From b964a5cfb006229c1cdb1a4cf97df845ef5e754e Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sat, 29 Aug 2015 18:53:47 +0800 Subject: Add some text regarding using passwords with Fernet. --- docs/fernet.rst | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/docs/fernet.rst b/docs/fernet.rst index 8ea33eef..b6ee87f7 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -106,6 +106,43 @@ has support for implementing key rotation via :class:`MultiFernet`. See :meth:`Fernet.decrypt` for more information. + +Using passwords with Fernet +--------------------------- + +It is possible to use passwords with Fernet. To do this, you need to run the +password through a key derivation function like +:class:`~cryptography.hazmat.primitives.kdf.PBKDF2`: + +.. code-block:: python + + import base64 + import os + from cryptography.hazmat.primitives import hashes + from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC + from cryptography.hazmat.backends import default_backend + from cryptography.fernet import Fernet + + password = b"password" + salt = os.urandom(16) + + kdf = PBKDF2HMAC( + algorithm=hashes.SHA256(), + length=32, + salt=salt, + iterations=100000, + backend=default_backend + ) + key = base64.urlsafe_b64encode(kdf.derive(password)) + f = Fernet(key) + +In this scheme, the salt has to be stored in a retrievable location in order +to derive the same key from the password in the future. + +The iteration count used should be adjusted to be as high as your server can +tolerate. A good default is at least 100k iterations which is what Django +`recommends`_. + Implementation -------------- @@ -125,3 +162,4 @@ For complete details consult the `specification`_. .. _`Fernet`: https://github.com/fernet/spec/ .. _`specification`: https://github.com/fernet/spec/blob/master/Spec.md +.. _`recommends`_: https://github.com/django/django/blob/master/django/utils/crypto.py#L148 -- cgit v1.2.3 From 1ef3aa3ea3bfe10f234aa4292d6f65d76c89b192 Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sat, 29 Aug 2015 19:04:57 +0800 Subject: Fix link. --- docs/fernet.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/fernet.rst b/docs/fernet.rst index b6ee87f7..1cea0a7a 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -162,4 +162,4 @@ For complete details consult the `specification`_. .. _`Fernet`: https://github.com/fernet/spec/ .. _`specification`: https://github.com/fernet/spec/blob/master/Spec.md -.. _`recommends`_: https://github.com/django/django/blob/master/django/utils/crypto.py#L148 +.. _`recommends`: https://github.com/django/django/blob/master/django/utils/crypto.py#L148 -- cgit v1.2.3 From d9f8bfaaa8c0f416a468e47e7b494661b30f42c8 Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sat, 29 Aug 2015 19:08:39 +0800 Subject: Fixed PBKDF2 class target. --- docs/fernet.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/fernet.rst b/docs/fernet.rst index 1cea0a7a..d4a7d284 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -112,7 +112,7 @@ Using passwords with Fernet It is possible to use passwords with Fernet. To do this, you need to run the password through a key derivation function like -:class:`~cryptography.hazmat.primitives.kdf.PBKDF2`: +:class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`: .. code-block:: python -- cgit v1.2.3 From 4678604fe39078e89e9a20931e64e1a2ac48bab5 Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sat, 29 Aug 2015 19:12:14 +0800 Subject: Add Django to wordlist. --- docs/spelling_wordlist.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index 1eed7c7a..a78b99f0 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -22,6 +22,7 @@ deserialize deserialized Diffie Docstrings +Django Encodings fernet Fernet -- cgit v1.2.3 From 7126e61fc31d9684314c3749f4b552f6d43e39fc Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sat, 29 Aug 2015 22:28:51 +0800 Subject: Fix imports and wordings. --- docs/fernet.rst | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/fernet.rst b/docs/fernet.rst index d4a7d284..18aab439 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -111,17 +111,18 @@ Using passwords with Fernet --------------------------- It is possible to use passwords with Fernet. To do this, you need to run the -password through a key derivation function like +password through a key derivation function such as :class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`: .. code-block:: python import base64 import os + + from cryptography.fernet import Fernet + from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC - from cryptography.hazmat.backends import default_backend - from cryptography.fernet import Fernet password = b"password" salt = os.urandom(16) @@ -140,8 +141,8 @@ In this scheme, the salt has to be stored in a retrievable location in order to derive the same key from the password in the future. The iteration count used should be adjusted to be as high as your server can -tolerate. A good default is at least 100k iterations which is what Django -`recommends`_. +tolerate. A good default is at least 100,000 iterations which is what Django +`recommends`_ in 2014. Implementation -------------- -- cgit v1.2.3 From 89656cd08cf0369677b298f30ba754cb62e5009b Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 29 Aug 2015 18:18:53 -0500 Subject: Resolve an unusual test bug related to initializing the bindings To make calls against the "SSL" parts of OpenSSL you need to call SSL_library_init. There are multiple ways this can be called: * If you're using the same OpenSSL in cryptography as you are in your Python then Python will call it for you. * If you import the openssl backend. These tests need SSL_library_init to be called. When run in our CI SSL_library_init is called because during the parametrization step the OpenSSL backend is imported (thus triggering it). However, you can also run tests directly via py.test and without this change py.test tests/hazmat/bindings/test_openssl.py would crash if you had cryptography linked against a different OpenSSL than your Python used. --- src/cryptography/hazmat/backends/openssl/backend.py | 7 ------- src/cryptography/hazmat/bindings/openssl/binding.py | 6 ++++++ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 8c4abcd6..197bcb8c 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -529,13 +529,6 @@ class Backend(object): self._binding.init_static_locks() - # adds all ciphers/digests for EVP - self._lib.OpenSSL_add_all_algorithms() - # registers available SSL/TLS ciphers and digests - self._lib.SSL_library_init() - # loads error strings for libcrypto and libssl functions - self._lib.SSL_load_error_strings() - self._cipher_registry = {} self._register_default_ciphers() self.activate_osrandom_engine() diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index e18d89c5..50d7f6d5 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -92,6 +92,12 @@ class Binding(object): if not cls._lib_loaded: cls.lib = build_conditional_library(lib, CONDITIONAL_NAMES) cls._lib_loaded = True + # initialize the SSL library + cls.lib.SSL_library_init() + # adds all ciphers/digests for EVP + cls.lib.OpenSSL_add_all_algorithms() + # loads error strings for libcrypto and libssl functions + cls.lib.SSL_load_error_strings() cls._register_osrandom_engine() @classmethod -- cgit v1.2.3 From b1903b0d4caaac29f78b7421704caf01255b3c13 Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sun, 30 Aug 2015 11:09:22 +0800 Subject: Mention bcrypt and scrypt. --- docs/fernet.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/fernet.rst b/docs/fernet.rst index 18aab439..a066ae63 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -112,7 +112,8 @@ Using passwords with Fernet It is possible to use passwords with Fernet. To do this, you need to run the password through a key derivation function such as -:class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`: +:class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`, bcrypt or +scrypt. .. code-block:: python -- cgit v1.2.3 From 69382a045a1647a78ab8a6a00d95ea85c9f93147 Mon Sep 17 00:00:00 2001 From: Terry Chia Date: Sun, 30 Aug 2015 13:09:36 +0800 Subject: Add bcrypt to word list. --- docs/spelling_wordlist.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index a78b99f0..75497840 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -1,6 +1,7 @@ affine backend backends +bcrypt Backends Blowfish boolean -- cgit v1.2.3 From 646c7cc3cdbedb5f8d9090043da3db34ee298dff Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 1 Sep 2015 21:56:39 -0400 Subject: upgrade to pypy 2.6.1 --- .travis/install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis/install.sh b/.travis/install.sh index 17aee435..3ff723da 100755 --- a/.travis/install.sh +++ b/.travis/install.sh @@ -35,8 +35,8 @@ if [[ "$(uname -s)" == 'Darwin' ]]; then ;; pypy) brew outdated pyenv || brew upgrade pyenv - pyenv install pypy-2.6.0 - pyenv global pypy-2.6.0 + pyenv install pypy-2.6.1 + pyenv global pypy-2.6.1 ;; pypy3) brew outdated pyenv || brew upgrade pyenv @@ -57,8 +57,8 @@ else PYENV_ROOT="$HOME/.pyenv" PATH="$PYENV_ROOT/bin:$PATH" eval "$(pyenv init -)" - pyenv install pypy-2.6.0 - pyenv global pypy-2.6.0 + pyenv install pypy-2.6.1 + pyenv global pypy-2.6.1 fi pip install virtualenv fi -- cgit v1.2.3 From 18fab258a2c06e4c86765ebc74507f0a3f26fa07 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 1 Sep 2015 22:16:17 -0400 Subject: fix --- .travis/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis/run.sh b/.travis/run.sh index 17358655..1c49911f 100755 --- a/.travis/run.sh +++ b/.travis/run.sh @@ -21,7 +21,7 @@ else PYENV_ROOT="$HOME/.pyenv" PATH="$PYENV_ROOT/bin:$PATH" eval "$(pyenv init -)" - pyenv global pypy-2.6.0 + pyenv global pypy-2.6.1 fi fi source ~/.venv/bin/activate -- cgit v1.2.3 From f648734d1a0da965983e42e96437b99acd7dd1ea Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 3 Sep 2015 10:10:49 -0400 Subject: Fixed #2318 -- added the missing critical flag to the x509 tutorial --- docs/x509/tutorial.rst | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/x509/tutorial.rst b/docs/x509/tutorial.rst index d1c8ba14..0fa061a2 100644 --- a/docs/x509/tutorial.rst +++ b/docs/x509/tutorial.rst @@ -67,13 +67,16 @@ a few details: ... x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"), ... x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"My Company"), ... x509.NameAttribute(NameOID.COMMON_NAME, u"mysite.com"), - ... ])).add_extension(x509.SubjectAlternativeName([ - ... # Describe what sites we want this certificate for. - ... x509.DNSName(u"mysite.com"), - ... x509.DNSName(u"www.mysite.com"), - ... x509.DNSName(u"subdomain.mysite.com"), + ... ])).add_extension( + ... x509.SubjectAlternativeName([ + ... # Describe what sites we want this certificate for. + ... x509.DNSName(u"mysite.com"), + ... x509.DNSName(u"www.mysite.com"), + ... x509.DNSName(u"subdomain.mysite.com"), + ... ]), + ... critical=False, ... # Sign the CSR with our private key. - ... ])).sign(key, hashes.SHA256(), default_backend()) + ... ).sign(key, hashes.SHA256(), default_backend()) >>> # Write our CSR out to disk. >>> with open("path/to/csr.pem", "wb") as f: ... f.write(csr.public_bytes(serialization.Encoding.PEM)) -- cgit v1.2.3 From 726cea356bd84ecea16cd5b6ed402351790fd103 Mon Sep 17 00:00:00 2001 From: Erik Trauschke Date: Thu, 3 Sep 2015 09:27:09 -0700 Subject: remove critical flag from cert issuer entry ext to work with OpenSSL < 1.0.0 --- .../x509/custom/crl_all_reasons.pem | 67 +++++++++++----------- 1 file changed, 33 insertions(+), 34 deletions(-) diff --git a/vectors/cryptography_vectors/x509/custom/crl_all_reasons.pem b/vectors/cryptography_vectors/x509/custom/crl_all_reasons.pem index 960363d0..fdc82ae6 100644 --- a/vectors/cryptography_vectors/x509/custom/crl_all_reasons.pem +++ b/vectors/cryptography_vectors/x509/custom/crl_all_reasons.pem @@ -1,37 +1,36 @@ -----BEGIN X509 CRL----- -MIIGZTCCBU0CAQIwDQYJKoZIhvcNAQELBQAwJzELMAkGA1UEBhMCVVMxGDAWBgNV +MIIGRzCCBS8CAQIwDQYJKoZIhvcNAQELBQAwJzELMAkGA1UEBhMCVVMxGDAWBgNV BAMMD2NyeXB0b2dyYXBoeS5pbxgPMjAxNTAxMDEwMDAwMDBaGA8yMDE2MDEwMTAw -MDAwMFowggTsMBQCAQAYDzIwMTUwMTAxMDAwMDAwWjB1AgEBGA8yMDE1MDEwMTAw -MDAwMFowXzAYBgNVHRgEERgPMjAxNTAxMDEwMDAwMDBaMDcGA1UdHQEB/wQtMCuk -KTAnMQswCQYDVQQGEwJVUzEYMBYGA1UEAwwPY3J5cHRvZ3JhcGh5LmlvMAoGA1Ud -FQQDCgEAMHUCAQIYDzIwMTUwMTAxMDAwMDAwWjBfMBgGA1UdGAQRGA8yMDE1MDEw -MTAwMDAwMFowNwYDVR0dAQH/BC0wK6QpMCcxCzAJBgNVBAYTAlVTMRgwFgYDVQQD -DA9jcnlwdG9ncmFwaHkuaW8wCgYDVR0VBAMKAQEwdQIBAxgPMjAxNTAxMDEwMDAw -MDBaMF8wGAYDVR0YBBEYDzIwMTUwMTAxMDAwMDAwWjA3BgNVHR0BAf8ELTArpCkw -JzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD2NyeXB0b2dyYXBoeS5pbzAKBgNVHRUE -AwoBAjB1AgEEGA8yMDE1MDEwMTAwMDAwMFowXzAYBgNVHRgEERgPMjAxNTAxMDEw -MDAwMDBaMDcGA1UdHQEB/wQtMCukKTAnMQswCQYDVQQGEwJVUzEYMBYGA1UEAwwP -Y3J5cHRvZ3JhcGh5LmlvMAoGA1UdFQQDCgEDMHUCAQUYDzIwMTUwMTAxMDAwMDAw -WjBfMBgGA1UdGAQRGA8yMDE1MDEwMTAwMDAwMFowNwYDVR0dAQH/BC0wK6QpMCcx -CzAJBgNVBAYTAlVTMRgwFgYDVQQDDA9jcnlwdG9ncmFwaHkuaW8wCgYDVR0VBAMK -AQQwdQIBBhgPMjAxNTAxMDEwMDAwMDBaMF8wGAYDVR0YBBEYDzIwMTUwMTAxMDAw -MDAwWjA3BgNVHR0BAf8ELTArpCkwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD2Ny -eXB0b2dyYXBoeS5pbzAKBgNVHRUEAwoBBTB1AgEHGA8yMDE1MDEwMTAwMDAwMFow -XzAYBgNVHRgEERgPMjAxNTAxMDEwMDAwMDBaMDcGA1UdHQEB/wQtMCukKTAnMQsw -CQYDVQQGEwJVUzEYMBYGA1UEAwwPY3J5cHRvZ3JhcGh5LmlvMAoGA1UdFQQDCgEG -MHUCAQgYDzIwMTUwMTAxMDAwMDAwWjBfMBgGA1UdGAQRGA8yMDE1MDEwMTAwMDAw -MFowNwYDVR0dAQH/BC0wK6QpMCcxCzAJBgNVBAYTAlVTMRgwFgYDVQQDDA9jcnlw -dG9ncmFwaHkuaW8wCgYDVR0VBAMKAQgwdQIBCRgPMjAxNTAxMDEwMDAwMDBaMF8w -GAYDVR0YBBEYDzIwMTUwMTAxMDAwMDAwWjA3BgNVHR0BAf8ELTArpCkwJzELMAkG -A1UEBhMCVVMxGDAWBgNVBAMMD2NyeXB0b2dyYXBoeS5pbzAKBgNVHRUEAwoBCTB1 -AgEKGA8yMDE1MDEwMTAwMDAwMFowXzAYBgNVHRgEERgPMjAxNTAxMDEwMDAwMDBa -MDcGA1UdHQEB/wQtMCukKTAnMQswCQYDVQQGEwJVUzEYMBYGA1UEAwwPY3J5cHRv -Z3JhcGh5LmlvMAoGA1UdFQQDCgEKMC4CAQsYDzIwMTUwMTAxMDAwMDAwWjAYMAoG -A1UdFQQDCgEBMAoGAyoDBAQDCgEAMA0GCSqGSIb3DQEBCwUAA4IBAQAYO41YpMSq -6pPwgp2gqBUHPkFe4FuoxP4kXpsdAurQMb3WM8eZBNMQkgLP94ZYW3cliy+QClb3 -3EzTbckFhnS/avpQGD92hkp7gY5aETL8PuxFpK8qD3gzS+YZ0icbHbqacGxRYwT5 -rdSKb0B5soXe6Wf149Z6mze3X8+kCKpZILHytFzlCeiUZ0lG4bZRYNyQEqGzpsXD -8LuA5McqwASR1QkGNJTT7TKLBIfhy4CSt5aclnmdf4sWNQa9i560lj38ariZExXV -mqtqFIfhvJiVwpljj08uWZocVJcCOEQ9yxk5iVRWMicT79p6wukHqq8ecJBkgH/W -EO3JcHNjZRmW +MDAwMFowggTOMBQCAQAYDzIwMTUwMTAxMDAwMDAwWjByAgEBGA8yMDE1MDEwMTAw +MDAwMFowXDAYBgNVHRgEERgPMjAxNTAxMDEwMDAwMDBaMDQGA1UdHQQtMCukKTAn +MQswCQYDVQQGEwJVUzEYMBYGA1UEAwwPY3J5cHRvZ3JhcGh5LmlvMAoGA1UdFQQD +CgEAMHICAQIYDzIwMTUwMTAxMDAwMDAwWjBcMBgGA1UdGAQRGA8yMDE1MDEwMTAw +MDAwMFowNAYDVR0dBC0wK6QpMCcxCzAJBgNVBAYTAlVTMRgwFgYDVQQDDA9jcnlw +dG9ncmFwaHkuaW8wCgYDVR0VBAMKAQEwcgIBAxgPMjAxNTAxMDEwMDAwMDBaMFww +GAYDVR0YBBEYDzIwMTUwMTAxMDAwMDAwWjA0BgNVHR0ELTArpCkwJzELMAkGA1UE +BhMCVVMxGDAWBgNVBAMMD2NyeXB0b2dyYXBoeS5pbzAKBgNVHRUEAwoBAjByAgEE +GA8yMDE1MDEwMTAwMDAwMFowXDAYBgNVHRgEERgPMjAxNTAxMDEwMDAwMDBaMDQG +A1UdHQQtMCukKTAnMQswCQYDVQQGEwJVUzEYMBYGA1UEAwwPY3J5cHRvZ3JhcGh5 +LmlvMAoGA1UdFQQDCgEDMHICAQUYDzIwMTUwMTAxMDAwMDAwWjBcMBgGA1UdGAQR +GA8yMDE1MDEwMTAwMDAwMFowNAYDVR0dBC0wK6QpMCcxCzAJBgNVBAYTAlVTMRgw +FgYDVQQDDA9jcnlwdG9ncmFwaHkuaW8wCgYDVR0VBAMKAQQwcgIBBhgPMjAxNTAx +MDEwMDAwMDBaMFwwGAYDVR0YBBEYDzIwMTUwMTAxMDAwMDAwWjA0BgNVHR0ELTAr +pCkwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD2NyeXB0b2dyYXBoeS5pbzAKBgNV +HRUEAwoBBTByAgEHGA8yMDE1MDEwMTAwMDAwMFowXDAYBgNVHRgEERgPMjAxNTAx +MDEwMDAwMDBaMDQGA1UdHQQtMCukKTAnMQswCQYDVQQGEwJVUzEYMBYGA1UEAwwP +Y3J5cHRvZ3JhcGh5LmlvMAoGA1UdFQQDCgEGMHICAQgYDzIwMTUwMTAxMDAwMDAw +WjBcMBgGA1UdGAQRGA8yMDE1MDEwMTAwMDAwMFowNAYDVR0dBC0wK6QpMCcxCzAJ +BgNVBAYTAlVTMRgwFgYDVQQDDA9jcnlwdG9ncmFwaHkuaW8wCgYDVR0VBAMKAQgw +cgIBCRgPMjAxNTAxMDEwMDAwMDBaMFwwGAYDVR0YBBEYDzIwMTUwMTAxMDAwMDAw +WjA0BgNVHR0ELTArpCkwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD2NyeXB0b2dy +YXBoeS5pbzAKBgNVHRUEAwoBCTByAgEKGA8yMDE1MDEwMTAwMDAwMFowXDAYBgNV +HRgEERgPMjAxNTAxMDEwMDAwMDBaMDQGA1UdHQQtMCukKTAnMQswCQYDVQQGEwJV +UzEYMBYGA1UEAwwPY3J5cHRvZ3JhcGh5LmlvMAoGA1UdFQQDCgEKMC4CAQsYDzIw +MTUwMTAxMDAwMDAwWjAYMAoGA1UdFQQDCgEBMAoGAyoDBAQDCgEAMA0GCSqGSIb3 +DQEBCwUAA4IBAQBTaloHlPaCZzYee8LxkWej5meiqxQVNWFoVdjesroa+f1FRrH+ +drRU60Nq97KCKf7f9GNN/J3ZIlQmYhmuDqh12f+XLpotoj1ZRfBz2hjFCkJlv+2c +oWWGNHgA70ndFoVtcmX088SYpX8E3ARATivS4q2h9WlwV6rO93mhg3HGIe3JpcK4 +7BcW6Poi/ut/zsDOkVbI00SqaujRpdmdCTht82MH3ztjyDkI9KYaD/YEweKSrWOz +SdEILd164bfBeLuplVI+xpmTEMVNpXBlSXl7+xIw9Vk7p7Q1Pa3k/SvhOldYCm6y +C1xAg/AAq6w78yzYt18j5Mj0s6eeHi1YpHKw -----END X509 CRL----- -- cgit v1.2.3