wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix incorrect DER encoding of SETs and all knock-ons from that.

Browse source
This commit is contained in:
Ben Laurie 1998-12-29 21:43:55 +00:00
parent 03f8b04277
commit 4098e89cbf
12 changed files with 183 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
CHANGES
View file

@ -5,6 +5,15 @@
Changes between 0.9.1c and 0.9.1d
*) SETs were incorrectly DER encoded. This was a major pain, because they
shared code with SEQUENCEs, which aren't coded the same. This means that
almost everything to do with SETs or SEQUENCEs has either changed name or
number of arguments.
[Ben Laurie, based on a partial fix by GP Jayan <gp@nsj.co.jp>]
*) Fix test data to work with the above.
[Ben Laurie]
*) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
was already fixed by Eric for 0.9.1 it seems.
[Ben Laurie - pointed out by Ulf M<>öller <ulf@fitug.de>]

81
crypto/asn1/a_set.c
View file

@ -62,17 +62,43 @@
/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ERR_R_MALLOC_FAILURE);
*/
typedef struct
{
unsigned char *pbData;
int cbData;
} MYBLOB;
int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class)
/* SetBlobCmp
* This function compares two elements of SET_OF block
*/
static int SetBlobCmp(const void *elem1, const void *elem2 )
{
MYBLOB *b1 = (MYBLOB *)elem1;
MYBLOB *b2 = (MYBLOB *)elem2;
int r;
r = memcmp(b1->pbData, b2->pbData,
b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
if(r != 0)
return r;
return b1->cbData-b2->cbData;
}
int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class,is_set)
STACK *a;
unsigned char **pp;
int (*func)();
int ex_tag;
int ex_class;
int is_set; /* if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
{
int ret=0,r;
int i;
unsigned char *p;
unsigned char *pStart, *pTempMem;
MYBLOB *rgSetBlob;
int totSize;
if (a == NULL) return(0);
for (i=sk_num(a)-1; i>=0; i--)
@ -82,12 +108,55 @@ int ex_class;
p= *pp;
ASN1_put_object(&p,1,ret,ex_tag,ex_class);
for (i=0; i<sk_num(a); i++)
func(sk_value(a,i),&p);
*pp=p;
return(r);
}
/* Modified by gp@nsj.co.jp */
/* And then again by Ben */
/* And again by Steve */
if(!is_set || (sk_num(a) < 2))
{
for (i=0; i<sk_num(a); i++)
func(sk_value(a,i),&p);
*pp=p;
return(r);
}
pStart = p; /* Catch the beg of Setblobs*/
rgSetBlob = (MYBLOB *)Malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
we will store the SET blobs */
for (i=0; i<sk_num(a); i++)
{
rgSetBlob[i].pbData = p; /* catch each set encode blob */
func(sk_value(a,i),&p);
rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
SetBlob
*/
}
*pp=p;
totSize = p - pStart; /* This is the total size of all set blobs */
/* Now we have to sort the blobs. I am using a simple algo.
*Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
pTempMem = Malloc(totSize);
/* Copy to temp mem */
p = pTempMem;
for(i=0; i<sk_num(a); ++i)
{
memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
p += rgSetBlob[i].cbData;
}
/* Copy back to user mem*/
memcpy(pStart, pTempMem, totSize);
Free(pTempMem);
Free(rgSetBlob);
return(r);
}
STACK *d2i_ASN1_SET(a,pp,length,func,free_func,ex_tag,ex_class)
STACK **a;

5
crypto/asn1/asn1.h
View file

@ -430,8 +430,11 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
long length);
/* for the is_set parameter to i2d_ASN1_SET */
#define IS_SEQUENCE 0
#define IS_SET 1
int i2d_ASN1_SET(STACK *a, unsigned char **pp,
int (*func)(), int ex_tag, int ex_class);
int (*func)(), int ex_tag, int ex_class, int is_set);
STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
char *(*func)(), void (*free_func)(),
int ex_tag, int ex_class);

82
crypto/asn1/asn1_mac.h
View file

@ -162,6 +162,10 @@ err:\
if ((a != NULL) && (sk_num(a) != 0)) \
M_ASN1_I2D_put_SET(a,f);
#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
if ((a != NULL) && (sk_num(a) != 0)) \
M_ASN1_I2D_put_SEQUENCE(a,f);
#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
if ((c.slen != 0) && \
(M_ASN1_next == \
@ -262,21 +266,32 @@ err:\
#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
#define M_ASN1_I2D_len_SET(a,f) \
ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL);
ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
#define M_ASN1_I2D_len_SEQ(a,f) \
ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
#define M_ASN1_I2D_len_SEQUENCE(a,f) \
ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
IS_SEQUENCE);
#define M_ASN1_I2D_len_SEQ_opt(a,f) \
#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
if ((a != NULL) && (sk_num(a) != 0)) \
M_ASN1_I2D_len_SEQ(a,f);
M_ASN1_I2D_len_SEQUENCE(a,f);
#define M_ASN1_I2D_len_IMP_set(a,f,x) \
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
#define M_ASN1_I2D_len_IMP_set_opt(a,f,x) \
#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
if ((a != NULL) && (sk_num(a) != 0)) \
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
IS_SET);
#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
IS_SEQUENCE);
#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
if ((a != NULL) && (sk_num(a) != 0)) \
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
IS_SEQUENCE);
#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
if (a != NULL)\
@ -285,10 +300,18 @@ err:\
ret+=ASN1_object_size(1,v,mtag); \
}
#define M_ASN1_I2D_len_EXP_set_opt(a,f,mtag,tag,v) \
#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
if ((a != NULL) && (sk_num(a) != 0))\
{ \
v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL); \
v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
ret+=ASN1_object_size(1,v,mtag); \
}
#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
if ((a != NULL) && (sk_num(a) != 0))\
{ \
v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
IS_SEQUENCE); \
ret+=ASN1_object_size(1,v,mtag); \
}
@ -304,20 +327,28 @@ err:\
}
#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
V_ASN1_UNIVERSAL)
#define M_ASN1_I2D_put_IMP_set(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
V_ASN1_CONTEXT_SPECIFIC)
V_ASN1_UNIVERSAL,IS_SET)
#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
V_ASN1_CONTEXT_SPECIFIC,IS_SET)
#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
#define M_ASN1_I2D_put_SEQ(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
V_ASN1_UNIVERSAL)
#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
V_ASN1_UNIVERSAL,IS_SEQUENCE)
#define M_ASN1_I2D_put_SEQ_opt(a,f) \
#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
if ((a != NULL) && (sk_num(a) != 0)) \
M_ASN1_I2D_put_SEQ(a,f);
M_ASN1_I2D_put_SEQUENCE(a,f);
#define M_ASN1_I2D_put_IMP_set_opt(a,f,x) \
#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
if ((a != NULL) && (sk_num(a) != 0)) \
{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC); }
{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
IS_SET); }
#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
if ((a != NULL) && (sk_num(a) != 0)) \
{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
IS_SEQUENCE); }
#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
if (a != NULL) \
@ -326,11 +357,18 @@ err:\
f(a,&p); \
}
#define M_ASN1_I2D_put_EXP_set_opt(a,f,mtag,tag,v) \
#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
if ((a != NULL) && (sk_num(a) != 0)) \
{ \
ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL); \
i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
}
#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
if ((a != NULL) && (sk_num(a) != 0)) \
{ \
ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
}
#define M_ASN1_I2D_seq_total() \

8
crypto/asn1/p7_s_e.c
View file

@ -76,8 +76,8 @@ unsigned char **pp;
M_ASN1_I2D_len_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
M_ASN1_I2D_len_SET(a->md_algs,i2d_X509_ALGOR);
M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
M_ASN1_I2D_len_IMP_set_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_len_IMP_set_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_len_IMP_SEQUENCE_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_len_IMP_SET_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_len_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
M_ASN1_I2D_seq_total();
@ -86,8 +86,8 @@ unsigned char **pp;
M_ASN1_I2D_put_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
M_ASN1_I2D_put_SET(a->md_algs,i2d_X509_ALGOR);
M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
M_ASN1_I2D_put_IMP_set_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_put_IMP_set_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_put_IMP_SEQUENCE_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_put_IMP_SET_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_put_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
M_ASN1_I2D_finish();

8
crypto/asn1/p7_signd.c
View file

@ -75,8 +75,8 @@ unsigned char **pp;
M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
M_ASN1_I2D_len_SET(a->md_algs,i2d_X509_ALGOR);
M_ASN1_I2D_len(a->contents,i2d_PKCS7);
M_ASN1_I2D_len_IMP_set_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_len_IMP_set_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_len_IMP_SEQUENCE_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_len_IMP_SET_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_len_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
M_ASN1_I2D_seq_total();
@ -84,8 +84,8 @@ unsigned char **pp;
M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
M_ASN1_I2D_put_SET(a->md_algs,i2d_X509_ALGOR);
M_ASN1_I2D_put(a->contents,i2d_PKCS7);
M_ASN1_I2D_put_IMP_set_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_put_IMP_set_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_put_IMP_SEQUENCE_opt(a->cert,i2d_X509,0);
M_ASN1_I2D_put_IMP_SET_opt(a->crl,i2d_X509_CRL,1);
M_ASN1_I2D_put_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
M_ASN1_I2D_finish();

8
crypto/asn1/p7_signi.c
View file

@ -75,20 +75,20 @@ unsigned char **pp;
M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR);
M_ASN1_I2D_len_IMP_set_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_len_IMP_SET_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR);
M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING);
M_ASN1_I2D_len_IMP_set_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
M_ASN1_I2D_len_IMP_SET_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR);
M_ASN1_I2D_put_IMP_set_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_put_IMP_SET_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR);
M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING);
M_ASN1_I2D_put_IMP_set_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
M_ASN1_I2D_put_IMP_SET_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
M_ASN1_I2D_finish();
}

2
crypto/asn1/x_attrib.c
View file

@ -93,7 +93,7 @@ unsigned char **pp;
ret+=i2d_ASN1_OBJECT(a->object,p);
if (a->set)
ret+=i2d_ASN1_SET(a->value.set,p,i2d_ASN1_TYPE,
V_ASN1_SET,V_ASN1_UNIVERSAL);
V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
else
ret+=i2d_ASN1_TYPE(a->value.single,p);
if (k++) return(r);

4
crypto/asn1/x_cinf.c
View file

@ -81,7 +81,7 @@ unsigned char **pp;
M_ASN1_I2D_len(a->key, i2d_X509_PUBKEY);
M_ASN1_I2D_len_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING);
M_ASN1_I2D_len_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING);
M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
M_ASN1_I2D_len_EXP_SEQUENCE_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
M_ASN1_I2D_seq_total();
@ -94,7 +94,7 @@ unsigned char **pp;
M_ASN1_I2D_put(a->key, i2d_X509_PUBKEY);
M_ASN1_I2D_put_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING,1);
M_ASN1_I2D_put_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING,2);
M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
M_ASN1_I2D_put_EXP_SEQUENCE_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
M_ASN1_I2D_finish();
}

12
crypto/asn1/x_crl.c
View file

@ -86,13 +86,13 @@ unsigned char **pp;
M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
M_ASN1_I2D_len_SEQUENCE_opt(a->extensions,i2d_X509_EXTENSION);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
M_ASN1_I2D_put_SEQUENCE_opt(a->extensions,i2d_X509_EXTENSION);
M_ASN1_I2D_finish();
}
@ -133,8 +133,8 @@ unsigned char **pp;
M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
if (a->nextUpdate != NULL)
{ M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); }
M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
M_ASN1_I2D_len_SEQUENCE_opt(a->revoked,i2d_X509_REVOKED);
M_ASN1_I2D_len_EXP_SEQUENCE_opt(a->extensions,i2d_X509_EXTENSION,0,
V_ASN1_SEQUENCE,v1);
M_ASN1_I2D_seq_total();
@ -148,8 +148,8 @@ unsigned char **pp;
M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
if (a->nextUpdate != NULL)
{ M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); }
M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
M_ASN1_I2D_put_SEQUENCE_opt(a->revoked,i2d_X509_REVOKED);
M_ASN1_I2D_put_EXP_SEQUENCE_opt(a->extensions,i2d_X509_EXTENSION,0,
V_ASN1_SEQUENCE,v1);
M_ASN1_I2D_finish();

8
crypto/asn1/x_req.c
View file

@ -87,11 +87,11 @@ unsigned char **pp;
*/
if (a->req_kludge)
{
M_ASN1_I2D_len_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_len_IMP_SET_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
}
else
{
M_ASN1_I2D_len_IMP_set(a->attributes, i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_len_IMP_SET(a->attributes, i2d_X509_ATTRIBUTE,0);
}
M_ASN1_I2D_seq_total();
@ -107,11 +107,11 @@ unsigned char **pp;
*/
if (a->req_kludge)
{
M_ASN1_I2D_put_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_put_IMP_SET_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
}
else
{
M_ASN1_I2D_put_IMP_set(a->attributes,i2d_X509_ATTRIBUTE,0);
M_ASN1_I2D_put_IMP_SET(a->attributes,i2d_X509_ATTRIBUTE,0);
}
M_ASN1_I2D_finish();

20
test/testp7.pem
View file

@ -33,14 +33,14 @@ AQEFAANLADBIAkEA7Fc6zYJw4WwCWa1ni3fYNbzGSQNluuw990024GusjLfhEk1h
MsIUukTT/n8yxoO7rYp4x+LS+tHF2tBtuxg7CwIDAQABoyIwIDALBgNVHQ8EBAMC
AQYwEQYJYIZIAYb4QgEBBAQDAgIEMA0GCSqGSIb3DQEBAgUAA0EAFKem0cJGg9nd
TAbP5o1HIEyNn11ZlvLU5v1Hejs1MKQt72IMm4jjgOH+pjguXW8lB6yzrK4oVOO2
UNCaNQ1H26GCAa0wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UEBxMISW50
ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3MTcxNzU5
MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsWsQmste9f
+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9XfZsaiiI
gotQHjCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVTMRcwFQYDVQQK
Ew5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBDQRcNOTYwNzE3
MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANBAHitA0/xAukC
jHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMlExONA3ju10f7
owIq3s3wx10xAAAAAAA=
UNCaNQ1H26GCAa0wgcEwbTANBgkqhkiG9w0BAQIFADA+MQswCQYDVQQGEwJVUzEX
MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xFjAUBgNVBAsTDVRFU1QgUm9vdCBQQ0EX
DTk2MDcxNzE3NDQwOVoXDTk4MDcxNzAwMDAwMFowDQYJKoZIhvcNAQECBQADQQB4
rQNP8QLpAox83odQDE/5dqAuvDfshW/miTxwQTMXOoBtjGiowTcG+YXF1JZTJRMT
jQN47tdH+6MCKt7N8MddMIHmMIGRMA0GCSqGSIb3DQEBAgUAMGIxETAPBgNVBAcT
CEludGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVy
aVNpZ24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlchcNOTYwNzE3
MTc1OTI5WhcNOTcwNzE4MDAwMDAwWjANBgkqhkiG9w0BAQIFAANBALm1VmE7FrEJ
rLXvX/lIDMPAZIw5TNuX8EC6wn5ppy8Y3sHstdJEkTsqVGiS2/q+KEQC3NHxvV32
bGooiIKLUB4xAAAAAAA=
-----END PKCS7-----