Skip to content

Commit

Permalink
Add lint to check for a valid business category in EV certificates (#830
Browse files Browse the repository at this point in the history 
)

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Update lint_invalid_subject_rdn_order_test.go

Added //nolint:all to comment block to avoid golangci-lint to complain about duplicate words in comment

* Update lint_invalid_subject_rdn_order.go

Fixed import block

* Update v3/lints/cabf_br/lint_invalid_subject_rdn_order.go

Fine to me.

Co-authored-by: Christopher Henderson <[email protected]>

* Update lint_invalid_subject_rdn_order.go

As per Chris Henderson's suggestion, to "improve readability".

* Update lint_invalid_subject_rdn_order_test.go

As per Chris Henderson's suggestion.

* Update time.go

Added CABFEV_Sec9_2_8_Date

* Add files via upload

* Add files via upload

* Revised according to Chris and Corey suggestions

* Add files via upload

* Add files via upload

* Delete v3/lints/cabf_br/lint_e_invalid_cps_uri.go

* Delete v3/lints/cabf_br/lint_e_invalid_cps_uri_test.go

* Delete v3/testdata/invalid_cps_uri_ko_01.pem

* Delete v3/testdata/invalid_cps_uri_ko_02.pem

* Delete v3/testdata/invalid_cps_uri_ko_03.pem

* Delete v3/testdata/invalid_cps_uri_ok_01.pem

* Delete v3/testdata/invalid_cps_uri_ok_02.pem

* Delete v3/testdata/invalid_cps_uri_ok_03.pem

* Add files via upload

* Add files via upload

* Add files via upload

* Update lint_ev_invalid_business_category.go

* Add files via upload

* Add files via upload

* Set correct Error Count for new lint

* Update config.json

* Update config.json

* Delete v3/lints/cabf_ev/lint_ev_orgid_inconsistent_subj_and_ext.go

* Delete v3/lints/cabf_ev/lint_ev_orgid_inconsistent_subj_and_ext_test.go

* Delete v3/testdata/orgid_subj_and_ext_ko_01.pem

* Delete v3/testdata/orgid_subj_and_ext_ko_02.pem

* Delete v3/testdata/orgid_subj_and_ext_ko_03.pem

* Delete v3/testdata/orgid_subj_and_ext_ok_01.pem

* Delete v3/testdata/orgid_subj_and_ext_ok_02.pem

* Delete v3/testdata/orgid_subj_and_ext_ok_03.pem

* Delete v3/testdata/orgid_subj_and_ext_ok_04.pem

* Delete v3/testdata/orgid_subj_and_ext_ok_05.pem

* Update time.go

* Update v3/lints/cabf_ev/lint_ev_invalid_business_category.go

Co-authored-by: Martijn Katerbarg <[email protected]>

* Add files via upload

* Update lint_ev_invalid_business_category.go

* Update config.json

---------

Co-authored-by: Christopher Henderson <[email protected]>
Co-authored-by: Martijn Katerbarg <[email protected]>
  • Loading branch information
@defacto64 @christopher-henderson @XolphinMartijn
3 people authored Jul 14, 2024
1 parent 2440571 commit 015d220
Show file tree
Hide file tree
Showing 11 changed files with 971 additions and 0 deletions.
3 changes: 3 additions & 0 deletions v3/integration/config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -426,6 +426,9 @@
"ErrCount": 2
},
"e_ev_country_name_missing": {},
"e_ev_invalid_business_category": {
"ErrCount": 10957
},
"e_ev_not_wildcard": {
"ErrCount": 1
},
Expand Down
69 changes: 69 additions & 0 deletions v3/lints/cabf_ev/lint_ev_invalid_business_category.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
/*
* ZLint Copyright 2024 Regents of the University of Michigan
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy
* of the License at http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied. See the License for the specific language governing
* permissions and limitations under the License.
*/

/*
* Contributed by Adriano Santoni <[email protected]>
* of ACTALIS S.p.A. (www.actalis.com).
*/

package cabf_ev

import (
"github.com/zmap/zcrypto/x509"
"github.com/zmap/zlint/v3/lint"
"github.com/zmap/zlint/v3/util"
)

func init() {
lint.RegisterCertificateLint(&lint.CertificateLint{
LintMetadata: lint.LintMetadata{
Name: "e_ev_invalid_business_category",
Description: "Checks that businessCategory contains a valid value as per EV Guidelines 7.1.4.2.3",
Citation: "EVGs 7.1.4.2.3",
Source: lint.CABFEVGuidelines,
EffectiveDate: util.ZeroDate,
},
Lint: NewInvalidBusinessCategory,
})
}

type invalidBusinessCategory struct{}

func NewInvalidBusinessCategory() lint.LintInterface {
return &invalidBusinessCategory{}
}

func (l *invalidBusinessCategory) CheckApplies(c *x509.Certificate) bool {
return util.IsEV(c.PolicyIdentifiers) && util.IsSubscriberCert(c)
}

func (l *invalidBusinessCategory) Execute(c *x509.Certificate) *lint.LintResult {

for _, v := range c.Subject.Names {
if util.BusinessOID.Equal(v.Type) {
businessCategory := v.Value
if (businessCategory == "Private Organization") ||
(businessCategory == "Government Entity") ||
(businessCategory == "Business Entity") ||
(businessCategory == "Non-Commercial Entity") {
return &lint.LintResult{Status: lint.Pass}
} else {
return &lint.LintResult{Status: lint.Error}
}
}
}

// businessCategory missing: that's an error, but is not this lint's business
return &lint.LintResult{Status: lint.NA}
}
88 changes: 88 additions & 0 deletions v3/lints/cabf_ev/lint_ev_invalid_business_category_test.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
/*
* ZLint Copyright 2024 Regents of the University of Michigan
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy
* of the License at http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied. See the License for the specific language governing
* permissions and limitations under the License.
*/

/*
=== Pass test cases ===
invalid_business_cat_ok_01.pem EV cert with valid businessCategory == "Private Organization"
invalid_business_cat_ok_04.pem EV cert with valid businessCategory == "Government Entity"
invalid_business_cat_ok_05.pem EV cert with valid businessCategory == "Business Entity"
invalid_business_cat_ok_06.pem EV cert with valid businessCategory == "Non‐Commercial Entity"
=== NA test cases ===
invalid_business_cat_ok_02.pem EV cert without businessCategory
invalid_business_cat_ok_03.pem OV cert with invalid businessCategory
=== Fail test cases ===
invalid_business_cat_ko_01.pem EV cert with slightly invalid businessCategory
invalid_business_cat_ko_02.pem EV cert with grossly invalid businessCategory
*/

package cabf_ev

import (
"testing"

"github.com/zmap/zlint/v3/lint"
"github.com/zmap/zlint/v3/test"
)

func TestInvalidBusinessCategory(t *testing.T) {
type Data struct {
input string
want lint.LintStatus
}
data := []Data{
{
input: "invalid_business_cat_ok_01.pem",
want: lint.Pass,
},
{
input: "invalid_business_cat_ok_04.pem",
want: lint.Pass,
},
{
input: "invalid_business_cat_ok_05.pem",
want: lint.Pass,
},
{
input: "invalid_business_cat_ok_06.pem",
want: lint.Pass,
},
{
input: "invalid_business_cat_ok_02.pem",
want: lint.NA,
},
{
input: "invalid_business_cat_ok_03.pem",
want: lint.NA,
},
{
input: "invalid_business_cat_ko_01.pem",
want: lint.Error,
},
{
input: "invalid_business_cat_ko_02.pem",
want: lint.Error,
},
}
for _, testData := range data {
testData := testData
t.Run(testData.input, func(t *testing.T) {
out := test.TestLint("e_ev_invalid_business_category", testData.input)
if out.Status != testData.want {
t.Errorf("expected %s, got %s", testData.want, out.Status)
}
})
}
}
101 changes: 101 additions & 0 deletions v3/testdata/invalid_business_cat_ko_01.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b9:12:bb:65:5d:81:3c:72:af:02:67:0f:05:5d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = EU, O = Some CA, CN = Fake CA for zlint testing
Validity
Not Before: Apr 9 11:59:35 2024 GMT
Not After : Apr 9 11:59:35 2025 GMT
Subject: C = IT, ST = Some State or Province, L = Somewhere, O = Some Company Ltd., CN = example.com, serialNumber = 1234567890, businessCategory = Private Organisation
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e5:86:9a:c7:d8:f5:f7:84:22:0e:c7:e2:81:
64:b3:9f:b6:8b:ab:30:be:50:64:be:60:a3:e5:e1:
50:dc:36:e3:47:96:05:f0:01:60:9f:ea:de:19:b8:
7f:8f:30:90:a3:98:8b:2f:d7:7a:f5:0b:30:16:07:
c0:15:54:08:fe:c7:20:41:f6:63:25:54:df:72:7f:
2f:8f:10:a2:0c:f6:d7:c6:3a:a7:77:20:a1:5c:c1:
98:fc:42:c4:8a:55:77:fc:b4:52:81:5c:eb:b6:00:
79:21:ce:a8:7b:66:69:bc:b2:d5:8c:3f:a9:6d:4c:
1b:6b:e1:85:cb:6f:3e:97:c7:79:f7:e7:00:6d:1a:
ca:98:e4:60:bc:fd:42:81:a9:ae:85:42:b2:1f:c2:
32:32:5f:00:d2:ab:82:3a:03:52:7f:02:92:df:8b:
de:d1:05:cc:d7:27:2f:77:cd:e2:3e:37:a1:49:0c:
db:57:21:b4:9b:d1:0d:ae:00:e2:2c:d5:73:08:82:
97:3d:d3:46:bc:4c:19:15:c9:b7:fe:70:95:47:71:
bc:b1:bc:61:22:e1:da:c6:38:fd:9c:f6:fd:bb:87:
ba:4c:94:c0:b9:cc:5d:fe:42:b3:aa:22:cb:bf:87:
e8:94:1e:f1:85:17:39:9c:e1:4c:98:69:94:96:53:
b1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
97:F9:56:33:D9:8E:3E:D8:10:8F:7F:36:04:04:5E:73:04:F4:CE:F5
X509v3 Authority Key Identifier:
keyid:E8:B6:F6:76:4B:D0:3B:E5:46:A5:F9:54:D4:7E:07:B3:DE:0D:60:3E

Authority Information Access:
OCSP - URI:http://ca.someca-inc.com/ocsp
CA Issuers - URI:http://ca.someca-inc.com/root

X509v3 Subject Alternative Name:
DNS:example.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.1

X509v3 CRL Distribution Points:

Full Name:
URI:http://ca.someca-inc.com/crl

Signature Algorithm: sha256WithRSAEncryption
06:3d:2e:1a:b3:ea:07:bc:73:8c:fa:2d:37:ff:b7:93:d8:10:
a2:2e:3a:d7:f4:3a:8e:75:51:56:a2:9a:61:37:7b:15:80:1c:
31:00:bc:27:35:8d:92:aa:54:5b:13:30:4a:76:65:3b:dd:0b:
4d:8d:f3:df:76:54:97:fd:ec:e6:14:92:06:91:08:c5:6d:02:
ed:88:aa:c8:30:00:f8:12:9d:f9:4e:bc:f4:de:21:c5:ee:55:
e9:27:43:8c:13:a6:d2:a2:9a:cd:48:aa:e7:64:0a:88:91:78:
ae:f5:de:a2:b9:cd:6a:42:94:00:0c:49:3e:d9:8a:81:25:81:
d7:04:09:07:32:f9:dc:dd:76:e9:3c:1c:d7:65:74:b3:5c:fd:
b8:aa:f2:76:f8:59:97:a0:47:14:e7:8c:5e:ed:fd:af:41:dd:
d6:51:87:1e:0a:a7:35:d6:77:04:42:0a:b7:f2:aa:80:e9:62:
27:0e:dd:b8:4d:7e:1a:af:75:1c:0a:f0:31:aa:c1:8e:cf:e7:
c6:bd:4a:7c:0a:c2:98:18:2e:a0:8d:76:a6:86:e2:0c:3f:4b:
bf:44:56:cf:2f:ad:02:6a:61:9e:0f:37:8a:91:1a:26:08:ca:
31:ed:d1:78:fc:cf:fd:49:80:dc:64:fc:c0:53:9d:45:32:f4:
6f:0d:07:f9
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIQLbkSu2VdgTxyrwJnDwVdazANBgkqhkiG9w0BAQsFADBD
MQswCQYDVQQGEwJFVTEQMA4GA1UEChMHU29tZSBDQTEiMCAGA1UEAxMZRmFrZSBD
QSBmb3IgemxpbnQgdGVzdGluZzAeFw0yNDA0MDkxMTU5MzVaFw0yNTA0MDkxMTU5
MzVaMIGoMQswCQYDVQQGEwJJVDEfMB0GA1UECBMWU29tZSBTdGF0ZSBvciBQcm92
aW5jZTESMBAGA1UEBxMJU29tZXdoZXJlMRowGAYDVQQKExFTb21lIENvbXBhbnkg
THRkLjEUMBIGA1UEAxMLZXhhbXBsZS5jb20xEzARBgNVBAUTCjEyMzQ1Njc4OTAx
HTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pc2F0aW9uMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAo+WGmsfY9feEIg7H4oFks5+2i6swvlBkvmCj5eFQ3Dbj
R5YF8AFgn+reGbh/jzCQo5iLL9d69QswFgfAFVQI/scgQfZjJVTfcn8vjxCiDPbX
xjqndyChXMGY/ELEilV3/LRSgVzrtgB5Ic6oe2ZpvLLVjD+pbUwba+GFy28+l8d5
9+cAbRrKmORgvP1CgamuhUKyH8IyMl8A0quCOgNSfwKS34ve0QXM1ycvd83iPjeh
SQzbVyG0m9ENrgDiLNVzCIKXPdNGvEwZFcm3/nCVR3G8sbxhIuHaxjj9nPb9u4e6
TJTAucxd/kKzqiLLv4folB7xhRc5nOFMmGmUllOxSQIDAQABo4IBNDCCATAwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAdBgNV
HQ4EFgQUl/lWM9mOPtgQj382BARecwT0zvUwHwYDVR0jBBgwFoAU6Lb2dkvQO+VG
pflU1H4Hs94NYD4wZAYIKwYBBQUHAQEEWDBWMCkGCCsGAQUFBzABhh1odHRwOi8v
Y2Euc29tZWNhLWluYy5jb20vb2NzcDApBggrBgEFBQcwAoYdaHR0cDovL2NhLnNv
bWVjYS1pbmMuY29tL3Jvb3QwFgYDVR0RBA8wDYILZXhhbXBsZS5jb20wEgYDVR0g
BAswCTAHBgVngQwBATAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vY2Euc29tZWNh
LWluYy5jb20vY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAGPS4as+oHvHOM+i03/7eT
2BCiLjrX9DqOdVFWopphN3sVgBwxALwnNY2SqlRbEzBKdmU73QtNjfPfdlSX/ezm
FJIGkQjFbQLtiKrIMAD4Ep35Trz03iHF7lXpJ0OME6bSoprNSKrnZAqIkXiu9d6i
uc1qQpQADEk+2YqBJYHXBAkHMvnc3XbpPBzXZXSzXP24qvJ2+FmXoEcU54xe7f2v
Qd3WUYceCqc11ncEQgq38qqA6WInDt24TX4ar3UcCvAxqsGOz+fGvUp8CsKYGC6g
jXamhuIMP0u/RFbPL60CamGeDzeKkRomCMox7dF4/M/9SYDcZPzAU51FMvRvDQf5
-----END CERTIFICATE-----
102 changes: 102 additions & 0 deletions v3/testdata/invalid_business_cat_ko_02.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ff:07:6c:93:bd:fe:38:fd:d7:97:f0:38:44:a3:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = EU, O = Some CA, CN = Fake CA for zlint testing
Validity
Not Before: Apr 9 12:02:34 2024 GMT
Not After : Apr 9 12:02:34 2025 GMT
Subject: C = IT, ST = Some State or Province, L = Somewhere, O = Some Company Ltd., CN = example.com, serialNumber = 1234567890, businessCategory = Blasting & Demolition
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:5c:aa:34:5e:88:e2:13:6d:46:11:7b:9b:
76:b9:44:26:61:ca:a6:63:43:92:4f:3e:73:dd:f2:
7d:92:ef:80:5f:26:44:ea:1f:69:58:5d:a9:f0:23:
43:e5:2e:65:e9:2f:d9:5b:53:c9:13:ad:96:28:c6:
c3:6c:71:3c:56:3e:d6:c8:da:2e:a7:07:ca:da:51:
0d:0f:13:2b:37:5c:1b:32:fd:55:d3:13:fb:83:db:
ca:23:0b:58:a0:ce:86:d1:77:7d:de:26:b1:61:93:
d8:d4:50:c4:63:ae:5e:74:3a:d6:73:a2:53:4c:22:
f0:74:e9:5d:6d:62:5b:be:cf:64:e8:cc:d0:0c:40:
a2:87:e0:af:eb:46:e1:70:91:ed:90:06:d9:8e:df:
7f:f9:ab:e2:18:17:0a:9c:4a:7a:c1:f7:77:2e:91:
a0:f8:e2:89:d6:d1:46:33:a5:f7:39:1c:34:b3:08:
04:b3:c7:ff:8d:f4:dc:83:cf:d4:ff:ca:7c:83:c8:
38:0e:dc:9c:fe:e9:40:ba:86:bd:f0:61:2b:83:e2:
45:e6:32:b3:40:17:64:0a:ca:be:c8:62:e2:69:af:
d5:28:76:86:d4:b4:19:fb:b9:47:24:18:67:dd:36:
ba:80:de:f6:4c:e8:30:1d:83:ce:d6:5e:d9:e8:e5:
ad:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
71:1E:1A:7E:6E:D5:EB:E3:B6:B4:C9:7B:B1:71:69:76:56:44:7E:4E
X509v3 Authority Key Identifier:
keyid:E8:B6:F6:76:4B:D0:3B:E5:46:A5:F9:54:D4:7E:07:B3:DE:0D:60:3E

Authority Information Access:
OCSP - URI:http://ca.someca-inc.com/ocsp
CA Issuers - URI:http://ca.someca-inc.com/root

X509v3 Subject Alternative Name:
DNS:example.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.1

X509v3 CRL Distribution Points:

Full Name:
URI:http://ca.someca-inc.com/crl

Signature Algorithm: sha256WithRSAEncryption
66:3b:aa:ff:45:a3:bf:0c:f0:53:f6:aa:f4:a3:8a:ca:73:1e:
d0:6e:92:63:19:9d:72:02:fe:a9:3c:1c:9e:2c:fb:54:3d:12:
ab:3e:fc:2b:3b:55:9b:3a:a9:97:85:df:a9:5c:b6:50:b8:af:
52:f1:f7:8b:14:9f:db:87:7b:59:80:47:5d:e0:60:87:e9:1e:
6c:a4:8a:76:6b:c4:13:e4:6e:55:32:c3:b6:47:d1:eb:cb:09:
6e:01:54:c4:c2:3d:ea:db:c5:3b:d8:b3:04:42:81:d4:dc:c9:
cf:56:34:e5:d9:dd:01:a0:b4:04:37:e3:66:65:a6:27:a9:e6:
a1:61:e9:c3:94:a5:48:57:f7:7c:d7:7d:f9:e1:fb:6f:9b:65:
f3:3e:5f:86:bb:5a:d2:74:38:2b:23:b8:46:f1:75:50:fa:d0:
e5:e0:9b:35:06:a3:07:25:cd:78:43:30:a2:e0:96:96:93:a0:
7c:ae:7d:55:34:11:d7:40:fc:2c:5f:eb:77:d6:17:65:cd:b7:
11:53:b3:54:f0:03:f2:2c:ef:b0:09:b1:18:d5:c5:03:f3:3f:
be:93:33:c3:35:81:52:f1:93:db:01:5e:9b:c9:4e:fd:96:e3:
73:29:da:44:b6:21:c5:92:27:d1:2d:e6:af:e5:74:e0:0f:76:
a7:a5:b9:d1
-----BEGIN CERTIFICATE-----
MIIErTCCA5WgAwIBAgIQCP8HbJO9/jj915fwOESjQTANBgkqhkiG9w0BAQsFADBD
MQswCQYDVQQGEwJFVTEQMA4GA1UEChMHU29tZSBDQTEiMCAGA1UEAxMZRmFrZSBD
QSBmb3IgemxpbnQgdGVzdGluZzAeFw0yNDA0MDkxMjAyMzRaFw0yNTA0MDkxMjAy
MzRaMIGpMQswCQYDVQQGEwJJVDEfMB0GA1UECBMWU29tZSBTdGF0ZSBvciBQcm92
aW5jZTESMBAGA1UEBxMJU29tZXdoZXJlMRowGAYDVQQKExFTb21lIENvbXBhbnkg
THRkLjEUMBIGA1UEAxMLZXhhbXBsZS5jb20xEzARBgNVBAUTCjEyMzQ1Njc4OTAx
HjAcBgNVBA8MFUJsYXN0aW5nICYgRGVtb2xpdGlvbjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALw8XKo0XojiE21GEXubdrlEJmHKpmNDkk8+c93yfZLv
gF8mROofaVhdqfAjQ+UuZekv2VtTyROtlijGw2xxPFY+1sjaLqcHytpRDQ8TKzdc
GzL9VdMT+4PbyiMLWKDOhtF3fd4msWGT2NRQxGOuXnQ61nOiU0wi8HTpXW1iW77P
ZOjM0AxAoofgr+tG4XCR7ZAG2Y7ff/mr4hgXCpxKesH3dy6RoPjiidbRRjOl9zkc
NLMIBLPH/4303IPP1P/KfIPIOA7cnP7pQLqGvfBhK4PiReYys0AXZArKvshi4mmv
1Sh2htS0Gfu5RyQYZ902uoDe9kzoMB2DztZe2ejlrXsCAwEAAaOCATQwggEwMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYD
VR0OBBYEFHEeGn5u1evjtrTJe7FxaXZWRH5OMB8GA1UdIwQYMBaAFOi29nZL0Dvl
RqX5VNR+B7PeDWA+MGQGCCsGAQUFBwEBBFgwVjApBggrBgEFBQcwAYYdaHR0cDov
L2NhLnNvbWVjYS1pbmMuY29tL29jc3AwKQYIKwYBBQUHMAKGHWh0dHA6Ly9jYS5z
b21lY2EtaW5jLmNvbS9yb290MBYGA1UdEQQPMA2CC2V4YW1wbGUuY29tMBIGA1Ud
IAQLMAkwBwYFZ4EMAQEwLQYDVR0fBCYwJDAioCCgHoYcaHR0cDovL2NhLnNvbWVj
YS1pbmMuY29tL2NybDANBgkqhkiG9w0BAQsFAAOCAQEAZjuq/0WjvwzwU/aq9KOK
ynMe0G6SYxmdcgL+qTwcniz7VD0Sqz78KztVmzqpl4XfqVy2ULivUvH3ixSf24d7
WYBHXeBgh+kebKSKdmvEE+RuVTLDtkfR68sJbgFUxMI96tvFO9izBEKB1NzJz1Y0
5dndAaC0BDfjZmWmJ6nmoWHpw5SlSFf3fNd9+eH7b5tl8z5fhrta0nQ4KyO4RvF1
UPrQ5eCbNQajByXNeEMwouCWlpOgfK59VTQR10D8LF/rd9YXZc23EVOzVPAD8izv
sAmxGNXFA/M/vpMzwzWBUvGT2wFem8lO/ZbjcynaRLYhxZIn0S3mr+V04A92p6W5
0Q==
-----END CERTIFICATE-----
Loading

0 comments on commit 015d220

Please sign in to comment.