├── LICENSE ├── README.md ├── docs ├── Interoperable-RA-TLS-SGX-TDX-evidence-formats.md └── Interoperable-RA-TLS-cert-edvidence-formats.md └── interoperability-tests ├── Testing-between-Gramine-and-IntelSGXSDK.md ├── Testing-between-Gramine-and-rats-tls.md ├── Testing-rats-tls-across-TEE-types.md ├── gramine-cert.pem ├── intel-sgxsdk-cert.pem └── rats-tls-cert.pem /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Based on the recent CCC Attestation SIG presentation on [Interoperable RA-TLS](https://github.com/CCC-Attestation/meetings/blob/main/materials/ShanweiCen_Interoperable_ATLS.pdf) and recommendations, design documents with detailed X.509 cert extension and evidence formats definition are being created. Efforts are in progress in the multiple RA-TLS projects ([Gramine RA-TLS](https://github.com/gramineproject/gramine/tree/master/tools/sgx/ra-tls), [RATS-TLS](https://github.com/inclavare-containers/rats-tls), [Open Enclave Attested TLS](https://github.com/openenclave/openenclave/tree/master/samples/attested_tls), [SGX SDK Attested TLS](https://github.com/intel/linux-sgx/tree/master/SampleCode/SampleAttestedTLS)) to add support of the proposed scheme. 2 | 3 | This project (interoperable-ra-tls) under the CCC Attestation SIG will host the design documents and interoperability tests. 4 | 5 | The [Interoperable RA-TLS](https://github.com/CCC-Attestation/meetings/blob/main/materials/ShanweiCen_Interoperable_ATLS.pdf) presentation forms initial version of the proposed scheme, which will be further clarified and refined in the upcoming design documents. Though this presentation mentioned about IANA registration, the proposed scheme does not have restrictions on which registry must be used. Different registries could be suitable for evidence formats. 6 | -------------------------------------------------------------------------------- /docs/Interoperable-RA-TLS-SGX-TDX-evidence-formats.md: -------------------------------------------------------------------------------- 1 | Interoperable RA-TLS SGX / TDX Evidence Tags and Formats 2 | ==== 3 | 4 | # Introduction 5 | 6 | This document defines the evidence and endorsement formats for SGX and TDX within the framework defined in the "Interoperable RA-TLS X.509 Cert and Evidence Formats" document. 7 | 8 | # SGX / TDX Evidence CBOR Tags Registration 9 | The three CBOR tags listed below haven been registered with [IANA](https://www.iana.org/assignments/cbor-tags/cbor-tags.xhtml#tags). 10 | 11 | - CBOR tag 60000: Intel TEE quote, including all SGX and TDX ECDSA quote types 12 | - The quote header has fields to identify TEE type and quote format. 13 | - CBOR tag 60001: Intel TEE report (TDX report or SGX report type 2) 14 | - The report header has fields to identify TEE type, subtype, and report version. 15 | - CBOR tag 60002: SGX report (legacy, generated by EREPORT) 16 | - This report does not have a header to identify its type or version. 17 | 18 | # SGX / TDX Evidence Data Formats 19 | SGX / TDX Evidence is an definite-length encoded tagged CBOR array with two entries, containing a TEE (SGX / TDX) quote or report, and a byte string holding custom claims. 20 | 21 | - SGX / TDX ECDSA evidence: definite-length encoded tagged CBOR array with two entries, holding TEE quote and serialized custom claims: `60000([ TEE_ECDSA_quote(claims-buffer-hash), claims-buffer ])` 22 | - `claims-buffer` is a byte string of definite-length encoded CBOR map of one or two custom claims, with each claim name in text string format, and its value in byte string format. 23 | - Either `{ "pubkey-hash" : h''}` 24 | - Or `{ "pubkey-hash" : h'', "nonce" : h''}`. 25 | - The values of the claims are defined in the "Interoperable RA-TLS X.509 Cert and Evidence Formats" document. 26 | - `claims-buffer-hash` held in the quote user data field is the SHA256 hash of the `claims-buffer` byte string. This hash value is small enough to fit in the SGX / TDX report user data field. 27 | - TDX report / SGX report type 2: definite-length encoded tagged CBOR array with two entries, holding TEE report and seriealized custom claims: `60001([ TEE_report(claims-buffer-hash), claims-buffer ])` 28 | - Legacy SGX report (generated by EREPORT): definite-length encoded tagged CBOR array with two entries, holding Legacy SGX report and serialized custome claims: `60002([ Legacy_SGX_report(claims-buffer-hash), claims-buffer ])` 29 | 30 | SGX / TDX quote and report definitions: 31 | - SGX / TDX ECDSA quote: 32 | - SGX ECDSA quote version 3 structure definition: [sgx_quote3_t](https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/quote_wrapper/common/inc/sgx_quote_3.h), with fields `header.version=3` and `header.att_key_type=2 or 3`. 33 | - SGX / TDX ECDSA version 4 structure definition: [sgx_quote4_t](https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/quote_wrapper/common/inc/sgx_quote_4.h), with header fields `header.version=4`, `header.tee_type=0` for SGX, and `header.tee_type=0x81` for TDX. 34 | - TDX report: 35 | - Structure definition: [sgx_report2_t](https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_report2.h), with field `report_mac_struct.report_type.type=0x81`. 36 | - SGX report type 2: 37 | - Structure definition: [sgx_report2_t](https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_report2.h), with field `report_mac_struct.report_type.type=0x00`. 38 | - Legacy SGX report by instruction EREPORT: 39 | - Structure definition: [sgx_report_t](https://github.com/intel/linux-sgx/blob/master/common/inc/sgx_report.h#L113) 40 | 41 | # SGX / TDX Endorsement Data Format 42 | 43 | The optional endorsements extension for SGX / TDX is a byte string of definite-length encoded tagged CBOR array with 8 or 9 entries: `60000([, h'', h'', h'', h'', h'', h'', h'', h''])` 44 | - Index of each entry is defined in OE SDK `oe_sgx_endorsements_fields_t`, in [bits/attestation.h](https://github.com/openenclave/openenclave/blob/master/include/openenclave/bits/attestation.h). 45 | - The last entry, ``, is optional. 46 | -------------------------------------------------------------------------------- /docs/Interoperable-RA-TLS-cert-edvidence-formats.md: -------------------------------------------------------------------------------- 1 | Interoperable RA-TLS X.509 Cert and Evidence Formats 2 | ==== 3 | 4 | # X.509 Cert with Evidence and Endorsements Extensions 5 | 6 | A X.509 cert for RA-TLS can either be self-signed or CA-signed. It must contain an extension for evidence, and can (optionally) contain an extension for endorsements. The evidence and endorsement extensions are defined in the latest [TCG DICE specification draft](https://members.trustedcomputinggroup.org/wg/DICE/document/36858). 7 | 8 | - Evidence (required): X.509 cert extension, a byte string of encoded tagged CBOR data 9 | - OID: `tcg-dice-conceptual-message-wrapper` (2.23.133.5.4.9) 10 | - CBOR tag: a CBOR tag registered with IANA or some other registry serves as evidence format ID 11 | - CBOR data: this data covered by the tag contains the evidence (including custom claims). Its format is defined by the CBOR tag. 12 | - Note: the DICE specification states that the criticality flag of this extension SHOULD be marked critical, but popular TLS libraries (such as openssl and mbedtls) return errors in verification of an X.509 cert with this extension if its criticality flag is set. Until the issue of library support is resolved, the criticality flag of this extension should be cleared. 13 | - Endorsement (optional): X.509 cert extension, also a byte string of encoded tagged CBOR data. When this extension is present, its value can be used as endorsements for verification of the evidence in the evidence extension. 14 | - OID: `tcg-dice-endorsement-manifest` (2.23.133.5.4.2) 15 | - CBOR tag: the same tag as that for evidence extension 16 | - CBOR data: this data covered by the tag contains the endorsements for verification of the evidence in the same cert. Its format is defined by the CBOR tag. 17 | 18 | # Evidence Custom Claims 19 | The evidence extension must include a `pubkey-hash` claim, and can optionally include a `nonce` claim. All other custom claims will be ignored. 20 | 21 | - `pubkey-hash` (required): holds `pubkey-hash-value`, a byte string of the definite-length encoded CBOR array `hash-entry` defined in [CoSWID](https://github.com/sacmwg/draft-ietf-sacm-coswid/blob/master/draft-ietf-sacm-coswid.md) and used by [CoRIM](https://github.com/ietf-rats/ietf-corim-cddl/blob/main/concise-mid-tag.cddl). 22 | - `hash-entry` is a CBOR array with two entries: `[ hash-alg-id, hash-value]`, where: 23 | - `hash-alg-id` is an unsigned integer identifying the hash algorithm, as registered with [IANA](https://www.iana.org/assignments/named-information/named-information.xhtml). 24 | - For interoperable RA-TLS, the verifier of `hash-entry' must support hash algorithms sha-256 (ID 1), sha-384 (ID 7) and sha-512 (ID 8). 25 | - `hash-value` is a byte string holding the hash value of the X.509 cert `SubjectPublicKeyInfo` object value in DER encoding. 26 | - Note: the `SubjectPublicKeyInfo` object includes both the `algorithm` and `subjectPublicKey` fields. 27 | - `nonce` (optional): holds `nonce-value`, a nonce as a byte string. There is no restriction as to how many bytes the nonce value should be. 28 | - This claim is not present if the X.509 cert does not support pre-session freshness. 29 | -------------------------------------------------------------------------------- /interoperability-tests/Testing-between-Gramine-and-IntelSGXSDK.md: -------------------------------------------------------------------------------- 1 | Testing between Gramine and Intel SGX SDK RA-TLS 2 | ==== 3 | 4 | # Introduction 5 | 6 | This document records the interoperability testing between [Gramine](https://github.com/gramineproject/gramine) and [Intel SGX SDK](https://github.com/intel/linux-sgx), both of which have implemented Interoperable RA-TLS. 7 | 8 | We conducted two sets of tests, in which Gramine and Intel SGX SDK RA-TLS respectively verified each other's certificates and established TLS secure channels. You can verify our tests by following the steps below. 9 | 10 | # Prerequisites 11 | 12 | ## Intel SGX SDK and PSW packages 13 | 14 | To run the tests, first you need to download and install Intel SGX SDK and corresponding PSW packages on your system. 15 | 16 | Interoperable RA-TLS was implemented since [Intel SGX SDK 2.22](https://github.com/intel/linux-sgx/releases/tag/sgx_2.22). 17 | 18 | Get Intel SGX SW packages from [Intel SGX SW repo](https://download.01.org/intel-sgx/latest/linux-latest/distro/), and install the Intel SGX SDK and PSW packages by following [Intel SGX SW Installation Guide](https://download.01.org/intel-sgx/latest/linux-latest/docs/Intel_SGX_SW_Installation_Guide_for_Linux.pdf). 19 | 20 | # Intel SGX SDK RA-TLS as attester and Gramine as verifier 21 | 22 | ## Intel SGX SDK RA-TLS 23 | 24 | Intel SGX SDK RA-TLS provides a sample program [SampleAttestedTLS](https://github.com/intel/linux-sgx/tree/master/SampleCode/SampleAttestedTLS), which can be used to start an RA-TLS server. 25 | 26 | 27 | 1. Get source code of SampleAttestedTLS 28 | 29 | ```sh 30 | git clone https://github.com/intel/linux-sgx 31 | ``` 32 | 33 | 2. Build the sample 34 | 35 | ```sh 36 | cd SampleCode/SampleAttestedTLS 37 | make 38 | ``` 39 | 3. Start the server 40 | 41 | ```sh 42 | ./server/host/tls_server_host ./server/enc/tls_server_enclave.signed.so -port 4433 43 | 44 | ``` 45 | 46 | Now the tls_server_enclave listens on `127.0.0.1:4433`, with a self-signed X.509 certificate. 47 | 48 | Here is an example certificate generated by Intel SGX SDK RA-TLS server: [intel-sgxsdk-cert.pem](./intel-sgxsdk-cert.pem) 49 | 50 | ## Gramine 51 | 52 | Gramine provides an example program [ra-tls-mbedtls](https://github.com/gramineproject/gramine/tree/master/CI-Examples/ra-tls-mbedtls) based on mbedTLS for RA-TLS. We use the client program in it for testing. 53 | 54 | 1. Download and checkout correct Gramine version 55 | 56 | ```sh 57 | git clone https://github.com/gramineproject/gramine.git 58 | cd gramine/ 59 | git checkout dimakuv/interoperable-ra-tls 60 | ``` 61 | 62 | 2. Build and install Gramine system-wide (in debug mode, so it can be GDBed if needed) 63 | 64 | ```sh 65 | meson setup build-debug/ --buildtype=debug -Dskeleton=enabled -Ddirect=enabled -Dsgx=enabled -Ddcap=enabled -Dsgx_driver=upstream -Dsgx_driver_include_path=/usr/include/x86_64-linux-gnu/ 66 | 67 | ninja -C build-debug/ 68 | sudo ninja -C build-debug/ install 69 | ``` 70 | 71 | 3. Build and start the RA-TLS client 72 | 73 | ```sh 74 | cd CI-Examples/ra-tls-mbedtls/ 75 | make client 76 | RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE=1 RA_TLS_ALLOW_OUTDATED_TCB_INSECURE=1 ./client dcap 77 | ``` 78 | 79 | > Use `RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE=1` to allow debug enclaves, and use `RA_TLS_ALLOW_OUTDATED_TCB_INSECURE=1` to allow outdated TCB in quote. 80 | 81 | 82 | # Gramine as attester and Intel SGX SDK RA-TLS as verifier 83 | 84 | ## Gramine 85 | 86 | We use the example program ra-tls-mbedtls provided by Gramine to start an RA-TLS server. 87 | 88 | 1. Download and checkout correct Gramine version 89 | 90 | ```sh 91 | git clone https://github.com/gramineproject/gramine.git 92 | cd gramine/ 93 | git checkout dimakuv/interoperable-ra-tls 94 | ``` 95 | 96 | 2. Build and install Gramine system-wide (in debug mode, so it can be GDBed if needed) 97 | 98 | ```sh 99 | meson setup build-debug/ --buildtype=debug -Dskeleton=enabled -Ddirect=enabled -Dsgx=enabled -Ddcap=enabled -Dsgx_driver=upstream 100 | ninja -C build-debug/ 101 | sudo ninja -C build-debug/ install 102 | ``` 103 | 104 | 3. Build and start the RA-TLS server 105 | 106 | ```sh 107 | cd CI-Examples/ra-tls-mbedtls/ 108 | make app dcap RA_TYPE=dcap 109 | gramine-sgx ./server 110 | ``` 111 | 112 | Now the Gramine server listens on port 4433, clients can connect to it and examine its cert. 113 | 114 | Here is an example certificate generated by Gramine: [gramine-cert.pem](./gramine-cert.pem) 115 | 116 | ## Intel SGX SDK RA-TLS 117 | 118 | There are 2 clients provided in Intel SGX SDK RA-TLS [SampleAttestedTLS](https://github.com/intel/linux-sgx/tree/master/SampleCode/SampleAttestedTLS), client running inside the SGX enclave([client/](https://github.com/intel/linux-sgx/tree/master/SampleCode/SampleAttestedTLS/client)) and client running in normal environment([non_enc_client/](https://github.com/intel/linux-sgx/tree/master/SampleCode/SampleAttestedTLS/non_enc_client)), both could be used to test RA-TLS connections. 119 | 120 | 1. Get source code of SampleAttestedTLS 121 | 122 | ```sh 123 | git clone https://github.com/intel/linux-sgx 124 | ``` 125 | 126 | 2. Build the sample 127 | 128 | ```sh 129 | cd SampleCode/SampleAttestedTLS 130 | make 131 | ``` 132 | 133 | 3. Start client 134 | 135 | - Client inside enclave 136 | ```sh 137 | ./client/host/tls_client_host ./client/enc/tls_client_enclave.signed.so -server:localhost -port:4433 138 | ``` 139 | 140 | - Non-enclave client 141 | ```sh 142 | ./non_enc_client/tls_non_enc_client -server:localhost -port:4433 143 | ``` 144 | 145 | In both cases, the client will connect to `127.0.0.1:4433` and verify certificate of the server. 146 | -------------------------------------------------------------------------------- /interoperability-tests/Testing-between-Gramine-and-rats-tls.md: -------------------------------------------------------------------------------- 1 | Testing between Gramine and rats-tls 2 | ==== 3 | 4 | # Introduction 5 | 6 | This document records the interoperability testing between [Gramine](https://github.com/gramineproject/gramine) and [rats-tls](https://github.com/inclavare-containers/rats-tls), both of which have implemented Interoperable RA-TLS. 7 | 8 | We conducted two sets of tests, in which Gramine and rats-tls respectively verified each other's certificates and established TLS secure channels. You can verify our tests by following the steps below. 9 | 10 | # rats-tls as attester and Gramine as verifier 11 | 12 | ## rats-tls 13 | 14 | rats-tls provides a sample program [rats-tls-server](https://github.com/inclavare-containers/rats-tls/tree/master/samples/rats-tls-server), which can be used to start an RA-TLS server. 15 | 16 | 17 | > Note that rats-tls-server supports running in Occlum (occlum mode) or in Linux with SGX enabled (sgx mode). Here we use occlum mode as an example. 18 | 19 | 1. Get source code of rats-tls 20 | 21 | ```sh 22 | git clone https://github.com/inclavare-containers/rats-tls 23 | ``` 24 | 25 | 2. Build and install rats-tls with samples (occlum mode) 26 | 27 | ```sh 28 | cd rats-tls 29 | 30 | # Occlum mode 31 | cmake -DRATS_TLS_BUILD_MODE="occlum" -DBUILD_SAMPLES=on -H. -Bbuild 32 | make -C build install 33 | ``` 34 | 35 | 3. Build Occlum container image for rats-tls-server 36 | 37 | ```sh 38 | cd /usr/share/rats-tls/samples 39 | 40 | # 1. Init Occlum server Workspace 41 | rm -rf occlum_workspace_server 42 | mkdir occlum_workspace_server 43 | cd occlum_workspace_server 44 | occlum init 45 | 46 | # 2. Copy files into Occlum Workspace and Build 47 | cp ../rats-tls-server image/bin 48 | cp /lib/x86_64-linux-gnu/libdl.so.2 image/opt/occlum/glibc/lib 49 | cp /usr/lib/x86_64-linux-gnu/libssl.so.1.1 image/opt/occlum/glibc/lib 50 | cp /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 image/opt/occlum/glibc/lib 51 | mkdir -p image/usr/local/lib 52 | cp -rf /usr/local/lib/rats-tls image/usr/local/lib 53 | 54 | occlum build 55 | ``` 56 | 57 | 4. Start rats-tls-server 58 | 59 | ```sh 60 | occlum run /bin/rats-tls-server --log-level debug --ip 127.0.0.1 --port 4433 --attester sgx_ecdsa --verifier nullverifier --crypto openssl --tls openssl --endorsements 61 | ``` 62 | 63 | Now the rats-tls-server listens on `127.0.0.1:4433`, with a self-signed X.509 certificate. 64 | 65 | Here is a certificate generated by rats-tls-server: [rats-tls-cert.pem](./rats-tls-cert.pem) 66 | 67 | ## Gramine 68 | 69 | Gramine provides an example program [ra-tls-mbedtls](https://github.com/gramineproject/gramine/tree/master/CI-Examples/ra-tls-mbedtls) based on mbedtls for RA-TLS. We use the client program in it for testing. 70 | 71 | 1. Download and checkout correct Gramine version 72 | 73 | ```sh 74 | git clone https://github.com/gramineproject/gramine.git 75 | cd gramine/ 76 | git checkout dimakuv/interoperable-ra-tls 77 | ``` 78 | 79 | 2. Build and install Gramine system-wide (in debug mode, so it can be GDBed if needed) 80 | 81 | ```sh 82 | meson setup build-debug/ --buildtype=debug -Dskeleton=enabled -Ddirect=enabled -Dsgx=enabled -Ddcap=enabled -Dsgx_driver=upstream 83 | ninja -C build-debug/ 84 | sudo ninja -C build-debug/ install 85 | ``` 86 | 87 | 3. build and start the RA-TLS client 88 | 89 | ```sh 90 | cd CI-Examples/ra-tls-mbedtls/ 91 | make client 92 | RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE=1 RA_TLS_ALLOW_OUTDATED_TCB_INSECURE=1 ./client dcap 93 | ``` 94 | 95 | > Use `RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE=1` to allow debug enclaves, and use `RA_TLS_ALLOW_OUTDATED_TCB_INSECURE=1` to allow outdated TCB in quote. 96 | 97 | 98 | # Gramine as attester and rats-tls as verifier 99 | 100 | ## Gramine 101 | 102 | We use the example program ra-tls-mbedtls provided by Gramine to start an RA-TLS server. 103 | 104 | 1. Download and checkout correct Gramine version 105 | 106 | ```sh 107 | git clone https://github.com/gramineproject/gramine.git 108 | cd gramine/ 109 | git checkout dimakuv/interoperable-ra-tls 110 | ``` 111 | 112 | 2. Build and install Gramine system-wide (in debug mode, so it can be GDBed if needed) 113 | 114 | ```sh 115 | meson setup build-debug/ --buildtype=debug -Dskeleton=enabled -Ddirect=enabled -Dsgx=enabled -Ddcap=enabled -Dsgx_driver=upstream 116 | ninja -C build-debug/ 117 | sudo ninja -C build-debug/ install 118 | ``` 119 | 120 | 3. build and start the RA-TLS server 121 | 122 | ```sh 123 | cd CI-Examples/ra-tls-mbedtls/ 124 | make app dcap RA_TYPE=dcap 125 | gramine-sgx ./server 126 | ``` 127 | 128 | Now the Gramine server listens on port 4433, clients can connect to it and examine its cert. 129 | 130 | Here is a certificate generated by Gramine: [gramine-cert.pem](./gramine-cert.pem) 131 | 132 | ## rats-tls 133 | 134 | rats-tls provides a sample program, [rats-tls-client](https://github.com/inclavare-containers/rats-tls/tree/master/samples/rats-tls-client), to test RA-TLS connections. We use the rats-tls-client running in the Occlum environment as an client. 135 | 136 | > Note that the rats-tls-client can also be run in host mode as a verifier. 137 | 138 | 1. Get source code of rats-tls 139 | 140 | ```sh 141 | git clone https://github.com/inclavare-containers/rats-tls 142 | ``` 143 | 144 | 2. Build and install rats-tls with samples (occlum mode) 145 | 146 | ```sh 147 | cd rats-tls 148 | 149 | # Occlum mode 150 | cmake -DRATS_TLS_BUILD_MODE="occlum" -DBUILD_SAMPLES=on -H. -Bbuild 151 | make -C build install 152 | ``` 153 | 154 | 3. Build Occlum container image for rats-tls-client 155 | 156 | ```sh 157 | cd /usr/share/rats-tls/samples 158 | 159 | # 1. Init Occlum client Workspace 160 | rm -rf occlum_workspace_client 161 | mkdir occlum_workspace_client 162 | cd occlum_workspace_client 163 | occlum init 164 | 165 | # 2. Copy files into Occlum Workspace and Build 166 | cp ../rats-tls-client image/bin 167 | cp /lib/x86_64-linux-gnu/libdl.so.2 image/opt/occlum/glibc/lib 168 | cp /usr/lib/x86_64-linux-gnu/libssl.so.1.1 image/opt/occlum/glibc/lib 169 | cp /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 image/opt/occlum/glibc/lib 170 | mkdir -p image/usr/local/lib 171 | cp -rf /usr/local/lib/rats-tls image/usr/local/lib 172 | 173 | occlum build 174 | ``` 175 | 176 | 4. Start rats-tls-client 177 | 178 | ```sh 179 | occlum run /bin/rats-tls-client --ip 127.0.0.1 --port 4433 --attester nullattester --verifier sgx_ecdsa_qve --crypto openssl --tls openssl 180 | ``` 181 | 182 | The client will connect to `127.0.0.1:4433` and verify certificate of the server. 183 | 184 | -------------------------------------------------------------------------------- /interoperability-tests/Testing-rats-tls-across-TEE-types.md: -------------------------------------------------------------------------------- 1 | Testing rats-tls remote attestation across TEE types 2 | ==== 3 | 4 | # Introduction 5 | 6 | The [rats-tls](https://github.com/inclavare-containers/rats-tls) library contains support for both TDX ECDSA and SGX ECDSA remote attestation. This document demonstrates how two processes, located in a TD VM and an SGX enclave respectively, can verify each other in a trusted manner using the rats-tls library and Interoperable RA-TLS certificate. 7 | 8 | We will use the sample programs "rats-tls-server" and "rats-tls-client" provided in the rats-tls library to conduct our demonstration. If you need to learn how to use rats-tls, please refer to our sample code [here](https://github.com/inclavare-containers/rats-tls/tree/master/samples). 9 | 10 | # Build rats-tls 11 | 12 | Firstly, we need to compile rats-tls wth all sample programs. You will need to complete this step separately in the TD VM and the SGX enclave. 13 | 14 | ## Compile on an SGX-enabled server 15 | 16 | 1. Firstly, please refer to [this guide](https://github.com/inclavare-containers/rats-tls#build-requirements) to install the packages required to build rats-tls. 17 | 18 | Alternatively, we recommend using the Docker image we provide to set up your compilation environment. 19 | ```sh 20 | docker run -it --privileged --network host \ 21 | -v /dev/sgx_enclave:/dev/sgx/enclave \ 22 | -v /dev/sgx_provision:/dev/sgx/provision \ 23 | -v /var/run/aesmd:/var/run/aesmd \ 24 | runetest/compilation-testing:ubuntu20.04 25 | ``` 26 | Next, you can run the subsequent steps in that container. 27 | 28 | 2. Install and config Quote Provider Library 29 | 30 | Install `libsgx-dcap-default-qpl-dev` package, which is required to get collaterals and verify the quote. 31 | ```sh 32 | apt install -y libsgx-dcap-default-qpl-dev 33 | ``` 34 | 35 | Open `/etc/sgx_default_qcnl.conf` and edit `PCCS_URL` to be the URL of your PCCS service. 36 | 37 | 3. Get source code of rats-tls 38 | 39 | ```sh 40 | git clone https://github.com/inclavare-containers/rats-tls 41 | ``` 42 | 43 | 4. Compile rats-tls and the sample programs. 44 | 45 | > Note: Due to the limitations of occlum, we cannot yet verify tdx quote in occlum, so in this article we will run rats-tls based on sgxsdk. 46 | 47 | ```sh 48 | cd rats-tls 49 | 50 | # SGX mode 51 | cmake -DRATS_TLS_BUILD_MODE="sgx" -DBUILD_SAMPLES=on -H. -Bbuild 52 | make -C build install 53 | ``` 54 | 55 | ## Compile on an TD VM 56 | 57 | 1. Firstly, you can install your software packages in the same way as you did in SGX. 58 | 59 | Alternatively, we recommend using a Docker image to initialize your compilation environment. 60 | 61 | ```sh 62 | docker run -it --privileged --network host \ 63 | -v /dev/tdx-guest:/dev/tdx-guest \ 64 | -v /var/run/aesmd:/var/run/aesmd \ 65 | runetest/compilation-testing:ubuntu20.04 66 | ``` 67 | 68 | > Note: If rats-tls complaints about file not found, please make sure you have upgraded to the latest SGX libraries using `apt upgrade`. 69 | 70 | 2. Install and config Quote Provider Library 71 | 72 | Same steps as in SGX-enabled server. 73 | 74 | 3. (Optional) Compile and install newer openssl 75 | 76 | Previous versions of openssl had a bug: when the client side certificate exceeded a certain size, the client failed to receive data from the server side. This will cause our case 3 to fail. We recommend to upgrade your openssl version to at least 1.1.1q to avoid this problem. 77 | 78 | Compile and install openssl. 79 | ```sh 80 | pushd /tmp/ 81 | wget https://www.openssl.org/source/openssl-1.1.1q.tar.gz 82 | tar -xzvf openssl-1.1.1q.tar.gz 83 | cd openssl-1.1.1q 84 | ./config --prefix=/opt/openssl-1.1.1q 85 | make -j && make install 86 | popd /tmp/ 87 | ``` 88 | 89 | Add to library search path so that dynamic loader can find it. 90 | ```sh 91 | echo '/opt/openssl-1.1.1q/lib' > /etc/ld.so.conf.d/openssl-1.1.1q.conf 92 | ldconfig -v 93 | ``` 94 | 95 | Now run `openssl version` and you will see that `1.1.1q` is used. 96 | ```txt 97 | OpenSSL 1.1.1f 31 Mar 2020 (Library: OpenSSL 1.1.1q 5 Jul 2022) 98 | ``` 99 | 100 | 4. Get source code of rats-tls 101 | 102 | ```sh 103 | git clone https://github.com/inclavare-containers/rats-tls 104 | ``` 105 | 106 | 5. Compile rats-tls and the sample programs. 107 | 108 | ```sh 109 | cd rats-tls 110 | 111 | # TDX mode 112 | cmake -DRATS_TLS_BUILD_MODE="tdx" -DBUILD_SAMPLES=on -H. -Bbuild 113 | make -C build install 114 | ``` 115 | 116 | # Test cases 117 | 118 | ## Case 1: SGX enclave as the attester and TD VM as the verifier 119 | 120 | 1. Run `rats-tls-server` in the SGX enclave with SGX ECDSA attester. 121 | 122 | ```sh 123 | cd /usr/share/rats-tls/samples 124 | 125 | ./rats-tls-server --log-level debug --ip 0.0.0.0 --port 1234 --attester sgx_ecdsa --verifier nullverifier --crypto openssl --tls openssl --endorsements 126 | ``` 127 | 128 | Now, the rats-tls-server is listening on port 1234. 129 | 130 | 2. Run `rats-tls-client` in the TD VM with SGX ECDSA verifier. 131 | 132 | ```sh 133 | cd /usr/share/rats-tls/samples 134 | 135 | ./rats-tls-client --log-level debug --ip --port 1234 --attester nullattester --verifier sgx_ecdsa --crypto openssl --tls openssl 136 | ``` 137 | 138 | Where `` is the IP address of the rats-tls-server. 139 | 140 | ## Case 2: TD VM as the attester and SGX enclave as the verifier 141 | 142 | 1. Run `rats-tls-server` in the TD VM with TDX ECDSA attester. 143 | 144 | ```sh 145 | cd /usr/share/rats-tls/samples 146 | 147 | ./rats-tls-server --log-level debug --ip 0.0.0.0 --port 1234 --attester tdx_ecdsa --verifier nullverifier --crypto openssl --tls openssl --endorsements 148 | ``` 149 | Now, the rats-tls-server is listening on port 1234. 150 | 151 | 2. Run `rats-tls-client` in the SGX enclave with TDX ECDSA verifier. 152 | ```sh 153 | cd /usr/share/rats-tls/samples 154 | 155 | ./rats-tls-client --log-level debug --ip --port 1234 --attester nullattester --verifier tdx_ecdsa --crypto openssl --tls openssl 156 | ``` 157 | 158 | Where `` is the IP address of the rats-tls-server. 159 | 160 | ## Case 3: TD VM and SGX enclave as both attester and verifier (mutual attestation). 161 | 162 | This case builds upon Case 1, adding verification of the rats-tls-client, which is based on OpenSSL client cert. 163 | 164 | 1. Run `rats-tls-server` in the SGX enclave and enable both the SGX ECDSA attester and the TDX ECDSA verifier. 165 | 166 | ```sh 167 | cd /usr/share/rats-tls/samples 168 | 169 | ./rats-tls-server --log-level debug --ip 0.0.0.0 --port 1234 --attester sgx_ecdsa --verifier tdx_ecdsa --crypto openssl --tls openssl --endorsements --mutual 170 | ``` 171 | 172 | Now, the rats-tls-server is listening on port 1234. 173 | 174 | 2. Run `rats-tls-client` in the TD VM and enable both the TDX ECDSA attester and the SGX ECDSA verifier. 175 | 176 | ```sh 177 | cd /usr/share/rats-tls/samples 178 | 179 | ./rats-tls-client --log-level debug --ip --port 1234 --attester tdx_ecdsa --verifier sgx_ecdsa --crypto openssl --tls openssl --endorsements --mutual 180 | ``` 181 | 182 | Where `` is the IP address of the rats-tls-server. 183 | 184 | -------------------------------------------------------------------------------- /interoperability-tests/gramine-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIInUDCCJtSgAwIBAgIBATAMBggqhkjOPQQDAgUAMDkxDjAMBgNVBAMMBVJBVExT 3 | MRowGAYDVQQKDBFHcmFtaW5lRGV2ZWxvcGVyczELMAkGA1UEBhMCVVMwHhcNMDEw 4 | MTAxMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjA5MQ4wDAYDVQQDDAVSQVRMUzEaMBgG 5 | A1UECgwRR3JhbWluZURldmVsb3BlcnMxCzAJBgNVBAYTAlVTMHYwEAYHKoZIzj0C 6 | AQYFK4EEACIDYgAEcRdZNJQEViFsAXcNV/idkhdrKMX6APs+48zCvuBzWiZIgxRb 7 | bzy3o9XDY278Qinz5VAExPJ053/4sGEWZonaRfxeGISmuF/QQT5f6KJ87KDvS8u2 8 | xMEWZiOM5xRaY+I5o4IlrDCCJagwCQYDVR0TBAIwADAdBgNVHQ4EFgQUoGoP8mNV 9 | 4vdkYCi5PUUZXsOrieowHwYDVR0jBBgwFoAUoGoP8mNV4vdkYCi5PUUZXsOrieow 10 | ghKPBgsGCSqGSIb4TYo5BgSCEn4DAAIAAAAAAAkADQCTmnIz95xMqZQKDbOVfwYH 11 | 5PgKUiS/o9lKzxbqKj1UqAAAAAAGBgwM//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA 12 | AAAAAAAAAAAAAAAAAAAAAAAAAAAHAAAAAAAAAOcAAAAAAAAACGbnyhG59O/kvzmy 13 | YH9OEpnxEZINltlXGQgPAbYrdYUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 14 | AAAAAK3FNQHyHO2bmY43p6GOBhxj4AMVBF+leknBjvCjDQLKAAAAAAAAAAAAAAAA 15 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 16 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 17 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 18 | AAAAAFpaWy0XdDMEjp1iQJ0azE7FJsBuKU0J5po2z/k2nkhRAAAAAAAAAAAAAAAA 19 | AAAAAAAAAAAAAAAAAAAAAAAAAADKEAAAZFwWGbSQNN5eoB0rH2k6MqCclTIsdKRM 20 | PSPnhBROfHze2K01Yu3D4YmHaDyICTadf0sJIpaGhaXQeDUHco1+Llvb7IjoTLHS 21 | JQYcPs9OO32c0rNjqmpfyngEgoH47edpg/g7WzT1HmPogQ9b2o6rQDQR86FzZMSI 22 | saHxmWkUQPkGBgwM//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 23 | AAAAAAAAAAAVAAAAAAAAAOcAAAAAAAAAzh2omsH1SoByV8TlfHgUDLxmUtTVh9YP 24 | BYMSWieSvnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIxPV3XXllA+ 25 | lhN/d8aKgpoAVqyN7XAUCwgbCUSQxXv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 26 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 27 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAJAAAAAAAAAAAAAAAAAAAAAAAAAAAA 28 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5L4YOPID4J 29 | bBWbC2UYWbUMCWwK5QoWLhnSL8sMJUsfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 30 | AAAAAAAAAABByrhd5wGZ14l003u/7yPeIgAzYuJlKuLSf1UWEOvcCjosS/mRn0mG 31 | CoTGNLIegaZG/7WA8KaBIV0j4+Wuk3t1IAAAAQIDBAUGBwgJCgsMDQ4PEBESExQV 32 | FhcYGRobHB0eHwUAYg4AAC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlF 33 | OGpDQ0JKaWdBd0lCQWdJVUZKZVNaNjJtYVJmNnAvc1VMUmZNTVVKZGRQd3dDZ1lJ 34 | S29aSXpqMEVBd0l3CmNERWlNQ0FHQTFVRUF3d1pTVzUwWld3Z1UwZFlJRkJEU3lC 35 | UWJHRjBabTl5YlNCRFFURWFNQmdHQTFVRUNnd1IKU1c1MFpXd2dRMjl5Y0c5eVlY 36 | UnBiMjR4RkRBU0JnTlZCQWNNQzFOaGJuUmhJRU5zWVhKaE1Rc3dDUVlEVlFRSQpE 37 | QUpEUVRFTE1Ba0dBMVVFQmhNQ1ZWTXdIaGNOTWpJeE1USTJNVFUwT1RFNVdoY05N 38 | amt4TVRJMk1UVTBPVEU1CldqQndNU0l3SUFZRFZRUUREQmxKYm5SbGJDQlRSMWdn 39 | VUVOTElFTmxjblJwWm1sallYUmxNUm93R0FZRFZRUUsKREJGSmJuUmxiQ0JEYjNK 40 | d2IzSmhkR2x2YmpFVU1CSUdBMVVFQnd3TFUyRnVkR0VnUTJ4aGNtRXhDekFKQmdO 41 | VgpCQWdNQWtOQk1Rc3dDUVlEVlFRR0V3SlZVekJaTUJNR0J5cUdTTTQ5QWdFR0ND 42 | cUdTTTQ5QXdFSEEwSUFCSUIyCm1vNWJ4TjZ4N0tLd1F5aGhwM1ZjSVlzbi93WWZy 43 | d3dubDU3VUl4UCsxY2xrSVdlUnFLZHQ5bnUxN2o1dFJuai8KR0plYTlRK2V3M0sx 44 | VlhVY0RsV2pnZ01PTUlJRENqQWZCZ05WSFNNRUdEQVdnQlNWYjEzTnZSdmg2VUJK 45 | eWRUMApNODRCVnd2ZVZEQnJCZ05WSFI4RVpEQmlNR0NnWHFCY2hscG9kSFJ3Y3pv 46 | dkwyRndhUzUwY25WemRHVmtjMlZ5CmRtbGpaWE11YVc1MFpXd3VZMjl0TDNObmVD 47 | OWpaWEowYVdacFkyRjBhVzl1TDNZekwzQmphMk55YkQ5allUMXcKYkdGMFptOXli 48 | U1psYm1OdlpHbHVaejFrWlhJd0hRWURWUjBPQkJZRUZER2g2amkxNU5Lc1pkNjBW 49 | dlN0TGxwNwpGTFdXTUE0R0ExVWREd0VCL3dRRUF3SUd3REFNQmdOVkhSTUJBZjhF 50 | QWpBQU1JSUNPd1lKS29aSWh2aE5BUTBCCkJJSUNMRENDQWlnd0hnWUtLb1pJaHZo 51 | TkFRMEJBUVFRek55dnZJMmRCN1dYenE3QU5nSUhPakNDQVdVR0NpcUcKU0liNFRR 52 | RU5BUUl3Z2dGVk1CQUdDeXFHU0liNFRRRU5BUUlCQWdFRU1CQUdDeXFHU0liNFRR 53 | RU5BUUlDQWdFRQpNQkFHQ3lxR1NJYjRUUUVOQVFJREFnRURNQkFHQ3lxR1NJYjRU 54 | UUVOQVFJRUFnRURNQkVHQ3lxR1NJYjRUUUVOCkFRSUZBZ0lBL3pBUkJnc3Foa2lH 55 | K0UwQkRRRUNCZ0lDQVA4d0VBWUxLb1pJaHZoTkFRMEJBZ2NDQVFBd0VBWUwKS29a 56 | SWh2aE5BUTBCQWdnQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWdrQ0FRQXdFQVlMS29a 57 | SWh2aE5BUTBCQWdvQwpBUUF3RUFZTEtvWklodmhOQVEwQkFnc0NBUUF3RUFZTEtv 58 | WklodmhOQVEwQkFnd0NBUUF3RUFZTEtvWklodmhOCkFRMEJBZzBDQVFBd0VBWUxL 59 | b1pJaHZoTkFRMEJBZzRDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZzhDQVFBd0VBWUwK 60 | S29aSWh2aE5BUTBCQWhBQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWhFQ0FRc3dId1lM 61 | S29aSWh2aE5BUTBCQWhJRQpFQVFFQXdQLy93QUFBQUFBQUFBQUFBQXdFQVlLS29a 62 | SWh2aE5BUTBCQXdRQ0FBQXdGQVlLS29aSWh2aE5BUTBCCkJBUUdBR0JxQUFBQU1B 63 | OEdDaXFHU0liNFRRRU5BUVVLQVFFd0hnWUtLb1pJaHZoTkFRMEJCZ1FRcXJ3dVoy 64 | U2wKKy81TndTYnpCNmUyNGpCRUJnb3Foa2lHK0UwQkRRRUhNRFl3RUFZTEtvWklo 65 | dmhOQVEwQkJ3RUJBZjh3RUFZTApLb1pJaHZoTkFRMEJCd0lCQWY4d0VBWUxLb1pJ 66 | aHZoTkFRMEJCd01CQWY4d0NnWUlLb1pJemowRUF3SURTQUF3ClJRSWdDWEh2anVw 67 | VVN3MkZWOGFnZjN5RW03bXJiTy9uc04rNXJWTW4zcmFLeWp3Q0lRQ0dhUDlYekxs 68 | N20rYTIKZWU2ckhGU3kvQzdCUnlyNFVIM3lWbE5tbVpyT3RnPT0KLS0tLS1FTkQg 69 | Q0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJ 70 | Q2xqQ0NBajJnQXdJQkFnSVZBSlZ2WGMyOUcrSHBRRW5KMVBRenpnRlhDOTVVTUFv 71 | R0NDcUdTTTQ5QkFNQwpNR2d4R2pBWUJnTlZCQU1NRVVsdWRHVnNJRk5IV0NCU2Iy 72 | OTBJRU5CTVJvd0dBWURWUVFLREJGSmJuUmxiQ0JECmIzSndiM0poZEdsdmJqRVVN 73 | QklHQTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJnTlZCQWdNQWtOQk1Rc3cK 74 | Q1FZRFZRUUdFd0pWVXpBZUZ3MHhPREExTWpFeE1EVXdNVEJhRncwek16QTFNakV4 75 | TURVd01UQmFNSEF4SWpBZwpCZ05WQkFNTUdVbHVkR1ZzSUZOSFdDQlFRMHNnVUd4 76 | aGRHWnZjbTBnUTBFeEdqQVlCZ05WQkFvTUVVbHVkR1ZzCklFTnZjbkJ2Y21GMGFX 77 | OXVNUlF3RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5WVRFTE1Ba0dBMVVFQ0F3Q1Ew 78 | RXgKQ3pBSkJnTlZCQVlUQWxWVE1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERB 79 | UWNEUWdBRU5TQi83dDIxbFhTTwoyQ3V6cHh3NzRlSkI3MkV5REdnVzVyWEN0eDJ0 80 | VlRMcTZoS2s2eitVaVJaQ25xUjdwc092Z3FGZVN4bG1UbEpsCmVUbWkyV1l6M3FP 81 | QnV6Q0J1REFmQmdOVkhTTUVHREFXZ0JRaVpReldXcDAwaWZPRHRKVlN2MUFiT1Nj 82 | R3JEQlMKQmdOVkhSOEVTekJKTUVlZ1JhQkRoa0ZvZEhSd2N6b3ZMMk5sY25ScFpt 83 | bGpZWFJsY3k1MGNuVnpkR1ZrYzJWeQpkbWxqWlhNdWFXNTBaV3d1WTI5dEwwbHVk 84 | R1ZzVTBkWVVtOXZkRU5CTG1SbGNqQWRCZ05WSFE0RUZnUVVsVzlkCnpiMGI0ZWxB 85 | U2NuVTlEUE9BVmNMM2xRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VC 86 | L3dRSU1BWUIKQWY4Q0FRQXdDZ1lJS29aSXpqMEVBd0lEUndBd1JBSWdYc1ZraTB3 87 | K2k2VllHVzNVRi8yMnVhWGUwWUpEajFVZQpuQStUakQxYWk1Y0NJQ1liMVNBbUQ1 88 | eGtmVFZwdm80VW95aVNZeHJEV0xtVVI0Q0k5Tkt5ZlBOKwotLS0tLUVORCBDRVJU 89 | SUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlDanpD 90 | Q0FqU2dBd0lCQWdJVUltVU0xbHFkTkluemc3U1ZVcjlRR3prbkJxd3dDZ1lJS29a 91 | SXpqMEVBd0l3CmFERWFNQmdHQTFVRUF3d1JTVzUwWld3Z1UwZFlJRkp2YjNRZ1Ew 92 | RXhHakFZQmdOVkJBb01FVWx1ZEdWc0lFTnYKY25CdmNtRjBhVzl1TVJRd0VnWURW 93 | UVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNBd0NRMEV4Q3pBSgpCZ05W 94 | QkFZVEFsVlRNQjRYRFRFNE1EVXlNVEV3TkRVeE1Gb1hEVFE1TVRJek1USXpOVGsx 95 | T1Zvd2FERWFNQmdHCkExVUVBd3dSU1c1MFpXd2dVMGRZSUZKdmIzUWdRMEV4R2pB 96 | WUJnTlZCQW9NRVVsdWRHVnNJRU52Y25CdmNtRjAKYVc5dU1SUXdFZ1lEVlFRSERB 97 | dFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUpCZ05WQkFZVApB 98 | bFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFQzZuRXdNRElZ 99 | Wk9qL2lQV3NDemFFS2k3CjFPaU9TTFJGaFdHamJuQlZKZlZua1k0dTNJamtEWVlM 100 | ME14TzRtcXN5WWpsQmFsVFZZeEZQMnNKQks1emxLT0IKdXpDQnVEQWZCZ05WSFNN 101 | RUdEQVdnQlFpWlF6V1dwMDBpZk9EdEpWU3YxQWJPU2NHckRCU0JnTlZIUjhFU3pC 102 | SgpNRWVnUmFCRGhrRm9kSFJ3Y3pvdkwyTmxjblJwWm1sallYUmxjeTUwY25WemRH 103 | VmtjMlZ5ZG1salpYTXVhVzUwClpXd3VZMjl0TDBsdWRHVnNVMGRZVW05dmRFTkJM 104 | bVJsY2pBZEJnTlZIUTRFRmdRVUltVU0xbHFkTkluemc3U1YKVXI5UUd6a25CcXd3 105 | RGdZRFZSMFBBUUgvQkFRREFnRUdNQklHQTFVZEV3RUIvd1FJTUFZQkFmOENBUUV3 106 | Q2dZSQpLb1pJemowRUF3SURTUUF3UmdJaEFPVy81UWtSK1M5Q2lTRGNOb293THVQ 107 | UkxzV0dmL1lpN0dTWDk0Qmd3VHdnCkFpRUE0SjBsckhvTXMrWG81by9zWDZPOVFX 108 | eEhSQXZaVUdPZFJRN2N2cVJYYXFJPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t 109 | CgAwghLGBgZngQUFBAkEghK62epgglkSfgMAAgAAAAAACQANAJOacjP3nEyplAoN 110 | s5V/Bgfk+ApSJL+j2UrPFuoqPVSoAAAAAAYGDAz//wAAAAAAAAAAAAAAAAAAAAAA 111 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcAAAAAAAAA5wAAAAAAAAAIZufKEbn0 112 | 7+S/ObJgf04SmfERkg2W2VcZCA8Btit1hQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 113 | AAAAAAAAAAAArcU1AfIc7ZuZjjenoY4GHGPgAxUEX6V6ScGO8KMNAsoAAAAAAAAA 114 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 115 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 116 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 117 | AAAAAAAAAAAA2Gc0Rv4PaELUrw0YLIdR1+lnA5EW3v9fhaQ7LKkMKDEAAAAAAAAA 118 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMoQAACR6REFNsapb/cJ01edYk+NsAeJ 119 | Aos4M9DLd/Uhbz67QAcwvt3yQWTBke0NtrThKDp3JRUAK5ZvUP0OglNquZUeW9vs 120 | iOhMsdIlBhw+z047fZzSs2Oqal/KeASCgfjt52mD+DtbNPUeY+iBD1vajqtANBHz 121 | oXNkxIixofGZaRRA+QYGDAz//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 122 | AAAAAAAAAAAAAAAAABUAAAAAAAAA5wAAAAAAAADOHaiawfVKgHJXxOV8eBQMvGZS 123 | 1NWH1g8FgxJaJ5K+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjE9X 124 | ddeWUD6WE393xoqCmgBWrI3tcBQLCBsJRJDFe/8AAAAAAAAAAAAAAAAAAAAAAAAA 125 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 126 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAkAAAAAAAAAAAAAAAAAAAAA 127 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADkvh 128 | g48gPglsFZsLZRhZtQwJbArlChYuGdIvywwlSx8AAAAAAAAAAAAAAAAAAAAAAAAA 129 | AAAAAAAAAAAAAAAAAEHKuF3nAZnXiXTTe7/vI94iADNi4mUq4tJ/VRYQ69wKOixL 130 | +ZGfSYYKhMY0sh6Bpkb/tYDwpoEhXSPj5a6Te3UgAAABAgMEBQYHCAkKCwwNDg8Q 131 | ERITFBUWFxgZGhscHR4fBQBiDgAALS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t 132 | Ck1JSUU4akNDQkppZ0F3SUJBZ0lVRkplU1o2Mm1hUmY2cC9zVUxSZk1NVUpkZFB3 133 | d0NnWUlLb1pJemowRUF3SXcKY0RFaU1DQUdBMVVFQXd3WlNXNTBaV3dnVTBkWUlG 134 | QkRTeUJRYkdGMFptOXliU0JEUVRFYU1CZ0dBMVVFQ2d3UgpTVzUwWld3Z1EyOXlj 135 | Rzl5WVhScGIyNHhGREFTQmdOVkJBY01DMU5oYm5SaElFTnNZWEpoTVFzd0NRWURW 136 | UVFJCkRBSkRRVEVMTUFrR0ExVUVCaE1DVlZNd0hoY05Nakl4TVRJMk1UVTBPVEU1 137 | V2hjTk1qa3hNVEkyTVRVME9URTUKV2pCd01TSXdJQVlEVlFRRERCbEpiblJsYkNC 138 | VFIxZ2dVRU5MSUVObGNuUnBabWxqWVhSbE1Sb3dHQVlEVlFRSwpEQkZKYm5SbGJD 139 | QkRiM0p3YjNKaGRHbHZiakVVTUJJR0ExVUVCd3dMVTJGdWRHRWdRMnhoY21FeEN6 140 | QUpCZ05WCkJBZ01Ba05CTVFzd0NRWURWUVFHRXdKVlV6QlpNQk1HQnlxR1NNNDlB 141 | Z0VHQ0NxR1NNNDlBd0VIQTBJQUJJQjIKbW81YnhONng3S0t3UXloaHAzVmNJWXNu 142 | L3dZZnJ3d25sNTdVSXhQKzFjbGtJV2VScUtkdDludTE3ajV0Um5qLwpHSmVhOVEr 143 | ZXczSzFWWFVjRGxXamdnTU9NSUlEQ2pBZkJnTlZIU01FR0RBV2dCU1ZiMTNOdlJ2 144 | aDZVQkp5ZFQwCk04NEJWd3ZlVkRCckJnTlZIUjhFWkRCaU1HQ2dYcUJjaGxwb2RI 145 | Undjem92TDJGd2FTNTBjblZ6ZEdWa2MyVnkKZG1salpYTXVhVzUwWld3dVkyOXRM 146 | M05uZUM5alpYSjBhV1pwWTJGMGFXOXVMM1l6TDNCamEyTnliRDlqWVQxdwpiR0Yw 147 | Wm05eWJTWmxibU52WkdsdVp6MWtaWEl3SFFZRFZSME9CQllFRkRHaDZqaTE1Tktz 148 | WmQ2MFZ2U3RMbHA3CkZMV1dNQTRHQTFVZER3RUIvd1FFQXdJR3dEQU1CZ05WSFJN 149 | QkFmOEVBakFBTUlJQ093WUpLb1pJaHZoTkFRMEIKQklJQ0xEQ0NBaWd3SGdZS0tv 150 | WklodmhOQVEwQkFRUVF6Tnl2dkkyZEI3V1h6cTdBTmdJSE9qQ0NBV1VHQ2lxRwpT 151 | SWI0VFFFTkFRSXdnZ0ZWTUJBR0N5cUdTSWI0VFFFTkFRSUJBZ0VFTUJBR0N5cUdT 152 | SWI0VFFFTkFRSUNBZ0VFCk1CQUdDeXFHU0liNFRRRU5BUUlEQWdFRE1CQUdDeXFH 153 | U0liNFRRRU5BUUlFQWdFRE1CRUdDeXFHU0liNFRRRU4KQVFJRkFnSUEvekFSQmdz 154 | cWhraUcrRTBCRFFFQ0JnSUNBUDh3RUFZTEtvWklodmhOQVEwQkFnY0NBUUF3RUFZ 155 | TApLb1pJaHZoTkFRMEJBZ2dDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZ2tDQVFBd0VB 156 | WUxLb1pJaHZoTkFRMEJBZ29DCkFRQXdFQVlMS29aSWh2aE5BUTBCQWdzQ0FRQXdF 157 | QVlMS29aSWh2aE5BUTBCQWd3Q0FRQXdFQVlMS29aSWh2aE4KQVEwQkFnMENBUUF3 158 | RUFZTEtvWklodmhOQVEwQkFnNENBUUF3RUFZTEtvWklodmhOQVEwQkFnOENBUUF3 159 | RUFZTApLb1pJaHZoTkFRMEJBaEFDQVFBd0VBWUxLb1pJaHZoTkFRMEJBaEVDQVFz 160 | d0h3WUxLb1pJaHZoTkFRMEJBaElFCkVBUUVBd1AvL3dBQUFBQUFBQUFBQUFBd0VB 161 | WUtLb1pJaHZoTkFRMEJBd1FDQUFBd0ZBWUtLb1pJaHZoTkFRMEIKQkFRR0FHQnFB 162 | QUFBTUE4R0NpcUdTSWI0VFFFTkFRVUtBUUV3SGdZS0tvWklodmhOQVEwQkJnUVFx 163 | cnd1WjJTbAorLzVOd1NiekI2ZTI0akJFQmdvcWhraUcrRTBCRFFFSE1EWXdFQVlM 164 | S29aSWh2aE5BUTBCQndFQkFmOHdFQVlMCktvWklodmhOQVEwQkJ3SUJBZjh3RUFZ 165 | TEtvWklodmhOQVEwQkJ3TUJBZjh3Q2dZSUtvWkl6ajBFQXdJRFNBQXcKUlFJZ0NY 166 | SHZqdXBVU3cyRlY4YWdmM3lFbTdtcmJPL25zTis1clZNbjNyYUt5andDSVFDR2FQ 167 | OVh6TGw3bSthMgplZTZySEZTeS9DN0JSeXI0VUgzeVZsTm1tWnJPdGc9PQotLS0t 168 | LUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0t 169 | LQpNSUlDbGpDQ0FqMmdBd0lCQWdJVkFKVnZYYzI5RytIcFFFbkoxUFF6emdGWEM5 170 | NVVNQW9HQ0NxR1NNNDlCQU1DCk1HZ3hHakFZQmdOVkJBTU1FVWx1ZEdWc0lGTkhX 171 | Q0JTYjI5MElFTkJNUm93R0FZRFZRUUtEQkZKYm5SbGJDQkQKYjNKd2IzSmhkR2x2 172 | YmpFVU1CSUdBMVVFQnd3TFUyRnVkR0VnUTJ4aGNtRXhDekFKQmdOVkJBZ01Ba05C 173 | TVFzdwpDUVlEVlFRR0V3SlZVekFlRncweE9EQTFNakV4TURVd01UQmFGdzB6TXpB 174 | MU1qRXhNRFV3TVRCYU1IQXhJakFnCkJnTlZCQU1NR1VsdWRHVnNJRk5IV0NCUVEw 175 | c2dVR3hoZEdadmNtMGdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnMKSUVOdmNuQnZj 176 | bUYwYVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVD 177 | QXdDUTBFeApDekFKQmdOVkJBWVRBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJ 178 | emowREFRY0RRZ0FFTlNCLzd0MjFsWFNPCjJDdXpweHc3NGVKQjcyRXlER2dXNXJY 179 | Q3R4MnRWVExxNmhLazZ6K1VpUlpDbnFSN3BzT3ZncUZlU3hsbVRsSmwKZVRtaTJX 180 | WXozcU9CdXpDQnVEQWZCZ05WSFNNRUdEQVdnQlFpWlF6V1dwMDBpZk9EdEpWU3Yx 181 | QWJPU2NHckRCUwpCZ05WSFI4RVN6QkpNRWVnUmFCRGhrRm9kSFJ3Y3pvdkwyTmxj 182 | blJwWm1sallYUmxjeTUwY25WemRHVmtjMlZ5CmRtbGpaWE11YVc1MFpXd3VZMjl0 183 | TDBsdWRHVnNVMGRZVW05dmRFTkJMbVJsY2pBZEJnTlZIUTRFRmdRVWxXOWQKemIw 184 | YjRlbEFTY25VOURQT0FWY0wzbFF3RGdZRFZSMFBBUUgvQkFRREFnRUdNQklHQTFV 185 | ZEV3RUIvd1FJTUFZQgpBZjhDQVFBd0NnWUlLb1pJemowRUF3SURSd0F3UkFJZ1hz 186 | VmtpMHcraTZWWUdXM1VGLzIydWFYZTBZSkRqMVVlCm5BK1RqRDFhaTVjQ0lDWWIx 187 | U0FtRDV4a2ZUVnB2bzRVb3lpU1l4ckRXTG1VUjRDSTlOS3lmUE4rCi0tLS0tRU5E 188 | IENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1J 189 | SUNqekNDQWpTZ0F3SUJBZ0lVSW1VTTFscWROSW56ZzdTVlVyOVFHemtuQnF3d0Nn 190 | WUlLb1pJemowRUF3SXcKYURFYU1CZ0dBMVVFQXd3UlNXNTBaV3dnVTBkWUlGSnZi 191 | M1FnUTBFeEdqQVlCZ05WQkFvTUVVbHVkR1ZzSUVOdgpjbkJ2Y21GMGFXOXVNUlF3 192 | RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5WVRFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFK 193 | CkJnTlZCQVlUQWxWVE1CNFhEVEU0TURVeU1URXdORFV4TUZvWERUUTVNVEl6TVRJ 194 | ek5UazFPVm93YURFYU1CZ0cKQTFVRUF3d1JTVzUwWld3Z1UwZFlJRkp2YjNRZ1Ew 195 | RXhHakFZQmdOVkJBb01FVWx1ZEdWc0lFTnZjbkJ2Y21GMAphVzl1TVJRd0VnWURW 196 | UVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNBd0NRMEV4Q3pBSkJnTlZC 197 | QVlUCkFsVlRNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVDNm5F 198 | d01ESVlaT2ovaVBXc0N6YUVLaTcKMU9pT1NMUkZoV0dqYm5CVkpmVm5rWTR1M0lq 199 | a0RZWUwwTXhPNG1xc3lZamxCYWxUVll4RlAyc0pCSzV6bEtPQgp1ekNCdURBZkJn 200 | TlZIU01FR0RBV2dCUWlaUXpXV3AwMGlmT0R0SlZTdjFBYk9TY0dyREJTQmdOVkhS 201 | OEVTekJKCk1FZWdSYUJEaGtGb2RIUndjem92TDJObGNuUnBabWxqWVhSbGN5NTBj 202 | blZ6ZEdWa2MyVnlkbWxqWlhNdWFXNTAKWld3dVkyOXRMMGx1ZEdWc1UwZFlVbTl2 203 | ZEVOQkxtUmxjakFkQmdOVkhRNEVGZ1FVSW1VTTFscWROSW56ZzdTVgpVcjlRR3pr 204 | bkJxd3dEZ1lEVlIwUEFRSC9CQVFEQWdFR01CSUdBMVVkRXdFQi93UUlNQVlCQWY4 205 | Q0FRRXdDZ1lJCktvWkl6ajBFQXdJRFNRQXdSZ0loQU9XLzVRa1IrUzlDaVNEY05v 206 | b3dMdVBSTHNXR2YvWWk3R1NYOTRCZ3dUd2cKQWlFQTRKMGxySG9NcytYbzVvL3NY 207 | Nk85UVd4SFJBdlpVR09kUlE3Y3ZxUlhhcUk9Ci0tLS0tRU5EIENFUlRJRklDQVRF 208 | LS0tLS0KAFgzoWtwdWJrZXktaGFzaFgkggFYIFpaWy0XdDMEjp1iQJ0azE7FJsBu 209 | KU0J5po2z/k2nkhRMAwGCCqGSM49BAMCBQADaAAwZQIxAPY9PODdQGGcVzaHCKqS 210 | fsKjWYN+ewBXstuAr93djClUl+qNpPLv/UXx/PLAUhdGyQIwbRJKR9xZrAU1oa9S 211 | MZFAwoSn6HSfVtDxPMOdpV8svDDxZttnhafuUA6S32CQx7gT 212 | -----END CERTIFICATE----- 213 | -------------------------------------------------------------------------------- /interoperability-tests/intel-sgxsdk-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIImWjCCJeCgAwIBAgIBATAKBggqhkjOPQQDAjBFMRowGAYDVQQDDBFJbnRlbCBT 3 | R1ggRW5jbGF2ZTEaMBgGA1UECgwRSW50ZWwgQ29ycG9yYXRpb24xCzAJBgNVBAYT 4 | AlVTMCIYDzIwMjEwNDAxMDAwMDAwWhgPMjA1MDEyMzEyMzU5NTlaMEUxGjAYBgNV 5 | BAMMEUludGVsIFNHWCBFbmNsYXZlMRowGAYDVQQKDBFJbnRlbCBDb3Jwb3JhdGlv 6 | bjELMAkGA1UEBhMCVVMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQfE6hKUf7yAFRm 7 | lncgBz4VkVUOxXqdfu5kCCUe0uJJjSrAhit13q0j+UFbSuY7ECs1s7375C0hRoiz 8 | Wu5aWciSqR6WUQK6fjdg3KFEWGFOyoA+0uotWgVN1mAs4Q3xW5CjgiSeMIIkmjAJ 9 | BgNVHRMEAjAAMB0GA1UdDgQWBBQD+0BP4ifViDk46KqOJv/iC3KP+DAfBgNVHSME 10 | GDAWgBQD+0BP4ifViDk46KqOJv/iC3KP+DCCEgcGCSqGSIb4TQENAQSCEfgDAAIA 11 | AAAAAAoADwCTmnIz95xMqZQKDbOVfwYH6b7oOIZAS8NT3hgr85jvpgAAAAAICAAA 12 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAAAA 13 | AAAAAAMAAAAAAAAACeIYpL6drb983ILEVJfW1PZ207dURfw3o3bwtltH3moAAAAA 14 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODIbFHgWthZJnPbNIFVvd9LytYT 15 | GlIFzkJlwNeVgDuiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 16 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 17 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 18 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOVRsIHVB5rXVltfIKRfJ2wvWmFS 19 | wYAsBojhWgLoenTJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEEAAA 20 | cH9reGa8L3k9XQGBXT+5dYxTZdby4pxVMVf7DPXIs9JUIw7gV7ggvmQ6Ua/nSDYX 21 | vDpe60wgp8m/xQNkdoHyUOuXyBjKHaVWpLfyZGihupYZ1U1H/2u2teX86Un2tmQH 22 | tcySZ5xViIBGUgKY7KtbAlrxGaTDzXK/MLvMG5QOL0gICAAAAAAAAAAAAAAAAAAA 23 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVAAAAAAAAAAMAAAAAAAAA 24 | lrNHpk5aBF4nNpwm5tzaUf18hQ6bOjp55xj0MmHe4eQAAAAAAAAAAAAAAAAAAAAA 25 | AAAAAAAAAAAAAAAAAAAAAIxPV3XXllA+lhN/d8aKgpoAVqyN7XAUCwgbCUSQxXv/ 26 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 27 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 28 | AQAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 29 | AAAAAAAAAAAAAAAAAAAAAHdC4ezt7bQzNpOp2R0eIKLHTs9Webb+OLA5Nk0xhBcx 30 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlFao9iv22IUqgSA7fkAJ5 31 | zaVRgKdk9UABtR4tvjZOk/qkotL0HNJ/BwEpcm3RBmKfsCeIydQBsUm/pTWVlvA2 32 | IAAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHwUA3A0AAC0tLS0tQkVH 33 | SU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlFalRDQ0JET2dBd0lCQWdJVkFLcDcvdUxx 34 | QUZKOFRjNHQ4VDdzeXo3eXJkVHRNQW9HQ0NxR1NNNDlCQU1DCk1IRXhJekFoQmdO 35 | VkJBTU1Ha2x1ZEdWc0lGTkhXQ0JRUTBzZ1VISnZZMlZ6YzI5eUlFTkJNUm93R0FZ 36 | RFZRUUsKREJGSmJuUmxiQ0JEYjNKd2IzSmhkR2x2YmpFVU1CSUdBMVVFQnd3TFUy 37 | RnVkR0VnUTJ4aGNtRXhDekFKQmdOVgpCQWdNQWtOQk1Rc3dDUVlEVlFRR0V3SlZV 38 | ekFlRncweU16RXlNVFV3TlRRMU16WmFGdzB6TURFeU1UVXdOVFExCk16WmFNSEF4 39 | SWpBZ0JnTlZCQU1NR1VsdWRHVnNJRk5IV0NCUVEwc2dRMlZ5ZEdsbWFXTmhkR1V4 40 | R2pBWUJnTlYKQkFvTUVVbHVkR1ZzSUVOdmNuQnZjbUYwYVc5dU1SUXdFZ1lEVlFR 41 | SERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrRwpBMVVFQ0F3Q1EwRXhDekFKQmdOVkJB 42 | WVRBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFCnVoRHdn 43 | WTFXRjVWR1VxbDI1d0wzcVErR1EzbFlGcExWWTRuY0kwUWJjS2NDTk5xcTZuNjYz 44 | T2c2a2JLTWJIMTUKOWE5ZzJaV3dGOVIvS0lOMWRGcVRrNk9DQXFjd2dnS2pNQjhH 45 | QTFVZEl3UVlNQmFBRk5Eb3F0cDExL2t1U1JlWQpQSHNVWmREVjhsbE5NR3dHQTFV 46 | ZEh3UmxNR013WWFCZm9GMkdXMmgwZEhCek9pOHZZWEJwTG5SeWRYTjBaV1J6ClpY 47 | SjJhV05sY3k1cGJuUmxiQzVqYjIwdmMyZDRMMk5sY25ScFptbGpZWFJwYjI0dmRq 48 | UXZjR05yWTNKc1AyTmgKUFhCeWIyTmxjM052Y2labGJtTnZaR2x1Wnoxa1pYSXdI 49 | UVlEVlIwT0JCWUVGRWFGSDdydEEvTDZtY2ZBZWRCZAoxdXZLQ3BxRU1BNEdBMVVk 50 | RHdFQi93UUVBd0lHd0RBTUJnTlZIUk1CQWY4RUFqQUFNSUlCMHdZSktvWklodmhO 51 | CkFRMEJCSUlCeERDQ0FjQXdIZ1lLS29aSWh2aE5BUTBCQVFRUUl5OHovc05uUlZ1 52 | MTVqdmF3eWY4SWpDQ0FXTUcKQ2lxR1NJYjRUUUVOQVFJd2dnRlRNQkFHQ3lxR1NJ 53 | YjRUUUVOQVFJQkFnRUlNQkFHQ3lxR1NJYjRUUUVOQVFJQwpBZ0VJTUJBR0N5cUdT 54 | SWI0VFFFTkFRSURBZ0VBTUJBR0N5cUdTSWI0VFFFTkFRSUVBZ0VBTUJBR0N5cUdT 55 | SWI0ClRRRU5BUUlGQWdFQU1CQUdDeXFHU0liNFRRRU5BUUlHQWdFQU1CQUdDeXFH 56 | U0liNFRRRU5BUUlIQWdFQU1CQUcKQ3lxR1NJYjRUUUVOQVFJSUFnRUFNQkFHQ3lx 57 | R1NJYjRUUUVOQVFJSkFnRUFNQkFHQ3lxR1NJYjRUUUVOQVFJSwpBZ0VBTUJBR0N5 58 | cUdTSWI0VFFFTkFRSUxBZ0VBTUJBR0N5cUdTSWI0VFFFTkFRSU1BZ0VBTUJBR0N5 59 | cUdTSWI0ClRRRU5BUUlOQWdFQU1CQUdDeXFHU0liNFRRRU5BUUlPQWdFQU1CQUdD 60 | eXFHU0liNFRRRU5BUUlQQWdFQU1CQUcKQ3lxR1NJYjRUUUVOQVFJUUFnRUFNQkFH 61 | Q3lxR1NJYjRUUUVOQVFJUkFnRU5NQjhHQ3lxR1NJYjRUUUVOQVFJUwpCQkFJQ0FB 62 | QUFBQUFBQUFBQUFBQUFBQUFNQkFHQ2lxR1NJYjRUUUVOQVFNRUFnQUFNQlFHQ2lx 63 | R1NJYjRUUUVOCkFRUUVCZ0J3YWhBQUFEQVBCZ29xaGtpRytFMEJEUUVGQ2dFQU1B 64 | b0dDQ3FHU000OUJBTUNBMGdBTUVVQ0lRRCsKY0t4aWx0TFpuQTA1WTl5Z1Y3clM1 65 | N0tQWWF0b09xWGtFZkIrYkpKTGVnSWdQLzlYTFBtNEVTWHlmTXhKNXduWQpIdXlV 66 | Qi85TDVyQ1FCb09JREFjeFVlRT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQot 67 | LS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJQ21EQ0NBajZnQXdJQkFnSVZB 68 | TkRvcXRwMTEva3VTUmVZUEhzVVpkRFY4bGxOTUFvR0NDcUdTTTQ5QkFNQwpNR2d4 69 | R2pBWUJnTlZCQU1NRVVsdWRHVnNJRk5IV0NCU2IyOTBJRU5CTVJvd0dBWURWUVFL 70 | REJGSmJuUmxiQ0JECmIzSndiM0poZEdsdmJqRVVNQklHQTFVRUJ3d0xVMkZ1ZEdF 71 | Z1EyeGhjbUV4Q3pBSkJnTlZCQWdNQWtOQk1Rc3cKQ1FZRFZRUUdFd0pWVXpBZUZ3 72 | MHhPREExTWpFeE1EVXdNVEJhRncwek16QTFNakV4TURVd01UQmFNSEV4SXpBaApC 73 | Z05WQkFNTUdrbHVkR1ZzSUZOSFdDQlFRMHNnVUhKdlkyVnpjMjl5SUVOQk1Sb3dH 74 | QVlEVlFRS0RCRkpiblJsCmJDQkRiM0p3YjNKaGRHbHZiakVVTUJJR0ExVUVCd3dM 75 | VTJGdWRHRWdRMnhoY21FeEN6QUpCZ05WQkFnTUFrTkIKTVFzd0NRWURWUVFHRXdK 76 | VlV6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJMOXErTk1wMklP 77 | Zwp0ZGwxYmsvdVdaNStUR1FtOGFDaTh6NzhmcytmS0NRM2QrdUR6WG5WVEFUMlpo 78 | RENpZnlJdUp3dk4zd05CcDlpCkhCU1NNSk1KckJPamdic3dnYmd3SHdZRFZSMGpC 79 | Qmd3Rm9BVUltVU0xbHFkTkluemc3U1ZVcjlRR3prbkJxd3cKVWdZRFZSMGZCRXN3 80 | U1RCSG9FV2dRNFpCYUhSMGNITTZMeTlqWlhKMGFXWnBZMkYwWlhNdWRISjFjM1Js 81 | WkhObApjblpwWTJWekxtbHVkR1ZzTG1OdmJTOUpiblJsYkZOSFdGSnZiM1JEUVM1 82 | a1pYSXdIUVlEVlIwT0JCWUVGTkRvCnF0cDExL2t1U1JlWVBIc1VaZERWOGxsTk1B 83 | NEdBMVVkRHdFQi93UUVBd0lCQmpBU0JnTlZIUk1CQWY4RUNEQUcKQVFIL0FnRUFN 84 | QW9HQ0NxR1NNNDlCQU1DQTBnQU1FVUNJUUNKZ1RidFZxT3laMW0zanFpQVhNNlFZ 85 | YTZyNXNXUwo0eS9HN3k4dUlKR3hkd0lnUnFQdkJTS3p6UWFnQkxRcTVzNUE3MHBk 86 | b2lhUko4ei8wdUR6NE5nVjkxaz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQot 87 | LS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJQ2p6Q0NBalNnQXdJQkFnSVVJ 88 | bVVNMWxxZE5JbnpnN1NWVXI5UUd6a25CcXd3Q2dZSUtvWkl6ajBFQXdJdwphREVh 89 | TUJnR0ExVUVBd3dSU1c1MFpXd2dVMGRZSUZKdmIzUWdRMEV4R2pBWUJnTlZCQW9N 90 | RVVsdWRHVnNJRU52CmNuQnZjbUYwYVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNC 91 | RGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUoKQmdOVkJBWVRBbFZUTUI0WERU 92 | RTRNRFV5TVRFd05EVXhNRm9YRFRRNU1USXpNVEl6TlRrMU9Wb3dhREVhTUJnRwpB 93 | MVVFQXd3UlNXNTBaV3dnVTBkWUlGSnZiM1FnUTBFeEdqQVlCZ05WQkFvTUVVbHVk 94 | R1ZzSUVOdmNuQnZjbUYwCmFXOXVNUlF3RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5 95 | WVRFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFKQmdOVkJBWVQKQWxWVE1Ga3dFd1lIS29a 96 | SXpqMENBUVlJS29aSXpqMERBUWNEUWdBRUM2bkV3TURJWVpPai9pUFdzQ3phRUtp 97 | NwoxT2lPU0xSRmhXR2pibkJWSmZWbmtZNHUzSWprRFlZTDBNeE80bXFzeVlqbEJh 98 | bFRWWXhGUDJzSkJLNXpsS09CCnV6Q0J1REFmQmdOVkhTTUVHREFXZ0JRaVpReldX 99 | cDAwaWZPRHRKVlN2MUFiT1NjR3JEQlNCZ05WSFI4RVN6QkoKTUVlZ1JhQkRoa0Zv 100 | ZEhSd2N6b3ZMMk5sY25ScFptbGpZWFJsY3k1MGNuVnpkR1ZrYzJWeWRtbGpaWE11 101 | YVc1MApaV3d1WTI5dEwwbHVkR1ZzVTBkWVVtOXZkRU5CTG1SbGNqQWRCZ05WSFE0 102 | RUZnUVVJbVVNMWxxZE5JbnpnN1NWClVyOVFHemtuQnF3d0RnWURWUjBQQVFIL0JB 103 | UURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFFd0NnWUkKS29aSXpqMEVB 104 | d0lEU1FBd1JnSWhBT1cvNVFrUitTOUNpU0RjTm9vd0x1UFJMc1dHZi9ZaTdHU1g5 105 | NEJnd1R3ZwpBaUVBNEowbHJIb01zK1hvNW8vc1g2TzlRV3hIUkF2WlVHT2RSUTdj 106 | dnFSWGFxST0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQoAMIISQAYGZ4EFBQQJ 107 | BIISNNnqYIJZEfgDAAIAAAAAAAoADwCTmnIz95xMqZQKDbOVfwYH6b7oOIZAS8NT 108 | 3hgr85jvpgAAAAAICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 109 | AAAAAAAAAAAAAAAHAAAAAAAAAAMAAAAAAAAACeIYpL6drb983ILEVJfW1PZ207dU 110 | Rfw3o3bwtltH3moAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODIbFHg 111 | WthZJnPbNIFVvd9LytYTGlIFzkJlwNeVgDuiAAAAAAAAAAAAAAAAAAAAAAAAAAAA 112 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 113 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 114 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOVRsIHV 115 | B5rXVltfIKRfJ2wvWmFSwYAsBojhWgLoenTJAAAAAAAAAAAAAAAAAAAAAAAAAAAA 116 | AAAAAAAAAAAAAABEEAAAcH9reGa8L3k9XQGBXT+5dYxTZdby4pxVMVf7DPXIs9JU 117 | Iw7gV7ggvmQ6Ua/nSDYXvDpe60wgp8m/xQNkdoHyUOuXyBjKHaVWpLfyZGihupYZ 118 | 1U1H/2u2teX86Un2tmQHtcySZ5xViIBGUgKY7KtbAlrxGaTDzXK/MLvMG5QOL0gI 119 | CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV 120 | AAAAAAAAAAMAAAAAAAAAlrNHpk5aBF4nNpwm5tzaUf18hQ6bOjp55xj0MmHe4eQA 121 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIxPV3XXllA+lhN/d8aKgpoA 122 | VqyN7XAUCwgbCUSQxXv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 123 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 124 | AAAAAAAAAAAAAAAAAAAAAQAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 125 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHdC4ezt7bQzNpOp2R0eIKLH 126 | Ts9Webb+OLA5Nk0xhBcxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAl 127 | Fao9iv22IUqgSA7fkAJ5zaVRgKdk9UABtR4tvjZOk/qkotL0HNJ/BwEpcm3RBmKf 128 | sCeIydQBsUm/pTWVlvA2IAAAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0e 129 | HwUA3A0AAC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlFalRDQ0JET2dB 130 | d0lCQWdJVkFLcDcvdUxxQUZKOFRjNHQ4VDdzeXo3eXJkVHRNQW9HQ0NxR1NNNDlC 131 | QU1DCk1IRXhJekFoQmdOVkJBTU1Ha2x1ZEdWc0lGTkhXQ0JRUTBzZ1VISnZZMlZ6 132 | YzI5eUlFTkJNUm93R0FZRFZRUUsKREJGSmJuUmxiQ0JEYjNKd2IzSmhkR2x2YmpF 133 | VU1CSUdBMVVFQnd3TFUyRnVkR0VnUTJ4aGNtRXhDekFKQmdOVgpCQWdNQWtOQk1R 134 | c3dDUVlEVlFRR0V3SlZVekFlRncweU16RXlNVFV3TlRRMU16WmFGdzB6TURFeU1U 135 | VXdOVFExCk16WmFNSEF4SWpBZ0JnTlZCQU1NR1VsdWRHVnNJRk5IV0NCUVEwc2dR 136 | MlZ5ZEdsbWFXTmhkR1V4R2pBWUJnTlYKQkFvTUVVbHVkR1ZzSUVOdmNuQnZjbUYw 137 | YVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrRwpBMVVFQ0F3 138 | Q1EwRXhDekFKQmdOVkJBWVRBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemow 139 | REFRY0RRZ0FFCnVoRHdnWTFXRjVWR1VxbDI1d0wzcVErR1EzbFlGcExWWTRuY0kw 140 | UWJjS2NDTk5xcTZuNjYzT2c2a2JLTWJIMTUKOWE5ZzJaV3dGOVIvS0lOMWRGcVRr 141 | Nk9DQXFjd2dnS2pNQjhHQTFVZEl3UVlNQmFBRk5Eb3F0cDExL2t1U1JlWQpQSHNV 142 | WmREVjhsbE5NR3dHQTFVZEh3UmxNR013WWFCZm9GMkdXMmgwZEhCek9pOHZZWEJw 143 | TG5SeWRYTjBaV1J6ClpYSjJhV05sY3k1cGJuUmxiQzVqYjIwdmMyZDRMMk5sY25S 144 | cFptbGpZWFJwYjI0dmRqUXZjR05yWTNKc1AyTmgKUFhCeWIyTmxjM052Y2labGJt 145 | TnZaR2x1Wnoxa1pYSXdIUVlEVlIwT0JCWUVGRWFGSDdydEEvTDZtY2ZBZWRCZAox 146 | dXZLQ3BxRU1BNEdBMVVkRHdFQi93UUVBd0lHd0RBTUJnTlZIUk1CQWY4RUFqQUFN 147 | SUlCMHdZSktvWklodmhOCkFRMEJCSUlCeERDQ0FjQXdIZ1lLS29aSWh2aE5BUTBC 148 | QVFRUUl5OHovc05uUlZ1MTVqdmF3eWY4SWpDQ0FXTUcKQ2lxR1NJYjRUUUVOQVFJ 149 | d2dnRlRNQkFHQ3lxR1NJYjRUUUVOQVFJQkFnRUlNQkFHQ3lxR1NJYjRUUUVOQVFJ 150 | QwpBZ0VJTUJBR0N5cUdTSWI0VFFFTkFRSURBZ0VBTUJBR0N5cUdTSWI0VFFFTkFR 151 | SUVBZ0VBTUJBR0N5cUdTSWI0ClRRRU5BUUlGQWdFQU1CQUdDeXFHU0liNFRRRU5B 152 | UUlHQWdFQU1CQUdDeXFHU0liNFRRRU5BUUlIQWdFQU1CQUcKQ3lxR1NJYjRUUUVO 153 | QVFJSUFnRUFNQkFHQ3lxR1NJYjRUUUVOQVFJSkFnRUFNQkFHQ3lxR1NJYjRUUUVO 154 | QVFJSwpBZ0VBTUJBR0N5cUdTSWI0VFFFTkFRSUxBZ0VBTUJBR0N5cUdTSWI0VFFF 155 | TkFRSU1BZ0VBTUJBR0N5cUdTSWI0ClRRRU5BUUlOQWdFQU1CQUdDeXFHU0liNFRR 156 | RU5BUUlPQWdFQU1CQUdDeXFHU0liNFRRRU5BUUlQQWdFQU1CQUcKQ3lxR1NJYjRU 157 | UUVOQVFJUUFnRUFNQkFHQ3lxR1NJYjRUUUVOQVFJUkFnRU5NQjhHQ3lxR1NJYjRU 158 | UUVOQVFJUwpCQkFJQ0FBQUFBQUFBQUFBQUFBQUFBQUFNQkFHQ2lxR1NJYjRUUUVO 159 | QVFNRUFnQUFNQlFHQ2lxR1NJYjRUUUVOCkFRUUVCZ0J3YWhBQUFEQVBCZ29xaGtp 160 | RytFMEJEUUVGQ2dFQU1Bb0dDQ3FHU000OUJBTUNBMGdBTUVVQ0lRRCsKY0t4aWx0 161 | TFpuQTA1WTl5Z1Y3clM1N0tQWWF0b09xWGtFZkIrYkpKTGVnSWdQLzlYTFBtNEVT 162 | WHlmTXhKNXduWQpIdXlVQi85TDVyQ1FCb09JREFjeFVlRT0KLS0tLS1FTkQgQ0VS 163 | VElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJQ21E 164 | Q0NBajZnQXdJQkFnSVZBTkRvcXRwMTEva3VTUmVZUEhzVVpkRFY4bGxOTUFvR0ND 165 | cUdTTTQ5QkFNQwpNR2d4R2pBWUJnTlZCQU1NRVVsdWRHVnNJRk5IV0NCU2IyOTBJ 166 | RU5CTVJvd0dBWURWUVFLREJGSmJuUmxiQ0JECmIzSndiM0poZEdsdmJqRVVNQklH 167 | QTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJnTlZCQWdNQWtOQk1Rc3cKQ1FZ 168 | RFZRUUdFd0pWVXpBZUZ3MHhPREExTWpFeE1EVXdNVEJhRncwek16QTFNakV4TURV 169 | d01UQmFNSEV4SXpBaApCZ05WQkFNTUdrbHVkR1ZzSUZOSFdDQlFRMHNnVUhKdlky 170 | VnpjMjl5SUVOQk1Sb3dHQVlEVlFRS0RCRkpiblJsCmJDQkRiM0p3YjNKaGRHbHZi 171 | akVVTUJJR0ExVUVCd3dMVTJGdWRHRWdRMnhoY21FeEN6QUpCZ05WQkFnTUFrTkIK 172 | TVFzd0NRWURWUVFHRXdKVlV6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VI 173 | QTBJQUJMOXErTk1wMklPZwp0ZGwxYmsvdVdaNStUR1FtOGFDaTh6NzhmcytmS0NR 174 | M2QrdUR6WG5WVEFUMlpoRENpZnlJdUp3dk4zd05CcDlpCkhCU1NNSk1KckJPamdi 175 | c3dnYmd3SHdZRFZSMGpCQmd3Rm9BVUltVU0xbHFkTkluemc3U1ZVcjlRR3prbkJx 176 | d3cKVWdZRFZSMGZCRXN3U1RCSG9FV2dRNFpCYUhSMGNITTZMeTlqWlhKMGFXWnBZ 177 | MkYwWlhNdWRISjFjM1JsWkhObApjblpwWTJWekxtbHVkR1ZzTG1OdmJTOUpiblJs 178 | YkZOSFdGSnZiM1JEUVM1a1pYSXdIUVlEVlIwT0JCWUVGTkRvCnF0cDExL2t1U1Jl 179 | WVBIc1VaZERWOGxsTk1BNEdBMVVkRHdFQi93UUVBd0lCQmpBU0JnTlZIUk1CQWY4 180 | RUNEQUcKQVFIL0FnRUFNQW9HQ0NxR1NNNDlCQU1DQTBnQU1FVUNJUUNKZ1RidFZx 181 | T3laMW0zanFpQVhNNlFZYTZyNXNXUwo0eS9HN3k4dUlKR3hkd0lnUnFQdkJTS3p6 182 | UWFnQkxRcTVzNUE3MHBkb2lhUko4ei8wdUR6NE5nVjkxaz0KLS0tLS1FTkQgQ0VS 183 | VElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJQ2p6 184 | Q0NBalNnQXdJQkFnSVVJbVVNMWxxZE5JbnpnN1NWVXI5UUd6a25CcXd3Q2dZSUtv 185 | Wkl6ajBFQXdJdwphREVhTUJnR0ExVUVBd3dSU1c1MFpXd2dVMGRZSUZKdmIzUWdR 186 | MEV4R2pBWUJnTlZCQW9NRVVsdWRHVnNJRU52CmNuQnZjbUYwYVc5dU1SUXdFZ1lE 187 | VlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUoKQmdO 188 | VkJBWVRBbFZUTUI0WERURTRNRFV5TVRFd05EVXhNRm9YRFRRNU1USXpNVEl6TlRr 189 | MU9Wb3dhREVhTUJnRwpBMVVFQXd3UlNXNTBaV3dnVTBkWUlGSnZiM1FnUTBFeEdq 190 | QVlCZ05WQkFvTUVVbHVkR1ZzSUVOdmNuQnZjbUYwCmFXOXVNUlF3RWdZRFZRUUhE 191 | QXRUWVc1MFlTQkRiR0Z5WVRFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFKQmdOVkJBWVQK 192 | QWxWVE1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRUM2bkV3TURJ 193 | WVpPai9pUFdzQ3phRUtpNwoxT2lPU0xSRmhXR2pibkJWSmZWbmtZNHUzSWprRFlZ 194 | TDBNeE80bXFzeVlqbEJhbFRWWXhGUDJzSkJLNXpsS09CCnV6Q0J1REFmQmdOVkhT 195 | TUVHREFXZ0JRaVpReldXcDAwaWZPRHRKVlN2MUFiT1NjR3JEQlNCZ05WSFI4RVN6 196 | QkoKTUVlZ1JhQkRoa0ZvZEhSd2N6b3ZMMk5sY25ScFptbGpZWFJsY3k1MGNuVnpk 197 | R1ZrYzJWeWRtbGpaWE11YVc1MApaV3d1WTI5dEwwbHVkR1ZzVTBkWVVtOXZkRU5C 198 | TG1SbGNqQWRCZ05WSFE0RUZnUVVJbVVNMWxxZE5JbnpnN1NWClVyOVFHemtuQnF3 199 | d0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFF 200 | d0NnWUkKS29aSXpqMEVBd0lEU1FBd1JnSWhBT1cvNVFrUitTOUNpU0RjTm9vd0x1 201 | UFJMc1dHZi9ZaTdHU1g5NEJnd1R3ZwpBaUVBNEowbHJIb01zK1hvNW8vc1g2TzlR 202 | V3hIUkF2WlVHT2RSUTdjdnFSWGFxST0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0t 203 | LQoAWDOha3B1YmtleS1oYXNoWCSCAVgg8wbtYCmFNx47SFEC2x/N1PRzgynOWLL4 204 | 0cXSzHl1ICYwCgYIKoZIzj0EAwIDaAAwZQIwXNVwSpwE/ak5z2dEpLxBG1oPgZEX 205 | AnpDRgqfWNwIqn3V+cFAcYUNJ+0u1VY82PBkAjEAnmAk5PPbnv5dhlhwxQNeU3C/ 206 | pt29P/3dhtX1gM4TRa/zVXRSUf5HwTeeNUcKQAn5 207 | -----END CERTIFICATE----- 208 | -------------------------------------------------------------------------------- /interoperability-tests/rats-tls-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIUjDCCFDKgAwIBAgIBATAKBggqhkjOPQQDAjAyMR0wGwYDVQQKDBRJbmNsYXZh 3 | cmUgQ29udGFpbmVyczERMA8GA1UEAwwIUkFUUy1UTFMwHhcNMjMwMjIyMTYxMDIy 4 | WhcNMjQwMjIyMTcxMDIyWjAyMR0wGwYDVQQKDBRJbmNsYXZhcmUgQ29udGFpbmVy 5 | czERMA8GA1UEAwwIUkFUUy1UTFMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQN 6 | +hk1/LUhQFAy7WE1C7mqjh2lKKFXquM/b/6+LRzcL2Zwa1j3aPazYBfazVLKogB8 7 | mZXnInzeGwXYLwUt/TKDo4ITNzCCEzMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUlFzn 8 | HuSRcXDLSueARN4kjKckyKIwHwYDVR0jBBgwFoAUlFznHuSRcXDLSueARN4kjKck 9 | yKIwghLkBgZngQUFBAkEghLY2epgglkSfgMAAgAAAAAACQANAJOacjP3nEyplAoN 10 | s5V/Bgfk+ApSJL+j2UrPFuoqPVSoAAAAAAYGDAz//wAAAAAAAAAAAAABAAAAAAAA 11 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcAAAAAAAAA5wAAAAAAAAA44bQLjGgY 12 | bzWcl+y2qJll2dhjjy3wb74Y6E15ombAQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 13 | AAAAAAAAAAAAg9cZ533qyhRw9rr2Kk13QwPImdtpAg+ccO4d/AjHzp4AAAAAAAAA 14 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 15 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 16 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 17 | AAAAAAAAAAAAPvYbk1YDNBdHuWxgI5faHEdhr+Tu7SzcCMv19P9hxTMAAAAAAAAA 18 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMoQAAASOSj1XJu6SZZTgVAEzzc9pikV 19 | dodnjx4txb2Wl5fW7gLoOcsNLnDy1qyxKMyY84jneQvR9c3FrDS8+3LgSkRfW9vs 20 | iOhMsdIlBhw+z047fZzSs2Oqal/KeASCgfjt52mD+DtbNPUeY+iBD1vajqtANBHz 21 | oXNkxIixofGZaRRA+QYGDAz//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 22 | AAAAAAAAAAAAAAAAABUAAAAAAAAA5wAAAAAAAADOHaiawfVKgHJXxOV8eBQMvGZS 23 | 1NWH1g8FgxJaJ5K+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjE9X 24 | ddeWUD6WE393xoqCmgBWrI3tcBQLCBsJRJDFe/8AAAAAAAAAAAAAAAAAAAAAAAAA 25 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 26 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAkAAAAAAAAAAAAAAAAAAAAA 27 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADkvh 28 | g48gPglsFZsLZRhZtQwJbArlChYuGdIvywwlSx8AAAAAAAAAAAAAAAAAAAAAAAAA 29 | AAAAAAAAAAAAAAAAAFGZafAXhWnK9vV+gBJqKGPLAjsw6GeRmKd9qEvwZjEUOZon 30 | qcuskYVtz2DwQB18SP9APHXYXgWUK9JgzKBmoM0gAAABAgMEBQYHCAkKCwwNDg8Q 31 | ERITFBUWFxgZGhscHR4fBQBiDgAALS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t 32 | Ck1JSUU4akNDQkppZ0F3SUJBZ0lVRkplU1o2Mm1hUmY2cC9zVUxSZk1NVUpkZFB3 33 | d0NnWUlLb1pJemowRUF3SXcKY0RFaU1DQUdBMVVFQXd3WlNXNTBaV3dnVTBkWUlG 34 | QkRTeUJRYkdGMFptOXliU0JEUVRFYU1CZ0dBMVVFQ2d3UgpTVzUwWld3Z1EyOXlj 35 | Rzl5WVhScGIyNHhGREFTQmdOVkJBY01DMU5oYm5SaElFTnNZWEpoTVFzd0NRWURW 36 | UVFJCkRBSkRRVEVMTUFrR0ExVUVCaE1DVlZNd0hoY05Nakl4TVRJMk1UVTBPVEU1 37 | V2hjTk1qa3hNVEkyTVRVME9URTUKV2pCd01TSXdJQVlEVlFRRERCbEpiblJsYkNC 38 | VFIxZ2dVRU5MSUVObGNuUnBabWxqWVhSbE1Sb3dHQVlEVlFRSwpEQkZKYm5SbGJD 39 | QkRiM0p3YjNKaGRHbHZiakVVTUJJR0ExVUVCd3dMVTJGdWRHRWdRMnhoY21FeEN6 40 | QUpCZ05WCkJBZ01Ba05CTVFzd0NRWURWUVFHRXdKVlV6QlpNQk1HQnlxR1NNNDlB 41 | Z0VHQ0NxR1NNNDlBd0VIQTBJQUJJQjIKbW81YnhONng3S0t3UXloaHAzVmNJWXNu 42 | L3dZZnJ3d25sNTdVSXhQKzFjbGtJV2VScUtkdDludTE3ajV0Um5qLwpHSmVhOVEr 43 | ZXczSzFWWFVjRGxXamdnTU9NSUlEQ2pBZkJnTlZIU01FR0RBV2dCU1ZiMTNOdlJ2 44 | aDZVQkp5ZFQwCk04NEJWd3ZlVkRCckJnTlZIUjhFWkRCaU1HQ2dYcUJjaGxwb2RI 45 | Undjem92TDJGd2FTNTBjblZ6ZEdWa2MyVnkKZG1salpYTXVhVzUwWld3dVkyOXRM 46 | M05uZUM5alpYSjBhV1pwWTJGMGFXOXVMM1l6TDNCamEyTnliRDlqWVQxdwpiR0Yw 47 | Wm05eWJTWmxibU52WkdsdVp6MWtaWEl3SFFZRFZSME9CQllFRkRHaDZqaTE1Tktz 48 | WmQ2MFZ2U3RMbHA3CkZMV1dNQTRHQTFVZER3RUIvd1FFQXdJR3dEQU1CZ05WSFJN 49 | QkFmOEVBakFBTUlJQ093WUpLb1pJaHZoTkFRMEIKQklJQ0xEQ0NBaWd3SGdZS0tv 50 | WklodmhOQVEwQkFRUVF6Tnl2dkkyZEI3V1h6cTdBTmdJSE9qQ0NBV1VHQ2lxRwpT 51 | SWI0VFFFTkFRSXdnZ0ZWTUJBR0N5cUdTSWI0VFFFTkFRSUJBZ0VFTUJBR0N5cUdT 52 | SWI0VFFFTkFRSUNBZ0VFCk1CQUdDeXFHU0liNFRRRU5BUUlEQWdFRE1CQUdDeXFH 53 | U0liNFRRRU5BUUlFQWdFRE1CRUdDeXFHU0liNFRRRU4KQVFJRkFnSUEvekFSQmdz 54 | cWhraUcrRTBCRFFFQ0JnSUNBUDh3RUFZTEtvWklodmhOQVEwQkFnY0NBUUF3RUFZ 55 | TApLb1pJaHZoTkFRMEJBZ2dDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZ2tDQVFBd0VB 56 | WUxLb1pJaHZoTkFRMEJBZ29DCkFRQXdFQVlMS29aSWh2aE5BUTBCQWdzQ0FRQXdF 57 | QVlMS29aSWh2aE5BUTBCQWd3Q0FRQXdFQVlMS29aSWh2aE4KQVEwQkFnMENBUUF3 58 | RUFZTEtvWklodmhOQVEwQkFnNENBUUF3RUFZTEtvWklodmhOQVEwQkFnOENBUUF3 59 | RUFZTApLb1pJaHZoTkFRMEJBaEFDQVFBd0VBWUxLb1pJaHZoTkFRMEJBaEVDQVFz 60 | d0h3WUxLb1pJaHZoTkFRMEJBaElFCkVBUUVBd1AvL3dBQUFBQUFBQUFBQUFBd0VB 61 | WUtLb1pJaHZoTkFRMEJBd1FDQUFBd0ZBWUtLb1pJaHZoTkFRMEIKQkFRR0FHQnFB 62 | QUFBTUE4R0NpcUdTSWI0VFFFTkFRVUtBUUV3SGdZS0tvWklodmhOQVEwQkJnUVFx 63 | cnd1WjJTbAorLzVOd1NiekI2ZTI0akJFQmdvcWhraUcrRTBCRFFFSE1EWXdFQVlM 64 | S29aSWh2aE5BUTBCQndFQkFmOHdFQVlMCktvWklodmhOQVEwQkJ3SUJBZjh3RUFZ 65 | TEtvWklodmhOQVEwQkJ3TUJBZjh3Q2dZSUtvWkl6ajBFQXdJRFNBQXcKUlFJZ0NY 66 | SHZqdXBVU3cyRlY4YWdmM3lFbTdtcmJPL25zTis1clZNbjNyYUt5andDSVFDR2FQ 67 | OVh6TGw3bSthMgplZTZySEZTeS9DN0JSeXI0VUgzeVZsTm1tWnJPdGc9PQotLS0t 68 | LUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0t 69 | LQpNSUlDbGpDQ0FqMmdBd0lCQWdJVkFKVnZYYzI5RytIcFFFbkoxUFF6emdGWEM5 70 | NVVNQW9HQ0NxR1NNNDlCQU1DCk1HZ3hHakFZQmdOVkJBTU1FVWx1ZEdWc0lGTkhX 71 | Q0JTYjI5MElFTkJNUm93R0FZRFZRUUtEQkZKYm5SbGJDQkQKYjNKd2IzSmhkR2x2 72 | YmpFVU1CSUdBMVVFQnd3TFUyRnVkR0VnUTJ4aGNtRXhDekFKQmdOVkJBZ01Ba05C 73 | TVFzdwpDUVlEVlFRR0V3SlZVekFlRncweE9EQTFNakV4TURVd01UQmFGdzB6TXpB 74 | MU1qRXhNRFV3TVRCYU1IQXhJakFnCkJnTlZCQU1NR1VsdWRHVnNJRk5IV0NCUVEw 75 | c2dVR3hoZEdadmNtMGdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnMKSUVOdmNuQnZj 76 | bUYwYVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVD 77 | QXdDUTBFeApDekFKQmdOVkJBWVRBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJ 78 | emowREFRY0RRZ0FFTlNCLzd0MjFsWFNPCjJDdXpweHc3NGVKQjcyRXlER2dXNXJY 79 | Q3R4MnRWVExxNmhLazZ6K1VpUlpDbnFSN3BzT3ZncUZlU3hsbVRsSmwKZVRtaTJX 80 | WXozcU9CdXpDQnVEQWZCZ05WSFNNRUdEQVdnQlFpWlF6V1dwMDBpZk9EdEpWU3Yx 81 | QWJPU2NHckRCUwpCZ05WSFI4RVN6QkpNRWVnUmFCRGhrRm9kSFJ3Y3pvdkwyTmxj 82 | blJwWm1sallYUmxjeTUwY25WemRHVmtjMlZ5CmRtbGpaWE11YVc1MFpXd3VZMjl0 83 | TDBsdWRHVnNVMGRZVW05dmRFTkJMbVJsY2pBZEJnTlZIUTRFRmdRVWxXOWQKemIw 84 | YjRlbEFTY25VOURQT0FWY0wzbFF3RGdZRFZSMFBBUUgvQkFRREFnRUdNQklHQTFV 85 | ZEV3RUIvd1FJTUFZQgpBZjhDQVFBd0NnWUlLb1pJemowRUF3SURSd0F3UkFJZ1hz 86 | VmtpMHcraTZWWUdXM1VGLzIydWFYZTBZSkRqMVVlCm5BK1RqRDFhaTVjQ0lDWWIx 87 | U0FtRDV4a2ZUVnB2bzRVb3lpU1l4ckRXTG1VUjRDSTlOS3lmUE4rCi0tLS0tRU5E 88 | IENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1J 89 | SUNqekNDQWpTZ0F3SUJBZ0lVSW1VTTFscWROSW56ZzdTVlVyOVFHemtuQnF3d0Nn 90 | WUlLb1pJemowRUF3SXcKYURFYU1CZ0dBMVVFQXd3UlNXNTBaV3dnVTBkWUlGSnZi 91 | M1FnUTBFeEdqQVlCZ05WQkFvTUVVbHVkR1ZzSUVOdgpjbkJ2Y21GMGFXOXVNUlF3 92 | RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5WVRFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFK 93 | CkJnTlZCQVlUQWxWVE1CNFhEVEU0TURVeU1URXdORFV4TUZvWERUUTVNVEl6TVRJ 94 | ek5UazFPVm93YURFYU1CZ0cKQTFVRUF3d1JTVzUwWld3Z1UwZFlJRkp2YjNRZ1Ew 95 | RXhHakFZQmdOVkJBb01FVWx1ZEdWc0lFTnZjbkJ2Y21GMAphVzl1TVJRd0VnWURW 96 | UVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNBd0NRMEV4Q3pBSkJnTlZC 97 | QVlUCkFsVlRNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVDNm5F 98 | d01ESVlaT2ovaVBXc0N6YUVLaTcKMU9pT1NMUkZoV0dqYm5CVkpmVm5rWTR1M0lq 99 | a0RZWUwwTXhPNG1xc3lZamxCYWxUVll4RlAyc0pCSzV6bEtPQgp1ekNCdURBZkJn 100 | TlZIU01FR0RBV2dCUWlaUXpXV3AwMGlmT0R0SlZTdjFBYk9TY0dyREJTQmdOVkhS 101 | OEVTekJKCk1FZWdSYUJEaGtGb2RIUndjem92TDJObGNuUnBabWxqWVhSbGN5NTBj 102 | blZ6ZEdWa2MyVnlkbWxqWlhNdWFXNTAKWld3dVkyOXRMMGx1ZEdWc1UwZFlVbTl2 103 | ZEVOQkxtUmxjakFkQmdOVkhRNEVGZ1FVSW1VTTFscWROSW56ZzdTVgpVcjlRR3pr 104 | bkJxd3dEZ1lEVlIwUEFRSC9CQVFEQWdFR01CSUdBMVVkRXdFQi93UUlNQVlCQWY4 105 | Q0FRRXdDZ1lJCktvWkl6ajBFQXdJRFNRQXdSZ0loQU9XLzVRa1IrUzlDaVNEY05v 106 | b3dMdVBSTHNXR2YvWWk3R1NYOTRCZ3dUd2cKQWlFQTRKMGxySG9NcytYbzVvL3NY 107 | Nk85UVd4SFJBdlpVR09kUlE3Y3ZxUlhhcUk9Ci0tLS0tRU5EIENFUlRJRklDQVRF 108 | LS0tLS0KAFhRo2twdWJrZXktaGFzaFgkggFYIHLAtwwgknQaTP2gwkZUh/rxMpmG 109 | F7Cq1TEYql1uGAAGZWtleV8wSHZhbHVlXzAAZWtleV8xSHZhbHVlXzEAMAoGCCqG 110 | SM49BAMCA0gAMEUCIBAq5vChzQgZGrymFgJtodUsh1OxgC0czetdpRLW5Yt5AiEA 111 | 4SSYAWmaKx1Xh8r3PvksTzVDbi3ABr+00SRyTmgDoAY= 112 | -----END CERTIFICATE----- 113 | --------------------------------------------------------------------------------