This applies to the --verify and --verify-chain commands.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
** libgnutls: The min-verification-profile from system configuration applies
for all certificate verifications, not only under TLS.
+** certtool: Added the --verify-profile option to set a certificate
+ verification profile. Use '--verify-profile low' for certificate verification
+ to apply the 'NORMAL' verification profile.
+
** API and ABI modifications:
gnutls_ocsp_req_const_t: Added
doc = "This can be combined with --p7-verify, --verify or --verify-chain.";
};
+flag = {
+ name = verify-profile;
+ descrip = "Specify a security level profile to be used for verification";
+ arg-type = string;
+ doc = "This option can be used to specify a certificate verification profile. Certificate
+ verification profiles correspond to the security level. This should be one of
+ 'none', 'very weak', 'low', 'legacy', 'medium', 'high', 'ultra',
+ 'future'. Note that by default no profile is applied, unless one is set
+ as minimum in the gnutls configuration file.";
+};
+
//----------------------------------------
flag = {
name = pkcs7_options;
unsigned rsa_pss_sign;
unsigned sort_chain;
+
+ gnutls_sec_param_t verification_profile;
} common_info_st;
static inline
cinfo.password = "";
}
+ if (HAVE_OPT(VERIFY_PROFILE)) {
+ if (strcasecmp(OPT_ARG(VERIFY_PROFILE), "none")) {
+ cinfo.verification_profile = GNUTLS_PROFILE_UNKNOWN;
+ } else {
+ cinfo.verification_profile = gnutls_certificate_verification_profile_get_id(OPT_ARG(VERIFY_PROFILE));
+ }
+ } else if (!HAVE_OPT(VERIFY_ALLOW_BROKEN)) {
+ if (HAVE_OPT(VERIFY_CHAIN) || HAVE_OPT(VERIFY)) {
+ fprintf(stderr, "Note that no verification profile was selected. In the future the medium profile will be enabled by default.\n");
+ fprintf(stderr, "Use --verify-profile low to apply the default verification of NORMAL priority string.\n");
+ }
+ /* cinfo.verification_profile = GNUTLS_PROFILE_LOW; */
+ }
+
if (HAVE_OPT(SIGN_PARAMS))
sign_params_to_flags(&cinfo, OPT_ARG(SIGN_PARAMS));
}
vflags = GNUTLS_VERIFY_DO_NOT_ALLOW_SAME;
+ vflags |= GNUTLS_PROFILE_TO_VFLAGS(cinfo->verification_profile);
if (HAVE_OPT(VERIFY_ALLOW_BROKEN))
vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
data/key-gost01.p8 data/key-gost01-2.p8 data/key-gost01-2-enc.p8 \
data/key-gost12-256.p8 data/key-gost12-256-2.p8 data/key-gost12-256-2-enc.p8 \
data/key-gost12-512.p8 data/grfc.crt data/gost-cert-ca.pem data/gost-cert-new.pem \
- data/cert-with-non-digits-time-ca.pem data/cert-with-non-digits-time.pem
+ data/cert-with-non-digits-time-ca.pem data/cert-with-non-digits-time.pem \
+ data/chain-512-leaf.pem data/chain-512-subca.pem data/chain-512-ca.pem
dist_check_SCRIPTS = pathlen aki invalid-sig email \
pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \
pkcs12 certtool-crl-decoding pkcs12-encode pkcs12-corner-cases inhibit-anypolicy \
smime cert-time alt-chain pkcs7-list-sign pkcs7-eddsa certtool-ecdsa \
key-id pkcs8 pkcs8-decode ecdsa illegal-rsa pkcs8-invalid key-invalid \
- pkcs8-eddsa certtool-subca cert-non-digits-time
+ pkcs8-eddsa certtool-subca cert-non-digits-time certtool-verify-profiles
dist_check_SCRIPTS += key-id ecdsa pkcs8-invalid key-invalid pkcs8-decode pkcs8 pkcs8-eddsa \
certtool-utf8 crq
--- /dev/null
+#!/bin/sh
+
+# Copyright (C) 2017 Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+#set -e
+
+srcdir="${srcdir:-.}"
+CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}"
+DIFF="${DIFF:-diff -b -B}"
+
+if ! test -x "${CERTTOOL}"; then
+ exit 77
+fi
+
+if ! test -z "${VALGRIND}"; then
+ VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
+fi
+
+OUTFILE=out-pkcs7.$$.tmp
+
+. ${srcdir}/../scripts/common.sh
+
+check_for_datefudge
+
+echo "Checking chain with insecure leaf"
+datefudge -s "2019-12-19" \
+${VALGRIND} "${CERTTOOL}" --verify-chain --verify-profile=medium --infile "${srcdir}/data/chain-512-leaf.pem" >${OUTFILE}
+rc=$?
+
+if test "${rc}" != "1"; then
+ echo "insecure chain succeeded verification (1)"
+ cat $OUTFILE
+ exit ${rc}
+fi
+
+echo "Checking chain with insecure subca"
+datefudge -s "2019-12-19" \
+${VALGRIND} "${CERTTOOL}" --verify-chain --verify-profile=medium --infile "${srcdir}/data/chain-512-subca.pem" >${OUTFILE}
+rc=$?
+
+if test "${rc}" != "1"; then
+ echo "insecure chain succeeded verification (2)"
+ cat $OUTFILE
+ exit ${rc}
+fi
+
+
+echo "Checking chain with insecure ca"
+datefudge -s "2019-12-19" \
+${VALGRIND} "${CERTTOOL}" --verify-chain --verify-profile=medium --infile "${srcdir}/data/chain-512-ca.pem" >${OUTFILE}
+rc=$?
+
+if test "${rc}" != "1"; then
+ echo "insecure chain succeeded verification (3)"
+ cat $OUTFILE
+ exit ${rc}
+fi
+
+
+rm -f "${OUTFILE}"
+
+exit 0
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDATCCAbmgAwIBAgIUf62L1YAmuKuNR4Bnwn4FEjFDpOcwPQYJKoZIhvcNAQEK
+MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
+AUAwDzENMAsGA1UEAxMEQ0EtMTAgFw0xOTEyMTgxMjUyMjZaGA85OTk5MTIzMTIz
+NTk1OVowEzERMA8GA1UEAxMIc2VydmVyLTIwgZswEAYHKoZIzj0CAQYFK4EEACMD
+gYYABAGxhmDvIvu97o66LrAU40sO9Mqh78UpxNpdsDD8tD0aDhOivP2WK/9LqSBJ
+uaIIzY4pQyNAHdp8WFnmwiutiMnXHgGcps4Mw7gEKMlQKDP8zS2GSkJt9r0ct6jY
++39JQ+fM0PPcxlyFMQlLTMwcFKPAH+stA3MqxroPLHpeds9u1HcrXaN3MHUwDAYD
+VR0TAQH/BAIwADAUBgNVHREEDTALgglsb2NhbGhvc3QwDwYDVR0PAQH/BAUDAweA
+ADAdBgNVHQ4EFgQUjYaF/lZImEi+LQtLIh9y035UucAwHwYDVR0jBBgwFoAUmoMA
+sMqoL0N4sF0RT5M2mxyQrs8wPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGh
+GjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCAUADggEBAJ+FXZz9F6ie8EJc
+OMA55zOr+SPgSqf/6E1xLNQqf/s44oyXkl3FfYXYitHc6vAp1LOD3WjXCDgSSM1R
+Vp0qBKDO+7ESYVCIYdzoSC4OFwVSTID+rH1bv0m9ZMiPQB97vAzXJq0bGyijPZGb
+TSUHjFNImGJdZq3B/uB0c/tQBLUi9YrVT1vYZ+lpOyMYaN21zFuDB6lc5sA6/k08
+I9J369z7iVCuibvXBo4roRL7wj+Cww5l6wjeFEo3Oj8wDoRHlxTk9ym40yvZinSY
+PAESEyNkpLo6Ctyjz3HVxLmTZE/TyG/hNXionRXQ1uJZJOtdIMXouGCHStx2iFcL
+2PSL3ng=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICgDCCAiqgAwIBAgIUZ91YTLTnOoGdoBoMZrk6sdNguM0wDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTEyMTgxMjUyMjZaGA85OTk5MTIzMTIz
+NTk1OVowDzENMAsGA1UEAxMEQ0EtMTCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglg
+hkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCAUADggEPADCC
+AQoCggEBALYQaHpuXl4jEi7KpErGCCcQ0c50NuEnUzfU92tGJzXNLnOdKQVxW7ma
+ptJ1Lb+f2D+utL61/eyG32DLosaPiTDi8R7P8O/ivXEhwHe8ScH/B1DAHfbnRNv8
+MC4nTq8MavMIm/9UE7j19C+uhLFFPExnRohaFZXLqKbAiadMYyEqROjibpmBcyxY
+StdQNOQ0qBC/NkPRh+kSA6vN+ZIsqizl/PNfgd7am7c793fAb42U36q3ymUpCtkM
+GhCoVx625sVYOKIHdtzGOwTV277TcVnflg+BwK97p0FRUh0envFENI1uzz4Et5Mn
+swTDE/KoYVM8EIDeQcFAnF5tVxZfSosCAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB
+/zAPBgNVHQ8BAf8EBQMDB4QAMB0GA1UdDgQWBBSagwCwyqgvQ3iwXRFPkzabHJCu
+zzAfBgNVHSMEGDAWgBS4/wLP/kals1V+CMMSsHiF9p0QajANBgkqhkiG9w0BAQsF
+AANBAGmYNtQ0MIrtLCUs+WHJUE6nTC4DQHjNJ9eiFDQtDiup7FOZlLPWuxBv8IG+
+zXVfCc9BxrAQSAGiwyx4gKDT95I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBZzCCARGgAwIBAgIUR3WhmgKRJu05fANwlblt/s9l6jQwDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTEyMTgxMjUyMjZaGA85OTk5MTIzMTIz
+NTk1OVowDzENMAsGA1UEAxMEQ0EtMDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDK
+s7lICbgRDeRXEPqZagrNUi5TjJkMB4NfU9gb0OUi3Vsna8Vi/2CLqJQ+jttINcS6
+knobMwssEAnkLe+V+KTzAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P
+AQH/BAUDAwcGADAdBgNVHQ4EFgQUuP8Cz/5GpbNVfgjDErB4hfadEGowDQYJKoZI
+hvcNAQELBQADQQAFKda31c8Dsue9JpR4med450ZroHT5WrGkH6T7XwczXfNc8W9w
+nKPMoJLZK47HSWqUdniMRPX9XydqxaVug5Rj
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICYTCCAUmgAwIBAgIUGaahqSHZnDisEpq7NdDyajix8GgwDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMTAgFw0xOTEyMTgxMjU0MzVaGA85OTk5MTIzMTIz
+NTk1OVowEzERMA8GA1UEAxMIc2VydmVyLTIwXDANBgkqhkiG9w0BAQEFAANLADBI
+AkEAmmMomDw6UyEVGsCdhWB3BbgJNP+T4bFMnovfcwl5GBI9htuMataGBWB202Nf
+ICItBqPCI7Mu8kO4xsz44ejRNQIDAQABo3cwdTAMBgNVHRMBAf8EAjAAMBQGA1Ud
+EQQNMAuCCWxvY2FsaG9zdDAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBSuKggm
+nzHbFCskfAJqxOV+hLlfLDAfBgNVHSMEGDAWgBS0Hn5aBNJdFPII6ad0f/eSfxEL
+MjANBgkqhkiG9w0BAQsFAAOCAQEAQZR/tbDYzzDo3CL/lFmk/dXs6/qMo3B/9xLV
+HGhj2IqjRNY4Qo4V05a+Xw9bUxvmuae+BrNGOK4ouwhsmZerTPIhE6u1PWZclcQm
+Ean6r8uXWKsCdUd1zMP/oZUuWiQga/7+Ej2MT/E7dxhfHoAQin9B6NGIJB8pG0KX
+FU74gSlsA+bQFBEyIYDgJXj6Oht0ggyIzzy6nPzi+7cRgzmqhfCyoZoZd8vn1fi3
+Lvqt3XbfDITTBhr9FtBr0LQNbe5/j74nXKUiIYiu8EkDC0hTMK+s2q9qNi43+naR
+8h0irt/ZBUIJrJWtPSJsVDHKXkEtwYaI+HNNGE/Zjk4wS3ydBg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDEjCCAfqgAwIBAgIUTJoYUgrAGOyE94h5R67I+cbdBtYwDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTEyMTgxMjU0MzRaGA85OTk5MTIzMTIz
+NTk1OVowDzENMAsGA1UEAxMEQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAM+nUak8iG8Ff5u08dsTvdQsb+xVnHiL+cPOrAaDN76VpifZKE5fHMcy
+LYJi3cXZHgIUMTTHqU0X9wef5GbRDdmH82073OHE4XTaf0NJckGLegqxt7xRN24b
+bUQquy1Xr1mSBoVGPOZXkS75nZ0vLFXcP4hF8J4M2y8veCnJJZB/y110F+j8g2uJ
+guXozXXk9/64obxycy/k6JSzCr/WjEhg0dL5t/rnpUxxMkqJqd8P5YpCabhP0mjh
+gCb0R0UX5B4R3MqeQ4TwXbf9pI4EtEIGtYBmgWczEV300oe+CixiKABvxF6Q37Eg
+N+c8Yjyod10M55YcOttIYrO/dAGOfOcCAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB
+/zAPBgNVHQ8BAf8EBQMDB4QAMB0GA1UdDgQWBBS0Hn5aBNJdFPII6ad0f/eSfxEL
+MjAfBgNVHSMEGDAWgBSCt0sRc+AtcCAfvZZvqd9gBkYnyTANBgkqhkiG9w0BAQsF
+AAOCAQEAKvrBV31kz41qjkk2QQ6DR2COVfOmc9LHbeJMr/s1vFxyNJ1htsfHh2HW
+lvYyqzS0m36RApCJXT1Z1dzvEp45GoCtaISVq9jenKSm7nLCqnhbPWFr3nMDWPPG
+c9lV7PlPB8myeHhZpGK7df1VcTIJN2u/SI7P4RnaUck2176yJVyU4StOUcmbd+Yn
+I7LWpxwVmNkcOwI5IR0zdbVWcLP9+2kL8Kju8koql1lrlqTnucRY+2sD1sjaTTIz
+kQVrELO0l9EAAC5La6u9dACkOhppYFZIw++hbtEXxgkEYnoGzvptsNi3w+CrQ/g8
+7cuIfQFBCX/9C6APbz1o4FHJCKsDVw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC8TCCAdmgAwIBAgIUMPdFIRYbJUlkWLtbOqcbIE9nbkkwDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTEyMTgxMjU0MzRaGA85OTk5MTIzMTIz
+NTk1OVowDzENMAsGA1UEAxMEQ0EtMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALS9CFlh0IrSuEjuiDRnznblJiTWXuojqTp61CZkJzEt3mTAbAuvJGZa
+wG6gQxMIIYwxtbdjC58wP9ZucJgFxVgD4211QBcwACxDCbGyUsxTZZrQkCMun6Y/
+YMUSu8Og6twIx++vAO+N0Eaa/FrUcYa0Hj8XxUgL8/CT40OJC/i49OuA9Bs3L6zj
+aMEADZ/f3/33oo6jgOdRmUmVOuovNg02h4NjBk3OlKD03vZ2ygVzmXme0YBM0o3Z
+SmMqhut96fI8taqcCV5ccNNsp6HHIg0GGuWtBB7rTkEFBhQg53AMrzgOpQ64Pueg
+LXLdRdOVKRkX1lLvboRMbjlM5HtOTX8CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB
+/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1UdDgQWBBSCt0sRc+AtcCAfvZZvqd9gBkYn
+yTANBgkqhkiG9w0BAQsFAAOCAQEAEjS+iRmeALeQIVvU4VztUmqp7FtkdD1P92xu
+yuvPTKGmhRRwDNB1GleHUt4BFKF9EPTW9PK9VJTjNiivPcm9u6zjRENb95l7NOsY
+5AYMZFyR+jRT7cxbDYGuQ9yc8nRF1mH6L0osfgMIub/Z7noMgSGhzQx5E56Q2CPj
+QVLUH37Hkj0hAWsccFuiicZSeAsxSWAr7+qRKHWJKgJ1sBiDkXlsfuoUYJCFd4Q7
+LQraLxDpVfB44E+rxFRJoLYzExeTXhDvCJYNPd7OUd6WIOeq0yjaj1v8dn5pV6Vh
+kockuY1rAy2fNlOoIEG9qVvWJ/vj+Uq9wUomW3wfyF8es74V2A==
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIB3zCCAYmgAwIBAgIUJCiWOylfZcYmHICa+LwzULsEY5swDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMTAgFw0xOTEyMTgxMjUzMjdaGA85OTk5MTIzMTIz
+NTk1OVowEzERMA8GA1UEAxMIc2VydmVyLTIwgZswEAYHKoZIzj0CAQYFK4EEACMD
+gYYABAEkG+6EOxALvWgJfPPfTj6aM++G/Clb6qYKb7EKHKArIngKFB9jLmGCC9Nh
++2Fg75z9GjP1UNqdlwcuTYsFzIdFfgD7POQCoU/mQKGHCHrNgTd+yhbpkjIzMf94
+Pd37B3KWoMwpt42vi5oEv1wMaMT/9bgZtiTh5cFdYc53MpVqj9GAiaN3MHUwDAYD
+VR0TAQH/BAIwADAUBgNVHREEDTALgglsb2NhbGhvc3QwDwYDVR0PAQH/BAUDAweA
+ADAdBgNVHQ4EFgQUbktH02YQyE/FHx+/fWGUBEXQYxwwHwYDVR0jBBgwFoAUTXqT
+trlGUSx93s8ATWGeoEDKrqcwDQYJKoZIhvcNAQELBQADQQAFHfmevmaYUZcMZLDY
++BrwecSLCxPWHd6T1QDhn6x7P8aVsY/8cLIn7ACURxR+ia2fG/px0o2+wV+bT+A5
+sDIv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICSjCCATKgAwIBAgIUA6RF1rEvvPbBSliyFqD77roShB0wDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTEyMTgxMjUzMjdaGA85OTk5MTIzMTIz
+NTk1OVowDzENMAsGA1UEAxMEQ0EtMTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDl
+cI6PmIU+IFbj7ykZkLWuGIlR8uF3CAyj2fq4iBeEk10hEA+d5Oz2Yp7YwmnTJvb6
+oO2XLPyLyE3htVmbaEj5AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P
+AQH/BAUDAweEADAdBgNVHQ4EFgQUTXqTtrlGUSx93s8ATWGeoEDKrqcwHwYDVR0j
+BBgwFoAUCWYWUmG4wYva7UCkhcdTRTJXTIQwDQYJKoZIhvcNAQELBQADggEBABeg
+Ev6JXb78IRCeK11I/B30HW17ejR+wFBereGpuIxu6HtDHVl2Au1+vJ+ddK7hVvL5
+Z18RozUyvwpCAQ5DqC9SzabAfIszM7PvEZ7/j5xd11L+YEicd9g72jVKwP2VSIJL
+9dfHBFvIlh7NrspwVipPSp5bDCbrTTOpNPHHQuTNO51dw9178UfmQhg4hIrMnGsW
+edT5KswtixFekzW36giJ673tnz/amcDJxJC78sXFnpYsIrTRFqU2/rrd7Yd9Fmwv
+4D2vvBVmRKVYTEz9W5tgMEQWvzSomQj5ejzHzcomXXp/W96XDKWVjHE43EmqquTE
+rlIkVCK/Yf1h99U2+Ag=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC8TCCAdmgAwIBAgIUWV9HK/UEiOT8ZpQq2w2glOshGeUwDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTEyMTgxMjUzMjdaGA85OTk5MTIzMTIz
+NTk1OVowDzENMAsGA1UEAxMEQ0EtMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAMVYMEUmPcAGVgJkwMSser5bJWUEzD7PtXUzzeu3UAUl5D/B5I7vlZ3A
+1T0ZlSdTB0N73HHg/FFE90jUrVoj/yI6Ml1otPZ1tYjH2eLGN+/NCkFVKSzxuNo3
+DURRRFoWMpk4kpmaCYkWoKMTYZtkcserm+Lv0kpBFT12+iT/GCPBmaqmcbMK8sbS
+Pz45BVdRFwln8oyLKSunXyYrBd2LHlLkhag0YivojAxuE8IyEE2SkndGO1JC8WFB
+DMwGrllrkAiZSZKdTEI4377r5LrgYXv7w9tr5jgkrABUohie8SpJOlJqcjzfaF/1
+QJrxZSwSUvOl4EZVziEBSnlwzrfk6G0CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB
+/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1UdDgQWBBQJZhZSYbjBi9rtQKSFx1NFMldM
+hDANBgkqhkiG9w0BAQsFAAOCAQEAXTYMg/3eQ46E+s6OoZ3wb4diYXfblgvdAlL4
+LYLGeQJ+Jys5iJ6cou+Ck3xsSpXr5+6ElwyP/T8DieHdZHYy/JC/EhU8O+nxsszr
+zjxJGQWVBqlzsVSsELhJcH6OC5xhUw8F1Xpy95trpRTSQB7fkxrqWnEIgacKUuns
+s5ntL3BJzOhNnxZM7dydFL3citM1lrfDLr2pErrXPFpLbul0yCT4sWZeriKbj4vh
+7N/1CQ2cvChOSHAbB9KMUeCBDJgWP7u4zqVLQv/mTfjB0tXRWYMLsr2koyCOhcWj
+MA5NnUuEfXtLLcCUbekk26SgYLKz+AGk6gAMN7ofsYLPOtTShw==
+-----END CERTIFICATE-----
projects / thirdparty / gnutls.git / commitdiff
