Merge branch 'master' into make_rpm_fix

This commit is contained in:
Thomas Cook
2026-05-05 10:12:05 -04:00
315 changed files with 38211 additions and 10948 deletions
+5 -5
View File
@@ -18,11 +18,11 @@ jobs:
matrix:
config: [
# Add new configs here
'--enable-asynccrypt --enable-all --enable-dtls13 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-asynccrypt --enable-all --enable-dtls13 CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-asynccrypt --enable-all --enable-dtls13 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-asynccrypt --enable-all --enable-dtls13 CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
]
name: make check
if: github.repository_owner == 'wolfssl'
+1 -1
View File
@@ -23,7 +23,7 @@ jobs:
check_filenames: true
check_hidden: true
# Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te,HSI,failT,
ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te,HSI,failT,toLen,
# The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
exclude_file: '.codespellexcludelines'
# To skip files entirely from being processed, add it to the following list:
@@ -238,8 +238,6 @@ ap_wpa2_eap_sim_imsi_privacy_attr
ap_wpa2_eap_sim_imsi_privacy_key
ap_wpa2_eap_sim_no_change_set
ap_wpa2_eap_sim_oom
ap_wpa2_eap_sim_sql
ap_wpa2_eap_sim_sql_fallback_to_pseudonym
ap_wpa2_eap_sim_zero_db_timeout
ap_wpa2_eap_tls_13_ec
ap_wpa2_eap_tls_13_missing_prot_success
@@ -248,9 +246,6 @@ ap_wpa2_eap_tls_check_cert_subject_neg
ap_wpa2_eap_tls_diff_ca_trust2
ap_wpa2_eap_tls_domain_mismatch_cn
ap_wpa2_eap_tls_domain_suffix_mismatch_cn
ap_wpa2_eap_tls_intermediate_ca_ocsp_multi_missing_resp
ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1
ap_wpa2_eap_tls_intermediate_ca_ocsp_sha1
ap_wpa2_eap_tls_neg_incorrect_trust_root
ap_wpa2_eap_tls_ocsp_multi
ap_wpa2_eap_tls_ocsp_multi_revoked
@@ -649,9 +644,6 @@ dpp_config_dpp_gen_secp521r1
dpp_config_dpp_gen_secp521r1_prime256v1
dpp_config_dpp_gen_secp521r1_secp384r1
dpp_config_dpp_gen_secp521r1_secp521r1
dpp_config_dpp_override_prime256v1
dpp_config_dpp_override_secp384r1
dpp_config_dpp_override_secp521r1
dpp_config_error_legacy_invalid_psk
dpp_config_error_legacy_no_pass
dpp_config_error_legacy_no_pass_for_sae
@@ -691,7 +683,6 @@ dpp_config_no_discovery
dpp_config_no_discovery_ssid
dpp_config_no_signed_connector
dpp_config_no_wi_fi_tech
dpp_config_override_objects
dpp_config_root_not_an_object
dpp_config_save
dpp_config_save2
@@ -748,12 +739,6 @@ dpp_hostapd_configurator_enrollee_v1
dpp_hostapd_configurator_fragmentation
dpp_hostapd_configurator_override_objects
dpp_hostapd_configurator_responder
dpp_hostapd_enrollee_fragmentation
dpp_hostapd_enrollee_gas_errors
dpp_hostapd_enrollee_gas_proto
dpp_hostapd_enrollee_gas_timeout
dpp_hostapd_enrollee_gas_timeout_comeback
dpp_hostapd_enrollee_gas_tx_status_errors
dpp_intro_mismatch
dpp_invalid_configurator_key
dpp_invalid_legacy_params
@@ -906,10 +891,6 @@ dpp_qr_code_auth_incompatible_roles2
dpp_qr_code_auth_incompatible_roles_failure
dpp_qr_code_auth_incompatible_roles_failure2
dpp_qr_code_auth_incompatible_roles_failure3
dpp_qr_code_auth_initiator_either_1
dpp_qr_code_auth_initiator_either_2
dpp_qr_code_auth_initiator_either_3
dpp_qr_code_auth_initiator_enrollee
dpp_qr_code_auth_mutual
dpp_qr_code_auth_mutual2
dpp_qr_code_auth_mutual_bp_256
@@ -219,7 +219,6 @@ ap_wpa2_eap_sim
ap_wpa2_eap_sim_imsi_identity
ap_wpa2_eap_sim_imsi_privacy_key
ap_wpa2_eap_sim_imsi_privacy_attr
ap_wpa2_eap_sim_sql
ap_wpa2_eap_sim_config
ap_wpa2_eap_sim_id_0
ap_wpa2_eap_sim_id_1
@@ -347,7 +346,6 @@ ap_wpa2_eap_tls_ocsp_server_signed
ap_wpa2_eap_tls_ocsp_invalid_data
ap_wpa2_eap_tls_ocsp_invalid
ap_wpa2_eap_tls_ocsp_unknown_sign
ap_wpa2_eap_tls_intermediate_ca
ap_wpa2_eap_tls_ocsp_multi_revoked
ap_wpa2_eap_tls_domain_suffix_match_cn_full
ap_wpa2_eap_tls_domain_match_cn
@@ -461,9 +459,6 @@ dpp_qr_code_auth_mutual_not_used
dpp_qr_code_auth_mutual_curve_mismatch
dpp_qr_code_auth_hostapd_mutual2
dpp_qr_code_listen_continue
dpp_qr_code_auth_initiator_enrollee
dpp_qr_code_auth_initiator_either_2
dpp_qr_code_auth_initiator_either_3
dpp_config_legacy
dpp_config_legacy_psk_hex
dpp_config_fragmentation
@@ -475,9 +470,6 @@ dpp_config_dpp_gen_secp521r1
dpp_config_dpp_gen_expiry
dpp_config_dpp_gen_expired_key
dpp_config_dpp_gen_3rd_party
dpp_config_dpp_override_prime256v1
dpp_config_dpp_override_secp384r1
dpp_config_override_objects
dpp_config_signed_connector_error_no_dot_1
dpp_config_signed_connector_error_no_dot_2
dpp_config_signed_connector_error_unexpected_signature_len
@@ -579,12 +571,6 @@ dpp_pkex_nak_curve_change2
dpp_hostapd_configurator
dpp_hostapd_configurator_responder
dpp_hostapd_configurator_fragmentation
dpp_hostapd_enrollee_fragmentation
dpp_hostapd_enrollee_gas_timeout
dpp_hostapd_enrollee_gas_timeout_comeback
dpp_hostapd_enrollee_gas_errors
dpp_hostapd_enrollee_gas_proto
dpp_hostapd_enrollee_gas_tx_status_errors
dpp_hostapd_configurator_override_objects
dpp_own_config
dpp_own_config_group_id
@@ -176,7 +176,6 @@ ap_wpa2_psk_ext_key_id_ptk_rekey_sta0
ap_wpa2_psk_ext_key_id_ptk_rekey_sta1
ap_wpa2_psk_ext_key_id_ptk_rekey_sta2
ap_wpa2_eap_sim
ap_wpa2_eap_sim_sql
ap_wpa2_eap_sim_config
ap_wpa2_eap_sim_id_0
ap_wpa2_eap_sim_id_1
+55 -36
View File
@@ -2,14 +2,10 @@ name: hostap and wpa-supplicant Tests
# START OF COMMON SECTION
on:
workflow_dispatch: # Allows people to run it manually if they want but
# disables it from running automatically when broken
# To restore this to an auto test delete the above workflow_dispatch line and
# comments and uncomment the below lines for push and pull_request
# push:
# branches: [ 'master', 'main', 'release/**' ]
# pull_request:
# branches: [ '*' ]
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@@ -80,12 +76,21 @@ jobs:
with:
path: hostap
key: hostap-repo
lookup-only: true
- name: Checkout hostap
if: steps.cache.outputs.cache-hit != 'true'
run: git clone https://w1.fi/hostap.git hostap
- name: tar hostap
run: tar -zcf hostap.tgz hostap
- name: Upload hostap repo
uses: actions/upload-artifact@v4
with:
name: hostap-repo
path: hostap.tgz
retention-days: 1
build_uml_linux:
name: Build UML (UserMode Linux)
if: github.repository_owner == 'wolfssl'
@@ -100,15 +105,16 @@ jobs:
with:
path: linux/linux
key: hostap-linux-${{ env.LINUX_REF }}
lookup-only: true
- name: Checking if we have hostap in cache
- name: Download hostap repo
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/cache/restore@v4
uses: actions/download-artifact@v4
with:
path: hostap
key: hostap-repo
fail-on-cache-miss: true
name: hostap-repo
- name: untar hostap
if: steps.cache.outputs.cache-hit != 'true'
run: tar -xf hostap.tgz
- name: Checkout linux
if: steps.cache.outputs.cache-hit != 'true'
@@ -126,6 +132,13 @@ jobs:
cd linux
yes "" | ARCH=um make -j $(nproc)
- name: Upload kernel binary
uses: actions/upload-artifact@v4
with:
name: uml-linux-kernel
path: linux/linux
retention-days: 1
hostap_test:
strategy:
fail-fast: false
@@ -174,13 +187,14 @@ jobs:
timeout-minutes: 45
needs: [build_wolfssl, build_uml_linux, checkout_hostap]
steps:
- name: Checking if we have kernel in cache
uses: actions/cache/restore@v4
id: cache
- name: Download kernel binary
uses: actions/download-artifact@v4
with:
path: linux/linux
key: hostap-linux-${{ env.LINUX_REF }}
fail-on-cache-miss: true
name: uml-linux-kernel
path: linux
- name: Restore kernel binary executable bit
run: chmod +x linux/linux
# No way to view the full strategy in the browser (really weird)
- name: Print strategy
@@ -219,27 +233,18 @@ jobs:
- name: Install pip dependencies
run: sudo pip install pycryptodome
- name: Checking if we have hostap in cache
uses: actions/cache/restore@v4
- name: Download hostap repo
uses: actions/download-artifact@v4
with:
path: hostap
key: hostap-repo
fail-on-cache-miss: true
name: hostap-repo
- name: untar hostap
run: tar -xf hostap.tgz
- name: Checkout correct ref
working-directory: hostap
run: git checkout ${{ matrix.config.hostap_ref }}
- name: Update certs
working-directory: hostap/tests/hwsim/auth_serv
run: |
./update.sh
./sha512-generate.sh
# Force regeneration of rsa3072-ca.key to get rsa3072-generate.sh to
# correctly update all the certs
rm rsa3072-ca.key
./rsa3072-generate.sh
- if: ${{ matrix.config.osp_ref }}
name: Checkout OSP
uses: actions/checkout@v4
@@ -258,6 +263,20 @@ jobs:
patch -p1 < $f
done
- name: Update certs
working-directory: hostap/tests/hwsim/auth_serv
run: |
mkdir -p rootCA/newcerts
./update.sh
./ec-generate.sh
./ec2-generate.sh
./sha512-generate.sh
# Force regeneration of rsa3072-ca.key to get rsa3072-generate.sh to
# correctly update all the certs
rm rsa3072-ca.key
./rsa3072-generate.sh
./ica-generate.sh
- name: Apply extra patches
working-directory: hostap
run: |
+18 -5
View File
@@ -14,7 +14,7 @@ concurrency:
jobs:
my_matrix:
name: Multi-arch test
name: Multi-arch test (${{ matrix.ARCH }}, ${{ matrix.opts.name }})
strategy:
fail-fast: false
matrix:
@@ -37,7 +37,20 @@ jobs:
CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
ARCH: armel
EXTRA_OPTS: --enable-sp-asm
opts: [ '-O2', '-O3', '-O1 -UFP_ECC', '-O0', '-Os', '-Ofast' ]
opts:
- name: '-O2'
OPT_CFLAGS: '-O2'
- name: '-O2 sp-math'
OPT_CFLAGS: '-O2'
OPT_EXTRA_OPTS: '--enable-sp-math'
- name: '-O1 -UFP_ECC'
OPT_CFLAGS: '-O1 -UFP_ECC'
- name: '-O0'
OPT_CFLAGS: '-O0'
- name: '-Os'
OPT_CFLAGS: '-Os'
- name: '-Ofast'
OPT_CFLAGS: '-Ofast'
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-22.04
# This should be a safe limit for the tests to run.
@@ -48,12 +61,12 @@ jobs:
sudo apt update
sudo apt install -y crossbuild-essential-${{ matrix.ARCH }} qemu-user
- uses: actions/checkout@v4
- name: Build for ${{ matrix.ARCH }} with Opt Level ${{ matrix.opts }}
- name: Build for ${{ matrix.ARCH }} with ${{ matrix.opts.name }}
env:
CC: ${{ matrix.CC }}
CFLAGS: ${{ matrix.CFLAGS }} ${{ matrix.opts }}
CFLAGS: ${{ matrix.CFLAGS }} ${{ matrix.opts.OPT_CFLAGS }}
QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples CPPFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT" ${{ matrix.EXTRA_OPTS }} && make
run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT" ${{ matrix.EXTRA_OPTS }} ${{ matrix.opts.OPT_EXTRA_OPTS }} && make
- name: Print errors
if: ${{ failure() }}
run: |
+1 -1
View File
@@ -51,7 +51,7 @@ jobs:
env:
CC: ${{ matrix.CC }}
CXX: ${{ matrix.CXX }}
run: ./autogen.sh && ./configure CFLAGS="-pedantic -Wdeclaration-after-statement" && make && make dist
run: ./autogen.sh && ./configure CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference" && make && make dist
- name: Show log on errors
if: ${{ failure() }}
run: |
+3 -3
View File
@@ -18,9 +18,9 @@ jobs:
matrix:
config: [
# Add new configs here
'--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC -DRSA_MIN_SIZE=1024 -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem --enable-staticmemory CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC -DRSA_MIN_SIZE=1024 -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem --enable-staticmemory CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
]
name: make check
if: github.repository_owner == 'wolfssl'
+1 -1
View File
@@ -18,7 +18,7 @@ jobs:
matrix:
config: [
# Add new configs here
'--disable-tls --enable-all CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--disable-tls --enable-all CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
]
name: make check
if: github.repository_owner == 'wolfssl'
+2 -2
View File
@@ -18,8 +18,8 @@ jobs:
matrix:
config: [
# Add new configs here
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -DTEST_OPENSSL_COEXIST -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"'
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_OPENSSL_COEXIST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"'
]
name: make check
if: github.repository_owner == 'wolfssl'
-2
View File
@@ -42,8 +42,6 @@ jobs:
strategy:
fail-fast: false
matrix:
# Pinned refs: avoid OpenVPN master until wolfSSL adds any new OpenSSL
# APIs it adopts (e.g. BN_bn2binpad). release/2.6 + latest stable tag.
ref: [ release/2.6, v2.6.19 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
+63 -39
View File
@@ -13,14 +13,13 @@ concurrency:
# END OF COMMON SECTION
jobs:
# Configs that interact with platform-specific features (sys-ca-certs,
# Apple Security.framework, OpenSSL compat layer, networking).
# Run on both Ubuntu and macOS.
make_check:
# Ubuntu config matrix. macOS is covered separately by make_check_macos
# below with a curated subset; configs here either have equivalent macOS
# coverage there or exercise no Darwin-specific code.
make_check_linux:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-24.04, macos-latest ]
config: [
# Add new configs here
'',
@@ -89,26 +88,6 @@ jobs:
'--enable-ocsp --enable-ocsp-responder --enable-ocspstapling CPPFLAGS="-DWOLFSSL_NONBLOCK_OCSP" --enable-maxfragment',
'--enable-all CPPFLAGS=-DWOLFSSL_HASH_KEEP',
'--enable-all --enable-writedup',
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
# This should be a safe limit for the tests to run.
timeout-minutes: 14
steps:
- name: Build and test wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
configure: CFLAGS="-pedantic -Wno-overlength-strings -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
check: true
# Platform-agnostic configs: pure crypto algorithms, preprocessor guards,
# or features with no macOS-specific code paths. Linux only.
make_check_linux:
strategy:
fail-fast: false
matrix:
config: [
'--enable-ascon --enable-experimental',
'--enable-ascon CPPFLAGS=-DWOLFSSL_ASCON_UNROLL --enable-experimental',
# PKCS#7 with RSA-PSS (CMS RSASSA-PSS signers)
@@ -130,7 +109,7 @@ jobs:
'--enable-curve25519=nonblock --enable-ecc=nonblock --enable-sp=yes,nonblock CPPFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DEBUG_NONBLOCK"',
'--enable-certreq --enable-certext --enable-certgen --disable-secure-renegotiation-info CPPFLAGS="-DNO_TLS"',
]
name: make check (Linux only)
name: make check linux
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
@@ -139,9 +118,58 @@ jobs:
- name: Build and test wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
configure: CFLAGS="-pedantic -Wno-overlength-strings -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
configure: CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -Wno-overlength-strings -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
check: true
# Curated macOS subset. Each config exists for a Darwin-specific reason;
# do not add entries that only re-test platform-agnostic crypto already
# covered by the corresponding Linux run.
make_check_macos:
strategy:
fail-fast: false
matrix:
config: [
# Default build: --enable-sys-ca-certs is auto-on on macOS, so
# this exercises Apple keychain / system trust loading in
# src/ssl_load.c that has no Linux equivalent.
'',
# Broad key-crypto + Security.framework + opensslextra in one run
# (RSA, ECC, AES, SHA-2/3, ChaCha20-Poly1305, Curve25519/448, HMAC,
# sniffer, DTLS, OCSP, ...). Note: --enable-all does NOT enable
# cryptocb or SHE, so those have their own entries below.
'--enable-all --enable-asn=template',
# Validates the configure-time auto-enable override and that the
# build compiles out the Security.framework code path cleanly --
# macOS is the only OS where sys-ca-certs is auto-on by default.
'--disable-sys-ca-certs',
# DTLS over BSD sockets on Darwin: connection-ID, fragmented
# ClientHello, secure renegotiation, PSK, AES-CCM, null cipher --
# exercises recvmsg/MTU/datagram handling that differs from Linux.
'--enable-dtls --enable-dtlscid --enable-dtls13 --enable-secure-renegotiation
--enable-psk --enable-aesccm --enable-nullcipher
CPPFLAGS=-DWOLFSSL_STATIC_RSA',
# Crypto-callback dispatcher under Apple clang. Not covered by
# --enable-all; verifies the cryptocb find/setkey/keygen path
# compiles and runs on the macOS toolchain.
'--enable-cryptocb --enable-keygen --enable-cryptocbutils=setkey',
]
name: make check macos
if: github.repository_owner == 'wolfssl'
runs-on: macos-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 14
steps:
- name: Build and test wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
configure: CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -Wno-overlength-strings -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
check: true
# Run on both OSes: the user_settings.h header-driven build path is
# distinct from the autotools-driven --enable-all path in
# make_check_linux / make_check_macos, and macOS-specific guard ordering
# (e.g. WOLFSSL_SYS_CA_CERTS pulling in Security.framework) needs to be
# exercised under Apple clang here.
make_user_settings:
strategy:
fail-fast: false
@@ -165,12 +193,11 @@ jobs:
user-settings: ${{ matrix.user-settings }}
make_user_settings_testwolfcrypt:
# testwolfcrypt runs pure crypto tests with no platform-specific
# features, so Linux-only is sufficient for these user_settings.
strategy:
fail-fast: false
matrix:
# testwolfcrypt runs pure crypto tests with no platform-specific
# features, so Linux-only is sufficient for these user_settings.
os: [ ubuntu-24.04 ]
user-settings: [
# Add new user_settings.h here (alphabetical order)
'examples/configs/user_settings_ca.h',
@@ -194,7 +221,7 @@ jobs:
]
name: make user_setting.h (testwolfcrypt only)
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 14
steps:
@@ -208,21 +235,18 @@ jobs:
- name: Run wolfcrypt/test/testwolfcrypt
run: ./wolfcrypt/test/testwolfcrypt
# Has to be dedicated function due to the sed call
# Has to be dedicated function due to the sed call.
# Platform-agnostic; --enable-all macOS coverage in make_check_macos and
# the macOS user_settings_all.h run in make_user_settings already cover
# the equivalent code paths on Darwin.
make_user_all:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-24.04, macos-latest ]
name: make user_setting.h (with sed)
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 14
steps:
- uses: actions/checkout@v4
- if: ${{ matrix.os == 'macos-latest' }}
run: brew install automake libtool
- run: ./autogen.sh
- name: user_settings_all.h with compatibility layer
run: |
+15 -14
View File
@@ -20,20 +20,21 @@ jobs:
# Add new configs here
'--disable-shared --enable-dilithium --enable-mlkem CFLAGS="-fsanitize=undefined -fno-sanitize-recover=undefined -fno-omit-frame-pointer" LDFLAGS="-fsanitize=undefined" CPPFLAGS="-DWOLFSSL_DILITHIUM_ALIGNMENT=4"',
'--enable-intelasm --enable-sp-asm --enable-mlkem=yes,kyber,ml-kem CPPFLAGS="-DWOLFSSL_ML_KEM_USE_OLD_IDS"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-tls-mlkem-standalone --enable-extra-pqc-hybrids --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
'--enable-smallstack --enable-smallstackcache --enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-tls-mlkem-standalone --enable-extra-pqc-hybrids --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
'--enable-intelasm --enable-sp-math --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --disable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-tls-mlkem-standalone --enable-extra-pqc-hybrids --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
'--enable-smallstack --enable-smallstackcache --enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" CC=c++',
'--disable-intelasm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
'--disable-intelasm --enable-smallstack --enable-smallstackcache --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
'--disable-intelasm --enable-all --disable-mlkem --enable-lms=yes,small,verify-only --enable-xmss=yes,small,verify-only --enable-slhdsa=yes,small,verify-only --enable-dilithium=yes,small,verify-only --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,512 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium=yes,no-ctx --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--disable-intelasm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
'--disable-intelasm --enable-smallstack --enable-smallstackcache --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
'--disable-intelasm --enable-all --disable-mlkem --enable-lms=yes,small,verify-only --enable-xmss=yes,small,verify-only --enable-slhdsa=yes,small,verify-only --enable-dilithium=yes,small,verify-only --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,512 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium=yes,no-ctx --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
'--enable-intelasm --enable-sp-asm --enable-mlkem=yes,kyber,ml-kem,cache-a CPPFLAGS="-DWOLFSSL_MLKEM_DYNAMIC_KEYS"',
'--enable-intelasm --enable-sp-asm --enable-dilithium=yes CPPFLAGS="-DWOLFSSL_DILITHIUM_DYNAMIC_KEYS"',
'--disable-intelasm --enable-dilithium=yes,small CPPFLAGS="-DWOLFSSL_DILITHIUM_DYNAMIC_KEYS"',
@@ -43,7 +44,7 @@ jobs:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
# This should be a safe limit for the tests to run.
timeout-minutes: 6
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
name: Checkout wolfSSL
+41
View File
@@ -0,0 +1,41 @@
name: PR commit message checks
on:
pull_request:
branches: [ '**' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
commit-messages:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Reject AI attribution trailers
env:
BASE_SHA: ${{ github.event.pull_request.base.sha }}
HEAD_SHA: ${{ github.event.pull_request.head.sha }}
run: |
set -euo pipefail
fail=0
while IFS= read -r sha; do
[ -z "$sha" ] && continue
if git log -1 --format=%B "$sha" | git interpret-trailers --parse | \
grep -iE '^(Co-authored-by|Signed-off-by):.*<?noreply@anthropic\.com>?' >/dev/null; then
echo "::error::Commit $sha contains a Co-authored-by or Signed-off-by trailer for noreply@anthropic.com"
git log -1 --format=' %h %s' "$sha"
fail=1
fi
done < <(git rev-list "$BASE_SHA".."$HEAD_SHA")
if [ "$fail" -ne 0 ]; then
echo "One or more commits contain disallowed AI attribution trailers; please amend them out."
exit 1
fi
echo "No disallowed AI attribution trailers found."
+37
View File
@@ -0,0 +1,37 @@
name: PUF Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
puf_host_test:
name: PUF host test
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
timeout-minutes: 6
steps:
- uses: actions/checkout@v4
name: Checkout wolfSSL
- name: Build and test PUF
run: |
./autogen.sh
./configure --enable-puf --enable-puf-test
make
./wolfcrypt/test/testwolfcrypt
- name: Print errors
if: ${{ failure() }}
run: |
if [ -f test-suite.log ] ; then
cat test-suite.log
fi
+11 -10
View File
@@ -12,15 +12,16 @@ concurrency:
cancel-in-progress: true
# END OF COMMON SECTION
# Build the SE050 software simulator (https://github.com/LinuxJedi/SE050Sim),
# build wolfSSL against its NXP Plug&Trust SDK + simulator bridge, and run the
# wolfCrypt SE050 test binary against the simulator TCP server.
# Build the SE050 software simulator (https://github.com/wolfSSL/simulators,
# SE050Sim/ subdirectory), build wolfSSL against its NXP Plug&Trust SDK +
# simulator bridge, and run the wolfCrypt SE050 test binary against the
# simulator TCP server.
#
# The simulator's own Dockerfile (Dockerfile.wolfcrypt) clones wolfSSL master.
# We patch it to COPY the PR checkout instead so CI reflects the PR's source.
env:
SE050SIM_REF: 8fda9212c306fbee0dcd66f2dd52b13f65f13e00
SIMULATORS_REF: 745893640e21a15b7df8c70567c522953aba2f2c
jobs:
se050_sim:
@@ -36,14 +37,14 @@ jobs:
- name: Clone SE050 simulator
run: |
git clone https://github.com/LinuxJedi/SE050Sim se050sim
cd se050sim && git checkout "$SE050SIM_REF"
git clone https://github.com/wolfSSL/simulators simulators
cd simulators && git checkout "$SIMULATORS_REF"
- name: Stage PR wolfSSL into simulator build context
run: mv wolfssl-src se050sim/wolfssl
run: mv wolfssl-src simulators/SE050Sim/wolfssl
- name: Patch Dockerfile to use PR wolfSSL instead of upstream master
working-directory: se050sim
working-directory: simulators/SE050Sim
run: |
sed -i 's|^RUN git clone --depth 1 https://github.com/wolfSSL/wolfssl.git /app/wolfssl$|COPY wolfssl /app/wolfssl|' Dockerfile.wolfcrypt
# Fail fast if the pattern drifted upstream -- better a clear error
@@ -56,8 +57,8 @@ jobs:
- name: Build wolfCrypt-SE050 test image
uses: docker/build-push-action@v5
with:
context: se050sim
file: se050sim/Dockerfile.wolfcrypt
context: simulators/SE050Sim
file: simulators/SE050Sim/Dockerfile.wolfcrypt
push: false
load: true
tags: wolfssl-se050-sim:ci
+20 -2
View File
@@ -157,6 +157,7 @@ CONFIG_WOLFSSL
CONFIG_WOLFSSL_ALLOW_TLS13
CONFIG_WOLFSSL_ALPN
CONFIG_WOLFSSL_ALT_CERT_CHAINS
CONFIG_WOLFSSL_ALWAYS_VERIFY_CB
CONFIG_WOLFSSL_APPLE_HOMEKIT
CONFIG_WOLFSSL_ASN_ALLOW_0_SERIAL
CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
@@ -174,11 +175,13 @@ CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE
CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
CONFIG_WOLFSSL_HKDF
CONFIG_WOLFSSL_KEEP_PEER_CERT
CONFIG_WOLFSSL_MAX_FRAGMENT_LEN
CONFIG_WOLFSSL_MLKEM
CONFIG_WOLFSSL_NO_ASN_STRICT
CONFIG_WOLFSSL_PSK
CONFIG_WOLFSSL_RSA_PSS
CONFIG_WOLFSSL_SESSION_EXPORT
CONFIG_WOLFSSL_TARGET_HOST
CONFIG_WOLFSSL_TARGET_PORT
CONFIG_WOLFSSL_TLS13_ENABLED
@@ -219,6 +222,7 @@ DTLS_RECEIVEFROM_NO_TIMEOUT_ON_INVALID_PEER
ECCSI_ORDER_MORE_BITS_THAN_PRIME
ECC_DUMP_OID
ECDHE_SIZE
EFD_CLOEXEC
ENABLED_BSDKM_REGISTER
ENABLE_SECURE_SOCKETS_LOGS
ESP32
@@ -234,6 +238,7 @@ ETHERNET_AVAILABLE
ETHERNET_H
EV_TRIGGER
EXTERNAL_LOADER_APP
FD_CLOEXEC
FIPS_OPTEST_FULL_RUN_AT_MODULE_INIT
FORCE_FAILURE_GETRANDOM
FP_ECC_CONTROL
@@ -279,6 +284,7 @@ HAVE_ECC512
HAVE_ECC_CDH_CAST
HAVE_ECC_SM2
HAVE_ESP_CLK
HAVE_EXT_CACHE
HAVE_FIPS_VERSION_PORT
HAVE_FUZZER
HAVE_INTEL_MULX
@@ -317,6 +323,7 @@ IGNORE_NETSCAPE_CERT_TYPE
INCLUDE_uxTaskGetStackHighWaterMark
INTEGRITY
INTIMEVER
IN_CLOEXEC
IOTSAFE_NO_GETDATA
IOTSAFE_SIG_8BIT_LENGTH
KCAPI_USE_XMALLOC
@@ -477,7 +484,9 @@ OPENSSL_NO_PK
OS_WINDOWS
OTHERBOARD
OTHER_BOARD
O_CLOEXEC
PEER_INFO
PERF_FLAG_FD_CLOEXEC
PKA_ECC_SCALAR_MUL_IN_B_COEFF
PLATFORMIO
PLUTON_CRYPTO_ECC
@@ -520,6 +529,7 @@ SL_SE_KEY_TYPE_ECC_X25519
SL_SE_KEY_TYPE_ECC_X448
SL_SE_PRF_HMAC_SHA1
SNIFFER_SINGLE_SESSION_CACHE
SOCK_CLOEXEC
SOFTDEVICE_PRESENT
SO_NOSIGPIPE
SO_REUSEPORT
@@ -553,6 +563,7 @@ STM32L552xx
STM32L562xx
STM32MP135Fxx
STM32N657xx
STM32U385xx
STM32U575xx
STM32U585xx
STM32U5A9xx
@@ -652,6 +663,7 @@ WC_NO_VERBOSE_RNG
WC_PKCS11_FIND_WITH_ID_ONLY
WC_PKCS12_PBKDF_USING_MP_API
WC_PROTECT_ENCRYPTED_MEM
WC_PUF_SHA3
WC_RNG_BANK_NO_DEFAULT_SUPPORT
WC_RNG_BLOCKING
WC_RSA_NONBLOCK
@@ -659,6 +671,7 @@ WC_RSA_NONBLOCK_TIME
WC_RSA_NO_FERMAT_CHECK
WC_RWLOCK_OPS_INLINE
WC_SKIP_INCLUDED_C_FILES
WC_SLHDSA_VERBOSE_DEBUG
WC_SSIZE_TYPE
WC_STRICT_SIG
WC_USE_PIE_FENCEPOSTS_FOR_FIPS
@@ -732,6 +745,7 @@ WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
WOLFSSL_DRBG_SHA256
WOLFSSL_DTLS_DISALLOW_FUTURE
WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS
WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
@@ -820,7 +834,6 @@ WOLFSSL_NO_DH186
WOLFSSL_NO_DTLS_SIZE_CHECK
WOLFSSL_NO_ETM_ALERT
WOLFSSL_NO_FENCE
WOLFSSL_NO_INIT_CTX_KEY
WOLFSSL_NO_ISSUERHASH_TDPEER
WOLFSSL_NO_KCAPI_AES_CBC
WOLFSSL_NO_KCAPI_HMAC_SHA1
@@ -829,6 +842,8 @@ WOLFSSL_NO_KCAPI_HMAC_SHA256
WOLFSSL_NO_KCAPI_HMAC_SHA384
WOLFSSL_NO_KCAPI_HMAC_SHA512
WOLFSSL_NO_KCAPI_SHA224
WOLFSSL_NO_KTRI_ORACLE_WARNING
WOLFSSL_NO_LMS_SHAKE256_256
WOLFSSL_NO_OCSP_DATE_CHECK
WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
WOLFSSL_NO_OCSP_OPTIONAL_CERTS
@@ -837,7 +852,6 @@ WOLFSSL_NO_SERVER_GROUPS_EXT
WOLFSSL_NO_SESSION_STATS
WOLFSSL_NO_SIGALG
WOLFSSL_NO_SOCKADDR_UN
WOLFSSL_NO_SPHINCS
WOLFSSL_NO_STRICT_CIPHER_SUITE
WOLFSSL_NO_TICKET_EXPIRE
WOLFSSL_NO_TRUSTED_CERTS_VERIFY
@@ -895,6 +909,7 @@ WOLFSSL_SHA512_HASHTYPE
WOLFSSL_SHUTDOWNONCE
WOLFSSL_SILABS_TRNG
WOLFSSL_SLHDSA_FULL_HASH
WOLFSSL_SLHDSA_NO_VERIFY_ONLY
WOLFSSL_SNIFFER_NO_RECOVERY
WOLFSSL_SP_ARM32_UDIV
WOLFSSL_SP_FAST_NCT_EXPTMOD
@@ -1004,9 +1019,11 @@ __ATOMIC_CONSUME
__ATOMIC_RELAXED
__AVR_ARCH__
__AVR__
__AVX512F__
__BCPLUSPLUS__
__BIG_ENDIAN__
__BORLANDC__
__BSD_VISIBLE
__CCRX__
__CC_ARM
__COMPILER_VER__
@@ -1121,6 +1138,7 @@ __sun
__svr4__
__thumb__
__ti__
__unix__
__x86_64__
__xtensa__
byte
+40 -13
View File
@@ -625,6 +625,11 @@ add_option(WOLFSSL_OQS
"Enable integration with the OQS (Open Quantum Safe) liboqs library (default: disabled)"
"no" "yes;no")
# Falcon (provided via liboqs)
add_option(WOLFSSL_FALCON
"Enable Falcon post-quantum signatures via liboqs (default: disabled)"
"no" "yes;no")
# ML-KEM/Kyber
add_option(WOLFSSL_MLKEM
"Enable the wolfSSL PQ ML-KEM library (default: disabled)"
@@ -632,13 +637,11 @@ add_option(WOLFSSL_MLKEM
if (WOLFSSL_MLKEM)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_HAVE_MLKEM")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_WC_MLKEM")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHA3")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHAKE128")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHAKE256")
set_wolfssl_definitions("WOLFSSL_HAVE_MLKEM" RESULT)
set_wolfssl_definitions("WOLFSSL_WC_MLKEM" RESULT)
set_wolfssl_definitions("WOLFSSL_SHA3" RESULT)
set_wolfssl_definitions("WOLFSSL_SHAKE128" RESULT)
set_wolfssl_definitions("WOLFSSL_SHAKE256" RESULT)
@@ -677,13 +680,11 @@ add_option(WOLFSSL_DILITHIUM
if (WOLFSSL_DILITHIUM)
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_DILITHIUM")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_WC_DILITHIUM")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHA3")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHAKE128")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHAKE256")
set_wolfssl_definitions("HAVE_DILITHIUM" RESULT)
set_wolfssl_definitions("WOLFSSL_WC_DILITHIUM" RESULT)
set_wolfssl_definitions("WOLFSSL_SHA3" RESULT)
set_wolfssl_definitions("WOLFSSL_SHAKE128" RESULT)
set_wolfssl_definitions("WOLFSSL_SHAKE256" RESULT)
@@ -700,10 +701,8 @@ add_option(WOLFSSL_LMSSHA256192
if (WOLFSSL_LMS)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_HAVE_LMS")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_WC_LMS")
set_wolfssl_definitions("WOLFSSL_HAVE_LMS" RESULT)
set_wolfssl_definitions("WOLFSSL_WC_LMS" RESULT)
if (WOLFSSL_LMSSHA256192)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_LMS_SHA256_192")
@@ -733,6 +732,15 @@ if (WOLFSSL_EXPERIMENTAL)
set_wolfssl_definitions("WOLFSSL_EXPERIMENTAL_SETTINGS" RESULT)
# Cross-validate WOLFSSL_OQS and WOLFSSL_FALCON: liboqs is only linked
# when a liboqs-backed algorithm (Falcon) is actually enabled.
if (WOLFSSL_FALCON AND NOT WOLFSSL_OQS)
message(FATAL_ERROR "WOLFSSL_FALCON requires WOLFSSL_OQS.")
endif()
if (WOLFSSL_OQS AND NOT WOLFSSL_FALCON)
message(FATAL_ERROR "WOLFSSL_OQS requires WOLFSSL_FALCON.")
endif()
# Checking for experimental feature: OQS
message(STATUS "Looking for WOLFSSL_OQS")
if (WOLFSSL_OQS)
@@ -749,6 +757,7 @@ if (WOLFSSL_EXPERIMENTAL)
set_wolfssl_definitions("HAVE_LIBOQS" RESULT)
set_wolfssl_definitions("HAVE_TLS_EXTENSIONS" RESULT)
set_wolfssl_definitions("OPENSSL_EXTRA" RESULT)
set_wolfssl_definitions("HAVE_FALCON" RESULT)
else()
message(STATUS "Checking OQS - not found")
@@ -777,19 +786,15 @@ if (WOLFSSL_EXPERIMENTAL)
message(STATUS "Warning: WOLFSSL_EXPERIMENTAL enabled, but no experimental features enabled.")
endif()
# Sanity checks
if(WOLFSSL_OQS AND WOLFSSL_MLKEM)
message(FATAL_ERROR "Error: cannot enable both WOLFSSL_OQS and WOLFSSL_MLKEM at the same time.")
endif()
if(WOLFSSL_OQS AND WOLFSSL_DILITHIUM)
message(FATAL_ERROR "Error: cannot enable both WOLFSSL_OQS and WOLFSSL_DILITHIUM at the same time.")
endif()
else()
# Experimental mode not enabled, but were any experimental features enabled? Error out if so:
message(STATUS "Looking for WOLFSSL_EXPERIMENTAL - not found")
if (WOLFSSL_OQS)
message(FATAL_ERROR "Error: WOLFSSL_OQS requires WOLFSSL_EXPERIMENTAL at this time.")
endif()
if (WOLFSSL_FALCON)
message(FATAL_ERROR "Error: WOLFSSL_FALCON requires WOLFSSL_EXPERIMENTAL at this time.")
endif()
endif()
# LMS
@@ -1772,6 +1777,28 @@ endif()
# TODO: - XCHACHA
# SRAM PUF
add_option("WOLFSSL_PUF"
"Enable SRAM PUF support (default: disabled)"
"no" "yes;no")
if(WOLFSSL_PUF)
list(APPEND WOLFSSL_DEFINITIONS
"-DWOLFSSL_PUF"
"-DWOLFSSL_PUF_SRAM"
"-DHAVE_HKDF")
override_cache(WOLFSSL_HKDF "yes")
endif()
# PUF test mode (synthetic SRAM data injection)
add_option("WOLFSSL_PUF_TEST"
"Enable PUF test mode with synthetic data (default: disabled)"
"no" "yes;no")
if(WOLFSSL_PUF_TEST)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_PUF_TEST")
endif()
# Hash DRBG
add_option("WOLFSSL_HASH_DRBG"
"Enable Hash DRBG support (default: enabled)"
+14
View File
@@ -1,3 +1,17 @@
# wolfSSL Release (unreleased)
## Enhancements
* TLS 1.3: zero traffic key staging buffers in `SetKeysSide()` once a
CryptoCB callback has imported the AES key into a Secure Element
(`aes->devCtx != NULL`). Clears `keys->{client,server}_write_key`
on the provisioned side(s) after cipher init succeeds. The static
IV buffers (`keys->{client,server}_write_IV`,
`keys->aead_{enc,dec}_imp_IV`) are intentionally left intact because
`BuildTls13Nonce()` reads them on every AEAD record to construct the
per-record nonce. Scoped to TLS 1.3, non-DTLS, non-QUIC; requires
`WOLF_CRYPTO_CB` and `WOLF_CRYPTO_CB_AES_SETKEY`.
# wolfSSL Release 5.9.1 (Apr. 8, 2026)
Release 5.9.1 has been developed according to wolfSSL's development and QA
-4
View File
@@ -34,10 +34,6 @@ RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git &&
RUN mkdir /opt/sources
# install liblms
RUN cd /opt/sources && git clone --single-branch https://github.com/cisco/hash-sigs.git && cd hash-sigs && git checkout b0631b8891295bf2929e68761205337b7c031726 \
&& sed -i 's/USE_OPENSSL 1/USE_OPENSSL 0/g' sha256.h && make -j4 hss_lib_thread.a
# Install pkixssh to /opt/pkixssh for X509 interop testing with wolfSSH
RUN mkdir /var/empty
RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-15.1.tar.gz | tar xzf - && cd pkixssh-15.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
@@ -203,7 +203,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
@@ -245,7 +244,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
@@ -271,6 +269,7 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_slhdsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
@@ -215,7 +215,6 @@
#ifdef CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_HAVE_MLKEM
#define WOLFSSL_WC_MLKEM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
@@ -234,7 +233,7 @@
#define WOLFSSL_NO_ML_KEM_768
#define NO_SESSION_CACHE
#else
/* Only needed for older wolfssl versions, see mlkem.h */
/* Only needed for older wolfssl versions, see wc_mlkem.h */
#define WOLFSSL_KYBER1024
/* optional alternative sizes: */
/* #define WOLFSSL_KYBER768 */
@@ -203,7 +203,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
@@ -245,7 +244,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
@@ -271,6 +269,7 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_slhdsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
@@ -215,7 +215,6 @@
#ifdef CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_HAVE_MLKEM
#define WOLFSSL_WC_MLKEM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
@@ -234,7 +233,7 @@
#define WOLFSSL_NO_ML_KEM_768
#define NO_SESSION_CACHE
#else
/* Only needed for older wolfssl versions, see mlkem.h */
/* Only needed for older wolfssl versions, see wc_mlkem.h */
#define WOLFSSL_KYBER1024
/* optional alternative sizes: */
/* #define WOLFSSL_KYBER768 */
@@ -203,7 +203,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
@@ -245,7 +244,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
@@ -271,6 +269,7 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_slhdsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
@@ -215,7 +215,6 @@
#ifdef CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_HAVE_MLKEM
#define WOLFSSL_WC_MLKEM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
@@ -234,7 +233,7 @@
#define WOLFSSL_NO_ML_KEM_768
#define NO_SESSION_CACHE
#else
/* Only needed for older wolfssl versions, see mlkem.h */
/* Only needed for older wolfssl versions, see wc_mlkem.h */
#define WOLFSSL_KYBER1024
/* optional alternative sizes: */
/* #define WOLFSSL_KYBER768 */
@@ -41,8 +41,7 @@
#undef USE_WOLFSSL_ESP_SDK_WIFI
#include <wolfssl/ssl.h>
#if defined(WOLFSSL_WC_MLKEM)
#include <wolfssl/wolfcrypt/mlkem.h>
#if defined(WOLFSSL_HAVE_MLKEM)
#include <wolfssl/wolfcrypt/wc_mlkem.h>
#endif
#if defined(USE_CERT_BUFFERS_2048) || defined(USE_CERT_BUFFERS_1024)
@@ -203,7 +203,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
@@ -245,7 +244,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
@@ -271,6 +269,7 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_slhdsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
@@ -215,7 +215,6 @@
#ifdef CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_HAVE_MLKEM
#define WOLFSSL_WC_MLKEM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
@@ -234,7 +233,7 @@
#define WOLFSSL_NO_ML_KEM_768
#define NO_SESSION_CACHE
#else
/* Only needed for older wolfssl versions, see mlkem.h */
/* Only needed for older wolfssl versions, see wc_mlkem.h */
#define WOLFSSL_KYBER1024
/* optional alternative sizes: */
/* #define WOLFSSL_KYBER768 */
@@ -54,8 +54,7 @@
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
#if defined(WOLFSSL_WC_MLKEM)
#include <wolfssl/wolfcrypt/mlkem.h>
#if defined(WOLFSSL_HAVE_MLKEM)
#include <wolfssl/wolfcrypt/wc_mlkem.h>
#endif
#if defined(USE_CERT_BUFFERS_2048) || defined(USE_CERT_BUFFERS_1024)
@@ -203,7 +203,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
@@ -245,7 +244,6 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
@@ -271,6 +269,7 @@ COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_slhdsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
@@ -215,7 +215,6 @@
#ifdef CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_HAVE_MLKEM
#define WOLFSSL_WC_MLKEM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
@@ -234,7 +233,7 @@
#define WOLFSSL_NO_ML_KEM_768
#define NO_SESSION_CACHE
#else
/* Only needed for older wolfssl versions, see mlkem.h */
/* Only needed for older wolfssl versions, see wc_mlkem.h */
#define WOLFSSL_KYBER1024
/* optional alternative sizes: */
/* #define WOLFSSL_KYBER768 */
+12 -12
View File
@@ -3,14 +3,14 @@
SWENGENV := $(RMX_SRC_BASE)/tools/swenghg
#
# makefile -- defines the macros, directives and rules necessary to build the
# wolfSSL library.
# wolfSSL library.
#
# NOTES:
# 1. This makefile is a "wrapper" makefile for the Visual Studio 80
# INtime package project. The makefile provides RCS and component
# INtime package project. The makefile provides RCS and component
# release support not provided by the project's native visual Studio
# makefile.
#
#
# 2. The SWENG environment assumes makefile execution from a Windows NT
# environment.
#
@@ -33,7 +33,7 @@ SWENGENV := $(RMX_SRC_BASE)/tools/swenghg
# components.
#
# 6. A SWENG makefile executes standard MKS and MSVC tools. Other tool
# sets require additional macro and rule definition.
# sets require additional macro and rule definition.
#
# Default macros and directives.
@@ -157,11 +157,11 @@ MAKEFILE := makefile
ASM :=
C :=
CPP :=
RCFILE :=
RCFILE :=
SRCS :=
SRCS :=
OBJ :=
CFGS :=
CFGS :=
DEBRIS := $(LOGFILE) release* debug* *.sdf *.user *.aps *.bak *~
@@ -287,7 +287,6 @@ INCL_TARGS := wolfssl/callbacks.h \
wolfssl/wolfcrypt/integer.h \
wolfssl/wolfcrypt/kdf.h \
wolfssl/wolfcrypt/kyber.h \
wolfssl/wolfcrypt/lms.h \
wolfssl/wolfcrypt/logging.h \
wolfssl/wolfcrypt/md2.h \
wolfssl/wolfcrypt/md4.h \
@@ -320,18 +319,19 @@ INCL_TARGS := wolfssl/callbacks.h \
wolfssl/wolfcrypt/sm4.h \
wolfssl/wolfcrypt/sp.h \
wolfssl/wolfcrypt/sp_int.h \
wolfssl/wolfcrypt/sphincs.h \
wolfssl/wolfcrypt/srp.h \
wolfssl/wolfcrypt/tfm.h \
wolfssl/wolfcrypt/types.h \
wolfssl/wolfcrypt/visibility.h \
wolfssl/wolfcrypt/wc_encrypt.h \
wolfssl/wolfcrypt/wc_kyber.h \
wolfssl/wolfcrypt/wc_lms.h \
wolfssl/wolfcrypt/wc_pkcs11.h \
wolfssl/wolfcrypt/wc_port.h \
wolfssl/wolfcrypt/wc_slhdsa.h \
wolfssl/wolfcrypt/wc_xmss.h \
wolfssl/wolfcrypt/wolfevent.h \
wolfssl/wolfcrypt/wolfmath.h \
wolfssl/wolfcrypt/xmss.h \
wolfssl/wolfcrypt/port/nrf51.h \
wolfssl/wolfcrypt/port/af_alg/afalg_hash.h \
wolfssl/wolfcrypt/port/af_alg/wc_afalg.h \
@@ -404,7 +404,7 @@ INCL_TARGS := wolfssl/callbacks.h \
#
# NOTES:
# 1. These files must always be included after the macro definitions and
# before the component-specific rules.
# before the component-specific rules.
.INCLUDE:$(SWENGENV)/rules.wnt
.INCLUDE:$(SWENGENV)/intimerules.wnt
@@ -495,7 +495,7 @@ done
# environment variables in a sub-shell before invoking the makefile.
#
# 2. Path vectors are converted to Microsoft-style pathname slashes
# via 'redmond.ksh' before passing them as environment variables to
# via 'redmond.ksh' before passing them as environment variables to
# Microsoft tools.
SOLUTIONFILE = wolfssl-lib.sln
+2 -1
View File
@@ -81,7 +81,6 @@
<ClCompile Include="..\..\wolfcrypt\src\sha3.c" />
<ClCompile Include="..\..\wolfcrypt\src\sha512.c" />
<ClCompile Include="..\..\wolfcrypt\src\signature.c" />
<ClCompile Include="..\..\wolfcrypt\src\sphincs.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_c32.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_c64.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_int.c" />
@@ -93,6 +92,7 @@
<ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_pkcs11.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_slhdsa.c" />
<ClCompile Include="..\..\wolfcrypt\src\port\liboqs\liboqs.c" />
</ItemGroup>
@@ -164,6 +164,7 @@
<ClInclude Include="..\..\wolfssl\wolfcrypt\visibility.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wc_encrypt.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wc_port.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wc_slhdsa.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wolfevent.h" />
<ClInclude Include="..\..\wolfssl\wolfcrypt\wolfmath.h" />
</ItemGroup>
+1 -3
View File
@@ -87,8 +87,6 @@
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">true</ExcludedFromBuild>
</ClCompile>
<ClCompile Include="..\..\wolfcrypt\src\ext_kyber.c" />
<ClCompile Include="..\..\wolfcrypt\src\ext_lms.c" />
<ClCompile Include="..\..\wolfcrypt\src\ext_xmss.c" />
<ClCompile Include="..\..\wolfcrypt\src\falcon.c" />
<ClCompile Include="..\..\wolfcrypt\src\fe_448.c" />
<ClCompile Include="..\..\wolfcrypt\src\fips.c" />
@@ -108,7 +106,6 @@
<ClCompile Include="..\..\wolfcrypt\src\sm2.c" />
<ClCompile Include="..\..\wolfcrypt\src\sm3.c" />
<ClCompile Include="..\..\wolfcrypt\src\sm4.c" />
<ClCompile Include="..\..\wolfcrypt\src\sphincs.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_arm32.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_arm64.c" />
<ClCompile Include="..\..\wolfcrypt\src\sp_armthumb.c" />
@@ -190,6 +187,7 @@
<ClCompile Include="..\..\wolfcrypt\src\tfm.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_encrypt.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_port.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_slhdsa.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
</ItemGroup>
@@ -81,12 +81,12 @@
<itemPath>../../../wolfcrypt/src/sp_c32.c</itemPath>
<itemPath>../../../wolfcrypt/src/sp_c64.c</itemPath>
<itemPath>../../../wolfcrypt/src/sp_int.c</itemPath>
<itemPath>../../../wolfcrypt/src/sphincs.c</itemPath>
<itemPath>../../../wolfcrypt/src/srp.c</itemPath>
<itemPath>../../../wolfcrypt/src/tfm.c</itemPath>
<itemPath>../../../wolfcrypt/src/wc_encrypt.c</itemPath>
<itemPath>../../../wolfcrypt/src/wc_pkcs11.c</itemPath>
<itemPath>../../../wolfcrypt/src/wc_port.c</itemPath>
<itemPath>../../../wolfcrypt/src/wc_slhdsa.c</itemPath>
<itemPath>../../../wolfcrypt/src/wolfevent.c</itemPath>
<itemPath>../../../wolfcrypt/src/wolfmath.c</itemPath>
</logicalFolder>
@@ -440,11 +440,6 @@
<type>1</type>
<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_x86_64.c</locationURI>
</link>
<link>
<name>src/wolfcrypt/sphincs.c</name>
<type>1</type>
<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sphincs.c</locationURI>
</link>
<link>
<name>src/wolfcrypt/srp.c</name>
<type>1</type>
@@ -495,6 +490,11 @@
<type>1</type>
<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_port.c</locationURI>
</link>
<link>
<name>src/wolfcrypt/wc_slhdsa.c</name>
<type>1</type>
<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_slhdsa.c</locationURI>
</link>
<link>
<name>src/wolfcrypt/wc_xmss.c</name>
<type>1</type>
+1
View File
@@ -97,6 +97,7 @@ The section for "Hardware platform" may need to be adjusted depending on your pr
* To enable STM32WB support define `WOLFSSL_STM32WB`.
* To enable STM32WBA support define `WOLFSSL_STM32WBA`.
* To enable STM32WL support define `WOLFSSL_STM32WL`.
* To enable STM32U3 support define `WOLFSSL_STM32U3`.
* To enable STM32U5 support define `WOLFSSL_STM32U5`.
* To enable STM32H5 support define `WOLFSSL_STM32H5`.
* To enable STM32MP13 support define `WOLFSSL_STM32MP13`.
-1
View File
@@ -700,7 +700,6 @@ Tested on commit: fa9e122f1cca32513611f5a24de88d07aced015b
#define GCM_TABLE_4BIT
#define HAVE_DILITHIUM
#define WOLFSSL_WC_DILITHIUM
#define WOLFSSL_DILITHIUM_SMALL
#define WOLFSSL_ARMASM
+10 -5
View File
@@ -206,6 +206,14 @@ extern ${variable.value} ${variable.name};
#elif defined(STM32G491xx)
#define WOLFSSL_STM32G4
#define HAL_CONSOLE_UART hlpuart1
#elif defined(STM32U385xx)
#define WOLFSSL_STM32U3
#define STM32_HAL_V2
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#ifndef HAL_CONSOLE_UART
#define HAL_CONSOLE_UART huart1
#endif
#elif defined(STM32U575xx) || defined(STM32U585xx) || defined(STM32U5A9xx)
#define WOLFSSL_STM32U5
#define STM32_HAL_V2
@@ -250,8 +258,8 @@ extern ${variable.value} ${variable.name};
/* You need to define a CPU type, HW crypto and debug UART */
/* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4,
WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4, WOLFSSL_STM32L5,
WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB, WOLFSSL_STM32U5 and
WOLFSSL_STM32MP13 */
WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB, WOLFSSL_STM32U3,
WOLFSSL_STM32U5 and WOLFSSL_STM32MP13 */
#define WOLFSSL_STM32F4
/* Debug UART used for printf */
@@ -660,9 +668,6 @@ extern ${variable.value} ${variable.name};
#undef WOLFSSL_HAVE_MLKEM
#define WOLFSSL_HAVE_MLKEM
#undef WOLFSSL_WC_MLKEM
#define WOLFSSL_WC_MLKEM
#undef WOLFSSL_NO_SHAKE128
#undef WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE128
+6
View File
@@ -318,6 +318,12 @@
<ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
<ClCompile Include="..\..\wolfcrypt\src\pkcs12.c" />
<ClCompile Include="..\..\wolfcrypt\src\dilithium.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_lms.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_lms_impl.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_xmss.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_xmss_impl.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_slhdsa.c" />
</ItemGroup>
<ItemGroup>
<CustomBuild Include="..\..\wolfcrypt\src\aes_asm.asm">
@@ -125,8 +125,8 @@
700F0CF52A2FC11300755BA7 /* eccsi.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CDB2A2FC0D500755BA7 /* eccsi.h */; };
700F0CF62A2FC11300755BA7 /* ed448.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CD22A2FC0D500755BA7 /* ed448.h */; };
700F0CF72A2FC11300755BA7 /* ed25519.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CE12A2FC0D500755BA7 /* ed25519.h */; };
700F0CF82A2FC11300755BA7 /* ext_mlkem.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CD52A2FC0D500755BA7 /* ext_mlkem.h */; };
700F0CF92A2FC11300755BA7 /* falcon.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CDD2A2FC0D500755BA7 /* falcon.h */; };
700F0D9A2A2FC11300755BA7 /* wc_slhdsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0D992A2FC0D500755BA7 /* wc_slhdsa.h */; };
700F0CFA2A2FC11300755BA7 /* fe_448.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CDE2A2FC0D500755BA7 /* fe_448.h */; };
700F0CFB2A2FC11300755BA7 /* fe_operations.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CC72A2FC0D400755BA7 /* fe_operations.h */; };
700F0CFC2A2FC11300755BA7 /* fips.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CCF2A2FC0D500755BA7 /* fips.h */; };
@@ -145,9 +145,7 @@
700F0D092A2FC11300755BA7 /* siphash.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CD42A2FC0D500755BA7 /* siphash.h */; };
700F0D0A2A2FC11300755BA7 /* sp_int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CDF2A2FC0D500755BA7 /* sp_int.h */; };
700F0D0B2A2FC11300755BA7 /* sp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CD12A2FC0D500755BA7 /* sp.h */; };
700F0D0C2A2FC11300755BA7 /* sphincs.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CEC2A2FC0D500755BA7 /* sphincs.h */; };
700F0D0D2A2FC11300755BA7 /* srp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CDC2A2FC0D500755BA7 /* srp.h */; };
700F0D0E2A2FC11300755BA7 /* wc_mlkem.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CD82A2FC0D500755BA7 /* wc_mlkem.h */; };
700F0D0F2A2FC11300755BA7 /* wc_pkcs11.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CE82A2FC0D500755BA7 /* wc_pkcs11.h */; };
700F0D102A2FC11300755BA7 /* wolfevent.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CD62A2FC0D500755BA7 /* wolfevent.h */; };
700F0D112A2FC11300755BA7 /* wolfmath.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0CEB2A2FC0D500755BA7 /* wolfmath.h */; };
@@ -285,8 +283,8 @@
700F0CF52A2FC11300755BA7 /* eccsi.h in CopyFiles */,
700F0CF62A2FC11300755BA7 /* ed448.h in CopyFiles */,
700F0CF72A2FC11300755BA7 /* ed25519.h in CopyFiles */,
700F0CF82A2FC11300755BA7 /* ext_mlkem.h in CopyFiles */,
700F0CF92A2FC11300755BA7 /* falcon.h in CopyFiles */,
700F0D9A2A2FC11300755BA7 /* wc_slhdsa.h in CopyFiles */,
700F0CFA2A2FC11300755BA7 /* fe_448.h in CopyFiles */,
700F0CFB2A2FC11300755BA7 /* fe_operations.h in CopyFiles */,
700F0CFC2A2FC11300755BA7 /* fips.h in CopyFiles */,
@@ -305,9 +303,7 @@
700F0D092A2FC11300755BA7 /* siphash.h in CopyFiles */,
700F0D0A2A2FC11300755BA7 /* sp_int.h in CopyFiles */,
700F0D0B2A2FC11300755BA7 /* sp.h in CopyFiles */,
700F0D0C2A2FC11300755BA7 /* sphincs.h in CopyFiles */,
700F0D0D2A2FC11300755BA7 /* srp.h in CopyFiles */,
700F0D0E2A2FC11300755BA7 /* wc_mlkem.h in CopyFiles */,
700F0D0F2A2FC11300755BA7 /* wc_pkcs11.h in CopyFiles */,
700F0D102A2FC11300755BA7 /* wolfevent.h in CopyFiles */,
700F0D112A2FC11300755BA7 /* wolfmath.h in CopyFiles */,
@@ -563,7 +559,7 @@
700F0CC92A2FC0D500755BA7 /* selftest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = selftest.h; path = ../../wolfssl/wolfcrypt/selftest.h; sourceTree = "<group>"; };
700F0CCA2A2FC0D500755BA7 /* ge_operations.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ge_operations.h; path = ../../wolfssl/wolfcrypt/ge_operations.h; sourceTree = "<group>"; };
700F0CCB2A2FC0D500755BA7 /* async.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = async.h; path = ../../wolfssl/wolfcrypt/async.h; sourceTree = "<group>"; };
700F0CCC2A2FC0D500755BA7 /* mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mlkem.h; path = ../../wolfssl/wolfcrypt/mlkem.h; sourceTree = "<group>"; };
700F0CCC2A2FC0D500755BA7 /* mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mlkem.h; path = ../../wolfssl/wolfcrypt/wc_mlkem.h; sourceTree = "<group>"; };
700F0CCD2A2FC0D500755BA7 /* hpke.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hpke.h; path = ../../wolfssl/wolfcrypt/hpke.h; sourceTree = "<group>"; };
700F0CCE2A2FC0D500755BA7 /* cpuid.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = cpuid.h; path = ../../wolfssl/wolfcrypt/cpuid.h; sourceTree = "<group>"; };
700F0CCF2A2FC0D500755BA7 /* fips.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips.h; path = ../../wolfssl/wolfcrypt/fips.h; sourceTree = "<group>"; };
@@ -572,15 +568,14 @@
700F0CD22A2FC0D500755BA7 /* ed448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ed448.h; path = ../../wolfssl/wolfcrypt/ed448.h; sourceTree = "<group>"; };
700F0CD32A2FC0D500755BA7 /* curve448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = curve448.h; path = ../../wolfssl/wolfcrypt/curve448.h; sourceTree = "<group>"; };
700F0CD42A2FC0D500755BA7 /* siphash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = siphash.h; path = ../../wolfssl/wolfcrypt/siphash.h; sourceTree = "<group>"; };
700F0CD52A2FC0D500755BA7 /* ext_mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ext_mlkem.h; path = ../../wolfssl/wolfcrypt/ext_mlkem.h; sourceTree = "<group>"; };
700F0CD62A2FC0D500755BA7 /* wolfevent.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wolfevent.h; path = ../../wolfssl/wolfcrypt/wolfevent.h; sourceTree = "<group>"; };
700F0CD72A2FC0D500755BA7 /* cmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = cmac.h; path = ../../wolfssl/wolfcrypt/cmac.h; sourceTree = "<group>"; };
700F0CD82A2FC0D500755BA7 /* wc_mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_mlkem.h; path = ../../wolfssl/wolfcrypt/wc_mlkem.h; sourceTree = "<group>"; };
700F0CD92A2FC0D500755BA7 /* pkcs11.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs11.h; path = ../../wolfssl/wolfcrypt/pkcs11.h; sourceTree = "<group>"; };
700F0CDA2A2FC0D500755BA7 /* mem_track.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mem_track.h; path = ../../wolfssl/wolfcrypt/mem_track.h; sourceTree = "<group>"; };
700F0CDB2A2FC0D500755BA7 /* eccsi.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = eccsi.h; path = ../../wolfssl/wolfcrypt/eccsi.h; sourceTree = "<group>"; };
700F0CDC2A2FC0D500755BA7 /* srp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = srp.h; path = ../../wolfssl/wolfcrypt/srp.h; sourceTree = "<group>"; };
700F0CDD2A2FC0D500755BA7 /* falcon.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = falcon.h; path = ../../wolfssl/wolfcrypt/falcon.h; sourceTree = "<group>"; };
700F0D992A2FC0D500755BA7 /* wc_slhdsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_slhdsa.h; path = ../../wolfssl/wolfcrypt/wc_slhdsa.h; sourceTree = "<group>"; };
700F0CDE2A2FC0D500755BA7 /* fe_448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fe_448.h; path = ../../wolfssl/wolfcrypt/fe_448.h; sourceTree = "<group>"; };
700F0CDF2A2FC0D500755BA7 /* sp_int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sp_int.h; path = ../../wolfssl/wolfcrypt/sp_int.h; sourceTree = "<group>"; };
700F0CE02A2FC0D500755BA7 /* cryptocb.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = cryptocb.h; path = ../../wolfssl/wolfcrypt/cryptocb.h; sourceTree = "<group>"; };
@@ -593,7 +588,6 @@
700F0CE82A2FC0D500755BA7 /* wc_pkcs11.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_pkcs11.h; path = ../../wolfssl/wolfcrypt/wc_pkcs11.h; sourceTree = "<group>"; };
700F0CEA2A2FC0D500755BA7 /* rc2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rc2.h; path = ../../wolfssl/wolfcrypt/rc2.h; sourceTree = "<group>"; };
700F0CEB2A2FC0D500755BA7 /* wolfmath.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wolfmath.h; path = ../../wolfssl/wolfcrypt/wolfmath.h; sourceTree = "<group>"; };
700F0CEC2A2FC0D500755BA7 /* sphincs.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sphincs.h; path = ../../wolfssl/wolfcrypt/sphincs.h; sourceTree = "<group>"; };
9D2E31D6291CE2190082B941 /* dtls13.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dtls13.c; path = ../../src/dtls13.c; sourceTree = "<group>"; };
9D2E31D9291CE2370082B941 /* dtls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dtls.c; path = ../../src/dtls.c; sourceTree = "<group>"; };
9D2E31DC291CE2740082B941 /* quic.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = quic.c; path = ../../src/quic.c; sourceTree = "<group>"; };
@@ -643,8 +637,8 @@
700F0CDB2A2FC0D500755BA7 /* eccsi.h */,
700F0CD22A2FC0D500755BA7 /* ed448.h */,
700F0CE12A2FC0D500755BA7 /* ed25519.h */,
700F0CD52A2FC0D500755BA7 /* ext_mlkem.h */,
700F0CDD2A2FC0D500755BA7 /* falcon.h */,
700F0D992A2FC0D500755BA7 /* wc_slhdsa.h */,
700F0CDE2A2FC0D500755BA7 /* fe_448.h */,
700F0CC72A2FC0D400755BA7 /* fe_operations.h */,
700F0CCF2A2FC0D500755BA7 /* fips.h */,
@@ -663,9 +657,7 @@
700F0CD42A2FC0D500755BA7 /* siphash.h */,
700F0CDF2A2FC0D500755BA7 /* sp_int.h */,
700F0CD12A2FC0D500755BA7 /* sp.h */,
700F0CEC2A2FC0D500755BA7 /* sphincs.h */,
700F0CDC2A2FC0D500755BA7 /* srp.h */,
700F0CD82A2FC0D500755BA7 /* wc_mlkem.h */,
700F0CE82A2FC0D500755BA7 /* wc_pkcs11.h */,
700F0CD62A2FC0D500755BA7 /* wolfevent.h */,
700F0CEB2A2FC0D500755BA7 /* wolfmath.h */,
+5 -13
View File
@@ -256,8 +256,8 @@
700F0C0D2A2FBC5100755BA7 /* eccsi.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF72A2FBC1600755BA7 /* eccsi.h */; };
700F0C0E2A2FBC5100755BA7 /* ed448.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF82A2FBC1600755BA7 /* ed448.h */; };
700F0C0F2A2FBC5100755BA7 /* ed25519.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF42A2FBC1600755BA7 /* ed25519.h */; };
700F0C102A2FBC5100755BA7 /* ext_mlkem.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF92A2FBC1600755BA7 /* ext_mlkem.h */; };
700F0C112A2FBC5100755BA7 /* falcon.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0C022A2FBC1600755BA7 /* falcon.h */; };
700F0C9A2A2FBC5100755BA7 /* wc_slhdsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0C992A2FBC1600755BA7 /* wc_slhdsa.h */; };
700F0C122A2FBC5100755BA7 /* fe_448.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BEB2A2FBC1500755BA7 /* fe_448.h */; };
700F0C132A2FBC5100755BA7 /* fe_operations.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF62A2FBC1600755BA7 /* fe_operations.h */; };
700F0C142A2FBC5100755BA7 /* fips.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0C002A2FBC1600755BA7 /* fips.h */; };
@@ -275,9 +275,7 @@
700F0C202A2FBC5100755BA7 /* siphash.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BFE2A2FBC1600755BA7 /* siphash.h */; };
700F0C212A2FBC5100755BA7 /* sp_int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BE82A2FBC1500755BA7 /* sp_int.h */; };
700F0C222A2FBC5100755BA7 /* sp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BE92A2FBC1500755BA7 /* sp.h */; };
700F0C232A2FBC5100755BA7 /* sphincs.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BE22A2FBC1500755BA7 /* sphincs.h */; };
700F0C242A2FBC5100755BA7 /* srp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF32A2FBC1600755BA7 /* srp.h */; };
700F0C252A2FBC5100755BA7 /* wc_mlkem.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BFF2A2FBC1600755BA7 /* wc_mlkem.h */; };
700F0C262A2FBC5100755BA7 /* wc_pkcs11.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BF52A2FBC1600755BA7 /* wc_pkcs11.h */; };
700F0C272A2FBC5100755BA7 /* wolfevent.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 700F0BE62A2FBC1500755BA7 /* wolfevent.h */; };
700F0C282A2FBC5100755BA7 /* kdf.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6AC8513B272CB04F00F2B32A /* kdf.h */; };
@@ -622,8 +620,8 @@
700F0C0D2A2FBC5100755BA7 /* eccsi.h in CopyFiles */,
700F0C0E2A2FBC5100755BA7 /* ed448.h in CopyFiles */,
700F0C0F2A2FBC5100755BA7 /* ed25519.h in CopyFiles */,
700F0C102A2FBC5100755BA7 /* ext_mlkem.h in CopyFiles */,
700F0C112A2FBC5100755BA7 /* falcon.h in CopyFiles */,
700F0C9A2A2FBC5100755BA7 /* wc_slhdsa.h in CopyFiles */,
700F0C122A2FBC5100755BA7 /* fe_448.h in CopyFiles */,
700F0C132A2FBC5100755BA7 /* fe_operations.h in CopyFiles */,
700F0C142A2FBC5100755BA7 /* fips.h in CopyFiles */,
@@ -641,9 +639,7 @@
700F0C202A2FBC5100755BA7 /* siphash.h in CopyFiles */,
700F0C212A2FBC5100755BA7 /* sp_int.h in CopyFiles */,
700F0C222A2FBC5100755BA7 /* sp.h in CopyFiles */,
700F0C232A2FBC5100755BA7 /* sphincs.h in CopyFiles */,
700F0C242A2FBC5100755BA7 /* srp.h in CopyFiles */,
700F0C252A2FBC5100755BA7 /* wc_mlkem.h in CopyFiles */,
700F0C262A2FBC5100755BA7 /* wc_pkcs11.h in CopyFiles */,
700F0C272A2FBC5100755BA7 /* wolfevent.h in CopyFiles */,
700F0C282A2FBC5100755BA7 /* kdf.h in CopyFiles */,
@@ -975,14 +971,13 @@
6AC8513B272CB04F00F2B32A /* kdf.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = kdf.h; path = ../../wolfssl/wolfcrypt/kdf.h; sourceTree = "<group>"; };
700F0BE02A2FBC1500755BA7 /* rc2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rc2.h; path = ../../wolfssl/wolfcrypt/rc2.h; sourceTree = "<group>"; };
700F0BE12A2FBC1500755BA7 /* hpke.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hpke.h; path = ../../wolfssl/wolfcrypt/hpke.h; sourceTree = "<group>"; };
700F0BE22A2FBC1500755BA7 /* sphincs.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sphincs.h; path = ../../wolfssl/wolfcrypt/sphincs.h; sourceTree = "<group>"; };
700F0BE32A2FBC1500755BA7 /* curve448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = curve448.h; path = ../../wolfssl/wolfcrypt/curve448.h; sourceTree = "<group>"; };
700F0BE52A2FBC1500755BA7 /* curve25519.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = curve25519.h; path = ../../wolfssl/wolfcrypt/curve25519.h; sourceTree = "<group>"; };
700F0BE62A2FBC1500755BA7 /* wolfevent.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wolfevent.h; path = ../../wolfssl/wolfcrypt/wolfevent.h; sourceTree = "<group>"; };
700F0BE72A2FBC1500755BA7 /* ge_448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ge_448.h; path = ../../wolfssl/wolfcrypt/ge_448.h; sourceTree = "<group>"; };
700F0BE82A2FBC1500755BA7 /* sp_int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sp_int.h; path = ../../wolfssl/wolfcrypt/sp_int.h; sourceTree = "<group>"; };
700F0BE92A2FBC1500755BA7 /* sp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sp.h; path = ../../wolfssl/wolfcrypt/sp.h; sourceTree = "<group>"; };
700F0BEA2A2FBC1500755BA7 /* mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mlkem.h; path = ../../wolfssl/wolfcrypt/mlkem.h; sourceTree = "<group>"; };
700F0BEA2A2FBC1500755BA7 /* mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mlkem.h; path = ../../wolfssl/wolfcrypt/wc_mlkem.h; sourceTree = "<group>"; };
700F0BEB2A2FBC1500755BA7 /* fe_448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fe_448.h; path = ../../wolfssl/wolfcrypt/fe_448.h; sourceTree = "<group>"; };
700F0BEC2A2FBC1500755BA7 /* pkcs12.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs12.h; path = ../../wolfssl/wolfcrypt/pkcs12.h; sourceTree = "<group>"; };
700F0BED2A2FBC1500755BA7 /* chacha20_poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha20_poly1305.h; path = ../../wolfssl/wolfcrypt/chacha20_poly1305.h; sourceTree = "<group>"; };
@@ -997,16 +992,15 @@
700F0BF62A2FBC1600755BA7 /* fe_operations.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fe_operations.h; path = ../../wolfssl/wolfcrypt/fe_operations.h; sourceTree = "<group>"; };
700F0BF72A2FBC1600755BA7 /* eccsi.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = eccsi.h; path = ../../wolfssl/wolfcrypt/eccsi.h; sourceTree = "<group>"; };
700F0BF82A2FBC1600755BA7 /* ed448.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ed448.h; path = ../../wolfssl/wolfcrypt/ed448.h; sourceTree = "<group>"; };
700F0BF92A2FBC1600755BA7 /* ext_mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ext_mlkem.h; path = ../../wolfssl/wolfcrypt/ext_mlkem.h; sourceTree = "<group>"; };
700F0BFA2A2FBC1600755BA7 /* sha3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha3.h; path = ../../wolfssl/wolfcrypt/sha3.h; sourceTree = "<group>"; };
700F0BFB2A2FBC1600755BA7 /* signature.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = signature.h; path = ../../wolfssl/wolfcrypt/signature.h; sourceTree = "<group>"; };
700F0BFC2A2FBC1600755BA7 /* cmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = cmac.h; path = ../../wolfssl/wolfcrypt/cmac.h; sourceTree = "<group>"; };
700F0BFD2A2FBC1600755BA7 /* pkcs11.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs11.h; path = ../../wolfssl/wolfcrypt/pkcs11.h; sourceTree = "<group>"; };
700F0BFE2A2FBC1600755BA7 /* siphash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = siphash.h; path = ../../wolfssl/wolfcrypt/siphash.h; sourceTree = "<group>"; };
700F0BFF2A2FBC1600755BA7 /* wc_mlkem.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_mlkem.h; path = ../../wolfssl/wolfcrypt/wc_mlkem.h; sourceTree = "<group>"; };
700F0C002A2FBC1600755BA7 /* fips.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips.h; path = ../../wolfssl/wolfcrypt/fips.h; sourceTree = "<group>"; };
700F0C012A2FBC1600755BA7 /* ge_operations.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ge_operations.h; path = ../../wolfssl/wolfcrypt/ge_operations.h; sourceTree = "<group>"; };
700F0C022A2FBC1600755BA7 /* falcon.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = falcon.h; path = ../../wolfssl/wolfcrypt/falcon.h; sourceTree = "<group>"; };
700F0C992A2FBC1600755BA7 /* wc_slhdsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_slhdsa.h; path = ../../wolfssl/wolfcrypt/wc_slhdsa.h; sourceTree = "<group>"; };
700F0C032A2FBC1600755BA7 /* async.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = async.h; path = ../../wolfssl/wolfcrypt/async.h; sourceTree = "<group>"; };
700F0C292A2FBCAD00755BA7 /* quic.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = quic.h; path = ../../wolfssl/quic.h; sourceTree = "<group>"; };
700F0C2A2A2FBCAD00755BA7 /* sniffer_error.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sniffer_error.h; path = ../../wolfssl/sniffer_error.h; sourceTree = "<group>"; };
@@ -1153,8 +1147,8 @@
700F0BF72A2FBC1600755BA7 /* eccsi.h */,
700F0BF82A2FBC1600755BA7 /* ed448.h */,
700F0BF42A2FBC1600755BA7 /* ed25519.h */,
700F0BF92A2FBC1600755BA7 /* ext_mlkem.h */,
700F0C022A2FBC1600755BA7 /* falcon.h */,
700F0C992A2FBC1600755BA7 /* wc_slhdsa.h */,
700F0BEB2A2FBC1500755BA7 /* fe_448.h */,
700F0BF62A2FBC1600755BA7 /* fe_operations.h */,
700F0C002A2FBC1600755BA7 /* fips.h */,
@@ -1172,9 +1166,7 @@
700F0BFE2A2FBC1600755BA7 /* siphash.h */,
700F0BE82A2FBC1500755BA7 /* sp_int.h */,
700F0BE92A2FBC1500755BA7 /* sp.h */,
700F0BE22A2FBC1500755BA7 /* sphincs.h */,
700F0BF32A2FBC1600755BA7 /* srp.h */,
700F0BFF2A2FBC1600755BA7 /* wc_mlkem.h */,
700F0BF52A2FBC1600755BA7 /* wc_pkcs11.h */,
700F0BE62A2FBC1500755BA7 /* wolfevent.h */,
5216465E1A8993770062516A /* aes.h */,
+11 -20
View File
@@ -250,16 +250,16 @@
Congratulations! You have just achieved a fully quantum-safe TLS 1.3
connection!
The following NIST Competition winning algorithms are supported:
- ML-KEM (CRYSTALS-KYBER) (key encapsulation mechanism)
- ML-DSA (CRYSTALS-Dilithium) (signature scheme)
The following NIST Competition winning algorithms are supported by the
native wolfSSL implementation:
- ML-KEM (FIPS 203, CRYSTALS-KYBER) (key encapsulation mechanism)
- ML-DSA (FIPS 204, CRYSTALS-Dilithium) (signature scheme)
- SLH-DSA (FIPS 205, SPHINCS+) (signature scheme)
The following NIST Competition winning algorithms were supported by our
liboqs integration. Support for their standardized specifications will
return when we write our own implementations.
- FALCON (signature scheme)
- SPHINCS+ (signature scheme)
Falcon (signature scheme) is still provided through liboqs integration.
To enable it, pass both --with-liboqs and --enable-falcon to configure
(CMake: -DWOLFSSL_OQS=yes -DWOLFSSL_FALCON=yes). Passing --with-liboqs
without --enable-falcon (or vice versa) is now an error.
The following NIST Competition Round 3 finalist algorithms were supported,
but have been removed after 5.3.3
@@ -296,11 +296,7 @@ The wolfssl port in vcpkg is kept up to date by wolfSSL.
We also have vcpkg ports for wolftpm, wolfmqtt and curl.
17. Building with hash-sigs lib for LMS/HSS support [EXPERIMENTAL]
Deprecated. wolfSSL now has its own LMS/HSS implementation in wolfCrypt.
18. Building for Debian, Ubuntu, Linux Mint, and derivatives
17. Building for Debian, Ubuntu, Linux Mint, and derivatives
To generate a .deb package, configure wolfSSL with the desired
configuration. Then run `make deb` to generate a Debian package
@@ -309,7 +305,7 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
resulting packages are placed in the root directory of the
project.
19. Building for RHEL, Fedora, CentOS, SUSE, and openSUSE
18. Building for RHEL, Fedora, CentOS, SUSE, and openSUSE
To generate a .rpm package, configure wolfSSL with the desired
configuration. Then run `make rpm` to generate a .rpm package
@@ -317,8 +313,3 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.
Docker container, use `make rpm-docker`. In both cases the
resulting packages are placed in the root directory of the
project.
20. Building with xmss-reference lib for XMSS/XMSS^MT support [EXPERIMENTAL]
Deprecated. wolfSSL now has its own XMMS/XMSS^MT implementation in
wolfCrypt.
+4
View File
@@ -18,6 +18,10 @@ certificate #3389). FIPS 140-3 validated (Certificate #4718). For additional
information, visit the [wolfCrypt FIPS FAQ](https://www.wolfssl.com/license/fips/)
or contact fips@wolfssl.com.
wolfCrypt also includes support for deriving device-unique keys from hardware entropy
(`--enable-puf`). An example exists at
[SRAM PUF](https://github.com/wolfSSL/wolfssl-examples/tree/master/puf).
## Why Choose wolfSSL?
There are many reasons to choose wolfSSL as your embedded, desktop, mobile, or
Binary file not shown.
Binary file not shown.
+1 -1
View File
@@ -159,7 +159,7 @@ include certs/intermediate/include.am
include certs/falcon/include.am
include certs/rsapss/include.am
include certs/dilithium/include.am
include certs/sphincs/include.am
include certs/slhdsa/include.am
include certs/rpk/include.am
include certs/acert/include.am
include certs/mldsa/include.am
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
+57
View File
@@ -0,0 +1,57 @@
-----BEGIN PRIVATE KEY-----
MIIKPgIBADALBglghkgBZQMEAxEEggoqMIIKJgQgB5k2MNHvdz51ebw/tXj6ECZ3
eScZNPdog84ItrvpBhgEggoAnXtmhZqzy98ZxarirCp5r/H94riNkdr1joa0kTwV
KhLGmElj7VDLeQ1YQ/IAjjVfJS88y6vZBIUgHV5ViJRkN0/TZIm+4svclsximVbe
JozeMBhm+dkb8c8yxXhIAgSyOxY96ahsgQaf9Gl3foY0pd2xSSDgLxcr3GL5k14X
UThKgghIBiQISGCStFETBSgauI2JtCiQqGQMgUTjxomEFg5EAkALly3ZSJIBFWRC
OGgaJ44TE1IAMQLEAiYUQk0QKJAgMTIBwWALAWyAAGxjJlACgEVKpkAcsiUIIWIk
SU4hh0gbSAIchmQEopDasIkUGU5JJgUYyQCapIXcpEhBIoECNXBjJorUEGEgRIij
omACooEZtHCcFoSBAkEitZHSCFESNEHTuBEIITJCRGUASGmSRhIilGHCtnDimI3T
JgmEIgoJuQ1MsGQDJC4BloSZBBGbyBGjEpAMFgqMICyUCEYEtg1gsIjcBCKaRkIh
Qk1JRikkJ2ITJQUKhAVKEEakBoAcNIIapUwZlokkJmEQRozBGEgcGW0EmI2LRgIC
kA1cEmVKFHICwWUbIU1cOG0DQYykJg6JooBKQCYcmWmBEjDDQCEiRmEiQ3ICRyYQ
oQmBIgbDIi5kMhIBsgFZlkUENQjDto0UMGwMlQyjSIBjQFAAICbcICQBRnHhQFHC
Eg3EEEAMQyQCMyYCyAQaIwjgFoqasC0TQAhDIjJEOG3RRJDUhglIggDimGgSsZEJ
kG3JMIXAhICcxkzhEJHYljDatmjIxmXjBlBcFBECREmbomhaMpBSgEUAJjACRkzU
yEmcuJDEIIoMFQ0JN44SRkUIIyUhoRGAkGWTRnLhKG1EllGBEoAERkqLEG0TRlFT
NkrhpkXgIgFIpgASkXAjs0ACqGXbQgbgBmrjlmFIlGVDImncIoWbhIlZGGRDsCCL
qClYMCQKF44RQS0kuCWJFCAUQZEjoiQhFyERsQQDhEwLI2JQhmVUIkJCgoAIpVHZ
BjEjAJEQqU3iBGZENjCLskmYxnAZpIxapg1jAC6blHCKIC1iJixCJmwSEy7bGAgR
IS6KsHEBwSzjRGLjlCgLOHBAFGViwEGhBiGCokSUsCwhEI0UlnESFAURJwQSl2XE
Am5YxGzAEHCEwEWZElKAqIjTuCgBF3ADwxCIGApTkkBTxiCTwIGkkJCTkgUiiAjI
AGTwGc/fNxkyya8KPEqPnLO0SilcbdKBED+fTSMYZe4Dp+sUmcCrbC6tMaAVf/0S
wwuGjR0PGY4s3cHO8nXCP//DvH1cQFCB1ZLJ3IlWAARkZiepwEPNXdbmx4So8ALa
o/LXJ6xSMLOVUzQxHwbydLpYUs+5C9E5PmD+2VVy+9lcLZ5fXZXj+CVtFHAk+BUE
JBQVq6UzyeD9nLM9V+/04ochm9QnPm57I55WfGfSOepStb1t2gDHHgrubRb7mjSu
i4V7aZqY1hUmGU8JveAGeZMsnqqHPMarygeYqbRjkHgTKNxi8wQE1VWKkfuL3B1q
UxbeGYjnlvyxtRHnkU5ixqS4qwh/dQZFC1RjeH0KhGSWo51Ec/YWdEY1EKKcvlvA
4V7EqCSr4cJZUhbYybY+WK37yDZlfvGOT5HI4vOn0yirYiGWljHvoa/pLjb+Cevx
jfr7WDmjzkXkH92MJKnXM4D1uwURUsu8swkULgrdROQvhYROCdoLIHhhKrlnnITg
67uV0DFdg5EVvyf1HiXJxUioqoz86mB6zZeSqwfHngtUvEHcf/eJchLuhRiGG+BE
4U97dT0n94LuOPdh48ml21n/IA18uNIs7IhdxAMIZ7RyO1zGFqsaa3KZh4CnNVq5
kU5cesaUGNLll3zVkV1XVun/WmT5yP8qWrrODc9nCbEtY8VyeMdPwcAjQq/yuC95
t/ddpbrVD6ib8q9dcpKGzhBS090VFWWoOMKYJ0dOsd4Fi9k21w/1M25MnEl9jgd5
dxSK6juGxK/5TI9DJr+kaPSz59IDxIUc1QoYVVH+sVuOee0Hh3261AmYk8upTzHO
4qs68m06608sGmvy/4H69DS+tU4a6vIQez6Wz2c32K7wPQOo5pMdWbwaBrQcDWjy
vidYGmaSyjdjZypZYr1A1enZSklpjEz0ZYU0zDfQXj5linNrMtL6bFSUtyB1bkrJ
+HLI3NoJyuOUm/jr6DK+u0FotgGN6Z/Tf/2R4ivATvlCW6LsyDUPNtnRiGWiKupQ
mRlQMSQQe1ZnpKXK46XJd7TRityk/8ru2Fg+baXUszkVossCnP6TZhjY0s6yjU0o
YsR7OeIqAm44Wcw12pmywZMktmOo/jeRMngR+ZVyLdFRQBOQ+qc9XfrOwT3Uq7dL
jNHZRcZ+DMa83RH6UoNZLaeorj+4WKKEFAV3+bn+BdFK+eh9Hri0OfyAHbI4jcRj
wOkVX/72gbI94BPs0HUdA7hr3BO2CbGC5AISGMseLc7u8sSkmhumUcP9c8HFhee7
ROdhngADChjkYoZF2PpbcUaGDjqJbbLXDtdlPswW5Zwt8g5EZBT9qS+26HiiVKNF
XrAUAveh4BZY2cNYWuZypwqfM/jVGFQegFQeUWlTYFfw+caXS1uY5hrBtGHtPcfo
FNaSSXxGHjogtiCzJeD4OerJfcs4mAOVmplprtQMHlA0bYVqMy+MA2qkGv2sijQI
6Yi2oLmWp0E3f+fC0a/lYGgG/nCBgLT+922I7MaQOAQ0JBu4V4ZA0hnsoTYR/yI0
jDE/Y6FPzmdzXHhdhcjYQFpA34g98230m7Ypvwfd2VEnppeyb2HvHKkBUivQEuRA
puolgLqAYYeljX5xCWj7xggvmCznqzC03jm2cf8ykGFl+cQWftrEBXcL8fngwH0U
V29IuurgxZNgFOP4amey3FboN39ZY1x30uOnc1OcjfSs6QeKHL6nTR9gNp8znfQt
T2HdM0AfbhCf9x/wlYlijAT3ZOBm0EtKeZZwVtsH2q8A0VTsB6wJJZFG0U+/UOnm
VHORx/tnM+sBG9xFWtyjljVscZum5ytllS2ugQooMfAqngHigy/gpGXKkkoPMkW1
5hkkRCsr6mRGsknQL+JkDR/u5CkEmYCLfHo6TNQY1Pc7DEQ5PQ8Q1B9Hf7Hf0sHX
HR/3KTZUS45Vm8sI9TEP1AxeGFl+6u9a0g3GlF2DvVWpL/6FgtmpkUD2zPmIunIJ
Np+hxXzqk9SuSKoukZMvG2Y+hw7doB4ZjSXfvzmC33p8fJWyvScrPXbvBTj8ijhG
bdWqOWupyvWf/YHCT6WMEpCjA+b9eWpIaWzDeDCdeaaBp/Tpz06dWAEQ7SwnLlyq
yNBX7wWl55+NB6fXSAV7cBes49RKCZLEjoQDdFphYQ4aDB+MTtlslkKskwvUFGzY
Jw6buXcN1d2CCPWJ20SGjbIsqAZfvExzJ/4yJjwzg9oYyQ==
-----END PRIVATE KEY-----
Binary file not shown.
File diff suppressed because it is too large Load Diff
Binary file not shown.
File diff suppressed because it is too large Load Diff
+168
View File
@@ -0,0 +1,168 @@
#!/usr/bin/env bash
#
# Regenerate SLH-DSA root certificates and ML-DSA-44 entity certificates
# used by tests/test-tls13-slhdsa-{shake,sha2}.conf.
#
# Requires: OpenSSL >= 3.5 (native SLH-DSA + ML-DSA support).
#
# The ML-DSA-44 entity keys are reused from ../mldsa/ (mldsa44_bare-priv.der
# for the server, mldsa44_seed-priv.der for the client) so this script does
# not generate or write new entity private keys.
check_result(){
if [ "$1" -ne 0 ]; then
echo "Failed at \"$2\", Abort"
exit 1
else
echo "Step Succeeded!"
fi
}
# Always operate inside the script's own directory so relative paths
# (../mldsa/, ../renewcerts/) resolve regardless of where the script
# was invoked from.
cd "$(dirname "$0")"
# Capability probe: bail out cleanly if the local OpenSSL doesn't speak
# SLH-DSA (e.g. < 3.5). The committed PEM/DER under this directory are the
# authoritative test fixtures; this script is for renewal only. `-help`
# prints regardless of algorithm support, so we actually try a generation
# (output discarded) and check the exit code.
if ! openssl genpkey -algorithm SLH-DSA-SHAKE-128s -out /dev/null \
>/dev/null 2>&1; then
echo "OpenSSL does not support SLH-DSA"
echo "Skipping SLH-DSA certificate renewal"
exit 0
fi
if ! openssl genpkey -algorithm ML-DSA-44 -out /dev/null \
>/dev/null 2>&1; then
echo "OpenSSL does not support ML-DSA"
echo "Skipping SLH-DSA certificate renewal"
exit 0
fi
CNF=../renewcerts/wolfssl.cnf
SERVER_KEY_DER=../mldsa/mldsa44_bare-priv.der
CLIENT_KEY_DER=../mldsa/mldsa44_seed-priv.der
if [ ! -f "$SERVER_KEY_DER" ] || [ ! -f "$CLIENT_KEY_DER" ]; then
echo "Missing reused ML-DSA-44 entity keys under ../mldsa/"
exit 1
fi
# wolfSSL example server only loads PEM keys from CLI, so emit a PEM
# transcoding of each reused DER key under this directory. These are
# byte-for-byte the same key material as the source .der files; we just
# wrap them in PEM headers so the .conf-driven test harness can use them.
SERVER_KEY=server-mldsa44-priv.pem
CLIENT_KEY=client-mldsa44-priv.pem
openssl pkey -in "$SERVER_KEY_DER" -inform DER -out "$SERVER_KEY"
check_result $? "Convert server ML-DSA-44 key to PEM"
openssl pkey -in "$CLIENT_KEY_DER" -inform DER -out "$CLIENT_KEY"
check_result $? "Convert client ML-DSA-44 key to PEM"
# $1 = tag (shake|sha2), $2 = OpenSSL algorithm name
gen_variant() {
local tag=$1
local alg=$2
local root_base="root-slhdsa-${tag}-128s"
echo "====================================================================="
echo " Generating ${alg} root + ML-DSA-44 entity certs (tag=${tag})"
echo "====================================================================="
############################################################
# Self-signed SLH-DSA root
############################################################
echo "Generating ${root_base} key + self-signed cert"
openssl genpkey -algorithm "$alg" -out "${root_base}-priv.pem"
check_result $? "Generate SLH-DSA root key (${tag})"
echo -e "US\\nMontana\\nBozeman\\nwolfSSL_SLH-DSA\\nRoot-SLH-DSA-${tag}\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | \
openssl req -new -key "${root_base}-priv.pem" -config "$CNF" -nodes \
-out "${root_base}.csr"
check_result $? "Generate root CSR (${tag})"
openssl x509 -req -in "${root_base}.csr" -days 1000 \
-extfile "$CNF" -extensions ca_ecc_cert \
-signkey "${root_base}-priv.pem" \
-out "${root_base}.pem"
check_result $? "Generate root cert (${tag})"
rm -f "${root_base}.csr"
openssl x509 -in "${root_base}.pem" -outform DER > "${root_base}.der"
check_result $? "Convert root cert to DER (${tag})"
openssl pkey -in "${root_base}-priv.pem" -outform DER \
-out "${root_base}-priv.der"
check_result $? "Convert root key to DER (${tag})"
openssl x509 -in "${root_base}.pem" -text > tmp.pem
mv tmp.pem "${root_base}.pem"
############################################################
# ML-DSA-44 server cert signed by the SLH-DSA root
############################################################
local server_cert="server-mldsa44-${tag}.pem"
echo "Generating ${server_cert}"
echo -e "US\\nMontana\\nBozeman\\nwolfSSL_SLH-DSA\\nServer-mldsa44-${tag}\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | \
openssl req -new -key "$SERVER_KEY" -config "$CNF" -nodes \
-out "server-mldsa44-${tag}.csr"
check_result $? "Generate server CSR (${tag})"
openssl x509 -req -in "server-mldsa44-${tag}.csr" -days 1000 \
-extfile "$CNF" -extensions server_ecc \
-CA "${root_base}.pem" -CAkey "${root_base}-priv.pem" \
-set_serial 01 \
-out "server-mldsa44-${tag}-cert.pem"
check_result $? "Sign server cert (${tag})"
rm -f "server-mldsa44-${tag}.csr"
openssl x509 -in "server-mldsa44-${tag}-cert.pem" -outform DER \
> "server-mldsa44-${tag}.der"
check_result $? "Server cert to DER (${tag})"
openssl x509 -in "server-mldsa44-${tag}-cert.pem" -text > tmp.pem
mv tmp.pem "server-mldsa44-${tag}-cert.pem"
# Server-served chain: leaf || root (ed25519 convention)
cat "server-mldsa44-${tag}-cert.pem" "${root_base}.pem" > "$server_cert"
rm -f "server-mldsa44-${tag}-cert.pem"
############################################################
# ML-DSA-44 client cert signed by the SLH-DSA root
############################################################
local client_cert="client-mldsa44-${tag}.pem"
echo "Generating ${client_cert}"
echo -e "US\\nMontana\\nBozeman\\nwolfSSL_SLH-DSA\\nClient-mldsa44-${tag}\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | \
openssl req -new -key "$CLIENT_KEY" -config "$CNF" -nodes \
-out "client-mldsa44-${tag}.csr"
check_result $? "Generate client CSR (${tag})"
openssl x509 -req -in "client-mldsa44-${tag}.csr" -days 1000 \
-extfile "$CNF" -extensions client_ecc \
-CA "${root_base}.pem" -CAkey "${root_base}-priv.pem" \
-set_serial 02 \
-out "client-mldsa44-${tag}-cert.pem"
check_result $? "Sign client cert (${tag})"
rm -f "client-mldsa44-${tag}.csr"
openssl x509 -in "client-mldsa44-${tag}-cert.pem" -outform DER \
> "client-mldsa44-${tag}.der"
check_result $? "Client cert to DER (${tag})"
openssl x509 -in "client-mldsa44-${tag}-cert.pem" -text > tmp.pem
mv tmp.pem "client-mldsa44-${tag}-cert.pem"
cat "client-mldsa44-${tag}-cert.pem" "${root_base}.pem" > "$client_cert"
rm -f "client-mldsa44-${tag}-cert.pem"
echo "Variant ${tag} complete."
}
gen_variant shake SLH-DSA-SHAKE-128s
gen_variant sha2 SLH-DSA-SHA2-128s
echo
echo "All SLH-DSA / ML-DSA-44 test certificates regenerated."
+36
View File
@@ -0,0 +1,36 @@
# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
certs/slhdsa/bench_slhdsa_shake128s_key.der \
certs/slhdsa/bench_slhdsa_shake128f_key.der \
certs/slhdsa/bench_slhdsa_shake192s_key.der \
certs/slhdsa/bench_slhdsa_shake192f_key.der \
certs/slhdsa/bench_slhdsa_shake256s_key.der \
certs/slhdsa/bench_slhdsa_shake256f_key.der \
certs/slhdsa/bench_slhdsa_sha2_128s_key.der \
certs/slhdsa/bench_slhdsa_sha2_128f_key.der \
certs/slhdsa/bench_slhdsa_sha2_192s_key.der \
certs/slhdsa/bench_slhdsa_sha2_192f_key.der \
certs/slhdsa/bench_slhdsa_sha2_256s_key.der \
certs/slhdsa/bench_slhdsa_sha2_256f_key.der \
certs/slhdsa/gen-slhdsa-mldsa-certs.sh \
certs/slhdsa/server-mldsa44-priv.pem \
certs/slhdsa/client-mldsa44-priv.pem \
certs/slhdsa/root-slhdsa-shake-128s-priv.pem \
certs/slhdsa/root-slhdsa-shake-128s-priv.der \
certs/slhdsa/root-slhdsa-shake-128s.pem \
certs/slhdsa/root-slhdsa-shake-128s.der \
certs/slhdsa/server-mldsa44-shake.pem \
certs/slhdsa/server-mldsa44-shake.der \
certs/slhdsa/client-mldsa44-shake.pem \
certs/slhdsa/client-mldsa44-shake.der \
certs/slhdsa/root-slhdsa-sha2-128s-priv.pem \
certs/slhdsa/root-slhdsa-sha2-128s-priv.der \
certs/slhdsa/root-slhdsa-sha2-128s.pem \
certs/slhdsa/root-slhdsa-sha2-128s.der \
certs/slhdsa/server-mldsa44-sha2.pem \
certs/slhdsa/server-mldsa44-sha2.der \
certs/slhdsa/client-mldsa44-sha2.pem \
certs/slhdsa/client-mldsa44-sha2.der
Binary file not shown.
@@ -0,0 +1,4 @@
-----BEGIN PRIVATE KEY-----
MFICAQAwCwYJYIZIAWUDBAMUBEBIDLnGQ7/b2dqaWSNZ6GNUDPTUVnm6hv7L66kx
FwCox6bgJKhKGBBNzcbaIyRn3paVgQCmys5D5P38exqM+ut+
-----END PRIVATE KEY-----
Binary file not shown.
+644
View File
@@ -0,0 +1,644 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:47:75:b4:58:fa:b2:e1:1f:16:b5:5f:25:49:b4:7f:2a:12:60:56
Signature Algorithm: SLH-DSA-SHA2-128s
Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_SLH-DSA, OU=Root-SLH-DSA-sha2, CN=www.wolfssl.com, emailAddress=info@wolfssl.com
Validity
Not Before: Apr 28 08:10:05 2026 GMT
Not After : Jan 22 08:10:05 2029 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_SLH-DSA, OU=Root-SLH-DSA-sha2, CN=www.wolfssl.com, emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: SLH-DSA-SHA2-128s
SLH-DSA-SHA2-128s Public-Key:
pub:
a6:e0:24:a8:4a:18:10:4d:cd:c6:da:23:24:67:de:
96:95:81:00:a6:ca:ce:43:e4:fd:fc:7b:1a:8c:fa:
eb:7e
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:80:23:3A:06:DD:38:57:EE:6B:C2:94:7B:EA:BF:43:57:3A:B0:8C
X509v3 Authority Key Identifier:
BD:80:23:3A:06:DD:38:57:EE:6B:C2:94:7B:EA:BF:43:57:3A:B0:8C
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: SLH-DSA-SHA2-128s
Signature Value:
10:3c:70:c5:f5:b1:4f:1c:77:85:34:b9:b3:57:97:62:ef:e7:
4d:17:67:56:63:74:02:e1:50:5c:5b:dc:56:94:45:d7:f9:6b:
76:fd:fb:e2:00:16:0b:5a:0f:86:86:7e:1e:0c:4e:7f:d0:95:
cb:d4:8d:09:58:53:4e:e2:9f:0e:11:2e:38:dc:c0:87:ec:6f:
25:ef:1b:59:81:ab:71:69:51:2e:3c:2f:f6:eb:f2:22:73:62:
e1:a2:68:b3:67:db:2e:05:16:fa:bc:ae:b6:22:cb:c2:0f:fd:
88:1e:36:43:27:13:de:61:01:0c:ba:5a:df:0a:69:17:45:c2:
77:b5:df:87:62:b3:16:6e:8e:57:e0:3b:9f:02:80:5d:f0:92:
76:51:73:2e:7a:25:1c:88:79:dd:0d:55:c5:73:94:b3:76:52:
39:fb:58:0d:34:fe:74:38:45:fc:99:39:87:c7:fe:4b:2a:7c:
51:ae:92:ee:5f:28:16:13:04:b5:f0:5f:93:90:74:d0:e0:f4:
1d:06:af:6b:ad:33:fe:2c:d5:9a:e5:10:32:7f:01:2f:7e:97:
c6:ff:b6:57:97:56:cc:5a:5a:9a:79:de:19:b0:9c:0b:57:bb:
bb:e5:8b:91:2c:cd:19:2d:7c:75:8e:71:4f:c5:c5:88:74:5c:
5d:27:82:dc:94:58:7d:6e:71:6e:78:c5:f3:0d:3b:85:95:2a:
da:4d:af:34:a9:3c:02:88:cc:45:1d:08:0c:9d:20:39:73:06:
0a:2d:ba:8a:5d:a9:44:32:24:32:b1:d1:fd:d1:7f:b4:10:56:
3a:15:12:a5:f6:c1:6f:16:ef:84:5e:86:ab:5b:9b:a7:b4:21:
e3:43:86:1a:50:f8:95:b3:b0:10:56:0e:26:b6:5a:46:75:51:
e2:7a:5a:76:2b:14:4e:57:5d:88:61:27:16:8c:e0:6a:ad:87:
b1:19:89:80:87:aa:6a:59:69:18:fc:e3:5a:78:83:d8:58:3a:
ec:8e:b9:28:2a:22:e6:13:8f:ad:df:4e:4d:9e:99:6b:34:9a:
c5:c1:81:0e:28:1a:16:e5:60:d1:7d:1c:d7:5f:f8:3e:7d:1c:
7c:2d:18:5f:3a:5c:d2:d2:0b:db:c4:4f:69:57:a7:6d:60:95:
5e:04:fb:71:31:71:d1:e4:ee:dd:10:34:a5:9b:0c:7b:29:e9:
4b:85:3a:2f:64:87:93:9a:8f:06:9f:75:8a:c2:b3:a6:0c:ff:
94:7a:c8:f4:e6:14:31:b1:6f:20:ad:34:5c:3f:1a:67:c7:0e:
0e:89:00:c5:9f:d6:56:4b:8d:86:dc:64:94:e0:7e:4d:8b:cd:
43:5f:3b:46:c9:92:f0:a4:0d:df:b9:ab:38:aa:5b:3b:9c:af:
fa:fb:d5:f6:0b:25:96:30:33:28:3d:3f:1e:a6:10:43:58:53:
ae:88:a7:5b:8e:55:66:57:2e:0d:88:a9:5b:d3:71:0a:23:05:
47:82:ca:e6:0c:c8:d1:f2:99:9f:c9:37:2a:59:99:d4:f0:a5:
82:18:0b:98:f0:ee:be:0f:11:6f:2a:6a:14:dd:c4:c9:bc:ed:
80:ac:7c:ca:65:eb:fa:af:b3:29:a7:b2:c3:1c:42:1e:7d:3f:
d3:1a:f0:1b:30:f5:a3:53:8c:13:d3:96:82:01:a8:2e:d2:ae:
ea:f1:50:17:ae:cb:a4:7b:55:72:55:8b:90:28:f0:d9:5b:81:
f4:78:9b:b0:fe:a0:c4:6e:dc:25:fc:94:64:71:12:bf:fc:cd:
31:50:26:2d:e2:ef:38:05:14:82:b6:62:83:a9:86:cb:df:05:
ef:27:6a:cc:2c:8f:1c:5d:40:13:c1:e3:24:a6:7d:3c:83:1a:
78:79:7d:63:75:4f:68:b9:9c:75:b9:07:ed:62:16:29:22:c1:
cd:f2:52:02:e9:17:b0:d0:44:13:9c:25:c7:fd:39:df:eb:d5:
32:5e:bf:c5:47:81:18:83:63:96:89:4c:31:02:8f:c4:e9:7f:
27:8e:01:3f:44:4e:96:b0:73:ad:56:a7:95:4d:ab:a3:03:e2:
dc:33:65:d2:17:87:e8:07:be:95:17:64:3e:6c:87:cd:3a:e6:
0a:b8:e6:8b:e2:e9:d9:60:2a:ef:d5:c8:2f:7a:8d:ec:70:16:
10:a2:1d:12:16:41:a3:c1:07:2f:95:b1:d4:7f:9f:ca:16:ca:
72:1d:2d:df:3a:6f:93:eb:9e:76:34:3f:dd:a7:47:12:18:5b:
f4:34:2b:73:42:33:15:c8:19:0c:a8:10:d5:d3:04:81:e2:d1:
b4:3f:7e:53:34:d8:db:02:d6:60:b4:24:8c:28:4d:31:51:0b:
4e:c8:f1:4c:99:98:a7:36:ab:bc:ce:a2:d6:67:f5:b2:64:ec:
0e:e3:f3:82:46:d3:87:ce:1b:a9:46:d3:dc:1a:27:e2:5f:bf:
55:33:ca:e0:de:02:84:26:ed:57:58:27:f4:d6:3c:0d:a7:db:
40:2d:d8:c8:0c:84:47:97:fb:bf:49:8c:d2:1c:80:ff:da:d6:
3f:93:00:77:f3:31:f0:c8:57:46:5a:9a:15:25:0b:2d:d1:1b:
5a:eb:ae:09:0e:3e:24:e6:a9:eb:72:be:e4:45:d2:41:db:21:
dd:a7:1b:6e:62:3e:43:d9:62:34:31:62:76:d4:2e:39:48:fd:
54:9c:51:6a:f7:71:44:88:c0:c3:98:3b:66:e1:8e:0a:9d:e3:
68:a9:6a:d2:52:80:97:3d:9e:14:c9:bc:36:33:6f:24:9c:7b:
e1:8a:a5:a1:12:44:bf:61:a2:3b:da:18:b9:7f:9f:89:bb:10:
33:8f:46:18:92:49:5e:10:81:a6:0b:06:19:19:a3:e8:06:c8:
fe:4e:94:20:de:70:36:7b:40:ee:04:ca:fc:fa:81:aa:87:9d:
ad:f3:57:78:0c:34:51:f4:fa:ef:78:58:1e:e9:0f:b9:75:f6:
a5:09:a0:91:7f:80:19:80:17:4b:5c:a9:b9:6d:b6:00:f8:17:
90:e1:b7:4f:21:33:64:1d:d1:d5:a8:78:a0:98:46:0a:0a:0e:
72:dc:2a:67:8e:57:44:00:76:2e:79:b9:4e:c7:78:b2:a7:12:
17:75:44:6c:ce:a6:d7:ae:25:54:6c:5d:eb:3d:92:74:65:26:
f7:6d:23:1a:43:91:ad:2e:20:c8:f4:fa:13:a9:97:ea:7e:a9:
61:94:81:a7:cd:b3:60:a9:62:4c:ec:8b:91:21:a9:d3:7c:39:
9f:3f:4c:f8:8f:16:81:3f:23:3a:20:64:7a:10:ce:82:d7:24:
28:ea:e0:74:6a:ea:62:bd:e3:06:90:1e:92:ca:fa:2d:25:a5:
70:52:8f:a1:3f:9f:7a:7a:f3:55:4d:4b:8b:1d:1e:ce:d0:61:
44:68:e5:c2:69:e8:14:2f:5c:90:96:72:8f:7e:39:61:c1:d4:
3d:36:bf:12:b4:de:31:3e:7e:f4:45:d9:6b:d8:9c:61:06:fe:
7d:43:ae:e3:c8:f4:3b:0d:7a:5d:b6:35:46:5d:5b:30:e9:9f:
de:49:53:d8:a7:97:61:33:ec:fe:dd:4a:89:c3:db:aa:39:4b:
01:f8:20:27:a3:0b:12:2f:03:fd:8d:69:5f:90:2a:62:97:93:
a6:d4:12:80:ee:98:47:93:d9:89:7d:46:f3:2d:61:8e:e6:9d:
7e:7e:42:07:0f:3e:15:08:9b:49:36:98:1c:1e:dc:57:5d:eb:
ab:35:4b:33:eb:2f:fd:a5:6e:92:45:5d:21:df:d4:74:83:02:
a9:3c:bd:88:ed:d7:05:da:b5:2a:56:e1:ae:7c:53:a8:9d:f3:
24:bf:82:1d:09:20:66:b9:b8:4b:ee:b7:e0:9a:15:e3:99:bc:
e3:93:a4:2e:93:4a:c2:0c:8b:42:ee:29:42:f5:93:e9:b6:73:
8d:8d:24:4c:78:26:b7:dc:64:c7:94:8e:f3:2f:81:68:91:a5:
57:ec:c7:b3:7d:73:02:d0:20:18:16:7a:3b:dd:e9:65:08:84:
6b:40:19:f6:79:71:13:ca:8f:be:8a:ae:c2:a4:67:ae:0e:5b:
a8:55:01:38:5a:0e:0a:51:04:57:12:76:e6:cf:d8:57:25:a7:
8c:03:da:22:13:dd:90:e1:27:26:e0:d8:dc:9b:5a:6b:3a:0f:
e2:e3:8d:54:73:6e:12:02:72:f4:2b:c3:9b:80:3f:6f:fb:8a:
9e:fd:bb:e4:d7:c6:14:8a:19:d6:9f:30:bc:00:98:41:92:2b:
bd:a5:8e:ab:93:89:9d:6e:d4:8e:82:17:88:a6:19:2b:8b:a4:
67:e9:5b:ee:7f:bb:e6:a4:d7:cd:85:7a:c1:2d:15:8b:3d:4e:
25:71:63:5c:7e:72:b7:bc:e7:8e:a8:ad:d5:a4:2f:d2:56:cf:
b1:29:49:03:9e:d3:b9:ce:35:60:8d:d3:50:97:5f:4e:ac:72:
f4:b0:20:e4:91:75:cc:27:5e:ce:ae:04:77:1b:84:02:fe:0c:
bc:a7:dd:62:3e:55:e9:e7:5b:a3:c8:1d:08:34:18:53:bd:fa:
05:0c:e9:fc:84:73:0d:4b:9f:56:52:e5:09:e8:46:43:3b:4e:
59:fa:84:67:d5:c2:94:3d:ea:cb:9d:29:31:4d:91:61:90:f2:
1f:29:68:dc:34:5f:13:fd:b1:f2:38:72:85:f1:16:1c:7f:05:
e5:b8:32:57:3f:6a:68:ce:e5:58:1a:14:e5:1f:e7:b7:1c:04:
a6:e1:c5:86:c8:78:e3:62:92:fd:ff:9b:f1:e8:60:9c:40:b9:
1c:1d:7b:52:ad:ee:de:fa:04:bf:0b:bd:d9:34:bf:ef:4a:1b:
f2:0c:72:43:1e:55:24:b1:56:ae:0c:44:99:ef:b5:fb:e5:ee:
c6:20:7c:15:5f:66:c8:32:c3:e0:33:76:00:d3:b0:7e:be:0a:
28:79:3f:98:51:78:12:73:ae:b3:24:a5:a1:d3:1c:f8:6c:5a:
e7:c0:47:5f:86:a5:67:d5:3b:20:19:49:91:fd:c6:32:0c:96:
e9:df:ea:e1:8e:cf:4a:bd:9f:95:eb:88:2c:3c:f6:34:da:89:
f7:3a:d1:bb:0f:97:f0:38:99:ec:89:b4:b3:92:bf:ed:13:7d:
bc:14:54:16:63:01:f3:60:f0:f6:c4:e0:db:00:dc:c8:5f:13:
11:82:1d:04:73:a4:f1:8d:d0:8e:7a:4d:1f:9c:0e:8d:dc:fe:
7d:8f:97:5e:a1:97:c2:73:e7:45:94:19:19:93:f5:4f:fc:25:
8b:c3:1a:19:a7:1d:91:0a:bf:28:78:41:06:7d:09:d4:95:c5:
d2:8f:47:04:cf:3f:9a:be:72:b0:8a:d0:29:0d:87:b8:22:11:
2a:c6:c7:27:81:12:6f:9e:18:88:9c:8a:25:04:05:66:b1:ef:
b1:4c:48:f7:f7:53:ec:c8:72:bc:70:25:5e:19:be:3c:d7:f6:
1a:52:77:05:15:db:ba:99:2a:d6:bd:ce:a1:70:fc:30:40:cc:
bd:4d:e4:36:f0:fc:b9:54:31:48:d3:9c:bb:3b:51:08:a5:e8:
b0:3b:5b:0a:69:91:2c:f7:d4:50:07:4c:a8:2f:7b:43:82:64:
fb:c3:ca:48:5c:b9:f7:f3:bc:d6:21:43:c3:b5:26:61:06:86:
23:c6:7f:05:d7:0b:c1:e5:7d:5f:5a:c3:09:1a:7c:06:cb:35:
f8:a3:70:13:14:37:b6:98:00:88:24:b0:90:4f:f4:99:99:75:
d5:15:23:7b:5a:09:db:33:30:8b:b9:da:b2:08:7c:ea:39:3c:
88:96:a8:39:da:1e:22:5a:b3:be:f7:40:58:7a:6d:7b:88:de:
4c:57:30:f1:38:a5:cc:6a:e7:b3:c4:ef:8a:f1:4d:ca:2c:bf:
5b:05:02:30:97:10:12:dd:3f:8a:bf:0a:86:4f:57:63:79:bc:
2c:21:a2:c2:07:26:a4:96:d2:1a:d2:73:86:a9:af:2d:ca:ae:
6f:07:e7:26:f4:47:65:8e:0e:29:8f:ca:ce:16:cd:90:00:f0:
a6:19:a4:30:b8:d7:8a:da:de:5a:5b:54:91:9a:e1:75:6b:49:
f6:b8:67:0d:02:d2:c4:ec:67:f5:0f:c2:dc:11:c5:65:69:f5:
1f:44:44:af:1f:91:9c:29:1f:8b:e1:8e:9d:5c:9e:ac:72:fa:
4b:c9:29:9a:f1:1e:d1:64:6b:8e:22:5a:34:0f:53:47:ce:0b:
e3:07:49:cb:86:de:35:ec:17:e4:d5:df:cb:f4:de:0c:e1:b8:
93:97:88:9e:f6:0d:b3:fa:f7:4b:a6:52:ef:48:61:c1:43:f2:
32:f7:af:77:ab:75:c0:6c:08:b6:cd:63:cb:b6:64:e8:01:ed:
e4:62:39:36:38:ab:70:4d:c3:a4:b4:92:be:79:e0:f2:7d:7f:
06:52:48:bd:ba:c2:56:6d:af:1f:86:b6:7a:eb:e9:b4:fc:8c:
13:83:fc:25:f8:93:5f:52:c4:bb:4a:08:5a:a0:bf:bd:24:37:
4b:44:e4:a7:ea:fa:36:49:dd:86:1a:f9:f0:24:1b:ab:c1:1e:
8c:03:f8:8a:86:99:fd:3d:9d:9f:68:1a:96:47:73:18:22:3b:
7b:c0:76:02:1d:61:79:73:ac:f9:2c:45:ce:87:53:b5:f5:44:
8d:73:9b:38:d9:bb:a4:11:fd:f8:0c:16:c6:74:49:f0:e0:18:
10:c6:d1:2c:2b:5d:c4:17:72:60:e0:7c:d9:48:b3:eb:38:ba:
4f:e9:82:c2:10:9a:cd:bd:8e:e8:ff:be:f0:57:d8:e5:94:50:
15:6d:87:42:32:8b:d7:8a:07:22:8e:e2:31:e7:95:9b:22:4f:
5d:0d:51:02:49:1e:fc:66:51:bb:81:01:96:64:63:d8:57:43:
66:0d:1f:6c:b4:9a:16:b6:dd:09:c8:6d:0e:c0:79:1f:a6:49:
c8:11:79:d1:18:34:9a:4e:4f:1d:80:1e:47:5b:75:07:a1:74:
fa:52:d2:69:d1:24:d7:2a:cd:72:c6:c8:ec:7d:6b:6b:b6:f9:
e5:5e:9e:d4:24:a0:00:df:ab:b9:6d:57:58:90:18:ac:1c:bd:
af:c1:88:d8:90:5c:82:de:fa:4b:40:51:01:6d:45:c2:83:18:
a3:38:ca:e6:5d:c0:5a:dd:b9:68:0e:0d:c3:c2:f8:6a:8c:ee:
a8:6f:19:c2:d6:78:d6:57:33:7a:fb:c6:0a:db:47:aa:55:89:
47:a6:20:6f:0b:78:84:69:20:da:b5:6c:1b:d3:2c:d7:db:94:
38:e0:75:e7:6c:8f:4d:f5:e5:42:16:c6:91:93:6a:41:39:a5:
77:92:02:49:63:0f:74:c3:b2:55:3f:b1:33:e5:7b:d9:ff:59:
ae:a1:6e:1c:06:bf:76:98:dc:ae:94:39:49:3f:5d:d6:b0:fa:
06:3e:29:8e:40:62:b8:b7:dc:22:11:50:48:19:41:37:c5:e4:
34:b8:25:60:98:ed:b9:4a:68:47:a9:e6:2d:d7:e5:ef:35:e7:
6f:a8:9f:a5:b2:0f:0d:98:fa:9e:ff:fb:c5:57:83:69:98:b0:
37:06:fb:4c:0d:17:ad:e9:68:2b:c3:42:1c:f6:0c:ac:7f:ca:
1b:ba:a9:90:b8:f6:e1:a2:2a:45:8d:f5:aa:e5:8b:4a:16:f6:
0e:3a:38:ee:25:d9:5f:b6:f8:fc:7b:a8:c6:88:e3:ea:f0:1f:
a1:b0:e7:46:e4:b0:59:08:95:02:25:0c:6a:8a:3d:56:3d:c9:
a8:12:dd:47:b4:2d:5a:f6:ae:43:cc:3e:4c:7f:4e:ab:b1:78:
2a:59:6d:6f:ca:93:21:e4:f6:ad:91:a6:1d:da:a9:16:8f:e6:
1a:d2:c9:22:13:62:8f:be:28:96:bd:23:59:38:91:75:b5:84:
bc:ae:b9:5f:07:4a:dd:fd:a8:fc:e6:6d:0d:04:e2:76:fe:30:
0b:e9:9b:60:1c:98:bf:92:80:57:45:ba:53:d2:61:f7:50:51:
d2:ad:9c:03:39:96:39:ee:45:64:04:b3:ca:02:bf:ec:3b:d1:
ab:ec:8d:97:9a:ec:1a:ac:62:99:85:f6:15:c7:d9:b0:2b:f4:
dc:55:f4:19:ac:7e:36:59:70:ee:8c:79:98:89:61:86:25:bd:
b3:38:9e:49:ed:8a:ce:61:1d:d1:13:99:96:74:9e:4f:43:78:
c0:c9:a2:f3:62:92:f8:aa:6b:ca:91:7e:29:d1:80:27:64:68:
e1:0f:9b:fc:fe:64:99:0f:d6:8e:d3:78:d8:ea:fd:e5:0a:55:
34:8b:f1:b4:d9:1b:a5:bb:30:f9:1a:f4:19:3c:3d:af:ac:5f:
ce:9b:27:08:18:52:6f:b0:aa:02:0d:46:84:73:92:f1:0b:16:
12:9b:cf:bc:f3:97:bc:c2:9c:18:57:cc:55:63:21:de:f7:32:
c1:3e:fb:88:de:f7:ae:f0:11:10:5b:5f:04:df:9d:3d:19:2f:
89:cb:72:b4:5b:f2:49:81:76:c2:57:ec:d9:44:ff:b8:8d:19:
6a:2d:bf:31:47:34:e0:b1:03:32:26:15:e4:d7:44:41:d1:5e:
f9:ba:e2:5f:50:45:44:08:44:7f:9b:09:f4:37:ff:8b:d9:d6:
55:66:d0:60:b2:8b:94:34:8d:97:dd:73:2f:02:22:be:9a:bd:
d3:57:8c:c3:c6:e1:e1:19:64:f1:6d:3e:41:20:6f:4e:47:bb:
29:41:bd:a9:8c:ab:01:41:ea:2a:51:c7:f2:9f:ec:ca:9b:1e:
be:e7:f9:3a:5e:66:f8:dd:30:3c:dd:3d:53:61:1e:ad:93:31:
01:c4:c4:b3:2c:b1:14:a3:68:a2:a2:6a:f9:60:e7:63:19:e4:
89:19:89:1d:ad:de:85:5d:43:4c:57:61:17:b4:7d:f9:18:93:
93:c6:88:40:0a:3d:7e:a4:e9:ab:fd:56:c0:2b:5f:35:68:26:
d4:e2:c8:f7:75:08:1c:11:4f:a0:64:a8:15:2d:f2:e9:58:0a:
31:ec:cb:f8:ba:3b:85:aa:95:93:5e:47:05:27:c4:32:6d:56:
71:6f:38:8d:db:93:99:57:35:cf:25:83:99:77:d3:7e:93:cd:
a0:04:ae:e5:e9:20:e7:63:b1:ed:69:8c:46:3d:1c:f6:84:bf:
67:a5:71:60:d5:ec:9f:5b:d9:12:12:9e:0a:b2:85:40:94:34:
9a:74:6b:25:1e:3b:03:2b:2c:55:7f:51:4a:6a:93:07:dd:e6:
d4:89:fb:1a:95:1d:cd:bb:d1:61:47:6d:8c:09:56:44:b3:52:
c9:ca:df:a1:27:45:77:a1:e3:31:ec:da:b4:ad:15:20:ac:f7:
cc:88:1a:b6:84:f5:21:c9:4f:f7:94:bb:d2:1c:d2:19:40:52:
5d:2f:9f:44:d3:64:8c:88:d3:08:93:ff:5e:d1:99:63:60:40:
73:08:bb:20:3d:d1:26:a8:30:48:44:2d:d3:65:e6:af:eb:22:
ec:7c:6f:97:16:69:58:3b:e2:ef:e9:de:de:90:10:07:f4:bd:
6a:a7:e5:82:e9:22:d5:0e:c9:32:ea:ac:30:69:c6:96:9b:51:
6b:93:65:67:e5:84:2f:36:1c:19:d8:be:26:fa:79:05:e0:ed:
34:fd:2c:a4:c0:44:7f:cd:c7:51:e5:a9:81:a7:90:97:46:1a:
78:00:16:64:2c:d9:d4:85:b6:61:1a:87:de:96:f5:0c:f3:cc:
73:d4:0d:5e:8f:64:b0:a0:97:c9:12:0c:2e:fa:3a:a1:07:1c:
bc:29:0c:e0:82:b7:3b:0d:6b:14:80:3a:11:a6:d4:f4:36:a4:
96:d9:89:f8:81:61:77:79:02:6f:5e:64:2a:d7:f2:fa:26:d6:
0b:bf:cc:63:5e:ff:af:7b:c4:ef:48:5d:ef:c7:44:bb:46:be:
cb:3f:c4:3e:9c:f2:98:9e:ec:7b:20:4a:54:a0:cd:2d:3a:cf:
a0:2d:4a:db:2b:97:50:82:92:68:4e:f0:f1:73:b0:b8:6f:62:
d6:97:95:15:75:03:41:5a:d6:f2:f8:a3:eb:f6:48:49:44:49:
93:9e:6c:2c:e1:a1:d5:e6:fd:f2:d5:d9:ee:f0:86:ef:01:49:
65:d6:fd:ae:9d:3a:a6:1d:1a:b3:9b:09:8a:49:cb:ff:b9:d2:
b7:16:7e:f5:36:05:c4:09:c1:b1:49:97:0d:8f:22:c9:8c:9e:
bb:ea:ce:f9:a5:57:47:de:04:7a:bd:e4:b6:a0:0b:bc:d1:da:
a1:20:e1:5c:c4:7a:13:fa:7c:c3:dd:a3:b2:48:98:29:83:75:
c1:6d:f8:1b:75:7c:f4:91:ae:66:d9:bf:49:3e:4c:85:01:df:
d7:8a:1c:44:9c:d0:d1:4f:7f:c2:0f:7d:f8:e0:11:4b:b6:b0:
4e:6f:1a:f1:fb:53:f8:42:c8:54:15:6b:29:a9:b1:1c:f3:f4:
ed:52:2e:66:e9:49:1a:d0:52:66:6e:fa:8d:ff:2f:1e:d3:40:
c7:25:b7:69:1d:d4:a9:4d:ee:82:14:32:0e:82:ed:94:b6:02:
b0:00:d1:b3:20:f2:eb:9e:db:0f:c9:4f:3d:ec:b2:6e:bd:41:
d2:93:87:1f:fb:8c:b8:0e:e3:6a:f4:37:dd:4f:a0:24:e6:22:
3d:c7:a2:46:06:bc:5e:25:74:aa:ae:fc:de:94:d9:5d:6f:1b:
0f:e3:99:46:06:4c:20:ff:59:d1:ef:75:76:87:c8:9a:7d:97:
67:6d:06:d8:20:83:84:1d:c4:72:43:8e:e2:ee:3a:d9:21:59:
63:c9:a0:56:d1:42:f4:34:fe:ed:ac:a4:0a:28:0a:c0:a0:32:
0f:f1:4d:36:b0:27:9c:a5:88:6f:b2:65:a9:43:d2:09:0c:ce:
06:b7:1b:e4:44:d0:e3:cf:da:2f:11:df:cf:83:3a:8e:04:7e:
5f:31:90:c1:1e:1c:b1:ca:4c:21:4d:6a:7a:c5:e0:17:61:ee:
c5:61:dd:0d:41:71:96:77:6d:a4:43:a1:69:60:22:56:ea:b1:
88:b1:71:53:79:44:25:f2:42:c9:b3:48:f7:6c:9a:6a:be:f1:
ca:88:3e:14:b9:69:9e:57:0b:f6:b6:1b:c9:88:70:7c:a8:80:
d6:34:9f:63:59:48:86:4c:bc:eb:cb:49:1f:ad:f6:13:b0:de:
c1:0f:8f:a8:0c:f3:ce:f4:56:b5:3c:1d:82:df:9a:98:4b:5f:
91:1f:56:f3:ad:b7:45:92:9f:44:d1:5b:63:da:1a:96:cc:db:
9f:48:64:08:19:29:3f:a4:27:6c:ed:20:49:07:dd:b0:72:9e:
fd:59:37:73:69:07:1c:24:c4:46:5d:58:d1:0f:e4:05:08:09:
60:b2:8b:df:a2:a5:07:99:c9:4f:cb:f3:d2:d8:bf:b7:0a:6e:
cd:73:43:a5:a0:46:1a:f8:c1:88:01:e2:7c:c1:a7:36:ad:f3:
d1:28:e5:4c:b7:5b:a3:08:70:0e:3a:d9:d3:ce:55:0f:2f:f8:
08:7a:3c:78:0c:c0:ca:1d:8f:35:34:6d:8f:10:3b:3e:ad:3f:
2d:55:9e:d0:aa:e7:43:39:c0:64:4b:55:f9:62:a1:f4:1d:90:
4a:3e:06:1d:0b:8e:12:18:6e:28:30:92:88:80:99:6b:bb:a2:
f2:2b:79:1a:4f:53:e5:4d:10:bd:3b:81:9d:1c:9c:06:a1:a4:
df:61:ec:5a:05:82:38:91:84:65:f6:74:83:9a:28:eb:23:92:
1f:ef:77:77:30:98:c4:90:45:d7:4e:80:fb:e7:50:52:0c:03:
10:0d:b3:e4:0a:20:6c:85:fd:2a:b6:87:e2:7d:69:b0:76:ac:
b6:23:ff:09:6e:ab:7e:98:3e:72:76:bf:a1:e2:77:32:2e:51:
85:db:cf:d8:50:b3:e2:c6:7c:75:bf:67:3a:76:c0:d5:78:2b:
1e:c8:ee:63:31:20:7a:33:c9:90:df:8e:95:d7:be:04:32:93:
bd:60:46:2d:18:52:0d:e0:99:1f:da:1e:d1:ae:f1:ea:a8:7a:
90:80:7e:10:89:51:c5:a2:55:38:b8:59:12:92:9f:93:87:e3:
0f:bb:02:29:ed:75:8f:8a:17:8d:81:91:65:78:a8:1d:9d:2d:
1e:0f:9b:53:d4:13:8d:55:92:eb:8a:45:19:f6:6b:44:03:47:
9c:3b:18:1b:d3:f1:a1:3d:c4:66:b0:16:d6:60:26:b3:8d:89:
52:27:29:4e:3e:b8:50:fd:64:20:fc:02:58:e2:83:6f:15:35:
e4:a6:c8:d6:2c:e3:ce:e2:9d:d1:53:a6:d9:57:90:63:24:ab:
18:d8:6e:63:90:9a:eb:9b:80:c2:98:8a:9a:bf:20:92:b3:36:
a0:04:fa:88:2d:d6:0f:3f:9c:4f:4d:21:96:c7:4d:2e:c0:34:
f0:40:d0:f7:f3:ea:c5:57:cd:3f:ec:74:73:5e:f9:b0:7e:71:
f3:7c:6e:6a:3c:a1:22:b0:f4:40:d8:62:08:a3:97:8c:14:66:
ff:bb:83:ab:26:24:01:9f:b5:03:0e:80:5e:e9:e9:f1:14:84:
97:4d:f8:06:db:98:2d:8c:93:e2:af:45:44:7a:d5:61:bb:d6:
f1:c4:5e:38:62:3e:1b:1d:d6:69:42:49:66:a0:83:da:23:5d:
42:b9:c7:a0:07:5a:ef:e7:b2:9c:4d:83:63:6c:89:61:c7:d6:
29:4d:76:6d:eb:26:6d:25:c9:fc:5d:2d:58:88:17:5e:a5:4b:
7f:0b:6e:c7:7d:f8:6a:50:53:c7:80:35:98:76:31:cd:f0:2f:
6c:f9:79:93:c4:bb:9b:01:89:00:df:0f:55:c5:67:19:50:b2:
31:ca:68:f8:30:f6:0a:88:2d:e8:55:0d:af:cd:5b:cd:f9:3a:
bc:3c:87:f1:32:b5:f3:01:a9:09:44:ea:54:2b:18:33:05:d3:
c6:b8:56:e3:5a:70:38:4c:98:5f:ee:17:6b:12:2d:00:fa:c1:
33:48:73:7c:29:51:9a:44:c7:74:b6:63:2f:b4:f8:87:3c:e4:
44:4b:5d:0f:ec:b1:ec:56:b2:23:da:d4:1f:b7:a9:13:d9:1d:
b3:d6:19:d6:23:fc:72:9a:15:d6:6c:df:66:71:55:a6:89:9b:
ed:ef:25:ee:fb:2b:b3:58:59:d0:42:ab:da:97:88:de:cc:06:
aa:b2:85:d5:f0:a2:87:0e:cb:58:7c:14:9d:d1:8e:d0:21:9b:
80:67:ae:73:4c:34:fd:42:36:71:dc:a5:55:4d:79:19:dc:4c:
f2:bd:76:25:e3:f0:88:62:4f:79:4b:e0:2f:30:cf:40:42:4b:
54:1c:85:23:11:66:3f:23:6a:dc:54:f3:5b:cd:9c:b6:88:e4:
71:87:5c:2f:7e:85:55:5b:9c:23:3a:00:1f:57:da:b6:33:06:
8d:ce:07:89:b9:2d:7d:0b:35:8d:8a:8b:66:cd:59:16:55:db:
b0:b4:2d:3d:53:32:03:90:98:55:a4:f9:8d:f3:84:b4:16:06:
42:3e:ca:71:ef:db:c7:59:32:fa:e3:ec:3b:fb:c9:83:83:90:
52:99:06:c1:b4:3d:ea:f9:83:fa:a8:d9:c3:09:8b:15:d3:85:
06:a1:e5:26:93:4d:23:aa:cd:4b:3e:5f:64:8f:2f:71:7e:c8:
d3:8c:78:ef:79:3e:ab:4c:da:77:23:2e:ff:56:35:8d:27:7d:
7e:7e:df:03:1a:c9:c2:af:f4:62:49:f7:35:1c:6a:9b:19:f9:
0a:e2:17:36:b6:6f:d6:ee:b6:e7:12:e3:c1:54:17:22:6a:28:
6d:cd:9c:e0:ef:b7:1c:99:e1:94:53:8f:c5:55:65:b2:f0:4d:
0f:c7:ef:d0:0a:b4:9f:c2:c9:9d:af:26:2e:98:5e:cd:59:79:
80:1a:28:27:68:fb:22:f3:14:71:60:79:a0:5f:92:75:59:36:
58:fd:80:20:07:e9:8f:34:5c:38:53:7b:4a:d1:58:77:af:1b:
0a:0f:70:3f:db:b8:58:37:01:e6:ef:8d:3c:e5:c7:71:c6:bd:
1a:0b:12:33:5f:9d:07:36:4d:7d:02:07:85:60:83:6f:fc:e0:
af:9f:c5:22:4b:cd:89:dc:2f:b3:53:e1:7f:b9:65:af:59:57:
54:87:32:f2:d6:15:88:e2:2b:a7:20:85:42:26:d9:09:ee:87:
60:0c:bf:a3:6a:e5:e5:db:6f:2c:05:7e:88:ee:aa:98:d7:6d:
0e:3c:9f:6c:28:70:02:1a:78:b6:2e:2c:29:9e:d9:fa:1e:80:
0a:a3:e6:dc:46:00:15:e7:c0:13:36:42:9c:f0:1a:fa:9c:7d:
d0:cd:2f:ce:dd:95:54:fb:b1:fa:bb:3f:83:26:f7:54:42:5d:
60:7a:d1:bd:b2:17:9a:e0:02:a7:9a:d8:40:f4:2c:79:c0:4e:
4e:a4:68:aa:33:c9:1f:2a:f3:fd:9b:50:39:37:b9:1e:59:2c:
7b:cf:97:57:23:81:b7:07:76:8e:b1:f5:15:dc:54:c5:f9:f9:
c6:13:b7:37:2d:12:44:c6:78:1e:92:1f:ed:85:8f:14:7a:9f:
d0:1f:02:8a:f1:5e:8d:05:28:13:2c:cf:1f:41:9d:74:ec:98:
96:51:57:a7:c0:10:9a:be:31:7d:71:a7:c2:38:cd:ce:74:60:
e4:45:ef:b0:60:87:7a:da:e9:05:38:06:19:fe:60:db:c6:2d:
a4:25:f7:5d:d1:b1:3d:12:0b:a0:fb:3c:80:b0:f5:00:48:34:
8b:e4:a4:f1:cf:fe:be:a2:38:43:44:20:23:5e:89:c8:91:18:
fb:5e:aa:90:11:07:7a:e8:ad:61:03:17:6a:a5:a6:a9:e2:c4:
8c:f0:5e:d7:25:fc:43:93:db:47:44:c1:25:26:38:7a:17:08:
24:36:d3:25:95:eb:c3:17:ca:b5:d7:79:73:62:48:d6:d0:af:
e7:a0:61:83:5d:7a:27:e9:b9:7e:d2:25:17:85:c2:28:5b:9f:
e7:01:67:f7:69:83:eb:ec:cd:8e:2b:ee:f1:4c:17:a5:3e:05:
2c:c1:eb:b7:64:d8:fa:3b:3b:c4:e4:53:18:fd:d8:da:1a:f4:
c7:c2:47:90:91:ab:3d:2b:12:1d:9e:7e:58:7e:cb:63:9c:ff:
28:bf:a0:c3:a6:07:52:58:9a:de:2c:4c:63:5e:79:8b:21:cb:
cf:5b:08:7d:6e:44:55:32:5c:37:71:46:02:c1:28:e8:5f:c1:
34:ca:b9:25:0a:c8:88:a8:bc:13:1f:1d:c3:6f:cd:3e:f9:95:
ad:45:7b:f9:03:05:b8:f8:c8:89:fa:a0:7a:2b:b7:15:ba:d2:
0a:39:39:c9:0e:0d:5b:f9:11:b2:9e:11:98:90:bd:25:9d:a2:
f2:c8:c1:3b:70:a3:71:b9:9c:46:24:b1:00:1b:54:3c:ba:11:
a2:73:d4:bf:85:08:57:8f:05:6f:9f:23:12:ff:06:73:d5:6d:
13:7c:1b:50:c4:df:8e:8a:8a:f8:f4:5c:61:c1:51:e8:d3:82:
7b:ef:60:89:56:4c:fa:e1:b5:50:47:23:66:7e:af:af:a7:9f:
0a:1f:55:2d:d9:ad:8f:92:01:d4:10:c8:00:63:0e:6e:95:1b:
ea:e9:d3:38:ac:7c:34:d1:8d:61:e6:be:c5:98:3d:9e:cf:70:
28:5c:4f:80:44:4d:06:9d:1e:e0:4b:4c:91:76:7e:d8:ff:5f:
5a:ae:b6:88:f6:25:7b:96:80:4c:59:3f:91:29:4f:44:c1:01:
23:9c:8c:51:f1:fa:69:e0:b1:2a:20:c8:93:14:f4:99:61:a7:
4e:9b:ee:8d:02:5a:e2:29:d7:f5:9f:ef:94:59:4c:55:c6:0f:
1c:b8:9c:a9:b6:bf:cd:c4:30:e5:e5:84:4e:d3:13:af:6e:8f:
8d:ac:d4:64:c0:21:5d:57:e7:9d:73:c6:90:63:b7:22:3e:a6:
a6:47:d3:be:b4:a3:ff:c6:c3:0e:2b:f0:45:ee:50:50:98:b2:
8e:f2:bc:05:d0:24:b5:40:b2:52:b4:bf:d7:62:8a:a2:a8:d3:
6c:3e:ad:12:46:ab:5b:c7:e1:32:99:21:7c:cb:09:37:2e:8f:
0b:85:41:5f:45:8f:17:ca:66:6a:73:97:73:3c:3d:8d:dc:9f:
51:dd:59:15:0f:68:4b:a2:42:4e:98:6d:1c:74:9b:5d:b4:65:
ed:22:17:a4:73:b2:11:93:f4:d2:b5:aa:93:00:c5:88:42:86:
b5:1c:3f:fc:9f:f7:f9:2f:a9:29:a5:66:e2:e5:8e:29:ef:d5:
d8:dd:93:62:26:08:7a:f6:62:6c:17:1c:b0:d6:19:b1:39:8c:
c4:54:a5:ef:34:b6:15:53:fd:88:80:eb:48:50:0d:74:8e:34:
04:64:f1:da:13:4f:df:63:7b:c3:19:be:c4:1f:f2:13:25:cb:
73:37:98:93:4f:8d:ed:97:88:ee:be:39:9f:03:bd:2a:4f:08:
1d:63:19:dd:20:06:6c:4c:96:a7:66:82:7f:75:62:19:5b:87:
cd:76:e3:b9:10:76:ab:b4:bd:54:ca:3e:10:15:a4:36:42:93:
e9:56:fa:19:59:e3:90:55:ad:f7:b2:07:cd:99:9b:7c:05:01:
a9:d1:fc:eb:e6:d5:de:01:39:ac:0d:be:c7:db:fb:b0:54:08:
48:26:f9:54:dc:15:85:a2:6f:33:10:60:ec:0d:38:ad:15:e4:
14:83:3d:65:df:0b:ae:01:f0:15:9a:ca:bc:4f:c9:c0:57:9f:
9a:b9:22:53:56:b3:4c:83:50:f6:5b:13:68:94:6e:12:7c:bf:
9e:22:6d:c3:17:f4:f0:a5:73:b5:03:ef:b8:af:0e:20:c9:df:
2d:39:e6:43:38:84:30:6b:a1:36:0a:bf:09:41:67:18:85:8e:
77:04:a3:be:d4:9f:36:75:42:e5:84:ea:75:fa:0b:01:4a:30:
48:9c:b3:47:9d:3c:48:41:74:76:14:30:dc:66:1e:fd:7c:58:
2f:63:e5:74:2a:c5:a2:26:65:fe:c2:13:7b:0d:83:f7:94:3d:
2d:f8:83:07:aa:dd:77:72:26:fe:70:29:d5:1e:83:21:ba:0e:
de:10:ba:4c:cd:19:88:b2:9a:44:f8:86:d8:fa:4a:12:3b:7f:
02:ae:af:68:7a:87:8b:8f:63:e5:9a:da:e4:77:9d:40:50:27:
7f:b0:7a:ac:5c:aa:b4:33:8a:dc:fe:17:74:3e:1d:5d:5c:0a:
57:06:72:ac:ac:ed:2d:81:09:b3:6e:71:25:3b:03:29:67:b5:
81:bd:b3:3f:36:42:f3:af:ac:db:58:fe:00:42:b4:28:89:1a:
76:fb:11:8a:32:c9:65:03:f7:ef:6a:e6:57:48:e9:b9:d2:90:
42:9a:cc:ff:f1:fb:06:ad:be:ff:4e:c2:64:93:39:48:4a:57:
e6:06:98:14:9f:0c:61:19:c1:f0:d4:c8:3d:1f:6c:a5:c2:28:
66:25:aa:7a:9f:fd:08:f6:ec:c1:e5:f8:e2:37:17:f5:6b:ae:
aa:f7:a4:da:27:59:25:0e:43:4c:53:62:3b:62:6a:5e:6d:9d:
c9:01:02:f3:79:47:0e:2d:ea:62:89:a5:57:6d:de:18:b2:a2:
13:d2:34:27:28:4f:4a:a5:d7:f3:ee:16:a0:5e:77:f9:2e:6c:
22:81:44:ae:03:64:e1:9f:b8:d7:55:92:75:f6:66:ea:2e:45:
31:16:aa:32:77:3f:8e:0e:b7:4a:d9:52:ad:05:28:d1:58:8a:
d4:79:b0:ba:29:15:33:5b:99:59:d2:70:95:fb:6c:0a:5d:18:
4a:96:ab:14:96:c8:00:9c:5c:e1:f2:f6:ec:85:e4:3e:39:39:
b7:44:3d:9a:66:bd:d9:32:48:c8:5c:0c:d0:4c:b9:2d:01:49:
1d:eb:fd:41:32:67:23:87:10:31:17:20:df:f1:3f:77:ed:b8:
d9:52:dc:3d:11:15:dd:04:93:88:f2:65:32:6d:7b:c0:d8:df:
3a:19:61:9b:7f:e5:a2:b1:e0:6f:6a:3d:f5:82:08:a1:0e:26:
42:e2:91:9f:c2:a2:7e:ba:66:89:a7:95:26:c5:9a:9a:7b:2e:
c7:cf:4e:70:07:2b:f6:f0:56:60:f4:56:ba:73:18:e6:b8:85:
96:35:b2:d4:3d:3e:63:ca:be:08:54:f3:7c:03:e9:6f:98:17:
f5:03:66:da:dc:bc:4a:a8:97:d4:ff:74:89:ba:1d:22:91:58:
50:87:43:c6:1f:ef:0f:cb:9c:da:0e:f8:6b:1e:ab:84:17:f0:
56:17:dd:4a:19:62:4f:d6:56:ef:27:ba:81:ff:fb:5e:c6:4d:
a1:20:03:a4:4b:30:d1:09:37:8a:e3:34:cb:2e:5d:9e:6f:a4:
bb:9c:0d:7c:b0:40:66:23:7d:ac:dc:b9:7c:68:f4:db:f7:92:
c6:db:dc:dc:77:5c:d7:d3:57:a7:13:60:a3:ed:87:15:da:fe:
a5:f0:2e:46:94:ad:92:75:61:f2:a8:08:79:83:af:ea:f5:7a:
4d:02:2a:f2:39:d6:87:ef:4f:17:49:06:86:5a:54:9d:48:0e:
ab:7b:b6:f7:eb:68:85:83:01:52:d5:a8:32:fe:31:c0:45:11:
e2:dc:d6:99:d6:27:90:b5:41:48:b0:39:da:9e:0e:d2:6d:48:
bb:c4:0a:15:53:8b:16:77:9a:b9:62:b9:18:db:ea:25:17:8f:
c4:18:cd:1c:93:33:0e:9b:e0:ef:da:22:d8:55:17:2d:90:f1:
5e:35:a0:24:eb:3b:d4:50:45:d9:35:3b:0b:c3:d4:6e:67:b2:
92:0e:e6:a7:14:1c:09:e4:d0:94:d8:05:b4:e4:9d:20:5f:f1:
be:ca:25:00:34:76:35:e4:3a:19:05:ec:94:8b:9f:cf:c1:1a:
89:bd:8b:1b:8d:68:85:2c:aa:d0:95:3b:d7:b5:47:39:03:7b:
73:38:16:8d:21:68:1a:d8:77:49:1b:02:d5:41:e9:f9:a1:da:
40:75:f1:0a:ab:76:19:79:dd:34:28:6b:4d:d1:44:79:97:a3:
fd:15:1e:12:77:ce:e9:04:12:c3:47:75:5e:73:5d:8b:50:8e:
7b:78:74:a2:10:44:dc:29:ec:bb:09:04:98:dd:9a:98:a1:f8:
fd:c5:5d:41:4c:9e:13:33:09:f7:59:d2:ca:7b:86:8c:0f:f0:
8a:40:fb:6a:7d:c9:5b:18:71:28:15:e9:8a:97:b8:4e:56:a1:
3c:82:69:f2:1e:05:b8:4e:b4:0f:c5:11:b0:d8:cd:e1:07:5e:
39:a1:e4:a0:ad:19:c7:af:3b:a1:3c:01:69:8a:4d:8e:13:22:
53:98:ab:9c:a5:2e:75:1c:97:d9:0c:e7:0b:d4:79:41:2a:2d:
73:97:45:e4:b1:4b:37:54:d7:90:2f:36:f5:49:82:d6:41:e3:
9b:1b:ee:bb:19:f3:a9:5f:74:da:90:0f:ef:c3:89:e7:21:cd:
0a:51:71:aa:77:76:ad:e2:15:f1:ac:cf:68:34:09:d3:00:4c:
bc:c9:58:9f:b5:6c:e6:f9:4a:cc:3b:73:7a:0a:02:8d:da:98:
77:14:34:98:5d:ef:c0:8e:71:bc:b2:dc:56:1f:ec:b0:b0:46:
75:23:7b:00:33:44:f3:85:a7:49:81:47:28:62:76:4d:91:3e:
57:5c:58:31:a2:b1:de:0b:49:fb:92:ad:d1:a7:1d:61:0d:03:
ef:7c:fd:9b:9a:36:ce:b1:1d:37:87:3c:ea:3e:54:37:b5:de:
ea:e6:79:27:aa:4f:2f:94:17:21:09:24:5d:33:c9:ea:2d:e8:
87:f1:6a:d3:d6:fd:85:79:bd:66:25:2b:e6:0d:d6:23:3d:82:
d8:28:4a:31:06:7a:b6:79:3a:2a:d2:a5:00:5b:9a:f3:3f:15:
c4:cc:f5:6f:00:f3:77:b1:c6:31:9b:7d:33:eb:0e:b0:0f:f3:
9d:4e:49:85:1d:90:01:15:fa:3d:08:7d:27:06:ea:92:3e:b0:
c7:93:da:48:70:1a:1f:7e:52:f8:4c:63:c2:d4:82:cc:40:44:
c0:84:38:fc:70:ad:c9:16:41:80:73:8c:8e:6f:dd:e9:48:27:
8c:c1:87:c1:ca:4d:14:66:53:e1:ce:9d:1b:3a:16:14:cd:dd:
ce:12:a9:2a:ba:c9:4c:34:4b:4a:85:1f:9d:d4:6a:70:e9:df:
18:9f:03:d2:bf:73:f3:e0:b3:8f:d2:10:09:97:fd:59:fc:50:
c8:57:a7:77:34:43:82:79:b5:56:f5:33:c2:a0:dd:2e:78:09:
60:ee:0a:92:d3:13:5c:b3:41:79:df:fc:07:09:a5:54:aa:e5:
59:6a:30:d0:f1:ed:bb:f1:5a:52:61:9d:06:36:dc:c8:80:70:
77:45:05:b9:2f:4d:c4:86:fe:d7:51:51:93:88:8b:66:1c:fa:
0d:ce:91:5e:e0:25:3b:6f:89:47:df:52:09:b7:0e:c1:82:90:
96:17:b0:8c:af:d1:2c:00:b0:bb:18:5f:34:56:d5:f6:18:00:
56:4c:09:ab:32:77:e0:35:56:1a:52:99:1a:d9:e1:ce:75:9f:
24:4c:7d:e5:34:4f:52:1c:d4:6b:93:b8:a5:c5:68:97:68:a5:
1d:1f:77:16:2d:4a:29:0d:e5:2b:9a:f9:05:2a:1d:3a:f9:7e:
45:3e:a0:5f:88:d6:8b:bd:47:f3:a7:7b:a1:27:29:1c:3a:26:
41:b8:fe:80:53:6d:29:64:09:1f:6f:e9:ac:ff:70:8f:06:ef:
48:a2:07:1f:8c:d9:86:2c:84:f4:a7:01:66:d1:2f:f2:47:92:
a1:e6:de:a7:28:70:4f:bd:d6:d8:b4:ed:17:ab:4e:18:4f:e2:
4a:62:d0:7f:30:9c:40:2e
-----BEGIN CERTIFICATE-----
MIIg7zCCAimgAwIBAgIUZUd1tFj6suEfFrVfJUm0fyoSYFYwCwYJYIZIAWUDBAMU
MIGiMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96
ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9TTEgtRFNBMRowGAYDVQQLDBFSb290LVNM
SC1EU0Etc2hhMjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTI2MDQyODA4MTAwNVoXDTI5MDEyMjA4
MTAwNVowgaIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
DAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX1NMSC1EU0ExGjAYBgNVBAsMEVJv
b3QtU0xILURTQS1zaGEyMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wMDALBglghkgBZQMEAxQDIQCm4CSo
ShgQTc3G2iMkZ96WlYEApsrOQ+T9/HsajPrrfqNjMGEwHQYDVR0OBBYEFL2AIzoG
3ThX7mvClHvqv0NXOrCMMB8GA1UdIwQYMBaAFL2AIzoG3ThX7mvClHvqv0NXOrCM
MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMAsGCWCGSAFlAwQDFAOC
HrEAEDxwxfWxTxx3hTS5s1eXYu/nTRdnVmN0AuFQXFvcVpRF1/lrdv374gAWC1oP
hoZ+HgxOf9CVy9SNCVhTTuKfDhEuONzAh+xvJe8bWYGrcWlRLjwv9uvyInNi4aJo
s2fbLgUW+ryutiLLwg/9iB42QycT3mEBDLpa3wppF0XCd7Xfh2KzFm6OV+A7nwKA
XfCSdlFzLnolHIh53Q1VxXOUs3ZSOftYDTT+dDhF/Jk5h8f+Syp8Ua6S7l8oFhME
tfBfk5B00OD0HQava60z/izVmuUQMn8BL36Xxv+2V5dWzFpamnneGbCcC1e7u+WL
kSzNGS18dY5xT8XFiHRcXSeC3JRYfW5xbnjF8w07hZUq2k2vNKk8AojMRR0IDJ0g
OXMGCi26il2pRDIkMrHR/dF/tBBWOhUSpfbBbxbvhF6Gq1ubp7Qh40OGGlD4lbOw
EFYOJrZaRnVR4npadisUTlddiGEnFozgaq2HsRmJgIeqallpGPzjWniD2Fg67I65
KCoi5hOPrd9OTZ6ZazSaxcGBDigaFuVg0X0c11/4Pn0cfC0YXzpc0tIL28RPaVen
bWCVXgT7cTFx0eTu3RA0pZsMeynpS4U6L2SHk5qPBp91isKzpgz/lHrI9OYUMbFv
IK00XD8aZ8cODokAxZ/WVkuNhtxklOB+TYvNQ187RsmS8KQN37mrOKpbO5yv+vvV
9gslljAzKD0/HqYQQ1hTroinW45VZlcuDYipW9NxCiMFR4LK5gzI0fKZn8k3KlmZ
1PClghgLmPDuvg8RbypqFN3EybztgKx8ymXr+q+zKaeywxxCHn0/0xrwGzD1o1OM
E9OWggGoLtKu6vFQF67LpHtVclWLkCjw2VuB9HibsP6gxG7cJfyUZHESv/zNMVAm
LeLvOAUUgrZig6mGy98F7ydqzCyPHF1AE8HjJKZ9PIMaeHl9Y3VPaLmcdbkH7WIW
KSLBzfJSAukXsNBEE5wlx/053+vVMl6/xUeBGINjlolMMQKPxOl/J44BP0ROlrBz
rVanlU2rowPi3DNl0heH6Ae+lRdkPmyHzTrmCrjmi+Lp2WAq79XIL3qN7HAWEKId
EhZBo8EHL5Wx1H+fyhbKch0t3zpvk+uedjQ/3adHEhhb9DQrc0IzFcgZDKgQ1dME
geLRtD9+UzTY2wLWYLQkjChNMVELTsjxTJmYpzarvM6i1mf1smTsDuPzgkbTh84b
qUbT3Bon4l+/VTPK4N4ChCbtV1gn9NY8DafbQC3YyAyER5f7v0mM0hyA/9rWP5MA
d/Mx8MhXRlqaFSULLdEbWuuuCQ4+JOap63K+5EXSQdsh3acbbmI+Q9liNDFidtQu
OUj9VJxRavdxRIjAw5g7ZuGOCp3jaKlq0lKAlz2eFMm8NjNvJJx74YqloRJEv2Gi
O9oYuX+fibsQM49GGJJJXhCBpgsGGRmj6AbI/k6UIN5wNntA7gTK/PqBqoedrfNX
eAw0UfT673hYHukPuXX2pQmgkX+AGYAXS1ypuW22APgXkOG3TyEzZB3R1ah4oJhG
CgoOctwqZ45XRAB2Lnm5Tsd4sqcSF3VEbM6m164lVGxd6z2SdGUm920jGkORrS4g
yPT6E6mX6n6pYZSBp82zYKliTOyLkSGp03w5nz9M+I8WgT8jOiBkehDOgtckKOrg
dGrqYr3jBpAeksr6LSWlcFKPoT+fenrzVU1Lix0eztBhRGjlwmnoFC9ckJZyj345
YcHUPTa/ErTeMT5+9EXZa9icYQb+fUOu48j0Ow16XbY1Rl1bMOmf3klT2KeXYTPs
/t1KicPbqjlLAfggJ6MLEi8D/Y1pX5AqYpeTptQSgO6YR5PZiX1G8y1hjuadfn5C
Bw8+FQibSTaYHB7cV13rqzVLM+sv/aVukkVdId/UdIMCqTy9iO3XBdq1KlbhrnxT
qJ3zJL+CHQkgZrm4S+634JoV45m845OkLpNKwgyLQu4pQvWT6bZzjY0kTHgmt9xk
x5SO8y+BaJGlV+zHs31zAtAgGBZ6O93pZQiEa0AZ9nlxE8qPvoquwqRnrg5bqFUB
OFoOClEEVxJ25s/YVyWnjAPaIhPdkOEnJuDY3JtaazoP4uONVHNuEgJy9CvDm4A/
b/uKnv275NfGFIoZ1p8wvACYQZIrvaWOq5OJnW7UjoIXiKYZK4ukZ+lb7n+75qTX
zYV6wS0Viz1OJXFjXH5yt7znjqit1aQv0lbPsSlJA57Tuc41YI3TUJdfTqxy9LAg
5JF1zCdezq4EdxuEAv4MvKfdYj5V6edbo8gdCDQYU736BQzp/IRzDUufVlLlCehG
QztOWfqEZ9XClD3qy50pMU2RYZDyHylo3DRfE/2x8jhyhfEWHH8F5bgyVz9qaM7l
WBoU5R/ntxwEpuHFhsh442KS/f+b8ehgnEC5HB17Uq3u3voEvwu92TS/70ob8gxy
Qx5VJLFWrgxEme+1++XuxiB8FV9myDLD4DN2ANOwfr4KKHk/mFF4EnOusySlodMc
+Gxa58BHX4alZ9U7IBlJkf3GMgyW6d/q4Y7PSr2fleuILDz2NNqJ9zrRuw+X8DiZ
7Im0s5K/7RN9vBRUFmMB82Dw9sTg2wDcyF8TEYIdBHOk8Y3QjnpNH5wOjdz+fY+X
XqGXwnPnRZQZGZP1T/wli8MaGacdkQq/KHhBBn0J1JXF0o9HBM8/mr5ysIrQKQ2H
uCIRKsbHJ4ESb54YiJyKJQQFZrHvsUxI9/dT7MhyvHAlXhm+PNf2GlJ3BRXbupkq
1r3OoXD8MEDMvU3kNvD8uVQxSNOcuztRCKXosDtbCmmRLPfUUAdMqC97Q4Jk+8PK
SFy59/O81iFDw7UmYQaGI8Z/BdcLweV9X1rDCRp8Bss1+KNwExQ3tpgAiCSwkE/0
mZl11RUje1oJ2zMwi7nasgh86jk8iJaoOdoeIlqzvvdAWHpte4jeTFcw8TilzGrn
s8TvivFNyiy/WwUCMJcQEt0/ir8Khk9XY3m8LCGiwgcmpJbSGtJzhqmvLcqubwfn
JvRHZY4OKY/KzhbNkADwphmkMLjXitreWltUkZrhdWtJ9rhnDQLSxOxn9Q/C3BHF
ZWn1H0RErx+RnCkfi+GOnVyerHL6S8kpmvEe0WRrjiJaNA9TR84L4wdJy4beNewX
5NXfy/TeDOG4k5eInvYNs/r3S6ZS70hhwUPyMvevd6t1wGwIts1jy7Zk6AHt5GI5
NjircE3DpLSSvnng8n1/BlJIvbrCVm2vH4a2euvptPyME4P8JfiTX1LEu0oIWqC/
vSQ3S0Tkp+r6Nkndhhr58CQbq8EejAP4ioaZ/T2dn2galkdzGCI7e8B2Ah1heXOs
+SxFzodTtfVEjXObONm7pBH9+AwWxnRJ8OAYEMbRLCtdxBdyYOB82Uiz6zi6T+mC
whCazb2O6P++8FfY5ZRQFW2HQjKL14oHIo7iMeeVmyJPXQ1RAkke/GZRu4EBlmRj
2FdDZg0fbLSaFrbdCchtDsB5H6ZJyBF50Rg0mk5PHYAeR1t1B6F0+lLSadEk1yrN
csbI7H1ra7b55V6e1CSgAN+ruW1XWJAYrBy9r8GI2JBcgt76S0BRAW1FwoMYozjK
5l3AWt25aA4Nw8L4aozuqG8ZwtZ41lczevvGCttHqlWJR6Ygbwt4hGkg2rVsG9Ms
19uUOOB152yPTfXlQhbGkZNqQTmld5ICSWMPdMOyVT+xM+V72f9ZrqFuHAa/dpjc
rpQ5ST9d1rD6Bj4pjkBiuLfcIhFQSBlBN8XkNLglYJjtuUpoR6nmLdfl7zXnb6if
pbIPDZj6nv/7xVeDaZiwNwb7TA0XreloK8NCHPYMrH/KG7qpkLj24aIqRY31quWL
Shb2Djo47iXZX7b4/Huoxojj6vAfobDnRuSwWQiVAiUMaoo9Vj3JqBLdR7QtWvau
Q8w+TH9Oq7F4Klltb8qTIeT2rZGmHdqpFo/mGtLJIhNij74olr0jWTiRdbWEvK65
XwdK3f2o/OZtDQTidv4wC+mbYByYv5KAV0W6U9Jh91BR0q2cAzmWOe5FZASzygK/
7DvRq+yNl5rsGqximYX2FcfZsCv03FX0Gax+Nllw7ox5mIlhhiW9szieSe2KzmEd
0ROZlnSeT0N4wMmi82KS+KprypF+KdGAJ2Ro4Q+b/P5kmQ/WjtN42Or95QpVNIvx
tNkbpbsw+Rr0GTw9r6xfzpsnCBhSb7CqAg1GhHOS8QsWEpvPvPOXvMKcGFfMVWMh
3vcywT77iN73rvAREFtfBN+dPRkvictytFvySYF2wlfs2UT/uI0Zai2/MUc04LED
MiYV5NdEQdFe+briX1BFRAhEf5sJ9Df/i9nWVWbQYLKLlDSNl91zLwIivpq901eM
w8bh4Rlk8W0+QSBvTke7KUG9qYyrAUHqKlHH8p/sypsevuf5Ol5m+N0wPN09U2Ee
rZMxAcTEsyyxFKNooqJq+WDnYxnkiRmJHa3ehV1DTFdhF7R9+RiTk8aIQAo9fqTp
q/1WwCtfNWgm1OLI93UIHBFPoGSoFS3y6VgKMezL+Lo7haqVk15HBSfEMm1WcW84
jduTmVc1zyWDmXfTfpPNoASu5ekg52Ox7WmMRj0c9oS/Z6VxYNXsn1vZEhKeCrKF
QJQ0mnRrJR47AyssVX9RSmqTB93m1In7GpUdzbvRYUdtjAlWRLNSycrfoSdFd6Hj
MezatK0VIKz3zIgatoT1IclP95S70hzSGUBSXS+fRNNkjIjTCJP/XtGZY2BAcwi7
ID3RJqgwSEQt02Xmr+si7HxvlxZpWDvi7+ne3pAQB/S9aqflguki1Q7JMuqsMGnG
lptRa5NlZ+WELzYcGdi+Jvp5BeDtNP0spMBEf83HUeWpgaeQl0YaeAAWZCzZ1IW2
YRqH3pb1DPPMc9QNXo9ksKCXyRIMLvo6oQccvCkM4IK3Ow1rFIA6EabU9DakltmJ
+IFhd3kCb15kKtfy+ibWC7/MY17/r3vE70hd78dEu0a+yz/EPpzymJ7seyBKVKDN
LTrPoC1K2yuXUIKSaE7w8XOwuG9i1peVFXUDQVrW8vij6/ZISURJk55sLOGh1eb9
8tXZ7vCG7wFJZdb9rp06ph0as5sJiknL/7nStxZ+9TYFxAnBsUmXDY8iyYyeu+rO
+aVXR94Eer3ktqALvNHaoSDhXMR6E/p8w92jskiYKYN1wW34G3V89JGuZtm/ST5M
hQHf14ocRJzQ0U9/wg99+OARS7awTm8a8ftT+ELIVBVrKamxHPP07VIuZulJGtBS
Zm76jf8vHtNAxyW3aR3UqU3ughQyDoLtlLYCsADRsyDy657bD8lPPeyybr1B0pOH
H/uMuA7javQ33U+gJOYiPceiRga8XiV0qq783pTZXW8bD+OZRgZMIP9Z0e91dofI
mn2XZ20G2CCDhB3EckOO4u462SFZY8mgVtFC9DT+7aykCigKwKAyD/FNNrAnnKWI
b7JlqUPSCQzOBrcb5ETQ48/aLxHfz4M6jgR+XzGQwR4cscpMIU1qesXgF2HuxWHd
DUFxlndtpEOhaWAiVuqxiLFxU3lEJfJCybNI92yaar7xyog+FLlpnlcL9rYbyYhw
fKiA1jSfY1lIhky868tJH632E7DewQ+PqAzzzvRWtTwdgt+amEtfkR9W8623RZKf
RNFbY9oalszbn0hkCBkpP6QnbO0gSQfdsHKe/Vk3c2kHHCTERl1Y0Q/kBQgJYLKL
36KlB5nJT8vz0ti/twpuzXNDpaBGGvjBiAHifMGnNq3z0SjlTLdbowhwDjrZ085V
Dy/4CHo8eAzAyh2PNTRtjxA7Pq0/LVWe0KrnQznAZEtV+WKh9B2QSj4GHQuOEhhu
KDCSiICZa7ui8it5Gk9T5U0QvTuBnRycBqGk32HsWgWCOJGEZfZ0g5oo6yOSH+93
dzCYxJBF106A++dQUgwDEA2z5AogbIX9KraH4n1psHastiP/CW6rfpg+cna/oeJ3
Mi5RhdvP2FCz4sZ8db9nOnbA1XgrHsjuYzEgejPJkN+Olde+BDKTvWBGLRhSDeCZ
H9oe0a7x6qh6kIB+EIlRxaJVOLhZEpKfk4fjD7sCKe11j4oXjYGRZXioHZ0tHg+b
U9QTjVWS64pFGfZrRANHnDsYG9PxoT3EZrAW1mAms42JUicpTj64UP1kIPwCWOKD
bxU15KbI1izjzuKd0VOm2VeQYySrGNhuY5Ca65uAwpiKmr8gkrM2oAT6iC3WDz+c
T00hlsdNLsA08EDQ9/PqxVfNP+x0c175sH5x83xuajyhIrD0QNhiCKOXjBRm/7uD
qyYkAZ+1Aw6AXunp8RSEl034BtuYLYyT4q9FRHrVYbvW8cReOGI+Gx3WaUJJZqCD
2iNdQrnHoAda7+eynE2DY2yJYcfWKU12besmbSXJ/F0tWIgXXqVLfwtux334alBT
x4A1mHYxzfAvbPl5k8S7mwGJAN8PVcVnGVCyMcpo+DD2Cogt6FUNr81bzfk6vDyH
8TK18wGpCUTqVCsYMwXTxrhW41pwOEyYX+4XaxItAPrBM0hzfClRmkTHdLZjL7T4
hzzkREtdD+yx7FayI9rUH7epE9kds9YZ1iP8cpoV1mzfZnFVpomb7e8l7vsrs1hZ
0EKr2peI3swGqrKF1fCihw7LWHwUndGO0CGbgGeuc0w0/UI2cdylVU15GdxM8r12
JePwiGJPeUvgLzDPQEJLVByFIxFmPyNq3FTzW82ctojkcYdcL36FVVucIzoAH1fa
tjMGjc4HibktfQs1jYqLZs1ZFlXbsLQtPVMyA5CYVaT5jfOEtBYGQj7Kce/bx1ky
+uPsO/vJg4OQUpkGwbQ96vmD+qjZwwmLFdOFBqHlJpNNI6rNSz5fZI8vcX7I04x4
73k+q0zadyMu/1Y1jSd9fn7fAxrJwq/0Ykn3NRxqmxn5CuIXNrZv1u625xLjwVQX
Imoobc2c4O+3HJnhlFOPxVVlsvBND8fv0Aq0n8LJna8mLphezVl5gBooJ2j7IvMU
cWB5oF+SdVk2WP2AIAfpjzRcOFN7StFYd68bCg9wP9u4WDcB5u+NPOXHcca9GgsS
M1+dBzZNfQIHhWCDb/zgr5/FIkvNidwvs1Phf7llr1lXVIcy8tYViOIrpyCFQibZ
Ce6HYAy/o2rl5dtvLAV+iO6qmNdtDjyfbChwAhp4ti4sKZ7Z+h6ACqPm3EYAFefA
EzZCnPAa+px90M0vzt2VVPux+rs/gyb3VEJdYHrRvbIXmuACp5rYQPQsecBOTqRo
qjPJHyrz/ZtQOTe5Hlkse8+XVyOBtwd2jrH1FdxUxfn5xhO3Ny0SRMZ4HpIf7YWP
FHqf0B8CivFejQUoEyzPH0GddOyYllFXp8AQmr4xfXGnwjjNznRg5EXvsGCHetrp
BTgGGf5g28YtpCX3XdGxPRILoPs8gLD1AEg0i+Sk8c/+vqI4Q0QgI16JyJEY+16q
kBEHeuitYQMXaqWmqeLEjPBe1yX8Q5PbR0TBJSY4ehcIJDbTJZXrwxfKtdd5c2JI
1tCv56Bhg116J+m5ftIlF4XCKFuf5wFn92mD6+zNjivu8UwXpT4FLMHrt2TY+js7
xORTGP3Y2hr0x8JHkJGrPSsSHZ5+WH7LY5z/KL+gw6YHUlia3ixMY155iyHLz1sI
fW5EVTJcN3FGAsEo6F/BNMq5JQrIiKi8Ex8dw2/NPvmVrUV7+QMFuPjIifqgeiu3
FbrSCjk5yQ4NW/kRsp4RmJC9JZ2i8sjBO3CjcbmcRiSxABtUPLoRonPUv4UIV48F
b58jEv8Gc9VtE3wbUMTfjoqK+PRcYcFR6NOCe+9giVZM+uG1UEcjZn6vr6efCh9V
Ldmtj5IB1BDIAGMObpUb6unTOKx8NNGNYea+xZg9ns9wKFxPgERNBp0e4EtMkXZ+
2P9fWq62iPYle5aATFk/kSlPRMEBI5yMUfH6aeCxKiDIkxT0mWGnTpvujQJa4inX
9Z/vlFlMVcYPHLicqba/zcQw5eWETtMTr26PjazUZMAhXVfnnXPGkGO3Ij6mpkfT
vrSj/8bDDivwRe5QUJiyjvK8BdAktUCyUrS/12KKoqjTbD6tEkarW8fhMpkhfMsJ
Ny6PC4VBX0WPF8pmanOXczw9jdyfUd1ZFQ9oS6JCTphtHHSbXbRl7SIXpHOyEZP0
0rWqkwDFiEKGtRw//J/3+S+pKaVm4uWOKe/V2N2TYiYIevZibBccsNYZsTmMxFSl
7zS2FVP9iIDrSFANdI40BGTx2hNP32N7wxm+xB/yEyXLczeYk0+N7ZeI7r45nwO9
Kk8IHWMZ3SAGbEyWp2aCf3ViGVuHzXbjuRB2q7S9VMo+EBWkNkKT6Vb6GVnjkFWt
97IHzZmbfAUBqdH86+bV3gE5rA2+x9v7sFQISCb5VNwVhaJvMxBg7A04rRXkFIM9
Zd8LrgHwFZrKvE/JwFefmrkiU1azTINQ9lsTaJRuEny/niJtwxf08KVztQPvuK8O
IMnfLTnmQziEMGuhNgq/CUFnGIWOdwSjvtSfNnVC5YTqdfoLAUowSJyzR508SEF0
dhQw3GYe/XxYL2PldCrFoiZl/sITew2D95Q9LfiDB6rdd3Im/nAp1R6DIboO3hC6
TM0ZiLKaRPiG2PpKEjt/Aq6vaHqHi49j5Zra5HedQFAnf7B6rFyqtDOK3P4XdD4d
XVwKVwZyrKztLYEJs25xJTsDKWe1gb2zPzZC86+s21j+AEK0KIkadvsRijLJZQP3
72rmV0jpudKQQprM//H7Bq2+/07CZJM5SEpX5gaYFJ8MYRnB8NTIPR9spcIoZiWq
ep/9CPbsweX44jcX9Wuuqvek2idZJQ5DTFNiO2JqXm2dyQEC83lHDi3qYomlV23e
GLKiE9I0JyhPSqXX8+4WoF53+S5sIoFErgNk4Z+411WSdfZm6i5FMRaqMnc/jg63
StlSrQUo0ViK1HmwuikVM1uZWdJwlftsCl0YSparFJbIAJxc4fL27IXkPjk5t0Q9
mma92TJIyFwM0Ey5LQFJHev9QTJnI4cQMRcg3/E/d+242VLcPREV3QSTiPJlMm17
wNjfOhlhm3/lorHgb2o99YIIoQ4mQuKRn8KifrpmiaeVJsWamnsux89OcAcr9vBW
YPRWunMY5riFljWy1D0+Y8q+CFTzfAPpb5gX9QNm2ty8SqiX1P90ibodIpFYUIdD
xh/vD8uc2g74ax6rhBfwVhfdShliT9ZW7ye6gf/7XsZNoSADpEsw0Qk3iuM0yy5d
nm+ku5wNfLBAZiN9rNy5fGj02/eSxtvc3Hdc19NXpxNgo+2HFdr+pfAuRpStknVh
8qgIeYOv6vV6TQIq8jnWh+9PF0kGhlpUnUgOq3u29+tohYMBUtWoMv4xwEUR4tzW
mdYnkLVBSLA52p4O0m1Iu8QKFVOLFneauWK5GNvqJRePxBjNHJMzDpvg79oi2FUX
LZDxXjWgJOs71FBF2TU7C8PUbmeykg7mpxQcCeTQlNgFtOSdIF/xvsolADR2NeQ6
GQXslIufz8Eaib2LG41ohSyq0JU717VHOQN7czgWjSFoGth3SRsC1UHp+aHaQHXx
Cqt2GXndNChrTdFEeZej/RUeEnfO6QQSw0d1XnNdi1COe3h0ohBE3CnsuwkEmN2a
mKH4/cVdQUyeEzMJ91nSynuGjA/wikD7an3JWxhxKBXpipe4TlahPIJp8h4FuE60
D8URsNjN4QdeOaHkoK0Zx687oTwBaYpNjhMiU5irnKUudRyX2QznC9R5QSotc5dF
5LFLN1TXkC829UmC1kHjmxvuuxnzqV902pAP78OJ5yHNClFxqnd2reIV8azPaDQJ
0wBMvMlYn7Vs5vlKzDtzegoCjdqYdxQ0mF3vwI5xvLLcVh/ssLBGdSN7ADNE84Wn
SYFHKGJ2TZE+V1xYMaKx3gtJ+5Kt0acdYQ0D73z9m5o2zrEdN4c86j5UN7Xe6uZ5
J6pPL5QXIQkkXTPJ6i3oh/Fq09b9hXm9ZiUr5g3WIz2C2ChKMQZ6tnk6KtKlAFua
8z8VxMz1bwDzd7HGMZt9M+sOsA/znU5JhR2QARX6PQh9Jwbqkj6wx5PaSHAaH35S
+ExjwtSCzEBEwIQ4/HCtyRZBgHOMjm/d6UgnjMGHwcpNFGZT4c6dGzoWFM3dzhKp
KrrJTDRLSoUfndRqcOnfGJ8D0r9z8+Czj9IQCZf9WfxQyFendzRDgnm1VvUzwqDd
LngJYO4KktMTXLNBed/8BwmlVKrlWWow0PHtu/FaUmGdBjbcyIBwd0UFuS9NxIb+
11FRk4iLZhz6Dc6RXuAlO2+JR99SCbcOwYKQlhewjK/RLACwuxhfNFbV9hgAVkwJ
qzJ34DVWGlKZGtnhznWfJEx95TRPUhzUa5O4pcVol2ilHR93Fi1KKQ3lK5r5BSod
Ovl+RT6gX4jWi71H86d7oScpHDomQbj+gFNtKWQJH2/prP9wjwbvSKIHH4zZhiyE
9KcBZtEv8keSoebepyhwT73W2LTtF6tOGE/iSmLQfzCcQC4=
-----END CERTIFICATE-----
Binary file not shown.
@@ -0,0 +1,4 @@
-----BEGIN PRIVATE KEY-----
MFICAQAwCwYJYIZIAWUDBAMaBEAnqyIgk6VNnF0xM5x6Vbnp9D23c/kPGQeocOR8
HctLAiqMjF2YEIFMAUeaq+RxTydF4qwQjpWAlJQwoaItuSqz
-----END PRIVATE KEY-----
Binary file not shown.
+644
View File
@@ -0,0 +1,644 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b9:a5:11:e8:b5:2e:6d:06:db:c8:39:df:1a:50:04:21:1e:f9:44
Signature Algorithm: SLH-DSA-SHAKE-128s
Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_SLH-DSA, OU=Root-SLH-DSA-shake, CN=www.wolfssl.com, emailAddress=info@wolfssl.com
Validity
Not Before: Apr 28 08:10:04 2026 GMT
Not After : Jan 22 08:10:04 2029 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_SLH-DSA, OU=Root-SLH-DSA-shake, CN=www.wolfssl.com, emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: SLH-DSA-SHAKE-128s
SLH-DSA-SHAKE-128s Public-Key:
pub:
2a:8c:8c:5d:98:10:81:4c:01:47:9a:ab:e4:71:4f:
27:45:e2:ac:10:8e:95:80:94:94:30:a1:a2:2d:b9:
2a:b3
X509v3 extensions:
X509v3 Subject Key Identifier:
62:90:90:E5:3A:74:18:1B:FB:68:40:07:A5:83:9D:70:2E:7E:C9:F0
X509v3 Authority Key Identifier:
62:90:90:E5:3A:74:18:1B:FB:68:40:07:A5:83:9D:70:2E:7E:C9:F0
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: SLH-DSA-SHAKE-128s
Signature Value:
f3:00:21:12:66:43:0d:fb:2c:be:12:be:ed:07:4f:ae:78:1b:
4c:cf:e2:e8:85:cb:e4:68:f0:6e:6e:63:78:e1:10:0c:3c:7d:
0f:57:03:dc:ac:73:81:7c:c9:5e:77:e2:d0:77:0a:b1:7e:03:
cc:3b:f6:a4:19:e4:e1:dd:89:d5:dd:cf:0b:c2:17:a0:fd:fd:
08:d8:d3:c8:12:1c:a8:de:bb:a0:a7:ba:81:bb:c9:b0:bd:09:
fd:05:cf:f8:89:5c:38:d7:0f:a6:8f:85:98:cd:3e:a3:c1:9a:
e9:4c:6b:bb:0e:25:fc:3d:83:19:53:8a:38:ff:e8:1b:da:cb:
35:24:3e:1c:de:8c:9d:83:f7:2a:9e:52:4b:1b:0a:14:e6:b4:
1f:5b:de:0d:3f:68:8c:ab:e9:da:d8:61:37:c2:c0:e3:28:b2:
df:41:0e:d2:90:30:e2:f6:a4:18:a1:1f:43:c4:30:a3:68:9d:
c1:d6:81:d1:2a:2e:a6:6a:7d:c7:a3:6b:4f:f1:6e:67:5d:b0:
08:4b:9f:0f:c1:98:4f:5e:13:80:44:d7:c0:d7:32:d6:af:42:
a1:cb:c0:86:f3:d3:db:17:89:ed:f1:bd:af:f3:eb:76:f1:2a:
9c:0c:d9:c9:86:8b:46:f8:0a:cf:5f:e7:fb:50:a1:69:e5:5e:
a5:78:81:63:5a:9c:2d:a4:b2:2b:d6:fa:c1:f9:7e:7a:01:39:
b1:0f:17:b2:e6:74:b0:01:59:59:14:f6:49:6b:f9:63:4a:84:
32:83:80:2c:cf:8e:4e:0b:f6:ff:41:47:6b:c2:f7:54:cf:44:
09:0e:12:cd:8e:8f:f0:58:04:80:20:a8:70:db:a6:a8:8c:ba:
3d:97:06:d2:0f:3d:cf:c5:39:80:5b:8a:f7:22:67:df:92:62:
86:3f:e5:8f:fe:0f:f2:e9:8f:6c:ea:7b:ef:2d:c1:db:9c:6b:
c5:93:e6:33:70:59:9b:57:3e:3e:b4:0f:1d:97:b2:25:07:5b:
10:05:60:d4:02:4f:cb:5d:ce:69:51:69:86:2e:74:82:c3:02:
9d:1c:77:28:1d:b5:d4:a3:18:c6:9c:59:d4:a8:1d:0e:38:9f:
aa:13:10:c3:c2:39:d1:e2:c6:b7:f8:e3:c3:68:9e:3b:8a:91:
41:d0:93:4f:63:06:cf:d7:e2:58:15:19:a3:ca:14:0b:d5:9f:
81:2e:d8:35:29:ca:5e:73:75:e1:bb:30:d5:89:5f:fc:b3:b5:
de:5a:86:3e:1f:c0:65:f9:ae:73:ce:ef:7a:c0:68:65:91:5f:
20:22:d8:91:cf:b8:ae:ad:73:bf:df:71:da:9a:fe:28:94:26:
3e:8e:e8:50:4a:86:9a:0c:07:fb:f7:9f:29:c5:06:4b:3e:d1:
0b:0e:8f:a4:f2:c0:db:dc:d5:b7:9e:9f:0f:53:0e:fe:74:13:
e3:91:a5:a4:40:eb:4c:43:73:eb:b7:99:4f:de:a1:f2:29:bc:
9f:1e:d9:f3:dd:a7:60:65:7e:c6:74:27:6e:fb:a9:62:fc:c9:
87:aa:b3:97:b6:ad:22:4d:d3:58:13:a4:b7:2c:60:fa:f1:d0:
d9:4b:43:d0:53:34:61:5c:1d:48:5a:e4:11:2a:1c:43:4e:45:
3a:7e:6e:c7:05:0f:7d:d8:f3:1f:e2:99:f9:45:df:e9:59:b6:
65:aa:41:78:3a:1f:68:bc:de:3c:2d:c3:1a:1a:72:7d:3f:b4:
24:94:8e:90:f9:a7:2f:e2:86:87:77:88:8f:7b:98:82:1c:03:
99:9d:c7:e8:ad:62:49:e0:e5:51:50:95:67:d7:aa:3b:67:c4:
54:7c:6c:f1:fe:d5:4d:17:7d:8c:99:b4:49:4a:57:dd:9b:fd:
46:1c:33:a1:8f:3f:42:be:56:a7:06:00:be:88:1d:01:38:c5:
28:a8:b4:83:4a:b9:84:7d:cd:3a:7b:6d:78:2e:7f:9c:e4:46:
ca:18:9f:aa:d2:fe:24:76:e5:b3:a6:3c:de:af:b8:a2:ae:70:
b7:2e:76:13:29:1e:6b:7c:eb:54:d8:2c:45:77:e5:c6:a2:29:
a6:b2:8d:54:e2:60:f8:34:21:5b:ec:b1:98:49:fb:1a:0e:cd:
54:63:cb:e3:0c:fc:38:11:6a:e5:4a:57:6a:95:de:3b:70:c2:
a5:05:d0:10:1c:eb:c5:39:4a:b0:e2:81:82:41:9f:0b:be:8d:
83:fa:1c:9c:81:e6:bc:86:d1:28:69:5d:cc:67:5a:43:84:2e:
9d:6f:cd:af:f0:79:25:63:73:0a:8f:1d:14:9d:cc:e5:65:e9:
bf:09:d9:fe:d3:dc:5a:ab:db:0e:02:1d:f8:cf:51:be:70:32:
f1:1e:c9:19:cb:52:cd:cb:60:cb:e1:3d:81:8d:b0:f5:f2:bc:
21:c3:b2:71:7b:4c:41:37:be:43:a8:e3:da:87:5f:8f:b9:23:
a3:8c:68:d7:90:8e:ba:cd:05:72:1c:36:82:7b:c5:54:29:b0:
41:d1:a4:e0:f8:c8:3c:c5:f7:26:51:27:c2:87:71:1a:0e:86:
54:2f:48:cf:e1:f8:ab:f1:9f:74:36:be:d1:45:21:13:13:4e:
d5:c8:98:f7:51:0c:b0:41:25:e4:cc:04:12:7d:03:11:45:37:
f9:12:51:a3:a6:f8:25:d8:e7:19:b2:e5:20:37:71:e3:95:7d:
1e:b5:6e:b8:e8:8b:05:42:f7:d4:97:57:e2:3d:c6:8e:8c:a9:
86:8f:57:c0:da:41:89:8d:07:8c:b3:ce:d7:39:93:b5:6e:e0:
fb:59:af:76:88:6f:84:5f:4e:54:6b:42:de:95:4f:17:26:5c:
48:bf:ec:65:dd:73:8c:96:c5:5d:1a:5a:79:fa:67:08:05:c9:
72:2f:1b:1c:37:de:1a:a2:17:eb:d1:61:67:29:56:00:b0:3f:
9c:d7:bc:ea:de:31:ed:2c:09:4b:4a:a6:c5:52:43:d5:38:6f:
82:b4:b9:c9:9d:3b:1a:60:91:8c:b0:93:c2:91:a8:f1:9c:10:
f3:a3:9e:53:6b:e7:fd:84:83:ec:23:f9:5d:05:5d:bb:c2:16:
51:ae:aa:f4:2a:53:3c:8c:5d:5e:f7:cd:d7:64:c3:a9:ce:f9:
7b:31:f5:c4:fb:68:e3:97:4c:08:bf:64:7c:58:6d:4b:11:75:
6f:a8:13:4e:24:76:63:47:ef:e9:ff:bd:0c:7c:cc:f8:5e:91:
e9:25:b6:9e:b7:42:97:a2:4d:c9:4b:f8:82:10:ea:45:a1:81:
5d:b7:0f:ed:e0:e0:27:d4:88:c9:6e:3f:47:b8:1d:d7:66:51:
dc:0f:4b:cc:cb:fb:a8:f3:85:43:60:71:aa:66:cb:66:54:3a:
63:bf:ac:e1:aa:c9:06:e1:4b:26:f7:df:75:a8:bf:45:70:bd:
18:d8:91:58:bb:8a:51:0e:79:58:01:3d:45:05:5e:9d:02:b4:
7d:06:48:0d:59:4c:fa:4a:ee:fe:72:5a:03:ad:5c:eb:e5:44:
04:b4:20:90:5a:79:1c:2f:62:d5:49:89:59:16:c2:75:07:35:
2c:da:f0:99:3d:5b:49:b3:be:ab:1f:2a:00:cd:18:47:3a:20:
8f:e5:ee:d4:b9:e5:9b:af:ef:36:bb:42:f7:80:02:97:e1:e3:
4a:52:e9:95:e4:15:eb:40:cb:c1:a0:11:17:a7:88:98:eb:34:
b3:be:56:d0:ae:2d:9c:fe:38:eb:51:8c:fb:17:74:66:b7:f5:
57:b7:ef:c8:e5:a8:9f:4a:87:df:30:8c:f3:f1:f4:33:bb:fb:
62:76:36:68:f8:50:ba:8c:b2:eb:cd:5c:8e:0a:03:d5:4f:fa:
81:6b:64:e5:5b:a1:f1:27:98:26:08:69:dd:21:70:9d:fa:24:
1f:51:a5:b5:a2:48:1f:fe:fb:ce:82:93:c9:73:cc:c3:5b:30:
62:b7:e8:8c:82:26:57:e0:29:a7:97:c1:98:c5:99:84:f5:4a:
99:d3:23:1d:a7:91:1a:ce:71:e1:fd:be:59:0e:da:a9:82:23:
1d:4b:49:5f:05:7c:20:bc:ff:31:f2:c6:3b:7e:c7:39:74:37:
33:db:f0:7a:bd:06:c5:6b:71:01:57:36:14:dd:8a:57:a8:6e:
f5:42:5f:1d:87:88:bd:70:6e:6f:94:bb:82:44:a8:b7:a4:f8:
c3:59:25:76:b6:8a:e3:2a:15:a2:22:33:90:ba:b8:9b:78:5d:
f3:bf:26:b7:a0:47:13:31:b6:00:e1:19:b0:53:25:f8:28:c7:
60:62:b9:2d:b1:97:ae:1a:9d:41:b7:66:e2:d0:09:11:63:ea:
03:27:1b:dd:c7:d6:20:8a:c3:a8:27:dd:b3:59:d0:0e:9e:f7:
af:be:7e:30:53:51:a9:79:53:40:31:ac:5d:20:45:0b:62:96:
98:1a:ed:57:2b:3b:65:7a:49:85:6f:15:6c:a5:4b:53:f5:45:
8f:a6:46:d3:8d:93:af:d3:20:be:c9:b9:fa:db:47:48:07:14:
cc:a7:1d:7e:65:66:44:f7:42:ce:40:ef:03:1a:96:bd:be:e1:
c5:33:8e:ec:72:1a:ca:b5:64:e5:98:29:68:29:27:a9:b7:75:
84:a1:d0:c6:3b:63:18:fa:77:c0:31:00:9c:8f:64:6a:34:54:
d3:5a:43:53:d0:35:f5:e2:11:cf:9d:4e:b2:33:01:1c:49:73:
56:af:ae:ab:04:72:e7:d9:cc:8c:7f:1d:23:0e:7d:1d:46:2f:
a7:a5:59:d5:a0:8c:31:5b:08:cd:3a:8c:b4:8d:68:db:a6:94:
08:49:02:16:55:e3:3d:49:c9:35:f6:eb:e0:5f:e7:bf:b6:67:
7d:f5:30:57:60:d6:f0:1e:eb:0d:03:44:9c:cb:3d:da:a1:ff:
c4:ee:0b:f2:7f:8f:4d:8a:f2:47:13:55:2c:c5:aa:cd:d9:0f:
c7:ba:61:f3:6c:e3:f8:35:1a:1f:69:c6:21:94:fa:5b:92:2d:
76:f1:78:16:e9:31:fd:fc:77:b3:57:f5:a6:8c:8d:1c:55:9e:
c6:4e:88:d8:57:4b:e8:37:da:a8:72:95:25:63:46:4f:73:be:
60:ff:58:10:36:ed:98:fb:63:07:e1:19:88:f4:73:a3:b3:48:
bd:78:22:85:f7:96:b0:63:9f:63:89:46:35:5a:b6:18:61:d8:
67:8d:ba:b3:7e:83:7b:b8:7f:94:fb:93:c5:34:b7:33:d8:5d:
d7:fa:d6:8e:4a:6c:54:3c:29:e5:88:36:8c:96:1d:3b:ac:08:
6c:b2:05:d7:71:12:39:eb:90:46:18:fe:a0:46:97:a3:00:fb:
43:8e:b4:50:1a:b5:f3:e2:72:24:fe:45:3a:ba:71:23:c6:8b:
5b:9b:7e:17:fc:52:3c:34:e7:16:f7:07:6c:98:1b:11:c5:8b:
39:2b:97:59:89:4b:2d:7b:27:54:41:eb:bc:20:02:50:70:bb:
6c:c9:34:68:d6:67:07:39:5e:4e:50:df:8b:f5:b0:ca:be:42:
da:34:64:48:f2:cc:98:92:f0:66:3f:d0:6e:87:4f:5c:ef:fd:
f5:91:b3:52:39:48:70:d0:99:a3:0f:67:d9:fd:9a:6a:f3:5c:
dc:44:e0:a4:f8:5c:c3:cc:85:64:7c:ac:6c:17:7f:23:3c:7e:
b2:10:86:c5:57:94:26:0b:6a:aa:f9:34:d7:5a:41:80:85:eb:
fc:a9:fd:14:94:ed:c9:48:e4:dd:38:a0:21:27:12:c8:44:fb:
43:fe:1a:4a:ab:13:22:b6:9c:17:c9:7f:99:9c:22:fa:59:57:
35:a5:6a:f7:90:67:58:65:b2:7c:6a:5e:43:2f:4f:1a:f6:b1:
6c:33:4f:84:83:ef:f9:cc:5c:0a:9a:2e:11:25:e0:77:8c:d3:
0b:90:15:d1:ff:7d:4b:d2:a6:a9:ba:a4:bf:08:a3:65:ff:b2:
15:d3:b4:e9:86:74:ce:5e:86:c0:f2:0c:d0:09:27:47:48:aa:
89:88:e7:ca:47:13:4f:f3:b8:d7:e4:aa:af:27:73:93:90:6e:
46:fb:9b:b4:3f:2a:d7:bc:fe:1b:9e:32:09:b5:d4:ac:39:20:
ab:52:ab:42:d2:7a:89:83:d9:f0:4f:8b:8b:ad:e7:7d:51:82:
c3:9a:98:56:7e:0e:51:a9:13:35:a5:7c:36:86:36:e4:8e:e9:
d7:84:d1:82:9c:cd:ad:99:8b:11:f7:a7:66:fe:36:47:56:46:
67:af:59:76:f7:9d:f9:3a:f9:3f:10:22:27:4a:6c:cb:32:2b:
59:13:f4:a0:fd:d6:3b:6c:60:91:bd:aa:f3:a5:31:8d:ee:1a:
38:90:19:3e:a3:8d:e2:10:0e:b3:a3:da:7f:75:e2:79:bf:36:
86:16:7c:bc:94:b2:78:57:c5:45:02:6e:99:ad:cf:2d:21:c4:
6c:59:b2:b2:94:7a:e8:46:2c:12:61:99:74:2e:87:3e:fd:25:
62:58:89:20:35:a5:83:3d:d1:d5:5c:e2:17:58:73:9c:f0:a9:
90:13:ef:a0:b0:38:08:a8:46:f9:07:f1:be:31:9c:ec:ac:65:
82:a1:ee:fd:39:5d:7b:6d:53:2c:a6:23:48:59:2b:13:63:16:
93:69:46:42:4f:98:c8:70:dc:10:a7:fe:8a:28:91:6f:26:cb:
a8:e5:26:37:75:cc:a4:cd:88:49:4f:10:0d:c2:46:44:68:7a:
58:82:b4:15:78:47:f3:1a:76:af:cd:84:fe:e0:d6:93:1e:f9:
21:1b:d4:a2:13:29:3c:1a:bd:2a:fe:d4:cd:65:e6:14:e1:31:
82:14:bd:9e:09:e2:be:b9:80:8f:11:11:95:72:d9:a4:0d:c4:
6e:24:31:9e:e9:cf:9e:a0:e2:fa:7d:4b:b0:03:25:b2:90:e6:
7e:08:39:37:17:38:a0:93:f2:8c:ff:8c:ee:68:0e:11:74:ef:
b5:b7:47:21:32:82:9b:24:47:e0:88:bf:15:61:e2:3e:55:a6:
87:d6:f0:ba:f7:99:75:4d:7e:2e:76:06:8c:fc:9e:f8:bb:3b:
e5:74:70:e1:30:0e:06:ad:01:a4:6d:45:c6:f4:55:47:28:45:
cd:7a:8f:29:77:28:9a:a3:bd:ca:2d:b4:ff:53:10:a1:c6:b7:
51:59:0b:04:ff:ba:72:6d:5f:43:4e:df:36:ed:ab:d9:d6:49:
bc:8c:8e:be:53:84:2e:e3:00:a3:eb:33:49:23:ad:ae:98:7d:
a5:b0:49:29:d4:d1:5e:5a:11:5e:01:f4:f4:13:31:5c:d3:d6:
b7:08:da:25:87:7d:b5:73:12:74:06:0d:97:52:7f:60:08:42:
2a:af:14:f5:30:89:ac:f3:32:21:2c:e8:16:fc:45:13:89:28:
6e:4a:95:87:fc:30:36:55:7e:65:01:4f:55:52:39:39:25:40:
21:4c:30:dc:d9:6c:5f:58:fe:57:2b:83:d9:a0:db:4f:b3:4e:
02:48:8e:b7:70:9f:eb:0a:98:61:92:72:84:3e:53:7c:c6:f3:
3e:3f:70:3c:c2:ff:98:4c:1b:a6:71:c1:15:f8:e5:03:4f:53:
62:fe:ec:d9:2d:8c:83:e0:a3:42:7d:d9:16:51:04:2d:42:48:
11:4a:62:31:06:d4:02:5d:93:31:21:aa:47:da:c9:c6:49:be:
e4:71:4e:57:36:46:94:bf:fb:e3:88:3b:59:77:6d:13:cf:34:
62:34:ba:46:83:64:1e:22:10:74:18:a5:b2:d2:83:11:3a:ad:
b8:72:93:48:c4:6a:1d:b5:c2:d9:dd:2d:4f:bf:eb:e6:3f:9f:
e1:85:9b:f1:2e:03:5e:b0:f5:dd:8b:33:d6:7c:5e:e4:34:eb:
bd:62:dc:80:03:cf:cd:ed:ef:29:4e:ed:e6:e0:ef:d4:1e:6b:
d4:a1:bd:b1:23:73:71:f7:ac:7d:c3:eb:e6:37:ab:8d:46:e1:
24:93:92:b0:8d:f0:84:bb:f7:f6:51:19:52:76:94:ce:b5:f4:
3e:5e:0a:8e:e3:9d:14:43:31:4f:14:91:12:9b:81:7d:51:fe:
22:93:28:e8:e1:d7:8b:72:90:1e:44:61:d2:07:17:f5:ef:81:
69:27:ba:a5:a4:ea:2e:cf:9c:04:cf:fd:0f:c2:2d:4d:57:80:
49:bb:a6:92:be:7a:8e:4a:99:b7:d4:d7:08:63:b4:2c:1b:bf:
b6:bb:31:6c:13:7f:84:19:7a:e3:c0:57:5e:c5:5f:9a:27:ed:
b2:8b:23:65:96:d5:e0:59:ec:50:0e:63:a8:df:7f:4d:dc:6e:
35:d8:32:86:94:88:7a:20:3d:67:67:08:e5:ed:08:fa:37:7e:
84:6f:a3:e1:d3:62:f2:f7:19:f1:ef:73:b5:6a:a8:16:42:2f:
41:7a:e3:66:be:14:9e:5c:22:95:f4:31:17:44:a8:6c:ea:ac:
6c:d6:c6:a9:76:eb:c9:24:1e:93:76:48:f4:14:3a:18:f2:32:
68:f8:9e:cb:53:e1:a0:04:0b:a8:a6:4b:c2:3f:d7:4d:72:3a:
77:34:e9:7c:b6:18:26:bb:e5:e8:d7:1b:24:86:ea:c0:c8:0a:
81:ea:50:5a:b7:3c:ca:7a:bb:7a:85:4f:03:d2:7d:97:44:80:
0c:ac:58:48:a0:33:74:62:69:db:99:75:b8:a7:7d:c4:64:2f:
00:b5:a7:c1:ec:3d:69:e3:c5:b0:e6:47:ac:1b:c0:b2:15:75:
76:84:a4:f7:05:ed:fe:6d:ea:c0:2f:d3:37:72:dc:b2:8b:23:
45:1c:21:f1:6b:5c:af:59:12:b8:92:9f:be:59:b7:70:68:08:
d6:e5:30:b2:cc:16:37:35:22:b7:7d:7d:61:2e:f1:81:a3:08:
99:cd:1f:b6:52:f7:f9:53:c2:dc:e4:4e:40:54:59:9a:0a:4b:
fd:92:64:59:71:64:dd:d4:94:74:ac:e4:5b:c8:a9:ad:a2:0b:
bc:66:45:ad:30:76:bb:32:81:0a:ef:92:00:50:77:0e:b2:61:
0e:63:8a:a8:a8:d1:84:88:ae:52:53:d3:9b:5f:ae:f8:a5:35:
b7:40:51:95:ab:6e:ef:84:c4:84:0f:3b:8f:75:33:05:6d:42:
2c:aa:20:da:17:5c:b8:cb:cd:08:54:6a:18:d1:c0:0d:7d:14:
e5:fd:64:1d:8f:e7:b6:ab:e3:4b:95:bc:b3:97:f6:e7:c6:23:
86:9f:98:dd:0a:4a:cb:df:02:5d:1b:66:a9:58:f7:3d:b2:ec:
1e:59:53:38:64:ad:0f:57:1b:5a:10:81:3d:f8:22:6d:af:b7:
ea:08:ca:b1:98:d6:66:89:a6:db:3a:c4:80:35:18:a3:7e:8f:
cc:32:16:d2:6b:15:83:68:15:15:ed:23:7d:f3:c3:df:a8:5e:
bb:0c:61:0e:3f:85:be:df:47:9a:58:c1:84:15:a9:14:14:e5:
f0:ae:2d:c8:dd:64:0d:db:e1:78:62:7a:2d:4e:31:bb:e4:3d:
fa:92:d9:ca:cf:b3:e2:25:79:33:b2:d3:9b:f4:c1:db:fe:24:
de:f5:47:cc:9b:d9:47:b6:b2:3c:e9:25:3d:15:5f:e1:e7:86:
66:f1:4b:8c:56:bf:bc:13:db:cd:40:ab:45:8e:ba:f3:f0:67:
9f:46:c6:72:c6:d6:33:7a:26:39:98:6c:13:cc:2a:cf:99:44:
ea:68:97:05:8c:dc:b9:45:a4:10:3b:43:66:af:15:44:0f:53:
c7:76:6c:b0:59:db:c5:85:c2:54:c9:5b:d0:ae:2b:c4:54:cf:
38:60:2a:ac:a5:8f:65:15:d4:02:b1:a0:17:4b:c1:b5:5f:bf:
6c:34:23:ee:33:f8:82:27:5d:8f:1b:58:b6:f0:b8:0f:dc:cb:
76:19:e9:2d:b8:85:6f:55:1c:64:36:c8:8c:d3:84:c4:cd:f7:
a5:86:93:46:0a:73:45:e1:e5:cc:39:c5:f7:60:cc:ca:02:90:
66:e0:ec:23:e9:23:c0:98:fb:75:e9:74:0b:89:9f:32:1a:68:
89:96:db:d8:70:56:8f:85:e2:a8:39:08:fb:c0:53:8c:f2:af:
f2:79:0d:a8:d7:f1:e3:1f:fb:77:b6:70:f9:40:cf:f2:4f:5a:
eb:bc:6d:e9:f6:f1:f6:01:fe:83:1f:6f:29:d1:19:10:b5:1e:
37:81:c9:0f:ab:5d:d6:34:80:cc:ba:bc:22:76:6c:f0:a3:1e:
cd:6d:fc:1b:8d:58:dd:a6:09:ea:3b:2a:ec:47:7b:b9:ae:e1:
b0:52:5d:86:92:5c:d1:26:66:79:5b:3b:e7:8e:61:4e:15:0a:
55:23:cf:01:ac:12:e7:6b:13:52:3a:26:8f:a9:34:79:cc:d7:
63:15:f8:9a:c3:5c:62:0e:fe:5a:c2:84:7b:69:fe:98:9a:c2:
ca:ef:63:93:86:4c:df:ac:95:31:b4:ed:c3:3d:87:87:03:da:
35:5f:3c:38:27:c5:5e:05:4a:5e:4b:eb:44:ec:9b:be:b9:71:
6d:63:de:14:de:73:0e:11:90:85:b7:8e:41:92:2a:da:7b:65:
06:fc:86:01:3d:f0:bf:0d:45:44:51:36:c5:1b:9d:66:2f:61:
1c:70:b1:81:63:4c:de:13:38:6a:91:ed:32:51:91:ae:92:bc:
6d:4d:76:e1:14:39:88:3c:c5:2d:ee:95:16:b5:ec:54:40:cc:
e1:b0:ab:69:6e:3d:82:de:37:d2:b7:3a:be:89:6c:67:c5:c7:
2b:2a:04:d8:08:4e:f2:a0:84:c2:6e:36:20:1a:e6:58:a5:5b:
31:c9:74:ce:78:5f:4f:ef:d2:0d:95:75:f4:16:a7:61:87:17:
a7:b6:98:88:2e:8b:0e:fb:8d:f9:4e:6c:56:dc:38:5e:c7:db:
15:86:d0:8f:e2:19:9a:e2:25:76:ac:46:05:22:77:a7:ca:f1:
81:3b:f6:d5:1d:7c:e9:ea:89:fe:15:ea:6b:3c:28:77:d6:79:
dd:96:15:89:9b:97:1f:47:e6:95:c0:97:e4:18:3b:02:dd:4e:
62:e1:1e:6b:78:43:e5:49:20:89:33:5b:1a:84:1e:f8:2e:12:
73:61:85:09:b9:54:24:6e:c8:ee:b9:fa:52:78:4e:27:fb:39:
02:59:09:46:f9:d0:be:03:78:b0:f2:17:80:72:25:ae:a3:2e:
43:21:a3:70:6c:ec:70:2b:aa:9a:14:78:8a:b9:66:58:33:c8:
ec:6c:1f:52:f0:c9:20:55:d4:4d:88:fe:95:fd:6f:ee:ec:26:
a1:98:0e:3b:93:21:85:f5:5c:24:02:2c:ee:9e:e5:ae:c9:f6:
5d:3f:a0:5e:75:66:19:38:ad:0d:42:c8:49:df:20:df:b6:a3:
50:eb:de:ee:36:31:17:cc:c0:2e:cf:54:d1:5a:8c:54:3d:95:
a1:6e:75:c2:e0:e1:fc:ba:83:b0:04:1d:be:46:3c:ee:cf:e5:
a1:41:37:6f:41:72:7a:44:d2:3b:e6:42:d0:01:27:14:73:84:
25:e1:f5:19:8f:b2:b3:53:2b:c8:f8:9c:7a:c2:87:21:e4:e4:
69:76:1c:f2:b0:fb:b1:d2:fc:50:df:61:14:45:21:a0:5c:4d:
30:89:52:8c:51:1e:6a:cf:02:b1:16:b8:3b:11:24:f0:e7:46:
3b:45:d6:d7:ff:ac:f8:6f:dc:8f:96:ff:a8:56:cb:e6:05:cc:
2f:cc:89:7d:52:9d:00:3e:56:8d:fd:ad:77:ff:06:c0:4d:e5:
0a:22:b2:51:2a:f5:e8:e1:52:d4:ac:99:f2:96:bd:88:22:85:
c1:ce:45:3c:c6:66:b6:18:83:72:ff:03:35:04:f4:58:9d:64:
31:5e:36:b9:8f:73:e7:4d:80:d8:85:5d:34:3b:69:be:f6:89:
f1:e2:69:8a:4f:67:45:72:f9:66:be:1c:8f:88:98:a8:f6:8a:
e2:ed:50:cb:b3:64:d7:50:a4:ee:97:d7:ae:a5:88:73:bb:10:
28:18:47:c2:e0:00:8e:5b:e1:14:c5:9f:8a:6e:9b:5f:29:36:
36:62:35:0f:89:6d:d6:5b:19:57:8c:bf:d1:31:be:e6:a4:f3:
92:86:bc:be:75:f8:8a:a3:97:27:62:ae:b6:6f:54:31:64:85:
67:0b:35:7b:d3:e6:fd:2d:6b:32:7b:2d:c0:c4:25:2a:9c:26:
c8:31:74:8f:a0:c4:4b:4c:89:ac:72:72:8b:f3:cc:74:16:a1:
93:9c:3c:47:37:7f:3a:d0:63:b0:00:b6:64:63:5c:fc:8b:52:
0d:ea:2a:52:bf:b7:b1:87:f1:dd:31:e4:97:74:52:0c:0f:2e:
c4:87:52:db:ff:3f:45:ad:2b:65:2f:3b:cc:05:55:c2:43:c8:
20:34:9d:9a:92:3f:0f:a9:05:cd:b3:cf:96:9e:51:6e:d6:06:
e8:4b:a8:2a:e5:44:02:60:5d:04:94:91:bf:ee:e2:62:ac:6b:
75:28:13:cb:b8:f5:5e:fe:24:e3:6e:96:50:f8:0b:b8:28:a4:
8c:1c:94:24:a2:4f:57:d4:93:00:f9:f5:75:a6:80:79:a3:11:
00:3d:83:3e:78:72:b3:b8:eb:9a:ba:a9:0e:ae:e3:00:85:de:
29:91:03:ce:33:d3:3a:a6:74:06:7d:df:4b:6f:b2:cb:b0:ff:
6f:99:91:bb:82:55:3a:d3:8f:f1:e9:d5:ec:d3:15:c7:2a:8f:
3d:ad:69:6a:d3:72:f8:d2:5c:dd:e6:60:c4:36:90:2b:dc:5b:
40:75:f1:b6:51:14:ae:2f:f8:39:1c:e4:98:cf:86:68:a5:5f:
7e:9d:12:14:56:35:29:cb:a0:59:61:d1:28:33:d3:e6:6a:58:
2f:3b:5e:f7:ac:69:99:98:1a:9d:15:a5:79:aa:2d:af:75:04:
0b:42:d5:2e:87:a6:6a:6a:73:a3:74:da:11:cb:28:09:5c:83:
86:c7:61:be:12:4e:37:d5:80:38:9a:7c:8d:84:7c:91:8e:2c:
32:89:86:ba:94:bb:64:2e:48:ec:f1:4e:c2:c3:c1:9e:13:57:
72:dd:b9:a0:f5:9a:5a:b1:65:00:5e:01:25:f4:ff:30:b2:df:
ae:91:84:fd:53:bb:87:6c:c8:fe:3e:5d:dd:e6:ae:57:ad:5c:
a9:66:0b:0c:f9:c7:d4:49:fa:06:19:d3:8e:88:f6:36:43:c3:
72:f2:ad:03:4c:33:17:ee:69:a5:ae:4c:1a:21:40:28:54:8a:
66:ef:74:c8:43:91:e2:9c:6e:a7:b2:f2:13:fd:e0:9a:d8:9f:
36:de:e6:57:06:15:60:c4:3a:d7:f3:15:d0:40:b8:2e:97:65:
30:c4:f6:88:39:c4:70:d8:83:a8:6f:bd:79:a2:1d:a0:3c:11:
36:54:0e:67:f8:27:42:66:9a:96:78:f2:19:8d:7d:63:05:36:
4b:6b:3a:1e:31:9a:e6:ed:cb:d4:b2:76:0f:5b:da:78:8d:4a:
b2:90:3b:0f:85:36:c7:5b:16:00:4c:38:d8:70:89:5f:94:48:
34:fb:a6:7f:3e:91:36:2b:50:9c:a8:96:9f:b0:a7:40:43:b6:
e1:f2:c0:6c:e8:f2:d6:8a:ad:fe:10:ad:9f:da:38:89:c8:be:
2c:b5:c7:bd:77:f7:79:0f:a0:52:73:5a:ea:b8:72:98:fe:70:
78:77:bf:f3:a7:5a:d9:44:85:2e:d4:7a:21:ec:07:e8:61:c1:
64:9f:3d:56:5c:cb:2e:c2:f7:7d:03:70:af:3e:f2:d5:8b:b7:
f6:53:88:eb:8e:70:a3:b0:eb:a6:9e:00:b7:ad:70:98:e2:6e:
43:2d:c2:d2:09:94:64:c3:70:9a:92:d9:7f:cc:3e:bc:c0:58:
af:b5:23:c1:ca:a5:55:6a:49:ff:0e:e1:69:2c:cd:6a:8d:e4:
fc:00:41:80:c8:ee:89:ea:07:c5:31:c2:58:31:84:f9:9f:1e:
ce:11:ac:a7:4e:3d:d1:ea:4a:cd:9d:e9:22:80:1d:08:74:d8:
37:be:ca:15:b4:7a:bf:f0:82:8f:60:ea:e2:e9:ba:71:0e:20:
94:8a:b4:15:a1:3e:85:77:b1:d1:f0:90:5b:51:ad:9f:0b:f8:
8f:40:f1:e2:7a:f3:b5:d6:9b:99:ce:a9:13:6b:7b:0a:46:7d:
a2:27:a1:5a:a3:5f:77:2f:9a:6b:63:ef:a4:a1:70:4c:a6:2b:
01:24:06:3d:0f:1b:a4:50:0c:28:0c:8f:58:90:91:96:24:2d:
7f:e2:aa:73:06:94:08:e1:19:9f:9c:64:b5:82:65:22:88:07:
d7:bf:b6:56:3e:77:e5:c8:bd:6e:8f:72:43:06:d4:1c:81:b5:
f1:ec:bf:7b:f4:a8:a9:03:f7:41:56:39:82:4d:5b:2e:96:32:
47:c3:be:b0:00:da:c8:86:46:05:8b:d6:20:5e:c5:39:a9:61:
8a:09:40:90:3b:76:65:8a:98:8f:d4:c4:a5:cb:40:a1:e3:cc:
3b:25:06:1e:be:4c:5d:ca:69:e6:b2:aa:31:9c:08:2a:b3:60:
db:65:90:ea:16:95:1d:14:d2:63:37:97:8c:f1:c5:1a:c4:86:
1f:be:60:7c:15:17:a7:26:d9:f0:ec:dc:f8:7b:6d:c3:32:d4:
de:7e:08:25:2d:26:aa:30:1a:bc:b0:5d:ff:46:0c:18:fb:bf:
db:96:f5:ca:59:a2:76:01:4e:82:3b:63:2f:89:53:10:9d:a3:
b6:57:fa:39:03:63:d2:5d:ce:a1:79:80:25:b7:1a:74:9f:1d:
d3:95:48:a5:3c:39:d9:a7:25:ef:63:29:0e:fc:fb:a5:6a:a4:
7e:61:c9:c3:90:bc:f9:23:8a:b4:68:3f:5f:cb:de:4c:34:10:
81:97:cd:a7:54:67:ed:b5:47:a3:75:06:89:fc:1f:70:65:86:
2d:96:98:b9:16:92:f0:c2:bd:01:a2:8e:ac:2f:d2:03:68:6b:
00:d4:81:7f:dc:a1:96:7d:b5:0f:76:16:b0:1a:2f:7a:bf:7c:
4e:b8:a9:35:ba:40:5e:b3:ae:6e:8a:78:85:f8:cc:64:7d:88:
c9:2f:5c:1f:5f:19:eb:ce:2e:60:e9:e8:77:97:5b:63:11:e9:
e2:fb:81:e4:01:af:54:12:8d:be:aa:29:71:2d:54:74:c0:5f:
07:88:8e:3a:05:86:05:56:3f:88:3a:77:54:c8:e4:94:67:29:
c4:b0:47:63:0b:d7:29:97:1f:d6:5e:22:76:a1:4d:2f:76:43:
20:48:7a:44:ab:d7:52:25:7f:a9:14:e6:ac:98:34:22:5c:89:
6f:c8:8d:20:2a:cf:bd:c6:19:7a:3f:1c:f6:6f:08:bc:22:6e:
0b:78:8f:82:1c:26:b8:82:b8:ff:ec:23:7b:13:5c:95:7d:a5:
04:3f:c7:87:ed:f2:d6:fb:a2:bc:a0:ac:f2:17:c4:e4:11:56:
c2:2f:5c:64:66:fd:0e:c0:10:38:6c:f7:6b:ff:62:15:27:55:
45:5d:fc:f0:8e:36:68:66:72:96:40:13:7f:b2:b4:4a:ca:97:
f2:3f:a7:ec:38:95:7a:e4:cf:da:87:b7:aa:82:57:ff:7c:d5:
dc:fb:e2:a8:13:9b:2a:a6:6a:7c:82:0b:be:ef:71:67:92:9e:
01:83:40:1a:71:64:b3:63:57:9c:55:a6:ee:de:68:85:78:70:
97:82:f5:67:74:d4:94:b1:fe:fd:f4:4f:26:ed:49:55:78:5c:
b2:be:da:5d:f5:18:56:8a:58:4e:82:bf:88:34:8b:9c:d4:32:
49:cf:56:ae:6d:d0:45:76:9d:c7:17:7c:90:34:b9:f5:ba:a4:
32:92:7c:2f:77:bc:83:df:06:22:b4:f3:eb:d2:d3:36:22:32:
b8:c1:4a:44:96:b2:15:13:be:44:c3:fa:55:34:fc:32:37:10:
f2:28:39:c9:cd:d5:e0:b2:ac:d1:38:d7:71:06:50:08:68:c3:
6a:ae:86:7e:b9:a8:3e:2a:5c:b2:6f:79:64:e2:00:b5:cd:d6:
18:61:da:0b:93:4c:21:f7:9d:ca:e6:e8:5c:d3:75:53:38:c3:
82:e5:35:e7:62:95:4e:73:67:11:27:22:6c:0a:ac:70:89:d5:
c8:aa:94:b1:52:5b:b9:51:35:d8:29:33:16:9a:83:95:e2:6c:
0c:ba:e6:bc:b6:bb:26:5a:e4:92:1b:21:93:0c:03:73:ae:92:
0b:2b:3c:f0:6e:5e:20:88:09:f1:07:f0:8d:02:15:d5:78:4f:
e1:d5:8a:42:ca:e1:09:fd:34:b5:3e:a4:0d:57:54:86:40:bb:
5a:0e:8c:2b:86:58:f2:e5:9f:f3:b4:0b:41:1e:ad:41:d1:8c:
eb:60:e2:04:1d:97:d4:4f:53:69:34:72:c7:bd:df:cb:ae:29:
37:31:69:1a:d4:ba:c1:56:33:ea:e3:d5:f2:9d:45:66:5b:ad:
e7:59:a3:34:fb:85:de:31:41:9f:d3:ca:71:30:5b:d5:f3:46:
ac:d2:60:ca:a8:c7:06:35:02:fa:0c:49:91:fd:a5:7c:22:81:
2e:f6:74:ad:d0:da:5f:82:3a:3d:e5:aa:05:a1:fc:aa:c6:bb:
48:22:da:0b:a8:7d:96:0f:54:76:c1:7b:6c:df:2f:2a:76:29:
21:f7:8a:12:08:4d:d1:f5:80:13:d2:b8:f3:7a:62:fe:f0:d8:
81:df:d8:32:ea:45:31:ac:6b:b7:58:f7:29:aa:1f:43:73:23:
ea:be:e2:cb:56:32:17:23:fa:25:8b:98:51:b4:b1:43:0d:0b:
9c:5e:e7:d2:7c:1b:e0:4c:c5:df:88:fd:b7:2c:4a:19:3f:38:
4d:6c:f0:ab:97:42:65:df:47:31:8e:76:4b:7a:9a:0f:65:67:
07:c7:fe:84:af:de:e9:33:d3:97:4a:9f:78:74:aa:1f:99:8e:
5e:15:59:f4:60:e5:3a:56:25:7b:52:b5:3e:ec:f2:1f:6b:3c:
89:dc:58:01:9a:ec:dd:f3:21:c6:4e:57:e0:b6:80:1a:03:2a:
9f:13:a9:92:d3:3b:b1:6b:db:1c:9e:7b:79:74:59:64:eb:8a:
99:16:2f:bf:78:c1:de:a8:61:46:3d:93:0f:12:dc:0f:a6:d9:
ff:ae:b1:c2:2a:b3:aa:a3:6c:c1:fa:b0:a8:79:73:07:a4:2e:
6f:ac:34:f4:99:c3:03:86:21:2c:17:e0:a3:b2:76:bd:32:31:
9b:9a:98:35:d5:63:08:06:f1:3b:4e:d0:db:25:87:5f:75:14:
33:ba:70:a3:a8:64:30:8b:3e:d0:cc:56:61:c6:ab:cc:8e:db:
ff:a9:38:bf:92:8c:30:08:bf:84:71:61:18:df:15:7a:01:cf:
d5:53:6d:f4:6c:64:5f:82:7e:14:b6:77:17:fc:d5:6c:44:02:
bf:41:db:ae:e6:d8:3e:29:50:c1:d7:be:63:cc:9c:27:26:49:
8f:90:9b:cc:f4:c1:c4:82:8f:54:18:6e:f4:9f:d9:8f:03:5f:
15:77:d7:fe:d0:a7:f7:21:ce:31:1a:05:9f:95:53:2e:cf:bf:
ec:f2:bc:81:8d:01:a9:47:74:71:0d:23:dc:28:45:93:b7:5d:
b7:98:7c:ef:25:e1:2b:25:9e:fe:47:34:29:e7:48:db:94:22:
bb:c0:d5:2a:03:74:4d:12:95:41:d4:dc:c1:97:af:f5:8c:e4:
e1:ff:39:a1:5b:3f:33:df:22:dd:ff:67:17:92:a3:f4:c1:af:
6a:d9:27:17:ff:88:d0:3a:ee:d8:e9:32:b6:83:8c:46:6f:13:
52:98:f3:66:90:be:e8:f3:0d:24:9c:7d:cf:e4:60:3c:eb:b3:
78:70:a8:57:c5:22:fe:6b:1e:d2:31:ba:46:60:d2:ae:29:9c:
47:fd:1b:28:89:aa:f9:af:f8:ca:c5:2e:e2:66:67:fc:75:2d:
9f:6c:a2:48:d4:ea:93:2b:2a:7e:a5:11:31:64:d9:57:0c:75:
79:cb:0d:2e:bf:0e:69:36:51:8e:46:7e:56:df:ad:56:73:09:
f8:78:29:f0:63:b2:a6:c3:b6:f2:83:54:c6:fa:75:f5:24:ef:
5a:ba:bd:03:b2:ea:3c:d0:d8:cc:d2:45:00:be:75:38:ba:46:
af:09:a3:67:52:ea:46:d7:c7:01:74:cd:2f:48:df:f1:1f:64:
2e:af:e5:99:76:b3:c3:3e:47:c8:be:2c:8a:1f:ec:4c:ea:16:
f8:09:b1:78:32:90:dd:75:bf:db:ce:ce:d9:96:7e:85:ac:c6:
a5:b9:c9:48:df:11:d3:eb:05:59:07:2c:a4:ac:06:d8:6f:b3:
b0:09:9b:0b:c4:ca:65:88:89:1e:76:fa:12:bb:66:cc:f8:7f:
d1:90:42:6c:f9:b9:5f:2d:9a:62:00:96:2e:ef:b2:5c:16:52:
d7:2e:b0:e6:52:f0:b6:d5:c2:d5:e9:73:c4:a1:42:c5:55:34:
55:3a:75:c5:61:09:ac:a9:2d:70:d3:c7:c7:48:c8:8b:0c:2e:
76:fb:7c:1b:e2:2a:1e:0e:d8:6a:95:b0:2c:2c:8f:43:13:56:
68:d6:a0:85:66:9d:48:75:e0:46:89:3b:b0:b1:5d:3f:8e:a8:
d2:db:ae:35:2b:8d:b3:11:77:aa:c6:a5:11:e8:3a:d4:6b:ba:
45:bf:44:e7:9e:63:6d:6c:11:58:c1:7a:74:d2:7d:85:78:ed:
ee:9e:dd:c5:07:b1:f5:c9:9e:d0:d6:d6:9e:2f:89:7f:67:47:
e1:51:79:72:f1:2a:5a:9f:7d:c6:8a:a3:9a:87:26:00:0a:06:
2a:0a:95:f0:5f:6e:81:e1:71:cf:af:b3:3f:93:1b:23:47:d3:
28:8d:8c:f6:c1:cc:12:03:c3:4f:dd:d5:e5:a9:87:2a:1f:c0:
ff:0a:69:7e:73:55:d7:87:79:9f:7d:fd:f4:f1:4b:79:49:d9:
53:8c:58:22:e0:4f:21:bf:d6:56:cb:bd:b3:aa:a8:b4:d2:93:
60:ac:f3:cd:57:80:27:11:ee:98:e8:c2:93:12:b6:a7:0d:a1:
5c:e0:64:2d:8d:d7:09:70:ac:b3:c4:21:44:76:04:5d:f5:cb:
ec:15:ba:b6:1c:66:c5:72:3d:07:2e:b7:26:ae:26:8c:c0:01:
46:7c:c7:85:63:35:6c:8d:47:bf:22:60:b3:40:e9:fa:05:06:
7d:61:26:ed:ed:f2:b0:a2:fd:d0:e5:1b:ab:0a:8e:01:df:93:
50:89:76:b6:ee:49:41:24:e6:41:cd:10:b1:48:73:f3:63:7c:
72:41:83:23:89:cb:dc:af:f7:9c:7f:9d:55:68:f7:d8:c7:a6:
57:75:38:0b:21:b6:37:b0:ec:ec:05:e6:f9:03:b7:b2:c4:fe:
d3:d2:29:29:a9:5d:54:ce:d4:72:4f:51:b7:a0:f4:45:95:f3:
7a:2f:33:a4:3e:b0:34:f5:ff:68:1c:4a:6a:da:62:cd:1d:fe:
a7:ce:5a:b5:eb:79:08:cd:c2:78:d3:78:bf:04:af:7f:12:a2:
5b:af:c0:b2:67:be:44:64:b6:d7:13:86:e2:bf:19:c6:e4:f6:
e0:4f:21:1f:68:1d:77:3f:6f:08:fa:54:cc:a7:b5:6a:6f:fd:
a7:9d:61:37:5a:94:46:af:71:2a:bc:8a:5e:44:d7:71:cb:49:
c2:fd:51:ff:d8:ab:35:23:1a:84:47:4e:a0:af:e5:55:ce:bd:
49:76:57:35:4f:8b:90:23:a4:d0:11:a8:c9:bd:7e:7f:e5:d2:
c9:c0:4f:b0:95:13:25:ae:af:54:77:b1:e0:12:34:59:25:d1:
8d:8f:36:2f:2a:ac:30:38:3e:4e:00:36:43:76:12:88:f3:d4:
c1:fa:73:e5:84:27:c0:57:94:4c:34:03:55:cc:ff:6e:a3:c2:
c5:d3:2f:2d:ac:7c:2b:74:3a:1f:40:74:df:92:60:d4:64:b4:
bb:6c:26:3e:88:6d:1d:96:e3:c6:44:01:5a:61:1f:9f:81:99:
32:77:2e:ee:a6:85:9c:99:a5:b9:0d:e3:31:98:a9:38:bc:ee:
cf:65:07:85:5e:77:de:b7:b4:f8:91:1d:ca:45:47:00:b8:80:
ef:66:20:cb:f1:10:0f:d8:95:22:c1:fd:c1:98:29:1e:a6:44:
d6:2b:73:d9:73:31:fd:9d:fa:f2:b1:1b:eb:7e:3a:a3:fa:c4:
8b:d6:49:54:c9:2b:1c:e7:14:00:ec:30:34:4f:c0:cf:10:5a:
18:27:fa:c6:ff:21:11:6b:55:ff:d6:84:0b:e4:c7:0f:60:5b:
59:d8:84:72:59:9f:e7:8b:70:8f:3f:5c:88:19:3e:b5:27:b7:
45:ea:65:6d:7d:7c:86:55:7e:e1:a9:f3:5a:f4:3f:11:cd:ce:
90:c8:f2:d9:a6:2d:04:ed:f1:89:40:1f:7f:4e:a4:e6:d6:b9:
af:e5:40:e9:b6:88:38:17:e3:49:98:b6:9e:ae:84:7e:5a:fa:
03:85:7f:a1:9f:b3:1a:39:ee:7c:7f:e1:22:e3:9f:ec:f7:94:
15:78:a1:a8:a1:10:8f:29:73:28:a9:c0:df:21:2f:a0:56:5e:
ea:fc:9f:7b:c2:96:4c:78:56:79:b3:be:de:54:80:04:a0:af:
7f:f4:63:52:eb:30:ba:db:79:a3:9d:36:12:3a:79:03:76:6d:
ea:65:d2:b8:b3:ab:75:b6:0a:ee:09:be:fd:23:e9:32:76:4d:
00:78:35:a1:b4:e5:4b:d6:a3:34:17:16:fd:9e:9d:d5:75:8e:
3b:b1:84:8b:4b:8a:fc:e6:9a:4a:79:64:b0:0c:4d:5c:f0:b2:
8c:b0:2c:d3:74:db:18:2d:18:7b:83:57:7c:fc:1d:09:9e:bb:
0e:df:42:d0:8b:4e:5e:7f:ee:9f:bf:2c:d9:39:23:7b:e1:a1:
47:b5:6f:c4:9f:62:85:e7
-----BEGIN CERTIFICATE-----
MIIg8TCCAiugAwIBAgIUGrmlEei1Lm0G28g53xpQBCEe+UQwCwYJYIZIAWUDBAMa
MIGjMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96
ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9TTEgtRFNBMRswGQYDVQQLDBJSb290LVNM
SC1EU0Etc2hha2UxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yNjA0MjgwODEwMDRaFw0yOTAxMjIw
ODEwMDRaMIGjMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UE
BwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9TTEgtRFNBMRswGQYDVQQLDBJS
b290LVNMSC1EU0Etc2hha2UxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAwMAsGCWCGSAFlAwQDGgMhACqM
jF2YEIFMAUeaq+RxTydF4qwQjpWAlJQwoaItuSqzo2MwYTAdBgNVHQ4EFgQUYpCQ
5Tp0GBv7aEAHpYOdcC5+yfAwHwYDVR0jBBgwFoAUYpCQ5Tp0GBv7aEAHpYOdcC5+
yfAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCwYJYIZIAWUDBAMa
A4IesQDzACESZkMN+yy+Er7tB0+ueBtMz+LohcvkaPBubmN44RAMPH0PVwPcrHOB
fMled+LQdwqxfgPMO/akGeTh3YnV3c8Lwheg/f0I2NPIEhyo3rugp7qBu8mwvQn9
Bc/4iVw41w+mj4WYzT6jwZrpTGu7DiX8PYMZU4o4/+gb2ss1JD4c3oydg/cqnlJL
GwoU5rQfW94NP2iMq+na2GE3wsDjKLLfQQ7SkDDi9qQYoR9DxDCjaJ3B1oHRKi6m
an3Ho2tP8W5nXbAIS58PwZhPXhOARNfA1zLWr0Khy8CG89PbF4nt8b2v8+t28Sqc
DNnJhotG+ArPX+f7UKFp5V6leIFjWpwtpLIr1vrB+X56ATmxDxey5nSwAVlZFPZJ
a/ljSoQyg4Asz45OC/b/QUdrwvdUz0QJDhLNjo/wWASAIKhw26aojLo9lwbSDz3P
xTmAW4r3ImffkmKGP+WP/g/y6Y9s6nvvLcHbnGvFk+YzcFmbVz4+tA8dl7IlB1sQ
BWDUAk/LXc5pUWmGLnSCwwKdHHcoHbXUoxjGnFnUqB0OOJ+qExDDwjnR4sa3+OPD
aJ47ipFB0JNPYwbP1+JYFRmjyhQL1Z+BLtg1Kcpec3XhuzDViV/8s7XeWoY+H8Bl
+a5zzu96wGhlkV8gItiRz7iurXO/33Hamv4olCY+juhQSoaaDAf7958pxQZLPtEL
Do+k8sDb3NW3np8PUw7+dBPjkaWkQOtMQ3Prt5lP3qHyKbyfHtnz3adgZX7GdCdu
+6li/MmHqrOXtq0iTdNYE6S3LGD68dDZS0PQUzRhXB1IWuQRKhxDTkU6fm7HBQ99
2PMf4pn5Rd/pWbZlqkF4Oh9ovN48LcMaGnJ9P7QklI6Q+acv4oaHd4iPe5iCHAOZ
ncforWJJ4OVRUJVn16o7Z8RUfGzx/tVNF32MmbRJSlfdm/1GHDOhjz9CvlanBgC+
iB0BOMUoqLSDSrmEfc06e214Ln+c5EbKGJ+q0v4kduWzpjzer7iirnC3LnYTKR5r
fOtU2CxFd+XGoimmso1U4mD4NCFb7LGYSfsaDs1UY8vjDPw4EWrlSldqld47cMKl
BdAQHOvFOUqw4oGCQZ8Lvo2D+hycgea8htEoaV3MZ1pDhC6db82v8HklY3MKjx0U
nczlZem/Cdn+09xaq9sOAh34z1G+cDLxHskZy1LNy2DL4T2BjbD18rwhw7Jxe0xB
N75DqOPah1+PuSOjjGjXkI66zQVyHDaCe8VUKbBB0aTg+Mg8xfcmUSfCh3EaDoZU
L0jP4fir8Z90Nr7RRSETE07VyJj3UQywQSXkzAQSfQMRRTf5ElGjpvgl2OcZsuUg
N3HjlX0etW646IsFQvfUl1fiPcaOjKmGj1fA2kGJjQeMs87XOZO1buD7Wa92iG+E
X05Ua0LelU8XJlxIv+xl3XOMlsVdGlp5+mcIBclyLxscN94aohfr0WFnKVYAsD+c
17zq3jHtLAlLSqbFUkPVOG+CtLnJnTsaYJGMsJPCkajxnBDzo55Ta+f9hIPsI/ld
BV27whZRrqr0KlM8jF1e983XZMOpzvl7MfXE+2jjl0wIv2R8WG1LEXVvqBNOJHZj
R+/p/70MfMz4XpHpJbaet0KXok3JS/iCEOpFoYFdtw/t4OAn1IjJbj9HuB3XZlHc
D0vMy/uo84VDYHGqZstmVDpjv6zhqskG4Usm9991qL9FcL0Y2JFYu4pRDnlYAT1F
BV6dArR9BkgNWUz6Su7+cloDrVzr5UQEtCCQWnkcL2LVSYlZFsJ1BzUs2vCZPVtJ
s76rHyoAzRhHOiCP5e7UueWbr+82u0L3gAKX4eNKUumV5BXrQMvBoBEXp4iY6zSz
vlbQri2c/jjrUYz7F3Rmt/VXt+/I5aifSoffMIzz8fQzu/tidjZo+FC6jLLrzVyO
CgPVT/qBa2TlW6HxJ5gmCGndIXCd+iQfUaW1okgf/vvOgpPJc8zDWzBit+iMgiZX
4Cmnl8GYxZmE9UqZ0yMdp5EaznHh/b5ZDtqpgiMdS0lfBXwgvP8x8sY7fsc5dDcz
2/B6vQbFa3EBVzYU3YpXqG71Ql8dh4i9cG5vlLuCRKi3pPjDWSV2torjKhWiIjOQ
uribeF3zvya3oEcTMbYA4RmwUyX4KMdgYrktsZeuGp1Bt2bi0AkRY+oDJxvdx9Yg
isOoJ92zWdAOnvevvn4wU1GpeVNAMaxdIEULYpaYGu1XKztlekmFbxVspUtT9UWP
pkbTjZOv0yC+ybn620dIBxTMpx1+ZWZE90LOQO8DGpa9vuHFM47schrKtWTlmClo
KSept3WEodDGO2MY+nfAMQCcj2RqNFTTWkNT0DX14hHPnU6yMwEcSXNWr66rBHLn
2cyMfx0jDn0dRi+npVnVoIwxWwjNOoy0jWjbppQISQIWVeM9Sck19uvgX+e/tmd9
9TBXYNbwHusNA0Scyz3aof/E7gvyf49NivJHE1UsxarN2Q/HumHzbOP4NRofacYh
lPpbki128XgW6TH9/HezV/WmjI0cVZ7GTojYV0voN9qocpUlY0ZPc75g/1gQNu2Y
+2MH4RmI9HOjs0i9eCKF95awY59jiUY1WrYYYdhnjbqzfoN7uH+U+5PFNLcz2F3X
+taOSmxUPCnliDaMlh07rAhssgXXcRI565BGGP6gRpejAPtDjrRQGrXz4nIk/kU6
unEjxotbm34X/FI8NOcW9wdsmBsRxYs5K5dZiUsteydUQeu8IAJQcLtsyTRo1mcH
OV5OUN+L9bDKvkLaNGRI8syYkvBmP9Buh09c7/31kbNSOUhw0JmjD2fZ/Zpq81zc
ROCk+FzDzIVkfKxsF38jPH6yEIbFV5QmC2qq+TTXWkGAhev8qf0UlO3JSOTdOKAh
JxLIRPtD/hpKqxMitpwXyX+ZnCL6WVc1pWr3kGdYZbJ8al5DL08a9rFsM0+Eg+/5
zFwKmi4RJeB3jNMLkBXR/31L0qapuqS/CKNl/7IV07TphnTOXobA8gzQCSdHSKqJ
iOfKRxNP87jX5KqvJ3OTkG5G+5u0PyrXvP4bnjIJtdSsOSCrUqtC0nqJg9nwT4uL
red9UYLDmphWfg5RqRM1pXw2hjbkjunXhNGCnM2tmYsR96dm/jZHVkZnr1l29535
Ovk/ECInSmzLMitZE/Sg/dY7bGCRvarzpTGN7ho4kBk+o43iEA6zo9p/deJ5vzaG
Fny8lLJ4V8VFAm6Zrc8tIcRsWbKylHroRiwSYZl0Loc+/SViWIkgNaWDPdHVXOIX
WHOc8KmQE++gsDgIqEb5B/G+MZzsrGWCoe79OV17bVMspiNIWSsTYxaTaUZCT5jI
cNwQp/6KKJFvJsuo5SY3dcykzYhJTxANwkZEaHpYgrQVeEfzGnavzYT+4NaTHvkh
G9SiEyk8Gr0q/tTNZeYU4TGCFL2eCeK+uYCPERGVctmkDcRuJDGe6c+eoOL6fUuw
AyWykOZ+CDk3Fzigk/KM/4zuaA4RdO+1t0chMoKbJEfgiL8VYeI+VaaH1vC695l1
TX4udgaM/J74uzvldHDhMA4GrQGkbUXG9FVHKEXNeo8pdyiao73KLbT/UxChxrdR
WQsE/7pybV9DTt827avZ1km8jI6+U4Qu4wCj6zNJI62umH2lsEkp1NFeWhFeAfT0
EzFc09a3CNolh321cxJ0Bg2XUn9gCEIqrxT1MIms8zIhLOgW/EUTiShuSpWH/DA2
VX5lAU9VUjk5JUAhTDDc2WxfWP5XK4PZoNtPs04CSI63cJ/rCphhknKEPlN8xvM+
P3A8wv+YTBumccEV+OUDT1Ni/uzZLYyD4KNCfdkWUQQtQkgRSmIxBtQCXZMxIapH
2snGSb7kcU5XNkaUv/vjiDtZd20TzzRiNLpGg2QeIhB0GKWy0oMROq24cpNIxGod
tcLZ3S1Pv+vmP5/hhZvxLgNesPXdizPWfF7kNOu9YtyAA8/N7e8pTu3m4O/UHmvU
ob2xI3Nx96x9w+vmN6uNRuEkk5KwjfCEu/f2URlSdpTOtfQ+XgqO450UQzFPFJES
m4F9Uf4ikyjo4deLcpAeRGHSBxf174FpJ7qlpOouz5wEz/0Pwi1NV4BJu6aSvnqO
Spm31NcIY7QsG7+2uzFsE3+EGXrjwFdexV+aJ+2yiyNlltXgWexQDmOo339N3G41
2DKGlIh6ID1nZwjl7Qj6N36Eb6Ph02Ly9xnx73O1aqgWQi9BeuNmvhSeXCKV9DEX
RKhs6qxs1sapduvJJB6Tdkj0FDoY8jJo+J7LU+GgBAuopkvCP9dNcjp3NOl8thgm
u+Xo1xskhurAyAqB6lBatzzKert6hU8D0n2XRIAMrFhIoDN0YmnbmXW4p33EZC8A
tafB7D1p48Ww5kesG8CyFXV2hKT3Be3+berAL9M3ctyyiyNFHCHxa1yvWRK4kp++
WbdwaAjW5TCyzBY3NSK3fX1hLvGBowiZzR+2Uvf5U8Lc5E5AVFmaCkv9kmRZcWTd
1JR0rORbyKmtogu8ZkWtMHa7MoEK75IAUHcOsmEOY4qoqNGEiK5SU9ObX674pTW3
QFGVq27vhMSEDzuPdTMFbUIsqiDaF1y4y80IVGoY0cANfRTl/WQdj+e2q+NLlbyz
l/bnxiOGn5jdCkrL3wJdG2apWPc9suweWVM4ZK0PVxtaEIE9+CJtr7fqCMqxmNZm
iabbOsSANRijfo/MMhbSaxWDaBUV7SN988PfqF67DGEOP4W+30eaWMGEFakUFOXw
ri3I3WQN2+F4YnotTjG75D36ktnKz7PiJXkzstOb9MHb/iTe9UfMm9lHtrI86SU9
FV/h54Zm8UuMVr+8E9vNQKtFjrrz8GefRsZyxtYzeiY5mGwTzCrPmUTqaJcFjNy5
RaQQO0NmrxVED1PHdmywWdvFhcJUyVvQrivEVM84YCqspY9lFdQCsaAXS8G1X79s
NCPuM/iCJ12PG1i28LgP3Mt2GektuIVvVRxkNsiM04TEzfelhpNGCnNF4eXMOcX3
YMzKApBm4Owj6SPAmPt16XQLiZ8yGmiJltvYcFaPheKoOQj7wFOM8q/yeQ2o1/Hj
H/t3tnD5QM/yT1rrvG3p9vH2Af6DH28p0RkQtR43gckPq13WNIDMurwidmzwox7N
bfwbjVjdpgnqOyrsR3u5ruGwUl2GklzRJmZ5WzvnjmFOFQpVI88BrBLnaxNSOiaP
qTR5zNdjFfiaw1xiDv5awoR7af6YmsLK72OThkzfrJUxtO3DPYeHA9o1Xzw4J8Ve
BUpeS+tE7Ju+uXFtY94U3nMOEZCFt45Bkirae2UG/IYBPfC/DUVEUTbFG51mL2Ec
cLGBY0zeEzhqke0yUZGukrxtTXbhFDmIPMUt7pUWtexUQMzhsKtpbj2C3jfStzq+
iWxnxccrKgTYCE7yoITCbjYgGuZYpVsxyXTOeF9P79INlXX0FqdhhxentpiILosO
+435TmxW3Dhex9sVhtCP4hma4iV2rEYFInenyvGBO/bVHXzp6on+FeprPCh31nnd
lhWJm5cfR+aVwJfkGDsC3U5i4R5reEPlSSCJM1sahB74LhJzYYUJuVQkbsjuufpS
eE4n+zkCWQlG+dC+A3iw8heAciWuoy5DIaNwbOxwK6qaFHiKuWZYM8jsbB9S8Mkg
VdRNiP6V/W/u7CahmA47kyGF9VwkAizunuWuyfZdP6BedWYZOK0NQshJ3yDftqNQ
697uNjEXzMAuz1TRWoxUPZWhbnXC4OH8uoOwBB2+Rjzuz+WhQTdvQXJ6RNI75kLQ
AScUc4Ql4fUZj7KzUyvI+Jx6woch5ORpdhzysPux0vxQ32EURSGgXE0wiVKMUR5q
zwKxFrg7ESTw50Y7RdbX/6z4b9yPlv+oVsvmBcwvzIl9Up0APlaN/a13/wbATeUK
IrJRKvXo4VLUrJnylr2IIoXBzkU8xma2GINy/wM1BPRYnWQxXja5j3PnTYDYhV00
O2m+9onx4mmKT2dFcvlmvhyPiJio9ori7VDLs2TXUKTul9eupYhzuxAoGEfC4ACO
W+EUxZ+KbptfKTY2YjUPiW3WWxlXjL/RMb7mpPOShry+dfiKo5cnYq62b1QxZIVn
CzV70+b9LWsyey3AxCUqnCbIMXSPoMRLTImscnKL88x0FqGTnDxHN3860GOwALZk
Y1z8i1IN6ipSv7exh/HdMeSXdFIMDy7Eh1Lb/z9FrStlLzvMBVXCQ8ggNJ2akj8P
qQXNs8+WnlFu1gboS6gq5UQCYF0ElJG/7uJirGt1KBPLuPVe/iTjbpZQ+Au4KKSM
HJQkok9X1JMA+fV1poB5oxEAPYM+eHKzuOuauqkOruMAhd4pkQPOM9M6pnQGfd9L
b7LLsP9vmZG7glU604/x6dXs0xXHKo89rWlq03L40lzd5mDENpAr3FtAdfG2URSu
L/g5HOSYz4ZopV9+nRIUVjUpy6BZYdEoM9PmalgvO173rGmZmBqdFaV5qi2vdQQL
QtUuh6ZqanOjdNoRyygJXIOGx2G+Ek431YA4mnyNhHyRjiwyiYa6lLtkLkjs8U7C
w8GeE1dy3bmg9ZpasWUAXgEl9P8wst+ukYT9U7uHbMj+Pl3d5q5XrVypZgsM+cfU
SfoGGdOOiPY2Q8Ny8q0DTDMX7mmlrkwaIUAoVIpm73TIQ5HinG6nsvIT/eCa2J82
3uZXBhVgxDrX8xXQQLgul2UwxPaIOcRw2IOob715oh2gPBE2VA5n+CdCZpqWePIZ
jX1jBTZLazoeMZrm7cvUsnYPW9p4jUqykDsPhTbHWxYATDjYcIlflEg0+6Z/PpE2
K1CcqJafsKdAQ7bh8sBs6PLWiq3+EK2f2jiJyL4stce9d/d5D6BSc1rquHKY/nB4
d7/zp1rZRIUu1Hoh7AfoYcFknz1WXMsuwvd9A3CvPvLVi7f2U4jrjnCjsOumngC3
rXCY4m5DLcLSCZRkw3Caktl/zD68wFivtSPByqVVakn/DuFpLM1qjeT8AEGAyO6J
6gfFMcJYMYT5nx7OEaynTj3R6krNnekigB0IdNg3vsoVtHq/8IKPYOri6bpxDiCU
irQVoT6Fd7HR8JBbUa2fC/iPQPHievO11puZzqkTa3sKRn2iJ6Fao193L5prY++k
oXBMpisBJAY9DxukUAwoDI9YkJGWJC1/4qpzBpQI4RmfnGS1gmUiiAfXv7ZWPnfl
yL1uj3JDBtQcgbXx7L979KipA/dBVjmCTVsuljJHw76wANrIhkYFi9YgXsU5qWGK
CUCQO3ZlipiP1MSly0Ch48w7JQYevkxdymnmsqoxnAgqs2DbZZDqFpUdFNJjN5eM
8cUaxIYfvmB8FRenJtnw7Nz4e23DMtTefgglLSaqMBq8sF3/RgwY+7/blvXKWaJ2
AU6CO2MviVMQnaO2V/o5A2PSXc6heYAltxp0nx3TlUilPDnZpyXvYykO/PulaqR+
YcnDkLz5I4q0aD9fy95MNBCBl82nVGfttUejdQaJ/B9wZYYtlpi5FpLwwr0Boo6s
L9IDaGsA1IF/3KGWfbUPdhawGi96v3xOuKk1ukBes65uiniF+MxkfYjJL1wfXxnr
zi5g6eh3l1tjEeni+4HkAa9UEo2+qilxLVR0wF8HiI46BYYFVj+IOndUyOSUZynE
sEdjC9cplx/WXiJ2oU0vdkMgSHpEq9dSJX+pFOasmDQiXIlvyI0gKs+9xhl6Pxz2
bwi8Im4LeI+CHCa4grj/7CN7E1yVfaUEP8eH7fLW+6K8oKzyF8TkEVbCL1xkZv0O
wBA4bPdr/2IVJ1VFXfzwjjZoZnKWQBN/srRKypfyP6fsOJV65M/ah7eqglf/fNXc
++KoE5sqpmp8ggu+73Fnkp4Bg0AacWSzY1ecVabu3miFeHCXgvVndNSUsf799E8m
7UlVeFyyvtpd9RhWilhOgr+INIuc1DJJz1aubdBFdp3HF3yQNLn1uqQyknwvd7yD
3wYitPPr0tM2IjK4wUpElrIVE75Ew/pVNPwyNxDyKDnJzdXgsqzRONdxBlAIaMNq
roZ+uag+Klyyb3lk4gC1zdYYYdoLk0wh953K5uhc03VTOMOC5TXnYpVOc2cRJyJs
CqxwidXIqpSxUlu5UTXYKTMWmoOV4mwMuua8trsmWuSSGyGTDANzrpILKzzwbl4g
iAnxB/CNAhXVeE/h1YpCyuEJ/TS1PqQNV1SGQLtaDowrhljy5Z/ztAtBHq1B0Yzr
YOIEHZfUT1NpNHLHvd/Lrik3MWka1LrBVjPq49XynUVmW63nWaM0+4XeMUGf08px
MFvV80as0mDKqMcGNQL6DEmR/aV8IoEu9nSt0Npfgjo95aoFofyqxrtIItoLqH2W
D1R2wXts3y8qdikh94oSCE3R9YAT0rjzemL+8NiB39gy6kUxrGu3WPcpqh9DcyPq
vuLLVjIXI/oli5hRtLFDDQucXufSfBvgTMXfiP23LEoZPzhNbPCrl0Jl30cxjnZL
epoPZWcHx/6Er97pM9OXSp94dKofmY5eFVn0YOU6ViV7UrU+7PIfazyJ3FgBmuzd
8yHGTlfgtoAaAyqfE6mS0zuxa9scnnt5dFlk64qZFi+/eMHeqGFGPZMPEtwPptn/
rrHCKrOqo2zB+rCoeXMHpC5vrDT0mcMDhiEsF+Cjsna9MjGbmpg11WMIBvE7TtDb
JYdfdRQzunCjqGQwiz7QzFZhxqvMjtv/qTi/kowwCL+EcWEY3xV6Ac/VU230bGRf
gn4UtncX/NVsRAK/Qduu5tg+KVDB175jzJwnJkmPkJvM9MHEgo9UGG70n9mPA18V
d9f+0Kf3Ic4xGgWflVMuz7/s8ryBjQGpR3RxDSPcKEWTt123mHzvJeErJZ7+RzQp
50jblCK7wNUqA3RNEpVB1NzBl6/1jOTh/zmhWz8z3yLd/2cXkqP0wa9q2ScX/4jQ
Ou7Y6TK2g4xGbxNSmPNmkL7o8w0knH3P5GA867N4cKhXxSL+ax7SMbpGYNKuKZxH
/Rsoiar5r/jKxS7iZmf8dS2fbKJI1OqTKyp+pRExZNlXDHV5yw0uvw5pNlGORn5W
361Wcwn4eCnwY7Kmw7byg1TG+nX1JO9aur0Dsuo80NjM0kUAvnU4ukavCaNnUupG
18cBdM0vSN/xH2Qur+WZdrPDPkfIviyKH+xM6hb4CbF4MpDddb/bzs7Zln6FrMal
uclI3xHT6wVZByykrAbYb7OwCZsLxMpliIkedvoSu2bM+H/RkEJs+blfLZpiAJYu
77JcFlLXLrDmUvC21cLV6XPEoULFVTRVOnXFYQmsqS1w08fHSMiLDC52+3wb4ioe
DthqlbAsLI9DE1Zo1qCFZp1IdeBGiTuwsV0/jqjS2641K42zEXeqxqUR6DrUa7pF
v0TnnmNtbBFYwXp00n2FeO3unt3FB7H1yZ7Q1taeL4l/Z0fhUXly8Span33GiqOa
hyYACgYqCpXwX26B4XHPr7M/kxsjR9MojYz2wcwSA8NP3dXlqYcqH8D/Cml+c1XX
h3mfff308Ut5SdlTjFgi4E8hv9ZWy72zqqi00pNgrPPNV4AnEe6Y6MKTEranDaFc
4GQtjdcJcKyzxCFEdgRd9cvsFbq2HGbFcj0HLrcmriaMwAFGfMeFYzVsjUe/ImCz
QOn6BQZ9YSbt7fKwov3Q5RurCo4B35NQiXa27klBJOZBzRCxSHPzY3xyQYMjicvc
r/ecf51VaPfYx6ZXdTgLIbY3sOzsBeb5A7eyxP7T0ikpqV1UztRyT1G3oPRFlfN6
LzOkPrA09f9oHEpq2mLNHf6nzlq163kIzcJ403i/BK9/EqJbr8CyZ75EZLbXE4bi
vxnG5PbgTyEfaB13P28I+lTMp7Vqb/2nnWE3WpRGr3EqvIpeRNdxy0nC/VH/2Ks1
IxqER06gr+VVzr1Jdlc1T4uQI6TQEajJvX5/5dLJwE+wlRMlrq9Ud7HgEjRZJdGN
jzYvKqwwOD5OADZDdhKI89TB+nPlhCfAV5RMNANVzP9uo8LF0y8trHwrdDofQHTf
kmDUZLS7bCY+iG0dluPGRAFaYR+fgZkydy7upoWcmaW5DeMxmKk4vO7PZQeFXnfe
t7T4kR3KRUcAuIDvZiDL8RAP2JUiwf3BmCkepkTWK3PZczH9nfrysRvrfjqj+sSL
1klUySsc5xQA7DA0T8DPEFoYJ/rG/yERa1X/1oQL5McPYFtZ2IRyWZ/ni3CPP1yI
GT61J7dF6mVtfXyGVX7hqfNa9D8Rzc6QyPLZpi0E7fGJQB9/TqTm1rmv5UDptog4
F+NJmLaeroR+WvoDhX+hn7MaOe58f+Ei45/s95QVeKGooRCPKXMoqcDfIS+gVl7q
/J97wpZMeFZ5s77eVIAEoK9/9GNS6zC623mjnTYSOnkDdm3qZdK4s6t1tgruCb79
I+kydk0AeDWhtOVL1qM0Fxb9np3VdY47sYSLS4r85ppKeWSwDE1c8LKMsCzTdNsY
LRh7g1d8/B0JnrsO30LQi05ef+6fvyzZOSN74aFHtW/En2KF5w==
-----END CERTIFICATE-----
+56
View File
@@ -0,0 +1,56 @@
-----BEGIN PRIVATE KEY-----
MIIKGAIBADALBglghkgBZQMEAxEEggoEBIIKABhSAaega5HUsoai6G/eXAfC1zWI
Kz9h4nyZdEvlx4g+JXOmk+lZB1kemzs39YRighKiTNPjWLe/x+I6CK2ByHsAbdQ5
LPwAnY47H524KBBi+N/AC/rfzwQv8LIuXEE/IlzHql4cQc1lmqDDQSkv8OZ77u0z
SfBmIcUsqWMCmDnxWaAkWrAN26Jo4DCGSpBg2RSAESki4shB2ChmHElRYjRigSAJ
GgBF4sJJk8hN2xggIkdsGDlhCxYMGQJGJCVKGEduigaAUQJEDMKFwBhFGRYAgDKO
UQRghIRkIzEpRICIyCIwHIkRAhYKXKCNgkJp0xBMVKRMBIhgAENRIhiM5JZFkiZt
ykgoDKgEIBCRAUUJ4zJIggAFEyMKEMlRAMFpiwYOATIQBBVNBMQxYQQgmEJhjAKO
AgSGG6BgC0cmGDmA2RhRyqiMGDBgmEhQCBmCAIlgEQmIibhpA8INQIhIZCIF2kYx
DEZOIAkGgkRhGoRsGTOCE6hAIxMtSoRFGrZllEIEA0WGAIFJ0EZtREYM3CYRm4AM
UpAlyjhKipQpQggQA7CFJLNFUbglILRwExRt2BICwIYNgQZEDKJsC7ZxC4lJ0jIE
AKltSiBA2aAk3JBMQpiNEARAChZswIAQkTYk0cCJHBISwZRI2CAkg0RwA6GQkYCI
CDNq3DBRHChuWZJNiCiOijQw0siJ5EAA1MAhIzcQlBRFlERA4KREioKAiRglGjgK
YwCFUyYBHBdQBCFIRKIxmABhhKZlQhQE4YQswkhEU5YImqaEUqhQYwZEYsBoEZEA
SEhR4QRwXBRAA5ghyKAMmURuIbaAG7NQoiIsG5AEUEiMHIGBiEZNUwBN0YJETCCS
GciISCaBJCBGC7Upi6SAm0BgkzIE5LIo2ZAFiLIQC5MRwiISAoFE1EKIgBQRm4Yw
EEdEQUII0JQQGyWAkSKNm5aBDAElxLRFVBBxYyYAUggIIMJEwRiI00SEQxQm2cZh
0yiIS7QhESSOXERpI0eOBLOIk5BJ4iIECDYGIyGCWJSFIUQMQyYtGcFsEoBEQkZl
AKkBjIZgWKAk4ZCESoCEyaZIyDSNE6KMCpdoiLBlXEIt4DCEHKEB0YAJ4JIAWwJs
AMWIojABFAgwAJkhg4IEibBFmyIkBAUSSChQYsIMA8BBjEgFiCJCYkQNg4IQ4xSF
0SRyAycO4oQoG7KAtbxqiXAgMUhMxG8iHXezrhzWKzXrdl5zeh6ojYaRchh81WYG
Rf64tj6OhO2L0KTx2bmAMNacjMg3p+Rr9cJc4VmAWW3ckeHzpteJRNzsV82GHbgY
RRPkPCm0996lZbV+gNDpXmvPgUKjtK7mOtfuh+YUkRVsoLGbrokY/gsZl6bW+UZT
2eWbGqS9osgd83OcsUZgiXXFHwN+dMvhSdjlUyPPUhgO+MC4vbhlKCKug/MQjKT2
jETaAiEi0gt5ipV6sg6QrHS5UnhMnThmvhNkHz6wLKbBTFrRkQ9DbWa6mZNCVrv/
Wh/k1c+sRG37laYjupbU4ZKXWht17/7qZjtyGj2162ui48gbXHHuvYEV+Yp+ZtfQ
aIQ0MtdeSMKC7gPaCoXQrT2a6Ou+tN3Ebslp1DSQ64TikVmXaOPyhp+ohKNUETuy
aQVKRtUDqqceB9zZv09KB1onH/hhdS8oml6ORgmxwN49VFUGj/GNf4fRk84MQ52N
pWDh0ZJTyRVyJjAiUT+oIcsdKTVK/ZU+1nCHaYdlWj4LhY6Ug7ewHk9RjEwLX84o
H6zQwaVXDOoyI+Rnr23cS3UX32SaVORHLyz4MGZafQ5GjpIEYF41QLdUfpWvYSS1
mM187RHXOsHSVDfm+IwYBCIRCM2d7sJPTv03+86Zm80XRr3Ey9074OzJBPo79Grh
58z1LRWKcaSBC51C54+Ifo6VHkfjYoN3epmDR8dWQbe8kpYBHdsMz/gjjzoDczSq
LY/Ou8KUgeQTm9miysl3p2nA+syXuEuPRq6GkaYU2P5i5q9uHhiBNvEY2tpDO7SW
kB/tAZ08LOpI7DmqhrrZi0dx4gEYrYXsQPynVwdHDLdgNDk+oIRK/mOFc/F1gLhI
/ruFPGVe1Bv7mGUy/kCwBJnhcxGVxCeXzCykrplL/GzRldQx2jJBz1O4EH1Ua1DL
yBVy58yvFpZdFVkqS8dEw2NHdxcAHOMcpzypvgTNxupJs+BQm/kWw7FhnMuXWkCb
4vpgzaLk4q+TzawMLBRTbIvT3DJVj9W5spV7kkl66RZsjbouCWJKRB4GF7mQ04GH
hS6QqqMsvtIMmk5QVkrN7BmGJhv6x0+7iLtiJYP6mYC7DDyHzLNFFSGsTHuE0gq2
us7dJkpixfnoWIJXhglsWPLb6d8HiDa5dA7lz3Z5AP926EVVvNqLJxED/0sEZjXo
xAdZMM4bDTiXKOW8hKCvdY1xJxe1+stsvqFToRHX1ycj/21jqoPaj3CKwocwZB+f
C1bayxFcTeZMBNONXF8XRa2BXYEViIvQ4Z57emLjvgzx6HMAKwqvjYY4r/xdP1xI
5BdxGyKGLksuVUdGOH74zHwkt8L4CKWJrwvV5LS++m/HL+3HteHdSydN0FcH+/eg
x84HfZMw8KJUM0ev1v28Vg2ySyto18uVFVBDGgVuxaYA6Trt3009/fj/+Qd6BURI
aGJslS8OOophSUU97W2LYEtw2sqYuH3g/d6tN/iNDGwp8a45nEwAP12jHlqZ+Enm
ZzuLhEMgv92vYOOUyJf0CJEfpBAmc2guufLbu6jetOXRUsWc/AcIg6EXv9ZRuJq+
L4xyLjdw4i1IUGd065YSP59V80vcexDYlwOHC89UPHfiQ+pViDujOBECWlITaK6l
LoZzYi8h2vcjA1QWbAX4/Eupmedrjh2c4Ldy76YLjxX40GlbRyzGhTf4GHqj3mpJ
466rJDFrPxa9QPmQoFkKalY6Ioj2VryASmMsUNx5dhucRjLI3vt++HLcDLAkA7jk
f/ZRELYe7xdF41bQrjDZ+sQCxtQMZO+jPutNbe+bTt9KQ9X8J7+9au70Gw4K5dk+
mjdYk9gNkyPz9iy2gWI6PUo7jeli2CraA2SnNSRbyioPmm3YfO+LfQrnwRVQ54e/
dJbTABNgOx+RMl4szQELpQV0VRT6mVNEdkR3fOjf9xLC+R2yC8sT0HOR0/rJMHbp
oHghshGqj7ZKh5tQfWaG1d9f80/gh/oGOeI1OGdrf5dkquRAO6qy5pq5ggoAMwO/
Dgy8glXrmPfvaIfutg4+sOKumqcduBB7/KVc2FLsSFdxs9uiwAHbUv3qXcJRQYJM
AaikplrHLx8UR76nRWEuwrqQXX1UfKuAGQPg66uYMKP3X049F1bkObajII13smZL
P8KHMxuKEbtK1e4dTYxOBQ7gMSwl+sY+dVTP6b9h0GyRwlvQkwSum4RuTsw=
-----END PRIVATE KEY-----
Binary file not shown.
File diff suppressed because it is too large Load Diff
Binary file not shown.
File diff suppressed because it is too large Load Diff
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
-11
View File
@@ -1,11 +0,0 @@
# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
certs/sphincs/bench_sphincs_fast_level1_key.der \
certs/sphincs/bench_sphincs_fast_level3_key.der \
certs/sphincs/bench_sphincs_fast_level5_key.der \
certs/sphincs/bench_sphincs_small_level1_key.der \
certs/sphincs/bench_sphincs_small_level3_key.der \
certs/sphincs/bench_sphincs_small_level5_key.der
+8 -12
View File
@@ -213,11 +213,8 @@ function(generate_build_flags)
if(WOLFSSL_DILITHIUM OR WOLFSSL_USER_SETTINGS)
set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
endif()
if(WOLFSSL_OQS OR WOLFSSL_USER_SETTINGS)
if(WOLFSSL_FALCON OR WOLFSSL_USER_SETTINGS)
set(BUILD_FALCON "yes" PARENT_SCOPE)
set(BUILD_SPHINCS "yes" PARENT_SCOPE)
set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
set(BUILD_EXT_MLKEM "yes" PARENT_SCOPE)
set(BUILD_OQS_HELPER "yes" PARENT_SCOPE)
endif()
if(WOLFSSL_LMS OR WOLFSSL_USER_SETTINGS)
@@ -348,6 +345,9 @@ function(generate_build_flags)
if(WOLFSSL_SHE AND NOT WOLFSSL_SHE STREQUAL "no")
set(BUILD_SHE "yes" PARENT_SCOPE)
endif()
if(WOLFSSL_PUF OR WOLFSSL_USER_SETTINGS)
set(BUILD_PUF "yes" PARENT_SCOPE)
endif()
set(BUILD_FLAGS_GENERATED "yes" PARENT_SCOPE)
endfunction()
@@ -1029,10 +1029,6 @@ function(generate_lib_src_list LIB_SOURCES)
list(APPEND LIB_SOURCES wolfcrypt/src/falcon.c)
endif()
if(BUILD_SPHINCS)
list(APPEND LIB_SOURCES wolfcrypt/src/sphincs.c)
endif()
if(BUILD_DILITHIUM)
list(APPEND LIB_SOURCES wolfcrypt/src/dilithium.c)
@@ -1070,10 +1066,6 @@ function(generate_lib_src_list LIB_SOURCES)
endif()
endif()
if(BUILD_EXT_MLKEM)
list(APPEND LIB_SOURCES wolfcrypt/src/ext_mlkem.c)
endif()
if(BUILD_WC_LMS)
list(APPEND LIB_SOURCES wolfcrypt/src/wc_lms.c)
list(APPEND LIB_SOURCES wolfcrypt/src/wc_lms_impl.c)
@@ -1209,6 +1201,10 @@ function(generate_lib_src_list LIB_SOURCES)
list(APPEND LIB_SOURCES wolfcrypt/src/hpke.c)
endif()
if(BUILD_PUF)
list(APPEND LIB_SOURCES wolfcrypt/src/puf.c)
endif()
set(LIB_SOURCES ${LIB_SOURCES} PARENT_SCOPE)
endfunction()
-4
View File
@@ -380,12 +380,8 @@ extern "C" {
#cmakedefine WOLFSSL_EXPERIMENTAL_SETTINGS
#undef WOLFSSL_HAVE_MLKEM
#cmakedefine WOLFSSL_HAVE_MLKEM
#undef WOLFSSL_WC_MLKEM
#cmakedefine WOLFSSL_WC_MLKEM
#undef WOLFSSL_TLS_NO_MLKEM_STANDALONE
#cmakedefine WOLFSSL_TLS_NO_MLKEM_STANDALONE
#undef WOLFSSL_WC_DILITHIUM
#cmakedefine WOLFSSL_WC_DILITHIUM
#undef NO_WOLFSSL_STUB
#cmakedefine NO_WOLFSSL_STUB
#undef HAVE_ECC_SECPR2
+789 -371
View File
File diff suppressed because it is too large Load Diff
+1 -1
View File
@@ -254,7 +254,7 @@ int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
4. Encodes the signature into the certificate/CSR DER structure
NOTE: Only RSA and ECC key types are supported. Ed25519, Ed448, and
post-quantum algorithms (Falcon, Dilithium, SPHINCS+) sign messages
post-quantum algorithms (Falcon, Dilithium, SLH-DSA) sign messages
directly rather than hashes, so they cannot use this callback-based API.
Use wc_SignCert_ex for those algorithms.
@@ -202,6 +202,7 @@
\defgroup PKCS11 Algorithms - PKCS11
\defgroup Password Algorithms - Password Based
\defgroup Poly1305 Algorithms - Poly1305
\defgroup PUF Algorithms - PUF
\defgroup RIPEMD Algorithms - RIPEMD
\defgroup RSA Algorithms - RSA
\defgroup SHA Algorithms - SHA 128/224/256/384/512
+212
View File
@@ -0,0 +1,212 @@
/*!
\ingroup PUF
For a complete bare-metal example (tested on NUCLEO-H563ZI), see
https://github.com/wolfSSL/wolfssl-examples/tree/master/puf
*/
/*!
\ingroup PUF
\brief Initialize a wc_PufCtx structure, zeroing all fields.
Must be called before any other PUF operations.
\return 0 on success
\return BAD_FUNC_ARG if ctx is NULL
\param ctx pointer to wc_PufCtx structure to initialize
_Example_
\code
wc_PufCtx ctx;
ret = wc_PufInit(&ctx);
\endcode
\sa wc_PufReadSram
\sa wc_PufEnroll
\sa wc_PufZeroize
*/
int wc_PufInit(wc_PufCtx* ctx);
/*!
\ingroup PUF
\brief Read raw SRAM data into the PUF context. The sramAddr should
point to a NOLOAD linker section to preserve the power-on state.
\return 0 on success
\return BAD_FUNC_ARG if ctx or sramAddr is NULL
\return PUF_READ_E if sramSz < WC_PUF_RAW_BYTES
\param ctx pointer to wc_PufCtx structure
\param sramAddr pointer to raw SRAM memory region
\param sramSz size of SRAM buffer (must be >= WC_PUF_RAW_BYTES)
_Example_
\code
__attribute__((section(".puf_sram")))
static volatile uint8_t puf_sram[256];
wc_PufReadSram(&ctx, (const byte*)puf_sram, sizeof(puf_sram));
\endcode
\sa wc_PufInit
\sa wc_PufEnroll
\sa wc_PufReconstruct
*/
int wc_PufReadSram(wc_PufCtx* ctx, const byte* sramAddr, word32 sramSz);
/*!
\ingroup PUF
\brief Perform PUF enrollment. Encodes raw SRAM using BCH(127,64,t=10)
and generates public helper data. After enrollment the context is ready
for key derivation and identity retrieval.
\return 0 on success
\return BAD_FUNC_ARG if ctx is NULL
\return PUF_ENROLL_E if enrollment fails
\param ctx pointer to wc_PufCtx (must have SRAM data loaded)
_Example_
\code
wc_PufEnroll(&ctx);
XMEMCPY(helperData, ctx.helperData, WC_PUF_HELPER_BYTES);
\endcode
\sa wc_PufReadSram
\sa wc_PufReconstruct
\sa wc_PufDeriveKey
*/
int wc_PufEnroll(wc_PufCtx* ctx);
/*!
\ingroup PUF
\brief Reconstruct stable PUF bits from noisy SRAM using stored helper
data. BCH error correction (t=10) corrects up to 10 bit flips per
127-bit codeword.
\return 0 on success
\return BAD_FUNC_ARG if ctx or helperData is NULL
\return PUF_RECONSTRUCT_E on failure (too many bit errors or helperSz
too small)
\param ctx pointer to wc_PufCtx (must have SRAM data loaded)
\param helperData pointer to helper data from previous enrollment
\param helperSz size of helper data (>= WC_PUF_HELPER_BYTES)
_Example_
\code
wc_PufReconstruct(&ctx, helperData, sizeof(helperData));
\endcode
\sa wc_PufEnroll
\sa wc_PufDeriveKey
\sa wc_PufGetIdentity
*/
int wc_PufReconstruct(wc_PufCtx* ctx, const byte* helperData, word32 helperSz);
/*!
\ingroup PUF
\brief Derive a cryptographic key from PUF stable bits using HKDF.
Uses SHA-256 by default, or SHA3-256 when WC_PUF_SHA3 is defined.
The info parameter provides domain separation for multiple keys.
Requires HAVE_HKDF.
\return 0 on success
\return BAD_FUNC_ARG if ctx or key is NULL, or keySz is 0
\return PUF_DERIVE_KEY_E if PUF not ready or HKDF fails
\param ctx pointer to wc_PufCtx (must be enrolled or reconstructed)
\param info optional context info for domain separation (may be NULL;
when NULL, infoSz is treated as 0)
\param infoSz size of info in bytes
\param key output buffer for derived key
\param keySz desired key size in bytes
_Example_
\code
byte key[32];
const byte info[] = "my-app-key";
wc_PufDeriveKey(&ctx, info, sizeof(info), key, sizeof(key));
\endcode
\sa wc_PufEnroll
\sa wc_PufReconstruct
\sa wc_PufGetIdentity
*/
int wc_PufDeriveKey(wc_PufCtx* ctx, const byte* info, word32 infoSz,
byte* key, word32 keySz);
/*!
\ingroup PUF
\brief Retrieve the device identity hash (SHA-256 or SHA3-256 of stable
bits). Deterministic for a given device.
\return 0 on success
\return BAD_FUNC_ARG if ctx or id is NULL
\return PUF_IDENTITY_E if PUF not ready or idSz < WC_PUF_ID_SZ
\param ctx pointer to wc_PufCtx (must be enrolled or reconstructed)
\param id output buffer for identity hash
\param idSz size of id buffer (>= WC_PUF_ID_SZ, 32 bytes)
_Example_
\code
byte identity[WC_PUF_ID_SZ];
wc_PufGetIdentity(&ctx, identity, sizeof(identity));
\endcode
\sa wc_PufEnroll
\sa wc_PufReconstruct
\sa wc_PufDeriveKey
*/
int wc_PufGetIdentity(wc_PufCtx* ctx, byte* id, word32 idSz);
/*!
\ingroup PUF
\brief Securely zeroize all sensitive data in the PUF context using
ForceZero. Call when PUF is no longer needed.
\return 0 on success
\return BAD_FUNC_ARG if ctx is NULL
\param ctx pointer to wc_PufCtx to zeroize
_Example_
\code
wc_PufZeroize(&ctx);
\endcode
\sa wc_PufInit
*/
int wc_PufZeroize(wc_PufCtx* ctx);
/*!
\ingroup PUF
\brief Inject synthetic SRAM test data for testing without hardware.
Only available when WOLFSSL_PUF_TEST is defined.
\return 0 on success
\return BAD_FUNC_ARG if ctx or data is NULL
\return PUF_READ_E if sz < WC_PUF_RAW_BYTES
\param ctx pointer to wc_PufCtx
\param data pointer to synthetic SRAM data
\param sz size of data (>= WC_PUF_RAW_BYTES, 256 bytes)
_Example_
\code
byte testSram[WC_PUF_RAW_BYTES];
wc_PufSetTestData(&ctx, testSram, sizeof(testSram));
\endcode
\sa wc_PufInit
\sa wc_PufReadSram
*/
int wc_PufSetTestData(wc_PufCtx* ctx, const byte* data, word32 sz);
+237
View File
@@ -583,3 +583,240 @@ int wc_Entropy_Get(int bits, unsigned char* entropy, word32 len);
\sa wc_Entropy_Get
*/
int wc_Entropy_OnDemandTest(void);
/*!
\ingroup Random
\brief Runs the SHA-512 Hash_DRBG Known Answer Test (KAT) per
SP 800-90A. Instantiates a SHA-512 DRBG with seedA, optionally
reseeds with seedB, generates output, and compares against known
test vectors. Available when WOLFSSL_DRBG_SHA512 is defined.
\return 0 On success
\return BAD_FUNC_ARG If seedA or output is NULL, or if reseed is
set and seedB is NULL
\return -1 Test failed
\param reseed Non-zero to test reseeding
\param seedA Initial entropy seed
\param seedASz Size of seedA in bytes
\param seedB Reseed entropy (required if reseed is set)
\param seedBSz Size of seedB in bytes
\param output Buffer to receive generated output
\param outputSz Size of output in bytes
_Example_
\code
byte output[WC_SHA512_DIGEST_SIZE * 4];
const byte seedA[] = { ... };
const byte seedB[] = { ... };
ret = wc_RNG_HealthTest_SHA512(0, seedA, sizeof(seedA), NULL, 0,
output, sizeof(output));
if (ret != 0)
return -1;
ret = wc_RNG_HealthTest_SHA512(1, seedA, sizeof(seedA),
seedB, sizeof(seedB),
output, sizeof(output));
if (ret != 0)
return -1;
\endcode
\sa wc_RNG_HealthTest
\sa wc_RNG_HealthTest_SHA512_ex
*/
int wc_RNG_HealthTest_SHA512(int reseed, const byte* seedA, word32 seedASz,
const byte* seedB, word32 seedBSz,
byte* output, word32 outputSz);
/*!
\ingroup Random
\brief Extended SHA-512 Hash_DRBG health test with nonce,
personalization string, and additional input support. Suitable
for full ACVP / CAVP test vector validation. Available when
WOLFSSL_DRBG_SHA512 is defined.
\return 0 On success
\return BAD_FUNC_ARG If required params are NULL
\return -1 Test failed
\param reseed Non-zero to test reseeding
\param nonce Nonce buffer (can be NULL)
\param nonceSz Nonce size
\param persoString Personalization string (can be NULL)
\param persoStringSz Personalization string size
\param seedA Initial entropy seed
\param seedASz Initial seed size
\param seedB Reseed entropy (required if reseed is set)
\param seedBSz Reseed size
\param additionalA Additional input for first generate (can be NULL)
\param additionalASz Additional input A size
\param additionalB Additional input for second generate (can be NULL)
\param additionalBSz Additional input B size
\param output Output buffer
\param outputSz Output size
\param heap Heap hint (can be NULL)
\param devId Device ID (INVALID_DEVID for software)
_Example_
\code
byte output[WC_SHA512_DIGEST_SIZE * 4];
const byte seedA[] = { ... };
const byte nonce[] = { ... };
int ret = wc_RNG_HealthTest_SHA512_ex(0, nonce, sizeof(nonce),
NULL, 0,
seedA, sizeof(seedA),
NULL, 0,
NULL, 0, NULL, 0,
output, sizeof(output),
NULL, INVALID_DEVID);
\endcode
\sa wc_RNG_HealthTest_SHA512
\sa wc_RNG_HealthTest_ex
*/
int wc_RNG_HealthTest_SHA512_ex(int reseed, const byte* nonce, word32 nonceSz,
const byte* persoString, word32 persoStringSz,
const byte* seedA, word32 seedASz,
const byte* seedB, word32 seedBSz,
const byte* additionalA, word32 additionalASz,
const byte* additionalB, word32 additionalBSz,
byte* output, word32 outputSz,
void* heap, int devId);
/*!
\ingroup Random
\brief Disables the SHA-256 Hash_DRBG at runtime. When disabled,
newly initialized WC_RNG instances will not use the SHA-256 DRBG.
If the SHA-512 DRBG is enabled (WOLFSSL_DRBG_SHA512), new RNG
instances will use SHA-512 instead. Requires HAVE_HASHDRBG.
\return 0 On success
_Example_
\code
wc_Sha256Drbg_Disable();
// New WC_RNG instances will now use SHA-512 DRBG if available
WC_RNG rng;
wc_InitRng(&rng);
\endcode
\sa wc_Sha256Drbg_Enable
\sa wc_Sha256Drbg_IsDisabled
\sa wc_Sha512Drbg_Disable
*/
int wc_Sha256Drbg_Disable(void);
/*!
\ingroup Random
\brief Re-enables the SHA-256 Hash_DRBG at runtime after a prior
call to wc_Sha256Drbg_Disable(). Requires HAVE_HASHDRBG.
\return 0 On success
_Example_
\code
wc_Sha256Drbg_Disable();
// ... use SHA-512 DRBG only ...
wc_Sha256Drbg_Enable();
// New WC_RNG instances can use SHA-256 DRBG again
\endcode
\sa wc_Sha256Drbg_Disable
\sa wc_Sha256Drbg_IsDisabled
*/
int wc_Sha256Drbg_Enable(void);
/*!
\ingroup Random
\brief Returns whether the SHA-256 Hash_DRBG is currently disabled.
Requires HAVE_HASHDRBG.
\return 1 SHA-256 DRBG is disabled
\return 0 SHA-256 DRBG is enabled (not disabled)
_Example_
\code
if (wc_Sha256Drbg_IsDisabled()) {
printf("SHA-256 DRBG is off\n");
}
\endcode
\sa wc_Sha256Drbg_Disable
\sa wc_Sha256Drbg_Enable
*/
int wc_Sha256Drbg_IsDisabled(void);
/*!
\ingroup Random
\brief Disables the SHA-512 Hash_DRBG at runtime. When disabled,
newly initialized WC_RNG instances will not use the SHA-512 DRBG.
If the SHA-256 DRBG is still enabled, new RNG instances will fall
back to SHA-256. Available when WOLFSSL_DRBG_SHA512 is defined.
Requires HAVE_HASHDRBG.
\return 0 On success
_Example_
\code
wc_Sha512Drbg_Disable();
// New WC_RNG instances will now use SHA-256 DRBG
WC_RNG rng;
wc_InitRng(&rng);
\endcode
\sa wc_Sha512Drbg_Enable
\sa wc_Sha512Drbg_IsDisabled
\sa wc_Sha256Drbg_Disable
*/
int wc_Sha512Drbg_Disable(void);
/*!
\ingroup Random
\brief Re-enables the SHA-512 Hash_DRBG at runtime after a prior
call to wc_Sha512Drbg_Disable(). Available when WOLFSSL_DRBG_SHA512
is defined. Requires HAVE_HASHDRBG.
\return 0 On success
_Example_
\code
wc_Sha512Drbg_Disable();
// ... use SHA-256 DRBG only ...
wc_Sha512Drbg_Enable();
// New WC_RNG instances can use SHA-512 DRBG again
\endcode
\sa wc_Sha512Drbg_Disable
\sa wc_Sha512Drbg_IsDisabled
*/
int wc_Sha512Drbg_Enable(void);
/*!
\ingroup Random
\brief Returns whether the SHA-512 Hash_DRBG is currently disabled.
Available when WOLFSSL_DRBG_SHA512 is defined. Requires HAVE_HASHDRBG.
\return 1 SHA-512 DRBG is disabled
\return 0 SHA-512 DRBG is enabled (not disabled)
_Example_
\code
if (wc_Sha512Drbg_IsDisabled()) {
printf("SHA-512 DRBG is off\n");
}
\endcode
\sa wc_Sha512Drbg_Disable
\sa wc_Sha512Drbg_Enable
*/
int wc_Sha512Drbg_IsDisabled(void);
+47
View File
@@ -4496,6 +4496,53 @@ WOLFSSL_METHOD* wolfSSLv23_client_method(void);
*/
int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p);
/*!
\ingroup IO
\brief This is used to set the init flag of a BIO, indicating whether
the BIO has been initialised and is ready for use. Typically called
from a custom BIO create callback.
\param bio WOLFSSL_BIO structure to set the init flag on.
\param init value to set (0 = not initialised, 1 = initialised).
_Example_
\code
WOLFSSL_BIO* bio;
// inside a custom BIO create callback
wolfSSL_BIO_set_init(bio, 1);
\endcode
\sa wolfSSL_BIO_get_init
\sa wolfSSL_BIO_new
*/
void wolfSSL_BIO_set_init(WOLFSSL_BIO* bio, int init);
/*!
\ingroup IO
\brief This is used to retrieve the init flag of a BIO, indicating
whether the BIO has been initialised and is ready for use.
\return 1 if the BIO has been initialised.
\return 0 if the BIO has not been initialised or bio is NULL.
\param bio WOLFSSL_BIO structure to query.
_Example_
\code
WOLFSSL_BIO* bio;
// create bio with custom method
if (wolfSSL_BIO_get_init(bio)) {
// bio is ready
}
\endcode
\sa wolfSSL_BIO_set_init
\sa wolfSSL_BIO_new
*/
int wolfSSL_BIO_get_init(WOLFSSL_BIO* bio);
/*!
\ingroup IO
+793
View File
@@ -0,0 +1,793 @@
/*!
\ingroup SLH_DSA
\brief Initializes an SLH-DSA key object with the specified parameter set.
Must be called before any other SLH-DSA operation. Use wc_SlhDsaKey_Free()
to release resources when done.
SLH-DSA (FIPS 205) is a stateless hash-based digital signature algorithm.
Parameter sets control the hash function (SHAKE or SHA2), security level
(128, 192, 256), and speed/size tradeoff (s = small signatures,
f = fast signing).
\return 0 on success.
\return BAD_FUNC_ARG if key is NULL or param is invalid.
\param [in,out] key Pointer to the SlhDsaKey to initialize.
\param [in] param Parameter set to use. One of: SLHDSA_SHAKE128S,
SLHDSA_SHAKE128F, SLHDSA_SHAKE192S, SLHDSA_SHAKE192F, SLHDSA_SHAKE256S,
SLHDSA_SHAKE256F, SLHDSA_SHA2_128S, SLHDSA_SHA2_128F, SLHDSA_SHA2_192S,
SLHDSA_SHA2_192F, SLHDSA_SHA2_256S, SLHDSA_SHA2_256F.
\param [in] heap Pointer to heap hint for dynamic memory allocation.
May be NULL.
\param [in] devId Device identifier for hardware crypto callbacks.
Use INVALID_DEVID for software-only.
_Example_
\code
SlhDsaKey key;
int ret;
ret = wc_SlhDsaKey_Init(&key, SLHDSA_SHAKE128F, NULL, INVALID_DEVID);
if (ret != 0) {
// error initializing key
}
// ... use key ...
wc_SlhDsaKey_Free(&key);
\endcode
\sa wc_SlhDsaKey_Free
\sa wc_SlhDsaKey_MakeKey
*/
int wc_SlhDsaKey_Init(SlhDsaKey* key, enum SlhDsaParam param,
void* heap, int devId);
/*!
\ingroup SLH_DSA
\brief Frees resources associated with an SLH-DSA key object.
\param [in,out] key Pointer to the SlhDsaKey to free. May be NULL.
_Example_
\code
SlhDsaKey key;
wc_SlhDsaKey_Init(&key, SLHDSA_SHAKE128F, NULL, INVALID_DEVID);
// ... use key ...
wc_SlhDsaKey_Free(&key);
\endcode
\sa wc_SlhDsaKey_Init
*/
void wc_SlhDsaKey_Free(SlhDsaKey* key);
/*!
\ingroup SLH_DSA
\brief Generates a new SLH-DSA key pair using the RNG for randomness.
The key must have been initialized with wc_SlhDsaKey_Init() first.
\return 0 on success.
\return BAD_FUNC_ARG if key or rng is NULL, or key is not initialized.
\param [in,out] key Pointer to an initialized SlhDsaKey.
\param [in] rng Pointer to an initialized WC_RNG.
_Example_
\code
SlhDsaKey key;
WC_RNG rng;
int ret;
wc_InitRng(&rng);
wc_SlhDsaKey_Init(&key, SLHDSA_SHAKE128F, NULL, INVALID_DEVID);
ret = wc_SlhDsaKey_MakeKey(&key, &rng);
if (ret != 0) {
// error generating key
}
\endcode
\sa wc_SlhDsaKey_Init
\sa wc_SlhDsaKey_MakeKeyWithRandom
*/
int wc_SlhDsaKey_MakeKey(SlhDsaKey* key, WC_RNG* rng);
/*!
\ingroup SLH_DSA
\brief Generates an SLH-DSA key pair from caller-provided seed material.
This is the deterministic key generation interface — given the same seeds,
the same key pair is produced.
\return 0 on success.
\return BAD_FUNC_ARG if key or any seed pointer is NULL, or lengths
do not match the parameter set's n value.
\param [in,out] key Pointer to an initialized SlhDsaKey.
\param [in] sk_seed Secret key seed (n bytes).
\param [in] sk_seed_len Length of sk_seed.
\param [in] sk_prf Secret key PRF seed (n bytes).
\param [in] sk_prf_len Length of sk_prf.
\param [in] pk_seed Public key seed (n bytes).
\param [in] pk_seed_len Length of pk_seed.
_Example_
\code
SlhDsaKey key;
byte sk_seed[16], sk_prf[16], pk_seed[16]; // n=16 for 128-bit params
int ret;
// fill seeds with known values (e.g. from NIST test vectors)
wc_SlhDsaKey_Init(&key, SLHDSA_SHAKE128F, NULL, INVALID_DEVID);
ret = wc_SlhDsaKey_MakeKeyWithRandom(&key,
sk_seed, sizeof(sk_seed),
sk_prf, sizeof(sk_prf),
pk_seed, sizeof(pk_seed));
\endcode
\sa wc_SlhDsaKey_MakeKey
*/
int wc_SlhDsaKey_MakeKeyWithRandom(SlhDsaKey* key,
const byte* sk_seed, word32 sk_seed_len,
const byte* sk_prf, word32 sk_prf_len,
const byte* pk_seed, word32 pk_seed_len);
/*!
\ingroup SLH_DSA
\brief Signs a message using the SLH-DSA external (pure) interface with
deterministic randomness. This is FIPS 205 Algorithm 22 with opt_rand set
to PK.seed. The message M is wrapped internally as
M' = 0x00 || len(ctx) || ctx || M before signing.
\return 0 on success.
\return BAD_FUNC_ARG if key, msg, sig, or sigSz is NULL.
\return BUFFER_E if the output buffer is too small.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] ctx Context string for domain separation. May be NULL if
ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to sign.
\param [in] msgSz Length of the message.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
_Example_
\code
SlhDsaKey key;
byte sig[WC_SLHDSA_MAX_SIG_LEN];
word32 sigSz = sizeof(sig);
byte msg[] = "Hello World!";
int ret;
// key already generated via wc_SlhDsaKey_MakeKey()
ret = wc_SlhDsaKey_SignDeterministic(&key, NULL, 0,
msg, sizeof(msg), sig, &sigSz);
\endcode
\sa wc_SlhDsaKey_SignWithRandom
\sa wc_SlhDsaKey_Sign
\sa wc_SlhDsaKey_Verify
*/
int wc_SlhDsaKey_SignDeterministic(SlhDsaKey* key, const byte* ctx,
byte ctxSz, const byte* msg, word32 msgSz, byte* sig, word32* sigSz);
/*!
\ingroup SLH_DSA
\brief Signs a message using the SLH-DSA external (pure) interface with
caller-provided additional randomness. This is FIPS 205 Algorithm 22 with
an explicit opt_rand value.
\return 0 on success.
\return BAD_FUNC_ARG if key, msg, sig, sigSz, or addRnd is NULL.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to sign.
\param [in] msgSz Length of the message.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
\param [in] addRnd Additional randomness (n bytes, where n is the
parameter set's security parameter).
_Example_
\code
SlhDsaKey key;
byte sig[WC_SLHDSA_MAX_SIG_LEN];
word32 sigSz = sizeof(sig);
byte msg[] = "Hello World!";
byte addRnd[16]; // n=16 for 128-bit params
int ret;
wc_RNG_GenerateBlock(&rng, addRnd, sizeof(addRnd));
ret = wc_SlhDsaKey_SignWithRandom(&key, NULL, 0,
msg, sizeof(msg), sig, &sigSz, addRnd);
\endcode
\sa wc_SlhDsaKey_SignDeterministic
\sa wc_SlhDsaKey_Sign
*/
int wc_SlhDsaKey_SignWithRandom(SlhDsaKey* key, const byte* ctx,
byte ctxSz, const byte* msg, word32 msgSz, byte* sig, word32* sigSz,
const byte* addRnd);
/*!
\ingroup SLH_DSA
\brief Signs a message using the SLH-DSA external (pure) interface with
RNG-provided randomness. This is the general-purpose signing function
that uses the WC_RNG for opt_rand.
\return 0 on success.
\return BAD_FUNC_ARG if key, msg, sig, sigSz, or rng is NULL.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to sign.
\param [in] msgSz Length of the message.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
\param [in] rng Pointer to an initialized WC_RNG.
_Example_
\code
SlhDsaKey key;
WC_RNG rng;
byte sig[WC_SLHDSA_MAX_SIG_LEN];
word32 sigSz = sizeof(sig);
byte msg[] = "Hello World!";
int ret;
ret = wc_SlhDsaKey_Sign(&key, NULL, 0,
msg, sizeof(msg), sig, &sigSz, &rng);
\endcode
\sa wc_SlhDsaKey_SignDeterministic
\sa wc_SlhDsaKey_Verify
*/
int wc_SlhDsaKey_Sign(SlhDsaKey* key, const byte* ctx,
byte ctxSz, const byte* msg, word32 msgSz, byte* sig, word32* sigSz,
WC_RNG* rng);
/*!
\ingroup SLH_DSA
\brief Verifies an SLH-DSA signature over a message using the external
(pure) interface. This is FIPS 205 Algorithm 23. The message is wrapped
internally as M' = 0x00 || len(ctx) || ctx || M before verification.
\return 0 on success (signature valid).
\return BAD_FUNC_ARG if key, msg, or sig is NULL.
\return SIG_VERIFY_E if the signature is invalid.
\param [in] key Pointer to a public SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to verify.
\param [in] msgSz Length of the message.
\param [in] sig Pointer to the signature to verify.
\param [in] sigSz Length of the signature.
_Example_
\code
SlhDsaKey key;
byte sig[...]; // previously generated signature
word32 sigSz;
byte msg[] = "Hello World!";
int ret;
ret = wc_SlhDsaKey_Verify(&key, NULL, 0,
msg, sizeof(msg), sig, sigSz);
if (ret == 0) {
// signature is valid
}
\endcode
\sa wc_SlhDsaKey_Sign
\sa wc_SlhDsaKey_SignDeterministic
*/
int wc_SlhDsaKey_Verify(SlhDsaKey* key, const byte* ctx,
byte ctxSz, const byte* msg, word32 msgSz, const byte* sig,
word32 sigSz);
/*!
\ingroup SLH_DSA
\brief Signs using the SLH-DSA internal interface with deterministic
randomness. Unlike the external interface, M' is provided directly by
the caller — no 0x00||len(ctx)||ctx||M wrapping is performed. This
corresponds to FIPS 205 Algorithm 19 (slh_sign_internal) with opt_rand
set to PK.seed.
Use this when the CAVP test framework or protocol layer has already
constructed M'.
\return 0 on success.
\return BAD_FUNC_ARG if key, mprime, sig, or sigSz is NULL.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] mprime Pointer to the pre-constructed M' message.
\param [in] mprimeSz Length of M'.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
_Example_
\code
SlhDsaKey key;
byte sig[WC_SLHDSA_MAX_SIG_LEN];
word32 sigSz = sizeof(sig);
byte mprime[] = { ... }; // pre-constructed M'
int ret;
ret = wc_SlhDsaKey_SignMsgDeterministic(&key,
mprime, sizeof(mprime), sig, &sigSz);
\endcode
\sa wc_SlhDsaKey_SignMsgWithRandom
\sa wc_SlhDsaKey_VerifyMsg
\sa wc_SlhDsaKey_SignDeterministic
*/
int wc_SlhDsaKey_SignMsgDeterministic(SlhDsaKey* key,
const byte* mprime, word32 mprimeSz, byte* sig, word32* sigSz);
/*!
\ingroup SLH_DSA
\brief Signs using the SLH-DSA internal interface with caller-provided
additional randomness. M' is provided directly — no wrapping is performed.
This corresponds to FIPS 205 Algorithm 19 (slh_sign_internal) with an
explicit opt_rand value.
\return 0 on success.
\return BAD_FUNC_ARG if key, mprime, sig, sigSz, or addRnd is NULL.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] mprime Pointer to the pre-constructed M' message.
\param [in] mprimeSz Length of M'.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
\param [in] addRnd Additional randomness (n bytes).
_Example_
\code
SlhDsaKey key;
byte sig[WC_SLHDSA_MAX_SIG_LEN];
word32 sigSz = sizeof(sig);
byte mprime[] = { ... };
byte addRnd[16];
int ret;
wc_RNG_GenerateBlock(&rng, addRnd, sizeof(addRnd));
ret = wc_SlhDsaKey_SignMsgWithRandom(&key,
mprime, sizeof(mprime), sig, &sigSz, addRnd);
\endcode
\sa wc_SlhDsaKey_SignMsgDeterministic
\sa wc_SlhDsaKey_VerifyMsg
*/
int wc_SlhDsaKey_SignMsgWithRandom(SlhDsaKey* key,
const byte* mprime, word32 mprimeSz, byte* sig, word32* sigSz,
const byte* addRnd);
/*!
\ingroup SLH_DSA
\brief Verifies an SLH-DSA signature using the internal interface. M' is
provided directly — no wrapping is performed. This corresponds to FIPS 205
Algorithm 20 (slh_verify_internal).
\return 0 on success (signature valid).
\return BAD_FUNC_ARG if key, mprime, or sig is NULL.
\return SIG_VERIFY_E if the signature is invalid.
\param [in] key Pointer to a public SlhDsaKey.
\param [in] mprime Pointer to the pre-constructed M' message.
\param [in] mprimeSz Length of M'.
\param [in] sig Pointer to the signature to verify.
\param [in] sigSz Length of the signature.
_Example_
\code
SlhDsaKey key;
byte sig[...]; // previously generated signature
word32 sigSz;
byte mprime[] = { ... };
int ret;
ret = wc_SlhDsaKey_VerifyMsg(&key,
mprime, sizeof(mprime), sig, sigSz);
if (ret == 0) {
// signature is valid
}
\endcode
\sa wc_SlhDsaKey_SignMsgDeterministic
\sa wc_SlhDsaKey_Verify
*/
int wc_SlhDsaKey_VerifyMsg(SlhDsaKey* key, const byte* mprime,
word32 mprimeSz, const byte* sig, word32 sigSz);
/*!
\ingroup SLH_DSA
\brief Signs a pre-hashed message using the SLH-DSA external (HashSLH-DSA)
interface with deterministic randomness. The message is hashed with the
specified hash algorithm, then signed per FIPS 205 Algorithm 22 with the
pre-hash domain separator (0x01).
\return 0 on success.
\return BAD_FUNC_ARG if key, msg, sig, or sigSz is NULL, or hashType
is unsupported.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to hash and sign.
\param [in] msgSz Length of the message.
\param [in] hashType Hash algorithm to use for pre-hashing. Supported:
WC_HASH_TYPE_SHA256, WC_HASH_TYPE_SHA384, WC_HASH_TYPE_SHA512,
WC_HASH_TYPE_SHAKE128, WC_HASH_TYPE_SHAKE256, WC_HASH_TYPE_SHA3_224,
WC_HASH_TYPE_SHA3_256, WC_HASH_TYPE_SHA3_384, WC_HASH_TYPE_SHA3_512.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
_Example_
\code
SlhDsaKey key;
byte sig[WC_SLHDSA_MAX_SIG_LEN];
word32 sigSz = sizeof(sig);
byte msg[] = "Hello World!";
int ret;
ret = wc_SlhDsaKey_SignHashDeterministic(&key, NULL, 0,
msg, sizeof(msg), WC_HASH_TYPE_SHA256, sig, &sigSz);
\endcode
\sa wc_SlhDsaKey_SignHashWithRandom
\sa wc_SlhDsaKey_SignHash
\sa wc_SlhDsaKey_VerifyHash
*/
int wc_SlhDsaKey_SignHashDeterministic(SlhDsaKey* key,
const byte* ctx, byte ctxSz, const byte* msg, word32 msgSz,
enum wc_HashType hashType, byte* sig, word32* sigSz);
/*!
\ingroup SLH_DSA
\brief Signs a pre-hashed message using the SLH-DSA external (HashSLH-DSA)
interface with caller-provided additional randomness.
\return 0 on success.
\return BAD_FUNC_ARG if key, msg, sig, sigSz, or addRnd is NULL.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to hash and sign.
\param [in] msgSz Length of the message.
\param [in] hashType Hash algorithm to use for pre-hashing.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
\param [in] addRnd Additional randomness (n bytes).
\sa wc_SlhDsaKey_SignHashDeterministic
\sa wc_SlhDsaKey_VerifyHash
*/
int wc_SlhDsaKey_SignHashWithRandom(SlhDsaKey* key,
const byte* ctx, byte ctxSz, const byte* msg, word32 msgSz,
enum wc_HashType hashType, byte* sig, word32* sigSz, byte* addRnd);
/*!
\ingroup SLH_DSA
\brief Signs a pre-hashed message using the SLH-DSA external (HashSLH-DSA)
interface with RNG-provided randomness.
\return 0 on success.
\return BAD_FUNC_ARG if key, msg, sig, sigSz, or rng is NULL.
\param [in] key Pointer to a private SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to hash and sign.
\param [in] msgSz Length of the message.
\param [in] hashType Hash algorithm to use for pre-hashing.
\param [out] sig Buffer to receive the signature.
\param [in,out] sigSz On input, size of sig buffer. On output, actual
signature length.
\param [in] rng Pointer to an initialized WC_RNG.
\sa wc_SlhDsaKey_SignHashDeterministic
\sa wc_SlhDsaKey_VerifyHash
*/
int wc_SlhDsaKey_SignHash(SlhDsaKey* key, const byte* ctx,
byte ctxSz, const byte* msg, word32 msgSz, enum wc_HashType hashType,
byte* sig, word32* sigSz, WC_RNG* rng);
/*!
\ingroup SLH_DSA
\brief Verifies an SLH-DSA signature over a pre-hashed message
(HashSLH-DSA). The message is hashed with the specified hash algorithm
before verification.
\return 0 on success (signature valid).
\return BAD_FUNC_ARG if key, msg, or sig is NULL.
\return SIG_VERIFY_E if the signature is invalid.
\param [in] key Pointer to a public SlhDsaKey.
\param [in] ctx Context string. May be NULL if ctxSz is 0.
\param [in] ctxSz Length of the context string (0-255).
\param [in] msg Pointer to the message to hash and verify.
\param [in] msgSz Length of the message.
\param [in] hashType Hash algorithm used for pre-hashing. Must match the
hash used during signing.
\param [in] sig Pointer to the signature to verify.
\param [in] sigSz Length of the signature.
_Example_
\code
SlhDsaKey key;
byte sig[...];
word32 sigSz;
byte msg[] = "Hello World!";
int ret;
ret = wc_SlhDsaKey_VerifyHash(&key, NULL, 0,
msg, sizeof(msg), WC_HASH_TYPE_SHA256, sig, sigSz);
if (ret == 0) {
// signature is valid
}
\endcode
\sa wc_SlhDsaKey_SignHashDeterministic
\sa wc_SlhDsaKey_Verify
*/
int wc_SlhDsaKey_VerifyHash(SlhDsaKey* key, const byte* ctx,
byte ctxSz, const byte* msg, word32 msgSz, enum wc_HashType hashType,
const byte* sig, word32 sigSz);
/*!
\ingroup SLH_DSA
\brief Imports an SLH-DSA private key from a raw byte buffer. The buffer
must contain the full private key (4*n bytes: SK.seed || SK.prf ||
PK.seed || PK.root). After import, the key can be used for signing.
\return 0 on success.
\return BAD_FUNC_ARG if key or in is NULL, or inLen does not match the
expected private key size for the parameter set.
\param [in,out] key Pointer to an initialized SlhDsaKey.
\param [in] in Buffer containing the raw private key bytes.
\param [in] inLen Length of the input buffer.
_Example_
\code
SlhDsaKey key;
byte privKey[...]; // 4*n bytes
int ret;
wc_SlhDsaKey_Init(&key, SLHDSA_SHAKE128F, NULL, INVALID_DEVID);
ret = wc_SlhDsaKey_ImportPrivate(&key, privKey, sizeof(privKey));
\endcode
\sa wc_SlhDsaKey_ExportPrivate
\sa wc_SlhDsaKey_ImportPublic
*/
int wc_SlhDsaKey_ImportPrivate(SlhDsaKey* key, const byte* in,
word32 inLen);
/*!
\ingroup SLH_DSA
\brief Imports an SLH-DSA public key from a raw byte buffer. The buffer
must contain PK.seed || PK.root (2*n bytes). After import, the key can
be used for verification.
\return 0 on success.
\return BAD_FUNC_ARG if key or in is NULL, or inLen does not match the
expected public key size.
\param [in,out] key Pointer to an initialized SlhDsaKey.
\param [in] in Buffer containing the raw public key bytes.
\param [in] inLen Length of the input buffer.
_Example_
\code
SlhDsaKey key;
byte pubKey[...]; // 2*n bytes
int ret;
wc_SlhDsaKey_Init(&key, SLHDSA_SHAKE128F, NULL, INVALID_DEVID);
ret = wc_SlhDsaKey_ImportPublic(&key, pubKey, sizeof(pubKey));
\endcode
\sa wc_SlhDsaKey_ExportPublic
\sa wc_SlhDsaKey_ImportPrivate
*/
int wc_SlhDsaKey_ImportPublic(SlhDsaKey* key, const byte* in,
word32 inLen);
/*!
\ingroup SLH_DSA
\brief Checks the consistency of an SLH-DSA key. For a key with both
private and public components, verifies that the public key matches the
private key.
\return 0 on success (key is valid).
\return BAD_FUNC_ARG if key is NULL.
\param [in] key Pointer to the SlhDsaKey to check.
\sa wc_SlhDsaKey_MakeKey
\sa wc_SlhDsaKey_ImportPrivate
*/
int wc_SlhDsaKey_CheckKey(SlhDsaKey* key);
/*!
\ingroup SLH_DSA
\brief Exports the private key from an SLH-DSA key object into a raw
byte buffer (4*n bytes).
\return 0 on success.
\return BAD_FUNC_ARG if key, out, or outLen is NULL.
\return BUFFER_E if the output buffer is too small.
\param [in] key Pointer to the SlhDsaKey containing a private key.
\param [out] out Buffer to receive the raw private key bytes.
\param [in,out] outLen On input, size of out buffer. On output, bytes
written.
_Example_
\code
SlhDsaKey key;
byte privKey[4 * 32]; // 4*n for 256-bit params
word32 privKeySz = sizeof(privKey);
int ret;
ret = wc_SlhDsaKey_ExportPrivate(&key, privKey, &privKeySz);
\endcode
\sa wc_SlhDsaKey_ImportPrivate
\sa wc_SlhDsaKey_ExportPublic
*/
int wc_SlhDsaKey_ExportPrivate(SlhDsaKey* key, byte* out,
word32* outLen);
/*!
\ingroup SLH_DSA
\brief Exports the public key from an SLH-DSA key object into a raw
byte buffer (2*n bytes: PK.seed || PK.root).
\return 0 on success.
\return BAD_FUNC_ARG if key, out, or outLen is NULL.
\return BUFFER_E if the output buffer is too small.
\param [in] key Pointer to the SlhDsaKey containing a public key.
\param [out] out Buffer to receive the raw public key bytes.
\param [in,out] outLen On input, size of out buffer. On output, bytes
written.
_Example_
\code
SlhDsaKey key;
byte pubKey[2 * 32];
word32 pubKeySz = sizeof(pubKey);
int ret;
ret = wc_SlhDsaKey_ExportPublic(&key, pubKey, &pubKeySz);
\endcode
\sa wc_SlhDsaKey_ImportPublic
\sa wc_SlhDsaKey_ExportPrivate
*/
int wc_SlhDsaKey_ExportPublic(SlhDsaKey* key, byte* out,
word32* outLen);
/*!
\ingroup SLH_DSA
\brief Returns the private key size in bytes for the key's parameter set.
\return Private key size in bytes (4*n) on success.
\return BAD_FUNC_ARG if key is NULL or not initialized.
\param [in] key Pointer to an initialized SlhDsaKey.
\sa wc_SlhDsaKey_PublicSize
\sa wc_SlhDsaKey_SigSize
\sa wc_SlhDsaKey_PrivateSizeFromParam
*/
int wc_SlhDsaKey_PrivateSize(SlhDsaKey* key);
/*!
\ingroup SLH_DSA
\brief Returns the public key size in bytes for the key's parameter set.
\return Public key size in bytes (2*n) on success.
\return BAD_FUNC_ARG if key is NULL or not initialized.
\param [in] key Pointer to an initialized SlhDsaKey.
\sa wc_SlhDsaKey_PrivateSize
\sa wc_SlhDsaKey_SigSize
\sa wc_SlhDsaKey_PublicSizeFromParam
*/
int wc_SlhDsaKey_PublicSize(SlhDsaKey* key);
/*!
\ingroup SLH_DSA
\brief Returns the signature size in bytes for the key's parameter set.
\return Signature size in bytes on success.
\return BAD_FUNC_ARG if key is NULL or not initialized.
\param [in] key Pointer to an initialized SlhDsaKey.
\sa wc_SlhDsaKey_PrivateSize
\sa wc_SlhDsaKey_PublicSize
\sa wc_SlhDsaKey_SigSizeFromParam
*/
int wc_SlhDsaKey_SigSize(SlhDsaKey* key);
/*!
\ingroup SLH_DSA
\brief Returns the private key size in bytes for the given parameter set
without needing an initialized key object.
\return Private key size in bytes (4*n) on success.
\return BAD_FUNC_ARG if param is invalid.
\param [in] param The SLH-DSA parameter set.
\sa wc_SlhDsaKey_PrivateSize
*/
int wc_SlhDsaKey_PrivateSizeFromParam(enum SlhDsaParam param);
/*!
\ingroup SLH_DSA
\brief Returns the public key size in bytes for the given parameter set
without needing an initialized key object.
\return Public key size in bytes (2*n) on success.
\return BAD_FUNC_ARG if param is invalid.
\param [in] param The SLH-DSA parameter set.
\sa wc_SlhDsaKey_PublicSize
*/
int wc_SlhDsaKey_PublicSizeFromParam(enum SlhDsaParam param);
/*!
\ingroup SLH_DSA
\brief Returns the signature size in bytes for the given parameter set
without needing an initialized key object.
\return Signature size in bytes on success.
\return BAD_FUNC_ARG if param is invalid.
\param [in] param The SLH-DSA parameter set.
\sa wc_SlhDsaKey_SigSize
*/
int wc_SlhDsaKey_SigSizeFromParam(enum SlhDsaParam param);
+1 -1
View File
@@ -294,7 +294,7 @@ static struct group_info groups[] = {
{ WOLFSSL_FFDHE_4096, "FFDHE_4096" },
{ WOLFSSL_FFDHE_6144, "FFDHE_6144" },
{ WOLFSSL_FFDHE_8192, "FFDHE_8192" },
#ifdef HAVE_PQC
#ifdef WOLFSSL_HAVE_MLKEM
#ifndef WOLFSSL_NO_ML_KEM
#ifndef WOLFSSL_TLS_NO_MLKEM_STANDALONE
{ WOLFSSL_ML_KEM_512, "ML_KEM_512" },
+7 -7
View File
@@ -417,7 +417,7 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
} while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
#endif
}
#ifdef HAVE_PQC
#ifdef WOLFSSL_HAVE_MLKEM
if (onlyKeyShare == 0 || onlyKeyShare == 3) {
if (usePqc) {
int group = 0;
@@ -1414,7 +1414,7 @@ static const char* client_usage_msg[][81] = {
"-7 Set minimum downgrade protocol version [0-4] "
" SSLv3(0) - TLS1.3(4)\n", /* 68 */
#endif
#ifdef HAVE_PQC
#ifdef WOLFSSL_HAVE_MLKEM
"--pqc <alg> Key Share with specified post-quantum algorithm only:\n"
#ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n"
@@ -1687,7 +1687,7 @@ static const char* client_usage_msg[][81] = {
"-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] "
" SSLv3(0) - TLS1.3(4)\n", /* 68 */
#endif
#ifdef HAVE_PQC
#ifdef WOLFSSL_HAVE_MLKEM
"--pqc <alg> post-quantum 名前付きグループとの鍵共有のみ:\n"
#ifndef WOLFSSL_NO_ML_KEM
" ML_KEM_512, ML_KEM_768, ML_KEM_1024,\n"
@@ -1959,7 +1959,7 @@ static void Usage(void)
printf("%s", msg[++msgid]); /* --wolfsentry-config */
#endif
printf("%s", msg[++msgid]); /* -7 */
#ifdef HAVE_PQC
#ifdef WOLFSSL_HAVE_MLKEM
printf("%s", msg[++msgid]); /* --pqc */
#endif
#ifdef WOLFSSL_SRTP
@@ -2140,7 +2140,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef NO_MULTIBYTE_PRINT
{ "ヘルプ", 0, 258 },
#endif
#if defined(HAVE_PQC)
#if defined(WOLFSSL_HAVE_MLKEM)
{ "pqc", 1, 259 },
#endif
#ifdef WOLFSSL_SRTP
@@ -3025,7 +3025,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break;
#endif
#if defined(HAVE_PQC)
#if defined(WOLFSSL_HAVE_MLKEM)
case 259:
{
usePqc = 1;
@@ -3235,7 +3235,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
err_sys("can't load whitewood net random config file");
#endif
#ifdef HAVE_PQC
#ifdef WOLFSSL_HAVE_MLKEM
if (usePqc) {
if (version == CLIENT_DOWNGRADE_VERSION ||
version == EITHER_DOWNGRADE_VERSION)
-1
View File
@@ -149,7 +149,6 @@ extern "C" {
#if 0 /* ML-DSA / Dilithium certificates */
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define HAVE_DILITHIUM
#define WOLFSSL_WC_DILITHIUM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
#endif

Some files were not shown because too many files have changed in this diff Show More