summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwoebbe <woebbe@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>2012-01-14 17:12:15 (GMT)
committerwoebbe <woebbe@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>2012-01-14 17:12:15 (GMT)
commit1efaa4a458335720461d187bdf11eea475abebaf (patch)
treed45e77cfb2df36e193bbe0f99a7cfbe74d16584d
downloadqca-1efaa4a458335720461d187bdf11eea475abebaf.tar.gz
qca-1efaa4a458335720461d187bdf11eea475abebaf.tar.xz
compile with GCC 4.7
git-svn-id: svn+ssh://svn.kde.org/home/kde/trunk/kdesupport/qca@1273508 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
-rw-r--r--CMakeLists.txt156
-rw-r--r--COPYING504
-rw-r--r--Doxyfile1290
-rw-r--r--INSTALL36
-rw-r--r--Mainpage.dox399
-rw-r--r--README79
-rw-r--r--TODO92
-rw-r--r--app.pri11
-rw-r--r--certs/README5
-rw-r--r--certs/rootcerts.pem3181
-rw-r--r--cmake/modules/COPYING-CMAKE-SCRIPTS22
-rw-r--r--cmake/modules/FindBotan.cmake48
-rw-r--r--cmake/modules/FindCarbon.cmake13
-rw-r--r--cmake/modules/FindLibGcrypt.cmake50
-rw-r--r--cmake/modules/FindNss.cmake46
-rw-r--r--cmake/modules/FindOpenSSL.cmake108
-rw-r--r--cmake/modules/FindPkcs11Helper.cmake49
-rw-r--r--cmake/modules/FindQt4.cmake883
-rw-r--r--cmake/modules/FindSasl2.cmake41
-rw-r--r--cmake/modules/QcaMacro.cmake21
-rw-r--r--crypto.prf.cmake13
-rw-r--r--crypto.prf.in39
-rw-r--r--examples/CMakeLists.txt23
-rw-r--r--examples/aes-cmac/CMakeLists.txt6
-rw-r--r--examples/aes-cmac/aes-cmac.cpp314
-rw-r--r--examples/aes-cmac/aes-cmac.pro2
-rw-r--r--examples/base64test/CMakeLists.txt6
-rw-r--r--examples/base64test/base64test.cpp67
-rw-r--r--examples/base64test/base64test.pro2
-rw-r--r--examples/certtest/CMakeLists.txt6
-rw-r--r--examples/certtest/certtest.cpp172
-rw-r--r--examples/certtest/certtest.pro2
-rw-r--r--examples/ciphertest/CMakeLists.txt6
-rw-r--r--examples/ciphertest/ciphertest.cpp129
-rw-r--r--examples/ciphertest/ciphertest.pro2
-rw-r--r--examples/cms/CMakeLists.txt6
-rw-r--r--examples/cms/User.pem26
-rw-r--r--examples/cms/Userkey.pem15
-rw-r--r--examples/cms/cms.pro2
-rw-r--r--examples/cms/cmsexample.cpp211
-rw-r--r--examples/cmssigner/TODO18
-rw-r--r--examples/cmssigner/certitem.cpp723
-rw-r--r--examples/cmssigner/certitem.h146
-rw-r--r--examples/cmssigner/certview.ui85
-rw-r--r--examples/cmssigner/certviewdlg.cpp166
-rw-r--r--examples/cmssigner/certviewdlg.h44
-rw-r--r--examples/cmssigner/cmssigner.pro22
-rw-r--r--examples/cmssigner/cmssigner.qrc9
-rw-r--r--examples/cmssigner/icons/cert16.pngbin0 -> 638 bytes
-rw-r--r--examples/cmssigner/icons/crl16.pngbin0 -> 693 bytes
-rw-r--r--examples/cmssigner/icons/keybundle16.pngbin0 -> 786 bytes
-rw-r--r--examples/cmssigner/icons/keypair16.pngbin0 -> 835 bytes
-rw-r--r--examples/cmssigner/icons/publickey16.pngbin0 -> 617 bytes
-rw-r--r--examples/cmssigner/keyselect.ui96
-rw-r--r--examples/cmssigner/keyselectdlg.cpp422
-rw-r--r--examples/cmssigner/keyselectdlg.h66
-rw-r--r--examples/cmssigner/main.cpp954
-rw-r--r--examples/cmssigner/mainwin.ui226
-rw-r--r--examples/cmssigner/pkcs11configdlg/pkcs11config.ui624
-rw-r--r--examples/cmssigner/pkcs11configdlg/pkcs11configdlg.cpp814
-rw-r--r--examples/cmssigner/pkcs11configdlg/pkcs11configdlg.h47
-rw-r--r--examples/cmssigner/pkcs11configdlg/pkcs11configdlg.pri3
-rw-r--r--examples/cmssigner/prompter.cpp318
-rw-r--r--examples/cmssigner/prompter.h57
-rw-r--r--examples/eventhandlerdemo/CMakeLists.txt8
-rw-r--r--examples/eventhandlerdemo/eventhandlerdemo.cpp161
-rw-r--r--examples/eventhandlerdemo/eventhandlerdemo.pro2
-rw-r--r--examples/examples.doco182
-rw-r--r--examples/examples.pri6
-rw-r--r--examples/examples.pro24
-rw-r--r--examples/hashtest/CMakeLists.txt6
-rw-r--r--examples/hashtest/hashtest.cpp74
-rw-r--r--examples/hashtest/hashtest.pro2
-rw-r--r--examples/hextest/CMakeLists.txt6
-rw-r--r--examples/hextest/hextest.cpp66
-rw-r--r--examples/hextest/hextest.pro2
-rw-r--r--examples/keyloader/CMakeLists.txt8
-rw-r--r--examples/keyloader/keyloader.cpp116
-rw-r--r--examples/keyloader/keyloader.pro2
-rw-r--r--examples/mactest/CMakeLists.txt6
-rw-r--r--examples/mactest/mactest.cpp82
-rw-r--r--examples/mactest/mactest.pro2
-rw-r--r--examples/md5crypt/CMakeLists.txt7
-rw-r--r--examples/md5crypt/md5crypt.cpp221
-rw-r--r--examples/md5crypt/md5crypt.pro2
-rw-r--r--examples/providertest/CMakeLists.txt6
-rw-r--r--examples/providertest/providertest.cpp63
-rw-r--r--examples/providertest/providertest.pro2
-rw-r--r--examples/publickeyexample/CMakeLists.txt6
-rw-r--r--examples/publickeyexample/publickeyexample.cpp114
-rw-r--r--examples/publickeyexample/publickeyexample.pro2
-rw-r--r--examples/randomtest/CMakeLists.txt6
-rw-r--r--examples/randomtest/randomtest.cpp69
-rw-r--r--examples/randomtest/randomtest.pro2
-rw-r--r--examples/rsatest/CMakeLists.txt6
-rw-r--r--examples/rsatest/rsatest.cpp153
-rw-r--r--examples/rsatest/rsatest.pro2
-rw-r--r--examples/saslclient/CMakeLists.txt7
-rw-r--r--examples/saslclient/saslclient.cpp565
-rw-r--r--examples/saslclient/saslclient.pro4
-rw-r--r--examples/saslserver/CMakeLists.txt7
-rw-r--r--examples/saslserver/saslserver.cpp510
-rw-r--r--examples/saslserver/saslserver.pro4
-rw-r--r--examples/sslservtest/CMakeLists.txt8
-rw-r--r--examples/sslservtest/sslservtest.cpp269
-rw-r--r--examples/sslservtest/sslservtest.pro4
-rw-r--r--examples/ssltest/CMakeLists.txt9
-rw-r--r--examples/ssltest/ssltest.cpp332
-rw-r--r--examples/ssltest/ssltest.pro4
-rw-r--r--examples/tlssocket/CMakeLists.txt9
-rw-r--r--examples/tlssocket/main.cpp38
-rw-r--r--examples/tlssocket/tlssocket.cpp213
-rw-r--r--examples/tlssocket/tlssocket.h49
-rw-r--r--examples/tlssocket/tlssocket.pro6
-rw-r--r--images/qca-arch.eps4874
-rw-r--r--images/qca-arch.pngbin0 -> 18038 bytes
-rw-r--r--images/qca-arch.svg313
-rw-r--r--include/QtCrypto/QtCrypto1
-rw-r--r--include/QtCrypto/qca.h47
-rw-r--r--include/QtCrypto/qca_basic.h1004
-rw-r--r--include/QtCrypto/qca_cert.h2676
-rw-r--r--include/QtCrypto/qca_core.h1678
-rw-r--r--include/QtCrypto/qca_export.h52
-rw-r--r--include/QtCrypto/qca_keystore.h798
-rw-r--r--include/QtCrypto/qca_publickey.h1496
-rw-r--r--include/QtCrypto/qca_securelayer.h1248
-rw-r--r--include/QtCrypto/qca_securemessage.h955
-rw-r--r--include/QtCrypto/qca_support.h1111
-rw-r--r--include/QtCrypto/qca_textfilter.h327
-rw-r--r--include/QtCrypto/qca_tools.h853
-rw-r--r--include/QtCrypto/qcaprovider.h2987
-rw-r--r--include/QtCrypto/qpipe.h534
-rw-r--r--installwin.bat17
-rw-r--r--man/qcatool2.1191
-rw-r--r--plugins/CMakeLists.txt68
-rw-r--r--plugins/qca-botan/CMakeLists.txt15
-rw-r--r--plugins/qca-botan/COPYING504
-rw-r--r--plugins/qca-botan/README16
-rw-r--r--plugins/qca-botan/botan.qcm39
-rw-r--r--plugins/qca-botan/qca-botan.cpp511
-rw-r--r--plugins/qca-botan/qca-botan.pro16
-rw-r--r--plugins/qca-botan/qca-botan.qc12
-rw-r--r--plugins/qca-botan/qca.qcm55
-rwxr-xr-xplugins/qca-botan/qcextra9
-rw-r--r--plugins/qca-cyrus-sasl/CMakeLists.txt15
-rw-r--r--plugins/qca-cyrus-sasl/COPYING504
-rw-r--r--plugins/qca-cyrus-sasl/README29
-rw-r--r--plugins/qca-cyrus-sasl/configwin.bat56
-rw-r--r--plugins/qca-cyrus-sasl/cyrussasl.qcm50
-rw-r--r--plugins/qca-cyrus-sasl/qca-cyrus-sasl.cpp948
-rw-r--r--plugins/qca-cyrus-sasl/qca-cyrus-sasl.pro33
-rw-r--r--plugins/qca-cyrus-sasl/qca-cyrus-sasl.qc23
-rw-r--r--plugins/qca-gcrypt/CMakeLists.txt15
-rw-r--r--plugins/qca-gcrypt/COPYING504
-rw-r--r--plugins/qca-gcrypt/README17
-rw-r--r--plugins/qca-gcrypt/TODO8
-rw-r--r--plugins/qca-gcrypt/libgcrypt.qcm36
-rw-r--r--plugins/qca-gcrypt/pkcs5.c197
-rw-r--r--plugins/qca-gcrypt/qca-gcrypt.cpp594
-rw-r--r--plugins/qca-gcrypt/qca-gcrypt.pro17
-rw-r--r--plugins/qca-gcrypt/qca-gcrypt.qc12
-rw-r--r--plugins/qca-gcrypt/qca.qcm55
-rw-r--r--plugins/qca-gnupg/CMakeLists.txt24
-rw-r--r--plugins/qca-gnupg/COPYING504
-rw-r--r--plugins/qca-gnupg/README29
-rw-r--r--plugins/qca-gnupg/TODO1
-rw-r--r--plugins/qca-gnupg/configwin.bat56
-rw-r--r--plugins/qca-gnupg/gpgop.cpp1644
-rw-r--r--plugins/qca-gnupg/gpgop.h208
-rw-r--r--plugins/qca-gnupg/gpgproc/README8
-rw-r--r--plugins/qca-gnupg/gpgproc/gpgproc.cpp830
-rw-r--r--plugins/qca-gnupg/gpgproc/gpgproc.h114
-rw-r--r--plugins/qca-gnupg/gpgproc/gpgproc.pri8
-rw-r--r--plugins/qca-gnupg/gpgproc/sprocess.cpp55
-rw-r--r--plugins/qca-gnupg/gpgproc/sprocess.h48
-rw-r--r--plugins/qca-gnupg/qca-gnupg.cpp1795
-rw-r--r--plugins/qca-gnupg/qca-gnupg.pro32
-rw-r--r--plugins/qca-gnupg/qca-gnupg.qc19
-rw-r--r--plugins/qca-logger/CMakeLists.txt17
-rw-r--r--plugins/qca-logger/COPYING504
-rw-r--r--plugins/qca-logger/README49
-rw-r--r--plugins/qca-logger/configwin.bat56
-rw-r--r--plugins/qca-logger/qca-logger.cpp222
-rw-r--r--plugins/qca-logger/qca-logger.pro21
-rw-r--r--plugins/qca-logger/qca-logger.qc20
-rw-r--r--plugins/qca-nss/CMakeLists.txt17
-rw-r--r--plugins/qca-nss/COPYING504
-rw-r--r--plugins/qca-nss/README16
-rw-r--r--plugins/qca-nss/mozilla_nss.qcm42
-rw-r--r--plugins/qca-nss/qca-nss.cpp514
-rw-r--r--plugins/qca-nss/qca-nss.pro16
-rw-r--r--plugins/qca-nss/qca-nss.qc12
-rw-r--r--plugins/qca-nss/qca.qcm55
-rwxr-xr-xplugins/qca-nss/qcextra9
-rw-r--r--plugins/qca-ossl/CMakeLists.txt35
-rw-r--r--plugins/qca-ossl/COPYING504
-rw-r--r--plugins/qca-ossl/README39
-rw-r--r--plugins/qca-ossl/TODO10
-rw-r--r--plugins/qca-ossl/configwin.bat56
-rw-r--r--plugins/qca-ossl/openssl.qcm82
-rw-r--r--plugins/qca-ossl/qca-ossl.cpp7111
-rw-r--r--plugins/qca-ossl/qca-ossl.pro40
-rw-r--r--plugins/qca-ossl/qca-ossl.qc23
-rw-r--r--plugins/qca-pkcs11/CMakeLists.txt21
-rw-r--r--plugins/qca-pkcs11/COPYING504
-rw-r--r--plugins/qca-pkcs11/README89
-rw-r--r--plugins/qca-pkcs11/configwin.bat56
-rw-r--r--plugins/qca-pkcs11/pkcs11_helper.qcm44
-rw-r--r--plugins/qca-pkcs11/qca-pkcs11.cpp3108
-rw-r--r--plugins/qca-pkcs11/qca-pkcs11.pro34
-rw-r--r--plugins/qca-pkcs11/qca-pkcs11.qc23
-rw-r--r--plugins/qca-softstore/CMakeLists.txt17
-rw-r--r--plugins/qca-softstore/COPYING504
-rw-r--r--plugins/qca-softstore/README80
-rw-r--r--plugins/qca-softstore/qca-softstore.cpp1514
-rw-r--r--plugins/qca-softstore/qca-softstore.pro14
-rw-r--r--plugins/qca-softstore/qca-softstore.qc20
-rw-r--r--plugins/qca-test/qca-test.cpp817
-rw-r--r--plugins/qca-test/qca-test.pro14
-rw-r--r--plugins/qca-test/qca-test.qc20
-rw-r--r--plugins/qca-wincrypto/CMakeLists.txt19
-rw-r--r--plugins/qca-wincrypto/COPYING504
-rw-r--r--plugins/qca-wincrypto/README25
-rw-r--r--plugins/qca-wincrypto/configwin.bat56
-rw-r--r--plugins/qca-wincrypto/qca-wincrypto.cpp115
-rw-r--r--plugins/qca-wincrypto/qca-wincrypto.pro21
-rw-r--r--plugins/qca-wingss/COPYING504
-rw-r--r--plugins/qca-wingss/README27
-rw-r--r--plugins/qca-wingss/configwin.bat56
-rw-r--r--plugins/qca-wingss/qca-wingss.cpp2307
-rw-r--r--plugins/qca-wingss/qca-wingss.pro23
-rwxr-xr-xprepare12
-rw-r--r--qca.pro27
-rw-r--r--qca.qc27
-rw-r--r--qca2.pc.cmake11
-rw-r--r--qcm/buildmode.qcm155
-rw-r--r--qcm/buildmode_framework.qcm94
-rw-r--r--qcm/certstore.qcm109
-rw-r--r--qcm/extra.qcm238
-rw-r--r--qcm/qca.qcm120
-rw-r--r--qcm/qcapluginpath.qcm39
-rw-r--r--qcm/qt42.qcm20
-rw-r--r--qcm/universal.qcm49
-rw-r--r--src/CMakeLists.txt158
-rw-r--r--src/botantools/.krazy1
-rw-r--r--src/botantools/README84
-rwxr-xr-xsrc/botantools/addlicenseheaders.sh12
-rwxr-xr-xsrc/botantools/addnamespace.sh6
-rw-r--r--src/botantools/botan/alloc_mmap/mmap_mem.cpp173
-rw-r--r--src/botantools/botan/alloc_mmap/mmap_mem.h58
-rw-r--r--src/botantools/botan/big_base.cpp416
-rw-r--r--src/botantools/botan/big_code.cpp195
-rw-r--r--src/botantools/botan/big_io.cpp88
-rw-r--r--src/botantools/botan/big_ops2.cpp272
-rw-r--r--src/botantools/botan/big_ops3.cpp234
-rw-r--r--src/botantools/botan/bit_ops.cpp128
-rw-r--r--src/botantools/botan/botan/allocate.h71
-rw-r--r--src/botantools/botan/botan/bigint.h208
-rw-r--r--src/botantools/botan/botan/bit_ops.h94
-rw-r--r--src/botantools/botan/botan/charset.h85
-rw-r--r--src/botantools/botan/botan/defalloc.h71
-rw-r--r--src/botantools/botan/botan/exceptn.h246
-rw-r--r--src/botantools/botan/botan/libstate.h181
-rw-r--r--src/botantools/botan/botan/mem_ops.h66
-rw-r--r--src/botantools/botan/botan/mem_pool.h113
-rw-r--r--src/botantools/botan/botan/mmap_mem.h58
-rw-r--r--src/botantools/botan/botan/modules.h109
-rw-r--r--src/botantools/botan/botan/mp_asm.h81
-rw-r--r--src/botantools/botan/botan/mp_asmi.h215
-rw-r--r--src/botantools/botan/botan/mp_core.h118
-rw-r--r--src/botantools/botan/botan/mp_types.h61
-rw-r--r--src/botantools/botan/botan/mutex.h101
-rw-r--r--src/botantools/botan/botan/mux_qt.h54
-rw-r--r--src/botantools/botan/botan/numthry.h131
-rw-r--r--src/botantools/botan/botan/parsing.h70
-rw-r--r--src/botantools/botan/botan/secmem.h245
-rw-r--r--src/botantools/botan/botan/stl_util.h114
-rw-r--r--src/botantools/botan/botan/types.h86
-rw-r--r--src/botantools/botan/botan/util.h76
-rw-r--r--src/botantools/botan/charset.cpp224
-rw-r--r--src/botantools/botan/defalloc.cpp142
-rw-r--r--src/botantools/botan/divide.cpp136
-rw-r--r--src/botantools/botan/exceptn.cpp102
-rw-r--r--src/botantools/botan/libstate.cpp487
-rw-r--r--src/botantools/botan/license.txt23
-rw-r--r--src/botantools/botan/mem_pool.cpp319
-rw-r--r--src/botantools/botan/ml_unix/mlock.cpp67
-rw-r--r--src/botantools/botan/ml_win32/mlock.cpp59
-rw-r--r--src/botantools/botan/modules.cpp324
-rw-r--r--src/botantools/botan/mp_asm.cpp243
-rw-r--r--src/botantools/botan/mp_comba.cpp416
-rw-r--r--src/botantools/botan/mp_misc.cpp151
-rw-r--r--src/botantools/botan/mp_mul.cpp212
-rw-r--r--src/botantools/botan/mp_mulop.cpp68
-rw-r--r--src/botantools/botan/mp_shift.cpp144
-rw-r--r--src/botantools/botan/mutex.cpp133
-rw-r--r--src/botantools/botan/mux_qt/mux_qt.cpp64
-rw-r--r--src/botantools/botan/mux_qt/mux_qt.h54
-rw-r--r--src/botantools/botan/parsing.cpp278
-rw-r--r--src/botantools/botan/util.cpp121
-rw-r--r--src/botantools/botantools.diff1276
-rw-r--r--src/botantools/botantools.h30
-rw-r--r--src/botantools/botantools.pri52
-rw-r--r--src/botantools/btest.cpp26
-rw-r--r--src/botantools/btest.pro7
-rwxr-xr-xsrc/botantools/removeadded.sh8
-rw-r--r--src/botantools/wrapns.c270
-rw-r--r--src/qca_basic.cpp547
-rw-r--r--src/qca_cert.cpp2987
-rw-r--r--src/qca_core.cpp2128
-rw-r--r--src/qca_default.cpp1323
-rw-r--r--src/qca_keystore.cpp1719
-rw-r--r--src/qca_plugin.cpp808
-rw-r--r--src/qca_plugin.h74
-rw-r--r--src/qca_publickey.cpp1501
-rw-r--r--src/qca_safeobj.cpp33
-rw-r--r--src/qca_safeobj.h107
-rw-r--r--src/qca_securelayer.cpp1989
-rw-r--r--src/qca_securemessage.cpp687
-rw-r--r--src/qca_systemstore.h36
-rw-r--r--src/qca_systemstore_flatfile.cpp38
-rw-r--r--src/qca_systemstore_mac.cpp56
-rw-r--r--src/qca_systemstore_win.cpp73
-rw-r--r--src/qca_textfilter.cpp517
-rw-r--r--src/qca_tools.cpp1001
-rw-r--r--src/qt.tag60791
-rw-r--r--src/src.pro122
-rw-r--r--src/support/console.cpp1019
-rw-r--r--src/support/dirwatch.cpp239
-rw-r--r--src/support/logger.cpp119
-rw-r--r--src/support/qpipe.cpp2154
-rw-r--r--src/support/synchronizer.cpp497
-rw-r--r--src/support/syncthread.cpp223
-rw-r--r--tools/CMakeLists.txt2
-rw-r--r--tools/mozcerts/CMakeLists.txt8
-rw-r--r--tools/mozcerts/main.cpp169
-rw-r--r--tools/mozcerts/mozcerts.pro6
-rw-r--r--tools/qcatool/CMakeLists.txt13
-rw-r--r--tools/qcatool/main.cpp4574
-rw-r--r--tools/qcatool/qcatool.pro13
-rw-r--r--tools/tools.pro3
-rw-r--r--unittest/CMakeLists.txt30
-rw-r--r--unittest/README24
-rw-r--r--unittest/TestPlan85
-rw-r--r--unittest/base64unittest/CMakeLists.txt11
-rw-r--r--unittest/base64unittest/base64unittest.cpp124
-rw-r--r--unittest/base64unittest/base64unittest.pro11
-rw-r--r--unittest/bigintunittest/CMakeLists.txt11
-rw-r--r--unittest/bigintunittest/bigintunittest.cpp685
-rw-r--r--unittest/bigintunittest/bigintunittest.pro11
-rw-r--r--unittest/certunittest/CMakeLists.txt19
-rw-r--r--unittest/certunittest/certs/76.pem94
-rw-r--r--unittest/certunittest/certs/GoodCACRL.pem10
-rw-r--r--unittest/certunittest/certs/OCSPServer.crtbin0 -> 1133 bytes
-rw-r--r--unittest/certunittest/certs/OCSPServer.pem26
-rw-r--r--unittest/certunittest/certs/OCSPServer.txt63
-rw-r--r--unittest/certunittest/certs/QcaTestClientCert.pem84
-rw-r--r--unittest/certunittest/certs/QcaTestRootCert.pem83
-rw-r--r--unittest/certunittest/certs/QcaTestServerCert.pem84
-rw-r--r--unittest/certunittest/certs/QualitySSLIntermediateCA.crt30
-rw-r--r--unittest/certunittest/certs/RAIZ2007_CERTIFICATE_AND_CRL_SIGNING_SHA256.crtbin0 -> 1525 bytes
-rw-r--r--unittest/certunittest/certs/RootCA.txt69
-rw-r--r--unittest/certunittest/certs/RootCA2cert.pem29
-rw-r--r--unittest/certunittest/certs/RootCAcert.crtbin0 -> 1235 bytes
-rw-r--r--unittest/certunittest/certs/RootCAcert.pem28
-rw-r--r--unittest/certunittest/certs/Server.crtbin0 -> 1113 bytes
-rw-r--r--unittest/certunittest/certs/Server.p12bin0 -> 2133 bytes
-rw-r--r--unittest/certunittest/certs/Server.pem26
-rw-r--r--unittest/certunittest/certs/Server.txt60
-rw-r--r--unittest/certunittest/certs/Serverkey.pem15
-rw-r--r--unittest/certunittest/certs/Serverrev.crtbin0 -> 1121 bytes
-rw-r--r--unittest/certunittest/certs/Serverrev.p12bin0 -> 2141 bytes
-rw-r--r--unittest/certunittest/certs/Serverrev.pem26
-rw-r--r--unittest/certunittest/certs/Serverrevkey.pem15
-rw-r--r--unittest/certunittest/certs/Severrev.txt60
-rw-r--r--unittest/certunittest/certs/Test_CRL.crl13
-rw-r--r--unittest/certunittest/certs/User.crtbin0 -> 1126 bytes
-rw-r--r--unittest/certunittest/certs/User.p12bin0 -> 2141 bytes
-rw-r--r--unittest/certunittest/certs/User.pem26
-rw-r--r--unittest/certunittest/certs/User.txt60
-rw-r--r--unittest/certunittest/certs/Userkey.pem15
-rw-r--r--unittest/certunittest/certs/Userrev.crtbin0 -> 1129 bytes
-rw-r--r--unittest/certunittest/certs/Userrev.p12bin0 -> 2149 bytes
-rw-r--r--unittest/certunittest/certs/Userrev.pem26
-rw-r--r--unittest/certunittest/certs/Userrev.txt60
-rw-r--r--unittest/certunittest/certs/Userrevkey.pem15
-rw-r--r--unittest/certunittest/certs/altname.pem17
-rw-r--r--unittest/certunittest/certs/crl.txt27
-rw-r--r--unittest/certunittest/certs/csr1.pem14
-rw-r--r--unittest/certunittest/certs/newreq.pem14
-rw-r--r--unittest/certunittest/certs/ov-root-ca-cert.crtbin0 -> 1235 bytes
-rw-r--r--unittest/certunittest/certs/servergood2cert.pem86
-rw-r--r--unittest/certunittest/certs/servergood2cert.txt60
-rw-r--r--unittest/certunittest/certs/user2goodcert.pem87
-rw-r--r--unittest/certunittest/certs/user2goodcert.txt60
-rw-r--r--unittest/certunittest/certs/user2goodkey.pem15
-rw-r--r--unittest/certunittest/certs/xmppcert.pem21
-rw-r--r--unittest/certunittest/certunittest.cpp1207
-rw-r--r--unittest/certunittest/certunittest.pro11
-rw-r--r--unittest/checkall29
-rw-r--r--unittest/cipherunittest/CMakeLists.txt11
-rw-r--r--unittest/cipherunittest/cipherunittest.cpp2775
-rw-r--r--unittest/cipherunittest/cipherunittest.pro11
-rw-r--r--unittest/clientplugin/CMakeLists.txt11
-rw-r--r--unittest/clientplugin/clientplugin.cpp96
-rw-r--r--unittest/clientplugin/clientplugin.h45
-rw-r--r--unittest/clientplugin/clientplugin.pro11
-rw-r--r--unittest/cms/CMakeLists.txt15
-rw-r--r--unittest/cms/QcaTestClientCert.pem84
-rw-r--r--unittest/cms/QcaTestClientKey.pem18
-rw-r--r--unittest/cms/QcaTestRootCert.pem83
-rw-r--r--unittest/cms/cms.cpp501
-rw-r--r--unittest/cms/cms.pro11
-rw-r--r--unittest/dsaunittest/CMakeLists.txt12
-rw-r--r--unittest/dsaunittest/dsaunittest.cpp113
-rw-r--r--unittest/dsaunittest/dsaunittest.pro11
-rw-r--r--unittest/filewatchunittest/filewatchunittest.cpp92
-rw-r--r--unittest/filewatchunittest/filewatchunittest.h43
-rw-r--r--unittest/filewatchunittest/filewatchunittest.pro12
-rw-r--r--unittest/fixpaths.include15
-rw-r--r--unittest/hashunittest/CMakeLists.txt15
-rw-r--r--unittest/hashunittest/data/empty0
-rw-r--r--unittest/hashunittest/data/twobytes1
-rw-r--r--unittest/hashunittest/data/twohundredbytesbin0 -> 200 bytes
-rw-r--r--unittest/hashunittest/hashunittest.cpp888
-rw-r--r--unittest/hashunittest/hashunittest.pro11
-rw-r--r--unittest/hexunittest/CMakeLists.txt11
-rw-r--r--unittest/hexunittest/hexunittest.cpp117
-rw-r--r--unittest/hexunittest/hexunittest.pro11
-rw-r--r--unittest/kdfunittest/CMakeLists.txt11
-rw-r--r--unittest/kdfunittest/kdfunittest.cpp409
-rw-r--r--unittest/kdfunittest/kdfunittest.pro11
-rw-r--r--unittest/keybundle/CMakeLists.txt17
-rw-r--r--unittest/keybundle/RootCA2cert.pem29
-rw-r--r--unittest/keybundle/keybundle.cpp195
-rw-r--r--unittest/keybundle/keybundle.pro11
-rw-r--r--unittest/keybundle/servergood2.p12bin0 -> 2165 bytes
-rw-r--r--unittest/keybundle/user2good.p12bin0 -> 2181 bytes
-rw-r--r--unittest/keybundle/user2goodcert.pem87
-rw-r--r--unittest/keybundle/user2goodkey.pem15
-rw-r--r--unittest/keygenunittest/CMakeLists.txt11
-rw-r--r--unittest/keygenunittest/keygenunittest.cpp142
-rw-r--r--unittest/keygenunittest/keygenunittest.pro11
-rw-r--r--unittest/keylengthunittest/CMakeLists.txt11
-rw-r--r--unittest/keylengthunittest/keylengthunittest.cpp76
-rw-r--r--unittest/keylengthunittest/keylengthunittest.pro11
-rw-r--r--unittest/keystore/CMakeLists.txt11
-rw-r--r--unittest/keystore/keystore.cpp73
-rw-r--r--unittest/keystore/keystore.pro11
-rw-r--r--unittest/logger/CMakeLists.txt11
-rw-r--r--unittest/logger/logger.pro11
-rw-r--r--unittest/logger/loggerunittest.cpp289
-rw-r--r--unittest/macunittest/CMakeLists.txt11
-rw-r--r--unittest/macunittest/macunittest.cpp617
-rw-r--r--unittest/macunittest/macunittest.pro11
-rw-r--r--unittest/metatype/CMakeLists.txt11
-rw-r--r--unittest/metatype/metatype.cpp188
-rw-r--r--unittest/metatype/metatype.pro12
-rw-r--r--unittest/pgpunittest/CMakeLists.txt23
-rw-r--r--unittest/pgpunittest/keys1/pubring.gpgbin0 -> 23846 bytes
-rw-r--r--unittest/pgpunittest/keys1/secring.gpg0
-rw-r--r--unittest/pgpunittest/keys1/trustdb.gpgbin0 -> 1200 bytes
-rw-r--r--unittest/pgpunittest/keys2/pubring.gpg0
-rw-r--r--unittest/pgpunittest/keys2/secring.gpg0
-rw-r--r--unittest/pgpunittest/keys2/trustdb.gpgbin0 -> 40 bytes
-rw-r--r--unittest/pgpunittest/keys3/pubring.gpgbin0 -> 1200 bytes
-rw-r--r--unittest/pgpunittest/keys3/secring.gpgbin0 -> 1349 bytes
-rw-r--r--unittest/pgpunittest/keys3/trustdb.gpgbin0 -> 1280 bytes
-rw-r--r--unittest/pgpunittest/pgpunittest.cpp601
-rw-r--r--unittest/pgpunittest/pgpunittest.pro11
-rw-r--r--unittest/pipeunittest/CMakeLists.txt11
-rw-r--r--unittest/pipeunittest/pipeunittest.cpp260
-rw-r--r--unittest/pipeunittest/pipeunittest.pro11
-rw-r--r--unittest/pkits/CMakeLists.txt36
-rw-r--r--unittest/pkits/certs/BadSignedCACRL.crlbin0 -> 318 bytes
-rw-r--r--unittest/pkits/certs/BadSignedCACert.crtbin0 -> 631 bytes
-rw-r--r--unittest/pkits/certs/BadnotAfterDateCACRL.crlbin0 -> 325 bytes
-rw-r--r--unittest/pkits/certs/BadnotAfterDateCACert.crtbin0 -> 638 bytes
-rw-r--r--unittest/pkits/certs/BadnotBeforeDateCACRL.crlbin0 -> 326 bytes
-rw-r--r--unittest/pkits/certs/BadnotBeforeDateCACert.crtbin0 -> 639 bytes
-rw-r--r--unittest/pkits/certs/DSACACRL.crlbin0 -> 219 bytes
-rw-r--r--unittest/pkits/certs/DSACACert.crtbin0 -> 906 bytes
-rw-r--r--unittest/pkits/certs/DSAParametersInheritedCACRL.crlbin0 -> 241 bytes
-rw-r--r--unittest/pkits/certs/DSAParametersInheritedCACert.crtbin0 -> 536 bytes
-rw-r--r--unittest/pkits/certs/GoodCACRL.crlbin0 -> 382 bytes
-rw-r--r--unittest/pkits/certs/GoodCACert.crtbin0 -> 625 bytes
-rw-r--r--unittest/pkits/certs/InvalidCASignatureTest2EE.crtbin0 -> 628 bytes
-rw-r--r--unittest/pkits/certs/InvalidCAnotAfterDateTest5EE.crtbin0 -> 654 bytes
-rw-r--r--unittest/pkits/certs/InvalidCAnotBeforeDateTest1EE.crtbin0 -> 656 bytes
-rw-r--r--unittest/pkits/certs/InvalidDSASignatureTest6EE.crtbin0 -> 827 bytes
-rw-r--r--unittest/pkits/certs/InvalidEESignatureTest3EE.crtbin0 -> 622 bytes
-rw-r--r--unittest/pkits/certs/InvalidEEnotAfterDateTest6EE.crtbin0 -> 641 bytes
-rw-r--r--unittest/pkits/certs/InvalidEEnotBeforeDateTest2EE.crtbin0 -> 642 bytes
-rw-r--r--unittest/pkits/certs/InvalidMissingCRLTest1EE.crtbin0 -> 638 bytes
-rw-r--r--unittest/pkits/certs/InvalidNameChainingOrderTest2EE.crtbin0 -> 728 bytes
-rw-r--r--unittest/pkits/certs/InvalidNameChainingTest1EE.crtbin0 -> 643 bytes
-rw-r--r--unittest/pkits/certs/InvalidRevokedCATest2EE.crtbin0 -> 638 bytes
-rw-r--r--unittest/pkits/certs/InvalidRevokedEETest3EE.crtbin0 -> 632 bytes
-rw-r--r--unittest/pkits/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crtbin0 -> 655 bytes
-rw-r--r--unittest/pkits/certs/NoCRLCACert.crtbin0 -> 627 bytes
-rw-r--r--unittest/pkits/certs/RFC3280MandatoryAttributeTypesCACRL.crlbin0 -> 396 bytes
-rw-r--r--unittest/pkits/certs/RFC3280MandatoryAttributeTypesCACert.crtbin0 -> 709 bytes
-rw-r--r--unittest/pkits/certs/RFC3280OptionalAttributeTypesCACRL.crlbin0 -> 408 bytes
-rw-r--r--unittest/pkits/certs/RFC3280OptionalAttributeTypesCACert.crtbin0 -> 721 bytes
-rw-r--r--unittest/pkits/certs/RevokedsubCACRL.crlbin0 -> 318 bytes
-rw-r--r--unittest/pkits/certs/RevokedsubCACert.crtbin0 -> 626 bytes
-rw-r--r--unittest/pkits/certs/RolloverfromPrintableStringtoUTF8StringCACRL.crlbin0 -> 351 bytes
-rw-r--r--unittest/pkits/certs/RolloverfromPrintableStringtoUTF8StringCACert.crtbin0 -> 664 bytes
-rw-r--r--unittest/pkits/certs/TrustAnchorRootCRL.crlbin0 -> 353 bytes
-rw-r--r--unittest/pkits/certs/TrustAnchorRootCertificate.crtbin0 -> 572 bytes
-rw-r--r--unittest/pkits/certs/UIDCACRL.crlbin0 -> 311 bytes
-rw-r--r--unittest/pkits/certs/UIDCACert.crtbin0 -> 629 bytes
-rw-r--r--unittest/pkits/certs/UTF8StringCaseInsensitiveMatchCACRL.crlbin0 -> 341 bytes
-rw-r--r--unittest/pkits/certs/UTF8StringCaseInsensitiveMatchCACert.crtbin0 -> 654 bytes
-rw-r--r--unittest/pkits/certs/UTF8StringEncodedNamesCACRL.crlbin0 -> 318 bytes
-rw-r--r--unittest/pkits/certs/UTF8StringEncodedNamesCACert.crtbin0 -> 631 bytes
-rw-r--r--unittest/pkits/certs/ValidCertificatePathTest1EE.crtbin0 -> 622 bytes
-rw-r--r--unittest/pkits/certs/ValidDSAParameterInheritanceTest5EE.crtbin0 -> 566 bytes
-rw-r--r--unittest/pkits/certs/ValidDSASignaturesTest4EE.crtbin0 -> 826 bytes
-rw-r--r--unittest/pkits/certs/ValidGeneralizedTimenotAfterDateTest8EE.crtbin0 -> 654 bytes
-rw-r--r--unittest/pkits/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crtbin0 -> 655 bytes
-rw-r--r--unittest/pkits/certs/ValidNameChainingCapitalizationTest5EE.crtbin0 -> 651 bytes
-rw-r--r--unittest/pkits/certs/ValidNameChainingWhitespaceTest3EE.crtbin0 -> 652 bytes
-rw-r--r--unittest/pkits/certs/ValidNameChainingWhitespaceTest4EE.crtbin0 -> 653 bytes
-rw-r--r--unittest/pkits/certs/ValidNameUIDsTest6EE.crtbin0 -> 630 bytes
-rw-r--r--unittest/pkits/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crtbin0 -> 740 bytes
-rw-r--r--unittest/pkits/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crtbin0 -> 751 bytes
-rw-r--r--unittest/pkits/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crtbin0 -> 694 bytes
-rw-r--r--unittest/pkits/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crtbin0 -> 691 bytes
-rw-r--r--unittest/pkits/certs/ValidUTF8StringEncodedNamesTest9EE.crtbin0 -> 653 bytes
-rw-r--r--unittest/pkits/certs/Validpre2000UTCnotBeforeDateTest3EE.crtbin0 -> 649 bytes
-rw-r--r--unittest/pkits/pkits.cpp1131
-rw-r--r--unittest/pkits/pkits.pro11
-rw-r--r--unittest/randomunittest/CMakeLists.txt11
-rw-r--r--unittest/randomunittest/randomunittest.cpp97
-rw-r--r--unittest/randomunittest/randomunittest.pro11
-rw-r--r--unittest/rsaunittest/CMakeLists.txt11
-rw-r--r--unittest/rsaunittest/rsaunittest.cpp150
-rw-r--r--unittest/rsaunittest/rsaunittest.pro11
-rw-r--r--unittest/securearrayunittest/CMakeLists.txt11
-rw-r--r--unittest/securearrayunittest/securearrayunittest.cpp148
-rw-r--r--unittest/securearrayunittest/securearrayunittest.pro11
-rw-r--r--unittest/staticunittest/CMakeLists.txt12
-rw-r--r--unittest/staticunittest/staticunittest.cpp114
-rw-r--r--unittest/staticunittest/staticunittest.pro11
-rw-r--r--unittest/symmetrickeyunittest/CMakeLists.txt11
-rw-r--r--unittest/symmetrickeyunittest/symmetrickeyunittest.cpp117
-rw-r--r--unittest/symmetrickeyunittest/symmetrickeyunittest.pro11
-rwxr-xr-xunittest/testcerts/CA.pl189
-rw-r--r--unittest/testcerts/CA/cacert.pem83
-rw-r--r--unittest/testcerts/CA/careq.pem14
-rw-r--r--unittest/testcerts/CA/crlnumber1
-rw-r--r--unittest/testcerts/CA/index.txt3
-rw-r--r--unittest/testcerts/CA/index.txt.attr1
-rw-r--r--unittest/testcerts/CA/index.txt.attr.old1
-rw-r--r--unittest/testcerts/CA/index.txt.old2
-rw-r--r--unittest/testcerts/CA/newcerts/B67BE8904D707D7F.pem83
-rw-r--r--unittest/testcerts/CA/newcerts/B67BE8904D707D80.pem84
-rw-r--r--unittest/testcerts/CA/newcerts/B67BE8904D707D81.pem84
-rw-r--r--unittest/testcerts/CA/private/cakey.pem18
-rw-r--r--unittest/testcerts/CA/serial1
-rw-r--r--unittest/testcerts/CA/serial.old1
-rw-r--r--unittest/testcerts/README11
-rw-r--r--unittest/testcerts/openssl.cnf292
-rw-r--r--unittest/tls/CMakeLists.txt11
-rw-r--r--unittest/tls/tls.pro12
-rw-r--r--unittest/tls/tlsunittest.cpp113
-rw-r--r--unittest/unittest.pri6
-rw-r--r--unittest/unittest.pro35
-rw-r--r--unittest/velox/CMakeLists.txt14
-rw-r--r--unittest/velox/README9
-rw-r--r--unittest/velox/root.crt30
-rw-r--r--unittest/velox/velox.pro13
-rw-r--r--unittest/velox/veloxunittest.cpp216
574 files changed, 179336 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
new file mode 100644
index 0000000..e072427
--- /dev/null
+++ b/CMakeLists.txt
@@ -0,0 +1,156 @@
+project(QCA)
+
+cmake_minimum_required(VERSION 2.4.5)
+
+option(BUILD_TESTS "Create test" ON)
+
+set(LIB_SUFFIX "" CACHE STRING "Define suffix of directory name (32/64)" )
+
+set(LIB_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/lib${LIB_SUFFIX}" CACHE STRING "Directory where lib will install")
+
+set(PKGCONFIG_INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}/lib${LIB_SUFFIX}/pkgconfig/" CACHE STRING "Base directory for pkgconfig files")
+
+set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules" )
+
+find_package(Qt4 REQUIRED)
+# properly set up compile flags (QT_DEBUG/QT_NO_DEBUG, ...)
+include(${QT_USE_FILE})
+
+set(QCA_LIB_MAJOR_VERSION "2")
+set(QCA_LIB_MINOR_VERSION "0")
+set(QCA_LIB_PATCH_VERSION "3")
+
+set(QCA_LIB_VERSION_STRING "${QCA_LIB_MAJOR_VERSION}.${QCA_LIB_MINOR_VERSION}.${QCA_LIB_PATCH_VERSION}")
+
+
+if (APPLE)
+ find_package(Carbon REQUIRED)
+ set(CMAKE_INSTALL_NAME_DIR ${LIB_INSTALL_DIR})
+ set(CMAKE_BUILD_WITH_INSTALL_RPATH TRUE)
+endif (APPLE)
+
+# set up RPATH handling, so the libs are found if they are installed to a non-standard location, Alex
+if (UNIX AND NOT APPLE)
+ set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
+ set(CMAKE_INSTALL_RPATH "${LIB_INSTALL_DIR}" )
+endif (UNIX AND NOT APPLE)
+
+
+if (WIN32)
+ set(CMAKE_DEBUG_POSTFIX "d")
+ add_definitions(-DWIN32_LEAN_AND_MEAN)
+endif (WIN32)
+
+if (CMAKE_COMPILER_IS_GNUCXX)
+ if (CMAKE_SYSTEM_NAME MATCHES Linux)
+ add_definitions (-D_BSD_SOURCE)
+ set ( CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-long-long -ansi -Wundef -Wcast-align -Werror-implicit-function-declaration -Wchar-subscripts -Wall -W -Wpointer-arith -Wwrite-strings -Wformat-security -Wmissing-format-attribute -fno-common")
+ set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wnon-virtual-dtor -Wno-long-long -ansi -Wundef -Wcast-align -Wchar-subscripts -Wall -W -Wpointer-arith -Wwrite-strings -Wformat-security -fno-check-new -fno-common")
+ endif (CMAKE_SYSTEM_NAME MATCHES Linux)
+endif (CMAKE_COMPILER_IS_GNUCXX)
+
+add_definitions (${QT_DEFINITIONS})
+include_directories(include/QtCrypto/ ${QT_INCLUDES})
+
+# Always include srcdir and builddir in include path
+# This saves typing ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY} in about every subdir
+set(CMAKE_INCLUDE_CURRENT_DIR ON)
+
+# put the include dirs which are in the source or build tree
+# before all other include dirs, so the headers in the sources
+# are prefered over the already installed ones
+set(CMAKE_INCLUDE_DIRECTORIES_PROJECT_BEFORE ON)
+
+set(qca_INCLUDEDIR "${CMAKE_CURRENT_SOURCE_DIR}/include" )
+set(LIBRARY_OUTPUT_PATH "${CMAKE_BINARY_DIR}/lib${LIB_SUFFIX}" )
+
+set(qca_PLUGINSDIR "${QT_PLUGINS_DIR}/crypto/")
+message(STATUS "Plugins will be installed to " ${qca_PLUGINSDIR})
+
+include(QcaMacro)
+
+message(STATUS "Checking for certstore..")
+# fixme add OR mac
+if( WIN32 )
+# USE BUILTIN
+else ( WIN32 )
+ if ( ENV{QC_CERTSTORE_PATH} )
+ if(EXISTS ENV{QC_CERTSTORE_PATH})
+ set( qca_CERTSTORE $ENV{QC_CERTSTORE_PATH})
+ else(EXISTS ENV{QC_CERTSTORE_PATH})
+ # path to try
+ endif(EXISTS ENV{QC_CERTSTORE_PATH})
+ else( ENV{QC_CERTSTORE_PATH} )
+ set( toTry
+ "/etc/ssl/certs/ca-certificates.crt"
+ "/usr/share/ssl/cert.pem"
+ "/usr/share/ssl/certs/ca-bundle.crt"
+ "/etc/pki/tls/cert.pem"
+ "/usr/share/curl/curl-ca-bundle.crt"
+ )
+ foreach (_current_try ${toTry})
+ if(EXISTS ${_current_try})
+ set( qca_CERTSTORE ${_current_try})
+ endif(EXISTS ${_current_try})
+ endforeach (_current_try)
+ endif( ENV{QC_CERTSTORE_PATH} )
+endif(WIN32)
+
+if (qca_CERTSTORE)
+ message(STATUS "Found system certstore")
+else (qca_CERTSTORE)
+ message(STATUS "Using built in certstore.")
+ set( qca_CERTSTORE "${CMAKE_CURRENT_SOURCE_DIR}/certs/rootcerts.pem")
+ # note that INSTALL_FILES targets are relative to the current installation prefix...
+ install_files( "/certs" FILES "${CMAKE_CURRENT_SOURCE_DIR}/certs/rootcerts.pem" )
+endif (qca_CERTSTORE)
+message(STATUS "certstore path: " ${qca_CERTSTORE})
+add_definitions( -DQCA_SYSTEMSTORE_PATH="\\\"${qca_CERTSTORE}\\\"" )
+
+
+set( private_HEADERS ${qca_INCLUDEDIR}/QtCrypto/qca_plugin.h ${qca_INCLUDEDIR}/QtCrypto/qca_systemstore.h )
+
+set( public_HEADERS
+ ${qca_INCLUDEDIR}/QtCrypto/qca.h
+ ${qca_INCLUDEDIR}/QtCrypto/qcaprovider.h
+ ${qca_INCLUDEDIR}/QtCrypto/QtCrypto
+ ${qca_INCLUDEDIR}/QtCrypto/qca_export.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_support.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_tools.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_core.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_textfilter.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_basic.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_publickey.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_cert.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_keystore.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_securelayer.h
+ ${qca_INCLUDEDIR}/QtCrypto/qca_securemessage.h
+ ${qca_INCLUDEDIR}/QtCrypto/qpipe.h )
+
+set( qca_HEADERS ${private_HEADERS} ${public_HEADERS} )
+
+#install public headers only
+install(FILES ${public_HEADERS} DESTINATION "${CMAKE_INSTALL_PREFIX}/include/QtCrypto")
+
+include_directories(${QT_QTCORE_INCLUDE_DIR} "${qca_INCLUDEDIR}/QtCrypto")
+
+if(NOT WIN32)
+ configure_file("qca2.pc.cmake" "${CMAKE_BINARY_DIR}/qca2.pc" @ONLY)
+ install(FILES "${CMAKE_BINARY_DIR}/qca2.pc" DESTINATION ${PKGCONFIG_INSTALL_PREFIX})
+endif(NOT WIN32)
+
+configure_file("crypto.prf.cmake" "${CMAKE_BINARY_DIR}/crypto.prf" @ONLY)
+install(FILES "${CMAKE_BINARY_DIR}/crypto.prf" DESTINATION ${CMAKE_INSTALL_PREFIX}/mkspecs/features)
+
+install(FILES man/qcatool2.1 DESTINATION ${CMAKE_INSTALL_PREFIX}/share/man/man1)
+
+add_subdirectory(src)
+add_subdirectory(tools)
+add_subdirectory(plugins)
+
+if(BUILD_TESTS)
+ enable_testing()
+ add_subdirectory(unittest)
+ add_subdirectory(examples)
+endif(BUILD_TESTS)
+
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..5ab7695
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,504 @@
+ GNU LESSER GENERAL PUBLIC LICENSE
+ Version 2.1, February 1999
+
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the Lesser GPL. It also counts
+ as the successor of the GNU Library Public License, version 2, hence
+ the version number 2.1.]
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+ This license, the Lesser General Public License, applies to some
+specially designated software packages--typically libraries--of the
+Free Software Foundation and other authors who decide to use it. You
+can use it too, but we suggest you first think carefully about whether
+this license or the ordinary General Public License is the better
+strategy to use in any particular case, based on the explanations below.
+
+ When we speak of free software, we are referring to freedom of use,
+not price. Our General Public Licenses are designed to make sure that
+you have the freedom to distribute copies of free software (and charge
+for this service if you wish); that you receive source code or can get
+it if you want it; that you can change the software and use pieces of
+it in new free programs; and that you are informed that you can do
+these things.
+
+ To protect your rights, we need to make restrictions that forbid
+distributors to deny you these rights or to ask you to surrender these
+rights. These restrictions translate to certain responsibilities for
+you if you distribute copies of the library or if you modify it.
+
+ For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you. You must make sure that they, too, receive or can get the source
+code. If you link other code with the library, you must provide
+complete object files to the recipients, so that they can relink them
+with the library after making changes to the library and recompiling
+it. And you must show them these terms so they know their rights.
+
+ We protect your rights with a two-step method: (1) we copyright the
+library, and (2) we offer you this license, which gives you legal
+permission to copy, distribute and/or modify the library.
+
+ To protect each distributor, we want to make it very clear that
+there is no warranty for the free library. Also, if the library is
+modified by someone else and passed on, the recipients should know
+that what they have is not the original version, so that the original
+author's reputation will not be affected by problems that might be
+introduced by others.
+
+ Finally, software patents pose a constant threat to the existence of
+any free program. We wish to make sure that a company cannot
+effectively restrict the users of a free program by obtaining a
+restrictive license from a patent holder. Therefore, we insist that
+any patent license obtained for a version of the library must be
+consistent with the full freedom of use specified in this license.
+
+ Most GNU software, including some libraries, is covered by the
+ordinary GNU General Public License. This license, the GNU Lesser
+General Public License, applies to certain designated libraries, and
+is quite different from the ordinary General Public License. We use
+this license for certain libraries in order to permit linking those
+libraries into non-free programs.
+
+ When a program is linked with a library, whether statically or using
+a shared library, the combination of the two is legally speaking a
+combined work, a derivative of the original library. The ordinary
+General Public License therefore permits such linking only if the
+entire combination fits its criteria of freedom. The Lesser General
+Public License permits more lax criteria for linking other code with
+the library.
+
+ We call this license the "Lesser" General Public License because it
+does Less to protect the user's freedom than the ordinary General
+Public License. It also provides other free software developers Less
+of an advantage over competing non-free programs. These disadvantages
+are the reason we use the ordinary General Public License for many
+libraries. However, the Lesser license provides advantages in certain
+special circumstances.
+
+ For example, on rare occasions, there may be a special need to
+encourage the widest possible use of a certain library, so that it becomes
+a de-facto standard. To achieve this, non-free programs must be
+allowed to use the library. A more frequent case is that a free
+library does the same job as widely used non-free libraries. In this
+case, there is little to gain by limiting the free library to free
+software only, so we use the Lesser General Public License.
+
+ In other cases, permission to use a particular library in non-free
+programs enables a greater number of people to use a large body of
+free software. For example, permission to use the GNU C Library in
+non-free programs enables many more people to use the whole GNU
+operating system, as well as its variant, the GNU/Linux operating
+system.
+
+ Although the Lesser General Public License is Less protective of the
+users' freedom, it does ensure that the user of a program that is
+linked with the Library has the freedom and the wherewithal to run
+that program using a modified version of the Library.
+
+ The precise terms and conditions for copying, distribution and
+modification follow. Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library". The
+former contains code derived from the library, whereas the latter must
+be combined with the library in order to run.
+
+ GNU LESSER GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License Agreement applies to any software library or other
+program which contains a notice placed by the copyright holder or
+other authorized party saying it may be distributed under the terms of
+this Lesser General Public License (also called "this License").
+Each licensee is addressed as "you".
+
+ A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+ The "Library", below, refers to any such software library or work
+which has been distributed under these terms. A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language. (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+ "Source code" for a work means the preferred form of the work for
+making modifications to it. For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+ Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it). Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+ 1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+ You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+
+ 2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) The modified work must itself be a software library.
+
+ b) You must cause the files modified to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ c) You must cause the whole of the work to be licensed at no
+ charge to all third parties under the terms of this License.
+
+ d) If a facility in the modified Library refers to a function or a
+ table of data to be supplied by an application program that uses
+ the facility, other than as an argument passed when the facility
+ is invoked, then you must make a good faith effort to ensure that,
+ in the event an application does not supply such function or
+ table, the facility still operates, and performs whatever part of
+ its purpose remains meaningful.
+
+ (For example, a function in a library to compute square roots has
+ a purpose that is entirely well-defined independent of the
+ application. Therefore, Subsection 2d requires that any
+ application-supplied function or table used by this function must
+ be optional: if the application does not supply it, the square
+ root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library. To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License. (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.) Do not make any other change in
+these notices.
+
+ Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+ This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+ 4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+ If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library". Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+ However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library". The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+ When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library. The
+threshold for this to be true is not precisely defined by law.
+
+ If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work. (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+ Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+
+ 6. As an exception to the Sections above, you may also combine or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+ You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License. You must supply a copy of this License. If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License. Also, you must do one
+of these things:
+
+ a) Accompany the work with the complete corresponding
+ machine-readable source code for the Library including whatever
+ changes were used in the work (which must be distributed under
+ Sections 1 and 2 above); and, if the work is an executable linked
+ with the Library, with the complete machine-readable "work that
+ uses the Library", as object code and/or source code, so that the
+ user can modify the Library and then relink to produce a modified
+ executable containing the modified Library. (It is understood
+ that the user who changes the contents of definitions files in the
+ Library will not necessarily be able to recompile the application
+ to use the modified definitions.)
+
+ b) Use a suitable shared library mechanism for linking with the
+ Library. A suitable mechanism is one that (1) uses at run time a
+ copy of the library already present on the user's computer system,
+ rather than copying library functions into the executable, and (2)
+ will operate properly with a modified version of the library, if
+ the user installs one, as long as the modified version is
+ interface-compatible with the version that the work was made with.
+
+ c) Accompany the work with a written offer, valid for at
+ least three years, to give the same user the materials
+ specified in Subsection 6a, above, for a charge no more
+ than the cost of performing this distribution.
+
+ d) If distribution of the work is made by offering access to copy
+ from a designated place, offer equivalent access to copy the above
+ specified materials from the same place.
+
+ e) Verify that the user has already received a copy of these
+ materials or that you have already sent this user a copy.
+
+ For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it. However, as a special exception,
+the materials to be distributed need not include anything that is
+normally distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+ It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system. Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+
+ 7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+ a) Accompany the combined library with a copy of the same work
+ based on the Library, uncombined with any other library
+ facilities. This must be distributed under the terms of the
+ Sections above.
+
+ b) Give prominent notice with the combined library of the fact
+ that part of it is a work based on the Library, and explaining
+ where to find the accompanying uncombined form of the same work.
+
+ 8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License. Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License. However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+ 9. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Library or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+ 10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties with
+this License.
+
+ 11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all. For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded. In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+ 13. The Free Software Foundation may publish revised and/or new
+versions of the Lesser General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation. If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+
+ 14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission. For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this. Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+ NO WARRANTY
+
+ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Libraries
+
+ If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change. You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
+
+ To apply these terms, attach the following notices to the library. It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the library's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+Also add information on how to contact you by electronic and paper mail.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
+ library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+ <signature of Ty Coon>, 1 April 1990
+ Ty Coon, President of Vice
+
+That's all there is to it!
+
+
diff --git a/Doxyfile b/Doxyfile
new file mode 100644
index 0000000..a681524
--- /dev/null
+++ b/Doxyfile
@@ -0,0 +1,1290 @@
+# Doxyfile 1.5.2
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project
+#
+# All text after a hash (#) is considered a comment and will be ignored
+# The format is:
+# TAG = value [value, ...]
+# For lists items can also be appended using:
+# TAG += value [value, ...]
+# Values that contain spaces should be placed between quotes (" ")
+
+#---------------------------------------------------------------------------
+# Project related configuration options
+#---------------------------------------------------------------------------
+
+# This tag specifies the encoding used for all characters in the config file that
+# follow. The default is UTF-8 which is also the encoding used for all text before
+# the first occurrence of this tag. Doxygen uses libiconv (or the iconv built into
+# libc) for the transcoding. See http://www.gnu.org/software/libiconv for the list of
+# possible encodings.
+
+DOXYFILE_ENCODING = UTF-8
+
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
+# by quotes) that should identify the project.
+
+PROJECT_NAME = "Qt Cryptographic Architecture"
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number.
+# This could be handy for archiving the generated documentation or
+# if some version control system is used.
+
+PROJECT_NUMBER =
+
+# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
+# base path where the generated documentation will be put.
+# If a relative path is entered, it will be relative to the location
+# where doxygen was started. If left blank the current directory will be used.
+
+OUTPUT_DIRECTORY = apidocs
+
+# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
+# 4096 sub-directories (in 2 levels) under the output directory of each output
+# format and will distribute the generated files over these directories.
+# Enabling this option can be useful when feeding doxygen a huge amount of
+# source files, where putting all generated files in the same directory would
+# otherwise cause performance problems for the file system.
+
+CREATE_SUBDIRS = NO
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all
+# documentation generated by doxygen is written. Doxygen will use this
+# information to generate all constant output in the proper language.
+# The default language is English, other supported languages are:
+# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional,
+# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian,
+# Italian, Japanese, Japanese-en (Japanese with English messages), Korean,
+# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian,
+# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian.
+
+OUTPUT_LANGUAGE = English
+
+# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
+# include brief member descriptions after the members that are listed in
+# the file and class documentation (similar to JavaDoc).
+# Set to NO to disable this.
+
+BRIEF_MEMBER_DESC = NO
+
+# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
+# the brief description of a member or function before the detailed description.
+# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
+# brief descriptions will be completely suppressed.
+
+REPEAT_BRIEF = YES
+
+# This tag implements a quasi-intelligent brief description abbreviator
+# that is used to form the text in various listings. Each string
+# in this list, if found as the leading text of the brief description, will be
+# stripped from the text and the result after processing the whole list, is
+# used as the annotated text. Otherwise, the brief description is used as-is.
+# If left blank, the following values are used ("$name" is automatically
+# replaced with the name of the entity): "The $name class" "The $name widget"
+# "The $name file" "is" "provides" "specifies" "contains"
+# "represents" "a" "an" "the"
+
+ABBREVIATE_BRIEF =
+
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
+# Doxygen will generate a detailed section even if there is only a brief
+# description.
+
+ALWAYS_DETAILED_SEC = YES
+
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
+# inherited members of a class in the documentation of that class as if those
+# members were ordinary class members. Constructors, destructors and assignment
+# operators of the base classes will not be shown.
+
+INLINE_INHERITED_MEMB = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
+# path before files name in the file list and in the header files. If set
+# to NO the shortest path that makes the file name unique will be used.
+
+FULL_PATH_NAMES = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
+# can be used to strip a user-defined part of the path. Stripping is
+# only done if one of the specified strings matches the left-hand part of
+# the path. The tag can be used to show relative paths in the file list.
+# If left blank the directory from which doxygen is run is used as the
+# path to strip.
+
+STRIP_FROM_PATH =
+
+# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
+# the path mentioned in the documentation of a class, which tells
+# the reader which header file to include in order to use a class.
+# If left blank only the name of the header file containing the class
+# definition is used. Otherwise one should specify the include paths that
+# are normally passed to the compiler using the -I flag.
+
+STRIP_FROM_INC_PATH =
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
+# (but less readable) file names. This can be useful is your file systems
+# doesn't support long names like on DOS, Mac, or CD-ROM.
+
+SHORT_NAMES = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
+# will interpret the first line (until the first dot) of a JavaDoc-style
+# comment as the brief description. If set to NO, the JavaDoc
+# comments will behave just like the Qt-style comments (thus requiring an
+# explicit @brief command for a brief description.
+
+JAVADOC_AUTOBRIEF = YES
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
+# treat a multi-line C++ special comment block (i.e. a block of //! or ///
+# comments) as a brief description. This used to be the default behaviour.
+# The new default is to treat a multi-line C++ comment block as a detailed
+# description. Set this tag to YES if you prefer the old behaviour instead.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# If the DETAILS_AT_TOP tag is set to YES then Doxygen
+# will output the detailed description near the top, like JavaDoc.
+# If set to NO, the detailed description appears after the member
+# documentation.
+
+DETAILS_AT_TOP = NO
+
+# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
+# member inherits the documentation from any documented member that it
+# re-implements.
+
+INHERIT_DOCS = YES
+
+# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce
+# a new page for each member. If set to NO, the documentation of a member will
+# be part of the file/class/namespace that contains it.
+
+SEPARATE_MEMBER_PAGES = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab.
+# Doxygen uses this value to replace tabs by spaces in code fragments.
+
+TAB_SIZE = 8
+
+# This tag can be used to specify a number of aliases that acts
+# as commands in the documentation. An alias has the form "name=value".
+# For example adding "sideeffect=\par Side Effects:\n" will allow you to
+# put the command \sideeffect (or @sideeffect) in the documentation, which
+# will result in a user-defined paragraph with heading "Side Effects:".
+# You can put \n's in the value part of an alias to insert newlines.
+
+ALIASES =
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
+# sources only. Doxygen will then generate output that is more tailored for C.
+# For instance, some of the names that are used will be different. The list
+# of all members will be omitted, etc.
+
+OPTIMIZE_OUTPUT_FOR_C = NO
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java
+# sources only. Doxygen will then generate output that is more tailored for Java.
+# For instance, namespaces will be presented as packages, qualified scopes
+# will look different, etc.
+
+OPTIMIZE_OUTPUT_JAVA = NO
+
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to
+# include (a tag file for) the STL sources as input, then you should
+# set this tag to YES in order to let doxygen match functions declarations and
+# definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
+# func(std::string) {}). This also make the inheritance and collaboration
+# diagrams that involve STL classes more complete and accurate.
+
+BUILTIN_STL_SUPPORT = NO
+
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
+# enable parsing support.
+
+CPP_CLI_SUPPORT = NO
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
+# tag is set to YES, then doxygen will reuse the documentation of the first
+# member in the group (if any) for the other members of the group. By default
+# all members of a group must be documented explicitly.
+
+DISTRIBUTE_GROUP_DOC = NO
+
+# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
+# the same type (for instance a group of public functions) to be put as a
+# subgroup of that type (e.g. under the Public Functions section). Set it to
+# NO to prevent subgrouping. Alternatively, this can be done per class using
+# the \nosubgrouping command.
+
+SUBGROUPING = YES
+
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+
+# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
+# documentation are documented, even if no documentation was available.
+# Private class members and static file members will be hidden unless
+# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
+
+EXTRACT_ALL = NO
+
+# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
+# will be included in the documentation.
+
+EXTRACT_PRIVATE = NO
+
+# If the EXTRACT_STATIC tag is set to YES all static members of a file
+# will be included in the documentation.
+
+EXTRACT_STATIC = NO
+
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
+# defined locally in source files will be included in the documentation.
+# If set to NO only classes defined in header files are included.
+
+EXTRACT_LOCAL_CLASSES = YES
+
+# This flag is only useful for Objective-C code. When set to YES local
+# methods, which are defined in the implementation section but not in
+# the interface are included in the documentation.
+# If set to NO (the default) only methods in the interface are included.
+
+EXTRACT_LOCAL_METHODS = NO
+
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
+# undocumented members of documented classes, files or namespaces.
+# If set to NO (the default) these members will be included in the
+# various overviews, but no documentation section is generated.
+# This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_MEMBERS = NO
+
+# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
+# undocumented classes that are normally visible in the class hierarchy.
+# If set to NO (the default) these classes will be included in the various
+# overviews. This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_CLASSES = NO
+
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
+# friend (class|struct|union) declarations.
+# If set to NO (the default) these declarations will be included in the
+# documentation.
+
+HIDE_FRIEND_COMPOUNDS = NO
+
+# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
+# documentation blocks found inside the body of a function.
+# If set to NO (the default) these blocks will be appended to the
+# function's detailed documentation block.
+
+HIDE_IN_BODY_DOCS = NO
+
+# The INTERNAL_DOCS tag determines if documentation
+# that is typed after a \internal command is included. If the tag is set
+# to NO (the default) then the documentation will be excluded.
+# Set it to YES to include the internal documentation.
+
+INTERNAL_DOCS = YES
+
+# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
+# file names in lower-case letters. If set to YES upper-case letters are also
+# allowed. This is useful if you have classes or files whose names only differ
+# in case and if your file system supports case sensitive file names. Windows
+# and Mac users are advised to set this option to NO.
+
+CASE_SENSE_NAMES = YES
+
+# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
+# will show members with their full class and namespace scopes in the
+# documentation. If set to YES the scope will be hidden.
+
+HIDE_SCOPE_NAMES = NO
+
+# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
+# will put a list of the files that are included by a file in the documentation
+# of that file.
+
+SHOW_INCLUDE_FILES = YES
+
+# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
+# is inserted in the documentation for inline members.
+
+INLINE_INFO = YES
+
+# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
+# will sort the (detailed) documentation of file and class members
+# alphabetically by member name. If set to NO the members will appear in
+# declaration order.
+
+SORT_MEMBER_DOCS = NO
+
+# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
+# brief documentation of file, namespace and class members alphabetically
+# by member name. If set to NO (the default) the members will appear in
+# declaration order.
+
+SORT_BRIEF_DOCS = YES
+
+# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
+# sorted by fully-qualified names, including namespaces. If set to
+# NO (the default), the class list will be sorted only by class name,
+# not including the namespace part.
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
+# Note: This option applies only to the class list, not to the
+# alphabetical list.
+
+SORT_BY_SCOPE_NAME = NO
+
+# The GENERATE_TODOLIST tag can be used to enable (YES) or
+# disable (NO) the todo list. This list is created by putting \todo
+# commands in the documentation.
+
+GENERATE_TODOLIST = YES
+
+# The GENERATE_TESTLIST tag can be used to enable (YES) or
+# disable (NO) the test list. This list is created by putting \test
+# commands in the documentation.
+
+GENERATE_TESTLIST = YES
+
+# The GENERATE_BUGLIST tag can be used to enable (YES) or
+# disable (NO) the bug list. This list is created by putting \bug
+# commands in the documentation.
+
+GENERATE_BUGLIST = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
+# disable (NO) the deprecated list. This list is created by putting
+# \deprecated commands in the documentation.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# The ENABLED_SECTIONS tag can be used to enable conditional
+# documentation sections, marked by \if sectionname ... \endif.
+
+ENABLED_SECTIONS =
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
+# the initial value of a variable or define consists of for it to appear in
+# the documentation. If the initializer consists of more lines than specified
+# here it will be hidden. Use a value of 0 to hide initializers completely.
+# The appearance of the initializer of individual variables and defines in the
+# documentation can be controlled using \showinitializer or \hideinitializer
+# command in the documentation regardless of this setting.
+
+MAX_INITIALIZER_LINES = 30
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
+# at the bottom of the documentation of classes and structs. If set to YES the
+# list will mention the files that were used to generate the documentation.
+
+SHOW_USED_FILES = YES
+
+# If the sources in your project are distributed over multiple directories
+# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
+# in the documentation. The default is NO.
+
+SHOW_DIRECTORIES = YES
+
+# The FILE_VERSION_FILTER tag can be used to specify a program or script that
+# doxygen should invoke to get the current version for each file (typically from the
+# version control system). Doxygen will invoke the program by executing (via
+# popen()) the command <command> <input-file>, where <command> is the value of
+# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file
+# provided by doxygen. Whatever the program writes to standard output
+# is used as the file version. See the manual for examples.
+
+FILE_VERSION_FILTER =
+
+#---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated
+# by doxygen. Possible values are YES and NO. If left blank NO is used.
+
+QUIET = YES
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are
+# generated by doxygen. Possible values are YES and NO. If left blank
+# NO is used.
+
+WARNINGS = YES
+
+# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
+# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
+# automatically be disabled.
+
+WARN_IF_UNDOCUMENTED = YES
+
+# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
+# potential errors in the documentation, such as not documenting some
+# parameters in a documented function, or documenting parameters that
+# don't exist or using markup commands wrongly.
+
+WARN_IF_DOC_ERROR = YES
+
+# This WARN_NO_PARAMDOC option can be abled to get warnings for
+# functions that are documented, but have no documentation for their parameters
+# or return value. If set to NO (the default) doxygen will only warn about
+# wrong or incomplete parameter documentation, but not about the absence of
+# documentation.
+
+WARN_NO_PARAMDOC = YES
+
+# The WARN_FORMAT tag determines the format of the warning messages that
+# doxygen can produce. The string should contain the $file, $line, and $text
+# tags, which will be replaced by the file and line number from which the
+# warning originated and the warning text. Optionally the format may contain
+# $version, which will be replaced by the version of the file (if it could
+# be obtained via FILE_VERSION_FILTER)
+
+WARN_FORMAT = "$file:$line: $text"
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning
+# and error messages should be written. If left blank the output is written
+# to stderr.
+
+WARN_LOGFILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the input files
+#---------------------------------------------------------------------------
+
+# The INPUT tag can be used to specify the files and/or directories that contain
+# documented source files. You may enter file names like "myfile.cpp" or
+# directories like "/usr/src/myproject". Separate the files or directories
+# with spaces.
+
+INPUT = examples \
+ . \
+ include/QtCrypto
+
+# This tag can be used to specify the character encoding of the source files that
+# doxygen parses. Internally doxygen uses the UTF-8 encoding, which is also the default
+# input encoding. Doxygen uses libiconv (or the iconv built into libc) for the transcoding.
+# See http://www.gnu.org/software/libiconv for the list of possible encodings.
+
+INPUT_ENCODING = UTF-8
+
+# If the value of the INPUT tag contains directories, you can use the
+# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank the following patterns are tested:
+# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
+# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py
+
+FILE_PATTERNS = *.h \
+ *.doco \
+ Mainpage.dox
+
+# The RECURSIVE tag can be used to turn specify whether or not subdirectories
+# should be searched for input files as well. Possible values are YES and NO.
+# If left blank NO is used.
+
+RECURSIVE = NO
+
+# The EXCLUDE tag can be used to specify files and/or directories that should
+# excluded from the INPUT source files. This way you can easily exclude a
+# subdirectory from a directory tree whose root is specified with the INPUT tag.
+
+EXCLUDE =
+
+# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
+# directories that are symbolic links (a Unix filesystem feature) are excluded
+# from the input.
+
+EXCLUDE_SYMLINKS = NO
+
+# If the value of the INPUT tag contains directories, you can use the
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
+# certain files from those directories. Note that the wildcards are matched
+# against the file with absolute path, so to exclude all test directories
+# for example use the pattern */test/*
+
+EXCLUDE_PATTERNS = *.moc.* \
+ moc* \
+ *.all_cpp.* \
+ *unload.* \
+ */test/* \
+ */tests/*
+
+# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
+# (namespaces, classes, functions, etc.) that should be excluded from the output.
+# The symbol name can be a fully qualified name, a word, or if the wildcard * is used,
+# a substring. Examples: ANamespace, AClass, AClass::ANamespace, ANamespace::*Test
+
+EXCLUDE_SYMBOLS =
+
+# The EXAMPLE_PATH tag can be used to specify one or more files or
+# directories that contain example code fragments that are included (see
+# the \include command).
+
+EXAMPLE_PATH = examples/aes-cmac \
+ examples/base64test \
+ examples/certtest \
+ examples/ciphertest \
+ examples/cms \
+ examples/cmssigner \
+ examples/eventhandlerdemo \
+ examples/hashtest \
+ examples/hextest \
+ examples/keyloader \
+ examples/mactest \
+ examples/md5crypt \
+ examples/providertest \
+ examples/publickeyexample \
+ examples/randomtest \
+ examples/rsatest \
+ examples/saslclient \
+ examples/saslserver \
+ examples/ssltest \
+ examples/sslservtest \
+ examples/tlssocket
+
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank all files are included.
+
+EXAMPLE_PATTERNS =
+
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
+# searched for input files to be used with the \include or \dontinclude
+# commands irrespective of the value of the RECURSIVE tag.
+# Possible values are YES and NO. If left blank NO is used.
+
+EXAMPLE_RECURSIVE = NO
+
+# The IMAGE_PATH tag can be used to specify one or more files or
+# directories that contain image that are included in the documentation (see
+# the \image command).
+
+IMAGE_PATH = images
+
+# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# invoke to filter for each input file. Doxygen will invoke the filter program
+# by executing (via popen()) the command <filter> <input-file>, where <filter>
+# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
+# input file. Doxygen will then use the output that the filter program writes
+# to standard output. If FILTER_PATTERNS is specified, this tag will be
+# ignored.
+
+INPUT_FILTER =
+
+# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
+# basis. Doxygen will compare the file name with each pattern and apply the
+# filter if there is a match. The filters are a list of the form:
+# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
+# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
+# is applied to all files.
+
+FILTER_PATTERNS =
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
+# INPUT_FILTER) will be used to filter the input files when producing source
+# files to browse (i.e. when SOURCE_BROWSER is set to YES).
+
+FILTER_SOURCE_FILES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will
+# be generated. Documented entities will be cross-referenced with these sources.
+# Note: To get rid of all source code in the generated output, make sure also
+# VERBATIM_HEADERS is set to NO.
+
+SOURCE_BROWSER = NO
+
+# Setting the INLINE_SOURCES tag to YES will include the body
+# of functions and classes directly in the documentation.
+
+INLINE_SOURCES = NO
+
+# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
+# doxygen to hide any special comment blocks from generated source code
+# fragments. Normal C and C++ comments will always remain visible.
+
+STRIP_CODE_COMMENTS = YES
+
+# If the REFERENCED_BY_RELATION tag is set to YES (the default)
+# then for each documented function all documented
+# functions referencing it will be listed.
+
+REFERENCED_BY_RELATION = YES
+
+# If the REFERENCES_RELATION tag is set to YES (the default)
+# then for each documented function all documented entities
+# called/used by that function will be listed.
+
+REFERENCES_RELATION = YES
+
+# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
+# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
+# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
+# link to the source code. Otherwise they will link to the documentstion.
+
+REFERENCES_LINK_SOURCE = YES
+
+# If the USE_HTAGS tag is set to YES then the references to source code
+# will point to the HTML generated by the htags(1) tool instead of doxygen
+# built-in source browser. The htags tool is part of GNU's global source
+# tagging system (see http://www.gnu.org/software/global/global.html). You
+# will need version 4.8.6 or higher.
+
+USE_HTAGS = NO
+
+# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
+# will generate a verbatim copy of the header file for each class for
+# which an include is specified. Set to NO to disable this.
+
+VERBATIM_HEADERS = YES
+
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
+# of all compounds will be generated. Enable this if the project
+# contains a lot of classes, structs, unions or interfaces.
+
+ALPHABETICAL_INDEX = NO
+
+# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
+# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
+# in which this list will be split (can be a number in the range [1..20])
+
+COLS_IN_ALPHA_INDEX = 5
+
+# In case all classes in a project start with a common prefix, all
+# classes will be put under the same header in the alphabetical index.
+# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
+# should be ignored while generating the index headers.
+
+IGNORE_PREFIX =
+
+#---------------------------------------------------------------------------
+# configuration options related to the HTML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
+# generate HTML output.
+
+GENERATE_HTML = YES
+
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `html' will be used as the default path.
+
+HTML_OUTPUT = html
+
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
+# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
+# doxygen will generate files with .html extension.
+
+HTML_FILE_EXTENSION = .html
+
+# The HTML_HEADER tag can be used to specify a personal HTML header for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard header.
+
+HTML_HEADER =
+
+# The HTML_FOOTER tag can be used to specify a personal HTML footer for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard footer.
+
+HTML_FOOTER =
+
+# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
+# style sheet that is used by each HTML page. It can be used to
+# fine-tune the look of the HTML output. If the tag is left blank doxygen
+# will generate a default style sheet. Note that doxygen will try to copy
+# the style sheet file to the HTML output directory, so don't put your own
+# stylesheet in the HTML output directory as well, or it will be erased!
+
+HTML_STYLESHEET =
+
+# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
+# files or namespaces will be aligned in HTML using tables. If set to
+# NO a bullet list will be used.
+
+HTML_ALIGN_MEMBERS = YES
+
+# If the GENERATE_HTMLHELP tag is set to YES, additional index files
+# will be generated that can be used as input for tools like the
+# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
+# of the generated HTML documentation.
+
+GENERATE_HTMLHELP = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
+# be used to specify the file name of the resulting .chm file. You
+# can add a path in front of the file if the result should not be
+# written to the html output directory.
+
+CHM_FILE =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
+# be used to specify the location (absolute path including file name) of
+# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
+# the HTML help compiler on the generated index.hhp.
+
+HHC_LOCATION =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
+# controls if a separate .chi index file is generated (YES) or that
+# it should be included in the master .chm file (NO).
+
+GENERATE_CHI = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
+# controls whether a binary table of contents is generated (YES) or a
+# normal table of contents (NO) in the .chm file.
+
+BINARY_TOC = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members
+# to the contents of the HTML help documentation and to the tree view.
+
+TOC_EXPAND = NO
+
+# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
+# top of each HTML page. The value NO (the default) enables the index and
+# the value YES disables it.
+
+DISABLE_INDEX = NO
+
+# This tag can be used to set the number of enum values (range [1..20])
+# that doxygen will group on one line in the generated HTML documentation.
+
+ENUM_VALUES_PER_LINE = 4
+
+# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
+# generated containing a tree-like index structure (just like the one that
+# is generated for HTML Help). For this to work a browser that supports
+# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+,
+# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
+# probably better off using the HTML help feature.
+
+GENERATE_TREEVIEW = NO
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
+# used to set the initial width (in pixels) of the frame in which the tree
+# is shown.
+
+TREEVIEW_WIDTH = 250
+
+#---------------------------------------------------------------------------
+# configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
+# generate Latex output.
+
+GENERATE_LATEX = NO
+
+# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `latex' will be used as the default path.
+
+LATEX_OUTPUT = latex
+
+# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
+# invoked. If left blank `latex' will be used as the default command name.
+
+LATEX_CMD_NAME = latex
+
+# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
+# generate index for LaTeX. If left blank `makeindex' will be used as the
+# default command name.
+
+MAKEINDEX_CMD_NAME = makeindex
+
+# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
+# LaTeX documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_LATEX = NO
+
+# The PAPER_TYPE tag can be used to set the paper type that is used
+# by the printer. Possible values are: a4, a4wide, letter, legal and
+# executive. If left blank a4wide will be used.
+
+PAPER_TYPE = a4wide
+
+# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
+# packages that should be included in the LaTeX output.
+
+EXTRA_PACKAGES =
+
+# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
+# the generated latex document. The header should contain everything until
+# the first chapter. If it is left blank doxygen will generate a
+# standard header. Notice: only use this tag if you know what you are doing!
+
+LATEX_HEADER =
+
+# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
+# is prepared for conversion to pdf (using ps2pdf). The pdf file will
+# contain links (just like the HTML output) instead of page references
+# This makes the output suitable for online browsing using a pdf viewer.
+
+PDF_HYPERLINKS = YES
+
+# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
+# plain latex in the generated Makefile. Set this option to YES to get a
+# higher quality PDF documentation.
+
+USE_PDFLATEX = YES
+
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
+# command to the generated LaTeX files. This will instruct LaTeX to keep
+# running if errors occur, instead of asking the user for help.
+# This option is also used when generating formulas in HTML.
+
+LATEX_BATCHMODE = YES
+
+# If LATEX_HIDE_INDICES is set to YES then doxygen will not
+# include the index chapters (such as File Index, Compound Index, etc.)
+# in the output.
+
+LATEX_HIDE_INDICES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
+# The RTF output is optimized for Word 97 and may not look very pretty with
+# other RTF readers or editors.
+
+GENERATE_RTF = NO
+
+# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `rtf' will be used as the default path.
+
+RTF_OUTPUT = rtf
+
+# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
+# RTF documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_RTF = NO
+
+# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
+# will contain hyperlink fields. The RTF file will
+# contain links (just like the HTML output) instead of page references.
+# This makes the output suitable for online browsing using WORD or other
+# programs which support those fields.
+# Note: wordpad (write) and others do not support links.
+
+RTF_HYPERLINKS = NO
+
+# Load stylesheet definitions from file. Syntax is similar to doxygen's
+# config file, i.e. a series of assignments. You only have to provide
+# replacements, missing definitions are set to their default value.
+
+RTF_STYLESHEET_FILE =
+
+# Set optional variables used in the generation of an rtf document.
+# Syntax is similar to doxygen's config file.
+
+RTF_EXTENSIONS_FILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the man page output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
+# generate man pages
+
+GENERATE_MAN = NO
+
+# The MAN_OUTPUT tag is used to specify where the man pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `man' will be used as the default path.
+
+MAN_OUTPUT = man
+
+# The MAN_EXTENSION tag determines the extension that is added to
+# the generated man pages (default is the subroutine's section .3)
+
+MAN_EXTENSION = .3
+
+# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
+# then it will generate one additional man file for each entity
+# documented in the real man page(s). These additional files
+# only source the real man page, but without them the man command
+# would be unable to find the correct page. The default is NO.
+
+MAN_LINKS = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the XML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_XML tag is set to YES Doxygen will
+# generate an XML file that captures the structure of
+# the code including all documentation.
+
+GENERATE_XML = NO
+
+# The XML_OUTPUT tag is used to specify where the XML pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `xml' will be used as the default path.
+
+XML_OUTPUT = xml
+
+# The XML_SCHEMA tag can be used to specify an XML schema,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_SCHEMA =
+
+# The XML_DTD tag can be used to specify an XML DTD,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_DTD =
+
+# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
+# dump the program listings (including syntax highlighting
+# and cross-referencing information) to the XML output. Note that
+# enabling this will significantly increase the size of the XML output.
+
+XML_PROGRAMLISTING = YES
+
+#---------------------------------------------------------------------------
+# configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
+# generate an AutoGen Definitions (see autogen.sf.net) file
+# that captures the structure of the code including all
+# documentation. Note that this feature is still experimental
+# and incomplete at the moment.
+
+GENERATE_AUTOGEN_DEF = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_PERLMOD tag is set to YES Doxygen will
+# generate a Perl module file that captures the structure of
+# the code including all documentation. Note that this
+# feature is still experimental and incomplete at the
+# moment.
+
+GENERATE_PERLMOD = NO
+
+# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
+# the necessary Makefile rules, Perl scripts and LaTeX code to be able
+# to generate PDF and DVI output from the Perl module output.
+
+PERLMOD_LATEX = NO
+
+# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
+# nicely formatted so it can be parsed by a human reader. This is useful
+# if you want to understand what is going on. On the other hand, if this
+# tag is set to NO the size of the Perl module output will be much smaller
+# and Perl will parse it just the same.
+
+PERLMOD_PRETTY = YES
+
+# The names of the make variables in the generated doxyrules.make file
+# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
+# This is useful so different doxyrules.make files included by the same
+# Makefile don't overwrite each other's variables.
+
+PERLMOD_MAKEVAR_PREFIX =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor
+#---------------------------------------------------------------------------
+
+# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
+# evaluate all C-preprocessor directives found in the sources and include
+# files.
+
+ENABLE_PREPROCESSING = YES
+
+# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
+# names in the source code. If set to NO (the default) only conditional
+# compilation will be performed. Macro expansion can be done in a controlled
+# way by setting EXPAND_ONLY_PREDEF to YES.
+
+MACRO_EXPANSION = NO
+
+# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
+# then the macro expansion is limited to the macros specified with the
+# PREDEFINED and EXPAND_AS_DEFINED tags.
+
+EXPAND_ONLY_PREDEF = NO
+
+# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
+# in the INCLUDE_PATH (see below) will be search if a #include is found.
+
+SEARCH_INCLUDES = YES
+
+# The INCLUDE_PATH tag can be used to specify one or more directories that
+# contain include files that are not input files but should be processed by
+# the preprocessor.
+
+INCLUDE_PATH =
+
+# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
+# patterns (like *.h and *.hpp) to filter out the header-files in the
+# directories. If left blank, the patterns specified with FILE_PATTERNS will
+# be used.
+
+INCLUDE_FILE_PATTERNS =
+
+# The PREDEFINED tag can be used to specify one or more macro names that
+# are defined before the preprocessor is started (similar to the -D option of
+# gcc). The argument of the tag is a list of macros of the form: name
+# or name=definition (no spaces). If the definition and the = are
+# omitted =1 is assumed. To prevent a macro definition from being
+# undefined via #undef or recursively expanded use the := operator
+# instead of the = operator.
+
+# add DOXYGEN_NO_PROVIDER_API here to disable generation of the
+# Provider API documentation with Doxygen.
+PREDEFINED = DOXYGEN_SHOULD_SKIP_THIS \
+ QPIPE_SECURE
+
+
+# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
+# this tag can be used to specify a list of macro names that should be expanded.
+# The macro definition that is found in the sources will be used.
+# Use the PREDEFINED tag if you want to use a different macro definition.
+
+EXPAND_AS_DEFINED = QCA_EXPORT
+
+# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
+# doxygen's preprocessor will remove all function-like macros that are alone
+# on a line, have an all uppercase name, and do not end with a semicolon. Such
+# function macros are typically used for boiler-plate code, and will confuse
+# the parser if not removed.
+
+SKIP_FUNCTION_MACROS = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to external references
+#---------------------------------------------------------------------------
+
+# The TAGFILES option can be used to specify one or more tagfiles.
+# Optionally an initial location of the external documentation
+# can be added for each tagfile. The format of a tag file without
+# this location is as follows:
+# TAGFILES = file1 file2 ...
+# Adding location for the tag files is done as follows:
+# TAGFILES = file1=loc1 "file2 = loc2" ...
+# where "loc1" and "loc2" can be relative or absolute paths or
+# URLs. If a location is present for each tag, the installdox tool
+# does not have to be run to correct the links.
+# Note that each tag file must have a unique name
+# (where the name does NOT include the path)
+# If a tag file is not located in the directory in which doxygen
+# is run, you must also specify the path to the tagfile here.
+
+TAGFILES = src/qt.tag
+
+# When a file name is specified after GENERATE_TAGFILE, doxygen will create
+# a tag file that is based on the input files it reads.
+
+GENERATE_TAGFILE =
+
+# If the ALLEXTERNALS tag is set to YES all external classes will be listed
+# in the class index. If set to NO only the inherited external classes
+# will be listed.
+
+ALLEXTERNALS = NO
+
+# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
+# in the modules index. If set to NO, only the current project's groups will
+# be listed.
+
+EXTERNAL_GROUPS = YES
+
+# The PERL_PATH should be the absolute path and name of the perl script
+# interpreter (i.e. the result of `which perl').
+
+PERL_PATH = /usr/bin/perl
+
+#---------------------------------------------------------------------------
+# Configuration options related to the dot tool
+#---------------------------------------------------------------------------
+
+# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
+# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
+# or super classes. Setting the tag to NO turns the diagrams off. Note that
+# this option is superseded by the HAVE_DOT option below. This is only a
+# fallback. It is recommended to install and use dot, since it yields more
+# powerful graphs.
+
+CLASS_DIAGRAMS = YES
+
+# You can define message sequence charts within doxygen comments using the \msc
+# command. Doxygen will then run the mscgen tool (see http://www.mcternan.me.uk/mscgen/) to
+# produce the chart and insert it in the documentation. The MSCGEN_PATH tag allows you to
+# specify the directory where the mscgen tool resides. If left empty the tool is assumed to
+# be found in the default search path.
+
+MSCGEN_PATH =
+
+# If set to YES, the inheritance and collaboration graphs will hide
+# inheritance and usage relations if the target is undocumented
+# or is not a class.
+
+HIDE_UNDOC_RELATIONS = NO
+
+# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
+# available from the path. This tool is part of Graphviz, a graph visualization
+# toolkit from AT&T and Lucent Bell Labs. The other options in this section
+# have no effect if this option is set to NO (the default)
+
+HAVE_DOT = YES
+
+# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect inheritance relations. Setting this tag to YES will force the
+# the CLASS_DIAGRAMS tag to NO.
+
+CLASS_GRAPH = NO
+
+# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect implementation dependencies (inheritance, containment, and
+# class references variables) of the class with other documented classes.
+
+COLLABORATION_GRAPH = YES
+
+# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for groups, showing the direct groups dependencies
+
+GROUP_GRAPHS = YES
+
+# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
+# collaboration diagrams in a style similar to the OMG's Unified Modeling
+# Language.
+
+UML_LOOK = NO
+
+# If set to YES, the inheritance and collaboration graphs will show the
+# relations between templates and their instances.
+
+TEMPLATE_RELATIONS = NO
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
+# tags are set to YES then doxygen will generate a graph for each documented
+# file showing the direct and indirect include dependencies of the file with
+# other documented files.
+
+INCLUDE_GRAPH = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
+# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
+# documented header file showing the documented files that directly or
+# indirectly include this file.
+
+INCLUDED_BY_GRAPH = YES
+
+# If the CALL_GRAPH and HAVE_DOT tags are set to YES then doxygen will
+# generate a call dependency graph for every global function or class method.
+# Note that enabling this option will significantly increase the time of a run.
+# So in most cases it will be better to enable call graphs for selected
+# functions only using the \callgraph command.
+
+CALL_GRAPH = NO
+
+# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then doxygen will
+# generate a caller dependency graph for every global function or class method.
+# Note that enabling this option will significantly increase the time of a run.
+# So in most cases it will be better to enable caller graphs for selected
+# functions only using the \callergraph command.
+
+CALLER_GRAPH = NO
+
+# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
+# will graphical hierarchy of all classes instead of a textual one.
+
+GRAPHICAL_HIERARCHY = YES
+
+# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES
+# then doxygen will show the dependencies a directory has on other directories
+# in a graphical way. The dependency relations are determined by the #include
+# relations between the files in the directories.
+
+DIRECTORY_GRAPH = YES
+
+# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
+# generated by dot. Possible values are png, jpg, or gif
+# If left blank png will be used.
+
+DOT_IMAGE_FORMAT = png
+
+# The tag DOT_PATH can be used to specify the path where the dot tool can be
+# found. If left blank, it is assumed the dot tool can be found in the path.
+
+DOT_PATH =
+
+# The DOTFILE_DIRS tag can be used to specify one or more directories that
+# contain dot files that are included in the documentation (see the
+# \dotfile command).
+
+DOTFILE_DIRS =
+
+# The MAX_DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
+# nodes that will be shown in the graph. If the number of nodes in a graph
+# becomes larger than this value, doxygen will truncate the graph, which is
+# visualized by representing a node as a red box. Note that doxygen will always
+# show the root nodes and its direct children regardless of this setting.
+
+DOT_GRAPH_MAX_NODES = 50
+
+# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
+# background. This is disabled by default, which results in a white background.
+# Warning: Depending on the platform used, enabling this option may lead to
+# badly anti-aliased labels on the edges of a graph (i.e. they become hard to
+# read).
+
+DOT_TRANSPARENT = NO
+
+# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
+# files in one run (i.e. multiple -o and -T options on the command line). This
+# makes dot run faster, but since only newer versions of dot (>1.8.10)
+# support this, this feature is disabled by default.
+
+DOT_MULTI_TARGETS = NO
+
+# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
+# generate a legend page explaining the meaning of the various boxes and
+# arrows in the dot generated graphs.
+
+GENERATE_LEGEND = YES
+
+# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
+# remove the intermediate dot files that are used to generate
+# the various graphs.
+
+DOT_CLEANUP = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to the search engine
+#---------------------------------------------------------------------------
+
+# The SEARCHENGINE tag specifies whether or not a search engine should be
+# used. If set to NO the values of all tags below this one will be ignored.
+
+SEARCHENGINE = NO
diff --git a/INSTALL b/INSTALL
new file mode 100644
index 0000000..c730abc
--- /dev/null
+++ b/INSTALL
@@ -0,0 +1,36 @@
+Installing QCA
+--------------
+
+QCA requires Qt 4.2 or greater.
+
+For Unix/Linux/Mac:
+
+ ./configure
+ make
+ make install
+ /sbin/ldconfig, if necessary
+
+For Windows:
+
+ configure
+ nmake (or make)
+ installwin
+
+
+Notes
+-----
+ - On unix, use --prefix=$PWD to build in-place
+
+
+Building from SVN
+------------------
+First, install the 'qconf' program, at least version 1.5. You can download
+the source here:
+ http://delta.affinix.com/qconf/
+
+Then, go into the QCA source tree and type 'qconf'. You should now have a
+configure program to execute, just like from a normal source package.
+
+
+Please report problems to:
+ delta@lists.affinix.com
diff --git a/Mainpage.dox b/Mainpage.dox
new file mode 100644
index 0000000..198b587
--- /dev/null
+++ b/Mainpage.dox
@@ -0,0 +1,399 @@
+/**
+ \mainpage Qt Cryptographic Architecture
+
+ Taking a hint from the similarly-named
+ <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/CryptoSpec.html">Java
+ Cryptography Architecture</a>, %QCA aims to provide a
+ straightforward and cross-platform cryptographic API, using Qt
+ datatypes and conventions. %QCA separates the API from the
+ implementation, using plugins known as Providers. The advantage
+ of this model is to allow applications to avoid linking to or
+ explicitly depending on any particular cryptographic library.
+ This allows one to easily change or upgrade Provider
+ implementations without even needing to recompile the
+ application!
+
+ %QCA should work everywhere %Qt does, including Windows/Unix/MacOSX. This
+ version of %QCA is for Qt4, and requires no Qt3 compatibility code.
+
+ \section features Features
+
+ This library provides an easy API for the following features:
+ - Secure byte arrays (QCA::SecureArray)
+ - Arbitrary precision integers (QCA::BigInteger)
+ - Random number generation (QCA::Random)
+ - SSL/TLS (QCA::TLS)
+ - X509 certificates (QCA::Certificate and QCA::CertificateCollection)
+ - X509 certificate revocation lists (QCA::CRL)
+ - Built-in support for operating system certificate root storage (QCA::systemStore)
+ - Simple Authentication and Security Layer (SASL) (QCA::SASL)
+ - Cryptographic Message Syntax (e.g., for S/MIME) (QCA::CMS)
+ - PGP messages (QCA::OpenPGP)
+ - Unified PGP/CMS API (QCA::SecureMessage)
+ - Subsystem for managing Smart Cards and PGP keyrings (QCA::KeyStore)
+ - Simple but flexible logging system (QCA::Logger)
+ - RSA (QCA::RSAPrivateKey and QCA::RSAPublicKey)
+ - DSA (QCA::DSAPrivateKey and QCA::DSAPublicKey)
+ - Diffie-Hellman (QCA::DHPrivateKey and QCA::DHPublicKey)
+ - Hashing (QCA::Hash) with
+ - SHA-0
+ - SHA-1
+ - MD2
+ - MD4
+ - MD5
+ - RIPEMD160
+ - SHA-224
+ - SHA-256
+ - SHA-384
+ - SHA-512
+ - Whirlpool
+ - Ciphers (QCA::Cipher) using
+ - BlowFish
+ - Triple DES
+ - DES
+ - AES (128, 192 and 256 bit)
+ - CAST5 (also known as CAST-128)
+ - Message Authentication Code (QCA::MessageAuthenticationCode), using
+ - HMAC with SHA-1
+ - HMAC with MD5
+ - HMAC with RIPEMD160
+ - HMAC with SHA-224
+ - HMAC with SHA-256
+ - HMAC with SHA-384
+ - HMAC with SHA-512
+ - Encoding and decoding of hexadecimal (QCA::Hex) and
+ Base64 (QCA::Base64) strings.
+
+ Functionality is supplied via plugins. This is useful for avoiding
+ dependence on a particular crypto library and makes upgrading easier,
+ as there is no need to recompile your application when adding or
+ upgrading a crypto plugin. Also, by pushing crypto functionality into
+ plugins, your application is free of legal issues, such as export
+ regulation.
+
+ And of course, you get a very simple crypto API for Qt, where you can
+ do things like:
+ \code
+ QString hash = QCA::Hash("sha1").hashToString(blockOfData);
+ \endcode
+
+ \section using Using QCA
+
+ The application simply includes &lt;QtCrypto> and links to
+ libqca, which provides the 'wrapper API' and plugin loader. Crypto
+ functionality is determined during runtime, and plugins are loaded
+ from the 'crypto' subfolder of the %Qt library paths. There are <a
+ href="examples.html">additional examples available</a>.
+
+ \subsection tute1 Introduction
+
+ Using %QCA is much like using Qt, and if you are familiar with
+ Qt, then it should feel "natural". There are a few things you
+ do need to know though, to build reliable applications:
+ - %QCA needs to be initialized before you use any class that
+ requires plugin support, or uses secure memory. That is most
+ of %QCA, so you should assume that you need to perform
+ initialization. The easiest way to do this is to instantiate
+ a QCA::Initializer object and ensure it is not deleted (or
+ allowed to go out of scope) until you have finished using
+ %QCA.
+ - Most features/algorithms are provided by plugins/\ref providers.
+ You should check that the required feature is actually
+ available (using QCA::isSupported()) before trying to create
+ it. If you try to create a class and suitable provider support
+ is not available, you will get back a null object, and when
+ you try to use one of the methods, your application will
+ segfault. Also, for features that take algorithm names (e.g.
+ QCA::Hash, which takes the name of the hashing algorithm such
+ as "md5" or "sha256"), the name is looked up at run-time, so
+ if you make a typographical error (e.g. "md56") it will compile
+ correctly, but segfault at run-time.
+
+ \subsection tute2 Thoughts on security
+
+ %QCA tries to be flexible in what it supports. That does not mean that
+ every possible combination of features makes sense though.
+
+ We strongly recommend against coming up with your own design made up
+ of low-level cryptographic primitives (e.g. QCA::Hash, QCA::Cipher and
+ similar features) and trying to use higher level capabilities. In particular,
+ we recommend looking at QCA::TLS, QCA::SASL, QCA::CMS and QCA::OpenPGP
+ as starting points.
+
+ When selecting a particular cryptographic feature, you should make sure
+ that you understand what sort of threats your application is likely
+ to be exposed to, and how that threat can be effectively countered. In
+ addition, you should consider whether you can avoid adding cryptographic
+ features directly to your application (e.g. for secure transport, you
+ may be able to tunnel your application over SSH).
+
+ Also, you may need to look beyond %QCA for some security needs (e.g.
+ for authentication, your situation may be more suited to using
+ Kerberos than SASL or TLS).
+
+ \subsection intro-design Design
+
+ The architecture of %QCA is shown below:
+
+ \image html qca-arch.png "QCA Architecture"
+ \image latex qca-arch.eps "QCA Architecture" width=\textwidth
+
+ Application authors normally only need to use the User API. The
+ provider API is available for plugin authors, but can also
+ be used by application authors to provide very specific capabilities.
+
+ For more information on the design of %QCA, you might like to review
+ the \ref architecture description.
+
+ \section availability Availability
+
+ \subsection qca2code Releases
+
+ The latest release packages can be found in the
+ <a href="http://delta.affinix.com/download/qca/2.0/">%QCA 2.0 download area</a>.
+
+ See the <a href="http://delta.affinix.com/qca/">project web site</a> for
+ further information about %QCA releases.
+
+ \subsection qca2dev Current development
+
+ The latest version of the code is available from the KDE Subversion
+ server (there is no formal release of the current version at this time). See
+ <a href="http://developer.kde.org/source/anonsvn.html">
+ http://developer.kde.org/source/anonsvn.html
+ </a> for general instructions. You do <i>not</i> need kdelibs or
+ arts modules for %QCA - just pull down kdesupport/qca. The plugins
+ are in the same tree. Naturally you will need %Qt properly set up
+ and configured in order to build and use %QCA.
+
+ The Subversion code can also be browsed
+ <a href="http://websvn.kde.org/trunk/kdesupport/qca/">
+ via the web</a>
+
+ */
+
+/** \page architecture Architecture
+
+\note You don't need to understand any of this to use %QCA - it is
+documented for those who are curious, and for anyone planning to
+extend or modify %QCA.
+
+The design of %QCA is based on the Bridge design pattern. The intent of
+the Bridge pattern is to "Decouple an abstraction from its
+implementation so that the two can vary independently." [Gamma et.al,
+pg 151].
+
+To understand how this decoupling works in the case of %QCA, is is
+easiest to look at an example - a cryptographic Hash. The API is
+pretty simple (although I've left out some parts that aren't required
+for this example):
+
+\code
+class QCA_EXPORT Hash : public Algorithm, public BufferedComputation
+{
+public:
+ Hash(const QString &type, const QString &provider);
+ virtual void clear();
+ virtual void update(const QCA::SecureArray &a);
+ virtual QCA::SecureArray final();
+}
+\endcode
+
+The implementation for the Hash class is almost as simple:
+
+\code
+Hash::Hash(const QString &type, const QString &provider)
+:Algorithm(type, provider)
+{
+}
+
+void Hash::clear()
+{
+ static_cast<HashContext *>(context())->clear();
+}
+
+void Hash::update(const QCA::SecureArray &a)
+{
+ static_cast<HashContext *>(context())->update(a);
+}
+
+QCA::SecureArray Hash::final()
+{
+ return static_cast<HashContext *>(context())->final();
+}
+\endcode
+
+The reason why it looks so simple is that the various methods in Hash
+just call out to equivalent routines in the context() object. The
+context comes from a call (getContext()) that is made as part of the
+Algorithm constructor. That getContext() call causes %QCA to work
+through the list of providers (generally plugins) that it knows about,
+looking for a provider that can produce the right kind of context (in
+this case, a HashContext).
+
+ The code for a HashContext doesn't need to be linked into %QCA - it can
+be varied in its implementation, including being changed at run-time. The
+application doesn't need to know how HashContext is implemented, because
+ it just has to deal with the Hash class interface. In fact, HashContext
+ may not be implemented, so the application should check (using
+ QCA::isSupported()) before trying to use features that are implemented
+with plugins.
+
+ The code for one implementation (in this case, calling OpenSSL) is shown
+below.
+\code
+class opensslHashContext : public HashContext
+{
+public:
+ opensslHashContext(const EVP_MD *algorithm, Provider *p, const QString &type) : HashContext(p, type)
+ {
+ m_algorithm = algorithm;
+ EVP_DigestInit( &m_context, m_algorithm );
+ };
+
+ ~opensslHashContext()
+ {
+ EVP_MD_CTX_cleanup(&m_context);
+ }
+
+ void clear()
+ {
+ EVP_MD_CTX_cleanup(&m_context);
+ EVP_DigestInit( &m_context, m_algorithm );
+ }
+
+ void update(const QCA::SecureArray &a)
+ {
+ EVP_DigestUpdate( &m_context, (unsigned char*)a.data(), a.size() );
+ }
+
+ QCA::SecureArray final()
+ {
+ QCA::SecureArray a( EVP_MD_size( m_algorithm ) );
+ EVP_DigestFinal( &m_context, (unsigned char*)a.data(), 0 );
+ return a;
+ }
+
+ Provider::Context *clone() const
+ {
+ return new opensslHashContext(*this);
+ }
+
+protected:
+ const EVP_MD *m_algorithm;
+ EVP_MD_CTX m_context;
+};
+\endcode
+
+This approach (using an Adapter pattern) is very common in %QCA backends,
+because the plugins are often based on existing libraries.
+
+ In addition to the various Context objects, each provider also has
+ a parameterised Factory class that has a createContext() method, as
+ shown below:
+\code
+ Context *createContext(const QString &type)
+ {
+ //OpenSSL_add_all_digests();
+ if ( type == "sha1" )
+ return new opensslHashContext( EVP_sha1(), this, type);
+ else if ( type == "sha0" )
+ return new opensslHashContext( EVP_sha(), this, type);
+ else if ( type == "md5" )
+ return new opensslHashContext( EVP_md5(), this, type);
+ else if ( type == "aes128-cfb" )
+ return new opensslCipherContext( EVP_aes_128_cfb(), 0, this, type);
+ else if ( type == "aes128-cbc" )
+ return new opensslCipherContext( EVP_aes_128_cbc(), 0, this, type);
+ else
+ return 0;
+ }
+\endcode
+
+The resulting effect is that %QCA can ask the provider to provide an appropriate
+Context object without worrying about how it is implemented.
+
+For features that are implemented with variable algorithms (for example, HashContext can
+support a wide range of algorithms - MD5, SHA0, and SHA1 in the example above; and
+CipherContext and MACContext can also do this), we need to be able to let applications
+determine which algorithms are supported. This is handled through the InfoContext class.
+A typical example is shown below:
+\code
+ class opensslInfoContext : public InfoContext
+ {
+ Q_OBJECT
+ public:
+ opensslInfoContext(Provider *p) : InfoContext(p)
+ {
+ }
+
+ Context *clone() const
+ {
+ return new opensslInfoContext(*this);
+ }
+
+ QStringList supportedHashTypes() const
+ {
+ QStringList list;
+ list += "sha1";
+ list += "sha0";
+ list += "md5";
+ return list;
+ }
+
+ // MAC and Cipher types can go in here
+ };
+\endcode
+
+Note that InfoContext is itself a feature, so you have to add it to the createContext()
+method for the provider, as shown below:
+\code
+ Context *createContext(const QString &type)
+ {
+ if ( type == "sha1" )
+ return new opensslHashContext( EVP_sha1(), this, type);
+ else if ( type == "sha0" )
+ return new opensslHashContext( EVP_sha(), this, type);
+ else if ( type == "md5" )
+ return new opensslHashContext( EVP_md5(), this, type);
+ else if ( type == "info" )
+ return new opensslInfoContext( this );
+ else
+ return 0;
+ }
+\endcode
+
+*/
+
+/** \page providers Providers
+
+%QCA works on the concept of a "provider". There is a limited
+internal provider (named "default"), but most of the work is
+done in plugin modules.
+
+The logic to selection of a provider is fairly simple. The user can
+specify a provider name - if that name exists, and the provider supports
+the requested feature, then the named provider is used. If that
+didn't work, then the available plugins are searched (based on a
+priority order) for the requested feature. If that doesn't work,
+then the default provider is searched for the requested feature.
+
+So the only way to get the default provider is to either have no other support
+whatsoever, or to specify the default provider directly (this goes for the
+algorithm constructors as well as setGlobalRNG()).
+
+You can add your own provider in two ways - as a shared object plugin,
+and as a part of the client code.
+
+The shared object plugin needs to be able to be found using the
+built-in scan logic - this normally means you need to install it into
+the plugins/crypto subdirectory within the directory that Qt is
+installed to. This will make it available for all applications.
+
+If you have a limited application domain (such as a specialist
+algorithm, or a need to be bug-compatible), you may find it easier to
+create a client-side provider, and add it using the
+QCA::insertProvider call. There is an example of this - see
+<a href="aes-cmac_8cpp-example.html">the AES-CMAC example</a>.
+*/
+
diff --git a/README b/README
new file mode 100644
index 0000000..000eb31
--- /dev/null
+++ b/README
@@ -0,0 +1,79 @@
+Qt Cryptographic Architecture (QCA) version 2.0.3
+-------------------------------------------------
+Date: November 27th, 2010
+Website: http://delta.affinix.com/qca/
+Mailing List: Delta Project <delta@lists.affinix.com>
+
+Project Lead/Maintainer (2003-current):
+ Justin Karneges <justin@affinix.com>
+ (March 2007 - August 2007 under Barracuda Networks employment)
+
+Development, Documentation, Unittests (2004-current):
+ Brad Hards <bradh@frogmouth.net>
+
+Special Thanks:
+ Portugal Telecom (SAPO division), for sponsorship
+ Alon Bar-Lev, for smart card and design assistance
+ Jack Lloyd, for Botan and X.509 mentoring
+ L. Peter Deutsch, for the public domain MD5 implementation
+ Steve Reid, for the public domain SHA1 implementation
+ Jason Kim, for the CMS Signer graphics
+
+
+Install
+-------
+ For installation or compiling instructions, see the INSTALL file.
+
+
+License
+-------
+ This library is licensed under the Lesser GNU General Public License. See
+ the COPYING file for more information.
+
+
+Changes
+-------
+ New in 2.0.3
+ - Bugfix release, forward and backward compatible with 2.0.x
+ - Fix compilation when using Qt/Windows SDK
+
+ New in 2.0.2
+ - Bugfix release, forward and backward compatible with 2.0.x
+ - Fix compatibility with Qt 4.5 when QCA::Initializer appears before QApp
+ - Don't convert to secure memory when Hash::update(QByteArray) is used
+ - Use configure.exe instead of configwin.bat
+
+ New in 2.0.1
+ - Bugfix release, forward and backward compatible with 2.0.x
+ - Ability to build as a Mac framework (and build this way by default)
+ - On non-Mac Unix, the pkgconfig file is always qca2.pc, even in debug mode
+ - Certificates containing wildcards are now matched properly
+ - DirWatch/FileWatch now work
+ - Keystore writes now work
+ - Don't delete objects in their event handler (prevents Qt 4.4 warnings)
+ - Fix potential hang with TLS in server mode
+ - Windows version can be configured/installed using paths with spaces
+
+
+Description
+-----------
+
+ QCA is a library that provides an easy API for a range of cryptographic
+ features, including SSL/TLS, X.509 certificates, SASL, OpenPGP, smartcards,
+ and much more.
+
+ Functionality is supplied via plugins. This is useful for avoiding
+ dependence on a particular crypto library and makes upgrading easier,
+ as there is no need to recompile your application when adding or
+ upgrading a crypto plugin.
+
+ In order for QCA to be of much use, you'll want to install some plugins.
+
+ QCA was originally created to support the security needs of the
+ Psi XMPP/Jabber client project ( http://psi-im.org/ ).
+
+ API Documentation is located in the 'apidocs' subdirectory.
+
+
+Have fun,
+-Justin
diff --git a/TODO b/TODO
new file mode 100644
index 0000000..cce9e51
--- /dev/null
+++ b/TODO
@@ -0,0 +1,92 @@
+* 2.0.4
+ handle mac universal builds for arches besides x86 and ppc (e.g. x86_64)
+ use rpath?
+ cms example: User.pem expired. probably other certs need regen also?
+ fix publickeyexample. it encrypts with cms, decrypts with raw rsa??
+ qcatool: instead of printing full usage at every wrong turn, we might try
+ to print something closer to the context
+ publickey: use_asker_fallback should use ErrorPassphrase
+ cmssigner: convert path separators in field when loading a pkcs11 module
+ cert: better makeFriendlyName diffing for key usage (consider OIDs) ?
+ cert unit tests need to test wildcards!!
+ consider a more readable implementation of qca_securelayer logic using the
+ object-sessions concept (write the blog first :))
+ vs2005: big_io.obj : warning LNK4221: no public symbols found; archive
+ member will be inaccessible
+
+* 2.1.0
+ CertificateAuthority constructor provider argument should have default value
+ CertificateAuthority::createCertificate declared but not implemented!
+ CertificateCollection: ability to remove certs/crls?
+ pull kwallet's SecureBuffer?
+
+* possibilities for the future:
+ abort if feature requested but not found, rather than crashing
+ examples: bigint, pgp, tls with smartcards (reuse ssltest?), more?
+ unittests: pgp enc/dec, cms, sasl, tls, filewatch/dirwatch
+ complete pkits unittests
+ don't expose windows.h in qpipe.h, find another way to get HANDLE
+ cert: ability to get a list of all validation errors, rather than just one
+ the securelayer system doesn't respond to the app if processed data yields
+ no events (an example of this would be a partially-received encrypted
+ payload). since securelayer is async, an app could end up waiting for
+ a response that is never going to come. the current workaround is to wait
+ some event cycles and then give up (see the saslclient example). the fix
+ is probably to make the securelayer system always respond to the app once
+ data has been processed, whether or not the processing yields anything
+ interesting yet.
+ find a better way for a provider to automatically promote itself? (see
+ qca-wingss)
+ can we ever get SASL::NoAuthzid?
+ make it possible to change GNUPGHOME and have qca-gnupg respect the change?
+ see pgpunittest.
+ why is Logger a QObject?
+ it seems strange that Logger friends QCA::Global...
+ operator==,!= for PGPKey?
+ gss/kerberos interface?
+ spnego?
+ make sure it is possible to add new public key types (e.g. ECC). right now
+ it looks like qca_publickey is hard-coded sometimes (such as canVerify()
+ returning true only for RSA and DSA public keys, no way to override this
+ in a plugin...)
+ if you store a typical self-signed cert into the system store as a way to
+ trust it, does that make you vulnerable to the cert signing other certs?
+ make distinction between invalid ca and ca not found
+ make distinction between depth 0 self-signed and self-signed in chain
+ use Q_PROPERTY on some things (e.g. TLS::compressionEnabled) ?
+ signRequest should allow specifying the serial number
+ qca-ossl: give credit to tim and "openssl" itself, not just eric?
+ tls: should there be an explicit property for requesting a certificate in
+ server mode? right now qca-ossl simply always asks for a cert
+ publickey: ability to compare keys without IO support
+ provider: separate public and private keys into two classes to enable
+ delegation easier. the public part should not be implemented by most
+ providers.
+ provider: make it possible to support RSA and DSA keys without implementing
+ a separate class for each.
+ qcatool: streaming securemessage operations
+ access to list of known cached certs, similar to how cmssigner works?
+ securemessage: ability to know which key has performed a decrypt?
+ emsa3Encode: implement in provider instead of qca?
+ OCSP
+ securelayer: ability to specify how much to read, rather than just read all
+ tls ocsp stapling
+ tls: pgp, psk auth ?
+ internally managed intermediate object storage
+ securemessage: algorithm selection for cms/pgp (and use SecurityLevel?)
+ tls: renegotiation
+ Key wrapping - RFC3217 and RFC3394
+ quoted-printable TextFilter
+ keygen on smart cards
+ keystore: symmetric keys, arbitrary app data
+ cert: any other fields we don't support but might be used out there
+ cert: support for arbitrary extensions?
+ cms: fine-grained control over smime attribs
+ convertToPublic should return a publickey rather than change itself
+ providers for:
+ Mozilla NSS
+ Windows CryptoAPI
+ Linux kernel crypto support, if the userspace API ever gets sorted out
+ Intel Performance Primatives library
+ Botan: partly implemented
+ EGD / EGADS: implement for Random support
diff --git a/app.pri b/app.pri
new file mode 100644
index 0000000..fe0181e
--- /dev/null
+++ b/app.pri
@@ -0,0 +1,11 @@
+include(confapp.pri)
+
+mac:QMAKE_MACOSX_DEPLOYMENT_TARGET = 10.3
+
+exists(crypto.prf) {
+ # our apps should build against the qca in this tree
+ include(crypto.prf)
+} else {
+ # attempt to use system-wide qca
+ CONFIG *= crypto
+}
diff --git a/certs/README b/certs/README
new file mode 100644
index 0000000..5375952
--- /dev/null
+++ b/certs/README
@@ -0,0 +1,5 @@
+rootcerts.pem is created by qca/tools/mozcerts
+
+File: mozilla/security/nss/lib/ckfw/builtins/certdata.txt
+Date: January 15th, 2009
+
diff --git a/certs/rootcerts.pem b/certs/rootcerts.pem
new file mode 100644
index 0000000..f6949a7
--- /dev/null
+++ b/certs/rootcerts.pem
@@ -0,0 +1,3181 @@
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
+b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
+cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
+RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
+ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
+1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
+dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
+IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
+bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
+b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
+iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
+r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
+04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
+GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
+3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
+lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
+VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
+ZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBlcnNvbmFsIEJhc2lj
+IENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNpY0B0aGF3dGUuY29tMB4X
+DTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgcsxCzAJBgNVBAYTAlpBMRUw
+EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE
+ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQZXJzb25hbCBCYXNpYyBD
+QTEoMCYGCSqGSIb3DQEJARYZcGVyc29uYWwtYmFzaWNAdGhhd3RlLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvLyTU23AUE+CFeZIlDWmWr5vQvoPR+53
+dXLdjUmbllegeNTKP1GzaQuRdhciB5dqxFGTS+CN7zeVoQxN2jSQHReJl+A1OFdK
+wPQIcOk8RHtQfmGakOMj04gRRif1CwcOu93RfyAKiLlWCy4cgNrx454p7xS9CkT7
+G1sY0b8jkyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQF
+AAOBgQAt4plrsD16iddZopQBHyvdEktTwq1/qqcAXJFAVyVKOKqEcLnZgA+le1z7
+c8a914phXAPjLSeoF+CEhULcXpvGt7Jtu3Sv5D/Lp7ew4F2+eIMllNLbgQ95B21P
+9DkVWlIBe94y1k049hJcBlDfBVu9FEuh3ym6O0GN92NWod8isQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDKTCCApKgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBzzELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
+VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
+ZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3RlIFBlcnNvbmFsIFByZW1p
+dW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXByZW1pdW1AdGhhd3RlLmNv
+bTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEyMzU5NTlaMIHPMQswCQYDVQQGEwJa
+QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAY
+BgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9u
+IFNlcnZpY2VzIERpdmlzaW9uMSMwIQYDVQQDExpUaGF3dGUgUGVyc29uYWwgUHJl
+bWl1bSBDQTEqMCgGCSqGSIb3DQEJARYbcGVyc29uYWwtcHJlbWl1bUB0aGF3dGUu
+Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJZtn4B0TPuYwu8KHvE0Vs
+Bd/eJxZRNkERbGw77f4QfRKe5ZtCmv5gMcNmt3M6SK5O0DI3lIi1DbbZ8/JE2dWI
+Et12TfIa/G8jHnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8fAHB8Zs8QJQi6+u4A6UYD
+ZicRFTuqW/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
+SIb3DQEBBAUAA4GBAGk2ifc0KjNyL2071CKyuG+axTZmDhs8obF1Wub9NdP4qPIH
+b4Vnjt4rueIXsDqg8A6iAJrf8xQVbrvIhVqYgPn/vnQdPfP+MCXRNzRn+qVxeTBh
+KXLA4CxM+1bkOqhv5TJZUtt1KFBZDPgLGeSs2a+WjS9Q2wfD6h+rM+D1KzGJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDLTCCApagAwIBAgIBADANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
+VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
+ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt
+YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
+Y29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgdExCzAJBgNVBAYT
+AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa
+MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG
+cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhh
+d3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfY
+DFG26nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5E
+rHzmj+hND3EfQDimAKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVq
+uzgkCGqYx7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zAN
+BgkqhkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk8E0RYNBvjWBYYawmu1I1XAjP
+MPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBHH7UNKOgCneSa
+/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr5PjRznei
+gQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
+MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
+MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
+DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
+dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
+cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
+DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
+yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
+L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
+EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
+7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
+QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
+qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
+dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
+MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
+A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
+cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
+VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
+ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
+uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
+hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
+pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
+MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
+dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
+BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
+cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
+ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
+IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
+7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
+1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtTCCAp2gAwIBAgIRANAeQJAAAEZSAAAAAQAAAAQwDQYJKoZIhvcNAQEFBQAw
+gYkxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJEQzETMBEGA1UEBxMKV2FzaGluZ3Rv
+bjEXMBUGA1UEChMOQUJBLkVDT00sIElOQy4xGTAXBgNVBAMTEEFCQS5FQ09NIFJv
+b3QgQ0ExJDAiBgkqhkiG9w0BCQEWFWFkbWluQGRpZ3NpZ3RydXN0LmNvbTAeFw05
+OTA3MTIxNzMzNTNaFw0wOTA3MDkxNzMzNTNaMIGJMQswCQYDVQQGEwJVUzELMAkG
+A1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24xFzAVBgNVBAoTDkFCQS5FQ09N
+LCBJTkMuMRkwFwYDVQQDExBBQkEuRUNPTSBSb290IENBMSQwIgYJKoZIhvcNAQkB
+FhVhZG1pbkBkaWdzaWd0cnVzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCx0xHgeVVDBwhMywVCAOINg0Y95JO6tgbTDVm9PsHOQ2cBiiGo77zM
+0KLMsFWWU4RmBQDaREmA2FQKpSWGlO1jVv9wbKOhGdJ4vmgqRF4vz8wYXke8OrFG
+PR7wuSw0X4x8TAgpnUBV6zx9g9618PeKgw6hTLQ6pbNfWiKX7BmbwQVo/ea3qZGU
+LOR4SCQaJRk665WcOQqKz0Ky8BzVX/tr7WhWezkscjiw7pOp03t3POtxA6k4ShZs
+iSrK2jMTecJVjO2cu/LLWxD4LmE1xilMKtAqY9FlWbT4zfn0AIS2V0KFnTKo+SpU
++/94Qby9cSj0u5C8/5Y0BONFnqFGKECBAgMBAAGjFjAUMBIGA1UdEwEB/wQIMAYB
+Af8CAQgwDQYJKoZIhvcNAQEFBQADggEBAARvJYbk5pYntNlCwNDJALF/VD6Hsm0k
+qS8Kfv2kRLD4VAe9G52dyntQJHsRW0mjpr8SdNWJt7cvmGQlFLdh6X9ggGvTZOir
+vRrWUfrAtF13Gn9kCF55xgVM8XrdTX3O5kh7VNJhkoHWG9YA8A6eKHegTYjHInYZ
+w8eeG6Z3ePhfm1bR8PIXrI6dWeYf/le22V7hXZ9F7GFoGUHhsiAm/lowdiT/QHI8
+eZ98IkirRs3bs4Ysj78FQdPB4xTjQRcm0HyncUwZ6EoPclgxfexgeqMiKL0ZJGA/
+O4dzwGvky663qyVDslUte6sGDnVdNOVdc22esnVApVnJTzFxiNmIf1Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
+UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
+EwhEU1RDQSBFMTAeFw05ODEyMTAxODEwMjNaFw0xODEyMTAxODQwMjNaMEYxCzAJ
+BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
+ETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCg
+bIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlREmlvMVW5SXIACH7TpWJENySZ
+j9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+LthzfNHwJmm8fOR6Hh8AMthyUQncWlV
+Sn5JTe2io74CTADKAqjuAQIxZA9SLRN0dja1erQtcQIBA6OCASQwggEgMBEGCWCG
+SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
+JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
+RFNUQ0EgRTExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMTAxODEw
+MjNagQ8yMDE4MTIxMDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFGp5
+fpFpRhgTCgJ3pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i
++DAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
+SIb3DQEBBQUAA4GBACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lN
+QseSJqBcNJo4cvj9axY+IO6CizEqkzaFI4iKPANo08kJD038bKTaKHKTDomAsH3+
+gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4RbyhkwS7hp86W0N6w4pl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
+UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
+EwhEU1RDQSBFMjAeFw05ODEyMDkxOTE3MjZaFw0xODEyMDkxOTQ3MjZaMEYxCzAJ
+BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
+ETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC/
+k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fBw18DW9Fvrn5C6mYjuGODVvso
+LeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87eZfCocfdPJmyMvMa1795JJ/9IKn3o
+TQPMx7JSxhcxEzu1TdvIxPbDDyQq2gyd55FbgM2UnQIBA6OCASQwggEgMBEGCWCG
+SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
+JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
+RFNUQ0EgRTIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxOTE3
+MjZagQ8yMDE4MTIwOTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFB6C
+TShlgDzJQW6sNS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5
+WzAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
+SIb3DQEBBQUAA4GBAEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHR
+xdf0CiUPPXiBng+xZ8SQTGPdXqfiup/1902lMXucKS1M/mQ+7LZT/uqb7YLbdHVL
+B3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1mPnHfxsb1gYgAlihw6ID
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsACEQDQHkCLAAACfAAAAAIAAAABMA0GCSqGSIb3DQEBBQUAMIGpMQsw
+CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
+dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
+CxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDExITAfBgkqhkiG9w0B
+CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODEyMDExODE4NTVaFw0wODExMjgx
+ODE4NTVaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
+U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
+IENvLjERMA8GA1UECxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDEx
+ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANLGJrbnpT3BxGjVUG9TxW9JEwm4ryxIjRRqoxdf
+WvnTLnUv2Chi0ZMv/E3Uq4flCMeZ55I/db3rJbQVwZsZPdJEjdd0IG03Ao9pk1uK
+xBmd9LIO/BZsubEFkoPRhSxglD5FVaDZqwgh5mDoO3TymVBRaNADLbGAvqPYUrBE
+zUNKcI5YhZXhTizWLUFv1oTnyJhEykfbLCSlaSbPa7gnYsP0yXqSI+0TZ4KuRS5F
+5X5yP4WdlGIQ5jyRoa13AOAV7POEgHJ6jm5gl8ckWRA0g1vhpaRptlc1HHhZxtMv
+OnNn7pTKBBMFYgZwI7P0fO5F2WQLW0mqpEPOJsREEmy43XkCAwEAATANBgkqhkiG
+9w0BAQUFAAOCAQEAojeyP2n714Z5VEkxlTMr89EJFEliYIalsBHiUMIdBlc+Legz
+ZL6bqq1fG03UmZWii5rJYnK1aerZWKs17RWiQ9a2vAd5ZWRzfdd5ynvVWlHG4VME
+lo04z6MXrDlxawHDi1M8Y+nuecDkvpIyZHqzH5eUYr3qsiAVlfuX8ngvYzZAOONG
+Dx3drJXK50uQe7FLqdTF65raqtWjlBRGjS0f8zrWkzr2Pnn86Oawde3uPclwx12q
+gUtGJRzHbBXjlU4PqjI3lAoXJJIThFjSY28r9+ZbYgsTF7ANUkz+/m9c4pFuHf2k
+Ytdo+o56T9II2pPc8JIRetDccpMMc5NihWjQ9A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsACEQDQHkCLAAB3bQAAAAEAAAAEMA0GCSqGSIb3DQEBBQUAMIGpMQsw
+CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
+dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
+CxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIxITAfBgkqhkiG9w0B
+CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODExMzAyMjQ2MTZaFw0wODExMjcy
+MjQ2MTZaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
+U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
+IENvLjERMA8GA1UECxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIx
+ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANx18IzAdZaawGIfJvfE4Zrq4FZzW5nNAUSoCLbV
+p9oaBBg5kkp4o4HC9Xd6ULRw/5qrxsfKboNPQpj7Jgva3G3WqZlVUmfpKAOS3OWw
+BZoPFflrWXJW8vo5/Kpo7g8fEIMv/J36F5bdguPmRX3AS4BEH+0s4IT9kVySVGkl
+5WJp3OXuAFK9MwutdQKFp2RQLcUZGTDAJtvJ0/0uma1ZtQtN1EGuhUhDWdy3qOKi
+3sOP17ihYqZoUFLkzzGnlIXan0YyF1bl8utmPRL/Q9uY73fPy4GNNLHGUEom0eQ+
+QVCvbK4iNC7Va26Dunm4dmVI2gkpZGMiuftHdoWMhkTLCdsCAwEAATANBgkqhkiG
+9w0BAQUFAAOCAQEAtTYOXeFhKFoRZcA/gwN5Tb4opgsHAlKFzfiR0BBstWogWxyQ
+2TA8xkieil5k+aFxd+8EJx8H6+Qm93N0yUQYGmbT4EOvkTvRyyzYdFQ6HE3K1GjN
+I3wdEJ5F6fYAbqbNGf9PLCmPV03Ed5K+4EwJ+11EhmYhqLkyolbV6YyDfFk/xPEL
+553snr2cGA4+wjl5KLcDDQjLxufZATdQEOzMYRZA1K8xdHv8PzGn0EdzMzkbzE5q
+10mDEQb+64JYMzJM8FasHpwvVpp7wUocpf1VNs78lk30sPDst2yC7S8xmUJMqbIN
+uBVd8d+6ybVK1GSYsyapMMj9puyrliGtf8J4tg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaYCEQDNun9W8N/kvFT+IqyzcqpVMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0yODA4MDEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEA5Rm/baNWYS2ZSHH2Z965jeu3noaACpEO+jglr0aIguVzqKCbJF0N
+H8xlbgyw0FaEGIeaBpsQoXPftFg5a27B9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR
+4k5FVmkfeAKA2txHkSm7NsljXMXg1y2He6G3MrB7MLoqLzGq7qNn2tsCAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQBMP7iLxmjf7kMzDl3ppssHhE16M/+SG/Q2rdiVIjZo
+EWx8QszznC7EBz8UsA9P/5CSdvnivErpj82ggAr3xSnxgiJduLHdgSOjeyUVRjB5
+FvjqBUuUfx3CHMjjt/QQQDwTw18fU+hI5Ia0e6E1sHslurjTjqs/OJ0ANACY89Fx
+lA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEC0b/EoXjaOR6+f/9YtFvgswDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAyIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQC2WoujDWojg4BrzzmH9CETMwZMJaLtVRKXxaeAufqDwSCg+i8VDXyh
+YGt+eSz6Bg86rvYbb7HS/y8oUl+DfUvEerf4Zh+AVPy3wo5ZShRXRtGak75BkQO7
+FYCTXOvnzAhsPz6zSvz/S2wj1VCCJkQZjiPDceoZJEcEnnW/yKYAHwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBAIobK/o5wXTXXtgZZKJYSi034DNHD6zt96rbHuSLBlxg
+J8pFUs4W7z8GZOeUaHxgMxURaa+dYo2jA1Rrpr7l7gUYYAS/QoD90KioHgE796Nc
+r6Pc5iaAIzy4RHT3Cq5Ji2F4zCS/iIqnDupzGUH9TQPwiNHleI2lKk/2lw0Xd8rY
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYK
+VdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSm
+Fc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0J
+h9ZrbWB85a7FkCMMXErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2ul
+uIncrKTdcu1OofdPvAbT6shkdHvClUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68
+DzFc6PLZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
+YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
+MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
+aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
+Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
+IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
+KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
+eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
+HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
+DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
+nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
+rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
+jBJ7xUS0rg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4
+pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0
+13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk
+U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i
+F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY
+oJ2daZH9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEDKIjprS9esTR/h/xCA3JfgwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC68OTP+cSuhVS5B1f5j8V/aBH4xBewRNzjMHPVKmIquNDM
+HO0oW369atyzkSTKQWI8/AIBvxwWMZQFl3Zuoq29YRdsTjCG8FE3KlDHqGKB3FtK
+qsGgtG7rL+VXxbErQHDbWk2hjh+9Ax/YA9SPTJlxvOKCzFjomDqG04Y48wApHwID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAIWMEsGnuVAVess+rLhDityq3RS6iYF+ATwj
+cSGIL4LcY/oCRaxFWdcqWERbt5+BO5JoPeI3JPV7bI92NZYJqFmduc4jq3TWg/0y
+cyfYaT5DdPauxYma51N86Xv2S/PBZYPejYqcPIiNOVn8qj8ijaHBZlCBckztImRP
+T8qAkbYp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
+IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
+BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
+aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
+9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNTIyMjM0OFoXDTE5MDYy
+NTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
+azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
+YXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
+Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
+cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9Y
+LqdUHAZu9OqNSLwxlBfw8068srg1knaw0KWlAdcAAxIiGQj4/xEjm84H9b9pGib+
+TunRf50sQB1ZaG6m+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCmDuJWBQ8Y
+TfwggtFzVXSNdnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0
+LBwGlN+VYH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLW
+I8sogTLDAHkY7FkXicnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPw
+nXS3qT6gpf+2SQMT2iLM7XGCK5nPOrf1LXLI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
+IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
+BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
+aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
+9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy
+NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
+azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
+YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
+Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
+cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY
+dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9
+WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS
+v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v
+UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu
+IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC
+W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
+IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
+BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
+aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
+9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy
+NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
+azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
+YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
+Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
+cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD
+cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs
+2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY
+JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE
+Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ
+n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A
+PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4
+nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO
+8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV
+ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb
+PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2
+6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr
+n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a
+qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4
+wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3
+ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs
+pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4
+E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
+aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s
+IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp
+Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV
+BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp
+Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu
+Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g
+Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
+IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU
+J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO
+JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY
+wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o
+koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN
+qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E
+Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe
+xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u
+7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU
+sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI
+sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP
+cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
+N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
+KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
+kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
+CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
+Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
+imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
+2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
+DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
+/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
+F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
+TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3LpRFpxlmr8Y+1
+GQ9Wzsy1HyDkniYlS+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaStBO3IFsJ
++mGuqPKljYXCKtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0Gbd
+U6LM8BDcVHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLm
+NxdLMEYH5IBtptiWLugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XY
+ufTsgsbSPZUd5cBPhMnZo0QoBmrXRazwa2rvTl/4EYIeOGM0ZlDUPpNz+jDDZq3/
+ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAj/ola09b5KROJ1WrIhVZPMq1
+CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXttmhwwjIDLk5Mq
+g6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csKvE+MW8VLADsfKoKm
+fjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluPQSjA1egtTaRezarZ7c7c
+2NU8Qh0XwRJdRTjDOPP8hS6DRkiy1yBfkjaP53kPmF6Z6PDQpLv1U70qzlmwr25/
+bLvSHgCwIe34QWKCudiyxLtGUPMxxY8BqHTr9Xgn2uf3ZkPznoM+IKrDNWCRzg==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
+MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
+ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
+b3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF
+bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUg
+U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUA
+A4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/
+I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3
+wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OC
+AdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHb
+oIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5
+BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
+dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVk
+MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
+b24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu
+dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0
+MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8Bdi
+E1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAa
+MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
+hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
+95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
+2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50cnVzdC5u
+ZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBsaW1pdHMgbGlh
+Yi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV
+BAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBaMIHJMQswCQYDVQQGEwJVUzEU
+MBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9D
+bGllbnRfQ0FfSW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjEl
+MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMq
+RW50cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0G
+CSqGSIb3DQEBAQUAA4GLADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo
+6oT9n3V5z8GKUZSvx1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux
+5zDeg7K6PvHViTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zm
+AqTmT173iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSC
+ARkwggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50
+cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5m
+by9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMp
+IDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQg
+Q2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCyg
+KqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9DbGllbnQxLmNybDArBgNV
+HRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkxMDEyMTkyNDMwWjALBgNVHQ8E
+BAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW/O5bs8qZdIuV6kwwHQYDVR0OBBYE
+FMT7nCl7l81MlvzuW7PKmXSLlepMMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EA
+BAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7
+pFuPeJoSSJn59DXeDDYHAmsQOokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzz
+wy5E97BnRqqS5TvaHBkUODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/a
+EkP/TOYGJqibGapEPHayXOw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0xOTEy
+MjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
+LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
+YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
+A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
+K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe
+sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX
+MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT
+XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/
+HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH
+4QIDAQABo3QwcjARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB0RGA
+vtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdERgL7YibkIozH5oSQJFrlwMB0G
+CSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA
+WUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFhfGPjK50xA3B20qMo
+oPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVUKcgF7bISKo30Axv/55IQ
+h7A6tcOdBTcSo8f0FbnVpDkWm1M6I5HxqIKiaohowXkCIryqptau37AUX7iH0N18
+f3v/rxzP5tsHrV7bhZ3QKw0z2wTR5klAEyt2+z7pnIkPFc4YsIV4IU9rTw76NmfN
+B/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjXOP/swNlQ8C5LWK5Gb9Auw2DaclVy
+vUxFnmG6v4SBkgPR0ml8xQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
+RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
+VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
+DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
+ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
+VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
+mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
+IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
+mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
+XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
+dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
+jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
+BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
+DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
+9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
+jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
+Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
+ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
+R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
+ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0MDAwMFoXDTIw
+MDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0VxdWlmYXggU2Vj
+dXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJlIEdsb2JhbCBlQnVzaW5l
+c3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuucXkAJlsTRVPEnC
+UdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQytd4zjTov2/KaelpzmKNc6fuKcxtc
+58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORROhI8bIpaVIRw28HFkM9yRcuoWcDNM50/
+o5brhTMhHD4ePmBudpxnhcXIw2ECAwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAH
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1dr
+aGwwHQYDVR0OBBYEFL6ooHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUA
+A4GBADDiAVGqx+pf2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkA
+Z70Br83gcfxaz2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv
+8qIYNMR1pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBT
+ZWN1cmUgZUJ1c2luZXNzIENBLTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQw
+MDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5j
+LjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNzIENBLTEwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQaDJj0ItlZ1MRo
+RvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBu
+WqDZQu4aIZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKw
+Env+j6YDAgMBAAGjZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFEp4MlIR21kWNl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRK
+eDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG9w0BAQQFAAOBgQB1W6ibAxHm6VZM
+zfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5lSE/9dR+
+WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN
+/Bf+KpYrtWKmpj29f5JZzVoqgrI3eQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIEN3DPtTANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEXMBUGA1UEChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2Vj
+dXJlIGVCdXNpbmVzcyBDQS0yMB4XDTk5MDYyMzEyMTQ0NVoXDTE5MDYyMzEyMTQ0
+NVowTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkVxdWlmYXggU2VjdXJlMSYwJAYD
+VQQLEx1FcXVpZmF4IFNlY3VyZSBlQnVzaW5lc3MgQ0EtMjCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA5Dk5kx5SBhsoNviyoynF7Y6yEb3+6+e0dMKP/wXn2Z0G
+vxLIPw7y1tEkshHe0XMJitSxLJgJDR5QRrKDpkWNYmi7hRsgcDKqQM2mll/EcTc/
+BPO3QSQ5BxoeLmFYoBIL5aXfxavqN3HMHMg3OrmXUqesxWoklE6ce8/AatbfIb0C
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2VjdXJl
+IGVCdXNpbmVzcyBDQS0yMQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTkw
+NjIzMTIxNDQ1WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUUJ4L6q9euSBIplBq
+y/3YIHqngnYwHQYDVR0OBBYEFFCeC+qvXrkgSKZQasv92CB6p4J2MAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAAyGgq3oThr1jokn4jVYPSm0B482UJW/bsGe68SQsoWou7dC4A8HOd/7npCy
+0cE+U58DRLB+S/Rv5Hwf5+Kx5Lia78O9zt4LMjTZ3ijtM2vE1Nc9ElirfQkty3D1
+E4qUoSek1nDFbZS1yX2doNLGCEnZZpum0/QL3MUmV+GRMOrN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgDCCAmigAwIBAgICAx4wDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMx
+DTALBgNVBAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2
+aWNlIEFzc29jaWF0aW9uMRIwEAYDVQQDEwlHUCBSb290IDIwHhcNMDAwODE2MjI1
+MTAwWhcNMjAwODE1MjM1OTAwWjBhMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklT
+QTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRp
+b24xEjAQBgNVBAMTCUdQIFJvb3QgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAKkBcLWqxEDwq2omYXkZAPy/mzdZDK9vZBv42pWUJGkzEXDK41Z0ohdX
+ZFwgBuHW73G3O/erwWnQSaSxBNf0V2KJXLB1LRckaeNCYOTudNargFbYiCjh+20i
+/SN8RnNPflRzHqgsVVh1t0zzWkWlAhr62p3DRcMiXvOL8WAp0sdftAw6UYPvMPjU
+58fy+pmjIlC++QU3o63tmsPm7IgbthknGziLgE3sucfFicv8GjLtI/C1AVj59o/g
+halMCXI5Etuz9c9OYmTaxhkVOmMd6RdVoUwiPDQyRvhlV7or7zaMavrZ2UT0qt2E
+1w0cslSsMoW0ZA3eQbuxNMYBhjJk1Z8CAwEAAaNCMEAwHQYDVR0OBBYEFJ59SzS/
+ca3CBfYDdYDOqU8axCRMMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQAhpXYUVfmtJ3CPPPTVbMjMCqujmAuKBiPFyWHb
+mQdpNSYx/scuhMKZYdQN6X0uEyt8joW2hcdLzzW2LEc9zikv2G+fiRxkk78IvXbQ
+kIqUs38oW26sTTMs7WXcFsziza6kPWKSBpUmv9+55CCmc2rBvveURNZNbyoLaxhN
+dBA2aGpawWqn3TYpjLgwi08hPwAuVDAHOrqK5MOeyti12HvOdUVmB/RtLdh6yumJ
+ivIj2C/LbgA2T/vwLwHMD8AiZfSr4k5hLQOCfZEWtTDVFN5ex5D8ofyrEK9ca3Cn
+B+8phuiyJccg/ybdd+95RBTEvd07xQObdyPsoOy7Wjm1zK0G
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFLDCCBBSgAwIBAgIEOU99hzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJX
+VzESMBAGA1UEChMJYmVUUlVTVGVkMRswGQYDVQQDExJiZVRSVVNUZWQgUm9vdCBD
+QXMxGjAYBgNVBAMTEWJlVFJVU1RlZCBSb290IENBMB4XDTAwMDYyMDE0MjEwNFoX
+DTEwMDYyMDEzMjEwNFowWjELMAkGA1UEBhMCV1cxEjAQBgNVBAoTCWJlVFJVU1Rl
+ZDEbMBkGA1UEAxMSYmVUUlVTVGVkIFJvb3QgQ0FzMRowGAYDVQQDExFiZVRSVVNU
+ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANS0c3oT
+CjhVAb6JVuGUntS+WutKNHUbYSnE4a0IYCF4SP+00PpeQY1hRIfo7clY+vyTmt9P
+6j41ffgzeubx181vSUs9Ty1uDoM6GHh3o8/n9E1z2Jo7Gh2+lVPPIJfCzz4kUmwM
+jmVZxXH/YgmPqsWPzGCgc0rXOD8Vcr+il7dw6K/ifhYGTPWqZCZyByWtNfwYsSbX
+2P8ZDoMbjNx4RWc0PfSvHI3kbWvtILNnmrRhyxdviTX/507AMhLn7uzf/5cwdO2N
+R47rtMNE5qdMf1ZD6Li8tr76g5fmu/vEtpO+GRg+jIG5c4gW9JZDnGdzF5DYCW5j
+rEq2I8QBoa2k5MUCAwEAAaOCAfgwggH0MA8GA1UdEwEB/wQFMAMBAf8wggFZBgNV
+HSAEggFQMIIBTDCCAUgGCisGAQQBsT4BAAAwggE4MIIBAQYIKwYBBQUHAgIwgfQa
+gfFSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1
+bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0
+ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGFuZCBjZXJ0aWZpY2F0aW9uIHBy
+YWN0aWNlIHN0YXRlbWVudCwgd2hpY2ggY2FuIGJlIGZvdW5kIGF0IGJlVFJVU1Rl
+ZCdzIHdlYiBzaXRlLCBodHRwczovL3d3dy5iZVRSVVNUZWQuY29tL3ZhdWx0L3Rl
+cm1zMDEGCCsGAQUFBwIBFiVodHRwczovL3d3dy5iZVRSVVNUZWQuY29tL3ZhdWx0
+L3Rlcm1zMDQGA1UdHwQtMCswKaAnoCWkIzAhMRIwEAYDVQQKEwliZVRSVVNUZWQx
+CzAJBgNVBAYTAldXMB0GA1UdDgQWBBQquZtpLjub2M3eKjEENGvKBxirZzAfBgNV
+HSMEGDAWgBQquZtpLjub2M3eKjEENGvKBxirZzAOBgNVHQ8BAf8EBAMCAf4wDQYJ
+KoZIhvcNAQEFBQADggEBAHlh26Nebhax6nZR+csVm8tpvuaBa58oH2U+3RGFktTo
+Qb9+M70j5/Egv6S0phkBxoyNNXxlpE8JpNbYIxUFE6dDea/bow6be3ga8wSGWsb2
+jCBHOElQBp1yZzrwmAOtlmdE/D8QDYZN5AA7KXvOOzuZhmElQITcE2K3+spZ1gMe
+1lMBzW1MaFVA4e5rxyoAAEiCswoBw2AqDPeCNe5IhpbkdNQ96gFxugR1QKepfzk5
+mlWXKWWuGVUlBXJH0+gY3Ljpr0NzARJ0o+FcXxVdJPP55PS2Z2cS52QiivalQaYc
+tmBjRYoQtLpGEK5BV2VsPyMQPyEQWbfkQN0mDCP2qq4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
+MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
+QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
+VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
+CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
+tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
+dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
+PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
++Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
+BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
+MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
+ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
+IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
+7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
+43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
+eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
+pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
+WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
+MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
+ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
+BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
+6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
+GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
+dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
+1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
+62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
+BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
+MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
+cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
+b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
+IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
+iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
+GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
+4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
+XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
+MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
+EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
+BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
+xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
+87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
+2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
+WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
+0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
+A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
+pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
+ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
+aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
+hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
+hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
+dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
+P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
+iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
+xqE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDzTCCAzagAwIBAgIQU2GyYK7bcY6nlLMTM/QHCTANBgkqhkiG9w0BAQUFADCB
+wTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTwwOgYDVQQL
+EzNDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzIxOjA4BgNVBAsTMShjKSAxOTk4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1
+dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
+cmswHhcNMDAwOTI2MDAwMDAwWhcNMTAwOTI1MjM1OTU5WjCBpTEXMBUGA1UEChMO
+VmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsx
+OzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5j
+b20vcnBhIChjKTAwMSwwKgYDVQQDEyNWZXJpU2lnbiBUaW1lIFN0YW1waW5nIEF1
+dGhvcml0eSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0hmdZ8IAIVli
+zrQJIkRpivglWtvtDbc2fk7gu5Q+kCWHwmFHKdm9VLhjzCx9abQzNvQ3B5rB3UBU
+/OB4naCTuQk9I1F/RMIUdNsKvsvJMDRAmD7Q1yUQgZS9B0+c1lQn3y6ov8uQjI11
+S7zi6ESHzeZBCiVu6PQkAsVSD27smHUCAwEAAaOB3zCB3DAPBgNVHRMECDAGAQH/
+AgEAMEUGA1UdIAQ+MDwwOgYMYIZIAYb4RQEHFwEDMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0
+cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwCwYDVR0PBAQDAgEGMEIGCCsG
+AQUFBwEBBDYwNDAyBggrBgEFBQcwAaYmFiRodHRwOi8vb2NzcC52ZXJpc2lnbi5j
+b20vb2NzcC9zdGF0dXMwDQYJKoZIhvcNAQEFBQADgYEAgnBold+2DcIBcBlK0lRW
+HqzyRUyHuPU163hLBanInTsZIS5wNEqi9YngFXVF5yg3ADQnKeg3S/LvRJdrF1Ea
+w1adPBqK9kpGRjeM+sv1ZFo4aC4cw+9wzrhGBha/937ntag+RaypJXUie28/sJyU
+58dzq6wf7iWbwBbtt8pb8BQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICoTCCAgqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBizELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzAN
+BgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAd
+BgNVBAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwHhcNOTcwMTAxMDAwMDAwWhcN
+MjAxMjMxMjM1OTU5WjCBizELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g
+Q2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzANBgNVBAoTBlRoYXd0ZTEdMBsG
+A1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAdBgNVBAMTFlRoYXd0ZSBUaW1l
+c3RhbXBpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYrWHhhRYZT
+6jR7UZztsOYuGA7+4F+oJ9O0yeB8WU4WDnNUYMF/9p8u6TqFJBU820cEY8OexJQa
+Wt9MevPZQx08EHp5JduQ/vBR5zDWQQD9nyjfeb6Uu522FOMjhdepQeBMpHmwKxqL
+8vg7ij5FrHGSALSQQZj7X+36ty6K+Ig3AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB
+Af8wDQYJKoZIhvcNAQEEBQADgYEAZ9viwuaHPUCDhjc1fR/OmsMMZiCouqoEiYbC
+9RAIDb/LogWK0E02PvTX72nGXuSwlG9KuefeW4i2e9vjJ+V2w/A1wcu1J5szedyQ
+pgCed/r8zSeUQhac0xxo7L9c3eWpexAKMnRUEzGLhQOEkbdYATAUOK8oyvyxUBkZ
+CayJSdM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIElTCCA/6gAwIBAgIEOJsRPDANBgkqhkiG9w0BAQQFADCBujEUMBIGA1UEChML
+RW50cnVzdC5uZXQxPzA9BgNVBAsUNnd3dy5lbnRydXN0Lm5ldC9TU0xfQ1BTIGlu
+Y29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDIwMDAg
+RW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMDAyMDQxNzIwMDBa
+Fw0yMDAyMDQxNzUwMDBaMIG6MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDE/MD0GA1UE
+CxQ2d3d3LmVudHJ1c3QubmV0L1NTTF9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
+dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMjAwMCBFbnRydXN0Lm5ldCBMaW1pdGVk
+MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
+b24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHwV9OcfHO
+8GCGD9JYf9Mzly0XonUwtZZkJi9ow0SrqHXmAGc0V55lxyKbc+bT3QgON1WqJUaB
+bL3+qPZ1V1eMkGxKwz6LS0MKyRFWmponIpnPVZ5h2QLifLZ8OAfc439PmrkDQYC2
+dWcTC5/oVzbIXQA23mYU2m52H083jIITiQIDAQABo4IBpDCCAaAwEQYJYIZIAYb4
+QgEBBAQDAgAHMIHjBgNVHR8EgdswgdgwgdWggdKggc+kgcwwgckxFDASBgNVBAoT
+C0VudHJ1c3QubmV0MT8wPQYDVQQLFDZ3d3cuZW50cnVzdC5uZXQvU1NMX0NQUyBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAyMDAw
+IEVudHJ1c3QubmV0IExpbWl0ZWQxOjA4BgNVBAMTMUVudHJ1c3QubmV0IFNlY3Vy
+ZSBTZXJ2ZXIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxDTALBgNVBAMTBENSTDEw
+KwYDVR0QBCQwIoAPMjAwMDAyMDQxNzIwMDBagQ8yMDIwMDIwNDE3NTAwMFowCwYD
+VR0PBAQDAgEGMB8GA1UdIwQYMBaAFMtswGvjuz7L/CKc/vuLkpyw8m4iMB0GA1Ud
+DgQWBBTLbMBr47s+y/winP77i5KcsPJuIjAMBgNVHRMEBTADAQH/MB0GCSqGSIb2
+fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQQFAAOBgQBi24GRzsia
+d0Iv7L0no1MPUBvqTpLwqa+poLpIYcvvyQbvH9X07t9WLebKahlzqlO+krNQAraF
+JnJj2HVQYnUUt7NQGj/KEQALhUVpbbalrlHhStyCP2yMNLJ3a9kC9n8O6mUE8c1U
+yrrJzOCE98g+EZfTYAkYvAX/bIkz8OwVDw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEgzCCA+ygAwIBAgIEOJ725DANBgkqhkiG9w0BAQQFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9HQ0NBX0NQUyBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAyMDAw
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVu
+dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMDAyMDcxNjE2NDBaFw0yMDAy
+MDcxNjQ2NDBaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
+LmVudHJ1c3QubmV0L0dDQ0FfQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
+YWIuKTElMCMGA1UECxMcKGMpIDIwMDAgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
+A1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCTdLS25MVL1qFof2LV7PdRV7Ny
+Spj10InJrWPNTTVRaoTUrcloeW+46xHbh65cJFET8VQlhK8pK5/jgOLZy93GRUk0
+iJBeAZfv6lOm3fzB3ksqJeTpNfpVBQbliXrqpBFXO/x8PTbNZzVtpKklWb1m9fkn
+5JVn1j+SgF7yNH0rhQIDAQABo4IBnjCCAZowEQYJYIZIAYb4QgEBBAQDAgAHMIHd
+BgNVHR8EgdUwgdIwgc+ggcyggcmkgcYwgcMxFDASBgNVBAoTC0VudHJ1c3QubmV0
+MUAwPgYDVQQLFDd3d3cuZW50cnVzdC5uZXQvR0NDQV9DUFMgaW5jb3JwLiBieSBy
+ZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMjAwMCBFbnRydXN0Lm5l
+dCBMaW1pdGVkMTMwMQYDVQQDEypFbnRydXN0Lm5ldCBDbGllbnQgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMDAy
+MDcxNjE2NDBagQ8yMDIwMDIwNzE2NDY0MFowCwYDVR0PBAQDAgEGMB8GA1UdIwQY
+MBaAFISLdP3FjcD/J20gN0V8/i3OutN9MB0GA1UdDgQWBBSEi3T9xY3A/ydtIDdF
+fP4tzrrTfTAMBgNVHRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4w
+AwIEkDANBgkqhkiG9w0BAQQFAAOBgQBObzWAO9GK9Q6nIMstZVXQkvTnhLUGJoMS
+hAusO7JE7r3PQNsgDrpuFOow4DtifH+La3xKp9U1PL6oXOpLu5OOgGarDyn9TS2/
+GpsKkMWr2tGzhtQvJFJcem3G8v7lTRowjJDyutdKPkN+1MhQGof4T4HHdguEOnKd
+zmVml64mXg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
+VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
+Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
+KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw
+NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw
+NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy
+ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV
+BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo
+Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4
+4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9
+KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI
+rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi
+94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB
+sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi
+gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo
+kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE
+vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA
+A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t
+O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua
+AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
+9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/
+eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
+0vdXcDazv/wor3ElhVsT/h5/WrQ8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
+HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
+IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyOTA2MDAwMFoXDTM3MTEyMDE1
+MDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
+SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
+IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnej8Mlo2k06AX3dLm/WpcZuS+U
+0pPlLYnKhHw/EEMbjIt8hFj4JHxIzyr9wBXZGH6EGhfT257XyuTZ16pYUYfw8ItI
+TuLCxFlpMGK2MKKMCxGZYTVtfu/FsRkGIBKOQuHfD5YQUqjPnF+VFNivO3ULMSAf
+RC+iYkGzuxgh28pxPIzstrkNn+9R7017EvILDOGsQI93f7DKeHEMXRZxcKLXwjqF
+zQ6axOAAsNUl6twr5JQtOJyJQVdkKGUZHLZEtMgxa44Be3ZZJX8VHIQIfHNlIAqh
+BC4aMqiaILGcLCFZ5/vP7nAtCMpjPiybkxlqpMKX/7eGV4iFbJ4VFitNLLMCAwEA
+AaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoTYwFsuGkABFgFOxj8jY
+PXy+XxIwHwYDVR0jBBgwFoAUoTYwFsuGkABFgFOxj8jYPXy+XxIwDgYDVR0PAQH/
+BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQCKIBilvrMvtKaEAEAwKfq0FHNMeUWn
+9nDg6H5kHgqVfGphwu9OH77/yZkfB2FK4V1Mza3u0FIy2VkyvNp5ctZ7CegCgTXT
+Ct8RHcl5oIBN/lrXVtbtDyqvpxh1MwzqwWEFT2qaifKNuZ8u77BfWgDrvq2g+EQF
+Z7zLBO+eZMXpyD8Fv8YvBxzDNnGGyjhmSs3WuEvGbKeXO/oTLW4jYYehY0KswsuX
+n2Fozy1MBJ3XJU8KDk2QixhWqJNIV9xvrr2eZ1d3iVCzvhGbRWeDhhmH05i9CBoW
+H1iCC+GWaQVLjuyDUTEH1dSf/1l7qG6Fz9NLqUmwX7A5KGgOc90lmt4S
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF5jCCA86gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
+HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
+IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyOTA2MDAwMFoXDTM3MDkyODIz
+NDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
+SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
+IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQ3WggWmRToVbEbJGv8x4vmh6mJ
+7ouZzU9AhqS2TcnZsdw8TQ2FTBVsRotSeJ/4I/1n9SQ6aF3Q92RhQVSji6UI0ilb
+m2BPJoPRYxJWSXakFsKlnUWsi4SVqBax7J/qJBrvuVdcmiQhLE0OcR+mrF1FdAOY
+xFSMFkpBd4aVdQxHAWZg/BXxD+r1FHjHDtdugRxev17nOirYlxcwfACtCJ0zr7iZ
+YYCLqJV+FNwSbKTQ2O9ASQI2+W6p1h2WVgSysy0WVoaP2SBXgM1nEG2wTPDaRrbq
+JS5Gr42whTg0ixQmgiusrpkLjhTXUr2eacOGAgvqdnUxCc4zGSGFQ+aJLZ8lN2fx
+I2rSAG2X+Z/nKcrdH9cG6rjJuQkhn8g/BsXS6RJGAE57COtCPStIbp1n3UsC5ETz
+kxmlJ85per5n0/xQpCyrw2u544BMzwVhSyvcG7mm0tCq9Stz+86QNZ8MUhy/XCFh
+EVsVS6kkUfykXPcXnbDS+gfpj1bkGoxoigTTfFrjnqKhynFbotSg5ymFXQNoKk/S
+Btc9+cMDLz9l+WceR0DTYw/j1Y75hauXTLPXJuuWCpTehTacyH+BCQJJKg71ZDIM
+gtG6aoIbs0t0EfOMd9afv9w3pKdVBC/UMejTRrkDfNoSTllkt1ExMVCgyhwn2RAu
+rda9EGYrw7AiShJbAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
+FE9pbQN+nZ8HGEO8txBO1b+pxCAoMB8GA1UdIwQYMBaAFE9pbQN+nZ8HGEO8txBO
+1b+pxCAoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAO/Ouyugu
+h4X7ZVnnrREUpVe8WJ8kEle7+z802u6teio0cnAxa8cZmIDJgt43d15Ui47y6mdP
+yXSEkVYJ1eV6moG2gcKtNuTxVBFT8zRFASbI5Rq8NEQh3q0l/HYWdyGQgJhXnU7q
+7C+qPBR7V8F+GBRn7iTGvboVsNIYvbdVgaxTwOjdaRITQrcCtQVBynlQboIOcXKT
+RuidDV29rs4prWPVVRaAMCf/drr3uNZK49m1+VLQTkCpx+XCMseqdiThawVQ68W/
+ClTluUI8JPu3B5wwn3la5uBAUhX0/Kr0VvlEl4ftDmVyXr4m+02kLQgH3thcoNyB
+M5kYJRF3p+v9WAksmWsbivNSPxpNSGDxoPYzAlOL7SUJuA0t7Zdz7NeWH45gDtoQ
+my8YJPamTQr5O8t1wswvziRpyQoijlmn94IM19drNZxDAGrElWe6nEXLuA4399xO
+AU++CrYD062KRffaJ00psUjf5BHklka9bAI+1lHIlRcBFanyqqryvy9lG2/QuRqT
+9Y41xICHPpQvZuTpqP9BnHAqTyo5GJUefvthATxRCC4oGKQWDzH9OmwjkyB24f0H
+hdFbP9IcczLd+rn4jM8Ch3qaluTtT4mNU0OrDhPAARW0eTjb/G49nlG2uBOLZ8/5
+fNkiHfZdxRwBL5joeiQYvITX+txyW/fBOmg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFajCCBFKgAwIBAgIEPLU9RjANBgkqhkiG9w0BAQUFADBmMRIwEAYDVQQKEwli
+ZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEzMDEGA1UEAxMq
+YmVUUlVTVGVkIFJvb3QgQ0EtQmFsdGltb3JlIEltcGxlbWVudGF0aW9uMB4XDTAy
+MDQxMTA3Mzg1MVoXDTIyMDQxMTA3Mzg1MVowZjESMBAGA1UEChMJYmVUUlVTVGVk
+MRswGQYDVQQLExJiZVRSVVNUZWQgUm9vdCBDQXMxMzAxBgNVBAMTKmJlVFJVU1Rl
+ZCBSb290IENBLUJhbHRpbW9yZSBJbXBsZW1lbnRhdGlvbjCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALx+xDmcjOPWHIb/ymKt4H8wRXqOGrO4x/nRNv8i
+805qX4QQ+2aBw5R5MdKR4XeOGCrDFN5R9U+jK7wYFuK13XneIviCfsuBH/0nLI/6
+l2Qijvj/YaOcGx6Sj8CoCd8JEey3fTGaGuqDIQY8n7pc/5TqarjDa1U0Tz0yH92B
+FODEPM2dMPgwqZfT7syj0B9fHBOB1BirlNFjw55/NZKeX0Tq7PQiXLfoPX2k+Ymp
+kbIq2eszh+6l/ePazIjmiSZuxyuC0F6dWdsU7JGDBcNeDsYq0ATdcT0gTlgn/FP7
+eHgZFLL8kFKJOGJgB7Sg7KxrUNb9uShr71ItOrL/8QFArDcCAwEAAaOCAh4wggIa
+MA8GA1UdEwEB/wQFMAMBAf8wggG1BgNVHSAEggGsMIIBqDCCAaQGDysGAQQBsT4A
+AAEJKIORMTCCAY8wggFIBggrBgEFBQcCAjCCAToaggE2UmVsaWFuY2Ugb24gb3Ig
+dXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY3JlYXRlcyBhbiBhY2tub3dsZWRnbWVu
+dCBhbmQgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJk
+IHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgdGhlIENlcnRpZmljYXRpb24g
+UHJhY3RpY2UgU3RhdGVtZW50IGFuZCB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1l
+bnQsIHdoaWNoIGNhbiBiZSBmb3VuZCBhdCB0aGUgYmVUUlVTVGVkIHdlYiBzaXRl
+LCBodHRwOi8vd3d3LmJldHJ1c3RlZC5jb20vcHJvZHVjdHNfc2VydmljZXMvaW5k
+ZXguaHRtbDBBBggrBgEFBQcCARY1aHR0cDovL3d3dy5iZXRydXN0ZWQuY29tL3By
+b2R1Y3RzX3NlcnZpY2VzL2luZGV4Lmh0bWwwHQYDVR0OBBYEFEU9w6nR3D8kVpgc
+cxiIav+DR+22MB8GA1UdIwQYMBaAFEU9w6nR3D8kVpgccxiIav+DR+22MA4GA1Ud
+DwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASZK8o+6svfoNyYt5hhwjdrCA
+WXf82n+0S9/DZEtqTg6t8n1ZdwWtColzsPq8y9yNAIiPpqCy6qxSJ7+hSHyXEHu6
+7RMdmgduyzFiEuhjA6p9beP4G3YheBufS0OM00mG9htc9i5gFdPp43t1P9ACg9AY
+gkHNZTfqjjJ+vWuZXTARyNtIVBw74acT02pIk/c9jH8F6M7ziCpjBLjqflh8AXtb
+4cV97yHgjQ5dUX2xZ/2jvTg2xvI4hocalmhgRvsoFEdV4aeADGvi6t9NfJBIoDa9
+CReJf8Py05yc493EG931t3GzUwWJBtDLSoDByFOQtTwxiBdQn8nEDovYqAJjDQ==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUTCCBTmgAwIBAgIEPLVPQDANBgkqhkiG9w0BAQUFADBmMRIwEAYDVQQKEwli
+ZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEzMDEGA1UEAxMq
+YmVUUlVTVGVkIFJvb3QgQ0EgLSBFbnRydXN0IEltcGxlbWVudGF0aW9uMB4XDTAy
+MDQxMTA4MjQyN1oXDTIyMDQxMTA4NTQyN1owZjESMBAGA1UEChMJYmVUUlVTVGVk
+MRswGQYDVQQLExJiZVRSVVNUZWQgUm9vdCBDQXMxMzAxBgNVBAMTKmJlVFJVU1Rl
+ZCBSb290IENBIC0gRW50cnVzdCBJbXBsZW1lbnRhdGlvbjCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALr0RAOqEmq1Q+xVkrYwfTVXDNvzDSduTPdQqJtO
+K2/b9a0cS12zqcH+e0TrW6MFDR/FNCswACnxeECypP869AGIF37m1CbTukzqMvtD
+d5eHI8XbQ6P1KqNRXuE70mVpflUVm3rnafdE4Fe1FehmYA8NA/uCjqPoEXtsvsdj
+DheT389Lrm5zdeDzqrmkwAkbhepxKYhBMvnwKg5sCfJ0a2ZsUhMfGLzUPvfYbiCe
+yv78IZTuEyhL11xeDGbu6bsPwTSxfwh28z0mcMmLJR1iJAzqHHVOwBLkuhMdMCkt
+VjMFu5dZfsZJT4nXLySotohAtWSSU1Yk5KKghbNekLQSM80CAwEAAaOCAwUwggMB
+MIIBtwYDVR0gBIIBrjCCAaowggGmBg8rBgEEAbE+AAACCSiDkTEwggGRMIIBSQYI
+KwYBBQUHAgIwggE7GoIBN1JlbGlhbmNlIG9uIG9yIHVzZSBvZiB0aGlzIENlcnRp
+ZmljYXRlIGNyZWF0ZXMgYW4gYWNrbm93bGVkZ21lbnQgYW5kIGFjY2VwdGFuY2Ug
+b2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0
+aW9ucyBvZiB1c2UsIHRoZSBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
+dCBhbmQgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50LCB3aGljaCBjYW4gYmUg
+Zm91bmQgYXQgdGhlIGJlVFJVU1RlZCB3ZWIgc2l0ZSwgaHR0cHM6Ly93d3cuYmV0
+cnVzdGVkLmNvbS9wcm9kdWN0c19zZXJ2aWNlcy9pbmRleC5odG1sMEIGCCsGAQUF
+BwIBFjZodHRwczovL3d3dy5iZXRydXN0ZWQuY29tL3Byb2R1Y3RzX3NlcnZpY2Vz
+L2luZGV4Lmh0bWwwEQYJYIZIAYb4QgEBBAQDAgAHMIGJBgNVHR8EgYEwfzB9oHug
+eaR3MHUxEjAQBgNVBAoTCWJlVFJVU1RlZDEbMBkGA1UECxMSYmVUUlVTVGVkIFJv
+b3QgQ0FzMTMwMQYDVQQDEypiZVRSVVNUZWQgUm9vdCBDQSAtIEVudHJ1c3QgSW1w
+bGVtZW50YXRpb24xDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMjA0MTEw
+ODI0MjdagQ8yMDIyMDQxMTA4NTQyN1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaA
+FH1w5a44iwY/qhwaj/nPJDCqhIQWMB0GA1UdDgQWBBR9cOWuOIsGP6ocGo/5zyQw
+qoSEFjAMBgNVHRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY2LjA6NC4wAwIE
+kDANBgkqhkiG9w0BAQUFAAOCAQEAKrgXzh8QlOu4mre5X+za95IkrNySO8cgjfKZ
+5V04ocI07cUTWVwFtStPYZuR+0H8/NU8TZh2BvWBfevdkObRVlTa4y0MnxEylCIB
+evZsLHRnBMylj44ss0O1lKLQfelifwa+JwGDnjr9iu6YQ0pr17WXOzq/T220Y/oz
+ADQuLW2WyXvKmWO6vvT2MKAtmJbpVkQFqUSjYRDrgqFnXbxdJ3Wqiig2KjiS2d2k
+XgClzMx8KSreKJCrt+G2/30lC0DYqjSjLd4H61/OCt3Kfjp9JsFiaDrmLzfzgYYh
+xKlkqu9FNtEaZnz46TfW1mG+oq1I59/mdP7TbX3SJdysYlep9w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaDCCBFCgAwIBAgIQO1nHe81bV569N1KsdrSqGjANBgkqhkiG9w0BAQUFADBi
+MRIwEAYDVQQKEwliZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENB
+czEvMC0GA1UEAxMmYmVUUlVTVGVkIFJvb3QgQ0EgLSBSU0EgSW1wbGVtZW50YXRp
+b24wHhcNMDIwNDExMTExODEzWhcNMjIwNDEyMTEwNzI1WjBiMRIwEAYDVQQKEwli
+ZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEvMC0GA1UEAxMm
+YmVUUlVTVGVkIFJvb3QgQ0EgLSBSU0EgSW1wbGVtZW50YXRpb24wggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkujQwCY5X0LkGLG9uJIAiv11DpvpPrILn
+HGhwhRujbrWqeNluB0s/6d/16uhUoWGKDi9pdRi3DOUUjXFumLhV/AyV0Jtu4S2I
+1DpAa5LxmZZk3tv/ePTulh1HiXzUvrmIdyM6CeYEnm2qXtLIvZpOGd+J6lsOfsPk
+tPDgaTuID0GQ+NRxQyTBjyZLO1bp/4xsN+lFrYWMU8NghpBKlsmzVLC7F/AcRdnU
+GxlkVgoZ98zh/4avflherHqQH8koOUV7orbHnB/ahdQhhlkwk75TMzf270HPM8er
+cmsl9fNTGwxMLvF1S++gh/f+ihXQbNXL+WhTuXAVE8L1LvtDNXUtAgMBAAGjggIY
+MIICFDAMBgNVHRMEBTADAQH/MIIBtQYDVR0gBIIBrDCCAagwggGkBg8rBgEEAbE+
+AAADCSiDkTEwggGPMEEGCCsGAQUFBwIBFjVodHRwOi8vd3d3LmJldHJ1c3RlZC5j
+b20vcHJvZHVjdHNfc2VydmljZXMvaW5kZXguaHRtbDCCAUgGCCsGAQUFBwICMIIB
+OhqCATZSZWxpYW5jZSBvbiBvciB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjcmVh
+dGVzIGFuIGFja25vd2xlZGdtZW50IGFuZCBhY2NlcHRhbmNlIG9mIHRoZSB0aGVu
+IGFwcGxpY2FibGUgc3RhbmRhcmQgdGVybXMgYW5kIGNvbmRpdGlvbnMgb2YgdXNl
+LCB0aGUgQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQgYW5kIHRoZSBS
+ZWx5aW5nIFBhcnR5IEFncmVlbWVudCwgd2hpY2ggY2FuIGJlIGZvdW5kIGF0IHRo
+ZSBiZVRSVVNUZWQgd2ViIHNpdGUsIGh0dHA6Ly93d3cuYmV0cnVzdGVkLmNvbS9w
+cm9kdWN0c19zZXJ2aWNlcy9pbmRleC5odG1sMAsGA1UdDwQEAwIBBjAfBgNVHSME
+GDAWgBSp7BR++dlDzFMrFK3P9/BZiUHNGTAdBgNVHQ4EFgQUqewUfvnZQ8xTKxSt
+z/fwWYlBzRkwDQYJKoZIhvcNAQEFBQADggEBANuXsHXqDMTBmMpWBcCorSZIry0g
+6IHHtt9DwSwddUvUQo3neqh03GZCWYez9Wlt2ames30cMcH1VOJZJEnl7r05pmuK
+mET7m9cqg5c0Lcd9NUwtNLg+DcTsiCevnpL9UGGCqGAHFFPMZRPB9kdEadIxyKbd
+LrML3kqNWz2rDcI1UqJWN8wyiyiFQpyRQHpwKzg21eFzGh/l+n5f3NacOzDq28Bb
+J1zTcwfBwvNMm2+fG8oeqqg4MwlYsq78B+g23FW6L09A/nq9BqaBwZMifIYRCgZ3
+SK41ty8ymmFei74pnykkiFY5LKjSq5YDWtRIn7lAhAuYaPsBQ9Yb4gmxlxw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6
+MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
+dHkgMjA0OCBWMzAeFw0wMTAyMjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAX
+BgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJTQSBTZWN1cml0eSAy
+MDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt49VcdKA3Xtp
+eafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37RqtBaB4Y6lXIL5F4iSj7Jylg
+/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E0S1PRsNO3Ng3OTsor8udGuorryGl
+wSMiuLgbWhOHV4PR8CDn6E8jQrAApX2J6elhc5SYcSa8LWrg903w8bYqODGBDSnh
+AMFRD0xS+ARaqn1y07iHKrtjEAMqs6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2
+PcYJk5qjEoAAVZkZR73QpXzDuvsf9/UP+Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpu
+AWgXIszACwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAfBgNVHSMEGDAWgBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4EFgQUB8NR
+MKSq6UWuNST6/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYc
+HnmYv/3VEhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/
+Zb5gEydxiKRz44Rj0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+
+f00/FGj1EVDVwfSQpQgdMWD/YIwjVAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJqaHVO
+rSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395nzIlQnQFgCi/vcEkllgVsRch
+6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kApKnXwiJPZ9d3
+7CAFYd4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICXDCCAcWgAwIBAgIQCgEBAQAAAnwAAAALAAAAAjANBgkqhkiG9w0BAQUFADA6
+MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
+dHkgMTAyNCBWMzAeFw0wMTAyMjIyMTAxNDlaFw0yNjAyMjIyMDAxNDlaMDoxGTAX
+BgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJTQSBTZWN1cml0eSAx
+MDI0IFYzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDV3f5mCc8kPD6ugU5O
+isRpgFtZO9+5TUzKtS3DJy08rwBCbbwoppbPf9dYrIMKo1W1exeQFYRMiu4mmdxY
+78c4pqqv0I5CyGLXq6yp+0p9v+r+Ek3d/yYtbzZUaMjShFbuklNhCbM/OZuoyZu9
+zp9+1BlqFikYvtc6adwlWzMaUQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBTEwBykB5T9zU0B1FTapQxf3q4FWjAd
+BgNVHQ4EFgQUxMAcpAeU/c1NAdRU2qUMX96uBVowDQYJKoZIhvcNAQEFBQADgYEA
+Py1q4yZDlX2Jl2X7deRyHUZXxGFraZ8SmyzVWujAovBDleMf6XbN3Ou8k6BlCsdN
+T1+nr6JGFLkM88y9am63nd4lQtBU/55oc2PcJOsiv6hy8l4A4Q1OOkNumU4/iXgD
+mMrzVcydro7BqkWY+o8aoI2II/EVQQ2lRj6RP4vr93E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
+IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
+R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
+PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
+Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
+TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
+5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
+S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
+2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
+FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
+EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
+EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
+/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
+A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
+abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
+I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
+4iIprn2DQKi6bA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
+c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE
+BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0
+IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV
+VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8
+cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT
+QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh
+F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v
+c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w
+mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd
+VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX
+teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ
+f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe
+Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+
+nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB
+/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY
+MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
+9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc
+aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX
+IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn
+ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z
+uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN
+Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja
+QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
+koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
+ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
+DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
+bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
+c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD
+VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1
+c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81
+WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG
+FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq
+XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL
+se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb
+KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd
+IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73
+y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt
+hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc
+QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4
+Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV
+HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ
+KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z
+dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ
+L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr
+Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo
+ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY
+T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz
+GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
+1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV
+OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
+6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
+QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZDCCA0ygAwIBAgIQRL4Mi1AAJLQR0zYwS8AzdzANBgkqhkiG9w0BAQUFADCB
+ozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VSRmlyc3Qt
+TmV0d29yayBBcHBsaWNhdGlvbnMwHhcNOTkwNzA5MTg0ODM5WhcNMTkwNzA5MTg1
+NzQ5WjCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0
+IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYD
+VQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VS
+Rmlyc3QtTmV0d29yayBBcHBsaWNhdGlvbnMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCz+5Gh5DZVhawGNFugmliy+LUPBXeDrjKxdpJo7CNKyXY/45y2
+N3kDuatpjQclthln5LAbGHNhSuh+zdMvZOOmfAz6F4CjDUeJT1FxL+78P/m4FoCH
+iZMlIJpDgmkkdihZNaEdwH+DBmQWICzTSaSFtMBhf1EI+GgVkYDLpdXuOzr0hARe
+YFmnjDRy7rh4xdE7EkpvfmUnuaRVxblvQ6TFHSyZwFKkeEwVs0CYCGtDxgGwenv1
+axwiP8vv/6jQOkt2FZ7S0cYu49tXGzKiuG/ohqY/cKvlcJKrRB5AUPuco2LkbG6g
+yN7igEL66S/ozjIEj3yNtxyjNTwV3Z7DrpelAgMBAAGjgZEwgY4wCwYDVR0PBAQD
+AgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPqGydvguul49Uuo1hXf8NPh
+ahQ8ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+VE4tVVNFUkZpcnN0LU5ldHdvcmtBcHBsaWNhdGlvbnMuY3JsMA0GCSqGSIb3DQEB
+BQUAA4IBAQCk8yXM0dSRgyLQzDKrm5ZONJFUICU0YV8qAhXhi6r/fWRRzwr/vH3Y
+IWp4yy9Rb/hCHTO967V7lMPDqaAt39EpHx3+jz+7qEUqf9FuVSTiuwL7MT++6Lzs
+QCv4AdRWOOTKRIK1YSAhZ2X28AvnNPilwpyjXEAfhZOVBt5P1CeptqX8Fs1zMT+4
+ZSfP1FMa8Kxun08FDAOBp4QpxFq9ZFdyrTvPNximmMatBrTcCKME1SmklpoSZ0qM
+YEWd8SOasACcaLWYUNPvji6SZbFIPiG+FTAqDbUMo2s/rn9X9R+WfN9v3YIwLGUb
+QErNaLly7HF27FSOH4UMAWr6pjisH8SE
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
+bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2
+MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
+ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lk
+hsmj76CGv2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym
+1BW32J/X3HGrfpq/m44zDyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsW
+OqMFf6Dch9Wc/HKpoH145LcxVR5lu9RhsCFg7RAycsWSJR74kEoYeEfffjA3PlAb
+2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP8c9GsEsPPt2IYriMqQko
+O3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAU
+AK3Zo/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
+BQUAA4IBAQB8itEfGDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkF
+Zu90821fnZmv9ov761KyBZiibyrFVL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAb
+LjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft3OJvx8Fi8eNy1gTIdGcL+oir
+oQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43gKd8hdIaC2y+C
+MMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds
+sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
+bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2
+MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
+ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC
+206B89enfHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFci
+KtZHgVdEglZTvYYUAQv8f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2
+JxhP7JsowtS013wMPgwr38oE18aO6lhOqKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9
+BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JNRvCAOVIyD+OEsnpD8l7e
+Xz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0gBe4lL8B
+PeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67
+Xnfn6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEq
+Z8A9W6Wa6897GqidFEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZ
+o2C7HK2JNDJiuEMhBnIMoVxtRsX6Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3
++L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnjB453cMor9H124HhnAgMBAAGj
+YzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3OpaaEg5+31IqEj
+FNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE
+AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmn
+xPBUlgtk87FYT15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2
+LHo1YGwRgJfMqZJS5ivmae2p+DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzccc
+obGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXgJXUjhx5c3LqdsKyzadsXg8n33gy8
+CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//ZoyzH1kUQ7rVyZ2OuMe
+IjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgOZtMA
+DjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2F
+AjgQ5ANh1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUX
+Om/9riW99XJZZLF0KjhfGEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPb
+AZO1XB4Y3WRayhgoPmMEEf0cjQAPuDffZ4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQl
+Zvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuPcX/9XhmgD0uRuMRUvAaw
+RY8mkaKO/qk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
+MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
+cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv
+bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw
+CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
+dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l
+cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h
+2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E
+lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV
+ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq
+299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t
+vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL
+dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF
+AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR
+zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
+LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
+7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
+++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
+398znM/jra6O1I7mT1GvFpLgXPYHDw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAsWgAwIBAgICA+owDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
+MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
+QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
+MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMSkwJwYJKoZIhvcN
+AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
+Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
+ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
+IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
+c3RDZW50ZXIgQ2xhc3MgMiBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
+dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANo46O0y
+AClxgwENv4wB3NrGrTmkqYov1YtcaF9QxmL1Zr3KkSLsqh1R1z2zUbKDTl3LSbDw
+TFXlay3HhQswHJJOgtTKAu33b77c4OMUuAVT8pr0VotanoWT0bSCVq5Nu6hLVxa8
+/vhYnvgpjbB7zXjJT6yLZwzxnPv8V5tXXE8NAgMBAAGjazBpMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
+LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
+CSqGSIb3DQEBBAUAA4GBAIRS+yjf/x91AbwBvgRWl2p0QiQxg/lGsQaKic+WLDO/
+jLVfenKhhQbOhvgFjuj5Jcrag4wGrOs2bYWRNAQ29ELw+HkuCkhcq8xRT3h2oNms
+Gb0q0WkEKJHKNhAngFdb0lz1wlurZIFjdFH0l7/NEij3TWZ/p/AcASZ4smZHcFFk
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAsWgAwIBAgICA+swDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
+MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
+QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
+MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBMSkwJwYJKoZIhvcN
+AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
+Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
+ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
+IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
+c3RDZW50ZXIgQ2xhc3MgMyBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
+dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALa0wTUF
+Lg2N7KBAahwOJ6ZQkmtQGwfeLud2zODa/ISoXoxjaitN2U4CdhHBC/KNecoAtvGw
+Dtf7pBc9r6tpepYnv68zoZoqWarEtTcI8hKlMbZD9TKWcSgoq40oht+77uMMfTDW
+w1Krj10nnGvAo+cFa1dJRLNu6mTP0o56UHd3AgMBAAGjazBpMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
+LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
+CSqGSIb3DQEBBAUAA4GBABY9xs3Bu4VxhUafPiCPUSiZ7C1FIWMjWwS7TJC4iJIE
+Tb19AaM/9uzO8d7+feXhPrvGq14L3T2WxMup1Pkm5gZOngylerpuw3yCGdHHsbHD
+2w2Om0B8NwvxXej9H5CIpQ5ON2QhqE6NtJ/x3kit1VYYUimLRzQSCdS7kjXvD9s0
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
+MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
+QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
+MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
+QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
+jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
+ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
+ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
+Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
+AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
+HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
+uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
+TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
+xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
+CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
+O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
+6GAqm4VKQPNriiTsBhYscw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
+YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
+GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
+BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
+3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
+YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
+rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
+ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
+oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
+MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
+QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
+b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
+AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
+GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
+Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
+G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
+l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
+smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
+ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
+fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
+BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
+cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
+HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
+CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
+3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
+6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
+HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
+EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
+Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
+Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
+DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
+5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
+Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
+gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
+aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
+izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
+aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
+MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
+VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
+fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
+TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
+fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
+1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
+kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
+A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
+ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
+dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
+Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
+HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
+pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
+jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
+xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
+dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH9zCCB2CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARwxCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
+ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
+ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEzMDEGA1UECxMq
+SVBTIENBIENoYWluZWQgQ0FzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTMwMQYD
+VQQDEypJUFMgQ0EgQ2hhaW5lZCBDQXMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkx
+HjAcBgkqhkiG9w0BCQEWD2lwc0BtYWlsLmlwcy5lczAeFw0wMTEyMjkwMDUzNTha
+Fw0yNTEyMjcwMDUzNThaMIIBHDELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUJhcmNl
+bG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJUFMgSW50ZXJuZXQg
+cHVibGlzaGluZyBTZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJpcHNAbWFpbC5pcHMu
+ZXMgQy5JLkYuICBCLTYwOTI5NDUyMTMwMQYDVQQLEypJUFMgQ0EgQ2hhaW5lZCBD
+QXMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxMzAxBgNVBAMTKklQUyBDQSBDaGFp
+bmVkIENBcyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEeMBwGCSqGSIb3DQEJARYP
+aXBzQG1haWwuaXBzLmVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcVpJJ
+spQgvJhPUOtopKdJC7/SMejHT8KGC/po/UNaivNgkjWZOLtNA1IhW/A3mTXhQSCB
+hYEFcYGdtJUZqV92NC5jNzVXjrQfQj8VXOF6wV8TGDIxya2+o8eDZh65nAQTy2nB
+Bt4wBrszo7Uf8I9vzv+W6FS+ZoCua9tBhDaiPQIDAQABo4IEQzCCBD8wHQYDVR0O
+BBYEFKGtMbH5PuEXpsirNPxShwkeYlJBMIIBTgYDVR0jBIIBRTCCAUGAFKGtMbH5
+PuEXpsirNPxShwkeYlJBoYIBJKSCASAwggEcMQswCQYDVQQGEwJFUzESMBAGA1UE
+CBMJQmFyY2Vsb25hMRIwEAYDVQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJ
+bnRlcm5ldCBwdWJsaXNoaW5nIFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0Bt
+YWlsLmlwcy5lcyBDLkkuRi4gIEItNjA5Mjk0NTIxMzAxBgNVBAsTKklQUyBDQSBD
+aGFpbmVkIENBcyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEzMDEGA1UEAxMqSVBT
+IENBIENoYWluZWQgQ0FzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4wHAYJKoZI
+hvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYDVR0TBAUwAwEB/zAMBgNVHQ8E
+BQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMG
+CCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYB
+BAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhCAQEEBAMCAAcwGgYDVR0RBBMw
+EYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGBD2lwc0BtYWlsLmlwcy5lczBC
+BglghkgBhvhCAQ0ENRYzQ2hhaW5lZCBDQSBDZXJ0aWZpY2F0ZSBpc3N1ZWQgYnkg
+aHR0cDovL3d3dy5pcHMuZXMvMCkGCWCGSAGG+EIBAgQcFhpodHRwOi8vd3d3Lmlw
+cy5lcy9pcHMyMDAyLzA3BglghkgBhvhCAQQEKhYoaHR0cDovL3d3dy5pcHMuZXMv
+aXBzMjAwMi9pcHMyMDAyQ0FDLmNybDA8BglghkgBhvhCAQMELxYtaHR0cDovL3d3
+dy5pcHMuZXMvaXBzMjAwMi9yZXZvY2F0aW9uQ0FDLmh0bWw/MDkGCWCGSAGG+EIB
+BwQsFipodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3JlbmV3YWxDQUMuaHRtbD8w
+NwYJYIZIAYb4QgEIBCoWKGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcG9saWN5
+Q0FDLmh0bWwwbQYDVR0fBGYwZDAuoCygKoYoaHR0cDovL3d3dy5pcHMuZXMvaXBz
+MjAwMi9pcHMyMDAyQ0FDLmNybDAyoDCgLoYsaHR0cDovL3d3d2JhY2suaXBzLmVz
+L2lwczIwMDIvaXBzMjAwMkNBQy5jcmwwLwYIKwYBBQUHAQEEIzAhMB8GCCsGAQUF
+BzABhhNodHRwOi8vb2NzcC5pcHMuZXMvMA0GCSqGSIb3DQEBBQUAA4GBAERyMJ1W
+WKJBGyi3leGmGpVfp3hAK+/blkr8THFj2XOVvQLiogbHvpcqk4A0hgP63Ng9HgfN
+HnNDJGD1HWHc3JagvPsd4+cSACczAsDAK1M92GsDgaPb1pOVIO/Tln4mkImcJpvN
+b2ar7QMiRDjMWb2f2/YHogF/JsRj9SVCXmK9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH6jCCB1OgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARIxCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
+ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
+ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEuMCwGA1UECxMl
+SVBTIENBIENMQVNFMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl
+SVBTIENBIENMQVNFMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEeMBwGCSqGSIb3
+DQEJARYPaXBzQG1haWwuaXBzLmVzMB4XDTAxMTIyOTAwNTkzOFoXDTI1MTIyNzAw
+NTkzOFowggESMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQmFyY2Vsb25hMRIwEAYD
+VQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJbnRlcm5ldCBwdWJsaXNoaW5n
+IFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0BtYWlsLmlwcy5lcyBDLkkuRi4g
+IEItNjA5Mjk0NTIxLjAsBgNVBAsTJUlQUyBDQSBDTEFTRTEgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxLjAsBgNVBAMTJUlQUyBDQSBDTEFTRTEgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxHjAcBgkqhkiG9w0BCQEWD2lwc0BtYWlsLmlwcy5lczCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4FEnpwvdr9G5Q1uCN0VWcu+atsIS7ywS
+zHb5BlmvXSHU0lq4oNTzav3KaY1mSPd05u42veiWkXWmcSjK5yISMmmwPh5r9FBS
+YmL9Yzt9fuzuOOpi9GyocY3h6YvJP8a1zZRCb92CRTzo3wno7wpVqVZHYUxJZHMQ
+KD/Kvwn/xi8CAwEAAaOCBEowggRGMB0GA1UdDgQWBBTrsxl588GlHKzcuh9morKb
+adB4CDCCAUQGA1UdIwSCATswggE3gBTrsxl588GlHKzcuh9morKbadB4CKGCARqk
+ggEWMIIBEjELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UE
+BxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJUFMgSW50ZXJuZXQgcHVibGlzaGluZyBT
+ZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJpcHNAbWFpbC5pcHMuZXMgQy5JLkYuICBC
+LTYwOTI5NDUyMS4wLAYDVQQLEyVJUFMgQ0EgQ0xBU0UxIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MS4wLAYDVQQDEyVJUFMgQ0EgQ0xBU0UxIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYD
+VR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggr
+BgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIB
+FQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhC
+AQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGB
+D2lwc0BtYWlsLmlwcy5lczBBBglghkgBhvhCAQ0ENBYyQ0xBU0UxIENBIENlcnRp
+ZmljYXRlIGlzc3VlZCBieSBodHRwOi8vd3d3Lmlwcy5lcy8wKQYJYIZIAYb4QgEC
+BBwWGmh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvMDoGCWCGSAGG+EIBBAQtFito
+dHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTEuY3JsMD8GCWCG
+SAGG+EIBAwQyFjBodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3Jldm9jYXRpb25D
+TEFTRTEuaHRtbD8wPAYJYIZIAYb4QgEHBC8WLWh0dHA6Ly93d3cuaXBzLmVzL2lw
+czIwMDIvcmVuZXdhbENMQVNFMS5odG1sPzA6BglghkgBhvhCAQgELRYraHR0cDov
+L3d3dy5pcHMuZXMvaXBzMjAwMi9wb2xpY3lDTEFTRTEuaHRtbDBzBgNVHR8EbDBq
+MDGgL6AthitodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTEu
+Y3JsMDWgM6Axhi9odHRwOi8vd3d3YmFjay5pcHMuZXMvaXBzMjAwMi9pcHMyMDAy
+Q0xBU0UxLmNybDAvBggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9v
+Y3NwLmlwcy5lcy8wDQYJKoZIhvcNAQEFBQADgYEAK9Dr/drIyllq2tPMMi7JVBuK
+Yn4VLenZMdMu9Ccj/1urxUq2ckCuU3T0vAW0xtnIyXf7t/k0f3gA+Nak5FI/LEpj
+V4F1Wo7ojPsCwJTGKbqz3Bzosq/SLmJbGqmODszFV0VRFOlOHIilkfSj945RyKm+
+hjM+5i9Ibq9UkE6tsSU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH6jCCB1OgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARIxCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
+ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
+ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEuMCwGA1UECxMl
+SVBTIENBIENMQVNFMyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl
+SVBTIENBIENMQVNFMyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEeMBwGCSqGSIb3
+DQEJARYPaXBzQG1haWwuaXBzLmVzMB4XDTAxMTIyOTAxMDE0NFoXDTI1MTIyNzAx
+MDE0NFowggESMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQmFyY2Vsb25hMRIwEAYD
+VQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJbnRlcm5ldCBwdWJsaXNoaW5n
+IFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0BtYWlsLmlwcy5lcyBDLkkuRi4g
+IEItNjA5Mjk0NTIxLjAsBgNVBAsTJUlQUyBDQSBDTEFTRTMgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxLjAsBgNVBAMTJUlQUyBDQSBDTEFTRTMgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxHjAcBgkqhkiG9w0BCQEWD2lwc0BtYWlsLmlwcy5lczCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxf+DrDGaBtT8FK+n/ra+osTBLsBjzLZ
+H49NzjaY2uQARIwo2BNEKqRrThckQpzTiKRBgtYj+4vJhuW5qYIF3PHeH+AMmVWY
+8jjsbJ0gA8DvqqPGZARRLXgNo9KoOtYkTOmWehisEyMiG3zoMRGzXwmqMHBxRiVr
+SXGAK5UBsh8CAwEAAaOCBEowggRGMB0GA1UdDgQWBBS4k/8uy9wsjqLnev42USGj
+mFsMNDCCAUQGA1UdIwSCATswggE3gBS4k/8uy9wsjqLnev42USGjmFsMNKGCARqk
+ggEWMIIBEjELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UE
+BxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJUFMgSW50ZXJuZXQgcHVibGlzaGluZyBT
+ZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJpcHNAbWFpbC5pcHMuZXMgQy5JLkYuICBC
+LTYwOTI5NDUyMS4wLAYDVQQLEyVJUFMgQ0EgQ0xBU0UzIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MS4wLAYDVQQDEyVJUFMgQ0EgQ0xBU0UzIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYD
+VR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggr
+BgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIB
+FQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhC
+AQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGB
+D2lwc0BtYWlsLmlwcy5lczBBBglghkgBhvhCAQ0ENBYyQ0xBU0UzIENBIENlcnRp
+ZmljYXRlIGlzc3VlZCBieSBodHRwOi8vd3d3Lmlwcy5lcy8wKQYJYIZIAYb4QgEC
+BBwWGmh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvMDoGCWCGSAGG+EIBBAQtFito
+dHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTMuY3JsMD8GCWCG
+SAGG+EIBAwQyFjBodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3Jldm9jYXRpb25D
+TEFTRTMuaHRtbD8wPAYJYIZIAYb4QgEHBC8WLWh0dHA6Ly93d3cuaXBzLmVzL2lw
+czIwMDIvcmVuZXdhbENMQVNFMy5odG1sPzA6BglghkgBhvhCAQgELRYraHR0cDov
+L3d3dy5pcHMuZXMvaXBzMjAwMi9wb2xpY3lDTEFTRTMuaHRtbDBzBgNVHR8EbDBq
+MDGgL6AthitodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTMu
+Y3JsMDWgM6Axhi9odHRwOi8vd3d3YmFjay5pcHMuZXMvaXBzMjAwMi9pcHMyMDAy
+Q0xBU0UzLmNybDAvBggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9v
+Y3NwLmlwcy5lcy8wDQYJKoZIhvcNAQEFBQADgYEAF2VcmZVDAyevJuXr0LMXI/dD
+qsfwfewPxqmurpYPdikc4gYtfibFPPqhwYHOU7BC0ZdXGhd+pFFhxu7pXu8Fuuu9
+D6eSb9ijBmgpjnn1/7/5p6/ksc7C0YBCJwUENPjDfxZ4IwwHJPJGR607VNCv1TGy
+r33I6unUVtkOE7LFRVA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH9zCCB2CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARQxCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
+ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
+ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEvMC0GA1UECxMm
+SVBTIENBIENMQVNFQTEgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLzAtBgNVBAMT
+JklQUyBDQSBDTEFTRUExIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4wHAYJKoZI
+hvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMwHhcNMDExMjI5MDEwNTMyWhcNMjUxMjI3
+MDEwNTMyWjCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
+BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
+bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
+LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTEgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUExIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALsw19zQVL01Tp/FTILq0VA8R5j8
+m2mdd81u4D/u6zJfX5/S0HnllXNEITLgCtud186Nq1KLK3jgm1t99P1tCeWu4Wwd
+ByOgF9H5fahGRpEiqLJpxq339fWUoTCUvQDMRH/uxJ7JweaPCjbB/SQ9AaD1e+J8
+eGZDi09Z8pvZ+kmzAgMBAAGjggRTMIIETzAdBgNVHQ4EFgQUZyaW56G/2LUDnf47
+3P7yiuYV3TAwggFGBgNVHSMEggE9MIIBOYAUZyaW56G/2LUDnf473P7yiuYV3TCh
+ggEcpIIBGDCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
+BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
+bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
+LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTEgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUExIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOC
+AQAwDAYDVR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUF
+BwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYB
+BAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglg
+hkgBhvhCAQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1Ud
+EgQTMBGBD2lwc0BtYWlsLmlwcy5lczBCBglghkgBhvhCAQ0ENRYzQ0xBU0VBMSBD
+QSBDZXJ0aWZpY2F0ZSBpc3N1ZWQgYnkgaHR0cDovL3d3dy5pcHMuZXMvMCkGCWCG
+SAGG+EIBAgQcFhpodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyLzA7BglghkgBhvhC
+AQQELhYsaHR0cDovL3d3dy5pcHMuZXMvaXBzMjAwMi9pcHMyMDAyQ0xBU0VBMS5j
+cmwwQAYJYIZIAYb4QgEDBDMWMWh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcmV2
+b2NhdGlvbkNMQVNFQTEuaHRtbD8wPQYJYIZIAYb4QgEHBDAWLmh0dHA6Ly93d3cu
+aXBzLmVzL2lwczIwMDIvcmVuZXdhbENMQVNFQTEuaHRtbD8wOwYJYIZIAYb4QgEI
+BC4WLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcG9saWN5Q0xBU0VBMS5odG1s
+MHUGA1UdHwRuMGwwMqAwoC6GLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvaXBz
+MjAwMkNMQVNFQTEuY3JsMDagNKAyhjBodHRwOi8vd3d3YmFjay5pcHMuZXMvaXBz
+MjAwMi9pcHMyMDAyQ0xBU0VBMS5jcmwwLwYIKwYBBQUHAQEEIzAhMB8GCCsGAQUF
+BzABhhNodHRwOi8vb2NzcC5pcHMuZXMvMA0GCSqGSIb3DQEBBQUAA4GBAH66iqyA
+AIQVCtWYUQxkxZwCWINmyq0eB81+atqAB98DNEock8RLWCA1NnHtogo1EqWmZaeF
+aQoO42Hu6r4okzPV7Oi+xNtff6j5YzHIa5biKcJboOeXNp13XjFr/tOn2yrb25aL
+H2betgPAK7N41lUH5Y85UN4HI3LmvSAUS7SG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH9zCCB2CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARQxCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
+ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
+ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEvMC0GA1UECxMm
+SVBTIENBIENMQVNFQTMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLzAtBgNVBAMT
+JklQUyBDQSBDTEFTRUEzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4wHAYJKoZI
+hvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMwHhcNMDExMjI5MDEwNzUwWhcNMjUxMjI3
+MDEwNzUwWjCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
+BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
+bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
+LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTMgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUEzIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO6AAPYaZC6tasiDsYun7o/ZttvN
+G7uGBiJ2MwwSbUhWYdLcgiViL5/SaTBlA0IjWLxH3GvWdV0XPOH/8lhneaDBgbHU
+VqLyjRGZ/fZ98cfEXgIqmuJKtROKAP2Md4bm15T1IHUuDky/dMQ/gT6DtKM4Ninn
+6Cr1jIhBqoCm42zvAgMBAAGjggRTMIIETzAdBgNVHQ4EFgQUHp9XUEe2YZM50yz8
+2l09BXW3mQIwggFGBgNVHSMEggE9MIIBOYAUHp9XUEe2YZM50yz82l09BXW3mQKh
+ggEcpIIBGDCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
+BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
+bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
+LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTMgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUEzIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOC
+AQAwDAYDVR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUF
+BwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYB
+BAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglg
+hkgBhvhCAQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1Ud
+EgQTMBGBD2lwc0BtYWlsLmlwcy5lczBCBglghkgBhvhCAQ0ENRYzQ0xBU0VBMyBD
+QSBDZXJ0aWZpY2F0ZSBpc3N1ZWQgYnkgaHR0cDovL3d3dy5pcHMuZXMvMCkGCWCG
+SAGG+EIBAgQcFhpodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyLzA7BglghkgBhvhC
+AQQELhYsaHR0cDovL3d3dy5pcHMuZXMvaXBzMjAwMi9pcHMyMDAyQ0xBU0VBMy5j
+cmwwQAYJYIZIAYb4QgEDBDMWMWh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcmV2
+b2NhdGlvbkNMQVNFQTMuaHRtbD8wPQYJYIZIAYb4QgEHBDAWLmh0dHA6Ly93d3cu
+aXBzLmVzL2lwczIwMDIvcmVuZXdhbENMQVNFQTMuaHRtbD8wOwYJYIZIAYb4QgEI
+BC4WLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcG9saWN5Q0xBU0VBMy5odG1s
+MHUGA1UdHwRuMGwwMqAwoC6GLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvaXBz
+MjAwMkNMQVNFQTMuY3JsMDagNKAyhjBodHRwOi8vd3d3YmFjay5pcHMuZXMvaXBz
+MjAwMi9pcHMyMDAyQ0xBU0VBMy5jcmwwLwYIKwYBBQUHAQEEIzAhMB8GCCsGAQUF
+BzABhhNodHRwOi8vb2NzcC5pcHMuZXMvMA0GCSqGSIb3DQEBBQUAA4GBAEo9IEca
+2on0eisxeewBwMwB9dbB/MjD81ACUZBYKp/nNQlbMAqBACVHr9QPDp5gJqiVp4MI
+3y2s6Q73nMify5NF8bpqxmdRSmlPa/59Cy9SKcJQrSRE7SOzSMtEQMEDlQwKeAYS
+AfWRMS1Jjbs/RU4s4OjNtckUFQzjB4ObJnXv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICtzCCAiACAQAwDQYJKoZIhvcNAQEEBQAwgaMxCzAJBgNVBAYTAkVTMRIwEAYD
+VQQIEwlCQVJDRUxPTkExEjAQBgNVBAcTCUJBUkNFTE9OQTEZMBcGA1UEChMQSVBT
+IFNlZ3VyaWRhZCBDQTEYMBYGA1UECxMPQ2VydGlmaWNhY2lvbmVzMRcwFQYDVQQD
+Ew5JUFMgU0VSVklET1JFUzEeMBwGCSqGSIb3DQEJARYPaXBzQG1haWwuaXBzLmVz
+MB4XDTk4MDEwMTIzMjEwN1oXDTA5MTIyOTIzMjEwN1owgaMxCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCQVJDRUxPTkExEjAQBgNVBAcTCUJBUkNFTE9OQTEZMBcGA1UE
+ChMQSVBTIFNlZ3VyaWRhZCBDQTEYMBYGA1UECxMPQ2VydGlmaWNhY2lvbmVzMRcw
+FQYDVQQDEw5JUFMgU0VSVklET1JFUzEeMBwGCSqGSIb3DQEJARYPaXBzQG1haWwu
+aXBzLmVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsT1J0nznqjtwlxLyY
+XZhkJAk8IbPMGbWOlI6H0fg3PqHILVikgDVboXVsHUUMH2Fjal5vmwpMwci4YSM1
+gf/+rHhwLWjhOgeYlQJU3c0jt4BT18g3RXIGJBK6E2Ehim51KODFDzT9NthFf+G4
+Nu+z4cYgjui0OLzhPvYR3oydAQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACzzw3lY
+JN7GO9HgQmm47mSzPWIBubOE3yN93ZjPEKn+ANgilgUTB1RXxafey9m4iEL2mdsU
+dx+2/iU94aI+A6mB0i1sR/WWRowiq8jMDQ6XXotBtDvECgZAHd1G9AHduoIuPD14
+cJ58GNCr+Lh3B0Zx8coLY1xq+XKU1QFPoNtC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIODCCB6GgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCAR4xCzAJBgNVBAYTAkVT
+MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
+ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
+ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjE0MDIGA1UECxMr
+SVBTIENBIFRpbWVzdGFtcGluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE0MDIG
+A1UEAxMrSVBTIENBIFRpbWVzdGFtcGluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eTEeMBwGCSqGSIb3DQEJARYPaXBzQG1haWwuaXBzLmVzMB4XDTAxMTIyOTAxMTAx
+OFoXDTI1MTIyNzAxMTAxOFowggEeMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQmFy
+Y2Vsb25hMRIwEAYDVQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJbnRlcm5l
+dCBwdWJsaXNoaW5nIFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0BtYWlsLmlw
+cy5lcyBDLkkuRi4gIEItNjA5Mjk0NTIxNDAyBgNVBAsTK0lQUyBDQSBUaW1lc3Rh
+bXBpbmcgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxNDAyBgNVBAMTK0lQUyBDQSBU
+aW1lc3RhbXBpbmcgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHjAcBgkqhkiG9w0B
+CQEWD2lwc0BtYWlsLmlwcy5lczCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+vLjuVqWajOY2ycJioGaBjRrVetJznw6EZLqVtJCneK/K/lRhW86yIFcBrkSSQxA4
+Efdo/BdApWgnMjvEp+ZCccWZ73b/K5Uk9UmSGGjKALWkWi9uy9YbLA1UZ2t6KaFY
+q6JaANZbuxjC3/YeE1Z2m6Vo4pjOxgOKNNtMg0GmqaMCAwEAAaOCBIAwggR8MB0G
+A1UdDgQWBBSL0BBQCYHynQnVDmB4AyKiP8jKZjCCAVAGA1UdIwSCAUcwggFDgBSL
+0BBQCYHynQnVDmB4AyKiP8jKZqGCASakggEiMIIBHjELMAkGA1UEBhMCRVMxEjAQ
+BgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJ
+UFMgSW50ZXJuZXQgcHVibGlzaGluZyBTZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJp
+cHNAbWFpbC5pcHMuZXMgQy5JLkYuICBCLTYwOTI5NDUyMTQwMgYDVQQLEytJUFMg
+Q0EgVGltZXN0YW1waW5nIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTQwMgYDVQQD
+EytJUFMgQ0EgVGltZXN0YW1waW5nIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4w
+HAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYDVR0TBAUwAwEB/zAM
+BgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB
+BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIBFQYKKwYBBAGCNwIB
+FgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhCAQEEBAMCAAcwGgYD
+VR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGBD2lwc0BtYWlsLmlw
+cy5lczBHBglghkgBhvhCAQ0EOhY4VGltZXN0YW1waW5nIENBIENlcnRpZmljYXRl
+IGlzc3VlZCBieSBodHRwOi8vd3d3Lmlwcy5lcy8wKQYJYIZIAYb4QgECBBwWGmh0
+dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvMEAGCWCGSAGG+EIBBAQzFjFodHRwOi8v
+d3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJUaW1lc3RhbXBpbmcuY3JsMEUGCWCG
+SAGG+EIBAwQ4FjZodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3Jldm9jYXRpb25U
+aW1lc3RhbXBpbmcuaHRtbD8wQgYJYIZIAYb4QgEHBDUWM2h0dHA6Ly93d3cuaXBz
+LmVzL2lwczIwMDIvcmVuZXdhbFRpbWVzdGFtcGluZy5odG1sPzBABglghkgBhvhC
+AQgEMxYxaHR0cDovL3d3dy5pcHMuZXMvaXBzMjAwMi9wb2xpY3lUaW1lc3RhbXBp
+bmcuaHRtbDB/BgNVHR8EeDB2MDegNaAzhjFodHRwOi8vd3d3Lmlwcy5lcy9pcHMy
+MDAyL2lwczIwMDJUaW1lc3RhbXBpbmcuY3JsMDugOaA3hjVodHRwOi8vd3d3YmFj
+ay5pcHMuZXMvaXBzMjAwMi9pcHMyMDAyVGltZXN0YW1waW5nLmNybDAvBggrBgEF
+BQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9vY3NwLmlwcy5lcy8wDQYJKoZI
+hvcNAQEFBQADgYEAZbrBzAAalZHK6Ww6vzoeFAh8+4Pua2JR0zORtWB5fgTYXXk3
+6MNbsMRnLWhasl8OCvrNPzpFoeo2zyYepxEoxZSPhExTCMWTs/zif/WN87GphV+I
+3pGW7hdbrqXqcGV4LCFkAZXOzkw+UPS2Wctjjba9GNSHSl/c7+lW8AoM6HU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
+MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
+IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
+dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
+li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
+rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
+WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
+F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
+xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
+Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
+dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
+ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
+IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
+c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
+ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
+Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
+KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
+KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
+y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
+dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
+VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
+MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
+fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
+7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
+cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
+mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
+xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
+SnQ2+Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa
+GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg
+Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J
+WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB
+rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp
++ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1
+ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i
+Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz
+PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og
+/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH
+oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI
+yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud
+EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2
+A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL
+MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT
+ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f
+BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn
+g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl
+fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K
+WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
+B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc
+hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR
+TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
+mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
+ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
+4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
+8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM
+V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB
+4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr
+H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd
+8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv
+vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT
+mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe
+btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc
+T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt
+WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ
+c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A
+4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD
+VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG
+CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0
+aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0
+aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
+dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw
+czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G
+A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg
+Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0
+7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem
+d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd
++LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B
+4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN
+t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x
+DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57
+k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
+zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
+Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
+mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
+4SVhM7JZG+Ju1zdXtg2pEto=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
+MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
+dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5
+WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD
+VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8
+9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ
+DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9
+Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N
+QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ
+xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G
+A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG
+kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
+Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
+Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
+JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
+RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
+MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAx
+MDQwNjEwNDkxM1oXDTIxMDQwNjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNV
+BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMSBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H887dF+2rDNbS82rDTG
+29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9EJUk
+oVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk
+3w0LBUXl0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBL
+qdReLjVQCfOAl/QMF6452F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIIN
+nvmLVz5MxxftLItyM19yejhW1ebZrgUaHXVFsculJRwSVzb9IjcCAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZTiFIwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE928Jj2VuX
+ZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0H
+DjxVyhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VO
+TzF2nBBhjrZTOqMRvq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2Uv
+kVrCqIexVmiUefkl98HVrhq4uz2PqYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4w
+zMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9ZIRlXvVWa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
+MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
+MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV
+BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o
+Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt
+5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s
+3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej
+vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu
+8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil
+zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/
+3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD
+FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
+Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
+ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCAqKgAwIBAgIEAJiWijANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQTAeFw0wMjEyMTcwOTIzNDlaFw0xNTEy
+MTYwOTE1MzhaMFUxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVk
+ZXJsYW5kZW4xJjAkBgNVBAMTHVN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNK1URF6gaYUmHFtvszn
+ExvWJw56s2oYHLZhWtVhCb/ekBPHZ+7d89rFDBKeNVU+LCeIQGv33N0iYfXCxw71
+9tV2U02PjLwYdjeFnejKScfST5gTCaI+Ioicf9byEGW07l8Y1Rfj+MX94p2i71MO
+hXeiD+EwR+4A5zN9RGcaC1Hoi6CeUJhoNFIfLm0B8mBF8jHrqTFoKbt6QZ7GGX+U
+tFE5A3+y3qcym7RHjm+0Sq7lr7HcsBthvJly3uSJt3omXdozSVtSnA71iq3DuD3o
+BmrC1SoLbHuEvVYFy4ZlkuxEK7COudxwC0barbxjiDn622r+I/q85Ej0ZytqERAh
+SQIDAQABo4GRMIGOMAwGA1UdEwQFMAMBAf8wTwYDVR0gBEgwRjBEBgRVHSAAMDww
+OgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cucGtpb3ZlcmhlaWQubmwvcG9saWNpZXMv
+cm9vdC1wb2xpY3kwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSofeu8Y6R0E3QA
+7Jbg0zTBLL9s+DANBgkqhkiG9w0BAQUFAAOCAQEABYSHVXQ2YcG70dTGFagTtJ+k
+/rvuFbQvBgwp8qiSpGEN/KtcCFtREytNwiphyPgJWPwtArI5fZlmgb9uXJVFIGzm
+eafR2Bwp/MIgJ1HI8XxdNGdphREwxgDS1/PTfLbwMVcoEoJz6TMvplW0C5GUR5z6
+u3pCMuiufi3IvKwUv9kP2Vv8wfl6leF9fpb8cbDCTMjfRTTJzg3ynGQI0DvDKcWy
+7ZAEwbEpkcUwb8GpcjPM/l0WFywRaed+/sWDCN+83CI6LiBpIzlWYGeQiy52OfsR
+iJf2fL1LuCAWZwWN4jvBcj+UlTfHXbme2JOhF4//DGYVwSR8MnwDHTuhWEUykw==
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEKzCCAxOgAwIBAgIEOsylTDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJE
+SzEVMBMGA1UEChMMVERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQg
+Um9vdCBDQTAeFw0wMTA0MDUxNjMzMTdaFw0yMTA0MDUxNzAzMTdaMEMxCzAJBgNV
+BAYTAkRLMRUwEwYDVQQKEwxUREMgSW50ZXJuZXQxHTAbBgNVBAsTFFREQyBJbnRl
+cm5ldCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLhA
+vJHVYx/XmaCLDEAedLdInUaMArLgJF/wGROnN4NrXceO+YQwzho7+vvOi20jxsNu
+Zp+Jpd/gQlBn+h9sHvTQBda/ytZO5GhgbEaqHF1j4QeGDmUApy6mcca8uYGoOn0a
+0vnRrEvLznWv3Hv6gXPU/Lq9QYjUdLP5Xjg6PEOo0pVOd20TDJ2PeAG3WiAfAzc1
+4izbSysseLlJ28TQx5yc5IogCSEWVmb/Bexb4/DPqyQkXsN/cHoSxNK1EKC2IeGN
+eGlVRGn1ypYcNIUXJXfi9i8nmHj9eQY6otZaQ8H/7AQ77hPv01ha/5Lr7K7a8jcD
+R0G2l8ktCkEiu7vmpwIDAQABo4IBJTCCASEwEQYJYIZIAYb4QgEBBAQDAgAHMGUG
+A1UdHwReMFwwWqBYoFakVDBSMQswCQYDVQQGEwJESzEVMBMGA1UEChMMVERDIElu
+dGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTENMAsGA1UEAxME
+Q1JMMTArBgNVHRAEJDAigA8yMDAxMDQwNTE2MzMxN1qBDzIwMjEwNDA1MTcwMzE3
+WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUbGQBx/2FbazI2p5QCIUItTxWqFAw
+HQYDVR0OBBYEFGxkAcf9hW2syNqeUAiFCLU8VqhQMAwGA1UdEwQFMAMBAf8wHQYJ
+KoZIhvZ9B0EABBAwDhsIVjUuMDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQBO
+Q8zR3R0QGwZ/t6T609lN+yOfI1Rb5osvBCiLtSdtiaHsmGnc540mgwV5dOy0uaOX
+wTUA/RXaOYE6lTGQ3pfphqiZdwzlWqCE/xIWrG64jcN7ksKsLtB9KOy282A4aW8+
+2ARVPp7MVdK6/rtHBNcK2RYKNCn1WBPVT8+PVkuzHu7TmHnaCB4Mb7j4Fifvwm89
+9qNLPg7kbWzbO0ESm70NRyN/PErQr8Cv9u8btRXE64PECV90i9kR+8JWsTz4cMo0
+jUNAE4z9mQNUecYu6oah9jrUCbz0vGbMPVjQV0kK7iXiQe4T+Zs4NNEA9X7nlB38
+aQNiuJkFBT1reBK9sG9l
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGTCCBAGgAwIBAgIEPki9xDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJE
+SzEMMAoGA1UEChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0wMzAyMTEw
+ODM5MzBaFw0zNzAyMTEwOTA5MzBaMDExCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwNU
+REMxFDASBgNVBAMTC1REQyBPQ0VTIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEArGL2YSCyz8DGhdfjeebM7fI5kqSXLmSjhFuHnEz9pPPEXyG9VhDr
+2y5h7JNp46PMvZnDBfwGuMo2HP6QjklMxFaaL1a8z3sM8W9Hpg1DTeLpHTk0zY0s
+2RKY+ePhwUp8hjjEqcRhiNJerxomTdXkoCJHhNlktxmW/OwZ5LKXJk5KTMuPJItU
+GBxIYXvViGjaXbXqzRowwYCDdlCqT9HU3Tjw7xb04QxQBr/q+3pJoSgrHPb8FTKj
+dGqPqcNiKXEx5TukYBdedObaE+3pHx8b0bJoc8YQNHVGEBDjkAB2QMuLt0MJIf+r
+TpPGWOmlgtt3xDqZsXKVSQTwtyv6e1mO3QIDAQABo4ICNzCCAjMwDwYDVR0TAQH/
+BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgewGA1UdIASB5DCB4TCB3gYIKoFQgSkB
+AQEwgdEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2VydGlmaWthdC5kay9yZXBv
+c2l0b3J5MIGdBggrBgEFBQcCAjCBkDAKFgNUREMwAwIBARqBgUNlcnRpZmlrYXRl
+ciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMi4yMDguMTY5LjEu
+MS4xLiBDZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIg
+T0lEIDEuMi4yMDguMTY5LjEuMS4xLjARBglghkgBhvhCAQEEBAMCAAcwgYEGA1Ud
+HwR6MHgwSKBGoESkQjBAMQswCQYDVQQGEwJESzEMMAoGA1UEChMDVERDMRQwEgYD
+VQQDEwtUREMgT0NFUyBDQTENMAsGA1UEAxMEQ1JMMTAsoCqgKIYmaHR0cDovL2Ny
+bC5vY2VzLmNlcnRpZmlrYXQuZGsvb2Nlcy5jcmwwKwYDVR0QBCQwIoAPMjAwMzAy
+MTEwODM5MzBagQ8yMDM3MDIxMTA5MDkzMFowHwYDVR0jBBgwFoAUYLWF7FZkfhIZ
+J2cdUBVLc647+RIwHQYDVR0OBBYEFGC1hexWZH4SGSdnHVAVS3OuO/kSMB0GCSqG
+SIb2fQdBAAQQMA4bCFY2LjA6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEACrom
+JkbTc6gJ82sLMJn9iuFXehHTuJTXCRBuo7E4A9G28kNBKWKnctj7fAXmMXAnVBhO
+inxO5dHKjHiIzxvTkIvmI/gLDjNDfZziChmPyQE+dF10yYscA+UYyAFMP8uXBV2Y
+caaYb7Z8vTd/vuGTJW1v8AqtFxjhA7wHKcitJuj4YfD9IQl+mo6paH1IYnK9AOoB
+mbgGglGBTvH1tJFUuSN6AJqfXY3gPGS5GhKSKseCRHI53OI8xthV9RVOyAUO28bQ
+YqbsFbS1AoLbrIyigfCbmTH1ICCoiGEKB5+U/NDXG8wuF/MEJ3Zn61SD/aSQfgY9
+BKNDLdr8C2LqL19iUw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEXjCCA0agAwIBAgIQRL4Mi1AAIbQR0ypoBqmtaTANBgkqhkiG9w0BAQUFADCB
+kzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZBgNVBAMTElVUTiAtIERBVEFDb3Jw
+IFNHQzAeFw05OTA2MjQxODU3MjFaFw0xOTA2MjQxOTA2MzBaMIGTMQswCQYDVQQG
+EwJVUzELMAkGA1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYD
+VQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cu
+dXNlcnRydXN0LmNvbTEbMBkGA1UEAxMSVVROIC0gREFUQUNvcnAgU0dDMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+5YEKIrblXEjr8uRgnn4AgPLit6
+E5Qbvfa2gI5lBZMAHryv4g+OGQ0SR+ysraP6LnD43m77VkIVni5c7yPeIbkFdicZ
+D0/Ww5y0vpQZY/KmEQrrU0icvvIpOxboGqBMpsn0GFlowHDyUwDAXlCCpVZvNvlK
+4ESGoE1O1kduSUrLZ9emxAW5jh70/P/N5zbgnAVssjMiFdC04MwXwLLA9P4yPykq
+lXvY8qdOD1R8oQ2AswkDwf9c3V6aPryuvEeKaq5xyh+xKrhfQgUL7EYw0XILyulW
+bfXv33i+Ybqypa4ETLyorGkVl73v67SMvzX41MPRKA5cOp9wGDMgd8SirwIDAQAB
+o4GrMIGoMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRT
+MtGzz3/64PGgXYVOktKeRR20TzA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVROLURBVEFDb3JwU0dDLmNybDAqBgNVHSUEIzAhBggr
+BgEFBQcDAQYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GCSqGSIb3DQEBBQUAA4IB
+AQAnNZcAiosovcYzMB4p/OL31ZjUQLtgyr+rFywJNn9Q+kHcrpY6CiM+iVnJowft
+Gzet/Hy+UUla3joKVAgWRcKZsYfNjGjgaQPpxE6YsjuMFrMOoAyYUJuTqXAJyCyj
+j98C5OBxOvG0I3KgqgHf35g+FFCgMSa9KOlaMCZ1+XtgHI3zzVAmbQQnmt/VDUVH
+KWss5nbZqSl9Mt3JNjy9rjXxEZ4du5A/EkdOjtd+D2JzHVImOBwYSf0wdJrE5SIv
+2MCN7ZF6TACPcn9d2t0bi0Vr591pl6jFVkwPDPafepE39peC4N1xaf92P2BNPM/3
+mfnGV/TJVTl4uix5yaaIK/QI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
+rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt
+Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa
+Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV
+BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l
+dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE
+AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B
+YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9
+hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l
+L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm
+SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM
+1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws
+6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50
+aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u
+7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0
+xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ
+rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim
+eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
+USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
+lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
+SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
+A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
+MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
+d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
+cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
+0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
+M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
+MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
+oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
+DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
+oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
+VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
+bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
+BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
+//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
+CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
+CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
+3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
+KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCB
+lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
+T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowgZUxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAc
+BgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
+dy51c2VydHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicP
+HxzfOpuCaDDASmEd8S8O+r5596Uj71VRloTN2+O5bj4x2AogZ8f02b+U60cEPgLO
+KqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQw5ujm9M89RKZd7G3CeBo
+5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vulBe3/IW+
+pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehb
+kkj7RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUC
+AwEAAaOBrzCBrDALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQU2u1kdBScFDyr3ZmpvVsoTYs8ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
+L2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmlyc3QtT2JqZWN0LmNybDApBgNV
+HSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQwDQYJKoZIhvcN
+AQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw
+NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXB
+mMiKVl0+7kNOPmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU
+4U3GDZlDAQ0Slox4nb9QorFEqmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK5
+81OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCGhU3IfdeLA/5u1fedFqySLKAj5ZyR
+Uh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
+MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
+ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
+IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
+AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
+unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
+BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
+7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
+0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
+roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
+A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
+aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
+26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
+BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
+EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
+BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
+aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
+AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
+p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
+1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
+XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
+eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
+tGWaIZDgqtCYvDi1czyL+Nw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
+MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
+NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
+A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
+A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
+Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
+QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
+eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
+B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
+z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
+AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
+ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
+TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
+MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
+VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
+VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
+bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
+AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
+bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
+ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
+VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
+ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
+AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQD
+EzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVneXpvaSAoQ2xhc3MgUUEpIFRhbnVz
+aXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0bG9jay5odTAeFw0w
+MzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTERMA8G
+A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
+Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5l
+dExvY2sgTWlub3NpdGV0dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZh
+bnlraWFkbzEeMBwGCSqGSIb3DQEJARYPaW5mb0BuZXRsb2NrLmh1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRVCacbvWy5FPSKAtt2/Goq
+eKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e8ia6AFQe
+r7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO5
+3Lhbm+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWd
+vLrqOU+L73Sa58XQ0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0l
+mT+1fMptsK6ZmfoIYOcZwvK9UdPM0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4IC
+wDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwggJ1Bglg
+hkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2YW55IGEgTmV0
+TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh
+biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQg
+ZWxla3Ryb25pa3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywg
+dmFsYW1pbnQgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6
+b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwgYXogQWx0YWxhbm9zIFN6ZXJ6b2Rl
+c2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kgZWxqYXJhcyBtZWd0
+ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczovL3d3
+dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0Bu
+ZXRsb2NrLm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBh
+bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRo
+ZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMgYXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3
+Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0IGluZm9AbmV0bG9jay5u
+ZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3DQEBBQUA
+A4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQ
+MznNwNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+
+NFAwLvt/MpqNPfMgW/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCR
+VCHnpgu0mfVRQdzNo0ci2ccBgcTcR08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY
+83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR5qq5aKrN9p2QdRLqOBrKROi3
+macqaJVmlaut74nLYKkGEsaUR+ko
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGfTCCBWWgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwga8xCzAJBgNVBAYTAkhV
+MRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMe
+TmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0
+dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBLb3pqZWd5em9pIChDbGFzcyBB
+KSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNDIzMTQ0N1oXDTE5MDIxOTIzMTQ0
+N1owga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhC
+dWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQu
+MRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBL
+b3pqZWd5em9pIChDbGFzcyBBKSBUYW51c2l0dmFueWtpYWRvMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHSMD7tM9DceqQWC2ObhbHDqeLVu0ThEDaiD
+zl3S1tWBxdRL51uUcCbbO51qTGL3cfNk1mE7PetzozfZz+qMkjvN9wfcZnSX9EUi
+3fRc4L9t875lM+QVOr/bmJBVOMTtplVjC7B4BPTjbsE/jvxReB+SnoPC/tmwqcm8
+WgD/qaiYdPv2LD4VOQ22BFWoDpggQrOxJa1+mm9dU7GrDPzr4PN6s6iz/0b2Y6LY
+Oph7tqyF/7AlT3Rj5xMHpQqPBffAZG9+pyeAlt7ULoZgx2srXnN7F+eRP2QM2Esi
+NCubMvJIH5+hCoR64sKtlz2O1cH5VqNQ6ca0+pii7pXmKgOM3wIDAQABo4ICnzCC
+ApswDgYDVR0PAQH/BAQDAgAGMBIGA1UdEwEB/wQIMAYBAf8CAQQwEQYJYIZIAYb4
+QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1GSUdZRUxFTSEgRXplbiB0
+YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pvbGdhbHRhdGFz
+aSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQu
+IEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtm
+ZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMg
+ZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVs
+amFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJhc2EgbWVndGFsYWxoYXRv
+IGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBhIGh0dHBzOi8vd3d3
+Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVub3J6
+ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1
+YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3Qg
+dG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRs
+b2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNAbmV0bG9jay5uZXQuMA0G
+CSqGSIb3DQEBBAUAA4IBAQBIJEb3ulZv+sgoA0BO5TE5ayZrU3/b39/zcT0mwBQO
+xmd7I6gMc90Bu8bKbjc5VdXHjFYgDigKDtIqpLBJUsY4B/6+CgmM0ZjPytoUMaFP
+0jn8DxEsQ8Pdq5PHVT5HfBgaANzze9jyf1JsIPQLX2lS9O74silg6+NJMSEN1rUQ
+QeJBCWziGppWS3cC9qCbmieH6FUpccKQn0V4GuEVZD3QDtigdp+uxdAu6tYPVuxk
+f1qbFFgBJ34TUMdrKuZoPL9coAob4Q566eKAw+np9v1sEZ7Q5SgnK1QyQhSCdeZK
+8CtmdWOMovsEPoMOmzbwGOQmIMOM8CgHrTwXZoi1/baI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQD
+EylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikgVGFudXNpdHZhbnlraWFkbzAeFw05
+OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYDVQQGEwJIVTERMA8G
+A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
+Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5l
+dExvY2sgVXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xK
+gZjupNTKihe5In+DCnVMm8Bp2GQ5o+2So/1bXHQawEfKOml2mrriRBf8TKPV/riX
+iK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr1nGTLbO/CVRY7QbrqHvc
+Q7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8E
+BAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1G
+SUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFu
+b3MgU3pvbGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBh
+bGFwamFuIGtlc3p1bHQuIEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExv
+Y2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGln
+aXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0
+IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh
+c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGph
+biBhIGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJo
+ZXRvIGF6IGVsbGVub3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBP
+UlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmlj
+YXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBo
+dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNA
+bmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06
+sPgzTEdM43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXa
+n3BukxowOR0w2y7jfLKRstE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKS
+NitjrFgBazMpUIaD8QFI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQD
+EytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBDKSBUYW51c2l0dmFueWtpYWRvMB4X
+DTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJBgNVBAYTAkhVMREw
+DwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9u
+c2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMr
+TmV0TG9jayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNA
+OoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3ZW3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC
+2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63euyucYT2BDMIJTLrdKwW
+RMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0P
+AQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEW
+ggJNRklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0
+YWxhbm9zIFN6b2xnYWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFz
+b2sgYWxhcGphbiBrZXN6dWx0LiBBIGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBO
+ZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1iaXp0b3NpdGFzYSB2ZWRpLiBB
+IGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0ZWxlIGF6IGVs
+b2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs
+ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25s
+YXBqYW4gYSBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kg
+a2VyaGV0byBheiBlbGxlbm9yemVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4g
+SU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5kIHRoZSB1c2Ugb2YgdGhpcyBjZXJ0
+aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQUyBhdmFpbGFibGUg
+YXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwgYXQg
+Y3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmY
+ta3UzbM2xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2g
+pO0u9f38vf5NNwgMvOOWgyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4
+Fp1hBWeAyNDYpQcCNJgEjTME1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
+gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
+MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY
+UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx
+NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3
+dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy
+dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6
+38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP
+KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q
+DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4
+qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa
+JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi
+PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P
+BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs
+jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0
+eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD
+ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR
+vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
+qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
+IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
+i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
+O+7ETPTsJ3xCwnR8gooJybQDJbw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
+MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
+YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
+MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
+ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
+MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
+ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
+PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
+wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
+EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
+avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
+sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
+/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
+IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
+OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
+TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
+HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
+dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
+ReYNnyicsbkqWletNw+vHX/bvZ8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
+MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
+U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
+NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
+ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
+ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
+DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
+8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
++lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
+X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
+K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
+1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
+A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
+zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
+YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
+bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
+L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
+eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
+xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
+VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
+WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCBH+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBsDELMAkGA1UEBhMCSUwx
+DzANBgNVBAgTBklzcmFlbDEOMAwGA1UEBxMFRWlsYXQxFjAUBgNVBAoTDVN0YXJ0
+Q29tIEx0ZC4xGjAYBgNVBAsTEUNBIEF1dGhvcml0eSBEZXAuMSkwJwYDVQQDEyBG
+cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS
+YWRtaW5Ac3RhcnRjb20ub3JnMB4XDTA1MDMxNzE3Mzc0OFoXDTM1MDMxMDE3Mzc0
+OFowgbAxCzAJBgNVBAYTAklMMQ8wDQYDVQQIEwZJc3JhZWwxDjAMBgNVBAcTBUVp
+bGF0MRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMRowGAYDVQQLExFDQSBBdXRob3Jp
+dHkgRGVwLjEpMCcGA1UEAxMgRnJlZSBTU0wgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkxITAfBgkqhkiG9w0BCQEWEmFkbWluQHN0YXJ0Y29tLm9yZzCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA7YRgACOeyEpRKSfeOqE5tWmrCbIvNP1h3D3TsM+x
+18LEwrHkllbEvqoUDufMOlDIOmKdw6OsWXuO7lUaHEe+o5c5s7XvIywI6Nivcy+5
+yYPo7QAPyHWlLzRMGOh2iCNJitu27Wjaw7ViKUylS7eYtAkUEKD4/mJ2IhULpNYI
+LzUCAwEAAaOCAjwwggI4MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgHmMB0G
+A1UdDgQWBBQcicOWzL3+MtUNjIExtpidjShkjTCB3QYDVR0jBIHVMIHSgBQcicOW
+zL3+MtUNjIExtpidjShkjaGBtqSBszCBsDELMAkGA1UEBhMCSUwxDzANBgNVBAgT
+BklzcmFlbDEOMAwGA1UEBxMFRWlsYXQxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4x
+GjAYBgNVBAsTEUNBIEF1dGhvcml0eSBEZXAuMSkwJwYDVQQDEyBGcmVlIFNTTCBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSYWRtaW5Ac3Rh
+cnRjb20ub3JnggEAMB0GA1UdEQQWMBSBEmFkbWluQHN0YXJ0Y29tLm9yZzAdBgNV
+HRIEFjAUgRJhZG1pbkBzdGFydGNvbS5vcmcwEQYJYIZIAYb4QgEBBAQDAgAHMC8G
+CWCGSAGG+EIBDQQiFiBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAy
+BglghkgBhvhCAQQEJRYjaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL2NhLWNybC5j
+cmwwKAYJYIZIAYb4QgECBBsWGWh0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy8wOQYJ
+YIZIAYb4QgEIBCwWKmh0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9pbmRleC5waHA/
+YXBwPTExMTANBgkqhkiG9w0BAQQFAAOBgQBscSXhnjSRIe/bbL0BCFaPiNhBOlP1
+ct8nV0t2hPdopP7rPwl+KLhX6h/BquL/lp9JmeaylXOWxkjHXo0Hclb4g4+fd68p
+00UOpO6wNnQt8M2YI3s3S9r+UZjEHjQ8iP2ZO1CnwYszx8JSFhKVU2Ui77qLzmLb
+cCOxgN8aIDjnfg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
+Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
+MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
+U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
+cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
+pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
+OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
+Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
+Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
+HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
+Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
+Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
+26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
+AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
+FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
+ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
+LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
+BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
+Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
+dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
+cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
+YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
+dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
+bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
+YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
+TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
+9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
+jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
+FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
+ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
+ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
+EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
+L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
+yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
+O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
+um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
+NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
+MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow
+PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR
+IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q
+gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy
+yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts
+F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2
+jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx
+ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC
+VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK
+YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH
+EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN
+Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud
+DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE
+MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK
+UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ
+TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf
+qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK
+ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE
+JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7
+hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1
+EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm
+nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
+udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
+ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
+LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
+pYYsfPQS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAz+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCRVMx
+IjAgBgNVBAcTGUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMTOUF1
+dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2
+MjYzNDA2ODEmMCQGCSqGSIb3DQEJARYXY2FAZmlybWFwcm9mZXNpb25hbC5jb20w
+HhcNMDExMDI0MjIwMDAwWhcNMTMxMDI0MjIwMDAwWjCBnTELMAkGA1UEBhMCRVMx
+IjAgBgNVBAcTGUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMTOUF1
+dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2
+MjYzNDA2ODEmMCQGCSqGSIb3DQEJARYXY2FAZmlybWFwcm9mZXNpb25hbC5jb20w
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnIwNvbyOlXnjOlSztlB5u
+Cp4Bx+ow0Syd3Tfom5h5VtP8c9/Qit5Vj1H5WuretXDE7aTt/6MNbg9kUDGvASdY
+rv5sp0ovFy3Tc9UTHI9ZpTQsHVQERc1ouKDAA6XPhUJHlShbz++AbOCQl4oBPB3z
+hxAwJkh91/zpnZFx/0GaqUC1N5wpIE8fUuOgfRNtVLcK3ulqTgesrBlf3H5idPay
+BQC6haD9HThuy1q7hryUZzM1gywfI834yJFxzJeL764P3CkDG8A563DtwW4O2GcL
+iam8NeTvtjS0pbbELaW+0MOUJEjb35bTALVmGotmBQ/dPz/LP6pemkr4tErvlTcb
+AgMBAAGjgZ8wgZwwKgYDVR0RBCMwIYYfaHR0cDovL3d3dy5maXJtYXByb2Zlc2lv
+bmFsLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEBMCsGA1UdEAQkMCKADzIwMDExMDI0
+MjIwMDAwWoEPMjAxMzEwMjQyMjAwMDBaMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
+FgQUMwugZtHq2s7eYpMEKFK1FH84aLcwDQYJKoZIhvcNAQEFBQADggEBAEdz/o0n
+VPD11HecJ3lXV7cVVuzH2Fi3AQL0M+2TUIiefEaxvT8Ub/GzR0iLjJcG1+p+o1wq
+u00vR+L4OQbJnC4xGgN49Lw4xiKLMzHwFgQEffl25EvXwOaD7FnMP97/T2u3Z36m
+hoEyIwOdyPdfwUpgpZKpsaSgYMN4h7Mi8yrrW6ntBas3D7Hi05V2Y1Z0jFhyGzfl
+ZKG+TQyTmAyX9odtsz/ny4Cm7YjHX1BiAuiZdBbQ5rQ58SfLyEDW44YQqSMSkuBp
+QWOnryULwMWSyx6Yo1q6xTMPoJcB3X/ge9YGVM+h4k0460tQtcsm9MracEpqoeJ5
+quGnM/b9Sh/22WA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9v
+dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDAxMDExMTY0MTI4WhcNMjEwMTE0
+MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSww
+KgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0G
+A1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n13
+5zHCLielTWi5MbqNQ1mXx3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHE
+SxP9cMIlrCL1dQu3U+SlK93OvRw6esP3E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4O
+JgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5OEL8pahbSCOz6+MlsoCu
+ltQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4jsNtlAHCE
+AQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMB
+AAGjYTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcB
+CzAyMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRw
+b2xpY3kwDQYJKoZIhvcNAQEFBQADggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo
+7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrvm+0fazbuSCUlFLZWohDo7qd/
+0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0ROhPs7fpvcmR7
+nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx
+x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ
+33ZwmVxwQ023tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
+MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
+YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
+Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
+AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
+Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
+m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
+FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
+TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
+EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
+kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
+HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
+vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
+19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
+L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
+bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
+JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
+FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
+BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
+K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
+ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
+Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
+sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
+3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
+ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
+mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
+b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
+rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
+hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
+zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
+MBr1mmz0DlP5OlvRHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c
+JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP
+mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+
+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4
+VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/
+AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB
+AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
+BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun
+pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC
+dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
+fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
+NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
+H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
+PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
+xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
+Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
+hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
+EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
+nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
+eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
+hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
+Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
++OkuE6N36B9K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
+PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
+cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9
+MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz
+IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ
+ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR
+VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL
+kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd
+EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas
+H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0
+HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud
+DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4
+QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu
+Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/
+AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8
+yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR
+FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA
+ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
+kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
+l7+ijrRU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
+PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
+Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
+rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
+OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
+xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
+7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
+aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
+SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
+ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
+AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
+R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
+JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
+Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
+ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
+MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
+VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
+FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
+ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
+gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
+fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
+ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
+ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
+c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
+dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
+aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
+hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
+QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
+h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
+nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
+rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
+9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID+zCCAuOgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBtzE/MD0GA1UEAww2VMOc
+UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
+c8SxMQswCQYDVQQGDAJUUjEPMA0GA1UEBwwGQU5LQVJBMVYwVAYDVQQKDE0oYykg
+MjAwNSBUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8
+dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjAeFw0wNTA1MTMxMDI3MTdaFw0xNTAz
+MjIxMDI3MTdaMIG3MT8wPQYDVQQDDDZUw5xSS1RSVVNUIEVsZWt0cm9uaWsgU2Vy
+dGlmaWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLExCzAJBgNVBAYMAlRSMQ8wDQYD
+VQQHDAZBTktBUkExVjBUBgNVBAoMTShjKSAyMDA1IFTDnFJLVFJVU1QgQmlsZ2kg
+xLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2ZW5sacSfaSBIaXptZXRsZXJpIEEu
+xZ4uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylIF1mMD2Bxf3dJ7
+XfIMYGFbazt0K3gNfUW9InTojAPBxhEqPZW8qZSwu5GXyGl8hMW0kWxsE2qkVa2k
+heiVfrMArwDCBRj1cJ02i67L5BuBf5OI+2pVu32Fks66WJ/bMsW9Xe8iSi9BB35J
+YbOG7E6mQW6EvAPs9TscyB/C7qju6hJKjRTP8wrgUDn5CDX4EVmt5yLqS8oUBt5C
+urKZ8y1UiBAG6uEaPj1nH/vO+3yC6BFdSsG5FOpU2WabfIl9BJpiyelSPJ6c79L1
+JuTm5Rh8i27fbMx4W09ysstcP4wFjdFMjK2Sx+F4f2VsSQZQLJ4ywtdKxnWKWU51
+b0dewQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAV
+9VX/N5aAWSGk/KEVTCD21F/aAyT8z5Aa9CEKmu46sWrv7/hg0Uw2ZkUd82YCdAR7
+kjCo3gp2D++Vbr3JN+YaDayJSFvMgzbC9UZcWYJWtNX+I7TYVBxEq8Sn5RTOPEFh
+fEPmzcSBCYsk+1Ql1haolgxnB2+zUEfjHCQo3SqYpGH+2+oSN7wBGjSFvW5P55Fy
+B0SFHljKVETd96y5y4khctuPwGkplyqjrhgjlxxBKot8KsF8kOipKMDTkcatKIdA
+aLX/7KfS0zgYnNN9aV3wxqUeJBujR/xpB2jn5Jq07Q+hh4cCzofSSE7hvP/L8XKS
+RGQDJereW26fyfJOrN3H
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPDCCAySgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvjE/MD0GA1UEAww2VMOc
+UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
+c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xS
+S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
+SGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtIDIwMDUwHhcNMDUxMTA3MTAwNzU3
+WhcNMTUwOTE2MTAwNzU3WjCBvjE/MD0GA1UEAww2VMOcUktUUlVTVCBFbGVrdHJv
+bmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJU
+UjEPMA0GA1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xSS1RSVVNUIEJpbGdpIMSw
+bGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWe
+LiAoYykgS2FzxLFtIDIwMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCpNn7DkUNMwxmYCMjHWHtPFoylzkkBH3MOrHUTpvqeLCDe2JAOCtFp0if7qnef
+J1Il4std2NiDUBd9irWCPwSOtNXwSadktx4uXyCcUHVPr+G1QRT0mJKIx+XlZEdh
+R3n9wFHxwZnn3M5q+6+1ATDcRhzviuyV79z/rxAc653YsKpqhRgNF8k+v/Gb0AmJ
+Qv2gQrSdiVFVKc8bcLyEVK3BEx+Y9C52YItdP5qtygy/p1Zbj3e41Z55SZI/4PGX
+JHpsmxcPbe9TmJEr5A++WXkHeLuXlfSfadRYhwqp48y2WBmfJiGxxFmNskF1wK1p
+zpwACPI2/z7woQ8arBT9pmAPAgMBAAGjQzBBMB0GA1UdDgQWBBTZN7NOBf3Zz58S
+Fq62iS/rJTqIHDAPBgNVHQ8BAf8EBQMDBwYAMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
+KoZIhvcNAQEFBQADggEBAHJglrfJ3NgpXiOFX7KzLXb7iNcX/nttRbj2hWyfIvwq
+ECLsqrkw9qtY1jkQMZkpAL2JZkH7dN6RwRgLn7Vhy506vvWolKMiVW4XSf/SKfE4
+Jl3vpao6+XF75tpYHdN0wgH6PmlYX63LaL4ULptswLbcoCb6dxriJNoaN+BnrdFz
+gw2lGh1uEpJ+hGIAF728JRhX8tepb1mIvDS3LoV4nZbcFMMsilKbloxSZj2GFotH
+uFEJjOp9zYhys2AzsfAKRO8P9Qk3iCQOLGsgOqL6EfJANZxEaGM7rDNvY7wsu/LS
+y3Z9fYjYHcgFHW68lKlmjHdxx/qR+i9Rnuk5UrbnBEI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
+BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
+IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw
+WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD
+ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y
+IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn
+IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+
+6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob
+jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw
+izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl
++zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY
+zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP
+pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF
+KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW
+ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB
+AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0
+ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW
+IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA
+A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0
+uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+
+FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7
+jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/
+u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D
+YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1
+puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
+icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
+DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
+kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
+Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
+biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT
+d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8
+76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+
+bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c
+6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE
+emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd
+MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt
+MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y
+MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y
+FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi
+aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM
+gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB
+qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7
+lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn
+8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6
+45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO
+UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5
+O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC
+bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv
+GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a
+77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC
+hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
+92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
+Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
+ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
+Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
+BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
+IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow
+RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY
+U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv
+Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br
+YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF
+nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH
+6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt
+eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/
+c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ
+MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH
+HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf
+jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6
+5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB
+rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU
+F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c
+wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0
+cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB
+AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp
+WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9
+xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ
+2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ
+IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8
+aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X
+em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
+dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
+OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
+tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
+MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
+R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx
+MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
+Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9
+AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA
+ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0
+7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W
+kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI
+mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ
+KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1
+6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl
+4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K
+oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
+UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
+AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
+qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
+Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
+MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
+BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw
+NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j
+LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG
+A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl
+IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs
+W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta
+3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk
+6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6
+Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J
+NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP
+r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU
+DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz
+YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
+xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
+/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
+LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
+jVaMaA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
+yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
+ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
+ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
+biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
+U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
+nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
+t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
+SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
+BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
+NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
+BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
+aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
+MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
+p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
+5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
+WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
+4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
+hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz
+MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv
+cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz
+Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO
+0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao
+wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj
+7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS
+8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT
+BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg
+JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC
+NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
+6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/
+3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
+D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
+CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
+3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx
+MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg
+Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ
+iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa
+/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ
+jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI
+HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7
+sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w
+gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw
+KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG
+AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L
+URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO
+H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
+I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
+iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
+f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw
+MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW
+/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g
+PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY
+SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv
+IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
+RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
+zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
+BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
+ZQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFijCCA3KgAwIBAgIQDHbanJEMTiye/hXQWJM8TDANBgkqhkiG9w0BAQUFADBf
+MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp
+Tm90YXIgUm9vdCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmww
+HhcNMDcwNTE2MTcxOTM2WhcNMjUwMzMxMTgxOTIxWjBfMQswCQYDVQQGEwJOTDES
+MBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdpTm90YXIgUm9vdCBDQTEg
+MB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCssFjBAL3YIQgLK5r+blYwBZ8bd5AQQVzDDYcRd46B
+8cp86Yxq7Th0Nbva3/m7wAk3tJZzgX0zGpg595NvlX89ubF1h7pRSOiLcD6VBMXY
+tsMW2YiwsYcdcNqGtA8Ui3rPENF0NqISe3eGSnnme98CEWilToauNFibJBN4ViIl
+HgGLS1Fx+4LMWZZpiFpoU8W5DQI3y0u8ZkqQfioLBQftFl9VkHXYRskbg+IIvvEj
+zJkd1ioPgyAVWCeCLvriIsJJsbkBgWqdbZ1Ad2h2TiEqbYRAhU52mXyC8/O3AlnU
+JgEbjt+tUwbRrhjd4rI6y9eIOI6sWym5GdOY+RgDz0iChmYLG2kPyes4iHomGgVM
+ktck1JbyrFIto0fVUvY//s6EBnCmqj6i8rZWNBhXouSBbefK8GrTx5FrAoNBfBXv
+a5pkXuPQPOWx63tdhvvL5ndJzaNl3Pe5nLjkC1+Tz8wwGjIczhxjlaX56uF0i57p
+K6kwe6AYHw4YC+VbqdPRbB4HZ4+RS6mKvNJmqpMBiLKR+jFc1abBUggJzQpjotMi
+puih2TkGl/VujQKQjBR7P4DNG5y6xFhyI6+2Vp/GekIzKQc/gsnmHwUNzUwoNovT
+yD4cxojvXu6JZOkd69qJfjKmadHdzIif0dDJZiHcBmfFlHqabWJMfczgZICynkeO
+owIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wDQYJKoZIhvcNAQEFBQADggIBADsC
+jcs8MOhuoK3yc7NfniUTBAXT9uOLuwt5zlPe5JbF0a9zvNXD0EBVfEB/zRtfCdXy
+fJ9oHbtdzno5wozWmHvFg1Wo1X1AyuAe94leY12hE8JdiraKfADzI8PthV9xdvBo
+Y6pFITlIYXg23PFDk9Qlx/KAZeFTAnVR/Ho67zerhChXDNjU1JlWbOOi/lmEtDHo
+M/hklJRRl6s5xUvt2t2AC298KQ3EjopyDedTFLJgQT2EkTFoPSdE2+Xe9PpjRchM
+Ppj1P0G6Tss3DbpmmPHdy59c91Q2gmssvBNhl0L4eLvMyKKfyvBovWsdst+Nbwed
+2o5nx0ceyrm/KkKRt2NTZvFCo+H0Wk1Ya7XkpDOtXHAd3ODy63MUkZoDweoAZbwH
+/M8SESIsrqC9OuCiKthZ6SnTGDWkrBFfGbW1G/8iSlzGeuQX7yCpp/Q/rYqnmgQl
+nQ7KN+ZQ/YxCKQSa7LnPS3K94gg2ryMvYuXKAdNw23yCIywWMQzGNgeQerEfZ1jE
+O1hZibCMjFCz2IbLaKPECudpSyDOwR5WS5WpI2jYMNjD67BVUc3l/Su49bsRn1NU
+9jQZjHkJNsphFyUXC4KYcwx3dMPVDceoEkzHp1RxRy4sGn3J4ys7SN4nhKdjNrN9
+j6BkOSQNPXuHr2ZcdBtLc7LljPCGmbjlxd+Ewbfr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
+MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
+MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp
+dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV
+UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO
+ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz
+c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP
+OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl
+mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF
+BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4
+qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw
+gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu
+bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp
+dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8
+6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/
+h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
+/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv
+wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
+pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMx
+IDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxs
+cyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9v
+dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMjEzMTcwNzU0WhcNMjIxMjE0
+MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdl
+bGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQD
+DC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+r
+WxxTkqxtnt3CxC5FlAM1iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjU
+Dk/41itMpBb570OYj7OeUt9tkTmPOL13i0Nj67eT/DBMHAGTthP796EfvyXhdDcs
+HqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8bJVhHlfXBIEyg1J55oNj
+z7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiBK0HmOFaf
+SZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/Slwxl
+AgMBAAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqG
+KGh0dHA6Ly9jcmwucGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0P
+AQH/BAQDAgHGMB0GA1UdDgQWBBQmlRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0j
+BIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGBi6SBiDCBhTELMAkGA1UEBhMC
+VVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNX
+ZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg
+Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEB
+ALkVsUSRzCPIK0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd
+/ZDJPHV3V3p9+N701NX3leZ0bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pB
+A4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSljqHyita04pO2t/caaH/+Xc/77szWn
+k4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+esE2fDbbFwRnzVlhE9
+iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJtylv
+2G0xffX8oRAHh84vWdw+WNs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw
+MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
+ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
+T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR
+FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J
+cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
+BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
+BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
+fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
+GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMjCCA5ugAwIBAgIBQjANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
+ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTA0MDczMTAwMDAwMVoXDTA0
+MDkwMjAwMDAwMVowPDE6MDgGA1UEAxMxTUQ1IENvbGxpc2lvbnMgSW5jLiAoaHR0
+cDovL3d3dy5waHJlZWRvbS5vcmcvbWQ1KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEAuqZZySwo1iqw+O2fRqSkN+4OGWhZ0bMDmVHWFppeN2sV4A5L9YRk+KPb
+QW811ZsVH9vEOFJwgZdej6C193458DKsHq1E0rP6SMPOkZvs9Jx84Vr1yDdrmoPe
+58oglzFCcxWRaPSIr/koKMXpD3OwF0sTTJl10ETmfghsGvJPG0ECAwEAAaOCAiQw
+ggIgMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSnBGAf
+q3JDCMV/CJBVVhzWzuY46zAfBgNVHSMEGDAWgBS+qKB0clBrRLfJI9j7qP+zV2to
+bDCCAb4GCWCGSAGG+EIBDQSCAa8WggGrMwAAACdeOeCJYQ9Oo8VFCza7AdFTqsMI
+j2/4Tz6Hh0QR3GDg35JV+bhzG1STxZ/QRsRgtjVizbmvHKhpGslbPJY3wO1n77v+
+wIucUC8pvYMino4I+qwTcKJYf2JiihH3ifbftmdZcxb7YxaKtJE4zi71tr5MpJRJ
+5GURCkIVycEw4mnVRX2lJru5YexiZPA54ee8aNhQUZ4dYNPRo6cK+AMgoXABF5E2
+TwJwMYaD3fcP2AcdEbMTBKXc8K5QsSgOY2kqDIJvj0cz32yiBpLxT0W+2TA2oyuM
+1neuNWN/Tkyak0g22Z8CAwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0O
+BBYEFM2mg/qlYDf3ljcXKd5BePGHiVXnMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6
+Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvZ2xvYmFsY2ExLmNybDAfBgNVHSMEGDAW
+gBS+qKB0clBrRLfJI9j7qP+zV2tobDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQCnIQKN0Q6igHcl
+/UNgFY/s75BH1IRCFSYRHM3CPBApqbbfq1d1kdrlK7OQRRwwY1Y/itlQ+u1YbMBl
+rGZX3hzGdjv1AA6ORc5/TJDsK8bNs7SPYtD+t8UmckTt9phbrsvRlfXaCL5oRrF1
+yOwdjx56lPGqU3iiRa5U6tGedMh2Zw==
+-----END CERTIFICATE-----
diff --git a/cmake/modules/COPYING-CMAKE-SCRIPTS b/cmake/modules/COPYING-CMAKE-SCRIPTS
new file mode 100644
index 0000000..4b41776
--- /dev/null
+++ b/cmake/modules/COPYING-CMAKE-SCRIPTS
@@ -0,0 +1,22 @@
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. The name of the author may not be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/cmake/modules/FindBotan.cmake b/cmake/modules/FindBotan.cmake
new file mode 100644
index 0000000..dc1f873
--- /dev/null
+++ b/cmake/modules/FindBotan.cmake
@@ -0,0 +1,48 @@
+
+# - Try to find the Gcrypt library
+# Once run this will define
+#
+# BOTAN_FOUND - set if the system has the gcrypt library
+# BOTAN_CFLAGS - the required gcrypt compilation flags
+# BOTAN_LIBRARIES - the linker libraries needed to use the gcrypt library
+#
+# Copyright (c) 2006 Brad Hards <bradh@kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+# libgcrypt is moving to pkg-config, but earlier version don't have it
+
+#search in typical paths for libgcrypt-config
+FIND_PROGRAM(BOTANCONFIG_EXECUTABLE NAMES botan-config)
+
+#reset variables
+set(BOTAN_LIBRARIES)
+set(BOTAN_CFLAGS)
+
+# if botan-config has been found
+IF(BOTANCONFIG_EXECUTABLE)
+
+ EXEC_PROGRAM(${BOTANCONFIG_EXECUTABLE} ARGS --libs RETURN_VALUE _return_VALUE OUTPUT_VARIABLE BOTAN_LIBRARIES)
+
+ EXEC_PROGRAM(${BOTANCONFIG_EXECUTABLE} ARGS --cflags RETURN_VALUE _return_VALUE OUTPUT_VARIABLE BOTAN_CFLAGS)
+
+ IF(BOTAN_LIBRARIES)
+ SET(BOTAN_FOUND TRUE)
+ ENDIF(BOTAN_LIBRARIES)
+
+ MARK_AS_ADVANCED(BOTAN_CFLAGS BOTAN_LIBRARIES)
+
+ENDIF(BOTANCONFIG_EXECUTABLE)
+
+if (BOTAN_FOUND)
+ if (NOT Botan_FIND_QUIETLY)
+ message(STATUS "Found Botan: ${BOTAN_LIBRARIES}")
+ endif (NOT Botan_FIND_QUIETLY)
+else (BOTAN_FOUND)
+ if (Botan_FIND_REQUIRED)
+ message(FATAL_ERROR "Could not find Botan libraries")
+ endif (Botan_FIND_REQUIRED)
+endif (BOTAN_FOUND)
+
+
diff --git a/cmake/modules/FindCarbon.cmake b/cmake/modules/FindCarbon.cmake
new file mode 100644
index 0000000..38a1aa7
--- /dev/null
+++ b/cmake/modules/FindCarbon.cmake
@@ -0,0 +1,13 @@
+# Copyright (c) 2006, Benjamin Reed, <ranger@befunk.com>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+INCLUDE(CMakeFindFrameworks)
+
+CMAKE_FIND_FRAMEWORKS(Carbon)
+
+if (Carbon_FRAMEWORKS)
+ set(CARBON_LIBRARY "-framework Carbon" CACHE FILEPATH "Carbon framework" FORCE)
+ set(CARBON_FOUND 1)
+endif (Carbon_FRAMEWORKS)
diff --git a/cmake/modules/FindLibGcrypt.cmake b/cmake/modules/FindLibGcrypt.cmake
new file mode 100644
index 0000000..0e1727f
--- /dev/null
+++ b/cmake/modules/FindLibGcrypt.cmake
@@ -0,0 +1,50 @@
+
+# - Try to find the Gcrypt library
+# Once run this will define
+#
+# LIBGCRYPT_FOUND - set if the system has the gcrypt library
+# LIBGCRYPT_CFLAGS - the required gcrypt compilation flags
+# LIBGCRYPT_LIBRARIES - the linker libraries needed to use the gcrypt library
+#
+# Copyright (c) 2006 Brad Hards <bradh@kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+# libgcrypt is moving to pkg-config, but earlier version don't have it
+
+#search in typical paths for libgcrypt-config
+FIND_PROGRAM(LIBGCRYPTCONFIG_EXECUTABLE NAMES libgcrypt-config)
+
+#reset variables
+set(LIBGCRYPT_LIBRARIES)
+set(LIBGCRYPT_CFLAGS)
+
+# if libgcrypt-config has been found
+IF(LIBGCRYPTCONFIG_EXECUTABLE)
+
+ EXEC_PROGRAM(${LIBGCRYPTCONFIG_EXECUTABLE} ARGS --libs RETURN_VALUE _return_VALUE OUTPUT_VARIABLE LIBGCRYPT_LIBRARIES)
+
+ EXEC_PROGRAM(${LIBGCRYPTCONFIG_EXECUTABLE} ARGS --cflags RETURN_VALUE _return_VALUE OUTPUT_VARIABLE LIBGCRYPT_CFLAGS)
+
+ IF(${LIBGCRYPT_CFLAGS} MATCHES "\n")
+ SET(LIBGCRYPT_CFLAGS " ")
+ ENDIF(${LIBGCRYPT_CFLAGS} MATCHES "\n")
+
+ IF(LIBGCRYPT_LIBRARIES AND LIBGCRYPT_CFLAGS)
+ SET(LIBGCRYPT_FOUND TRUE)
+ ENDIF(LIBGCRYPT_LIBRARIES AND LIBGCRYPT_CFLAGS)
+
+ENDIF(LIBGCRYPTCONFIG_EXECUTABLE)
+
+if (LIBGCRYPT_FOUND)
+ if (NOT LibGcrypt_FIND_QUIETLY)
+ message(STATUS "Found libgcrypt: ${LIBGCRYPT_LIBRARIES}")
+ endif (NOT LibGcrypt_FIND_QUIETLY)
+else (LIBGCRYPT_FOUND)
+ if (LibGcrypt_FIND_REQUIRED)
+ message(FATAL_ERROR "Could not find libgcrypt libraries")
+ endif (LibGcrypt_FIND_REQUIRED)
+endif (LIBGCRYPT_FOUND)
+
+MARK_AS_ADVANCED(LIBGCRYPT_CFLAGS LIBGCRYPT_LIBRARIES)
diff --git a/cmake/modules/FindNss.cmake b/cmake/modules/FindNss.cmake
new file mode 100644
index 0000000..1851d9e
--- /dev/null
+++ b/cmake/modules/FindNss.cmake
@@ -0,0 +1,46 @@
+# - Try to find the NSS library
+# Once done this will define
+#
+# NSS_FOUND - system has mozilla-nss lib
+# NSS_INCLUDE_DIRS - the mozilla-nss include directories
+# NSS_LIBRARIES - Link these to use mozilla-nss
+# NSS_DEFINITIONS - Compiler switches required for using NSS
+#
+# Copyright (c) 2006, Laurent Montel, <montel@kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+if (NSS_INCLUDE_DIRS AND NSS_LIBRARIES)
+
+ # in cache already
+ SET(NSS_FOUND TRUE)
+
+else (NSS_INCLUDE_DIRS AND NSS_LIBRARIES)
+ if(NOT WIN32)
+ INCLUDE(UsePkgConfig)
+
+ PKGCONFIG(nss _NSSIncDir _NSSLinkDir _NSSLinkFlags _NSSCflags)
+
+ set(NSS_DEFINITIONS ${_NSSCflags})
+ set(NSS_INCLUDE_DIRS ${_NSSIncDir})
+ set(NSS_LIBRARIES ${_NSSLinkFlags})
+ endif(NOT WIN32)
+
+ if (NSS_INCLUDE_DIRS AND NSS_LIBRARIES)
+ set(NSS_FOUND TRUE)
+ endif (NSS_INCLUDE_DIRS AND NSS_LIBRARIES)
+
+ if (NSS_FOUND)
+ if (NOT Nss_FIND_QUIETLY)
+ message(STATUS "Found NSS: ${NSS_LIBRARIES}")
+ endif (NOT Nss_FIND_QUIETLY)
+ else (NSS_FOUND)
+ if (Nss_FIND_REQUIRED)
+ message(FATAL_ERROR "Could NOT find NSS")
+ endif (Nss_FIND_REQUIRED)
+ endif (NSS_FOUND)
+
+ MARK_AS_ADVANCED(NSS_INCLUDE_DIRS NSS_LIBRARIES)
+
+endif (NSS_INCLUDE_DIRS AND NSS_LIBRARIES)
diff --git a/cmake/modules/FindOpenSSL.cmake b/cmake/modules/FindOpenSSL.cmake
new file mode 100644
index 0000000..881210b
--- /dev/null
+++ b/cmake/modules/FindOpenSSL.cmake
@@ -0,0 +1,108 @@
+# - Try to find the OpenSSL encryption library
+# Once done this will define
+#
+# OPENSSL_FOUND - system has the OpenSSL library
+# OPENSSL_INCLUDE_DIR - the OpenSSL include directory
+# OPENSSL_LIBRARIES - The libraries needed to use OpenSSL
+# OPENSSL_EAY_LIBRARIES - The additional libraries needed to use OpenSSL on windows
+# Copyright (c) 2006, Alexander Neundorf, <neundorf@kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+# on win32 we additional need to link to libeay32.lib
+MACRO(OPENSSL_ADD_LIB_EAY_LIBS)
+ IF(MSVC)
+ # /MD and /MDd are the standard values - if somone wants to use
+ # others, the libnames have to change here too
+ # use also eay and libeay32 in debug as fallback for openssl < 0.9.8b
+
+ FIND_LIBRARY(LIB_EAY_DEBUG NAMES libeay32MDd eay libeay libeay32)
+ FIND_LIBRARY(LIB_EAY_RELEASE NAMES libeay32MD eay libeay libeay32)
+
+ IF(MSVC_IDE)
+ IF(LIB_EAY_DEBUG AND LIB_EAY_RELEASE)
+ SET(OPENSSL_EAY_LIBRARIES optimized ${LIB_EAY_RELEASE} debug ${LIB_EAY_DEBUG})
+ ELSE(LIB_EAY_DEBUG AND LIB_EAY_RELEASE)
+ MESSAGE(FATAL_ERROR "Could not find the debug and release version of openssl (libeay)")
+ ENDIF(LIB_EAY_DEBUG AND LIB_EAY_RELEASE)
+ ELSE(MSVC_IDE)
+ STRING(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_TOLOWER)
+ IF(CMAKE_BUILD_TYPE_TOLOWER MATCHES debug)
+ SET(OPENSSL_EAY_LIBRARIES ${LIB_EAY_DEBUG})
+ ELSE(CMAKE_BUILD_TYPE_TOLOWER MATCHES debug)
+ SET(OPENSSL_EAY_LIBRARIES ${LIB_EAY_RELEASE})
+ ENDIF(CMAKE_BUILD_TYPE_TOLOWER MATCHES debug)
+ ENDIF(MSVC_IDE)
+ MARK_AS_ADVANCED(LIB_EAY_DEBUG LIB_EAY_RELEASE)
+ ELSE(MSVC)
+ FIND_LIBRARY(OPENSSL_EAY_LIBRARIES NAMES eay libeay libeay32 )
+ ENDIF(MSVC)
+ENDMACRO(OPENSSL_ADD_LIB_EAY_LIBS)
+
+IF(OPENSSL_LIBRARIES)
+ SET(OpenSSL_FIND_QUIETLY TRUE)
+ENDIF(OPENSSL_LIBRARIES)
+
+IF(SSL_EAY_DEBUG AND SSL_EAY_RELEASE)
+ SET(LIB_FOUND 1)
+ENDIF(SSL_EAY_DEBUG AND SSL_EAY_RELEASE)
+
+FIND_PATH(OPENSSL_INCLUDE_DIR openssl/ssl.h )
+
+IF(WIN32 AND MSVC)
+ # /MD and /MDd are the standard values - if somone wants to use
+ # others, the libnames have to change here too
+ # use also ssl and ssleay32 in debug as fallback for openssl < 0.9.8b
+
+ FIND_LIBRARY(SSL_EAY_DEBUG NAMES ssleay32MDd ssl ssleay32)
+ FIND_LIBRARY(SSL_EAY_RELEASE NAMES ssleay32MD ssl ssleay32)
+
+ IF(MSVC_IDE)
+ IF(SSL_EAY_DEBUG AND SSL_EAY_RELEASE)
+ SET(OPENSSL_LIBRARIES optimized ${SSL_EAY_RELEASE} debug ${SSL_EAY_DEBUG})
+ ELSE(SSL_EAY_DEBUG AND SSL_EAY_RELEASE)
+ MESSAGE(FATAL_ERROR "Could not find the debug and release version of openssl")
+ ENDIF(SSL_EAY_DEBUG AND SSL_EAY_RELEASE)
+ ELSE(MSVC_IDE)
+ STRING(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_TOLOWER)
+ IF(CMAKE_BUILD_TYPE_TOLOWER MATCHES debug)
+ SET(OPENSSL_LIBRARIES ${SSL_EAY_DEBUG})
+ ELSE(CMAKE_BUILD_TYPE_TOLOWER MATCHES debug)
+ SET(OPENSSL_LIBRARIES ${SSL_EAY_RELEASE})
+ ENDIF(CMAKE_BUILD_TYPE_TOLOWER MATCHES debug)
+ ENDIF(MSVC_IDE)
+ MARK_AS_ADVANCED(SSL_EAY_DEBUG SSL_EAY_RELEASE)
+ELSE(WIN32 AND MSVC)
+
+ FIND_LIBRARY(OPENSSL_LIBRARIES NAMES ssl ssleay32 ssleay32MD )
+
+ENDIF(WIN32 AND MSVC)
+
+IF(WIN32)
+ OPENSSL_ADD_LIB_EAY_LIBS()
+ IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES AND OPENSSL_EAY_LIBRARIES)
+ SET(OPENSSL_FOUND TRUE)
+ ELSE(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES AND OPENSSL_EAY_LIBRARIES)
+ SET(OPENSSL_FOUND FALSE)
+ ENDIF (OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES AND OPENSSL_EAY_LIBRARIES)
+ELSE(WIN32)
+ IF(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES)
+ SET(OPENSSL_FOUND TRUE)
+ ELSE(OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES)
+ SET(OPENSSL_FOUND FALSE)
+ ENDIF (OPENSSL_INCLUDE_DIR AND OPENSSL_LIBRARIES)
+ENDIF(WIN32)
+
+IF (OPENSSL_FOUND)
+ IF (NOT OpenSSL_FIND_QUIETLY)
+ MESSAGE(STATUS "Found OpenSSL: ${OPENSSL_LIBRARIES}")
+ ENDIF (NOT OpenSSL_FIND_QUIETLY)
+ELSE (OPENSSL_FOUND)
+ IF (OpenSSL_FIND_REQUIRED)
+ MESSAGE(FATAL_ERROR "Could NOT find OpenSSL")
+ ENDIF (OpenSSL_FIND_REQUIRED)
+ENDIF (OPENSSL_FOUND)
+
+MARK_AS_ADVANCED(OPENSSL_INCLUDE_DIR OPENSSL_LIBRARIES)
+
diff --git a/cmake/modules/FindPkcs11Helper.cmake b/cmake/modules/FindPkcs11Helper.cmake
new file mode 100644
index 0000000..000e950
--- /dev/null
+++ b/cmake/modules/FindPkcs11Helper.cmake
@@ -0,0 +1,49 @@
+# - Try to find the pkcs11-helper library
+# Once done this will define
+#
+# PKCS11H_FOUND - system has pkcs11-helper
+# PKCS11H_INCLUDE_DIRS - the pkcs11-helper include directories
+# PKCS11H_LIBRARIES - Link to these to use pkcs11-helper
+# PKCS11H_DEFINITIONS - Compiler switches required for using pkcs11-helper
+#
+# Copyright (c) 2006, Laurent Montel, <montel@kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+#
+# pkcs11-helper can be found at http://www.opensc-project.org/pkcs11-helper
+#
+
+if (PKCS11H_INCLUDE_DIRS AND PKCS11H_LIBRARIES)
+
+ # in cache already
+ SET(PKCS11H_FOUND TRUE)
+
+else (PKCS11H_INCLUDE_DIRS AND PKCS11H_LIBRARIES)
+ if(NOT WIN32)
+ INCLUDE(UsePkgConfig)
+
+ PKGCONFIG(libpkcs11-helper-1 _PKCS11HIncDir _PKCS11HLinkDir _PKCS11HLinkFlags _PKCS11HCflags)
+
+ set(PKCS11H_DEFINITIONS ${_PKCS11HCflags})
+ set(PKCS11H_INCLUDE_DIRS ${_PKCS11HIncDir})
+ set(PKCS11H_LIBRARIES ${_PKCS11HLinkFlags})
+ endif(NOT WIN32)
+
+ if (PKCS11H_INCLUDE_DIRS AND PKCS11H_LIBRARIES)
+ set(PKCS11H_FOUND TRUE)
+ endif (PKCS11H_INCLUDE_DIRS AND PKCS11H_LIBRARIES)
+
+ if (PKCS11H_FOUND)
+ if (NOT Pkcs11Helper_FIND_QUIETLY)
+ message(STATUS "Found pkcs11-helper: ${PKCS11H_LIBRARIES}")
+ endif (NOT Pkcs11Helper_FIND_QUIETLY)
+ else (PKCS11H_FOUND)
+ if (Pkcs11Helper_FIND_REQUIRED)
+ message(FATAL_ERROR "Could NOT find pkcs11-helper")
+ endif (Pkcs11Helper_FIND_REQUIRED)
+ endif (PKCS11H_FOUND)
+
+ MARK_AS_ADVANCED(PKCS11H_INCLUDE_DIRS PKCS11H_LIBRARIES)
+
+endif (PKCS11H_INCLUDE_DIRS AND PKCS11H_LIBRARIES)
diff --git a/cmake/modules/FindQt4.cmake b/cmake/modules/FindQt4.cmake
new file mode 100644
index 0000000..43d0b46
--- /dev/null
+++ b/cmake/modules/FindQt4.cmake
@@ -0,0 +1,883 @@
+# - Find QT 4
+
+#
+# This is a modified version for QCA, that provides the plugin path
+# See: http://www.cmake.org/Bug/bug.php?op=show&bugid=3898
+#
+
+# This module can be used to find Qt4.
+# The most important issue is that the Qt4 qmake is available via the system path.
+# This qmake is then used to detect basically everything else.
+# This module defines a number of key variables and macros. First is
+# QT_USE_FILE which is the path to a CMake file that can be included to compile
+# Qt 4 applications and libraries. By default, the QtCore and QtGui
+# libraries are loaded. This behavior can be changed by setting one or more
+# of the following variables to true:
+# QT_DONT_USE_QTCORE
+# QT_DONT_USE_QTGUI
+# QT_USE_QT3SUPPORT
+# QT_USE_QTASSISTANT
+# QT_USE_QTDESIGNER
+# QT_USE_QTMOTIF
+# QT_USE_QTMAIN
+# QT_USE_QTNETWORK
+# QT_USE_QTNSPLUGIN
+# QT_USE_QTOPENGL
+# QT_USE_QTSQL
+# QT_USE_QTXML
+#
+# All the libraries required are stored in a variable called QT_LIBRARIES.
+# Add this variable to your TARGET_LINK_LIBRARIES.
+#
+# macro QT4_WRAP_CPP(outfiles inputfile ... )
+# macro QT4_WRAP_UI(outfiles inputfile ... )
+# macro QT4_ADD_RESOURCE(outfiles inputfile ... )
+# macro QT4_AUTOMOC(inputfile ... )
+# macro QT4_GENERATE_MOC(inputfile outputfile )
+#
+# QT_FOUND If false, don't try to use Qt.
+# QT4_FOUND If false, don't try to use Qt 4.
+#
+# QT_QTCORE_FOUND True if QtCore was found.
+# QT_QTGUI_FOUND True if QtGui was found.
+# QT_QT3SUPPORT_FOUND True if Qt3Support was found.
+# QT_QTASSISTANT_FOUND True if QtAssistant was found.
+# QT_QTDESIGNER_FOUND True if QtDesigner was found.
+# QT_QTMOTIF_FOUND True if QtMotif was found.
+# QT_QTNETWORK_FOUND True if QtNetwork was found.
+# QT_QTNSPLUGIN_FOUND True if QtNsPlugin was found.
+# QT_QTOPENGL_FOUND True if QtOpenGL was found.
+# QT_QTSQL_FOUND True if QtSql was found.
+# QT_QTXML_FOUND True if QtXml was found.
+# QT_QTSVG_FOUND True if QtSvg was found.
+# QT_QTTEST_FOUND True if QtTest was found.
+#
+# QT_DEFINITIONS Definitions to use when compiling code that uses Qt.
+#
+# QT_INCLUDES List of paths to all include directories of
+# Qt4 QT_INCLUDE_DIR and QT_QTCORE_INCLUDE_DIR are
+# always in this variable even if NOTFOUND,
+# all other INCLUDE_DIRS are
+# only added if they are found.
+#
+# QT_INCLUDE_DIR Path to "include" of Qt4
+# QT_QT_INCLUDE_DIR Path to "include/Qt"
+# QT_QT3SUPPORT_INCLUDE_DIR Path to "include/Qt3Support"
+# QT_QTASSISTANT_INCLUDE_DIR Path to "include/QtAssistant"
+# QT_QTCORE_INCLUDE_DIR Path to "include/QtCore"
+# QT_QTDESIGNER_INCLUDE_DIR Path to "include/QtDesigner"
+# QT_QTGUI_INCLUDE_DIR Path to "include/QtGui"
+# QT_QTMOTIF_INCLUDE_DIR Path to "include/QtMotif"
+# QT_QTNETWORK_INCLUDE_DIR Path to "include/QtNetwork"
+# QT_QTNSPLUGIN_INCLUDE_DIR Path to "include/QtNsPlugin"
+# QT_QTOPENGL_INCLUDE_DIR Path to "include/QtOpenGL"
+# QT_QTSQL_INCLUDE_DIR Path to "include/QtSql"
+# QT_QTXML_INCLUDE_DIR Path to "include/QtXml"
+# QT_QTSVG_INCLUDE_DIR Path to "include/QtSvg"
+# QT_QTTEST_INCLUDE_DIR Path to "include/QtTest"
+#
+# QT_LIBRARY_DIR Path to "lib" of Qt4
+#
+# QT_PLUGINS_DIR Path to "plugins" for Qt4
+#
+# For every library of Qt there are three variables:
+# QT_QTFOO_LIBRARY_RELEASE, which contains the full path to the release version
+# QT_QTFOO_LIBRARY_DEBUG, which contains the full path to the debug version
+# QT_QTFOO_LIBRARY, the full path to the release version if available, otherwise to the debug version
+#
+# So there are the following variables:
+# The Qt3Support library: QT_QT3SUPPORT_LIBRARY
+# QT_QT3SUPPORT_LIBRARY_RELEASE
+# QT_QT3SUPPORT_DEBUG
+#
+# The QtAssistant library: QT_QTASSISTANT_LIBRARY
+# QT_QTASSISTANT_LIBRARY_RELEASE
+# QT_QTASSISTANT_LIBRARY_DEBUG
+#
+# The QtCore library: QT_QTCORE_LIBRARY
+# QT_QTCORE_LIBRARY_RELEASE
+# QT_QTCORE_LIBRARY_DEBUG
+#
+# The QtDesigner library: QT_QTDESIGNER_LIBRARY
+# QT_QTDESIGNER_LIBRARY_RELEASE
+# QT_QTDESIGNER_LIBRARY_DEBUG
+#
+# The QtGui library: QT_QTGUI_LIBRARY
+# QT_QTGUI_LIBRARY_RELEASE
+# QT_QTGUI_LIBRARY_DEBUG
+#
+# The QtMotif library: QT_QTMOTIF_LIBRARY
+# QT_QTMOTIF_LIBRARY_RELEASE
+# QT_QTMOTIF_LIBRARY_DEBUG
+#
+# The QtNetwork library: QT_QTNETWORK_LIBRARY
+# QT_QTNETWORK_LIBRARY_RELEASE
+# QT_QTNETWORK_LIBRARY_DEBUG
+#
+# The QtNsPLugin library: QT_QTNSPLUGIN_LIBRARY
+# QT_QTNSPLUGIN_LIBRARY_RELEASE
+# QT_QTNSPLUGIN_LIBRARY_DEBUG
+#
+# The QtOpenGL library: QT_QTOPENGL_LIBRARY
+# QT_QTOPENGL_LIBRARY_RELEASE
+# QT_QTOPENGL_LIBRARY_DEBUG
+#
+# The QtSql library: QT_QTSQL_LIBRARY
+# QT_QTSQL_LIBRARY_RELEASE
+# QT_QTSQL_LIBRARY_DEBUG
+#
+# The QtXml library: QT_QTXML_LIBRARY
+# QT_QTXML_LIBRARY_RELEASE
+# QT_QTXML_LIBRARY_DEBUG
+#
+# The QtSvg library: QT_QTSVG_LIBRARY
+# QT_QTSVG_LIBRARY_RELEASE
+# QT_QTSVG_LIBRARY_DEBUG
+#
+# The QtTest library: QT_QTTEST_LIBRARY
+# QT_QTTEST_LIBRARY_RELEASE
+# QT_QTTEST_LIBRARY_DEBUG
+#
+# The qtmain library for Windows QT_QTMAIN_LIBRARY
+# QT_QTMAIN_LIBRARY_RELEASE
+# QT_QTMAIN_LIBRARY_DEBUG
+#
+#The QtUiTools library: QT_QTUITOOLS_LIBRARY
+# QT_QTUITOOLS_LIBRARY_RELEASE
+# QT_QTUITOOLS_LIBRARY_DEBUG
+#
+# also defined, but NOT for general use are
+# QT_MOC_EXECUTABLE Where to find the moc tool.
+# QT_UIC_EXECUTABLE Where to find the uic tool.
+# QT_UIC3_EXECUTABLE Where to find the uic3 tool.
+# QT_RCC_EXECUTABLE Where to find the rcc tool
+#
+# QT_DOC_DIR Path to "doc" of Qt4
+# QT_MKSPECS_DIR Path to "mkspecs" of Qt4
+#
+#
+# These are around for backwards compatibility
+# they will be set
+# QT_WRAP_CPP Set true if QT_MOC_EXECUTABLE is found
+# QT_WRAP_UI Set true if QT_UIC_EXECUTABLE is found
+#
+# These variables do _NOT_ have any effect anymore (compared to FindQt.cmake)
+# QT_MT_REQUIRED Qt4 is now always multithreaded
+#
+# These variables are set to "" Because Qt structure changed
+# (They make no sense in Qt4)
+# QT_QT_LIBRARY Qt-Library is now split
+
+INCLUDE(CheckSymbolExists)
+INCLUDE(MacroAddFileDependencies)
+
+SET(QT_USE_FILE ${CMAKE_ROOT}/Modules/UseQt4.cmake)
+
+SET( QT_DEFINITIONS "")
+
+IF (WIN32)
+ SET(QT_DEFINITIONS -DQT_DLL)
+ENDIF(WIN32)
+
+# check for qmake
+FIND_PROGRAM(QT_QMAKE_EXECUTABLE NAMES qmake qmake-qt4 PATHS
+ "[HKEY_CURRENT_USER\\Software\\Trolltech\\Qt3Versions\\4.0.0;InstallDir]/bin"
+ "[HKEY_CURRENT_USER\\Software\\Trolltech\\Versions\\4.0.0;InstallDir]/bin"
+ $ENV{QTDIR}/bin
+)
+
+SET(QT4_INSTALLED_VERSION_TOO_OLD FALSE)
+
+
+IF (QT_QMAKE_EXECUTABLE)
+
+ SET(QT4_QMAKE_FOUND FALSE)
+
+ EXEC_PROGRAM(${QT_QMAKE_EXECUTABLE} ARGS "-query QT_VERSION" OUTPUT_VARIABLE QTVERSION)
+
+ # check that we found the Qt4 qmake, Qt3 qmake output won't match here
+ STRING(REGEX MATCH "^[0-9]+\\.[0-9]+\\.[0-9]+" qt_version_tmp "${QTVERSION}")
+ IF (qt_version_tmp)
+
+ # we need at least version 4.0.0
+ IF (NOT QT_MIN_VERSION)
+ SET(QT_MIN_VERSION "4.0.0")
+ ENDIF (NOT QT_MIN_VERSION)
+
+ #now parse the parts of the user given version string into variables
+ STRING(REGEX MATCH "^[0-9]+\\.[0-9]+\\.[0-9]+" req_qt_major_vers "${QT_MIN_VERSION}")
+ IF (NOT req_qt_major_vers)
+ MESSAGE( FATAL_ERROR "Invalid Qt version string given: \"${QT_MIN_VERSION}\", expected e.g. \"4.0.1\"")
+ ENDIF (NOT req_qt_major_vers)
+
+ # now parse the parts of the user given version string into variables
+ STRING(REGEX REPLACE "^([0-9]+)\\.[0-9]+\\.[0-9]+" "\\1" req_qt_major_vers "${QT_MIN_VERSION}")
+ STRING(REGEX REPLACE "^[0-9]+\\.([0-9])+\\.[0-9]+" "\\1" req_qt_minor_vers "${QT_MIN_VERSION}")
+ STRING(REGEX REPLACE "^[0-9]+\\.[0-9]+\\.([0-9]+)" "\\1" req_qt_patch_vers "${QT_MIN_VERSION}")
+
+ IF (NOT req_qt_major_vers EQUAL 4)
+ MESSAGE( FATAL_ERROR "Invalid Qt version string given: \"${QT_MIN_VERSION}\", major version 4 is required, e.g. \"4.0.1\"")
+ ENDIF (NOT req_qt_major_vers EQUAL 4)
+
+ # and now the version string given by qmake
+ STRING(REGEX REPLACE "^([0-9]+)\\.[0-9]+\\.[0-9]+.*" "\\1" found_qt_major_vers "${QTVERSION}")
+ STRING(REGEX REPLACE "^[0-9]+\\.([0-9])+\\.[0-9]+.*" "\\1" found_qt_minor_vers "${QTVERSION}")
+ STRING(REGEX REPLACE "^[0-9]+\\.[0-9]+\\.([0-9]+).*" "\\1" found_qt_patch_vers "${QTVERSION}")
+
+ # compute an overall version number which can be compared at once
+ MATH(EXPR req_vers "${req_qt_major_vers}*10000 + ${req_qt_minor_vers}*100 + ${req_qt_patch_vers}")
+ MATH(EXPR found_vers "${found_qt_major_vers}*10000 + ${found_qt_minor_vers}*100 + ${found_qt_patch_vers}")
+
+ IF (found_vers LESS req_vers)
+ SET(QT4_QMAKE_FOUND FALSE)
+ SET(QT4_INSTALLED_VERSION_TOO_OLD TRUE)
+ ELSE (found_vers LESS req_vers)
+ SET(QT4_QMAKE_FOUND TRUE)
+ ENDIF (found_vers LESS req_vers)
+
+ ENDIF (qt_version_tmp)
+
+ENDIF (QT_QMAKE_EXECUTABLE)
+
+IF (QT4_QMAKE_FOUND)
+
+ # ask qmake for the library dir
+ # Set QT_LIBRARY_DIR
+ IF (NOT QT_LIBRARY_DIR)
+ EXEC_PROGRAM( ${QT_QMAKE_EXECUTABLE}
+ ARGS "-query QT_INSTALL_LIBS"
+ OUTPUT_VARIABLE QT_LIBRARY_DIR_TMP )
+ IF(EXISTS "${QT_LIBRARY_DIR_TMP}")
+ SET(QT_LIBRARY_DIR ${QT_LIBRARY_DIR_TMP} CACHE PATH "Qt library dir")
+ ELSE(EXISTS "${QT_LIBRARY_DIR_TMP}")
+ MESSAGE("Warning: QT_QMAKE_EXECUTABLE reported QT_INSTALL_LIBS as ${QT_LIBRARY_DIR_TMP}")
+ MESSAGE("Warning: ${QT_LIBRARY_DIR_TMP} does NOT exist, Qt must NOT be installed correctly.")
+ ENDIF(EXISTS "${QT_LIBRARY_DIR_TMP}")
+ ENDIF(NOT QT_LIBRARY_DIR)
+
+ IF (APPLE)
+ IF (EXISTS ${QT_LIBRARY_DIR}/QtCore.framework)
+ SET(QT_USE_FRAMEWORKS ON
+ CACHE BOOL "Set to ON if Qt build uses frameworks.")
+ ELSE (EXISTS ${QT_LIBRARY_DIR}/QtCore.framework)
+ SET(QT_USE_FRAMEWORKS OFF
+ CACHE BOOL "Set to ON if Qt build uses frameworks.")
+ ENDIF (EXISTS ${QT_LIBRARY_DIR}/QtCore.framework)
+
+ MARK_AS_ADVANCED(QT_USE_FRAMEWORKS)
+ ENDIF (APPLE)
+
+ # ask qmake for the binary dir
+ IF (NOT QT_BINARY_DIR)
+ EXEC_PROGRAM(${QT_QMAKE_EXECUTABLE}
+ ARGS "-query QT_INSTALL_BINS"
+ OUTPUT_VARIABLE qt_bins )
+ SET(QT_BINARY_DIR ${qt_bins} CACHE INTERNAL "")
+ ENDIF (NOT QT_BINARY_DIR)
+
+ # ask qmake for the include dir
+ IF (NOT QT_HEADERS_DIR)
+ EXEC_PROGRAM( ${QT_QMAKE_EXECUTABLE}
+ ARGS "-query QT_INSTALL_HEADERS"
+ OUTPUT_VARIABLE qt_headers )
+ SET(QT_HEADERS_DIR ${qt_headers} CACHE INTERNAL "")
+ ENDIF(NOT QT_HEADERS_DIR)
+
+
+ # ask qmake for the documentation directory
+ IF (NOT QT_DOC_DIR)
+ EXEC_PROGRAM( ${QT_QMAKE_EXECUTABLE}
+ ARGS "-query QT_INSTALL_DOCS"
+ OUTPUT_VARIABLE qt_doc_dir )
+ SET(QT_DOC_DIR ${qt_doc_dir} CACHE PATH "The location of the Qt docs")
+ ENDIF (NOT QT_DOC_DIR)
+
+ # ask qmake for the mkspecs directory
+ IF (NOT QT_MKSPECS_DIR)
+ EXEC_PROGRAM( ${QT_QMAKE_EXECUTABLE}
+ ARGS "-query QMAKE_MKSPECS"
+ OUTPUT_VARIABLE qt_mkspecs_dir )
+ SET(QT_MKSPECS_DIR ${qt_mkspecs_dir} CACHE PATH "The location of the Qt mkspecs")
+ ENDIF (NOT QT_MKSPECS_DIR)
+
+ # ask qmake for the plugins directory
+ IF (NOT QT_PLUGINS_DIR)
+ EXEC_PROGRAM( ${QT_QMAKE_EXECUTABLE}
+ ARGS "-query QT_INSTALL_PLUGINS"
+ OUTPUT_VARIABLE qt_plugins_dir )
+ SET(QT_PLUGINS_DIR ${qt_plugins_dir} CACHE PATH "The location of the Qt plugins")
+ ENDIF (NOT QT_PLUGINS_DIR)
+
+
+ ########################################
+ #
+ # Setting the INCLUDE-Variables
+ #
+ ########################################
+
+ FIND_PATH(QT_QTCORE_INCLUDE_DIR QtGlobal
+ ${QT_HEADERS_DIR}/QtCore
+ ${QT_LIBRARY_DIR}/QtCore.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_INCLUDE_DIR by removine "/QtCore" in the string ${QT_QTCORE_INCLUDE_DIR}
+ IF( QT_QTCORE_INCLUDE_DIR AND NOT QT_INCLUDE_DIR)
+ IF (QT_USE_FRAMEWORKS)
+ SET(QT_INCLUDE_DIR ${QT_HEADERS_DIR})
+ ELSE (QT_USE_FRAMEWORKS)
+ STRING( REGEX REPLACE "/QtCore$" "" qt4_include_dir ${QT_QTCORE_INCLUDE_DIR})
+ SET( QT_INCLUDE_DIR ${qt4_include_dir} CACHE PATH "")
+ ENDIF (QT_USE_FRAMEWORKS)
+ ENDIF( QT_QTCORE_INCLUDE_DIR AND NOT QT_INCLUDE_DIR)
+
+ IF( NOT QT_INCLUDE_DIR)
+ IF( NOT Qt4_FIND_QUIETLY AND Qt4_FIND_REQUIRED)
+ MESSAGE( FATAL_ERROR "Could NOT find QtGlobal header")
+ ENDIF( NOT Qt4_FIND_QUIETLY AND Qt4_FIND_REQUIRED)
+ ENDIF( NOT QT_INCLUDE_DIR)
+
+ #############################################
+ #
+ # Find out what window system we're using
+ #
+ #############################################
+ # Save required includes variable
+ SET(CMAKE_REQUIRED_INCLUDES_SAVE ${CMAKE_REQUIRED_INCLUDES})
+ # Add QT_INCLUDE_DIR to CMAKE_REQUIRED_INCLUDES
+ SET(CMAKE_REQUIRED_INCLUDES "${CMAKE_REQUIRED_INCLUDES};${QT_INCLUDE_DIR}")
+ # Check for Window system symbols (note: only one should end up being set)
+ CHECK_SYMBOL_EXISTS(Q_WS_X11 "QtCore/qglobal.h" Q_WS_X11)
+ CHECK_SYMBOL_EXISTS(Q_WS_MAC "QtCore/qglobal.h" Q_WS_MAC)
+ CHECK_SYMBOL_EXISTS(Q_WS_WIN "QtCore/qglobal.h" Q_WS_WIN)
+
+ IF (QT_QTCOPY_REQUIRED)
+ CHECK_SYMBOL_EXISTS(QT_IS_QTCOPY "QtCore/qglobal.h" QT_KDE_QT_COPY)
+ IF (NOT QT_IS_QTCOPY)
+ MESSAGE(FATAL_ERROR "qt-copy is required, but hasn't been found")
+ ENDIF (NOT QT_IS_QTCOPY)
+ ENDIF (QT_QTCOPY_REQUIRED)
+
+ # Restore CMAKE_REQUIRED_INCLUDES variable
+ SET(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES_SAVE})
+ #
+ #############################################
+
+ IF (QT_USE_FRAMEWORKS)
+ SET(QT_DEFINITIONS ${QT_DEFINITIONS} -F${QT_LIBRARY_DIR} -L${QT_LIBRARY_DIR} )
+ ENDIF (QT_USE_FRAMEWORKS)
+
+ # Set QT_QT3SUPPORT_INCLUDE_DIR
+ FIND_PATH(QT_QT3SUPPORT_INCLUDE_DIR Qt3Support
+ PATHS
+ ${QT_INCLUDE_DIR}/Qt3Support
+ ${QT_LIBRARY_DIR}/Qt3Support.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QT_INCLUDE_DIR
+ FIND_PATH(QT_QT_INCLUDE_DIR qglobal.h
+ PATHS
+ ${QT_INCLUDE_DIR}/Qt
+ ${QT_LIBRARY_DIR}/QtCore.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTGUI_INCLUDE_DIR
+ FIND_PATH(QT_QTGUI_INCLUDE_DIR QtGui
+ PATHS
+ ${QT_INCLUDE_DIR}/QtGui
+ ${QT_LIBRARY_DIR}/QtGui.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTSVG_INCLUDE_DIR
+ FIND_PATH(QT_QTSVG_INCLUDE_DIR QtSvg
+ PATHS
+ ${QT_INCLUDE_DIR}/QtSvg
+ ${QT_LIBRARY_DIR}/QtSvg.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTTEST_INCLUDE_DIR
+ FIND_PATH(QT_QTTEST_INCLUDE_DIR QtTest
+ PATHS
+ ${QT_INCLUDE_DIR}/QtTest
+ ${QT_LIBRARY_DIR}/QtTest.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTUITOOLS_INCLUDE_DIR
+ FIND_PATH(QT_QTUITOOLS_INCLUDE_DIR QtTest
+ PATHS
+ ${QT_INCLUDE_DIR}/QtUiTools
+ ${QT_LIBRARY_DIR}/QtUiTools.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+
+
+ # Set QT_QTMOTIF_INCLUDE_DIR
+ IF(Q_WS_X11)
+ FIND_PATH(QT_QTMOTIF_INCLUDE_DIR QtMotif PATHS ${QT_INCLUDE_DIR}/QtMotif NO_DEFAULT_PATH )
+ ENDIF(Q_WS_X11)
+
+ # Set QT_QTNETWORK_INCLUDE_DIR
+ FIND_PATH(QT_QTNETWORK_INCLUDE_DIR QtNetwork
+ PATHS
+ ${QT_INCLUDE_DIR}/QtNetwork
+ ${QT_LIBRARY_DIR}/QtNetwork.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTNSPLUGIN_INCLUDE_DIR
+ FIND_PATH(QT_QTNSPLUGIN_INCLUDE_DIR QtNsPlugin
+ PATHS
+ ${QT_INCLUDE_DIR}/QtNsPlugin
+ ${QT_LIBRARY_DIR}/QtNsPlugin.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTOPENGL_INCLUDE_DIR
+ FIND_PATH(QT_QTOPENGL_INCLUDE_DIR QtOpenGL
+ PATHS
+ ${QT_INCLUDE_DIR}/QtOpenGL
+ ${QT_LIBRARY_DIR}/QtOpenGL.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTSQL_INCLUDE_DIR
+ FIND_PATH(QT_QTSQL_INCLUDE_DIR QtSql
+ PATHS
+ ${QT_INCLUDE_DIR}/QtSql
+ ${QT_LIBRARY_DIR}/QtSql.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTXML_INCLUDE_DIR
+ FIND_PATH(QT_QTXML_INCLUDE_DIR QtXml
+ PATHS
+ ${QT_INCLUDE_DIR}/QtXml
+ ${QT_LIBRARY_DIR}/QtXml.framework/Headers
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTASSISTANT_INCLUDE_DIR
+ FIND_PATH(QT_QTASSISTANT_INCLUDE_DIR QtAssistant
+ PATHS
+ ${QT_INCLUDE_DIR}/QtAssistant
+ ${QT_HEADERS_DIR}/QtAssistant
+ NO_DEFAULT_PATH
+ )
+
+ # Set QT_QTDESIGNER_INCLUDE_DIR
+ FIND_PATH(QT_QTDESIGNER_INCLUDE_DIR QDesignerComponents
+ PATHS
+ ${QT_INCLUDE_DIR}/QtDesigner
+ ${QT_HEADERS_DIR}/QtDesigner
+ NO_DEFAULT_PATH
+ )
+
+ # Make variables changeble to the advanced user
+ MARK_AS_ADVANCED( QT_LIBRARY_DIR QT_INCLUDE_DIR QT_QT_INCLUDE_DIR QT_DOC_DIR)
+
+ # Set QT_INCLUDES
+ SET( QT_INCLUDES ${QT_INCLUDE_DIR} ${QT_QT_INCLUDE_DIR} ${QT_MKSPECS_DIR}/default )
+
+
+
+ # Set QT_QTCORE_LIBRARY by searching for a lib with "QtCore." as part of the filename
+ FIND_LIBRARY(QT_QTCORE_LIBRARY_RELEASE NAMES QtCore QtCore4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH )
+ FIND_LIBRARY(QT_QTCORE_LIBRARY_DEBUG NAMES QtCore_debug QtCored4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QT3SUPPORT_LIBRARY
+ FIND_LIBRARY(QT_QT3SUPPORT_LIBRARY_RELEASE NAMES Qt3Support Qt3Support4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QT3SUPPORT_LIBRARY_DEBUG NAMES Qt3Support_debug Qt3Supportd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTGUI_LIBRARY
+ FIND_LIBRARY(QT_QTGUI_LIBRARY_RELEASE NAMES QtGui QtGui4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTGUI_LIBRARY_DEBUG NAMES QtGui_debug QtGuid4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTMOTIF_LIBRARY
+ IF(Q_WS_X11)
+ FIND_LIBRARY(QT_QTMOTIF_LIBRARY_RELEASE NAMES QtMotif PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTMOTIF_LIBRARY_DEBUG NAMES QtMotif_debug PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ ENDIF(Q_WS_X11)
+
+ # Set QT_QTNETWORK_LIBRARY
+ FIND_LIBRARY(QT_QTNETWORK_LIBRARY_RELEASE NAMES QtNetwork QtNetwork4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTNETWORK_LIBRARY_DEBUG NAMES QtNetwork_debug QtNetworkd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTNSPLUGIN_LIBRARY
+ FIND_LIBRARY(QT_QTNSPLUGIN_LIBRARY_RELEASE NAMES QtNsPlugin PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTNSPLUGIN_LIBRARY_DEBUG NAMES QtNsPlugin_debug PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTOPENGL_LIBRARY
+ FIND_LIBRARY(QT_QTOPENGL_LIBRARY_RELEASE NAMES QtOpenGL QtOpenGL4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTOPENGL_LIBRARY_DEBUG NAMES QtOpenGL_debug QtOpenGLd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTSQL_LIBRARY
+ FIND_LIBRARY(QT_QTSQL_LIBRARY_RELEASE NAMES QtSql QtSql4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTSQL_LIBRARY_DEBUG NAMES QtSql_debug QtSqld4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTXML_LIBRARY
+ FIND_LIBRARY(QT_QTXML_LIBRARY_RELEASE NAMES QtXml QtXml4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTXML_LIBRARY_DEBUG NAMES QtXml_debug QtXmld4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTSVG_LIBRARY
+ FIND_LIBRARY(QT_QTSVG_LIBRARY_RELEASE NAMES QtSvg QtSvg4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTSVG_LIBRARY_DEBUG NAMES QtSvg_debug QtSvgd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTUITOOLS_LIBRARY
+ FIND_LIBRARY(QT_QTUITOOLS_LIBRARY_RELEASE NAMES QtUiTools QtUiTools4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTUITOOLS_LIBRARY_DEBUG NAMES QtUiTools_debug QtUiToolsd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTTEST_LIBRARY
+ FIND_LIBRARY(QT_QTTEST_LIBRARY_RELEASE NAMES QtTest QtTest4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTTEST_LIBRARY_DEBUG NAMES QtTest_debug QtTest_debug4 QtTestd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ MARK_AS_ADVANCED(QT_QT3SUPPORT_LIBRARY QT_QTGUI_LIBRARY )
+
+ IF( NOT QT_QTCORE_LIBRARY_DEBUG AND NOT QT_QTCORE_LIBRARY_RELEASE )
+ IF( NOT Qt4_FIND_QUIETLY AND Qt4_FIND_REQUIRED)
+ MESSAGE( FATAL_ERROR "Could NOT find QtCore. Check CMakeFiles/CMakeError.log for more details.")
+ ENDIF( NOT Qt4_FIND_QUIETLY AND Qt4_FIND_REQUIRED)
+ ENDIF( NOT QT_QTCORE_LIBRARY_DEBUG AND NOT QT_QTCORE_LIBRARY_RELEASE )
+
+ # Set QT_QTASSISTANT_LIBRARY
+ FIND_LIBRARY(QT_QTASSISTANT_LIBRARY_RELEASE NAMES QtAssistantClient QtAssistant QtAssistant4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTASSISTANT_LIBRARY_DEBUG NAMES QtAssistantClientd QtAssistantClient_debug QtAssistant_debug QtAssistantd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ # Set QT_QTDESIGNER_LIBRARY
+ FIND_LIBRARY(QT_QTDESIGNER_LIBRARY_RELEASE NAMES QtDesigner QtDesigner4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+ FIND_LIBRARY(QT_QTDESIGNER_LIBRARY_DEBUG NAMES QtDesigner_debug QtDesignerd4 PATHS ${QT_LIBRARY_DIR} NO_DEFAULT_PATH)
+
+ ############################################
+ #
+ # Check the existence of the libraries.
+ #
+ ############################################
+
+ MACRO (_QT4_ADJUST_LIB_VARS basename)
+ IF (QT_${basename}_INCLUDE_DIR)
+
+ # if only the release version was found, set the debug variable also to the release version
+ IF (QT_${basename}_LIBRARY_RELEASE AND NOT QT_${basename}_LIBRARY_DEBUG)
+ SET(QT_${basename}_LIBRARY_DEBUG ${QT_${basename}_LIBRARY_RELEASE})
+ SET(QT_${basename}_LIBRARY ${QT_${basename}_LIBRARY_RELEASE})
+ SET(QT_${basename}_LIBRARIES ${QT_${basename}_LIBRARY_RELEASE})
+ ENDIF (QT_${basename}_LIBRARY_RELEASE AND NOT QT_${basename}_LIBRARY_DEBUG)
+
+ # if only the debug version was found, set the release variable also to the debug version
+ IF (QT_${basename}_LIBRARY_DEBUG AND NOT QT_${basename}_LIBRARY_RELEASE)
+ SET(QT_${basename}_LIBRARY_RELEASE ${QT_${basename}_LIBRARY_DEBUG})
+ SET(QT_${basename}_LIBRARY ${QT_${basename}_LIBRARY_DEBUG})
+ SET(QT_${basename}_LIBRARIES ${QT_${basename}_LIBRARY_DEBUG})
+ ENDIF (QT_${basename}_LIBRARY_DEBUG AND NOT QT_${basename}_LIBRARY_RELEASE)
+
+ IF (QT_${basename}_LIBRARY_DEBUG AND QT_${basename}_LIBRARY_RELEASE)
+ IF(NOT MSVC)
+ SET(QT_${basename}_LIBRARY ${QT_${basename}_LIBRARY_RELEASE})
+ ELSE(NOT MSVC)
+ SET(QT_${basename}_LIBRARY optimized ${QT_${basename}_LIBRARY_RELEASE} debug ${QT_${basename}_LIBRARY_DEBUG})
+ ENDIF(NOT MSVC)
+ SET(QT_${basename}_LIBRARIES optimized ${QT_${basename}_LIBRARY_RELEASE} debug ${QT_${basename}_LIBRARY_DEBUG})
+ ENDIF (QT_${basename}_LIBRARY_DEBUG AND QT_${basename}_LIBRARY_RELEASE)
+
+ SET(QT_${basename}_LIBRARY ${QT_${basename}_LIBRARY} CACHE FILEPATH "The Qt ${basename} library")
+
+ IF (QT_${basename}_LIBRARY)
+ SET(QT_${basename}_FOUND 1)
+ ENDIF (QT_${basename}_LIBRARY)
+
+ #add the include directory to QT_INCLUDES
+ SET(QT_INCLUDES ${QT_INCLUDES} "${QT_${basename}_INCLUDE_DIR}")
+ ENDIF (QT_${basename}_INCLUDE_DIR )
+
+ # Make variables changeble to the advanced user
+ MARK_AS_ADVANCED(QT_${basename}_LIBRARY QT_${basename}_LIBRARY_RELEASE QT_${basename}_LIBRARY_DEBUG QT_${basename}_INCLUDE_DIR)
+ ENDMACRO (_QT4_ADJUST_LIB_VARS)
+
+ IF(WIN32)
+ _QT4_ADJUST_LIB_VARS(QTMAIN)
+ ENDIF(WIN32)
+
+
+ _QT4_ADJUST_LIB_VARS(QTCORE)
+ _QT4_ADJUST_LIB_VARS(QTGUI)
+ _QT4_ADJUST_LIB_VARS(QT3SUPPORT)
+ _QT4_ADJUST_LIB_VARS(QTASSISTANT)
+ _QT4_ADJUST_LIB_VARS(QTDESIGNER)
+ IF(Q_WS_X11)
+ _QT4_ADJUST_LIB_VARS(QTMOTIF)
+ ENDIF(Q_WS_X11)
+ _QT4_ADJUST_LIB_VARS(QTNETWORK)
+ _QT4_ADJUST_LIB_VARS(QTNSPLUGIN)
+ _QT4_ADJUST_LIB_VARS(QTOPENGL)
+ _QT4_ADJUST_LIB_VARS(QTSQL)
+ _QT4_ADJUST_LIB_VARS(QTXML)
+ _QT4_ADJUST_LIB_VARS(QTSVG)
+ _QT4_ADJUST_LIB_VARS(QTUITOOLS)
+ _QT4_ADJUST_LIB_VARS(QTTEST)
+
+ #######################################
+ #
+ # Check the executables of Qt
+ # ( moc, uic, rcc )
+ #
+ #######################################
+
+
+ # find moc and uic using qmake
+ FILE(WRITE ${CMAKE_CURRENT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmpQmake/tmp.pro
+ "message(MOC<$$QMAKE_MOC>)
+ message(UIC<$$QMAKE_UIC>)
+ ")
+
+ EXECUTE_PROCESS(COMMAND ${QT_QMAKE_EXECUTABLE}
+ WORKING_DIRECTORY
+ ${CMAKE_CURRENT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmpQmake
+ OUTPUT_VARIABLE _moc_OUTPUT
+ ERROR_VARIABLE _moc_OUTPUT )
+ FILE(REMOVE_RECURSE
+ "${CMAKE_CURRENT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmpQmake")
+
+ STRING(REGEX REPLACE
+ ".*MOC<([^>]+).*" "\\1" QT_MOC_EXECUTABLE_INTERNAL "${_moc_OUTPUT}" )
+ STRING(REGEX REPLACE
+ ".*UIC<([^>]+).*" "\\1" QT_UIC_EXECUTABLE_INTERNAL "${_moc_OUTPUT}" )
+
+ FILE(TO_CMAKE_PATH
+ "${QT_MOC_EXECUTABLE_INTERNAL}" QT_MOC_EXECUTABLE_INTERNAL)
+ FILE(TO_CMAKE_PATH
+ "${QT_UIC_EXECUTABLE_INTERNAL}" QT_UIC_EXECUTABLE_INTERNAL)
+
+ SET(QT_MOC_EXECUTABLE
+ ${QT_MOC_EXECUTABLE_INTERNAL} CACHE FILEPATH "The moc executable")
+ SET(QT_UIC_EXECUTABLE
+ ${QT_UIC_EXECUTABLE_INTERNAL} CACHE FILEPATH "The uic executable")
+
+ FIND_PROGRAM(QT_UIC3_EXECUTABLE
+ NAMES uic3
+ PATHS ${QT_BINARY_DIR}
+ NO_DEFAULT_PATH
+ )
+
+ FIND_PROGRAM(QT_RCC_EXECUTABLE
+ NAMES rcc
+ PATHS ${QT_BINARY_DIR}
+ NO_DEFAULT_PATH
+ )
+
+ IF (QT_MOC_EXECUTABLE)
+ SET(QT_WRAP_CPP "YES")
+ ENDIF (QT_MOC_EXECUTABLE)
+
+ IF (QT_UIC_EXECUTABLE)
+ SET(QT_WRAP_UI "YES")
+ ENDIF (QT_UIC_EXECUTABLE)
+
+
+
+ MARK_AS_ADVANCED( QT_UIC_EXECUTABLE QT_UIC3_EXECUTABLE QT_MOC_EXECUTABLE QT_RCC_EXECUTABLE )
+
+ ######################################
+ #
+ # Macros for building Qt files
+ #
+ ######################################
+
+ MACRO (QT4_GET_MOC_INC_DIRS _moc_INC_DIRS)
+ SET(${_moc_INC_DIRS})
+ GET_DIRECTORY_PROPERTY(_inc_DIRS INCLUDE_DIRECTORIES)
+
+ FOREACH(_current ${_inc_DIRS})
+ SET(${_moc_INC_DIRS} ${${_moc_INC_DIRS}} "-I" ${_current})
+ ENDFOREACH(_current ${_inc_DIRS})
+ ENDMACRO(QT4_GET_MOC_INC_DIRS)
+
+
+ MACRO (QT4_GENERATE_MOC infile outfile )
+ # get include dirs
+ QT4_GET_MOC_INC_DIRS(moc_includes)
+
+ GET_FILENAME_COMPONENT(infile ${infile} ABSOLUTE)
+
+ ADD_CUSTOM_COMMAND(OUTPUT ${outfile}
+ COMMAND ${QT_MOC_EXECUTABLE}
+ ARGS ${moc_includes} -o ${outfile} ${infile}
+ DEPENDS ${infile})
+
+ MACRO_ADD_FILE_DEPENDENCIES(${infile} ${outfile})
+ ENDMACRO (QT4_GENERATE_MOC)
+
+
+ # QT4_WRAP_CPP(outfiles inputfile ... )
+ # TODO perhaps add support for -D, -U and other minor options
+
+ MACRO (QT4_WRAP_CPP outfiles )
+ # get include dirs
+ QT4_GET_MOC_INC_DIRS(moc_includes)
+
+ FOREACH (it ${ARGN})
+ GET_FILENAME_COMPONENT(it ${it} ABSOLUTE)
+ GET_FILENAME_COMPONENT(outfile ${it} NAME_WE)
+
+ SET(outfile ${CMAKE_CURRENT_BINARY_DIR}/moc_${outfile}.cxx)
+ ADD_CUSTOM_COMMAND(OUTPUT ${outfile}
+ COMMAND ${QT_MOC_EXECUTABLE}
+ ARGS ${moc_includes} -o ${outfile} ${it}
+ DEPENDS ${it})
+ SET(${outfiles} ${${outfiles}} ${outfile})
+ ENDFOREACH(it)
+
+ ENDMACRO (QT4_WRAP_CPP)
+
+
+ # QT4_WRAP_UI(outfiles inputfile ... )
+
+ MACRO (QT4_WRAP_UI outfiles )
+
+ FOREACH (it ${ARGN})
+ GET_FILENAME_COMPONENT(outfile ${it} NAME_WE)
+ GET_FILENAME_COMPONENT(infile ${it} ABSOLUTE)
+ SET(outfile ${CMAKE_CURRENT_BINARY_DIR}/ui_${outfile}.h)
+ ADD_CUSTOM_COMMAND(OUTPUT ${outfile}
+ COMMAND ${QT_UIC_EXECUTABLE}
+ ARGS -o ${outfile} ${infile}
+ MAIN_DEPENDENCY ${infile})
+ SET(${outfiles} ${${outfiles}} ${outfile})
+ ENDFOREACH (it)
+
+ ENDMACRO (QT4_WRAP_UI)
+
+
+ # QT4_ADD_RESOURCE(outfiles inputfile ... )
+ # TODO perhaps consider adding support for compression and root options to rcc
+
+ MACRO (QT4_ADD_RESOURCES outfiles )
+
+ FOREACH (it ${ARGN})
+ GET_FILENAME_COMPONENT(outfilename ${it} NAME_WE)
+ GET_FILENAME_COMPONENT(infile ${it} ABSOLUTE)
+ SET(outfile ${CMAKE_CURRENT_BINARY_DIR}/qrc_${outfilename}.cxx)
+ ADD_CUSTOM_COMMAND(OUTPUT ${outfile}
+ COMMAND ${QT_RCC_EXECUTABLE}
+ ARGS -name ${outfilename} -o ${outfile} ${infile}
+ MAIN_DEPENDENCY ${infile} )
+ SET(${outfiles} ${${outfiles}} ${outfile})
+ ENDFOREACH (it)
+
+ ENDMACRO (QT4_ADD_RESOURCES)
+
+
+ MACRO(QT4_AUTOMOC)
+ QT4_GET_MOC_INC_DIRS(_moc_INCS)
+
+ SET(_matching_FILES )
+ FOREACH (_current_FILE ${ARGN})
+
+ GET_FILENAME_COMPONENT(_abs_FILE ${_current_FILE} ABSOLUTE)
+ # if "SKIP_AUTOMOC" is set to true, we will not handle this file here.
+ # here. this is required to make bouic work correctly:
+ # we need to add generated .cpp files to the sources (to compile them),
+ # but we cannot let automoc handle them, as the .cpp files don't exist yet when
+ # cmake is run for the very first time on them -> however the .cpp files might
+ # exist at a later run. at that time we need to skip them, so that we don't add two
+ # different rules for the same moc file
+ GET_SOURCE_FILE_PROPERTY(_skip ${_abs_FILE} SKIP_AUTOMOC)
+
+ IF ( NOT _skip AND EXISTS ${_abs_FILE} )
+
+ FILE(READ ${_abs_FILE} _contents)
+
+ GET_FILENAME_COMPONENT(_abs_PATH ${_abs_FILE} PATH)
+
+ STRING(REGEX MATCHALL "#include +[^ ]+\\.moc[\">]" _match "${_contents}")
+ IF(_match)
+ FOREACH (_current_MOC_INC ${_match})
+ STRING(REGEX MATCH "[^ <\"]+\\.moc" _current_MOC "${_current_MOC_INC}")
+
+ GET_filename_component(_basename ${_current_MOC} NAME_WE)
+ # SET(_header ${CMAKE_CURRENT_SOURCE_DIR}/${_basename}.h)
+ SET(_header ${_abs_PATH}/${_basename}.h)
+ SET(_moc ${CMAKE_CURRENT_BINARY_DIR}/${_current_MOC})
+ ADD_CUSTOM_COMMAND(OUTPUT ${_moc}
+ COMMAND ${QT_MOC_EXECUTABLE}
+ ARGS ${_moc_INCS} ${_header} -o ${_moc}
+ DEPENDS ${_header}
+ )
+
+ MACRO_ADD_FILE_DEPENDENCIES(${_abs_FILE} ${_moc})
+ ENDFOREACH (_current_MOC_INC)
+ ENDIF(_match)
+ ENDIF ( NOT _skip AND EXISTS ${_abs_FILE} )
+ ENDFOREACH (_current_FILE)
+ ENDMACRO(QT4_AUTOMOC)
+
+
+
+ ######################################
+ #
+ # decide if Qt got found
+ #
+ ######################################
+
+ # if the includes,libraries,moc,uic and rcc are found then we have it
+ IF( QT_LIBRARY_DIR AND QT_INCLUDE_DIR AND QT_MOC_EXECUTABLE AND QT_UIC_EXECUTABLE AND QT_RCC_EXECUTABLE)
+ SET( QT4_FOUND "YES" )
+ IF( NOT Qt4_FIND_QUIETLY)
+ MESSAGE(STATUS "Found Qt-Version ${QTVERSION}")
+ ENDIF( NOT Qt4_FIND_QUIETLY)
+ ELSE( QT_LIBRARY_DIR AND QT_INCLUDE_DIR AND QT_MOC_EXECUTABLE AND QT_UIC_EXECUTABLE AND QT_RCC_EXECUTABLE)
+ SET( QT4_FOUND "NO")
+ IF( Qt4_FIND_REQUIRED)
+ MESSAGE( FATAL_ERROR "Qt libraries, includes, moc, uic or/and rcc NOT found!")
+ ENDIF( Qt4_FIND_REQUIRED)
+ ENDIF( QT_LIBRARY_DIR AND QT_INCLUDE_DIR AND QT_MOC_EXECUTABLE AND QT_UIC_EXECUTABLE AND QT_RCC_EXECUTABLE)
+ SET(QT_FOUND ${QT4_FOUND})
+
+
+ #######################################
+ #
+ # System dependent settings
+ #
+ #######################################
+ # for unix add X11 stuff
+ IF(UNIX)
+ # on OS X X11 may not be required
+ IF (Q_WS_X11)
+ FIND_PACKAGE(X11)
+ ENDIF (Q_WS_X11)
+ FIND_PACKAGE(Threads)
+ SET(QT_QTCORE_LIBRARY ${QT_QTCORE_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
+ ENDIF(UNIX)
+
+
+ #######################################
+ #
+ # compatibility settings
+ #
+ #######################################
+ # Backwards compatibility for CMake1.4 and 1.2
+ SET (QT_MOC_EXE ${QT_MOC_EXECUTABLE} )
+ SET (QT_UIC_EXE ${QT_UIC_EXECUTABLE} )
+
+ SET( QT_QT_LIBRARY "")
+
+ELSE(QT4_QMAKE_FOUND)
+
+ IF(Qt4_FIND_REQUIRED)
+ IF(QT4_INSTALLED_VERSION_TOO_OLD)
+ MESSAGE(FATAL_ERROR "The installed Qt version ${QTVERSION} is too old, at least version ${QT_MIN_VERSION} is required")
+ ELSE(QT4_INSTALLED_VERSION_TOO_OLD)
+ MESSAGE( FATAL_ERROR "Qt qmake not found!")
+ ENDIF(QT4_INSTALLED_VERSION_TOO_OLD)
+ ELSE(Qt4_FIND_REQUIRED)
+ IF(QT4_INSTALLED_VERSION_TOO_OLD AND NOT Qt4_FIND_QUIETLY)
+ MESSAGE(STATUS "The installed Qt version ${QTVERSION} is too old, at least version ${QT_MIN_VERSION} is required")
+ ENDIF(QT4_INSTALLED_VERSION_TOO_OLD AND NOT Qt4_FIND_QUIETLY)
+ ENDIF(Qt4_FIND_REQUIRED)
+
+ENDIF (QT4_QMAKE_FOUND)
+
diff --git a/cmake/modules/FindSasl2.cmake b/cmake/modules/FindSasl2.cmake
new file mode 100644
index 0000000..feb2c3e
--- /dev/null
+++ b/cmake/modules/FindSasl2.cmake
@@ -0,0 +1,41 @@
+# - Try to find the sasl2 directory library
+# Once done this will define
+#
+# SASL2_FOUND - system has SASL2
+# SASL2_INCLUDE_DIR - the SASL2 include directory
+# SASL2_LIBRARIES - The libraries needed to use SASL2
+#
+# Copyright (c) 2006, Laurent Montel, <montel@kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+
+if (SASL2_INCLUDE_DIR)
+ # Already in cache, be silent
+ set(SASL2_FIND_QUIETLY TRUE)
+endif (SASL2_INCLUDE_DIR)
+
+FIND_PATH(SASL2_INCLUDE_DIR sasl/sasl.h)
+
+FIND_LIBRARY(SASL2_LIBRARIES NAMES sasl2)
+
+
+if (SASL2_INCLUDE_DIR AND SASL2_LIBRARIES)
+ set(SASL2_FOUND TRUE)
+endif (SASL2_INCLUDE_DIR AND SASL2_LIBRARIES)
+
+
+if (SASL2_FOUND)
+ if (NOT Sasl2_FIND_QUIETLY)
+ message(STATUS "Found Sasl2: ${SASL2_LIBRARIES}")
+ endif (NOT Sasl2_FIND_QUIETLY)
+else (SASL2_FOUND)
+ if (Sasl2_FIND_REQUIRED)
+ message(FATAL_ERROR "Could not find sasl2 libraries")
+ endif (Sasl2_FIND_REQUIRED)
+endif (SASL2_FOUND)
+
+
+MARK_AS_ADVANCED(SASL2_INCLUDE_DIR SASL2_LIBRARIES)
+
diff --git a/cmake/modules/QcaMacro.cmake b/cmake/modules/QcaMacro.cmake
new file mode 100644
index 0000000..1c6a37f
--- /dev/null
+++ b/cmake/modules/QcaMacro.cmake
@@ -0,0 +1,21 @@
+
+MACRO(MY_AUTOMOC _srcsList)
+ QT4_GET_MOC_INC_DIRS(_moc_INCS)
+ FOREACH (_current_FILE ${${_srcsList}})
+ GET_FILENAME_COMPONENT(_abs_FILE ${_current_FILE} ABSOLUTE)
+ GET_FILENAME_COMPONENT(_basename ${_current_FILE} NAME_WE)
+ SET(_moc ${CMAKE_CURRENT_BINARY_DIR}/${_basename}.moc)
+ SET(extra_moc_argument)
+ if(WIN32)
+ SET(extra_moc_argument -DWIN32)
+ endif(WIN32)
+ ADD_CUSTOM_COMMAND(OUTPUT ${_moc}
+ COMMAND ${QT_MOC_EXECUTABLE}
+ ARGS ${extra_moc_argument} ${_moc_INCS} -o ${_moc} ${_abs_FILE}
+ DEPENDS ${_current_FILE}
+ )
+ LIST(APPEND ${_srcsList} ${_moc})
+ ENDFOREACH (_current_FILE)
+ENDMACRO(MY_AUTOMOC)
+
+
diff --git a/crypto.prf.cmake b/crypto.prf.cmake
new file mode 100644
index 0000000..ecdf0cd
--- /dev/null
+++ b/crypto.prf.cmake
@@ -0,0 +1,13 @@
+QCA_INCDIR = @QT_INCLUDE_DIR@
+QCA_LIBDIR = @QT_LIBRARY_DIR@
+
+CONFIG *= qt
+INCLUDEPATH += $$QCA_INCDIR/QtCrypto
+LIBS += -L$$QCA_LIBDIR
+
+LINKAGE = -lqca
+CONFIG(debug, debug|release) {
+ windows:LINKAGE = -lqcad
+ mac:LINKAGE = -lqca_debug
+}
+LIBS += $$LINKAGE
diff --git a/crypto.prf.in b/crypto.prf.in
new file mode 100644
index 0000000..f317450
--- /dev/null
+++ b/crypto.prf.in
@@ -0,0 +1,39 @@
+# prepend this file with QCA_INCDIR/QCA_LIBDIR definitions
+
+# NOTE: any changes made to this file need to be tracked in qcm/qca.qcm
+
+CONFIG *= qt
+
+# if we are including crypto.prf from the qca tree (and not utilizing it as
+# an installed qmake CONFIG feature), then point to the tree. this allows our
+# qca tree apps to build before qca itself is installed.
+exists($$PWD/qca.pro) {
+ QCA_INCDIR = $$PWD/include
+ QCA_LIBDIR = $$PWD/lib
+}
+
+LINKAGE =
+
+# on mac, if qca was built as a framework, link against it
+mac: {
+ framework_dir = $$QCA_LIBDIR
+ exists($$framework_dir/qca.framework) {
+ #QMAKE_FRAMEWORKPATH *= $$framework_dir
+ LIBS += -F$$framework_dir
+ INCLUDEPATH += $$framework_dir/qca.framework/Headers
+ LINKAGE = -framework qca
+ }
+}
+
+# else, link normally
+isEmpty(LINKAGE) {
+ INCLUDEPATH += $$QCA_INCDIR/QtCrypto
+ LIBS += -L$$QCA_LIBDIR
+ LINKAGE = -lqca
+ CONFIG(debug, debug|release) {
+ windows:LINKAGE = -lqcad
+ mac:LINKAGE = -lqca_debug
+ }
+}
+
+LIBS += $$LINKAGE
diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt
new file mode 100644
index 0000000..be63a87
--- /dev/null
+++ b/examples/CMakeLists.txt
@@ -0,0 +1,23 @@
+add_subdirectory(aes-cmac)
+add_subdirectory(base64test)
+add_subdirectory(certtest)
+add_subdirectory(ciphertest)
+add_subdirectory(cms)
+# this is not meant to be added, because it introduces
+# a dependency on QtGui.
+# add_subdirectory(cmssigner)
+add_subdirectory(eventhandlerdemo)
+add_subdirectory(hashtest)
+add_subdirectory(hextest)
+add_subdirectory(keyloader)
+add_subdirectory(mactest)
+add_subdirectory(md5crypt)
+add_subdirectory(providertest)
+add_subdirectory(publickeyexample)
+add_subdirectory(randomtest)
+add_subdirectory(rsatest)
+add_subdirectory(saslclient)
+add_subdirectory(saslserver)
+add_subdirectory(ssltest)
+add_subdirectory(sslservtest)
+add_subdirectory(tlssocket)
diff --git a/examples/aes-cmac/CMakeLists.txt b/examples/aes-cmac/CMakeLists.txt
new file mode 100644
index 0000000..4f93f36
--- /dev/null
+++ b/examples/aes-cmac/CMakeLists.txt
@@ -0,0 +1,6 @@
+set(aes-cmac_bin_SRCS aes-cmac.cpp)
+
+add_executable(aes-cmac ${aes-cmac_bin_SRCS})
+
+target_link_libraries( aes-cmac qca ${QT_QTGUI_LIBRARY})
+
diff --git a/examples/aes-cmac/aes-cmac.cpp b/examples/aes-cmac/aes-cmac.cpp
new file mode 100644
index 0000000..b7332f6
--- /dev/null
+++ b/examples/aes-cmac/aes-cmac.cpp
@@ -0,0 +1,314 @@
+/*
+ Copyright (C) 2006 Brad Hards <bradh@frogmouth.net>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+// QtCrypto has the declarations for all of QCA
+#include <QtCrypto>
+
+#include <QCoreApplication>
+#include <QDebug>
+
+class AESCMACContext : public QCA::MACContext
+{
+public:
+ AESCMACContext(QCA::Provider *p) : QCA::MACContext(p, "cmac(aes)")
+ {
+ }
+
+ ~AESCMACContext()
+ {
+ }
+
+
+ // Helper to left shift an arbitrary length array
+ // This is heavily based on the example in the I-D.
+ QCA::SecureArray leftShift(const QCA::SecureArray &array)
+ {
+ // We create an output of the same size as the input
+ QCA::SecureArray out(array.size());
+ // We handle one byte at a time - this is the high bit
+ // from the previous byte.
+ int overflow = 0;
+
+ // work through each byte.
+ for (int i = array.size() -1; i >= 0; --i) {
+ // do the left shift on this byte.
+ out[i] = array[i] << 1;
+ // make the low bit on this byte be the high bit
+ // from the previous byte.
+ out[i] |= overflow;
+ // save the high bit for next time
+ overflow = (array[i] & 0x80) ? 1 : 0;
+ }
+ return out;
+ }
+
+
+ // Helper to XOR two arrays - must be same length
+ QCA::SecureArray xorArray(const QCA::SecureArray &array1,
+ const QCA::SecureArray &array2)
+ {
+ if (array1.size() != array2.size())
+ // empty array
+ return QCA::SecureArray();
+
+ QCA::SecureArray result(array1.size());
+
+ for (int i = 0; i < array1.size(); ++i)
+ result[i] = array1[i] ^ array2[i];
+
+ return result;
+ }
+
+
+ void setup(const QCA::SymmetricKey &key)
+ {
+ // We might not have a real key, since this can get called
+ // from the constructor.
+ if (key.size() == 0)
+ return;
+
+ m_key = key;
+ // Generate the subkeys
+ QCA::SecureArray const_Zero(16);
+ QCA::SecureArray const_Rb(16);
+ const_Rb[15] = (char)0x87;
+
+ m_X = const_Zero;
+ m_residual = QCA::SecureArray();
+
+ // Figure 2.2, step 1.
+ QCA::Cipher aesObj(QString("aes128"),
+ QCA::Cipher::ECB, QCA::Cipher::DefaultPadding,
+ QCA::Encode, key);
+ QCA::SecureArray L = aesObj.process(const_Zero);
+
+ // Figure 2.2, step 2
+ if (0 == (L[0] & 0x80))
+ m_k1 = leftShift(L);
+ else
+ m_k1 = xorArray(leftShift(L), const_Rb);
+
+ // Figure 2.2, step 3
+ if (0 == (m_k1[0] & 0x80))
+ m_k2 = leftShift(m_k1);
+ else
+ m_k2 = xorArray(leftShift(m_k1), const_Rb);
+ }
+
+ QCA::Provider::Context *clone() const
+ {
+ return new AESCMACContext(*this);
+ }
+
+ void clear()
+ {
+ setup(m_key);
+ }
+
+ QCA::KeyLength keyLength() const
+ {
+ return QCA::KeyLength(16, 16, 1);
+ }
+
+ // This is a bit different to the way the I-D does it,
+ // to allow for multiple update() calls.
+ void update(const QCA::MemoryRegion &a)
+ {
+ QCA::SecureArray bytesToProcess = m_residual + a;
+ int blockNum;
+ // note that we don't want to do the last full block here, because
+ // it needs special treatment in final().
+ for (blockNum = 0; blockNum < ((bytesToProcess.size()-1)/16); ++blockNum) {
+ // copy a block of data
+ QCA::SecureArray thisBlock(16);
+ for (int yalv = 0; yalv < 16; ++yalv)
+ thisBlock[yalv] = bytesToProcess[blockNum*16 + yalv];
+
+ m_Y = xorArray(m_X, thisBlock);
+
+ QCA::Cipher aesObj(QString("aes128"),
+ QCA::Cipher::ECB, QCA::Cipher::DefaultPadding,
+ QCA::Encode, m_key);
+ m_X = aesObj.process(m_Y);
+ }
+ // This can be between 1 and 16
+ int numBytesLeft = bytesToProcess.size() - 16*blockNum;
+ // we copy the left over part
+ m_residual.resize(numBytesLeft);
+ for(int yalv = 0; yalv < numBytesLeft; ++yalv)
+ m_residual[yalv] = bytesToProcess[blockNum*16 + yalv];
+ }
+
+ void final( QCA::MemoryRegion *out)
+ {
+ QCA::SecureArray lastBlock;
+ int numBytesLeft = m_residual.size();
+
+ if ( numBytesLeft != 16 ) {
+ // no full block, so we have to pad.
+ m_residual.resize(16);
+ m_residual[numBytesLeft] = (char)0x80;
+ lastBlock = xorArray(m_residual, m_k2);
+ } else {
+ // this is a full block - no padding
+ lastBlock = xorArray(m_residual, m_k1);
+ }
+ m_Y = xorArray(m_X, lastBlock);
+ QCA::Cipher aesObj(QString("aes128"),
+ QCA::Cipher::ECB, QCA::Cipher::DefaultPadding,
+ QCA::Encode, m_key);
+ *out = aesObj.process(m_Y);
+
+ }
+
+protected:
+ // first subkey
+ QCA::SecureArray m_k1;
+ // second subkey
+ QCA::SecureArray m_k2;
+ // main key
+ QCA::SecureArray m_key;
+
+ // state
+ QCA::SecureArray m_X;
+ QCA::SecureArray m_Y;
+
+ // partial block that we can't do yet
+ QCA::SecureArray m_residual;
+};
+
+class ClientSideProvider : public QCA::Provider
+{
+public:
+ int qcaVersion() const
+ {
+ return QCA_VERSION;
+ }
+
+ QString name() const
+ {
+ return "exampleClientSideProvider";
+ }
+
+ QStringList features() const
+ {
+ QStringList list;
+ list += "cmac(aes)";
+ // you can add more features in here, if you have some.
+ return list;
+ }
+
+ Provider::Context *createContext(const QString &type)
+ {
+ if(type == "cmac(aes)")
+ return new AESCMACContext(this);
+ // else if (type == some other feature)
+ // return some other context.
+ else
+ return 0;
+ }
+};
+
+
+// AES CMAC is a Message Authentication Code based on a block cipher
+// instead of the more normal keyed hash.
+// See RFC 4493 "The AES-CMAC Algorithm"
+class AES_CMAC: public QCA::MessageAuthenticationCode
+{
+public:
+ AES_CMAC(const QCA::SymmetricKey &key = QCA::SymmetricKey(),
+ const QString &provider = QString()):
+ QCA::MessageAuthenticationCode( "cmac(aes)", key, provider)
+ {}
+};
+
+
+int main(int argc, char **argv)
+{
+ // the Initializer object sets things up, and
+ // also does cleanup when it goes out of scope
+ QCA::Initializer init;
+
+ qDebug() << "This example shows AES CMAC";
+
+ QCoreApplication app(argc, argv);
+
+ if( ! QCA::isSupported("aes128-ecb") ) {
+ qDebug() << "AES not supported!";
+ }
+
+ if ( QCA::insertProvider(new ClientSideProvider, 0) )
+ qDebug() << "Inserted our provider";
+ else
+ qDebug() << "our provider could not be added";
+
+ // We should check AES CMAC is supported before using it.
+ if( ! QCA::isSupported("cmac(aes)") ) {
+ qDebug() << "AES CMAC not supported!";
+ } else {
+ // create the required object
+ AES_CMAC cmacObject;
+
+ // create the key
+ QCA::SymmetricKey key(QCA::hexToArray("2b7e151628aed2a6abf7158809cf4f3c"));
+
+ // set the MAC to use the key
+ cmacObject.setup(key);
+
+ QCA::SecureArray message = QCA::hexToArray("6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710");
+ QCA::SecureArray message1(message);
+ message1.resize(0);
+ qDebug();
+ qDebug() << "Message1: " << QCA::arrayToHex(message1.toByteArray());
+ qDebug() << "Expecting: bb1d6929e95937287fa37d129b756746";
+ qDebug() << "AES-CMAC: " << QCA::arrayToHex(cmacObject.process(message1).toByteArray());
+
+ cmacObject.clear();
+ QCA::SecureArray message2(message);
+ message2.resize(16);
+ qDebug();
+ qDebug() << "Message2: " << QCA::arrayToHex(message2.toByteArray());
+ qDebug() << "Expecting: 070a16b46b4d4144f79bdd9dd04a287c";
+ qDebug() << "AES-CMAC: " << QCA::arrayToHex(cmacObject.process(message2).toByteArray());
+
+ cmacObject.clear();
+ QCA::SecureArray message3(message);
+ message3.resize(40);
+ qDebug();
+ qDebug() << "Message3: " << QCA::arrayToHex(message3.toByteArray());
+ qDebug() << "Expecting: dfa66747de9ae63030ca32611497c827";
+ qDebug() << "AES-CMAC " << QCA::arrayToHex(cmacObject.process(message3).toByteArray());
+
+ cmacObject.clear();
+ QCA::SecureArray message4(message);
+ message4.resize(64);
+ qDebug();
+ qDebug() << "Message4: " << QCA::arrayToHex(message4.toByteArray());
+ qDebug() << "Expecting: 51f0bebf7e3b9d92fc49741779363cfe";
+ qDebug() << "AES-CMAC: " << QCA::arrayToHex(cmacObject.process(message4).toByteArray());
+ }
+
+ return 0;
+}
+
diff --git a/examples/aes-cmac/aes-cmac.pro b/examples/aes-cmac/aes-cmac.pro
new file mode 100644
index 0000000..b431657
--- /dev/null
+++ b/examples/aes-cmac/aes-cmac.pro
@@ -0,0 +1,2 @@
+SOURCES += aes-cmac.cpp
+include(../examples.pri)
diff --git a/examples/base64test/CMakeLists.txt b/examples/base64test/CMakeLists.txt
new file mode 100644
index 0000000..b564969
--- /dev/null
+++ b/examples/base64test/CMakeLists.txt
@@ -0,0 +1,6 @@
+set(base64test_bin_SRCS base64test.cpp)
+
+add_executable(base64test ${base64test_bin_SRCS})
+
+target_link_libraries( base64test qca ${QT_QTCORE_LIBRARY})
+
diff --git a/examples/base64test/base64test.cpp b/examples/base64test/base64test.cpp
new file mode 100644
index 0000000..f3fc1e3
--- /dev/null
+++ b/examples/base64test/base64test.cpp
@@ -0,0 +1,67 @@
+/*
+ Copyright (C) 2004-2005 Brad Hards <bradh@frogmouth.net>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+// QtCrypto has the declarations for all of QCA
+#include <QtCrypto>
+
+#include <QCoreApplication>
+
+#include <iostream>
+
+int main(int argc, char **argv)
+{
+ QCoreApplication(argc, argv);
+
+ // the Initializer object sets things up, and
+ // also does cleanup when it goes out of scope
+ QCA::Initializer init;
+
+ // we use the first argument as the data to encode
+ // if an argument is provided. Use "hello" if no argument
+ QByteArray arg; // empty array
+ arg.append((argc >= 2) ? argv[1] : "hello");
+
+ // create our object, which does encoding by default
+ // QCA::Base64 encoder(QCA::Encode); is equivalent
+ QCA::Base64 encoder;
+
+ // This does the actual conversion (encoding).
+ // You might prefer to use encoder.encode(); and have
+ // it return a QCA::SecureArray, depending on your needs
+ QString encoded = encoder.arrayToString(arg);
+
+ std::cout << arg.data() << " in base64 encoding is ";
+ std::cout << encoded.toLatin1().data() << std::endl;
+
+ // This time, we'll create an object to decode base64. We
+ // could also have reused the existing object, calling
+ // clear(); and setup(QCA::Decode); on it.
+ QCA::Base64 decoder(QCA::Decode);
+
+ // This time, we convert a QString into a QString
+ QString decoded = decoder.decodeString(encoded);
+
+ std::cout << encoded.toLatin1().data() << " decoded from base64 is ";
+ std::cout << decoded.toLatin1().data() << std::endl;
+
+ return 0;
+}
+
diff --git a/examples/base64test/base64test.pro b/examples/base64test/base64test.pro
new file mode 100644
index 0000000..b03d116
--- /dev/null
+++ b/examples/base64test/base64test.pro
@@ -0,0 +1,2 @@
+SOURCES += base64test.cpp
+include(../examples.pri)
diff --git a/examples/certtest/CMakeLists.txt b/examples/certtest/CMakeLists.txt
new file mode 100644
index 0000000..e4ff5a7
--- /dev/null
+++ b/examples/certtest/CMakeLists.txt
@@ -0,0 +1,6 @@
+set(certtest_bin_SRCS certtest.cpp)
+
+add_executable(certtest ${certtest_bin_SRCS})
+
+target_link_libraries( certtest qca ${QT_QTGUI_LIBRARY})
+
diff --git a/examples/certtest/certtest.cpp b/examples/certtest/certtest.cpp
new file mode 100644
index 0000000..bfd73d3
--- /dev/null
+++ b/examples/certtest/certtest.cpp
@@ -0,0 +1,172 @@
+/*
+ Copyright (C) 2003 Justin Karneges <justin@affinix.com>
+ Copyright (C) 2005 Brad Hards <bradh@frogmouth.net>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+
+#include <QtCrypto>
+
+#include <QCoreApplication>
+
+#include <iostream>
+
+// dump out information about some part of the certificate
+// we use this same approach for information about the subject
+// of the certificate, and also about the issuer of the certificate
+static void dumpCertificateInfo( QCA::CertificateInfo info)
+{
+ std::cout << " Organization: " << std::endl;
+
+ // Note that a single certificate can apply to more than one
+ // organisation. QCA::Certificate is a multimap, so when you
+ // ask for the values associated with a parameter, it returns
+ // a list.
+ QList<QString> orgInfoList = info.values(QCA::Organization);
+
+ // foreach() interates over each value in the list, and we dump
+ // out each value. Note that is uncommon for a certificate to
+ // actually contain multiple values for a single parameter.
+ QString organization;
+ foreach( organization, orgInfoList ) {
+ std::cout << " " << qPrintable(organization) << std::endl;
+ }
+
+ std::cout << " Country: " << std::endl;
+ // As above, however this shows a more compact way to represent
+ // the iteration and output.
+ foreach( QString country, info.values(QCA::Country) ) {
+ std::cout << " " << qPrintable(country) << std::endl;
+ }
+}
+
+// This is just a convenience routine
+static void dumpSubjectInfo( QCA::CertificateInfo subject)
+{
+ std::cout << "Subject: " << std::endl;
+
+ dumpCertificateInfo( subject );
+}
+
+
+// This is just a convenience routine
+static void dumpIssuerInfo( QCA::CertificateInfo issuer)
+{
+ std::cout << "Issuer: " << std::endl;
+
+ dumpCertificateInfo( issuer );
+}
+
+
+int main(int argc, char** argv)
+{
+ // the Initializer object sets things up, and
+ // also does cleanup when it goes out of scope
+ QCA::Initializer init;
+
+ QCoreApplication app(argc, argv);
+
+ // We need to ensure that we have certificate handling support
+ if ( !QCA::isSupported( "cert" ) ) {
+ std::cout << "Sorry, no PKI certificate support" << std::endl;
+ return 1;
+ }
+
+ // We are going to work with a number of certificates, and a
+ // QList is a great template class for that
+ QList<QCA::Certificate> certlist;
+
+ // We do two different cases - if we provide an argument, it is taken
+ // as a filename to read the keys from. If there is no argument, we just
+ // read from the system store certificates.
+ if (argc >= 2) {
+ // we are going to read the certificates in using a single call
+ // which requires a CertificateCollection.
+ QCA::CertificateCollection filecerts;
+ // The conversion can be tested (although you don't have to) to find out if it
+ // worked.
+ QCA::ConvertResult importResult;
+ // This imports all the PEM encoded certificates from the file specified as the argument
+ // Note that you pass in a pointer to the result argument.
+ filecerts = QCA::CertificateCollection::fromFlatTextFile( argv[1], &importResult );
+ if ( QCA::ConvertGood == importResult) {
+ std::cout << "Import succeeded" << std::endl;
+ // this turns the CertificateCollection into a QList of Certificate objects
+ certlist = filecerts.certificates();
+ }
+ } else {
+ // we have no arguments, so just use the system certificates
+ if ( !QCA::haveSystemStore() ) {
+ std::cout << "System certificates not available" << std::endl;
+ return 2;
+ }
+
+ // Similar to above, except we just want the system certificates
+ QCA::CertificateCollection systemcerts = QCA::systemStore();
+
+ // this turns the CertificateCollection into a QList of Certificate objects
+ certlist = systemcerts.certificates();
+ }
+
+ std::cout << "Number of certificates: " << certlist.count() << std::endl;
+
+ QCA::Certificate cert;
+ foreach (cert, certlist) {
+ std::cout << "Serial Number:";
+ // the serial number of the certificate is a QCA::BigInteger, but we can
+ // just convert it to a string, and then output it.
+ std::cout << qPrintable(cert.serialNumber().toString()) << std::endl;
+
+ // The subject information shows properties of who the certificate
+ // applies to. See the convenience routines above.
+ dumpSubjectInfo( cert.subjectInfo() );
+
+ // The issuer information shows properties of who the certificate
+ // was signed by. See the convenience routines above.
+ dumpIssuerInfo( cert.issuerInfo() );
+
+ // Test if the certificate can be used as a certificate authority
+ if ( cert.isCA() ) {
+ std::cout << "Is certificate authority" << std::endl;
+ } else {
+ std::cout << "Is not a certificate authority" << std::endl;
+ }
+
+ // Test if the certificate is self-signed.
+ if (cert.isSelfSigned() ) {
+ std::cout << "Self signed" << std::endl;
+ } else {
+ std::cout << "Is not self-signed!!!" << std::endl;
+ }
+
+ // Certificate are only valid between specific dates. We can get the dates
+ // (as a QDateTime) using a couple of calls
+ std::cout << "Valid from " << qPrintable(cert.notValidBefore().toString());
+ std::cout << ", until " << qPrintable(cert.notValidAfter().toString());
+ std::cout << std::endl;
+
+ // You can get the certificate in PEM encoding with a simple toPEM() call
+ std::cout << "PEM:" << std::endl;
+ std::cout << qPrintable(cert.toPEM());
+ std::cout << std::endl << std::endl;
+ }
+
+ return 0;
+}
+
diff --git a/examples/certtest/certtest.pro b/examples/certtest/certtest.pro
new file mode 100644
index 0000000..1f9f6fb
--- /dev/null
+++ b/examples/certtest/certtest.pro
@@ -0,0 +1,2 @@
+SOURCES += certtest.cpp
+include(../examples.pri)
diff --git a/examples/ciphertest/CMakeLists.txt b/examples/ciphertest/CMakeLists.txt
new file mode 100644
index 0000000..f555ae4
--- /dev/null
+++ b/examples/ciphertest/CMakeLists.txt
@@ -0,0 +1,6 @@
+set(ciphertest_bin_SRCS ciphertest.cpp)
+
+add_executable(ciphertest ${ciphertest_bin_SRCS})
+
+target_link_libraries( ciphertest qca ${QT_QTGUI_LIBRARY})
+
diff --git a/examples/ciphertest/ciphertest.cpp b/examples/ciphertest/ciphertest.cpp
new file mode 100644
index 0000000..0baf09c
--- /dev/null
+++ b/examples/ciphertest/ciphertest.cpp
@@ -0,0 +1,129 @@
+/*
+ Copyright (C) 2003 Justin Karneges <justin@affinix.com>
+ Copyright (C) 2005-2006 Brad Hards <bradh@frogmouth.net>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+// QtCrypto has the declarations for all of QCA
+#include <QtCrypto>
+#include <stdio.h>
+
+#include <QCoreApplication>
+
+int main(int argc, char **argv)
+{
+ // the Initializer object sets things up, and
+ // also does cleanup when it goes out of scope
+ QCA::Initializer init;
+
+ QCoreApplication app(argc, argv);
+
+ // we use the first argument if provided, or
+ // use "hello" if no arguments
+ QCA::SecureArray arg = (argc >= 2) ? argv[1] : "hello";
+
+ // AES128 testing
+ if(!QCA::isSupported("aes128-cbc-pkcs7"))
+ printf("AES128-CBC not supported!\n");
+ else {
+ // Create a random key - you'd probably use one from another
+ // source in a real application
+ QCA::SymmetricKey key(16);
+
+ // Create a random initialisation vector - you need this
+ // value to decrypt the resulting cipher text, but it
+ // need not be kept secret (unlike the key).
+ QCA::InitializationVector iv(16);
+
+ // create a 128 bit AES cipher object using Cipher Block Chaining (CBC) mode
+ QCA::Cipher cipher(QString("aes128"),QCA::Cipher::CBC,
+ // use Default padding, which is equivalent to PKCS7 for CBC
+ QCA::Cipher::DefaultPadding,
+ // this object will encrypt
+ QCA::Encode,
+ key, iv);
+
+ // we use the cipher object to encrypt the argument we passed in
+ // the result of that is returned - note that if there is less than
+ // 16 bytes (1 block), then nothing will be returned - it is buffered
+ // update() can be called as many times as required.
+ QCA::SecureArray u = cipher.update(arg);
+
+ // We need to check if that update() call worked.
+ if (!cipher.ok()) {
+ printf("Update failed\n");
+ }
+ // output the results of that stage
+ printf("AES128 encryption of %s is [%s]\n",
+ arg.data(),
+ qPrintable(QCA::arrayToHex(u.toByteArray())) );
+
+
+ // Because we are using PKCS7 padding, we need to output the final (padded) block
+ // Note that we should always call final() even with no padding, to clean up
+ QCA::SecureArray f = cipher.final();
+
+ // Check if the final() call worked
+ if (!cipher.ok()) {
+ printf("Final failed\n");
+ }
+ // and output the resulting block. The ciphertext is the results of update()
+ // and the result of final()
+ printf("Final block for AES128 encryption is [0x%s]\n", qPrintable(QCA::arrayToHex(f.toByteArray())) );
+
+ // re-use the Cipher t decrypt. We need to use the same key and
+ // initialisation vector as in the encryption.
+ cipher.setup( QCA::Decode, key, iv );
+
+ // Build a single cipher text array. You could also call update() with
+ // each block as you receive it, if that is more useful.
+ QCA::SecureArray cipherText = u.append(f);
+
+ // take that cipher text, and decrypt it
+ QCA::SecureArray plainText = cipher.update(cipherText);
+
+ // check if the update() call worked
+ if (!cipher.ok()) {
+ printf("Update failed\n");
+ }
+
+ // output results
+ printf("Decryption using AES128 of [0x%s] is %s\n",
+ qPrintable(QCA::arrayToHex(cipherText.toByteArray())), plainText.data());
+
+ // Again we need to call final(), to get the last block (with its padding removed)
+ plainText = cipher.final();
+
+ // check if the final() call worked
+ if (!cipher.ok()) {
+ printf("Final failed\n");
+ }
+
+ // output results
+ printf("Final decryption block using AES128 is %s\n", plainText.data());
+ // instead of update() and final(), you can do the whole thing
+ // in one step, using process()
+ printf("One step decryption using AES128: %s\n",
+ QCA::SecureArray(cipher.process(cipherText)).data() );
+
+ }
+
+ return 0;
+}
+
diff --git a/examples/ciphertest/ciphertest.pro b/examples/ciphertest/ciphertest.pro
new file mode 100644
index 0000000..a0e2f32
--- /dev/null
+++ b/examples/ciphertest/ciphertest.pro
@@ -0,0 +1,2 @@
+SOURCES += ciphertest.cpp
+include(../examples.pri)
diff --git a/examples/cms/CMakeLists.txt b/examples/cms/CMakeLists.txt
new file mode 100644
index 0000000..9b99e48
--- /dev/null
+++ b/examples/cms/CMakeLists.txt
@@ -0,0 +1,6 @@
+set(cmsexample_bin_SRCS cmsexample.cpp)
+
+add_executable(cmsexample ${cmsexample_bin_SRCS})
+
+target_link_libraries( cmsexample qca ${QT_QTGUI_LIBRARY})
+
diff --git a/examples/cms/User.pem b/examples/cms/User.pem
new file mode 100644
index 0000000..3e72469
--- /dev/null
+++ b/examples/cms/User.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIBAjANBgkqhkiG9w0BAQQFADBvMQswCQYDVQQGEwJkZTEg
+MB4GA1UEChMXSW5zZWN1cmVUZXN0Q2VydGlmaWNhdGUxFzAVBgNVBAMTDkZvciBU
+ZXN0cyBPbmx5MSUwIwYJKoZIhvcNAQkBFhZpbnNlY3VyZUB0ZXN0Lmluc2VjdXJl
+MB4XDTAxMDgxNzA4MzIzOFoXDTA2MDgxNjA4MzIzOFoweDELMAkGA1UEBhMCZGUx
+IDAeBgNVBAoTF0luc2VjdXJlVGVzdENlcnRpZmljYXRlMSAwHgYDVQQDExdJbnNl
+Y3VyZSBVc2VyIFRlc3QgQ2VydDElMCMGCSqGSIb3DQEJARYWaW5zZWN1cmVAdGVz
+dC5pbnNlY3VyZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArCM8+V7VH46Y
++bMtgOaqFc8vCSBpSeL5hnHN3uwEH8/OqwKaO9hMP15lFpzEJOIPMVtOSLCg4dJy
++eS3azL3/B+4qDVqbCgKSXDMKhBDKKw0TvfhN4tgfmvy0rpgMHYApfyRdewnvKgV
+YkI+sDwupmZJo87kuvPM2JzbV/DNAyMCAwEAAaOCAYIwggF+MAsGA1UdDwQEAwIE
+8DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0OBBYEFIiefvcp
+cZ17KA82Gq5tANOd4arbMIGZBgNVHSMEgZEwgY6AFL9TQ4J40J7DgOUbZ8oFAN+5
+SIOloXOkcTBvMQswCQYDVQQGEwJkZTEgMB4GA1UEChMXSW5zZWN1cmVUZXN0Q2Vy
+dGlmaWNhdGUxFzAVBgNVBAMTDkZvciBUZXN0cyBPbmx5MSUwIwYJKoZIhvcNAQkB
+FhZpbnNlY3VyZUB0ZXN0Lmluc2VjdXJlggEAMCEGA1UdEQQaMBiBFmluc2VjdXJl
+QHRlc3QuaW5zZWN1cmUwIQYDVR0SBBowGIEWaW5zZWN1cmVAdGVzdC5pbnNlY3Vy
+ZTARBglghkgBhvhCAQEEBAMCBaAwPAYJYIZIAYb4QgENBC8WLVRoaXMgY2VydGlm
+aWNhdGUgd2FzIGlzc3VlZCBmb3IgdGVzdGluZyBvbmx5ITANBgkqhkiG9w0BAQQF
+AAOCAQEAeRBEcR/xp4pLH3VbQmTbZEGjVEBDxNAapsdIDrKB1ecA3JMhZDjweKc4
+MG5M+FQ5hcCT8kSi+6bL15BJRyyMB4727NRSC1i/2VkZmUGhhk3AR9UjsvrCC00D
+gPuHdQPrIxl9+CK26ypATizb5VapzmoBc2B/dWeVh+KJbEkgTudfFj98Dqn8kiUn
+bqbC3OMPa1uiez8oer8h6OAyOinmx0atjTqS5SOLI+2+p1lpMHMhodn4jgmd8Pms
+KQ0jMyA0ZQ1tozQXOw9VpRYegsm8LMq0emdfybxpwGbrCIIk7BXjBIDrhYbnb3GK
+blykzt4bqOeDtJuTgyBOS3Ldxqgfzg==
+-----END CERTIFICATE-----
diff --git a/examples/cms/Userkey.pem b/examples/cms/Userkey.pem
new file mode 100644
index 0000000..81731a2
--- /dev/null
+++ b/examples/cms/Userkey.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCsIzz5XtUfjpj5sy2A5qoVzy8JIGlJ4vmGcc3e7AQfz86rApo7
+2Ew/XmUWnMQk4g8xW05IsKDh0nL55LdrMvf8H7ioNWpsKApJcMwqEEMorDRO9+E3
+i2B+a/LSumAwdgCl/JF17Ce8qBViQj6wPC6mZkmjzuS688zYnNtX8M0DIwIDAQAB
+AoGAUmPrY1BIofoWri1csj21Wwr3cF7bBkplNDx0VSaSMse8G437VHmKxSnhKJmQ
+KDcrHmydY51m469e6MzYHa8fkfwFiqRhBE7rSw9n0K1sqzU6fJYXgpxdV+GOQcKw
+v+Lu+o6ej4BGQ7woJZXOiC3GDiWu3rC91UNC9eC74yCGuAECQQDhd36m/M9Bjw+C
+pNi55oFGdOCaiL+OT9I3Gt2+7MIo4d2YGvhl8Nr3PC6bEq1DzoWiaE+qxE3JFZdp
+J2+F0fCjAkEAw3LsfrqVZH5HW57csAapmhA+oiCTP3cDDObQ3pKNi3sfYKq8u+aK
+93XAbw3+sPaWlQbVnQF+2fNxOZB9TqFLgQJALVw+Fdhs1hKzGySRGa1/Oq6O9Wgn
+qbjzYPS9wgid812lmFFswg2X7/+inL5AL5EgH5F+3atKvvbiFFzDuheHowJAHwiS
+cJTjv68lWXDiDbkhGOtXZprRhpQ5EcVciNqwSuNj2g+CJDu4+Q3jXj7Un/indEY/
+iMyB/c1fvwooO2H1AQJAEmlUKcfUMdMKbsnqcBfUcge3POdb06pXDpZ/+X0g2OBE
+1fTIQgPgP6y+Ucp/WCW6l2pEJtt26KI5kEp31WSbHA==
+-----END RSA PRIVATE KEY-----
diff --git a/examples/cms/cms.pro b/examples/cms/cms.pro
new file mode 100644
index 0000000..c234904
--- /dev/null
+++ b/examples/cms/cms.pro
@@ -0,0 +1,2 @@
+SOURCES += cmsexample.cpp
+include(../examples.pri)
diff --git a/examples/cms/cmsexample.cpp b/examples/cms/cmsexample.cpp
new file mode 100644
index 0000000..6acf4f0
--- /dev/null
+++ b/examples/cms/cmsexample.cpp
@@ -0,0 +1,211 @@
+/*
+ Copyright (C) 2003 Justin Karneges <justin@affinix.com>
+ Copyright (C) 2005-2006 Brad Hards <bradh@frogmouth.net>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+
+#include <QtCrypto>
+
+#include <QCoreApplication>
+#include <QDebug>
+
+int main(int argc, char** argv)
+{
+ // the Initializer object sets things up, and
+ // also does cleanup when it goes out of scope
+ QCA::Initializer init;
+
+ QCoreApplication app(argc, argv);
+
+ // We need to ensure that we have certificate handling support
+ if ( !QCA::isSupported( "cert" ) ) {
+ qWarning() << "Sorry, no PKI certificate support";
+ return 1;
+ }
+
+ // Read in a public key cert
+ // you could also build this using the fromPEMFile() method
+ QCA::Certificate pubCert( "User.pem" );
+ if ( pubCert.isNull() ) {
+ qWarning() << "Sorry, could not import public key certificate";
+ return 1;
+ }
+ // We are building the certificate into a SecureMessageKey object, via a
+ // CertificateChain
+ QCA::SecureMessageKey secMsgKey;
+ QCA::CertificateChain chain;
+ chain += pubCert;
+ secMsgKey.setX509CertificateChain( chain );
+
+ // build up a SecureMessage object, based on our public key certificate
+ if ( !QCA::isSupported( "cms" ) ) {
+ qWarning() << "Sorry, no CMS support";
+ return 1;
+ }
+ QCA::CMS cms;
+ QCA::SecureMessage msg(&cms);
+ msg.setRecipient(secMsgKey);
+
+ // Some plain text - we use the first command line argument if provided
+ QByteArray plainText = (argc >= 2) ? argv[1] : "What do ya want for nuthin'";
+
+ // Now use the SecureMessage object to encrypt the plain text.
+ msg.startEncrypt();
+ msg.update(plainText);
+ msg.end();
+ // I think it is reasonable to wait for 1 second for this
+ msg.waitForFinished(1000);
+
+ // check to see if it worked
+ if(!msg.success())
+ {
+ qWarning() << "Error encrypting: " << msg.errorCode();
+ return 1;
+ }
+
+ // get the result
+ QByteArray cipherText = msg.read();
+ QCA::Base64 enc;
+ qDebug() << "'" << plainText.data() << "' encrypts to (in base 64): ";
+ qDebug() << enc.arrayToString( cipherText );
+ qDebug() << "Message uses" << msg.hashName() << "hashing algorithm";
+ qDebug();
+
+ // Show we can decrypt it with the private key
+
+ // Read in a private key
+ QCA::PrivateKey privKey;
+ QCA::ConvertResult convRes;
+ QCA::SecureArray passPhrase = "start";
+ privKey = QCA::PrivateKey::fromPEMFile( "Userkey.pem", passPhrase, &convRes );
+ if ( convRes != QCA::ConvertGood ) {
+ qWarning() << "Sorry, could not import Private Key";
+ return 1;
+ }
+
+ QCA::SecureMessageKey secMsgKey2;
+ // needed?
+ secMsgKey2.setX509CertificateChain( chain );
+ secMsgKey2.setX509PrivateKey(privKey);
+ QCA::SecureMessageKeyList privKeyList;
+ privKeyList += secMsgKey2;
+
+ // build up a SecureMessage object, based on the private key
+ // you could re-use the existing QCA::CMS object (cms), but
+ // this example simulates encryption and one end, and decryption
+ // at the other
+ QCA::CMS anotherCms;
+ anotherCms.setPrivateKeys( privKeyList );
+
+ QCA::SecureMessage msg2( &anotherCms );
+
+ msg2.startDecrypt();
+ msg2.update( cipherText );
+ msg2.end();
+
+ // I think it is reasonable to wait for 1 second for this
+ msg2.waitForFinished(1000);
+
+ // check to see if it worked
+ if(!msg2.success())
+ {
+ qWarning() << "Error encrypting: " << msg2.errorCode();
+ return 1;
+ }
+
+ QCA::SecureArray plainTextResult = msg2.read();
+
+ qDebug() << enc.arrayToString( cipherText )
+ << " (in base 64) decrypts to: "
+ << plainTextResult.data();
+
+ if (msg2.wasSigned()) {
+ qDebug() << "Message was signed at "
+ << msg2.signer().timestamp();
+ } else {
+ qDebug() << "Message was not signed";
+ }
+
+ qDebug() << "Message used" << msg2.hashName() << "hashing algorithm";
+
+ qDebug();
+
+ // Now we want to try a signature
+ QByteArray text("Got your message");
+
+ // Re-use the CMS and SecureMessageKeyList objects from the decrypt...
+ QCA::SecureMessage signing( &anotherCms );
+ signing.setSigners(privKeyList);
+
+ signing.startSign(QCA::SecureMessage::Detached);
+ signing.update(text);
+ signing.end();
+
+ // I think it is reasonable to wait for 1 second for this
+ signing.waitForFinished(1000);
+
+ // check to see if it worked
+ if(!signing.success())
+ {
+ qWarning() << "Error signing: " << signing.errorCode();
+ return 1;
+ }
+
+ // get the result
+ QByteArray signature = signing.signature();
+
+ qDebug() << "'" << text.data() << "', signature (converted to base 64), is: ";
+ qDebug() << enc.arrayToString( signature );
+ qDebug() << "Message uses" << signing.hashName() << "hashing algorithm";
+ qDebug();
+
+
+ // Now we go back to the first CMS, and re-use that.
+ QCA::SecureMessage verifying( &cms );
+
+ // You have to pass the signature to startVerify(),
+ // and the message to update()
+ verifying.startVerify(signature);
+ verifying.update(text);
+ verifying.end();
+
+ verifying.waitForFinished(1000);
+
+ // check to see if it worked
+ if(!verifying.success())
+ {
+ qWarning() << "Error verifying: " << verifying.errorCode();
+ return 1;
+ }
+
+ QCA::SecureMessageSignature sign;
+ sign = verifying.signer();
+ // todo: dump some data out about the signer
+
+ if(verifying.verifySuccess())
+ {
+ qDebug() << "Message verified";
+ } else {
+ qDebug() << "Message failed to verify:" << verifying.errorCode();
+ }
+
+ return 0;
+}
+
diff --git a/examples/cmssigner/TODO b/examples/cmssigner/TODO
new file mode 100644
index 0000000..671976c
--- /dev/null
+++ b/examples/cmssigner/TODO
@@ -0,0 +1,18 @@
+app icon (may need different sizes of this?) (a pen?)
+store icons
+ system
+ user
+ application
+ smart card
+ pgp keyring
+unknown store/entry icon (can use the same icon for both i think)
+animation rather than text for keystore busy?
+animation for signing in progress (maybe just use an endless QProgressBar?)
+integrated logger window? also allow setting the log level
+prompter should not call entrylist unless necessary. right now it starts
+ async mode on all stores, even if there is no prompting or anything going
+ on. qcatool has this problem also
+report all 3 kinds of diagnostic text somewhere
+ plugin: plugin dialog invoked from file menu ? also show provider versions
+ keystore: invoked from keyselectdlg ?
+ secmessage: "details" button on error dialog?
diff --git a/examples/cmssigner/certitem.cpp b/examples/cmssigner/certitem.cpp
new file mode 100644
index 0000000..3028dd1
--- /dev/null
+++ b/examples/cmssigner/certitem.cpp
@@ -0,0 +1,723 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#include "certitem.h"
+
+#include <QtCore>
+#include <QtGui>
+#include <QtCrypto>
+#include "prompter.h"
+
+typedef QMap<CertItemStore::IconType,QPixmap> CertItemIconset;
+
+//----------------------------------------------------------------------------
+// MyPrompter
+//----------------------------------------------------------------------------
+class MyPrompter : public Prompter
+{
+ Q_OBJECT
+private:
+ QMap<QString,QCA::SecureArray> known;
+ QMap<QString,QCA::SecureArray> maybe;
+
+public:
+ MyPrompter(QObject *parent = 0) :
+ Prompter(parent)
+ {
+ }
+
+ void fileSuccess(const QString &fileName)
+ {
+ if(maybe.contains(fileName))
+ {
+ known[fileName] = maybe[fileName];
+ maybe.remove(fileName);
+ }
+ }
+
+ void fileFailed(const QString &fileName)
+ {
+ maybe.remove(fileName);
+ known.remove(fileName);
+ }
+
+protected:
+ virtual QCA::SecureArray knownPassword(const QCA::Event &event)
+ {
+ if(event.source() == QCA::Event::Data && !event.fileName().isEmpty())
+ return known.value(event.fileName());
+ else
+ return QCA::SecureArray();
+ }
+
+ virtual void userSubmitted(const QCA::SecureArray &password, const QCA::Event &event)
+ {
+ if(event.source() == QCA::Event::Data && !event.fileName().isEmpty())
+ maybe[event.fileName()] = password;
+ }
+};
+
+//----------------------------------------------------------------------------
+// CertItem
+//----------------------------------------------------------------------------
+static QString escape(const QString &in)
+{
+ QString out;
+ for(int n = 0; n < in.length(); ++n)
+ {
+ if(in[n] == '\\')
+ out += "\\\\";
+ else if(in[n] == ':')
+ out += "\\c";
+ else if(in[n] == '\n')
+ out += "\\n";
+ else
+ out += in[n];
+ }
+ return out;
+}
+
+static QString unescape(const QString &in)
+{
+ QString out;
+ for(int n = 0; n < in.length(); ++n)
+ {
+ if(in[n] == '\\')
+ {
+ if(n + 1 < in.length())
+ {
+ ++n;
+ if(in[n] == '\\')
+ out += '\\';
+ else if(in[n] == 'c')
+ out += ':';
+ else if(in[n] == 'n')
+ out += '\n';
+ }
+ }
+ else
+ out += in[n];
+ }
+ return out;
+}
+
+class CertItem::Private : public QSharedData
+{
+public:
+ QString name;
+ QCA::CertificateChain chain;
+ bool havePrivate;
+ StorageType storageType;
+ bool usable;
+
+ QString fileName;
+ QCA::KeyStoreEntry keyStoreEntry;
+ QString keyStoreEntryString;
+
+ Private() :
+ havePrivate(false),
+ storageType(File),
+ usable(false)
+ {
+ }
+
+ QString toString() const
+ {
+ QStringList parts;
+
+ parts += name;
+ parts += QString::number(chain.count());
+ foreach(const QCA::Certificate &cert, chain)
+ parts += QCA::Base64().arrayToString(cert.toDER());
+
+ if(havePrivate)
+ {
+ if(storageType == File)
+ {
+ parts += "privateFile";
+ parts += fileName;
+ }
+ else // KeyStoreEntry
+ {
+ parts += "privateEntry";
+ if(!keyStoreEntry.isNull())
+ parts += keyStoreEntry.toString();
+ else
+ parts += keyStoreEntryString;
+ }
+ }
+
+ for(int n = 0; n < parts.count(); ++n)
+ parts[n] = escape(parts[n]);
+ return parts.join(":");
+ }
+
+ bool fromString(const QString &in)
+ {
+ QStringList parts = in.split(':');
+ for(int n = 0; n < parts.count(); ++n)
+ parts[n] = unescape(parts[n]);
+
+ if(parts.count() < 3)
+ return false;
+
+ name = parts[0];
+ int chainCount = parts[1].toInt();
+ if(chainCount < 1 || chainCount > parts.count() - 2)
+ return false;
+ chain.clear();
+ for(int n = 0; n < chainCount; ++n)
+ {
+ QCA::Certificate cert = QCA::Certificate::fromDER(QCA::Base64().stringToArray(parts[n + 2]).toByteArray());
+ if(cert.isNull())
+ return false;
+ chain += cert;
+ }
+ int at = chain.count() + 2;
+
+ if(at < parts.count())
+ {
+ havePrivate = true;
+ usable = false;
+
+ if(parts[at] == "privateFile")
+ {
+ storageType = File;
+ fileName = parts[at + 1];
+ if(QFile::exists(fileName))
+ usable = true;
+ }
+ else if(parts[at] == "privateEntry")
+ {
+ storageType = KeyStore;
+ keyStoreEntryString = parts[at + 1];
+ keyStoreEntry = QCA::KeyStoreEntry(keyStoreEntryString);
+ if(!keyStoreEntry.isNull())
+ usable = true;
+ }
+ else
+ return false;
+ }
+
+ return true;
+ }
+};
+
+CertItem::CertItem()
+{
+}
+
+CertItem::CertItem(const CertItem &from) :
+ d(from.d)
+{
+}
+
+CertItem::~CertItem()
+{
+}
+
+CertItem & CertItem::operator=(const CertItem &from)
+{
+ d = from.d;
+ return *this;
+}
+
+QString CertItem::name() const
+{
+ return d->name;
+}
+
+QCA::CertificateChain CertItem::certificateChain() const
+{
+ return d->chain;
+}
+
+bool CertItem::havePrivate() const
+{
+ return d->havePrivate;
+}
+
+CertItem::StorageType CertItem::storageType() const
+{
+ return d->storageType;
+}
+
+bool CertItem::isUsable() const
+{
+ return d->usable;
+}
+
+//----------------------------------------------------------------------------
+// CertItemStore
+//----------------------------------------------------------------------------
+static MyPrompter *g_prompter = 0;
+static int g_prompter_refs = 0;
+
+class CertItemStorePrivate : public QObject
+{
+ Q_OBJECT
+public:
+ CertItemStore *q;
+ MyPrompter *prompter;
+ QList<CertItem> list;
+ QList<int> idList;
+ CertItemIconset iconset;
+ int next_id;
+ int next_req_id;
+
+ class LoaderItem
+ {
+ public:
+ int req_id;
+ QCA::KeyLoader *keyLoader;
+ QString fileName;
+ };
+
+ QList<LoaderItem> loaders;
+
+ CertItemStorePrivate(CertItemStore *_q) :
+ QObject(_q),
+ q(_q),
+ next_id(0),
+ next_req_id(0)
+ {
+ if(!g_prompter)
+ {
+ g_prompter = new MyPrompter;
+ g_prompter_refs = 1;
+ }
+ else
+ ++g_prompter_refs;
+
+ prompter = g_prompter;
+ }
+
+ ~CertItemStorePrivate()
+ {
+ foreach(const LoaderItem &i, loaders)
+ delete i.keyLoader;
+
+ --g_prompter_refs;
+ if(g_prompter_refs == 0)
+ {
+ delete g_prompter;
+ g_prompter = 0;
+ }
+ }
+
+ QString getUniqueName(const QString &name)
+ {
+ int num = 1;
+ while(1)
+ {
+ QString tryname;
+ if(num == 1)
+ tryname = name;
+ else
+ tryname = name + QString(" (%1)").arg(num);
+
+ bool found = false;
+ foreach(const CertItem &i, list)
+ {
+ if(i.name() == tryname)
+ {
+ found = true;
+ break;
+ }
+ }
+ if(!found)
+ return tryname;
+
+ ++num;
+ }
+ }
+
+ static QString convertErrorToString(QCA::ConvertResult r)
+ {
+ QString str;
+ switch(r)
+ {
+ case QCA::ConvertGood: break;
+ case QCA::ErrorPassphrase: str = tr("Incorrect passphrase.");
+ case QCA::ErrorFile: str = tr("Unable to open or read file.");
+ case QCA::ErrorDecode:
+ default: str = tr("Unable to decode format.");
+ }
+ return str;
+ }
+
+public slots:
+ void loader_finished()
+ {
+ QCA::KeyLoader *keyLoader = (QCA::KeyLoader *)sender();
+ int at = -1;
+ for(int n = 0; n < loaders.count(); ++n)
+ {
+ if(loaders[n].keyLoader == keyLoader)
+ {
+ at = n;
+ break;
+ }
+ }
+ Q_ASSERT(at != -1);
+
+ int req_id = loaders[at].req_id;
+ QString fileName = loaders[at].fileName;
+ loaders.removeAt(at);
+
+ QCA::ConvertResult r = keyLoader->convertResult();
+ if(r != QCA::ConvertGood)
+ {
+ delete keyLoader;
+ prompter->fileFailed(fileName);
+ QMessageBox::information(0, tr("Error"),
+ tr("Error importing certificate and private key.\nReason: %1").arg(convertErrorToString(r)));
+ emit q->addFailed(req_id);
+ return;
+ }
+
+ prompter->fileSuccess(fileName);
+
+ QCA::KeyBundle kb = keyLoader->keyBundle();
+ delete keyLoader;
+
+ QCA::CertificateChain chain = kb.certificateChain();
+ QCA::Certificate cert = chain.primary();
+
+ QString name = getUniqueName(cert.commonName());
+
+ CertItem i;
+ i.d = new CertItem::Private;
+ i.d->name = name;
+ i.d->chain = chain;
+ i.d->havePrivate = true;
+ i.d->storageType = CertItem::File;
+ i.d->usable = true;
+ i.d->fileName = fileName;
+
+ int id = next_id++;
+
+ q->beginInsertRows(QModelIndex(), list.size(), list.size());
+ list += i;
+ idList += id;
+ q->endInsertRows();
+
+ emit q->addSuccess(req_id, id);
+ }
+};
+
+CertItemStore::CertItemStore(QObject *parent) :
+ QAbstractListModel(parent)
+{
+ d = new CertItemStorePrivate(this);
+}
+
+CertItemStore::~CertItemStore()
+{
+ delete d;
+}
+
+int CertItemStore::idFromRow(int row) const
+{
+ return d->idList[row];
+}
+
+int CertItemStore::rowFromId(int id) const
+{
+ for(int n = 0; n < d->idList.count(); ++n)
+ {
+ if(d->idList[n] == id)
+ return n;
+ }
+ return -1;
+}
+
+CertItem CertItemStore::itemFromId(int id) const
+{
+ return d->list[rowFromId(id)];
+}
+
+CertItem CertItemStore::itemFromRow(int row) const
+{
+ return d->list[row];
+}
+
+QList<CertItem> CertItemStore::items() const
+{
+ return d->list;
+}
+
+QStringList CertItemStore::save() const
+{
+ QStringList out;
+ foreach(const CertItem &i, d->list)
+ out += i.d->toString();
+ return out;
+}
+
+bool CertItemStore::load(const QStringList &in)
+{
+ QList<CertItem> addList;
+ QList<int> addIdList;
+ foreach(const QString &s, in)
+ {
+ CertItem i;
+ i.d = new CertItem::Private;
+ if(i.d->fromString(s))
+ {
+ addList += i;
+ addIdList += d->next_id++;
+ }
+ }
+
+ if(addList.isEmpty())
+ return true;
+
+ beginInsertRows(QModelIndex(), d->list.size(), d->list.size() + addList.count() - 1);
+ d->list += addList;
+ d->idList += addIdList;
+ endInsertRows();
+
+ return true;
+}
+
+int CertItemStore::addFromFile(const QString &fileName)
+{
+ CertItemStorePrivate::LoaderItem i;
+ i.req_id = d->next_req_id++;
+ i.keyLoader = new QCA::KeyLoader(d);
+ i.fileName = fileName;
+ connect(i.keyLoader, SIGNAL(finished()), d, SLOT(loader_finished()));
+ d->loaders += i;
+ i.keyLoader->loadKeyBundleFromFile(fileName);
+ return i.req_id;
+}
+
+int CertItemStore::addFromKeyStore(const QCA::KeyStoreEntry &entry)
+{
+ QCA::KeyBundle kb = entry.keyBundle();
+
+ QCA::CertificateChain chain = kb.certificateChain();
+ QCA::Certificate cert = chain.primary();
+
+ QString name = d->getUniqueName(entry.name());
+
+ CertItem i;
+ i.d = new CertItem::Private;
+ i.d->name = name;
+ i.d->chain = chain;
+ i.d->havePrivate = true;
+ i.d->storageType = CertItem::KeyStore;
+ i.d->usable = true;
+ i.d->keyStoreEntry = entry;
+
+ int id = d->next_id++;
+
+ beginInsertRows(QModelIndex(), d->list.size(), d->list.size());
+ d->list += i;
+ d->idList += id;
+ endInsertRows();
+
+ int req_id = d->next_req_id++;
+ QMetaObject::invokeMethod(this, "addSuccess", Qt::QueuedConnection, Q_ARG(int, req_id), Q_ARG(int, id));
+ return req_id;
+}
+
+int CertItemStore::addUser(const QCA::CertificateChain &chain)
+{
+ QCA::Certificate cert = chain.primary();
+
+ QString name = d->getUniqueName(cert.commonName());
+
+ CertItem i;
+ i.d = new CertItem::Private;
+ i.d->name = name;
+ i.d->chain = chain;
+
+ int id = d->next_id++;
+
+ beginInsertRows(QModelIndex(), d->list.size(), d->list.size());
+ d->list += i;
+ d->idList += id;
+ endInsertRows();
+
+ int req_id = d->next_req_id++;
+ QMetaObject::invokeMethod(this, "addSuccess", Qt::QueuedConnection, Q_ARG(int, req_id), Q_ARG(int, id));
+ return req_id;
+}
+
+void CertItemStore::updateChain(int id, const QCA::CertificateChain &chain)
+{
+ int at = rowFromId(id);
+ d->list[at].d->chain = chain;
+}
+
+void CertItemStore::removeItem(int id)
+{
+ int at = rowFromId(id);
+
+ beginRemoveRows(QModelIndex(), at, at);
+ d->list.removeAt(at);
+ d->idList.removeAt(at);
+ endRemoveRows();
+}
+
+void CertItemStore::setIcon(IconType type, const QPixmap &icon)
+{
+ d->iconset[type] = icon;
+}
+
+int CertItemStore::rowCount(const QModelIndex &parent) const
+{
+ Q_UNUSED(parent);
+ return d->list.count();
+}
+
+QVariant CertItemStore::data(const QModelIndex &index, int role) const
+{
+ if(!index.isValid())
+ return QVariant();
+
+ int at = index.row();
+ QList<CertItem> &list = d->list;
+
+ if(at >= list.count())
+ return QVariant();
+
+ if(role == Qt::DisplayRole)
+ {
+ QString str = list[at].name();
+ if(list[at].havePrivate() && !list[at].isUsable())
+ str += QString(" ") + tr("(not usable)");
+ return str;
+ }
+ else if(role == Qt::EditRole)
+ return list[at].name();
+ else if(role == Qt::DecorationRole)
+ {
+ if(list[at].havePrivate())
+ return d->iconset[CertItemStore::IconKeyBundle];
+ else
+ return d->iconset[CertItemStore::IconCert];
+ }
+ else
+ return QVariant();
+}
+
+Qt::ItemFlags CertItemStore::flags(const QModelIndex &index) const
+{
+ if(!index.isValid())
+ return Qt::ItemIsEnabled;
+
+ return Qt::ItemIsEnabled | Qt::ItemIsSelectable | Qt::ItemIsEditable;
+}
+
+bool CertItemStore::setData(const QModelIndex &index, const QVariant &value, int role)
+{
+ if(index.isValid() && role == Qt::EditRole)
+ {
+ QString str = value.toString();
+ d->list[index.row()].d->name = str;
+ emit dataChanged(index, index);
+ return true;
+ }
+ return false;
+}
+
+//----------------------------------------------------------------------------
+// CertItemPrivateLoader
+//----------------------------------------------------------------------------
+class CertItemPrivateLoaderPrivate : public QObject
+{
+ Q_OBJECT
+public:
+ CertItemPrivateLoader *q;
+ CertItemStore *store;
+ QCA::KeyLoader *loader;
+ QString fileName;
+ QCA::PrivateKey key;
+
+ CertItemPrivateLoaderPrivate(CertItemPrivateLoader *_q) :
+ QObject(_q),
+ q(_q)
+ {
+ }
+
+public slots:
+ void loader_finished()
+ {
+ QCA::ConvertResult r = loader->convertResult();
+ if(r != QCA::ConvertGood)
+ {
+ delete loader;
+ loader = 0;
+ store->d->prompter->fileFailed(fileName);
+ QMessageBox::information(0, tr("Error"),
+ tr("Error accessing private key.\nReason: %1").arg(CertItemStorePrivate::convertErrorToString(r)));
+ emit q->finished();
+ return;
+ }
+
+ store->d->prompter->fileSuccess(fileName);
+
+ key = loader->keyBundle().privateKey();
+ delete loader;
+ loader = 0;
+ emit q->finished();
+ }
+};
+
+CertItemPrivateLoader::CertItemPrivateLoader(CertItemStore *store, QObject *parent) :
+ QObject(parent)
+{
+ d = new CertItemPrivateLoaderPrivate(this);
+ d->store = store;
+}
+
+CertItemPrivateLoader::~CertItemPrivateLoader()
+{
+ delete d;
+}
+
+void CertItemPrivateLoader::start(int id)
+{
+ CertItem i = d->store->itemFromId(id);
+
+ if(i.storageType() == CertItem::KeyStore)
+ {
+ d->key = i.d->keyStoreEntry.keyBundle().privateKey();
+ QMetaObject::invokeMethod(this, "finished", Qt::QueuedConnection);
+ return;
+ }
+
+ d->key = QCA::PrivateKey();
+ d->fileName = i.d->fileName;
+ d->loader = new QCA::KeyLoader(d);
+ connect(d->loader, SIGNAL(finished()), d, SLOT(loader_finished()));
+ d->loader->loadKeyBundleFromFile(d->fileName);
+}
+
+QCA::PrivateKey CertItemPrivateLoader::privateKey() const
+{
+ return d->key;
+}
+
+#include "certitem.moc"
diff --git a/examples/cmssigner/certitem.h b/examples/cmssigner/certitem.h
new file mode 100644
index 0000000..c1ae785
--- /dev/null
+++ b/examples/cmssigner/certitem.h
@@ -0,0 +1,146 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#ifndef CERTITEM_H
+#define CERTITEM_H
+
+#include <QAbstractListModel>
+#include <QSharedDataPointer>
+
+class QString;
+class QStringList;
+
+namespace QCA
+{
+ class PrivateKey;
+ class CertificateChain;
+ class KeyStoreEntry;
+}
+
+class CertItemStore;
+class CertItemStorePrivate;
+class CertItemPrivateLoaderPrivate;
+
+class CertItem
+{
+public:
+ enum StorageType
+ {
+ File,
+ KeyStore
+ };
+
+ CertItem();
+ CertItem(const CertItem &from);
+ ~CertItem();
+ CertItem & operator=(const CertItem &from);
+
+ QString name() const;
+ QCA::CertificateChain certificateChain() const;
+ bool havePrivate() const;
+ StorageType storageType() const; // private key storage type
+ bool isUsable() const; // file/provider present
+
+private:
+ class Private;
+ QSharedDataPointer<Private> d;
+
+ friend class CertItemStore;
+ friend class CertItemStorePrivate;
+ friend class CertItemPrivateLoader;
+ friend class CertItemPrivateLoaderPrivate;
+};
+
+class CertItemStore : public QAbstractListModel
+{
+ Q_OBJECT
+public:
+ enum IconType
+ {
+ IconCert,
+ IconCrl,
+ IconKeyBundle,
+ IconPgpPub,
+ IconPgpSec
+ };
+
+ CertItemStore(QObject *parent = 0);
+ ~CertItemStore();
+
+ int idFromRow(int row) const;
+ int rowFromId(int id) const;
+ CertItem itemFromId(int id) const;
+ CertItem itemFromRow(int row) const;
+
+ QList<CertItem> items() const;
+
+ QStringList save() const;
+ bool load(const QStringList &in);
+
+ // returns a reqId
+ int addFromFile(const QString &fileName);
+ int addFromKeyStore(const QCA::KeyStoreEntry &entry);
+ int addUser(const QCA::CertificateChain &chain);
+
+ void updateChain(int id, const QCA::CertificateChain &chain);
+
+ void removeItem(int id);
+
+ void setIcon(IconType type, const QPixmap &icon);
+
+ // reimplemented
+ int rowCount(const QModelIndex &parent = QModelIndex()) const;
+ QVariant data(const QModelIndex &index, int role) const;
+ Qt::ItemFlags flags(const QModelIndex &index) const;
+ bool setData(const QModelIndex &index, const QVariant &value, int role);
+
+signals:
+ void addSuccess(int reqId, int id);
+ void addFailed(int reqId);
+
+private:
+ friend class CertItemStorePrivate;
+ CertItemStorePrivate *d;
+
+ friend class CertItemPrivateLoader;
+ friend class CertItemPrivateLoaderPrivate;
+};
+
+class CertItemPrivateLoader : public QObject
+{
+ Q_OBJECT
+public:
+ explicit CertItemPrivateLoader(CertItemStore *store, QObject *parent = 0);
+ ~CertItemPrivateLoader();
+
+ void start(int id);
+
+ QCA::PrivateKey privateKey() const;
+
+signals:
+ void finished();
+
+private:
+ friend class CertItemPrivateLoaderPrivate;
+ CertItemPrivateLoaderPrivate *d;
+};
+
+#endif
diff --git a/examples/cmssigner/certview.ui b/examples/cmssigner/certview.ui
new file mode 100644
index 0000000..c8f4b76
--- /dev/null
+++ b/examples/cmssigner/certview.ui
@@ -0,0 +1,85 @@
+<ui version="4.0" >
+ <class>CertView</class>
+ <widget class="QDialog" name="CertView" >
+ <property name="geometry" >
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>400</width>
+ <height>300</height>
+ </rect>
+ </property>
+ <property name="windowTitle" >
+ <string>View Certificate</string>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QComboBox" name="cb_chain" />
+ </item>
+ <item>
+ <widget class="QFrame" name="frame" >
+ <property name="frameShape" >
+ <enum>QFrame::StyledPanel</enum>
+ </property>
+ <property name="frameShadow" >
+ <enum>QFrame::Raised</enum>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="lb_info" >
+ <property name="alignment" >
+ <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop</set>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </widget>
+ </item>
+ <item>
+ <widget class="QDialogButtonBox" name="buttonBox" >
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="standardButtons" >
+ <set>QDialogButtonBox::Close</set>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </widget>
+ <tabstops>
+ <tabstop>cb_chain</tabstop>
+ <tabstop>buttonBox</tabstop>
+ </tabstops>
+ <resources/>
+ <connections>
+ <connection>
+ <sender>buttonBox</sender>
+ <signal>rejected()</signal>
+ <receiver>CertView</receiver>
+ <slot>reject()</slot>
+ <hints>
+ <hint type="sourcelabel" >
+ <x>284</x>
+ <y>278</y>
+ </hint>
+ <hint type="destinationlabel" >
+ <x>291</x>
+ <y>299</y>
+ </hint>
+ </hints>
+ </connection>
+ </connections>
+</ui>
diff --git a/examples/cmssigner/certviewdlg.cpp b/examples/cmssigner/certviewdlg.cpp
new file mode 100644
index 0000000..04e2618
--- /dev/null
+++ b/examples/cmssigner/certviewdlg.cpp
@@ -0,0 +1,166 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#include "certviewdlg.h"
+
+#include <QtCore>
+#include <QtGui>
+#include <QtCrypto>
+#include "ui_certview.h"
+
+// from qcatool
+class InfoType
+{
+public:
+ QCA::CertificateInfoType type;
+ QString varname;
+ QString shortname;
+ QString name;
+ QString desc;
+
+ InfoType()
+ {
+ }
+
+ InfoType(QCA::CertificateInfoType _type, const QString &_varname, const QString &_shortname, const QString &_name, const QString &_desc) :
+ type(_type),
+ varname(_varname),
+ shortname(_shortname),
+ name(_name),
+ desc(_desc)
+ {
+ }
+};
+
+static QList<InfoType> makeInfoTypeList(bool legacyEmail = false)
+{
+ QList<InfoType> out;
+ out += InfoType(QCA::CommonName, "CommonName", "CN", CertViewDlg::tr("Common Name (CN)"), "Full name, domain, anything");
+ out += InfoType(QCA::Email, "Email", "", CertViewDlg::tr("Email Address"), "");
+ if(legacyEmail)
+ out += InfoType(QCA::EmailLegacy, "EmailLegacy", "", CertViewDlg::tr("PKCS#9 Email Address"), "");
+ out += InfoType(QCA::Organization, "Organization", "O", CertViewDlg::tr("Organization (O)"), "Company, group, etc");
+ out += InfoType(QCA::OrganizationalUnit, "OrganizationalUnit", "OU", CertViewDlg::tr("Organizational Unit (OU)"), "Division/branch of organization");
+ out += InfoType(QCA::Locality, "Locality", "", CertViewDlg::tr("Locality (L)"), "City, shire, part of a state");
+ out += InfoType(QCA::State, "State", "", CertViewDlg::tr("State (ST)"), "State within the country");
+ out += InfoType(QCA::Country, "Country", "C", CertViewDlg::tr("Country Code (C)"), "2-letter code");
+ out += InfoType(QCA::IncorporationLocality, "IncorporationLocality", "", CertViewDlg::tr("Incorporation Locality"), "For EV certificates");
+ out += InfoType(QCA::IncorporationState, "IncorporationState", "", CertViewDlg::tr("Incorporation State"), "For EV certificates");
+ out += InfoType(QCA::IncorporationCountry, "IncorporationCountry", "", CertViewDlg::tr("Incorporation Country"), "For EV certificates");
+ out += InfoType(QCA::URI, "URI", "", CertViewDlg::tr("URI"), "");
+ out += InfoType(QCA::DNS, "DNS", "", CertViewDlg::tr("Domain Name"), "Domain (dnsName)");
+ out += InfoType(QCA::IPAddress, "IPAddress", "", CertViewDlg::tr("IP Adddress"), "");
+ out += InfoType(QCA::XMPP, "XMPP", "", CertViewDlg::tr("XMPP Address (JID)"), "From RFC 3920 (id-on-xmppAddr)");
+ return out;
+}
+
+static QString try_print_info(const QString &name, const QStringList &values)
+{
+ QString out;
+ if(!values.isEmpty())
+ {
+ QString value = values.join(", ");
+ out = QString(" ") + CertViewDlg::tr("%1: %2").arg(name, value) + '\n';
+ }
+ return out;
+}
+
+static QString print_info(const QString &title, const QCA::CertificateInfo &info)
+{
+ QString out;
+ QList<InfoType> list = makeInfoTypeList();
+ out += title + '\n';
+ foreach(const InfoType &t, list)
+ out += try_print_info(t.name, info.values(t.type));
+ return out;
+}
+
+static QString cert_info_string(const QCA::Certificate &cert)
+{
+ QString out;
+ out += CertViewDlg::tr("Serial Number: %1").arg(cert.serialNumber().toString()) + '\n';
+ out += print_info(CertViewDlg::tr("Subject"), cert.subjectInfo());
+ out += print_info(CertViewDlg::tr("Issuer"), cert.issuerInfo());
+ out += CertViewDlg::tr("Validity") + '\n';
+ out += QString(" ") + CertViewDlg::tr("Not before: %1").arg(cert.notValidBefore().toString()) + '\n';
+ out += QString(" ") + CertViewDlg::tr("Not after: %1").arg(cert.notValidAfter().toString()) + '\n';
+ return out;
+}
+
+class CertViewDlg::Private : public QObject
+{
+ Q_OBJECT
+public:
+ CertViewDlg *q;
+ Ui_CertView ui;
+ QCA::CertificateChain chain;
+
+ Private(CertViewDlg *_q) :
+ QObject(_q),
+ q(_q)
+ {
+ ui.setupUi(q);
+ connect(ui.cb_chain, SIGNAL(activated(int)), SLOT(cb_activated(int)));
+ ui.lb_info->setTextInteractionFlags(Qt::TextSelectableByMouse);
+ }
+
+ void update()
+ {
+ QStringList names = QCA::makeFriendlyNames(chain);
+ ui.cb_chain->clear();
+ foreach(const QString &s, names)
+ ui.cb_chain->insertItem(ui.cb_chain->count(), s);
+ updateInfo();
+ }
+
+ void updateInfo()
+ {
+ int x = ui.cb_chain->currentIndex();
+ if(x == -1)
+ {
+ ui.lb_info->setText("");
+ return;
+ }
+
+ ui.lb_info->setText(cert_info_string(chain[x]));
+ }
+
+private slots:
+ void cb_activated(int)
+ {
+ updateInfo();
+ }
+};
+
+CertViewDlg::CertViewDlg(const QCA::CertificateChain &chain, QWidget *parent) :
+ QDialog(parent)
+{
+ d = new Private(this);
+ d->chain = chain;
+ d->update();
+}
+
+CertViewDlg::~CertViewDlg()
+{
+ delete d;
+}
+
+#include "certviewdlg.moc"
diff --git a/examples/cmssigner/certviewdlg.h b/examples/cmssigner/certviewdlg.h
new file mode 100644
index 0000000..8e232be
--- /dev/null
+++ b/examples/cmssigner/certviewdlg.h
@@ -0,0 +1,44 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#ifndef CERTVIEWDLG_H
+#define CERTVIEWDLG_H
+
+#include <QDialog>
+
+namespace QCA
+{
+ class CertificateChain;
+}
+
+class CertViewDlg : public QDialog
+{
+ Q_OBJECT
+public:
+ explicit CertViewDlg(const QCA::CertificateChain &chain, QWidget *parent = 0);
+ ~CertViewDlg();
+
+private:
+ class Private;
+ Private *d;
+};
+
+#endif
diff --git a/examples/cmssigner/cmssigner.pro b/examples/cmssigner/cmssigner.pro
new file mode 100644
index 0000000..31e4305
--- /dev/null
+++ b/examples/cmssigner/cmssigner.pro
@@ -0,0 +1,22 @@
+include(../examples.pri)
+CONFIG -= console
+CONFIG += app_bundle
+QT += gui
+
+include(pkcs11configdlg/pkcs11configdlg.pri)
+
+HEADERS += \
+ prompter.h \
+ certviewdlg.h \
+ keyselectdlg.h \
+ certitem.h
+
+SOURCES += \
+ prompter.cpp \
+ certviewdlg.cpp \
+ keyselectdlg.cpp \
+ certitem.cpp \
+ main.cpp
+
+FORMS += certview.ui keyselect.ui mainwin.ui
+RESOURCES += cmssigner.qrc
diff --git a/examples/cmssigner/cmssigner.qrc b/examples/cmssigner/cmssigner.qrc
new file mode 100644
index 0000000..46da0ba
--- /dev/null
+++ b/examples/cmssigner/cmssigner.qrc
@@ -0,0 +1,9 @@
+<RCC>
+ <qresource prefix="/gfx" >
+ <file>icons/cert16.png</file>
+ <file>icons/crl16.png</file>
+ <file>icons/keybundle16.png</file>
+ <file>icons/keypair16.png</file>
+ <file>icons/publickey16.png</file>
+ </qresource>
+</RCC>
diff --git a/examples/cmssigner/icons/cert16.png b/examples/cmssigner/icons/cert16.png
new file mode 100644
index 0000000..2fdf9e3
--- /dev/null
+++ b/examples/cmssigner/icons/cert16.png
Binary files differ
diff --git a/examples/cmssigner/icons/crl16.png b/examples/cmssigner/icons/crl16.png
new file mode 100644
index 0000000..ec9b6f3
--- /dev/null
+++ b/examples/cmssigner/icons/crl16.png
Binary files differ
diff --git a/examples/cmssigner/icons/keybundle16.png b/examples/cmssigner/icons/keybundle16.png
new file mode 100644
index 0000000..3212226
--- /dev/null
+++ b/examples/cmssigner/icons/keybundle16.png
Binary files differ
diff --git a/examples/cmssigner/icons/keypair16.png b/examples/cmssigner/icons/keypair16.png
new file mode 100644
index 0000000..fea3d44
--- /dev/null
+++ b/examples/cmssigner/icons/keypair16.png
Binary files differ
diff --git a/examples/cmssigner/icons/publickey16.png b/examples/cmssigner/icons/publickey16.png
new file mode 100644
index 0000000..63d09cd
--- /dev/null
+++ b/examples/cmssigner/icons/publickey16.png
Binary files differ
diff --git a/examples/cmssigner/keyselect.ui b/examples/cmssigner/keyselect.ui
new file mode 100644
index 0000000..143088c
--- /dev/null
+++ b/examples/cmssigner/keyselect.ui
@@ -0,0 +1,96 @@
+<ui version="4.0" >
+ <class>KeySelect</class>
+ <widget class="QDialog" name="KeySelect" >
+ <property name="geometry" >
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>363</width>
+ <height>233</height>
+ </rect>
+ </property>
+ <property name="windowTitle" >
+ <string>Storage Device Browser</string>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="label" >
+ <property name="text" >
+ <string>Select an identity from a storage device below:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QTreeView" name="lv_stores" />
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="lb_busy" />
+ </item>
+ <item>
+ <widget class="QDialogButtonBox" name="buttonBox" >
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="standardButtons" >
+ <set>QDialogButtonBox::Cancel|QDialogButtonBox::NoButton|QDialogButtonBox::Ok</set>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </widget>
+ <tabstops>
+ <tabstop>lv_stores</tabstop>
+ <tabstop>buttonBox</tabstop>
+ </tabstops>
+ <resources/>
+ <connections>
+ <connection>
+ <sender>buttonBox</sender>
+ <signal>accepted()</signal>
+ <receiver>KeySelect</receiver>
+ <slot>accept()</slot>
+ <hints>
+ <hint type="sourcelabel" >
+ <x>227</x>
+ <y>211</y>
+ </hint>
+ <hint type="destinationlabel" >
+ <x>157</x>
+ <y>232</y>
+ </hint>
+ </hints>
+ </connection>
+ <connection>
+ <sender>buttonBox</sender>
+ <signal>rejected()</signal>
+ <receiver>KeySelect</receiver>
+ <slot>reject()</slot>
+ <hints>
+ <hint type="sourcelabel" >
+ <x>295</x>
+ <y>217</y>
+ </hint>
+ <hint type="destinationlabel" >
+ <x>286</x>
+ <y>232</y>
+ </hint>
+ </hints>
+ </connection>
+ </connections>
+</ui>
diff --git a/examples/cmssigner/keyselectdlg.cpp b/examples/cmssigner/keyselectdlg.cpp
new file mode 100644
index 0000000..05bf40e
--- /dev/null
+++ b/examples/cmssigner/keyselectdlg.cpp
@@ -0,0 +1,422 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#include "keyselectdlg.h"
+
+#include <QtCore>
+#include <QtGui>
+#include <QtCrypto>
+#include "ui_keyselect.h"
+
+#define ONLY_SHOW_KEYBUNDLE
+
+typedef QMap<KeySelectDlg::IconType,QPixmap> KeyStoreIconset;
+
+class KeyStoreItemShared
+{
+public:
+ KeyStoreIconset iconset;
+ QString notAvailableString;
+};
+
+class KeyStoreItem : public QStandardItem
+{
+public:
+ enum Type
+ {
+ Store = UserType,
+ Entry
+ };
+
+ enum Role
+ {
+ NameRole = Qt::UserRole,
+ SubTypeRole,
+ AvailabilityRole,
+ PositionRole
+ };
+
+ QPixmap entryTypeToIcon(QCA::KeyStoreEntry::Type type) const
+ {
+ QPixmap out;
+ if(!_shared)
+ return out;
+ const KeyStoreIconset &iconset = _shared->iconset;
+ switch(type)
+ {
+ case QCA::KeyStoreEntry::TypeKeyBundle: out = iconset[KeySelectDlg::IconKeyBundle]; break;
+ case QCA::KeyStoreEntry::TypeCertificate: out = iconset[KeySelectDlg::IconCert]; break;
+ case QCA::KeyStoreEntry::TypeCRL: out = iconset[KeySelectDlg::IconCrl]; break;
+ case QCA::KeyStoreEntry::TypePGPSecretKey: out = iconset[KeySelectDlg::IconPgpSec]; break;
+ case QCA::KeyStoreEntry::TypePGPPublicKey: out = iconset[KeySelectDlg::IconPgpPub]; break;
+ default: break;
+ }
+ return out;
+ }
+
+ Type _type;
+ KeyStoreItemShared *_shared;
+
+ QCA::KeyStore *keyStore;
+ QCA::KeyStoreEntry keyStoreEntry;
+
+ KeyStoreItem(Type type, KeyStoreItemShared *shared) :
+ _type(type),
+ _shared(shared)
+ {
+ setFlags(Qt::ItemIsEnabled | Qt::ItemIsSelectable);
+ }
+
+ void setStore(const QString &name, QCA::KeyStore::Type type)
+ {
+ setData(name, NameRole);
+ setData((int)type, SubTypeRole);
+ }
+
+ void setEntry(const QString &name, QCA::KeyStoreEntry::Type type, bool available, int pos)
+ {
+ setData(name, NameRole);
+ setData((int)type, SubTypeRole);
+ setData(available, AvailabilityRole);
+ setData(pos, PositionRole);
+ }
+
+ virtual QVariant data(int role) const
+ {
+ if(role == Qt::DisplayRole)
+ {
+ if(_type == Store)
+ {
+ return data(NameRole).toString();
+ }
+ else if(_type == Entry)
+ {
+ QString str = data(NameRole).toString();
+ if(_shared && !data(AvailabilityRole).toBool())
+ str += QString(" ") + _shared->notAvailableString;
+ return str;
+ }
+ else
+ return QStandardItem::data(role);
+ }
+ else if(role == Qt::DecorationRole)
+ {
+ if(_type == Entry)
+ {
+ QCA::KeyStoreEntry::Type type = (QCA::KeyStoreEntry::Type)data(SubTypeRole).toInt();
+ return entryTypeToIcon(type);
+ }
+ else
+ return QStandardItem::data(role);
+ }
+ else
+ return QStandardItem::data(role);
+ }
+
+ virtual int type() const
+ {
+ return _type;
+ }
+
+ virtual QStandardItem *clone() const
+ {
+ return new KeyStoreItem(*this);
+ }
+};
+
+class KeyStoreModel : public QStandardItemModel
+{
+ Q_OBJECT
+public:
+ KeyStoreItemShared shared;
+
+ QCA::KeyStoreManager ksm;
+
+ KeyStoreModel(QObject *parent = 0) :
+ QStandardItemModel(parent), ksm(this)
+ {
+ shared.notAvailableString = tr("(not available)");
+
+ // make sure keystores are started
+ QCA::KeyStoreManager::start();
+
+ connect(&ksm, SIGNAL(keyStoreAvailable(const QString &)), SLOT(ks_available(const QString &)));
+ QStringList list = ksm.keyStores();
+ foreach(const QString &s, list)
+ ks_available(s);
+
+ setSortRole(KeyStoreItem::PositionRole);
+ }
+
+ KeyStoreItem *itemFromStore(QCA::KeyStore *ks) const
+ {
+ for(int n = 0; n < rowCount(); ++n)
+ {
+ KeyStoreItem *i = (KeyStoreItem *)item(n);
+ if(i->keyStore == ks)
+ return i;
+ }
+ return 0;
+ }
+
+private slots:
+ void ks_available(const QString &keyStoreId)
+ {
+ QCA::KeyStore *ks = new QCA::KeyStore(keyStoreId, &ksm);
+
+#ifdef ONLY_SHOW_KEYBUNDLE
+ // only list stores containing keybundles (non-pgp identities)
+ if(!ks->holdsIdentities() || ks->type() == QCA::KeyStore::PGPKeyring)
+ return;
+#endif
+
+ connect(ks, SIGNAL(updated()), SLOT(ks_updated()));
+ connect(ks, SIGNAL(unavailable()), SLOT(ks_unavailable()));
+
+ KeyStoreItem *store_item = new KeyStoreItem(KeyStoreItem::Store, &shared);
+ store_item->setStore(ks->name(), ks->type());
+ store_item->keyStore = ks;
+ ks->startAsynchronousMode();
+ appendRow(store_item);
+ }
+
+ void ks_updated()
+ {
+ QCA::KeyStore *ks = (QCA::KeyStore *)sender();
+ KeyStoreItem *store_item = itemFromStore(ks);
+ Q_ASSERT(store_item);
+
+ QList<QCA::KeyStoreEntry> newEntries = ks->entryList();
+
+#ifdef ONLY_SHOW_KEYBUNDLE
+ // ignore entries that are not keybundles
+ for(int n = 0; n < newEntries.count(); ++n)
+ {
+ if(newEntries[n].type() != QCA::KeyStoreEntry::TypeKeyBundle)
+ {
+ newEntries.removeAt(n);
+ --n; // adjust position
+ }
+ }
+#endif
+
+ // update the store item itself
+ store_item->setStore(ks->name(), ks->type());
+
+ // handle removed child entries
+ for(int n = 0; n < store_item->rowCount(); ++n)
+ {
+ KeyStoreItem *i = (KeyStoreItem *)store_item->child(n);
+
+ // is the existing entry in the new list?
+ bool found = false;
+ foreach(const QCA::KeyStoreEntry &ne, newEntries)
+ {
+ if(ne.id() == i->keyStoreEntry.id())
+ {
+ found = true;
+ break;
+ }
+ }
+
+ // if not, remove it
+ if(!found)
+ {
+ store_item->removeRow(n);
+ --n; // adjust position
+ }
+ }
+
+ // handle added/updated child entries
+ for(int n = 0; n < newEntries.count(); ++n)
+ {
+ const QCA::KeyStoreEntry &ne = newEntries[n];
+
+ // was this entry in the original list?
+ KeyStoreItem *entry_item = 0;
+ for(int k = 0; k < store_item->rowCount(); ++k)
+ {
+ KeyStoreItem *i = (KeyStoreItem *)store_item->child(k);
+ if(i->keyStoreEntry.id() == ne.id())
+ {
+ entry_item = i;
+ break;
+ }
+ }
+
+ // if not, add it
+ if(!entry_item)
+ {
+ entry_item = new KeyStoreItem(KeyStoreItem::Entry, &shared);
+ entry_item->keyStoreEntry = ne;
+ entry_item->setEntry(newEntries[n].name(), newEntries[n].type(), newEntries[n].isAvailable(), n);
+ store_item->appendRow(entry_item);
+ }
+ // if so, update it
+ else
+ {
+ entry_item->keyStoreEntry = ne;
+ entry_item->setEntry(newEntries[n].name(), newEntries[n].type(), newEntries[n].isAvailable(), n);
+ }
+ }
+
+ store_item->sortChildren(0);
+ }
+
+ void ks_unavailable()
+ {
+ QCA::KeyStore *ks = (QCA::KeyStore *)sender();
+ KeyStoreItem *store_item = itemFromStore(ks);
+ Q_ASSERT(store_item);
+
+ store_item->removeRows(0, store_item->rowCount());
+ removeRow(store_item->row());
+ delete ks;
+ }
+};
+
+class KeySelectDlg::Private : public QObject
+{
+ Q_OBJECT
+public:
+ KeySelectDlg *q;
+ Ui_KeySelect ui;
+ KeyStoreModel *model;
+ QCA::KeyStoreEntry cur_entry;
+ QAction *actionView;
+
+ Private(KeySelectDlg *_q) :
+ QObject(_q),
+ q(_q)
+ {
+ ui.setupUi(q);
+
+ model = new KeyStoreModel(this);
+ connect(&model->ksm, SIGNAL(busyStarted()), SLOT(ksm_busyStarted()));
+ connect(&model->ksm, SIGNAL(busyFinished()), SLOT(ksm_busyFinished()));
+ if(model->ksm.isBusy())
+ ksm_busyStarted();
+
+ ui.lv_stores->header()->hide();
+ ui.buttonBox->button(QDialogButtonBox::Ok)->setEnabled(false);
+ ui.lv_stores->setModel(model);
+ ui.lv_stores->setContextMenuPolicy(Qt::CustomContextMenu);
+ connect(ui.lv_stores->selectionModel(), SIGNAL(selectionChanged(const QItemSelection &, const QItemSelection &)), SLOT(stores_selectionChanged(const QItemSelection &, const QItemSelection &)));
+ connect(ui.lv_stores, SIGNAL(customContextMenuRequested(const QPoint &)), SLOT(stores_customContextMenuRequested(const QPoint &)));
+
+ actionView = new QAction(tr("&View"), this);
+ connect(actionView, SIGNAL(triggered()), SLOT(view()));
+ actionView->setEnabled(false);
+ }
+
+private slots:
+ void ksm_busyStarted()
+ {
+ ui.lb_busy->setText(tr("Looking for devices..."));
+ }
+
+ void ksm_busyFinished()
+ {
+ ui.lb_busy->setText("");
+ }
+
+ void stores_selectionChanged(const QItemSelection &selected, const QItemSelection &deselected)
+ {
+ Q_UNUSED(deselected);
+
+ KeyStoreItem *i = 0;
+ if(!selected.indexes().isEmpty())
+ {
+ QModelIndex index = selected.indexes().first();
+ i = (KeyStoreItem *)model->itemFromIndex(index);
+ }
+
+ bool viewable = false;
+ bool choosable = false;
+ if(i && i->type() == KeyStoreItem::Entry)
+ {
+ QCA::KeyStoreEntry entry = i->keyStoreEntry;
+ if(entry.type() == QCA::KeyStoreEntry::TypeKeyBundle)
+ {
+ viewable = true;
+ choosable = true;
+ cur_entry = entry;
+ }
+ }
+
+ if(!choosable)
+ cur_entry = QCA::KeyStoreEntry();
+
+ actionView->setEnabled(viewable);
+
+ QPushButton *ok = ui.buttonBox->button(QDialogButtonBox::Ok);
+ if(choosable && !ok->isEnabled())
+ ok->setEnabled(true);
+ else if(!choosable && ok->isEnabled())
+ ok->setEnabled(false);
+ }
+
+ void stores_customContextMenuRequested(const QPoint &pos)
+ {
+ QItemSelection selection = ui.lv_stores->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+
+ QModelIndex index = selection.indexes().first();
+ KeyStoreItem *i = (KeyStoreItem *)model->itemFromIndex(index);
+ if(i && i->type() == KeyStoreItem::Entry)
+ {
+ QMenu menu(q);
+ menu.addAction(actionView);
+ menu.exec(ui.lv_stores->viewport()->mapToGlobal(pos));
+ }
+ }
+
+ void view()
+ {
+ emit q->viewCertificate(cur_entry.keyBundle().certificateChain());
+ }
+};
+
+KeySelectDlg::KeySelectDlg(QWidget *parent) :
+ QDialog(parent)
+{
+ d = new Private(this);
+}
+
+KeySelectDlg::~KeySelectDlg()
+{
+ delete d;
+}
+
+void KeySelectDlg::setIcon(IconType type, const QPixmap &icon)
+{
+ d->model->shared.iconset[type] = icon;
+}
+
+void KeySelectDlg::accept()
+{
+ QCA::KeyStoreEntry entry = d->cur_entry;
+ QDialog::accept();
+ emit selected(entry);
+}
+
+#include "keyselectdlg.moc"
diff --git a/examples/cmssigner/keyselectdlg.h b/examples/cmssigner/keyselectdlg.h
new file mode 100644
index 0000000..72abf79
--- /dev/null
+++ b/examples/cmssigner/keyselectdlg.h
@@ -0,0 +1,66 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#ifndef KEYSELECTDLG_H
+#define KEYSELECTDLG_H
+
+#include <QDialog>
+
+class QPixmap;
+
+namespace QCA
+{
+ class CertificateChain;
+ class KeyStoreEntry;
+}
+
+class KeySelectDlg : public QDialog
+{
+ Q_OBJECT
+public:
+ enum IconType
+ {
+ IconCert,
+ IconCrl,
+ IconKeyBundle,
+ IconPgpPub,
+ IconPgpSec
+ };
+
+ KeySelectDlg(QWidget *parent = 0);
+ ~KeySelectDlg();
+
+ void setIcon(IconType type, const QPixmap &icon);
+
+signals:
+ void selected(const QCA::KeyStoreEntry &entry);
+ void viewCertificate(const QCA::CertificateChain &chain);
+
+protected slots:
+ virtual void accept();
+
+private:
+ class Private;
+ friend class Private;
+ Private *d;
+};
+
+#endif
diff --git a/examples/cmssigner/main.cpp b/examples/cmssigner/main.cpp
new file mode 100644
index 0000000..9b23326
--- /dev/null
+++ b/examples/cmssigner/main.cpp
@@ -0,0 +1,954 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#include <QtCore>
+#include <QtGui>
+#include <QtCrypto>
+
+#include "ui_mainwin.h"
+#include "certviewdlg.h"
+#include "keyselectdlg.h"
+#include "pkcs11configdlg/pkcs11configdlg.h"
+#include "certitem.h"
+
+#define VERSION "1.0.0"
+
+class Icons
+{
+public:
+ QPixmap cert, crl, keybundle, pgppub, pgpsec;
+};
+
+Icons *g_icons = 0;
+
+//----------------------------------------------------------------------------
+// Operation
+//----------------------------------------------------------------------------
+class Operation : public QObject
+{
+ Q_OBJECT
+public:
+ Operation(QObject *parent = 0) :
+ QObject(parent)
+ {
+ }
+
+signals:
+ void error(const QString &str);
+};
+
+static QString validityToString(QCA::Validity v)
+{
+ QString s;
+ switch(v)
+ {
+ case QCA::ValidityGood:
+ s = Operation::tr("Validated");
+ break;
+ case QCA::ErrorRejected:
+ s = Operation::tr("Root CA is marked to reject the specified purpose");
+ break;
+ case QCA::ErrorUntrusted:
+ s = Operation::tr("Certificate not trusted for the required purpose");
+ break;
+ case QCA::ErrorSignatureFailed:
+ s = Operation::tr("Invalid signature");
+ break;
+ case QCA::ErrorInvalidCA:
+ s = Operation::tr("Invalid CA certificate");
+ break;
+ case QCA::ErrorInvalidPurpose:
+ s = Operation::tr("Invalid certificate purpose");
+ break;
+ case QCA::ErrorSelfSigned:
+ s = Operation::tr("Certificate is self-signed");
+ break;
+ case QCA::ErrorRevoked:
+ s = Operation::tr("Certificate has been revoked");
+ break;
+ case QCA::ErrorPathLengthExceeded:
+ s = Operation::tr("Maximum certificate chain length exceeded");
+ break;
+ case QCA::ErrorExpired:
+ s = Operation::tr("Certificate has expired");
+ break;
+ case QCA::ErrorExpiredCA:
+ s = Operation::tr("CA has expired");
+ break;
+ case QCA::ErrorValidityUnknown:
+ default:
+ s = Operation::tr("General certificate validation error");
+ break;
+ }
+ return s;
+}
+
+static QString smErrorToString(QCA::SecureMessage::Error e)
+{
+ QString s;
+ switch(e)
+ {
+ case QCA::SecureMessage::ErrorPassphrase:
+ s = Operation::tr("Invalid passphrase.");
+ break;
+ case QCA::SecureMessage::ErrorFormat:
+ s = Operation::tr("Bad input format.");
+ break;
+ case QCA::SecureMessage::ErrorSignerExpired:
+ s = Operation::tr("Signer key is expired.");
+ break;
+ case QCA::SecureMessage::ErrorSignerInvalid:
+ s = Operation::tr("Signer key is invalid.");
+ break;
+ case QCA::SecureMessage::ErrorEncryptExpired:
+ s = Operation::tr("Encrypting key is expired.");
+ break;
+ case QCA::SecureMessage::ErrorEncryptUntrusted:
+ s = Operation::tr("Encrypting key is untrusted.");
+ break;
+ case QCA::SecureMessage::ErrorEncryptInvalid:
+ s = Operation::tr("Encrypting key is invalid.");
+ break;
+ case QCA::SecureMessage::ErrorNeedCard:
+ s = Operation::tr("Card was needed but not found.");
+ break;
+ case QCA::SecureMessage::ErrorCertKeyMismatch:
+ s = Operation::tr("Certificate and private key don't match.");
+ break;
+ case QCA::SecureMessage::ErrorUnknown:
+ default:
+ s = Operation::tr("General error.");
+ break;
+ }
+ return s;
+}
+
+static QString smsIdentityToString(const QCA::SecureMessageSignature &sig)
+{
+ QString s;
+ switch(sig.identityResult())
+ {
+ case QCA::SecureMessageSignature::Valid:
+ break;
+ case QCA::SecureMessageSignature::InvalidSignature:
+ s = Operation::tr("Invalid signature");
+ break;
+ case QCA::SecureMessageSignature::InvalidKey:
+ s = Operation::tr("Invalid key: %1").arg(validityToString(sig.keyValidity()));
+ break;
+ case QCA::SecureMessageSignature::NoKey:
+ s = Operation::tr("Key not found");
+ break;
+ default: // this should not really be possible
+ s = Operation::tr("Unknown");
+ break;
+ }
+ return s;
+}
+
+class SignOperation : public Operation
+{
+ Q_OBJECT
+private:
+ QByteArray in;
+ CertItemStore *store;
+ int id;
+ QCA::CMS *cms;
+ CertItemPrivateLoader *loader;
+ QCA::SecureMessage *msg;
+ int pending;
+
+public:
+ SignOperation(const QByteArray &_in, CertItemStore *_store, int _id, QCA::CMS *_cms, QObject *parent = 0) :
+ Operation(parent),
+ in(_in),
+ store(_store),
+ id(_id),
+ cms(_cms),
+ msg(0)
+ {
+ loader = new CertItemPrivateLoader(store, this);
+ connect(loader, SIGNAL(finished()), SLOT(loader_finished()));
+ loader->start(id);
+ }
+
+signals:
+ void loadError();
+ void finished(const QString &sig);
+
+private slots:
+ void loader_finished()
+ {
+ QCA::PrivateKey privateKey = loader->privateKey();
+ delete loader;
+ loader = 0;
+
+ if(privateKey.isNull())
+ {
+ emit loadError();
+ return;
+ }
+
+ CertItem item = store->itemFromId(id);
+
+ QCA::SecureMessageKey signer;
+ signer.setX509CertificateChain(item.certificateChain());
+ signer.setX509PrivateKey(privateKey);
+
+ msg = new QCA::SecureMessage(cms);
+ connect(msg, SIGNAL(bytesWritten(int)), SLOT(msg_bytesWritten(int)));
+ connect(msg, SIGNAL(finished()), SLOT(msg_finished()));
+ msg->setFormat(QCA::SecureMessage::Ascii);
+ msg->setSigner(signer);
+ msg->startSign(QCA::SecureMessage::Detached);
+
+ pending = 0;
+ update();
+ }
+
+ void update()
+ {
+ QByteArray buf = in.mid(0, 16384 - pending); // 16k chunks
+ in = in.mid(buf.size());
+ pending += buf.size();
+ msg->update(buf);
+ }
+
+ void msg_bytesWritten(int x)
+ {
+ pending -= x;
+
+ if(in.isEmpty() && pending == 0)
+ msg->end();
+ else
+ update();
+ }
+
+ void msg_finished()
+ {
+ if(!msg->success())
+ {
+ QString str = smErrorToString(msg->errorCode());
+ delete msg;
+ msg = 0;
+ emit error(tr("Error during sign operation.\nReason: %1").arg(str));
+ return;
+ }
+
+ QByteArray result = msg->signature();
+ delete msg;
+ msg = 0;
+ emit finished(QString::fromLatin1(result));
+ }
+};
+
+class VerifyOperation : public Operation
+{
+ Q_OBJECT
+private:
+ QByteArray in, sig;
+ QCA::CMS *cms;
+ QCA::SecureMessage *msg;
+ int pending;
+
+public:
+ QCA::SecureMessageSignature signer;
+
+ VerifyOperation(const QByteArray &_in, const QByteArray &_sig, QCA::CMS *_cms, QObject *parent = 0) :
+ Operation(parent),
+ in(_in),
+ sig(_sig),
+ cms(_cms),
+ msg(0)
+ {
+ msg = new QCA::SecureMessage(cms);
+ connect(msg, SIGNAL(bytesWritten(int)), SLOT(msg_bytesWritten(int)));
+ connect(msg, SIGNAL(finished()), SLOT(msg_finished()));
+ msg->setFormat(QCA::SecureMessage::Ascii);
+ msg->startVerify(sig);
+
+ pending = 0;
+ update();
+ }
+
+signals:
+ void finished();
+
+private slots:
+ void update()
+ {
+ QByteArray buf = in.mid(0, 16384 - pending); // 16k chunks
+ in = in.mid(buf.size());
+ pending += buf.size();
+ msg->update(buf);
+ }
+
+ void msg_bytesWritten(int x)
+ {
+ pending -= x;
+
+ if(in.isEmpty() && pending == 0)
+ msg->end();
+ else
+ update();
+ }
+
+ void msg_finished()
+ {
+ if(!msg->success())
+ {
+ QString str = smErrorToString(msg->errorCode());
+ delete msg;
+ msg = 0;
+ emit error(tr("Error during verify operation.\nReason: %1").arg(str));
+ return;
+ }
+
+ signer = msg->signer();
+ delete msg;
+ msg = 0;
+
+ if(signer.identityResult() != QCA::SecureMessageSignature::Valid)
+ {
+ QString str = smsIdentityToString(signer);
+ emit error(tr("Verification failed!\nReason: %1").arg(str));
+ return;
+ }
+
+ emit finished();
+ }
+};
+
+//----------------------------------------------------------------------------
+// MainWin
+//----------------------------------------------------------------------------
+static QString get_fingerprint(const QCA::Certificate &cert)
+{
+ QString hex = QCA::Hash("sha1").hashToString(cert.toDER());
+ QString out;
+ for(int n = 0; n < hex.count(); ++n)
+ {
+ if(n != 0 && n % 2 == 0)
+ out += ':';
+ out += hex[n];
+ }
+ return out;
+}
+
+class MainWin : public QMainWindow
+{
+ Q_OBJECT
+private:
+ Ui_MainWin ui;
+ CertItemStore *users, *roots;
+ QCA::CMS *cms;
+ Operation *op;
+ QAction *actionView, *actionRename, *actionRemove;
+ QCA::Certificate self_signed_verify_cert;
+ int auto_import_req_id;
+
+public:
+ MainWin(QWidget *parent = 0) :
+ QMainWindow(parent),
+ op(0),
+ auto_import_req_id(-1)
+ {
+ ui.setupUi(this);
+
+ g_icons = new Icons;
+ g_icons->cert = QPixmap(":/gfx/icons/cert16.png");
+ g_icons->crl = QPixmap(":/gfx/icons/crl16.png");
+ g_icons->keybundle = QPixmap(":/gfx/icons/keybundle16.png");
+ g_icons->pgppub = QPixmap(":/gfx/icons/publickey16.png");
+ g_icons->pgpsec = QPixmap(":/gfx/icons/keypair16.png");
+ if(g_icons->cert.isNull() || g_icons->crl.isNull() || g_icons->keybundle.isNull() || g_icons->pgppub.isNull() || g_icons->pgpsec.isNull())
+ printf("Warning: not all icons loaded\n");
+
+ users = new CertItemStore(this);
+ roots = new CertItemStore(this);
+
+ setIcons(users);
+ setIcons(roots);
+
+ connect(users, SIGNAL(addSuccess(int, int)), SLOT(users_addSuccess(int, int)));
+ connect(users, SIGNAL(addFailed(int)), SLOT(users_addFailed(int)));
+
+ actionView = new QAction(tr("&View"), this);
+ actionRename = new QAction(tr("Re&name"), this);
+ actionRemove = new QAction(tr("Rem&ove"), this);
+
+ connect(ui.actionLoadIdentityFile, SIGNAL(triggered()), SLOT(load_file()));
+ connect(ui.actionLoadIdentityEntry, SIGNAL(triggered()), SLOT(load_device()));
+ connect(ui.actionLoadAuthority, SIGNAL(triggered()), SLOT(load_root()));
+ connect(ui.actionConfigurePkcs11, SIGNAL(triggered()), SLOT(mod_config()));
+ connect(ui.actionQuit, SIGNAL(triggered()), SLOT(close()));
+ connect(ui.actionAbout, SIGNAL(triggered()), SLOT(about()));
+ connect(ui.pb_sign, SIGNAL(clicked()), SLOT(do_sign()));
+ connect(ui.pb_verify, SIGNAL(clicked()), SLOT(do_verify()));
+
+ connect(actionView, SIGNAL(triggered()), SLOT(item_view()));
+ connect(actionRename, SIGNAL(triggered()), SLOT(item_rename()));
+ connect(actionRemove, SIGNAL(triggered()), SLOT(item_remove()));
+
+ ui.pb_sign->setEnabled(false);
+
+ ui.lv_users->setModel(users);
+ connect(ui.lv_users->selectionModel(), SIGNAL(selectionChanged(const QItemSelection &, const QItemSelection &)), SLOT(users_selectionChanged(const QItemSelection &, const QItemSelection &)));
+
+ ui.lv_users->setContextMenuPolicy(Qt::CustomContextMenu);
+ connect(ui.lv_users, SIGNAL(customContextMenuRequested(const QPoint &)), SLOT(users_customContextMenuRequested(const QPoint &)));
+
+ ui.lv_authorities->setModel(roots);
+
+ ui.lv_authorities->setContextMenuPolicy(Qt::CustomContextMenu);
+ connect(ui.lv_authorities, SIGNAL(customContextMenuRequested(const QPoint &)), SLOT(roots_customContextMenuRequested(const QPoint &)));
+
+ cms = new QCA::CMS(this);
+
+ QStringList ulist, rlist;
+ {
+ QSettings settings("Affinix", "CMS Signer");
+ ulist = settings.value("users").toStringList();
+ rlist = settings.value("roots").toStringList();
+ }
+
+ users->load(ulist);
+ roots->load(rlist);
+ }
+
+ ~MainWin()
+ {
+ QStringList ulist = users->save();
+ QStringList rlist = roots->save();
+
+ QSettings settings("Affinix", "CMS Signer");
+ settings.setValue("users", ulist);
+ settings.setValue("roots", rlist);
+
+ delete g_icons;
+ g_icons = 0;
+ }
+
+ void setIcons(CertItemStore *store)
+ {
+ store->setIcon(CertItemStore::IconCert, g_icons->cert);
+ store->setIcon(CertItemStore::IconCrl, g_icons->crl);
+ store->setIcon(CertItemStore::IconKeyBundle, g_icons->keybundle);
+ store->setIcon(CertItemStore::IconPgpPub, g_icons->pgppub);
+ store->setIcon(CertItemStore::IconPgpSec, g_icons->pgpsec);
+ }
+
+ QCA::CertificateCollection allCerts()
+ {
+ QCA::CertificateCollection col;
+
+ // system store
+ col += QCA::systemStore();
+
+ // additional roots configured in application
+ foreach(const CertItem &i, roots->items())
+ col.addCertificate(i.certificateChain().primary());
+
+ // user chains
+ foreach(const CertItem &i, users->items())
+ {
+ foreach(const QCA::Certificate &cert, i.certificateChain())
+ col.addCertificate(cert);
+ }
+
+ return col;
+ }
+
+ QCA::CertificateChain complete(const QCA::CertificateChain &chain)
+ {
+ return chain.complete(allCerts().certificates());
+ }
+
+private slots:
+ void load_file()
+ {
+ QString fileName = QFileDialog::getOpenFileName(this, tr("Open File"), QString(), tr("X.509 Identities (*.p12 *.pfx)"));
+ if(fileName.isEmpty())
+ return;
+
+ setEnabled(false);
+ users->addFromFile(fileName);
+ }
+
+ void load_device()
+ {
+ KeySelectDlg *w = new KeySelectDlg(this);
+ w->setAttribute(Qt::WA_DeleteOnClose, true);
+ w->setWindowModality(Qt::WindowModal);
+ connect(w, SIGNAL(selected(const QCA::KeyStoreEntry &)), SLOT(load_device_finished(const QCA::KeyStoreEntry &)));
+ connect(w, SIGNAL(viewCertificate(const QCA::CertificateChain &)), SLOT(keyselect_viewCertificate(const QCA::CertificateChain &)));
+ w->setIcon(KeySelectDlg::IconCert, g_icons->cert);
+ w->setIcon(KeySelectDlg::IconCrl, g_icons->crl);
+ w->setIcon(KeySelectDlg::IconKeyBundle, g_icons->keybundle);
+ w->setIcon(KeySelectDlg::IconPgpPub, g_icons->pgppub);
+ w->setIcon(KeySelectDlg::IconPgpSec, g_icons->pgpsec);
+ w->show();
+ }
+
+ void load_device_finished(const QCA::KeyStoreEntry &entry)
+ {
+ users->addFromKeyStore(entry);
+ }
+
+ void load_root()
+ {
+ QString fileName = QFileDialog::getOpenFileName(this, tr("Open File"), QString(), tr("X.509 Certificates (*.pem *.crt)"));
+ if(fileName.isEmpty())
+ return;
+
+ QCA::Certificate cert = QCA::Certificate::fromPEMFile(fileName);
+ if(cert.isNull())
+ {
+ QMessageBox::information(this, tr("Error"), tr("Error opening certificate file."));
+ return;
+ }
+
+ roots->addUser(cert);
+ }
+
+ void users_addSuccess(int req_id, int id)
+ {
+ if(req_id == auto_import_req_id)
+ {
+ auto_import_req_id = -1;
+
+ CertItem i = users->itemFromId(id);
+
+ QMessageBox::information(this, tr("User added"), tr(
+ "This signature was made by a previously unknown user, and so the "
+ "user has now been added to the keyring as \"%1\"."
+ ).arg(i.name()));
+
+ verify_next();
+ return;
+ }
+
+ ui.lv_users->selectionModel()->select(users->index(users->rowFromId(id)), QItemSelectionModel::Clear | QItemSelectionModel::Select | QItemSelectionModel::Current);
+
+ setEnabled(true);
+ }
+
+ void users_addFailed(int req_id)
+ {
+ Q_UNUSED(req_id);
+
+ setEnabled(true);
+ }
+
+ void mod_config()
+ {
+ if(!Pkcs11ConfigDlg::isSupported())
+ {
+ QMessageBox::information(this, tr("Error"), tr("No provider available supporting standard PKCS#11 configuration."));
+ return;
+ }
+
+ Pkcs11ConfigDlg *w = new Pkcs11ConfigDlg(this);
+ w->setAttribute(Qt::WA_DeleteOnClose, true);
+ w->setWindowModality(Qt::WindowModal);
+ w->show();
+ }
+
+ void users_selectionChanged(const QItemSelection &selected, const QItemSelection &deselected)
+ {
+ Q_UNUSED(deselected);
+
+ int at = -1;
+ if(!selected.indexes().isEmpty())
+ {
+ QModelIndex index = selected.indexes().first();
+ at = index.row();
+ }
+
+ bool usable = false;
+ if(at != -1 && users->itemFromRow(at).isUsable())
+ usable = true;
+
+ if(usable && !ui.pb_sign->isEnabled())
+ ui.pb_sign->setEnabled(true);
+ else if(!usable && ui.pb_sign->isEnabled())
+ ui.pb_sign->setEnabled(false);
+ }
+
+ void item_view()
+ {
+ if(ui.lv_users->hasFocus())
+ {
+ QItemSelection selection = ui.lv_users->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ users_view(index.row());
+ }
+ else // lv_authorities
+ {
+ QItemSelection selection = ui.lv_authorities->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ roots_view(index.row());
+ }
+ }
+
+ void item_rename()
+ {
+ if(ui.lv_users->hasFocus())
+ {
+ QItemSelection selection = ui.lv_users->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ users_rename(index.row());
+ }
+ else // lv_authorities
+ {
+ QItemSelection selection = ui.lv_authorities->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ roots_rename(index.row());
+ }
+ }
+
+ void item_remove()
+ {
+ if(ui.lv_users->hasFocus())
+ {
+ QItemSelection selection = ui.lv_users->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ users_remove(index.row());
+ }
+ else // lv_authorities
+ {
+ QItemSelection selection = ui.lv_authorities->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ roots_remove(index.row());
+ }
+ }
+
+ void users_view(int at)
+ {
+ CertItem i = users->itemFromRow(at);
+ CertViewDlg *w = new CertViewDlg(complete(i.certificateChain()), this);
+ w->setAttribute(Qt::WA_DeleteOnClose, true);
+ w->show();
+ }
+
+ void users_rename(int at)
+ {
+ QModelIndex index = users->index(at);
+ ui.lv_users->setFocus();
+ ui.lv_users->setCurrentIndex(index);
+ ui.lv_users->selectionModel()->select(index, QItemSelectionModel::Clear | QItemSelectionModel::Select | QItemSelectionModel::Current);
+ ui.lv_users->edit(index);
+ }
+
+ void users_remove(int at)
+ {
+ users->removeItem(users->idFromRow(at));
+ }
+
+ void roots_view(int at)
+ {
+ CertItem i = roots->itemFromRow(at);
+ CertViewDlg *w = new CertViewDlg(complete(i.certificateChain()), this);
+ w->setAttribute(Qt::WA_DeleteOnClose, true);
+ w->show();
+ }
+
+ void roots_rename(int at)
+ {
+ QModelIndex index = roots->index(at);
+ ui.lv_authorities->setFocus();
+ ui.lv_authorities->setCurrentIndex(index);
+ ui.lv_authorities->selectionModel()->select(index, QItemSelectionModel::Clear | QItemSelectionModel::Select | QItemSelectionModel::Current);
+ ui.lv_authorities->edit(index);
+ }
+
+ void roots_remove(int at)
+ {
+ roots->removeItem(roots->idFromRow(at));
+ }
+
+ void keyselect_viewCertificate(const QCA::CertificateChain &chain)
+ {
+ CertViewDlg *w = new CertViewDlg(complete(chain), (QWidget *)sender());
+ w->setAttribute(Qt::WA_DeleteOnClose, true);
+ w->show();
+ }
+
+ void users_customContextMenuRequested(const QPoint &pos)
+ {
+ QItemSelection selection = ui.lv_users->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+
+ QMenu menu(this);
+ menu.addAction(actionView);
+ menu.addAction(actionRename);
+ menu.addAction(actionRemove);
+ menu.exec(ui.lv_users->viewport()->mapToGlobal(pos));
+ }
+
+ void roots_customContextMenuRequested(const QPoint &pos)
+ {
+ QItemSelection selection = ui.lv_authorities->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+
+ QMenu menu(this);
+ menu.addAction(actionView);
+ menu.addAction(actionRename);
+ menu.addAction(actionRemove);
+ menu.exec(ui.lv_authorities->viewport()->mapToGlobal(pos));
+ }
+
+ void do_sign()
+ {
+ QItemSelection selection = ui.lv_users->selectionModel()->selection();
+ if(selection.indexes().isEmpty())
+ return;
+ QModelIndex index = selection.indexes().first();
+ int at = index.row();
+
+ setEnabled(false);
+
+ op = new SignOperation(ui.te_data->toPlainText().toUtf8(), users, users->idFromRow(at), cms, this);
+ connect(op, SIGNAL(loadError()), SLOT(sign_loadError()));
+ connect(op, SIGNAL(finished(const QString &)), SLOT(sign_finished(const QString &)));
+ connect(op, SIGNAL(error(const QString &)), SLOT(sign_error(const QString &)));
+ }
+
+ void do_verify()
+ {
+ // prepare root certs
+ QCA::CertificateCollection col;
+
+ // system store
+ col += QCA::systemStore();
+
+ // additional roots configured in application
+ foreach(const CertItem &i, roots->items())
+ col.addCertificate(i.certificateChain().primary());
+
+ // consider self-signed users as roots
+ // (it is therefore not possible with this application to
+ // have people in your keyring that you don't trust)
+ foreach(const CertItem &i, users->items())
+ {
+ QCA::Certificate cert = i.certificateChain().primary();
+ if(cert.isSelfSigned())
+ col.addCertificate(cert);
+ }
+
+ // the self signed verify cert, if applicable
+ if(!self_signed_verify_cert.isNull())
+ {
+ col.addCertificate(self_signed_verify_cert);
+ self_signed_verify_cert = QCA::Certificate();
+ }
+
+ cms->setTrustedCertificates(col);
+
+ setEnabled(false);
+
+ op = new VerifyOperation(ui.te_data->toPlainText().toUtf8(), ui.te_sig->toPlainText().toUtf8(), cms, this);
+ connect(op, SIGNAL(finished()), SLOT(verify_finished()));
+ connect(op, SIGNAL(error(const QString &)), SLOT(verify_error(const QString &)));
+ }
+
+ void about()
+ {
+ int ver = qcaVersion();
+ int maj = (ver >> 16) & 0xff;
+ int min = (ver >> 8) & 0xff;
+ int bug = ver & 0xff;
+ QString verstr;
+ verstr.sprintf("%d.%d.%d", maj, min, bug);
+
+ QString str;
+ str += tr("CMS Signer version %1 by Justin Karneges").arg(VERSION) + '\n';
+ str += tr("A simple tool for creating and verifying digital signatures.") + '\n';
+ str += '\n';
+ str += tr("Using QCA version %1").arg(verstr) + '\n';
+ str += '\n';
+ str += tr("Icons by Jason Kim") + '\n';
+
+ QCA::ProviderList list = QCA::providers();
+ foreach(QCA::Provider *p, list)
+ {
+ QString credit = p->credit();
+ if(!credit.isEmpty())
+ {
+ str += '\n';
+ str += credit;
+ }
+ }
+
+ QMessageBox::about(this, tr("About CMS Signer"), str);
+ }
+
+ void sign_loadError()
+ {
+ delete op;
+ op = 0;
+
+ setEnabled(true);
+ }
+
+ void sign_finished(const QString &sig)
+ {
+ delete op;
+ op = 0;
+
+ ui.te_sig->setPlainText(sig);
+
+ setEnabled(true);
+ }
+
+ void sign_error(const QString &msg)
+ {
+ delete op;
+ op = 0;
+
+ setEnabled(true);
+
+ QMessageBox::information(this, tr("Error"), msg);
+ }
+
+ void verify_finished()
+ {
+ QCA::SecureMessageSignature signer = ((VerifyOperation *)op)->signer;
+ delete op;
+ op = 0;
+
+ // import the cert?
+ QCA::SecureMessageKey skey = signer.key();
+ if(!skey.isNull())
+ {
+ QCA::CertificateChain chain = skey.x509CertificateChain();
+
+ int at = -1;
+ QList<CertItem> items = users->items();
+ for(int n = 0; n < items.count(); ++n)
+ {
+ const CertItem &i = items[n];
+ if(i.certificateChain().primary() == chain.primary())
+ {
+ at = n;
+ break;
+ }
+ }
+
+ // add
+ if(at == -1)
+ {
+ auto_import_req_id = users->addUser(chain);
+ return;
+ }
+ // update
+ else
+ {
+ users->updateChain(users->idFromRow(at), chain);
+ }
+ }
+
+ verify_next();
+ }
+
+ void verify_next()
+ {
+ setEnabled(true);
+
+ QMessageBox::information(this, tr("Verify"), tr("Signature verified successfully."));
+ }
+
+ void verify_error(const QString &msg)
+ {
+ QCA::SecureMessageSignature signer = ((VerifyOperation *)op)->signer;
+ delete op;
+ op = 0;
+
+ QCA::SecureMessageKey skey = signer.key();
+ if(signer.keyValidity() == QCA::ErrorSelfSigned && !skey.isNull())
+ {
+ QCA::CertificateChain chain = skey.x509CertificateChain();
+ if(chain.count() == 1 && chain.primary().isSelfSigned())
+ {
+ QCA::Certificate cert = chain.primary();
+
+ int ret = QMessageBox::warning(this, tr("Self-signed certificate"), tr(
+ "<qt>The signature is made by an unknown user, and the certificate is self-signed.<br>\n"
+ "<br>\n"
+ "<nobr>Common Name: %1</nobr><br>\n"
+ "<nobr>SHA1 Fingerprint: %2</nobr><br>\n"
+ "<br>\n"
+ "Trust the certificate?</qt>"
+ ).arg(cert.commonName(), get_fingerprint(cert)),
+ QMessageBox::Yes | QMessageBox::No,
+ QMessageBox::No);
+
+ if(ret == QMessageBox::Yes)
+ {
+ self_signed_verify_cert = cert;
+ do_verify();
+ return;
+ }
+ }
+ }
+
+ setEnabled(true);
+
+ QMessageBox::information(this, tr("Error"), msg);
+ }
+};
+
+int main(int argc, char **argv)
+{
+ QCA::Initializer qcaInit;
+ QApplication qapp(argc, argv);
+
+ qapp.setApplicationName(MainWin::tr("CMS Signer"));
+
+ if(!QCA::isSupported("cert,crl,cms"))
+ {
+ QMessageBox::critical(0, qapp.applicationName() + ": " + MainWin::tr("Error"),
+ MainWin::tr("No support for CMS is available. Please install an appropriate QCA plugin, such as qca-ossl."));
+ return 1;
+ }
+
+ QCA::KeyStoreManager::start();
+
+ MainWin mainWin;
+ mainWin.show();
+ return qapp.exec();
+}
+
+#include "main.moc"
diff --git a/examples/cmssigner/mainwin.ui b/examples/cmssigner/mainwin.ui
new file mode 100644
index 0000000..36dce9d
--- /dev/null
+++ b/examples/cmssigner/mainwin.ui
@@ -0,0 +1,226 @@
+<ui version="4.0" >
+ <class>MainWin</class>
+ <widget class="QMainWindow" name="MainWin" >
+ <property name="geometry" >
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>577</width>
+ <height>501</height>
+ </rect>
+ </property>
+ <property name="windowTitle" >
+ <string>CMS Signer</string>
+ </property>
+ <widget class="QWidget" name="centralwidget" >
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QTabWidget" name="tabWidget" >
+ <property name="currentIndex" >
+ <number>0</number>
+ </property>
+ <widget class="QWidget" name="tab" >
+ <attribute name="title" >
+ <string>Keyring</string>
+ </attribute>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QListView" name="lv_users" />
+ </item>
+ </layout>
+ </widget>
+ <widget class="QWidget" name="tab_2" >
+ <attribute name="title" >
+ <string>Authorities</string>
+ </attribute>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QListView" name="lv_authorities" />
+ </item>
+ </layout>
+ </widget>
+ </widget>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="label_2" >
+ <property name="text" >
+ <string>Text:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QTextEdit" name="te_data" />
+ </item>
+ </layout>
+ </item>
+ <item>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="label_3" >
+ <property name="text" >
+ <string>Signature:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QTextEdit" name="te_sig" />
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ <item>
+ <widget class="QPushButton" name="pb_sign" >
+ <property name="text" >
+ <string>&amp;Sign</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QPushButton" name="pb_verify" >
+ <property name="text" >
+ <string>&amp;Verify</string>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </widget>
+ <widget class="QMenuBar" name="menubar" >
+ <property name="geometry" >
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>577</width>
+ <height>29</height>
+ </rect>
+ </property>
+ <widget class="QMenu" name="menuHelp" >
+ <property name="title" >
+ <string>&amp;Help</string>
+ </property>
+ <addaction name="actionAbout" />
+ </widget>
+ <widget class="QMenu" name="menuFile" >
+ <property name="title" >
+ <string>&amp;File</string>
+ </property>
+ <addaction name="actionLoadIdentityFile" />
+ <addaction name="actionLoadIdentityEntry" />
+ <addaction name="actionLoadAuthority" />
+ <addaction name="separator" />
+ <addaction name="actionConfigurePkcs11" />
+ <addaction name="separator" />
+ <addaction name="actionQuit" />
+ </widget>
+ <addaction name="menuFile" />
+ <addaction name="menuHelp" />
+ </widget>
+ <widget class="QStatusBar" name="statusbar" />
+ <action name="actionLoadIdentityFile" >
+ <property name="text" >
+ <string>Load Identity From &amp;File...</string>
+ </property>
+ </action>
+ <action name="actionLoadIdentityEntry" >
+ <property name="text" >
+ <string>Load Identity From &amp;Storage Device...</string>
+ </property>
+ </action>
+ <action name="actionQuit" >
+ <property name="text" >
+ <string>&amp;Quit</string>
+ </property>
+ </action>
+ <action name="actionAbout" >
+ <property name="text" >
+ <string>About CMS Signer</string>
+ </property>
+ </action>
+ <action name="actionConfigurePkcs11" >
+ <property name="text" >
+ <string>Configure &amp;PKCS#11 Modules...</string>
+ </property>
+ </action>
+ <action name="actionLoadAuthority" >
+ <property name="text" >
+ <string>Load &amp;Authority...</string>
+ </property>
+ </action>
+ </widget>
+ <tabstops>
+ <tabstop>tabWidget</tabstop>
+ <tabstop>lv_users</tabstop>
+ <tabstop>lv_authorities</tabstop>
+ <tabstop>te_data</tabstop>
+ <tabstop>te_sig</tabstop>
+ <tabstop>pb_sign</tabstop>
+ <tabstop>pb_verify</tabstop>
+ </tabstops>
+ <resources>
+ <include location="cmssigner.qrc" />
+ </resources>
+ <connections/>
+</ui>
diff --git a/examples/cmssigner/pkcs11configdlg/pkcs11config.ui b/examples/cmssigner/pkcs11configdlg/pkcs11config.ui
new file mode 100644
index 0000000..054062f
--- /dev/null
+++ b/examples/cmssigner/pkcs11configdlg/pkcs11config.ui
@@ -0,0 +1,624 @@
+<ui version="4.0" >
+ <class>Pkcs11Config</class>
+ <widget class="QDialog" name="Pkcs11Config" >
+ <property name="geometry" >
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>570</width>
+ <height>458</height>
+ </rect>
+ </property>
+ <property name="windowTitle" >
+ <string>PKCS#11 Module Configuration</string>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QGroupBox" name="gb_general" >
+ <property name="title" >
+ <string>General</string>
+ </property>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QCheckBox" name="ck_allowroot" >
+ <property name="text" >
+ <string>Allow Loading of Root CAs</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QCheckBox" name="ck_allowprotected" >
+ <property name="text" >
+ <string>Allow Protected Authentication</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="label_3" >
+ <property name="text" >
+ <string>Log Level:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QSpinBox" name="sb_loglevel" />
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </item>
+ <item>
+ <widget class="QGroupBox" name="gb_pincache" >
+ <property name="title" >
+ <string>Remember PIN</string>
+ </property>
+ <property name="checkable" >
+ <bool>true</bool>
+ </property>
+ <property name="checked" >
+ <bool>false</bool>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QRadioButton" name="rb_pincache_nolimit" >
+ <property name="text" >
+ <string>Until Session Ends</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QRadioButton" name="rb_pincache_time" >
+ <property name="text" >
+ <string>For a Time (in Seconds):</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QSpinBox" name="sb_pincache_time" >
+ <property name="maximum" >
+ <number>86400</number>
+ </property>
+ <property name="minimum" >
+ <number>1</number>
+ </property>
+ <property name="value" >
+ <number>300</number>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </widget>
+ </item>
+ </layout>
+ </widget>
+ </item>
+ <item>
+ <widget class="QGroupBox" name="gb_modules" >
+ <property name="title" >
+ <string>PKCS#11 Modules</string>
+ </property>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QListView" name="lv_modules" />
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QPushButton" name="pb_add" >
+ <property name="text" >
+ <string>&amp;New</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>20</width>
+ <height>40</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ <item>
+ <widget class="QPushButton" name="pb_remove" >
+ <property name="text" >
+ <string>Rem&amp;ove</string>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </item>
+ <item>
+ <widget class="QTabWidget" name="tb_details" >
+ <property name="currentIndex" >
+ <number>0</number>
+ </property>
+ <widget class="QWidget" name="tab" >
+ <attribute name="title" >
+ <string>File</string>
+ </attribute>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="lb_file" >
+ <property name="text" >
+ <string>Module File:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QLineEdit" name="le_library" />
+ </item>
+ </layout>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QPushButton" name="pb_browse" >
+ <property name="text" >
+ <string>Browse For Module File...</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Vertical</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>20</width>
+ <height>40</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </widget>
+ <widget class="QWidget" name="tab_2" >
+ <attribute name="title" >
+ <string>Slot Events</string>
+ </attribute>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QLabel" name="label" >
+ <property name="text" >
+ <string>Method:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QComboBox" name="cb_slotmethod" >
+ <item>
+ <property name="text" >
+ <string>Determine Automatically</string>
+ </property>
+ </item>
+ <item>
+ <property name="text" >
+ <string>Trigger</string>
+ </property>
+ </item>
+ <item>
+ <property name="text" >
+ <string>Polling</string>
+ </property>
+ </item>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </item>
+ <item>
+ <widget class="QGroupBox" name="gb_poll" >
+ <property name="title" >
+ <string>Polling Interval</string>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QRadioButton" name="rb_polldefault" >
+ <property name="text" >
+ <string>No Preference, Use Internal Default</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QRadioButton" name="rb_pollcustom" >
+ <property name="text" >
+ <string>Custom (in Seconds):</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QSpinBox" name="sb_pollcustom" >
+ <property name="maximum" >
+ <number>86400</number>
+ </property>
+ <property name="minimum" >
+ <number>1</number>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Vertical</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>20</width>
+ <height>40</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </widget>
+ <widget class="QWidget" name="tab_3" >
+ <attribute name="title" >
+ <string>Advanced</string>
+ </attribute>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QCheckBox" name="ck_modallowprotected" >
+ <property name="text" >
+ <string>Allow Protected Authentication</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QCheckBox" name="ck_certprivate" >
+ <property name="text" >
+ <string>Certificates Stored As Private Objects</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QGroupBox" name="gb_keymodes" >
+ <property name="title" >
+ <string>Private Key Modes</string>
+ </property>
+ <layout class="QVBoxLayout" >
+ <property name="margin" >
+ <number>9</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item>
+ <widget class="QCheckBox" name="ck_modeauto" >
+ <property name="text" >
+ <string>Determine Automatically</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <layout class="QGridLayout" >
+ <property name="margin" >
+ <number>0</number>
+ </property>
+ <property name="spacing" >
+ <number>6</number>
+ </property>
+ <item row="0" column="0" >
+ <widget class="QCheckBox" name="ck_modesign" >
+ <property name="text" >
+ <string>Sign</string>
+ </property>
+ </widget>
+ </item>
+ <item row="1" column="1" >
+ <widget class="QCheckBox" name="ck_modeunwrap" >
+ <property name="text" >
+ <string>Unwrap</string>
+ </property>
+ </widget>
+ </item>
+ <item row="0" column="1" >
+ <widget class="QCheckBox" name="ck_modedecrypt" >
+ <property name="text" >
+ <string>Decrypt</string>
+ </property>
+ </widget>
+ </item>
+ <item row="1" column="0" >
+ <widget class="QCheckBox" name="ck_modesignrecover" >
+ <property name="text" >
+ <string>Sign Recover</string>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </item>
+ </layout>
+ </widget>
+ </item>
+ <item>
+ <spacer>
+ <property name="orientation" >
+ <enum>Qt::Vertical</enum>
+ </property>
+ <property name="sizeHint" >
+ <size>
+ <width>20</width>
+ <height>16</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ </layout>
+ </widget>
+ </widget>
+ </item>
+ </layout>
+ </widget>
+ </item>
+ <item>
+ <widget class="QDialogButtonBox" name="buttonBox" >
+ <property name="orientation" >
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="standardButtons" >
+ <set>QDialogButtonBox::Cancel|QDialogButtonBox::NoButton|QDialogButtonBox::Ok</set>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </widget>
+ <tabstops>
+ <tabstop>ck_allowroot</tabstop>
+ <tabstop>ck_allowprotected</tabstop>
+ <tabstop>sb_loglevel</tabstop>
+ <tabstop>gb_pincache</tabstop>
+ <tabstop>rb_pincache_nolimit</tabstop>
+ <tabstop>rb_pincache_time</tabstop>
+ <tabstop>sb_pincache_time</tabstop>
+ <tabstop>lv_modules</tabstop>
+ <tabstop>pb_add</tabstop>
+ <tabstop>pb_remove</tabstop>
+ <tabstop>tb_details</tabstop>
+ <tabstop>le_library</tabstop>
+ <tabstop>pb_browse</tabstop>
+ <tabstop>cb_slotmethod</tabstop>
+ <tabstop>rb_polldefault</tabstop>
+ <tabstop>rb_pollcustom</tabstop>
+ <tabstop>sb_pollcustom</tabstop>
+ <tabstop>ck_modallowprotected</tabstop>
+ <tabstop>ck_certprivate</tabstop>
+ <tabstop>ck_modeauto</tabstop>
+ <tabstop>ck_modesign</tabstop>
+ <tabstop>ck_modesignrecover</tabstop>
+ <tabstop>ck_modedecrypt</tabstop>
+ <tabstop>ck_modeunwrap</tabstop>
+ <tabstop>buttonBox</tabstop>
+ </tabstops>
+ <resources/>
+ <connections>
+ <connection>
+ <sender>buttonBox</sender>
+ <signal>accepted()</signal>
+ <receiver>Pkcs11Config</receiver>
+ <slot>accept()</slot>
+ <hints>
+ <hint type="sourcelabel" >
+ <x>345</x>
+ <y>448</y>
+ </hint>
+ <hint type="destinationlabel" >
+ <x>320</x>
+ <y>137</y>
+ </hint>
+ </hints>
+ </connection>
+ <connection>
+ <sender>buttonBox</sender>
+ <signal>rejected()</signal>
+ <receiver>Pkcs11Config</receiver>
+ <slot>reject()</slot>
+ <hints>
+ <hint type="sourcelabel" >
+ <x>370</x>
+ <y>448</y>
+ </hint>
+ <hint type="destinationlabel" >
+ <x>363</x>
+ <y>135</y>
+ </hint>
+ </hints>
+ </connection>
+ </connections>
+</ui>
diff --git a/examples/cmssigner/pkcs11configdlg/pkcs11configdlg.cpp b/examples/cmssigner/pkcs11configdlg/pkcs11configdlg.cpp
new file mode 100644
index 0000000..4a47b93
--- /dev/null
+++ b/examples/cmssigner/pkcs11configdlg/pkcs11configdlg.cpp
@@ -0,0 +1,814 @@
+/*
+ Copyright (C) 2007 Justin Karneges <justin@affinix.com>
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#include "pkcs11configdlg.h"
+
+#include <QtCore>
+#include <QtGui>
+#include <QtCrypto>
+#include "ui_pkcs11config.h"
+
+//----------------------------------------------------------------------------
+// Pkcs11ProviderConfig
+//----------------------------------------------------------------------------
+class Pkcs11ProviderConfig
+{
+public:
+ bool allow_protected_authentication;
+ bool cert_private;
+ bool enabled;
+ QString library;
+ QString name;
+ int private_mask;
+ QString slotevent_method;
+ int slotevent_timeout;
+
+ Pkcs11ProviderConfig() :
+ allow_protected_authentication(true),
+ cert_private(false),
+ enabled(false),
+ private_mask(0),
+ slotevent_method("auto"),
+ slotevent_timeout(0)
+ {
+ }
+
+ QVariantMap toVariantMap() const
+ {
+ QVariantMap out;
+ out["allow_protected_authentication"] = allow_protected_authentication;
+ out["cert_private"] = cert_private;
+ out["enabled"] = enabled;
+ out["library"] = library;
+ out["name"] = name;
+ out["private_mask"] = private_mask;
+ out["slotevent_method"] = slotevent_method;
+ out["slotevent_timeout"] = slotevent_timeout;
+ return out;
+ }
+
+ bool fromVariantMap(const QVariantMap &in)
+ {
+ allow_protected_authentication = in["allow_protected_authentication"].toBool();
+ cert_private = in["cert_private"].toBool();
+ enabled = in["enabled"].toBool();
+ library = in["library"].toString();
+ name = in["name"].toString();
+ private_mask = in["private_mask"].toInt();
+ slotevent_method = in["slotevent_method"].toString();
+ slotevent_timeout = in["slotevent_timeout"].toInt();
+ return true;
+ }
+};
+
+//----------------------------------------------------------------------------
+// Pkcs11Config
+//----------------------------------------------------------------------------
+class Pkcs11Config
+{
+public:
+ bool allow_load_rootca;
+ bool allow_protected_authentication;
+ int log_level;
+ int pin_cache;
+ QList<Pkcs11ProviderConfig> providers;
+
+ QVariantMap orig_config;
+
+ Pkcs11Config() :
+ allow_load_rootca(false),
+ allow_protected_authentication(true),
+ log_level(0),
+ pin_cache(-1)
+ {
+ }
+
+ QVariantMap toVariantMap() const
+ {
+ QVariantMap out = orig_config;
+
+ // form type
+ out["formtype"] = "http://affinix.com/qca/forms/qca-pkcs11#1.0";
+
+ // base settings
+ out["allow_load_rootca"] = allow_load_rootca;
+ out["allow_protected_authentication"] = allow_protected_authentication;
+ out["log_level"] = log_level;
+ out["pin_cache"] = pin_cache;
+
+ // provider settings (always write at least 10 providers)
+ for(int n = 0; n < 10 || n < providers.count(); ++n)
+ {
+ QString prefix = QString().sprintf("provider_%02d_", n);
+
+ Pkcs11ProviderConfig provider;
+ if(n < providers.count())
+ provider = providers[n];
+
+ QVariantMap subconfig = provider.toVariantMap();
+ QMapIterator<QString,QVariant> it(subconfig);
+ while(it.hasNext())
+ {
+ it.next();
+ out.insert(prefix + it.key(), it.value());
+ }
+ }
+
+ return out;
+ }
+
+ bool fromVariantMap(const QVariantMap &in)
+ {
+ if(in["formtype"] != "http://affinix.com/qca/forms/qca-pkcs11#1.0")
+ return false;
+
+ allow_load_rootca = in["allow_load_rootca"].toBool();
+ allow_protected_authentication = in["allow_protected_authentication"].toBool();
+ log_level = in["log_level"].toInt();
+ pin_cache = in["pin_cache"].toInt();
+
+ for(int n = 0;; ++n)
+ {
+ QString prefix = QString().sprintf("provider_%02d_", n);
+
+ // collect all key/values with this prefix into a
+ // a separate container, leaving out the prefix
+ // from the keys.
+ QVariantMap subconfig;
+ QMapIterator<QString,QVariant> it(in);
+ while(it.hasNext())
+ {
+ it.next();
+ if(it.key().startsWith(prefix))
+ subconfig.insert(it.key().mid(prefix.length()), it.value());
+ }
+
+ // if there are no config items with this prefix, we're done
+ if(subconfig.isEmpty())
+ break;
+
+ Pkcs11ProviderConfig provider;
+ if(!provider.fromVariantMap(subconfig))
+ return false;
+
+ // skip unnamed entries
+ if(provider.name.isEmpty())
+ continue;
+
+ // skip duplicate entries
+ bool have_name_already = false;
+ foreach(const Pkcs11ProviderConfig &i, providers)
+ {
+ if(i.name == provider.name)
+ {
+ have_name_already = true;
+ break;
+ }
+ }
+ if(have_name_already)
+ continue;
+
+ providers += provider;
+ }
+
+ orig_config = in;
+ return true;
+ }
+};
+
+//----------------------------------------------------------------------------
+// ModuleListModel
+//----------------------------------------------------------------------------
+class ModuleListModel : public QAbstractListModel
+{
+ Q_OBJECT
+public:
+ QList<Pkcs11ProviderConfig> list;
+
+ ModuleListModel(QObject *parent = 0) :
+ QAbstractListModel(parent)
+ {
+ }
+
+ int rowCount(const QModelIndex &parent = QModelIndex()) const
+ {
+ Q_UNUSED(parent);
+ return list.count();
+ }
+
+ QVariant data(const QModelIndex &index, int role) const
+ {
+ if(!index.isValid())
+ return QVariant();
+
+ if(index.row() >= list.count())
+ return QVariant();
+
+ if(role == Qt::DisplayRole)
+ return list[index.row()].name;
+ else if(role == Qt::EditRole)
+ return list[index.row()].name;
+ else
+ return QVariant();
+ }
+
+ Qt::ItemFlags flags(const QModelIndex &index) const
+ {
+ if(!index.isValid())
+ return Qt::ItemIsEnabled;
+
+ return QAbstractItemModel::flags(index) | Qt::ItemIsEditable;
+ }
+
+ bool setData(const QModelIndex &index, const QVariant &value, int role)
+ {
+ if(index.isValid() && role == Qt::EditRole)
+ {
+ QString str = value.toString();
+
+ if(str.isEmpty())
+ {
+ emit editFailed(index, tr("Module name cannot be blank."));
+ return false;
+ }
+
+ bool have_name_already = false;
+ int at = index.row();
+ for(int n = 0; n < list.count(); ++n)
+ {
+ const Pkcs11ProviderConfig &i = list[n];
+
+ // skip self
+ if(n == at)
+ continue;
+
+ if(i.name == str)
+ {
+ have_name_already = true;
+ break;
+ }
+ }
+ if(have_name_already)
+ {
+ emit editFailed(index, tr("There is already a module with this name."));
+ return false;
+ }
+
+ list[index.row()].name = str;
+ emit dataChanged(index, index);
+ return true;
+ }
+ return false;
+ }
+
+ void addItems(const QList<Pkcs11ProviderConfig> &items)
+ {
+ if(items.isEmpty())
+ return;
+
+ beginInsertRows(QModelIndex(), list.size(), list.size() + items.count() - 1);
+ list += items;
+ endInsertRows();
+ }
+
+ void addItem(const Pkcs11ProviderConfig &i)
+ {
+ beginInsertRows(QModelIndex(), list.size(), list.size());
+ list += i;
+ endInsertRows();
+ }
+
+ void removeItem(int at)
+ {
+ beginRemoveRows(QModelIndex(), at, at);
+ list.removeAt(at);
+ endRemoveRows();
+ }
+
+signals:
+ void editFailed(const QModelIndex &index, const QString &reasonString);
+};
+
+//----------------------------------------------------------------------------
+// Pkcs11ConfigDlg
+//----------------------------------------------------------------------------
+static QCA::Provider *get_pkcs11_provider(QVariantMap *_config = 0)
+{
+ QCA::ProviderList providers = QCA::providers();
+ providers += QCA::defaultProvider();
+
+ QCA::Provider *provider = 0;
+ QVariantMap config;
+ foreach(QCA::Provider *p, providers)
+ {
+ config = QCA::getProviderConfig(p->name());
+ if(!config.isEmpty() && config["formtype"] == "http://affinix.com/qca/forms/qca-pkcs11#1.0")
+ {
+ provider = p;
+ break;
+ }
+ }
+
+ if(provider && _config)
+ *_config = config;
+
+ return provider;
+}
+
+class Pkcs11ConfigDlg::Private : public QObject
+{
+ Q_OBJECT
+public:
+ Pkcs11ConfigDlg *q;
+ Ui_Pkcs11Config ui;
+ QString providerName;
+ ModuleListModel *model;
+ Pkcs11Config config;
+ bool dirty;
+
+ // for safe dialog closing behavior during QListView editing
+ bool allow_close;
+ bool done;
+
+ // for ignoring modifications that we cause when populating fields
+ bool ignore_dataChanged;
+
+ Private(Pkcs11ConfigDlg *_q, const QString &_providerName, const QVariantMap &configmap) :
+ QObject(_q),
+ q(_q),
+ providerName(_providerName),
+ dirty(false),
+ allow_close(true),
+ done(false),
+ ignore_dataChanged(true)
+ {
+ ui.setupUi(q);
+ q->resize(q->minimumSize());
+
+ model = new ModuleListModel(this);
+ qRegisterMetaType<QModelIndex>("QModelIndex");
+ // do this queued for two reasons:
+ // 1) if we throw an error dialog, it will occur after the
+ // row text has reverted, and the call stack completed
+ // (the latter may not be required, but it helps me
+ // sleep).
+ // 2) if the user accepts/rejects the dialog while editing,
+ // it is easy to ensure that the signal is not processed
+ // (if it gets delivered at all).
+ connect(model,
+ SIGNAL(editFailed(const QModelIndex &, const QString &)),
+ SLOT(model_editFailed(const QModelIndex &, const QString &)),
+ Qt::QueuedConnection);
+
+ // set up widgets
+ ui.rb_pincache_nolimit->setChecked(true);
+ ui.sb_pincache_time->setEnabled(false);
+ ui.sb_pincache_time->setValue(300);
+ ui.lv_modules->setModel(model);
+ ui.lv_modules->setEditTriggers(QAbstractItemView::DoubleClicked | QAbstractItemView::SelectedClicked | QAbstractItemView::EditKeyPressed);
+ ui.pb_remove->setEnabled(false);
+ ui.tb_details->setEnabled(false);
+ ui.gb_poll->setEnabled(false);
+ ui.rb_polldefault->setChecked(true);
+ ui.sb_pollcustom->setEnabled(false);
+ ui.sb_pollcustom->setValue(5);
+ ui.ck_modeauto->setChecked(true);
+
+ // disable this by default, enable on dataChanged
+ ui.buttonBox->button(QDialogButtonBox::Ok)->setEnabled(false);
+
+ // general
+ connect(ui.ck_allowroot, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.ck_allowprotected, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.sb_loglevel, SIGNAL(valueChanged(int)), SLOT(dataChanged()));
+ connect(ui.gb_pincache, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.rb_pincache_nolimit, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.rb_pincache_time, SIGNAL(toggled(bool)), ui.sb_pincache_time, SLOT(setEnabled(bool)));
+ connect(ui.rb_pincache_time, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.sb_pincache_time, SIGNAL(valueChanged(int)), SLOT(dataChanged()));
+
+ // modules
+ connect(model, SIGNAL(dataChanged(const QModelIndex &, const QModelIndex &)), SLOT(dataChanged()));
+ connect(ui.lv_modules->selectionModel(), SIGNAL(selectionChanged(const QItemSelection &, const QItemSelection &)), SLOT(module_selectionChanged(const QItemSelection &, const QItemSelection &)));
+ connect(ui.pb_add, SIGNAL(clicked()), SLOT(module_add()));
+ connect(ui.pb_remove, SIGNAL(clicked()), SLOT(module_remove()));
+ connect(ui.le_library, SIGNAL(textChanged(const QString &)), SLOT(dataChanged()));
+ connect(ui.pb_browse, SIGNAL(clicked()), SLOT(library_browse()));
+ connect(ui.cb_slotmethod, SIGNAL(currentIndexChanged(int)), SLOT(slotmethod_currentIndexChanged(int)));
+ connect(ui.rb_polldefault, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.rb_pollcustom, SIGNAL(toggled(bool)), ui.sb_pollcustom, SLOT(setEnabled(bool)));
+ connect(ui.rb_pollcustom, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.sb_pollcustom, SIGNAL(valueChanged(int)), SLOT(dataChanged()));
+ connect(ui.ck_modallowprotected, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.ck_certprivate, SIGNAL(toggled(bool)), SLOT(dataChanged()));
+ connect(ui.ck_modeauto, SIGNAL(toggled(bool)), SLOT(modeauto_toggled(bool)));
+ connect(ui.ck_modesign, SIGNAL(toggled(bool)), SLOT(modenonauto_toggled(bool)));
+ connect(ui.ck_modesignrecover, SIGNAL(toggled(bool)), SLOT(modenonauto_toggled(bool)));
+ connect(ui.ck_modedecrypt, SIGNAL(toggled(bool)), SLOT(modenonauto_toggled(bool)));
+ connect(ui.ck_modeunwrap, SIGNAL(toggled(bool)), SLOT(modenonauto_toggled(bool)));
+
+ // is this a valid config?
+ if(!providerName.isEmpty() && config.fromVariantMap(