, uids, NULL,
1307
+
SmimeEncryptCommand);
1308
+
}
1309
+
1310
+
1311
+
static
1312
+
pid_t smime_invoke_sign (FILE **smimein, FILE **smimeout, FILE **smimeerr,
1313
+
int smimeinfd, int smimeoutfd, int smimeerrfd,
1314
+
const char *fname)
1315
+
{
1316
+
return smime_invoke (smimein, smimeout, smimeerr, smimeinfd, smimeoutfd,
1317
+
smimeerrfd, fname, NULL, NULL, SmimeKeyToUse,
1318
+
SmimeCertToUse, SmimeIntermediateToUse,
1319
+
SmimeSignCommand);
1320
+
}
1321
+
1322
+
1323
+
1324
+
1325
+
BODY *smime_build_smime_entity (BODY *a, char *certlist)
1326
+
{
1327
+
char buf[LONG_STRING], certfile[LONG_STRING];
1328
+
char tempfile[_POSIX_PATH_MAX], smimeerrfile[_POSIX_PATH_MAX];
1329
+
char smimeinfile[_POSIX_PATH_MAX];
1330
+
char *cert_start = certlist, *cert_end = certlist;
1331
+
FILE *smimein = NULL, *smimeerr = NULL, *fpout = NULL, *fptmp = NULL;
1332
+
BODY *t;
1333
+
int err = 0, empty;
1334
+
pid_t thepid;
1335
+
1336
+
mutt_mktemp (tempfile);
1337
+
if ((fpout = safe_fopen (tempfile, "w+")) == NULL)
1338
+
{
1339
+
mutt_perror (tempfile);
1340
+
return (NULL);
1341
+
}
1342
+
1343
+
mutt_mktemp (smimeerrfile);
1344
+
if ((smimeerr = safe_fopen (smimeerrfile, "w+")) == NULL)
1345
+
{
1346
+
mutt_perror (smimeerrfile);
1347
+
fclose (fpout);
1348
+
mutt_unlink (tempfile);
1349
+
return NULL;
1350
+
}
1351
+
mutt_unlink (smimeerrfile);
1352
+
1353
+
mutt_mktemp (smimeinfile);
1354
+
if ((fptmp = safe_fopen (smimeinfile, "w+")) == NULL)
1355
+
{
1356
+
mutt_perror (smimeinfile);
1357
+
mutt_unlink (tempfile);
1358
+
fclose (fpout);
1359
+
fclose (smimeerr);
1360
+
return NULL;
1361
+
}
1362
+
1363
+
*certfile = '\0';
1364
+
while (1)
1365
+
{
1366
+
int off = mutt_strlen (certfile);
1367
+
while (*++cert_end && *cert_end != '\n');
1368
+
if (!*cert_end) break;
1369
+
*cert_end = '\0';
1370
+
snprintf (certfile+off, sizeof (certfile)-off, " %s/%s",
1371
+
NONULL(SmimeCertificates), cert_start);
1372
+
*cert_end = '\n';
1373
+
cert_start = cert_end;
1374
+
cert_start++;
1375
+
}
1376
+
1377
+
/* write a MIME entity */
1378
+
mutt_write_mime_header (a, fptmp);
1379
+
fputc ('\n', fptmp);
1380
+
mutt_write_mime_body (a, fptmp);
1381
+
fclose (fptmp);
1382
+
1383
+
if ((thepid =
1384
+
smime_invoke_encrypt (&smimein, NULL, NULL, -1,
1385
+
fileno (fpout), fileno (smimeerr),
1386
+
smimeinfile, certfile)) == -1)
1387
+
{
1388
+
fclose (smimeerr);
1389
+
mutt_unlink (smimeinfile);
1390
+
mutt_unlink (certfile);
1391
+
return (NULL);
1392
+
}
1393
+
1394
+
fclose (smimein);
1395
+
1396
+
mutt_wait_filter (thepid);
1397
+
mutt_unlink (smimeinfile);
1398
+
mutt_unlink (certfile);
1399
+
1400
+
fflush (fpout);
1401
+
rewind (fpout);
1402
+
empty = (fgetc (fpout) == EOF);
1403
+
fclose (fpout);
1404
+
1405
+
fflush (smimeerr);
1406
+
rewind (smimeerr);
1407
+
while (fgets (buf, sizeof (buf) - 1, smimeerr) != NULL)
1408
+
{
1409
+
err = 1;
1410
+
fputs (buf, stdout);
1411
+
}
1412
+
fclose (smimeerr);
1413
+
1414
+
/* pause if there is any error output from SMIME */
1415
+
if (err)
1416
+
mutt_any_key_to_continue (NULL);
1417
+
1418
+
if (empty)
1419
+
{
1420
+
/* fatal error while trying to encrypt message */
1421
+
if (!err) mutt_any_key_to_continue _("No outbut from OpenSSL..");
1422
+
mutt_unlink (tempfile);
1423
+
return (NULL);
1424
+
}
1425
+
1426
+
t = mutt_new_body ();
1427
+
t->type = TYPEAPPLICATION;
1428
+
t->subtype = safe_strdup ("x-pkcs7-mime");
1429
+
mutt_set_parameter ("name", "smime.p7m", &t->parameter);
1430
+
mutt_set_parameter ("smime-type", "enveloped-data", &t->parameter);
1431
+
t->encoding = ENCBASE64; /* The output of OpenSSL SHOULD be binary */
1432
+
t->use_disp = 1;
1433
+
t->disposition = DISPATTACH;
1434
+
t->d_filename = safe_strdup ("smime.p7m");
1435
+
t->filename = safe_strdup (tempfile);
1436
+
t->unlink = 1; /*delete after sending the message */
1437
+
t->parts=0;
1438
+
t->next=0;
1439
+
1440
+
return (t);
1441
+
}
1442
+
1443
+
1444
+
1445
+
1446
+
BODY *smime_sign_message (BODY *a )
1447
+
{
1448
+
BODY *t;
1449
+
char buffer[LONG_STRING];
1450
+
char signedfile[_POSIX_PATH_MAX], filetosign[_POSIX_PATH_MAX];
1451
+
FILE *smimein = NULL, *smimeout = NULL, *smimeerr = NULL, *sfp = NULL;
1452
+
int err = 0;
1453
+
int empty = 0;
1454
+
pid_t thepid;
1455
+
char *intermediates = smime_get_field_from_db(NULL, SmimeSignAs, 1);
1456
+
1457
+
if (!intermediates)
1458
+
{
1459
+
mutt_message(_("Warning: Intermediate certificate not found."));
1460
+
intermediates = SmimeSignAs; /* so openssl won't complain in any case */
1461
+
}
1462
+
else
1463
+
intermediates[mutt_strlen (intermediates)-1] = '\0';
1464
+
1465
+
convert_to_7bit (a); /* Signed data _must_ be in 7-bit format. */
1466
+
1467
+
mutt_mktemp (filetosign);
1468
+
if ((sfp = safe_fopen (filetosign, "w+")) == NULL)
1469
+
{
1470
+
mutt_perror (filetosign);
1471
+
return NULL;
1472
+
}
1473
+
1474
+
mutt_mktemp (signedfile);
1475
+
if ((smimeout = safe_fopen (signedfile, "w+")) == NULL)
1476
+
{
1477
+
mutt_perror (signedfile);
1478
+
fclose (sfp);
1479
+
mutt_unlink (filetosign);
1480
+
return NULL;
1481
+
}
1482
+
1483
+
mutt_write_mime_header (a, sfp);
1484
+
fputc ('\n', sfp);
1485
+
mutt_write_mime_body (a, sfp);
1486
+
fclose (sfp);
1487
+
1488
+
1489
+
1490
+
snprintf (SmimeKeyToUse, sizeof (SmimeKeyToUse), "%s/%s",
1491
+
NONULL(SmimeKeys), SmimeSignAs);
1492
+
1493
+
snprintf (SmimeCertToUse, sizeof (SmimeCertToUse), "%s/%s",
1494
+
NONULL(SmimeCertificates), SmimeSignAs);
1495
+
1496
+
snprintf (SmimeIntermediateToUse, sizeof (SmimeIntermediateToUse), "%s/%s",
1497
+
NONULL(SmimeCertificates), intermediates);
1498
+
1499
+
1500
+
1501
+
if ((thepid = smime_invoke_sign (&smimein, NULL, &smimeerr,
1502
+
-1, fileno (smimeout), -1, filetosign)) == -1)
1503
+
{
1504
+
mutt_perror _("Can't open OpenSSL subprocess!");
1505
+
fclose (smimeout);
1506
+
mutt_unlink (signedfile);
1507
+
mutt_unlink (filetosign);
1508
+
return NULL;
1509
+
}
1510
+
fputs (SmimePass, smimein);
1511
+
fputc ('\n', smimein);
1512
+
fclose (smimein);
1513
+
1514
+
1515
+
mutt_wait_filter (thepid);
1516
+
1517
+
/* check for errors from OpenSSL */
1518
+
err = 0;
1519
+
fflush (smimeerr);
1520
+
rewind (smimeerr);
1521
+
while (fgets (buffer, sizeof (buffer) - 1, smimeerr) != NULL)
1522
+
{
1523
+
err = 1;
1524
+
fputs (buffer, stdout);
1525
+
}
1526
+
fclose (smimeerr);
1527
+
1528
+
1529
+
fflush (smimeout);
1530
+
rewind (smimeout);
1531
+
empty = (fgetc (smimeout) == EOF);
1532
+
fclose (smimeout);
1533
+
1534
+
mutt_unlink (filetosign);
1535
+
1536
+
1537
+
if (err)
1538
+
mutt_any_key_to_continue (NULL);
1539
+
1540
+
if (empty)
1541
+
{
1542
+
mutt_any_key_to_continue _("No output from OpenSSL...");
1543
+
mutt_unlink (signedfile);
1544
+
return (NULL); /* fatal error while signing */
1545
+
}
1546
+
1547
+
t = mutt_new_body ();
1548
+
t->type = TYPEMULTIPART;
1549
+
t->subtype = safe_strdup ("signed");
1550
+
t->encoding = ENC7BIT;
1551
+
t->use_disp = 0;
1552
+
t->disposition = DISPINLINE;
1553
+
1554
+
mutt_generate_boundary (&t->parameter);
1555
+
/* check if this can be extracted from private key somehow.... */
1556
+
mutt_set_parameter ("micalg", "sha1", &t->parameter);
1557
+
mutt_set_parameter ("protocol", "application/x-pkcs7-signature",
1558
+
&t->parameter);
1559
+
1560
+
t->parts = a;
1561
+
a = t;
1562
+
1563
+
t->parts->next = mutt_new_body ();
1564
+
t = t->parts->next;
1565
+
t->type = TYPEAPPLICATION;
1566
+
t->subtype = safe_strdup ("x-pkcs7-signature");
1567
+
t->filename = safe_strdup (signedfile);
1568
+
t->d_filename = safe_strdup ("smime.p7s");
1569
+
t->use_disp = 1;
1570
+
t->disposition = DISPATTACH;
1571
+
t->encoding = ENCBASE64;
1572
+
t->unlink = 1; /* ok to remove this file after sending. */
1573
+
1574
+
return (a);
1575
+
1576
+
}
1577
+
1578
+
1579
+
1580
+
1581
+
1582
+
1583
+
/*
1584
+
* Handling S/MIME - bodies.
1585
+
*/
1586
+
1587
+
1588
+
1589
+
1590
+
1591
+
1592
+
static
1593
+
pid_t smime_invoke_verify (FILE **smimein, FILE **smimeout, FILE **smimeerr,
1594
+
int smimeinfd, int smimeoutfd, int smimeerrfd,
1595
+
const char *fname, const char *sig_fname, int opaque)
1596
+
{
1597
+
return smime_invoke (smimein, smimeout, smimeerr, smimeinfd, smimeoutfd,
1598
+
smimeerrfd, fname, sig_fname, NULL, NULL, NULL, NULL,
1599
+
(opaque ? SmimeVerifyOpaqueCommand : SmimeVerifyCommand));
1600
+
}
1601
+
1602
+
1603
+
static
1604
+
pid_t smime_invoke_decrypt (FILE **smimein, FILE **smimeout, FILE **smimeerr,
1605
+
int smimeinfd, int smimeoutfd, int smimeerrfd,
1606
+
const char *fname)
1607
+
{
1608
+
return smime_invoke (smimein, smimeout, smimeerr, smimeinfd, smimeoutfd,
1609
+
smimeerrfd, fname, NULL, NULL, SmimeKeyToUse,
1610
+
SmimeCertToUse, NULL, SmimeDecryptCommand);
1611
+
}
1612
+
1613
+
1614
+
1615
+
int smime_verify_one (BODY *sigbdy, STATE *s, const char *tempfile)
1616
+
{
1617
+
char signedfile[_POSIX_PATH_MAX], smimeerrfile[_POSIX_PATH_MAX];
1618
+
FILE *fp=NULL, *smimeout=NULL, *smimeerr=NULL;
1619
+
pid_t thepid;
1620
+
int badsig = -1;
1621
+
1622
+
long tmpoffset = 0;
1623
+
size_t tmplength = 0;
1624
+
int origType = sigbdy->type;
1625
+
char *savePrefix = NULL;
1626
+
1627
+
1628
+
snprintf (signedfile, sizeof (signedfile), "%s.sig", tempfile);
1629
+
1630
+
/* decode to a tempfile, saving the original destination */
1631
+
fp = s->fpout;
1632
+
if ((s->fpout = safe_fopen (signedfile, "w")) == NULL)
1633
+
{
1634
+
mutt_perror (signedfile);
1635
+
return -1;
1636
+
}
1637
+
/* decoding the attachment changes the size and offset, so save a copy
1638
+
* of the "real" values now, and restore them after processing
1639
+
*/
1640
+
tmplength = sigbdy->length;
1641
+
tmpoffset = sigbdy->offset;
1642
+
1643
+
/* if we are decoding binary bodies, we don't want to prefix each
1644
+
* line with the prefix or else the data will get corrupted.
1645
+
*/
1646
+
savePrefix = s->prefix;
1647
+
s->prefix = NULL;
1648
+
1649
+
mutt_decode_attachment (sigbdy, s);
1650
+
1651
+
sigbdy->length = ftell (s->fpout);
1652
+
sigbdy->offset = 0;
1653
+
fclose (s->fpout);
1654
+
1655
+
/* restore final destination and substitute the tempfile for input */
1656
+
s->fpout = fp;
1657
+
fp = s->fpin;
1658
+
s->fpin = fopen (signedfile, "r");
1659
+
1660
+
/* restore the prefix */
1661
+
s->prefix = savePrefix;
1662
+
1663
+
sigbdy->type = origType;
1664
+
1665
+
1666
+
mutt_mktemp (smimeerrfile);
1667
+
if (!(smimeerr = safe_fopen (smimeerrfile, "w+")))
1668
+
{
1669
+
mutt_perror (smimeerrfile);
1670
+
mutt_unlink (signedfile);
1671
+
return -1;
1672
+
}
1673
+
1674
+
crypt_current_time (s, "OpenSSL");
1675
+
1676
+
if ((thepid = smime_invoke_verify (NULL, &smimeout, NULL,
1677
+
-1, -1, fileno (smimeerr),
1678
+
tempfile, signedfile, 0)) != -1)
1679
+
{
1680
+
fflush (smimeout);
1681
+
fclose (smimeout);
1682
+
1683
+
if (mutt_wait_filter (thepid))
1684
+
badsig = -1;
1685
+
else
1686
+
{
1687
+
char *line = NULL;
1688
+
int lineno = 0;
1689
+
size_t linelen;
1690
+
1691
+
fflush (smimeerr);
1692
+
rewind (smimeerr);
1693
+
1694
+
line = mutt_read_line (line, &linelen, smimeerr, &lineno);
1695
+
if (linelen && !mutt_strcasecmp (line, "verification successful"))
1696
+
badsig = 0;
1697
+
1698
+
safe_free ((void **) &line);
1699
+
}
1700
+
}
1701
+
1702
+
fflush (smimeerr);
1703
+
rewind (smimeerr);
1704
+
mutt_copy_stream (smimeerr, s->fpout);
1705
+
fclose (smimeerr);
1706
+
1707
+
state_attach_puts (_("[-- End of OpenSSL output --]\n\n"), s);
1708
+
1709
+
mutt_unlink (signedfile);
1710
+
mutt_unlink (smimeerrfile);
1711
+
1712
+
sigbdy->length = tmplength;
1713
+
sigbdy->offset = tmpoffset;
1714
+
1715
+
/* restore the original source stream */
1716
+
fclose (s->fpin);
1717
+
s->fpin = fp;
1718
+
1719
+
1720
+
return badsig;
1721
+
}
1722
+
1723
+
1724
+
1725
+
1726
+
1727
+
/*
1728
+
This handles application/pkcs7-mime which can either be a signed
1729
+
or an encrypted message.
1730
+
*/
1731
+
1732
+
static BODY *smime_handle_entity (BODY *m, STATE *s, FILE *outFile)
1733
+
{
1734
+
int len=0;
1735
+
long last_pos;
1736
+
char buf[HUGE_STRING];
1737
+
char outfile[_POSIX_PATH_MAX], errfile[_POSIX_PATH_MAX];
1738
+
char tmpfname[_POSIX_PATH_MAX];
1739
+
char tmptmpfname[_POSIX_PATH_MAX];
1740
+
FILE *smimeout = NULL, *smimein=NULL, *smimeerr=NULL;
1741
+
FILE *tmpfp=NULL, *tmpfp_buffer=NULL, *fpout=NULL;
1742
+
struct stat info;
1743
+
BODY *p=NULL;
1744
+
pid_t thepid=-1;
1745
+
unsigned int type = mutt_is_application_smime (m);
1746
+
1747
+
if (!(type & APPLICATION_SMIME)) return NULL;
1748
+
1749
+
mutt_mktemp (outfile);
1750
+
if ((smimeout = safe_fopen (outfile, "w+")) == NULL)
1751
+
{
1752
+
mutt_perror (outfile);
1753
+
return NULL;
1754
+
}
1755
+
1756
+
mutt_mktemp (errfile);
1757
+
if ((smimeerr = safe_fopen (errfile, "w+")) == NULL)
1758
+
{
1759
+
mutt_perror (errfile);
1760
+
fclose (smimeout); smimeout = NULL;
1761
+
return NULL;
1762
+
}
1763
+
mutt_unlink (errfile);
1764
+
1765
+
1766
+
mutt_mktemp (tmpfname);
1767
+
if ((tmpfp = safe_fopen (tmpfname, "w+")) == NULL)
1768
+
{
1769
+
mutt_perror (tmpfname);
1770
+
fclose (smimeout); smimeout = NULL;
1771
+
fclose (smimeerr); smimeerr = NULL;
1772
+
return NULL;
1773
+
}
1774
+
1775
+
fseek (s->fpin, m->offset, 0);
1776
+
last_pos = m->offset;
1777
+
1778
+
mutt_copy_bytes (s->fpin, tmpfp, m->length);
1779
+
1780
+
fflush (tmpfp);
1781
+
fclose (tmpfp);
1782
+
1783
+
if ((type & ENCRYPT) &&
1784
+
(thepid = smime_invoke_decrypt (&smimein, NULL, NULL, -1,
1785
+
fileno (smimeout), fileno (smimeerr), tmpfname)) == -1)
1786
+
{
1787
+
fclose (smimeout); smimeout = NULL;
1788
+
mutt_unlink (tmpfname);
1789
+
state_attach_puts (_("[-- Error: unable to create OpenSSL subprocess! --]\n"), s);
1790
+
return NULL;
1791
+
}
1792
+
else if ((type & SIGNOPAQUE) &&
1793
+
(thepid = smime_invoke_verify (&smimein, NULL, NULL, -1,
1794
+
fileno (smimeout), fileno (smimeerr), NULL,
1795
+
tmpfname, SIGNOPAQUE)) == -1)
1796
+
{
1797
+
fclose (smimeout); smimeout = NULL;
1798
+
mutt_unlink (tmpfname);
1799
+
state_attach_puts (_("[-- Error: unable to create OpenSSL subprocess! --]\n"), s);
1800
+
return NULL;
1801
+
}
1802
+
1803
+
1804
+
if (type & ENCRYPT)
1805
+
{
1806
+
if (!smime_valid_passphrase ())
1807
+
smime_void_passphrase ();
1808
+
fputs (SmimePass, smimein);
1809
+
fputc ('\n', smimein);
1810
+
}
1811
+
1812
+
fclose (smimein);
1813
+
1814
+
if (s->flags & M_DISPLAY) crypt_current_time (s, "OpenSSL");
1815
+
1816
+
mutt_wait_filter (thepid);
1817
+
1818
+
mutt_unlink (tmpfname);
1819
+
1820
+
if (s->flags & M_DISPLAY)
1821
+
mutt_copy_stream (smimeerr, s->fpout);
1822
+
1823
+
if (s->flags & M_DISPLAY)
1824
+
state_attach_puts (_("\n[-- End of OpenSSL output --]\n\n"), s);
1825
+
1826
+
if (s->flags & M_DISPLAY)
1827
+
{
1828
+
if (type & ENCRYPT)
1829
+
state_attach_puts (_("\n[-- The following data is S/MIME"
1830
+
" encrypted --]\n"), s);
1831
+
else
1832
+
state_attach_puts (_("\n[-- The following data is S/MIME signed --]\n"), s);
1833
+
}
1834
+
if (smimeout)
1835
+
{
1836
+
fflush (smimeout);
1837
+
rewind (smimeout);
1838
+
1839
+
if (outFile) fpout = outFile;
1840
+
else
1841
+
{
1842
+
mutt_mktemp (tmptmpfname);
1843
+
if ((fpout = safe_fopen (tmptmpfname, "w+")) == NULL)
1844
+
{
1845
+
mutt_perror(tmptmpfname);
1846
+
fclose (smimeout); smimeout = NULL;
1847
+
return NULL;
1848
+
}
1849
+
}
1850
+
while (fgets (buf, sizeof (buf) - 1, smimeout) != NULL)
1851
+
{
1852
+
len = mutt_strlen (buf);
1853
+
if (len > 1 && buf[len - 2] == '\r')
1854
+
strcpy (buf + len - 2, "\n");
1855
+
fputs (buf, fpout);
1856
+
}
1857
+
fflush (fpout);
1858
+
rewind (fpout);
1859
+
1860
+
1861
+
if ((p = mutt_read_mime_header (fpout, 0)) != NULL)
1862
+
{
1863
+
fstat (fileno (fpout), &info);
1864
+
p->length = info.st_size - p->offset;
1865
+
1866
+
mutt_parse_part (fpout, p);
1867
+
if (s->fpout)
1868
+
{
1869
+
rewind (fpout);
1870
+
tmpfp_buffer = s->fpin;
1871
+
s->fpin = fpout;
1872
+
mutt_body_handler (p, s);
1873
+
s->fpin = tmpfp_buffer;
1874
+
}
1875
+
1876
+
}
1877
+
fclose (smimeout);
1878
+
smimeout = NULL;
1879
+
mutt_unlink (outfile);
1880
+
1881
+
if (!outFile)
1882
+
{
1883
+
fclose (fpout);
1884
+
mutt_unlink (tmptmpfname);
1885
+
}
1886
+
fpout = NULL;
1887
+
}
1888
+
1889
+
if (s->flags & M_DISPLAY)
1890
+
{
1891
+
if (type & ENCRYPT)
1892
+
state_attach_puts (_("\n[-- End of S/MIME encrypted data. --]\n"), s);
1893
+
else
1894
+
state_attach_puts (_("\n[-- End of S/MIME signed data. --]\n"), s);
1895
+
}
1896
+
1897
+
if (type & SIGNOPAQUE)
1898
+
{
1899
+
char *line = NULL;
1900
+
int lineno = 0;
1901
+
size_t linelen;
1902
+
1903
+
rewind (smimeerr);
1904
+
1905
+
line = mutt_read_line (line, &linelen, smimeerr, &lineno);
1906
+
if (linelen && !mutt_strcasecmp (line, "verification successful"))
1907
+
m->goodsig = 1;
1908
+
safe_free ((void **) &line);
1909
+
}
1910
+
else {
1911
+
m->goodsig = p->goodsig;
1912
+
m->badsig = p->badsig;
1913
+
}
1914
+
fclose (smimeerr);
1915
+
1916
+
return (p);
1917
+
}
1918
+
1919
+
1920
+
1921
+
1922
+
1923
+
int smime_decrypt_mime (FILE *fpin, FILE **fpout, BODY *b, BODY **cur)
1924
+
{
1925
+
1926
+
1927
+
char tempfile[_POSIX_PATH_MAX];
1928
+
STATE s;
1929
+
long tmpoffset = b->offset;
1930
+
size_t tmplength = b->length;
1931
+
int origType = b->type;
1932
+
FILE *tmpfp=NULL;
1933
+
1934
+
if (!mutt_is_application_smime (b))
1935
+
return -1;
1936
+
1937
+
if (b->parts)
1938
+
return -1;
1939
+
1940
+
memset (&s, 0, sizeof (s));
1941
+
s.fpin = fpin;
1942
+
fseek (s.fpin, b->offset, 0);
1943
+
1944
+
mutt_mktemp (tempfile);
1945
+
if ((tmpfp = safe_fopen (tempfile, "w+")) == NULL)
1946
+
{
1947
+
mutt_perror (tempfile);
1948
+
return (-1);
1949
+
}
1950
+
1951
+
mutt_unlink (tempfile);
1952
+
s.fpout = tmpfp;
1953
+
mutt_decode_attachment (b, &s);
1954
+
fflush (tmpfp);
1955
+
b->length = ftell (s.fpout);
1956
+
b->offset = 0;
1957
+
rewind (tmpfp);
1958
+
s.fpin = tmpfp;
1959
+
s.fpout = 0;
1960
+
1961
+
mutt_mktemp (tempfile);
1962
+
if ((*fpout = safe_fopen (tempfile, "w+")) == NULL)
1963
+
{
1964
+
mutt_perror (tempfile);
1965
+
return (-1);
1966
+
}
1967
+
mutt_unlink (tempfile);
1968
+
1969
+
*cur = smime_handle_entity (b, &s, *fpout);
1970
+
(*cur)->goodsig = b->goodsig;
1971
+
(*cur)->badsig = b->badsig;
1972
+
b->type = origType;
1973
+
b->length = tmplength;
1974
+
b->offset = tmpoffset;
1975
+
fclose (tmpfp);
1976
+
1977
+
rewind (*fpout);
1978
+
return (0);
1979
+
1980
+
}
1981
+
1982
+
1983
+
void smime_application_smime_handler (BODY *m, STATE *s)
1984
+
{
1985
+
1986
+
smime_handle_entity (m, s, NULL);
1987
+
1988
+
}
1989
+
#endif /* HAVE_SMIME */
1990
+
1991
+
1992
+
1993
+
1994
+
1995
+
+93
smime.h
+93
smime.h
···
1
+
/*
2
+
* Copyright (C) 2001 Oliver Ehli <elmy@acm.org>
3
+
*
4
+
* This program is free software; you can redistribute it and/or modify
5
+
* it under the terms of the GNU General Public License as published by
6
+
* the Free Software Foundation; either version 2 of the License, or
7
+
* (at your option) any later version.
8
+
*
9
+
* This program is distributed in the hope that it will be useful,
10
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
11
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
+
* GNU General Public License for more details.
13
+
*
14
+
* You should have received a copy of the GNU General Public License
15
+
* along with this program; if not, write to the Free Software
16
+
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
17
+
*/
18
+
19
+
20
+
#ifdef HAVE_SMIME
21
+
22
+
#include "crypt.h"
23
+
24
+
WHERE char *SmimeSignAs;
25
+
WHERE char *SmimeCryptAlg;
26
+
WHERE short SmimeTimeout;
27
+
WHERE char *SmimeCertificates;
28
+
WHERE char *SmimeKeys;
29
+
WHERE char *SmimeCryptAlg;
30
+
31
+
/* The command formats */
32
+
33
+
WHERE char *SmimeVerifyCommand;
34
+
WHERE char *SmimeVerifyOpaqueCommand;
35
+
WHERE char *SmimeDecryptCommand;
36
+
37
+
WHERE char *SmimeSignCommand;
38
+
WHERE char *SmimeSignOpaqueCommand;
39
+
WHERE char *SmimeEncryptCommand;
40
+
41
+
WHERE char *SmimeGetSignerCertCommand;
42
+
WHERE char *SmimePk7outCommand;
43
+
WHERE char *SmimeGetCertCommand;
44
+
WHERE char *SmimeHashCertCommand;
45
+
WHERE char *SmimeGetCertEmailCommand;
46
+
47
+
#define APPLICATION_SMIME (1 << 6)
48
+
49
+
#define SIGNOPAQUE (1 << 4)
50
+
51
+
#define SMIMEENCRYPT (APPLICATION_SMIME | ENCRYPT)
52
+
#define SMIMESIGN (APPLICATION_SMIME | SIGN)
53
+
#define SMIMEGOODSIGN (APPLICATION_SMIME | GOODSIGN)
54
+
#define SMIMEBADSIGN (APPLICATION_SMIME | BADSIGN)
55
+
#define SMIMEOPAQUE (APPLICATION_SMIME | SIGNOPAQUE)
56
+
57
+
58
+
59
+
#define smime_valid_passphrase() crypt_valid_passphrase(APPLICATION_SMIME)
60
+
61
+
void smime_void_passphrase (void);
62
+
63
+
int mutt_is_application_smime (BODY *);
64
+
65
+
66
+
67
+
68
+
int smime_decrypt_mime (FILE *, FILE **, BODY *, BODY **);
69
+
70
+
void smime_application_smime_handler (BODY *, STATE *);
71
+
72
+
int smime_verify_sender(HEADER *);
73
+
74
+
75
+
76
+
77
+
char *smime_get_field_from_db (char *, char *, short);
78
+
79
+
char* smime_ask_for_key (char *, char *, short);
80
+
81
+
void smime_getkeys (char *);
82
+
83
+
84
+
/* private ? */
85
+
86
+
void smime_invoke_import (char *, char *);
87
+
88
+
int smime_verify_one(BODY *, STATE *, const char *);
89
+
90
+
BODY *smime_sign_message (BODY *);
91
+
92
+
BODY *smime_build_smime_entity (BODY *, char *);
93
+
#endif
+887
smime_keys.pl
+887
smime_keys.pl
···
1
+
#!/usr/bin/perl -w
2
+
3
+
# Settings:
4
+
5
+
my $SmimeMuttrc="$ENV{HOME}/.mutt/muttrc";
6
+
7
+
# Copyright (C) 2001 Oliver Ehli <elmy@acm.org>
8
+
# Copyright (C) 2001 Mike Schiraldi <raldi@research.netsol.com>
9
+
#
10
+
# This program is free software; you can redistribute it and/or modify
11
+
# it under the terms of the GNU General Public License as published by
12
+
# the Free Software Foundation; either version 2 of the License, or
13
+
# (at your option) any later version.
14
+
#
15
+
# This program is distributed in the hope that it will be useful,
16
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
17
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18
+
# GNU General Public License for more details.
19
+
#
20
+
# You should have received a copy of the GNU General Public License
21
+
# along with this program; if not, write to the Free Software
22
+
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
23
+
24
+
use strict;
25
+
26
+
require "timelocal.pl";
27
+
28
+
# Global variables:
29
+
30
+
my $private_keys_path;
31
+
my $certificates_path;
32
+
my $root_certs_switch;
33
+
my $root_certs_path;
34
+
35
+
36
+
sub usage ();
37
+
sub get_paths ($ );
38
+
sub myglob ($ );
39
+
40
+
# directory setup routines
41
+
sub mkdir_recursive ($;$ );
42
+
sub init_paths ();
43
+
44
+
# key/certificate management methods
45
+
sub list_certs ();
46
+
sub query_label ();
47
+
sub add_entry ($$$$;$ );
48
+
sub add_certificate ($$$$;$ );
49
+
sub add_key ($$$$);
50
+
sub add_root_cert ($);
51
+
sub parse_pem (@ );
52
+
sub handle_pem (@ );
53
+
sub modify_entry ($$$;$ );
54
+
sub remove_pair ($ );
55
+
sub change_label ($ );
56
+
sub verify_cert($;$ );
57
+
sub do_verify($$;$);
58
+
59
+
60
+
61
+
62
+
# Get the directories mutt uses for certificate/key storage.
63
+
64
+
($private_keys_path, $certificates_path,
65
+
$root_certs_switch, $root_certs_path) = get_paths($SmimeMuttrc);
66
+
67
+
$certificates_path and $private_keys_path
68
+
and $root_certs_switch and $root_certs_path or
69
+
die("Couldn't get paths to certificates/keys from $SmimeMuttrc");
70
+
71
+
#
72
+
# OPS
73
+
#
74
+
75
+
if(@ARGV == 1 and $ARGV[0] eq "init") {
76
+
init_paths;
77
+
}
78
+
elsif(@ARGV == 1 and $ARGV[0] eq "list") {
79
+
list_certs;
80
+
}
81
+
elsif(@ARGV == 2 and $ARGV[0] eq "label") {
82
+
change_label($ARGV[1]);
83
+
}
84
+
elsif(@ARGV == 2 and $ARGV[0] eq "add_cert") {
85
+
my $cmd = "openssl x509 -noout -hash -in $ARGV[1]";
86
+
my $cert_hash = `$cmd`;
87
+
$? and die "'$cmd' returned $?";
88
+
chomp($cert_hash);
89
+
my $label = query_label;
90
+
&add_certificate($ARGV[1], \$cert_hash, 1, $label, '-');
91
+
}
92
+
elsif(@ARGV == 2 and $ARGV[0] eq "add_pem") {
93
+
-e $ARGV[1] and -s $ARGV[1] or die("$ARGV[1] is nonexistent or empty.");
94
+
open(PEM_FILE, "<$ARGV[1]") or die("Can't open $ARGV[1]: $!");
95
+
my @pem = <PEM_FILE>;
96
+
close(PEM_FILE);
97
+
handle_pem(@pem);
98
+
}
99
+
elsif( @ARGV == 2 and $ARGV[0] eq "add_p12") {
100
+
-e $ARGV[1] and -s $ARGV[1] or die("$ARGV[1] is nonexistent or empty.");
101
+
102
+
print "\nNOTE: This will ask you for two passphrases:\n";
103
+
print " 1. The passphrase you used for exporting\n";
104
+
print " 2. The passphrase you wish to secure your private key with.\n\n";
105
+
106
+
my $pem_file = "$ARGV[1].pem";
107
+
108
+
my $cmd = "openssl pkcs12 -in $ARGV[1] -out $pem_file";
109
+
system $cmd and die "'$cmd' returned $?";
110
+
111
+
-e $pem_file and -s $pem_file or die("Conversion of $ARGV[1] failed.");
112
+
open(PEM_FILE, $pem_file) or die("Can't open $pem_file: $!");
113
+
my @pem = <PEM_FILE>;
114
+
close(PEM_FILE);
115
+
handle_pem(@pem);
116
+
}
117
+
elsif(@ARGV == 4 and $ARGV[0] eq "add_chain") {
118
+
my $cmd = "openssl x509 -noout -hash -in $ARGV[2]";
119
+
my $cert_hash = `$cmd`;
120
+
$? and die "'$cmd' returned $?";
121
+
122
+
$cmd = "openssl x509 -noout -hash -in $ARGV[3]";
123
+
my $issuer_hash = `$cmd`;
124
+
$? and die "'$cmd' returned $?";
125
+
126
+
chomp($cert_hash);
127
+
chomp($issuer_hash);
128
+
129
+
my $label = query_label;
130
+
131
+
add_certificate($ARGV[3], \$issuer_hash, 0, $label);
132
+
my $mailbox = &add_certificate($ARGV[2], \$cert_hash, 1, $label, $issuer_hash);
133
+
134
+
add_key($ARGV[1], $cert_hash, $mailbox, $label);
135
+
}
136
+
elsif((@ARGV == 2 or @ARGV == 3) and $ARGV[0] eq "verify") {
137
+
verify_cert($ARGV[1], $ARGV[2]);
138
+
}
139
+
elsif(@ARGV == 2 and $ARGV[0] eq "remove") {
140
+
remove_pair($ARGV[1]);
141
+
}
142
+
elsif(@ARGV == 2 and $ARGV[0] eq "add_root") {
143
+
add_root_cert($ARGV[1]);
144
+
}
145
+
else {
146
+
usage;
147
+
exit(1);
148
+
}
149
+
150
+
exit(0);
151
+
152
+
153
+
154
+
155
+
156
+
############## sub-routines ########################
157
+
158
+
sub usage () {
159
+
print <<EOF;
160
+
161
+
Usage: smime_keys <operation> [file(s) | keyID [file(s)]]
162
+
163
+
with operation being one of:
164
+
165
+
init : no files needed, inits directory structure.
166
+
167
+
list : lists the certificates stored in database.
168
+
label : keyID required. changes/removes/adds label.
169
+
remove : keyID required.
170
+
verify : 1=keyID and optionally 2=CRL
171
+
Verifies the certificate chain, and optionally wether
172
+
this certificate is included in supplied CRL (PEM format).
173
+
Note: to verify all certificates at the same time,
174
+
replace keyID with "all"
175
+
176
+
add_cert : certificate required.
177
+
add_chain : three files reqd: 1=Key, 2=certificate
178
+
plus 3=intermediate certificate(s).
179
+
add_p12 : one file reqd. Adds keypair to database.
180
+
file is PKCS12 (e.g. export from netscape).
181
+
add_pem : one file reqd. Adds keypair to database.
182
+
(file was converted from e.g. PKCS12).
183
+
184
+
add_root : one file reqd. Adds PEM root certificate to the location
185
+
specified within muttrc (smime_verify_* command)
186
+
187
+
EOF
188
+
}
189
+
190
+
sub get_paths ($) {
191
+
my @files = (shift);
192
+
my $certs;
193
+
my $keys;
194
+
my $roots;
195
+
my $switch;
196
+
197
+
while (@files) {
198
+
my $file = myglob shift @files;
199
+
200
+
if (open(FILE, $file)) {
201
+
202
+
while(<FILE>) {
203
+
chomp;
204
+
s/\#.*//;
205
+
206
+
/^\s*source\s*\"?([^\"]*)\"?/
207
+
and push @files, $1;
208
+
209
+
/^\s*set\s*smime_keys\s*=\s*\"?([^\"]*)\"?/
210
+
and $keys = myglob $1;
211
+
212
+
/^\s*set\s*smime_certificates\s*=\s*\"?([^\"]*)\"?/
213
+
and $certs = myglob $1;
214
+
215
+
/^\s*set\s*smime_verify[^CA]*(-CA[^\s]*)\s*([^\s]*)./
216
+
and $switch = myglob $1 and $roots = myglob $2;
217
+
}
218
+
close(FILE);
219
+
}
220
+
}
221
+
return ($keys, $certs, $switch, $roots);
222
+
}
223
+
224
+
sub myglob ($) {
225
+
my $file = shift;
226
+
227
+
$file =~ s{
228
+
^ ~ # find a leading tilde
229
+
( # save this in $1
230
+
[^/] # a non-slash character
231
+
* # repeated 0 or more times (0 means me)
232
+
)
233
+
}{
234
+
$1
235
+
? (getpwnam($1))[7]
236
+
: ( $ENV{HOME} || $ENV{LOGDIR} || (getpwuid($<))[7] )
237
+
}ex;
238
+
239
+
return $file;
240
+
}
241
+
242
+
#
243
+
# directory setup routines
244
+
#
245
+
246
+
247
+
sub mkdir_recursive ($;$) {
248
+
my $path = shift;
249
+
my $mode = 0700;
250
+
251
+
(@_ == 2) and $mode = shift;
252
+
253
+
my $tmp_path;
254
+
255
+
for my $dir (split /\//, $path) {
256
+
$tmp_path .= "$dir/";
257
+
258
+
-d $tmp_path
259
+
or mkdir $tmp_path, $mode
260
+
or die "Can't mkdir $tmp_path: $!";
261
+
}
262
+
}
263
+
264
+
sub init_paths () {
265
+
mkdir_recursive($certificates_path);
266
+
mkdir_recursive($private_keys_path);
267
+
268
+
my $file;
269
+
270
+
$file = $certificates_path . "/.index";
271
+
-f $file or open(TMP_FILE, ">$file") and close(TMP_FILE)
272
+
or die "Can't touch $file: $!";
273
+
274
+
$file = $private_keys_path . "/.index";
275
+
-f $file or open(TMP_FILE, ">$file") and close(TMP_FILE)
276
+
or die "Can't touch $file: $!";
277
+
}
278
+
279
+
280
+
281
+
#
282
+
# certificate management methods
283
+
#
284
+
285
+
sub list_certs () {
286
+
my %keyflags = ( 'i', '(Invalid)', 'r', '(Revoked)', 'e', '(Expired)',
287
+
'u', '(Unverified)', 'v', '(Valid)', 't', '(Trusted)');
288
+
289
+
open(INDEX, "<$certificates_path/.index") or
290
+
die "Couldn't open $certificates_path/.index: $!";
291
+
292
+
print "\n";
293
+
while(<INDEX>) {
294
+
my $tmp;
295
+
my @tmp;
296
+
my $tab = " ";
297
+
my @fields = split;
298
+
299
+
if($fields[2] eq '-') {
300
+
print "$fields[1]: Issued for: $fields[0] $keyflags{$fields[4]}\n";
301
+
} else {
302
+
print "$fields[1]: Issued for: $fields[0] \"$fields[2]\" $keyflags{$fields[4]}\n";
303
+
}
304
+
305
+
(my $subject_in, my $email_in, my $issuer_in, my $date1_in, my $date2_in) =
306
+
`openssl x509 -subject -email -issuer -dates -noout -in $certificates_path/$fields[1]`;
307
+
308
+
my @subject = split(/\//, $subject_in);
309
+
while(@subject) {
310
+
$tmp = shift @subject;
311
+
($tmp =~ /^CN\=/) and last;
312
+
undef $tmp;
313
+
}
314
+
defined $tmp and @tmp = split (/\=/, $tmp) and
315
+
print $tab."Subject: $tmp[1]\n";
316
+
317
+
my @issuer = split(/\//, $issuer_in);
318
+
while(@issuer) {
319
+
$tmp = shift @issuer;
320
+
($tmp =~ /^CN\=/) and last;
321
+
undef $tmp;
322
+
}
323
+
defined $tmp and @tmp = split (/\=/, $tmp) and
324
+
print $tab."Issued by: $tmp[1]";
325
+
326
+
if ( defined $date1_in and defined $date2_in ) {
327
+
@tmp = split (/\=/, $date1_in);
328
+
$tmp = $tmp[1];
329
+
@tmp = split (/\=/, $date2_in);
330
+
print $tab."Certificate is not valid before $tmp".
331
+
$tab." or after ".$tmp[1];
332
+
}
333
+
334
+
-e "$private_keys_path/$fields[1]" and
335
+
print "$tab - Matching private key installed -\n";
336
+
337
+
my $purpose_in =
338
+
`openssl x509 -purpose -noout -in $certificates_path/$fields[1]`;
339
+
my @purpose = split (/\n/, $purpose_in);
340
+
print "$tab$purpose[0] (displays S/MIME options only)\n";
341
+
while(@purpose) {
342
+
$tmp = shift @purpose;
343
+
($tmp =~ /^S\/MIME/ and $tmp =~ /Yes/) or next;
344
+
my @tmptmp = split (/:/, $tmp);
345
+
print "$tab $tmptmp[0]\n";
346
+
}
347
+
348
+
print "\n";
349
+
}
350
+
351
+
close(INDEX);
352
+
}
353
+
354
+
355
+
356
+
sub query_label () {
357
+
my @words;
358
+
my $input;
359
+
360
+
print "\nYou may assign a label to this key, so you don't have to remember\n";
361
+
print "the key ID. This has to be _one_ word (no whitespaces).\n\n";
362
+
363
+
print "Enter label: ";
364
+
chomp($input = <STDIN>);
365
+
366
+
my ($label, $junk) = split(/\s/, $input, 2);
367
+
368
+
defined $junk
369
+
and print "\nUsing '$label' as label; ignoring '$junk'\n";
370
+
371
+
defined $label || ($label = "-");
372
+
373
+
return $label;
374
+
}
375
+
376
+
377
+
378
+
sub add_entry ($$$$;$) {
379
+
my $mailbox = shift;
380
+
my $hashvalue = shift;
381
+
my $use_cert = shift;
382
+
my $label = shift;
383
+
my $issuer_hash = shift;
384
+
385
+
my @fields;
386
+
387
+
if ($use_cert) {
388
+
open(INDEX, "+<$certificates_path/.index") or
389
+
die "Couldn't open $certificates_path/.index: $!";
390
+
}
391
+
else {
392
+
open(INDEX, "+<$private_keys_path/.index") or
393
+
die "Couldn't open $private_keys_path/.index: $!";
394
+
}
395
+
396
+
while(<INDEX>) {
397
+
@fields = split;
398
+
return if ($fields[0] eq $mailbox && $fields[1] eq $hashvalue);
399
+
}
400
+
401
+
if ($use_cert) {
402
+
print INDEX "$mailbox $hashvalue $label $issuer_hash u\n";
403
+
}
404
+
else {
405
+
print INDEX "$mailbox $hashvalue $label \n";
406
+
}
407
+
408
+
close(INDEX);
409
+
}
410
+
411
+
412
+
sub add_certificate ($$$$;$) {
413
+
my $filename = shift;
414
+
my $hashvalue = shift;
415
+
my $add_to_index = shift;
416
+
my $label = shift;
417
+
my $issuer_hash = shift;
418
+
419
+
my $iter = 0;
420
+
my $mailbox;
421
+
422
+
while(-e "$certificates_path/$$hashvalue.$iter") {
423
+
my ($t1, $t2);
424
+
425
+
my $cmd = "openssl x509 -in $filename -fingerprint -noout";
426
+
$t1 = `$cmd`;
427
+
$? and die "'$cmd' returned $?";
428
+
429
+
$cmd = "openssl x509 -in $certificates_path/$$hashvalue.$iter -fingerprint -noout";
430
+
$t2 = `$cmd`;
431
+
$? and die "'$cmd' returned $?";
432
+
433
+
$t1 eq $t2 and last;
434
+
435
+
$iter++;
436
+
}
437
+
$$hashvalue .= ".$iter";
438
+
439
+
unless (-e "$certificates_path/$$hashvalue") {
440
+
my $cmd = "cp $filename $certificates_path/$$hashvalue";
441
+
system $cmd and die "'$cmd' returned $?";
442
+
443
+
if ($add_to_index) {
444
+
my $cmd = "openssl x509 -in $filename -email -noout";
445
+
$mailbox = `$cmd`;
446
+
$? and die "'$cmd' returned $?";
447
+
448
+
chomp($mailbox);
449
+
add_entry($mailbox, $$hashvalue, 1, $label, $issuer_hash);
450
+
451
+
print "added certificate: $certificates_path/$$hashvalue for $mailbox.\n";
452
+
}
453
+
else {
454
+
print "added certificate: $certificates_path/$$hashvalue.\n";
455
+
}
456
+
}
457
+
458
+
return $mailbox;
459
+
}
460
+
461
+
462
+
sub add_key ($$$$) {
463
+
my $file = shift;
464
+
my $hashvalue = shift;
465
+
my $mailbox = shift;
466
+
my $label = shift;
467
+
468
+
unless (-e "$private_keys_path/$hashvalue") {
469
+
my $cmd = "cp $file $private_keys_path/$hashvalue";
470
+
system $cmd and die "$cmd returned $!";
471
+
print "added private key: " .
472
+
"$private_keys_path/$hashvalue for $mailbox\n";
473
+
add_entry($mailbox, $hashvalue, 0, $label, "");
474
+
}
475
+
}
476
+
477
+
478
+
479
+
480
+
481
+
482
+
sub parse_pem (@) {
483
+
my $state = 0;
484
+
my $cert_iter = 0;
485
+
my @bag_attribs;
486
+
my $numBags = 0;
487
+
488
+
open(CERT_FILE, ">cert_tmp.$cert_iter")
489
+
or die "Couldn't open cert_tmp.$cert_iter: $!";
490
+
491
+
while($_ = shift(@_)) {
492
+
if(/^Bag Attributes/) {
493
+
$numBags++;
494
+
$state == 0 or die("PEM-parse error at: $.");
495
+
$state = 1;
496
+
$bag_attribs[$cert_iter*4+1] = "";
497
+
$bag_attribs[$cert_iter*4+2] = "";
498
+
$bag_attribs[$cert_iter*4+3] = "";
499
+
}
500
+
501
+
($state == 1) and /localKeyID:\s*(.*)/
502
+
and ($bag_attribs[$cert_iter*4+1] = $1);
503
+
504
+
($state == 1) and /subject=\s*(.*)/
505
+
and ($bag_attribs[$cert_iter*4+2] = $1);
506
+
507
+
($state == 1) and /issuer=\s*(.*)/
508
+
and ($bag_attribs[$cert_iter*4+3] = $1);
509
+
510
+
if(/^-----/) {
511
+
if(/BEGIN/) {
512
+
print CERT_FILE;
513
+
$state = 2;
514
+
515
+
if(/PRIVATE/) {
516
+
$bag_attribs[$cert_iter*4] = "K";
517
+
next;
518
+
}
519
+
if(/CERTIFICATE/) {
520
+
$bag_attribs[$cert_iter*4] = "C";
521
+
next;
522
+
}
523
+
die("What's this: $_");
524
+
}
525
+
if(/END/) {
526
+
$state = 0;
527
+
print CERT_FILE;
528
+
close(CERT_FILE);
529
+
$cert_iter++;
530
+
open(CERT_FILE, ">cert_tmp.$cert_iter")
531
+
or die "Couldn't open cert_tmp.$cert_iter: $!";
532
+
next;
533
+
}
534
+
}
535
+
print CERT_FILE;
536
+
}
537
+
close(CERT_FILE);
538
+
539
+
# I'll add support for unbagged cetificates, in case this is needed.
540
+
$numBags == $cert_iter or
541
+
die("Not all contents were bagged. can't continue.");
542
+
543
+
@bag_attribs;
544
+
}
545
+
546
+
547
+
# This requires the Bag Attributes to be set
548
+
sub handle_pem (@) {
549
+
550
+
my @pem_contents;
551
+
my $iter=0;
552
+
my $root_cert;
553
+
my $key;
554
+
my $certificate;
555
+
my $mailbox;
556
+
557
+
@pem_contents = &parse_pem(@_);
558
+
559
+
# private key and certificate use the same 'localKeyID'
560
+
while($iter <= $#pem_contents>>2) {
561
+
if($pem_contents[$iter<<2] eq "K") {
562
+
$key = $iter;
563
+
last;
564
+
}
565
+
$iter++;
566
+
}
567
+
($key > $#pem_contents>>2) and die("Couldn't find private key!");
568
+
569
+
$pem_contents[($key<<2)+1] or die("Attribute 'localKeyID' wasn't set.");
570
+
571
+
$iter = 0;
572
+
while($iter <= $#pem_contents>>2) {
573
+
$iter == $key and ($iter++) and next;
574
+
if($pem_contents[($iter<<2)+1] eq $pem_contents[($key<<2)+1]) {
575
+
$certificate = $iter;
576
+
last;
577
+
}
578
+
$iter++;
579
+
}
580
+
($certificate > $#pem_contents>>2) and die("Couldn't find matching certificate!");
581
+
582
+
my $cmd = "cp cert_tmp.$key tmp_key";
583
+
system $cmd and die "'$cmd' returned $?";
584
+
585
+
$cmd = "cp cert_tmp.$certificate tmp_certificate";
586
+
system $cmd and die "'$cmd' returned $?";
587
+
588
+
# root certificate is self signed
589
+
$iter = 0;
590
+
591
+
while($iter <= $#pem_contents>>2) {
592
+
if ($iter == $key or $iter == $certificate) {
593
+
$iter++;
594
+
next;
595
+
}
596
+
597
+
if($pem_contents[($iter<<2)+2] eq $pem_contents[($iter<<2)+3]) {
598
+
$root_cert = $iter;
599
+
last;
600
+
}
601
+
$iter++;
602
+
}
603
+
($root_cert > $#pem_contents>>2) and die("Couldn't identify root certificate!");
604
+
605
+
# what's left are intermediate certificates.
606
+
$iter = 0;
607
+
608
+
$cmd = "rm -f tmp_issuer_cert";
609
+
system $cmd and die "'$cmd' returned $?";
610
+
611
+
while($iter <= $#pem_contents>>2) {
612
+
if ($iter == $key or $iter == $certificate or $iter == $root_cert) {
613
+
$iter++;
614
+
next;
615
+
}
616
+
617
+
my $cmd = "cat cert_tmp.$iter >> tmp_issuer_cert";
618
+
system $cmd and die "'$cmd' returned $?";
619
+
620
+
$iter++;
621
+
}
622
+
623
+
my $label = query_label;
624
+
625
+
$cmd = "openssl x509 -noout -hash -in tmp_certificate";
626
+
my $cert_hash = `$cmd`;
627
+
$? and die "'$cmd' returned $?";
628
+
629
+
$cmd = "openssl x509 -noout -hash -in tmp_issuer_cert";
630
+
my $issuer_hash = `$cmd`;
631
+
$? and die "'$cmd' returned $?";
632
+
633
+
chomp($cert_hash); chomp($issuer_hash);
634
+
635
+
# Note: $cert_hash will be changed to reflect the correct filename
636
+
# within add_cert() ONLY, so these _have_ to get called first..
637
+
add_certificate("tmp_issuer_cert", \$issuer_hash, 0, $label);
638
+
$mailbox = &add_certificate("tmp_certificate", \$cert_hash, 1, $label, $issuer_hash);
639
+
add_key("tmp_key", $cert_hash, $mailbox, $label);
640
+
641
+
$cmd = "rm -f cert_tmp.* tmp_*";
642
+
system $cmd and die "'$cmd' returned $?";
643
+
}
644
+
645
+
646
+
647
+
648
+
649
+
650
+
sub modify_entry ($$$;$ ) {
651
+
my $op = shift;
652
+
my $hashvalue = shift;
653
+
my $use_cert = shift;
654
+
my $crl;
655
+
my $label;
656
+
my $path;
657
+
my @fields;
658
+
659
+
$op eq 'L' and ($label = shift);
660
+
$op eq 'V' and ($crl = shift);
661
+
662
+
663
+
if ($use_cert) {
664
+
$path = $certificates_path;
665
+
}
666
+
else {
667
+
$path = $private_keys_path;
668
+
}
669
+
670
+
open(INDEX, "<$path/.index") or
671
+
die "Couldn't open $path/.index: $!";
672
+
open(NEW_INDEX, ">$path/.index.tmp") or
673
+
die "Couldn't create $path/.index.tmp: $!";
674
+
675
+
while(<INDEX>) {
676
+
@fields = split;
677
+
if($fields[1] eq $hashvalue or $hashvalue eq 'all') {
678
+
$op eq 'R' and next;
679
+
print NEW_INDEX "$fields[0] $fields[1]";
680
+
if($op eq 'L') {
681
+
if($use_cert) {
682
+
print NEW_INDEX " $label $fields[3] $fields[4]";
683
+
}
684
+
else {
685
+
print NEW_INDEX " $label";
686
+
}
687
+
}
688
+
if ($op eq 'V') {
689
+
print "\n==> about to verify certificate of $fields[0]\n";
690
+
my $flag = &do_verify($fields[1], $fields[3], $crl);
691
+
print NEW_INDEX " $fields[2] $fields[3] $flag";
692
+
}
693
+
print NEW_INDEX "\n";
694
+
next;
695
+
}
696
+
print NEW_INDEX;
697
+
}
698
+
close(INDEX);
699
+
close(NEW_INDEX);
700
+
701
+
my $cmd = "mv -f $path/.index.tmp $path/.index";
702
+
system $cmd and die "'$cmd' returned $?";
703
+
704
+
print "\n";
705
+
}
706
+
707
+
708
+
709
+
710
+
sub remove_pair ($ ) {
711
+
my $keyid = shift;
712
+
713
+
if (-e "$certificates_path/$keyid") {
714
+
my $cmd = "rm -f $certificates_path/$keyid";
715
+
system $cmd and die "'$cmd' returned $?";
716
+
modify_entry('R', $keyid, 1);
717
+
print "Removed certificate $keyid.\n";
718
+
}
719
+
else {
720
+
die "No such certificate: $keyid";
721
+
}
722
+
723
+
if (-e "$private_keys_path/$keyid") {
724
+
my $cmd = "rm -f $private_keys_path/$keyid";
725
+
system $cmd and die "'$cmd' returned $?";
726
+
modify_entry('R', $keyid, 0);
727
+
print "Removed private key $keyid.\n";
728
+
}
729
+
}
730
+
731
+
732
+
733
+
sub change_label ($ ) {
734
+
my $keyid = shift;
735
+
736
+
my $label = query_label;
737
+
738
+
if (-e "$certificates_path/$keyid") {
739
+
modify_entry('L', $keyid, 1, $label);
740
+
print "Changed label for certificate $keyid.\n";
741
+
}
742
+
else {
743
+
die "No such certificate: $keyid";
744
+
}
745
+
746
+
if (-e "$private_keys_path/$keyid") {
747
+
modify_entry('L', $keyid, 0, $label);
748
+
print "Changed label for private key $keyid.\n";
749
+
}
750
+
751
+
}
752
+
753
+
754
+
755
+
756
+
sub verify_cert ($;$ ) {
757
+
my $keyid = shift;
758
+
my $crl = shift;
759
+
760
+
-e "$certificates_path/$keyid" or $keyid eq 'all'
761
+
or die "No such certificate: $keyid";
762
+
modify_entry('V', $keyid, 1, $crl);
763
+
}
764
+
765
+
766
+
767
+
768
+
sub do_verify($$;$) {
769
+
770
+
my $cert = shift;
771
+
my $issuerid = shift;
772
+
my $crl = shift;
773
+
774
+
my $result = 'i';
775
+
my $trust_q;
776
+
my $issuer_path;
777
+
my $cert_path = "$certificates_path/$cert";
778
+
779
+
if($issuerid eq '?') {
780
+
$issuer_path = "$certificates_path/$cert";
781
+
} else {
782
+
$issuer_path = "$certificates_path/$issuerid";
783
+
}
784
+
785
+
my $output = `openssl verify $root_certs_switch $root_certs_path -purpose smimesign -purpose smimeencrypt -untrusted $issuer_path $cert_path`;
786
+
chop $output;
787
+
print "\n$output\n";
788
+
789
+
($output =~ /OK/) and ($result = 'v');
790
+
791
+
$result eq 'i' and return $result;
792
+
793
+
794
+
(my $date1_in, my $date2_in, my $serial_in) =
795
+
`openssl x509 -dates -serial -noout -in $cert_path`;
796
+
797
+
if ( defined $date1_in and defined $date2_in ) {
798
+
my @tmp = split (/\=/, $date1_in);
799
+
my $tmp = $tmp[1];
800
+
@tmp = split (/\=/, $date2_in);
801
+
my %months = ('Jan', '00', 'Feb', '01', 'Mar', '02', 'Apr', '03',
802
+
'May', '04', 'Jun', '05', 'Jul', '06', 'Aug', '07',
803
+
'Sep', '08', 'Oct', '09', 'Nov', '10', 'Dec', '11');
804
+
805
+
my @fields =
806
+
$tmp =~ /(\w+)\s*(\d+)\s*(\d+):(\d+):(\d+)\s*(\d+)\s*GMT/;
807
+
808
+
$#fields != 5 and print "Expiration Date: Parse Error : $tmp\n\n" or
809
+
timegm($fields[4], $fields[3], $fields[2], $fields[1],
810
+
$months{$fields[0]}, $fields[5]) > time and $result = 'e';
811
+
$result eq 'e' and print "Certificate is not yet valid.\n" and return $result;
812
+
813
+
@fields =
814
+
$tmp[1] =~ /(\w+)\s*(\d+)\s*(\d+):(\d+):(\d+)\s*(\d+)\s*GMT/;
815
+
816
+
$#fields != 5 and print "Expiration Date: Parse Error : $tmp[1]\n\n" or
817
+
timegm($fields[4], $fields[3], $fields[2], $fields[1],
818
+
$months{$fields[0]}, $fields[5]) < time and $result = 'e';
819
+
$result eq 'e' and print "Certificate has expired.\n" and return $result;
820
+
821
+
}
822
+
823
+
if ( defined $crl ) {
824
+
my @serial = split (/\=/, $serial_in);
825
+
(my $l1, my $l2) =
826
+
`openssl crl -text -noout -in $crl |grep -A1 $serial[1]`;
827
+
828
+
if ( defined $l2 ) {
829
+
my @revoke_date = split (/:\s/, $l2);
830
+
print "FAILURE: Certificate $cert has been revoked on $revoke_date[1]\n";
831
+
$result = 'r';
832
+
}
833
+
}
834
+
print "\n";
835
+
836
+
if ($result eq 'v') {
837
+
print "Certificate was successfully verified.\nDo you choose to trust this certificate ? (yes/no) ";
838
+
chomp($trust_q = <STDIN>);
839
+
$trust_q eq 'yes' and $result = 't';
840
+
}
841
+
842
+
return $result;
843
+
}
844
+
845
+
846
+
847
+
sub add_root_cert ($) {
848
+
my $root_cert = shift;
849
+
850
+
my $cmd = "openssl x509 -noout -hash -in $root_cert";
851
+
my $root_hash = `$cmd`;
852
+
$? and die "'$cmd' returned $?";
853
+
854
+
if (-d $root_certs_path) {
855
+
$cmd = "cp $root_cert $root_certs_path/$root_hash";
856
+
-e "$root_certs_path/$root_hash" or
857
+
system $cmd and die "'$cmd' returned $?";
858
+
}
859
+
else {
860
+
open(ROOT_CERTS, ">>$root_certs_path") or
861
+
die ("Couldn't open $root_certs_path for writing");
862
+
863
+
$cmd = "openssl x509 -in $root_cert -fingerprint -noout";
864
+
$? and die "'$cmd' returned $?";
865
+
chomp(my $md5fp = `$cmd`);
866
+
867
+
$cmd = "openssl x509 -in $root_cert -text -noout";
868
+
$? and die "'$cmd' returned $?";
869
+
my @cert_text = `$cmd`;
870
+
871
+
print "Enter a label, name or description for this certificate: ";
872
+
my $input = <STDIN>;
873
+
874
+
my $line = "=======================================\n";
875
+
print ROOT_CERTS "\n$input$line$md5fp\nPEM-Data:\n";
876
+
877
+
open(IN_CERT, "<$root_cert");
878
+
while (<IN_CERT>) {
879
+
print ROOT_CERTS;
880
+
}
881
+
close (IN_CERT);
882
+
print ROOT_CERTS @cert_text;
883
+
close (ROOT_CERTS);
884
+
}
885
+
886
+
}
887
+