diff options
87 files changed, 9634 insertions, 119 deletions
@@ -1,3 +1,10 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + * configure.ac: Removed docbook tests. + (AC_CONFIG_FILES): Added gpgkeys_test and gpgkeys_mailto. + + * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Enable gpg. + 2006-08-17 Werner Koch <wk@g10code.com> * THANKS: Merged with the 1.4 one. diff --git a/Makefile.am b/Makefile.am index 119df3edb..8281496cf 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,6 +22,7 @@ ACLOCAL_AMFLAGS = -I m4 -I gl/m4 AUTOMAKE_OPTIONS = dist-bzip2 +DISTCHECK_CONFIGURE_FLAGS = --enable-gpg EXTRA_DIST = scripts/config.rpath autogen.sh README.CVS DISTCLEANFILES = g10defs.h @@ -17,6 +17,7 @@ Anthony Mulcahy anthony at kcn.ne.jp Ariel T Glenn ariel at columbia.edu Bernhard Herzog bh at intevation.de Bernhard Reiter bernhard de intevation.de +Bob Dunlop bob at xyzzy.org.uk Bob Mathews bobmathews at mindspring.com Bodo Moeller Bodo_Moeller at public.uni-hamburg.de Brendan O'Dea bod at debian.org @@ -115,6 +115,9 @@ might want to have an agent context for each service request Remove the whole stuff? ** qbits We pass a new qbit parameter to genkey - implement this in libgcrypt. +** skclist.c + As soon as we switch to libgcrypt 1.3 we should remove the hard + coded constant in random_is_faked. * common/ diff --git a/common/ChangeLog b/common/ChangeLog index c033b62d9..01777e4d0 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,9 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + * Makefile.am (libcommon_a_SOURCES): Added keyserver.h + + * openpgpdefs.h: New. Stripped from ..g10/packet.h. + 2006-08-16 Werner Koch <wk@g10code.com> * keyserver.h: Moved from ../include to here. diff --git a/common/Makefile.am b/common/Makefile.am index 7bf008caa..9bdc8dce6 100644 --- a/common/Makefile.am +++ b/common/Makefile.am @@ -30,6 +30,8 @@ AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_CFLAGS) $(KSBA_CFLAGS) \ libcommon_a_SOURCES = \ util.h i18n.h \ errors.h \ + openpgpdefs.h \ + keyserver.h \ sexp-parse.h \ sexputil.c \ maperror.c \ @@ -56,7 +58,6 @@ libcommon_a_SOURCES = \ pka.c pka.h \ http.c http.h - libsimple_pwquery_a_SOURCES = \ simple-pwquery.c simple-pwquery.h asshelp.c asshelp.h diff --git a/common/openpgpdefs.h b/common/openpgpdefs.h new file mode 100644 index 000000000..bda70fd72 --- /dev/null +++ b/common/openpgpdefs.h @@ -0,0 +1,89 @@ +/* openpgpdefs.h - Constants from the OpenPGP standard (rfc2440) + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + * USA. + */ + +#ifndef GNUPG_COMMON_OPENPGPDEFS_H +#define GNUPG_COMMON_OPENPGPDEFS_H + +typedef enum + { + PKT_NONE = 0, + PKT_PUBKEY_ENC = 1, /* Public key encrypted packet. */ + PKT_SIGNATURE = 2, /* Secret key encrypted packet. */ + PKT_SYMKEY_ENC = 3, /* Session key packet. */ + PKT_ONEPASS_SIG = 4, /* One pass sig packet. */ + PKT_SECRET_KEY = 5, /* Secret key. */ + PKT_PUBLIC_KEY = 6, /* Public key. */ + PKT_SECRET_SUBKEY = 7, /* Secret subkey. */ + PKT_COMPRESSED = 8, /* Compressed data packet. */ + PKT_ENCRYPTED = 9, /* Conventional encrypted data. */ + PKT_MARKER = 10, /* Marker packet. */ + PKT_PLAINTEXT = 11, /* Literal data packet. */ + PKT_RING_TRUST = 12, /* Keyring trust packet. */ + PKT_USER_ID = 13, /* User id packet. */ + PKT_PUBLIC_SUBKEY = 14, /* Public subkey. */ + PKT_OLD_COMMENT = 16, /* Comment packet from an OpenPGP draft. */ + PKT_ATTRIBUTE = 17, /* PGP's attribute packet. */ + PKT_ENCRYPTED_MDC = 18, /* Integrity protected encrypted data. */ + PKT_MDC = 19, /* Manipulation detection code packet. */ + PKT_COMMENT = 61, /* new comment packet (GnuPG specific). */ + PKT_GPG_CONTROL = 63 /* internal control packet (GnuPG specific). */ + } +pkttype_t; + + +typedef enum + { + SIGSUBPKT_TEST_CRITICAL = -3, + SIGSUBPKT_LIST_UNHASHED = -2, + SIGSUBPKT_LIST_HASHED = -1, + SIGSUBPKT_NONE = 0, + SIGSUBPKT_SIG_CREATED = 2, /* Signature creation time. */ + SIGSUBPKT_SIG_EXPIRE = 3, /* Signature expiration time. */ + SIGSUBPKT_EXPORTABLE = 4, /* Exportable. */ + SIGSUBPKT_TRUST = 5, /* Trust signature. */ + SIGSUBPKT_REGEXP = 6, /* Regular expression. */ + SIGSUBPKT_REVOCABLE = 7, /* Revocable. */ + SIGSUBPKT_KEY_EXPIRE = 9, /* Key expiration time. */ + SIGSUBPKT_ARR = 10, /* Additional recipient request. */ + SIGSUBPKT_PREF_SYM = 11, /* Preferred symmetric algorithms. */ + SIGSUBPKT_REV_KEY = 12, /* Revocation key. */ + SIGSUBPKT_ISSUER = 16, /* Issuer key ID. */ + SIGSUBPKT_NOTATION = 20, /* Notation data. */ + SIGSUBPKT_PREF_HASH = 21, /* Preferred hash algorithms. */ + SIGSUBPKT_PREF_COMPR = 22, /* Preferred compression algorithms. */ + SIGSUBPKT_KS_FLAGS = 23, /* Key server preferences. */ + SIGSUBPKT_PREF_KS = 24, /* Preferred key server. */ + SIGSUBPKT_PRIMARY_UID = 25, /* Primary user id. */ + SIGSUBPKT_POLICY = 26, /* Policy URL. */ + SIGSUBPKT_KEY_FLAGS = 27, /* Key flags. */ + SIGSUBPKT_SIGNERS_UID = 28, /* Signer's user id. */ + SIGSUBPKT_REVOC_REASON = 29, /* Reason for revocation. */ + SIGSUBPKT_FEATURES = 30, /* Feature flags. */ + + SIGSUBPKT_SIGNATURE = 32, /* Embedded signature. */ + + SIGSUBPKT_FLAG_CRITICAL = 128 + } +sigsubpkttype_t; + + +#endif /*GNUPG_COMMON_OPENPGPDEFS_H*/ diff --git a/configure.ac b/configure.ac index 99a074bc3..4ab9986a9 100644 --- a/configure.ac +++ b/configure.ac @@ -442,10 +442,7 @@ AC_PATH_PROG(PERL,"perl") AC_ISC_POSIX gl_EARLY AC_SYS_LARGEFILE -AC_CHECK_PROG(DOCBOOK_TO_MAN, docbook-to-man, yes, no) -AM_CONDITIONAL(HAVE_DOCBOOK_TO_MAN, test "$ac_cv_prog_DOCBOOK_TO_MAN" = yes) GNUPG_CHECK_FAQPROG -GNUPG_CHECK_DOCBOOK_TO_TEXI GNUPG_CHECK_USTAR @@ -1312,9 +1309,13 @@ sm/Makefile agent/Makefile scd/Makefile keyserver/Makefile +keyserver/gpgkeys_mailto +keyserver/gpgkeys_test +tools/gpg-zip tools/Makefile doc/Makefile tests/Makefile +tests/openpgp/Makefile ]) AC_OUTPUT diff --git a/doc/ChangeLog b/doc/ChangeLog index a697b2605..b70e70fdc 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,7 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + * Makefile.am: Added other doc files from gpg 1.4. + 2006-08-17 Werner Koch <wk@g10code.com> * Makefile.am: Added rules to build man pages. diff --git a/doc/DETAILS b/doc/DETAILS new file mode 100644 index 000000000..51a31a5b4 --- /dev/null +++ b/doc/DETAILS @@ -0,0 +1,1250 @@ + -*- text -*- +Format of colon listings +======================== +First an example: + +$ gpg --fixed-list-mode --with-colons --list-keys \ + --with-fingerprint --with-fingerprint wk@gnupg.org + +pub:f:1024:17:6C7EE1B8621CC013:899817715:1055898235::m:::scESC: +fpr:::::::::ECAF7590EB3443B5C7CF3ACB6C7EE1B8621CC013: +uid:f::::::::Werner Koch <wk@g10code.com>: +uid:f::::::::Werner Koch <wk@gnupg.org>: +sub:f:1536:16:06AD222CADF6A6E1:919537416:1036177416:::::e: +fpr:::::::::CF8BCC4B18DE08FCD8A1615906AD222CADF6A6E1: +sub:r:1536:20:5CE086B5B5A18FF4:899817788:1025961788:::::esc: +fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4: + +The double --with-fingerprint prints the fingerprint for the subkeys +too, --fixed-list-mode is themodern listing way printing dates in +seconds since Epoch and does not merge the first userID with the pub +record. + + + 1. Field: Type of record + pub = public key + crt = X.509 certificate + crs = X.509 certificate and private key available + sub = subkey (secondary key) + sec = secret key + ssb = secret subkey (secondary key) + uid = user id (only field 10 is used). + uat = user attribute (same as user id except for field 10). + sig = signature + rev = revocation signature + fpr = fingerprint: (fingerprint is in field 10) + pkd = public key data (special field format, see below) + grp = reserved for gpgsm + rvk = revocation key + tru = trust database information + spk = signature subpacket + + 2. Field: A letter describing the calculated trust. This is a single + letter, but be prepared that additional information may follow + in some future versions. (not used for secret keys) + o = Unknown (this key is new to the system) + i = The key is invalid (e.g. due to a missing self-signature) + d = The key has been disabled + (deprecated - use the 'D' in field 12 instead) + r = The key has been revoked + e = The key has expired + - = Unknown trust (i.e. no value assigned) + q = Undefined trust + '-' and 'q' may safely be treated as the same + value for most purposes + n = Don't trust this key at all + m = There is marginal trust in this key + f = The key is fully trusted + u = The key is ultimately trusted. This often means + that the secret key is available, but any key may + be marked as ultimately trusted. + 3. Field: length of key in bits. + 4. Field: Algorithm: 1 = RSA + 16 = Elgamal (encrypt only) + 17 = DSA (sometimes called DH, sign only) + 20 = Elgamal (sign and encrypt - don't use them!) + (for other id's see include/cipher.h) + 5. Field: KeyID + 6. Field: Creation Date (in UTC). For UID and UAT records, this is the + self-signature date. Note that the dae is usally printed + in seconds since epoch, however, we are migrating to an ISO + 8601 format (e.g. "19660205T091500"). This is currently + only relevant for X.509, A simple way to detect the format + is be scannning for the 'T'. + 7. Field: Key or user ID/user attribute expiration date or empty if none. + 8. Field: Used for serial number in crt records (used to be the Local-ID). + For UID and UAT records, this is a hash of the user ID contents + used to represent that exact user ID. For trust signatures, + this is the trust depth seperated by the trust value by a + space. + 9. Field: Ownertrust (primary public keys only) + This is a single letter, but be prepared that additional + information may follow in some future versions. For trust + signatures with a regular expression, this is the regular + expression value, quoted as in field 10. +10. Field: User-ID. The value is quoted like a C string to avoid + control characters (the colon is quoted "\x3a"). + This is not used with --fixed-list-mode in gpg. + A UAT record puts the attribute subpacket count here, a + space, and then the total attribute subpacket size. + In gpgsm the issuer name comes here + An FPR record stores the fingerprint here. + The fingerprint of an revocation key is stored here. +11. Field: Signature class. This is a 2 digit hexnumber followed by + either the letter 'x' for an exportable signature or the + letter 'l' for a local-only signature. + The class byte of an revocation key is also given here, + 'x' and 'l' ist used the same way. +12. Field: Key capabilities: + e = encrypt + s = sign + c = certify + a = authentication + A key may have any combination of them in any order. In + addition to these letters, the primary key has uppercase + versions of the letters to denote the _usable_ + capabilities of the entire key, and a potential letter 'D' + to indicate a disabled key. +13. Field: Used in FPR records for S/MIME keys to store the fingerprint of + the issuer certificate. This is useful to build the + certificate path based on certificates stored in the local + keyDB; it is only filled if the issue certificate is + available. The advantage of using this value is that it is + guaranteed to have been been build by the same lookup + algorithm as gpgsm uses. + For "uid" recods this lists the preferences n the sameway the + -edit menu does. + For "sig" records, this is the fingerprint of the key that + issued the signature. Note that this is only filled in if + the signature verified correctly. Note also that for + various technical reasons, this fingerprint is only + available if --no-sig-cache is used. + +14. Field Flag field used in the --edit menu output: + +15. Field Used in sec/sbb to print the serial number of a token + (internal protect mode 1002) or a '#' if that key is a + simple stub (internal protect mode 1001) + +All dates are displayed in the format yyyy-mm-dd unless you use the +option --fixed-list-mode in which case they are displayed as seconds +since Epoch. More fields may be added later, so parsers should be +prepared for this. When parsing a number the parser should stop at the +first non-number character so that additional information can later be +added. + +If field 1 has the tag "pkd", a listing looks like this: +pkd:0:1024:B665B1435F4C2 .... FF26ABB: + ! ! !-- the value + ! !------ for information number of bits in the value + !--------- index (eg. DSA goes from 0 to 3: p,q,g,y) + + +The "tru" trust database records have the fields: + + 2: Reason for staleness of trust. If this field is empty, then the + trustdb is not stale. This field may have multiple flags in it: + + o: Trustdb is old + t: Trustdb was built with a different trust model than the one we + are using now. + + 3: Trust model: + 0: Classic trust model, as used in PGP 2.x. + 1: PGP trust model, as used in PGP 6 and later. This is the same + as the classic trust model, except for the addition of trust + signatures. + + GnuPG before version 1.4 used the classic trust model by default. + GnuPG 1.4 and later uses the PGP trust model by default. + + 4: Date trustdb was created in seconds since 1/1/1970. + 5: Date trustdb will expire in seconds since 1/1/1970. + +The "spk" signature subpacket records have the fields: + + 2: Subpacket number as per RFC-2440 and later. + 3: Flags in hex. Currently the only two bits assigned are 1, to + indicate that the subpacket came from the hashed part of the + signature, and 2, to indicate the subpacket was marked critical. + 4: Length of the subpacket. Note that this is the length of the + subpacket, and not the length of field 5 below. Due to the need + for %-encoding, the length of field 5 may be up to 3x this value. + 5: The subpacket data. Printable ASCII is shown as ASCII, but other + values are rendered as %XX where XX is the hex value for the byte. + + +Format of the "--status-fd" output +================================== +Every line is prefixed with "[GNUPG:] ", followed by a keyword with +the type of the status line and a some arguments depending on the +type (maybe none); an application should always be prepared to see +more arguments in future versions. + + + NEWSIG + May be issued right before a signature verification starts. This + is useful to define a context for parsing ERROR status + messages. No arguments are currently defined. + + GOODSIG <long keyid> <username> + The signature with the keyid is good. For each signature only + one of the three codes GOODSIG, BADSIG or ERRSIG will be + emitted and they may be used as a marker for a new signature. + The username is the primary one encoded in UTF-8 and %XX + escaped. + + EXPSIG <long keyid> <username> + The signature with the keyid is good, but the signature is + expired. The username is the primary one encoded in UTF-8 and + %XX escaped. + + EXPKEYSIG <long keyid> <username> + The signature with the keyid is good, but the signature was + made by an expired key. The username is the primary one + encoded in UTF-8 and %XX escaped. + + REVKEYSIG <long keyid> <username> + The signature with the keyid is good, but the signature was + made by a revoked key. The username is the primary one + encoded in UTF-8 and %XX escaped. + + BADSIG <long keyid> <username> + The signature with the keyid has not been verified okay. + The username is the primary one encoded in UTF-8 and %XX + escaped. + + ERRSIG <long keyid> <pubkey_algo> <hash_algo> \ + <sig_class> <timestamp> <rc> + It was not possible to check the signature. This may be + caused by a missing public key or an unsupported algorithm. + A RC of 4 indicates unknown algorithm, a 9 indicates a missing + public key. The other fields give more information about + this signature. sig_class is a 2 byte hex-value. + + Note, that TIMESTAMP may either be a number with seconds since + epoch or an ISO 8601 string which can be detected by the + presence of the letter 'T' inside. + + VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp> + <expire-timestamp> <sig-version> <reserved> <pubkey-algo> + <hash-algo> <sig-class> <primary-key-fpr> + + The signature with the keyid is good. This is the same as + GOODSIG but has the fingerprint as the argument. Both status + lines are emitted for a good signature. All arguments here + are on one long line. sig-timestamp is the signature creation + time in seconds after the epoch. expire-timestamp is the + signature expiration time in seconds after the epoch (zero + means "does not expire"). sig-version, pubkey-algo, hash-algo, + and sig-class (a 2-byte hex value) are all straight from the + signature packet. PRIMARY-KEY-FPR is the fingerprint of the + primary key or identical to the first argument. This is + useful to get back to the primary key without running gpg + again for this purpose. + + Note, that *-TIMESTAMP may either be a number with seconds + since epoch or an ISO 8601 string which can be detected by the + presence of the letter 'T' inside. + + SIG_ID <radix64_string> <sig_creation_date> <sig-timestamp> + This is emitted only for signatures of class 0 or 1 which + have been verified okay. The string is a signature id + and may be used in applications to detect replay attacks + of signed messages. Note that only DLP algorithms give + unique ids - others may yield duplicated ones when they + have been created in the same second. + + Note, that SIG-TIMESTAMP may either be a number with seconds + since epoch or an ISO 8601 string which can be detected by the + presence of the letter 'T' inside. + + + ENC_TO <long keyid> <keytype> <keylength> + The message is encrypted to this keyid. + keytype is the numerical value of the public key algorithm, + keylength is the length of the key or 0 if it is not known + (which is currently always the case). + + NODATA <what> + No data has been found. Codes for what are: + 1 - No armored data. + 2 - Expected a packet but did not found one. + 3 - Invalid packet found, this may indicate a non OpenPGP + message. + 4 - signature expected but not found + You may see more than one of these status lines. + + UNEXPECTED <what> + Unexpected data has been encountered + 0 - not further specified 1 + + + TRUST_UNDEFINED <error token> + TRUST_NEVER <error token> + TRUST_MARGINAL + TRUST_FULLY + TRUST_ULTIMATE + For good signatures one of these status lines are emitted + to indicate how trustworthy the signature is. The error token + values are currently only emiited by gpgsm. + + PKA_TRUST_GOOD <mailbox> + PKA_TRUST_BAD <mailbox> + Depending on the outcome of the PKA check one of the above + status codes is emitted in addition to a TRUST_* status. + Without PKA info available or + + SIGEXPIRED + This is deprecated in favor of KEYEXPIRED. + + KEYEXPIRED <expire-timestamp> + The key has expired. expire-timestamp is the expiration time + in seconds after the epoch. + + Note, that TIMESTAMP may either be a number with seconds since + epoch or an ISO 8601 string which can be detected by the + presence of the letter 'T' inside. + + KEYREVOKED + The used key has been revoked by its owner. No arguments yet. + + BADARMOR + The ASCII armor is corrupted. No arguments yet. + + RSA_OR_IDEA + The IDEA algorithms has been used in the data. A + program might want to fallback to another program to handle + the data if GnuPG failed. This status message used to be emitted + also for RSA but this has been dropped after the RSA patent expired. + However we can't change the name of the message. + + SHM_INFO + SHM_GET + SHM_GET_BOOL + SHM_GET_HIDDEN + + GET_BOOL + GET_LINE + GET_HIDDEN + GOT_IT + + NEED_PASSPHRASE <long main keyid> <long keyid> <keytype> <keylength> + Issued whenever a passphrase is needed. + keytype is the numerical value of the public key algorithm + or 0 if this is not applicable, keylength is the length + of the key or 0 if it is not known (this is currently always the case). + + NEED_PASSPHRASE_SYM <cipher_algo> <s2k_mode> <s2k_hash> + Issued whenever a passphrase for symmetric encryption is needed. + + NEED_PASSPHRASE_PIN <card_type> <chvno> [<serialno>] + Issued whenever a PIN is requested to unlock a card. + + MISSING_PASSPHRASE + No passphrase was supplied. An application which encounters this + message may want to stop parsing immediately because the next message + will probably be a BAD_PASSPHRASE. However, if the application + is a wrapper around the key edit menu functionality it might not + make sense to stop parsing but simply ignoring the following + BAD_PASSPHRASE. + + BAD_PASSPHRASE <long keyid> + The supplied passphrase was wrong or not given. In the latter case + you may have seen a MISSING_PASSPHRASE. + + GOOD_PASSPHRASE + The supplied passphrase was good and the secret key material + is therefore usable. + + DECRYPTION_FAILED + The symmetric decryption failed - one reason could be a wrong + passphrase for a symmetrical encrypted message. + + DECRYPTION_OKAY + The decryption process succeeded. This means, that either the + correct secret key has been used or the correct passphrase + for a conventional encrypted message was given. The program + itself may return an errorcode because it may not be possible to + verify a signature for some reasons. + + NO_PUBKEY <long keyid> + NO_SECKEY <long keyid> + The key is not available + + IMPORT_CHECK <long keyid> <fingerprint> <user ID> + This status is emitted in interactive mode right before + the "import.okay" prompt. + + IMPORTED <long keyid> <username> + The keyid and name of the signature just imported + + IMPORT_OK <reason> [<fingerprint>] + The key with the primary key's FINGERPRINT has been imported. + Reason flags: + 0 := Not actually changed + 1 := Entirely new key. + 2 := New user IDs + 4 := New signatures + 8 := New subkeys + 16 := Contains private key. + The flags may be ORed. + + IMPORT_PROBLEM <reason> [<fingerprint>] + Issued for each import failure. Reason codes are: + 0 := "No specific reason given". + 1 := "Invalid Certificate". + 2 := "Issuer Certificate missing". + 3 := "Certificate Chain too long". + 4 := "Error storing certificate". + + IMPORT_RES <count> <no_user_id> <imported> <imported_rsa> <unchanged> + <n_uids> <n_subk> <n_sigs> <n_revoc> <sec_read> <sec_imported> <sec_dups> <not_imported> + Final statistics on import process (this is one long line) + + FILE_START <what> <filename> + Start processing a file <filename>. <what> indicates the performed + operation: + 1 - verify + 2 - encrypt + 3 - decrypt + + FILE_DONE + Marks the end of a file processing which has been started + by FILE_START. + + BEGIN_DECRYPTION + END_DECRYPTION + Mark the start and end of the actual decryption process. These + are also emitted when in --list-only mode. + + BEGIN_ENCRYPTION <mdc_method> <sym_algo> + END_ENCRYPTION + Mark the start and end of the actual encryption process. + + BEGIN_SIGNING + Mark the start of the actual signing process. This may be used + as an indication that all requested secret keys are ready for + use. + + DELETE_PROBLEM reason_code + Deleting a key failed. Reason codes are: + 1 - No such key + 2 - Must delete secret key first + 3 - Ambigious specification + + PROGRESS what char cur total + Used by the primegen and Public key functions to indicate progress. + "char" is the character displayed with no --status-fd enabled, with + the linefeed replaced by an 'X'. "cur" is the current amount + done and "total" is amount to be done; a "total" of 0 indicates that + the total amount is not known. 100/100 may be used to detect the + end of operation. + Well known values for WHAT: + "pk_dsa" - DSA key generation + "pk_elg" - Elgamal key generation + "primegen" - Prime generation + "need_entropy" - Waiting for new entropy in the RNG + "file:XXX" - processing file XXX + (note that current gpg versions leave out the + "file:" prefix). + "tick" - generic tick without any special meaning - useful + for letting clients know that the server is + still working. + "starting_agent" - A gpg-agent was started because it is not + running as a daemon. + + + SIG_CREATED <type> <pubkey algo> <hash algo> <class> <timestamp> <key fpr> + A signature has been created using these parameters. + type: 'D' = detached + 'C' = cleartext + 'S' = standard + (only the first character should be checked) + class: 2 hex digits with the signature class + + Note, that TIMESTAMP may either be a number with seconds since + epoch or an ISO 8601 string which can be detected by the + presence of the letter 'T' inside. + + KEY_CREATED <type> <fingerprint> [<handle>] + A key has been created + type: 'B' = primary and subkey + 'P' = primary + 'S' = subkey + The fingerprint is one of the primary key for type B and P and + the one of the subkey for S. Handle is an arbitrary + non-whitespace string used to match key parameters from batch + key creation run. + + KEY_NOT_CREATED [<handle>] + The key from batch run has not been created due to errors. + + + SESSION_KEY <algo>:<hexdigits> + The session key used to decrypt the message. This message will + only be emitted when the special option --show-session-key + is used. The format is suitable to be passed to the option + --override-session-key + + NOTATION_NAME <name> + NOTATION_DATA <string> + name and string are %XX escaped; the data may be splitted + among several notation_data lines. + + USERID_HINT <long main keyid> <string> + Give a hint about the user ID for a certain keyID. + + POLICY_URL <string> + string is %XX escaped + + BEGIN_STREAM + END_STREAM + Issued by pipemode. + + INV_RECP <reason> <requested_recipient> + Issued for each unusable recipient. The reasons codes + currently in use are: + 0 := "No specific reason given". + 1 := "Not Found" + 2 := "Ambigious specification" + 3 := "Wrong key usage" + 4 := "Key revoked" + 5 := "Key expired" + 6 := "No CRL known" + 7 := "CRL too old" + 8 := "Policy mismatch" + 9 := "Not a secret key" + 10 := "Key not trusted" + + Note that this status is also used for gpgsm's SIGNER command + where it relates to signer's of course. + + NO_RECP <reserved> + Issued when no recipients are usable. + + ALREADY_SIGNED <long-keyid> + Warning: This is experimental and might be removed at any time. + + TRUNCATED <maxno> + The output was truncated to MAXNO items. This status code is issued + for certain external requests + + ERROR <error location> <error code> + + This is a generic error status message, it might be followed + by error location specific data. <error token> and + <error_location> should not contain a space. The error code + is a either a string commencing with a letter or such string + prefix with a numerical error code and an underscore; e.g.: + "151011327_EOF" + + ATTRIBUTE <fpr> <octets> <type> <index> <count> + <timestamp> <expiredate> <flags> + This is one long line issued for each attribute subpacket when + an attribute packet is seen during key listing. <fpr> is the + fingerprint of the key. <octets> is the length of the + attribute subpacket. <type> is the attribute type + (1==image). <index>/<count> indicates that this is the Nth + indexed subpacket of count total subpackets in this attribute + packet. <timestamp> and <expiredate> are from the + self-signature on the attribute packet. If the attribute + packet does not have a valid self-signature, then the + timestamp is 0. <flags> are a bitwise OR of: + 0x01 = this attribute packet is a primary uid + 0x02 = this attribute packet is revoked + 0x04 = this attribute packet is expired + + CARDCTRL <what> [<serialno>] + This is used to control smartcard operations. + Defined values for WHAT are: + 1 = Request insertion of a card. Serialnumber may be given + to request a specific card. + 2 = Request removal of a card. + 3 = Card with serialnumber detected + 4 = No card available. + 5 = No card reader available + + + PLAINTEXT <format> <timestamp> <filename> + This indicates the format of the plaintext that is about to be + written. The format is a 1 byte hex code that shows the + format of the plaintext: 62 ('b') is binary data, 74 ('t') is + text data with no character set specified, and 75 ('u') is + text data encoded in the UTF-8 character set. The timestamp + is in seconds since the epoch. If a filename is available it + gets printed as the third argument, percent-escaped as usual. + + PLAINTEXT_LENGTH <length> + This indicates the length of the plaintext that is about to be + written. Note that if the plaintext packet has partial length + encoding it is not possible to know the length ahead of time. + In that case, this status tag does not appear. + + SIG_SUBPACKET <type> <flags> <len> <data> + This indicates that a signature subpacket was seen. The + format is the same as the "spk" record above. + + SC_OP_FAILURE [<code>] + An operation on a smartcard definitely failed. Currently + there is no indication of the actual error code, but + application should be prepared to later accept more arguments. + Defined values for CODE are: + 0 - unspecified error (identically to a missing CODE) + 1 - canceled + 2 - bad PIN + + SC_OP_SUCCESS + A smart card operaion succeeded. This status is only printed + for certain operation and is mostly useful to check whether a + PIN change really worked. + + BACKUP_KEY_CREATED fingerprint fname + A backup key named FNAME has been created for the key with + KEYID. + + +Format of the "--attribute-fd" output +===================================== + +When --attribute-fd is set, during key listings (--list-keys, +--list-secret-keys) GnuPG dumps each attribute packet to the file +descriptor specified. --attribute-fd is intended for use with +--status-fd as part of the required information is carried on the +ATTRIBUTE status tag (see above). + +The contents of the attribute data is specified by 2440bis, but for +convenience, here is the Photo ID format, as it is currently the only +attribute defined: + + Byte 0-1: The length of the image header. Due to a historical + accident (i.e. oops!) back in the NAI PGP days, this is + a little-endian number. Currently 16 (0x10 0x00). + + Byte 2: The image header version. Currently 0x01. + + Byte 3: Encoding format. 0x01 == JPEG. + + Byte 4-15: Reserved, and currently unused. + + All other data after this header is raw image (JPEG) data. + + +Format of the "--list-config" output +==================================== + +--list-config outputs information about the GnuPG configuration for +the benefit of frontends or other programs that call GnuPG. There are +several list-config items, all colon delimited like the rest of the +--with-colons output. The first field is always "cfg" to indicate +configuration information. The second field is one of (with +examples): + +version: the third field contains the version of GnuPG. + + cfg:version:1.3.5 + +pubkey: the third field contains the public key algorithmdcaiphers + this version of GnuPG supports, separated by semicolons. The + algorithm numbers are as specified in RFC-2440. + + cfg:pubkey:1;2;3;16;17 + +cipher: the third field contains the symmetric ciphers this version of + GnuPG supports, separated by semicolons. The cipher numbers + are as specified in RFC-2440. + + cfg:cipher:2;3;4;7;8;9;10 + +digest: the third field contains the digest (hash) algorithms this + version of GnuPG supports, separated by semicolons. The + digest numbers are as specified in RFC-2440. + + cfg:digest:1;2;3;8;9;10 + +compress: the third field contains the compression algorithms this + version of GnuPG supports, separated by semicolons. The + algorithm numbers are as specified in RFC-2440. + + cfg:compress:0;1;2;3 + +group: the third field contains the name of the group, and the fourth + field contains the values that the group expands to, separated + by semicolons. + +For example, a group of: + group mynames = paige 0x12345678 joe patti + +would result in: + cfg:group:mynames:patti;joe;0x12345678;paige + + +Key generation +============== + Key generation shows progress by printing different characters to + stderr: + "." Last 10 Miller-Rabin tests failed + "+" Miller-Rabin test succeeded + "!" Reloading the pool with fresh prime numbers + "^" Checking a new value for the generator + "<" Size of one factor decreased + ">" Size of one factor increased + + The prime number for Elgamal is generated this way: + + 1) Make a prime number q of 160, 200, 240 bits (depending on the keysize) + 2) Select the length of the other prime factors to be at least the size + of q and calculate the number of prime factors needed + 3) Make a pool of prime numbers, each of the length determined in step 2 + 4) Get a new permutation out of the pool or continue with step 3 + if we have tested all permutations. + 5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1 + 6) Check that this prime has the correct length (this may change q if + it seems not to be possible to make a prime of the desired length) + 7) Check whether this is a prime using trial divisions and the + Miller-Rabin test. + 8) Continue with step 4 if we did not find a prime in step 7. + 9) Find a generator for that prime. + + This algorithm is based on Lim and Lee's suggestion from the + Crypto '97 proceedings p. 260. + + +Unattended key generation +========================= +This feature allows unattended generation of keys controlled by a +parameter file. To use this feature, you use --gen-key together with +--batch and feed the parameters either from stdin or from a file given +on the commandline. + +The format of this file is as follows: + o Text only, line length is limited to about 1000 chars. + o You must use UTF-8 encoding to specify non-ascii characters. + o Empty lines are ignored. + o Leading and trailing spaces are ignored. + o A hash sign as the first non white space character indicates a comment line. + o Control statements are indicated by a leading percent sign, the + arguments are separated by white space from the keyword. + o Parameters are specified by a keyword, followed by a colon. Arguments + are separated by white space. + o The first parameter must be "Key-Type", control statements + may be placed anywhere. + o Key generation takes place when either the end of the parameter file + is reached, the next "Key-Type" parameter is encountered or at the + control statement "%commit" + o Control statements: + %echo <text> + Print <text>. + %dry-run + Suppress actual key generation (useful for syntax checking). + %commit + Perform the key generation. An implicit commit is done + at the next "Key-Type" parameter. + %pubring <filename> + %secring <filename> + Do not write the key to the default or commandline given + keyring but to <filename>. This must be given before the first + commit to take place, duplicate specification of the same filename + is ignored, the last filename before a commit is used. + The filename is used until a new filename is used (at commit points) + and all keys are written to that file. If a new filename is given, + this file is created (and overwrites an existing one). + Both control statements must be given. + o The order of the parameters does not matter except for "Key-Type" + which must be the first parameter. The parameters are only for the + generated keyblock and parameters from previous key generations are not + used. Some syntactically checks may be performed. + The currently defined parameters are: + Key-Type: <algo-number>|<algo-string> + Starts a new parameter block by giving the type of the + primary key. The algorithm must be capable of signing. + This is a required parameter. + Key-Length: <length-in-bits> + Length of the key in bits. Default is 1024. + Key-Usage: <usage-list> + Space or comma delimited list of key usage, allowed values are + "encrypt", "sign", and "auth". This is used to generate the + key flags. Please make sure that the algorithm is capable of + this usage. Note that OpenPGP requires that all primary keys + are capable of certification, so no matter what usage is given + here, the "cert" flag will be on. If no Key-Usage is + specified, all the allowed usages for that particular + algorithm are used. + Subkey-Type: <algo-number>|<algo-string> + This generates a secondary key. Currently only one subkey + can be handled. + Subkey-Length: <length-in-bits> + Length of the subkey in bits. Default is 1024. + Subkey-Usage: <usage-list> + Similar to Key-Usage. + Passphrase: <string> + If you want to specify a passphrase for the secret key, + enter it here. Default is not to use any passphrase. + Name-Real: <string> + Name-Comment: <string> + Name-Email: <string> + The 3 parts of a key. Remember to use UTF-8 here. + If you don't give any of them, no user ID is created. + Expire-Date: <iso-date>|(<number>[d|w|m|y]) + Set the expiration date for the key (and the subkey). It + may either be entered in ISO date format (2000-08-15) or as + number of days, weeks, month or years. Without a letter days + are assumed. + Preferences: <string> + Set the cipher, hash, and compression preference values for + this key. This expects the same type of string as "setpref" + in the --edit menu. + Revoker: <algo>:<fpr> [sensitive] + Add a designated revoker to the generated key. Algo is the + public key algorithm of the designated revoker (i.e. RSA=1, + DSA=17, etc.) Fpr is the fingerprint of the designated + revoker. The optional "sensitive" flag marks the designated + revoker as sensitive information. Only v4 keys may be + designated revokers. + Handle: <string> + This is an optional parameter only used with the status lines + KEY_CREATED and KEY_NOT_CREATED. STRING may be up to 100 + characters and should not contain spaces. It is useful for + batch key generation to associate a key parameter block with a + status line. + Keyserver: <string> + This is an optional parameter that specifies the preferred + keyserver URL for the key. + + +Here is an example: +$ cat >foo <<EOF + %echo Generating a standard key + Key-Type: DSA + Key-Length: 1024 + Subkey-Type: ELG-E + Subkey-Length: 1024 + Name-Real: Joe Tester + Name-Comment: with stupid passphrase + Name-Email: joe@foo.bar + Expire-Date: 0 + Passphrase: abc + %pubring foo.pub + %secring foo.sec + # Do a commit here, so that we can later print "done" :-) + %commit + %echo done +EOF +$ gpg --batch --gen-key foo + [...] +$ gpg --no-default-keyring --secret-keyring ./foo.sec \ + --keyring ./foo.pub --list-secret-keys +/home/wk/work/gnupg-stable/scratch/foo.sec +------------------------------------------ +sec 1024D/915A878D 2000-03-09 Joe Tester (with stupid passphrase) <joe@foo.bar> +ssb 1024g/8F70E2C0 2000-03-09 + + + +Layout of the TrustDB +===================== +The TrustDB is built from fixed length records, where the first byte +describes the record type. All numeric values are stored in network +byte order. The length of each record is 40 bytes. The first record of +the DB is always of type 1 and this is the only record of this type. + +FIXME: The layout changed, document it here. + + Record type 0: + -------------- + Unused record, can be reused for any purpose. + + Record type 1: + -------------- + Version information for this TrustDB. This is always the first + record of the DB and the only one with type 1. + 1 byte value 1 + 3 bytes 'gpg' magic value + 1 byte Version of the TrustDB (2) + 1 byte marginals needed + 1 byte completes needed + 1 byte max_cert_depth + The three items are used to check whether the cached + validity value from the dir record can be used. + 1 u32 locked flags [not used] + 1 u32 timestamp of trustdb creation + 1 u32 timestamp of last modification which may affect the validity + of keys in the trustdb. This value is checked against the + validity timestamp in the dir records. + 1 u32 timestamp of last validation [currently not used] + (Used to keep track of the time, when this TrustDB was checked + against the pubring) + 1 u32 record number of keyhashtable [currently not used] + 1 u32 first free record + 1 u32 record number of shadow directory hash table [currently not used] + It does not make sense to combine this table with the key table + because the keyid is not in every case a part of the fingerprint. + 1 u32 record number of the trusthashtbale + + + Record type 2: (directory record) + -------------- + Informations about a public key certificate. + These are static values which are never changed without user interaction. + + 1 byte value 2 + 1 byte reserved + 1 u32 LID . (This is simply the record number of this record.) + 1 u32 List of key-records (the first one is the primary key) + 1 u32 List of uid-records + 1 u32 cache record + 1 byte ownertrust + 1 byte dirflag + 1 byte maximum validity of all the user ids + 1 u32 time of last validity check. + 1 u32 Must check when this time has been reached. + (0 = no check required) + + + Record type 3: (key record) + -------------- + Informations about a primary public key. + (This is mainly used to lookup a trust record) + + 1 byte value 3 + 1 byte reserved + 1 u32 LID + 1 u32 next - next key record + 7 bytes reserved + 1 byte keyflags + 1 byte pubkey algorithm + 1 byte length of the fingerprint (in bytes) + 20 bytes fingerprint of the public key + (This is the value we use to identify a key) + + Record type 4: (uid record) + -------------- + Informations about a userid + We do not store the userid but the hash value of the userid because that + is sufficient. + + 1 byte value 4 + 1 byte reserved + 1 u32 LID points to the directory record. + 1 u32 next next userid + 1 u32 pointer to preference record + 1 u32 siglist list of valid signatures + 1 byte uidflags + 1 byte validity of the key calculated over this user id + 20 bytes ripemd160 hash of the username. + + + Record type 5: (pref record) + -------------- + This record type is not anymore used. + + 1 byte value 5 + 1 byte reserved + 1 u32 LID; points to the directory record (and not to the uid record!). + (or 0 for standard preference record) + 1 u32 next + 30 byte preference data + + Record type 6 (sigrec) + ------------- + Used to keep track of key signatures. Self-signatures are not + stored. If a public key is not in the DB, the signature points to + a shadow dir record, which in turn has a list of records which + might be interested in this key (and the signature record here + is one). + + 1 byte value 6 + 1 byte reserved + 1 u32 LID points back to the dir record + 1 u32 next next sigrec of this uid or 0 to indicate the + last sigrec. + 6 times + 1 u32 Local_id of signatures dir or shadow dir record + 1 byte Flag: Bit 0 = checked: Bit 1 is valid (we have a real + directory record for this) + 1 = valid is set (but may be revoked) + + + + Record type 8: (shadow directory record) + -------------- + This record is used to reserve a LID for a public key. We + need this to create the sig records of other keys, even if we + do not yet have the public key of the signature. + This record (the record number to be more precise) will be reused + as the dir record when we import the real public key. + + 1 byte value 8 + 1 byte reserved + 1 u32 LID (This is simply the record number of this record.) + 2 u32 keyid + 1 byte pubkey algorithm + 3 byte reserved + 1 u32 hintlist A list of records which have references to + this key. This is used for fast access to + signature records which are not yet checked. + Note, that this is only a hint and the actual records + may not anymore hold signature records for that key + but that the code cares about this. + 18 byte reserved + + + + Record Type 10 (hash table) + -------------- + Due to the fact that we use fingerprints to lookup keys, we can + implement quick access by some simple hash methods, and avoid + the overhead of gdbm. A property of fingerprints is that they can be + used directly as hash values. (They can be considered as strong + random numbers.) + What we use is a dynamic multilevel architecture, which combines + hashtables, record lists, and linked lists. + + This record is a hashtable of 256 entries; a special property + is that all these records are stored consecutively to make one + big table. The hash value is simple the 1st, 2nd, ... byte of + the fingerprint (depending on the indirection level). + + When used to hash shadow directory records, a different table is used + and indexed by the keyid. + + 1 byte value 10 + 1 byte reserved + n u32 recnum; n depends on the record length: + n = (reclen-2)/4 which yields 9 for the current record length + of 40 bytes. + + the total number of such record which makes up the table is: + m = (256+n-1) / n + which is 29 for a record length of 40. + + To look up a key we use the first byte of the fingerprint to get + the recnum from this hashtable and look up the addressed record: + - If this record is another hashtable, we use 2nd byte + to index this hash table and so on. + - if this record is a hashlist, we walk all entries + until we found one a matching one. + - if this record is a key record, we compare the + fingerprint and to decide whether it is the requested key; + + + Record type 11 (hash list) + -------------- + see hash table for an explanation. + This is also used for other purposes. + + 1 byte value 11 + 1 byte reserved + 1 u32 next next hash list record + n times n = (reclen-5)/5 + 1 u32 recnum + + For the current record length of 40, n is 7 + + + + Record type 254 (free record) + --------------- + All these records form a linked list of unused records. + 1 byte value 254 + 1 byte reserved (0) + 1 u32 next_free + + + +Packet Headers +=============== + +GNUPG uses PGP 2 packet headers and also understands OpenPGP packet header. +There is one enhancement used with the old style packet headers: + + CTB bits 10, the "packet-length length bits", have values listed in + the following table: + + 00 - 1-byte packet-length field + 01 - 2-byte packet-length field + 10 - 4-byte packet-length field + 11 - no packet length supplied, unknown packet length + + As indicated in this table, depending on the packet-length length + bits, the remaining 1, 2, 4, or 0 bytes of the packet structure field + are a "packet-length field". The packet-length field is a whole + number field. The value of the packet-length field is defined to be + the value of the whole number field. + + A value of 11 is currently used in one place: on compressed data. + That is, a compressed data block currently looks like <A3 01 . . .>, + where <A3>, binary 10 1000 11, is an indefinite-length packet. The + proper interpretation is "until the end of the enclosing structure", + although it should never appear outermost (where the enclosing + structure is a file). + ++ This will be changed with another version, where the new meaning of ++ the value 11 (see below) will also take place. ++ ++ A value of 11 for other packets enables a special length encoding, ++ which is used in case, where the length of the following packet can ++ not be determined prior to writing the packet; especially this will ++ be used if large amounts of data are processed in filter mode. ++ ++ It works like this: After the CTB (with a length field of 11) a ++ marker field is used, which gives the length of the following datablock. ++ This is a simple 2 byte field (MSB first) containing the amount of data ++ following this field, not including this length field. After this datablock ++ another length field follows, which gives the size of the next datablock. ++ A value of 0 indicates the end of the packet. The maximum size of a ++ data block is limited to 65534, thereby reserving a value of 0xffff for ++ future extensions. These length markers must be inserted into the data ++ stream just before writing the data out. ++ ++ This 2 byte field is large enough, because the application must buffer ++ this amount of data to prepend the length marker before writing it out. ++ Data block sizes larger than about 32k doesn't make any sense. Note ++ that this may also be used for compressed data streams, but we must use ++ another packet version to tell the application that it can not assume, ++ that this is the last packet. + + +GNU extensions to the S2K algorithm +=================================== +S2K mode 101 is used to identify these extensions. +After the hash algorithm the 3 bytes "GNU" are used to make +clear that these are extensions for GNU, the next bytes gives the +GNU protection mode - 1000. Defined modes are: + 1001 - do not store the secret part at all + 1002 - a stub to access smartcards (not used in 1.2.x) + + +Pipemode +======== +NOTE: This is deprecated and will be removed in future versions. + +This mode can be used to perform multiple operations with one call to +gpg. It comes handy in cases where you have to verify a lot of +signatures. Currently we support only detached signatures. This mode +is a kludge to avoid running gpg n daemon mode and using Unix Domain +Sockets to pass the data to it. There is no easy portable way to do +this under Windows, so we use plain old pipes which do work well under +Windows. Because there is no way to signal multiple EOFs in a pipe we +have to embed control commands in the data stream: We distinguish +between a data state and a control state. Initially the system is in +data state but it won't accept any data. Instead it waits for +transition to control state which is done by sending a single '@' +character. While in control state the control command os expected and +this command is just a single byte after which the system falls back +to data state (but does not necesary accept data now). The simplest +control command is a '@' which just inserts this character into the +data stream. + +Here is the format we use for detached signatures: +"@<" - Begin of new stream +"@B" - Detached signature follows. + This emits a control packet (1,'B') +<detached_signature> +"@t" - Signed text follows. + This emits the control packet (2, 'B') +<signed_text> +"@." - End of operation. The final control packet forces signature + verification +"@>" - End of stream + + + + + + +Other Notes +=========== + * For packet version 3 we calculate the keyids this way: + RSA := low 64 bits of n + ELGAMAL := build a v3 pubkey packet (with CTB 0x99) and calculate + a rmd160 hash value from it. This is used as the + fingerprint and the low 64 bits are the keyid. + + * Revocation certificates consist only of the signature packet; + "import" knows how to handle this. The rationale behind it is + to keep them small. + + + + + + + +Keyserver Message Format +========================= + +The keyserver may be contacted by a Unix Domain socket or via TCP. + +The format of a request is: + +==== +command-tag +"Content-length:" digits +CRLF +======= + +Where command-tag is + +NOOP +GET <user-name> +PUT +DELETE <user-name> + + +The format of a response is: + +====== +"GNUPG/1.0" status-code status-text +"Content-length:" digits +CRLF +============ +followed by <digits> bytes of data + + +Status codes are: + + o 1xx: Informational - Request received, continuing process + + o 2xx: Success - The action was successfully received, understood, + and accepted + + o 4xx: Client Error - The request contains bad syntax or cannot be + fulfilled + + o 5xx: Server Error - The server failed to fulfill an apparently + valid request + + + +Documentation on HKP (the http keyserver protocol): + +A minimalistic HTTP server on port 11371 recognizes a GET for /pks/lookup. +The standard http URL encoded query parameters are this (always key=value): + +- op=index (like pgp -kv), op=vindex (like pgp -kvv) and op=get (like + pgp -kxa) + +- search=<stringlist>. This is a list of words that must occur in the key. + The words are delimited with space, points, @ and so on. The delimiters + are not searched for and the order of the words doesn't matter (but see + next option). + +- exact=on. This switch tells the hkp server to only report exact matching + keys back. In this case the order and the "delimiters" are important. + +- fingerprint=on. Also reports the fingerprints when used with 'index' or + 'vindex' + +The keyserver also recognizes http-POSTs to /pks/add. Use this to upload +keys. + + +A better way to do this would be a request like: + + /pks/lookup/<gnupg_formatierte_user_id>?op=<operation> + +This can be implemented using Hurd's translator mechanism. +However, I think the whole key server stuff has to be re-thought; +I have some ideas and probably create a white paper. + diff --git a/doc/HACKING b/doc/HACKING new file mode 100644 index 000000000..eee9f628b --- /dev/null +++ b/doc/HACKING @@ -0,0 +1,305 @@ + A Hacker's Guide to GNUPG + ================================ + (Some notes on GNUPG internals.) + + + ===> Under construction <======= + + +CVS Access +========== + +NOTE: CVS access has been disabled while we are migrating to Subversion. +Watch www.gnupg.org for instarctions on how to use the Subversion repository. + +Anonymous read-only CVS access is available: + + cvs -z3 -d :pserver:anoncvs@cvs.gnupg.org:/cvs/gnupg login + +use the password "anoncvs". To check out the the complete +archive use: + + cvs -z3 -d :pserver:anoncvs@cvs.gnupg.org:/cvs/gnupg \ + checkout -R STABLE-BRANCH-1-0 gnupg + +This service is provided to help you in hunting bugs and not to deliver +stable snapshots; it may happen that it even does not compile, so please +don't complain. CVS may put a high load on a server, so please don't poll +poll for new updates but wait for an announcement; to receive this you may +want to subscribe to: + + gnupg-commit-watchers@gnupg.org + +by sending a mail with subject "subscribe" to + + gnupg-commit-watchers-request@gnupg.org + + +You must run scripts/autogen.sh before doing the ./configure, +as this creates some needed while which are not in the CVS. +autogen.sh should checks that you have all required tools +installed. + + +RSYNC access +============ +The FTP archive is also available by anonymous rsync. A daily snapshot +of the CVS head revision is also available. See rsync(1) and try +"rsync ftp.gnupg.org::" to see available resources. + + + +Special Tools +============= +Documentation is based on the docbook DTD. Actually we have only the +man page for now. To build a man page you need the docbook-to-man +tool and all the other thinks needed for SGML processing. Debian +comes with the docbook tools and you only need this docbook-to-man +script which is comes with gtk-doc or download it from +ftp.openit.de:/pub/devel/sgml. If you don't have it everything +should still work fine but you will have only a dummy man page. + + +RFCs +==== + +1423 Privacy Enhancement for Internet Electronic Mail: + Part III: Algorithms, Modes, and Identifiers. + +1489 Registration of a Cyrillic Character Set. + +1750 Randomness Recommendations for Security. + +1991 PGP Message Exchange Formats. + +2015 MIME Security with Pretty Good Privacy (PGP). + +2144 The CAST-128 Encryption Algorithm. + +2279 UTF-8, a transformation format of ISO 10646. + +2440 OpenPGP. + + + +Debug Flags +----------- +Use the option "--debug n" to output debug information. This option +can be used multiple times, all values are ORed; n maybe prefixed with +0x to use hex-values. + + value used for + ----- ---------------------------------------------- + 1 packet reading/writing + 2 MPI details + 4 ciphers and primes (may reveal sensitive data) + 8 iobuf filter functions + 16 iobuf stuff + 32 memory allocation stuff + 64 caching + 128 show memory statistics at exit + 256 trust verification stuff + + + + +Directory Layout +---------------- + ./ Readme, configure + ./scripts Scripts needed by configure and others + ./doc Documentation + ./util General purpose utility function + ./mpi Multi precision integer library + ./cipher Cryptographic functions + ./g10 GnuPG application + ./tools Some helper and demo programs + ./keybox The keybox library (under construction) + ./gcrypt Stuff needed to build libgcrypt (under construction) + + +Detailed Roadmap +---------------- +g10/g10.c Main module with option parsing and all the stuff you have + to do on startup. Also has the exout handler and some + helper functions. +g10/sign.c Create signature and optionally encrypt + +g10/parse-packet.c +g10/build-packet.c +g10/free-packet.c + Parsing and creating of OpenPGP message packets. + +g10/getkey.c Key selection code +g10/pkclist.c Build a list of public keys +g10/skclist.c Build a list of secret keys +g10/ringedit.c Keyring I/O +g10/keydb.h + +g10/keyid.c Helper functions to get the keyid, fingerprint etc. + + +g10/trustdb.c +g10/trustdb.h +g10/tdbdump.c + Management of the trustdb.gpg + +g10/compress.c Filter to handle compression +g10/filter.h Declarations for all filter functions +g10/delkey.c Delete a key +g10/kbnode.c Helper for the KBNODE linked list +g10/main.h Prototypes and some constants +g10/mainproc.c Message processing +g10/armor.c Ascii armor filter +g10/mdfilter.c Filter to calculate hashs +g10/textfilter.c Filter to handle CR/LF and trailing white space +g10/cipher.c En-/Decryption filter +g10/misc.c Utlity functions +g10/options.h Structure with all the command line options + and related constants +g10/openfile.c Create/Open Files +g10/tdbio.c I/O handling for the trustdb.gpg +g10/tdbio.h +g10/hkp.h Keyserver access +g10/hkp.c +g10/packet.h Defintion of OpenPGP structures. +g10/passphrase.c Passphrase handling code +g10/pubkey-enc.c +g10/seckey-cert.c +g10/seskey.c +g10/import.c +g10/export.c +g10/comment.c +g10/status.c +g10/status.h +g10/sign.c +g10/plaintext.c +g10/encr-data.c +g10/encode.c +g10/revoke.c +g10/keylist.c +g10/sig-check.c +g10/signal.c +g10/helptext.c +g10/verify.c +g10/decrypt.c +g10/keyedit.c +g10/dearmor.c +g10/keygen.c + + + +Memory allocation +----------------- +Use only the functions: + + m_alloc() + m_alloc_clear() + m_strdup() + m_free() + +If you want to store a passphrase or some other sensitive data you may +want to use m_alloc_secure() instead of m_alloc(), as this puts the data +into a memory region which is protected from swapping (on some platforms). +m_free() works for both. This functions will not return if there is not +enough memory available. + + + +Logging +------- + + + + + + +Option parsing +--------------- +GNUPG does not use getopt or GNU getopt but functions of it's own. See +util/argparse.c for details. The advantage of these functions is that +it is more easy to display and maintain the help texts for the options. +The same option table is also used to parse resource files. + + + +What is an IOBUF +---------------- +This is the data structure used for most I/O of gnupg. It is similar +to System V Streams but much simpler. Because OpenPGP messages are nested +in different ways; the use of such a system has big advantages. Here is +an example, how it works: If the parser sees a packet header with a partial +length, it pushes the block_filter onto the IOBUF to handle these partial +length packets: from now on you don't have to worry about this. When it sees +a compressed packet it pushes the uncompress filter and the next read byte +is one which has already been uncompressed by this filter. Same goes for +enciphered packet, plaintext packets and so on. The file g10/encode.c +might be a good staring point to see how it is used - actually this is +the other way: constructing messages using pushed filters but it may be +easier to understand. + + +How to use the message digest functions +--------------------------------------- +cipher/md.c implements an interface to hash (message digest functions). + +a) If you have a common part of data and some variable parts + and you need to hash of the concatenated parts, you can use this: + md = md_open(...) + md_write( md, common_part ) + md1 = md_copy( md ) + md_write(md1, part1) + md_final(md1); + digest1 = md_read(md1) + md2 = md_copy( md ) + md_write(md2, part2) + md_final(md2); + digest2 = md_read(md2) + + An example are key signatures; the key packet is the common part + and the user-id packets are the variable parts. + +b) If you need a running digest you should use this: + md = md_open(...) + md_write( md, part1 ) + digest_of_part1 = md_digest( md ); + md_write( md, part2 ) + digest_of_part1_cat_part2 = md_digest( md ); + .... + +Both methods may be combined. [Please see the source for the real syntax] + + + + +How to use the cipher functions +------------------------------- +cipher/cipher.c implements the interface to symmetric encryption functions. +As usual you have a function to open a cipher (which returns a handle to be used +with all other functions), some functions to set the key and other stuff and +a encrypt and decrypt function which does the real work. You probably know +how to work with files - so it should really be easy to work with these +functions. Here is an example: + + CIPHER_HANDLE hd; + + hd = cipher_open( CIPHER_ALGO_TWOFISH, CIPHER_MODE_CFB, 0 ); + if( !hd ) + oops( use other function to check for the real error ); + rc = cipher_setkey( hd, key256bit, 32 ) ) + if( rc ) + oops( weak key or something like this ); + cipher_setiv( hd, some_IV_or_NULL_for_all_zeroes ); + cipher_encrypt( hd, plain, cipher, size ); + cipher_close( hd ); + + + +How to use the public key functions +----------------------------------- +cipher/pubkey.c implements the interface to asymmetric encryption and +signature functions. This is basically the same as with the symmetric +counterparts, but due to their nature it is a little bit more complicated. + + [Give an example] + + diff --git a/doc/KEYSERVER b/doc/KEYSERVER new file mode 100644 index 000000000..f63200a6b --- /dev/null +++ b/doc/KEYSERVER @@ -0,0 +1,83 @@ +Format of keyserver colon listings +================================== + +David Shaw <dshaw@jabberwocky.com> + +The machine readable response begins with an optional information +line: + +info:<version>:<count> + +<version> = this is the version of this protocol. Currently, this is + the number 1. + +<count> = the number of keys returned in this response. Note this is + the number of keys, and not the number of lines returned. + It should match the number of "pub:" lines returned. + +If this optional line is not included, or the version information is +not supplied, the version number is assumed to be 1. + +The key listings are made up of several lines per key. The first line +is for the primary key: + +pub:<fingerprint>:<algo>:<keylen>:<creationdate>:<expirationdate>:<flags> + +<fingerprint> = this is either the fingerprint or the keyid of the + key. Either the 16-digit or 8-digit keyids are + acceptable, but obviously the fingerprint is best. + Since it is not possible to calculate the keyid from a + V3 key fingerprint, for V3 keys this should be either + the 16-digit or 8-digit keyid only. + +<algo> = the algorithm number from RFC-2440. (i.e. 1==RSA, 17==DSA, + etc). + +<keylen> = the key length (i.e. 1024, 2048, 4096, etc.) + +<creationdate> = creation date of the key in standard RFC-2440 form + (i.e. number of seconds since 1/1/1970 UTC time) + +<expirationdate> = expiration date of the key in standard RFC-2440 + form (i.e. number of seconds since 1/1/1970 UTC time) + +<flags> = letter codes to indicate details of the key, if any. Flags + may be in any order. + + r == revoked + d == disabled + e == expired + +Following the "pub" line are one or more "uid" lines to indicate user +IDs on the key: + +uid:<escaped uid string>:<creationdate>:<expirationdate>:<flags> + +<escaped uid string> == the user ID string, with HTTP %-escaping for + anything that isn't 7-bit safe as well as for + the ":" character. Any other characters may + be escaped, as desired. + +creationdate, expirationdate, and flags mean the same here as before. +The information is taken from the self-sig, if any, and applies to the +user ID in question, and not to the key as a whole. + +Details: + +* All characters except for the <escaped uid string> are + case-insensitive. + +* Obviously, on a keyserver without integrated crypto, many of the + items given here are not fully trustworthy until the key is + downloaded and signatures checked. For example, the information + that a key is flagged "r" for revoked should be treated as + untrustworthy information until the key is checked on the client + side. + +* Empty fields are allowed. For example, a key with no expiration + date would have the <expirationdate> field empty. Also, a keyserver + that does not track a particular piece of information may leave that + field empty as well. I expect that the creation and expiration + dates for user IDs will be left empty in current keyservers. Colons + for empty fields on the end of each line may be left off, if + desired. diff --git a/doc/Makefile.am b/doc/Makefile.am index 8c1cdd767..73350fdc6 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -19,20 +19,22 @@ ## Process this file with automake to produce Makefile.in -EXTRA_DIST = gnupg-badge-openpgp.eps gnupg-badge-openpgp.jpg \ +EXTRA_DIST = DETAILS HACKING TRANSLATE OpenPGP KEYSERVER samplekeys.asc \ + gnupg-badge-openpgp.eps gnupg-badge-openpgp.jpg \ gnupg-badge-openpgp.pdf \ gnupg-card-architecture.eps gnupg-card-architecture.png \ gnupg-card-architecture.pdf \ - opt-homedir.texi see-also-note.texi + faq.raw FAQ faq.html \ + opt-homedir.texi see-also-note.texi BUILT_SOURCES = gnupg-card-architecture.eps gnupg-card-architecture.png \ - gnupg-card-architecture.pdf + gnupg-card-architecture.pdf FAQ faq.html noinst_PROGRAMS = yat2m info_TEXINFOS = gnupg.texi -dist_pkgdata_DATA = qualified.txt +dist_pkgdata_DATA = qualified.txt FAQ faq.html gnupg_TEXINFOS = \ gpg.texi gpgsm.texi gpg-agent.texi scdaemon.texi assuan.texi \ @@ -55,6 +57,9 @@ man_MANS = $(myman_pages) watchgnupg_SOURCE = gnupg.texi + +CLEANFILES = faq.raw.xref + DISTCLEANFILES = gnupg.tmp gnupg.ops yat2m-stamp.tmp yat2m-stamp \ $(myman_pages) @@ -74,6 +79,25 @@ yat2m_SOURCES = yat2m.c fig2dev -L pdf `test -f '$<' || echo '$(srcdir)/'`$< $@ +FAQ : faq.raw +if WORKING_FAQPROG + $(FAQPROG) -f $< $@ || $(FAQPROG) -f $< $@ +else + : Warning: missing faqprog.pl, cannot make $@ + echo "No $@ due to missing faqprog.pl" > $@ + echo "See ftp://ftp.gnupg.org/gcrypt/contrib/faqprog.pl" >> $@ +endif + +faq.html : faq.raw +if WORKING_FAQPROG + $(FAQPROG) -h -f $< $@ 2>&1 || $(FAQPROG) -h -f $< $@ +else + : Warning: missing faqprog.pl, cannot make $@ + echo "No $@ due to missing faqprog.pl" > $@ + echo "See ftp://ftp.gnupg.org/gcrypt/contrib/faqprog.pl" >> $@ +endif + + yat2m-stamp: $(myman_sources) @rm -f yat2m-stamp.tmp @touch yat2m-stamp.tmp diff --git a/doc/OpenPGP b/doc/OpenPGP new file mode 100644 index 000000000..a511ad7fd --- /dev/null +++ b/doc/OpenPGP @@ -0,0 +1,108 @@ + GnuPG and OpenPGP + ================= + + See RFC2440 for a description of OpenPGP. We have an annotated version + of this RFC online: http://www.gnupg.org/rfc2440.html + + + + Compatibility Notes + =================== + GnuPG (>=1.0.3) is in compliance with RFC2440 despite these exceptions: + + * (9.2) states that IDEA SHOULD be implemented. This is not done + due to patent problems. + + + All MAY features are implemented with this exception: + + * multi-part armored messages are not supported. + MIME (rfc2015) should be used instead. + + Most of the OPTIONAL stuff is implemented. + + There are a couple of options which can be used to override some + RFC requirements. This is always mentioned with the description + of that options. + + A special format of partial packet length exists for v3 packets + which can be considered to be in compliance with RFC1991; this + format is only created if a special option is active. + + GnuPG uses a S2K mode of 101 for GNU extensions to the secret key + protection algorithms. This number is not defined in OpenPGP, but + given the fact that this number is in a range which used at many + other places in OpenPGP for private/experimenat algorithm identifiers, + this should be not a so bad choice. The 3 bytes "GNU" are used + to identify this as a GNU extension - see the file DETAILS for a + definition of the used data formats. + + + + Some Notes on OpenPGP / PGP Compatibility: + ========================================== + + * PGP 5.x does not accept V4 signatures for anything other than + key material. The GnuPG option --force-v3-sigs mimics this + behavior. + + * PGP 5.x does not recognize the "five-octet" lengths in + new-format headers or in signature subpacket lengths. + + * PGP 5.0 rejects an encrypted session key if the keylength + differs from the S2K symmetric algorithm. This is a bug in its + validation function. + + * PGP 5.0 does not handle multiple one-pass signature headers and + trailers. Signing one will compress the one-pass signed literal + and prefix a V3 signature instead of doing a nested one-pass + signature. + + * When exporting a private key, PGP 2.x generates the header + "BEGIN PGP SECRET KEY BLOCK" instead of "BEGIN PGP PRIVATE KEY + BLOCK". All previous versions ignore the implied data type, and + look directly at the packet data type. + + * In a clear-signed signature, PGP 5.0 will figure out the correct + hash algorithm if there is no "Hash:" header, but it will reject + a mismatch between the header and the actual algorithm used. The + "standard" (i.e. Zimmermann/Finney/et al.) version of PGP 2.x + rejects the "Hash:" header and assumes MD5. There are a number + of enhanced variants of PGP 2.6.x that have been modified for + SHA-1 signatures. + + * PGP 5.0 can read an RSA key in V4 format, but can only recognize + it with a V3 keyid, and can properly use only a V3 format RSA + key. + + * Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign + keys. They only handle ElGamal Encrypt-only keys. + + + Parts of this document are taken from: + ====================================== + + OpenPGP Message Format + draft-ietf-openpgp-formats-07.txt + + + Copyright 1998 by The Internet Society. All Rights Reserved. + + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph + are included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assigns. + + diff --git a/doc/TRANSLATE b/doc/TRANSLATE new file mode 100644 index 000000000..1a2f266c9 --- /dev/null +++ b/doc/TRANSLATE @@ -0,0 +1,33 @@ +$Id$ + +Note for translators +-------------------- + +Some strings in GnuPG are for matching user input against. These +strings can accept multiple values that mean essentially the same +thing. + +For example, the string "yes" in English is "sÃ" in Spanish. However, +some users will type "si" (without the accent). To accomodate both +users, you can translate the string "yes" as "sÃ|si". You can have +any number of alternate matches seperated by the | character like +"sÃ|si|seguro". + +The strings that can be handled in this way are of the form "yes|yes", +(or "no|no", etc.) There should also be a comment in the .po file +directing you to this file. + + + +Sending new or updated translations +----------------------------------- + +Please note that we do not use the TP Robot but require that +translations are to be send by mail to translations@gnupg.org. We +also strongly advise to get subscribed to i18n@gnupg.org and request +assistance if it is not clear on how to translate certain strings. A +wrongly translated string may lead to a security problem. + +A copyright disclaimer to the FSF is required by all translators. + + diff --git a/doc/faq.raw b/doc/faq.raw new file mode 100644 index 000000000..cbab76b0c --- /dev/null +++ b/doc/faq.raw @@ -0,0 +1,1344 @@ +[$htmltitle=GnuPG FAQ] +[$htmlcharset=<meta http-equiv="content-type" content="text/html; charset=utf-8">] +[$sfaqheader=The GnuPG FAQ says:] +[$sfaqfooter= +The most recent version of the FAQ is available from +<http://www.gnupg.org/> +] +[$usenetheader= +] +[$maintainer=David D. Scribner, <faq 'at' gnupg.org>] +[$hGPGHTTP=http://www.gnupg.org] +[$hGPGFTP=ftp://ftp.gnupg.org] +[$hVERSION=1.2.2] + +[H body bgcolor=#ffffff text=#000000 link=#1f00ff alink=#ff0000 vlink=#9900dd] +[H h1]GnuPG Frequently Asked Questions[H /h1] + + +[H p] +Version: 1.6.3[H br] +Last-Modified: Jul 30, 2003[H br] +Maintained-by: [$maintainer] +[H /p] + + +This is the GnuPG FAQ. The latest HTML version is available +[H a href=[$hGPGHTTP]/documentation/faqs.html]here[H/a]. + +The index is generated automatically, so there may be errors. Not all +questions may be in the section they belong to. Suggestions about how +to improve the structure of this FAQ are welcome. + +Please send additions and corrections to the maintainer. It would be +most convenient if you could provide the answer to be included here +as well. Your help is very much appreciated! + +Please, don't send message like "This should be a FAQ - what's the +answer?". If it hasn't been asked before, it isn't a FAQ. In that case +you could search in the mailing list archive. + +[H hr] +<C> +[H hr] + + +<S> GENERAL + +<Q> What is GnuPG? + + [H a href=[$hGPGHTTP]]GnuPG[H /a] stands for GNU Privacy Guard and + is GNU's tool for secure communication and data storage. It can be + used to encrypt data and to create digital signatures. It includes + an advanced key management facility and is compliant with the + proposed OpenPGP Internet standard as described in [H a href=http://www.rfc-editor.org/]RFC 2440[H/a]. + As such, it is aimed to be compatible with PGP from PGP Corp. and + other OpenPGP tools + +<Q> Is GnuPG compatible with PGP? + + In general, yes. GnuPG and newer PGP releases should be implementing + the OpenPGP standard. But there are some interoperability problems. + See question <Rcompat> for details. + +<Q> Is GnuPG free to use for personal or commercial use? + + Yes. GnuPG is part of the GNU family of tools and applications built + and provided in accordance with the Free Software Foundation (FSF) + General Public License (GPL). Therefore the software is free to copy, + use, modify and distribute in accordance with that license. Please + read the file titled COPYING that accompanies the application for + more information. + +<Q> What conventions are used in this FAQ? + + Although GnuPG is being developed for several operating systems + (often in parallel), the conventions used in this FAQ reflect a + UNIX shell environment. For Win32 users, references to a shell + prompt (`$') should be interpreted as a command prompt (`>'), + directory names separated by a forward slash (`/') may need to be + converted to a back slash (`\'), and a tilde (`~') represents a + user's "home" directory (reference question <Rhomedir> for an example). + + Some command-lines presented in this FAQ are too long to properly + display in some browsers for the web page version of this file, and + have been split into two or more lines. For these commands please + remember to enter the entire command-string on one line or the + command will error, or at minimum not give the desired results. + + Please keep in mind that this FAQ contains information that may not + apply to your particular version, as new features and bug fixes are + added on a continuing basis (reference the NEWS file included with + the source or package for noteworthy changes between versions). One + item to note is that starting with GnuPG version 1.1.92 the file + containing user options and settings has been renamed from "options" + to "gpg.conf". Information in the FAQ that relates to the options + file may be interchangable with the newer gpg.conf file in many + instances. See question <Roptions> for details. + + +<S> SOURCES of INFORMATION + +<Q> Where can I find more information on GnuPG? + + On-line resources: + + [H ul] + [H li]The documentation page is located at [H a href=[$hGPGHTTP]/documentation/]<[$hGPGHTTP]/documentation/>[H/a]. + Also, have a look at the HOWTOs and the GNU Privacy Handbook (GPH, + available in English, Spanish and Russian). The latter provides a + detailed user's guide to GnuPG. You'll also find a document about how + to convert from PGP 2.x to GnuPG. + + [H li]At [H a href=[$hGPGHTTP]/documentation/mailing-lists.html]<[$hGPGHTTP]/documentation/mailing-lists.html>[H/a] you'll find + an online archive of the GnuPG mailing lists. Most interesting should + be gnupg-users for all user-related issues and gnupg-devel if you want + to get in touch with the developers. + + In addition, searchable archives can be found on MARC, e.g.: [H br] + gnupg-users: [H a href=http://marc.theaimsgroup.com/?l=gnupg-users&r=1&w=2]<http://marc.theaimsgroup.com/?l=gnupg-users&r=1&w=2>[H/a][H br] + gnupg-devel: [H a href=http://marc.theaimsgroup.com/?l=gnupg-devel&r=1&w=2]<http://marc.theaimsgroup.com/?l=gnupg-devel&r=1&w=2>[H/a][H br] + + [H b]PLEASE:[H /b] + Before posting to a list, read this FAQ and the available documentation. + In addition, search the list archive - maybe your question has already + been discussed. This way you help people focus on topics that have not + yet been resolved. + + [H li]The GnuPG source distribution contains a subdirectory: + + [H samp] + ./doc + [H /samp] + + where some additional documentation is located (mainly interesting + for hackers, not the casual user). + [H /ul] + +<Q> Where do I get GnuPG? + + You can download the GNU Privacy Guard from its primary FTP server + [H a href=[$hGPGFTP]/gcrypt/]<[$hGPGFTP]/gcrypt/>[H /a] or from one of the mirrors: + + [H a href=[$hGPGHTTP]/download/mirrors.html] + <[$hGPGHTTP]/download/mirrors.html> + [H /a] + + The current stable version is [$hVERSION]. Please upgrade to this version as + it includes additional features, functions and security fixes that may + not have existed in prior versions. + + +<S> INSTALLATION + +<Q> Which OSes does GnuPG run on? + + It should run on most Unices as well as Windows versions (including + Windows NT/2000) and Macintosh OS/X. A list of OSes reported to be OK + is presented at: + + [H a href=[$hGPGHTTP]/download/supported_systems.html] + <[$hGPGHTTP]/download/supported_systems.html> + [H /a] + +<Q> Which random data gatherer should I use? + + "Good" random numbers are crucial for the security of your encryption. + Different operating systems provide a variety of more or less quality + random data. Linux and *BSD provide kernel generated random data + through /dev/random - this should be the preferred choice on these + systems. Also Solaris users with the SUNWski package installed have + a /dev/random. In these cases, use the configure option: + + [H samp] + --enable-static-rnd=linux + [H /samp] + + In addition, there's also the kernel random device by Andi Maier + [H a href= http://www.cosy.sbg.ac.at/~andi/SUNrand/]<http://www.cosy.sbg.ac.at/~andi/SUNrand/>[H /a], but it's still beta. Use at your + own risk! + + On other systems, the Entropy Gathering Daemon (EGD) is a good choice. + It is a perl-daemon that monitors system activity and hashes it into + random data. See the download page [H a href=[$hGPGHTTP]/download/]<[$hGPGHTTP]/download/>[H /a] + to obtain EGD. Use: + + [H samp] + --enable-static-rnd=egd + [H /samp] + + here. + + If the above options do not work, you can use the random number + generator "unix". This is [H B]very[H /B] slow and should be avoided. The + random quality isn't very good so don't use it on sensitive data. + +<Didea> +<Q> How do I include support for RSA and IDEA? + + RSA is included as of GnuPG version 1.0.3. + + The official GnuPG distribution does not contain IDEA due to a patent + restriction. The patent does not expire before 2007 so don't expect + official support before then. + + However, there is an unofficial module to include it even in earlier + versions of GnuPG. It's available from + [H a href=ftp://ftp.gnupg.dk/pub/contrib-dk/]<ftp://ftp.gnupg.dk/pub/contrib-dk/>[H /a]. Look for: + + [H pre] + idea.c.gz (c module) + idea.c.gz.sig (signature file) + [H /pre] + + [H pre] + ideadll.zip (c module and win32 dll) + ideadll.zip.sig (signature file) + [H /pre] + + Compilation directives are in the headers of these files. You will + then need to add the following line to your ~/.gnupg/gpg.conf or + ~/.gnupg/options file: + + [H samp] + load-extension idea + [H /samp] + + +<S> USAGE + +<Q> What is the recommended key size? + + 1024 bit for DSA signatures; even for plain Elgamal signatures. + This is sufficient as the size of the hash is probably the weakest + link if the key size is larger than 1024 bits. Encryption keys may + have greater sizes, but you should then check the fingerprint of + this key: + + [H samp] + $ gpg --fingerprint <user ID> + [H /samp] + + As for the key algorithms, you should stick with the default (i.e., + DSA signature and Elgamal encryption). An Elgamal signing key has + the following disadvantages: the signature is larger, it is hard + to create such a key useful for signatures which can withstand some + real world attacks, you don't get any extra security compared to + DSA, and there might be compatibility problems with certain PGP + versions. It has only been introduced because at the time it was + not clear whether there was a patent on DSA. + +<Q> Why does it sometimes take so long to create keys? + + The problem here is that we need a lot of random bytes and for that + we (on Linux the /dev/random device) must collect some random data. + It is really not easy to fill the Linux internal entropy buffer; I + talked to Ted Ts'o and he commented that the best way to fill the + buffer is to play with your keyboard. Good security has its price. + What I do is to hit several times on the shift, control, alternate, + and caps lock keys, because these keys do not produce output to the + screen. This way you get your keys really fast (it's the same thing + PGP2 does). + + Another problem might be another program which eats up your random + bytes (a program (look at your daemons) that reads from /dev/random). + +<Q> And it really takes long when I work on a remote system. Why? + + Don't do this at all! You should never create keys or even use GnuPG + on a remote system because you normally have no physical control + over your secret key ring (which is in most cases vulnerable to + advanced dictionary attacks) - I strongly encourage everyone to only + create keys on a local computer (a disconnected laptop is probably + the best choice) and if you need it on your connected box (I know, + we all do this) be sure to have a strong password for both your + account and for your secret key, and that you can trust your system + administrator. + + When I check GnuPG on a remote system via ssh (I have no Alpha here) + ;-) I have the same problem. It takes a *very* long time to create + the keys, so I use a special option, --quick-random, to generate + insecure keys which are only good for some tests. + +<Q> What is the difference between options and commands? + + If you do a 'gpg --help', you will get two separate lists. The first + is a list of commands. The second is a list of options. Whenever you + run GPG, you [H b]must[H /b] pick exactly one command (with one exception, + see below). You [H b]may[H /b] pick one or more options. The command should, + just by convention, come at the end of the argument list, after all + the options. If the command takes a file (all the basic ones do), + the filename comes at the very end. So the basic way to run gpg is: + + [H samp] + $ gpg [--option something] [--option2] [--option3 something] --command file + [H /samp] + + Some options take arguments. For example, the --output option (which + can be abbreviated as -o) is an option that takes a filename. The + option's argument must follow immediately after the option itself, + otherwise gpg doesn't know which option the argument is supposed to + paired with. As an option, --output and its filename must come before + the command. The --recipient (-r) option takes a name or keyID to + encrypt the message to, which must come right after the -r option. + The --encrypt (or -e) command comes after all the options and is + followed by the file you wish to encrypt. Therefore in this example + the command-line issued would be: + + [H samp] + $ gpg -r alice -o secret.txt -e test.txt + [H /samp] + + If you write the options out in full, it is easier to read: + + [H samp] + $ gpg --recipient alice --output secret.txt --encrypt test.txt + [H /samp] + + If you're encrypting to a file with the extension ".txt", then you'd + probably expect to see ASCII-armored text in the file (not binary), + so you need to add the --armor (-a) option, which doesn't take any + arguments: + + [H samp] + $ gpg --armor --recipient alice --output secret.txt --encrypt test.txt + [H /samp] + + If you imagine square brackets around the optional parts, it becomes + a bit clearer: + + [H samp] + $ gpg [--armor] [--recipient alice] [--output secret.txt] --encrypt test.txt + [H /samp] + + The optional parts can be rearranged any way you want: + + [H samp] + $ gpg --output secret.txt --recipient alice --armor --encrypt test.txt + [H /samp] + + If your filename begins with a hyphen (e.g. "-a.txt"), GnuPG assumes + this is an option and may complain. To avoid this you have to either + use "./-a.txt", or stop the option and command processing with two + hyphens: "-- -a.txt". + + [H B]The exception to using only one command:[H /B] signing and encrypting + at the same time. For this you can combine both commands, such as in: + + [H samp] + $ gpg [--options] --sign --encrypt foo.txt + [H /samp] + +<Q> I can't delete a user ID on my secret keyring because it has + already been deleted on my public keyring. What can I do? + + Because you can only select from the public key ring, there is no + direct way to do this. However it is not very complicated to do + anyway. Create a new user ID with exactly the same name and you + will see that there are now two identical user IDs on the secret + ring. Now select this user ID and delete it. Both user IDs will be + removed from the secret ring. + +<Q> I can't delete my secret key because the public key disappeared. + What can I do? + + To select a key a search is always done on the public keyring, + therefore it is not possible to select a secret key without + having the public key. Normally it should never happen that the + public key got lost but the secret key is still available. The + reality is different, so GnuPG implements a special way to deal + with it: Simply use the long keyID to specify the key to delete, + which can be obtained by using the --with-colons options (it is + the fifth field in the lines beginning with "sec"). + + If you've lost your public key and need to recreate it instead + for continued use with your secret key, you may be able to use + gpgsplit as detailed in question <Rgpgsplit>. + +<Q> What are trust, validity and ownertrust? + + With GnuPG, the term "ownertrust" is used instead of "trust" to + help clarify that this is the value you have assigned to a key + to express how much you trust the owner of this key to correctly + sign (and thereby introduce) other keys. The "validity", or + calculated trust, is a value which indicates how much GnuPG + considers a key as being valid (that it really belongs to the + one who claims to be the owner of the key). For more information + on trust values see the chapter "The Web of Trust" in The GNU + Privacy Handbook. + +<Q> How do I sign a patch file? + + Use "gpg --clearsign --not-dash-escaped ...". The problem with + --clearsign is that all lines starting with a dash are quoted with + "- "; obviously diff produces many lines starting with a dash and + these are then quoted and that is not good for a patch ;-). To use + a patch file without removing the cleartext signature, the special + option --not-dash-escaped may be used to suppress generation of + these escape sequences. You should not mail such a patch because + spaces and line endings are also subject to the signature and a + mailer may not preserve these. If you want to mail a file you can + simply sign it using your MUA (Mail User Agent). + +<Q> Where is the "encrypt-to-self" option? + + Use "--encrypt-to your_keyID". You can use more than one of these + options. To temporarily override the use of this additional key, + you can use the option "--no-encrypt-to". + +<Q> How can I get rid of the Version and Comment headers in armored + messages? + + Use "--no-version --comment ''". Note that the left over blank line + is required by the protocol. + +<Q> What does the "You are using the xxxx character set." mean? + + This note is printed when UTF-8 mapping has to be done. Make sure + that the displayed character set is the one you have activated on + your system. Since "iso-8859-1" is the character set most used, + this is the default. You can change the charset with the option + "--charset". It is important that your active character set matches + the one displayed - if not, restrict yourself to plain 7 bit ASCII + and no mapping has to be done. + +<Q> How can I get list of key IDs used to encrypt a message? + + [H samp] + $ gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null | + awk '/^\[GNUPG:\] ENC_TO / { print $3 }' + [H /samp] + +<Q> Why can't I decrypt files encrypted as symmetrical-only (-c) with + a version of GnuPG prior to 1.0.1. + + There was a bug in GnuPG versions prior to 1.0.1 which affected files + only if 3DES or Twofish was used for symmetric-only encryption (this has + never been the default). The bug has been fixed, but to enable decryption + of old files you should run gpg with the option "--emulate-3des-s2k-bug", + decrypt the file and encrypt it again without this option. + + NOTE: This option was removed in GnuPG development version 1.1.0 and later + updates, so you will need to use a version between 1.0.1 and 1.0.7 to + re-encrypt any affected files. + +<Q> How can I use GnuPG in an automated environment? + + You should use the option --batch and don't use passphrases as + there is usually no way to store it more securely than on the + secret keyring itself. The suggested way to create keys for an + automated environment is: + + On a secure machine: + [H ol] + [H li] If you want to do automatic signing, create a signing subkey + for your key (use the interactive key editing menu by issueing + the command 'gpg --edit-key keyID', enter "addkey" and select + the DSA key type). + [H li] Make sure that you use a passphrase (needed by the current + implementation). + [H li] gpg --export-secret-subkeys --no-comment foo >secring.auto + [H li] Copy secring.auto and the public keyring to a test directory. + [H li] Change to this directory. + [H li] gpg --homedir . --edit foo and use "passwd" to remove the + passphrase from the subkeys. You may also want to remove all + unused subkeys. + [H li] Copy secring.auto to a floppy and carry it to the target box. + [H /ol] + + On the target machine: + [H ol] + [H li] Install secring.auto as the secret keyring. + [H li] Now you can start your new service. It's also a good idea to + install an intrusion detection system so that you hopefully + get a notice of an successful intrusion, so that you in turn + can revoke all the subkeys installed on that machine and + install new subkeys. + [H /ol] + +<Q> Which email-client can I use with GnuPG? + + Using GnuPG to encrypt email is one of the most popular uses. + Several mail clients or mail user agents (MUAs) support GnuPG to + varying degrees. Simplifying a bit, there are two ways mail can be + encrypted with GnuPG: the "old style" ASCII armor (i.e. cleartext + encryption), and RFC 2015 style (previously PGP/MIME, now OpenPGP). + The latter has full MIME support. Some MUAs support only one of + them, so whichever you actually use depends on your needs as well + as the capabilities of your addressee. As well, support may be + native to the MUA, or provided via "plug-ins" or external tools. + + The following list is not exhaustive: + + [H pre] + MUA OpenPGP ASCII How? (N,P,T) + ------------------------------------------------------------- + Calypso N Y P (Unixmail) + Elm N Y T (mailpgp,morepgp) + Elm ME+ N Y N + Emacs/Gnus Y Y T (Mailcrypt,gpg.el) + Emacs/Mew Y Y N + Emacs/VM N Y T (Mailcrypt) + Evolution Y Y N + Exmh Y Y N + GNUMail.app Y Y P (PGPBundle) + GPGMail Y Y N + KMail (<=1.4.x) N Y N + KMail (1.5.x) Y(P) Y(N) P/N + Mozilla Y Y P (Enigmail) + Mulberry Y Y P + Mutt Y Y N + Sylpheed Y Y N + Sylpheed-claws Y Y N + TkRat Y Y N + XEmacs/Gnus Y Y T (Mailcrypt) + XEmacs/Mew Y Y N + XEmacs/VM N Y T (Mailcrypt) + XFmail Y Y N + + N - Native, P - Plug-in, T - External Tool + [H /pre] + + The following table lists proprietary MUAs. The GNU Project + suggests against the use of these programs, but they are listed + for interoperability reasons for your convenience. + + [H pre] + MUA OpenPGP ASCII How? (N,P,T) + ------------------------------------------------------------- + Apple Mail Y Y P (GPGMail) + Becky2 Y Y P (BkGnuPG) + Eudora Y Y P (EuroraGPG) + Eudora Pro Y Y P (EudoraGPG) + Lotus Notes N Y P + Netscape 4.x N Y P + Netscape 7.x Y Y P (Enigmail) + Novell Groupwise N Y P + Outlook N Y P (G-Data) + Outlook Express N Y P (GPGOE) + Pegasus N Y P (QDPGP,PM-PGP) + Pine N Y T (pgpenvelope,(gpg|pgp)4pine) + Postme N Y P (GPGPPL) + The Bat! N Y P (Ritlabs) + [H /pre] + + Good overviews of OpenPGP-support can be found at:[H br] + [H a href=http://www.openpgp.fr.st/courrier_en.html]<http://www.openpgp.fr.st/courrier_en.html>[H /a] and[H br] + [H a href=http://www.bretschneidernet.de/tips/secmua.html]<http://www.bretschneidernet.de/tips/secmua.html>[H /a]. + + Users of Win32 MUAs that lack OpenPGP support may look into + using GPGrelay [H a href=http://gpgrelay.sourceforge.net]<http://gpgrelay.sourceforge.net>[H /a], a small + email-relaying server that uses GnuPG to enable many email clients + to send and receive emails that conform to PGP-MIME (RFC 2015). + +<Q> Can't we have a gpg library? + + This has been frequently requested. However, the current viewpoint + of the GnuPG maintainers is that this would lead to several security + issues and will therefore not be implemented in the foreseeable + future. However, for some areas of application gpgme could do the + trick. You'll find it at [H a href=[$hGPGFTP]/gcrypt/alpha/gpgme]<[$hGPGFTP]/gcrypt/alpha/gpgme>[H /a]. + +<Q> I have successfully generated a revocation certificate, but I don't + understand how to send it to the key servers. + + Most keyservers don't accept a 'bare' revocation certificate. You + have to import the certificate into gpg first: + + [H samp] + $ gpg --import my-revocation.asc + [H /samp] + + then send the revoked key to the keyservers: + + [H samp] + $ gpg --keyserver certserver.pgp.com --send-keys mykeyid + [H /samp] + + (or use a keyserver web interface for this). + +<Dhomedir> +<Q> How do I put my keyring in a different directory? + + GnuPG keeps several files in a special homedir directory. These + include the options file, pubring.gpg, secring.gpg, trustdb.gpg, + and others. GnuPG will always create and use these files. On unices, + the homedir is usually ~/.gnupg; on Windows "C:\gnupg\". + + If you want to put your keyrings somewhere else, use the option: + + [H samp] + --homedir /my/path/ + [H /samp] + + to make GnuPG create all its files in that directory. Your keyring + will be "/my/path/pubring.gpg". This way you can store your secrets + on a floppy disk. Don't use "--keyring" as its purpose is to specify + additional keyring files. + +<Q> How do I verify signed packages? + + Before you can verify the signature that accompanies a package, + you must first have the vendor, organisation, or issueing person's + key imported into your public keyring. To prevent GnuPG warning + messages the key should also be validated (or locally signed). + + You will also need to download the detached signature file along + with the package. These files will usually have the same name as + the package, with either a binary (.sig) or ASCII armor (.asc) + extension. + + Once their key has been imported, and the package and accompanying + signature files have been downloaded, use: + + [H samp] + $ gpg --verify sigfile signed-file + [H /samp] + + If the signature file has the same base name as the package file, + the package can also be verified by specifying just the signature + file, as GnuPG will derive the package's file name from the name + given (less the .sig or .asc extension). For example, to verify a + package named foobar.tar.gz against its detached binary signature + file, use: + + [H samp] + $ gpg --verify foobar.tar.gz.sig + [H /samp] + +<Q> How do I export a keyring with only selected signatures (keys)? + + If you're wanting to create a keyring with only a subset of keys + selected from a master keyring (for a club, user group, or company + department for example), simply specify the keys you want to export: + + [H samp] + $ gpg --armor --export key1 key2 key3 key4 > keys1-4.asc + [H /samp] + +<Dgpgsplit> +<Q> I still have my secret key, but lost my public key. What can I do? + + All OpenPGP secret keys have a copy of the public key inside them, + and in a worst-case scenario, you can create yourself a new public + key using the secret key. + + A tool to convert a secret key into a public one has been included + (it's actually a new option for gpgsplit) and is available with GnuPG + versions 1.2.1 or later (or can be found in CVS). It works like this: + + [H samp] + $ gpgsplit --no-split --secret-to-public secret.gpg >publickey.gpg + [H /samp] + + One should first try to export the secret key and convert just this + one. Using the entire secret keyring should work too. After this has + been done, the publickey.gpg file can be imported into GnuPG as usual. + +<Q> Clearsigned messages sent from my web-mail account have an invalid + signature. Why? + + Check to make sure the settings for your web-based email account + do not use HTML formatting for the pasted clearsigned message. This can + alter the message with embedded HTML markup tags or spaces, resulting + in an invalid signature. The recipient may be able to copy the signed + message block to a text file for verification, or the web email + service may allow you to attach the clearsigned message as a file + if plaintext messages are not an option. + + +<S> COMPATIBILITY ISSUES + +<Dcompat> +<Q> How can I encrypt a message with GnuPG so that PGP is able to decrypt it? + + It depends on the PGP version. + + [H ul] + [H li]PGP 2.x[H br] + You can't do that because PGP 2.x normally uses IDEA which is not + supported by GnuPG as it is patented (see <Ridea>), but if you have a + modified version of PGP you can try this: + + [H samp] + $ gpg --rfc1991 --cipher-algo 3des ... + [H /samp] + + Please don't pipe the data to encrypt to gpg but provide it using a + filename; otherwise, PGP 2 will not be able to handle it. + + As for conventional encryption, you can't do this for PGP 2. + + [H li]PGP 5.x and higher[H br] + You need to provide two additional options: + + [H samp] + --compress-algo 1 --cipher-algo cast5 + [H /samp] + + You may also use "3des" instead of "cast5", and "blowfish" does not + work with all versions of PGP 5. You may also want to put: + + [H samp] + compress-algo 1 + [H /samp] + + into your ~/.gnupg/options file - this does not affect normal GnuPG + operation. + + This applies to conventional encryption as well. + [H /UL] + +<Q> How do I migrate from PGP 2.x to GnuPG? + + PGP 2 uses the RSA and IDEA encryption algorithms. Whereas the RSA + patent has expired and RSA is included as of GnuPG 1.0.3, the IDEA + algorithm is still patented until 2007. Under certain conditions you + may use IDEA even today. In that case, you may refer to Question + <Ridea> about how to add IDEA support to GnuPG and read + [H a href=[$hGPGHTTP]/gph/en/pgp2x.html]<[$hGPGHTTP]/gph/en/pgp2x.html>[H /a] to perform the migration. + +<Q> (removed) + + (empty) + +<Q> Why is PGP 5.x not able to encrypt messages with some keys? + + PGP, Inc. refuses to accept Elgamal keys of type 20 even for + encryption. They only support type 16 (which is identical at least + for decryption). To be more inter-operable, GnuPG (starting with + version 0.3.3) now also uses type 16 for the Elgamal subkey which is + created if the default key algorithm is chosen. You may add a type + 16 Elgamal key to your public key, which is easy as your key + signatures are still valid. + +<Q> Why is PGP 5.x not able to verify my messages? + + PGP 5.x does not accept v4 signatures for data material but OpenPGP + requests generation of v4 signatures for all kind of data, that's why + GnuPG defaults to them. Use the option "--force-v3-sigs" to generate + v3 signatures for data. + +<Q> How do I transfer owner trust values from PGP to GnuPG? + + There is a script in the tools directory to help you. After you have + imported the PGP keyring you can give this command: + + [H samp] + $ lspgpot pgpkeyring | gpg --import-ownertrust + [H /samp] + + where pgpkeyring is the original keyring and not the GnuPG keyring + you might have created in the first step. + +<Q> PGP does not like my secret key. + + Older PGPs probably bail out on some private comment packets used by + GnuPG. These packets are fully in compliance with OpenPGP; however + PGP is not really OpenPGP aware. A workaround is to export the + secret keys with this command: + + [H samp] + $ gpg --export-secret-keys --no-comment -a your-KeyID + [H /samp] + + Another possibility is this: by default, GnuPG encrypts your secret + key using the Blowfish symmetric algorithm. Older PGPs will only + understand 3DES, CAST5, or IDEA symmetric algorithms. Using the + following method you can re-encrypt your secret gpg key with a + different algo: + + [H samp] + $ gpg --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 + --compress-algo=1 --edit-key <username> + [H /samp] + + Then use passwd to change the password (just change it to the same + thing, but it will encrypt the key with CAST5 this time). + + Now you can export it and PGP should be able to handle it. + + For PGP 6.x the following options work to export a key: + + [H samp] + $ gpg --s2k-cipher-algo 3des --compress-algo 1 --rfc1991 + --export-secret-keys <KeyID> + [H /samp] + +<Doptions> +<Q> GnuPG no longer installs a ~/.gnupg/options file. Is it missing? + + No. The ~/.gnupg/options file has been renamed to ~/.gnupg/gpg.conf for + new installs as of version 1.1.92. If an existing ~/.gnupg/options file + is found during an upgrade it will still be used, but this change was + required to have a more consistent naming scheme with forthcoming tools. + An existing options file can be renamed to gpg.conf for users upgrading, + or receiving the message that the "old default options file" is ignored + (occurs if both a gpg.conf and an options file are found). + +<Q> How do you export GnuPG keys for use with PGP? + + This has come up fairly often, so here's the HOWTO: + + PGP can (for most key types) use secret keys generated by GnuPG. The + problems that come up occasionally are generally because GnuPG + supports a few more features from the OpenPGP standard than PGP does. + If your secret key has any of those features in use, then PGP will + reject the key or you will have problems communicating later. Note + that PGP doesn't do Elgamal signing keys at all, so they are not + usable with any version. + + These instructions should work for GnuPG 1.0.7 and later, and PGP + 7.0.3 and later. + + Start by editing the key. Most of this line is not really necessary + as the default values are correct, but it does not hurt to repeat the + values, as this will override them in case you have something else set + in your options file. + + [H samp] + $ gpg --s2k-cipher-algo cast5 --s2k-digest-algo sha1 --s2k-mode 3 + --simple-sk-checksum --edit KeyID + [H /samp] + + Turn off some features. Set the list of preferred ciphers, hashes, + and compression algorithms to things that PGP can handle. (Yes, I + know this is an odd list of ciphers, but this is what PGP itself uses, + minus IDEA). + + [H samp] + > setpref S9 S8 S7 S3 S2 S10 H2 H3 Z1 Z0 + [H /samp] + + Now put the list of preferences onto the key. + + [H samp] + > updpref + [H /samp] + + Finally we must decrypt and re-encrypt the key, making sure that we + encrypt with a cipher that PGP likes. We set this up in the --edit + line above, so now we just need to change the passphrase to make it + take effect. You can use the same passphrase if you like, or take + this opportunity to actually change it. + + [H samp] + > passwd + [H /samp] + + Save our work. + + [H samp] + > save + [H /samp] + + Now we can do the usual export: + + [H samp] + $ gpg --export KeyID > mypublickey.pgp[H br] + $ gpg --export-secret-key KeyID > mysecretkey.pgp + [H /samp] + + Thanks to David Shaw for this information! + + +<S> PROBLEMS and ERROR MESSAGES + +<Q> Why do I get "gpg: Warning: using insecure memory!" + + On many systems this program should be installed as setuid(root). + This is necessary to lock memory pages. Locking memory pages prevents + the operating system from writing them to disk and thereby keeping your + secret keys really secret. If you get no warning message about insecure + memory your operating system supports locking without being root. The + program drops root privileges as soon as locked memory is allocated. + + To setuid(root) permissions on the gpg binary you can either use: + + [H samp] + $ chmod u+s /path/to/gpg + [H /samp] + + or + + [H samp] + $ chmod 4755 /path/to/gpg + [H /samp] + + Some refrain from using setuid(root) unless absolutely required for + security reasons. Please check with your system administrator if you + are not able to make these determinations yourself. + + On UnixWare 2.x and 7.x you should install GnuPG with the 'plock' + privilege to get the same effect: + + [H samp] + $ filepriv -f plock /path/to/gpg + [H /samp] + + If you can't or don't want to install GnuPG setuid(root), you can + use the option "--no-secmem-warning" or put: + + [H samp] + no-secmem-warning + [H /samp] + + in your ~/.gnupg/options or ~/.gnupg/gpg.conf file (this disables + the warning). + + On some systems (e.g., Windows) GnuPG does not lock memory pages + and older GnuPG versions (<=1.0.4) issue the warning: + + [H samp] + gpg: Please note that you don't have secure memory + [H /samp] + + This warning can't be switched off by the above option because it + was thought to be too serious an issue. However, it confused users + too much, so the warning was eventually removed. + +<Q> Large File Support doesn't work ... + + LFS works correctly in post-1.0.4 versions. If configure doesn't + detect it, try a different (i.e., better) compiler. egcs 1.1.2 works + fine, other gccs sometimes don't. BTW, several compilation problems + of GnuPG 1.0.3 and 1.0.4 on HP-UX and Solaris were due to broken LFS + support. + +<Q> In the edit menu the trust values are not displayed correctly after + signing uids. Why? + + This happens because some information is stored immediately in + the trustdb, but the actual trust calculation can be done after the + save command. This is a "not easy to fix" design bug which will be + addressed in some future release. + +<Q> What does "skipping pubkey 1: already loaded" mean? + + As of GnuPG 1.0.3, the RSA algorithm is included. If you still have + a "load-extension rsa" in your options file, the above message + occurs. Just remove the load command from the options file. + +<Q> GnuPG 1.0.4 doesn't create ~/.gnupg ... + + That's a known bug, already fixed in newer versions. + +<Q> An Elgamal signature does not verify anymore since version 1.0.2 ... + + Use the option --emulate-md-encode-bug. + +<Q> Old versions of GnuPG can't verify Elgamal signatures + + Update to GnuPG 1.0.2 or newer. + +<Q> When I use --clearsign, the plain text has sometimes extra dashes + in it - why? + + This is called dash-escaped text and is required by OpenPGP. + It always happens when a line starts with a dash ("-") and is + needed to make the lines that structure signature and text + (i.e., "-----BEGIN PGP SIGNATURE-----") to be the only lines + that start with two dashes. + + If you use GnuPG to process those messages, the extra dashes + are removed. Good mail clients remove those extra dashes when + displaying such a message. + +<Q> What is the thing with "can't handle multiple signatures"? + + Due to different message formats GnuPG is not always able to split + a file with multiple signatures unambiguously into its parts. This + error message informs you that there is something wrong with the input. + + The only way to have multiple signatures in a file is by using the + OpenPGP format with one-pass-signature packets (which is GnuPG's + default) or the cleartext signed format. + +<Q> If I submit a key to a keyserver, nothing happens ... + + You are most likely using GnuPG 1.0.2 or older on Windows. That's + feature isn't yet implemented, but it's a bug not to say it. Newer + versions issue a warning. Upgrade to 1.0.4 or newer. + +<Q> I get "gpg: waiting for lock ..." + + A previous instance of gpg has most likely exited abnormally and left + a lock file. Go to ~/.gnupg and look for .*.lock files and remove them. + +<Q> Older gpg binaries (e.g., 1.0) have problems with keys from newer + gpg binaries ... + + As of 1.0.3, keys generated with gpg are created with preferences to + TWOFISH (and AES since 1.0.4) and that also means that they have the + capability to use the new MDC encryption method. This will go into + OpenPGP soon, and is also suppoted by PGP 7. This new method avoids + a (not so new) attack on all email encryption systems. + + This in turn means that pre-1.0.3 gpg binaries have problems with + newer keys. Because of security and bug fixes, you should keep your + GnuPG installation in a recent state anyway. As a workaround, you can + force gpg to use a previous default cipher algo by putting: + + [H samp] + cipher-algo cast5 + [H /samp] + + into your options file. + +<Q> With 1.0.4, I get "this cipher algorithm is deprecated ..." + + If you just generated a new key and get this message while + encrypting, you've witnessed a bug in 1.0.4. It uses the new AES + cipher Rijndael that is incorrectly being referred as "deprecated". + Ignore this warning, more recent versions of gpg are corrected. + +<Q> Some dates are displayed as ????-??-??. Why? + + Due to constraints in most libc implementations, dates beyond + 2038-01-19 can't be displayed correctly. 64-bit OSes are not + affected by this problem. To avoid printing wrong dates, GnuPG + instead prints some question marks. To see the correct value, you + can use the options --with-colons and --fixed-list-mode. + +<Q> I still have a problem. How do I report a bug? + + Are you sure that it's not been mentioned somewhere on the mailing + lists? Did you have a look at the bug list (you'll find a link to + the list of reported bugs on the documentation page). If you're not + sure about it being a bug, you can send mail to the gnupg-devel + list. Otherwise, use the GUUG bug tracking system + [H a href=http://bugs.guug.de/Reporting.html]<http://bugs.guug.de/Reporting.html>[H /a]. + +<Q> Why doesn't GnuPG support X.509 certificates? + + GnuPG, first and foremost, is an implementation of the OpenPGP + standard (RFC 2440), which is a competing infrastructure, different + from X.509. + + They are both public-key cryptosystems, but how the public keys are + actually handled is different. + +<Q> Why do national characters in my user ID look funny? + + According to OpenPGP, GnuPG encodes user ID strings (and other + things) using UTF-8. In this encoding of Unicode, most national + characters get encoded as two- or three-byte sequences. For + example, å (0xE5 in ISO-8859-1) becomes Ã¥ (0xC3, + 0xA5). This might also be the reason why keyservers can't find + your key. + +<Q> I get 'sed' errors when running ./configure on Mac OS X ... + + This will be fixed after GnuPG has been upgraded to autoconf-2.50. + Until then, find the line setting CDPATH in the configure script + and place an: + + [H samp] + unset CDPATH + [H /samp] + + statement below it. + +<Q> Why does GnuPG 1.0.6 bail out on keyrings used with 1.0.7? + + There is a small bug in 1.0.6 which didn't parse trust packets + correctly. You may want to apply this patch if you can't upgrade: + + [H a href=http://www.gnupg.org/developer/gpg-woody-fix.txt]<http://www.gnupg.org/developer/gpg-woody-fix.txt>[H /a] + +<Q> I upgraded to GnuPG version 1.0.7 and now it takes longer to load my + keyrings. What can I do? + + The way signature states are stored has changed so that v3 signatures + can be supported. You can use the new --rebuild-keydb-caches migration + command, which was built into this release and increases the speed of + many operations for existing keyrings. + +<Q> Doesn't a fully trusted user ID on a key prevent warning messages + when encrypting to other IDs on the key? + + No. That was actually a key validity bug in GnuPG 1.2.1 and earlier + versions. As part of the development of GnuPG 1.2.2, a bug was + discovered in the key validation code. This bug causes keys with + more than one user ID to give all user IDs on the key the amount of + validity given to the most-valid key. The bug has been fixed in GnuPG + release 1.2.2, and upgrading is the recommended fix for this problem. + More information and a patch for a some pre-1.2.2 versions of GnuPG + can be found at: + + [H a href=http://lists.gnupg.org/pipermail/gnupg-announce/2003q2/000268.html]<http://lists.gnupg.org/pipermail/gnupg-announce/2003q2/000268.html>[H /a] + +<Q> I just compiled GnuPG from source on my GNU/Linux RPM-based system + and it's not working. Why? + + Many GNU/Linux distributions that are RPM-based will install a + version of GnuPG as part of its standard installation, placing the + binaries in the /usr/bin directory. Later, compiling and installing + GnuPG from source other than from a source RPM won't normally + overwrite these files, as the default location for placement of + GnuPG binaries is in /usr/local/bin unless the '--prefix' switch + is used during compile to specify an alternate location. Since the + /usr/bin directory more than likely appears in your path before + /usr/local/bin, the older RPM-version binaries will continue to + be used when called since they were not replaced. + + To resolve this, uninstall the RPM-based version with 'rpm -e gnupg' + before installing the binaries compiled from source. If dependency + errors are displayed when attempting to uninstall the RPM (such as + when Red Hat's up2date is also installed, which uses GnuPG), uninstall + the RPM with 'rpm -e gnupg --nodeps' to force the uninstall. Any + dependent files should be automatically replaced during the install + of the compiled version. If the default /usr/local/bin directory is + used, some packages such as SuSE's Yast Online Update may need to be + configured to look for GnuPG binaries in the /usr/local/bin directory, + or symlinks can be created in /usr/bin that point to the binaries + located in /usr/local/bin. + + +<S> ADVANCED TOPICS + +<Q> How does this whole thing work? + + To generate a secret/public keypair, run: + + [H samp] + $ gpg --gen-key + [H /samp] + + and choose the default values. + + Data that is encrypted with a public key can only be decrypted by + the matching secret key. The secret key is protected by a password, + the public key is not. + + So to send your friend a message, you would encrypt your message + with his public key, and he would only be able to decrypt it by + having the secret key and putting in the password to use his secret + key. + + GnuPG is also useful for signing things. Files that are encrypted + with the secret key can be decrypted with the public key. To sign + something, a hash is taken of the data, and then the hash is in some + form encoded with the secret key. If someone has your public key, they + can verify that it is from you and that it hasn't changed by checking + the encoded form of the hash with the public key. + + A keyring is just a large file that stores keys. You have a public + keyring where you store yours and your friend's public keys. You have + a secret keyring that you keep your secret key on, and should be very + careful with. Never ever give anyone else access to it and use a *good* + passphrase to protect the data in it. + + You can 'conventionally' encrypt something by using the option 'gpg -c'. + It is encrypted using a passphrase, and does not use public and secret + keys. If the person you send the data to knows that passphrase, they + can decrypt it. This is usually most useful for encrypting things to + yourself, although you can encrypt things to your own public key in the + same way. It should be used for communication with partners you know + and where it is easy to exchange the passphrases (e.g. with your boy + friend or your wife). The advantage is that you can change the + passphrase from time to time and decrease the risk, that many old + messages may be decrypted by people who accidently got your passphrase. + + You can add and copy keys to and from your keyring with the 'gpg + --import' and 'gpg --export' command. 'gpg --export-secret-keys' will + export secret keys. This is normally not useful, but you can generate + the key on one machine then move it to another machine. + + Keys can be signed under the 'gpg --edit-key' option. When you sign a + key, you are saying that you are certain that the key belongs to the + person it says it comes from. You should be very sure that is really + that person: You should verify the key fingerprint with: + + [H samp] + $ gpg --fingerprint KeyID + [H /samp] + + over the phone (if you really know the voice of the other person), at + a key signing party (which are often held at computer conferences), + or at a meeting of your local GNU/Linux User Group. + + Hmm, what else. You may use the option '-o filename' to force output + to this filename (use '-' to force output to stdout). '-r' just lets + you specify the recipient (which public key you encrypt with) on the + command line instead of typing it interactively. + + Oh yeah, this is important. By default all data is encrypted in some + weird binary format. If you want to have things appear in ASCII text + that is readable, just add the '-a' option. But the preferred method + is to use a MIME aware mail reader (Mutt, Pine and many more). + + There is a small security glitch in the OpenPGP (and therefore GnuPG) + system; to avoid this you should always sign and encrypt a message + instead of only encrypting it. + +<Q> Why are some signatures with an ELG-E key valid? + + These are Elgamal keys generated by GnuPG in v3 (RFC 1991) packets. + The OpenPGP draft later changed the algorithm identifier for Elgamal + keys which are usable for signatures and encryption from 16 to 20. + GnuPG now uses 20 when it generates new Elgamal keys but still + accepts 16 (which is according to OpenPGP "encryption only") if this + key is in a v3 packet. GnuPG is the only program which had used + these v3 Elgamal keys - so this assumption is quite safe. + +<Q> How does the whole trust thing work? + + It works more or less like PGP. The difference is that the trust is + computed at the time it is needed. This is one of the reasons for + the trustdb which holds a list of valid key signatures. If you are + not running in batch mode you will be asked to assign a trust + parameter (ownertrust) to a key. + + You can see the validity (calculated trust value) using this + command. + + [H samp] + $ gpg --list-keys --with-colons + [H /samp] + + If the first field is "pub" or "uid", the second field shows you the + trust: + + [H pre] + o = Unknown (this key is new to the system) + e = The key has expired + q = Undefined (no value assigned) + n = Don't trust this key at all + m = There is marginal trust in this key + f = The key is full trusted + u = The key is ultimately trusted; this is only used + for keys for which the secret key is also available. + r = The key has been revoked + d = The key has been disabled + [H /pre] + + The value in the "pub" record is the best one of all "uid" records. + You can get a list of the assigned trust values (how much you trust + the owner to correctly sign another person's key) with: + + [H samp] + $ gpg --list-ownertrust + [H /samp] + + The first field is the fingerprint of the primary key, the second + field is the assigned value: + + [H pre] + - = No ownertrust value yet assigned or calculated. + n = Never trust this keyholder to correctly verify others signatures. + m = Have marginal trust in the keyholders capability to sign other + keys. + f = Assume that the key holder really knows how to sign keys. + u = No need to trust ourself because we have the secret key. + [H /pre] + + Keep these values confidential because they express your opinions + about others. PGP stores this information with the keyring thus it + is not a good idea to publish a PGP keyring instead of exporting the + keyring. GnuPG stores the trust in the trustdb.gpg file so it is okay + to give a gpg keyring away (but we have a --export command too). + +<Q> What kind of output is this: "key C26EE891.298, uid 09FB: ...."? + + This is the internal representation of a user ID in the trustdb. + "C26EE891" is the keyid, "298" is the local ID (a record number in + the trustdb) and "09FB" is the last two bytes of a ripe-md-160 hash + of the user ID for this key. + +<Q> How do I interpret some of the informational outputs? + + While checking the validity of a key, GnuPG sometimes prints some + information which is prefixed with information about the checked + item. + + [H samp] + "key 12345678.3456" + [H /samp] + + This is about the key with key ID 12345678 and the internal number + 3456, which is the record number of the so called directory record + in the trustdb. + + [H samp] + "uid 12345678.3456/ACDE" + [H /samp] + + This is about the user ID for the same key. To identify the user ID + the last two bytes of a ripe-md-160 over the user ID ring is printed. + + [H samp] + "sig 12345678.3456/ACDE/9A8B7C6D" + [H /samp] + + This is about the signature with key ID 9A8B7C6D for the above key + and user ID, if it is a signature which is direct on a key, the user + ID part is empty (..//..). + +<Q> Are the header lines of a cleartext signature part of the signed + material? + + No. For example you can add or remove "Comment:" lines. They have + a purpose like the mail header lines. However a "Hash:" line is + needed for OpenPGP signatures to tell the parser which hash + algorithm to use. + +<Q> What is the list of preferred algorithms? + + The list of preferred algorithms is a list of cipher, hash and + compression algorithms stored in the self-signature of a key during + key generation. When you encrypt a document, GnuPG uses this list + (which is then part of a public key) to determine which algorithms + to use. Basically it tells other people what algorithms the + recipient is able to handle and provides an order of preference. + +<Q> How do I change the list of preferred algorithms? + + In version 1.0.7 or later, you can use the edit menu and set the + new list of preference using the command "setpref"; the format of + this command resembles the output of the command "pref". The + preference is not changed immediately but the set preference will + be used when a new user ID is created. If you want to update the + preferences for existing user IDs, select those user IDs (or select + none to update all) and enter the command "updpref". Note that the + timestamp of the self-signature is increased by one second when + running this command. + + +<S> ACKNOWLEDGEMENTS + + Many thanks to Nils Ellmenreich for maintaining this FAQ file for + such a long time, Werner Koch for the original FAQ file, and to all + posters to gnupg-users and gnupg-devel. They all provided most of + the answers. + + Also thanks to Casper Dik for providing us with a script to generate + this FAQ (he uses it for the excellent Solaris2 FAQ). + +[H hr] + +Copyright (C) 2000, 2001, 2002, 2003 Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02111, USA + +Verbatim copying and distribution of this entire article is permitted in +any medium, provided this notice is preserved. diff --git a/doc/samplekeys.asc b/doc/samplekeys.asc new file mode 100644 index 000000000..21c36d89e --- /dev/null +++ b/doc/samplekeys.asc @@ -0,0 +1,461 @@ + pub 1024D/5B0358A2 1999-03-15 [expires: 2009-07-11] + uid Werner Koch <wk@gnupg.org> + uid Werner Koch <wk@g10code.com> + uid Werner Koch + uid Werner Koch <werner@fsfe.org> + sub 1024D/010A57ED 2004-03-21 [expires: 2007-12-31] + sub 2048R/C3680A6E 2006-01-01 [expires: 2007-12-31] + + pub 1024D/57548DCD 1998-07-07 [expired: 2005-12-31] + uid Werner Koch (gnupg sig) <dd9jn@gnu.org> + + pub 4096R/99242560 2002-01-28 + uid David M. Shaw <dshaw@jabberwocky.com> + sub 2048g/1643B926 2002-01-28 [expires: 2012-01-26] + sub 1024D/49E1CBC9 2002-01-28 [expires: 2012-01-26] + + pub 2048R/CA57AD7C 2004-12-06 + uid PGP Global Directory Verification Key + uid [jpeg image of size 3400] + + pub 1024D/B2D7795E 2001-01-04 + uid Philip R. Zimmermann <prz@mit.edu> + uid Philip R. Zimmermann <prz@acm.org> + uid [jpeg image of size 3369] + uid [jpeg image of size 3457] + uid Philip R. Zimmermann <prz@philzimmermann.com> + sub 3072g/A8E92834 2001-01-04 + + pub 1024R/1CE0C630 2006-01-01 [expires: 2008-12-31] + uid Werner Koch (dist sig) <dd9jn@gnu.org> + + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.4-svn4128 (GNU/Linux) + +mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4 +3No/coPajDvhZTaDM/vSz25IZDZWJ7gEu86RpoEdtr/eK8GuDcgsWvFs5+YpCDwW +G2dx39ME7DN+SRvEE1xUm4E9G2Nnd2UNtLgg82wgi/ZK4Ih9CYDyo0a9awCgisn3 +RvZ/MREJmQq1+SjJgDx+c2sEAOEnxGYisqIKcOTdPOTTie7o7x+nem2uac7uOW68 +N+wRWxhGPIxsOdueMIa7U94Wg/Ydn4f2WngJpBvKNaHYmW8j1Q5zvZXXpIWRXSvy +TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY +urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq +bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9 +quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv +Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iGEEExECACECF4AFCQ4Uh/0F +AkG8aF4GCwkIBwMCAxUCAwMWAgECHgEACgkQaLeriVdUjc0EkwCfTXfXdqDS2COs +ZRm0OUphuY0h4x4AnRSlWyPGnKUFxKOw8TwwCSLsdvZHmQGiBDbtSOkRBACURhKn +GIFyXIeX61GAY9hJA5FgG4UalV55ohdz4whBgDzDGLE3XYlO8HCn4ggKilll6MOw +Y0yZeg6PEU9Y3SqTzpQSV6qj2M7MgcS8xOpi6bNCu0iyZUik0KklUXMdI8e/CVmB +pQJT9CofbD1dsP6z4dC6z3jil0+5Wbfw6yIXzwCgy/7Fagq5mN0H760/JEiiXILS +1n0D/3H26lTaxo1vGput9Td1FQN7Vn6YDP0/To5ipsOODROV3zyUwF5QleY+8zTF +JA3qD5KxRfA726WELOF1mB6Mw44UdkPniOoGdMH5oSx6qnNnlVZBBu3U+e1qfQwL +QjHu0WX4Z2q00DKpWLThGv7Loh5NKi6OfTbMhfHoevCAzQnmA/wKc6J8GqthENTh +KXxZaei3Ep0t+PlBmbUzuAYCXZhI6/0KyD6emyQ7LYIaPv9qEfMkMLhxicG0v/AA +wOCBRKS3bkqc6wAYaO0bjUHJvem3HkWPux82t83+6YPyRnVjm/mwt0uEyKSvt7Md +2DVrO3lEcKRkRHiYuf0nonPhl5Rs5bQaV2VybmVyIEtvY2ggPHdrQGdudXBnLm9y +Zz6IawQTEQIAIwIXgAIZAQUJE2uL/wUCQllAcgULBwoDAgMVAgMDFgIBAh4BABIH +ZUdQRwABAQkQXeJJllsDWKI6xwCfV3paxYsk7KQmrtOUxNmZb004OQoAn3uq9imO +pgxqsXhXaLfz5IqZu5O7tBxXZXJuZXIgS29jaCA8d2tAZzEwY29kZS5jb20+iGME +ExECACMCGwMCHgECF4AFCRNri/8FAkJZQHoFCwcKAwIDFQIDAxYCAQAKCRBd4kmW +WwNYouXsAJ9nbkvbiJZvNlzwBL98x7YB+u9fsgCfXE6vHv6DJk7Eh9CY+Gcdn6kC +G8i0C1dlcm5lciBLb2NoiGMEExECABsFAjbtSOoFCQzJfIADCwoDAxUDAgMWAgEC +F4AAEgkQXeJJllsDWKIHZUdQRwABAbXWAJ9SCW0ieOpL7AY6vF+OIaMmw2ZW1gCg +kto0eWfgpjAuVg6jXqR1wHt2pQO0HVdlcm5lciBLb2NoIDx3ZXJuZXJAZnNmZS5v +cmc+iGMEExECACMCGwMFCRNri/8CHgECF4AFAkJZQHoFCwcKAwIDFQIDAxYCAQAK +CRBd4kmWWwNYovxpAJ0ftTtETxhK8aKfIok/+43wNbQASwCfSFCPuVKTNHpv4JJ7 +9feDCtfxxLG5AaIEQF3aTxEEAP9SgfIbIPL6BQ1nqoblsTYoiwWPL48uBZPjkDfy +8XsVR5V9aRQlggC4x4/MD3Ip5AUgReI7PcHnp4m3vcVLXPl+/7i7hAwd84iKzgN8 +I8VW0EevflcNm7nbWEnpjaGxJWFbhSLI1DmqnafoU8nZgGp2QoE+flgGDd559C3S +iHRTAKDbqgS3EDhTbwfS+bAhW5Xi8/2CPwP9HueeuW9M/cyt8UvliLsj2eYMEIy7 +CeSLO13XfnqCjcnHK+b59/ADd99dpMaq3gKj7Aj1RIsRV2qWDJpDNXVxP7Cy+Fzx +elQsytPQOV8H8AkB+RgmSyfxlNRUkC3sQU6jR9IwmPD4iB5fp/SqUpn++77TAArX +qsfHbmlnwcuU1EAD/i7CEhxLBYS1N77hwxL8DWCqjpi+1PKG+6dc0BQFIU3uUhbz +LGfqEobUDhveqgtlsvoEZ/lR8RgMv/uOjXEgiATQyTEa7s3M2vjXlpLjXjzklma3 +Lqmcam3dEf/5OR02yZif6hPU/x8f/VQle0kKNKdOCV1+dlo8aJH2UIZRRIvtiE8E +GBECAA8FAkBd2k8CGwIFCQcbVgAACgkQXeJJllsDWKIiqACff+MvmBLGSBA0NkdK +9ZB3fTSzCdcAoLrJ9QYe2+vFu2WYGZNC5xJy2db1iE8EGBECAA8FAkBd2lACGwIF +CQcbVgAACgkQXeJJllsDWKLDcQCfdFh2/dY6p8Sz6nS5tfx5akOqmPAAn3Y/PpYm +Z+bIfoFcHlzjPxmI93uSiJcEGBECAA8CGwIFCQcbVgAFAkR1rB0AUkcgBBkRAgAG +BQJEdawTAAoJEGB4TpQBClft2RMAn1XiL/bC9hByZInCJTaCd8WS8kYCAKCfpAWw +LIxkfwAeD/RI+2p00nQfvAkQXeJJllsDWKKx7QCguc4/HiEs64Ey5p6Yihy67X8E +0YsAnRXMFdXVP7ww8uldljPiD1TgyurpuQELBEBd2ykBCADRKFS0lZw/2MawS97P +3nVyt2FF9XWb8si7T9Jgl+NRF93uqUOIC15s3u5SVPcwdIhoG04wYKHTLKhyBAjF +p4azfLmiIBDDp37DY3SAtJT6TsgULR+yFkXbRvuIOU5N/0WxzrK6JJwlFVEyaPX7 +zmWVKMCj+SMj2FrmltuVS0aCf0io3n97bUAvuU3dgjTFoHqW4017smfbE4VMwnLY +i3/1SS9s0ysKM6Px5yEM3oQiOW/9pS48wSFfs3lXi8N1BikgPdU5FFA+5BGSUhxy +Ff+lqdjwcByBC7LT3dCrFeWQOL0UeVh6wG48O63j8jue7mfTm+559uXnD/J65PiH +cZTnAAYpiE8EGBECAA8FAkBd2ykCGwwFCQNY7wAACgkQXeJJllsDWKIS1gCgoJ2z +4OnA0dVt7ZM/PeAsKXA0KFUAn3AV3yuZKX4WHw5Pnf5sLmF5LUkluQELBEO4FiIB +CADRWoeCwf4lVIJQahM7ytFRvPMrkSZQy072/I6/4QPKsaHI+HnoB8PjTmBpyBDL +K8Y6Of3Y1hNb77xe+m2g+8Wq/BUKHvUi1F+xzszpnixtMr+QOiy6U7kCJA6fGvq0 +qmzrXGcv5rXpGvWwyZfymTLW4X2WKgNL8bhODy0uJ9ZR/fhjE7nnIHgIboSnBAUP +HCsI9BFumsbU8FKsKJCOBqziHEyDHbix7uP6ByYslH2tUw9WdQU8Yzo2mWojghXp +jE7UT0tAb4QNTdwurLgiEIH5umsM43elr1/2nd06KigQX+NR4MqytR+28JtEEKvU +LwJZpmExs4B+OB4x8l+6Lc0/AAYpiE8EGBECAA8FAkO4FiICGwwFCQPBFYAACgkQ +XeJJllsDWKJdywCeNyRtO1/yIyiNkotYRfO5y3xuHocAnAyA4jaxa702sRs4iPR/ +WWJkMgEqmQGiBDpU6CcRBADCT/tGpBu0EHpjd3G11QtkTWYnihZDBdenjYV2Evot +gRZAj5h4ewprq1u/zqzGBYpiYL/9j+5XDFcoWF24bzsUmHXsbDSiv+XEyQND1GUd +x4wVcEY5rNjkArX06XuZzObvXFXOvqRj6LskePtw3xLf5uj8jPN0Nf6YKnhfGIHR +WQCg/0UAr3hMK6zcA/egvWRGsm9dJecD/18XWekzt5JJeK3febJO/3Mwe43O6VNO +xmMpGWOYTrhivyOb/ZLgLedqX+MeXHGdGroARZ+kxYq/a9y5jNcivD+EyN+IiNDP +D64rl00FNZksx7dijD89PbIULDCtUpps2J0gk5inR+yzinf+jDyFnn5UEHI2rPFL +UbXWHJXJcp0UBACBkzDdesPjEVXZdTRTLk0sfiWEdcBM/5GpNswMlK4A7A6iqJoS +NJ4pO5Qq6PYOwDFqGir19WEfoTyHW0kxipnVbvq4q2vAhSIKOqNEJGxg4DTEKecf +3xCdJ0kW8dVSogHDH/c+Q4+RFQq/31aev3HDy20YayxAE94BWIsKkhaMyohhBB8R +AgAhBQI6VPBbAgcAFwyAET/HMgQdI+nqZt21AJydvCHfdNxhAAoJEMdGNjmy13le +V7gAoKHV2q0XEP8GJkyp0/V5lgbwBmBMAJ9TtVfw2khoaZ3LNV2tINSjj0Alp7Qi +UGhpbGlwIFIuIFppbW1lcm1hbm4gPHByekBtaXQuZWR1PohdBBARAgAVBQI6VOgn +BQsJCAcDAhkBBRsDAAAAABIJEMdGNjmy13leB2VHUEcAAQFWUQCfWWfTDHzSezrD +awgN2Z4Qb7dHKooAoJyVnm61utdRsdLr2e6QnV5Z0yjjtCJQaGlsaXAgUi4gWmlt +bWVybWFubiA8cHJ6QGFjbS5vcmc+iE4EEBECAAYFAjpU6LcAEgkQx0Y2ObLXeV4H +ZUdQRwABARPJAKDmKL2Aeo6OWwcZKyqSWLD4drQxfgCguJ7k7XEuQr+tL0ndoin0 +RSQTkCHRzH//AAANOgEQAAEBAAAAAAAAAAAAAAAA/9j/4AAQSkZJRgABAQAAAQAB +AAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIfIiEmKzcvJik0 +KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAAR +CACQAHgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL +/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0Kx +wRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNk +ZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5 +usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEB +AQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAEC +AxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygp +KjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImK +kpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk +5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDqKXFKDSEgDJOBXSeeHaoJrqKI +fMwqleanyUi/Osi4udqNLM+EUZJNNIlvsakuqjnYazbzxKlopLOHYfwqa5S/8QvO +xjtyY1z17msqWZpGAzuz1wP61LmuhrGk3udHceO9RL4gSNB6EbjVU+Ndd3YEir9U +Fc+nLYC49jWhbt5UW0RIGbpyKzuzbliuhuWfjnUw377ypQv3vk2/rXVaV4o07VFC +iUQzd43P8j3rzVpnLESIgHoopZJIYIxPDg89Vb7tNSZLppnsIIYAggj1FKa4XQ/G +7r5dvexI0R4WVTgj6jpXbxyrNGskZ3IwyCD1FWncxaa3F24oNLRTJIyKKecUUwHj +rWbql2Y/3KHk9a084HPauZu7gTXLsemeKEgkyLmuS8TaqXmNlG3yofnweprp7qdb +a1lnbpGhavPH3yN5rH55DuJNKo9LF0Y3d2T2sTt+8dflPQYzk1twaJK8AeVCxfkK +OMVBo1qJLmJSPkHzH3ru4bRJlXjFc7Z2JXOBudBlIyEYAevaq8FkLRsld5J69xXp +DaNC5PByffAqlJ4b8wkFiPTjpSci/ZnA3cXDbmcsRkEmoILGWYkpu9zXfjwkzgGU +qVHtWhbaFbWyjEa7vYUlIfszy+e1uLEhnjfY3Xjiu28EeJZJ3XSpxuVUzFJ3Hsa0 +dU02IwMCgI78VxEcB0nxAnlOUDfPGfQ1pF6mNSN0eu0lQ2c4ubOKYfxoGqatjjG0 +UtFMQTsFgdj2U1zGB2OfwroNTcrZPjvxXP5pxJkZniF9miz5/iwv61xA+aUDOR3x +3rq/F0hWwhjH8cmT+ArmIIvNmSJeD61lU3OqivdOn0KNTPuU5xxgdBXZ2TAIOe1Y +Gj2ItLYYGTitSK7ghchpBk9hWD1OqKsbCcke1WkdcYIFUYZo3I2uDn0q2FIIx3pG +y1JHAJAAHNVpCu4kcCpFJaZgOiioJm2vt6E9KQzPvZAUIHNcL4jjC3Fq/cOR+Fdt +dHnHrXH+JSjMmexP8qqLMah1vgq4kuPDNuZc5jLRgnuAeK3s+lYng2PZ4YtAeSdx +5/3jW5XUtjzpbsaTRSniimSUdZmCwrF3bmsWtDWj/pKD/ZrNzVLYh7lTVbCG8tQ1 +wGKKTgoeR71yGmWNzPdpLb/NsfOG4yK72+XfoU20Y8uJmJPucf41geG38wSMRwpC +iuVu8nc9JRUYRSNoXqiHywjJOy/LH1J9hWcraeFBup0jnI3FVXcfyrYvoEmsSdoL +qQQ2ORyKVdDRcmNEORz2P51m20aRjcy5L0mKIWmpWpVc8mHa2M8c960NP1q9hjYS +SJMy85wentg/zph0OSCJ47UCNJAA4JBz+lVv7NayUlV3DG04bGc1Dl2NIxstToot +VaMFlaEmY4UEkZ9hVPUtZS2lU3Aj3DjCPnH8qp60vkWVrDHkMoULjocVizRXDxB4 +1aSbJLh1BUjtjvmmmEtDVk8QWLLuD89g3Ga5bxDceY0Ei5AJY4PrV9mit40juNPX +bIPneNSNp+hrLvdO86SGCJsB5Pl3N68YFXFmMr9T0vw2mzw7YjrmEH8+a06itYkh +to4kXasaBQPoKkNdR57EPSig0UyTH1sEXSHsVrNzW7q1uZoBIvVKwqtbEvcfefPo +N1GpADR4ye3P/wBesDQEaJHU93PFbNzP5em3K7S25OlZumxFGXBGc5I9zya5ZRs2 +ehCfMkdJbqs0LRN91hg1pQQtDCBKPMI43L396yLeTax7VdGrJbqRlWfsDWLZ1xWh +PcXFvEhZoZRj8vzqghM9woMe1B8yoe3ufeo5pDcobiW4Tcpyq54H1qGDW0aXeFUh +OCVOaSa6ltE2twubZZlHzQsGA9aW1WC6gVwVdT09foaj1PXbaeLy1CqzcbV706yg +iZQs4aFnGUkjOD9D60SaYK4XenW5iJ2c/WucVJX1qzEfOJlUH6cmupeJY1w11Iw9 +OP8ACsSNgNegRFyC/AA6Zq6aVznr6RO34Hako5PUYorrPMENFIaKACQZiYY6iuWc +FZCp7Gur61z+qQ+TclscNzTiTIoyLvjZemQRVLTTifyygUr156VezmsbUDLY3YlD +YSQ8H0qaqujWhK0jo2woDk8DrXOs8l9eTeQHI3EgjkYqpca4fLMcbEMoxyeM07RL +42t+vmk7W6iuJxaPRTTdh10bpVMDu0eTyDnp9aq2drdfaFaNhgckKwBxXaXKwtH5 +2wEDuRWNJqVgGKPbINo5YDrSTNuWK3Zg38N48m9iS2SQA2cYq9aapdJCIblnjKn5 +WHar32GzuxvjTAPYHFJq7W1qkEPAbpgUeRMlbZlqHUjdW2cguDg46fWl0KJ7jxIW +IysEe4nHeq1oYYrNSD0GcVueFICIbi6YYM0mVz/d7VtSWpy15e6dATSGkJpO2a6T +hFJoppNFAhj3MUf3mFZGqXUdy6BMELU8GiXExDXcu0d1Xk1p2+nQWw/cwgH+83Jq +rWFqznorC7nGUgYL/ebgfrVfVdGa80h1UZlQFlx3xXXT7RE67yXI7dKrImxAw7c0 +90C0dzxIFkk2SZznByav2skk0qFDzjLH0xXVeLvBzMx1CxA2Ocso7E1xdtI9rO6S +Db2NcjXQ9BSuro7bT74y2z2rNkA4znNStpNreyGZTtJTHXpXJR3ptFUhyNwzx61o +QeIvs8flocnGCcVm1Y3jNPc04mTSRKGcNj7g+lc5qN897dPcHg54x2FNu9Qku5Bu +4XJp+m6Re61MIrZDsj5eRuFH1pxjqROf3Gr4etLnVL0LyE6s3YCvRLeFLW3SFOFR +QBVHQ9Ihs7IxIoL5yzdCTV4xvE3D/g4rqjCyPPnPmdyQkH8aCaZv28suPXHNKGBG +Qc07MgDn6UUhNFAGmqHkscewpjnJ4qZhlKZjJ/CmXYrtFhSzDkn+lMWPAGOhHFXJ +UypHr/hUUe0t5ZHJGV/qKLisJDtKmNgCp4wen0rl/EPgS0ut09rFjOSUX7y+49R7 +V1DJ5b5/hNVtb1mHRdHlvJ2xtwqcZyx6Cs5JM0hJpnkWoaBeW0525aMHA/wqrBoW +oXMwSOI7mOABySa6ifW9W1KASBLe3twebhgCfwNNi8XQ6XgpKbmXp+7iChvbNYdT +p5tNCzpHw6uSY5dRnVVz80SHJI9zXZixtdOsRDaQpDHnhVHU+tSWFyL6yjnG5RIP +mRuGQ91PuDQd1zc4AyqV0xSRySk5bkcceyMHkHOanWN2HJyOvNSiIAHPvUuAAvvx +VXJsVli4IBwR1HrTXtznrjPtVhky+fUU7naCfUU7isUGhZejZ9sUVcdCxxjt1op6 +CsWs/u/ypFHzfhS9Bj3pT1yKg0FwGB/Gq7Aq4YdRyKtIMg1E69PUYpDB8Mgbsaxt +Z05NYhXTp8i3kzvI6j0x/OtUuBGUP1qjJJ5CvczSrGicszHhR70xdTy7XLS60y8b +R5jmKGMNERwHH96r3gfR7aZ5NZvFL/Z32wRkcbgMlj9M8VDqeo22t+JZL2V3Fq37 +qM9DtAxn8Sa6fwtAunatPprOJLe5Tzrd/cDDD8ufwrFW5rGzb5Tb0xwLad1BCtIW +AIx1AqzCjIAwOGPWoogzyunyhSR90VfEf9DW2xh1IP3jORk9anVG8sbjyKfgA09e +dwouFiJ+GH4il2ZUjvQ/b609SN2KYC4AGexopkzHyyB1ooSBs//ZiE4EEBECAAYF +AjpWjyIAEgkQx0Y2ObLXeV4HZUdQRwABAQfRAKCSnx3toHhFsCAaIsCRkmFdI4Hn +9gCbBDKIqvBEjybcnaBW+iZufcjAzsfRzNf/AAANkgEQAAEBAAAAAAAAAAAAAAAA +/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0V +FhEYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoL +Cw4NDhwQEBw7KCIoOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACPAHUDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEA +AAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIh +MUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6 +Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZ +mqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx +8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA +AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAV +YnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hp +anN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPE +xcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD2 +aiiigAooooAKyNb8S6boUZN1Lulx8sS/eP8Ah+NZXjbxcdCt/sdjh7+UdcjES+p9 +68fvLyW6leaa4mmlY5kkL4AP1qXLsaQhfVnc6l8TdSncrYRRW6Zx03t/L+lYsvjj +XnA8zUZY8nI2kr/QVzlu0b8+S2R/HvJNWFgAYuwDFuvJ/lzms2/M2UbdDrLPxlrE +TK51CRxn7sm1gfzrs9F8b2d8ix3v+jyn+Ij5T/hXkQj8gZX5hnlCMZq9YShm8vzD +t7HuDQm0KUUz3ZHWRQ6MGU9CDkGnV5VZ6xf6FJ5qTlY8/Mh5Vh9K77QNfi1uEkJs +kUZI7EeorRSuYyjY16KKKogKKKKACiiigArO17VU0XR575sFkXCKf4mPQVo1wHxX +vfJ0yztw+N8hdh3IHA/nSew4q7PNdT1Ga9vpLi4kaaaRyWY8KDRYWCXkuG5Qc+gz +We8mWAUYz19TW9pbGJAScZ6msJuyO2nG7NOPTrcxhAMdOmOKp3eg36OWsw0qY4x2 +rVgkynIyfrite0bKDBrBNo3aOOtvDWr3dwPPjEKDOS1dJbeFJYY/3UqKxGC5TJ/W +t+Fdx4HNaMUSlM9yK1TbMJ2RwWo+GtXeMiaZLlByCo2mpvCOpTaDrKpdEmA/KxIw +Vz612rR4PPWue13T4RcwXBUBWYI5A6Z6GmpNMmyasejghgCDkHkGlrD8J3ck+lfZ +5m3SWreXu/vL/Cfy/lW5XQnc5GrMKKKKYgooooAK8j+LF4ZNchtmACQQjGDySefy +6V6jqeowaVp099cnEcK7j7+grwXxjq1xr2ovqYRUV8DaCTtA7VMmtjWnBv3jMgjM +0wAUnFbcCtHGFHOevtUek2RisUmkwS3O4HIqeWTaP3e0HPzMemfwrmk7s7oWSuat +k7BQG71v28OFUpjHt2rj7XWreH91NLGWPQ7W/qK6bTdYs5IgFuI8njGajlsPmubt +rmMGVuAo5q7GxWMcZBH51nmVDaIqMpErDJB7VcWf98Y+wXg9jVowlqTtIpGP6Vj+ +KNv/AAj1y4xuUAr9cjFajHnHWsvxG6DSij8h3H6c0yUW/Aju/n7xg7Rn6gkV2Fc1 +4Lg22MszD53IBPf1rpa6I7HNLcKKKKokKKKKAOQ+JchHhuOIMR5twufoATXkjOkj +qqAHLYAzxXq3xLikl0uzKAkCYg49SvFeYR2htbqKJyN3JODnNc837zO6l/DSNOLe +ijyuy7cEZzVG50jUbsmWKTamTny1GRzV4TAPtUZ+la2nyJbBWmZogScBhgfnWN7G +9jmrfR7/AM7ZJdq8GDw8Suf6VRtXubfUFjMZR8jATjP0r0jfbMM7ULHvgVyl3BFP +reICruTglTwvPr60+buKK1NeKe5S3W5liaNmHBTgKfU//WpJ/E13bYVJxM+MnEYy +K25LKNtPtkPCK4U/TNYF94IinuWfcUVjuDxnBBpITa7GppvitLnalxZzRseN6pkE +/TtUviOVbmC0jhdSGk+b26VlGz1PSpkEVz9sthgGN/vr7hq6PT7Qajq9os4ZI0Bf +YB1AOcH/AD3rSOrsYzVlc6bQrZrXR4EddrldzD3P+RWjRRXUcQUUUUAFFFFAGN4r +06bU9Blhtl3TIQ6qOrY7D8K8fvraW31JVmR0ZQPlYYI/Cvea8q+IVi0PiFrgnImj +BUY/P+VZTj1OijP7JyP2n/SMnPB9eldXpV/5kIRsbfQ9K4yTMbhmyMnvUg1FoGYy +I4THAXoPT+dYONztckkb2v69ZwSJa29qgLf6ybYPlHt7+9Q6JdWA1NWgYBMdBXOz +Tf2id0aFg3anW+l3Fkv2tmcL1A/wo5VYSl9x6+ghnswgcEOOcdvemWs7zQHgSMjF +GK+oNcZpd/Kl5Ct1JMIVAOA+M/WtGzu10nXHWObdbXZ8xCT3PVTSuRyHTymN1QeU +SwYcba1dHt1W5Z2xvVOg9z/9YVmC583GOM9BWtoTectzN/CZNi+4H/661p2uc9S6 +ia1FFFdBzBRRRQAUUVi6x4v0HQwft2oxK4/5ZodzfkOn40AbVcX8SrHdo6akg+e2 +ba2P7p/+v/OsDVvjhYws0elaZLO3Z5m2g/gM/wA6525+I+t+IQ+n3ywQ290rDy0j +wQMZHJOetS9jSKdzm7i+USAlhkZ56Dr1rd0vy5o9r4cuvzcg54rjLzNvcFMY55xW +3od8FKx4GR8zMemazlG6N4zfMap02KC6bEcTJ6Nx+tbumPYyRrb/AL+Jc/dBEig+ +wYcU20FtqSguuMcZ7mtCx8PrDMZGkJVGyB/Kuf1Oly7Ej6XcyebgQ3IZTtdl2OD2 +6cViw2lxeSrayYTyzklTnbg9veun1LUU021IDb5Dwi+vvXOaVfIJZJN4LF8YHuad +mTzHTqZEt/3eTIFwg7lu1dnpdn9g06K37gZb6nrXn0mvWujeVqOoI8ltG6/LHyS3 +b/Gu20TxRo3iCMNp16kj4yYm+Vx/wE10U1ZHJWd3oa9FFFamAUUUUAeF+KPijqur +I0Fq32K3PaJvmP1avPbi5kuZCWJOTyfWmzOzNinwxBRuPXtSNCe3hSIBiMv/ACp1 +vcbdThkbp5gz9KYzEL9agcE7vXND1Hexs6raecSVA3jkZ71nWdy1qWjkG3sQRWlB +di8tQ+cuvyuPcVFMsc3yyrz2P/16yi2tGdE4p+8jWsfEMNsU3H7vf+92rdt/FyiI +4Zcnt6GvPmsyv3HB46k4zUiQTRKF3gAHOd3ehwi9SVOSVrHT6nrjzSYMgJUjknOK +gsZnS4MrMVRerY/zk1mafAly2W3SAclgNoNWPNaW+kUDbFF8qovQHufr/hVqFkTz +XNG+v3v5T5oxGq4WM9AKxlMlheCS1leNkO5CrYI59a0XOPvAfX1rN1OPPIB5TB+l +USekeF/ipNEqWutKbhBwJ1Hzj6jv/nrXpWnaxp2rRCSxu4pwRnCtyPqOor5ht5G3 +Dca2bW+mtXEkEzxsDkMuQaCeVM+kqK8WsPiPr1rB5bXImx0MqbiPxoouTyM80jh8 +xyxHyg1KVx1qxEEeNfK5FI6euKZViq5IFJDGZA+Occ0sik9BVaYMqZUkFecjjFIk +sQtJZT7+iEjcPSt63W1mUNIRjFc9ZXhuD5FwQSwwre/oa3raW3+xlGwWPr1FRUj1 +RtSl0GmW1jdlWCNz2Y/40yCBNQZijq0aNtKp/X/P51nXk4RJdqYBPJJHJq74a2x6 +XM4I3NJyM46f5NaQgkyZVG9DRv7hNPsW8pQP4VA7k/8A66g06Hy7dcnJbkk9yetU +9TZpr+KHnKfO2fXoK0LYqYh1x6ZqpPUmJKy45z+XaqV8AUQ89x06VeccHA6896rX +SbrZj3Ug1JRjYKsQfXrVxX+Xg+4qCVQQD0NOhJYcdTSEtGWVkIyFU/gtFJGEywbA +568c0UFmUomil/dAtk9B3q/nzBjHTqKWBVjIPU45NMPDn3pkLQY6jBwRxTIoxJIE +7HjmpW4/OmQcXC+maBdTG2FHdckFDxWpp7yyyu+eMcD/AGj3qpdLsvpAMdTWxpkQ +jsVfpn5j+NVFXZCIL6N5YhG5GeWA6laTw/c+TJLYy4Al5TI/iHb8v5VYlwblAW6q +MZ9c1mztgSleCzAKR26c1T0dwL1sDNPNOed7HafYcCr8MnlSAZwrdSfWobSLZCij +0xRLlXHHDVBojSLZGSTz29KYFDK6nncMVHbTCSMqx+739RUJvWz+5A4/jbp+VIZS +nGFOAOKbC3zZzjr0pbjvnkk9qihyZAB34oFfU0IEO05BH9f0oq1hIkXIySKKBn// +2YhGBBARAgAGBQI8ZiQyAAoJEMdGNjmy13leJSIAoIx0Ql/m4Gf4ZZeFQ1Of+zq6 +499DAKCHBzmIEtE740kuUl5HGNvCJ4QbMLQtUGhpbGlwIFIuIFppbW1lcm1hbm4g +PHByekBwaGlsemltbWVybWFubi5jb20+iEwEEBECAAwFAj6+zxoFCwkIBwMACgkQ +x0Y2ObLXeV4M5gCgnemzKjFcpG5MpeFCTjVg24ptLhsAn03rO14zwfdxKS9ZSuGL +eBG+d/eUuQMNBDpU6CcQDADMHXdXJDhK4sTw6I4TZ5dOkhNh9tvrJQ4X/faY98h8 +ebByHTh1+/bBc8SDESYrQ2DD4+jWCv2hKCYLrqmus2UPogBTAaB81qujEh76DyrO +H3SET8rzF/OkQOnX0ne2Qi0CNsEmy2henXyYCQqNfi3t5F159dSST5sYjvwqp0t8 +MvZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mU +rfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VH +MGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2 +azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMh +LLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+c +fL2JSyIZJrqrol7DVelMMm8AAgIMAI1RXgrY9LqHnvhnc1oGwhB7mORU7jwxKiGM +Lqzb0KM+GVTv1xAhhaYGm41/CuhnrOW3LPpjYWbrlXQh+9WJxHvO8UUI6FqEy6TV +yv5Cn3fo4wSr2wtkbFOMKWDCscZLtikxJmsQLtuk6YRGOjgX+fliYIckIfxDMI5z +37zSCNUSweIlUAGsLzLKSMovnHVX89ICsThC0wtuQE8aZBg7DxvHqMIeg7jdCNTN +upF8EwdmpZUnKgghkKn6fXdczj4079wNWxnxuNyHQsg7IytPzmfbjJ9dGU/SzsEW +Mubn0mOF/h2O4laKQlrBYROXKkDLzo5hFG7AJsjI1q4F5MrL5q9m8Xagu+nAfhSe +52kLTr87SOSPaVCmf0QRTDXVHA7qyr3NhPABTIp6s3TRxsJ/KJmXTUIijRu1xM7q +FArdzrs9qWgn2VUfz+Yfsu6qQwsMfm6CSnOZ53/xKit+pWRqSd7pviZHJIUIFdpV +mgqYMfNwfahJIyEz17HKHp3OLVsa7ohUBBgRAgAMBQI6VOgnBRsMAAAAABIJEMdG +Njmy13leB2VHUEcAAQHlbQCg+N+fI3bzqF9+fB50J5sFHVHM7hYAn0+9AfDl5ncn +r4D7ReMDlYoIZwRRmQILBDxUyXkBEACgg6vxNPigg9FQz14CkPtR/dEq3sCjK1r4 ++2oyeoRno+pqZ6Z7ZfphgA/q5woweFAGOg17KD2WXegoQ5pXbFvP+w9j9zm3g59X +zTRSzZgScelTibPnKy6g8r8GDAY6IQraR6pxe4297/NznqvRvKpTt5g1XP5LyjVB +sEv9HAYJE1vyy10qSQRtEz3QunUzfELNC4kiYNMZOnmgaFeW4APIIhWDtrrxqW3O +fjp1K4DAhqcnayrfvYbOtqh0sxJ246kvVc3Bc9pH6wDw/yub2deuPq6BZBLBJwrt +u/20qD0nsZ9is/5j0aL1MZuVmr7xKYqeehyzJ1WdpJK52qng9natYedS+GefKDIw +1Jq7ppQNWfVduTNITFTF0JswggjQuPqKT8Td5GCywQWN/kGHbp6EdybiUXZ+9fp4 +eek0UB5M+srSwbkF4hQ0mBrqlsaoji4CuXjc0c+Zx1D0pGfqqBCmvEV1tLul3U8h +0TzR4opUA8mLKegQp5cjh/dHz7zTPDxVgSr3blJ9FxI1Z69th/+jJj3q6joo3uW/ +5y8qQCrzdSCzs+TDEWwucZtJIuIhTct8AMPY/Ayt+Pf9jXfI+xSQgz3r7Eu5o+rE +u02/cthaOc4b3KYDtNkjLKszgiext1BYOq06R+Yyh2qgsg9azzkfudvvpwhCpJ7E +OxcdaP3bxwAGKbQlRGF2aWQgTS4gU2hhdyA8ZHNoYXdAamFiYmVyd29ja3kuY29t +PokCNAQTAQIAHgUCPFTJeQIbAwYLBwoDBAIDFQMCAxYCAQIeAQIXgAAKCRDbaY1x +mSQlYH7aD/wMq9ksbvAf9drjVP2u4rjZhLkHyc1zCp7rMXc5CdNgDNVyhl7+co/q +MeQBwk8SYEVedrZZ5Q7qjygjkKWp3qrLlw5PSydwCHaf5mlVg5E+5gt+RTkOi6FX +dE/5c0IrIB+MNI3jt3IeOqEhITWcnjDk4gIxm4z43tvXvf/fY33ohrQknApN9uYI +SoElzYGgnEZqX6P3p/8FB2+27A3t/Eshr6lLvVNEMgOlBY8te9TFvMJTMeSJXIQV +pvbz/LMF8uEboWVzRC77y7RcD8p+JP9V97qZGsiOYB+2MPGEvAhEPHxQZAbaBF+e +BFLzev+xmI36fHlFnAFiWikp0tYVLROgBhVGJUOJlDK+olfpxUqF+N8MfjeS01aH +Ly+Y6rkzC26AC/9j+Adka9mBXEiiA1vQcBfO4U45QhgDAl00yUW1gV4oNGZ9Yqsl +OhS/VHB61CjWwjnV3Jwkhscxux3rjj6TAwn5QmoO9kr3CqH1rzQXxTVruCJuwyuI +6aNeywINoubgDhqhOCPfqyzgdxfp5UAhy54ge9dqjfgHI2Q3WxxhD3mCdYgN89GZ +NpuH2lJkJZrRl7BimjqDeTlKYscZ1anrRgRpSoFDdUcMncySzW6cB1WSImj1aNWp +q58FxoJWcTy6lNesINeRjZ/r1eJBeN55P8+7DKGIsGkpftsqgXAqVbkCDQQ8VMsE +EAgA7lKuNHz6iYb+2pAZbxrjp5AHV86pbtVJQBWpGWkGLERGb6w2hYTL8YXr7Jgt +eBmy1a/+l5ZYjnZFQ8603eZRC1g+/krruWmfiJxE/HtHVcVSDUxXNJiE67DpSdGP +f8icIx3c91Xkui9ifS3VMSj1ezWLm5/OYF1utTQ5QiwrvzTuaCs8jWDUzxI77Fcz +QYQELuDmHevde4Ke66MeWCJabs9OQ6i61vurJrj1WQQ9pvXOzcbdoQFtAF/vGK82 +rnr0p5cDyes3S5lCKC4nIhvokHotCf63YUU6afG9OLp/ASlcp2h21vmtDp7xSg6D +7Ivn5cHtHnBvChG6vjQ9IO5gdwADBQgAnNF7z5VcV00LbYQxN1vX77iKwJ1aEZVS +YMrJnvthtJPM5alAsOQRRe85pgZsBfd2xgKbDZFsQaPei+n59nMPTxl68YsrYOWa +Be9IRnEKBYIHSVwDAGsEdxyOKgphNO7cQKcpRWdeqi9FQ11cWVLZrSqChmT9Z6uY +GLDabKwAhYl6TrEQ2J9OzM586LARZHb8m2MOcGrla+XZZannjEVfaei5on8IuhOL +alx/vx74C1qLi9B1fI/JyCsJlMQujkDrpz80hwIyavutLB9TdQZn8TuNqL/m7cpU +1YMbNIa/1Ow2Cio7zrhr/FvTX4KgMaGq6ukx7qWDDbME96BF57IMtIkCIgQYAQIA +DAUCPFTLBAUJEswDAAAKCRDbaY1xmSQlYPGsD/40gsxyQv4M8BFfPgnPEOYlSEBw +pibr+XRdq7q98n3F9ZlXjJHq74RhX6aotL10wpeMb6fcFKhmaMu8Nhx4PUP9+h11 +I7EwmMeLn2prG/sSbsgCY4tsEW08NbDzcXdj6+KvekpE6lYmOa4ORQTEODx81d9R +8DxcqUCYHYn+iYMbEDnBZmHgPc5hkGvBNj2F+dGs4n0iBvxFSBoTSzHb9XksG3/c +q8DdW59McJw1/nTyN2kLIvGjNqSeV+2P2oeh5NRJAHs9X5W+Zar+sqvlHDa1e0jq +2SrMhWdOD1qgTX3BzFyuhWW3IJLdcyFEp6NsC/L2eJdkWwclT1xhEvm8LEsB21nd +E2UNpIjOUcdFvEnYa84Di8ZpIvEvngG6q9tm5K14DXZYQczsN+rrOXgTYfxbEuCz +pFCg1DZaRQmWkXcywzo7F2YUgw1nFe9TlIrLJgXZcjg+ho3UNmquVr+qNV1IzYCk +E6I70J/Q3fuXOfVdM2V0JQTaWfBOUFowwVNyzI5XSl8TTwslsGN8roEAGBR33Jwh +By6TldhErnR1pvIOVt0kkGXbEqIIYONvfsdd2LIFZUfyegh8oFCJNDmKObKnuVyZ +H53Q3bgTn06D5TdBaCK9usVqUe+JZ1K4VLy+20kSiBqaLkel3417o+bqdpL3Uu8g +Xy1bsOhyo9m79ug8orkBogQ8VMvbEQQA9YjnqxRaPgKrbhTQqrzGMYBuP4QlbsQe +EDA3y94jlPK++edfyUGUTnquXHDKmPnLwsqszYZCsC35nVP8FOsg0eATYYAj5A9u +PDUXGQkW1eNQFGoh5p4SxBQZKlVJCAJyVgMxXDtUwDbjQ9CkOONrv1YlajDz9h9y +HfFUjQrC47sAoOX8LBxMJVdAqGMOQGcI2lTWTfq1BACabalqZ3571+ePoAEsqSxZ +elhHA/Se6oxlfxWNQilDGsgUSm53l7yeJn+8qZuiRm49wMlPZnzLA5isMAh0UyoT +SnPs8lnZDLbo4/s4H2Jz0+MahJSYtNtSKTNhuJv7Fh/kQGVltAaniUQeecoJK7Yx +hKbnvsXKzg7YEL2DLKDA4AP/RDeDRhK7ehXbkeONeJsOPjvjdATxSa7Io+GIUFB1 +CSLgaHfC43b8j7S5pEiZ8MOW+kwnP35G89h1K89nFpC47Xt8y/5DH4Z/tw3SdaEI +r8TSL3u/UOK4gZEc5uVhCGBAX/BdIYFWdO2UUjEaO3ox38lgH0HfNscqgN5zCEEc +6lmJAiIEGAECAAwFAjxUy9sFCRLMAwAACgkQ22mNcZkkJWAthQ//QCSN1sFaeqFQ +Eki7fg6E0n+t7mO+V1llNymp7G8Pq3iSI2d99oijVk2BQnrbhdLy+wjl9Lyyzfvv +aQ04QwAUvJNRgIaOpxkYb3z2tc31ho9eOYsQRmKxVzGWw1ii1OEnMBylsAaG58Gp +FI/5MTfucIlJBvXoESkHSoiyov2Pd1c3hJ/6OuFYbn5dvYplBi2K3pAq12OCmWti +cFvPTBpVlvTED0h+I133oO1e1Rx999u1/PQgLem5qfuz3wLv9r8qkXgy1AqdOEBN +svXSo09yWaDTKaZWb6k7viOq6k2aDOi4mr8qgrf8obs6fpOfg6WQw+DRL/T9KUHF +0EUSPVEMkbMc1V2iHURqXBGnIsa5JAi1eV1cMrp9T25DXWHlEfXRnPPjzTSJyJh2 +FmL9NnQrsmHf8f7DiR7uzCgA8+SZqRmr6o2j0FAPUrV4EmMYB7wTYPwPT7EXXmYs +8m0ovamXwGbIwT2Z/EGhOc3UdAQF232o156m097tib5HMbTT+8AcjX3TaeXDJpjI +35WybfJ8F2LEWmJsQwPC9MMCfy7SlW8BUqTBaelPvSYoKdLT6FOxtnoAVYn10WRI +F7LESySJqENspSpv3ACJ/q1jZN6cXYKFlvKLR5Be/MWtnZ2AXqwHmR/XYGtXI6FR +mNd6xrb+mP2QwkihMezVT+y2Q/EogXSJAmoEGAECAAwFCRLMAwAFAkQS4BkAUkcg +BBkRAgAGBQJEEuACAAoJEOJmXIdJ4cvJKsUAn3R2myTGfaAyxiDwL9l3ObofNnX9 +AJ46M4YTuhT9ETVc15IOaHY5VCLcUQkQ22mNcZkkJWCOtg//RVzC6tHMnmZXXA6j +slgca2yf/q0zJIULR9azhcraU3yy8OzjVorX1i5Xh5Rr3SmZkHiNUMrOK0jCzyM9 +ykBa58WOwwN1sZoNUQpUtmYja9kj/y444Atf0iIFW9TT4O31j25qEjz7cLZtmv+T +nzcSIaZekJrIZ/8D74eDqNrfy/WaAi0JK2iMiw4dqwLtIc2W7UTtXfSgiAtNrkp4 +smrO6AUI2Xas7D+3zZiMlIv//W3ZSTF0vHtyBdmvcEPrs6DdjhsM+L7QHLnxD7HD +86cvVh+9SzHelc5erhSWbwKMcZKykQ3uHhU9XCt60MYdbc8HHW92g0e9nEipZ7iS +23uDmzoKvfihtho2+j1w5uKM/S6N/fditlWJ9qHvLHVPLNKPp4DEHo4ns56LCY1c +RUX7N4TOWu2iVSdtzg8NFvhfnKyWkUTCYFuU64Jiq9XcJLMAn2AY02RzQcF8Lwbg +zdyINK9pC0y0lH9ZrN6QyGinxILPVtwLsWO17JpDvKQf4+rmR9nHQSsvGJ/FjCDy +dMx5HaT+TfC4KRR8BBgTDgZkq6cllbeC1qgCz3LXgai9pIlvT9httrVcpOL0QHnK +M5jd7R8JZ1dt5qlltuWsC8Dw52kEGiBn095qmY1FFd02BxL7y7sxHp81m31yTErh +o+HQlcXTIscl65wt2LwowPG0n2iZAQ0EQbPS8gEIAMtvZJvlBs6FEjN86De70Xff +yArVdlYkbwnBc/wNIZtASh/T5ihP/tsD7eHWWOHcsbSbwlQR2iWvEvP/wyC67ZMD +ZRCIzBFpEKFJW8GCQJFiSv3v6QKU2CaL48u5Q3XPi2ymp0TvrWdFW9SXbHhe8tMn +bWFTl5cYawL6oU/gR97wHmQf4V7EB+cU8/Oi7caNsNti/gJiLSnKFPGZq7HInJCt +D8xBS3REVGQvyoLNYJHYGYfeMzczRa3SgqfwLz59Yi1SHlT1/O/8r0Z479JXz7N0 +vgyt2oOy2Cpc2zbsf5Z4iBteVQYizSY40TpO0pnk9cbnMUzVvPW8N0Bhtjh5RYMA +EQEAAbQlUEdQIEdsb2JhbCBEaXJlY3RvcnkgVmVyaWZpY2F0aW9uIEtleYkBVgQQ +AQIAQAUCQlG0cAcLCQgHAwIKAhkBGRhsZGFwOi8va2V5c2VydmVyLnBncC5jb20F +GwMAAAADFgIBBR4BAAAABBUIAgoACgkQlxC4m8pXrXz35ggAnVHdAh2KqrvwSnPo +s73YdlVbeF9Lcbxs4oYPDCk6AHiDpjr2nxu48i1BiLea7aTEEwwAkcIa/3lCLP02 +NjGXq5gRnWpW/d0xtsaDDj8yYWusWGhEJsUlrq5Cz2KjwxNQHXRhHXEDR8vq9uzw +5EjCB0u69vlwNmo8+fa17YMNVdXaXsmXJlJciVHazdvGoscTzZOuKDHdaJmY8nJc +Cydk4qsFOiGOcFm5UOKPnzdBh31NKglqw/xh+1nTA2z5orsY4jVFIB6sWqutIcVQ +Yt/J78diAKFemkEOQe0kU5JZrY34E8pp4BmS6mfPyr8NtHFfMOAE4m8acFeaZK1X +6+uW59HMnv8AAA1ZARAAAQEAAAAAAAAAAAAAAAD/2P/gABBKRklGAAEBAAABAAEA +AP/bAEMACgcHCAcGCggICAsKCgsOGBAODQ0OHRUWERgjHyUkIh8iISYrNy8mKTQp +ISIwQTE0OTs+Pj4lLkRJQzxINz0+O//bAEMBCgsLDg0OHBAQHDsoIig7Ozs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O//AABEI +AJAAeAMBIgACEQEDEQH/xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/ +xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMABBEFEiExQQYTUWEHInEUMoGRoQgjQrHB +FVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2Rl +ZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6 +wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEB +AQEBAQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQID +EQQFITEGEkFRB2FxEyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkq +NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqS +k5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2dri4+Tl +5ufo6ery8/T19vf4+fr/2gAMAwEAAhEDEQA/APZqKrX99BptnJd3L7YoxkmuGvvi +zZRkrZWbykdGbgVpClOp8KJlOMdz0KivILj4p6xM2IYYoV/Op7PxX4mv18xJSVBz +leP61v8AVKiV5WRHtovY9YorzD/hMdat/vygsOoIqeD4l3URAubVJB3K8Gk8JVWy +uHtYnpFFc5oXjXTtcnFsivFORna3+NdEDmueUXF2kjRNPVC0UUVIwooooAKKKKAC +iiigDmPiG5XwjdYPXAP614dX0D4l0+HVNKNncFxHK3JQgEYBPGQfSuCfwBpCnia9 +/GVP/iK9DC4iFKDUjnq05Sd0eeL94V6X4N1HTRpqxzzLE6DnPfiq0HgXQHdkku75 +GHT51/8AiKst4H0aE4W/vRj/AGkP/slXWr0asbNsmFOcHcx9euLee/le1x5WTgjo +ea5+Z+TXayeFNMQbf7QvMdeqf/EUz/hCtLkUN9qvSD38xP8A4irhiqUUkmJ0pt3O +f8Iz+V4ihcsFA6knHpXr0ev6QkeJNUtAw6jzlyP1rzy48HaZaW7TxvcyOrKNsrKV +OWA6BR61u6TpkVqRIqlcrj5Rx+NcWJqRqT5om1OLirM6mPX9GmbbHqtmzennrn+d +X1ZXUMjBlPQg5BrnjAjqcbWHtzWFqGmySTma1le1dchXtXMZx9R1/Guexpc9Aorh +YPFOq6Y6pdj7ZF0zIAr/AIMOPzH411Ola7Yawh+zSkSKMvC4w6/h6e4yKLBc0aKK +KQwooooApalykQ9XP/oLVjyxYrZ1H7kR/wBv/wBlIqgyhhQMwJhcxu6xoQCScget +OF7cxho3gLg9xkdsdutLdX0yX9xAoQLCyqPlznKK2T/31UJvJT12f98iiwiQzyAb +I1IyB1HsBVqGFktowwwQKzzdSEEfKP8AgIq3b3BEcLt92WJHYDoCygnH50WAS9H/ +ABL5s+sf/o1KsW88giwiqAvdjUWojFi5B4Zo/wAfnU1pWq7rXaCFyOuKEBE1yduT +GwPQ7KJQhGOM46VbMC+UF4DAdcVmTEQyMsKCZ+h5wFpiM2/hmcsiIrA9FZeDXOSN +LpV0jvM0LZzE65BjP+9XVTabn5zJJuzncH5qneQhovLbkAdG+b+dUhM3/DPipdUI +sb3al6B8rDhZgO49D6j8R6Dpa8ZuQ0Tq0ZMbxkFWTgqR0Ir0jwn4hGvacfNIF5b4 +WdR39GHsf5g0SjbUEzeoooqCipqA/cxn0lX9Tj+tUK1LqLzoGTODwQfQg5B/OuT8 +Sa1ceHdOe8ktIpwHCKquUySfoaAKl4P+Jvf/APXVP/RUdQkVBpWp/wBuxXGpfZ/s +/nTY8vfv27UVeuBnpnpVoiqER1biH+h2v/XtF/6AtVSKyLfxbcTRrBbaMZPs6CEy +Nc4Vio25+77dM0mM37yUiwCHp5yAfqf6VrWcuIV5rkGu9X1Mxoba3tY0fdtDFyxx +jJPtk+nWtaGW9tlCzOhQ8BgpBzRYRszagm4wJl5Dxhe1SRQJBEBwTUFpDFHECMHP +OfX3qSSXjrTSFciuG4NY143WtC4k4NZN2/WrRLMa96motC1g6Dr0F6WIhJ8uceqH +qfw4P4U+7PWsi6GVbNVa4j3kHIyKKwvBd+2oeFbN5G3Swr5MnsV4598YP40Vgam9 +XnvxamC6bp9uD/rJyzD6DivQq82+LikLpkn8Jdh+OKqO4nsQeCUB0cAjI+0N/Stq +6EUV05Kjy1PIrgfDRZfEun7XYK0hyMnB+U9q72/G9rmqejEtUQyXFrKu2FAreuSe +KwNBVAhyo4dv/QjWH4w1EpEtpbJK5Rw00kf/ACz46HFGh+JrFLVYwjNKi8qpAB/E +8ikgZ6BC6DoBSX91aCExXEwTcueOoHr7c1zOkand32pFmncooLGMN8voAB+NdDvz +w2Rx3FOxNy1p1xA9kgtpxNGoxuByfxqSSXjrWJcWKSXcVzHLLC8ZBPksF3Y9eKq3 ++o6z9tkitLeERZBWWTGMf5/GgDYnl4NZlzJ1pWuZSkQkjBZgfMaM/Khx784NU55c +1SEU7lutZdzMkEUk7jcI13bfU9hV2d81n3EaTxvDJ9yQbSfT0P51Qju/g5ePc+H9 +QSRtzLelyf8AeVf8KKg+C8Lw6bqyuOVuVU/ULRWD3NVselVw3xYtDN4ZhugOba4U +n6EY/wAK7ms/XdNXWNDvNPb/AJbxFV9m7frihaMGeM+GW3eIdOP/AE0b/wBAau/k ++d7n61514X3xeJbOCUFZIpXVgexCsDXocJ3y3A/2hVy3FE4RrOWw1KWK4BVmdnRh +0dSeoqeewtL6ER3EKuobcCPlIOMZBFaPjCdI5LK2APmbjIT6LjH8z+lZ0MhKiqjq +iXozJn0q/wBPDTW8wuoYxu2kFZQP5HFbnhbUftdjK6XHmoJOAG3beP61IjHjnmqk +ulIblbm0mlspsbXa2wvmL6EevvRYR0T3AjRmkYIqjcxY4AFZsmv6WJGX7Upx/EEJ +U/Q965nW3n0+KOyjup3t5MvslfcQQfXrjvisNpn67jQI9DlvLfyvN+0weXjO/wAw +YxVadyADkEMMgg5BHsa8/eVvb64q7pWtS2MojkLvbNkNGD09xnoaYHSStmqc7fIa +LbUIL9ZPKWRHjGSGIORnGcio7hZJCkMSl5JWCoo6kngCncD1L4XW3l+GZrraR9su +3lGfQAL/ADU0V0miaamj6LZ6cmD9niCsR3b+I/icmisHuaov0UUUhnmnifw8dN8e +2Gr26/6Peu3mY/hkCN/Mc/nV3T333Mw9XFbvi84tLU+k4/8AQTXN6M+6+ceriq6C +MDxbeQXmsxW0ChmtQVkkHcnHy/hj9aggj4FN/sqawv5ba6XEqsTnswJ4YHvWjDb9 +OK0WiIe4xIjUkhS3heeXOyNSzY64FXI7f2pbvTvtdlNbklBKhTco5XI60XFY881S ++m1OcSSIqKowiKOFH9TVAxH0rYl0y4s7h7W6C+anO5ejr2YU02ftSuFjGaEntTRb +knpWz9jPcU+OwLNhVyadxWKmlKbSdn2btyFcEkda9C+H+hR6prH9sPGwt7I4QNgh +pcdvXbnP1IrB0Pw5c63qIsLT5duDcT4ysC/1Y9h/SvZtO0+20rT4bGzj8uCFdqjv +7k+pJ5JqJMuKLVFFFQWFFFFAHOeMj/oVr/18Afoa57Tk8jW0j/vOK7PWdOGo2qru +2vG4dDjIyPWuTuoL6G9842QLg8MjjH68imnoBB42U2L2uqlfMhX9zKijLLnkMPbg +5qvpz2WoRiS0nR89s8irFxDqWoMguCFjjOVjTpn1J7msbU/DTiT7RaBrebruj4z+ +FNMTR0sdm47Zqwtqf7tcRDq/ifTDtbFwo/vjmr8XjvU4+JtLyfY07iNPXPDa6lGr +xnyriP8A1coXOPYjuK506FfwP5VwiOcZDxghSPx71oS+PdQYYi0rn3NZeoa14k1W +UCAC2jxjhcn3NIB82nQWcRlvZ0hQcncafp2nz6xIotEazsj965kX53H+wp/mf1qP +SvDVxJdC5vi9xIDkGU7sfSu1tLOQYGDRcLGzoNrZaVYpZ2MQjjBye7Ox6sT3NbKn +IzWTZ27LjNaqDC1JQ+iiigAooooAQjNRPbRueVFTUUAVjZRdlFQvpsT/AMNX6KAM +eTQ4H6oPyqBvDdqf+WS/lW/RQBz48NWoP+qX8qmTQbdOiD8q2qKAM1NKiTooqwln +GnQVaooAYsYXoKdS0UAFFFFAH//ZiQFOBBABAgA4BQJCUbRwBwsJCAcDAgoZGGxk +YXA6Ly9rZXlzZXJ2ZXIucGdwLmNvbQUbAwAAAAMWAgEFHgEAAAAACgkQlxC4m8pX +rXxIEgf+P5EZwy4eZWhmrj5duYK6edt+3hPRNrijqbE2RzrCTk/0+lwT2LHO2NXK +wya/aLhjvjp0Jj0HW1+FBbXRLf0fOtgeHcjhrbBv3NCeJkJ/VedsJ7V5Gyw2FOkt +VdedcoSxz0TAPky2I8gKW5khcHTxnHa4lJn7+L1OpIzkRS4mT6VeqBcZSJNpJc3r +cj/gGdsXMLDxJpJPt3ueiTjlQL0j/6BwpU76hgROCuxTsAvq6TXpgP0ml9hkcQWa +lihL6pDe0t88IbeBpL92MFlZaQ23nPt7qxtGSjj1cSPcRSHfceCOs6Uvy4k1uGVn +k14gtzEeoZMeOL7nAwQMGN81P8LqbZiOBEO3+scBBADQmRl6K1zJAyqTbEZ3/mYa +hzj5g3BCjw5KZXAi9jxQAje0GiuEXqFr2eJqplTi92V1OdcxTSPWg9yQCE6BE9o6 +9oRmFhRMXQX/XmmIAXl2RlDp2yZdVSQ81gxlOmRzacD4gAIGI6bKAYGQsW5e8dFb +WLpI3PbyJEf9RlxguL/aIQAggVZQmbQmV2VybmVyIEtvY2ggKGRpc3Qgc2lnKSA8 +ZGQ5am5AZ251Lm9yZz6IvAQTAQIAJgUCQ7f6yAIbAwUJBaOagAYLCQgHAwIEFQII +AwQWAgMBAh4BAheAAAoJEFO2INAc4MYweaMEAIdDDtJLkO4TOgCo/GCuG0RmqRwZ +niJ4mnq/WOr8F4BK3w1HIuwVEE8V6BRU4Chx8wc9/W83krckIE5uaZRmjhCXCWsi +K9Ow2ngbXAv3TKFVCbMMmyjBbT+31M9OT0Sowob8a1s4Xv2J+gQJjxfumMUKNlvf +K86tEx0ucCiY15h8 +=yJFz +-----END PGP PUBLIC KEY BLOCK----- diff --git a/g10/ChangeLog b/g10/ChangeLog index 426dd8ca6..03a97363f 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,17 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + * skclist.c (random_is_faked): Implemented. + (is_insecure): Also test for the old uppercase version of the + insecure string. + * gpg.c (main): Renamed --quick-random to debug-quick-quick-random. + + * gpg.c (print_mds): Do not use the USE_SHA macros. + + * mainproc.c (proc_encrypted): Remove assign inside condition for + better readibility. + + * packet.h: Moved consts to new header ../common/openpgpdefs.h. + 2006-08-16 Werner Koch <wk@g10code.com> * keyserver.c (GPGKEYS_PREFIX): Rename to gpg2keys_. This is so @@ -568,7 +568,7 @@ static ARGPARSE_OPTS opts[] = { { oPasswdFile, "passphrase-file",2, "@" }, { oCommandFD, "command-fd",1, "@" }, { oCommandFile, "command-file",2, "@" }, - { oQuickRandom, "quick-random", 0, "@"}, + { oQuickRandom, "debug-quick-random", 0, "@"}, { oNoVerbose, "no-verbose", 0, "@"}, { oTrustDBName, "trustdb-name", 2, "@" }, { oNoSecmemWarn, "no-secmem-warning", 0, "@" }, @@ -2152,8 +2152,9 @@ main (int argc, char **argv ) gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose); opt.list_sigs=0; break; - /* Disabled for now: - case oQuickRandom: quick_random_gen(1); break;*/ + case oQuickRandom: + gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); + break; case oEmitVersion: opt.no_version=0; break; case oNoEmitVersion: opt.no_version=1; break; case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break; @@ -2162,17 +2163,17 @@ main (int argc, char **argv ) case oTrustDBName: trustdb_name = pargs.r.ret_str; break; case oDefaultKey: opt.def_secret_key = pargs.r.ret_str; break; case oDefRecipient: - if( *pargs.r.ret_str ) - opt.def_recipient = make_username(pargs.r.ret_str); - break; + if( *pargs.r.ret_str ) + opt.def_recipient = make_username(pargs.r.ret_str); + break; case oDefRecipientSelf: - xfree(opt.def_recipient); opt.def_recipient = NULL; - opt.def_recipient_self = 1; - break; + xfree(opt.def_recipient); opt.def_recipient = NULL; + opt.def_recipient_self = 1; + break; case oNoDefRecipient: - xfree(opt.def_recipient); opt.def_recipient = NULL; - opt.def_recipient_self = 0; - break; + xfree(opt.def_recipient); opt.def_recipient = NULL; + opt.def_recipient_self = 0; + break; case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */ case oHomedir: break; case oNoBatch: opt.batch = 0; break; @@ -4031,14 +4032,14 @@ print_mds( const char *fname, int algo ) gcry_md_enable (md, GCRY_MD_MD5); gcry_md_enable (md, GCRY_MD_SHA1); gcry_md_enable (md, GCRY_MD_RMD160); -#ifdef USE_SHA256 - gcry_md_enable (md, DIGEST_ALGO_SHA224); - gcry_md_enable (md, GCRY_MD_SHA256); -#endif -#ifdef USE_SHA512 - gcry_md_enable (md, GCRY_MD_SHA384); - gcry_md_enable (md, GCRY_MD_SHA512); -#endif + if (!openpgp_md_test_algo (DIGEST_ALGO_SHA224)) + gcry_md_enable (md, DIGEST_ALGO_SHA224); + if (!openpgp_md_test_algo (GCRY_MD_SHA256)) + gcry_md_enable (md, GCRY_MD_SHA256); + if (!openpgp_md_test_algo (GCRY_MD_SHA384)) + gcry_md_enable (md, GCRY_MD_SHA384); + if (!openpgp_md_test_algo (GCRY_MD_SHA512)) + gcry_md_enable (md, GCRY_MD_SHA512); } while( (n=fread( buf, 1, DIM(buf), fp )) ) @@ -4054,15 +4055,14 @@ print_mds( const char *fname, int algo ) print_hashline( md, GCRY_MD_MD5, fname ); print_hashline( md, GCRY_MD_SHA1, fname ); print_hashline( md, GCRY_MD_RMD160, fname ); -#ifdef USE_SHA256 - if (!gcry_md_test_algo (DIGEST_ALGO_SHA224) + if (!gcry_md_test_algo (DIGEST_ALGO_SHA224)) print_hashline (md, DIGEST_ALGO_SHA224, fname); - print_hashline( md, GCRY_MD_SHA256, fname ); -#endif -#ifdef USE_SHA512 - print_hashline( md, GCRY_MD_SHA384, fname ); - print_hashline( md, GCRY_MD_SHA512, fname ); -#endif + if (!gcry_md_test_algo (GCRY_MD_SHA256)) + print_hashline( md, GCRY_MD_SHA256, fname ); + if (!gcry_md_test_algo (GCRY_MD_SHA384)) + print_hashline ( md, GCRY_MD_SHA384, fname ); + if (!gcry_md_test_algo (GCRY_MD_SHA512)) + print_hashline ( md, GCRY_MD_SHA512, fname ); } } else { @@ -4072,15 +4072,14 @@ print_mds( const char *fname, int algo ) print_hex( md, GCRY_MD_MD5, fname ); print_hex( md, GCRY_MD_SHA1, fname ); print_hex( md, GCRY_MD_RMD160, fname ); -#ifdef USE_SHA256 - if (!gcry_md_test_algo (DIGEST_ALGO_SHA224) + if (!gcry_md_test_algo (DIGEST_ALGO_SHA224)) print_hex (md, DIGEST_ALGO_SHA224, fname); - print_hex( md, GCRY_MD_SHA256, fname ); -#endif -#ifdef USE_SHA512 - print_hex( md, GCRY_MD_SHA384, fname ); - print_hex( md, GCRY_MD_SHA512, fname ); -#endif + if (!gcry_md_test_algo (GCRY_MD_SHA256)) + print_hex( md, GCRY_MD_SHA256, fname ); + if (!gcry_md_test_algo (GCRY_MD_SHA384)) + print_hex( md, GCRY_MD_SHA384, fname ); + if (!gcry_md_test_algo (GCRY_MD_SHA512)) + print_hex( md, GCRY_MD_SHA512, fname ); } } } diff --git a/g10/keydb.h b/g10/keydb.h index f48acd3c6..b58512068 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -190,6 +190,7 @@ int select_algo_from_prefs( PK_LIST pk_list, int preftype, int select_mdc_from_pklist (PK_LIST pk_list); /*-- skclist.c --*/ +int random_is_faked (void); void release_sk_list( SK_LIST sk_list ); int build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock, unsigned use ); diff --git a/g10/keygen.c b/g10/keygen.c index 063c775e9..32bccbb5f 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1949,11 +1949,9 @@ ask_user_id( int mode ) if( *amail ) p = stpcpy(stpcpy(stpcpy(p," <"), amail),">"); - /* append a warning if we do not have dev/random - * or it is switched into quick testmode */ - /* FIXME: see skclist.c:random_is_faked */ - /* if( quick_random_gen(-1) ) */ - /* strcpy(p, " (INSECURE!)" ); */ + /* Append a warning if the RNG is switched into fake mode. */ + if ( random_is_faked () ) + strcpy(p, " (insecure!)" ); /* print a note in case that UTF8 mapping has to be done */ for(p=uid; *p; p++ ) { diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h index a5e6e8c37..fe08a6b71 100644 --- a/g10/keyserver-internal.h +++ b/g10/keyserver-internal.h @@ -23,7 +23,7 @@ #define _KEYSERVER_INTERNAL_H_ #include <time.h> -#include "keyserver.h" +#include "../common/keyserver.h" #include "../common/iobuf.h" #include "types.h" diff --git a/g10/mainproc.c b/g10/mainproc.c index ca5ea9ade..45d9d34a5 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -508,8 +508,9 @@ proc_encrypted( CTX c, PACKET *pkt ) } else { - /* assume this is old style conventional encrypted data */ - if ( (algo = opt.def_cipher_algo)) + /* Assume this is old style conventional encrypted data. */ + algo = opt.def_cipher_algo; + if ( algo ) log_info (_("assuming %s encrypted data\n"), gcry_cipher_algo_name (algo)); else if ( gcry_cipher_test_algo (CIPHER_ALGO_IDEA) ) @@ -680,6 +681,8 @@ proc_plaintext( CTX c, PACKET *pkt ) } rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig ); + if (rc) + log_debug ("handle_plaintext failed: err=%d\n", rc); if( gpg_err_code (rc) == GPG_ERR_ENOENT && !c->sigs_only) { #warning We need to change the test for the error code diff --git a/g10/packet.h b/g10/packet.h index 54eeda1a9..2aaf3b902 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -28,32 +28,10 @@ #include "../jnlib/strlist.h" #include "cipher.h" #include "filter.h" +#include "../common/openpgpdefs.h" #define DEBUG_PARSE_PACKET 1 -typedef enum { - PKT_NONE =0, - PKT_PUBKEY_ENC =1, /* public key encrypted packet */ - PKT_SIGNATURE =2, /* secret key encrypted packet */ - PKT_SYMKEY_ENC =3, /* session key packet (OpenPGP)*/ - PKT_ONEPASS_SIG =4, /* one pass sig packet (OpenPGP)*/ - PKT_SECRET_KEY =5, /* secret key */ - PKT_PUBLIC_KEY =6, /* public key */ - PKT_SECRET_SUBKEY =7, /* secret subkey (OpenPGP) */ - PKT_COMPRESSED =8, /* compressed data packet */ - PKT_ENCRYPTED =9, /* conventional encrypted data */ - PKT_MARKER =10, /* marker packet (OpenPGP) */ - PKT_PLAINTEXT =11, /* plaintext data with filename and mode */ - PKT_RING_TRUST =12, /* keyring trust packet */ - PKT_USER_ID =13, /* user id packet */ - PKT_PUBLIC_SUBKEY =14, /* public subkey (OpenPGP) */ - PKT_OLD_COMMENT =16, /* comment packet from an OpenPGP draft */ - PKT_ATTRIBUTE =17, /* PGP's attribute packet */ - PKT_ENCRYPTED_MDC =18, /* integrity protected encrypted data */ - PKT_MDC =19, /* manipulation detection code packet */ - PKT_COMMENT =61, /* new comment packet (private) */ - PKT_GPG_CONTROL =63 /* internal control packet */ -} pkttype_t; typedef struct packet_struct PACKET; @@ -373,38 +351,6 @@ struct packet_struct { (a)->pkt.generic = NULL; \ } while(0) -typedef enum { - SIGSUBPKT_TEST_CRITICAL=-3, - SIGSUBPKT_LIST_UNHASHED=-2, - SIGSUBPKT_LIST_HASHED =-1, - SIGSUBPKT_NONE = 0, - SIGSUBPKT_SIG_CREATED = 2, /* signature creation time */ - SIGSUBPKT_SIG_EXPIRE = 3, /* signature expiration time */ - SIGSUBPKT_EXPORTABLE = 4, /* exportable */ - SIGSUBPKT_TRUST = 5, /* trust signature */ - SIGSUBPKT_REGEXP = 6, /* regular expression */ - SIGSUBPKT_REVOCABLE = 7, /* revocable */ - SIGSUBPKT_KEY_EXPIRE = 9, /* key expiration time */ - SIGSUBPKT_ARR =10, /* additional recipient request */ - SIGSUBPKT_PREF_SYM =11, /* preferred symmetric algorithms */ - SIGSUBPKT_REV_KEY =12, /* revocation key */ - SIGSUBPKT_ISSUER =16, /* issuer key ID */ - SIGSUBPKT_NOTATION =20, /* notation data */ - SIGSUBPKT_PREF_HASH =21, /* preferred hash algorithms */ - SIGSUBPKT_PREF_COMPR =22, /* preferred compression algorithms */ - SIGSUBPKT_KS_FLAGS =23, /* key server preferences */ - SIGSUBPKT_PREF_KS =24, /* preferred key server */ - SIGSUBPKT_PRIMARY_UID =25, /* primary user id */ - SIGSUBPKT_POLICY =26, /* policy URL */ - SIGSUBPKT_KEY_FLAGS =27, /* key flags */ - SIGSUBPKT_SIGNERS_UID =28, /* signer's user id */ - SIGSUBPKT_REVOC_REASON =29, /* reason for revocation */ - SIGSUBPKT_FEATURES =30, /* feature flags */ - - SIGSUBPKT_SIGNATURE =32, /* embedded signature */ - - SIGSUBPKT_FLAG_CRITICAL=128 -} sigsubpkttype_t; struct notation { diff --git a/g10/skclist.c b/g10/skclist.c index d8f3b2dc1..d9a9d5e9f 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -35,16 +35,26 @@ #include "i18n.h" #include "cipher.h" +#ifndef GCRYCTL_FAKED_RANDOM_P +#define GCRYCTL_FAKED_RANDOM_P 51 +#endif -/* There is currently no way to get the status of the quick random - generator flag from libgcrypt and it is not clear whether this - faked RNG is really a good idea. Thus for now we use this stub - function but we should consider to entirely remove this fake RNG - stuff. */ -static int +/* Return true if Libgcrypt's RNG is in faked mode. */ +int random_is_faked (void) { - return 0; + /* We use a runtime check to allow for slow migrattion of libgcrypt. + We can't use the constant becuase that one is actually an enum + value. */ + gpg_error_t err = gcry_control ( 51 /*GCRYCTL_FAKED_RANDOM_P*/, 0); + + if (!err) + return 0; + if (gpg_err_code (err) != GPG_ERR_INV_OP) + return 1; + log_info ("WARNING: libgcrypt too old.\n"); + log_info (" can't check whether we are in faked RNG mode\n"); + return 0; /* Need to return false. */ } @@ -82,7 +92,8 @@ is_insecure( PKT_secret_key *sk ) continue; /* skip attribute packets */ if ( strstr( id->name, "(insecure!)" ) || strstr( id->name, "not secure" ) - || strstr( id->name, "do not use" ) ) { + || strstr( id->name, "do not use" ) + || strstr( id->name, "(INSECURE!)" ) ) { insecure = 1; break; } diff --git a/tests/ChangeLog b/tests/ChangeLog index f12d9afbe..c7ce33dfe 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,8 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + * Makefile.am (SUBDIRS): New. + * openpgp/: New. + 2006-06-08 Marcus Brinkmann <marcus@g10code.de> * asschk.c (__func__) [__STDC_VERSION__ < 199901L && __GNUC__ >= 2]: diff --git a/tests/Makefile.am b/tests/Makefile.am index 38b64c6ea..c4f7dd457 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -29,6 +29,7 @@ # #SUBDIRS = . ${pkits} +SUBDIRS = openpgp GPGSM = ../sm/gpgsm diff --git a/tests/openpgp/ChangeLog b/tests/openpgp/ChangeLog new file mode 100644 index 000000000..fc71f260b --- /dev/null +++ b/tests/openpgp/ChangeLog @@ -0,0 +1,276 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + Copied tests from 1.4 and adjusted paths. + +2006-04-19 David Shaw <dshaw@jabberwocky.com> + + * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and + SHA-512. + +2006-04-11 Werner Koch <wk@g10code.com> + + * armor.test: New. + +2006-03-09 Werner Koch <wk@g10code.com> + + * defs.inc: Removed Basishm by proper redirection. + +2006-03-06 Werner Koch <wk@g10code.com> + + * defs.inc: Print error messages also to stderr. Allow for + verbose environment variable. + (linefeed): New. + (suspend_error, resume_error): New. + * verify.test: More tests. + * multisig.test: Better error printing. + (sig_1ls1ls_valid, sig_ls_valid): Moved to the non-valid group. + +2006-02-14 Werner Koch <wk@gnupg.org> + + * verify.test: New. + +2005-06-21 Werner Koch <wk@g10code.com> + + * conventional.test (algos): Uhh ohh, cut+paste error and not + tested. + +2005-06-02 Werner Koch <wk@g10code.com> + + * conventional.test: have_cipher_algo now requires uppercase + algorithm names. Changed. Noted by John R. Shannon. + +2004-02-09 David Shaw <dshaw@jabberwocky.com> + + * clearsig.test, sigs.test: Properly detect RSA being missing, and + use the proper key for doing an RSA test. + +2003-12-31 David Shaw <dshaw@jabberwocky.com> + + * clearsig.test, conventional-mdc.test, conventional.test, + defs.inc, encrypt-dsa.test, encrypt.test, genkey1024.test, + plain-1.asc, plain-1-pgp.asc, plain-2.asc, plain-3.asc, + pubring.asc, secring.asc, sigs.test: Rework tests to work properly + with a gpg binary that doesn't have all ciphers and all pk algos. + Basically, we test for the ciphers we have, only test signing with + non-160-bit hashes with RSA (we test all hashes as hashes). Test + all key lengths of AES. + +2003-12-05 David Shaw <dshaw@jabberwocky.com> + + * Makefile.am: Reenable tests now that the Elgamal signature keys + are gone. + + * defs.inc, pubring.asc, secring.asc, plain-1.asc, plain-2.asc, + plain-3.asc: Remove the old v3 Elgamal keys and replace with + RSA+Elgamal and RSA s+e. + +2003-12-03 David Shaw <dshaw@jabberwocky.com> + + * options: Remove emulate-md-encode-bug. + +2003-11-27 Werner Koch <wk@gnupg.org> + + * Makefile.am (TESTS): Temporary remove tests using ElG signatures. + +2003-09-04 David Shaw <dshaw@jabberwocky.com> + + * mds.test, sigs.test: Remove TIGER/192 and make SHA-256 optional + (since it might not be compiled in). + +2003-07-10 David Shaw <dshaw@jabberwocky.com> + + * Makefile.am: Add --no-permission-warning to avoid spurious + warning when importing demo keys. + +2003-05-27 Werner Koch <wk@gnupg.org> + + * Makefile.am (CLEANFILES): Add gpg.conf + +2003-05-26 David Shaw <dshaw@jabberwocky.com> + + * defs.inc (pgmname): Make sure there is a valid options + file. (From wk on stable branch) + + * mds.test: Note that missing algorithms are not errors. + +2003-04-23 David Shaw <dshaw@jabberwocky.com> + + * Makefile.am, options.in: Rename options.in to options since it + no longer needs to be a generated file. + + * sigs.test: TODO note to add the new SHAs when we start + generating them. + + * mds.test: Test the new SHAs. + +2002-05-10 Werner Koch <wk@gnupg.org> + + * Makefile.am: Add gpg_dearmor to all targets where it is used. + Noted by Andreas Haumer. + +2002-04-19 Werner Koch <wk@gnupg.org> + + * signencrypt-dsa.test, sigs-dsa.test: Don't check with MD5 as + this is not valid with DSA signatures. + +2001-12-22 Werner Koch <wk@gnupg.org> + + * options.in: Add no-permission-warning. + +2001-12-21 Werner Koch <wk@gnupg.org> + + * Makefile.am (distclean-local): prefix mkdemodirs with srcdir + (DISTCLEANFILES): Add random_seed. + +2001-12-19 Werner Koch <wk@gnupg.org> + + * options.in: Remove load-extension tiger + * Makefile.am (./options): append it if there is such a module. + +2001-10-23 Werner Koch <wk@gnupg.org> + + * defs.inc, Makefile.am: Do not use $srcdir when invoking gpg. + Write the logfile to the current directory. + +2001-09-28 Werner Koch <wk@gnupg.org> + + * defs.inc: Write a log file for each test. + * run-gpg, run-gpgm, run-gpg.patterns: Removed. Replaced in all + tests by a simple macro from defs.inc. + * Makefile.am (CLEANFILES): Remove log files. + (./gpg_dearmor): create it and use it instead of the macro. + This is needed in multisig.test due to IFS tricks. + + * armsignencrypt.test, signencrypt-dsa.test, signencrypt.test, + armencryptp.test, armencrypt.test, encryptp.test, seat.test, + encrypt-dsa.test, encrypt.test: Use --always-trust because the + test are not designed to check the validity. + +2001-09-06 Werner Koch <wk@gnupg.org> + + * genkey1024.test: Simplified by using a parameter file. + +2001-05-30 Werner Koch <wk@gnupg.org> + + * multisig.test (IFS): Reset IFS just before the test. + +2001-04-30 Werner Koch <wk@gnupg.org> + + * multisig.test: Add an set +x to avoid ksh problems + +2001-04-28 Werner Koch <wk@gnupg.org> + + * run-gpg.patterns: a v3 test key expired yesterday, suppress the + messages. + +2001-03-27 Werner Koch <wk@gnupg.org> + + * defs.inc: Removed creation of options file. + * options.in: New. + * Makefile.am: Create options file and fixed import of pubdemo.asc. + + * run-gpg.patterns (gpg): Add some more patterns. + +2001-03-20 Werner Koch <wk@gnupg.org> + + * Makefile.am: Import the pubdemo.asc file + + * sigs.test (hash_algo_list): s/tiger/tiger192/ + +2001-03-19 Werner Koch <wk@gnupg.org> + + * mkdemodirs (GPGDEMO): Add --allow-secret-key-import to all gpg + invocations. Use echon -n instead of an argument with \c. + +2001-02-12 Werner Koch <wk@gnupg.org> + + * multisig.test: new + * Makefile.am (TESTS): Added. + +2000-10-18 Werner Koch <wk@gnupg.org> + + * conventional-mdc.test: Add Rijndael and fix for empty plain texts. + +Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de> + + * mkdemodirs: Fixed the --clean loop. + +Thu Jan 13 19:31:58 CET 2000 Werner Koch <wk@gnupg.de> + + * defs.inc (chdir): Removed becuase it is unsused an plain old sh + does not like this name. Reported by Alec Habig. + +Tue Oct 26 20:02:23 1999 Werner Koch (wk@gnupg.org) + + * Makefile.am (GPG_DEARMOR): New and use --no-options. + +Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> + + * defs.inc: set LC_ALL empty + +Wed Aug 4 10:34:18 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> + + * defs.inc (echo_n): New and used instead of /bin/echo "\c" + +Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> + + * mkdemodirs: New + * signdemokey: New. + * Makefile.am (distclean-local): New. + +Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de> + + * mds.test: replaced the "echo -n" + +Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de> + + * pubdemo.asc, secdemo.asc: New. + +Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de> + + * genkey1024.test: Be really quiet. + +1999-01-01 Geoff Keating <geoffk@ozemail.com.au> + + * Makefile.am (CLEANFILES): Also delete trustdb and any leftover + lockfiles. + +Fri Nov 27 15:30:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de> + + * clearsig.test: Some more test cases. + +Sun Oct 25 18:19:35 1998 Werner Koch (wk@isil.d.shuttle.de) + + * mds.test: Check whether TIGER is available. + * sigs.tesr: Ditto. + +Wed Sep 23 12:25:07 1998 Werner Koch (wk@isil.d.shuttle.de) + + * run-gpg.patterns: New (because Solaris fgrep does not like -f -). + +Mon Aug 10 21:33:38 1998 Werner Koch (wk@(none)) + + * genkey1024.test: Ariel fixed this. + +Wed Jul 8 10:43:47 1998 Werner Koch (wk@isil.d.shuttle.de) + + * seat.test: New. + +Mon May 18 15:40:02 1998 Werner Koch (wk@isil.d.shuttle.de) + + * Makefile.am: Now uses mk-tdata to produce random test data. + + * ChangeLog: New. + + + Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + + diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am new file mode 100644 index 000000000..64775a034 --- /dev/null +++ b/tests/openpgp/Makefile.am @@ -0,0 +1,107 @@ +# Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc. +# +# This file is part of GnuPG. +# +# GnuPG is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# GnuPG is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + +# Process this file with automake to create Makefile.in + +GPG_IMPORT = ../../g10/gpg2 --homedir . \ + --quiet --yes --no-permission-warning --import + +TESTS = version.test mds.test \ + decrypt.test decrypt-dsa.test \ + sigs.test sigs-dsa.test \ + encrypt.test encrypt-dsa.test \ + seat.test clearsig.test encryptp.test detach.test \ + armsigs.test armencrypt.test armencryptp.test \ + signencrypt.test signencrypt-dsa.test \ + armsignencrypt.test armdetach.test \ + armdetachm.test detachm.test genkey1024.test \ + conventional.test conventional-mdc.test \ + multisig.test verify.test armor.test + + +TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \ + plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \ + pubring.pkr.asc secring.skr.asc secdemo.asc pubdemo.asc \ + gpg.conf.tmpl + +DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large + +EXTRA_DIST = defs.inc $(TESTS) $(TEST_FILES) \ + mkdemodirs signdemokey +CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \ + plain-1 plain-2 plain-3 trustdb.gpg *.lock .\#lk* \ + *.test.log gpg_dearmor gpg.conf \ + pubring.gpg secring.gpg pubring.pkr secring.skr +DISTCLEANFILES = pubring.gpg~ random_seed + + +all-local: prepared.stamp + +distclean-local: + $(srcdir)/mkdemodirs --clean + +prepared.stamp: ./pubring.gpg ./secring.gpg ./plain-1 ./plain-2 ./plain-3 \ + ./pubring.pkr ./secring.skr ./gpg_dearmor $(DATA_FILES) + $(GPG_IMPORT) $(srcdir)/pubdemo.asc + echo timestamp >./prepared.stamp + +./gpg_dearmor: + echo '#!/bin/sh' >./gpg_dearmor + echo "../../g10/gpg2 --no-options --no-greeting \ + --no-secmem-warning --batch --dearmor" >>./gpg_dearmor + chmod 755 ./gpg_dearmor + +./pubring.gpg: $(srcdir)/pubring.asc $(srcdir)/pubdemo.asc ./gpg_dearmor + ./gpg_dearmor > ./pubring.gpg < $(srcdir)/pubring.asc + +./secring.gpg: $(srcdir)/secring.asc ./gpg_dearmor + ./gpg_dearmor > ./secring.gpg < $(srcdir)/secring.asc + +./pubring.pkr: $(srcdir)/pubring.pkr.asc ./gpg_dearmor + ./gpg_dearmor > ./pubring.pkr < $(srcdir)/pubring.pkr.asc + +./secring.skr: $(srcdir)/secring.skr.asc ./gpg_dearmor + ./gpg_dearmor > ./secring.skr < $(srcdir)/secring.skr.asc + +./plain-1: $(srcdir)/plain-1o.asc ./gpg_dearmor + ./gpg_dearmor > ./plain-1 < $(srcdir)/plain-1o.asc + +./plain-2: $(srcdir)/plain-2o.asc ./gpg_dearmor + ./gpg_dearmor > ./plain-2 < $(srcdir)/plain-2o.asc + +./plain-3: $(srcdir)/plain-3o.asc ./gpg_dearmor + ./gpg_dearmor > ./plain-3 < $(srcdir)/plain-3o.asc + + +data-500: + ../../tools/mk-tdata 500 >data-500 +data-9000: + ../../tools/mk-tdata 9000 >data-9000 +data-32000: + ../../tools/mk-tdata 32000 >data-32000 +data-80000: + ../../tools/mk-tdata 80000 >data-80000 +plain-large: + cat $(srcdir)/../../doc/HACKING \ + $(srcdir)/../../doc/DETAILS \ + $(srcdir)/../../doc/FAQ >plain-large + +# To speed up key generation we create a dummy random seed file +random_seed: + ../../tools/mk-tdata 600 + diff --git a/tests/openpgp/armdetach.test b/tests/openpgp/armdetach.test new file mode 100755 index 000000000..c445d6ce6 --- /dev/null +++ b/tests/openpgp/armdetach.test @@ -0,0 +1,11 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + + +#info Checking armored detached signatures +for i in $plain_files $data_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 -sab -o x --yes $i + $GPG -o /dev/null --yes x <$i || error "$i: bad signature" +done + diff --git a/tests/openpgp/armdetachm.test b/tests/openpgp/armdetachm.test new file mode 100755 index 000000000..f1958424c --- /dev/null +++ b/tests/openpgp/armdetachm.test @@ -0,0 +1,9 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking armored detached signatures of multiple files +i="$plain_files $data_files" +echo "$usrpass1" | $GPG --passphrase-fd 0 -sab -o x --yes $i +cat $i | $GPG -o /dev/null --yes x || error "$i: bad signature" + diff --git a/tests/openpgp/armencrypt.test b/tests/openpgp/armencrypt.test new file mode 100755 index 000000000..356d1bda7 --- /dev/null +++ b/tests/openpgp/armencrypt.test @@ -0,0 +1,11 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking armored encryption +for i in $plain_files $data_files ; do + $GPG --always-trust -ea -o x --yes -r "$usrname2" $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/armencryptp.test b/tests/openpgp/armencryptp.test new file mode 100755 index 000000000..d18c56b7e --- /dev/null +++ b/tests/openpgp/armencryptp.test @@ -0,0 +1,12 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking armored encryption with a pipe +for i in $plain_files $data_files ; do + $GPG --always-trust -ea --yes -r "$usrname2" < $i | tee x | $GPG -o y --yes + cmp $i y || error "$i: mismatch" + $GPG --yes < x > y + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/armor.test b/tests/openpgp/armor.test new file mode 100755 index 000000000..2efcf3260 --- /dev/null +++ b/tests/openpgp/armor.test @@ -0,0 +1,181 @@ +#!/bin/sh +# Regression tests pertaining to the armoring. + +. $srcdir/defs.inc || exit 3 + +armored_key_8192='-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: SKS 1.0.9 + +mQGiBDnKLQkRBACVlYh6HivoRjHzGedNpnYPISxImK3eFgt+qs/DD9rqhBOSUTYvmKfa1u7M +W4XDc23YEoq3MyhtC35IL2RH6rmeIPz7ZVK5rUKWMqzf94n58gIkgdDZgCcaDWImtZFSjji4 +TGhepaIz75iIbymvtnjr9d++fH/lFkz0HDjbOkXCfwCg9GeOjiWw1yBK8cO11acAjk+QpW8D +/i8ftC1hV0iuh9mswYeG05pBbeeaOW4I2Ps4IcecpXhSyPaP1YiXKRqg9GX2brNgXwc3MEiq +Wn4UU407RzjrUNF4/d20Q7N2g2MDUDzBtmMytfT2LLKlj53Cq+p510yXESA7UHjiOpRrHPN9 +R69wHmHPsLPkdkB/jRTSM1gzQNtXA/96bRpfGMtCssfB449gBA/kYF14iXUM5KTF6YPSFhCC +xPGNMoP1uxTk0NHvcYZe4zW2O6b/f9x5Lh15RI1ozWXakX6u3xEV3OqsvVTtXupe4MljHQlX +YwMDI3MUzFtnHR+He1Bw5lkBVWtkV7rX2kX749J1EgADwlNEP1KFRdjqi7QhU3VzdW11IE9T +QVdBIDxzdXN1bXVvQGRlYmlhbi5vcmc+iEYEEBECAAYFAjvNYPUACgkQU+WZW1FVMwrlTACf +RigokAWd1OqYtcOt3v829fhNqYEAnR9uUslZr6B6RaW0z8/BZZuhGuLViEYEEBECAAYFAjzG +evgACgkQfGUzr9MtPXGWyACg066aP5SSkBHWqqYGGLZv9sVRMNIAoIEHBI1gq4rPJatYDdau +Ni6DUTkGiEYEEBECAAYFAjzGfBAACgkQ9D5yZjzIjAlTqACeJmtp9kpfljkARhfa3QTc2Q56 +WKkAoJmUchp+fAceVeFncpFeo6leM1YhiEYEEBECAAYFAjzGftIACgkQ2QCnNZ2xmQQCegCg +rdTsTWzaZk6gF+mtvIDwKsUx8gwAnRUbdDfOP0qL+83Bbz2r/IzPxjCEiEYEEBECAAYFAj2T +Rd0ACgkQFwU5DuZsm7BfXQCeNVG09VZ2VnuuWTRbgoANXGIyRb0AoI/giUU4DcIpAPbcoNV7 +PzCIreyviEYEExECAAYFAj2508wACgkQ0pu//EQuY8KiUwCdHijK7Wkim2FUPU6i6KxwRH/k +kFwAn1sOAWVOrLfRBfrNNQBANpbr5ufniEYEExECAAYFAj27vpsACgkQKb5dImj9VJ9m2wCc +DeL9IkWpytXLPFhKCH9U9XhzPA4AnRjiY3y6AdNhbUgG/eS8Dumch0dniEYEExECAAYFAj5q +MCcACgkQO/YJxouvzb2O5QCghtxYfrIcbfTcBwvz9vG1sBHkQSkAnj3PMjN9dk1x1e4rUD9d +S00JOoI0iFYEExECABYFAjnKLQkECwoEAwMVAwIDFgIBAheAAAoJEN7sjAneQVsOUfcAoNgN +xaeqMn5EWO2MkwVvVrLjWI2FAKDLnp19rJsU69OK7qHqfMeGWFXsQYheBBMRAgAWBQI5yi0J +BAsKBAMDFQMCAxYCAQIXgAASCRDe7IwJ3kFbDgdlR1BHAAEBUfcAoNgNxaeqMn5EWO2MkwVv +VrLjWI2FAKDLnp19rJsU69OK7qHqfMeGWFXsQYiVAwUQOcrkWi2pLp/VI9wNAQE5mAP/WW9g +shqGqWN/rWevpVKlzwqGSqMUq6E2K34dHrFdqd/WnY8ng5zAd66Ey3OLS5x9/+KI6W9MU5OI +WmxOfrp7PxwqLrQH/BruPTHe9mZbkSyjWIS/V+W8/lYtzIUYTd0584+1x7cK6jah3mAdFu5t +8fr1k3NyVXFH66dLrLF0bBu0JFN1c3VtdSBPU0FXQSA8c3VzdW11LW9AZGViaWFuLm9yLmpw +PohGBBARAgAGBQI7zWD4AAoJEFPlmVtRVTMKpEEAn0Oxl1tcdFf6LxiG2URD7kmHNm+iAJ9l +uLXjsYvo0OXlG1HlaFkFduhgp4hGBBARAgAGBQI8xnr7AAoJEHxlM6/TLT1xZlEAnjSeGhDQ +mbidMrjv4nOaWWDePjN7AKDXoHEhZbpUIJLJBgS4jZfuGtT3VYhGBBARAgAGBQI8xnwTAAoJ +EPQ+cmY8yIwJTjEAnAllI6IPXWJlHjtwqlHHwprrZG4eAJwMTl5Rbqu1lf+Lmz3N8QBrcTjn +zYhGBBARAgAGBQI8xn7VAAoJENkApzWdsZkE6M4AoIpVj26AQLU6dtiJuLNMio8jKx/AAJ9n +8VzpA4GFEL3Rg2eqNvuQC0bJp4hGBBARAgAGBQI9k0XgAAoJEBcFOQ7mbJuwsaUAnRIT1q2W +kEgui423U/TVWLvSp2/aAKDG6xkJ+tdAmBnO5CcQcNswRmK4NIhGBBMRAgAGBQI9u76dAAoJ +ECm+XSJo/VSfDJQAn0pZLQJhXUWzasjG2s2L8egRvvkmAJ4yTxKBoZbvtruTf//8HwNLRs9W +v4hGBBMRAgAGBQI+ajAuAAoJEDv2CcaLr829bTYAoJzZa95z3Ty/rVS8Q5viOnicJwtOAKCG +RKoaw3UZfpm6RLHZ4aHlYxCA0YhXBBMRAgAXBQI6aHxFBQsHCgMEAxUDAgMWAgECF4AACgkQ +3uyMCd5BWw4I+ACfQhdkd2tu9qqWuWW7O1GsLpb359oAoLleotCCH4La5L5ZE/cPIde9+p8o +iF8EExECABcFAjpofEUFCwcKAwQDFQMCAxYCAQIXgAASCRDe7IwJ3kFbDgdlR1BHAAEBCPgA +n0IXZHdrbvaqlrlluztRrC6W9+faAKC5XqLQgh+C2uS+WRP3DyHXvfqfKLQlU3VzdW11IE9T +QVdBIDxzdXN1bXUtb0Bnb2ZvcndhcmQub3JnPohGBBARAgAGBQI7zWD4AAoJEFPlmVtRVTMK +aY0An0oI4Fwko9YsVWS+0M3/Tpc8FB2eAJ4oALojFgFkOWYT97dh8rTQW8BhyohGBBARAgAG +BQI8xnr7AAoJEHxlM6/TLT1xsXcAoJV/9zoudxvWy+LwktkGyCB7aTx4AJ0Z8GWmx2/C4W2M +tSyaUscY3X19uYhGBBARAgAGBQI8xnwTAAoJEPQ+cmY8yIwJpxQAn3efnPpctMJFDQomRDbo +7Q8rg6r4AKCq7LZmOaXvyrBF/JcYjOCLtYMPIIhGBBARAgAGBQI8xn7VAAoJENkApzWdsZkE +iB0AnRQs0XjhpGOpR1lyEOuZkm2xxHPzAJ9Is3sG9UMOr+YS5V1GXXiFM29S3YhGBBARAgAG +BQI9k0XgAAoJEBcFOQ7mbJuwjiAAn2wcQP9HreVLCSQruB1wnX/s79ZcAKCRcecLF+wiRo59 +JJvwtnxp2W24EYhGBBMRAgAGBQI9u76dAAoJECm+XSJo/VSftKUAoJQ/cYKqkyOLSOelU8eM +plFiFJlPAJwK7B0HrN+tDmR7r8Hc0GrRrbAuvYhGBBMRAgAGBQI+ajAuAAoJEDv2CcaLr829 +PX0An2kfEs+3iR5qV35EQlCdL5ITZCSNAKCf8HErpT620TUhU6hI7vW5R3LNgohXBBMRAgAX +BQI6aHxeBQsHCgMEAxUDAgMWAgECF4AACgkQ3uyMCd5BWw5HzwCdF8w3WjnwTvktko3ZB7IM +mFLKvSQAn3GbioDBdV+j6xuhSI90osLMu1jgiF8EExECABcFAjpofF4FCwcKAwQDFQMCAxYC +AQIXgAASCRDe7IwJ3kFbDgdlR1BHAAEBR88AnRfMN1o58E75LZKN2QeyDJhSyr0kAJ9xm4qA +wXVfo+sboUiPdKLCzLtY4IkBIgQQAQIADAUCQpGGggUDABJ1AAAKCRCXELibyletfJEKCACw +Yf5qY4J3RtHnC56HmGiW4GXaahJpBQ1JcWmfx7CkTqJPQveg+KQ4pfLuJvZ8v4YqPZCxPOeK +/ZhIO48UB4obcD8BZdSkRA4QBamRp8iqcgrCot/LA5xQu9tivIhUJP/1dT6PmDy4DAV3Flgt +HgED5niVESDPfz3Gjff5iWWIs6dM3bycxoTcFWLz++578aOasoq9T8Tfua9H8UrouVz3+6TK +xG0rGeb2jOQOQcbLCn3soU/Z60H3SvJYHzgxlS5bqIybrjo3sAnuus/kisrmNjeFfQBdl9v+ +GnK65D1tmBa1+6a95uHb+OG4eHzIXmvnDI4A1RhRKiZ/kpVsT7RViQEiBBABAgAMBQJCo1H8 +BQMAEnUAAAoJEJcQuJvKV618bJgIAMb9Xiv8ps3quJ9ByHhbIQtBOymH0fFiodsutPrcR2Af +1lc/eh3Ik20Z9Ba3g5V6eUW+3sjpDsjKtI1CXuRq0Zgmze3hrUTMRmyrLoaHPocrqfj2G9mW +y2OomLHMDurcJFQkSUJioI4Kxo+1NBZmylPKUEeIEoP8UBJbKxf78dVh00ZUecwZcn9lLiZA +TycRQ0WTT1Yv1fI+tBmvSrpMSe+0k+JS+QigvINN5vUxaV1cN6mkREPYVm7oHzPCQ2C9NX1q +cI/Wkc38ieZw1Sv9vyPCCL6MYd/2t1209a/ZKADaw5l+mhyWUqIT6SXPLxMDy0NvPhTKdDr1 +7S5LOcKhwPqJASIEEAECAAwFAkK2pukFAwASdQAACgkQlxC4m8pXrXxvUQgAlfw6doD0JHtY +iN9uCp2M1orLKS/zm66e9eiYPJwbim96KiwP98Ti5J+QO5hZdT3dhW2Avw5JPFiQukSc/rjT +1YHRyuhZfXKhQhsjom5JmyFSdeIzjnz0PIM2qZaK4OfFihleQfQ8Y94wkPwYtkEXxpBQSClg +Xk6QJEql34sQexIDM7VsREwv/eIQ73RMquat4RZP1L3h4nj1UJu/X7ey3HVVo61gH0RIAR+A +adv59AAp//TkKUNIRCHOsIpFCXHjJsJxRvJKhiz3T6FhqFEQNF2tDJKHFV1FcLAIEZheuGOV +fKNXgmvVATPHrJsg5HsZACg/aRFq9NL9FYskFyGcB4kBIgQQAQIADAUCQrdR0QUDABJ1AAAK +CRCXELibyletfMNMB/49u9oQzbmTtmHaoKuvou7OA6zmrfeu5X9vV1efZgItF78J7G19fVt8 +K3e6kn0KGYVL+FTbPdEbvrYTb+jfMkzrHooxQYSr0j8Baqfh2bMuZzuw2pVtgBUTYHoihNjQ +lv6GPtF7Y3CVWLUYXZ25yqY3Hzh9YneoH8bUVFZWxRFitqGB+noFpvm0YXrCJZ19BDNTQlx7 +5quAl4KTNOAxapsKaBrz/4PrnNbuwZBkzP5EEuEyjTM+6UBhxibXfdWKnZw6ky7k6tuUsc68 +qfQJBK6KBmVLflZ5nrd2N90Ueb0m3xfzdncBAZb43THGhi6XyZ4jvbMjvjm3MCGuUosYYbT6 +iQEiBBABAgAMBQJCyQLdBQMAEnUAAAoJEJcQuJvKV618Jz0IAKstm2VX39p4Lt4k55ZdOqXG +CqHCFT5YYOVcnptx8dKTpHWQXpI2lUJBAcWz0IAXXFhyUbGpvS1E9T/pYF97RSSsQyTncQll +mLbzy3fESVkGT9xpEvF7ZaK+61BKuWFpbKRdpy5wWakk0GRyF0156vxm7vQh4XI91TwXj7DA +v6KYWdjnHcEB8O9jLw6RlD4Y6dKjb/v7vTY6dGmYYyOQVK+Bmr/8vVcNDf+tevExsytTu4FZ +tL9yp+yHODfHP5LZk3mC7UGR/mUKFDYhuEzzIU5ozc6qUfC5ViGt2Hjg45i2T79WeSV0UHSE +8c3JOgE3e7A71bQEUJygPC9S+RTuc8aJASIEEAECAAwFAkLMT3oFAwASdQAACgkQlxC4m8pX +rXwoBgf+MEjA/hx7UMl6LHwheZ9qzH/4P1d4CU46SzoC/XEPqWGs9sJw0dKxEAnRZgrG1WMP +Ml127bOHby5WWDa/xGi0siYM64F386SG0W42FD67vPK9mMPnCDIQ4xn5gGoqUUl8ZzFG0eNv +XRg0bmMVmoZFvaUyf0uah/0dYCYplgAjJtmC3cmNuJ98PoYEVHMKKGtPW4fVf+TcN90HVjXU +kr0GnAvRegb3ZXnte3GrOe3jOfXjfjZMyEM6a16FFuKHmykgfyX/I4tS9GqoxPZ6s0KARKn0 +YLZUuxxFL7i1VaGJR/9duyUc8T0BLc9O4TxNuvd1vd5UKVVmTL04fe0q1Bfu4okBIgQQAQIA +DAUCQtGX8QUDABJ1AAAKCRCXELibyletfNEoCACtKtfWhAfkxLqPihQMbvwXTuSszG61XNYb +a41gTOpjADF2jQAQ2y8oilVyr5RgSvug8knik3EitSpBOOg0o5Y9NHF3e+85r27m8T5cP3g5 +GHAeugRFDqMXXioiAw9WoyvG9ruMY4caD3gAuogM4hB/3EMEHSlMylMrXLUtbGkQKqkLVJQn +7V/3SVG8zfUyGb0lSFaGtHFa6LaIIuvJwkQYGMT/SiK7ISqPKOPD7kKRWhxjgcfzVthqGORn +uQGi+316fdA+JzEYOI/gGdcZsbN/KrMSNQ0DOdSRIeiATy9M0fd+8QtUPOCtaDKLYISSrm72 +xgnKbussJRxAPjxo66dPiQEiBBABAgAMBQJC42DIBQMAEnUAAAoJEJcQuJvKV6181SUIAL/P +gZhrwepyFUhr+nlYvxeflrxgR9Yl1aNtTngcOYlFU273cs3XnkczIpkg4fVikY5s56Y42G8F +NvqRu0M0eL5kJvYi50NNMQnf39GkZZp2LrL9bZ9n7ysWU5tiOJsxCBnaOiAg/p6vCUVN3NV+ +t8vRP1fHwPsd5tYEBqA/g4g1U0xJAG+JqJftSDRDLxfTZ16hBdHzlQ3opqMMmW5Mv005p4o+ +buh4HzQLmBHDE98BeZ7CpjYeXY23bu8oi0tvkcTjCEeBWrXWfA3pKSX5HH63nmG3ryKuP0tr +1A2gTgs9JtLXnGFJUdVYULiQbU781wR6+9o/0h6NuCJDPmJMNmmJASIEEAECAAwFAkLmBFIF +AwASdQAACgkQlxC4m8pXrXxYZwf/ah4IaTK3CbtqF1+4uz7VVRKemSaNg3jMKLey2simqAQs +1JwqkLuwEgrwF7XiejfLAvX0/yFqJZkdtDFqeK0VrwOq3WIpfj7+g5B9YSW0CkasD0HUci/l +oXQiT9CN7PAe1vM5X4X3cqlXfC9tmU7fH7kc0kULxYHAfn96nZQklZS9aVecJ0H+pqMlPoDt +xtxweNa7UJWAanO9kbPZ/xEdSlkuqzk1CK6ThURedc2lCE+qobPpUZri1FEvMBjyXoQ9MyD6 +AFWfax9eNn1ZSRq9t2WpPyFSQmCvyGETHyvM2BBiFR6UAQUKdr+d4ZE09cR0wXpEtoqaNeJ8 +AidTEGkuLYkBIgQQAQIADAUCQuydlwUDABJ1AAAKCRCXELibyletfLsbB/0X/Jafv+v43U26 +W3HD5XdmHaNdxm7uthGzGGzATGcTAUd3/t8fyVFk2XgmUYxtz0wHUdM8GiyK0tpKBu6wqcbO +nGkBlvC1m6Blxy+PvpJxQ2sK4ycN8ToEEn/7HCCJesS2fvDudXkvdvskXkxZprPWe7JTHNxj +fvESUAbLLmSpNGflZnMAOfuQP0hFBQr4D5FEA+zMf7FtrwkBanXt6W65xxEIJ/239ctCsRe8 +jIQ4LesYQN7hyX6x9bP9h3tEw6+OtvjYbMH+2B/3muNVac/9bYqi9rnuGew9eAjmdmm0u8T5 +7Iboy5mUDH2wjpRo6MGU1cHe4oZscW0f9TPE+6XbiQEiBBABAgAMBQJC7UXaBQMAEnUAAAoJ +EJcQuJvKV618zbcH/RlUtrZSBcUafmhY29s9BYycwWx/UoeJRIJmi852TguSGsoPuAYEGeaW +WxCdSru2ibn7GPBXowM5u+4MqYqaRB695sg/Ajxho2Djys3lV0TPeSIbyZ7cXbjoSDnSVw/N +eWGKJLwbFVZPjjC7mcGIMhE1NGGxyRO5H1Z6GA8dEP3zR0rIivklN8KEngfyLRVvB5WYPBs+ +buaNF5HflsBXl2bOP5ueThcal1PSE4HNoQXz79t0Cw7kpsWy3FyFUVVRHPyvwVpJSdYjz8Ur +L4cD3Dj9SOPwa4AvM7WX+JXbPEIFxi+NA4R0TVxIZXJ/HX8AZj87RFxGYlTfP3GFFw+52QaJ +ASIEEAECAAwFAkMHCEAFAwASdQAACgkQlxC4m8pXrXxGXQgAwFY5RYFHKcYkL9nDfblQDjXW +Ictj1rlP2yPsy8dKX579ejhdd8o0TGJf8AzYRaDEpffPf/ZvyfRltqKd979GzdAE3smkrGeD +kPuUY2rEF6Eon549Tn7omGYNueDuO27QQ4zIs0k9h4m+pE6PxPTgC5BsEVF8Hrz647/XSTf2 +G0Wo11y/KBWGJ9BYvZ1YSxwmk5zicGF4sYNktO1Yl6CGS1ugP9zitCuwSiUm+gJrMCZ3am/D ++Of+80Ui7e/V9yOOeyC7/gqQq4okPZbdVzJ3hiG2Y3eip19ewHYlYSiLoBW3rr3M3mKBTcbx ++nLfVOTUHp8HdqxIyI782SaZlpg0mYkBIgQQAQIADAUCQwhbTQUDABJ1AAAKCRCXELibylet +fD7WB/9ydWuVT1DeeL3UBqqeRRN+mt5DChdFeCjJhWcAjds8R6Z8Q9c+kpKEk+MeSevKaOAf +iiM2JBtruIxt1sfh/vVEFgjHP/M0sF1il6TwZEKqVn5c3ikMYCMXy75xheslCJoX7fi4jZut +TO8+JqjVN+z+SYzeRrvQFcjJoIOLRnshh2XgUiXVf/xo/My+fM9rKnMHxF/75PaFVVz8cXz1 +X3jsuUOVLxnUZHsOaP9r1h3bq8uHJxkxPElVPbCuKLdCWrNOHHX6/+TAH9xohUvrBm6HXqbv +O/aVGqf+Bip6oWSB6rSIe9+0GmXLRe4Ph3ekBvyGUJM/nFhN4hQHX69xZS7yiQEiBBABAgAM +BQJDEOyRBQMAEnUAAAoJEJcQuJvKV618IlwIAIPbWp20TBCnU0D3kE6JFqRaVKqNAFaJbmRn +48qxX10NmHnBAluU1iJiUsVL2kOpvf2eyFUsX+sQfVJPzmWkUU2gED/+WZNkcmxPZ72FtJCs +hW30BcJnLjcRo8wv/6nhdEZ2JYNiBIFHxNQ6iiB7BzVpYsMp1l5tI6mIhbxYxMNETTMrb+hK +NNAhxjrqiWxPNlrzw6TaKnBOE0Au/Asjz9n37hsPV5Q9xY3zXbff3yDirVkBC4l0Vc+U6drX +XiFBjQj77yt6AjTYUzBZY7UuGQ0W6o/6QF3KfiC3WAoFJL7SLujIaALkALs+lFzsu3CA9KoB +X8Ca4hA7kzOP1H76VZKJASIEEAECAAwFAkMSPXoFAwASdQAACgkQlxC4m8pXrXx3cQf9GBPO +XIrdbvUWIKTofiwftiy6j3MhKOszHkzR9quCu6aLu/aVvIA/avTZHjfj0EvYaQaSNMWplMiX +i2UhkPHe4cgJYkbjmXEz16GtXYPZXGP1FubQ/RwQ7yQKaVtXSCgz+ZdR5tKhU5kruxAsVjly +KcQvST95wlqxLuvXzSCjPdWj4qBvkuEt6QADx8EYCafraIiHPRkKtAAiK0sXJSkLevXn3zAN +6X6ngvZZiNQFvfWLFV8Rodz1vI4S6Af2MTSlVV9Vw0voJGprcsNDlB8k5B/Kl9LigeKdkFa8 +JVfwOQppAtU+Nq3pHjquEafZrPVF9HWY0G0Szh5tOFEpVMF6g4kBIgQQAQIADAUCQxQ7iwUD +ABJ1AAAKCRCXELibyletfBVfB/9ydVsiBrNWLt0RwbAdMvHRceHz1twh+YeSnpr9Equ7aDMG +qou4ppl/nTbnZIizdWn3dnRKt+vKY/puuPIT9kEVF7DlfBOcWBdLBvJz34eBt29BCFgvsfOS +fwESMNKgquZmrraGpEvj4cSTOmW3DJPevB+6ajsN87BC5Qp2MjDGVkwT/Nj6R60pz/vmeSwl +0BmzgthrBd+NfHSA116HEAF1V21/2UhA1hbkPKe40jWp6HK+GcXDC3+PucTJeS8nX4LLQnWZ +JCr1QUbkaW6jHCw7i/pgCLfqBBdIh7xJE7d+6mut1AKtq2qUSpEM4qTvrR89DLz3OtNiMnr9 +hq7s5SyduQINBDnKLe0QCACUXlS4TkpEZZP06rJ2IVWZ2v7ZSPkLXjDRcC8h6ESQeZdBOSbd +dciiWYiHtGq2kyx+eoltwooP7EgJ9m35wn0FGV+5hpKbhSwz2Up9oYsSbexjx/hlopUYGCL4 +kgezCUWQsKypsitJChjV8MHgePDQcF3ho+qK+0ZJeevbYKSZ9bLyzt/i3/b3Jnt0f8tsFP3P +djel4N76DyQiTyuoOxzZJUJDKx1zr745PUMGcur79oAxuahUfPcRpuwcHFOB0yO7SwEY8fe2 +68U5/AZrGwX+UAZhN7y2MMkU/xK/4BIDY5/W4NY3EX2APAYMRanI+mFW3idui8EEzpzKZ1K1 +8RODAAMFCACOAfgCjg7cgjZe58k0lAV0SANrJbMqgAT1M7v4f5mOf5e3B4si9z8Mk1hx5cRX +I3dDz/W4LPh8eONmMPjov42NOz8z84PksQBbnjlfZ5UCotPS2fZ2actJPhYCho+a4iXwRm8B +aXQ3DFa1CsWdXvkGsNIouuSkGoGh6+sEgAdP6JXanM9YGTQINy9Xsg9YOj1UWInSwRqUmJnj +aNQhxJfj8j5W0uXixzkbKB+Is92mfo8Km3TAi9u0Ge/Acb5Cz0c5sqs+oWqcouaTS3o8/1n6 +CZVmvcHyGI0APiALwU84z7YT9srpXHrjiHo2oS3M4sLxl0nuSFqD6uiIFrg7yF+HiEYEGBEC +AAYFAjnKLe0ACgkQ3uyMCd5BWw6XgQCg7Gu7XOzqnEcnCYR7v6rub5d0zwwAoOsQ9TNDYmVl +nW1ff9rt1YcTH9LiiE4EGBECAAYFAjnKLe0AEgkQ3uyMCd5BWw4HZUdQRwABAZeBAKDsa7tc +7OqcRycJhHu/qu5vl3TPDACg6xD1M0NiZWWdbV9/2u3VhxMf0uI= +=oXxa +-----END PGP PUBLIC KEY BLOCK----- +' + +# Bug solved 2005-04-07: +# Try importing the attached key file. As the key is exactly 8192 +# bytes long, radix64_read is called twice - the first time to read +# the 8192 bytes, and then once again, to handle the pad '=' on the +# last four character radix64 block '0uI='. gpg bails out with +# gpg: [don't know]: invalid packet (ctb=2d) +# On a read for only the = sign, radix64_read returns -1 for EOF. +# This causes the iobuf code to pop the armor filter and thus the next +# byte read is the '-' from the END header line, causing an error. +i=armored_key_8192 +info "checking: $i" +eval "(IFS=; echo \"\$$i\")" >x +$GPG --import x || error "the $i bug is back in town" + + + + diff --git a/tests/openpgp/armsignencrypt.test b/tests/openpgp/armsignencrypt.test new file mode 100755 index 000000000..24b9575ad --- /dev/null +++ b/tests/openpgp/armsignencrypt.test @@ -0,0 +1,13 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + + +#info Checking armored signing and encryption +for i in $plain_files $data_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust \ + -sae -o x --yes -r "$usrname2" $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/armsigs.test b/tests/openpgp/armsigs.test new file mode 100755 index 000000000..aecc06429 --- /dev/null +++ b/tests/openpgp/armsigs.test @@ -0,0 +1,11 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking armored signatures +for i in $plain_files $data_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 -sa -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/clearsig.test b/tests/openpgp/clearsig.test new file mode 100755 index 000000000..8217f2f49 --- /dev/null +++ b/tests/openpgp/clearsig.test @@ -0,0 +1,102 @@ +#!/bin/sh + +# Fixme: we should not only do a --verify but also the output. + +. $srcdir/defs.inc || exit 3 + +# ====================================== +# I can't compare the out because plain-3 has no LF as last charcater +# but the output has always one. I do not thinkl this is a bug, because +# it is clear text and not binary text. +# ====================================== +for i in $plain_files plain-large ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 -sat -o x --yes $i + $GPG --verify x +done + + +# ====================================== +# and once more to check rfc1991 +# ====================================== + +if have_pubkey_algo "RSA"; then + for i in $plain_files plain-large ; do + $GPG -u $usrname3 --rfc1991 --digest-algo md5 -sat -o x --yes $i + $GPG --verify x + done +fi + +# ====================================== +# and one with long lines +# ====================================== +cat >y <<EOF +xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxyx + +xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +EOF +echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y +$GPG --verify x + + +# ====================================== +# and one with only one long lines +# ====================================== +cat >y <<EOF +xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxyx +EOF +echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y +$GPG --verify x + + +# ====================================== +# and one with an empty body +# ====================================== +cat >y <<EOF +EOF +echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y +$GPG --verify x + + +# ====================================== +# and one with one empty line at the end +# ====================================== +cat >y <<EOF +line 1 +line 2 +line 3 +there is a blank line after this + +EOF +echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y +$GPG --verify x + + +# ====================================== +# I think this file will be constructed wrong (gpg 0.9.3) +# but it should verify okay anyway. +# ====================================== +echo "this is a sig test" >y +echo_n " " >>y +echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y +$GPG --verify x + + +# ====================================== +# check our special diff mode +# ====================================== +cat >y <<EOF +--- mainproc.c Tue Jun 27 09:28:11 2000 ++++ mainproc.c~ Thu Jun 8 22:50:25 2000 +@@ -1190,16 +1190,13 @@ + md_enable( c->mfx.md, n1->pkt->pkt.signature->digest_algo); + } + /* ask for file and hash it */ +- if( c->sigs_only ) { ++ if( c->sigs_only ) + rc = hash_datafiles( c->mfx.md, NULL, + c->signed_data, c->sigfilename, + n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 ); +EOF +echo "$usrpass1" | $GPG --passphrase-fd 0 \ + --not-dash-escaped --clearsign -o x --yes y +$GPG --verify x diff --git a/tests/openpgp/conventional-mdc.test b/tests/openpgp/conventional-mdc.test new file mode 100755 index 000000000..95a6ba476 --- /dev/null +++ b/tests/openpgp/conventional-mdc.test @@ -0,0 +1,42 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +algos="3des" + +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + +#info Checking conventional encryption +for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do + for ciph in $algos; do + # *BSD's dd can't cope with a count of 0 + if test "$i" = "0"; then + : >z + else + dd if=data-80000 of=z bs=1 count=$i 2>/dev/null + fi + echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \ + --force-mdc --cipher $ciph -c -o x --yes z + echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \ + -o y --yes x + cmp z y || error "$ciph/$i: mismatch" + done +done diff --git a/tests/openpgp/conventional.test b/tests/openpgp/conventional.test new file mode 100755 index 000000000..2fd273028 --- /dev/null +++ b/tests/openpgp/conventional.test @@ -0,0 +1,37 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking conventional encryption +for i in plain-2 data-32000 ; do + echo "Hier spricht HAL" | $GPG --passphrase-fd 0 -c -o x --yes $i + echo "Hier spricht HAL" | $GPG --passphrase-fd 0 -o y --yes x + cmp $i y || error "$i: mismatch" +done + +algos="3des" + +if have_cipher_algo "CAST5"; then + algos="$algos cast5" +fi + +if have_cipher_algo "BLOWFISH"; then + algos="$algos blowfish" +fi + +if have_cipher_algo "AES"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "TWOFISH"; then + algos="$algos twofish" +fi + +for a in $algos; do + for i in plain-1 data-80000 ; do + echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \ + --cipher-algo $a -c -o x --yes $i + echo "Hier spricht HAL" | $GPG --passphrase-fd 0 -o y --yes x + cmp $i y || error "$i: ($a) mismatch" + done +done diff --git a/tests/openpgp/decrypt-dsa.test b/tests/openpgp/decrypt-dsa.test new file mode 100755 index 000000000..6dc7dc459 --- /dev/null +++ b/tests/openpgp/decrypt-dsa.test @@ -0,0 +1,10 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking decryption of supplied DSA encrypted file +for i in "plain-1" ; do + $GPG $dsa_keyrings -o y --yes $srcdir/$i-pgp.asc + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/decrypt.test b/tests/openpgp/decrypt.test new file mode 100755 index 000000000..aab416750 --- /dev/null +++ b/tests/openpgp/decrypt.test @@ -0,0 +1,10 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking decryption of supplied files +for i in $plain_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 -o y --yes $srcdir/$i.asc + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/defs.inc b/tests/openpgp/defs.inc new file mode 100755 index 000000000..694e9ee1c --- /dev/null +++ b/tests/openpgp/defs.inc @@ -0,0 +1,160 @@ +# definitions for the check scripts + +#-------------------------------- +#------ constants --------------- +#-------------------------------- + +# Note that usrpass1 is also used in Makefile.am +usrname1="one" +usrpass1="def" +usrname2="two" +usrpass2="" +usrname3="three" +usrpass3="" + + +dsa_usrname1="pgp5" +# we use the sub key because we do not yet have the logic to +# to derive the first encryption key from a keyblock (I guess) +dsa_usrname2="0xCB879DE9" + +dsa_keyrings="--keyring ./pubring.pkr --secret-keyring ./secring.skr" + + +plain_files="plain-1 plain-2 plain-3" +data_files="data-500 data-9000 data-32000 data-80000" +exp_files="" + +# The testscripts expect the original language +LANG= +LANGUAGE= +LC_ALL= +LC_MESSAGES= + +# Internal use. +defs_stop_on_error=no +defs_error_seen=no + +#-------------------------------- +#------ utility functions ------- +#-------------------------------- + +fatal () { + echo "$pgmname: fatal:" $* >&2 + echo "$pgmname: fatal:" $* >&5 + exit 1; +} + +error () { + echo "$pgmname:" $* >&2 + defs_error_seen=yes + echo "$pgmname:" $* >&5 + if [ x$defs_stop_on_error != xyes ]; then + exit 1 + fi +} + +# Call this at the start of a test and resume_error at the end to keep +# on running all subtests without immediately exiting on error. +suspend_error () { + defs_stop_on_error=yes +} + +resume_error () { + if [ x$defs_error_seen = xyes ]; then + exit 1 + fi + defs_stop_on_error=no + defs_error_seen=no +} + +info () { + echo "$pgmname:" $* >&2 + if [ -n "${verbose+set}" ]; then + echo "$pgmname:" $* >&5 + fi +} + +linefeed () { + echo >&2 +} + + +echo_n_init=no +echo_n () { + if test "$echo_n_init" = "no"; then + if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then + if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then + echo_n_n= + echo_n_c=' +' + else + echo_n_n='-n' + echo_n_c= + fi + else + echo_n_n= + echo_n_c='\c' + fi + echo_n_init=yes + fi + echo $echo_n_n "${1}$echo_n_c" +} + + +#cleanup () { +# rm $cleanup_files 2>/dev/null || true +# echo "#empty" >./gpg.conf +#} + + +#add_cleanup () { +# cleanup_files="$cleanup_files $*" +#} + +have_pubkey_algo () { + if ../../g10/gpg2 --homedir . --version | grep "Pubkey:.*$1" >/dev/null + then + true + else + false + fi +} + +have_cipher_algo () { + if ../../g10/gpg2 --homedir . --version | grep "Cipher:.*$1" >/dev/null + then + true + else + false + fi +} + +have_hash_algo () { + if ../../g10/gpg2 --homedir . --version | grep "Hash:.*$1" >/dev/null + then + true + else + false + fi +} + +set -e +pgmname=`basename $0` +#trap cleanup SIGHUP SIGINT SIGQUIT + +[ -z "$srcdir" ] && fatal "not called from make" + +# Make sure we have a valid option files even with VPATH builds. +if [ -f ./gpg.conf ]; then + : +elif [ -f $srcdir/gpg.conf.tmpl ]; then + cat $srcdir/gpg.conf.tmpl >gpg.conf +fi + +GPG="../../g10/gpg2 --no-permission-warning --homedir . " + +exec 5>&2 2>${pgmname}.log + +: +# end diff --git a/tests/openpgp/detach.test b/tests/openpgp/detach.test new file mode 100755 index 000000000..6a3ae05c5 --- /dev/null +++ b/tests/openpgp/detach.test @@ -0,0 +1,10 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking detached signatures +for i in $plain_files $data_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 -sb -o x --yes $i + $GPG -o /dev/null --yes x <$i || error "$i: bad signature" +done + diff --git a/tests/openpgp/detachm.test b/tests/openpgp/detachm.test new file mode 100755 index 000000000..dc60bb239 --- /dev/null +++ b/tests/openpgp/detachm.test @@ -0,0 +1,9 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking detached signatures of multiple files +i="$plain_files $data_files" +echo "$usrpass1" | $GPG --passphrase-fd 0 -sb -o x --yes $i +cat $i | $GPG -o /dev/null --yes x || error "$i: bad signature" + diff --git a/tests/openpgp/encrypt-dsa.test b/tests/openpgp/encrypt-dsa.test new file mode 100755 index 000000000..0c6333c21 --- /dev/null +++ b/tests/openpgp/encrypt-dsa.test @@ -0,0 +1,41 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking encryption +for i in $plain_files $data_files ; do + $GPG $dsa_keyrings --always-trust -e -o x --yes -r "$dsa_usrname2" $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" +done + +algos="3des" + +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + +for ca in $algos ; do + for i in $plain_files $data_files ; do + $GPG $dsa_keyrings --always-trust --cipher-algo $ca -e \ + -o x --yes -r "$dsa_usrname2" $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" + done +done diff --git a/tests/openpgp/encrypt.test b/tests/openpgp/encrypt.test new file mode 100755 index 000000000..44f26a17a --- /dev/null +++ b/tests/openpgp/encrypt.test @@ -0,0 +1,40 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking encryption +for i in $plain_files $data_files ; do + $GPG --always-trust -e -o x --yes -r "$usrname2" $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + +algos="3des" + +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + +for ca in $algos ; do + for i in $plain_files $data_files ; do + $GPG --always-trust -e -o x --yes -r "$usrname2" --cipher-algo $ca $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" + done +done diff --git a/tests/openpgp/encryptp.test b/tests/openpgp/encryptp.test new file mode 100755 index 000000000..7df24efec --- /dev/null +++ b/tests/openpgp/encryptp.test @@ -0,0 +1,10 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking encryption with a pipe +for i in $plain_files $data_files ; do + $GPG --always-trust -e --yes -r "$usrname2" <$i | $GPG --yes > y + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/genkey1024.test b/tests/openpgp/genkey1024.test new file mode 100755 index 000000000..e17e8c91c --- /dev/null +++ b/tests/openpgp/genkey1024.test @@ -0,0 +1,31 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +../../g10/gpg2 --quiet --batch --debug-quick-random --homedir . --gen-key <<EOF +Key-Type: DSA +Key-Length: 1024 +Subkey-Type: ELG +Subkey-Length: 1024 +Name-Real: Harry H. +Name-Comment: test key +Name-Email: hh@@ddorf.de +Expire-Date: 1 +Passphrase: abc +%commit +EOF + +if have_pubkey_algo "RSA"; then +../../g10/gpg2 --quiet --batch --debug-quick-random --homedir . --gen-key <<EOF +Key-Type: RSA +Key-Length: 1024 +Key-Usage: sign,encrypt +Name-Real: Harry A. +Name-Comment: RSA test key +Name-Email: hh@@ddorf.de +Expire-Date: 2 +Passphrase: abc +%commit +EOF +fi + diff --git a/tests/openpgp/gpg.conf.tmpl b/tests/openpgp/gpg.conf.tmpl new file mode 100644 index 000000000..7060a6610 --- /dev/null +++ b/tests/openpgp/gpg.conf.tmpl @@ -0,0 +1,5 @@ +no-greeting +no-secmem-warning +no-permission-warning +batch +no-auto-check-trustdb diff --git a/tests/openpgp/mds.test b/tests/openpgp/mds.test new file mode 100755 index 000000000..6551d18e0 --- /dev/null +++ b/tests/openpgp/mds.test @@ -0,0 +1,69 @@ +#!/bin/sh + + +. $srcdir/defs.inc || exit 3 + + +test_one () { + if [ "`grep $1 y | sed -e 's/:[^:]*:\(.*\):/\1/'`" != "$2" ]; then + failed="$failed $1" + fi +} + +failed="" + +#info Checking message digests +cat /dev/null | $GPG --with-colons --print-mds >y +# MD5 +test_one ":1:" "D41D8CD98F00B204E9800998ECF8427E" +# SHA-1 +test_one ":2:" "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709" +# RMD160 +test_one ":3:" "9C1185A5C5E9FC54612808977EE8F548B2258D31" +# SHA-224 +if have_hash_algo "SHA224"; then + test_one ":11:" "D14A028C2A3A2BC9476102BB288234C415A2B01F828EA62AC5B3E42F" +else + echo "Hash algorithm SHA-224 is not installed (not an error)" +fi +# SHA-256 +if have_hash_algo "SHA256"; then + test_one ":8:" "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" +else + echo "Hash algorithm SHA-256 is not installed (not an error)" +fi +# SHA-384 +if have_hash_algo "SHA384"; then + test_one ":9:" "38B060A751AC96384CD9327EB1B1E36A21FDB71114BE07434C0CC7BF63F6E1DA274EDEBFE76F65FBD51AD2F14898B95B" +else + echo "Hash algorithm SHA-384 is not installed (not an error)" +fi +# SHA-512 +if have_hash_algo "SHA512"; then + test_one ":10:" "CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E" +else + echo "Hash algorithm SHA-512 is not installed (not an error)" +fi + +[ "$failed" != "" ] && error "$failed failed for empty string" + +echo_n "abcdefghijklmnopqrstuvwxyz" | $GPG --with-colons --print-mds >y +test_one ":1:" "C3FCD3D76192E4007DFB496CCA67E13B" +test_one ":2:" "32D10C7B8CF96570CA04CE37F2A19D84240D3A89" +test_one ":3:" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC" +if have_hash_algo "SHA224"; then + test_one ":11:" "45A5F72C39C5CFF2522EB3429799E49E5F44B356EF926BCF390DCCC2" +fi +if have_hash_algo "SHA256"; then + test_one ":8:" "71C480DF93D6AE2F1EFAD1447C66C9525E316218CF51FC8D9ED832F2DAF18B73" +fi +if have_hash_algo "SHA384"; then + test_one ":9:" "FEB67349DF3DB6F5924815D6C3DC133F091809213731FE5C7B5F4999E463479FF2877F5F2936FA63BB43784B12F3EBB4" +fi +if have_hash_algo "SHA512"; then + test_one ":10:" "4DBFF86CC2CA1BAE1E16468A05CB9881C97F1753BCE3619034898FAA1AABE429955A1BF8EC483D7421FE3C1646613A59ED5441FB0F321389F77F48A879C7B1F1" +fi + +[ "$failed" != "" ] && error "$failed failed for a..z" + +exit 0 diff --git a/tests/openpgp/mkdemodirs b/tests/openpgp/mkdemodirs new file mode 100755 index 000000000..217908078 --- /dev/null +++ b/tests/openpgp/mkdemodirs @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +GPG="../g10/gpg2 --batch --quiet --no-secmem-warning --allow-secret-key-import" +NAMES='Alpha Bravo Charlie Delta Echo Foxtrot Golf Hotel India + Juliet Kilo Lima Mike November Oscar Papa Quebec Romeo + Sierra Tango Uniform Victor Whisky XRay Yankee Zulu' + +if [ "$1" = "--clean" ]; then + (for i in $NAMES; do + [ -d $i ] && rm -r $i + done) || true + exit 0 +fi + +$GPG --dearmor -o secdemo.gpg --yes ../checks/secdemo.asc +$GPG --dearmor -o pubdemo.gpg --yes ../checks/pubdemo.asc +[ -f ./tdb.tmp ] && rm ./tdb.tmp +GPGDEMO="$GPG --homedir . --trustdb-name ./tdb.tmp --no-default-keyring + --keyring pubdemo.gpg --secret-keyring secdemo.gpg" +echo -n "Creating:" +for name in $NAMES; do + echo -n " $name" + [ -d $name ] && rm -r $name + mkdir $name + $GPGDEMO --export-secret-key -o - $name > $name/Secret.gpg + $GPG --homedir $name --import $name/Secret.gpg + $GPGDEMO --export -o - $name > $name/Public.gpg + $GPG --homedir $name --import $name/Public.gpg + [ -f $name/pubring.gpg~ ] && rm $name/pubring.gpg~ +done +echo "." +[ -f ./tdb.tmp ] && rm ./tdb.tmp +rm pubdemo.gpg secdemo.gpg + + diff --git a/tests/openpgp/multisig.test b/tests/openpgp/multisig.test new file mode 100755 index 000000000..ece6f22da --- /dev/null +++ b/tests/openpgp/multisig.test @@ -0,0 +1,145 @@ +#!/bin/sh +# Check that gpg verifies only signatures where there is no ambiguity +# in the order of packets. Needs the Demo Keys Lima and Mike. + +# Note: We do son't support multiple signaturess anymore thus thsi test is +# not really needed becuase verify could do the same. We keep it anyway. + +. $srcdir/defs.inc || exit 3 + +suspend_error + + + +sig_1ls1ls_valid=' +-----BEGIN PGP ARMORED FILE----- + +kA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogq9EkgYW0gc29ycnksIEkgY2FuJ3Qg +ZG8gdGhhdAqIPwMFADqIKvQ3yrUft5ED+BEC2joAoJaSaXOZEtSZqQ780HIXG77e +8PB7AJ4wCprmaFTO0fBaTcXDuEOBdAWnOZANAwACETfKtR+3kQP4AawnYgV0ZXh0 +MTqIKvRJIGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRoYXQKiD8DBQA6iCr0N8q1H7eR +A/gRAto6AKCWkmlzmRLUmakO/NByFxu+3vDwewCeMAqa5mhUztHwWk3Fw7hDgXQF +pzk= +=8jSC +-----END PGP ARMORED FILE----- +' +sig_ls_valid=' +-----BEGIN PGP ARMORED FILE----- + +rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI +K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT +QDUFTH2PvZRxjw== +=J+lb +-----END PGP ARMORED FILE----- +' +sig_sl_valid=' +-----BEGIN PGP ARMORED FILE----- + +iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU +tH60PslLE0A1BUx9j72UcY+sJ2IFdGV4dDE6iCtLSSBhbSBzb3JyeSwgSSBjYW4n +dCBkbyB0aGF0Cg== +=N9MP +-----END PGP ARMORED FILE----- +' +sig_11lss_valid_but_is_not=' +-----BEGIN PGP ARMORED FILE----- + +kA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogyXUkgYW0g +c29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED+BECwQAAnRXT +mXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp5Yg/AwUAOogy +XTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0P01WmbgZJoZB +Q341WRXKS/at +=Ekrs +-----END PGP ARMORED FILE----- +' +sig_11lss11lss_valid_but_is_not=' +-----BEGIN PGP ARMORED FILE----- + +kA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogyXUkgYW0g +c29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED+BECwQAAnRXT +mXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp5Yg/AwUAOogy +XTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0P01WmbgZJoZB +Q341WRXKS/atkA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQx +OogyXUkgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED ++BECwQAAnRXTmXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp +5Yg/AwUAOogyXTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0 +P01WmbgZJoZBQ341WRXKS/at +=P1Mu +-----END PGP ARMORED FILE----- +' +sig_ssl_valid_but_is_not=' +-----BEGIN PGP ARMORED FILE----- + +iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU +tH60PslLE0A1BUx9j72UcY+IPwMFADqIK0s3yrUft5ED+BECLQMAn2jZUNOpB4Ou +urSQkc2TRfg6ek02AJ9+oJS0frQ+yUsTQDUFTH2PvZRxj6wnYgV0ZXh0MTqIK0tJ +IGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRoYXQK +=Zven +-----END PGP ARMORED FILE----- +' +sig_1lsls_invalid=' +-----BEGIN PGP ARMORED FILE----- + +kA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogq9EkgYW0gc29ycnksIEkgY2FuJ3Qg +ZG8gdGhhdAqIPwMFADqIKvQ3yrUft5ED+BEC2joAoJaSaXOZEtSZqQ780HIXG77e +8PB7AJ4wCprmaFTO0fBaTcXDuEOBdAWnOawnYgV0ZXh0MTqIK0tJIGFtIHNvcnJ5 +LCBJIGNhbid0IGRvIHRoYXQKiD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeD +rrq0kJHNk0X4OnpNNgCffqCUtH60PslLE0A1BUx9j72UcY8= +=nkeu +-----END PGP ARMORED FILE----- +' +sig_lsls_invalid=' +-----BEGIN PGP ARMORED FILE----- + +rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI +K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT +QDUFTH2PvZRxj6wnYgV0ZXh0MTqIK0tJIGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRo +YXQKiD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCf +fqCUtH60PslLE0A1BUx9j72UcY8= +=BlZH +-----END PGP ARMORED FILE----- +' +sig_lss_invalid=' +-----BEGIN PGP ARMORED FILE----- + +rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI +K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT +QDUFTH2PvZRxj4g/AwUAOogrSzfKtR+3kQP4EQItAwCfaNlQ06kHg666tJCRzZNF ++Dp6TTYAn36glLR+tD7JSxNANQVMfY+9lHGP +=jmt6 +-----END PGP ARMORED FILE----- +' +sig_slsl_invalid=' +-----BEGIN PGP ARMORED FILE----- + +iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU +tH60PslLE0A1BUx9j72UcY+sJ2IFdGV4dDE6iCtLSSBhbSBzb3JyeSwgSSBjYW4n +dCBkbyB0aGF0Cog/AwUAOogrSzfKtR+3kQP4EQItAwCfaNlQ06kHg666tJCRzZNF ++Dp6TTYAn36glLR+tD7JSxNANQVMfY+9lHGPrCdiBXRleHQxOogrS0kgYW0gc29y +cnksIEkgY2FuJ3QgZG8gdGhhdAo= +=phBF +-----END PGP ARMORED FILE----- +' + + +for i in sig_sl_valid ; do + eval "(IFS=; echo \"\$$i\")" | ./gpg_dearmor >x + $GPG --verify x 2>/dev/null || error "valid is invalid ($i)" + linefeed +done +#for i in "$sig_11lss_valid_but_is_not" "$sig_11lss11lss_valid_but_is_not" \ +# "$sig_ssl_valid_but_is_not"; do +# echo "$i" | $GPG --dearmor >x +# $GPG --verify <x 2>/dev/null || error "valid is invalid" +#done + +for i in sig_1ls1ls_valid sig_ls_valid \ + sig_1lsls_invalid sig_lsls_invalid \ + sig_lss_invalid sig_slsl_invalid ; do + eval "(IFS=; echo \"\$$i\")" | ./gpg_dearmor >x + $GPG --verify <x 2>/dev/null && error "invalid is valid ($i)" + linefeed +done + + +resume_error
\ No newline at end of file diff --git a/tests/openpgp/pgp263-test.pub.asc b/tests/openpgp/pgp263-test.pub.asc new file mode 100644 index 000000000..53310d778 --- /dev/null +++ b/tests/openpgp/pgp263-test.pub.asc @@ -0,0 +1,14 @@ +Type Bits/KeyID Date User ID +pub 888/A50283F1 2001/11/08 pgp2.6.3-test-key + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: 2.6.3a + +mQB8AzvqRosAAAEDeNMKLJMJQeGC2RG5Nec6R2mzC12N1wGLiYYJCsmSQd1Y8mht +A2Sc+4k/q5+l6GHtfqUR/RTCIIudAZUzrQVIMhHDKF+5de9lsE5QxQS1u43QGVCb +/9IYrOLOizYQ2pkBtD9LCrf7W2DccMEkpQKD8QAFE7QRcGdwMi42LjMtdGVzdC1r +ZXmJAIQDBRA76kaL3HDBJKUCg/EBAZMoA3Yqqdix6B2RAzywi9bKSLqwAFVL+MMw +W+BnYeBXF9u+bPpQvtyxgi0vx8F9r84B3HAhZNEjBWODF6vctIQhXhAhXIniDTSj +HNzQ/+nbWnebQn18XUV2SdM1PzMOblD+nISte7+WUfWzlD7YUJPkFPw= +=b498 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/openpgp/pgp263-test.sec.asc b/tests/openpgp/pgp263-test.sec.asc new file mode 100644 index 000000000..78992e3b7 --- /dev/null +++ b/tests/openpgp/pgp263-test.sec.asc @@ -0,0 +1,18 @@ +Type Bits/KeyID Date User ID +sec 888/A50283F1 2001/11/08 pgp2.6.3-test-key + +-----BEGIN PGP SECRET KEY BLOCK----- +Version: 2.6.3a + +lQGdAzvqRosAAAEDeNMKLJMJQeGC2RG5Nec6R2mzC12N1wGLiYYJCsmSQd1Y8mht +A2Sc+4k/q5+l6GHtfqUR/RTCIIudAZUzrQVIMhHDKF+5de9lsE5QxQS1u43QGVCb +/9IYrOLOizYQ2pkBtD9LCrf7W2DccMEkpQKD8QAFEwADd0Kk5aeyFM3zbPgfikkE +7iFg9h2LG3nARmA4wAnCZaQ3CS5zRHCdXOf5KLkm6xFza1yMat4iWx6ULvuuNpIc +RmkHccyXYkRi3Hvacd5A9VCNw1UKtCdaCKgacsfplU0s1xYWGZd4J8Jg8boSfW5W +gwG8Dc9R20HHno8uD2vfr5rg8ElWvbFyJI/j4eCVAd+NYAGNvB8I3VP38IIYcavh +YYcGjrpxbGVRybsBvA9IJltpGaVulxwpeCp5NecCGgoAUsN4Ktf42Pg7HXDlQL6r +Xs/YggMztj4NzEgBHXAOLShdKKhDAbEByVSKXZD9A8J+RejXBl6VbuJmD/5qOvph +GAPKS3ahPDj8438HyD7yIDLYYVRKfxjWHLubc46Pgui0EXBncDIuNi4zLXRlc3Qt +a2V5 +=l/aV +-----END PGP SECRET KEY BLOCK----- diff --git a/tests/openpgp/plain-1-pgp.asc b/tests/openpgp/plain-1-pgp.asc new file mode 100644 index 000000000..9a83dcfa0 --- /dev/null +++ b/tests/openpgp/plain-1-pgp.asc @@ -0,0 +1,27 @@ +This is an encrypted version of plain-1 for the PGP test key +0xCB879DE9 using 3DES. + +-----BEGIN PGP MESSAGE----- +Version: GnuPG v1.3.5-cvs (GNU/Linux) + +hM4DW3oC8MuHnekQAv0U6qlDAA64QS/oZJErr1J77m5Dh7IFen3mAcwOxvL/POqS +HQWTFcuFT4LH9asSWgRe6DebJGfscMjMqNPAkhEJtKQQ2jEesn2Bon6SMwah7vkD +9Zap7WKHRlnB/Da1/xQC/ispXY7e5tuejnzoNSAOWFpBn354nvkKGaCfMRNuz3R2 +HljH+gXKRa00n2dPmvX9Mr8AI0Q+FoEI2/YW+6aUxmv8b0c2dP6HcL6HUu0Ro2Nl +RJNPfYXP20EL/Xrv8LN0Ksnp3YKTWrz5gQKNr3DH5pn1PjFqAKz4JD6rQBpnlh1c +03gLB1OAJWA6+/QNaEQV451GBZW3ul10R/6621/kk0Isdxn/htlD4Jl/jAvFdlQW +ULBu1HorZZ5X/IMuMRFwSQkx+H8i0zq+LGr8+rLFVTRuXBrgpeTLWs/f35DDblPp +jtPGSs1qql98PfOV1tAr16rGRLAAyNWEgi3yZWUGgq5dfFnRbJX1hrj9waQmq1g0 +mn1oB9Ig708xSZqcfFVFNpvIB7nmbFF/WaMnqfL3XmgTe8whKB/f/XYhg+W2d57h +EmTcAlC1N6IHY8/7YqtnjitavTIUsi0hPldX0tvrjsaZ7ppSma2epRJhx47jIFjw +wXOEByZE+K3pyTSN8KJxParDsqrTWFrL0t8az9W8lWG7YYsxUxk9cwRo5PyEko1M +kAKrbDMb+02Iw35yeuxFY33dl7KqpaWy43ksX/ROxX4S0InQywaQejXyt5A1cJN1 +t+G0aKdRp40MDKtOkZfFGlUSFZIhB0dxKVfSKJE/SIeYZzROTuyCNe/2wwufxgpa +uztUf5ipVnINupiztWGw5c5Wp40ptQ/0K4/35KrZhMoFGR9DtImAPpZocuiFdJDt +uqqapxGfJ876S4hFjRAkHSNRsAySul9zFLnIJ+Smk5xsvQZK4yjDwZfSs9b7WPKg +7NCxl5bF5dIbWRYdRBNjHQ4m3LyYmqKzQqALSYT54/9O35B7rb1fOB2SFIuME0QI +5XQq9QsH/f5rW8U6Ixzw1582B8fO1TMRhCqMyXozmsBJoWdCIQTQiVNyrbgLi+ss +wKiKq4AymLXFMSpI4TOCc+rKiAdMpLbNO8Ndox5hZEGz+mqg84cgC/rkJc/P03KR +uo0+rb5eSfJw9t+uzBXDmFHynayj0CB8wW9iwXknpdlHDo1z +=7Otr +-----END PGP MESSAGE----- diff --git a/tests/openpgp/plain-1.asc b/tests/openpgp/plain-1.asc new file mode 100644 index 000000000..f62fb15df --- /dev/null +++ b/tests/openpgp/plain-1.asc @@ -0,0 +1,26 @@ +-----BEGIN PGP MESSAGE----- +Version: GnuPG v1.3.5-cvs (GNU/Linux) + +hQEOA6urKKJHvid1EAQA0MchGc7vZsjUgxdII4lo/2jRDesMmLDN4U0uOgExvyhD +u1OtQBJF8iHgNdDEf8/R3GWhRE94IpVwLqzKTqfVmyKIFd80/Qe4h37TUPpEf8Ex +f7WaIBk/9OSDNKOkCwZ5OH9xGaorhBwYiTNJlEEGv5zcDte9ZoLO7WhWFfHp3b0E +AJYk/tf3oV4sJSn8AbUa8UC2tAdpNM1Lx+UEuCtxevYRpWeDVDok7/xuaa/wcb39 +lKyhUV+FBUH++k59K4GVqykOz02hmFl97O+4bAldgP6cVTm0Gh7jwMcJANzhLW/O +MR5birB+HPKOotMIfhggzxsAt6ESrviIlknkGqwKXWog0ukB/npOqQdu1GmvJqoC +k6ElA6xZPY5HTF/JLKlLXFfIIKLeuyckKwGDkVNFE7JYPW+dfxcGH9z1KXaNNllY +V4OKGQh3+gMaoJSY2X7PsmjC4fvi3g6rr360ATr5f82Mr8GPa3x21XLdIFZ04vTe +yE3kwdcarkiT1QQLnOXk/yRBxJwiA5loL9crVdC2WyOV3B3DG33/yas8krw4BYWw +DzAgxNtZR4MQXcj83WwoflMo43dYUq3Pk7ZnzKN04O8m9w0gxVxCpXu4ds9emMdJ +WS4eNTPUOnzeWttkfYcd3SarK6COi9iBosFT2QF80FwDSlH3XdEo7rD1j6WJ5GeX +RbHDvIm9g0xB23S7jmtfdqIHndvPKLmwW2B1VC1mbjcDUo6pyUb31GBd1zFVhT69 +ijhiEwBlr8uWxROdwJd/7IVIB/RYHLr5P3M8p08hdEdS1IMQbNEE4Y25fRdcc6g8 +fVEAExbG01K1EJhRLxoHzgnAkxDTV2HSwlqbFvKEzUfE+rMHApmSX2lfMvKgueYz +JpA7nxuf79Wk17bjNvuVQwokhXpzw7FyPPdD7h4Z30LW0ozvSVgs2tigWCAysIKB +3ZIolchqBoj0ddJgbPXrx09r1oCckEmdj1KtZsci9m+CFA8d22uxXBec0HkEHZpr +EHlqEZfNTmqowoDtJ8KT+S8VPsALEyDnrqm3s4i44OwgvsPiKOST1xwk6lIJ5isu +fO76RHTQ2jc8z7+sKyNffVugfjYVRj54/8Gj34QkrVo/42rlvg398tpbAbWuNq8w +PM//M6eVD4IRDYEGrGOk7prd9mgdbWnOWpasirhr41kePu2vsrIUkJWHmOgdMQDH +cSSzI8C5NpafROHAhMsUymcJ5dKksvPubh5IAdgtH+m6yDnNUJT8s6WV1f1RpSsQ +L/n3dhti76l0XtfZ7aST8j46B1JPNDx8+r6Xl9IUbSU= +=xK46 +-----END PGP MESSAGE----- diff --git a/tests/openpgp/plain-1o.asc b/tests/openpgp/plain-1o.asc new file mode 100644 index 000000000..973b29395 --- /dev/null +++ b/tests/openpgp/plain-1o.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP ARMORED FILE----- +Version: GNUPG v0.3.4 (GNU/Linux) +Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/ +Comment: Use "gpgm --dearmor" for unpacking + +PCEtLSBEaWVzIGlzdCBTZWl0ZSAzLCBkb3J0IGlzdCBrZWluZSBTZWl0ZW56YWhsIGFuZ2Vn +ZWJlbiwKICAgICBvYmVuIHJlY2h0cyBpc3Qgd2llZGVyIGRlciBTdGVtcGVsIHZvbiBtZWlu +ZW0gT3BhIHp1IGZpbmRlbiAtLT4KCjxzZWN0MT5OYW1lIDxxPkdyb98tQmFydGxvZmY8Lz4K +CjxwPgpEZXIgTmFtZSA8cS9CYXJ0bG9mZi8gaXN0IHNjaHdlciB6dSBkZXV0ZW4uIE1hbiBo +YXQgdmllbGUgTXV0bWHfdW5nZW4KYW5nZXN0ZWxsdCwgdm9uIGRlbmVuIG1hbiBhYmVyIGJp +c2xhbmcga2VpbmUgZWluemlnZSBhbHMgdW5iZWRpbmd0CnJpY2h0aWcgZXJrbORyZW4ga2Fu +bi4KPGZvbnRpbmZvIHJlbT0ibWl0IExlZXJ6ZWljaGVuIGdlc2NocmllYmVuIj5Vcmt1bmRs +aWNoPC8+IHdpcmQgZGFzCkRvcmYgYmlzIHp1ciBSZWZvcm1hdGlvbiBzdGV0cyA8cS9CYXJ0 +b3JmLyAoYW5ubyAxMjUzKSB1bmQKPHEvQmFyZG9yZi8gKDEzMDYsIDEzMTgsIDEzMjksIDE0 +MjkpIGdlbmFubnQgdW5kIGRhc18gc293b2hsIEtsZWluLQp3aWUgR3Jv32JhcnRsb2ZmLiBF +cnN0IDE1ODYgaW0gQmlzY2hvZnNzdGVpbmVyIEp1cmlzZGlrdGlvbmFsYnVjaApoZWnfdCB1 +bnNlciBEb3JmIDxxL0JhcnR0ZWxvZmYvIHVuZCBzbyBhdWNoIGluIGRlciDkbHRlc3RlbiBu +b2NoCnZvcmhhbmRlbmVuIEtpcmNoZW5yZWNobnVuZyB2b20gSmFocmUgMTY1MS4gTkFjaCBk +ZW0gSmFocmUgMTcwMCB3aXJkCmluIGRlbiBVcmt1bmRlbiBiZWdvbm5lbiwgZGVuIHZvbGxl +biBOYW1lbiA8cS9Hcm/fLUJhcnRsb2ZmLyB1bmQKPHEvS2xlaW4tQmFydGxvZmYvIHp1IHNj +aHJlaWJlbi4KLS0tLS0tLS0tLS0tLS0tLSBbd2VnZW4gZGFzaGVkIGVzY2FwZWQgdGV4dF0K +PHA+Ck5pbW10IG1hbiBhbiwgZGHfIGRpZSB1cmt1bmRsaWNoZSwg5Gx0ZXN0ZSBCZXplaWNo +bnVuZyBCYXJ0b3JmIGRpZQp1cnNwcvxuZ2xpY2hlIGlzdCB1bmQgbmljaHQgZGllIG11bmRh +cnRsaWNoZSBCYXJ0bG9mZiwgc28ga/ZubnRlIGRlcgpOYW1lIGd1dCBnZWRldXRldCB3ZXJk +ZW4gYWxzIERvcmYgYW4gZGVyIDxxL0JvcmRlLyBvZGVyIGFtIFJhbmRlCm9kZXIgYW4gZGVy +IEdyZW56ZSBlbnR3ZWRlciBkZXMgV2FsZGVzCg== +=m1k/ +-----END PGP ARMORED FILE----- diff --git a/tests/openpgp/plain-2.asc b/tests/openpgp/plain-2.asc new file mode 100644 index 000000000..5a774a634 --- /dev/null +++ b/tests/openpgp/plain-2.asc @@ -0,0 +1,31 @@ +-----BEGIN PGP MESSAGE----- +Version: GnuPG v1.3.5-cvs (GNU/Linux) + +hQEOA6urKKJHvid1EAP/aYXFOkxPzbBB0SWtyX+yyvZso8i1WJS3pzrHNXcXQSQx +xOAfmlCiuXYrjEzlyDAn7k7RLAhUB/ffI58HnbkQ7btWujrHig/V1tQ0j5igR85M +3y2/msWu2c2pyeZnx29LzeoJ2aMVTbMObszlG+TNOuhCNn4unvbShrkFjNK5fi8E +AIHiavE77ZPfcaUrXp6FJ6OuhbnJQ8y8CVpH++ddgU6xXK1vByMSsYqiOjfq08gV +MzqT1eMVvKhSjl3R6Ktl7j+ErYM4KuIofIZsKc8M3JnoTSrLqWSEBq+DEiaSI58i +SMJfzxfKA84bpJyLIjp4bjRIXveYoX8UjEnSNr3xuDIq0ukBoVe6Bx8lBActcwE+ +kE7EffSBHUmnm8cvwZan+Ms8t9p9aQEzBxV/LfEXZyk36lK35zCH188iJR+tt9zs +rNubkRuOjq9jAcBtrvgjTTO91Ru7z4RCYeMfnX9AauJZFShBNYN46GTIwqMWE9vq +B/IYFH9/L2nufcrDQ6u5WxJo0y2FoPqVS4RKEZ4FlKnlT2Op0X1k9w+1nWTtKwQx +fPsB+YRSKmVbZOXDeKAIVEyGHgR1Hj6pbo/IeHSJ2DJt5OFu6eLQYjxYjM7BPjPD +Gn+lTUvqw5ykYpCcnvpEx25+qHh5HI11Hi0sLKzvB92hhsQ7+lU2D+iAzsMJKdwE +u2bCnrZokzZwDBy6NISQ+hoc6NPPezQM4FLN0BB752fa9DYMQo5nEGfPUM7fv51A +nUdGOmaDVWY54GQxiYzl0JAT41sQSYlVHcWBCGNAm064y+tsHVjDYcf5uze/3Iuw +m/IbRGLBT7x+j2OqMX30yXoeHCg0/M/2c6vIzhdHEsJjTbTr+M4bMii/mB5kSo/7 +x5R14Lr0mwnPNDFHG2egqd5uL8985+5BENm7q0pQHKGM5NxkjVSWCpzRgKcSEq5A +x4Q2HbhEJNP6ZonnZkDmGM52Eq62eaR7t8+k9px35osfiTiClmVrjsTgl5Kvatk0 +oL1aYEwp8OtavoSwidUTk+Xb+cEE09P5bnCFs5Js0e5wdo+/izJ6iBuF+PndTh4i +4ppFmt8/GZ63MKBJu4CZE7QJMVAcmmCrsGRONP2JVgmyaBjrIl5xk9FPXQVY0AJx +gl3/jO/QFHYs+dlrQ3aqg8Mm0eZyLmZEYjoNibD8PW0keYiVfTF7EGl4jS2sAboc +AOzbuABa+30vIjJRWeW5UdTcLyNK7B2qWk6dqpRn9ps3cwCWUiTIcIRgot4PY+3M +8BL4smyZIP1Fmz/woL7gSVIaJHMExHjYPyRlfo+6Vfy3hh3zdiB9e5xA8QRFKgUb +Px5ShU5bBykfvFBJjgKU1XLBKqdklaudf3+v8F3LPIyuO6vTYzOIU9UKAHy9CrA2 +kAZ8kgHBTtAjmKuJjASBCZHPepq0G9SaRDQI5g4DXx0LXPX3y5xkwVI6kd0QmsMF +UU4ij/xjzIPN/AxBgQI8HKk56FnaX0JKoHm7mqWa+1TzbuvJjio4J/IN9XXzVqb1 +YL+mkx607hdW9oJltXLO5eio0pb12v/0YXAQlsrlJJNPCUW5hYFv/vH1rHzR98xx +nx4PXElm8VUuhKDxdVi9Ipo8fL9Amu3PwYonzOck3R2W4wwlmcopVQQ= +=Ng8B +-----END PGP MESSAGE----- diff --git a/tests/openpgp/plain-2o.asc b/tests/openpgp/plain-2o.asc new file mode 100644 index 000000000..562e5f06e --- /dev/null +++ b/tests/openpgp/plain-2o.asc @@ -0,0 +1,36 @@ +-----BEGIN PGP ARMORED FILE----- +Version: GNUPG v0.3.4 (GNU/Linux) +Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/ +Comment: Use "gpgm --dearmor" for unpacking + +Cgo8c2VjdD5Wb3J3b3J0CjxwPgpEZXIgV2VydCBlaW5lciBPcnRzY2hyb25payBpc3Qgb2Zm +ZW5iYXIgdW5kIGJlZGFyZiBrZWluZXIgRXL2cnRlcnVuZy4KTWl0IEF1c2JydWNoIGRlcyBX +ZWx0a3JpZWdlc18sIGlubWl0dGVuIGRlciBnZXdhbHRpZ2VuIEdlc2NoZWhuaXNzZSwgZvxo +bHRlCmRlciBLbGVydXNfIHVuc2VyZXNfIEVpY2hzX2ZlbGRlc18gZGFzXyBtZWhyIHdpZSBm +cvxoZXIgdW5kIHNvCmVyc3Rhcmt0ZSBkYXNfIFN0cmViZW4sIGVpbmUgc29sY2hlIE9ydHNf +Z2VzY2hpY2h0ZSB6dSBzY2FoZmZlbiwgdW0KdW5zZXJlbiBOYWNoa29tbWVuIHp1IGJlcmlj +aHRlbiwgd2FzXyBhdWNoIGRpZSBrbGVpbnN0ZW4gRPZyZmVyIGluCmRlciBncm/fZW4gWmVp +dCBnZWxlaXN0ZXQsIGVybGVidCB1bmQgZXJsaXR0ZW4gaGFiZW4uCjxwPgpVbmQgc28gYmVn +YW5uIGF1Y2ggaWNoIGltIERlemVtYmVyIDE5MTQsIGRlbiA/Pz8/Pz8/Pz8KU3RvZmYsIHdv +IGltbWVyIGljaCBpaG4gYXVjaCBudXIgc28gc3DkcmxpY2ggZmluZGVuIGtvbm50ZSwgenUK +c2FtbWVsbiwgaWNoIGJlZnJhZ3RlIHp1buRjaHN0IGVtc2lnIGRpZSDkbHRlc3RlbiBMZXV0 +ZSwKZHVyY2hmb3JzY2h0ZSBzb2Rhbm4gZGFzIGdhbnplIFBmYXJyYXJjaGl2LCBkYXMgU2No +dWx6ZW5hcmNoaXYKYmVpZGVyIFBmYXJyZPZyZmVyLCBkYXMgS29tbWlzc2FyaWF0c19hcmNo +aXYgenUgSGVpbGlnZW5zdGFkdCwKZW5kbGljaCBhdWNoIDE5MTYgZGFzIFN0YWF0c19hcmNo +aXYgenUgTWFnZGVidXJnLiBTZWxic3R2ZXJzdORuZGxpY2gKYXJiZWl0ZXRlIGljaCBhdWNo +IGRpZSBlaW5zY2hs5GdpZ2UgTGl0ZXJhdHVyIGR1cmNoLiBHYXIgdmllbGUgWmVpdAp1bmQg +TfxoZSBoYXQgZXNfIGdla29zdGV0IHVtIG5hY2ggbWVociBhbHMgOCBKYWhyZW4gZGllIE9y +dHNjaHJvbmlrIHZvbgpHcm/fYmFydGxvZmYgdW5kIHZvbSBGaWxpYWxkb3JmIFdpbGJpY2gg +Z2Vzb25kZXJ0IHp1IHNjaGFmZmVuLgo8cCB2c3BhY2U9IjJleCI+CjxiZj5Hcm/fYmFydGxv +ZmYsPC8+IGRlbiAyMy4gTeRyeiAxOTIzLgo8cCB2c3BhY2U9IjNleCIgYWxpZ249cmlnaHQ+ +CjxiZi9OaWtvbGF1cyBH9nJpbmcsLyBQZmFycmVyLgo8L3A+Cgo8IS0tIEhpZXIgZm9sZ3Qg +ZWluIFN0ZW1wZWwgdm9uIG1laW5lbSBPcGE6CgkgIFJ1ZC4gS29jaAogICAgIEdyb99iYXJ0 +bG9mZi9FaWNoc2ZlbGQKCUFuZ2VyIDE2MQotLT4KPCEtLSBGSVhNRTogaGllciBrb21tdCBl +aW5lbiBaaWVybGluaWUgLS0+Cgo8cCB2c3BhY2U9ZmlsbD4gPCEtLSBEZXIgUmVzdCBrYW0g +YW0gRW5kZSBkZXIgU2VpdGUgLS0+CjxwIGFsaWduPWNlbnRlcj4gTGl0ZXJhdHVyOiA8L3A+ +CjEpIEpvaC4gV29sZjogUG9saXRpc2NoZSBHZXNjaGljaHRlIGRlcyBFaWNoc2YuIEf2dHQu +IDE3OTIgdW5kCkz2ZmZsZXIgMTkyMS4gMikgSy4gR2VzY2hpY2h0ZSwgV29sZiAxODE2IEf2 +dHQuICAzKSBLbmllYjogR2VzY2guCmRlciBSZWYuIHUuIEdlZ2VucmVmPz8/Cgo8IS0tIEZJ +WE1FOiBEZXIgUmVzdCBmZWhsdCBub2NoIC0tPgoKCgoKCgoKCjwvc2VjdD4K +=9nnj +-----END PGP ARMORED FILE----- diff --git a/tests/openpgp/plain-3.asc b/tests/openpgp/plain-3.asc new file mode 100644 index 000000000..b2206aee5 --- /dev/null +++ b/tests/openpgp/plain-3.asc @@ -0,0 +1,13 @@ +-----BEGIN PGP MESSAGE----- +Version: GnuPG v1.3.5-cvs (GNU/Linux) + +hQEOA6urKKJHvid1EAQAreXx68NPUPpiNhqRyM//Y97N8hX5iAWq3WxXTa8D6Hy9 +81Jy2wI4IeDhHIoWuXMIX2oVL//V1+LyLkrF/tutBVvqct0TUDUWqb4Ydpfk2l5j +FfSybWW1fS4D1e0KVB3Lfj2Y4cCoT/+zyq7jUKQE++qNefPBzeaRWY4qeI6xXF8E +AMj01HPe0ZwIBWqiIYv91Q7rGzEZm0ROPilgSQjUvCdsNQGhZpFGTl6uMSU0lmp8 +SD2EKv3xGeo2nMPy/Xp4JoYAMW+fjJh+wM6uT84nJgCVaeWyR7HAfF1U4rzqz7DF +amPozuwuZiyjoo/wB1irZSl90t5Oa69oMesZtGMvwBN10mMBM0TotT4gjgviv5uY +kLjD7DM79xy0drptNypmcVcjnDunM6bSEhTyq/fahdaULTYcwSOTXVMyesNpmLCb +ziayleyuSaXPxIqWTgSfkab/W2FGWZvbexYaSaWXmDqsyzs81o0= +=JDKF +-----END PGP MESSAGE----- diff --git a/tests/openpgp/plain-3o.asc b/tests/openpgp/plain-3o.asc new file mode 100644 index 000000000..409b9c2e4 --- /dev/null +++ b/tests/openpgp/plain-3o.asc @@ -0,0 +1,10 @@ +Stored by G10, because diff/patch have problems with +files not having a trailing LF - and this one has none. + +-----BEGIN PGP ARMORED FILE----- +Version: G10 v0.2.6a (Linux) +Comment: This is an alpha version! + +RGllcyBpc3QgZWluZSBlaW5mYWNoZSBaZWlsZSBvaG5lIExGIGFtIEVuZGUu +=ZQ6m +-----END PGP ARMORED FILE----- diff --git a/tests/openpgp/pubdemo.asc b/tests/openpgp/pubdemo.asc new file mode 100644 index 000000000..d550f1af7 --- /dev/null +++ b/tests/openpgp/pubdemo.asc @@ -0,0 +1,566 @@ +26 demo keys: + +pub 1024D/68697734 1999-03-08 Alpha Test (demo key) <alpha@example.net> +uid Alice (demo key) +uid Alfa Test (demo key) <alfa@example.net> +sub 1024g/46A871F8 1999-03-08 +pub 1024D/1AFDAB6C 1999-03-08 Charlie Test (demo key) <charlie@example.net> +sub 1024g/BC43DA60 1999-03-08 +pub 1024D/FAEF6D1B 1999-03-08 Echo Test (demo key) <echo@example.net> +uid Eve (demo key) +uid Echelon (demo key) +sub 1024g/7272144D 1999-03-08 +pub 1024D/8FC282E6 1999-03-08 Golf Test (demo key) <golf@example.net> +sub 1024g/9DCAD354 1999-03-08 +pub 1024D/04259677 1999-03-08 India Test (demo key) <india@example.net> +sub 1024g/61F76C73 1999-03-08 +pub 1024D/43C2D0C7 1999-03-08 Kilo Test (demo key) <kilo@example.net> +sub 1024g/9AF64D02 1999-03-08 +pub 1024D/A9E3B0B2 1999-03-08 Bravo Test (demo key) <bravo@example.net> +uid Bob (demo key) +sub 1024g/E29BA37F 1999-03-08 +pub 1024D/EB9DC9E6 1999-03-08 Delta Test (demo key) <delta@example.net> +sub 1024g/B0C45424 1999-03-08 +pub 1024D/7372E243 1999-03-08 Foxtrot Test (demo key) <foxtrot@example.net> +sub 1024g/EE45198E 1999-03-08 +pub 1024D/34C6E3F1 1999-03-08 Hotel Test (demo key) <hotel@example.net> +sub 1024g/D622AD0A 1999-03-08 +pub 1024D/D2699313 1999-03-08 Juliet Test (demo key) <juliet@example.net> +sub 1024g/35F8F136 1999-03-08 +pub 1024D/B79103F8 1999-03-08 Lima Test (demo key) <lima@example.net> +sub 1024g/FE56350C 1999-03-08 +pub 1024D/BE5CF886 1999-03-08 Mike Test (demo key) <mike@example.net> +uid Mallory (demo key) +sub 1024g/4F31EAE8 1999-03-08 +pub 1024D/30CEC684 1999-03-08 November Test (demo key) <november@example.net> +sub 1024g/8B70E472 1999-03-08 +pub 1024D/6D9732AC 1999-03-08 Oscar Test (demo key) <oscar@example.net> +sub 1024g/2681619F 1999-03-08 +pub 1024D/3FF13206 1999-03-08 Papa test (demo key) <papa@example.net> +sub 1024g/63330D9C 1999-03-08 +pub 1024D/3C661C84 1999-03-08 Quebec Test (demo key) <quebec@example.net> +sub 1024g/A029ACF4 1999-03-08 +pub 1024D/777FBED3 1999-03-08 Romeo Test (demo key) <romeo@example.net> +sub 1024g/11D102EA 1999-03-08 +pub 1024D/A3AE3EA1 1999-03-08 Sierra Test (demo key) <sierra@example.net> +sub 1024g/0F1B50B4 1999-03-08 +pub 1024D/85A81F38 1999-03-08 Tango Test (demo key) <tango@example.net> +sub 1024g/101C0402 1999-03-08 +pub 1024D/653244D6 1999-03-08 Uniform Test (demo key) <uniform@example.net> +sub 1024g/5522BDB9 1999-03-08 +pub 1024D/61F04784 1999-03-08 Victor Test (demo key) <victor@example.org> +sub 1024g/07287134 1999-03-08 +pub 1024D/EC67DBDE 1999-03-08 Whisky Test (demo key) <whisky@example.net> +sub 1024g/FD6E27F6 1999-03-08 +pub 1024D/567FB34A 1999-03-08 XRay Test (demo key) <xray@example.net> +sub 1024g/41E408BE 1999-03-08 +pub 1024D/4B11B25F 1999-03-08 Yankee Test (demo key) <yankee@example.net> +sub 1024g/F7B080AD 1999-03-08 +pub 1024D/54ACD246 1999-03-08 Zulu Test (demo key) <zulu@example.net> +sub 1024g/A172C881 1999-03-08 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v0.9.3 (GNU/Linux) +Comment: For info see http://www.gnupg.org + +mQGiBDbjjp4RBAC2ZbFDX0wmJI8yLDYQdIiZeAuHLmfyHsqXaLGUMZtWiAvn/hNp +ctwahmzKm5oXinHUvUkLOQ0s8rOlu15nhw4azc30rTP1LsIkn5zORNnFdgYC6RKy +hOeim/63+/yGtdnTm49lVfaCqwsEmBCEkXaeWDGq+ie1b89J89T6n/JquwCgoQkj +VeVGG+B/SzJ6+yifdHWQVkcD/RXDyLXX4+WHGP2aet51XlKojWGwsZmc9LPPYhwU +/RcUO7ce1QQb0XFlUVFBhY0JQpM/ty/kNi+aGWFzigbQ+HAWZkUvA8+VIAVneN+p ++SHhGIyLTXKpAYTq46AwvllZ5Cpvf02Cp/+W1aVyA0qnBWMyeIxXmR9HOi6lxxn5 +cjajA/9VZufOXWqCXkBvz4Oy3Q5FbjQQ0/+ty8rDn8OTaiPi41FyUnEi6LO+qyBS +09FjnZj++PkcRcXW99SNxmEJRY7MuNHt5wIvEH2jNEOJ9lszzZFBDbuwsjXHK35+ +lPbGEy69xCP26iEafysKKbRXJhE1C+tk8SnK+Gm62sivmK/5arQpQWxwaGEgVGVz +dCAoZGVtbyBrZXkpIDxhbHBoYUBleGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOOngML +CgMDFQMCAxYCAQIXgAAKCRAtcnzHaGl3NDl4AKCBLmRplv/8ZfSqep5IjqEAuaXv +WwCgl6NEzT+/WewPTGcwZY+pLkycLv20EEFsaWNlIChkZW1vIGtleSmIVQQTEQIA +FQUCNuO2qwMLCgMDFQMCAxYCAQIXgAAKCRAtcnzHaGl3NCeMAJ9MeUVrago5Jc6P +dwdeN5OMwby37QCghW65cZTQlD1bBlIq/QM8bz9AN4G0J0FsZmEgVGVzdCAoZGVt +byBrZXkpIDxhbGZhQGV4YW1wbGUubmV0PohVBBMRAgAVBQI247hYAwsKAwMVAwID +FgIBAheAAAoJEC1yfMdoaXc0t8IAoJPwa6j+Vm5Vi3Nvuo8JZri4PJ/DAJ9dqbma +JdB8FdJnHfGh1rXK3y/JcrkBDQQ2448PEAQAnI3XH1f0uyN9fZnw72zsHMw706g7 +EW29nD4UDQG4OzRZViSrUa5n39eI7QrfTO+1meVvs0y8F/PvFst5jH68rPLnGSrX +z4sTl1T4cop1FBkquvCAKwPLy0lE7jjtCyItOSwIOo8xoTfY4JEEXmcqsbm+KHv9 +yYSF/YK4Cf7bIzcAAwcD/Rnl5jKxoucDA96pD2829TKsLFQSau+Xiy8bvOSSDdly +ABsOkNBSaeKO3eAQEKgDM7dzjVNTnAlpQ0EQ8Y9Z8pxOWYEQYlaMrnRBC4DZ2Iad +zEhLlIOz5BVp/jfhrr8oVVBwKZXsrz9PZLz+e4Yn+siUUvlei9boD9L2ZgSOHakP +iEYEGBECAAYFAjbjjw8ACgkQLXJ8x2hpdzQgqQCfcDXmD8uNVdKg/C9vqI3JSndq +knsAnRxzVeHi/iJ73OCKtvFrHbV9GogqmQGiBDbjkGcRBAC/DCQungO2iJ7j9+9q +d2crjBU8K+AmQhs27JBkJqtAbC/xFqkHBsA1Pi8Zb6TLa/OCm2PbXFiM5x00wiEn +VKNzuGOzU8uHB6kwWtLj8+V7VOWOkSDEtnlTF6u0y9JOvs7GwDvqOM5C3QH7La+z +nNeAu1527Hj6l0XGSAzyvp+NkwCgnktU11VFpKSIdoplZBayN9OzT8sD/Awc/890 +fiSMWYNGo4+n6IHxhjBBM9lL+DAe1RtCEtwUSWNrGsIxFnDRkMxvMpaT4GusG+DP +haTddrDBSyFiCLxKDBYgMbSO6wQ9g6zWEEh1ZMTMVU/akr81DOEColXn/f3Q4sRj +xI3hu2z8tjVewAPNTuWETQ6iHHoVqdpkK4aABACfbMrnfK6TujxSs91MfKBWfYxy +w9hjM6+VV8cJJdDXiheMKzWcrVecwgYYzukmNinO//BRmQcs1wdfi5UdfHLNFDig +w96SdyZpHx+79ghD3NqDmzYakoRIoDKcZAIrAjgfl5if6vIiA4c1LjhSdcVTBsSy +ic/mkk01EgztWKY0abQtQ2hhcmxpZSBUZXN0IChkZW1vIGtleSkgPGNoYXJsaWVA +ZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjkGcDCwoDAxUDAgMWAgECF4AACgkQQT9K +8xr9q2w+RACfX3AwFwPu5+mr/f1Sa/Wv0m9T57gAn1TBIoUErMqJehQZu73N0u93 +fqSKuQENBDbjkIIQBAChY8NSvu6sK0p4D0AVBsRz8iVXYqbRlRTZAHS4LCXwx/i8 +FmfdIXnaNLOoyi44YruSCnlZdh4YWquCx2mgywG589AzcFhahmqElNbKb7m4F//E +GIZK0zTgW13tQwG9hTXOhYeqchnOOaDDwPEK1Gr+2o/5ANqhqrin0TFFBWLgdwAD +BwP/R009s61X/FkUUAh8w4Tua6qndN/2GsqXsyPYjdF5E3gErK8jDcDLniOHqksw +V17bJG81czCRE5JcVFLLWQJg9cpeoTpP+YcF+m9whtswaOJ/LPrx888i/OmluSD8 +1VP+6zBhhTUbpazfLEdt3XczpW7CNdNbyiEcgT+6Cr+W2GaIRgQYEQIABgUCNuOQ +ggAKCRBBP0rzGv2rbLWtAJwNtSGPYjbesLSTeRwKGA5ffZiFDgCfTPC6I+XyGavj +HJraHTgS/bSCN0OZAaIENuORzREEAIrOxkw6rRDOpbqKenlrMRYvfqoVFafTekvs +ZW8M0GVQOBYwqn9VUfSV/H8Iy3nJsU+cU4UFXEaoHhVWgspMtjYHvxXBTD2UHmj+ +Y7+RkVnOT7x/UsPKbxjkweeleGXkeHECwwZuQhebSrtQQllqtjCx33Le013ukAs2 +SnI83cPLAKDfVb6yjfhG0Avkx83VmlFqXXH1pwQAhVhMi1T06SNYzbKAmdNBfBWr +v9m2l5PJnUTpSWUum6ueJLHzkEM0XgVnHt+YdFuzXgUafsnqEn+2N4tI0zuJqzoi +/9DQnEvKijZxihtYq3S3rN6UIQ2aXFHthvVtxZxocZeluYaWHPeedJlI9h9yObZn +0mLFXFY6TUiHQYs8RNgD/0iNbequyxzEKdIdzD0Ns+3WjIVBlYl51Zdvqyo2+U+2 +70hXVdIssrsqKr1DwRlsCRSwMY+nrB0ZUOlvLaIB7qCQke3C9myu/fJoGDhMZOYA +XsatVR0EGTdXnSuCxqNhEiqwlbZGMAcwFO+oWBSgGyjFPHTMSOw0XS42d73UNxTa +tCdFY2hvIFRlc3QgKGRlbW8ga2V5KSA8ZWNob0BleGFtcGxlLm5ldD6IVQQTEQIA +FQUCNuOkfwMLCgMDFQMCAxYCAQIXgAAKCRAxjB+u+u9tG2cDAKCzaFoiAm79QSmY +ISeiM7XMKhoHDACaA8CU1j8+20C7rNipOHYz3KfUMhe0DkV2ZSAoZGVtbyBrZXkp +iFUEExECABUFAjbjuAADCwoDAxUDAgMWAgECF4AACgkQMYwfrvrvbRsg3QCeOMf0 +g3znbc8IBiTrIPUgUz9p3WoAoJ6eRZTZk7z+hTyx4JDceReQbYlGtBJFY2hlbG9u +IChkZW1vIGtleSmIVQQTEQIAFQUCNuO4HwMLCgMDFQMCAxYCAQIXgAAKCRAxjB+u ++u9tG16mAJ46lQbmtWRZUldQtp4ZnOptP7ZJtQCfceYMZfMAnqUKJiHk2tMhvwDv +Ah25AQ0ENuOR/xAEALSl7SaNEf8mYovea5tJNEwoZx3vv6XymyXga1wDqKo2PeDr +nRDbHGBb5BvWIv1J6Igk/wq4R+Pq989UpkcqREB+yOeluE3zPPtZBrbLySSaqiMe +gYiHnAAPc0TqjH7UPZa+fJKZTUk64BCUQN9ELkL2FKtAGQ7RNQJYvbCq4O/XAAMF +BACXdO4a3ZIK5hJejhHZ01mkHa6Sqoc6PuedNC7tlWiLU62BljGiv/DvzcbMsnvk +991AxJ3pP4ZvKr5CClqIG+WZa1zmtwXdmCfGJb2fbNSVD4zp16e5slPr8Cp+fvIv +2/SyvwruROs+oAzSVvoMAzAGSk3yj5nT5oikbn+M62fC5IhGBBgRAgAGBQI245H/ +AAoJEDGMH676720bj5AAnRH+1me1/iHDnS5ltXysOdl24/BMAKCPThApQ7lJe8LY +r61+lXUUwr1TKZkBogQ245LREQQAubUOd0B7cFzJHF5vo5NwiMZ1JXPjyNqL2OWE +/XfaeJiB55oMmVEPmK1JF69wU7ZBpo1l4PEIWcP7WRMqvBEFl+8LnelRkSW95kwF +r3D8TRnarZy3kfiBF1t33dnkVTaZYxCDKOBdZ/ZiRvLa6gZ/KHhITfzaS7h36G2M +bAlGlj8AoKQPFsEPjByKYdx72m5/2Ju/4d4jA/oCNAKaJH7N8Y3HLis1ShhpytJP +1yC9GJjtec3ugzYSC7RKV3NJcBeCX4om3KhiDSN6YYVICf4wdqz6TAocoqPzR2t7 +Fz6+upxIgh5WGnnCs2e7uO1eXUCSXONfiDEDzRKGTQjkdvwFo+880DkiGln/qmRr +cILA568dwNnOrBio5QP/dbkpUBhqGDr2LchpkoYyQlqzbvUpXJ1xlfZim1jfrmdf +sk83dE3iBzvmT8ByIZcMoqDEHil95LmJp3qw1yVeApP/ZWR+0XiBLEF9GhcAOc5i +hH2ACSXLWiRXpyMmK2/erTvTX3QkAcqoQ1cFWCwNNCrlgycB84Hdm5GXdajp7cC0 +J0dvbGYgVGVzdCAoZGVtbyBrZXkpIDxnb2xmQGV4YW1wbGUubmV0PohVBBMRAgAV +BQI245LRAwsKAwMVAwIDFgIBAheAAAoJEBaEEKSPwoLmIuMAn222gK7ibwOXzIKd +/gZP09JC/3+eAKCOelaqqYqNNbku0gA84+O7d1kMqrkBDQQ245L8EAQAtsGp/UnA +1y4AqjewlkkTOQevLwtzwm3pmLLjl2Y3TfGn8Ni0h8Wd27kV32MUZyTaNaZuDxpD +EO2aUIpGWVQmWvlqCFV2F0Z2AI8R4bx1tC2kD758hUvR+S2hn9lK7E1lQPuvec2L +Eml+uvVxW/Vm4iDBgeMlIlz70MFC9LUnfpMAAwUD/At7Clo7D4dNk43BMvhQ8VgJ ++INy37Dj8PHX2sCZZ/tIfSwNIU3m2ygSVreTlDKo406v6Qmefs/m9dH9lsBE/8QL +40Ek3SY6xV/QzTVN44QgnpRKWpfaMbGzWJVXeczlNkTeIZZo/nhDm+aMucMu/e7E +KbG64BnrQk7Lz6LSKb2xiEYEGBECAAYFAjbjkvwACgkQFoQQpI/Cgub37ACgicCk +6XvTqEv34RXVSkhf+EcDHOMAn3krqPc5ZeSJGa7RfRcVhm5QtcvymQGiBDbjlLER +BADIbiZFRBlqCMOCXTECdpJssJDnAmpir+yfAKX4hsOVdygepdA071Ams8rApABS +/c2+Tuaplad8w+iyQs4BKuzqeQK/YWj0DDqyY2LM7qJbvFd6nC/GOGjiEucTTSgY +8IOFScBTTks7alMGjHAdWzSjq+1ppWJeTSzp04UKhV1/0wCguOIaUr/cMVahSuoi +K4Tdot+CR10EAKunWycnUG2IaGYqO3sCfpChzktWdTjUn9ESJAjKK1QUC89f5+Kr +MPITdUPypf++9MumBkJi+8R0GVJ8zwhwKfX9CHhrD0kfO68pCDxZyW+dDzOr/tFX +0nuH9pL8oiEMkikaGLph+N+N1Ip8thh+vdLhNUr3EPRlrcAfv+WtOpbyA/9+kpa7 +x8nIn2SofJisj+PjKS3lAoGPe0eOoK/sVBvgVjy3Gc3d8vMG29r+2WRIpGwuhuLG +NlQYX65BHV1MK/TjYvFnpoRSqtTK3GpRzTmkJIC8RlXxtfYf/n66VLB3EoTOzWHY +29JMCJnnjPMoaMc2YSK10Bo8P/27nF0CKo8XEbQpSW5kaWEgVGVzdCAoZGVtbyBr +ZXkpIDxpbmRpYUBleGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOUsQMLCgMDFQMCAxYC +AQIXgAAKCRAf6PxvBCWWd1pYAKCVZ7DfK+i/YZGyEu18DnWq0ixligCghGwDoMGg +LnenSjyShMZ+1Ecekia5AQ0ENuOVEhAEAIMMgk/e8lsV/KEkd4/jNK4yFj5iy/Fa +on800I3GUzETuQA2AT3getR+GuV4pbZWE/80b9hnNW50UJGiP1+SXfVtY5vT8p/g +NFwn5d0O/pq3bpgFRJmoawTzx8SFDwCVPHEcwOHE2j5LvfrvRBOyKU32tr976ri+ +Uowt0+92LuA7AAMFA/0Yo9dDqhjR2UoNcYfEZwWhRHaaJenP3z3QbzjJkASb5H84 +xCTEpv0dqEtVTJUoIo8Lh5VjbiCwok4QPLVSbQFeHqTKb7N96PjevkZ1Co6OrLCN +OcPRvXxgCwSGbuuLMkQJEutnXLu0DOKquY94KXXh79La7lTgjReE/1Wzbgc1+ohG +BBgRAgAGBQI245USAAoJEB/o/G8EJZZ3CXgAoI5oimsZs8ZKmLb5sPB4AZzngCyz +AJ9og9spt3EYXAB95XmfzqgJBRv04ZkBogQ245UlEQQAnKdAaILozJ04V6Z+FIwQ +EY/aF4EFrJJIc+uewF7ukZl/7uUZqSxqmzZjbqigyMFGybJSMa6TpwN0BKG5CJe0 +4R/mVCIRsz1Jx5YXezN3UFsNVNE36R8l8dxWG+wgj2m60gu4VlodcpVMc/kRiSUg +KUfg/xmPnRe3SJZSlG2lBm8AoNc/r5DW86om3MHWK8AoyhvVXhWvA/wOcjx6gfTT +KftzpQBhOF0U0fC3npQC6bvjLjTBhQjC3WX5rfwJqMmrudRbEO1sFqzTOQPtb9xa +tMeVqTcOi6+x2zfXes4nTfi9Lgq1z8HhE/LnktwxZxyPeOXqXu9N023IyQTv7mC5 +9C1xMZk4POOv9WZUGz4C85s2/9iTJCfkMwP+MRW0S9mHmisruCY6TDVFc12KIFMI +PSmWav6gW6bCAA+wIHfmcSyR6MHiLV2gtJ0vQuqgyWfeTiaxPof07dg9pZsV7Hk1 +ZUhEmloeOcfZmwtHkRhWGEbEsd89IWMDJlwNJ7Y9JZ3QvK7vB42bQVvyhdFQdEXH +0slvlvsgKtCcaOa0J0tpbG8gVGVzdCAoZGVtbyBrZXkpIDxraWxvQGV4YW1wbGUu +bmV0PohVBBMRAgAVBQI245UlAwsKAwMVAwIDFgIBAheAAAoJEK0bD61DwtDH1RIA +n1kxWuxGwCS1+i7Fp1cFzzZCHycLAJwJq+RG7ux9sQEmop2V2mKdjBZmkrkBDQQ2 +45VIEAQAuZli0/vYbs6h1HhF9HbvRHFMePjQ99Sk8h/dTx7PI7eSqMHXYh0PZghc +hlbrMSPnemxfwMbJrmdK9WN0Wh9BJUe2ycH8ftUcGRo5CdESgiceziF6Vg4PQz9F +lxtEhvrl7q8R6y7O+j03QAJKUGwBdt540oZ8YYKiDvgZUZxnoecAAwcD/1b2fYzA +nuWrQZXhXQQ4cNVxMBVFKHScH24oFVbuEWLgM/tdgF+CPw2Vtzba8ySR1K80VSgs +Qfs6n2wyCVd+II8lKHTZT/pfICFcPJlHKs4ge+JNn1IcxBAiq0QRNW5hGTO9KdJ8 +MFWrWn2Bbp5k32roAzuCagoielFo4MVFZTsNiEYEGBECAAYFAjbjlUgACgkQrRsP +rUPC0MeO/QCfaGt8NeCm0zbssmOrXZ6v9zFk8xEAnj3SpjLTyqemniHSJ9KEzIKJ +CdiDmQGiBDbjouIRBACKncc4Ueec7dWaVARy2SmNVufeSenYs4AsIPP0v59jEl7J +I0rb+4JbIJoAzW/hcm26GS/UbbpQwig8/PgMUV5QfBST4CEOlf7/x2a4HKk9tDV4 +An7q2aNr1beW+twxfUGWWV5I0o1b/iKVk/LiQRiaMr8pJXY266m6/2Pn9LmDtwCg ++Iqfx8gsK2PZCWv87uEKAOLzHXsD/1eRxLqCt1hT98gdDLykRTlI3kMq6EK3I+z/ +8pDIMDuPIJq1eM68YdFZr8s7i1ye1QpDltPYHgWnUC733ujAKANdyybm3HrA3TSB +jEAhNfcu8nkrVorvASQUDCLJatWRWJTUVrPH+GXIXMA/Oi6LDsgNDOJanwzzvDCC +m8hWQqW9A/4xYAZ4NVFrQq8gtQPJWuMIfSFSvpZWNgQgYZntiXSUGYOVs28T/87R +oRx02tsVDw2PA8z68q/XRuM9NdetxbUXQHB9eszFLi3W1idsXhd/C4SyiTgEFXG8 +Y8s94Eadgk1PAYHN6Gd3SY7jmevqYGVLmBp7qfj5Y9XSM5SE0Th+fLQpQnJhdm8g +VGVzdCAoZGVtbyBrZXkpIDxicmF2b0BleGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOi +4gMLCgMDFQMCAxYCAQIXgAAKCRD+GAsdqeOwsvruAJ4iU4M5s1xsZiXa0wLnX4FB +Bl9abgCfflNpwyEp6KEhKCPWwPRG9WJc0qi0DkJvYiAoZGVtbyBrZXkpiFUEExEC +ABUFAjbjtzsDCwoDAxUDAgMWAgECF4AACgkQ/hgLHanjsLIa4QCgityK8zajBOqA +N0ZZTq8fOzgiEYIAn1ZEfjX+jefZUuY+4zFzrpO/fX0OuQENBDbjowcQBACVSdXx +UWlz81FjqHgR4b1EtmhmW89CmpsHfKlSwlYvBtbB/y7TFIfvAr4ZFbpuqew6Jvtj +IEZoXvolTWwHVPEFkuG0LAa03olaYpzC6ZBDuLkb09RukCD4zdY6xwbAMRsOzZgv +597LZXtOLLLnmOyTpsjRDLztWsuNglm5rffOTwADBwP/SyVZvFEdEVn5/dQTp7eA +tXdrbZEM379ctCJ2663RbTZd55lIBev1fTnKQkvDTY2e58yIQ4E+Nzr99qg9Cyf6 +e3OhErTUqEBOhusBge4/7E5LrIVMvo6AFU9qgn0Sgsnu/ww2txVw3XEjqL8Hgl+4 +Q/57YRvJOe+q29Ye9LL8eaiIRgQYEQIABgUCNuOjBwAKCRD+GAsdqeOwsjK5AJ9p +ek7H6yt3ZHAJ+7nn7sGmxYxb5ACg1INFN4AMzqEUjbZ51KTVdAvyKlSZAaIENuOj +hxEEAN5nO1c81jCmgh/oF+p6kiZmqFV3ape5kEmcS/BoWgCXt6vjaldctmFYi7v+ +BY4N9zI3GxQqAxt5D6dY7aN1xlC236CZEAaXUXktvGw/ppHDjdbs8CRuZiA9jm1j +92GAUY/mm6hX2aGKOkVwr9yN6DrA2CaO4SwK/wEXkVfj+nazAKDCaBzHzwSkkXf8 +QOtOTj/xevpnzwQAv30laCeXTDZM2I/1Pdzma1V1xizfae0kfzZOJBDQtHQDvNFj +mu6iM1kL0uxOG3krr0AlqSsMD8W7mavbFigUlxbhvuul4pTL/BiJ946FhjlPY0Ni +9pmdAldno7yUYsWADEKadkQ3ghEVqEqz+ACYbzp3p8K+5KuiFJm9D4uyvToEAIVP +i2N+4voxnRWGwKXF4E+fLYAzXT5sMMzl46Xk4Ms303F/5JG7kB0iiPPY6oP0l3nl +ahulRcbNMj7SDbfrfoi4m4ftUYIX3acXCSN0gNuVGipg8CwlGQyILgWRFp6oXQOm +AlpxhIGcd1jdh3sj5y+CQrugGPNOJT9mzmFkB4rxtClEZWx0YSBUZXN0IChkZW1v +IGtleSkgPGRlbHRhQGV4YW1wbGUubmV0PohVBBMRAgAVBQI246OHAwsKAwMVAwID +FgIBAheAAAoJEOup8kDrncnmriYAoJdBwMXGVRTFlfw1u4XimCRPVFRNAJ9WFXys +x0ugWaIaLJ3tyNZQHWoARrkBDQQ246OqEAQAj7WdaOJjzJNs2G8rvrDZvD/uaALQ +9PtdvYAp/Drp7xMH5T62+KKTlKdO3s8IQBPiuFocJNir5st/nm8Xl+gcOZOvtr45 +c/cl54fGO1gOjBZOfgbkdBVK/LMwuQWIebK4qCZnAOlDLYNGVUguGLnEQBSfnhhk +gh0WA0kqt7fYvpcAAwUD/3cOEqPlMdYeLnGEG4wPxtyVIchwGOv0YRW5apbz2fdO +7otj1AFUN5WzFw0A5+WHza1OIUhg50Zco6HnwKx6F+LbZ5aOc37EAvaFgPuMxBfk +aWYagCof3jBF0CbTWUXV/D5/dFmIeuGTuUMNsGVH+OSMW2hBN/7+aJK5LLHL+hzp +iEYEGBECAAYFAjbjo6oACgkQ66nyQOudyeZzTQCgmr4mT/wPN2ppg5x75E3cXn6q +B28An2hO/hgIPkf/rSSydA72ZZc/MWM6mQGiBDbjpSYRBADdWzld1lyDWDqGPSzG +OsehXyTSa0pOfVTLckpJpDpErcn8jS8cKrXkVUowI7SlZhPRmYI+5pqGaG5FZ5VJ +d1TfKWihc7O+JDHoK3yamOnh6OFQFPZUF1+WlAGiFXLc+WODzbgOSMy/8yXA6n0z +e+v3et5n9Kzib3sDGjw5DMmiYwCgmUwnofqskHVv1S6tDg08mXALKKMEAIVGyf9i +j3BzNb0fVYGUOLU07nqQ3RpNQPaKtPQpBobRknQ/ZSdzuiALcCB+Q664f1cKGA+O +gtm0L/f1xUmKRW3rT9lzMtcCy6kcudCI2OHm/gOcPzKqjj5onpD84fgR4BdbsehT +8+urmxFiK/bFFI6eC1L5edBQcRLs7TF2jY3SBACdXy9yHg6iDTJhysvR7UuLWE/1 +s9ysirhZgPb0vyIFwHfRzM96AYIPpLZr/jvkrDawTxYGfGIZrj7UyGePu7RCeFRV +VX55B6evNv3fAqbmwQ1GHTX7WHCNdAkP07yTxZ/wnZudPAzQwRkEfZ39TdccbOhH +fHvbv3RNQ0VxbWtQUrQtRm94dHJvdCBUZXN0IChkZW1vIGtleSkgPGZveHRyb3RA +ZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjpSYDCwoDAxUDAgMWAgECF4AACgkQ1L9X +83Ny4kN3LQCfZhlov9Ux6LofeSt5g2hVijDdX0gAnRc7adixQ2hpprv4vNoKvmum +F/D4uQENBDbjpVAQBADfVCPYwZ59MKgXTH4P71QzFnpG4E/MjqDNfW3NxQ9ZjLfw +0ir6U1gGDuEsWRR+fS5OwCbfeHZDzPj8MZPuOZBamgiDvI1OvrrzUv+BijkWGEL6 +oRFnWI8zJ8zDAPuuvP1u2FQZOoKFXaHo2I9Q8zuJz8P2vEkgJfLx2yiPR1Dp2wAD +BQP/SCCKZBNQIaY0cfKmiv8ZjRcAAvhXLyMCwLQUfVRqoNVOtMMfWpYtGdL27ESw +4kgZIsxJ3ELQVkRiriMKbsJiNM4dMe+9gNuGz1CG9b2vhUPZ59sREVIRgyIfr0BJ +AsYOn87mQ5lOBA6+XmjHO+ys4xpEVJZyfrq5QAw5GYcrPWCIRgQYEQIABgUCNuOl +UAAKCRDUv1fzc3LiQ475AKCVZupUbMXq9yw03M34RS9YT9MzKQCfUgFd+Fn89xqU +4Owg/MQzYlLreUmZAaIENuOl2hEEAKeOL2pIdZ+zQtehxdL9l/uDBFSTuN9rLb8D +gLiw8Z9j8U5CEH/M38WzH1nHKKlZKjGVZYiyhRfAG83wvHnT83lq+Ad0lgaZTR4z +6nrd5ViOlHPlfqo4RPZPzPe+uF7EfDl792sJerXGAasLosmKnxKAyJyVjh7eZcjT +S/hUhO9zAKDVyLHJ/gQlMYk8vE5XYL7Pw4d28wP/VsKVkjlxsXpcrCQIoKeDXgKN +Vv9L+0Pebspzr2WOah8iBN1QOkbtexIKCbb9mmviEnJU0FFx5MIw4mipvY4EpCaH +3McGwJpCzWmdzID8Z6oISUyKsuP7PXjmASbogV6Iqy2m/2RDtfbIlbwotfbiOT9T +r3IPbH+tHAZByMRyvxID/RN90WOPSpODxr9AH9btmeJD0BfNt99116+qdwvWrTof +cbkBgzvB34vLLDaMKVIyinxz2lYyC7aSpA3uzjZvoPvPrQJFLE0dx7DSkUTtWbQG +ByRabpyrXYdKZzsFXLb+LSTWwF3sQLax0C4cYT7OLPlxjDVq/A0jgztaZVWa37IY +tClIb3RlbCBUZXN0IChkZW1vIGtleSkgPGhvdGVsQGV4YW1wbGUubmV0PohVBBMR +AgAVBQI246XaAwsKAwMVAwIDFgIBAheAAAoJEBPbllU0xuPx7NQAoMhUK7d8mW1F +45Qpwtpbn/EdSuqNAJ94+GVY6GrtMbA8yrZHeD8zSAedrrkBDQQ246YdEAQAzpO6 +UuCWWpP9up5GVhLPoSCBfSIA9JWm5Ap6/hjQ5hia7CcS8E41PjaGl6Pkh5lj2qkS +UBa892SXyQMYqMqEq/h7+BW7+n62SCRMtYOHRYZPA4hvs0d7jznGQlMsltx7qamo +VNP0XF+ws1wHLjyQl3qMnkrAQ8lAJP+jg7P5Hq8AAwcD/A61qQLRXsSFr7LMBnaU +SR0o6+4/HCdh8t+mnAeQBDAkne5DTPiwqzqsjoYekX6JK7wk+mbsJTd/Zw55Jkq9 +xVm6nEUo/JIbN7cPlMqfCLaoS+ttbxZ9fNCO3WTNdWxAr/mGZZiBfy9yTcxUfo5q +Tg0ffWy40CNHaVKk+iIcktGziEYEGBECAAYFAjbjph0ACgkQE9uWVTTG4/EmaACf +U+XRhr/UgvgCfMlOthY327vlI30AoJypWeGLup2DqouZIGkY8bmpDrz9mQGiBDbj +p/8RBACXrm5v2sQpLtexfA2S8a2PUruCeqXYfVsnkYX1sYJaFaYHxYW2wDL1dR4L +dZuty5YWBOxu1N9dnkjuPsdIbq6R/phy6xv5sDUihP4YBAZakV5ahd7XrBdkWXSk +RzaJSfH1OG2hAXR87liVu8ck8RDeS+ipx1vnZY45864IAnFzqwCg2qjnDRjGAn2O +SPsnhyZH44VQQpcD/A7SOu9gTt6Jl4VSMY2JGi3HOFPOHnevG3Pb8NYbcP4gEU63 +iqrHGndYJI07lKcFlZRbnSEOSFPFLuNKax88GYKKeZDoQXkVoU/ItAGrS4rCExpZ ++Jx2tBL2zJcWU+7NDmM5LeRUDE6a0N3sIxMLzz3Z2PTarMATjpA01Qj3WRlcA/48 +g1+gnyFXbO+UZn21WWj4uCyXUE6/G8SCZhXXiDJOYxaBrmw2rtN0x1aLwXPRXLuw +jhL5Ewn3qszCzaJPNYuLaMY7jiK2ha20LCqYYmaVJa6tGy9iFIGC80ItcUYZpCfm +dw7W2oqdZIN/rblScCKmyBbw/gCB3molmLBd8nrseLQrSnVsaWV0IFRlc3QgKGRl +bW8ga2V5KSA8anVsaWV0QGV4YW1wbGUubmV0PohVBBMRAgAVBQI246f/AwsKAwMV +AwIDFgIBAheAAAoJEAyCDHHSaZMTQPYAoKRB8Ey3Ny6TaKaGoL2GNFQEwM1MAJ0W +blK0ScSKbm1BN+2hfDmmKRkgvbkBDQQ246gqEAQAkdlSJYfTiZH/CkfV8tnhI6ID +z+SgiZKcneEBnO+hAJottARGAojdbURlOIeZqRCgKpdTXBK7MdHAz4RKFnAAXPDB +ZgA5q+Coqn580t/O/AKGb8kKn9n52z9lC8A5KnHaRAsOKVyPTIU5vq6FLmsWmMB5 +5iz826Dk9kMhV7mmdQcABA0EAI8Jq3Jnqf0HqqaX7CZuNKHJgag14bTaBw0niZK0 +KSB6FBpzitEoyst5JBPCl0ayQEw0Hn4jhZAqcZybI//pC1CNQBBO47VUi0y1UVjE +xtaNmmWxugzkzWHHx4WmyWsCQwGN4B9riUws4g3dgC007l+aonKzj5QEo1XiiMNT +FFmPiEYEGBECAAYFAjbjqCoACgkQDIIMcdJpkxOPrgCgvrCZO/Txjq3F6U9vxdQq +lrLDgXIAnid5WPrZkh91f3gM+QXTQfmq9V4RmQGiBDbjqN0RBADBWmbmmByw+u1J +TAixxj5NXRXQJ9zLtkxRQ1GHxLQPyQzojWWnD4kEme8yvsFXuulbPX8zZMnl6qcC +8wt+b5E8dCtZuvQL3vS51yGe9M76VRC/1HgriE0YqHMTYJT4J+HciftldHFid+jR +nGZpLwVtLxiLaWAm6SBi82FTn4lVGwCgtjc3u/SMsPgylPRyN/QeH8/OZ5MD/R2y +G/c+ZF4kWcgmlzjJxQUN2wGYeDoOWUMXS8mf6yF+DLtwxo6oOlLaLHVTR6+qH2Vh +z1zaqk1Ir6FJjkuUGvHbVFt2BmvL26StTjJ4zC4UFSWYP3qLvfbPThT+RoD4ea+V +cPxGEGeqs0umImJ6s0reS3KJS9vgHtGo11Is4nP1A/9EzV7QkX5EuEnlUpGV2q29 +aGYx3RpcOhDYixogNHuW+K9KwcluBEEBmT74NwxVzI6qdJVVZn5lxT4IC5G0z/ki +df1Rkgv8Eqj5DIikgnp0asB8FiHSsb+39d4cnk2V0ez/LmknXUl2mpKpk/fb+qXW +TqPDbFUE8dz8zyqRFXIjwbQnTGltYSBUZXN0IChkZW1vIGtleSkgPGxpbWFAZXhh +bXBsZS5uZXQ+iFUEExECABUFAjbjqN0DCwoDAxUDAgMWAgECF4AACgkQN8q1H7eR +A/iKXACgkZY9/w96yK2Oiq/MUs/A74SzJ2MAniQ2eSHT5CQ4G8PPvYfPZueNI9PT +uQENBDbjqPUQBACn8JyfkTPFcgaWMpUpnk+nTEkDe4GhAG9fO7alTgdT6+aDCdfX +fXfH7gGwdURvDv6V/KEqcMPRNLAgAeP/F4T6OtoJNTxfWLB7j14DJNpYXjBPJPN1 +kpD2at8GcWB1aVGMsAtxMwlo4TZlqyfzCAAQeCLhBbIE9LWKX5oUTqiLOwADBgP9 +Gm8md+/xWp9sLE5i3uZ4t9Muu9w+UY3Ke/WcSA2CNthEYhHNtcMPP6PBwtz0x425 +mC1pe9RuxDyzRfV0/q+rjdWZBNA+VTVNDHXSj5hifvem3KFvA6TIgMabJ/q4WE7T +4Hn8xjQpEsLGjSXAzG9WRg13qTzTilIk+rC6xYGbZHSIRgQYEQIABgUCNuOo9QAK +CRA3yrUft5ED+P5vAJ9dQMc2nMpcKuH28xwKl8r7MP3pygCfWHGKFHWIDkUt8RfH +AB9geauEQSKZAaIENuOqZBEEAKLUF5GqBMWJQtBs1t1Sp+NIOGuMLgJOhINbMU6t +k2jzeUt6ooNd+c8P0TexsbSETwhrU4ntpvIISb7I8Twhcled7bi5KCABJOzz7Fw+ +Ydxo5Yjm1DQH7+gEtPx3n4AjZUfRAN0nqcFizDpRYPqVaN1QYiGWn9yPF3pubQhV +n8zzAKCpx1LUlQl2e5t1YJhmom2qy38EeQP+IB45FBfDf5KKtyS64alQ0vHYIssU +p806PQorw/ZOuoiscUQj/WeZ4vn7rCdu60uR1EuHpGp7n0t7igEgAOcxDjrxJmpg +SdD79V+oJAFLATo2msj1IklVvJeI7ZsImyPchIU1lqn/GvpAam9N+FiIB1KUMFqT +Jzc6zUn1Qqag1w0EAIiRHPYRW8ojd9Uh4Ed3X0daAnClyMWL82t2bj/bJRmhupQn +4aVJ5D0pFB9izTiJEWciHpqiMdsi/zExYYIDS1Zu94+WFbNIxyMFfHrJ5fUQtAqL +b7E5LrlxZONUnrRwshqR4X2TmW2mz1Wop542eUQ1UWp4Gr3VlH6giswY0CnQtCdN +aWtlIFRlc3QgKGRlbW8ga2V5KSA8bWlrZUBleGFtcGxlLm5ldD6IVQQTEQIAFQUC +NuOqZAMLCgMDFQMCAxYCAQIXgAAKCRC+eUhSvlz4hvEjAJsEfDLAxH49s9lf0nql +F4tcflpr/wCeJKCP6iVwvhGIdCu+Dbvf6z8/sI60Ek1hbGxvcnkgKGRlbW8ga2V5 +KYhVBBMRAgAVBQI247e3AwsKAwMVAwIDFgIBAheAAAoJEL55SFK+XPiGmdUAoKhr +c+z524neflMpRwJ+NG8KVxOxAJsFZqm7bBtYllrdcTqNqMk49LfBObkBDQQ246p+ +EAQApnvWjY5rMvw9Ly8xFL49pGjAYFb9zFijvgG4tMirI3T9EBLflKLJ8m4KWoRo +T2eNmy/JGLHyZjveaVh8TerDV+uxZkEGvv702nz8NOElQTjHWHoy0n6poci6Fxhf +Jd1bnOjDK2mZEufEQNSn2PhA46gjCLRTAPuwLpitSSL5ubsAAwYD/ij9KRO69/Jx +3+W9DZQxWIQBiKnYHVr1us2WpdpTV4jpCqJOCOgB/hlBmCY1C1/tpsAj1A3ZZamJ +RWVZoNokkReItZLXfGacprGbmmjcg89gFM5V3nEUNCU/mm2BQWp58h4NOCv60dGr +5GAqHDxAStPk388zbxEdyFs57CPQ4ZJtiEYEGBECAAYFAjbjqn4ACgkQvnlIUr5c ++IaRMgCfdcoqwoaTU7rNH0BWaYUfCrQ6TnIAniN+yQaBbwZHMbSaDTBRndjLglsK +mQGiBDbjquMRBACteKaHZ7pcM7Quj8Ec8Sx0fJ3u0NdLso5xn9Ek4FWMLBu6jw7b +/5KjB2WtXOZSWKHOzeTfUAx79NMKJrD9jZW/0kEAFVeZpwZF1l8fBsRELR9cxAaj +E3RvFkgCYAhXsF1Jno+qiU5TNvadGU4SzmP4vOnnjrIWTy83mtZiwoFIcwCggaaa +ClE8Q41NyIfVtjS3f+Nm8x0D/icH9uwM3vpB2QV29IIBqazgaFr7vBoogFoAllaC +QbPLiyHX1Mk3kEZg5xewmDS/tU4rGqj7UcL9OlZx1ICD8cp80yNYfoI7K5XM6sYO +MmfJORGOEsqMtoYbo3lluDgDkg26DZNynUeFHZRrIWz2cKqTuaB3dw09m8sJNus3 +poEtA/9Q1KDsjKPi8+2kUzJoK3V61QglXAVDlfzK6B5KOEZ6GR/gX9M5uyyLjREy +bFSSNPlvLR11+mV4GR5AcrVQOmE0QpFyo1Mr+uDsbqwkzERvRq1r5pOyqM5WPXhl +Xa5oo4na1fBEX76IEzK6xIVG07GnNnaY+dlPgsLq4I8+A20ZG7QvTm92ZW1iZXIg +VGVzdCAoZGVtbyBrZXkpIDxub3ZlbWJlckBleGFtcGxlLm5ldD6IVQQTEQIAFQUC +NuOq4wMLCgMDFQMCAxYCAQIXgAAKCRAlsA/UMM7GhJjYAJ49ENMfPwK1U1ESEYQS +5Yts3SRcAgCdG65G3ZW0dnhnjQAhf/vk+EteMfK5AQ0ENuOrHBAEAOGceVg3PC6F +tgrZrnofohzWnui6FVBzeai1DZ5MMKmdN6/QMv1eeHoMOb33fbfhwA51n+kPuhap +r6QqTzx62RGA/gK1m7vjU2OfYxSO65GN/rSUXN/kE83jR7Hux4MocRXZ+/8ngqL7 +JAjw1LZdJyOniJpeRvrckPNC/bKaua77AAMFA/95VjAjJIAU/gOMwtbqTgV+cmHe +52Aa1CJEalV88yKG86nnqHuL4xxUTTZljyjbbKleJD/Ah7R1BxBhSEDy8WuTuonE +VHVxTcL9Yig4pZ/OzYZf5fkl1eLNaSLb8XZMT0JbP02b//OMpAr29lcaga1o1RtW +vrlUyIYOTm2RcTxkf4hGBBgRAgAGBQI246scAAoJECWwD9QwzsaEIOcAnjt0vZDn +9+3cTNpCuV1ZKIu2t410AJ0Y3CnFBUFBOKk6zkOJnaArwVN3ZZkBogQ246tbEQQA +lWieyQhDso2ZnD2wb+gq6aqk1rRUhcwdBwCTbiE1aLAsnuMl8nLH4fvhaTz2V/Ae +joL00e28duA5or9JiBfmVblrpTAIGWsu0AU6uEQsWgZwRdso3NH/KfH8Z5lxwJtk +Z/hlAiEHohmGoD38mJNsgnm63RXadUH76irO6McvWlcAoONeH7i25AcrMol4O7BZ +wqGq25ibA/9IRhK7AFhfgaRrDTz84PaIssxp1dWKalRruMJYGQK2LDuEl53Q+d1r +nYBPliPbjWr/9Gkjx3K4B0CfWWQC0sUl77bNRFqr8FXkjRZcvkCoxxHG7PIFG77r +Ld2SiQ+eS+dp5QijuuMC8skkvQuuxS6eIk0g+jjGlNhjuu97Ya6xeQP/Zxek37p8 +P1u9TTmN7nPtlzGXGrfKVi9DtJ31E805ruXFqTuoFfcOBRrtfY+DOebX8RxIwQV/ +TEmyxwoXdmkv03EYwD6AJSmx3WuVi5/revcH9nfSEHDy7sFC8CBp4aavAFRQNrho +mSB9lSm5clGLZiD4nljF1EFABwQFch7HhlO0KU9zY2FyIFRlc3QgKGRlbW8ga2V5 +KSA8b3NjYXJAZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjq1sDCwoDAxUDAgMWAgEC +F4AACgkQX2NWum2XMqywLwCbBT6UT+lNWMh/jxFu/m5Dy2qMwpMAmwePBu7USi6T +WKaXYRSL2yywJR0HuQENBDbjq44QBACdC1XRPM9CMFrgVUvioU7SShffLnjgWBZ3 +hqbOYrsgtXfuQdv6lAixnNPdnk/k4mjL8w1pqbjUmfmbppVDxzsiiUQlJatzGDfU +1gDc7ksnXpF/vzghbucy8HNO0SHi3uM/GXC574iZ1oxa/A14fKnCVYT1ThqUa1us +C5YQXHm4IwADBQP/f4LZgN3dbL4jLqXHDNpAIEjiTbKXxDKHOnAof//4SE0mpaNV +HLu3nxI57CtXfSI2kMQSm/3pqpTKzaBlM/CbMAJUanhmlLPARDcJ/hQcDtBsF5nF +G7zfLfe0SBwgsM1HxL968Vva7WsbYpSa98+3HSDuy9VwphFp7i4HbnCbSK6IRgQY +EQIABgUCNuOrjgAKCRBfY1a6bZcyrA3hAJ0erCoxKtpc184iLkp5kpXQakDGHgCe +K2WXA5gTOULftladXZn8tNoXM6CZAaIENuOsQxEEAIQRmJhsJniNi/bRff/YGrZ9 +aFWt81G93W8WhV51qq+ntUHgUNY55Yyos4XLOa2tS+K8zP6X15FesVBPYIQa5BIC +10mAsLfJ+1rbnGJPuNBA2U2MoEaRxo/JtXQ//5jiTRlYwLDRnBzuaMCPdsirveu+ +JBw53ytRwjwe7m/D1PPvAKCp2dj1FtDjubTN7kCF0o2KzPwE0wP7BimQxXyPwSzG +qLaHXSEBsh84OQTxPI98BXgq0195/A1B1/pPs356euKlqoefUTHYhbjiMYbjZT+A +6juudf7A2Ucy03G8HDZ4k1f1vmzrj24+6ygGBcxTVr0BaweiC1DwG3LjQoJ1cuFx +RQ8BYJDGIwPrUW5JdlnzW2bJWfdyXOoD/0S7iEVN9txkSKildOeP1YcDCD8MM3hv +F9kUc+1hbmir8SOZ/IYJAyQN+j+mYWsLuKtZ/F9pqiBNTXH2jWCTqldOD/ZYxHVJ +AARnkiVG6yckMLsxHi2LPPBK8xack0y92mKe7za/7fhVgCRSs7M/rzUbzUhyInHS +yxr2SYb+8lbutCdQYXBhIHRlc3QgKGRlbW8ga2V5KSA8cGFwYUBleGFtcGxlLm5l +dD6IVQQTEQIAFQUCNuOsQwMLCgMDFQMCAxYCAQIXgAAKCRBdFeAdP/EyBgb6AJsE +NGQmK4nUrwcbtZ7+av5GDQ2T4wCfYJaV2rBtTR9aWTRQfZOQoIkNF8+5AQ0ENuOs +cRAEAN5hO+fEhqW2pX71oSUqW/TRHWSbybNc5brQ1tzgTbheHiG/LQJ1lHjtZoZQ +syW3H/efEuNARwryo4IjvK0nmiQsqZUR1795XTIbo/waPN08QujC26uWbL1pYL5y +QarwbKOoyAst4jgE1NpZVc/r1+WUp7NuEapicVjvFNzkiVCLAAMGBACWQJYr+h0o +zr7JQ/BqI8vTKuVXb+DIBQjuSzN7LvaiIqMqb9ZdfNNmZ1Atvklo2Ce2VMyliQzV +STZuHJQbfrDTBXBf+Q+AINiHdZEAodzBvDv6p7vsTnoP+A2bS8l6xrWObKt3Ky9+ +GUDkqW3WuagcUKogQgEb/FKec+GegwSgUYhGBBgRAgAGBQI246xxAAoJEF0V4B0/ +8TIGk4cAn1I/jmu7FSgglh9aPmVYAw7HWQMAAJ9PAPPXfqtwza6I8ttGPLYNvEAm +AZkBogQ246zREQQAgcIj/Eo8PrIhEaxKcjc9dNb9/0BZ3BxBk7x9a7HKm6o0/vcf +LH2XFjFxB4Ddfe+O1PC9KNUqIi6GTafGbyqS47XsnOJs5nvsrgmVpUUzAd7p0dxc +c2tJodwhkH4GtOP4i4P9XBrxngQrWQ0ju333EPF6wLWi7qkVyGENCfsvktMAoKYg +M+XYh9UQe7/HX0GiCnk3ExVnA/4ryBxdyBihj02i6s8vAe5mlTrwv85ugouSB95X +EX8GPfvaWIW/TpUWQ6a7o8YzU/kIPa7YzETYX8e/FVr2Zd33HAfeLUNp3OS0NvEb +YJlGDfW7/X7qLVv1o5WCjCHUhK8DCf9Ax9b4z7CbRHptxSE4U79NCCOsXQsObV28 +qlGsFQP+IIaCh7dTqADw/nBmfuXxepPKXS6Xdi0to79LfQtr+TUtJOEVGIbqqQBs +gESFiT5qR0W7qhOnl47TIQyPQnt/V994QwyAGtIgtM5qYFRW70g1FkyDRX57PzTM +uU2BjVI6mHkaUkLaLujbRXiQFm8IXJ4rf297GppKuSgvNcr7Rmq0K1F1ZWJlYyBU +ZXN0IChkZW1vIGtleSkgPHF1ZWJlY0BleGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOs +0QMLCgMDFQMCAxYCAQIXgAAKCRAcZ+wTPGYchNG4AJ98zSyvQ3Rt+Y+AVfawyEoo +sFG5KwCgmMyj4RYhRlXKWCPORBxAfCOYMtW5AQ0ENuOs5BAEAJGi4T/jrY5BtRTM +0psAneQytzzFgH4+LigUXAAb0QDAOkyGNfWHrfHJIS7A3Nc9pMWAdOjWgSKbYyrz +ra0SQ75/SkI5+/S5ev2Fpki+HYo7cNgVXnbCJrIY7k4DAMunqPJ9JCUXc88WxGvK +V5b45htqCPnV2Pgq+AEIKD5aGfLjAAMFA/9+O6ttUbeY2bQHRdThl4HUxQw4lgYN +7stgGZsbHCc0y6ln1HF9vlE4Tl6HI/NR/8OauQrXt8988dh039QNZsOdAeRWTk4P +gSuXq6VDG5WNw6B9bvRPKXe5yeVmNNl6KESBzMcq87kANZWZ68vKJ2JihxPHRAyf +xwGr2JKkVF0S+YhGBBgRAgAGBQI246zkAAoJEBxn7BM8ZhyEiJcAoJTy/pFHvd9y +xAYZBYp7qLG2lUIOAJ9Rlpbjou3wb81vE+Qev1+GQGpaVZkBogQ24644EQQAlNDo +1aAt9iof3VI1z3TehyLrBIR4XmKRSM2Bx02CZhQRIwY/QsK6WBoxlJqfgUtsBUuf +cztjJaUBixq5qPmBgXYqN9/B8HZvG2nknHdiqKrvqFpAqATJtlccW0tzPJKtKaTb +tkORBDv6hssFa1aXwTN7IjN5nLI1Wh8lsvk9SKsAoP5Z4IDSK/mM9h6FPRsAsAYv +d99ZA/40UwQLl06u7wBtmxqSdF/86kjC0kWX8J2Y9vIceiNEiE9MmVNcYIKwIM0m +wduF50EksVjEdgWUJrqT3RztJfMT5+Sgm2KOAvvfmbKa8RF4NPSrVXDDrFeqk6uN +DT0jnUUTQFYTjk4Pxg9Kl+a/c7Qee6qXn5qeDX8ubZqN0noX0QP/Y5HSgi62UbBP +5B+e5BqE+ZLeJ7yVtl909NwTCr7KVZt1o3Za0dCYtMosPT9ObAjCanhSnuEWa3hu +outOgorWaUSEW6Y3zBKvN/M4FA7+1Rhe86gnnWLt+rHqX5M8Y/7JTcrugNtR04DF +sYga5A16CLsTDxSmM2Rgvpwh14FtrqG0KVJvbWVvIFRlc3QgKGRlbW8ga2V5KSA8 +cm9tZW9AZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjrjgDCwoDAxUDAgMWAgECF4AA +CgkQO9vtsXd/vtOr4ACgllMIBb4leDKz61LQiA4TGWQp9+QAn0gF7rrvXtHdEc9k +FQxgfASZH4RZuQENBDbjrmYQBACJ5res4tXRZj36s7P4KZWUf0YC8mtLxxeNEXe5 +ckAtn8gMfcSQJ4Mei4O1EBvrKZ9Dz28Emv0FmDd66DUd4ybRIk1PN8kWry9UuGLA +f/VBAkMIyXhYCEnB7wRsNj4kF5DhYiytep2wekPocZO2GAUoIyY2yMNb2m2g2K8U +nK2QBwADBQP+Ixih3o+++i02Xwi4wOe7aro2xSeBmH9b8nEaJ8v8RVLRO0AgoR4G +LzKeTOfv57FU48tlY7sxth6FOxeJaQkS1nD1LRpb3GUDZr7qM/yOGYp0WhdRgGW+ +c0eYa32g5ajq2zn3+H1L4yrmRSZM4nmZ5ZXe9ijkGs0UNYqmi0gBYxqIRgQYEQIA +BgUCNuOuZgAKCRA72+2xd3++00nRAKCX6f3/mVnEreWCgorUdZh8hg1LEgCg7FUW +Ctn3HWOwgOwxxKzOs/rQm+CZAaIENuOvBBEEAMUtk4AJiXP3jaKpIhbi3B73S2SZ +67rKzBkicjelpwWk6LndsCrbLsIWsDf8fNtih0r9As+2arfApkNlwuCGq1ZlPGGG +Ef18OqPxFvnghVEbDdcosP4bIm3k6G2sgFbMl68xAGnTtkS5Gfz43uTuznPzdZnG +bIjP0uBmPfZk6GW7AKDhi4htuxr3Y+ud9lx1bWM9KqUtAwQAiRYHm605RZVBkdzl +fYx1Iwgn/l8Chq3MsPrfBMslapBnq1an2/nEQPmuIde9C6ALN1t03DHpKonx2Xgj +YVz8pgty2FU7txSSm2EE+975dXp3ov4TfD1KxksOl770PAzixLfNhPW1q4A2cEru +GgO74qEX3/fAa1J0nRKDgmA/mgYD/2TSZKCaFHoc3IHQnkygmGzzZNpVZV2+1kIB +8Z2hNo9V81PYpzlYV8SlG51ajW1G3ePcti7JOIP6MquNUbYR4TOzZy1Dq4+VqqZC +B6fOeIKL40IKKAoMMDYFNLp9zcT+s6+6DTPH27eE1WEt+NQjBgr2ofC/4iAU/nmA +Ymo4xn7YtCtTaWVycmEgVGVzdCAoZGVtbyBrZXkpIDxzaWVycmFAZXhhbXBsZS5u +ZXQ+iFUEExECABUFAjbjrwQDCwoDAxUDAgMWAgECF4AACgkQpeZ/f6OuPqGvfwCg +oevUn2afCdW1bLwbcRs5kYrM1GwAn04Y4r15A7ytYdO2PaxSkSJ4gn5NuQENBDbj +r4AQBAC4cckdPiWgQNkGvAm3q8FxzRLog68/jffvj8Mvt++XQ4NikO0VJ8ezYkVd ++vG3v5RoHTISynmMWZZjT56aFDSDZPOkQs2G0qZgAEgTpzCUBdlnUC8ZrHSTSQjC +n7HtR2cpYCCUBliPtatDvS3Me1XdRfBhXib04TB0ci6DrzFQkwADBQQAje0R1INm +9GkZKAzTECi+lVei7wbXkn4JF6n9r1KL5oULVF8aGHNEJ1Twj7kuq2kacYjc/Di4 +KdESRTZN9szlZnNruvAd9JKHIgbeysene3yRhy+YFaqXm1MtWCdwwaDiDoHDASpl +55RtuCKxz6uW77qhrZ8E6GRDrhI92R88DbmIRgQYEQIABgUCNuOvgAAKCRCl5n9/ +o64+oWsJAJ0XijmoDUP1Iu6lhsSlmGOiNO/l4QCff5G6w6Vkq8d86Ev2IwS9Wf4u +NmaZAaIENuOwChEEAJDhTfBph5G51alEDUaIfFvD0K+oXDXqDB7hDg3stVIpZR99 +d2bo/dPOuVWorwXFBDJeK0c7iJEQrMWKlxdqbRGkH8paFSnL5XWo4xMjknqnJzYu +3gb734ioFHTC4WDM2/voTGuFpLw+eirW+wl12wusHpnNkWxMEIWt2HoGTerfAKD3 +JUBraePb8gHKnXFzyEu8RLp3swP/XaAKje+NAYeqhcAqxv2SEPUj8EMgtX7SDkky +Dv8wuRfcNwMAt4XwHYnnM3bpUwWj2JcDGE9rsNna/HuFAjz/2lrhUKncH0Cywvjh +Ytt1t92j0cPZaeR3pY8R/bm8Ns20tiP7uxVlj+szI2Pf5KiUHhiWHJ2RTXGE2pUm +T6UFhc0D/juyZvINKwkbUSSwpKvsoi15d6e4Wx5PZ2mArT5y+ULitBx4WKIsXV6U +VVaEBNaBe63k9cFGdPEba/HflSd76kLmcSdy+Fr73d3TMIrmwAKMVdKjRAEc3l87 +YaPd2/LdT+TWzCQw33EotexJ7yZzZA2SJx27/jyIgXkWtwvn5UCMtClUYW5nbyBU +ZXN0IChkZW1vIGtleSkgPHRhbmdvQGV4YW1wbGUubmV0PohVBBMRAgAVBQI247AK +AwsKAwMVAwIDFgIBAheAAAoJEFjLmkyFqB84JOIAni+c3CDhA3k2Pp2CWgBSFcsT +A59CAJ4gy1+t/Pwk/095y1T6g3rwRbE0zbkBDQQ247CeEAQAnr0w2OcvlUX7E8u2 +C8dJGIj7wRU5qDazxh0tw55/ybJ3/KyhCFfsr2dZ2E7Zw6Yvc1u3WTTf82nH4S+/ +IJFSI+qBi3TrcwVtt8Xa3Po7cIzNvS0bBhqfmOOXJc4ihUlADR2Jukm/QC+f6bO8 +IZBDWr/7LnT4SwEPhPoZNMFb63sAAwYEAJ2kiP3e1zM+zEo2i2jkOny1Igyn0sRi +uw0OXQ9B656zp02G5qtDN+IXhgLdfQqgqyWckP4BLDJ4NtQoEM/Mr2/7oj3h01Xp +bU86R1QFQOXmoWw3q7yqEWIwfOBqClSF0A14sXdjQwadyabTFsW4m8Zn5jLW+1sH +4PrVjHoNEz4CiEYEGBECAAYFAjbjsJ4ACgkQWMuaTIWoHzgImwCfYJ4NGyH/snAB +xoxryuVciL3Cyu8AoMtIZ222A8al4XK0DrQqJAnIZlF+mQGiBDbjsakRBADettZo +8gTOTr1nJXbk5sJfuVSQaMmbgLpZpMs3Q7C+gAX0XX+Q/vcuHp+wV2Nq0S4v+w5K ++sxDF4A8UDf+q+GmNKMA5U27hkcDQvE48EYUghcdWKjWeFwmmJOb0KMoatdeh4iP +T4j8ocGw+i0z6o/e0y0OVWsUvIqp4iZP3UlnOwCggOq5GfPJMq3K3cND3nU7GOR8 +e1EEAMcgH09o68Hbjbwpw+ejPuKwVFa37COX/65FF8PONeleq7Mr3Y8yKqbLIsIW +DaxrlflpbyMz/ShuDdNU8gh+msfwh0+RNzdEPmpJCCVJOdZO46cudgbyAQriH7Py +sSbi7AbmpnMl7kQruhAZWXLtnH1e1kKovB43a3ph8wF4kotyA/45A8bLKEmJvpq/ +amY6VjDnGsxkDjjw2OoVbt8sLdGjpganj3fvy5KRhWeWLKhmtq44tH97m4YDmGCH +Va/Iic4aDPMMvUPWdaY5DyCeerVOb3JN1qLC7o5x2HBt8RE7cXnPJl5VKxc4qzys +5bqQEYYt2dP4cJqKk3OjjCbl6TJ+8bQtVW5pZm9ybSBUZXN0IChkZW1vIGtleSkg +PHVuaWZvcm1AZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjsakDCwoDAxUDAgMWAgEC +F4AACgkQqUwPdWUyRNYzWwCeMxscN9idLHgH2DP2U6tP0tNR0T0An3lfFgidO+z8 +ZeHXzuOM9TAS+jz6uQENBDbjscMQBAC1u+09NP46dPnn6RJtczL3LEroyrcPmHOk +3FbiNfJ8YMnFBeST+U++chi/kKzm+N4y8TZE8sHwGqnkeIBtJX2YmQJFhKi2RR9A +tVn2HV1ZTBYT1q/P7MpZTPMI9EODlCEPJTvX+MdtP8xh0Gsj1i1wujQOJAiXdrqs +Pxen4Sch5wADBQP+NRROzLFq4kBUpgoTyvWzJl96Gdykf+O0AhbTlZ7ix9KtQLfx +Grqzgo0hwDjb2QzeWHfjVhaaaSc5UWNMuIQyHRcsj9x4n25XGE0HUyOVSD46IOAj +fZF+beXOa/NbYcR+zzORfXr1qyW2g4oV8LN4s4uV4dPamQ3l98Lkg8lhWCeIRgQY +EQIABgUCNuOxwwAKCRCpTA91ZTJE1s6YAJ9ZgYjqQ3rScmCwhc3Ihzt2ATANbwCd +FuVgvD2Yh8lsuiWswLDFrNsDk5WZAaIENuOzmhEEAKMDGobMDqPX3SKI3/W8m9Lm +NgtDUffHGHNd1npnGM8mSyVfWjEWoEg2GPMEmdX3/tvUUV7nTz02IJwZRVlrbEPd +W76eItMAY1NB43LpjQTrAR++mVAslulUY6a5V5nJKEc0IqOuxkW1LWavujX1JRvl +BZLeBkdpsVNuaGJtwUFfAKDfqoZUCcZxnO+dRMalHLfGOn7O4QP/apMk2mc+GJwp +KSxXBvoQkVcfuZBJmXJuUCc4BUUzHX0ZSKNbgxY/kVR1xN3krMgOCR6dEsGukIsg +VWRDj9to/+E6IIs6YKhG7fGcXKhE8z8mf3hDLcmjbCKDCSFBT7PI5TkLzlAEP1y2 +Rtin/Sa71unGZhNyEfAPW/d1dRcRVqMD/2WcTPUaIjRvAqmbxUpenRhg/mF5rwmH +l81VvVBbZCoZ35c0edEZKpfmyYbKuz7GhjEPz6O/UWGYZpK/7r6f4kFUrhO5atCl +nRyBkvmNmdfbtM5hd5jh3lgqAT7tk7ntPAIh8X8/qm5+Uab63kZwXCPiSR+iEwRp +42GbVL7F/b2rtCtWaWN0b3IgVGVzdCAoZGVtbyBrZXkpIDx2aWN0b3JAZXhhbXBs +ZS5vcmc+iFUEExECABUFAjbjs5oDCwoDAxUDAgMWAgECF4AACgkQR69LaWHwR4TM +SQCgwD4p9j1sDwR1+9bBrzNQzVIyzmsAoNL7pfcdW4Jou1XHNc6hv4MpsHtvuQEN +BDbjs74QBACHkUCB29pMkveMEZyNiKImizF5NZ/cv91Rj319k3xHf0NJWhQp/1G3 +8SxLkPLBdWcoB4mJRNjDyVsxFUXvRWFIMekwL0q1sHSWTcJwCpQs+LKKtPmD3LA3 +bhbuTSdpYgmKy21SH4epubqBzk/P0193mWXzHgSGLeUoTo3N7eBQ0wADBQP8C1Q3 +WGrBZNOmFVly0erclpQRv1qCa785yx/bj9ur2LxHwVozAEXh8jmoiKZyoAz7YFnp +29kR2qtVplH1oePNyFweZqIjtmZbiCaT4scUVZ/3LuYbxgMoUFeRoG4mnEVvUUh8 +mmZovMmZFrvp0uojcDsfYTx0VBr8waxgJrg2YguIRQQYEQIABgUCNuOzvgAKCRBH +r0tpYfBHhFPdAKCcyVECIa28vmUPgZ2jkXQoQ/nNkQCUDpGL1aZn1eKrDlHcGyD4 +CzywnpkBogQ247Q0EQQAvVX9TJEynPJEsX3X2fGPPDiQK+oB7D1INI9bfID5NKto +o8qybivOLo85i5m7RUiEyhX3E9lUg9buKmtIhas0sJ8sLURmCndIKtXjIWg3Kd0p +mjE8q2zyd7ChQ3ffJ20875wNbR4GQhSO1WTuxwRoL53ft+9JTULJxkQRf71Azm8A +oJZQYphKeLWrLtFjb2WKbYxst54tBACS7C/Vu40euIevp2TZHTtY0U+ObFvJr8jD +rdQZMkUFSuhti7rfO/bf7qTwmCvv6IVmn905ACh9bnKwZvcR5T1yR2b6CAN267fz +riZhu6/FG+9Ddr62ZnV2rP8Oa7uxAXCnoovaafKYupopvHV0z0tUf2+wasrQdHZT +vc0pfY+56AP/WOVJ0KGzP6k9bYjYSRJ1MJb70wdVFiHdlIlEd5P3jQsXOyHVMrWp +6qH10sQLto8gweWJr9aHem0QjTNSTVpzp6laBHf7tnLEwCJGeX5f5BOh87akRjwf +h9J9zW+DBrtpqS6vjlDYU5y6RGbGRl6ndtXhV5FpE4cbLax/pGFWEq20K1doaXNr +eSBUZXN0IChkZW1vIGtleSkgPHdoaXNreUBleGFtcGxlLm5ldD6IVQQTEQIAFQUC +NuO0NAMLCgMDFQMCAxYCAQIXgAAKCRDe8Pe47Gfb3qJqAJ9MbluIqs8qjd1lOkj5 +8xC5K482bACgjeYJadH5StXmbJMGw2ZD29yevzO5AQ0ENuO0VhAEAM9X7EMxDw3O +SqgnI76WuIBSsI0gF/UptzpT8g8AY6gQPVhU9fgQHbu7cr8SZFV3dyUVLTzkNq7m +sUivd3/Fecuf77CpKBCrQlzst+UykiPQ/bT3+gq3owGi9MBCfeU2l5yZZ3yjGIqg +8/XnxmCbuItw69FNyz7+nQoDM28ci9B3AAMFA/wJBLjxXXqWFY5JdXq7ck66Qx5Y +HDpPH7szUKrIGKGZHxk2UXoU8G9WRfQ0VVQfaomfnKvo+bFDFJGcLfIITI8FrjzG +oh2K3PKcxsQiQ1SsVlMT3XmuvST0yvDM8a4t9o+2v8yLLgEjR2dn/lTiGjE/ANun +Ro9TBGpvz5P085NmzohGBBgRAgAGBQI247RWAAoJEN7w97jsZ9ve/yAAn18Lg2NX +AdY6HW0LEurh0Xcv8zlWAJ9ePiLMYxpoW5nv4g4nuOAWoL/KLJkBogQ247TcEQQA +rUqUbiVTMxJhp8bA4vMXAzCuLjys4A44DE+uRFb9AGsZTmw/FTPETO7iU/3frlyY +yTgIvI2zDF1SwHXG06KF3yIu8LF6OCM0N0k7KnKpw8M2tkPiT+D8ANrHU5d178ev +zm40PyNDyKxSGNlIG1N4MIKFtNdMlahLvu91kG04WesAoLPa5zISvsX+Ew95M1o4 +Qti8iYHbA/4wr+eYRywP35eb/F5V9bOLWhWmEDzw4KHXQ7V+OJ7JD5n44S5KLPKw +IogohDlPmrxDTAJ/YAukApUItd30kr0Uq34QgFktAsqgCP7C5KEM1TTxU25Tcs4o +jUHoDyMj14ECuiTCP0ZFRKUivopgjgRhFTKXVVWTySkQ0g9SDaITSgP/a0FyXMQU +YJjuB7GA6r4U6QnIHsxS5xrQgkshb4tp2MVWMhqlhsfOLaj1WZ+oe0DxKw0O3YKT +H/EAzmNelKcMbtTcilLaIdI5l+Ylam/bZe7QvbN2s72Kn2PZjtYqO3Uzqw14bqAJ +Rl0ekleMdZRMMzAsour+iNVPHnlodXnQ2gy0J1hSYXkgVGVzdCAoZGVtbyBrZXkp +IDx4cmF5QGV4YW1wbGUubmV0PohVBBMRAgAVBQI247TcAwsKAwMVAwIDFgIBAheA +AAoJEIl5psVWf7NKt08An0PRqhiMzF+L37DyvcaVl+0zSrmbAJ0fL+8D5Frcp1m3 +YtBMpo+j5dsieLkBDQQ247UFEAQAxuGlBvqoDkxhIDgFZzdHJO+gJym94zgSGHkB +mBIBf5Q2G2O3zkN7SIENI16yg9cxy7zkTbBu9PMgzUe/UuQov9Z6YXKzTj1jLozr +GdljKOcW5YRvlibo7eKXDUkSvT+X6J1BOIVexl05Y4Ncmf7otNDre29QfK8gGBO/ +bdQd7L8ABAsD/R4Nq/JQav4/7d5ETuMZddPAxV4kCnY+7F7oJgHDKJheJxt49rNt +fXSxBZUsJ9P6Xhr46fCRT33DD1P8RyUmmS3/dJl7H/qR3A1rox4FQPWAuk4WGhsf +SXvlZnFWKJhC8TZzFisjiXjw1OFYiF4TArxj9D7d/cHEKIi43rtefpf+iEYEGBEC +AAYFAjbjtQUACgkQiXmmxVZ/s0rskACeKGRhY+fGFtaL1JQxoHdDPRJ+wu8AmwQa +u+u5pPZc9UrBr0UV+pGPpY+emQGiBDbjtVERBADdUAZzhP6+69VdyRrgRNotouUv +XE6I8h0kxZFZZDrQJmpZcNWkUHDqgbYDJ9RmIeEuWZNmyzPxSFcvD9RGw9KmIZu2 +kZYqIuzg4KqOyU3SUfNycarEZYJkmLEyBlrkNxZkmPCp1cRsMKGCbhQs//v6Iq8h +6dNA2EWgJev0y12gcwCguk0KZIqVO7UfkaVaZhMr0Cd1at8D/juKnRViDMi9SEjS +JZwb3mw1+yECnM8vrM+AoGoAKiCz/n8N9Gf2DTsFy4yKEskPQ8s09Wc5epBFo3gN +ruMu4kDnde0uCmiDEbTwzpdSKZO5x9yi+7b39uCNkgoDlzwonaXNdIn2NnFKjL47 +TnV/vKFdtSZgLW902vwYGTr1ArL/BACIcx9TdxsJ9NMyaKD7MEcKQeOrOqv/Mq1H +xFPkDBI4hTZpQiId1XTxqkJ6UHDw9sR/TvtO5YKrZjINkmaBZFiHlx1oyB0B3u6X +UVLXIc9liyFyh9aOBdQkdHgjyI8Kzk6Z0ejYcre5TY4zfplAZKkUDlY3U0Sb0a0x +IGhgo3YRELQrWWFua2VlIFRlc3QgKGRlbW8ga2V5KSA8eWFua2VlQGV4YW1wbGUu +bmV0PohVBBMRAgAVBQI247VRAwsKAwMVAwIDFgIBAheAAAoJEJ7vNM1LEbJfSQQA +oJRRe9UHKHiX2iFczXq6nrvr0NhLAJ99W/I5b2/2QQ01we8i1mcSYPWj47kBDQQ2 +47VnEAQAmuK5RcS0zTyXp6SjW2+WeQIpJnJDflL0+iBe//3SADv01qUmw3jWMAux +G+CcCApksl122V9npEHiLC4Q2A69roLRsbxKBPebustfadLJoVYqPsvjnrBlafe5 +GcrFPnKbE0wV6ZXx/Tp/eSDiQlid4lWz5J+z/mN7KhHANzoRAbsAAwYEAJO5fkCS +dNwkisFXzeKslWxm9Yoe1TOouiSV11hex0j94Hpz5wGWEXF7z+FbDq+4V0UqGkKx +aERsl6HMWNkImj57N/9h1C1YDfiKTimg5tZpKmehXtldpWGCNDZrE0RasrFCKENV +hFMhpc4kAnx6rbA0+LhRvJkvkdxY7pKU//aZiEYEGBECAAYFAjbjtWcACgkQnu80 +zUsRsl/0XACfffuI4IS7cgh0PNghr/0v3L/NhncAoJNwutmN7kkv9n/oPqkByzLx +vZt4mQGiBDbjtcsRBACBDJOGX9C/xxCVZNP6OHz6cL5vM3PimUAhV+9HAVVPQViT +nFKrkYPSQyRfWzjOU8RO1Tp5CHz747oOb6j9P74yH1uy78yFg4UuhXBWinhuCKKq +4IIWwJkCKBFr1U8fu8a6Y6NcjqiDA0KmGRJrMPmXenXkJpFGHG78rUvNi9IMfwCg +ugzNILh/3XZCZU+BUPYeXL+nUAEEAIDXZhj1vFXHgi9lmijKDjJocEBoamN/taQy +6Ox1RRD6HtfAPY5TER1n7xm9hMzE+Ov1IKpH/E872Rha1qu1v7eOa6eTuNWF0Nvm +SR955freRsNuR8JNIb6StI2ER9pzBUfjykC9pg2wPeC7wpQJIF9TF+Ja1BvG2I+h +a2xJ786AA/sHEUvAOsc58YbPlbIPyp2JdEHvXTRT2NISVRuTMQsg8vV99nMYR2CU +h270uPyy2xZaD/kYcJ9/1ngY7C9pbbNWoV70PkEMO/qj67OIViWVPzUhIdURorbp +Ghuc3oBzUxOgial7IbISPRItDgg2oZoY4hqyQNx8Cj2ZZAzDpM2vCrQnWnVsdSBU +ZXN0IChkZW1vIGtleSkgPHp1bHVAZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjtcsD +CwoDAxUDAgMWAgECF4AACgkQa8R3gFSs0kZA6wCeJUyRzuFbsZ0uQulvpgOIRTLT +KscAoLd3InVEj20peTUQ5b2NOimSXnKxuQENBDbjtfIQBADMfPDBQoMzv52Mmjb8 +SdaYKKNzqDd9K1oY2hcMSi+LcHag+KJFOyKBf3SoHmcU/vCEN+LyTgljYSKDmEf4 +wZ2+eLfqFgSdBJp2xm55ih+9CHXg3dXx9SbHiGJCIxfJaIsnNz3VmJGPDDjBlaf/ +hjl/7SZvR+MJpVLFPGjj7uOhTwADBQP/Sgv0abeCXVdVXwGEmhdV0VDo833IQRdR +u1yt+QLnWRMGTY1oQapsH6QLwYSZfDJlxbsBA3tfqKStpRSbdGNNTsK+RIehsGdd +i3sWGplRGm5Xt5KpkY/mc/tLFaYJNMqAgfWQcKlZHBp7EoWMgiRiDJUWq0TH1wRD +oPaRc+H5GdqIRgQYEQIABgUCNuO18gAKCRBrxHeAVKzSRn1jAKC5Gp5sHM9sWdZe +M6qfu54F2OwMQACfTjYXfpMApAROPkjhhFNqH0d8x5E= +=1N8S +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/openpgp/pubring.asc b/tests/openpgp/pubring.asc new file mode 100644 index 000000000..a091e0e63 --- /dev/null +++ b/tests/openpgp/pubring.asc @@ -0,0 +1,720 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.3.5-cvs (GNU/Linux) + +mQGiBD/yNQgRBAC/KSfe6uVfDgA3BrGpNLhVxT/ytwXMpBI8pEdTiY0jWnYrb/Yu +8wtCeZ9GAux/ZA/ted+7pdibHXfX5PzDfgUTZwrIJa57OUpWwI878AzZxNsnVv1I +P6ufGyESKME4PUQO5heKhwAb0gQwFwArS3v4oeYrEljhJ79kpt319JEAEwCg+hTk +nylYwYGT/PEVQ4JlLPoWmqUEAJn1HX1Od5tyoK4OEAM5G+wHz3SBj4FMonZNWs1I +t03JKHoM5ulQ2FgEWmBVIPTKSDm/jQXPYApz5DpxpoGYbTCaEo6zfE32AEzoXDmG +AZE90Xhq/wcEN+JcHpHytAA/n+hYaR3sYegQ52mWMR+vdd99KO0V0jLRcckgBA7Z +2jlFA/98cyy2nYt0QI5Tf+t/d4WBeib2yNWVtZH/j7XpDqHLZDgVAYkazCA6ZF7B +vLddBEqVAh1X5tqua4AXX9L4SGYb7B0LRV72alhYiWWHez126KjVgwRTUxtEJ4En +HmYJRReLlXosPIRhXSz7HFAqalPXJ0DvC9kzTQnnjPOylyMPTbQjVGVzdCBvbmUg +KHBwPWRlZikgPG9uZUBleGFtcGxlLmNvbT6IWgQTEQIAGgUCP/I1CAIbAwILAgMV +AgMDFgIBAh4BAheAAAoJEA73cJbXTF8iUO4AnA8wHb3erMrfWV3ij0d/cEiSJAYF +AJ9fcbShgTXDN1dIVZvLSW5E93TfC4haBBMRAgAaBQI/8jUIAhsDAgsCAxUCAwMW +AgECHgECF4AACgkQDvdwltdMXyJQ7gCfcOplS9yv3a1gj4TCPiNybMWs0owAnjJh +NmPvm3h3taFS/VaO0OAmSQCbuQENBD/yNQ0QBADoAktaeO83HXnNFL1QtKYXsGpR +1FOn+5rpVq9I9GWNUVNCDj9fBwHk+yDXMD3FGlLwvSmHp15mG7ztYu7DTVAjrClG +psIPqEjTHGzNwMDcMZYIE8iUtTelsyF+zI0S1JVKrWy0YTwxpQpbbesngI0tKWU+ +uOkwDWgQ4kSIJPeAAwADBQP/Rodl9UsvuCKf0bTCQz2TmPmOrFlDezojNgZHVJgi +zpmjlX4K7BHrynUgQY9KFVjfNVNNou40M4YQCN7WTBSZj/4ZRewJUuR0mi49vrdZ +xwCisu9EIbJCDUeNQgr/bBwHOYDdVq2OTQ6XiNdhpqrFjD0FT1B7E03tELE+l2x8 +7wuISQQYEQIACQUCP/I1DQIbDAAKCRAO93CW10xfInB4AKDKD5BulHRXb04ynP6Y +Wel6I2g3fQCgqJEJLoUNcIF3tp2jF2jBr80WmM2ZAaIEP/JSaxEEAKxxqlg9Kz9D +Z/3N52BC0w+JtYKke39vpdWVDHR3MHmMJ/31Y2iSpm0fvRs3h1j9/fBVmLOZglNQ +yH62SxdJyZwCelkZzfUy/qLm9Qaqi7wpg0p4EbmWdoFF/A1Zg/MU7D5w5xu+EA1J +77Z6QyALN9rIOXZ7rLLa64lw/MV4LdIPAKC449htJbbp5rkJHvBDs4YxEIkk5wP/ +X4hPGlIw5PlHrsG7hdahhTudV5hRGlvosnwsrYJXvKAQLAV1EV26SIYUH5pM/ycX +rG25dqVoG56uQqnhBdUqo4iSnsxY3ZMA46D14REc9P//CGvJ/j2Z41gw8u8oB7rS +50djvoaWb5myj7bhacTBdfah3U8dVXcIi1ZFvtiaGAYD+gIF7eNIdpaYiB0427un +4ggc26+Y9nkF93DaMnZEaYSeum6g/g7D1vwINFgQkMYEWi4DK3W+uH0E/n8o20wS +2wvMrbeYaQm5v6ucd001wwFDY6AdwpwP7UCLQcu6qqvwNHdxWYK6+gIsSufLmeMG +rsvC0WQqYeu1GfGpHIMCZJlZtCJUZXN0IHR3byAobm8gcHApIDx0d29AZXhhbXBs +ZS5jb20+iF8EExECAB8FAj/yUmsCGwMHCwkIBwMCAQMVAgMDFgIBAh4BAheAAAoJ +EJc9UOHED97PgEMAn0F8RGDrnmXv7rqM2+pic2oDz1kpAJ0SWPHxdjJHWzoGMrHq +ocAy/3wFi7kBDQQ/8lJvEAQAzNix+drHTYCMxS8NiUZNpVTGnWfzMjxCqVyZYt9C +Em7A4JcfSbgRUppqKunwreuDmmNGFc1W+lT1oLfvJaDi/oQ/oubgIcq0EZ5gOUyd +aj961PV3ltNmaaUSZsJ6jRxaa0FB1cgx6EVB88gR6JB4mAM4KV+Ct/f9QzPv2TMS +8qsAAwYD/jdzptnsiJ124yTW5ewhvUVpmDGuT9CuA3ggW65bjOhfravX5rfHMCXL +PXMNXFgpA012vghVwun/ekkj7/rxapZmlE28YpSDj8Pwn/lkqNAjy466My+wUeoC +gg7mEg/75is2ogKzx1L52nay7BGmfS415m7BBjWHsiUA6KRtFXt1iEkEGBECAAkF +Aj/yUm8CGwwACgkQlz1Q4cQP3s8svgCgmWcpVwvtDN3nAVT1dMFTvCz0hfwAoI4V +szJBesG/8GyLW+e2E+LiQXVqmIwEP/JTvQEEAKhSVnbs5Ndf5tAHPyv5mm9JM869 +1FKK9W5MYeL3MSRzk2Rd2vWOrdVlKcJTl3gjZGPfLUWFIOgONMBYJCs/+I3Tmog7 +R1tmzqq7yZif8B/+c3Zg6bYbudyRIF1Cj//o9nX672E2WMctptdQwOvECvYj0gZp +LIJRTEBNiCWrcBABAAkBAbQmVGVzdCB0aHJlZSAobm8gcHApIDx0aHJlZUBleGFt +cGxlLmNvbT6ItQQTAQIAHwUCP/JTvQIbAwcLCQgHAwIBAxUCAwMWAgECHgECF4AA +CgkQ0SC2Juyr9R1qQwP/bCDX1WGk1u0zkKJWJ/VXnuH3jk6ZevkuHZICwjlqAxv1 +de5P3Jeya/4kPmEQTotEv3xcDAZ+9pBL3TrZolAKhxkBZ08l4QSy76kyf8hB0eoZ +2Svs7LrGPBJr6CHX0kyDiapHgAhBKQq9GhNKpIAZuL6DK2dOaQDtoRSW2iB1h4mZ +AaIENuOOnhEEALZlsUNfTCYkjzIsNhB0iJl4C4cuZ/IeypdosZQxm1aIC+f+E2ly +3BqGbMqbmheKcdS9SQs5DSzys6W7XmeHDhrNzfStM/UuwiSfnM5E2cV2BgLpErKE +56Kb/rf7/Ia12dObj2VV9oKrCwSYEISRdp5YMar6J7Vvz0nz1Pqf8mq7AKChCSNV +5UYb4H9LMnr7KJ90dZBWRwP9FcPItdfj5YcY/Zp63nVeUqiNYbCxmZz0s89iHBT9 +FxQ7tx7VBBvRcWVRUUGFjQlCkz+3L+Q2L5oZYXOKBtD4cBZmRS8Dz5UgBWd436n5 +IeEYjItNcqkBhOrjoDC+WVnkKm9/TYKn/5bVpXIDSqcFYzJ4jFeZH0c6LqXHGfly +NqMD/1Vm585daoJeQG/Pg7LdDkVuNBDT/63LysOfw5NqI+LjUXJScSLos76rIFLT +0WOdmP74+RxFxdb31I3GYQlFjsy40e3nAi8QfaM0Q4n2WzPNkUENu7CyNccrfn6U +9sYTLr3EI/bqIRp/KwoptFcmETUL62TxKcr4abrayK+Yr/lqtClBbHBoYSBUZXN0 +IChkZW1vIGtleSkgPGFscGhhQGV4YW1wbGUubmV0PohdBBMRAgAVBQI2446eAwsK +AwMVAwIDFgIBAheAABIJEC1yfMdoaXc0B2VHUEcAAQE5eACggS5kaZb//GX0qnqe +SI6hALml71sAoJejRM0/v1nsD0xnMGWPqS5MnC79tBBBbGljZSAoZGVtbyBrZXkp +iF0EExECABUFAjbjtqsDCwoDAxUDAgMWAgECF4AAEgkQLXJ8x2hpdzQHZUdQRwAB +ASeMAJ9MeUVrago5Jc6PdwdeN5OMwby37QCghW65cZTQlD1bBlIq/QM8bz9AN4G0 +J0FsZmEgVGVzdCAoZGVtbyBrZXkpIDxhbGZhQGV4YW1wbGUubmV0PohdBBMRAgAV +BQI247hYAwsKAwMVAwIDFgIBAheAABIJEC1yfMdoaXc0B2VHUEcAAQG3wgCgk/Br +qP5WblWLc2+6jwlmuLg8n8MAn12puZol0HwV0mcd8aHWtcrfL8lyuQENBDbjjw8Q +BACcjdcfV/S7I319mfDvbOwczDvTqDsRbb2cPhQNAbg7NFlWJKtRrmff14jtCt9M +77WZ5W+zTLwX8+8Wy3mMfrys8ucZKtfPixOXVPhyinUUGSq68IArA8vLSUTuOO0L +Ii05LAg6jzGhN9jgkQReZyqxub4oe/3JhIX9grgJ/tsjNwADBwP9GeXmMrGi5wMD +3qkPbzb1MqwsVBJq75eLLxu85JIN2XIAGw6Q0FJp4o7d4BAQqAMzt3ONU1OcCWlD +QRDxj1nynE5ZgRBiVoyudEELgNnYhp3MSEuUg7PkFWn+N+GuvyhVUHApleyvP09k +vP57hif6yJRS+V6L1ugP0vZmBI4dqQ+ITgQYEQIABgUCNuOPDwASCRAtcnzHaGl3 +NAdlR1BHAAEBIKkAn3A15g/LjVXSoPwvb6iNyUp3apJ7AJ0cc1Xh4v4ie9zgirbx +ax21fRqIKpkBogQ245BnEQQAvwwkLp4Dtoie4/fvandnK4wVPCvgJkIbNuyQZCar +QGwv8RapBwbANT4vGW+ky2vzgptj21xYjOcdNMIhJ1Sjc7hjs1PLhwepMFrS4/Pl +e1TljpEgxLZ5UxertMvSTr7OxsA76jjOQt0B+y2vs5zXgLtedux4+pdFxkgM8r6f +jZMAoJ5LVNdVRaSkiHaKZWQWsjfTs0/LA/wMHP/PdH4kjFmDRqOPp+iB8YYwQTPZ +S/gwHtUbQhLcFEljaxrCMRZw0ZDMbzKWk+BrrBvgz4Wk3XawwUshYgi8SgwWIDG0 +jusEPYOs1hBIdWTEzFVP2pK/NQzhAqJV5/390OLEY8SN4bts/LY1XsADzU7lhE0O +ohx6FanaZCuGgAQAn2zK53yuk7o8UrPdTHygVn2McsPYYzOvlVfHCSXQ14oXjCs1 +nK1XnMIGGM7pJjYpzv/wUZkHLNcHX4uVHXxyzRQ4oMPekncmaR8fu/YIQ9zag5s2 +GpKESKAynGQCKwI4H5eYn+ryIgOHNS44UnXFUwbEsonP5pJNNRIM7VimNGm0LUNo +YXJsaWUgVGVzdCAoZGVtbyBrZXkpIDxjaGFybGllQGV4YW1wbGUubmV0PohdBBMR +AgAVBQI245BnAwsKAwMVAwIDFgIBAheAABIJEEE/SvMa/atsB2VHUEcAAQE+RACf +X3AwFwPu5+mr/f1Sa/Wv0m9T57gAn1TBIoUErMqJehQZu73N0u93fqSKuQENBDbj +kIIQBAChY8NSvu6sK0p4D0AVBsRz8iVXYqbRlRTZAHS4LCXwx/i8FmfdIXnaNLOo +yi44YruSCnlZdh4YWquCx2mgywG589AzcFhahmqElNbKb7m4F//EGIZK0zTgW13t +QwG9hTXOhYeqchnOOaDDwPEK1Gr+2o/5ANqhqrin0TFFBWLgdwADBwP/R009s61X +/FkUUAh8w4Tua6qndN/2GsqXsyPYjdF5E3gErK8jDcDLniOHqkswV17bJG81czCR +E5JcVFLLWQJg9cpeoTpP+YcF+m9whtswaOJ/LPrx888i/OmluSD81VP+6zBhhTUb +pazfLEdt3XczpW7CNdNbyiEcgT+6Cr+W2GaITgQYEQIABgUCNuOQggASCRBBP0rz +Gv2rbAdlR1BHAAEBta0AnA21IY9iNt6wtJN5HAoYDl99mIUOAJ9M8Loj5fIZq+Mc +mtodOBL9tII3Q5kBogQ245HNEQQAis7GTDqtEM6luop6eWsxFi9+qhUVp9N6S+xl +bwzQZVA4FjCqf1VR9JX8fwjLecmxT5xThQVcRqgeFVaCyky2Nge/FcFMPZQeaP5j +v5GRWc5PvH9Sw8pvGOTB56V4ZeR4cQLDBm5CF5tKu1BCWWq2MLHfct7TXe6QCzZK +cjzdw8sAoN9VvrKN+EbQC+THzdWaUWpdcfWnBACFWEyLVPTpI1jNsoCZ00F8Fau/ +2baXk8mdROlJZS6bq54ksfOQQzReBWce35h0W7NeBRp+yeoSf7Y3i0jTO4mrOiL/ +0NCcS8qKNnGKG1irdLes3pQhDZpcUe2G9W3FnGhxl6W5hpYc9550mUj2H3I5tmfS +YsVcVjpNSIdBizxE2AP/SI1t6q7LHMQp0h3MPQ2z7daMhUGViXnVl2+rKjb5T7bv +SFdV0iyyuyoqvUPBGWwJFLAxj6esHRlQ6W8togHuoJCR7cL2bK798mgYOExk5gBe +xq1VHQQZN1edK4LGo2ESKrCVtkYwBzAU76hYFKAbKMU8dMxI7DRdLjZ3vdQ3FNq0 +J0VjaG8gVGVzdCAoZGVtbyBrZXkpIDxlY2hvQGV4YW1wbGUubmV0PohdBBMRAgAV +BQI246R/AwsKAwMVAwIDFgIBAheAABIJEDGMH676720bB2VHUEcAAQFnAwCgs2ha +IgJu/UEpmCEnojO1zCoaBwwAmgPAlNY/PttAu6zYqTh2M9yn1DIXtA5FdmUgKGRl +bW8ga2V5KYhdBBMRAgAVBQI247gAAwsKAwMVAwIDFgIBAheAABIJEDGMH676720b +B2VHUEcAAQEg3QCeOMf0g3znbc8IBiTrIPUgUz9p3WoAoJ6eRZTZk7z+hTyx4JDc +eReQbYlGtBJFY2hlbG9uIChkZW1vIGtleSmIXQQTEQIAFQUCNuO4HwMLCgMDFQMC +AxYCAQIXgAASCRAxjB+u+u9tGwdlR1BHAAEBXqYAnjqVBua1ZFlSV1C2nhmc6m0/ +tkm1AJ9x5gxl8wCepQomIeTa0yG/AO8CHbkBDQQ245H/EAQAtKXtJo0R/yZii95r +m0k0TChnHe+/pfKbJeBrXAOoqjY94OudENscYFvkG9Yi/UnoiCT/CrhH4+r3z1Sm +RypEQH7I56W4TfM8+1kGtsvJJJqqIx6BiIecAA9zROqMftQ9lr58kplNSTrgEJRA +30QuQvYUq0AZDtE1Ali9sKrg79cAAwUEAJd07hrdkgrmEl6OEdnTWaQdrpKqhzo+ +5500Lu2VaItTrYGWMaK/8O/Nxsyye+T33UDEnek/hm8qvkIKWogb5ZlrXOa3Bd2Y +J8YlvZ9s1JUPjOnXp7myU+vwKn5+8i/b9LK/Cu5E6z6gDNJW+gwDMAZKTfKPmdPm +iKRuf4zrZ8LkiE4EGBECAAYFAjbjkf8AEgkQMYwfrvrvbRsHZUdQRwABAY+QAJ0R +/tZntf4hw50uZbV8rDnZduPwTACgj04QKUO5SXvC2K+tfpV1FMK9UymZAaIENuOS +0REEALm1DndAe3BcyRxeb6OTcIjGdSVz48jai9jlhP132niYgeeaDJlRD5itSRev +cFO2QaaNZeDxCFnD+1kTKrwRBZfvC53pUZElveZMBa9w/E0Z2q2ct5H4gRdbd93Z +5FU2mWMQgyjgXWf2Ykby2uoGfyh4SE382ku4d+htjGwJRpY/AKCkDxbBD4wcimHc +e9puf9ibv+HeIwP6AjQCmiR+zfGNxy4rNUoYacrST9cgvRiY7XnN7oM2Egu0Sldz +SXAXgl+KJtyoYg0jemGFSAn+MHas+kwKHKKj80drexc+vrqcSIIeVhp5wrNnu7jt +Xl1AklzjX4gxA80Shk0I5Hb8BaPvPNA5IhpZ/6pka3CCwOevHcDZzqwYqOUD/3W5 +KVAYahg69i3IaZKGMkJas271KVydcZX2YptY365nX7JPN3RN4gc75k/AciGXDKKg +xB4pfeS5iad6sNclXgKT/2VkftF4gSxBfRoXADnOYoR9gAkly1okV6cjJitv3q07 +0190JAHKqENXBVgsDTQq5YMnAfOB3ZuRl3Wo6e3AtCdHb2xmIFRlc3QgKGRlbW8g +a2V5KSA8Z29sZkBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOS0QMLCgMDFQMCAxYC +AQIXgAASCRAWhBCkj8KC5gdlR1BHAAEBIuMAn222gK7ibwOXzIKd/gZP09JC/3+e +AKCOelaqqYqNNbku0gA84+O7d1kMqrkBDQQ245L8EAQAtsGp/UnA1y4AqjewlkkT +OQevLwtzwm3pmLLjl2Y3TfGn8Ni0h8Wd27kV32MUZyTaNaZuDxpDEO2aUIpGWVQm +WvlqCFV2F0Z2AI8R4bx1tC2kD758hUvR+S2hn9lK7E1lQPuvec2LEml+uvVxW/Vm +4iDBgeMlIlz70MFC9LUnfpMAAwUD/At7Clo7D4dNk43BMvhQ8VgJ+INy37Dj8PHX +2sCZZ/tIfSwNIU3m2ygSVreTlDKo406v6Qmefs/m9dH9lsBE/8QL40Ek3SY6xV/Q +zTVN44QgnpRKWpfaMbGzWJVXeczlNkTeIZZo/nhDm+aMucMu/e7EKbG64BnrQk7L +z6LSKb2xiE4EGBECAAYFAjbjkvwAEgkQFoQQpI/CguYHZUdQRwABAffsAKCJwKTp +e9OoS/fhFdVKSF/4RwMc4wCfeSuo9zll5IkZrtF9FxWGblC1y/KZAaIENuOUsREE +AMhuJkVEGWoIw4JdMQJ2kmywkOcCamKv7J8ApfiGw5V3KB6l0DTvUCazysCkAFL9 +zb5O5qmVp3zD6LJCzgEq7Op5Ar9haPQMOrJjYszuolu8V3qcL8Y4aOIS5xNNKBjw +g4VJwFNOSztqUwaMcB1bNKOr7WmlYl5NLOnThQqFXX/TAKC44hpSv9wxVqFK6iIr +hN2i34JHXQQAq6dbJydQbYhoZio7ewJ+kKHOS1Z1ONSf0RIkCMorVBQLz1/n4qsw +8hN1Q/Kl/770y6YGQmL7xHQZUnzPCHAp9f0IeGsPSR87rykIPFnJb50PM6v+0VfS +e4f2kvyiIQySKRoYumH4343Uiny2GH690uE1SvcQ9GWtwB+/5a06lvID/36SlrvH +ycifZKh8mKyP4+MpLeUCgY97R46gr+xUG+BWPLcZzd3y8wbb2v7ZZEikbC6G4sY2 +VBhfrkEdXUwr9ONi8WemhFKq1MrcalHNOaQkgLxGVfG19h/+frpUsHcShM7NYdjb +0kwImeeM8yhoxzZhIrXQGjw//bucXQIqjxcRtClJbmRpYSBUZXN0IChkZW1vIGtl +eSkgPGluZGlhQGV4YW1wbGUubmV0PohdBBMRAgAVBQI245SxAwsKAwMVAwIDFgIB +AheAABIJEB/o/G8EJZZ3B2VHUEcAAQFaWACglWew3yvov2GRshLtfA51qtIsZYoA +oIRsA6DBoC53p0o8koTGftRHHpImuQENBDbjlRIQBACDDIJP3vJbFfyhJHeP4zSu +MhY+YsvxWqJ/NNCNxlMxE7kANgE94HrUfhrleKW2VhP/NG/YZzVudFCRoj9fkl31 +bWOb0/Kf4DRcJ+XdDv6at26YBUSZqGsE88fEhQ8AlTxxHMDhxNo+S73670QTsilN +9ra/e+q4vlKMLdPvdi7gOwADBQP9GKPXQ6oY0dlKDXGHxGcFoUR2miXpz9890G84 +yZAEm+R/OMQkxKb9HahLVUyVKCKPC4eVY24gsKJOEDy1Um0BXh6kym+zfej43r5G +dQqOjqywjTnD0b18YAsEhm7rizJECRLrZ1y7tAziqrmPeCl14e/S2u5U4I0XhP9V +s24HNfqITgQYEQIABgUCNuOVEgASCRAf6PxvBCWWdwdlR1BHAAEBCXgAoI5oimsZ +s8ZKmLb5sPB4AZzngCyzAJ9og9spt3EYXAB95XmfzqgJBRv04ZkBogQ245UlEQQA +nKdAaILozJ04V6Z+FIwQEY/aF4EFrJJIc+uewF7ukZl/7uUZqSxqmzZjbqigyMFG +ybJSMa6TpwN0BKG5CJe04R/mVCIRsz1Jx5YXezN3UFsNVNE36R8l8dxWG+wgj2m6 +0gu4VlodcpVMc/kRiSUgKUfg/xmPnRe3SJZSlG2lBm8AoNc/r5DW86om3MHWK8Ao +yhvVXhWvA/wOcjx6gfTTKftzpQBhOF0U0fC3npQC6bvjLjTBhQjC3WX5rfwJqMmr +udRbEO1sFqzTOQPtb9xatMeVqTcOi6+x2zfXes4nTfi9Lgq1z8HhE/LnktwxZxyP +eOXqXu9N023IyQTv7mC59C1xMZk4POOv9WZUGz4C85s2/9iTJCfkMwP+MRW0S9mH +misruCY6TDVFc12KIFMIPSmWav6gW6bCAA+wIHfmcSyR6MHiLV2gtJ0vQuqgyWfe +TiaxPof07dg9pZsV7Hk1ZUhEmloeOcfZmwtHkRhWGEbEsd89IWMDJlwNJ7Y9JZ3Q +vK7vB42bQVvyhdFQdEXH0slvlvsgKtCcaOa0J0tpbG8gVGVzdCAoZGVtbyBrZXkp +IDxraWxvQGV4YW1wbGUubmV0PohdBBMRAgAVBQI245UlAwsKAwMVAwIDFgIBAheA +ABIJEK0bD61DwtDHB2VHUEcAAQHVEgCfWTFa7EbAJLX6LsWnVwXPNkIfJwsAnAmr +5Ebu7H2xASainZXaYp2MFmaSuQENBDbjlUgQBAC5mWLT+9huzqHUeEX0du9EcUx4 ++ND31KTyH91PHs8jt5KowddiHQ9mCFyGVusxI+d6bF/AxsmuZ0r1Y3RaH0ElR7bJ +wfx+1RwZGjkJ0RKCJx7OIXpWDg9DP0WXG0SG+uXurxHrLs76PTdAAkpQbAF23njS +hnxhgqIO+BlRnGeh5wADBwP/VvZ9jMCe5atBleFdBDhw1XEwFUUodJwfbigVVu4R +YuAz+12AX4I/DZW3NtrzJJHUrzRVKCxB+zqfbDIJV34gjyUodNlP+l8gIVw8mUcq +ziB74k2fUhzEECKrRBE1bmEZM70p0nwwVatafYFunmTfaugDO4JqCiJ6UWjgxUVl +Ow2ITgQYEQIABgUCNuOVSAASCRCtGw+tQ8LQxwdlR1BHAAEBjv0An2hrfDXgptM2 +7LJjq12er/cxZPMRAJ490qYy08qnpp4h0ifShMyCiQnYg5kBogQ246LiEQQAip3H +OFHnnO3VmlQEctkpjVbn3knp2LOALCDz9L+fYxJeySNK2/uCWyCaAM1v4XJtuhkv +1G26UMIoPPz4DFFeUHwUk+AhDpX+/8dmuBypPbQ1eAJ+6tmja9W3lvrcMX1Bllle +SNKNW/4ilZPy4kEYmjK/KSV2Nuupuv9j5/S5g7cAoPiKn8fILCtj2Qlr/O7hCgDi +8x17A/9XkcS6grdYU/fIHQy8pEU5SN5DKuhCtyPs//KQyDA7jyCatXjOvGHRWa/L +O4tcntUKQ5bT2B4Fp1Au997owCgDXcsm5tx6wN00gYxAITX3LvJ5K1aK7wEkFAwi +yWrVkViU1Fazx/hlyFzAPzouiw7IDQziWp8M87wwgpvIVkKlvQP+MWAGeDVRa0Kv +ILUDyVrjCH0hUr6WVjYEIGGZ7Yl0lBmDlbNvE//O0aEcdNrbFQ8NjwPM+vKv10bj +PTXXrcW1F0BwfXrMxS4t1tYnbF4XfwuEsok4BBVxvGPLPeBGnYJNTwGBzehnd0mO +45nr6mBlS5gae6n4+WPV0jOUhNE4fny0KUJyYXZvIFRlc3QgKGRlbW8ga2V5KSA8 +YnJhdm9AZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjouIDCwoDAxUDAgMWAgECF4AA +EgkQ/hgLHanjsLIHZUdQRwABAfruAJ4iU4M5s1xsZiXa0wLnX4FBBl9abgCfflNp +wyEp6KEhKCPWwPRG9WJc0qi0DkJvYiAoZGVtbyBrZXkpiF0EExECABUFAjbjtzsD +CwoDAxUDAgMWAgECF4AAEgkQ/hgLHanjsLIHZUdQRwABARrhAKCK3IrzNqME6oA3 +RllOrx87OCIRggCfVkR+Nf6N59lS5j7jMXOuk799fQ65AQ0ENuOjBxAEAJVJ1fFR +aXPzUWOoeBHhvUS2aGZbz0Kamwd8qVLCVi8G1sH/LtMUh+8CvhkVum6p7Dom+2Mg +Rmhe+iVNbAdU8QWS4bQsBrTeiVpinMLpkEO4uRvT1G6QIPjN1jrHBsAxGw7NmC/n +3stle04ssueY7JOmyNEMvO1ay42CWbmt985PAAMHA/9LJVm8UR0RWfn91BOnt4C1 +d2ttkQzfv1y0InbrrdFtNl3nmUgF6/V9OcpCS8NNjZ7nzIhDgT43Ov32qD0LJ/p7 +c6EStNSoQE6G6wGB7j/sTkushUy+joAVT2qCfRKCye7/DDa3FXDdcSOovweCX7hD +/nthG8k576rb1h70svx5qIhOBBgRAgAGBQI246MHABIJEP4YCx2p47CyB2VHUEcA +AQEyuQCfaXpOx+srd2RwCfu55+7BpsWMW+QAoNSDRTeADM6hFI22edSk1XQL8ipU +mQGiBDbjo4cRBADeZztXPNYwpoIf6BfqepImZqhVd2qXuZBJnEvwaFoAl7er42pX +XLZhWIu7/gWODfcyNxsUKgMbeQ+nWO2jdcZQtt+gmRAGl1F5LbxsP6aRw43W7PAk +bmYgPY5tY/dhgFGP5puoV9mhijpFcK/cjeg6wNgmjuEsCv8BF5FX4/p2swCgwmgc +x88EpJF3/EDrTk4/8Xr6Z88EAL99JWgnl0w2TNiP9T3c5mtVdcYs32ntJH82TiQQ +0LR0A7zRY5ruojNZC9LsTht5K69AJakrDA/Fu5mr2xYoFJcW4b7rpeKUy/wYifeO +hYY5T2NDYvaZnQJXZ6O8lGLFgAxCmnZEN4IRFahKs/gAmG86d6fCvuSrohSZvQ+L +sr06BACFT4tjfuL6MZ0VhsClxeBPny2AM10+bDDM5eOl5ODLN9Nxf+SRu5AdIojz +2OqD9Jd55WobpUXGzTI+0g23636IuJuH7VGCF92nFwkjdIDblRoqYPAsJRkMiC4F +kRaeqF0DpgJacYSBnHdY3Yd7I+cvgkK7oBjzTiU/Zs5hZAeK8bQpRGVsdGEgVGVz +dCAoZGVtbyBrZXkpIDxkZWx0YUBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOjhwML +CgMDFQMCAxYCAQIXgAASCRDrqfJA653J5gdlR1BHAAEBriYAoJdBwMXGVRTFlfw1 +u4XimCRPVFRNAJ9WFXysx0ugWaIaLJ3tyNZQHWoARrkBDQQ246OqEAQAj7WdaOJj +zJNs2G8rvrDZvD/uaALQ9PtdvYAp/Drp7xMH5T62+KKTlKdO3s8IQBPiuFocJNir +5st/nm8Xl+gcOZOvtr45c/cl54fGO1gOjBZOfgbkdBVK/LMwuQWIebK4qCZnAOlD +LYNGVUguGLnEQBSfnhhkgh0WA0kqt7fYvpcAAwUD/3cOEqPlMdYeLnGEG4wPxtyV +IchwGOv0YRW5apbz2fdO7otj1AFUN5WzFw0A5+WHza1OIUhg50Zco6HnwKx6F+Lb +Z5aOc37EAvaFgPuMxBfkaWYagCof3jBF0CbTWUXV/D5/dFmIeuGTuUMNsGVH+OSM +W2hBN/7+aJK5LLHL+hzpiE4EGBECAAYFAjbjo6oAEgkQ66nyQOudyeYHZUdQRwAB +AXNNAKCaviZP/A83ammDnHvkTdxefqoHbwCfaE7+GAg+R/+tJLJ0DvZllz8xYzqZ +AaIENuOlJhEEAN1bOV3WXINYOoY9LMY6x6FfJNJrSk59VMtySkmkOkStyfyNLxwq +teRVSjAjtKVmE9GZgj7mmoZobkVnlUl3VN8paKFzs74kMegrfJqY6eHo4VAU9lQX +X5aUAaIVctz5Y4PNuA5IzL/zJcDqfTN76/d63mf0rOJvewMaPDkMyaJjAKCZTCeh ++qyQdW/VLq0ODTyZcAsoowQAhUbJ/2KPcHM1vR9VgZQ4tTTuepDdGk1A9oq09CkG +htGSdD9lJ3O6IAtwIH5Drrh/VwoYD46C2bQv9/XFSYpFbetP2XMy1wLLqRy50IjY +4eb+A5w/MqqOPmiekPzh+BHgF1ux6FPz66ubEWIr9sUUjp4LUvl50FBxEuztMXaN +jdIEAJ1fL3IeDqINMmHKy9HtS4tYT/Wz3KyKuFmA9vS/IgXAd9HMz3oBgg+ktmv+ +O+SsNrBPFgZ8YhmuPtTIZ4+7tEJ4VFVVfnkHp682/d8CpubBDUYdNftYcI10CQ/T +vJPFn/Cdm508DNDBGQR9nf1N1xxs6Ed8e9u/dE1DRXFta1BStC1Gb3h0cm90IFRl +c3QgKGRlbW8ga2V5KSA8Zm94dHJvdEBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOl +JgMLCgMDFQMCAxYCAQIXgAASCRDUv1fzc3LiQwdlR1BHAAEBdy0An2YZaL/VMei6 +H3kreYNoVYow3V9IAJ0XO2nYsUNoaaa7+LzaCr5rphfw+LkBDQQ246VQEAQA31Qj +2MGefTCoF0x+D+9UMxZ6RuBPzI6gzX1tzcUPWYy38NIq+lNYBg7hLFkUfn0uTsAm +33h2Q8z4/DGT7jmQWpoIg7yNTr6681L/gYo5FhhC+qERZ1iPMyfMwwD7rrz9bthU +GTqChV2h6NiPUPM7ic/D9rxJICXy8dsoj0dQ6dsAAwUD/0ggimQTUCGmNHHypor/ +GY0XAAL4Vy8jAsC0FH1UaqDVTrTDH1qWLRnS9uxEsOJIGSLMSdxC0FZEYq4jCm7C +YjTOHTHvvYDbhs9QhvW9r4VD2efbERFSEYMiH69ASQLGDp/O5kOZTgQOvl5oxzvs +rOMaRFSWcn66uUAMORmHKz1giE4EGBECAAYFAjbjpVAAEgkQ1L9X83Ny4kMHZUdQ +RwABAY75AKCVZupUbMXq9yw03M34RS9YT9MzKQCfUgFd+Fn89xqU4Owg/MQzYlLr +eUmZAaIENuOl2hEEAKeOL2pIdZ+zQtehxdL9l/uDBFSTuN9rLb8DgLiw8Z9j8U5C +EH/M38WzH1nHKKlZKjGVZYiyhRfAG83wvHnT83lq+Ad0lgaZTR4z6nrd5ViOlHPl +fqo4RPZPzPe+uF7EfDl792sJerXGAasLosmKnxKAyJyVjh7eZcjTS/hUhO9zAKDV +yLHJ/gQlMYk8vE5XYL7Pw4d28wP/VsKVkjlxsXpcrCQIoKeDXgKNVv9L+0Pebspz +r2WOah8iBN1QOkbtexIKCbb9mmviEnJU0FFx5MIw4mipvY4EpCaH3McGwJpCzWmd +zID8Z6oISUyKsuP7PXjmASbogV6Iqy2m/2RDtfbIlbwotfbiOT9Tr3IPbH+tHAZB +yMRyvxID/RN90WOPSpODxr9AH9btmeJD0BfNt99116+qdwvWrTofcbkBgzvB34vL +LDaMKVIyinxz2lYyC7aSpA3uzjZvoPvPrQJFLE0dx7DSkUTtWbQGByRabpyrXYdK +ZzsFXLb+LSTWwF3sQLax0C4cYT7OLPlxjDVq/A0jgztaZVWa37IYtClIb3RlbCBU +ZXN0IChkZW1vIGtleSkgPGhvdGVsQGV4YW1wbGUubmV0PohdBBMRAgAVBQI246Xa +AwsKAwMVAwIDFgIBAheAABIJEBPbllU0xuPxB2VHUEcAAQHs1ACgyFQrt3yZbUXj +lCnC2luf8R1K6o0An3j4ZVjoau0xsDzKtkd4PzNIB52uuQENBDbjph0QBADOk7pS +4JZak/26nkZWEs+hIIF9IgD0labkCnr+GNDmGJrsJxLwTjU+NoaXo+SHmWPaqRJQ +Frz3ZJfJAxioyoSr+Hv4Fbv6frZIJEy1g4dFhk8DiG+zR3uPOcZCUyyW3HupqahU +0/RcX7CzXAcuPJCXeoyeSsBDyUAk/6ODs/kerwADBwP8DrWpAtFexIWvsswGdpRJ +HSjr7j8cJ2Hy36acB5AEMCSd7kNM+LCrOqyOhh6RfokrvCT6ZuwlN39nDnkmSr3F +WbqcRSj8khs3tw+Uyp8ItqhL621vFn180I7dZM11bECv+YZlmIF/L3JNzFR+jmpO +DR99bLjQI0dpUqT6IhyS0bOITgQYEQIABgUCNuOmHQASCRAT25ZVNMbj8QdlR1BH +AAEBJmgAn1Pl0Ya/1IL4AnzJTrYWN9u75SN9AKCcqVnhi7qdg6qLmSBpGPG5qQ68 +/ZkBogQ246f/EQQAl65ub9rEKS7XsXwNkvGtj1K7gnql2H1bJ5GF9bGCWhWmB8WF +tsAy9XUeC3WbrcuWFgTsbtTfXZ5I7j7HSG6ukf6Ycusb+bA1IoT+GAQGWpFeWoXe +16wXZFl0pEc2iUnx9ThtoQF0fO5YlbvHJPEQ3kvoqcdb52WOOfOuCAJxc6sAoNqo +5w0YxgJ9jkj7J4cmR+OFUEKXA/wO0jrvYE7eiZeFUjGNiRotxzhTzh53rxtz2/DW +G3D+IBFOt4qqxxp3WCSNO5SnBZWUW50hDkhTxS7jSmsfPBmCinmQ6EF5FaFPyLQB +q0uKwhMaWficdrQS9syXFlPuzQ5jOS3kVAxOmtDd7CMTC8892dj02qzAE46QNNUI +91kZXAP+PINfoJ8hV2zvlGZ9tVlo+Lgsl1BOvxvEgmYV14gyTmMWga5sNq7TdMdW +i8Fz0Vy7sI4S+RMJ96rMws2iTzWLi2jGO44itoWttCwqmGJmlSWurRsvYhSBgvNC +LXFGGaQn5ncO1tqKnWSDf625UnAipsgW8P4Agd5qJZiwXfJ67Hi0K0p1bGlldCBU +ZXN0IChkZW1vIGtleSkgPGp1bGlldEBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOn +/wMLCgMDFQMCAxYCAQIXgAASCRAMggxx0mmTEwdlR1BHAAEBQPYAoKRB8Ey3Ny6T +aKaGoL2GNFQEwM1MAJ0WblK0ScSKbm1BN+2hfDmmKRkgvbkBDQQ246gqEAQAkdlS +JYfTiZH/CkfV8tnhI6IDz+SgiZKcneEBnO+hAJottARGAojdbURlOIeZqRCgKpdT +XBK7MdHAz4RKFnAAXPDBZgA5q+Coqn580t/O/AKGb8kKn9n52z9lC8A5KnHaRAsO +KVyPTIU5vq6FLmsWmMB55iz826Dk9kMhV7mmdQcABA0EAI8Jq3Jnqf0HqqaX7CZu +NKHJgag14bTaBw0niZK0KSB6FBpzitEoyst5JBPCl0ayQEw0Hn4jhZAqcZybI//p +C1CNQBBO47VUi0y1UVjExtaNmmWxugzkzWHHx4WmyWsCQwGN4B9riUws4g3dgC00 +7l+aonKzj5QEo1XiiMNTFFmPiE4EGBECAAYFAjbjqCoAEgkQDIIMcdJpkxMHZUdQ +RwABAY+uAKC+sJk79PGOrcXpT2/F1CqWssOBcgCeJ3lY+tmSH3V/eAz5BdNB+ar1 +XhGZAaIENuOo3REEAMFaZuaYHLD67UlMCLHGPk1dFdAn3Mu2TFFDUYfEtA/JDOiN +ZacPiQSZ7zK+wVe66Vs9fzNkyeXqpwLzC35vkTx0K1m69Ave9LnXIZ70zvpVEL/U +eCuITRiocxNglPgn4dyJ+2V0cWJ36NGcZmkvBW0vGItpYCbpIGLzYVOfiVUbAKC2 +Nze79Iyw+DKU9HI39B4fz85nkwP9HbIb9z5kXiRZyCaXOMnFBQ3bAZh4Og5ZQxdL +yZ/rIX4Mu3DGjqg6UtosdVNHr6ofZWHPXNqqTUivoUmOS5Qa8dtUW3YGa8vbpK1O +MnjMLhQVJZg/eou99s9OFP5GgPh5r5Vw/EYQZ6qzS6YiYnqzSt5LcolL2+Ae0ajX +Uizic/UD/0TNXtCRfkS4SeVSkZXarb1oZjHdGlw6ENiLGiA0e5b4r0rByW4EQQGZ +Pvg3DFXMjqp0lVVmfmXFPggLkbTP+SJ1/VGSC/wSqPkMiKSCenRqwHwWIdKxv7f1 +3hyeTZXR7P8uaSddSXaakqmT99v6pdZOo8NsVQTx3PzPKpEVciPBtCdMaW1hIFRl +c3QgKGRlbW8ga2V5KSA8bGltYUBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOo3QML +CgMDFQMCAxYCAQIXgAASCRA3yrUft5ED+AdlR1BHAAEBilwAoJGWPf8Pesitjoqv +zFLPwO+EsydjAJ4kNnkh0+QkOBvDz72Hz2bnjSPT07kBDQQ246j1EAQAp/Ccn5Ez +xXIGljKVKZ5Pp0xJA3uBoQBvXzu2pU4HU+vmgwnX1313x+4BsHVEbw7+lfyhKnDD +0TSwIAHj/xeE+jraCTU8X1iwe49eAyTaWF4wTyTzdZKQ9mrfBnFgdWlRjLALcTMJ +aOE2Zasn8wgAEHgi4QWyBPS1il+aFE6oizsAAwYD/RpvJnfv8VqfbCxOYt7meLfT +LrvcPlGNynv1nEgNgjbYRGIRzbXDDz+jwcLc9MeNuZgtaXvUbsQ8s0X1dP6vq43V +mQTQPlU1TQx10o+YYn73ptyhbwOkyIDGmyf6uFhO0+B5/MY0KRLCxo0lwMxvVkYN +d6k804pSJPqwusWBm2R0iE4EGBECAAYFAjbjqPUAEgkQN8q1H7eRA/gHZUdQRwAB +Af5vAJ9dQMc2nMpcKuH28xwKl8r7MP3pygCfWHGKFHWIDkUt8RfHAB9geauEQSKZ +AaIENuOqZBEEAKLUF5GqBMWJQtBs1t1Sp+NIOGuMLgJOhINbMU6tk2jzeUt6ooNd ++c8P0TexsbSETwhrU4ntpvIISb7I8Twhcled7bi5KCABJOzz7Fw+Ydxo5Yjm1DQH +7+gEtPx3n4AjZUfRAN0nqcFizDpRYPqVaN1QYiGWn9yPF3pubQhVn8zzAKCpx1LU +lQl2e5t1YJhmom2qy38EeQP+IB45FBfDf5KKtyS64alQ0vHYIssUp806PQorw/ZO +uoiscUQj/WeZ4vn7rCdu60uR1EuHpGp7n0t7igEgAOcxDjrxJmpgSdD79V+oJAFL +ATo2msj1IklVvJeI7ZsImyPchIU1lqn/GvpAam9N+FiIB1KUMFqTJzc6zUn1Qqag +1w0EAIiRHPYRW8ojd9Uh4Ed3X0daAnClyMWL82t2bj/bJRmhupQn4aVJ5D0pFB9i +zTiJEWciHpqiMdsi/zExYYIDS1Zu94+WFbNIxyMFfHrJ5fUQtAqLb7E5LrlxZONU +nrRwshqR4X2TmW2mz1Wop542eUQ1UWp4Gr3VlH6giswY0CnQtCdNaWtlIFRlc3Qg +KGRlbW8ga2V5KSA8bWlrZUBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOqZAMLCgMD +FQMCAxYCAQIXgAASCRC+eUhSvlz4hgdlR1BHAAEB8SMAmwR8MsDEfj2z2V/SeqUX +i1x+Wmv/AJ4koI/qJXC+EYh0K74Nu9/rPz+wjrQSTWFsbG9yeSAoZGVtbyBrZXkp +iF0EExECABUFAjbjt7cDCwoDAxUDAgMWAgECF4AAEgkQvnlIUr5c+IYHZUdQRwAB +AZnVAKCoa3Ps+duJ3n5TKUcCfjRvClcTsQCbBWapu2wbWJZa3XE6jajJOPS3wTm5 +AQ0ENuOqfhAEAKZ71o2OazL8PS8vMRS+PaRowGBW/cxYo74BuLTIqyN0/RAS35Si +yfJuClqEaE9njZsvyRix8mY73mlYfE3qw1frsWZBBr7+9Np8/DThJUE4x1h6MtJ+ +qaHIuhcYXyXdW5zowytpmRLnxEDUp9j4QOOoIwi0UwD7sC6YrUki+bm7AAMGA/4o +/SkTuvfycd/lvQ2UMViEAYip2B1a9brNlqXaU1eI6QqiTgjoAf4ZQZgmNQtf7abA +I9QN2WWpiUVlWaDaJJEXiLWS13xmnKaxm5po3IPPYBTOVd5xFDQlP5ptgUFqefIe +DTgr+tHRq+RgKhw8QErT5N/PM28RHchbOewj0OGSbYhOBBgRAgAGBQI246p+ABIJ +EL55SFK+XPiGB2VHUEcAAQGRMgCfdcoqwoaTU7rNH0BWaYUfCrQ6TnIAniN+yQaB +bwZHMbSaDTBRndjLglsKmQGiBDbjquMRBACteKaHZ7pcM7Quj8Ec8Sx0fJ3u0NdL +so5xn9Ek4FWMLBu6jw7b/5KjB2WtXOZSWKHOzeTfUAx79NMKJrD9jZW/0kEAFVeZ +pwZF1l8fBsRELR9cxAajE3RvFkgCYAhXsF1Jno+qiU5TNvadGU4SzmP4vOnnjrIW +Ty83mtZiwoFIcwCggaaaClE8Q41NyIfVtjS3f+Nm8x0D/icH9uwM3vpB2QV29IIB +qazgaFr7vBoogFoAllaCQbPLiyHX1Mk3kEZg5xewmDS/tU4rGqj7UcL9OlZx1ICD +8cp80yNYfoI7K5XM6sYOMmfJORGOEsqMtoYbo3lluDgDkg26DZNynUeFHZRrIWz2 +cKqTuaB3dw09m8sJNus3poEtA/9Q1KDsjKPi8+2kUzJoK3V61QglXAVDlfzK6B5K +OEZ6GR/gX9M5uyyLjREybFSSNPlvLR11+mV4GR5AcrVQOmE0QpFyo1Mr+uDsbqwk +zERvRq1r5pOyqM5WPXhlXa5oo4na1fBEX76IEzK6xIVG07GnNnaY+dlPgsLq4I8+ +A20ZG7QvTm92ZW1iZXIgVGVzdCAoZGVtbyBrZXkpIDxub3ZlbWJlckBleGFtcGxl +Lm5ldD6IXQQTEQIAFQUCNuOq4wMLCgMDFQMCAxYCAQIXgAASCRAlsA/UMM7GhAdl +R1BHAAEBmNgAnj0Q0x8/ArVTURIRhBLli2zdJFwCAJ0brkbdlbR2eGeNACF/++T4 +S14x8rkBDQQ246scEAQA4Zx5WDc8LoW2Ctmueh+iHNae6LoVUHN5qLUNnkwwqZ03 +r9Ay/V54egw5vfd9t+HADnWf6Q+6FqmvpCpPPHrZEYD+ArWbu+NTY59jFI7rkY3+ +tJRc3+QTzeNHse7HgyhxFdn7/yeCovskCPDUtl0nI6eIml5G+tyQ80L9spq5rvsA +AwUD/3lWMCMkgBT+A4zC1upOBX5yYd7nYBrUIkRqVXzzIobzqeeoe4vjHFRNNmWP +KNtsqV4kP8CHtHUHEGFIQPLxa5O6icRUdXFNwv1iKDiln87Nhl/l+SXV4s1pItvx +dkxPQls/TZv/84ykCvb2VxqBrWjVG1a+uVTIhg5ObZFxPGR/iE4EGBECAAYFAjbj +qxwAEgkQJbAP1DDOxoQHZUdQRwABASDnAJ47dL2Q5/ft3EzaQrldWSiLtreNdACd +GNwpxQVBQTipOs5DiZ2gK8FTd2WZAaIENuOrWxEEAJVonskIQ7KNmZw9sG/oKumq +pNa0VIXMHQcAk24hNWiwLJ7jJfJyx+H74Wk89lfwHo6C9NHtvHbgOaK/SYgX5lW5 +a6UwCBlrLtAFOrhELFoGcEXbKNzR/ynx/GeZccCbZGf4ZQIhB6IZhqA9/JiTbIJ5 +ut0V2nVB++oqzujHL1pXAKDjXh+4tuQHKzKJeDuwWcKhqtuYmwP/SEYSuwBYX4Gk +aw08/OD2iLLMadXVimpUa7jCWBkCtiw7hJed0Pnda52AT5Yj241q//RpI8dyuAdA +n1lkAtLFJe+2zURaq/BV5I0WXL5AqMcRxuzyBRu+6y3dkokPnkvnaeUIo7rjAvLJ +JL0LrsUuniJNIPo4xpTYY7rve2GusXkD/2cXpN+6fD9bvU05je5z7Zcxlxq3ylYv +Q7Sd9RPNOa7lxak7qBX3DgUa7X2Pgznm1/EcSMEFf0xJsscKF3ZpL9NxGMA+gCUp +sd1rlYuf63r3B/Z30hBw8u7BQvAgaeGmrwBUUDa4aJkgfZUpuXJRi2Yg+J5YxdRB +QAcEBXIex4ZTtClPc2NhciBUZXN0IChkZW1vIGtleSkgPG9zY2FyQGV4YW1wbGUu +bmV0PohdBBMRAgAVBQI246tbAwsKAwMVAwIDFgIBAheAABIJEF9jVrptlzKsB2VH +UEcAAQGwLwCbBT6UT+lNWMh/jxFu/m5Dy2qMwpMAmwePBu7USi6TWKaXYRSL2yyw +JR0HuQENBDbjq44QBACdC1XRPM9CMFrgVUvioU7SShffLnjgWBZ3hqbOYrsgtXfu +Qdv6lAixnNPdnk/k4mjL8w1pqbjUmfmbppVDxzsiiUQlJatzGDfU1gDc7ksnXpF/ +vzghbucy8HNO0SHi3uM/GXC574iZ1oxa/A14fKnCVYT1ThqUa1usC5YQXHm4IwAD +BQP/f4LZgN3dbL4jLqXHDNpAIEjiTbKXxDKHOnAof//4SE0mpaNVHLu3nxI57CtX +fSI2kMQSm/3pqpTKzaBlM/CbMAJUanhmlLPARDcJ/hQcDtBsF5nFG7zfLfe0SBwg +sM1HxL968Vva7WsbYpSa98+3HSDuy9VwphFp7i4HbnCbSK6ITgQYEQIABgUCNuOr +jgASCRBfY1a6bZcyrAdlR1BHAAEBDeEAnR6sKjEq2lzXziIuSnmSldBqQMYeAJ4r +ZZcDmBM5Qt+2Vp1dmfy02hczoJkBogQ246xDEQQAhBGYmGwmeI2L9tF9/9gatn1o +Va3zUb3dbxaFXnWqr6e1QeBQ1jnljKizhcs5ra1L4rzM/pfXkV6xUE9ghBrkEgLX +SYCwt8n7WtucYk+40EDZTYygRpHGj8m1dD//mOJNGVjAsNGcHO5owI92yKu9674k +HDnfK1HCPB7ub8PU8+8AoKnZ2PUW0OO5tM3uQIXSjYrM/ATTA/sGKZDFfI/BLMao +toddIQGyHzg5BPE8j3wFeCrTX3n8DUHX+k+zfnp64qWqh59RMdiFuOIxhuNlP4Dq +O651/sDZRzLTcbwcNniTV/W+bOuPbj7rKAYFzFNWvQFrB6ILUPAbcuNCgnVy4XFF +DwFgkMYjA+tRbkl2WfNbZslZ93Jc6gP/RLuIRU323GRIqKV054/VhwMIPwwzeG8X +2RRz7WFuaKvxI5n8hgkDJA36P6Zhawu4q1n8X2mqIE1NcfaNYJOqV04P9ljEdUkA +BGeSJUbrJyQwuzEeLYs88ErzFpyTTL3aYp7vNr/t+FWAJFKzsz+vNRvNSHIicdLL +GvZJhv7yVu60J1BhcGEgdGVzdCAoZGVtbyBrZXkpIDxwYXBhQGV4YW1wbGUubmV0 +PohdBBMRAgAVBQI246xDAwsKAwMVAwIDFgIBAheAABIJEF0V4B0/8TIGB2VHUEcA +AQEG+gCbBDRkJiuJ1K8HG7We/mr+Rg0Nk+MAn2CWldqwbU0fWlk0UH2TkKCJDRfP +uQENBDbjrHEQBADeYTvnxIaltqV+9aElKlv00R1km8mzXOW60Nbc4E24Xh4hvy0C +dZR47WaGULMltx/3nxLjQEcK8qOCI7ytJ5okLKmVEde/eV0yG6P8GjzdPELowtur +lmy9aWC+ckGq8GyjqMgLLeI4BNTaWVXP69fllKezbhGqYnFY7xTc5IlQiwADBgQA +lkCWK/odKM6+yUPwaiPL0yrlV2/gyAUI7kszey72oiKjKm/WXXzTZmdQLb5JaNgn +tlTMpYkM1Uk2bhyUG36w0wVwX/kPgCDYh3WRAKHcwbw7+qe77E56D/gNm0vJesa1 +jmyrdysvfhlA5Klt1rmoHFCqIEIBG/xSnnPhnoMEoFGITgQYEQIABgUCNuOscQAS +CRBdFeAdP/EyBgdlR1BHAAEBk4cAn1I/jmu7FSgglh9aPmVYAw7HWQMAAJ9PAPPX +fqtwza6I8ttGPLYNvEAmAZkBogQ246zREQQAgcIj/Eo8PrIhEaxKcjc9dNb9/0BZ +3BxBk7x9a7HKm6o0/vcfLH2XFjFxB4Ddfe+O1PC9KNUqIi6GTafGbyqS47XsnOJs +5nvsrgmVpUUzAd7p0dxcc2tJodwhkH4GtOP4i4P9XBrxngQrWQ0ju333EPF6wLWi +7qkVyGENCfsvktMAoKYgM+XYh9UQe7/HX0GiCnk3ExVnA/4ryBxdyBihj02i6s8v +Ae5mlTrwv85ugouSB95XEX8GPfvaWIW/TpUWQ6a7o8YzU/kIPa7YzETYX8e/FVr2 +Zd33HAfeLUNp3OS0NvEbYJlGDfW7/X7qLVv1o5WCjCHUhK8DCf9Ax9b4z7CbRHpt +xSE4U79NCCOsXQsObV28qlGsFQP+IIaCh7dTqADw/nBmfuXxepPKXS6Xdi0to79L +fQtr+TUtJOEVGIbqqQBsgESFiT5qR0W7qhOnl47TIQyPQnt/V994QwyAGtIgtM5q +YFRW70g1FkyDRX57PzTMuU2BjVI6mHkaUkLaLujbRXiQFm8IXJ4rf297GppKuSgv +Ncr7Rmq0K1F1ZWJlYyBUZXN0IChkZW1vIGtleSkgPHF1ZWJlY0BleGFtcGxlLm5l +dD6IXQQTEQIAFQUCNuOs0QMLCgMDFQMCAxYCAQIXgAASCRAcZ+wTPGYchAdlR1BH +AAEB0bgAn3zNLK9DdG35j4BV9rDISiiwUbkrAKCYzKPhFiFGVcpYI85EHEB8I5gy +1bkBDQQ246zkEAQAkaLhP+OtjkG1FMzSmwCd5DK3PMWAfj4uKBRcABvRAMA6TIY1 +9Yet8ckhLsDc1z2kxYB06NaBIptjKvOtrRJDvn9KQjn79Ll6/YWmSL4dijtw2BVe +dsImshjuTgMAy6eo8n0kJRdzzxbEa8pXlvjmG2oI+dXY+Cr4AQgoPloZ8uMAAwUD +/347q21Rt5jZtAdF1OGXgdTFDDiWBg3uy2AZmxscJzTLqWfUcX2+UThOXocj81H/ +w5q5Cte3z3zx2HTf1A1mw50B5FZOTg+BK5erpUMblY3DoH1u9E8pd7nJ5WY02Xoo +RIHMxyrzuQA1lZnry8onYmKHE8dEDJ/HAavYkqRUXRL5iE4EGBECAAYFAjbjrOQA +EgkQHGfsEzxmHIQHZUdQRwABAYiXAKCU8v6RR73fcsQGGQWKe6ixtpVCDgCfUZaW +46Lt8G/NbxPkHr9fhkBqWlWZAaIENuOuOBEEAJTQ6NWgLfYqH91SNc903oci6wSE +eF5ikUjNgcdNgmYUESMGP0LCulgaMZSan4FLbAVLn3M7YyWlAYsauaj5gYF2Kjff +wfB2bxtp5Jx3Yqiq76haQKgEybZXHFtLczySrSmk27ZDkQQ7+obLBWtWl8EzeyIz +eZyyNVofJbL5PUirAKD+WeCA0iv5jPYehT0bALAGL3ffWQP+NFMEC5dOru8AbZsa +knRf/OpIwtJFl/CdmPbyHHojRIhPTJlTXGCCsCDNJsHbhedBJLFYxHYFlCa6k90c +7SXzE+fkoJtijgL735mymvEReDT0q1Vww6xXqpOrjQ09I51FE0BWE45OD8YPSpfm +v3O0Hnuql5+ang1/Lm2ajdJ6F9ED/2OR0oIutlGwT+QfnuQahPmS3ie8lbZfdPTc +Ewq+ylWbdaN2WtHQmLTKLD0/TmwIwmp4Up7hFmt4bqLrToKK1mlEhFumN8wSrzfz +OBQO/tUYXvOoJ51i7fqx6l+TPGP+yU3K7oDbUdOAxbGIGuQNegi7Ew8UpjNkYL6c +IdeBba6htClSb21lbyBUZXN0IChkZW1vIGtleSkgPHJvbWVvQGV4YW1wbGUubmV0 +PohdBBMRAgAVBQI24644AwsKAwMVAwIDFgIBAheAABIJEDvb7bF3f77TB2VHUEcA +AQGr4ACgllMIBb4leDKz61LQiA4TGWQp9+QAn0gF7rrvXtHdEc9kFQxgfASZH4RZ +uQENBDbjrmYQBACJ5res4tXRZj36s7P4KZWUf0YC8mtLxxeNEXe5ckAtn8gMfcSQ +J4Mei4O1EBvrKZ9Dz28Emv0FmDd66DUd4ybRIk1PN8kWry9UuGLAf/VBAkMIyXhY +CEnB7wRsNj4kF5DhYiytep2wekPocZO2GAUoIyY2yMNb2m2g2K8UnK2QBwADBQP+ +Ixih3o+++i02Xwi4wOe7aro2xSeBmH9b8nEaJ8v8RVLRO0AgoR4GLzKeTOfv57FU +48tlY7sxth6FOxeJaQkS1nD1LRpb3GUDZr7qM/yOGYp0WhdRgGW+c0eYa32g5ajq +2zn3+H1L4yrmRSZM4nmZ5ZXe9ijkGs0UNYqmi0gBYxqITgQYEQIABgUCNuOuZgAS +CRA72+2xd3++0wdlR1BHAAEBSdEAoJfp/f+ZWcSt5YKCitR1mHyGDUsSAKDsVRYK +2fcdY7CA7DHErM6z+tCb4JkBogQ2468EEQQAxS2TgAmJc/eNoqkiFuLcHvdLZJnr +usrMGSJyN6WnBaToud2wKtsuwhawN/x822KHSv0Cz7Zqt8CmQ2XC4IarVmU8YYYR +/Xw6o/EW+eCFURsN1yiw/hsibeTobayAVsyXrzEAadO2RLkZ/Pje5O7Oc/N1mcZs +iM/S4GY99mToZbsAoOGLiG27Gvdj6532XHVtYz0qpS0DBACJFgebrTlFlUGR3OV9 +jHUjCCf+XwKGrcyw+t8EyyVqkGerVqfb+cRA+a4h170LoAs3W3TcMekqifHZeCNh +XPymC3LYVTu3FJKbYQT73vl1enei/hN8PUrGSw6XvvQ8DOLEt82E9bWrgDZwSu4a +A7vioRff98BrUnSdEoOCYD+aBgP/ZNJkoJoUehzcgdCeTKCYbPNk2lVlXb7WQgHx +naE2j1XzU9inOVhXxKUbnVqNbUbd49y2Lsk4g/oyq41RthHhM7NnLUOrj5WqpkIH +p854govjQgooCgwwNgU0un3NxP6zr7oNM8fbt4TVYS341CMGCvah8L/iIBT+eYBi +ajjGfti0K1NpZXJyYSBUZXN0IChkZW1vIGtleSkgPHNpZXJyYUBleGFtcGxlLm5l +dD6IXQQTEQIAFQUCNuOvBAMLCgMDFQMCAxYCAQIXgAASCRCl5n9/o64+oQdlR1BH +AAEBr38AoKHr1J9mnwnVtWy8G3EbOZGKzNRsAJ9OGOK9eQO8rWHTtj2sUpEieIJ+ +TbkBDQQ246+AEAQAuHHJHT4loEDZBrwJt6vBcc0S6IOvP43374/DL7fvl0ODYpDt +FSfHs2JFXfrxt7+UaB0yEsp5jFmWY0+emhQ0g2TzpELNhtKmYABIE6cwlAXZZ1Av +Gax0k0kIwp+x7UdnKWAglAZYj7WrQ70tzHtV3UXwYV4m9OEwdHIug68xUJMAAwUE +AI3tEdSDZvRpGSgM0xAovpVXou8G15J+CRep/a9Si+aFC1RfGhhzRCdU8I+5Lqtp +GnGI3Pw4uCnREkU2TfbM5WZza7rwHfSShyIG3srHp3t8kYcvmBWql5tTLVgncMGg +4g6BwwEqZeeUbbgisc+rlu+6oa2fBOhkQ64SPdkfPA25iE4EGBECAAYFAjbjr4AA +EgkQpeZ/f6OuPqEHZUdQRwABAWsJAJ0XijmoDUP1Iu6lhsSlmGOiNO/l4QCff5G6 +w6Vkq8d86Ev2IwS9Wf4uNmaZAaIENuOwChEEAJDhTfBph5G51alEDUaIfFvD0K+o +XDXqDB7hDg3stVIpZR99d2bo/dPOuVWorwXFBDJeK0c7iJEQrMWKlxdqbRGkH8pa +FSnL5XWo4xMjknqnJzYu3gb734ioFHTC4WDM2/voTGuFpLw+eirW+wl12wusHpnN +kWxMEIWt2HoGTerfAKD3JUBraePb8gHKnXFzyEu8RLp3swP/XaAKje+NAYeqhcAq +xv2SEPUj8EMgtX7SDkkyDv8wuRfcNwMAt4XwHYnnM3bpUwWj2JcDGE9rsNna/HuF +Ajz/2lrhUKncH0CywvjhYtt1t92j0cPZaeR3pY8R/bm8Ns20tiP7uxVlj+szI2Pf +5KiUHhiWHJ2RTXGE2pUmT6UFhc0D/juyZvINKwkbUSSwpKvsoi15d6e4Wx5PZ2mA +rT5y+ULitBx4WKIsXV6UVVaEBNaBe63k9cFGdPEba/HflSd76kLmcSdy+Fr73d3T +MIrmwAKMVdKjRAEc3l87YaPd2/LdT+TWzCQw33EotexJ7yZzZA2SJx27/jyIgXkW +twvn5UCMtClUYW5nbyBUZXN0IChkZW1vIGtleSkgPHRhbmdvQGV4YW1wbGUubmV0 +PohdBBMRAgAVBQI247AKAwsKAwMVAwIDFgIBAheAABIJEFjLmkyFqB84B2VHUEcA +AQEk4gCeL5zcIOEDeTY+nYJaAFIVyxMDn0IAniDLX638/CT/T3nLVPqDevBFsTTN +uQENBDbjsJ4QBACevTDY5y+VRfsTy7YLx0kYiPvBFTmoNrPGHS3Dnn/Jsnf8rKEI +V+yvZ1nYTtnDpi9zW7dZNN/zacfhL78gkVIj6oGLdOtzBW23xdrc+jtwjM29LRsG +Gp+Y45clziKFSUANHYm6Sb9AL5/ps7whkENav/sudPhLAQ+E+hk0wVvrewADBgQA +naSI/d7XMz7MSjaLaOQ6fLUiDKfSxGK7DQ5dD0HrnrOnTYbmq0M34heGAt19CqCr +JZyQ/gEsMng21CgQz8yvb/uiPeHTVeltTzpHVAVA5eahbDervKoRYjB84GoKVIXQ +DXixd2NDBp3JptMWxbibxmfmMtb7Wwfg+tWMeg0TPgKITgQYEQIABgUCNuOwngAS +CRBYy5pMhagfOAdlR1BHAAEBCJsAn2CeDRsh/7JwAcaMa8rlXIi9wsrvAKDLSGdt +tgPGpeFytA60KiQJyGZRfpkBogQ247GpEQQA3rbWaPIEzk69ZyV25ObCX7lUkGjJ +m4C6WaTLN0OwvoAF9F1/kP73Lh6fsFdjatEuL/sOSvrMQxeAPFA3/qvhpjSjAOVN +u4ZHA0LxOPBGFIIXHVio1nhcJpiTm9CjKGrXXoeIj0+I/KHBsPotM+qP3tMtDlVr +FLyKqeImT91JZzsAoIDquRnzyTKtyt3DQ951OxjkfHtRBADHIB9PaOvB2428KcPn +oz7isFRWt+wjl/+uRRfDzjXpXquzK92PMiqmyyLCFg2sa5X5aW8jM/0obg3TVPII +fprH8IdPkTc3RD5qSQglSTnWTuOnLnYG8gEK4h+z8rEm4uwG5qZzJe5EK7oQGVly +7Zx9XtZCqLweN2t6YfMBeJKLcgP+OQPGyyhJib6av2pmOlYw5xrMZA448NjqFW7f +LC3Ro6YGp49378uSkYVnliyoZrauOLR/e5uGA5hgh1WvyInOGgzzDL1D1nWmOQ8g +nnq1Tm9yTdaiwu6OcdhwbfERO3F5zyZeVSsXOKs8rOW6kBGGLdnT+HCaipNzo4wm +5ekyfvG0LVVuaWZvcm0gVGVzdCAoZGVtbyBrZXkpIDx1bmlmb3JtQGV4YW1wbGUu +bmV0PohdBBMRAgAVBQI247GpAwsKAwMVAwIDFgIBAheAABIJEKlMD3VlMkTWB2VH +UEcAAQEzWwCeMxscN9idLHgH2DP2U6tP0tNR0T0An3lfFgidO+z8ZeHXzuOM9TAS ++jz6uQENBDbjscMQBAC1u+09NP46dPnn6RJtczL3LEroyrcPmHOk3FbiNfJ8YMnF +BeST+U++chi/kKzm+N4y8TZE8sHwGqnkeIBtJX2YmQJFhKi2RR9AtVn2HV1ZTBYT +1q/P7MpZTPMI9EODlCEPJTvX+MdtP8xh0Gsj1i1wujQOJAiXdrqsPxen4Sch5wAD +BQP+NRROzLFq4kBUpgoTyvWzJl96Gdykf+O0AhbTlZ7ix9KtQLfxGrqzgo0hwDjb +2QzeWHfjVhaaaSc5UWNMuIQyHRcsj9x4n25XGE0HUyOVSD46IOAjfZF+beXOa/Nb +YcR+zzORfXr1qyW2g4oV8LN4s4uV4dPamQ3l98Lkg8lhWCeITgQYEQIABgUCNuOx +wwASCRCpTA91ZTJE1gdlR1BHAAEBzpgAn1mBiOpDetJyYLCFzciHO3YBMA1vAJ0W +5WC8PZiHyWy6JazAsMWs2wOTlZkBogQ247OaEQQAowMahswOo9fdIojf9byb0uY2 +C0NR98cYc13WemcYzyZLJV9aMRagSDYY8wSZ1ff+29RRXudPPTYgnBlFWWtsQ91b +vp4i0wBjU0HjcumNBOsBH76ZUCyW6VRjprlXmckoRzQio67GRbUtZq+6NfUlG+UF +kt4GR2mxU25oYm3BQV8AoN+qhlQJxnGc751ExqUct8Y6fs7hA/9qkyTaZz4YnCkp +LFcG+hCRVx+5kEmZcm5QJzgFRTMdfRlIo1uDFj+RVHXE3eSsyA4JHp0Swa6QiyBV +ZEOP22j/4TogizpgqEbt8ZxcqETzPyZ/eEMtyaNsIoMJIUFPs8jlOQvOUAQ/XLZG +2Kf9JrvW6cZmE3IR8A9b93V1FxFWowP/ZZxM9RoiNG8CqZvFSl6dGGD+YXmvCYeX +zVW9UFtkKhnflzR50Rkql+bJhsq7PsaGMQ/Po79RYZhmkr/uvp/iQVSuE7lq0KWd +HIGS+Y2Z19u0zmF3mOHeWCoBPu2Tue08AiHxfz+qbn5RpvreRnBcI+JJH6ITBGnj +YZtUvsX9vau0K1ZpY3RvciBUZXN0IChkZW1vIGtleSkgPHZpY3RvckBleGFtcGxl +Lm9yZz6IXQQTEQIAFQUCNuOzmgMLCgMDFQMCAxYCAQIXgAASCRBHr0tpYfBHhAdl +R1BHAAEBzEkAoMA+KfY9bA8EdfvWwa8zUM1SMs5rAKDS+6X3HVuCaLtVxzXOob+D +KbB7b7kBDQQ247O+EAQAh5FAgdvaTJL3jBGcjYiiJosxeTWf3L/dUY99fZN8R39D +SVoUKf9Rt/EsS5DywXVnKAeJiUTYw8lbMRVF70VhSDHpMC9KtbB0lk3CcAqULPiy +irT5g9ywN24W7k0naWIJisttUh+Hqbm6gc5Pz9Nfd5ll8x4Ehi3lKE6Nze3gUNMA +AwUD/AtUN1hqwWTTphVZctHq3JaUEb9agmu/Ocsf24/bq9i8R8FaMwBF4fI5qIim +cqAM+2BZ6dvZEdqrVaZR9aHjzchcHmaiI7ZmW4gmk+LHFFWf9y7mG8YDKFBXkaBu +JpxFb1FIfJpmaLzJmRa76dLqI3A7H2E8dFQa/MGsYCa4NmILiE0EGBECAAYFAjbj +s74AEgkQR69LaWHwR4QHZUdQRwABAVPdAKCcyVECIa28vmUPgZ2jkXQoQ/nNkQCU +DpGL1aZn1eKrDlHcGyD4CzywnpkBogQ247Q0EQQAvVX9TJEynPJEsX3X2fGPPDiQ +K+oB7D1INI9bfID5NKtoo8qybivOLo85i5m7RUiEyhX3E9lUg9buKmtIhas0sJ8s +LURmCndIKtXjIWg3Kd0pmjE8q2zyd7ChQ3ffJ20875wNbR4GQhSO1WTuxwRoL53f +t+9JTULJxkQRf71Azm8AoJZQYphKeLWrLtFjb2WKbYxst54tBACS7C/Vu40euIev +p2TZHTtY0U+ObFvJr8jDrdQZMkUFSuhti7rfO/bf7qTwmCvv6IVmn905ACh9bnKw +ZvcR5T1yR2b6CAN267fzriZhu6/FG+9Ddr62ZnV2rP8Oa7uxAXCnoovaafKYupop +vHV0z0tUf2+wasrQdHZTvc0pfY+56AP/WOVJ0KGzP6k9bYjYSRJ1MJb70wdVFiHd +lIlEd5P3jQsXOyHVMrWp6qH10sQLto8gweWJr9aHem0QjTNSTVpzp6laBHf7tnLE +wCJGeX5f5BOh87akRjwfh9J9zW+DBrtpqS6vjlDYU5y6RGbGRl6ndtXhV5FpE4cb +Lax/pGFWEq20K1doaXNreSBUZXN0IChkZW1vIGtleSkgPHdoaXNreUBleGFtcGxl +Lm5ldD6IXQQTEQIAFQUCNuO0NAMLCgMDFQMCAxYCAQIXgAASCRDe8Pe47Gfb3gdl +R1BHAAEBomoAn0xuW4iqzyqN3WU6SPnzELkrjzZsAKCN5glp0flK1eZskwbDZkPb +3J6/M7kBDQQ247RWEAQAz1fsQzEPDc5KqCcjvpa4gFKwjSAX9Sm3OlPyDwBjqBA9 +WFT1+BAdu7tyvxJkVXd3JRUtPOQ2ruaxSK93f8V5y5/vsKkoEKtCXOy35TKSI9D9 +tPf6CrejAaL0wEJ95TaXnJlnfKMYiqDz9efGYJu4i3Dr0U3LPv6dCgMzbxyL0HcA +AwUD/AkEuPFdepYVjkl1ertyTrpDHlgcOk8fuzNQqsgYoZkfGTZRehTwb1ZF9DRV +VB9qiZ+cq+j5sUMUkZwt8ghMjwWuPMaiHYrc8pzGxCJDVKxWUxPdea69JPTK8Mzx +ri32j7a/zIsuASNHZ2f+VOIaMT8A26dGj1MEam/Pk/Tzk2bOiE4EGBECAAYFAjbj +tFYAEgkQ3vD3uOxn294HZUdQRwABAf8gAJ9fC4NjVwHWOh1tCxLq4dF3L/M5VgCf +Xj4izGMaaFuZ7+IOJ7jgFqC/yiyZAaIENuO03BEEAK1KlG4lUzMSYafGwOLzFwMw +ri48rOAOOAxPrkRW/QBrGU5sPxUzxEzu4lP9365cmMk4CLyNswxdUsB1xtOihd8i +LvCxejgjNDdJOypyqcPDNrZD4k/g/ADax1OXde/Hr85uND8jQ8isUhjZSBtTeDCC +hbTXTJWoS77vdZBtOFnrAKCz2ucyEr7F/hMPeTNaOELYvImB2wP+MK/nmEcsD9+X +m/xeVfWzi1oVphA88OCh10O1fjieyQ+Z+OEuSizysCKIKIQ5T5q8Q0wCf2ALpAKV +CLXd9JK9FKt+EIBZLQLKoAj+wuShDNU08VNuU3LOKI1B6A8jI9eBArokwj9GRUSl +Ir6KYI4EYRUyl1VVk8kpENIPUg2iE0oD/2tBclzEFGCY7gexgOq+FOkJyB7MUuca +0IJLIW+LadjFVjIapYbHzi2o9VmfqHtA8SsNDt2Ckx/xAM5jXpSnDG7U3IpS2iHS +OZfmJWpv22Xu0L2zdrO9ip9j2Y7WKjt1M6sNeG6gCUZdHpJXjHWUTDMwLKLq/ojV +Tx55aHV50NoMtCdYUmF5IFRlc3QgKGRlbW8ga2V5KSA8eHJheUBleGFtcGxlLm5l +dD6IXQQTEQIAFQUCNuO03AMLCgMDFQMCAxYCAQIXgAASCRCJeabFVn+zSgdlR1BH +AAEBt08An0PRqhiMzF+L37DyvcaVl+0zSrmbAJ0fL+8D5Frcp1m3YtBMpo+j5dsi +eLkBDQQ247UFEAQAxuGlBvqoDkxhIDgFZzdHJO+gJym94zgSGHkBmBIBf5Q2G2O3 +zkN7SIENI16yg9cxy7zkTbBu9PMgzUe/UuQov9Z6YXKzTj1jLozrGdljKOcW5YRv +libo7eKXDUkSvT+X6J1BOIVexl05Y4Ncmf7otNDre29QfK8gGBO/bdQd7L8ABAsD +/R4Nq/JQav4/7d5ETuMZddPAxV4kCnY+7F7oJgHDKJheJxt49rNtfXSxBZUsJ9P6 +Xhr46fCRT33DD1P8RyUmmS3/dJl7H/qR3A1rox4FQPWAuk4WGhsfSXvlZnFWKJhC +8TZzFisjiXjw1OFYiF4TArxj9D7d/cHEKIi43rtefpf+iE4EGBECAAYFAjbjtQUA +EgkQiXmmxVZ/s0oHZUdQRwABAeyQAJ4oZGFj58YW1ovUlDGgd0M9En7C7wCbBBq7 +67mk9lz1SsGvRRX6kY+lj56ZAaIENuO1UREEAN1QBnOE/r7r1V3JGuBE2i2i5S9c +TojyHSTFkVlkOtAmallw1aRQcOqBtgMn1GYh4S5Zk2bLM/FIVy8P1EbD0qYhm7aR +lioi7ODgqo7JTdJR83JxqsRlgmSYsTIGWuQ3FmSY8KnVxGwwoYJuFCz/+/oiryHp +00DYRaAl6/TLXaBzAKC6TQpkipU7tR+RpVpmEyvQJ3Vq3wP+O4qdFWIMyL1ISNIl +nBvebDX7IQKczy+sz4CgagAqILP+fw30Z/YNOwXLjIoSyQ9DyzT1Zzl6kEWjeA2u +4y7iQOd17S4KaIMRtPDOl1Ipk7nH3KL7tvf24I2SCgOXPCidpc10ifY2cUqMvjtO +dX+8oV21JmAtb3Ta/BgZOvUCsv8EAIhzH1N3Gwn00zJooPswRwpB46s6q/8yrUfE +U+QMEjiFNmlCIh3VdPGqQnpQcPD2xH9O+07lgqtmMg2SZoFkWIeXHWjIHQHe7pdR +Utchz2WLIXKH1o4F1CR0eCPIjwrOTpnR6Nhyt7lNjjN+mUBkqRQOVjdTRJvRrTEg +aGCjdhEQtCtZYW5rZWUgVGVzdCAoZGVtbyBrZXkpIDx5YW5rZWVAZXhhbXBsZS5u +ZXQ+iF0EExECABUFAjbjtVEDCwoDAxUDAgMWAgECF4AAEgkQnu80zUsRsl8HZUdQ +RwABAUkEAKCUUXvVByh4l9ohXM16up6769DYSwCffVvyOW9v9kENNcHvItZnEmD1 +o+O5AQ0ENuO1ZxAEAJriuUXEtM08l6eko1tvlnkCKSZyQ35S9PogXv/90gA79Nal +JsN41jALsRvgnAgKZLJddtlfZ6RB4iwuENgOva6C0bG8SgT3m7rLX2nSyaFWKj7L +456wZWn3uRnKxT5ymxNMFemV8f06f3kg4kJYneJVs+Sfs/5jeyoRwDc6EQG7AAMG +BACTuX5AknTcJIrBV83irJVsZvWKHtUzqLoklddYXsdI/eB6c+cBlhFxe8/hWw6v +uFdFKhpCsWhEbJehzFjZCJo+ezf/YdQtWA34ik4poObWaSpnoV7ZXaVhgjQ2axNE +WrKxQihDVYRTIaXOJAJ8eq2wNPi4UbyZL5HcWO6SlP/2mYhOBBgRAgAGBQI247Vn +ABIJEJ7vNM1LEbJfB2VHUEcAAQH0XACfffuI4IS7cgh0PNghr/0v3L/NhncAoJNw +utmN7kkv9n/oPqkByzLxvZt4mQGiBDbjtcsRBACBDJOGX9C/xxCVZNP6OHz6cL5v +M3PimUAhV+9HAVVPQViTnFKrkYPSQyRfWzjOU8RO1Tp5CHz747oOb6j9P74yH1uy +78yFg4UuhXBWinhuCKKq4IIWwJkCKBFr1U8fu8a6Y6NcjqiDA0KmGRJrMPmXenXk +JpFGHG78rUvNi9IMfwCgugzNILh/3XZCZU+BUPYeXL+nUAEEAIDXZhj1vFXHgi9l +mijKDjJocEBoamN/taQy6Ox1RRD6HtfAPY5TER1n7xm9hMzE+Ov1IKpH/E872Rha +1qu1v7eOa6eTuNWF0NvmSR955freRsNuR8JNIb6StI2ER9pzBUfjykC9pg2wPeC7 +wpQJIF9TF+Ja1BvG2I+ha2xJ786AA/sHEUvAOsc58YbPlbIPyp2JdEHvXTRT2NIS +VRuTMQsg8vV99nMYR2CUh270uPyy2xZaD/kYcJ9/1ngY7C9pbbNWoV70PkEMO/qj +67OIViWVPzUhIdURorbpGhuc3oBzUxOgial7IbISPRItDgg2oZoY4hqyQNx8Cj2Z +ZAzDpM2vCrQnWnVsdSBUZXN0IChkZW1vIGtleSkgPHp1bHVAZXhhbXBsZS5uZXQ+ +iF0EExECABUFAjbjtcsDCwoDAxUDAgMWAgECF4AAEgkQa8R3gFSs0kYHZUdQRwAB +AUDrAJ4lTJHO4VuxnS5C6W+mA4hFMtMqxwCgt3cidUSPbSl5NRDlvY06KZJecrG5 +AQ0ENuO18hAEAMx88MFCgzO/nYyaNvxJ1pgoo3OoN30rWhjaFwxKL4twdqD4okU7 +IoF/dKgeZxT+8IQ34vJOCWNhIoOYR/jBnb54t+oWBJ0EmnbGbnmKH70IdeDd1fH1 +JseIYkIjF8loiyc3PdWYkY8MOMGVp/+GOX/tJm9H4wmlUsU8aOPu46FPAAMFA/9K +C/Rpt4JdV1VfAYSaF1XRUOjzfchBF1G7XK35AudZEwZNjWhBqmwfpAvBhJl8MmXF +uwEDe1+opK2lFJt0Y01Owr5Eh6GwZ12LexYamVEable3kqmRj+Zz+0sVpgk0yoCB +9ZBwqVkcGnsShYyCJGIMlRarRMfXBEOg9pFz4fkZ2ohOBBgRAgAGBQI247XyABIJ +EGvEd4BUrNJGB2VHUEcAAQF9YwCguRqebBzPbFnWXjOqn7ueBdjsDEAAn042F36T +AKQETj5I4YRTah9HfMeRmQGiBDunE88RBADJ7pHJpvdSqmL2oVUHWGiPxr//5+GA +1i+wRzXQK1NzANMY3Jopsp0euyiF3bCrv5BFXECbx+q5ci9ifgb0aKcR0Zk/ieBS +nUI829AXSTKCs8QXf792cIp1tH45b012m53J20Ttyn7A+gXeRRb/tBzhX1CU0AoG +uWLTWK0GcSM+YwCg60xV3gtAAUYUDQQf8pto4iasw0UD/2Svbe7Sl9hipq3Z/LBX +nN4/YdUDZw6D//Nsa12UESAjbrDARIT8w+zgBKNFYoKc9k7vvsFnIu4ISowgjKpo +GEAxiVZlWyYK6jPuFoD0L+4w9kP8kVIZZH+/3adEjRV36HR8Tjg93eRY9MwTH6ay +pXuerx4yA36TcGs/JNl42TMOA/4tb9FsnEi620lnAmGr6lRHmbZCeFDB3I7I0M9F +ayO0/wzJjHmKGqrPK8x5QyRrk9jc+EN5MfKWP5Uy6ZOp+mmKux071x2Ul+SdPgJ/ ++1YI91Ch/CrO/zf3Tee2SWOefupZZkJKYPz1dHHUDQ0mynlWJHgOLSaw41Yho3vO +oemU1LQiSGFycnkgSC4gKHRlc3Qga2V5KSA8aGhAQGRkb3JmLmRlPohgBBMRAgAg +BQI7pxPPBQkAAVGABQsHCgMEAxUDAgMWAgECHgECF4AACgkQf/Iwv51WPlYg/QCb +B3/W8gBLgzhAhEevTQJtfDdlnaQAnA4mjmgN4HdNTJHRM+eLaChSKTxGuQENBDun +E9gQBADtzp5/lES7jzbBVc+q6yFnpyW6cxmE3TX+5/ZABSF3xQCi/Jz7XZ3uMy+l +EHBwAAQzgHeIAiPbUEjx0619bUpcwxdsSS+bGxRcZGjdYrwfaIePk6DFxBjThwGf +UkYpxanQaLc6/OM4P6xlRU84UrjJDwjFLvtTQihieAesCCevywADBQP9HuyaJunf +cD0Pi2Q0QSu3B/8hvmJauYsZfOgC9xEWS/yVLlHuAdolT8d99bGOBuaQwt7Kr/BX +JiLXYrXxTvBWCRTFg9g303W7RlOF0cIHegUN9fdgGi3MMo86bhDK6ZQhUI01dDnx +BaIEXIT+MeVBseoHcl0Q4uZ+9wqkJRkuHq+ITAQYEQIADAUCO6cT2AUJAAFRgAAK +CRB/8jC/nVY+VjuDAJ0QtU4XC3frnCt7jNDr2qi+CAdeBgCcDbwQ5jxDq17hEv8R +Yrg2uWkc28iYiwQ7pxPZAQP/Z7JX/e7utktjH8j7Q7WkbcnaAff7PCkJWGpHE1mo +1UnqCl6kssgTZli9RJZMdKtJpvTqBLxUS41QRz5+MQjtjOb2UIJ8VPEiXB61bCZx +WLtX0kLGvi0R6k6Il9y2O7ymiif+aPYE2FqW7F/2Q5EulMbkWtQUaBWGXQkvANv0 +EhkABRG0JkhhcnJ5IEEuIChSU0EgdGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+iLkE +EwEBACMFAjunE9kCGw8FCQACowAFCwcKAwQDFQMCAxYCAQIeAQIXgAAKCRCenBCg +zthU/wHfA/9PWfdy0flvORRc6/s7z4ZKdKCfTFXJ7jnHhMzYU+7j8mn/WWLYMh3Y +zJ0TDD6mWZz/H8KMq5EqAf7w8vzPbfR9kRxm3VNBJRUXaklsDJBls6QNXMTMOULq +s5xy6x4+lbDpENo6RpmN8gUMCQWxdfXhqt1eYyS1tC88p/RzN+06EZkBoQQ7qKLe +EQQA2u7cgrIxZf9s7zUK/6/hh/2gn9dsJcbJlRNXLPxnZDuJ72YMwdJuUSj37ExH +9fDqeMGYesuK0CRwlBcVZBuzGzw9nf2lGstZ1O7wqLerxvPb5FDLbnm2WN7VzUH8 +Fa7fJaPOw5wfxgNHSj0tEkM239PB4WocOBFEAxFiN7r3/+MAoKJmzdJ/HKVFT2qA +zGZMiVlznfOfA/sGM5pCGx5PedXbDNcDi0L+2rYQ8A+2B4v7N+Fda1qGVZrk9lNx +GYi7rGCeXP24LEbvfgN2Oqw5od1y+XfYKadiRLFoCTCOFO/fwLcs44sIDt4cN0Ll +qKIflQdde6jPEsPV8hYZZkg9KI8YLZ64dmFuDsP2AfclOIi78D+Imgrh/AP3SKhP +MTm25AItzW8g3sIui02Epy0JB71EIQbjASVHwSxyjb3dvP2ObnUuOKkL8/KBENcw +JqNP8vpB1sX8Yd3hR0IjC+DEt+bKzwYrAlzqSRqCdHSfHOMvWvbK83oOmSRm08KB +UEGW2gCMXHIkbrOzb5wjhKciiRG2tJcYclUwn7QiSGFycnkgSC4gKHRlc3Qga2V5 +KSA8aGhAQGRkb3JmLmRlPohgBBMRAgAgBQI7qKLeBQkAAVGABQsHCgMEAxUDAgMW +AgECHgECF4AACgkQQjc2NGP7UxG5sQCePWDnb3MYe7QjwFT3C1hMWEvgXrIAn0EI +UNaloyri8vclg3xikvuUJbKpuQENBDuoougQBACh6YePGIeo3sz5tU29hfVDn4Cw +BCh128L+Rd5852HN/3Iwhy1yTSEqpavmX5UTLvJaVFn9h0C81RWF7Q1qAa7o5TpX +WMtSFijr72DwUSFa23uq+LZ5JUTf9g2PA1VkkhaL7TYVrclBm4pfsAwEKA21kF4Y +536+Mzr/oCSIzGG81wADBQP/d1frnzRuI6pujq3DMH+hNRh9KQZckjsLtTukKy18 +f2JSvnDEKj8sv6GelI/DKlBSCRAW0MHu28rmx5WCmyRum7OHnDlIIAE19wZ28ux8 +Af8Y0COhAqYY8Zqxqrb23sBvCxkmTYZn68eOC9IC6PG6e+4/KQGgnNbMkvBzbnv9 +ytSISwQYEQIADAUCO6ii6AUJAAFRgAAKCRBCNzY0Y/tTEW9ZAJ0XMOG6SmjO8MlK +DiuKybmrPoDnzACWLKDApr6MxgHnkyRO5PAFpvaS2ZiLBDuooukBA/9r69N1QdSQ +M40Ic4n2Nrnh8ntF/wXI7UhVoTeoyEMxx50R/KEmjTKdHeNoL8TaeWsqRLO9khTu +FufNA7MWzXbUiYWguoZ6Z3AIPMgLGSKNyMe7+9/GJIeMzgf+ES8JmSc5toBvrKIk +AAE0zgb5w9CCbplNOqQkVB0AydHWh7MK0QAFEbQmSGFycnkgQS4gKFJTQSB0ZXN0 +IGtleSkgPGhoQEBkZG9yZi5kZT6IuQQTAQEAIwUCO6ii6QIbDwUJAAKjAAULBwoD +BAMVAwIDFgIBAh4BAheAAAoJEIOptNOKdysIOsQD/1YIs0R0vtkcYf5FSiNfz0UK +VRghJfbhwefKXjHT5d2gF8QXDqDvu+HH293Hvqw9AxBoY1ynFw5dncC5f5UgDnVM +Bz3S4ujIr+CL6DMjLAssRSIBp6+6mVBTsxLnrPR9CG1W8Er+qSTAoMnNGjp0cghX +095vZVy/YSCFFb2sGrZ6mQGiBDuzYioRBADJT2TyxVZwVJ3PSdpWUXVZpx1oGAkX +NpGIH3izKmO0PZfzXdUsbgrfA6bncFbP/MPuqDSB/oh9ZOKnGWDre2n8OQuVZ/Cx +DfTX3E05L8BKm/c/BTXikwKhivJaZduTYADcKrcapYCvW2VLsczSIs7HPxqoJI8C ++U4COr6YnHRaFwCg1sgnVPENxCusaBVsT0eQ/fFahqcD/RXQqxagvzbd6yRwKvTz +QliVrUzv04ivC0vD8pu2EaGyi8xgAONbgWhHFMYSQDiSnlvJuI6vZn5kIsRiKA1p +taAWzOaKE8klAcHiWVIddyCZqHDmBPvisSO0Vxpq7mhXAhtKbrByyaGp8s4einlG +8vUvz7WPQaN73PCNt/RD4Y9PA/4vZfnHVwhoRsDlkMbAjlHFy1fM23/pS9AMP23M +La+vgkgrFvg3Z0bCc3MirCs/xHsyRPPS1LJhamV5x2knV0PlHTAHoGaGPoapZyDs +YZDNkZRqjtnoHCfEya83rhxB7GJIsEKM8oSJ515kHYbQ50Pj67WIK9AWOZ4sMAer +fDQhjrQiSGFycnkgSC4gKHRlc3Qga2V5KSA8aGhAQGRkb3JmLmRlPohgBBMRAgAg +BQI7s2IqBQkAAVGABQsHCgMEAxUDAgMWAgECHgECF4AACgkQyECct8vKuumUcwCc +DNsPEKSgDH2bDiDyjoiSiAgl5WMAn2CmmieSzs+pqpEm1YA1baXgGSSVuQENBDuz +YjUQBACJygT7QnMtfDnFUnixXdXu/vOCqTbXvmysKnnI4OeDW9QxTr+ugf+f6ROy +kJFF75zq/53jgDD2cQkUjU2OWbrrqWF/aYHpYM21TDtIRfRe0llF1kSHPnYW2rjn +Y4/AeWvPjToevxursEn1J3Ijd6NentxE/FWhetTEHSWE784/NwAECwP/fpxILkyJ +UfPdNY5HqN4Aag1g0ZWjVfaWrebZDt0BIHJpQd8RvUtQnOzCOZ29KOQKS9LHOJOB +2EjysCKTwBDYK5ZonQUtmhdwNZeoLYlLrH1PQ9WuhddjT6dJWMl2yJ+zchmDRFaj +f+4AvrbYGnMbMdjCllnDcygSlzUt7KGcjuuITAQYEQIADAUCO7NiNQUJAAFRgAAK +CRDIQJy3y8q66b5jAJ9ROwHyPzvGq/vgztzs4972gMuDIQCfeQq3q4tW3qoWyC/T +OkvTSeUuzwSYiwQ7s2I3AQP/ZLwvhFPpbGgF04i7p6pLQxyZk7sgO32sOxe2kYbQ +K5cdqMiCJKAS5jFfu4wew29u9XYlDKc/dnIqHKbnFhyPC3+m7YSk3T1lpOy1evIM +zalaXQPZtJ+RuMRrQO6YD5pmkNeLHk2O5axpDUpk8VZ6t8kqsoKNEt7U4MGS8qWA +BWkABRO0JkhhcnJ5IEEuIChSU0EgdGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+iLkE +EwEBACMFAjuzYjcCGw8FCQACowAFCwcKAwQDFQMCAxYCAQIeAQIXgAAKCRCfk5C+ +NXBwN1wvA/4oc01t7KIltGdDyU3XYwzA9Sfma6RZhv3MedM0XxHnEW6L1lIhHM46 +KXDsORumgiUXPVbCT1N85Ay1gPZT5Oy7/ZraPEMm7FLza6BjYuOxmlRj0dnrHu/v +FmljrjGlYPzzNyoit6cxZOsbWlT/Gv6YJDLCT10UBGyh5GtlYft8cpkBogQ7tCnL +EQQA/fmXfM8N93cmPNBu6nAWQ5MOev//CfIr8R9hGRH3FV8bO758gFLkHX2Rf/uR +cyo8ZHeLw1cI0UfzC3A7TJr62MAoLBS2fn9wgAzd7KsnJFcKmpKVQqUX0EN0i+k4 +qnp1jyMCLNAVdTwVXuMTpBKEgYAI5xXNK6FnlmK4RAQ42M8AoKRDGHjijja3HLp/ ++4P8/hwHYd8RA/9GjrsMfy9xynS2o99o7LkIaE4skJ7OYeJVfuZ9G6F7Q7JRIoTd +d4OqHMeIvLIModiT0prmqRUdwEQS6Qi8HVwAsiUdNL9odleWOb380Ft6Qujn4zhs +uvyt7S5/ctU4JPpOCokih/2D0jHzSMO5RPBKq7wQjkU/C3XSm09vsWou6wP/aSdB +6Im2y47qiG9mHoUsCKl9CaJX6W+hl5Pto9OLW6QkYPofMs61hmzXKEZEl6Gbqhu+ +1rUd/35xahvh+hgjtRsW3XHcd7VrAPwkEruFgOM01q++sZg/4JXPDLVhAHYi7Xin +vBsKAvOXvMGqhgByvyM9VS6bcIF7kgkIvSuodYy0IkhhcnJ5IEguICh0ZXN0IGtl +eSkgPGhoQEBkZG9yZi5kZT6IYAQTEQIAIAUCO7QpywUJAAFRgAULBwoDBAMVAwID +FgIBAh4BAheAAAoJEAQMJpyCUltmKsIAoJ5uxGMJtPAAGEBFidTybQ44Lk/AAJ9p +h2WUiJFTUeNYbZa9YHcg1gk2+7kBDQQ7tCnREAQAvkwf0DiD1zbcqiBajDGZhDvE +0cb5BUbMcuJvSH0FBXopIIniYcmnfu5q393y8WPc/rVrJVHrAU2RyHTAoX8vI14H +vc4HUFDdnoj6Wk/xSiuYP8C4VN0NX3G+S+C4Pa1Er2s/m4X9PRz/YA0bMVynp7f9 +QM18aN++OpWV2jVBRd8AAwUD/3cuV7jHchUeZ7h6Upagzj7quky9o6o5lB///Pk9 +QZ5HEBQTCJDvmu13xCaaO9II4XFwjYntYbPOxOTJ1aEBKQubkUo0SIj8i5rhLTeD +kkHB5M/rO40gS/MFNMVWqFCvUIQk7yBkum+MFcJFSEz7OMpL3K5X93W9twllqtUZ +qjvuiEwEGBECAAwFAju0KdEFCQABUYAACgkQBAwmnIJSW2YNEwCfbPwQzlrLRCUu +JM2inVLcz/3jijIAoJWggcMT69FfppDw3sA2h2PtAdOAmIsEO7Qp0gEEAMuvaXje +qJDz2mAbPWARryInKsu+SJiOBsyNPdX2WIJTABcRh7FckP07IodeDPFGh4EgS/FE +lDZRsMlL5SWf6Fj80JUXuyrbLNmvv0qUlDNVw1uJoeYulIypU1ZbuGSq+sDVyYur +PDkXTlBfptMGII7Yuu+Q5Xk3CXymvDsQNbslAAURtCZIYXJyeSBBLiAoUlNBIHRl +c3Qga2V5KSA8aGhAQGRkb3JmLmRlPoi5BBMBAQAjBQI7tCnSAhsPBQkAAqMABQsH +CgMEAxUDAgMWAgECHgECF4AACgkQmwfivFMU1yHXHQP/ZZwHatqc12l6Pn9iawmU +mFru8jnOhMJAzCQ/H+gUldmN9qsSQV0pFj+fP7NkNXEPOvkO4DS+ME/mHcm7JxDC +4Z0MZbt4Xlkhffie0J6kwuiEuSoQ70lZQxbME3f+lBcNJTIhsTupJEsqqf3MaC+y +tvHu/CcE8UkT9DPSBES5Qn2ZAaIEO7Qs+REEALaiacuS+YqTQ9Xrl462vSA6Ahvo +hm6PUW8dg3kMOthEMVn0+fiQi7MvfDrgws51geKklPoHPwHKZs9/T7him2dcrHzN +suh7e8i6kVGSXyLPLJUCnhklzxDnBEEjnXUG1uZQz306L/wE9oX/b76Yt08gbkPa +33lYeep0bwvO4oBHAKCYAha4i/nB5MdV03XppOeOtp5UbwQAsCzn7IWSX6H9oYIN +nyYBKOp1BpnidmsR878tzRHdM06A2lBGqF9O+Jt7H7vlqogX24LRuE7yw9aUTWKx +iw/6UP+QEKHAR3RAbPv9Tg4rqyMDwHhzkebkc17VJyVSaLIEEo6TSkOl+tCqBvV1 +T5qq+z5lGzcaWqRYCkXEJu3Y32gEAKY2nu/lrMzBCHXRunNuMbhSkcIb8OplbWc4 +IDfrxw740iCsg5wh2GNzmEtPzwy3ay6sQhkGruV6pYpUii5Ms24e8ztSn85x7muL +i1EhdqpExKt547wXz8ShXShP2Fst6bVfsaGbFU5a3kX/7BEMzzRrcSd6g85aCGWx +a/Td6F8DtCJIYXJyeSBILiAodGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+iGAEExEC +ACAFAju0LPkFCQABUYAFCwcKAwQDFQMCAxYCAQIeAQIXgAAKCRAM8Ubp5JhAg8/T +AJ9PKJJLVr4KwCetNM2FWR+0Ldug/wCfbgPT1B7WtvQMztTsJom49sc1rGi5AQ0E +O7QtABAEAM1AVhC7V3EnU5XF7M7OPozDnk9fOgGpCh4HeD8Emuqh4TRVWSmCSA+Y +qWt5r1L4TpV4QQX+vUDHet2i/IieIFKOrowuwiONln+YGToxXSB8tOKKr4p0qJ/w +4ozijJZ6NVBmsGeXZIpu5LB2Ar4K3z3HZmwNSlDznVNwXJXNpfIXAAMHA/48d7y3 +W9y7jHD6QatVl68EelxV/x7BWHQF0JEltwHCKN65H5yV6IhUn84VNJazS5jVwYUv +bmbQu09Ndm7iKX/Gfwo5EyPxGzbLl/W5fA3vn1USXJFX2Tk7wALQ5SAZHHbrluIp +/660zvXn3E+466KchiRCdOfqFpCd3Rxgrv/hAohMBBgRAgAMBQI7tC0ABQkAAVGA +AAoJEAzxRunkmECDFXwAn0NXK//V3U3k1LNXeU0mz6GYmaPRAJ9eRstO6/n170QF +3Q7bkGNUvtPVdZiLBDu0LQEBA/933MLSz3/cCubVa6XR94o7mM8DSmT+Jl1wINBZ +iqgx+W7Z32Pe8ioU03+2r0kOW9Re11zjXX0+vkyCHulWdJpC1ipuKHx9tiA1RtfU +2uqq2B4jufbxLlb5Ix9H+4sKl0ZJGhyH+C+YrPa7umfJAv9Nybl98w/SCSCM1UZr +SiT/UwAFEbQmSGFycnkgQS4gKFJTQSB0ZXN0IGtleSkgPGhoQEBkZG9yZi5kZT6I +uQQTAQEAIwUCO7QtAQIbDwUJAAKjAAULBwoDBAMVAwIDFgIBAh4BAheAAAoJEGre +QqJ0A/WJWGwD/2r6jQvyWpIQsyK0BwR7yrvi36BqhCA7Mh1ZmnQbgZhrHIdTrFQC +5a3XxYA4l1/VYb6+aXPmRVfg6+VNAWXSh5UR8IS81No4mxSU8RqMHyjdGsrOHGus +n6ckZlXtJizsJsXZx+ue4sxne9zTtiUYwDFlTlANNPiwpnSGQQGEarKWmQGiBDu0 +L9kRBAD8/PiBfF/3DoGsadZWnzFmpmaBmuyWi7wG7UCWVfCWf9mrtYgF54/wuX+w +UvH0JOLhPeJkMunI9UwZDQiRAEQqxkVEN3EjAaxQ/+1ip3lPTi7k2xunLwei0QWb +/i2rkotviOzg/tZOFYWa2MiEhiMx0rSQBUHszS3vjHfc5TVa7wCgk9GBkr9m4L5V +OA+Pn/S4vttDRjMD/1CmsrzbOh+E8ViYqTDUHqdawzlAyjU8iCVmjwMwO+Zfohbs +qwQMN3DeDU7AykXTQgjn5pawttY9Hkg3Is8t41XlwHZCrM0EiygrK2xquMi/mSIB +5X0HS/LJkjCJegtF++OhM/VVPeWnI444b4fFk8Ndo5GyEdUS/Rz/C1+tvq/zA/9Y +sYdeqAb7StJfEDla25vx+hcE2bKX+Wy2+RtEUQV9VSWyh+Bgs5S8kN+HwFpdcXp+ +j3+W3iT+QjJxtnlmAq0ugJblLiCYKNcPr8eDBr6vTjHSsiWXGC21lJ8ewg2zqP9Z +vr2bF4pAPM/hhX0bDi8C/h0nUkFcRGWxuoVifo0TLrQiSGFycnkgSC4gKHRlc3Qg +a2V5KSA8aGhAQGRkb3JmLmRlPohgBBMRAgAgBQI7tC/ZBQkAAVGABQsHCgMEAxUD +AgMWAgECHgECF4AACgkQcBJ6QSqLCEBA4QCdHAGobRtfv+IDDFpbW4rUqm0zQawA +nRFFs5sBFUjq1/5zG74QHo0pY07auQENBDu0L94QBADW/R4I4DMQvkGlvP6jxWLz +6TgkPMAAfEyxIJoZYLJggau4XJYyElmUGVFVH36DPE0453yN7j3gBxVbOCZamUOI +NyehuBy8Gxom36Oegzvr/43TcNPTHZnVl9wJVCFmOsAR3L8A617lAguvUzlj4e7G +wV5yCwwlNtBGO27Lq/dISwADBgP+JB4l+2Bdx9wMs1zVDGQj0BERtyHmwSVzLn3B +G0pAM9wf6Me5/o633rOOQYl1mwmXXjUWZasmjegqWLUFPEkCyFMHR0CWWI9CdBOQ +ROBFb6jK9Oq2jYoGxTJ4kCtMGo3z/pNsAGdNtgj5s0AgUIoQHw+L7u6XF8De/Sww +56eyuKOITAQYEQIADAUCO7Qv3gUJAAFRgAAKCRBwEnpBKosIQNT/AJ9z794Z40YO +apyZWN3NyQPI1zM0vwCfZIkY3c9J7WVXDqO+FlXWrb9L722YiwQ7tC/gAQP/U1mk +j+I4eBCICqWjFBqJe84v1fmFu1c9sUw3wnVL7vxxHEEq1xvPgdfPlXQ6tMpcbtpe +7nbWGuU554CMEWF/ZK99iY+Ln+zpG1CW/br6YtQWCm1fLww1WJoANloUimZs9B9p +FtjVGNWDyRI8q3flw5rcOo7aCM1+BtNQhNM5RC8ABRO0JkhhcnJ5IEEuIChSU0Eg +dGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+iLkEEwEBACMFAju0L+ACGw8FCQACowAF +CwcKAwQDFQMCAxYCAQIeAQIXgAAKCRBHrPEvKhKYmd/XA/4uJqeH2WLMAtbxuARZ +TsDwrof1adVKpVgn/KKFle/yId4co0DmeFS6a/HbHPYVtlQ2TWWASVu6geNobua3 +6MnG9vHs2W4YmQGTSO8T3MXP4sOp9oinwtvcgZW+XGfCX4PAZDoxHUwN/UVwGkiU +wRjlQVX31vkPxZDR2UBoHjBYDg== +=XVtd +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/openpgp/pubring.pkr.asc b/tests/openpgp/pubring.pkr.asc new file mode 100644 index 000000000..e8eaabb93 --- /dev/null +++ b/tests/openpgp/pubring.pkr.asc @@ -0,0 +1,28 @@ +This is a test pubring generated by pgp 5 beta + +Type Bits KeyID Created Expires Algorithm Use +sec+ 768 439F02CA 1998-03-17 ---------- DSS Sign and Encrypt +sub 768 CB879DE9 1998-03-17 ---------- Diffie-Hellman +uid pgp5 test <pgp5@dev.null> + + +-----BEGIN PGP ARMORED FILE----- +Version: GNUPG v0.2.13a (Linux) +Comment: This is an alpha version! +Comment: Use "gpgm --dearmor" for unpacking + +mQFCBDUOrE4RAwDbbxWAbWsheUJprK6VryMTpwDiYwMfL+92nrHqSfPqlpMWgDTia8qnpRSXbyEm +Sppp/6/Ygp+N3n32Kznq7PjHXiuWLlZGvZMtzmvaMA17y0GY6oLBxS7rhASXIKa9hEUAoP+KBFly +qNMdsK8j+ZO0A8rnImGrAwC1ddDme5iZFkTEWHhrtU97sEu2GDkSQB8HdX8CoRcrOz/B2WliF6qf +BKhcZPFVBIhKNzjTfY7SEYAZk2zcsCm8elnwSLaGEzxKFNFBqKDNXP+a35spcqsHSGzDVw4VuKMD +AJNnAP6skpHlhVAmecLZT9eRzVoOq1ivUIntK2Mh47qsL74q6BBwz2sviPU2Y3pDlbb6Ed0qJAXv +dCT24hlfoGoXzkoDInkPJTJeL0gCnwmQPjvXFFd71Cvg5LaL4lIQLbABh7QZcGdwNSB0ZXN0IDxw +Z3A1QGRldi5udWxsPrABA4kASwQQEQIACwUCNQ6sTgQLAwECAAoJENY0E25DnwLKxIoAoPSyM/Mw +BogpyMU5YY+Sj74k3UIfAJ0RopQa8ciickDVzoSVPrGysrnOkLABZ7kAzQQ1DqxWEAMA/wVrlNsP +qTxWZbUiMrUN8MjTFR2xUhuTw3cdvRgiVPUT/q1l1+I3CpopVBx/XuAkg5sHB80zc6pZg652YFV3 +dLoTceS7ridb5k23sHa2hZGCeTo6AdxIOy53giCPDP9FAAICAv9Oh5/OVxUqI+6hsp9ccOEhRA9N +8aJzYDPjvCQyhgej2P1kTsBZqWIx0/PiMvIt+qqhT2YfyD68mHIBztScAXZKTnjroUPKl0+bkX09 +NbdyqojAkzhaCRKUzwnaHEfhi2WwAYeJAD8DBRg1DqxW1jQTbkOfAsoRAnaPAJ0Z/k6Y2ypgDhXo +qBLeW7Lq/AKYEACeLTod6Nt117DkqDz9epmIqwWOE1ewAWc= +=6BrN +-----END PGP ARMORED FILE----- diff --git a/tests/openpgp/seat.test b/tests/openpgp/seat.test new file mode 100755 index 000000000..72ab27f41 --- /dev/null +++ b/tests/openpgp/seat.test @@ -0,0 +1,11 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +for i in $plain_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust -seat \ + -r two -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/secdemo.asc b/tests/openpgp/secdemo.asc new file mode 100644 index 000000000..343453c45 --- /dev/null +++ b/tests/openpgp/secdemo.asc @@ -0,0 +1,737 @@ +26 demo keys (passphrase is "abc"): + +sec 1024D/68697734 1999-03-08 Alpha Test (demo key) <alpha@example.net> +uid Alice (demo key) +uid Alfa Test (demo key) <alfa@example.net> +ssb 1024g/46A871F8 1999-03-08 +sec 1024D/1AFDAB6C 1999-03-08 Charlie Test (demo key) <charlie@example.net> +ssb 1024g/BC43DA60 1999-03-08 +sec 1024D/FAEF6D1B 1999-03-08 Echo Test (demo key) <echo@example.net> +uid Eve (demo key) +uid Echelon (demo key) +ssb 1024g/7272144D 1999-03-08 +sec 1024D/8FC282E6 1999-03-08 Golf Test (demo key) <golf@example.net> +ssb 1024g/9DCAD354 1999-03-08 +sec 1024D/04259677 1999-03-08 India Test (demo key) <india@example.net> +ssb 1024g/61F76C73 1999-03-08 +sec 1024D/43C2D0C7 1999-03-08 Kilo Test (demo key) <kilo@example.net> +ssb 1024g/9AF64D02 1999-03-08 +sec 1024D/A9E3B0B2 1999-03-08 Bravo Test (demo key) <bravo@example.net> +uid Bob (demo key) +ssb 1024g/E29BA37F 1999-03-08 +sec 1024D/EB9DC9E6 1999-03-08 Delta Test (demo key) <delta@example.net> +ssb 1024g/B0C45424 1999-03-08 +sec 1024D/7372E243 1999-03-08 Foxtrot Test (demo key) <foxtrot@example.net> +ssb 1024g/EE45198E 1999-03-08 +sec 1024D/34C6E3F1 1999-03-08 Hotel Test (demo key) <hotel@example.net> +ssb 1024g/D622AD0A 1999-03-08 +sec 1024D/D2699313 1999-03-08 Juliet Test (demo key) <juliet@example.net> +ssb 1024g/35F8F136 1999-03-08 +sec 1024D/B79103F8 1999-03-08 Lima Test (demo key) <lima@example.net> +ssb 1024g/FE56350C 1999-03-08 +sec 1024D/BE5CF886 1999-03-08 Mike Test (demo key) <mike@example.net> +uid Mallory (demo key) +ssb 1024g/4F31EAE8 1999-03-08 +sec 1024D/30CEC684 1999-03-08 November Test (demo key) <november@example.net> +ssb 1024g/8B70E472 1999-03-08 +sec 1024D/6D9732AC 1999-03-08 Oscar Test (demo key) <oscar@example.net> +ssb 1024g/2681619F 1999-03-08 +sec 1024D/3FF13206 1999-03-08 Papa test (demo key) <papa@example.net> +ssb 1024g/63330D9C 1999-03-08 +sec 1024D/3C661C84 1999-03-08 Quebec Test (demo key) <quebec@example.net> +ssb 1024g/A029ACF4 1999-03-08 +sec 1024D/777FBED3 1999-03-08 Romeo Test (demo key) <romeo@example.net> +ssb 1024g/11D102EA 1999-03-08 +sec 1024D/A3AE3EA1 1999-03-08 Sierra Test (demo key) <sierra@example.net> +ssb 1024g/0F1B50B4 1999-03-08 +sec 1024D/85A81F38 1999-03-08 Tango Test (demo key) <tango@example.net> +ssb 1024g/101C0402 1999-03-08 +sec 1024D/653244D6 1999-03-08 Uniform Test (demo key) <uniform@example.net> +ssb 1024g/5522BDB9 1999-03-08 +sec 1024D/61F04784 1999-03-08 Victor Test (demo key) <victor@example.org> +ssb 1024g/07287134 1999-03-08 +sec 1024D/EC67DBDE 1999-03-08 Whisky Test (demo key) <whisky@example.net> +ssb 1024g/FD6E27F6 1999-03-08 +sec 1024D/567FB34A 1999-03-08 XRay Test (demo key) <xray@example.net> +ssb 1024g/41E408BE 1999-03-08 +sec 1024D/4B11B25F 1999-03-08 Yankee Test (demo key) <yankee@example.net> +ssb 1024g/F7B080AD 1999-03-08 +sec 1024D/54ACD246 1999-03-08 Zulu Test (demo key) <zulu@example.net> +ssb 1024g/A172C881 1999-03-08 + +-----BEGIN PGP PRIVATE KEY BLOCK----- +Version: GnuPG v0.9.3 (GNU/Linux) +Comment: For info see http://www.gnupg.org + +lQHOBDbjjp4RBAC2ZbFDX0wmJI8yLDYQdIiZeAuHLmfyHsqXaLGUMZtWiAvn/hNp +ctwahmzKm5oXinHUvUkLOQ0s8rOlu15nhw4azc30rTP1LsIkn5zORNnFdgYC6RKy +hOeim/63+/yGtdnTm49lVfaCqwsEmBCEkXaeWDGq+ie1b89J89T6n/JquwCgoQkj +VeVGG+B/SzJ6+yifdHWQVkcD/RXDyLXX4+WHGP2aet51XlKojWGwsZmc9LPPYhwU +/RcUO7ce1QQb0XFlUVFBhY0JQpM/ty/kNi+aGWFzigbQ+HAWZkUvA8+VIAVneN+p ++SHhGIyLTXKpAYTq46AwvllZ5Cpvf02Cp/+W1aVyA0qnBWMyeIxXmR9HOi6lxxn5 +cjajA/9VZufOXWqCXkBvz4Oy3Q5FbjQQ0/+ty8rDn8OTaiPi41FyUnEi6LO+qyBS +09FjnZj++PkcRcXW99SNxmEJRY7MuNHt5wIvEH2jNEOJ9lszzZFBDbuwsjXHK35+ +lPbGEy69xCP26iEafysKKbRXJhE1C+tk8SnK+Gm62sivmK/5av8EAQNuYiCeVh4Q +pF3i4v6LDa82cNBI92zOHLJAu1nbeJ6bl86f/lrm6DuH/SYjOkRTQV9mYWN0b3I6 +AACvUW2sEdiVCzqYu9QdI92LJQd2HLYgKf0mIzpEU0FfZmFjdG9yOgAAr3LeP6n0 +SUaQqSNKJPx1Wes66+3KH0n9JiM6RFNBX2ZhY3RvcjoAAK9/tmRCQsDGIXRnEJZM +rvRjIUE4qvtztClBbHBoYSBUZXN0IChkZW1vIGtleSkgPGFscGhhQGV4YW1wbGUu +bmV0PohVBBMRAgAVBQI2446eAwsKAwMVAwIDFgIBAheAAAoJEC1yfMdoaXc0OXgA +niui4cH4ukKQ2LkLn2McRrWRsA3MAKCZ122s1KPXI/JMLBTBGCE9SiYQJLQQQWxp +Y2UgKGRlbW8ga2V5KYhVBBMRAgAVBQI247arAwsKAwMVAwIDFgIBAheAAAoJEC1y +fMdoaXc0J4wAn0x5RWtqCjklzo93B143k4zBvLftAKCFbrlxlNCUPVsGUir9Azxv +P0A3gbQnQWxmYSBUZXN0IChkZW1vIGtleSkgPGFsZmFAZXhhbXBsZS5uZXQ+iFUE +ExECABUFAjbjuFgDCwoDAxUDAgMWAgECF4AACgkQLXJ8x2hpdzS3wgCgk/BrqP5W +blWLc2+6jwlmuLg8n8MAn12puZol0HwV0mcd8aHWtcrfL8lynQGlBDbjjw8QBACc +jdcfV/S7I319mfDvbOwczDvTqDsRbb2cPhQNAbg7NFlWJKtRrmff14jtCt9M77WZ +5W+zTLwX8+8Wy3mMfrys8ucZKtfPixOXVPhyinUUGSq68IArA8vLSUTuOO0LIi05 +LAg6jzGhN9jgkQReZyqxub4oe/3JhIX9grgJ/tsjNwADBwP9GeXmMrGi5wMD3qkP +bzb1MqwsVBJq75eLLxu85JIN2XIAGw6Q0FJp4o7d4BAQqAMzt3ONU1OcCWlDQRDx +j1nynE5ZgRBiVoyudEELgNnYhp3MSEuUg7PkFWn+N+GuvyhVUHApleyvP09kvP57 +hif6yJRS+V6L1ugP0vZmBI4dqQ//BAEDbmIgnlYeEKRd4uL+iw2vNnOO9Y3cRSEx +yy8unuzNvx5GFG6KNtxoFCDzMMzUa0EDH1x/QJA3CgqMpS282nLdk/5O+AphiEVe +Gv8+c6pL/t7falIfSgKZ0j2nvCKH12SobwiNflTGJB+jLnnesjqYJD7h0SVLjToP +/vtKPYlXOU1ZpKzDwP5YcQQuRhF9Tj8SUxScIIhGBBgRAgAGBQI2448PAAoJEC1y +fMdoaXc0IKkAoJ/NQGlvFv5clcDIf1AXjLlTFG9uAJ9rs8IOzHfNWuUSNxdhRvO+ +O7fYF5UBzgQ245BnEQQAvwwkLp4Dtoie4/fvandnK4wVPCvgJkIbNuyQZCarQGwv +8RapBwbANT4vGW+ky2vzgptj21xYjOcdNMIhJ1Sjc7hjs1PLhwepMFrS4/Ple1Tl +jpEgxLZ5UxertMvSTr7OxsA76jjOQt0B+y2vs5zXgLtedux4+pdFxkgM8r6fjZMA +oJ5LVNdVRaSkiHaKZWQWsjfTs0/LA/wMHP/PdH4kjFmDRqOPp+iB8YYwQTPZS/gw +HtUbQhLcFEljaxrCMRZw0ZDMbzKWk+BrrBvgz4Wk3XawwUshYgi8SgwWIDG0jusE +PYOs1hBIdWTEzFVP2pK/NQzhAqJV5/390OLEY8SN4bts/LY1XsADzU7lhE0Oohx6 +FanaZCuGgAQAn2zK53yuk7o8UrPdTHygVn2McsPYYzOvlVfHCSXQ14oXjCs1nK1X +nMIGGM7pJjYpzv/wUZkHLNcHX4uVHXxyzRQ4oMPekncmaR8fu/YIQ9zag5s2GpKE +SKAynGQCKwI4H5eYn+ryIgOHNS44UnXFUwbEsonP5pJNNRIM7VimNGn/BAEDIkls +jKh5E70pJ77zKAq/uP+EnBQq0tCcyqQgQiG1n28iMQy45N5zv/0mIzpEU0FfZmFj +dG9yOgAAr2cvUYCyL3NVUcfw3gGkK+A8ZyTfoBH9JiM6RFNBX2ZhY3RvcjoAAK9H +YClNyCyakk4UDrW4qn8YgsdvZcxN/SYjOkRTQV9mYWN0b3I6AACvZ5Ed3zcwNvmF +Ptb2h6OhMGgwrNan67QtQ2hhcmxpZSBUZXN0IChkZW1vIGtleSkgPGNoYXJsaWVA +ZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjkGcDCwoDAxUDAgMWAgECF4AACgkQQT9K +8xr9q2w+RACghpiwPnn7F3HJsm9VXM8SwBjWThIAnjHZulQw9Tee9XDT5STui+ZG ++WN3nQGlBDbjkIIQBAChY8NSvu6sK0p4D0AVBsRz8iVXYqbRlRTZAHS4LCXwx/i8 +FmfdIXnaNLOoyi44YruSCnlZdh4YWquCx2mgywG589AzcFhahmqElNbKb7m4F//E +GIZK0zTgW13tQwG9hTXOhYeqchnOOaDDwPEK1Gr+2o/5ANqhqrin0TFFBWLgdwAD +BwP/R009s61X/FkUUAh8w4Tua6qndN/2GsqXsyPYjdF5E3gErK8jDcDLniOHqksw +V17bJG81czCRE5JcVFLLWQJg9cpeoTpP+YcF+m9whtswaOJ/LPrx888i/OmluSD8 +1VP+6zBhhTUbpazfLEdt3XczpW7CNdNbyiEcgT+6Cr+W2Gb/BAEDIklsjKh5E70p +J77zKAq/uPsbfaq2h50JWrb/wQiufxaUrYRvo5FjMBLnoUE+L/yG/Hp2ZRZuA5Ez +BpZ3ON5LaFadahL98oQe/W3IXFZwxyYfGCtVrV16zx6cFTJQK/iIqp3TNp/fA6TR +E3syS1FQZIZMiFLvgSy4Tsu4vAadP290Tc62LP9ivC3PiIxt3aqW2l/NLohGBBgR +AgAGBQI245CCAAoJEEE/SvMa/atsta0An3ZMmv9EVWVwEvf/Rwf7nbFsgGhuAJ0b +P+lAOCRSYziWSIDf+BJ9F19H3ZUBzgQ245HNEQQAis7GTDqtEM6luop6eWsxFi9+ +qhUVp9N6S+xlbwzQZVA4FjCqf1VR9JX8fwjLecmxT5xThQVcRqgeFVaCyky2Nge/ +FcFMPZQeaP5jv5GRWc5PvH9Sw8pvGOTB56V4ZeR4cQLDBm5CF5tKu1BCWWq2MLHf +ct7TXe6QCzZKcjzdw8sAoN9VvrKN+EbQC+THzdWaUWpdcfWnBACFWEyLVPTpI1jN +soCZ00F8Fau/2baXk8mdROlJZS6bq54ksfOQQzReBWce35h0W7NeBRp+yeoSf7Y3 +i0jTO4mrOiL/0NCcS8qKNnGKG1irdLes3pQhDZpcUe2G9W3FnGhxl6W5hpYc9550 +mUj2H3I5tmfSYsVcVjpNSIdBizxE2AP/SI1t6q7LHMQp0h3MPQ2z7daMhUGViXnV +l2+rKjb5T7bvSFdV0iyyuyoqvUPBGWwJFLAxj6esHRlQ6W8togHuoJCR7cL2bK79 +8mgYOExk5gBexq1VHQQZN1edK4LGo2ESKrCVtkYwBzAU76hYFKAbKMU8dMxI7DRd +LjZ3vdQ3FNr/BAED+xylaHWcBOTZBCd4ui6NIsLkQLv5uFW66tWYKvc2APAe8oKx +h5YMp/0mIzpEU0FfZmFjdG9yOgAAr0tuCtmJhCp9PoSOTFA2ssaMB7jl+5H9JiM6 +RFNBX2ZhY3RvcjoAAK9Ilc3l2agIgR5iIQnvOgyYUe4duz+d/SYjOkRTQV9mYWN0 +b3I6AACvfQ0dS/51Esd9E/rbG/m1C3qIenSthbQnRWNobyBUZXN0IChkZW1vIGtl +eSkgPGVjaG9AZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjpH8DCwoDAxUDAgMWAgEC +F4AACgkQMYwfrvrvbRtnAwCgs2haIgJu/UEpmCEnojO1zCoaBwwAmgPAlNY/PttA +u6zYqTh2M9yn1DIXtA5FdmUgKGRlbW8ga2V5KYhVBBMRAgAVBQI247gAAwsKAwMV +AwIDFgIBAheAAAoJEDGMH676720bIN0AnjjH9IN8523PCAYk6yD1IFM/ad1qAKCe +nkWU2ZO8/oU8seCQ3HkXkG2JRrQSRWNoZWxvbiAoZGVtbyBrZXkpiFUEExECABUF +AjbjuB8DCwoDAxUDAgMWAgECF4AACgkQMYwfrvrvbRtepgCeOpUG5rVkWVJXULae +GZzqbT+2SbUAn3HmDGXzAJ6lCiYh5NrTIb8A7wIdnQGlBDbjkf8QBAC0pe0mjRH/ +JmKL3mubSTRMKGcd77+l8psl4GtcA6iqNj3g650Q2xxgW+Qb1iL9SeiIJP8KuEfj +6vfPVKZHKkRAfsjnpbhN8zz7WQa2y8kkmqojHoGIh5wAD3NE6ox+1D2WvnySmU1J +OuAQlEDfRC5C9hSrQBkO0TUCWL2wquDv1wADBQQAl3TuGt2SCuYSXo4R2dNZpB2u +kqqHOj7nnTQu7ZVoi1OtgZYxor/w783GzLJ75PfdQMSd6T+Gbyq+QgpaiBvlmWtc +5rcF3ZgnxiW9n2zUlQ+M6denubJT6/Aqfn7yL9v0sr8K7kTrPqAM0lb6DAMwBkpN +8o+Z0+aIpG5/jOtnwuT/BAED+xylaHWcBOTZBCd4ui6NIsGHGb+xn5M8RwQblStX +KFu07GugiONqnqNgB+sywt1otn4dFUWo/4FzJzvEtBQ6EjchWAVKoVYj5H7ExOP4 +BKNDNb9JfOzu9ItHk8TvQ5X7HoV/r9eM0i6MRzNOlvchB1P3Hjw4a2Pj6TwpEBGZ +uuYqe14UAGPlUjHSn+LuhtGpE06zuYhGBBgRAgAGBQI245H/AAoJEDGMH676720b +j5AAn2T9b/n1T2CTa+Q5oGKLAsBIcgeGAJ9kC4ETWfY8itary77dKmyVJetgl5UB +zgQ245LREQQAubUOd0B7cFzJHF5vo5NwiMZ1JXPjyNqL2OWE/XfaeJiB55oMmVEP +mK1JF69wU7ZBpo1l4PEIWcP7WRMqvBEFl+8LnelRkSW95kwFr3D8TRnarZy3kfiB +F1t33dnkVTaZYxCDKOBdZ/ZiRvLa6gZ/KHhITfzaS7h36G2MbAlGlj8AoKQPFsEP +jByKYdx72m5/2Ju/4d4jA/oCNAKaJH7N8Y3HLis1ShhpytJP1yC9GJjtec3ugzYS +C7RKV3NJcBeCX4om3KhiDSN6YYVICf4wdqz6TAocoqPzR2t7Fz6+upxIgh5WGnnC +s2e7uO1eXUCSXONfiDEDzRKGTQjkdvwFo+880DkiGln/qmRrcILA568dwNnOrBio +5QP/dbkpUBhqGDr2LchpkoYyQlqzbvUpXJ1xlfZim1jfrmdfsk83dE3iBzvmT8By +IZcMoqDEHil95LmJp3qw1yVeApP/ZWR+0XiBLEF9GhcAOc5ihH2ACSXLWiRXpyMm +K2/erTvTX3QkAcqoQ1cFWCwNNCrlgycB84Hdm5GXdajp7cD/BAEDMzjCY4kr/Q3j +hyianLh3vPRtiNtOM1BAXVlyCFrMAWM4wvd1NvQzOv0mIzpEU0FfZmFjdG9yOgAA +r2YMtXCKQcwejpJAvOyUDQkN7pMthHn9JiM6RFNBX2ZhY3RvcjoAAK9Jr4qS3ZZl +PdL7YV1+Phgvnly8701B/SYjOkRTQV9mYWN0b3I6AACvUexSWiUCxWbF+aprVRlc +r9OTu8iDIbQnR29sZiBUZXN0IChkZW1vIGtleSkgPGdvbGZAZXhhbXBsZS5uZXQ+ +iFUEExECABUFAjbjktEDCwoDAxUDAgMWAgECF4AACgkQFoQQpI/CguYi4wCgmXVE +CJyjkfpJJBTdGzCjhUq4N/sAn3Cguw1R4rX0391e1pAUuyM4OsFnnQGlBDbjkvwQ +BAC2wan9ScDXLgCqN7CWSRM5B68vC3PCbemYsuOXZjdN8afw2LSHxZ3buRXfYxRn +JNo1pm4PGkMQ7ZpQikZZVCZa+WoIVXYXRnYAjxHhvHW0LaQPvnyFS9H5LaGf2Urs +TWVA+695zYsSaX669XFb9WbiIMGB4yUiXPvQwUL0tSd+kwADBQP8C3sKWjsPh02T +jcEy+FDxWAn4g3LfsOPw8dfawJln+0h9LA0hTebbKBJWt5OUMqjjTq/pCZ5+z+b1 +0f2WwET/xAvjQSTdJjrFX9DNNU3jhCCelEpal9oxsbNYlVd5zOU2RN4hlmj+eEOb +5oy5wy797sQpsbrgGetCTsvPotIpvbH/BAEDMzjCY4kr/Q3jhyianLh3vPDNvR6M +j3Bba3JZVQTKkPeSB3XBJgQ8ssznZMvxlNdGPl6SOlpBYPcmUuo2u69fS+LUzqxM +0unjLC/WRRPWr5QCyg3kJFXpZ5DcsdXUPikfaRD4XWuVPTStcu7NC3YRt+QN0y4m +dadZMjSAwMyHg/oqZHF6HoK/TA5ZTVHNlabj+zNpyYhGBBgRAgAGBQI245L9AAoJ +EBaEEKSPwoLmSuUAnRcjDyrjIbOCDkQfCrpPvbqiHoQMAKCYSE1DVqBk+RlVUp8R +uPmgvzIKC5UBzgQ245SxEQQAyG4mRUQZagjDgl0xAnaSbLCQ5wJqYq/snwCl+IbD +lXcoHqXQNO9QJrPKwKQAUv3Nvk7mqZWnfMPoskLOASrs6nkCv2Fo9Aw6smNizO6i +W7xXepwvxjho4hLnE00oGPCDhUnAU05LO2pTBoxwHVs0o6vtaaViXk0s6dOFCoVd +f9MAoLjiGlK/3DFWoUrqIiuE3aLfgkddBACrp1snJ1BtiGhmKjt7An6Qoc5LVnU4 +1J/REiQIyitUFAvPX+fiqzDyE3VD8qX/vvTLpgZCYvvEdBlSfM8IcCn1/Qh4aw9J +HzuvKQg8WclvnQ8zq/7RV9J7h/aS/KIhDJIpGhi6YfjfjdSKfLYYfr3S4TVK9xD0 +Za3AH7/lrTqW8gP/fpKWu8fJyJ9kqHyYrI/j4ykt5QKBj3tHjqCv7FQb4FY8txnN +3fLzBtva/tlkSKRsLobixjZUGF+uQR1dTCv042LxZ6aEUqrUytxqUc05pCSAvEZV +8bX2H/5+ulSwdxKEzs1h2NvSTAiZ54zzKGjHNmEitdAaPD/9u5xdAiqPFxH/BAED +CYhWuhxneJYv2ZhcXqW11qNlLO3tHf4QWPYOZ9bRChm0UzW5CRik8f0mIzpEU0Ff +ZmFjdG9yOgAAr2JqCOINgV2LqfCiK4s7X0mqwBz/uAX9JiM6RFNBX2ZhY3RvcjoA +AK9CmjU0rQ5lHrAdn3TtY6fEEyaU9UBx/SYjOkRTQV9mYWN0b3I6AACvdPZBZuBl +tFtFIRj0/+lL7Cm9daq3wbQpSW5kaWEgVGVzdCAoZGVtbyBrZXkpIDxpbmRpYUBl +eGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOUsQMLCgMDFQMCAxYCAQIXgAAKCRAf6Pxv +BCWWd1pYAJ4lvyDCV/l9oXkJOzNeGL3Df5u87gCfWm5F7YsIhi+PR7BVafFUBsWT +w+udAaUENuOVEhAEAIMMgk/e8lsV/KEkd4/jNK4yFj5iy/Faon800I3GUzETuQA2 +AT3getR+GuV4pbZWE/80b9hnNW50UJGiP1+SXfVtY5vT8p/gNFwn5d0O/pq3bpgF +RJmoawTzx8SFDwCVPHEcwOHE2j5LvfrvRBOyKU32tr976ri+Uowt0+92LuA7AAMF +A/0Yo9dDqhjR2UoNcYfEZwWhRHaaJenP3z3QbzjJkASb5H84xCTEpv0dqEtVTJUo +Io8Lh5VjbiCwok4QPLVSbQFeHqTKb7N96PjevkZ1Co6OrLCNOcPRvXxgCwSGbuuL +MkQJEutnXLu0DOKquY94KXXh79La7lTgjReE/1Wzbgc1+v8EAQMJiFa6HGd4li/Z +mFxepbXWoDrmIq/iTdsieZ9YRYA+rJ4OBtb2sjqV2L6WYNOqc2qDSj9QDIRJ8yiD +ysA/4Yiur+UNBqRtJQGroegDXG4+NHsudnVzGXaQsgEqAjZ9PZEtsrEf8D89NeZ0 +3yQFkAXQ3n+aCf69jmau/Yf2YAX7D8brkxgQp3PCUcOgGv8EPo9r+AeRiEYEGBEC +AAYFAjbjlRIACgkQH+j8bwQllncJeACaAqT6TL4N3gG2lLQNzV6gMd/p3dgAn2/2 +mEgFb3CkorWwdW++wf/YThe0lQHOBDbjlSURBACcp0BogujMnThXpn4UjBARj9oX +gQWskkhz657AXu6RmX/u5RmpLGqbNmNuqKDIwUbJslIxrpOnA3QEobkIl7ThH+ZU +IhGzPUnHlhd7M3dQWw1U0TfpHyXx3FYb7CCPabrSC7hWWh1ylUxz+RGJJSApR+D/ +GY+dF7dIllKUbaUGbwCg1z+vkNbzqibcwdYrwCjKG9VeFa8D/A5yPHqB9NMp+3Ol +AGE4XRTR8LeelALpu+MuNMGFCMLdZfmt/Amoyau51FsQ7WwWrNM5A+1v3Fq0x5Wp +Nw6Lr7HbN9d6zidN+L0uCrXPweET8ueS3DFnHI945epe703TbcjJBO/uYLn0LXEx +mTg846/1ZlQbPgLzmzb/2JMkJ+QzA/4xFbRL2YeaKyu4JjpMNUVzXYogUwg9KZZq +/qBbpsIAD7Agd+ZxLJHoweItXaC0nS9C6qDJZ95OJrE+h/Tt2D2lmxXseTVlSESa +Wh45x9mbC0eRGFYYRsSx3z0hYwMmXA0ntj0lndC8ru8HjZtBW/KF0VB0RcfSyW+W ++yAq0Jxo5v8EAQNzQpmchsGqHF94WG/VI+1oYlA4rI/KYT/DB+zHXBquIl2KZoUR +ebyb/SYjOkRTQV9mYWN0b3I6AACvUJB07mtW6/9i6mmuR9JtC7USM0AP//0mIzpE +U0FfZmFjdG9yOgAAr2EW7SJ8fPMvmLE8+Kb56tIqW9FrYAP9JiM6RFNBX2ZhY3Rv +cjoAAK9VpNLwU8ljMnpHbTNr6de2pplMjS3ztCdLaWxvIFRlc3QgKGRlbW8ga2V5 +KSA8a2lsb0BleGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOVJQMLCgMDFQMCAxYCAQIX +gAAKCRCtGw+tQ8LQx9USAJ4sELIj8IZxlvkwqmmEMXtm1kIhQgCfZEpMtTpkRbT+ +rEHMssei72JJi+OdAaUENuOVSBAEALmZYtP72G7OodR4RfR270RxTHj40PfUpPIf +3U8ezyO3kqjB12IdD2YIXIZW6zEj53psX8DGya5nSvVjdFofQSVHtsnB/H7VHBka +OQnREoInHs4helYOD0M/RZcbRIb65e6vEesuzvo9N0ACSlBsAXbeeNKGfGGCog74 +GVGcZ6HnAAMHA/9W9n2MwJ7lq0GV4V0EOHDVcTAVRSh0nB9uKBVW7hFi4DP7XYBf +gj8Nlbc22vMkkdSvNFUoLEH7Op9sMglXfiCPJSh02U/6XyAhXDyZRyrOIHviTZ9S +HMQQIqtEETVuYRkzvSnSfDBVq1p9gW6eZN9q6AM7gmoKInpRaODFRWU7Df8EAQNz +QpmchsGqHF94WG/VI+1oYTZm8S4dmnYvEY77B6haPMQN5nCjubqfHGGIMJxRRG/I +HzXq0tNi4fusoLILtVbUgta+94uzgnsrUJqZbfmwrId96U52nG82ZMhLpX41lZ/d +LZouCr/jMO0uvF+WYMjO04ffBfcnNkeQv0p7WDH0zZZjuJ0aoUwBM9xxU3lYTgzl +aZi8iEYEGBECAAYFAjbjlUgACgkQrRsPrUPC0MeO/QCeNYtFDXrr21NZlLu0OfAe +lPBM51AAoKglouZG0f49sm9tHg1Gc/nwjzzhlQHOBDbjouIRBACKncc4Ueec7dWa +VARy2SmNVufeSenYs4AsIPP0v59jEl7JI0rb+4JbIJoAzW/hcm26GS/UbbpQwig8 +/PgMUV5QfBST4CEOlf7/x2a4HKk9tDV4An7q2aNr1beW+twxfUGWWV5I0o1b/iKV +k/LiQRiaMr8pJXY266m6/2Pn9LmDtwCg+Iqfx8gsK2PZCWv87uEKAOLzHXsD/1eR +xLqCt1hT98gdDLykRTlI3kMq6EK3I+z/8pDIMDuPIJq1eM68YdFZr8s7i1ye1QpD +ltPYHgWnUC733ujAKANdyybm3HrA3TSBjEAhNfcu8nkrVorvASQUDCLJatWRWJTU +VrPH+GXIXMA/Oi6LDsgNDOJanwzzvDCCm8hWQqW9A/4xYAZ4NVFrQq8gtQPJWuMI +fSFSvpZWNgQgYZntiXSUGYOVs28T/87RoRx02tsVDw2PA8z68q/XRuM9NdetxbUX +QHB9eszFLi3W1idsXhd/C4SyiTgEFXG8Y8s94Eadgk1PAYHN6Gd3SY7jmevqYGVL +mBp7qfj5Y9XSM5SE0Th+fP8EAQNn55Peu081+nAbRC00SOkO5P3aJwu7AIvXN9Ng +rJdUW7TQmQK+cHyT/SYjOkRTQV9mYWN0b3I6AACvbK2QUpz29Yo72wl9Cy/TCjWc +O22z5f0mIzpEU0FfZmFjdG9yOgAAr3et3apzZ+S3o9ywcdaosE2TLfNzuX/9JiM6 +RFNBX2ZhY3RvcjoAAK9PHpBSB/T7wKTGFBngy9sOwtS7ZM3ptClCcmF2byBUZXN0 +IChkZW1vIGtleSkgPGJyYXZvQGV4YW1wbGUubmV0PohVBBMRAgAVBQI246LjAwsK +AwMVAwIDFgIBAheAAAoJEP4YCx2p47CybMcAnj/BlcF5gdhj8huiFijkgZZi/YgA +AKDxpmP4JCksz+UPKsQ8UbtuTPbpPbQOQm9iIChkZW1vIGtleSmIVQQTEQIAFQUC +NuO3OwMLCgMDFQMCAxYCAQIXgAAKCRD+GAsdqeOwshrhAKCK3IrzNqME6oA3RllO +rx87OCIRggCfVkR+Nf6N59lS5j7jMXOuk799fQ6dAaUENuOjBxAEAJVJ1fFRaXPz +UWOoeBHhvUS2aGZbz0Kamwd8qVLCVi8G1sH/LtMUh+8CvhkVum6p7Dom+2MgRmhe ++iVNbAdU8QWS4bQsBrTeiVpinMLpkEO4uRvT1G6QIPjN1jrHBsAxGw7NmC/n3stl +e04ssueY7JOmyNEMvO1ay42CWbmt985PAAMHA/9LJVm8UR0RWfn91BOnt4C1d2tt +kQzfv1y0InbrrdFtNl3nmUgF6/V9OcpCS8NNjZ7nzIhDgT43Ov32qD0LJ/p7c6ES +tNSoQE6G6wGB7j/sTkushUy+joAVT2qCfRKCye7/DDa3FXDdcSOovweCX7hD/nth +G8k576rb1h70svx5qP8EAQNn55Peu081+nAbRC00SOkO55yVYRTuqV1cyTx/djMo +oC9B9hYiXA8kcUn/RO3hztHVFGSYQWYNhOGBPe+FrUFfY6yjGeS9rlLKQ3oaGCr6 +pvZYdIBdzktW+TItDPYmRaaBTKrBw8jmccsn7xnEriVcgkSTTMd706I8cCIQh/iK +iM5pFZGPPghQPn6paS6L+ydP0ZNliEYEGBECAAYFAjbjowcACgkQ/hgLHanjsLIy +uQCdFkPnvUpYurVoPjhg1pw4UzuaVYwAnROb93OSUP9PZxf4XVJwHKU2PnCUlQHO +BDbjo4cRBADeZztXPNYwpoIf6BfqepImZqhVd2qXuZBJnEvwaFoAl7er42pXXLZh +WIu7/gWODfcyNxsUKgMbeQ+nWO2jdcZQtt+gmRAGl1F5LbxsP6aRw43W7PAkbmYg +PY5tY/dhgFGP5puoV9mhijpFcK/cjeg6wNgmjuEsCv8BF5FX4/p2swCgwmgcx88E +pJF3/EDrTk4/8Xr6Z88EAL99JWgnl0w2TNiP9T3c5mtVdcYs32ntJH82TiQQ0LR0 +A7zRY5ruojNZC9LsTht5K69AJakrDA/Fu5mr2xYoFJcW4b7rpeKUy/wYifeOhYY5 +T2NDYvaZnQJXZ6O8lGLFgAxCmnZEN4IRFahKs/gAmG86d6fCvuSrohSZvQ+Lsr06 +BACFT4tjfuL6MZ0VhsClxeBPny2AM10+bDDM5eOl5ODLN9Nxf+SRu5AdIojz2OqD +9Jd55WobpUXGzTI+0g23636IuJuH7VGCF92nFwkjdIDblRoqYPAsJRkMiC4FkRae +qF0DpgJacYSBnHdY3Yd7I+cvgkK7oBjzTiU/Zs5hZAeK8f8EAQNhroQ8vAawUbBJ +GAm7E5zNoXK3ly9yV45/SohVZDzODvOlo6LWymLq/SYjOkRTQV9mYWN0b3I6AACv +VTx87uYeuay/ZhQKJudCoAgGZGdML/0mIzpEU0FfZmFjdG9yOgAAr34g7RZNSO3G +bdz8PNLxVgFG9ZaKo7X9JiM6RFNBX2ZhY3RvcjoAAK9YCrkTYjGM3LHB50POLDFY +Z1O3Mu9jtClEZWx0YSBUZXN0IChkZW1vIGtleSkgPGRlbHRhQGV4YW1wbGUubmV0 +PohVBBMRAgAVBQI246OHAwsKAwMVAwIDFgIBAheAAAoJEOup8kDrncnmriYAoLZf +OyE8KQbqCKZA2lLbxnCXr2G1AKCnWAeL/6RLjuyT7ddG3qd+ggEnB50BpQQ246Oq +EAQAj7WdaOJjzJNs2G8rvrDZvD/uaALQ9PtdvYAp/Drp7xMH5T62+KKTlKdO3s8I +QBPiuFocJNir5st/nm8Xl+gcOZOvtr45c/cl54fGO1gOjBZOfgbkdBVK/LMwuQWI +ebK4qCZnAOlDLYNGVUguGLnEQBSfnhhkgh0WA0kqt7fYvpcAAwUD/3cOEqPlMdYe +LnGEG4wPxtyVIchwGOv0YRW5apbz2fdO7otj1AFUN5WzFw0A5+WHza1OIUhg50Zc +o6HnwKx6F+LbZ5aOc37EAvaFgPuMxBfkaWYagCof3jBF0CbTWUXV/D5/dFmIeuGT +uUMNsGVH+OSMW2hBN/7+aJK5LLHL+hzp/wQBA2GuhDy8BrBRsEkYCbsTnM2iEIZ+ +jDx69i6vtiK2mS5+ud0+9/XEd1foHMXoByohTsJeUvbwXvAu7FvDdfroq3XGvSjZ ++czTMIekzBbYRxC+pPYENNuBn/e6LTKQD4oVW+uQYcPax5AvZeR5tm9RPxuQ1EYN +AmHR2OEtmE4zSbqGtrnsp/a097bTCnmxH6PsQ19HSseIRgQYEQIABgUCNuOjqgAK +CRDrqfJA653J5nNNAJ9Se4OBQyISgG6RMM2e6+frY01H+wCeJmn1SGKVrWnZeIBE +j+jR5OSAMDCVAc4ENuOlJhEEAN1bOV3WXINYOoY9LMY6x6FfJNJrSk59VMtySkmk +OkStyfyNLxwqteRVSjAjtKVmE9GZgj7mmoZobkVnlUl3VN8paKFzs74kMegrfJqY +6eHo4VAU9lQXX5aUAaIVctz5Y4PNuA5IzL/zJcDqfTN76/d63mf0rOJvewMaPDkM +yaJjAKCZTCeh+qyQdW/VLq0ODTyZcAsoowQAhUbJ/2KPcHM1vR9VgZQ4tTTuepDd +Gk1A9oq09CkGhtGSdD9lJ3O6IAtwIH5Drrh/VwoYD46C2bQv9/XFSYpFbetP2XMy +1wLLqRy50IjY4eb+A5w/MqqOPmiekPzh+BHgF1ux6FPz66ubEWIr9sUUjp4LUvl5 +0FBxEuztMXaNjdIEAJ1fL3IeDqINMmHKy9HtS4tYT/Wz3KyKuFmA9vS/IgXAd9HM +z3oBgg+ktmv+O+SsNrBPFgZ8YhmuPtTIZ4+7tEJ4VFVVfnkHp682/d8CpubBDUYd +NftYcI10CQ/TvJPFn/Cdm508DNDBGQR9nf1N1xxs6Ed8e9u/dE1DRXFta1BS/wQB +A7n3lqEldy5uprCBgI7BwpM0ElWN+2D2a9LgElCF6MeTnG4Ycamo4Gb9JiM6RFNB +X2ZhY3RvcjoAAK9TlqT8l+FZ3rsTboSXkdYnCZZwh4rd/SYjOkRTQV9mYWN0b3I6 +AACvZXMVrb4dxU2h5sKMOGXEpcHs+DuVW/0mIzpEU0FfZmFjdG9yOgAAr3vtqeEa +itcXHtaGrkSx+21NoZaKkS+0LUZveHRyb3QgVGVzdCAoZGVtbyBrZXkpIDxmb3h0 +cm90QGV4YW1wbGUubmV0PohVBBMRAgAVBQI246UmAwsKAwMVAwIDFgIBAheAAAoJ +ENS/V/NzcuJDdy0An1AXntULu0eTFfoqIj2gIoRR6l/kAJ0VIXasNn5cMC6DtduH +/Cl3BCFW250BpQQ246VQEAQA31Qj2MGefTCoF0x+D+9UMxZ6RuBPzI6gzX1tzcUP +WYy38NIq+lNYBg7hLFkUfn0uTsAm33h2Q8z4/DGT7jmQWpoIg7yNTr6681L/gYo5 +FhhC+qERZ1iPMyfMwwD7rrz9bthUGTqChV2h6NiPUPM7ic/D9rxJICXy8dsoj0dQ +6dsAAwUD/0ggimQTUCGmNHHypor/GY0XAAL4Vy8jAsC0FH1UaqDVTrTDH1qWLRnS +9uxEsOJIGSLMSdxC0FZEYq4jCm7CYjTOHTHvvYDbhs9QhvW9r4VD2efbERFSEYMi +H69ASQLGDp/O5kOZTgQOvl5oxzvsrOMaRFSWcn66uUAMORmHKz1g/wQBA7n3lqEl +dy5uprCBgI7BwpMwsmLANtSNhKe+VmFkvN9msymkZ/XyA43Ts3EpgI/RoP2B4GS9 +LyuCC26DEqGnsats++yae/wDoWz1mM9tq4UcML4hSHIbZnG2OEZDIiu1q5aS1I27 +UeWhA8+qPhPosw9cJ3Y3sQIgdIEiKzAdfsjhmE78aSpljhGnFumTVv9p/lCNuAGI +RgQYEQIABgUCNuOlUAAKCRDUv1fzc3LiQ475AJ9aAil0KqenoLziTexEcc2EnFmR +uwCdEjwBOoJFx6qltIM/tJcxqRi7qu2VAc4ENuOl2hEEAKeOL2pIdZ+zQtehxdL9 +l/uDBFSTuN9rLb8DgLiw8Z9j8U5CEH/M38WzH1nHKKlZKjGVZYiyhRfAG83wvHnT +83lq+Ad0lgaZTR4z6nrd5ViOlHPlfqo4RPZPzPe+uF7EfDl792sJerXGAasLosmK +nxKAyJyVjh7eZcjTS/hUhO9zAKDVyLHJ/gQlMYk8vE5XYL7Pw4d28wP/VsKVkjlx +sXpcrCQIoKeDXgKNVv9L+0Pebspzr2WOah8iBN1QOkbtexIKCbb9mmviEnJU0FFx +5MIw4mipvY4EpCaH3McGwJpCzWmdzID8Z6oISUyKsuP7PXjmASbogV6Iqy2m/2RD +tfbIlbwotfbiOT9Tr3IPbH+tHAZByMRyvxID/RN90WOPSpODxr9AH9btmeJD0BfN +t99116+qdwvWrTofcbkBgzvB34vLLDaMKVIyinxz2lYyC7aSpA3uzjZvoPvPrQJF +LE0dx7DSkUTtWbQGByRabpyrXYdKZzsFXLb+LSTWwF3sQLax0C4cYT7OLPlxjDVq +/A0jgztaZVWa37IY/wQBA4atrlwHD2LVQWW8aUn17IvjZxnp2Z5Em6q1rszts7m9 +rXCv+fKUFF/9JiM6RFNBX2ZhY3RvcjoAAK9hYwqxHjc6iHxWUSLF376lmCzbsJxV +/SYjOkRTQV9mYWN0b3I6AACvYBDzN17V2d/ZXmycyHFyOyxqAighH/0mIzpEU0Ff +ZmFjdG9yOgAAr1pTL8K2pO6rbaqNJoTiKU0q6XdGAj+0KUhvdGVsIFRlc3QgKGRl +bW8ga2V5KSA8aG90ZWxAZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjpdoDCwoDAxUD +AgMWAgECF4AACgkQE9uWVTTG4/Hs1ACdFOYsQ4pNSdT9grdhmONXKXgVRzkAoImb +lC/iwRti3/yZ8Ljc0tEc4HTPnQGlBDbjph0QBADOk7pS4JZak/26nkZWEs+hIIF9 +IgD0labkCnr+GNDmGJrsJxLwTjU+NoaXo+SHmWPaqRJQFrz3ZJfJAxioyoSr+Hv4 +Fbv6frZIJEy1g4dFhk8DiG+zR3uPOcZCUyyW3HupqahU0/RcX7CzXAcuPJCXeoye +SsBDyUAk/6ODs/kerwADBwP8DrWpAtFexIWvsswGdpRJHSjr7j8cJ2Hy36acB5AE +MCSd7kNM+LCrOqyOhh6RfokrvCT6ZuwlN39nDnkmSr3FWbqcRSj8khs3tw+Uyp8I +tqhL621vFn180I7dZM11bECv+YZlmIF/L3JNzFR+jmpODR99bLjQI0dpUqT6IhyS +0bP/BAEDhq2uXAcPYtVBZbxpSfXsi+AHAuizXUm/50gOqDPn9/AvgQnPzxgeV71O +aUzUKvZEVIC7A8eNbmLXooM3Kc6ppaVOy1l6BVNcHA+iAdEOnGL9e46NALwFz+DH +rt2umY2banvt6kYyWqChnp6vnk8O4CD8ufKnQ4c3zfSul69uuUA+l4e5ZG8V5yUo +ikTP7kb7/7PSMohGBBgRAgAGBQI246YdAAoJEBPbllU0xuPxJmgAnjzxkJIErPw9 +iJ/WlLv4gvPY/IhLAJ9WR725AmIjPEe8YqhNfx5b+Va9CpUBzgQ246f/EQQAl65u +b9rEKS7XsXwNkvGtj1K7gnql2H1bJ5GF9bGCWhWmB8WFtsAy9XUeC3WbrcuWFgTs +btTfXZ5I7j7HSG6ukf6Ycusb+bA1IoT+GAQGWpFeWoXe16wXZFl0pEc2iUnx9Tht +oQF0fO5YlbvHJPEQ3kvoqcdb52WOOfOuCAJxc6sAoNqo5w0YxgJ9jkj7J4cmR+OF +UEKXA/wO0jrvYE7eiZeFUjGNiRotxzhTzh53rxtz2/DWG3D+IBFOt4qqxxp3WCSN +O5SnBZWUW50hDkhTxS7jSmsfPBmCinmQ6EF5FaFPyLQBq0uKwhMaWficdrQS9syX +FlPuzQ5jOS3kVAxOmtDd7CMTC8892dj02qzAE46QNNUI91kZXAP+PINfoJ8hV2zv +lGZ9tVlo+Lgsl1BOvxvEgmYV14gyTmMWga5sNq7TdMdWi8Fz0Vy7sI4S+RMJ96rM +ws2iTzWLi2jGO44itoWttCwqmGJmlSWurRsvYhSBgvNCLXFGGaQn5ncO1tqKnWSD +f625UnAipsgW8P4Agd5qJZiwXfJ67Hj/BAEDu6tMael+rX7E/usFH0MyFQczfHWC +g6VkC9TYfdLwbBVtdcq/lugvQP0mIzpEU0FfZmFjdG9yOgAAr030xCMZovqQobPR +re1kY7ZER8BZq7H9JiM6RFNBX2ZhY3RvcjoAAK91zg0swEPwYMWjD9p9kHpjle8c +eWvt/SYjOkRTQV9mYWN0b3I6AACvbxuq5MH2Yu4E6hH46k0+/KnqrsrS0bQrSnVs +aWV0IFRlc3QgKGRlbW8ga2V5KSA8anVsaWV0QGV4YW1wbGUubmV0PohVBBMRAgAV +BQI246f/AwsKAwMVAwIDFgIBAheAAAoJEAyCDHHSaZMTQPYAnj5F4su5N516+dcX +YBl7cLVDPp1JAJ9d2mO76rlmINaaTtH5lhApIjQjEZ0BpQQ246gqEAQAkdlSJYfT +iZH/CkfV8tnhI6IDz+SgiZKcneEBnO+hAJottARGAojdbURlOIeZqRCgKpdTXBK7 +MdHAz4RKFnAAXPDBZgA5q+Coqn580t/O/AKGb8kKn9n52z9lC8A5KnHaRAsOKVyP +TIU5vq6FLmsWmMB55iz826Dk9kMhV7mmdQcABA0EAI8Jq3Jnqf0HqqaX7CZuNKHJ +gag14bTaBw0niZK0KSB6FBpzitEoyst5JBPCl0ayQEw0Hn4jhZAqcZybI//pC1CN +QBBO47VUi0y1UVjExtaNmmWxugzkzWHHx4WmyWsCQwGN4B9riUws4g3dgC007l+a +onKzj5QEo1XiiMNTFFmP/wQBA7urTGnpfq1+xP7rBR9DMhUEbuQV+5mF3JEYDt0d +r9Ej9Ccl8GT/tOi0QsPNbtaWED6pY70iZMVJSk0TG7pZ47FNx8UHI2bJKWWjCF1n +uXV+mW/xLMM1GgFMwK44bX2IsEJVqFjB7alBd/uj0ugnj2feFeTao2xDuSQ71IjG +y/lFtOkcdJOov7L4tNh2/8ag6bbuZKiIRgQYEQIABgUCNuOoKgAKCRAMggxx0mmT +E4+uAJ4+JbldpmIpRDEuE8tFCnHacQr0/QCeLU0G5RaI4jZI+QUKtYiXq0ITUnGV +Ac4ENuOo3REEAMFaZuaYHLD67UlMCLHGPk1dFdAn3Mu2TFFDUYfEtA/JDOiNZacP +iQSZ7zK+wVe66Vs9fzNkyeXqpwLzC35vkTx0K1m69Ave9LnXIZ70zvpVEL/UeCuI +TRiocxNglPgn4dyJ+2V0cWJ36NGcZmkvBW0vGItpYCbpIGLzYVOfiVUbAKC2Nze7 +9Iyw+DKU9HI39B4fz85nkwP9HbIb9z5kXiRZyCaXOMnFBQ3bAZh4Og5ZQxdLyZ/r +IX4Mu3DGjqg6UtosdVNHr6ofZWHPXNqqTUivoUmOS5Qa8dtUW3YGa8vbpK1OMnjM +LhQVJZg/eou99s9OFP5GgPh5r5Vw/EYQZ6qzS6YiYnqzSt5LcolL2+Ae0ajXUizi +c/UD/0TNXtCRfkS4SeVSkZXarb1oZjHdGlw6ENiLGiA0e5b4r0rByW4EQQGZPvg3 +DFXMjqp0lVVmfmXFPggLkbTP+SJ1/VGSC/wSqPkMiKSCenRqwHwWIdKxv7f13hye +TZXR7P8uaSddSXaakqmT99v6pdZOo8NsVQTx3PzPKpEVciPB/wQBA3B94sZ4BXVU +UYZFifR1y3VNINM8s1ZkPHDNwxOmQwK5PkcxqfpPpGv9JiM6RFNBX2ZhY3RvcjoA +AK95UQT4zAahgt0Z7gBkqnFPjSb7Fn9j/SYjOkRTQV9mYWN0b3I6AACvZij2NXRN +N8KfYKoU+00zOAYGp8PcUf0mIzpEU0FfZmFjdG9yOgAAr2BTPmLEX46yXGfFOW40 +pPQsV5wHy6+0J0xpbWEgVGVzdCAoZGVtbyBrZXkpIDxsaW1hQGV4YW1wbGUubmV0 +PohVBBMRAgAVBQI246jdAwsKAwMVAwIDFgIBAheAAAoJEDfKtR+3kQP4ilwAn2q9 +qdnkpFPi1neWFi0OEOr5le7lAJ40e+wQHgKIE+Fn7sjYQ0Liwn7oip0BpQQ246j1 +EAQAp/Ccn5EzxXIGljKVKZ5Pp0xJA3uBoQBvXzu2pU4HU+vmgwnX1313x+4BsHVE +bw7+lfyhKnDD0TSwIAHj/xeE+jraCTU8X1iwe49eAyTaWF4wTyTzdZKQ9mrfBnFg +dWlRjLALcTMJaOE2Zasn8wgAEHgi4QWyBPS1il+aFE6oizsAAwYD/RpvJnfv8Vqf +bCxOYt7meLfTLrvcPlGNynv1nEgNgjbYRGIRzbXDDz+jwcLc9MeNuZgtaXvUbsQ8 +s0X1dP6vq43VmQTQPlU1TQx10o+YYn73ptyhbwOkyIDGmyf6uFhO0+B5/MY0KRLC +xo0lwMxvVkYNd6k804pSJPqwusWBm2R0/wQBA3B94sZ4BXVUUYZFifR1y3VOfk4w +3PRZvIRE/y8bsqADpUHOrpzhg45mVJx0XUD9jUsufCzZg7wHdE3KlnZW2cJ+HHoh +up28Ie38bbaUVgfofuur31BiAVojpu8KhTncGAMb64oNfdRJapHzzBcuUigQ9ETt +6OPgUE/thuHws+GpxQe8KhGQcVfJwuRernhyJhW+BEeIRgQYEQIABgUCNuOo9gAK +CRA3yrUft5ED+PJaAKCkicGM/NGxdTvpyHhtVSSkTRV/6gCgsnKOr6ziNIo/Bbdf +RfYDd1dL4lOVAc4ENuOqZBEEAKLUF5GqBMWJQtBs1t1Sp+NIOGuMLgJOhINbMU6t +k2jzeUt6ooNd+c8P0TexsbSETwhrU4ntpvIISb7I8Twhcled7bi5KCABJOzz7Fw+ +Ydxo5Yjm1DQH7+gEtPx3n4AjZUfRAN0nqcFizDpRYPqVaN1QYiGWn9yPF3pubQhV +n8zzAKCpx1LUlQl2e5t1YJhmom2qy38EeQP+IB45FBfDf5KKtyS64alQ0vHYIssU +p806PQorw/ZOuoiscUQj/WeZ4vn7rCdu60uR1EuHpGp7n0t7igEgAOcxDjrxJmpg +SdD79V+oJAFLATo2msj1IklVvJeI7ZsImyPchIU1lqn/GvpAam9N+FiIB1KUMFqT +Jzc6zUn1Qqag1w0EAIiRHPYRW8ojd9Uh4Ed3X0daAnClyMWL82t2bj/bJRmhupQn +4aVJ5D0pFB9izTiJEWciHpqiMdsi/zExYYIDS1Zu94+WFbNIxyMFfHrJ5fUQtAqL +b7E5LrlxZONUnrRwshqR4X2TmW2mz1Wop542eUQ1UWp4Gr3VlH6giswY0CnQ/wQB +A5YOFNcg/BY3BMnzmbEa9r4DVqdF0faqHCAPM1GU/o1rZ++VSNJruLP9JiM6RFNB +X2ZhY3RvcjoAAK9h5T6r3UXJdRJYgiPBeltuXDZLCq03/SYjOkRTQV9mYWN0b3I6 +AACvXXkGa4lux84ceaJy3CpOkPW9NxGnh/0mIzpEU0FfZmFjdG9yOgAAr2H8Yr3s +FEe3lYbWaVBMe1xHDnsfH0u0J01pa2UgVGVzdCAoZGVtbyBrZXkpIDxtaWtlQGV4 +YW1wbGUubmV0PohVBBMRAgAVBQI246pkAwsKAwMVAwIDFgIBAheAAAoJEL55SFK+ +XPiG8SMAmQEeRej4CyoP+wmpdhNm+c9famN9AJ9nKsCqRWJ/ufezi0YqAcbgbaNQ +5rQSTWFsbG9yeSAoZGVtbyBrZXkpiFUEExECABUFAjbjt7cDCwoDAxUDAgMWAgEC +F4AACgkQvnlIUr5c+IaZ1QCgqGtz7Pnbid5+UylHAn40bwpXE7EAmwVmqbtsG1iW +Wt1xOo2oyTj0t8E5nQGlBDbjqn4QBACme9aNjmsy/D0vLzEUvj2kaMBgVv3MWKO+ +Abi0yKsjdP0QEt+UosnybgpahGhPZ42bL8kYsfJmO95pWHxN6sNX67FmQQa+/vTa +fPw04SVBOMdYejLSfqmhyLoXGF8l3Vuc6MMraZkS58RA1KfY+EDjqCMItFMA+7Au +mK1JIvm5uwADBgP+KP0pE7r38nHf5b0NlDFYhAGIqdgdWvW6zZal2lNXiOkKok4I +6AH+GUGYJjULX+2mwCPUDdllqYlFZVmg2iSRF4i1ktd8ZpymsZuaaNyDz2AUzlXe +cRQ0JT+abYFBannyHg04K/rR0avkYCocPEBK0+TfzzNvER3IWznsI9Dhkm3/BAED +lg4U1yD8FjcEyfOZsRr2vgAw2DSsek1WQcJVSrTcrl4DmC6JoYKNZxcZxkz+azXG +MzU6P/gruBQX4ldaWq8ObvjrdF+g032GXju9Olh9Wx82E+lc4O2K5kwNe0fveQQG +7vFrmajyXnIB4myEx8jSGNcEUcl/6pMmwjzIOMcU1lPVYNkZU8cFQpZHJ2dY0OO9 +MXpawIhGBBgRAgAGBQI246p+AAoJEL55SFK+XPiGkTIAnj6CpWQaP+vvx+HhzcjT +cL/VKlZQAJ9Nk+d40+pCqkNEZDcV/xO6vXHbbZUBzgQ246rjEQQArXimh2e6XDO0 +Lo/BHPEsdHyd7tDXS7KOcZ/RJOBVjCwbuo8O2/+SowdlrVzmUlihzs3k31AMe/TT +Ciaw/Y2Vv9JBABVXmacGRdZfHwbERC0fXMQGoxN0bxZIAmAIV7BdSZ6PqolOUzb2 +nRlOEs5j+Lzp546yFk8vN5rWYsKBSHMAoIGmmgpRPEONTciH1bY0t3/jZvMdA/4n +B/bsDN76QdkFdvSCAams4Gha+7waKIBaAJZWgkGzy4sh19TJN5BGYOcXsJg0v7VO +Kxqo+1HC/TpWcdSAg/HKfNMjWH6COyuVzOrGDjJnyTkRjhLKjLaGG6N5Zbg4A5IN +ug2Tcp1HhR2UayFs9nCqk7mgd3cNPZvLCTbrN6aBLQP/UNSg7Iyj4vPtpFMyaCt1 +etUIJVwFQ5X8yugeSjhGehkf4F/TObssi40RMmxUkjT5by0ddfpleBkeQHK1UDph +NEKRcqNTK/rg7G6sJMxEb0ata+aTsqjOVj14ZV2uaKOJ2tXwRF++iBMyusSFRtOx +pzZ2mPnZT4LC6uCPPgNtGRv/BAEDsc7YSdD9O4gyqEDz+24vfhBH5b1jnJJ9MOul +ZipNjfbpG+Tocn1wYf0mIzpEU0FfZmFjdG9yOgAAr1WRiijedefkEEOQBUrN2HOs +xDW9NIX9JiM6RFNBX2ZhY3RvcjoAAK9CxfX5lmHbWFcJfFHEQCfpabmW2/on/SYj +OkRTQV9mYWN0b3I6AACvV5X9PayElGU3atpQ//cE3jl3tHEfhbQvTm92ZW1iZXIg +VGVzdCAoZGVtbyBrZXkpIDxub3ZlbWJlckBleGFtcGxlLm5ldD6IVQQTEQIAFQUC +NuOq4wMLCgMDFQMCAxYCAQIXgAAKCRAlsA/UMM7GhJjYAJ96+gRNnRtFX68Wbsix +2VqHsXeLugCfVbbEonL55bC9BBQ89XY+6AFNSgGdAaUENuOrHBAEAOGceVg3PC6F +tgrZrnofohzWnui6FVBzeai1DZ5MMKmdN6/QMv1eeHoMOb33fbfhwA51n+kPuhap +r6QqTzx62RGA/gK1m7vjU2OfYxSO65GN/rSUXN/kE83jR7Hux4MocRXZ+/8ngqL7 +JAjw1LZdJyOniJpeRvrckPNC/bKaua77AAMFA/95VjAjJIAU/gOMwtbqTgV+cmHe +52Aa1CJEalV88yKG86nnqHuL4xxUTTZljyjbbKleJD/Ah7R1BxBhSEDy8WuTuonE +VHVxTcL9Yig4pZ/OzYZf5fkl1eLNaSLb8XZMT0JbP02b//OMpAr29lcaga1o1RtW +vrlUyIYOTm2RcTxkf/8EAQOxzthJ0P07iDKoQPP7bi9+FNgB92LCXMeilHSPeArG +JblD4lyK8pp+jwjSCaWJrWQO/OJJOzhTh6Betn6H6C6bapoEaQ8TuKbHEnOMUfax +tx/yzDtWu4EWGMyG9sSPjXRr/lChDsi5OMcYnrxK3foQYMEHBMb1fIqqtRZmqWPc +FixNLKLjBalB2cMRuYaY8o2V3ZyKiEYEGBECAAYFAjbjqxwACgkQJbAP1DDOxoQg +5wCfbgzOK8WkgR8iruUOQagMIqwMr6gAn1iBQ2TJM5znLHzYgLX+D0k5IG/plQHO +BDbjq1sRBACVaJ7JCEOyjZmcPbBv6CrpqqTWtFSFzB0HAJNuITVosCye4yXycsfh +++FpPPZX8B6OgvTR7bx24Dmiv0mIF+ZVuWulMAgZay7QBTq4RCxaBnBF2yjc0f8p +8fxnmXHAm2Rn+GUCIQeiGYagPfyYk2yCebrdFdp1QfvqKs7oxy9aVwCg414fuLbk +BysyiXg7sFnCoarbmJsD/0hGErsAWF+BpGsNPPzg9oiyzGnV1YpqVGu4wlgZArYs +O4SXndD53WudgE+WI9uNav/0aSPHcrgHQJ9ZZALSxSXvts1EWqvwVeSNFly+QKjH +Ecbs8gUbvust3ZKJD55L52nlCKO64wLyySS9C67FLp4iTSD6OMaU2GO673thrrF5 +A/9nF6Tfunw/W71NOY3uc+2XMZcat8pWL0O0nfUTzTmu5cWpO6gV9w4FGu19j4M5 +5tfxHEjBBX9MSbLHChd2aS/TcRjAPoAlKbHda5WLn+t69wf2d9IQcPLuwULwIGnh +pq8AVFA2uGiZIH2VKblyUYtmIPieWMXUQUAHBAVyHseGU/8EAQMb786noBSUDw4m +7xGDnWduktairbapLv/ColtFylU7mo8tzwPJ9N6M/SYjOkRTQV9mYWN0b3I6AACv +V0SyyziakJ764L9AWGhvZl0VDNCEff0mIzpEU0FfZmFjdG9yOgAAr2aAgfc/R0ZI +X1er4E/LYM2tthHZ54n9JiM6RFNBX2ZhY3RvcjoAAK9vCoy6yI44r9RAQQdGiriB +nWdRPg35tClPc2NhciBUZXN0IChkZW1vIGtleSkgPG9zY2FyQGV4YW1wbGUubmV0 +PohVBBMRAgAVBQI246tbAwsKAwMVAwIDFgIBAheAAAoJEF9jVrptlzKssC8An32a +3EYMFU3dvYtqymOZk1G6qdElAJ9XrILycL0GM22u75KkQfVlZReszp0BpQQ246uO +EAQAnQtV0TzPQjBa4FVL4qFO0koX3y544FgWd4amzmK7ILV37kHb+pQIsZzT3Z5P +5OJoy/MNaam41Jn5m6aVQ8c7IolEJSWrcxg31NYA3O5LJ16Rf784IW7nMvBzTtEh +4t7jPxlwue+ImdaMWvwNeHypwlWE9U4alGtbrAuWEFx5uCMAAwUD/3+C2YDd3Wy+ +Iy6lxwzaQCBI4k2yl8QyhzpwKH//+EhNJqWjVRy7t58SOewrV30iNpDEEpv96aqU +ys2gZTPwmzACVGp4ZpSzwEQ3Cf4UHA7QbBeZxRu83y33tEgcILDNR8S/evFb2u1r +G2KUmvfPtx0g7svVcKYRae4uB25wm0iu/wQBAxvvzqegFJQPDibvEYOdZ26Rt9Gj +Nyo0jdE5rAxUvk0VBw7TW+V6uxtqp+fKrP3W/ewR4mUXo1jq29kicdAtO/nI0uEW +iMuascrL4lCWWcrEK2n4AX7KbzJ9W3HDupQhHHwYga7LFg+ZAc+6m9k+cn6M8Syc +sbQt90IMqon/jpYnSialNZilcMpFfYCnqBDTVKpBReiIRgQYEQIABgUCNuOrjgAK +CRBfY1a6bZcyrA3hAKCPwFgK2ukTx/0R6o/BN6HFJh7Y+ACeIB2LqEi2uOknmyef +7JveVqldPTyVAc4ENuOsQxEEAIQRmJhsJniNi/bRff/YGrZ9aFWt81G93W8WhV51 +qq+ntUHgUNY55Yyos4XLOa2tS+K8zP6X15FesVBPYIQa5BIC10mAsLfJ+1rbnGJP +uNBA2U2MoEaRxo/JtXQ//5jiTRlYwLDRnBzuaMCPdsirveu+JBw53ytRwjwe7m/D +1PPvAKCp2dj1FtDjubTN7kCF0o2KzPwE0wP7BimQxXyPwSzGqLaHXSEBsh84OQTx +PI98BXgq0195/A1B1/pPs356euKlqoefUTHYhbjiMYbjZT+A6juudf7A2Ucy03G8 +HDZ4k1f1vmzrj24+6ygGBcxTVr0BaweiC1DwG3LjQoJ1cuFxRQ8BYJDGIwPrUW5J +dlnzW2bJWfdyXOoD/0S7iEVN9txkSKildOeP1YcDCD8MM3hvF9kUc+1hbmir8SOZ +/IYJAyQN+j+mYWsLuKtZ/F9pqiBNTXH2jWCTqldOD/ZYxHVJAARnkiVG6yckMLsx +Hi2LPPBK8xack0y92mKe7za/7fhVgCRSs7M/rzUbzUhyInHSyxr2SYb+8lbu/wQB +A3vncg3S/0EKhZRFb/E5MzbPjleeF5fQn4SvP7U30kDoHyI3LH6KymD9JiM6RFNB +X2ZhY3RvcjoAAK9Gv/oavNniW7Yqm+70mldjom2X6ztd/SYjOkRTQV9mYWN0b3I6 +AACvTc6M6Pazxb3BIBjtK8lUhha6Ei7BOf0mIzpEU0FfZmFjdG9yOgAAr3SSQHcy +6mye2mjpCNKs/FezOQKbDUe0J1BhcGEgdGVzdCAoZGVtbyBrZXkpIDxwYXBhQGV4 +YW1wbGUubmV0PohVBBMRAgAVBQI246xEAwsKAwMVAwIDFgIBAheAAAoJEF0V4B0/ +8TIG4YwAn2L7BGoJE1q7g/ePfsIhAc0nacGKAJ4iBZV69HtWtOryudH1sG7zEoaR +KZ0BpQQ246xxEAQA3mE758SGpbalfvWhJSpb9NEdZJvJs1zlutDW3OBNuF4eIb8t +AnWUeO1mhlCzJbcf958S40BHCvKjgiO8rSeaJCyplRHXv3ldMhuj/Bo83TxC6MLb +q5ZsvWlgvnJBqvBso6jICy3iOATU2llVz+vX5ZSns24RqmJxWO8U3OSJUIsAAwYE +AJZAliv6HSjOvslD8Gojy9Mq5Vdv4MgFCO5LM3su9qIioypv1l1802ZnUC2+SWjY +J7ZUzKWJDNVJNm4clBt+sNMFcF/5D4Ag2Id1kQCh3MG8O/qnu+xOeg/4DZtLyXrG +tY5sq3crL34ZQOSpbda5qBxQqiBCARv8Up5z4Z6DBKBR/wQBA3vncg3S/0EKhZRF +b/E5MzbLEL6CTR0ywkrjR5f4P+KFRNbVixP74rOGEYga1Uy8PrUOMDBIjbtKVWQy +6ly4hnMv7ZPtIZSJFpeofg7k/kTNJB0W0BcJhWfg5CbiWncJYH+IZT6+/0aJfmhe +y7gMlkoXOqH7y1MlLXHLriVzNOpapAK4Q7vwzzfRL8kXP8zC+u1noiuIRgQYEQIA +BgUCNuOscgAKCRBdFeAdP/EyBhuTAJ4zaeXrBSUA3s0m0MV04WJxDDGwWgCeKwYd +KMH/CO2Eaetd28XWxnxJHO6VAc4ENuOs0REEAIHCI/xKPD6yIRGsSnI3PXTW/f9A +WdwcQZO8fWuxypuqNP73Hyx9lxYxcQeA3X3vjtTwvSjVKiIuhk2nxm8qkuO17Jzi +bOZ77K4JlaVFMwHe6dHcXHNrSaHcIZB+BrTj+IuD/Vwa8Z4EK1kNI7t99xDxesC1 +ou6pFchhDQn7L5LTAKCmIDPl2IfVEHu/x19Bogp5NxMVZwP+K8gcXcgYoY9NourP +LwHuZpU68L/OboKLkgfeVxF/Bj372liFv06VFkOmu6PGM1P5CD2u2MxE2F/HvxVa +9mXd9xwH3i1DadzktDbxG2CZRg31u/1+6i1b9aOVgowh1ISvAwn/QMfW+M+wm0R6 +bcUhOFO/TQgjrF0LDm1dvKpRrBUD/iCGgoe3U6gA8P5wZn7l8XqTyl0ul3YtLaO/ +S30La/k1LSThFRiG6qkAbIBEhYk+akdFu6oTp5eO0yEMj0J7f1ffeEMMgBrSILTO +amBUVu9INRZMg0V+ez80zLlNgY1SOph5GlJC2i7o20V4kBZvCFyeK39vexqaSrko +LzXK+0Zq/wQBA0GK22cdg+tRJk3gYcN/JjZjdGbyparZK4zFc6L9X+dZtsC9gBVh +D2j9JiM6RFNBX2ZhY3RvcjoAAK9XLx987T5u+PQj0za48diNtMwF5HRv/SYjOkRT +QV9mYWN0b3I6AACvZ+sSQxavyXXTvVtvSZ9DrB2hdoyR5f0mIzpEU0FfZmFjdG9y +OgAAr2TiK/D9hNwmBtF5JxEuKwCv5DBmY920K1F1ZWJlYyBUZXN0IChkZW1vIGtl +eSkgPHF1ZWJlY0BleGFtcGxlLm5ldD6IVQQTEQIAFQUCNuOs0QMLCgMDFQMCAxYC +AQIXgAAKCRAcZ+wTPGYchNG4AKCjSqAGZAKs7NstyNXe0qmxdjqhgACfUIFuQ0RA +vRxngnEfGZJiTL7vHBmdAaUENuOs5BAEAJGi4T/jrY5BtRTM0psAneQytzzFgH4+ +LigUXAAb0QDAOkyGNfWHrfHJIS7A3Nc9pMWAdOjWgSKbYyrzra0SQ75/SkI5+/S5 +ev2Fpki+HYo7cNgVXnbCJrIY7k4DAMunqPJ9JCUXc88WxGvKV5b45htqCPnV2Pgq ++AEIKD5aGfLjAAMFA/9+O6ttUbeY2bQHRdThl4HUxQw4lgYN7stgGZsbHCc0y6ln +1HF9vlE4Tl6HI/NR/8OauQrXt8988dh039QNZsOdAeRWTk4PgSuXq6VDG5WNw6B9 +bvRPKXe5yeVmNNl6KESBzMcq87kANZWZ68vKJ2JihxPHRAyfxwGr2JKkVF0S+f8E +AQNBittnHYPrUSZN4GHDfyY2YCjm88CdmfBmhTozr+i8fBZaKPsQQkAz4Ybhdf+d +CkGOyQjOvI9qUX4wNF1n9/2af6a9A9TJNYGpdQ3AQUyyH1AXIfYLeZhAKR8oHgP3 +r5L4DDGmyAG/I47Ziko9nyyRjEkT5B17n0HedUtHH0+v6vtjNc4OA0XtbY0SCvuF +MpLRF9guiEYEGBECAAYFAjbjrOQACgkQHGfsEzxmHISIlwCfZ8SYKvVQnWcUbLR4 +pdAC/SDm0XwAnAqTsdVw9qkF0c5EwGnsst/qiAqalQHOBDbjrjgRBACU0OjVoC32 +Kh/dUjXPdN6HIusEhHheYpFIzYHHTYJmFBEjBj9CwrpYGjGUmp+BS2wFS59zO2Ml +pQGLGrmo+YGBdio338Hwdm8baeScd2Koqu+oWkCoBMm2VxxbS3M8kq0ppNu2Q5EE +O/qGywVrVpfBM3siM3mcsjVaHyWy+T1IqwCg/lnggNIr+Yz2HoU9GwCwBi9331kD +/jRTBAuXTq7vAG2bGpJ0X/zqSMLSRZfwnZj28hx6I0SIT0yZU1xggrAgzSbB24Xn +QSSxWMR2BZQmupPdHO0l8xPn5KCbYo4C+9+ZsprxEXg09KtVcMOsV6qTq40NPSOd +RRNAVhOOTg/GD0qX5r9ztB57qpefmp4Nfy5tmo3SehfRA/9jkdKCLrZRsE/kH57k +GoT5kt4nvJW2X3T03BMKvspVm3WjdlrR0Ji0yiw9P05sCMJqeFKe4RZreG6i606C +itZpRIRbpjfMEq838zgUDv7VGF7zqCedYu36sepfkzxj/slNyu6A21HTgMWxiBrk +DXoIuxMPFKYzZGC+nCHXgW2uof8EAQOPMKazZfwtUoJ7eB74i789uCp+H+yM1KRO +CEcmSW/T7ago8wfbaRdC/SYjOkRTQV9mYWN0b3I6AACvTozOxPOPjYlU7v7vhyL4 +rFswiNRORf0mIzpEU0FfZmFjdG9yOgAAr0jn/8fzbG+geTnYS5NG4g227pXLeTn9 +JiM6RFNBX2ZhY3RvcjoAAK9spiY0wOlyucxM1H39jlMftXgj0GA/tClSb21lbyBU +ZXN0IChkZW1vIGtleSkgPHJvbWVvQGV4YW1wbGUubmV0PohVBBMRAgAVBQI24644 +AwsKAwMVAwIDFgIBAheAAAoJEDvb7bF3f77Tq+AAn10WjJmAMcn1pBFwE28eIqtU +z5bsAKCoNi7oa/HFVQZRypKR7SChjez90p0BpQQ2465mEAQAiea3rOLV0WY9+rOz ++CmVlH9GAvJrS8cXjRF3uXJALZ/IDH3EkCeDHouDtRAb6ymfQ89vBJr9BZg3eug1 +HeMm0SJNTzfJFq8vVLhiwH/1QQJDCMl4WAhJwe8EbDY+JBeQ4WIsrXqdsHpD6HGT +thgFKCMmNsjDW9ptoNivFJytkAcAAwUD/iMYod6PvvotNl8IuMDnu2q6NsUngZh/ +W/JxGifL/EVS0TtAIKEeBi8ynkzn7+exVOPLZWO7MbYehTsXiWkJEtZw9S0aW9xl +A2a+6jP8jhmKdFoXUYBlvnNHmGt9oOWo6ts59/h9S+Mq5kUmTOJ5meWV3vYo5BrN +FDWKpotIAWMa/wQBA48wprNl/C1Sgnt4HviLvz27SydCgapMV/zUfdQL64nYYQj/ +00crVG3e1cAN2iOPRNsjnczkYXjFfSxTxoVvQEOvScRoOF1LQ6doAGGSJmSkyIGZ +wxb4VLD8GhqmCX30XxOcTRG6EiLq9+kDGL5gAnBUTviRF6Tc+y9N79L+nxc4lawj +36d0ZXeIG2fm8RycxA2E4ICIRgQYEQIABgUCNuOuZgAKCRA72+2xd3++00nRAKCQ +vRyQt5pNoWbpj8btfqGK00jpOACgjSITGzCNURjHPCPEBAPqgOVDh4CVAc4ENuOv +BBEEAMUtk4AJiXP3jaKpIhbi3B73S2SZ67rKzBkicjelpwWk6LndsCrbLsIWsDf8 +fNtih0r9As+2arfApkNlwuCGq1ZlPGGGEf18OqPxFvnghVEbDdcosP4bIm3k6G2s +gFbMl68xAGnTtkS5Gfz43uTuznPzdZnGbIjP0uBmPfZk6GW7AKDhi4htuxr3Y+ud +9lx1bWM9KqUtAwQAiRYHm605RZVBkdzlfYx1Iwgn/l8Chq3MsPrfBMslapBnq1an +2/nEQPmuIde9C6ALN1t03DHpKonx2XgjYVz8pgty2FU7txSSm2EE+975dXp3ov4T +fD1KxksOl770PAzixLfNhPW1q4A2cEruGgO74qEX3/fAa1J0nRKDgmA/mgYD/2TS +ZKCaFHoc3IHQnkygmGzzZNpVZV2+1kIB8Z2hNo9V81PYpzlYV8SlG51ajW1G3ePc +ti7JOIP6MquNUbYR4TOzZy1Dq4+VqqZCB6fOeIKL40IKKAoMMDYFNLp9zcT+s6+6 +DTPH27eE1WEt+NQjBgr2ofC/4iAU/nmAYmo4xn7Y/wQBAw1YC6sO6OK1YqygeAug +0cwEFM97WACPFwv/yo59kPUn2OPV90GqWcP9JiM6RFNBX2ZhY3RvcjoAAK9kgTY3 +bsST11j0XtHaORe84A/oRwpP/SYjOkRTQV9mYWN0b3I6AACvXbfs2GvacmwUsN1h +JIJ6o5Tv41Oiif0mIzpEU0FfZmFjdG9yOgAAr34DrRWil2lE06jH9gI775+twQFW +Zp+0K1NpZXJyYSBUZXN0IChkZW1vIGtleSkgPHNpZXJyYUBleGFtcGxlLm5ldD6I +VQQTEQIAFQUCNuOvBAMLCgMDFQMCAxYCAQIXgAAKCRCl5n9/o64+oa9/AKCaJbj4 +sc17CLwMOuvFVejk4mwUQQCfcrpQGZox97B60MgQRs/wklSEVWedAaUENuOvgBAE +ALhxyR0+JaBA2Qa8CberwXHNEuiDrz+N9++Pwy+375dDg2KQ7RUnx7NiRV368be/ +lGgdMhLKeYxZlmNPnpoUNINk86RCzYbSpmAASBOnMJQF2WdQLxmsdJNJCMKfse1H +ZylgIJQGWI+1q0O9Lcx7Vd1F8GFeJvThMHRyLoOvMVCTAAMFBACN7RHUg2b0aRko +DNMQKL6VV6LvBteSfgkXqf2vUovmhQtUXxoYc0QnVPCPuS6raRpxiNz8OLgp0RJF +Nk32zOVmc2u68B30kociBt7Kx6d7fJGHL5gVqpebUy1YJ3DBoOIOgcMBKmXnlG24 +IrHPq5bvuqGtnwToZEOuEj3ZHzwNuf8EAQMNWAurDujitWKsoHgLoNHMAI9CpJsg +3p5r1/2dTbN+h0CJ+lqHoo70wkoAb+gaM+7jq/FWce/7mNExPIYobdgkvZ2rbKJP +x8o0zJqu77IkMLTb/eh8z+dEaC9X0S/uYgN6AUJl/DsEU+XwOd+JY8Es0wJda+M0 +qvSGaH6+kTYy4pO5QD1BrfdPTOVNxcFna7HAItZPiEYEGBECAAYFAjbjr4EACgkQ +peZ/f6OuPqEzHwCgo3fuvctqBR1zM+lGiitaCcoRH98AoM2iZsG2q1yiU3MebUWD +xcPCiuRMlQHOBDbjsAoRBACQ4U3waYeRudWpRA1GiHxbw9CvqFw16gwe4Q4N7LVS +KWUffXdm6P3TzrlVqK8FxQQyXitHO4iREKzFipcXam0RpB/KWhUpy+V1qOMTI5J6 +pyc2Lt4G+9+IqBR0wuFgzNv76ExrhaS8Pnoq1vsJddsLrB6ZzZFsTBCFrdh6Bk3q +3wCg9yVAa2nj2/IByp1xc8hLvES6d7MD/12gCo3vjQGHqoXAKsb9khD1I/BDILV+ +0g5JMg7/MLkX3DcDALeF8B2J5zN26VMFo9iXAxhPa7DZ2vx7hQI8/9pa4VCp3B9A +ssL44WLbdbfdo9HD2Wnkd6WPEf25vDbNtLYj+7sVZY/rMyNj3+SolB4YlhydkU1x +hNqVJk+lBYXNA/47smbyDSsJG1EksKSr7KIteXenuFseT2dpgK0+cvlC4rQceFii +LF1elFVWhATWgXut5PXBRnTxG2vx35Une+pC5nEncvha+93d0zCK5sACjFXSo0QB +HN5fO2Gj3dvy3U/k1swkMN9xKLXsSe8mc2QNkicdu/48iIF5FrcL5+VAjP8EAQOk +qTnVSVlDNyanmeWCbHT5y1XDf7flXnKwAlPvRhV71WMkqrgQyZSO/SYjOkRTQV9m +YWN0b3I6AACvYMiOr13riT9DyF8K7MAH9rFUqh5JY/0mIzpEU0FfZmFjdG9yOgAA +r1ZK4vMwe7MVGkYsBl0OFJFhJWf+nD/9JiM6RFNBX2ZhY3RvcjoAAK9tanjl+Ggi +icD8mvH2FEnlCyuiB9iHtClUYW5nbyBUZXN0IChkZW1vIGtleSkgPHRhbmdvQGV4 +YW1wbGUubmV0PohVBBMRAgAVBQI247AKAwsKAwMVAwIDFgIBAheAAAoJEFjLmkyF +qB84JOIAn1w8JVmBDp+6A35ia9SqWpt52ZiiAKCIHwczU5eSjSlPSm5W8C7dlk+B +CZ0BpQQ247CeEAQAnr0w2OcvlUX7E8u2C8dJGIj7wRU5qDazxh0tw55/ybJ3/Kyh +CFfsr2dZ2E7Zw6Yvc1u3WTTf82nH4S+/IJFSI+qBi3TrcwVtt8Xa3Po7cIzNvS0b +BhqfmOOXJc4ihUlADR2Jukm/QC+f6bO8IZBDWr/7LnT4SwEPhPoZNMFb63sAAwYE +AJ2kiP3e1zM+zEo2i2jkOny1Igyn0sRiuw0OXQ9B656zp02G5qtDN+IXhgLdfQqg +qyWckP4BLDJ4NtQoEM/Mr2/7oj3h01XpbU86R1QFQOXmoWw3q7yqEWIwfOBqClSF +0A14sXdjQwadyabTFsW4m8Zn5jLW+1sH4PrVjHoNEz4C/wQBA6SpOdVJWUM3JqeZ +5YJsdPnICDfLPDsLTp+mSJOvz8ZkqbdjjI/q3Kptusm2FbDk07+WCtgfeKcaeJZH +FNDb0PYRG9S22OGNlhDTmZluNPmUG5syMkoyycBX+4RTirp7LNS+VBIOHa6d1wD1 +k8lANIjD/ilD8pW0pAyqN5oJLDgGD9892G7eeE9Vy4XGRmBB6TbFMF2IRgQYEQIA +BgUCNuOwngAKCRBYy5pMhagfOAibAKCS4dbgdlteoklBNH9XU3+trecmqgCg4u4N +x5RLyPVJoOlZhb87WTBcW5+VAc4ENuOxqREEAN621mjyBM5OvWclduTmwl+5VJBo +yZuAulmkyzdDsL6ABfRdf5D+9y4en7BXY2rRLi/7Dkr6zEMXgDxQN/6r4aY0owDl +TbuGRwNC8TjwRhSCFx1YqNZ4XCaYk5vQoyhq116HiI9PiPyhwbD6LTPqj97TLQ5V +axS8iqniJk/dSWc7AKCA6rkZ88kyrcrdw0PedTsY5Hx7UQQAxyAfT2jrwduNvCnD +56M+4rBUVrfsI5f/rkUXw8416V6rsyvdjzIqpssiwhYNrGuV+WlvIzP9KG4N01Ty +CH6ax/CHT5E3N0Q+akkIJUk51k7jpy52BvIBCuIfs/KxJuLsBuamcyXuRCu6EBlZ +cu2cfV7WQqi8HjdremHzAXiSi3ID/jkDxssoSYm+mr9qZjpWMOcazGQOOPDY6hVu +3ywt0aOmBqePd+/LkpGFZ5YsqGa2rji0f3ubhgOYYIdVr8iJzhoM8wy9Q9Z1pjkP +IJ56tU5vck3WosLujnHYcG3xETtxec8mXlUrFzirPKzlupARhi3Z0/hwmoqTc6OM +JuXpMn7x/wQBAwH5EiW2ICr1W3T/Rx6Cb3eG3/JG8Sjo3rpEYlaApMS+d4oM/9V8 +3kr9JiM6RFNBX2ZhY3RvcjoAAK9AzQba8DH0bAE2s5RGAEJ5VAWk/+g1/SYjOkRT +QV9mYWN0b3I6AACveVUvbR4gGYzhP/+FIlqbM8KFSN9EM/0mIzpEU0FfZmFjdG9y +OgAAr239YwqXBe1eAtTrlPkM+BZQS5iCzKm0LVVuaWZvcm0gVGVzdCAoZGVtbyBr +ZXkpIDx1bmlmb3JtQGV4YW1wbGUubmV0PohVBBMRAgAVBQI247GpAwsKAwMVAwID +FgIBAheAAAoJEKlMD3VlMkTWM1sAn0eideyWSJxrd/trrimzJpapYrQPAJ99nNzM +TsSCQwsfLaq0E7kkkS7KtZ0BpQQ247HDEAQAtbvtPTT+OnT55+kSbXMy9yxK6Mq3 +D5hzpNxW4jXyfGDJxQXkk/lPvnIYv5Cs5vjeMvE2RPLB8Bqp5HiAbSV9mJkCRYSo +tkUfQLVZ9h1dWUwWE9avz+zKWUzzCPRDg5QhDyU71/jHbT/MYdBrI9YtcLo0DiQI +l3a6rD8Xp+EnIecAAwUD/jUUTsyxauJAVKYKE8r1syZfehncpH/jtAIW05We4sfS +rUC38Rq6s4KNIcA429kM3lh341YWmmknOVFjTLiEMh0XLI/ceJ9uVxhNB1MjlUg+ +OiDgI32Rfm3lzmvzW2HEfs8zkX169asltoOKFfCzeLOLleHT2pkN5ffC5IPJYVgn +/wQBAwH5EiW2ICr1W3T/Rx6Cb3eFuP+IvpNCP9FJtq/cHx/aNtVczSNEk2ParqkE +bsZoGgIF0fZStEWeTda8b2/P8dt8E/hZL8YE86A6y26jjzhIQBnThCdlxYXCI+f3 +rwXSdBJYBu6jvOA6Cp7VJkBGBUknV3c26VN6mF0tq2xw8EdB0Z94SBwIObsUJxUX +GSx6F9n/BIaIRgQYEQIABgUCNuOxwwAKCRCpTA91ZTJE1s6YAJ90NN6PZ4hYojIq +GPHLsoXLX4ZQqwCeNI8dzekcdK9ZkqXRxIfFj4cQH5+VAc4ENuOzmhEEAKMDGobM +DqPX3SKI3/W8m9LmNgtDUffHGHNd1npnGM8mSyVfWjEWoEg2GPMEmdX3/tvUUV7n +Tz02IJwZRVlrbEPdW76eItMAY1NB43LpjQTrAR++mVAslulUY6a5V5nJKEc0IqOu +xkW1LWavujX1JRvlBZLeBkdpsVNuaGJtwUFfAKDfqoZUCcZxnO+dRMalHLfGOn7O +4QP/apMk2mc+GJwpKSxXBvoQkVcfuZBJmXJuUCc4BUUzHX0ZSKNbgxY/kVR1xN3k +rMgOCR6dEsGukIsgVWRDj9to/+E6IIs6YKhG7fGcXKhE8z8mf3hDLcmjbCKDCSFB +T7PI5TkLzlAEP1y2Rtin/Sa71unGZhNyEfAPW/d1dRcRVqMD/2WcTPUaIjRvAqmb +xUpenRhg/mF5rwmHl81VvVBbZCoZ35c0edEZKpfmyYbKuz7GhjEPz6O/UWGYZpK/ +7r6f4kFUrhO5atClnRyBkvmNmdfbtM5hd5jh3lgqAT7tk7ntPAIh8X8/qm5+Uab6 +3kZwXCPiSR+iEwRp42GbVL7F/b2r/wQBA+smNbHH+mT2ogDvwebUEYQ5u7AjqZvU +WkfnZPKAVQwghkIrT1Vq21v9JiM6RFNBX2ZhY3RvcjoAAK90DxORhCauJg3tbEH5 +zO25GERe8T2L/SYjOkRTQV9mYWN0b3I6AACvW0fayFNyPj0o3kQ0YOk+vZDnV7i/ +4/0mIzpEU0FfZmFjdG9yOgAAr1sEI+EYL25Oh+V/MAHMZ3nfeIm133O0K1ZpY3Rv +ciBUZXN0IChkZW1vIGtleSkgPHZpY3RvckBleGFtcGxlLm9yZz6IVQQTEQIAFQUC +NuOzmgMLCgMDFQMCAxYCAQIXgAAKCRBHr0tpYfBHhMxJAJ91JH/X2uIsYSrKJmI/ +S1Zgwoz1/wCfdQoDeGHzNwPI5NaxIZH0XYr+O22dAaUENuOzvhAEAIeRQIHb2kyS +94wRnI2IoiaLMXk1n9y/3VGPfX2TfEd/Q0laFCn/UbfxLEuQ8sF1ZygHiYlE2MPJ +WzEVRe9FYUgx6TAvSrWwdJZNwnAKlCz4soq0+YPcsDduFu5NJ2liCYrLbVIfh6m5 +uoHOT8/TX3eZZfMeBIYt5ShOjc3t4FDTAAMFA/wLVDdYasFk06YVWXLR6tyWlBG/ +WoJrvznLH9uP26vYvEfBWjMAReHyOaiIpnKgDPtgWenb2RHaq1WmUfWh483IXB5m +oiO2ZluIJpPixxRVn/cu5hvGAyhQV5GgbiacRW9RSHyaZmi8yZkWu+nS6iNwOx9h +PHRUGvzBrGAmuDZiC/8EAQPrJjWxx/pk9qIA78Hm1BGEOtrTuBDDiXmHnTN7vG9T +7F+vQT/JusPW4EJHYO4E2e1J6gyPEGOqrAsLW97WTEN+LW1bdTdY7dhM4jSI+Unv +ZqZ71xW06WXE2lxGD4ayXuzP6Q0KQT7YcMnrkqBluRJTfGKdjX0RPXt/5+KWd7H3 +VEst836l75/lYfLrbWxaArFjztISiEYEGBECAAYFAjbjs74ACgkQR69LaWHwR4RT +3QCfcsKGxTTd4f5S/liM5MfnCtlAU9QAnia0uQcnuH/aodTQqspKUGN3Z04+lQHO +BDbjtDQRBAC9Vf1MkTKc8kSxfdfZ8Y88OJAr6gHsPUg0j1t8gPk0q2ijyrJuK84u +jzmLmbtFSITKFfcT2VSD1u4qa0iFqzSwnywtRGYKd0gq1eMhaDcp3SmaMTyrbPJ3 +sKFDd98nbTzvnA1tHgZCFI7VZO7HBGgvnd+370lNQsnGRBF/vUDObwCgllBimEp4 +tasu0WNvZYptjGy3ni0EAJLsL9W7jR64h6+nZNkdO1jRT45sW8mvyMOt1BkyRQVK +6G2Lut879t/upPCYK+/ohWaf3TkAKH1ucrBm9xHlPXJHZvoIA3brt/OuJmG7r8Ub +70N2vrZmdXas/w5ru7EBcKeii9pp8pi6mim8dXTPS1R/b7BqytB0dlO9zSl9j7no +A/9Y5UnQobM/qT1tiNhJEnUwlvvTB1UWId2UiUR3k/eNCxc7IdUytanqofXSxAu2 +jyDB5Ymv1od6bRCNM1JNWnOnqVoEd/u2csTAIkZ5fl/kE6HztqRGPB+H0n3Nb4MG +u2mpLq+OUNhTnLpEZsZGXqd21eFXkWkThxstrH+kYVYSrf8EAQMsrHk/oVe3Xf3i +4RPIB3bwsBoWGrA4kRK7mm5a6M/pBLavd6wy89rv/SYjOkRTQV9mYWN0b3I6AACv +ehBH0gU1mDQlnrZJH1j9rE7y0RQQ7f0mIzpEU0FfZmFjdG9yOgAAr0wMh+wQ/T3L +5WOeVMHnGH1mSba/DcX9JiM6RFNBX2ZhY3RvcjoAAK9nFbd0J8gWcTtZNckFwvKi +KKj15fB9tCtXaGlza3kgVGVzdCAoZGVtbyBrZXkpIDx3aGlza3lAZXhhbXBsZS5u +ZXQ+iFUEExECABUFAjbjtDQDCwoDAxUDAgMWAgECF4AACgkQ3vD3uOxn296iagCf +SizgYr94GzIrMWbc6H1ha7gFOX4An2oeiUql9DoXgvph82AUGtmv9TuRnQGlBDbj +tFYQBADPV+xDMQ8NzkqoJyO+lriAUrCNIBf1Kbc6U/IPAGOoED1YVPX4EB27u3K/ +EmRVd3clFS085Dau5rFIr3d/xXnLn++wqSgQq0Jc7LflMpIj0P209/oKt6MBovTA +Qn3lNpecmWd8oxiKoPP158Zgm7iLcOvRTcs+/p0KAzNvHIvQdwADBQP8CQS48V16 +lhWOSXV6u3JOukMeWBw6Tx+7M1CqyBihmR8ZNlF6FPBvVkX0NFVUH2qJn5yr6Pmx +QxSRnC3yCEyPBa48xqIditzynMbEIkNUrFZTE915rr0k9MrwzPGuLfaPtr/Miy4B +I0dnZ/5U4hoxPwDbp0aPUwRqb8+T9POTZs7/BAEDLKx5P6FXt1394uETyAd28LN6 +Abjx+ozpGMN36+SHvBm1QBbee0EWJ9LYnatmavOGPgEn7HZFbgk/QaUQiMRMNQIE +ykHjoKU1C5uWEDR+P/wuEYX0+pQ1UhUUZ8v+/wZjAC+X5WymJmjKW2l4LXfq0RpO +U3DedzHl5+zcuhfZN03MhxX4mcTHdGNSLqWzikj/1HWl3ohGBBgRAgAGBQI247RW +AAoJEN7w97jsZ9ve/yAAnROeKraABkL+JUAzQwMcNm+0JCezAJ0Uz6p+tN5wt6yw +yH09JfENI3F77ZUBzgQ247TcEQQArUqUbiVTMxJhp8bA4vMXAzCuLjys4A44DE+u +RFb9AGsZTmw/FTPETO7iU/3frlyYyTgIvI2zDF1SwHXG06KF3yIu8LF6OCM0N0k7 +KnKpw8M2tkPiT+D8ANrHU5d178evzm40PyNDyKxSGNlIG1N4MIKFtNdMlahLvu91 +kG04WesAoLPa5zISvsX+Ew95M1o4Qti8iYHbA/4wr+eYRywP35eb/F5V9bOLWhWm +EDzw4KHXQ7V+OJ7JD5n44S5KLPKwIogohDlPmrxDTAJ/YAukApUItd30kr0Uq34Q +gFktAsqgCP7C5KEM1TTxU25Tcs4ojUHoDyMj14ECuiTCP0ZFRKUivopgjgRhFTKX +VVWTySkQ0g9SDaITSgP/a0FyXMQUYJjuB7GA6r4U6QnIHsxS5xrQgkshb4tp2MVW +MhqlhsfOLaj1WZ+oe0DxKw0O3YKTH/EAzmNelKcMbtTcilLaIdI5l+Ylam/bZe7Q +vbN2s72Kn2PZjtYqO3Uzqw14bqAJRl0ekleMdZRMMzAsour+iNVPHnlodXnQ2gz/ +BAED36GMDF6APjbzsvUK+yk64h67FO9lD4i0FiXAE3DtfiBKzYh3jEV1uv0mIzpE +U0FfZmFjdG9yOgAAr3nDQWlricc0AeWTgJNI54Z91WZHkBP9JiM6RFNBX2ZhY3Rv +cjoAAK9OjHQxUQz8Wnpik8iZguVXD27lXLi9/SYjOkRTQV9mYWN0b3I6AACvX6xO +WYl810CKCu/QJGFZWsNhMV3iibQnWFJheSBUZXN0IChkZW1vIGtleSkgPHhyYXlA +ZXhhbXBsZS5uZXQ+iFUEExECABUFAjbjtNwDCwoDAxUDAgMWAgECF4AACgkQiXmm +xVZ/s0q3TwCgnrUiygc8NmP/EDsgHOweLy5+oMUAoJCz7S9Q/1f2X7xXU9Xs2xka +KazvnQGlBDbjtQUQBADG4aUG+qgOTGEgOAVnN0ck76AnKb3jOBIYeQGYEgF/lDYb +Y7fOQ3tIgQ0jXrKD1zHLvORNsG708yDNR79S5Ci/1nphcrNOPWMujOsZ2WMo5xbl +hG+WJujt4pcNSRK9P5fonUE4hV7GXTljg1yZ/ui00Ot7b1B8ryAYE79t1B3svwAE +CwP9Hg2r8lBq/j/t3kRO4xl108DFXiQKdj7sXugmAcMomF4nG3j2s219dLEFlSwn +0/peGvjp8JFPfcMPU/xHJSaZLf90mXsf+pHcDWujHgVA9YC6ThYaGx9Je+VmcVYo +mELxNnMWKyOJePDU4ViIXhMCvGP0Pt39wcQoiLjeu15+l/7/BAED36GMDF6APjbz +svUK+yk64h3k1cEq5Vaa4ZpvzNmxRxEEMST+XLJ7leRFzngFM7CJLENe3+ZTqaS7 +d9/a0p9ocVwP2NHOBTLSUiKi8PacU3qtr5A79M2AtUrlnwJca4opneBLJgNGJLyR +Gsv6WEWrPZ1PhR7v6SkUfj8jQ/Tzb1lj6DpOApZFH9fHv5btLU+JITTR+ohGBBgR +AgAGBQI247UFAAoJEIl5psVWf7NK7JAAnRosvXTK0JTDng87kaiXLAT3t2H8AJ95 +wwtp1x0eP4rcO45yUsgGIoWoU5UBzgQ247VREQQA3VAGc4T+vuvVXcka4ETaLaLl +L1xOiPIdJMWRWWQ60CZqWXDVpFBw6oG2AyfUZiHhLlmTZssz8UhXLw/URsPSpiGb +tpGWKiLs4OCqjslN0lHzcnGqxGWCZJixMgZa5DcWZJjwqdXEbDChgm4ULP/7+iKv +IenTQNhFoCXr9MtdoHMAoLpNCmSKlTu1H5GlWmYTK9AndWrfA/47ip0VYgzIvUhI +0iWcG95sNfshApzPL6zPgKBqACogs/5/DfRn9g07BcuMihLJD0PLNPVnOXqQRaN4 +Da7jLuJA53XtLgpogxG08M6XUimTucfcovu29/bgjZIKA5c8KJ2lzXSJ9jZxSoy+ +O051f7yhXbUmYC1vdNr8GBk69QKy/wQAiHMfU3cbCfTTMmig+zBHCkHjqzqr/zKt +R8RT5AwSOIU2aUIiHdV08apCelBw8PbEf077TuWCq2YyDZJmgWRYh5cdaMgdAd7u +l1FS1yHPZYshcofWjgXUJHR4I8iPCs5OmdHo2HK3uU2OM36ZQGSpFA5WN1NEm9Gt +MSBoYKN2ERD/BAEDE+RZ21hlj9nFUQKkDf2E3ET88XB3l0M1bCxCv2UAfGp+pESW +bFZsBv0mIzpEU0FfZmFjdG9yOgAAr1wtpFPolwbaQUa/5Qmzo2/e2AAZMSX9JiM6 +RFNBX2ZhY3RvcjoAAK9Sfv2nvtEYMQvNNDd0DvnBNBoxlAS5/SYjOkRTQV9mYWN0 +b3I6AACvZ5hJ+Tl0FtvDC+JX0swooQzPDGNCObQrWWFua2VlIFRlc3QgKGRlbW8g +a2V5KSA8eWFua2VlQGV4YW1wbGUubmV0PohVBBMRAgAVBQI247VSAwsKAwMVAwID +FgIBAheAAAoJEJ7vNM1LEbJfV7EAoJAAKzgeRH40g+m1xX5ZfP6QnCcoAKCbTZMS +o0H79g6Zn2wZbdEVGwmj+p0BpQQ247VnEAQAmuK5RcS0zTyXp6SjW2+WeQIpJnJD +flL0+iBe//3SADv01qUmw3jWMAuxG+CcCApksl122V9npEHiLC4Q2A69roLRsbxK +BPebustfadLJoVYqPsvjnrBlafe5GcrFPnKbE0wV6ZXx/Tp/eSDiQlid4lWz5J+z +/mN7KhHANzoRAbsAAwYEAJO5fkCSdNwkisFXzeKslWxm9Yoe1TOouiSV11hex0j9 +4Hpz5wGWEXF7z+FbDq+4V0UqGkKxaERsl6HMWNkImj57N/9h1C1YDfiKTimg5tZp +KmehXtldpWGCNDZrE0RasrFCKENVhFMhpc4kAnx6rbA0+LhRvJkvkdxY7pKU//aZ +/wQBAxPkWdtYZY/ZxVECpA39hNxHnMEofjVNfhE0JAv3KTJRZHOCbzCkO+DxKgcS +IsZVSJizzudmVLYbQWMKc0ykAvbJot4k6PgNiWwUyY8HxQs0F+5YYtQkMs8VdIQN +ez+5E2RCoB+VflUVq4qhWUxXB737maUEsSc220yeEj04n59OlPILb+A/XvwoCE/F ++kCQdlS7BA2IRgQYEQIABgUCNuO1ZwAKCRCe7zTNSxGyX/RcAJ9X3N2PPlX0KeNx +UHefqmpPYDF6GgCfZmyC/OlrmmSulJ6NAHxiQNT4D/aVAc4ENuO1yxEEAIEMk4Zf +0L/HEJVk0/o4fPpwvm8zc+KZQCFX70cBVU9BWJOcUquRg9JDJF9bOM5TxE7VOnkI +fPvjug5vqP0/vjIfW7LvzIWDhS6FcFaKeG4IoqrgghbAmQIoEWvVTx+7xrpjo1yO +qIMDQqYZEmsw+Zd6deQmkUYcbvytS82L0gx/AKC6DM0guH/ddkJlT4FQ9h5cv6dQ +AQQAgNdmGPW8VceCL2WaKMoOMmhwQGhqY3+1pDLo7HVFEPoe18A9jlMRHWfvGb2E +zMT46/Ugqkf8TzvZGFrWq7W/t45rp5O41YXQ2+ZJH3nl+t5Gw25Hwk0hvpK0jYRH +2nMFR+PKQL2mDbA94LvClAkgX1MX4lrUG8bYj6FrbEnvzoAD+wcRS8A6xznxhs+V +sg/KnYl0Qe9dNFPY0hJVG5MxCyDy9X32cxhHYJSHbvS4/LLbFloP+Rhwn3/WeBjs +L2lts1ahXvQ+QQw7+qPrs4hWJZU/NSEh1RGitukaG5zegHNTE6CJqXshshI9Ei0O +CDahmhjiGrJA3HwKPZlkDMOkza8K/wQBA3GTFCmP28PloZW7fHe9ipQH0TkH+yp2 +IXXRWNHjhcbOrwkv7+jedHX9JiM6RFNBX2ZhY3RvcjoAAK9nd2gdDGXr+aS4H9RN +o21VL8OsKJBj/SYjOkRTQV9mYWN0b3I6AACvXT7TUKyg8va6X0RToEWg4+feDJFE +n/0mIzpEU0FfZmFjdG9yOgAAr0s/BxXRDWjjCqZNI5VKmGD3EQ2CCWO0J1p1bHUg +VGVzdCAoZGVtbyBrZXkpIDx6dWx1QGV4YW1wbGUubmV0PohVBBMRAgAVBQI247XL +AwsKAwMVAwIDFgIBAheAAAoJEGvEd4BUrNJGQOsAnjgUjTj9/yeCyzBgwu2Fs1Z2 +HB9aAKCYdUx3OscN3QmqVVre3pwZY5GmSJ0BpQQ247XyEAQAzHzwwUKDM7+djJo2 +/EnWmCijc6g3fStaGNoXDEovi3B2oPiiRTsigX90qB5nFP7whDfi8k4JY2Eig5hH ++MGdvni36hYEnQSadsZueYofvQh14N3V8fUmx4hiQiMXyWiLJzc91ZiRjww4wZWn +/4Y5f+0mb0fjCaVSxTxo4+7joU8AAwUD/0oL9Gm3gl1XVV8BhJoXVdFQ6PN9yEEX +UbtcrfkC51kTBk2NaEGqbB+kC8GEmXwyZcW7AQN7X6ikraUUm3RjTU7CvkSHobBn +XYt7FhqZURpuV7eSqZGP5nP7SxWmCTTKgIH1kHCpWRwaexKFjIIkYgyVFqtEx9cE +Q6D2kXPh+Rna/wQBA3GTFCmP28PloZW7fHe9ipQEjson+R8J0cZFxO8B2k6Fas1C +pLvP8P0NdTIyitaiBUatIGDI8N22I6mqelpWZpTKZZymrDKe0n8h+rTNqb0uIt8F +R+6/1qFnL1k3E/+QxqS7VGkRz6xnT+la7OVrexXz18ynbpvzJMPe2SAPyqY+RSzW +wf5Z/bgM+A/ftNFfEencn7KIRgQYEQIABgUCNuO18gAKCRBrxHeAVKzSRn1jAJsF +3zuwZ09o7T0yZNm4zWcRGZvteACgroLrVdUuNxbdEllH4BbcvFB06zA= +=P9+G +-----END PGP PRIVATE KEY BLOCK----- diff --git a/tests/openpgp/secring.asc b/tests/openpgp/secring.asc new file mode 100644 index 000000000..99e02ca6f --- /dev/null +++ b/tests/openpgp/secring.asc @@ -0,0 +1,73 @@ +This is a test secret keyring simply stored by GNUPG so that it is +easier to make diff files. + +sec 1024D/D74C5F22 2003-12-31 Test one (pp=def) <one@example.com> +ssb 1024g/47BE2775 2003-12-31 + +sec 1024D/C40FDECF 2003-12-31 Test two (no pp) <two@example.com> +ssb 1024g/B27907AA 2003-12-31 + +sec 1024R/ECABF51D 2003-12-31 Test three (no pp) <three@example.com> + +-----BEGIN PGP PRIVATE KEY BLOCK----- +Version: GnuPG v1.3.5-cvs (GNU/Linux) + +lQHhBD/yNQgRBAC/KSfe6uVfDgA3BrGpNLhVxT/ytwXMpBI8pEdTiY0jWnYrb/Yu +8wtCeZ9GAux/ZA/ted+7pdibHXfX5PzDfgUTZwrIJa57OUpWwI878AzZxNsnVv1I +P6ufGyESKME4PUQO5heKhwAb0gQwFwArS3v4oeYrEljhJ79kpt319JEAEwCg+hTk +nylYwYGT/PEVQ4JlLPoWmqUEAJn1HX1Od5tyoK4OEAM5G+wHz3SBj4FMonZNWs1I +t03JKHoM5ulQ2FgEWmBVIPTKSDm/jQXPYApz5DpxpoGYbTCaEo6zfE32AEzoXDmG +AZE90Xhq/wcEN+JcHpHytAA/n+hYaR3sYegQ52mWMR+vdd99KO0V0jLRcckgBA7Z +2jlFA/98cyy2nYt0QI5Tf+t/d4WBeib2yNWVtZH/j7XpDqHLZDgVAYkazCA6ZF7B +vLddBEqVAh1X5tqua4AXX9L4SGYb7B0LRV72alhYiWWHez126KjVgwRTUxtEJ4En +HmYJRReLlXosPIRhXSz7HFAqalPXJ0DvC9kzTQnnjPOylyMPTf4CAwJkfa7fzYfs +BWBdwH11VHPRv4hkbVaS7Vw6TTmc9D+ZEFv6pw+gTLldIfEZU3+24eoVkMjdwGF2 +dXN/V7QjVGVzdCBvbmUgKHBwPWRlZikgPG9uZUBleGFtcGxlLmNvbT6IWgQTEQIA +GgUCP/I1CAIbAwILAgMVAgMDFgIBAh4BAheAAAoJEA73cJbXTF8iUO4AnA8wHb3e +rMrfWV3ij0d/cEiSJAYFAJ9fcbShgTXDN1dIVZvLSW5E93TfC50BVwQ/8jUNEAQA +6AJLWnjvNx15zRS9ULSmF7BqUdRTp/ua6VavSPRljVFTQg4/XwcB5Psg1zA9xRpS +8L0ph6deZhu87WLuw01QI6wpRqbCD6hI0xxszcDA3DGWCBPIlLU3pbMhfsyNEtSV +Sq1stGE8MaUKW23rJ4CNLSllPrjpMA1oEOJEiCT3gAMAAwUD/0aHZfVLL7gin9G0 +wkM9k5j5jqxZQ3s6IzYGR1SYIs6Zo5V+CuwR68p1IEGPShVY3zVTTaLuNDOGEAje +1kwUmY/+GUXsCVLkdJouPb63WccAorLvRCGyQg1HjUIK/2wcBzmA3Vatjk0Ol4jX +YaaqxYw9BU9QexNN7RCxPpdsfO8L/gIDAmR9rt/Nh+wFYEvXzcetbmRUtlnyX2e0 +2F35hsF4RxXrHAYepLiQbk+oWnYH8mWL5IED80PzjUifsIxDH9AWHUBvD+4NjxWI +SQQYEQIACQUCP/I1DQIbDAAKCRAO93CW10xfInB4AKDKD5BulHRXb04ynP6YWel6 +I2g3fQCgqJEJLoUNcIF3tp2jF2jBr80WmM2VAbsEP/JSaxEEAKxxqlg9Kz9DZ/3N +52BC0w+JtYKke39vpdWVDHR3MHmMJ/31Y2iSpm0fvRs3h1j9/fBVmLOZglNQyH62 +SxdJyZwCelkZzfUy/qLm9Qaqi7wpg0p4EbmWdoFF/A1Zg/MU7D5w5xu+EA1J77Z6 +QyALN9rIOXZ7rLLa64lw/MV4LdIPAKC449htJbbp5rkJHvBDs4YxEIkk5wP/X4hP +GlIw5PlHrsG7hdahhTudV5hRGlvosnwsrYJXvKAQLAV1EV26SIYUH5pM/ycXrG25 +dqVoG56uQqnhBdUqo4iSnsxY3ZMA46D14REc9P//CGvJ/j2Z41gw8u8oB7rS50dj +voaWb5myj7bhacTBdfah3U8dVXcIi1ZFvtiaGAYD+gIF7eNIdpaYiB0427un4ggc +26+Y9nkF93DaMnZEaYSeum6g/g7D1vwINFgQkMYEWi4DK3W+uH0E/n8o20wS2wvM +rbeYaQm5v6ucd001wwFDY6AdwpwP7UCLQcu6qqvwNHdxWYK6+gIsSufLmeMGrsvC +0WQqYeu1GfGpHIMCZJlZAACff9jWuNkBIYwr0gZvXL9kMpPTORMJ4LQiVGVzdCB0 +d28gKG5vIHBwKSA8dHdvQGV4YW1wbGUuY29tPohfBBMRAgAfBQI/8lJrAhsDBwsJ +CAcDAgEDFQIDAxYCAQIeAQIXgAAKCRCXPVDhxA/ez4BDAJ9sPyWbgc4424/Rt291 +voaJYdMdFwCdFAxAg7wN6d8qoZKEWJZUiopPvzGdATEEP/JSbxAEAMzYsfnax02A +jMUvDYlGTaVUxp1n8zI8QqlcmWLfQhJuwOCXH0m4EVKaairp8K3rg5pjRhXNVvpU +9aC37yWg4v6EP6Lm4CHKtBGeYDlMnWo/etT1d5bTZmmlEmbCeo0cWmtBQdXIMehF +QfPIEeiQeJgDOClfgrf3/UMz79kzEvKrAAMGA/43c6bZ7IidduMk1uXsIb1FaZgx +rk/QrgN4IFuuW4zoX62r1+a3xzAlyz1zDVxYKQNNdr4IVcLp/3pJI+/68WqWZpRN +vGKUg4/D8J/5ZKjQI8uOujMvsFHqAoIO5hIP++YrNqICs8dS+dp2suwRpn0uNeZu +wQY1h7IlAOikbRV7dQAA92kVxs7SWBQ/iTexM19Ih/AEK3xjAFOY+TlruFMjjLYO +TohJBBgRAgAJBQI/8lJvAhsMAAoJEJc9UOHED97PLL4An2KG78IRsthGnHJOtnQP +QrYoxb27AJ41qvZyQw0V5ClIAtEtd+JqUnxHmJUB1gQ/8lO9AQQAqFJWduzk11/m +0Ac/K/mab0kzzr3UUor1bkxh4vcxJHOTZF3a9Y6t1WUpwlOXeCNkY98tRYUg6A40 +wFgkKz/4jdOaiDtHW2bOqrvJmJ/wH/5zdmDpthu53JEgXUKP/+j2dfrvYTZYxy2m +11DA68QK9iPSBmksglFMQE2IJatwEAEACQEBAAP4vKABRIX7dtUOm2y6VyGsESE5 +D4YI1AhL0EWodt84EPEUvC1o61UuYbAe28JIHwjIKDLgDiedZ6hTBV3K5cI1aFHL +421hDE0qtD+mVZhcRGnR2RHhr9gX6qX+4P8mV0w1nhdShwUhlFO1GuwQ2/dWKwYd +XGbDW7P58LIiudGWuQIAwzxYBjmWvVl1Kqvf2s2qe0tmqhdU7g2Jt3lPDej/ckxU +n/ESozKSu517zueU8IAkw+Vf2CM/UHntSZHE3yYY2QIA3LWUXwDxr0OL1MMRuLrK +PZ2wrRZRmGU0IDDx3zBX5VMsR/WNMwPLo8iimBT2F7ez3umPqqrugRtJj6ryF3t3 +aQH+Kfst9psjWkmpBrEO99j4Gq6orYHnzd4fSnnOJEv4/ObdXrGBGwvV5RZblXCF +A2kB3ShaYowpengtqBVzpD0cCZ6ntCZUZXN0IHRocmVlIChubyBwcCkgPHRocmVl +QGV4YW1wbGUuY29tPoi1BBMBAgAfBQI/8lO9AhsDBwsJCAcDAgEDFQIDAxYCAQIe +AQIXgAAKCRDRILYm7Kv1HWpDA/9sINfVYaTW7TOQolYn9Vee4feOTpl6+S4dkgLC +OWoDG/V17k/cl7Jr/iQ+YRBOi0S/fFwMBn72kEvdOtmiUAqHGQFnTyXhBLLvqTJ/ +yEHR6hnZK+zsusY8EmvoIdfSTIOJqkeACEEpCr0aE0qkgBm4voMrZ05pAO2hFJba +IHWHiQ== +=52aT +-----END PGP PRIVATE KEY BLOCK----- diff --git a/tests/openpgp/secring.skr.asc b/tests/openpgp/secring.skr.asc new file mode 100644 index 000000000..0081b59c1 --- /dev/null +++ b/tests/openpgp/secring.skr.asc @@ -0,0 +1,27 @@ +This is a test secring generated by pgp 5 beta + +Type Bits KeyID Created Expires Algorithm Use +sec+ 768 439F02CA 1998-03-17 ---------- DSS Sign and Encrypt +sub 768 CB879DE9 1998-03-17 ---------- Diffie-Hellman +uid pgp5 test <pgp5@dev.null> + +There is no password on the key + +-----BEGIN PGP ARMORED FILE----- +Version: GNUPG v0.2.13a (Linux) +Comment: This is an alpha version! +Comment: Use "gpgm --dearmor" for unpacking + +lQFbBDUOrE4RAwDbbxWAbWsheUJprK6VryMTpwDiYwMfL+92nrHqSfPqlpMWgDTia8qnpRSXbyEm +Sppp/6/Ygp+N3n32Kznq7PjHXiuWLlZGvZMtzmvaMA17y0GY6oLBxS7rhASXIKa9hEUAoP+KBFly +qNMdsK8j+ZO0A8rnImGrAwC1ddDme5iZFkTEWHhrtU97sEu2GDkSQB8HdX8CoRcrOz/B2WliF6qf +BKhcZPFVBIhKNzjTfY7SEYAZk2zcsCm8elnwSLaGEzxKFNFBqKDNXP+a35spcqsHSGzDVw4VuKMD +AJNnAP6skpHlhVAmecLZT9eRzVoOq1ivUIntK2Mh47qsL74q6BBwz2sviPU2Y3pDlbb6Ed0qJAXv +dCT24hlfoGoXzkoDInkPJTJeL0gCnwmQPjvXFFd71Cvg5LaL4lIQLQAAn3GbgsWo+7E/hWakzstp +TXzI2kDIDIm0GXBncDUgdGVzdCA8cGdwNUBkZXYubnVsbD6dAO8ENQ6sVhADAP8Fa5TbD6k8VmW1 +IjK1DfDI0xUdsVIbk8N3Hb0YIlT1E/6tZdfiNwqaKVQcf17gJIObBwfNM3OqWYOudmBVd3S6E3Hk +u64nW+ZNt7B2toWRgnk6OgHcSDsud4Igjwz/RQACAgL/ToefzlcVKiPuobKfXHDhIUQPTfGic2Az +47wkMoYHo9j9ZE7AWaliMdPz4jLyLfqqoU9mH8g+vJhyAc7UnAF2Sk5466FDypdPm5F9PTW3cqqI +wJM4WgkSlM8J2hxH4YtlAADlG+pxFXNFuDPmcq6jL6dug2ikZ7hcHLAy7DddSS8OAA== +=1UWo +-----END PGP ARMORED FILE----- diff --git a/tests/openpgp/signdemokey b/tests/openpgp/signdemokey new file mode 100755 index 000000000..9a1257cc4 --- /dev/null +++ b/tests/openpgp/signdemokey @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e + +if [ $# != 3 ]; then + echo "Usage: signdemokey name user_id user_id_no" + exit 1 +fi +name="$1" +user_id="$2" +user_id_no="$3" + +echo "abc" | ../g10/gpg2 --options ./gpg.conf --homedir $name \ + --sign-key --batch --yes --passphrase-fd 0 $user_id \ + $user_id_no sign save + diff --git a/tests/openpgp/signencrypt-dsa.test b/tests/openpgp/signencrypt-dsa.test new file mode 100755 index 000000000..41bf83164 --- /dev/null +++ b/tests/openpgp/signencrypt-dsa.test @@ -0,0 +1,22 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking signing and encryption for DSA +for i in $plain_files $data_files ; do + $GPG $dsa_keyrings --always-trust -se -o x --yes \ + -u "$dsa_usrname1" -r "$dsa_usrname2" $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" +done + +for da in ripemd160 sha1; do + for i in $plain_files; do + $GPG $dsa_keyrings --always-trust -se -o x --yes --digest-algo $da \ + -u "$dsa_usrname1" -r "$dsa_usrname2" $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" + # process only the first one + break + done +done diff --git a/tests/openpgp/signencrypt.test b/tests/openpgp/signencrypt.test new file mode 100755 index 000000000..1d05990fc --- /dev/null +++ b/tests/openpgp/signencrypt.test @@ -0,0 +1,13 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + + +#info Checking signing and encryption +for i in $plain_files $data_files ; do + echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust \ + -se -o x --yes -r "$usrname2" $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + diff --git a/tests/openpgp/sigs-dsa.test b/tests/openpgp/sigs-dsa.test new file mode 100755 index 000000000..2294cf55a --- /dev/null +++ b/tests/openpgp/sigs-dsa.test @@ -0,0 +1,22 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking DSA signatures (default digest algo) +for i in $plain_files $data_files; do + $GPG $dsa_keyrings -s -o x --yes -u $dsa_usrname1 $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" +done + +for da in ripemd160 sha1; do + for i in $plain_files; do + $GPG $dsa_keyrings --digest-algo $da \ + -s -o x --yes -u $dsa_usrname1 $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" + # process only the first one + break + done +done + diff --git a/tests/openpgp/sigs.test b/tests/openpgp/sigs.test new file mode 100755 index 000000000..2c3be5cf5 --- /dev/null +++ b/tests/openpgp/sigs.test @@ -0,0 +1,52 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +#info Checking signatures +for i in $plain_files $data_files; do + echo "$usrpass1" | $GPG --passphrase-fd 0 -s -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" +done + +# Using the DSA sig key - only 160 bit hashes +for da in ripemd160 sha1 ; do + for i in $plain_files; do + echo "$usrpass1" | $GPG --passphrase-fd 0 --digest-algo $da \ + -s -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" + # process only the first one + break + done +done + +# TODO: add the new SHAs here once we allow them to be used in new +# documents. + +if have_pubkey_algo "RSA"; then + # Using the RSA sig key - all hashes + hash_algo_list="ripemd160 sha1 md5" + if have_hash_algo "SHA224"; then + hash_algo_list="$hash_algo_list sha224" + fi + if have_hash_algo "SHA256"; then + hash_algo_list="$hash_algo_list sha256" + fi + if have_hash_algo "SHA384"; then + hash_algo_list="$hash_algo_list sha384" + fi + if have_hash_algo "SHA512"; then + hash_algo_list="$hash_algo_list sha512" + fi + + for da in $hash_algo_list ; do + for i in $plain_files; do + $GPG -u $usrname3 --digest-algo $da -s -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" + # process only the first one + break + done + done +fi diff --git a/tests/openpgp/verify.test b/tests/openpgp/verify.test new file mode 100755 index 000000000..e6a61fc1b --- /dev/null +++ b/tests/openpgp/verify.test @@ -0,0 +1,252 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +suspend_error + +# +# Two simple tests to check that verify fails for bad input data +# +info "checking bogus signature 1" +../../tools/mk-tdata --char 0x2d 64 >x +$GPG --verify x data-500 && error "no error code from verify" +info "checking bogus signature 2" +../../tools/mk-tdata --char 0xca 64 >x +$GPG --verify x data-500 && error "no error code from verify" + +linefeed + +# A variable to collect the test names +tests="" + +# A plain signed message created using +# echo abc | gpg --homedir . --passphrase-fd 0 -u Alpha -z0 -sa msg +tests="$tests msg_ols_asc" +msg_ols_asc='-----BEGIN PGP MESSAGE----- + +kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo +dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0 +aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBh +cmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRp +cmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVk +IG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQM +UlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0 +D8luT78c/1x45Q== +=a29i +-----END PGP MESSAGE-----' + +# A plain signed message created using +# echo abc | gpg --homedir . --passphrase-fd 0 -u Alpha -sa msg +tests="$tests msg_cols_asc" +msg_cols_asc='-----BEGIN PGP MESSAGE----- + +owGbwMvMwCSoW1RzPCOz3IRxLSN7EnNucboLT6Cgp0JJRmZeNpBMLFFIzMlRKMpM +zyjRBQtm5qUrFKTmF+SkKmTmgdQVKyTnl+aVFFUqJBalKhRnJmcrJOalcJVkFqWm +KOSnKSSlgrSU5OekQMzLL0rJzEsEKk9JTU7NK4EZBtKcBtRRWgAzlwtmbnlmSQbU +GJjxCmDj9RQUPNVzFZJTi0oSM/NyKhXy8kuAYk6lJSBxLlTF2NziqZCYq8elq+Cb +n1dSqRBQWZKRn8fVYc/MygAKBljYCDIFiTDMT+9seu836Q+bevyHTJ0dzPNuvCjn +ZpgrwX38z58rJsfYDhwOSS4SkN/d6vUAAA== +=s6sY +-----END PGP MESSAGE-----' + +# A PGP 2 style message. +tests="$tests msg_sl_asc" +msg_sl_asc='-----BEGIN PGP MESSAGE----- + +iD8DBQBEDFJaLXJ8x2hpdzQRAkeCAKCZRBk2Pmx4w9h2LgosS0AppNNaWwCgiI5M +yzgJpGTZtA/Jbk+/HP9ceOWtAQdiA21zZ0QMUlpJIHRoaW5rIHRoYXQgYWxsIHJp +Z2h0LXRoaW5raW5nIHBlb3BsZSBpbiB0aGlzIGNvdW50cnkgYXJlIHNpY2sgYW5k +CnRpcmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBvcmRpbmFyeSBkZWNlbnQgcGVvcGxl +IGFyZSBmZWQgdXAgaW4gdGhpcwpjb3VudHJ5IHdpdGggYmVpbmcgc2ljayBhbmQg +dGlyZWQuICBJJ20gY2VydGFpbmx5IG5vdC4gIEJ1dCBJJ20Kc2ljayBhbmQgdGly +ZWQgb2YgYmVpbmcgdG9sZCB0aGF0IEkgYW0uCi0gTW9udHkgUHl0aG9uCg== +=0ukK +-----END PGP MESSAGE-----' + +# An OpenPGP message lacking the onepass packet. We used to accept +# such messages but now consider them invalid. +tests="$tests bad_ls_asc" +bad_ls_asc='-----BEGIN PGP MESSAGE----- + +rQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdodC10aGlua2luZyBwZW9w +bGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0aXJlZCBvZiBiZWluZyB0 +b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBhcmUgZmVkIHVwIGluIHRo +aXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRpcmVkLiAgSSdtIGNlcnRh +aW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVkIG9mIGJlaW5nIHRvbGQg +dGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQMUlotcnzHaGl3NBECR4IA +oJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0D8luT78c/1x45Q== +=Mpiu +-----END PGP MESSAGE-----' + + +# A signed message prefixed with an unsigned literal packet. +# (fols = faked-literal-data, one-pass, literal-data, signature) +# This should throw an error because running gpg to extract the +# signed data will return both literal data packets +tests="$tests bad_fols_asc" +bad_fols_asc='-----BEGIN PGP MESSAGE----- + +rF1iDG1zZy51bnNpZ25lZEQMY0x0aW1lc2hhcmluZywgbjoKCUFuIGFjY2VzcyBt +ZXRob2Qgd2hlcmVieSBvbmUgY29tcHV0ZXIgYWJ1c2VzIG1hbnkgcGVvcGxlLgqQ +DQMAAhEtcnzHaGl3NAGtAQdiA21zZ0QMUlpJIHRoaW5rIHRoYXQgYWxsIHJpZ2h0 +LXRoaW5raW5nIHBlb3BsZSBpbiB0aGlzIGNvdW50cnkgYXJlIHNpY2sgYW5kCnRp +cmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBvcmRpbmFyeSBkZWNlbnQgcGVvcGxlIGFy +ZSBmZWQgdXAgaW4gdGhpcwpjb3VudHJ5IHdpdGggYmVpbmcgc2ljayBhbmQgdGly +ZWQuICBJJ20gY2VydGFpbmx5IG5vdC4gIEJ1dCBJJ20Kc2ljayBhbmQgdGlyZWQg +b2YgYmVpbmcgdG9sZCB0aGF0IEkgYW0uCi0gTW9udHkgUHl0aG9uCog/AwUARAxS +Wi1yfMdoaXc0EQJHggCgmUQZNj5seMPYdi4KLEtAKaTTWlsAoIiOTMs4CaRk2bQP +yW5Pvxz/XHjl +=UNM4 +-----END PGP MESSAGE-----' + +# A signed message suffixed with an unsigned literal packet. +# (fols = faked-literal-data, one-pass, literal-data, signature) +# This should throw an error because running gpg to extract the +# signed data will return both literal data packets +tests="$tests bad_olsf_asc" +bad_olsf_asc='-----BEGIN PGP MESSAGE----- + +kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo +dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0 +aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBh +cmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRp +cmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVk +IG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQM +UlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0 +D8luT78c/1x45axdYgxtc2cudW5zaWduZWREDGNMdGltZXNoYXJpbmcsIG46CglB +biBhY2Nlc3MgbWV0aG9kIHdoZXJlYnkgb25lIGNvbXB1dGVyIGFidXNlcyBtYW55 +IHBlb3BsZS4K +=3gnG +-----END PGP MESSAGE-----' + + +# Two standard signed messages in a row +tests="$tests msg_olsols_asc_multisig" +msg_olsols_asc_multisig='-----BEGIN PGP MESSAGE----- + +kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo +dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0 +aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBh +cmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRp +cmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVk +IG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQM +UlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0 +D8luT78c/1x45ZANAwACES1yfMdoaXc0Aa0BB2IDbXNnRAxSWkkgdGhpbmsgdGhh +dCBhbGwgcmlnaHQtdGhpbmtpbmcgcGVvcGxlIGluIHRoaXMgY291bnRyeSBhcmUg +c2ljayBhbmQKdGlyZWQgb2YgYmVpbmcgdG9sZCB0aGF0IG9yZGluYXJ5IGRlY2Vu +dCBwZW9wbGUgYXJlIGZlZCB1cCBpbiB0aGlzCmNvdW50cnkgd2l0aCBiZWluZyBz +aWNrIGFuZCB0aXJlZC4gIEknbSBjZXJ0YWlubHkgbm90LiAgQnV0IEknbQpzaWNr +IGFuZCB0aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgSSBhbS4KLSBNb250eSBQeXRo +b24KiD8DBQBEDFJaLXJ8x2hpdzQRAkeCAKCZRBk2Pmx4w9h2LgosS0AppNNaWwCg +iI5MyzgJpGTZtA/Jbk+/HP9ceOU= +=8nLN +-----END PGP MESSAGE-----' + +# A standard message with two signatures (actually the same signature +# duplicated). +tests="$tests msg_oolss_asc" +msg_oolss_asc='-----BEGIN PGP MESSAGE----- + +kA0DAAIRLXJ8x2hpdzQBkA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGlu +ayB0aGF0IGFsbCByaWdodC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5 +IGFyZSBzaWNrIGFuZAp0aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkg +ZGVjZW50IHBlb3BsZSBhcmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJl +aW5nIHNpY2sgYW5kIHRpcmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdt +CnNpY2sgYW5kIHRpcmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5 +IFB5dGhvbgqIPwMFAEQMUlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk +01pbAKCIjkzLOAmkZNm0D8luT78c/1x45Yg/AwUARAxSWi1yfMdoaXc0EQJHggCg +mUQZNj5seMPYdi4KLEtAKaTTWlsAoIiOTMs4CaRk2bQPyW5Pvxz/XHjl +=KVw5 +-----END PGP MESSAGE-----' + +# A standard message with two one-pass packet but only one signature +# packet +tests="$tests bad_ools_asc" +bad_ools_asc='-----BEGIN PGP MESSAGE----- + +kA0DAAIRLXJ8x2hpdzQBkA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGlu +ayB0aGF0IGFsbCByaWdodC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5 +IGFyZSBzaWNrIGFuZAp0aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkg +ZGVjZW50IHBlb3BsZSBhcmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJl +aW5nIHNpY2sgYW5kIHRpcmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdt +CnNpY2sgYW5kIHRpcmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5 +IFB5dGhvbgqIPwMFAEQMUlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk +01pbAKCIjkzLOAmkZNm0D8luT78c/1x45Q== +=1/ix +-----END PGP MESSAGE-----' + +# Standard cleartext signature +tests="$tests msg_cls_asc" +msg_cls_asc=`cat <<EOF +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +I think that all right-thinking people in this country are sick and +tired of being told that ordinary decent people are fed up in this +country with being sick and tired. I'm certainly not. But I'm +sick and tired of being told that I am. +- - Monty Python +-----BEGIN PGP SIGNATURE----- + +iD8DBQFEDVp1LXJ8x2hpdzQRAplUAKCMfpG3GPw/TLN52tosgXP5lNECkwCfQhAa +emmev7IuQjWYrGF9Lxj+zj8= +=qJsY +-----END PGP SIGNATURE----- +EOF +` + +# Cleartext signature with two signatures +tests="$tests msg_clss_asc" +msg_clss_asc=`cat <<EOF +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +What is the difference between a Turing machine and the modern computer? +It's the same as that between Hillary's ascent of Everest and the +establishment of a Hilton on its peak. +-----BEGIN PGP SIGNATURE----- + +iD8DBQFEDVz6LXJ8x2hpdzQRAtkGAKCeMhNbHnh339fpjNj9owsYcC4zBwCfYO5l +2u+KEfXX0FKyk8SMzLjZ536IPwMFAUQNXPr+GAsdqeOwshEC2QYAoPOWAiQm0EF/ +FWIAQUplk7JWbyRKAJ92ZJyJpWfzb0yc1s7MY65r2qEHrg== +=1Xvv +-----END PGP SIGNATURE----- +EOF +` + +# Two clear text signatures in a row +tests="$tests msg_clsclss_asc" +msg_clsclss_asc="${msg_cls_asc} +${msg_clss_asc}" + + +# Fixme: We need more tests with manipulated cleartext signatures. + + +# +# Now run the tests. +# +for i in $tests ; do + info "checking: $i" + eval "(IFS=; echo \"\$$i\")" >x + case "$i" in + msg_*_asc) + $GPG --verify x || error "verify of $i failed" + ;; + msg_*_asc_multisig) + $GPG --verify --allow-multisig-verification x \ + || error "verify of $i failed" + $GPG --verify x && error "verify of $i succeeded but should not" + ;; + bad_*_asc) + $GPG --verify x && error "verify of $i succeeded but should not" + ;; + *) + error "No handler for test case $i" + ;; + esac + linefeed +done + + +resume_error diff --git a/tests/openpgp/version.test b/tests/openpgp/version.test new file mode 100755 index 000000000..f1fd7284f --- /dev/null +++ b/tests/openpgp/version.test @@ -0,0 +1,9 @@ +#!/bin/sh + +. $srcdir/defs.inc || exit 3 + +# print the GPG version +$GPG --version + +#fixme: check that the output is correct + diff --git a/tools/ChangeLog b/tools/ChangeLog index 25ffae5d2..af5925aa1 100644 --- a/tools/ChangeLog +++ b/tools/ChangeLog @@ -1,3 +1,9 @@ +2006-08-21 Werner Koch <wk@g10code.com> + + * gpgsplit.c: New. Taken from 1.4. Adjusted to GnuPG2. + + * Makefile.am (noinst_PROGRAMS): New. + 2006-06-09 Marcus Brinkmann <marcus@g10code.de> * Makefile.am (gpgconf_LDADD): Add $(GPG_ERROR_LIBS). diff --git a/tools/Makefile.am b/tools/Makefile.am index 6b4767a79..702bd5187 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -18,8 +18,11 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, # USA. -EXTRA_DIST = Manifest watchgnupg.c \ - addgnupghome gpgsm-gencert.sh +EXTRA_DIST = \ + Manifest watchgnupg.c \ + addgnupghome gpgsm-gencert.sh \ + lspgpot mail-signed-keys convert-from-106 + AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/intl -I$(top_srcdir)/common include $(top_srcdir)/am/cmacros.am @@ -29,6 +32,9 @@ AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) $(LIBASSUAN_CFLAGS) sbin_SCRIPTS = addgnupghome bin_SCRIPTS = gpgsm-gencert.sh +if HAVE_USTAR +bin_SCRIPTS += gpg-zip +endif if BUILD_SYMCRYPTRUN symcryptrun = symcryptrun @@ -36,17 +42,24 @@ else symcryptrun = endif -bin_PROGRAMS = gpgconf gpg-connect-agent gpgkey2ssh ${symcryptrun} gpgparsemail +bin_PROGRAMS = gpgconf gpg-connect-agent gpgkey2ssh ${symcryptrun} \ + gpgparsemail gpgsplit if !HAVE_W32_SYSTEM bin_PROGRAMS += watchgnupg endif +noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert + +common_libs = ../jnlib/libjnlib.a ../common/libcommon.a ../gl/libgnu.a + +gpgsplit_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(ZLIBS) + gpgconf_SOURCES = gpgconf.c gpgconf.h gpgconf-comp.c no-libgcrypt.c # jnlib/common sucks in gpg-error, will they, nil they (some compilers # do not eliminate the supposed-to-be-unused-inline-functions). gpgconf_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \ - ../gl/libgnu.a @LIBINTL@ $(GPG_ERROR_LIBS) + ../gl/libgnu.a $(LIBINTL) $(GPG_ERROR_LIBS) gpgparsemail_SOURCES = gpgparsemail.c rfc822parse.c rfc822parse.h gpgparsemail_LDADD = @@ -71,3 +84,5 @@ gpgkey2ssh_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) # some compilers do not eliminate. gpgkey2ssh_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a ../gl/libgnu.a \ $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) + + diff --git a/tools/clean-sat.c b/tools/clean-sat.c new file mode 100644 index 000000000..8b6bfd77a --- /dev/null +++ b/tools/clean-sat.c @@ -0,0 +1,34 @@ +/* clean-sat.c + * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. + * + * This file is free software; as a special exception the author gives + * unlimited permission to copy and/or distribute it, with or without + * modifications, as long as this notice is preserved. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include <stdio.h> + +int +main(int argc, char **argv) +{ + int c; + + if( argc > 1 ) { + fprintf(stderr, "no arguments, please\n"); + return 1; + } + + while( (c=getchar()) == '\n' ) + ; + while( c != EOF ) { + putchar(c); + c = getchar(); + } + + return 0; +} + diff --git a/tools/convert-from-106 b/tools/convert-from-106 new file mode 100755 index 000000000..634152b11 --- /dev/null +++ b/tools/convert-from-106 @@ -0,0 +1,57 @@ +#!/bin/sh +# Copyright (C) 2002, 2004 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +if ! gpg --version > /dev/null 2>&1 ; then + echo "GnuPG not available!" + exit 1 +fi + +gpg="gpg --no-greeting --no-secmem-warning" + +echo "This script converts your public keyring and trustdb from GnuPG" +echo "1.0.6 or earlier to the 1.0.7 and later format." + +echo "If you have already done this, there is no harm (but no point)" +echo "in doing it again." + +echo -n "Continue? (y/N)" + +read answer + +if test "x$answer" != "xy" ; then + exit 0 +fi + +echo +echo "Marking your keys as ultimately trusted" +for key in `$gpg --with-colons --list-secret-keys | grep sec: | cut -d: -f5` +do + $gpg --trusted-key $key --with-colons --list-keys $key > /dev/null 2>&1 + echo -n "." +done +echo + +echo +echo "Adding signature caches" +$gpg --rebuild-keydb-caches + +echo +echo "Checking trustdb" +$gpg --check-trustdb + +echo +echo "Done!" diff --git a/tools/crlf.c b/tools/crlf.c new file mode 100644 index 000000000..ecb6eecdb --- /dev/null +++ b/tools/crlf.c @@ -0,0 +1,52 @@ +/* crlf.c + * Copyright (C) 1999, 2000, 2001 Free Software Foundation, Inc. + * + * This file is free software; as a special exception the author gives + * unlimited permission to copy and/or distribute it, with or without + * modifications, as long as this notice is preserved. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include <stdio.h> + +int +main(int argc, char **argv) +{ + int c, lc; + int off=0; + + if( argc > 1 ) { + fprintf(stderr, "no arguments, please\n"); + return 1; + } + + lc = -1; + while( (c=getchar()) != EOF ) { +#if 0 + if( c == '\r' && lc == ' ' ) + fprintf(stderr,"SP,CR at %d\n", off ); + if( c == '\n' && lc == ' ' ) + fprintf(stderr,"SP,LF at %d\n", off ); +#endif + if( c == '\n' && lc == '\r' ) + putchar(c); + else if( c == '\n' ) { + putchar('\r'); + putchar(c); + } + else if( c != '\n' && lc == '\r' ) { + putchar('\n'); + putchar(c); + } + else + putchar(c); + + lc = c; + off++; + } + + return 0; +} diff --git a/tools/gpg-zip.in b/tools/gpg-zip.in new file mode 100644 index 000000000..8b4ccfb2b --- /dev/null +++ b/tools/gpg-zip.in @@ -0,0 +1,142 @@ +#!/bin/sh + +# gpg-archive - gpg-ized tar using the same format as PGP's PGP Zip. +# Copyright (C) 2005 Free Software Foundation, Inc. +# +# This file is part of GnuPG. +# +# GnuPG is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# GnuPG is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + +# Despite the name, PGP Zip format is actually an OpenPGP-wrapped tar +# file. To be compatible with PGP itself, this must be a USTAR format +# tar file. Unclear on whether there is a distinction here between +# the GNU or POSIX variant of USTAR. + +VERSION=@VERSION@ +TAR=@TAR@ +GPG=gpg + +usage="\ +Usage: gpg-zip [--help] [--version] [--encrypt] [--decrypt] [--symmetric] + [--list-archive] [--output FILE] [--gpg GPG] [--gpg-args ARGS] + [--tar TAR] [--tar-args ARGS] filename1 [filename2, ...] + directory1 [directory2, ...] + +Encrypt or sign files into an archive." + +while test $# -gt 0 ; do + case $1 in + -h | --help | --h*) + echo "$usage" + exit 0 + ;; + --list-archive) + list=yes + create=no + unpack=no + shift + ;; + --encrypt | -e) + gpg_args="$gpg_args --encrypt" + list=no + create=yes + unpack=no + shift + ;; + --decrypt | -d) + gpg_args="$gpg_args --decrypt" + list=no + create=no + unpack=yes + shift + ;; + --symmetric | -c) + gpg_args="$gpg_args --symmetric" + list=no + create=yes + unpack=no + shift + ;; + --sign | -s) + gpg_args="$gpg_args --sign" + list=no + create=yes + unpack=no + shift + ;; + --recipient | -r) + gpg_args="$gpg_args --recipient $2" + shift + shift + ;; + --local-user | -u) + gpg_args="$gpg_args --local-user $2" + shift + shift + ;; + --output | -o) + gpg_args="$gpg_args --output $2" + shift + shift + ;; + --version) + echo "gpg-zip (GnuPG) $VERSION" + exit 0 + ;; + --gpg) + GPG=$1 + shift + ;; + --gpg-args) + gpg_args="$gpg_args $2" + shift + shift + ;; + --tar) + TAR=$1 + shift + ;; + --tar-args) + tar_args="$tar_args $2" + shift + shift + ;; + --) + shift + break + ;; + -*) + echo "$usage" 1>&2 + exit 1 + ;; + *) + break + ;; + esac +done + +if test x$create = xyes ; then +# echo "$TAR -cf - "$@" | $GPG --set-filename x.tar $gpg_args" 1>&2 + $TAR -cf - "$@" | $GPG --set-filename x.tar $gpg_args +elif test x$list = xyes ; then +# echo "cat \"$1\" | $GPG $gpg_args | $TAR $tar_args -tf -" 1>&2 + cat "$1" | $GPG $gpg_args | $TAR $tar_args -tf - +elif test x$unpack = xyes ; then +# echo "cat \"$1\" | $GPG $gpg_args | $TAR $tar_args -xvf -" 1>&2 + cat "$1" | $GPG $gpg_args | $TAR $tar_args -xvf - +else + echo "$usage" 1>&2 + exit 1 +fi diff --git a/tools/gpgsplit.c b/tools/gpgsplit.c new file mode 100644 index 000000000..96760dab3 --- /dev/null +++ b/tools/gpgsplit.c @@ -0,0 +1,881 @@ +/* gpgsplit.c - An OpenPGP packet splitting tool + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + * USA. + */ + +/* + * TODO: Add an option to uncompress packets. This should come quite handy. + */ + +#include <config.h> +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <unistd.h> +#include <assert.h> +#include <sys/types.h> +#ifdef HAVE_DOSISH_SYSTEM +# include <fcntl.h> /* for setmode() */ +#endif +#include <zlib.h> +#ifdef HAVE_BZIP2 +#include <bzlib.h> +#endif /* HAVE_BZIP2 */ +#if defined(__riscos__) && defined(USE_ZLIBRISCOS) +# include "zlib-riscos.h" +#endif + +#define INCLUDED_BY_MAIN_MODULE 1 +#include "util.h" +#include "openpgpdefs.h" + +static int opt_verbose; +static const char *opt_prefix = ""; +static int opt_uncompress; +static int opt_secret_to_public; +static int opt_no_split; + +static void g10_exit( int rc ); +static void split_packets (const char *fname); + + +enum cmd_and_opt_values { + aNull = 0, + oVerbose = 'v', + oPrefix = 'p', + oUncompress = 500, + oSecretToPublic, + oNoSplit, + + aTest +}; + + +static ARGPARSE_OPTS opts[] = { + + { 301, NULL, 0, "@Options:\n " }, + + { oVerbose, "verbose", 0, "verbose" }, + { oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" }, + { oUncompress, "uncompress", 0, "uncompress a packet"}, + { oSecretToPublic, "secret-to-public", 0, "convert secret keys to public keys"}, + { oNoSplit, "no-split", 0, "write to stdout and don't actually split"}, +{0} }; + + +static const char * +my_strusage (int level) +{ + const char *p; + switch (level) + { + case 11: p = "gpgsplit (GnuPG)"; + break; + case 13: p = VERSION; break; + case 17: p = PRINTABLE_OS_NAME; break; + case 19: p = + "Please report bugs to <bug-gnupg@gnu.org>.\n"; + break; + case 1: + case 40: p = + "Usage: gpgsplit [options] [files] (-h for help)"; + break; + case 41: p = + "Syntax: gpgsplit [options] [files]\n" + "Split an OpenPGP message into packets\n"; + break; + + default: p = NULL; + } + return p; +} + + + +int +main (int argc, char **argv) +{ + ARGPARSE_ARGS pargs; + +#ifdef HAVE_DOSISH_SYSTEM + setmode( fileno(stdin), O_BINARY ); + setmode( fileno(stdout), O_BINARY ); +#endif + log_set_prefix ("gpgsplit", JNLIB_LOG_WITH_PREFIX); + set_strusage (my_strusage); + + pargs.argc = &argc; + pargs.argv = &argv; + pargs.flags= 1; /* do not remove the args */ + while (optfile_parse( NULL, NULL, NULL, &pargs, opts)) + { + switch (pargs.r_opt) + { + case oVerbose: opt_verbose = 1; break; + case oPrefix: opt_prefix = pargs.r.ret_str; break; + case oUncompress: opt_uncompress = 1; break; + case oSecretToPublic: opt_secret_to_public = 1; break; + case oNoSplit: opt_no_split = 1; break; + default : pargs.err = 2; break; + } + } + + if (log_get_errorcount(0)) + g10_exit (2); + + if (!argc) + split_packets (NULL); + else + { + for ( ;argc; argc--, argv++) + split_packets (*argv); + } + + g10_exit (0); + return 0; +} + + +static void +g10_exit (int rc) +{ + rc = rc? rc : log_get_errorcount(0)? 2 : 0; + exit(rc ); +} + +static const char * +pkttype_to_string (int pkttype) +{ + const char *s; + + switch (pkttype) + { + case PKT_PUBKEY_ENC : s = "pk_enc"; break; + case PKT_SIGNATURE : s = "sig"; break; + case PKT_SYMKEY_ENC : s = "sym_enc"; break; + case PKT_ONEPASS_SIG : s = "onepass_sig"; break; + case PKT_SECRET_KEY : s = "secret_key"; break; + case PKT_PUBLIC_KEY : s = "public_key"; break; + case PKT_SECRET_SUBKEY : s = "secret_subkey"; break; + case PKT_COMPRESSED : + s = opt_uncompress? "uncompressed":"compressed"; + break; + case PKT_ENCRYPTED : s = "encrypted"; break; + case PKT_MARKER : s = "marker"; break; + case PKT_PLAINTEXT : s = "plaintext"; break; + case PKT_RING_TRUST : s = "ring_trust"; break; + case PKT_USER_ID : s = "user_id"; break; + case PKT_PUBLIC_SUBKEY : s = "public_subkey"; break; + case PKT_OLD_COMMENT : s = "old_comment"; break; + case PKT_ATTRIBUTE : s = "attribute"; break; + case PKT_ENCRYPTED_MDC : s = "encrypted_mdc"; break; + case PKT_MDC : s = "mdc"; break; + case PKT_COMMENT : s = "comment"; break; + case PKT_GPG_CONTROL : s = "gpg_control"; break; + default: s = "unknown"; break; + } + return s; +} + + +/* + * Create a new filename and a return a pointer to a statically + * allocated buffer + */ +static char * +create_filename (int pkttype) +{ + static unsigned int partno = 0; + static char *name; + + if (!name) + name = xmalloc (strlen (opt_prefix) + 100 ); + + assert (pkttype < 1000 && pkttype >= 0 ); + partno++; + sprintf (name, "%s%06u-%03d" EXTSEP_S "%.40s", + opt_prefix, partno, pkttype, pkttype_to_string (pkttype)); + return name; +} + +static int +read_u16 (FILE *fp, size_t *rn) +{ + int c; + + if ( (c = getc (fp)) == EOF ) + return -1; + *rn = c << 8; + if ( (c = getc (fp)) == EOF ) + return -1; + *rn |= c; + return 0; +} + +static int +read_u32 (FILE *fp, unsigned long *rn) +{ + size_t tmp; + + if (read_u16 (fp, &tmp)) + return -1; + *rn = tmp << 16; + if (read_u16 (fp, &tmp)) + return -1; + *rn |= tmp; + return 0; +} + +static int +write_old_header (FILE *fp, int pkttype, unsigned int len) +{ + int ctb = (0x80 | ((pkttype & 15)<<2)); + + if (len < 256) + ; + else if (len < 65536) + ctb |= 1; + else + ctb |= 2; + + if ( putc ( ctb, fp) == EOF ) + return -1; + + if ( (ctb & 2) ) + { + if (putc ((len>>24), fp) == EOF) + return -1; + if (putc ((len>>16), fp) == EOF) + return -1; + } + if ( (ctb & 3) ) + { + if (putc ((len>>8), fp) == EOF) + return -1; + } + if (putc ((len&0xff), fp) == EOF) + return -1; + return 0; +} + +static int +write_new_header (FILE *fp, int pkttype, unsigned int len) +{ + if ( putc ((0xc0 | (pkttype & 0x3f)), fp) == EOF ) + return -1; + + if (len < 192) + { + if (putc (len, fp) == EOF) + return -1; + } + else if (len < 8384) + { + len -= 192; + if (putc ((len/256)+192, fp) == EOF) + return -1; + if (putc ((len%256), fp) == EOF) + return -1; + } + else + { + if (putc ( 0xff, fp) == EOF) + return -1; + if (putc ( (len >> 24), fp) == EOF) + return -1; + if (putc ( (len >> 16), fp) == EOF) + return -1; + if (putc ( (len >> 8), fp) == EOF) + return -1; + if (putc ( (len & 0xff), fp) == EOF) + return -1; + } + return 0; +} + +/* Return the length of the public key given BUF of BUFLEN with a + secret key. */ +static int +public_key_length (const unsigned char *buf, size_t buflen) +{ + const unsigned char *s; + int nmpis; + + /* byte version number (3 or 4) + u32 creation time + [u16 valid days (version 3 only)] + byte algorithm + n MPIs (n and e) */ + if (!buflen) + return 0; + if (buf[0] < 2 || buf[0] > 4) + return 0; /* wrong version number */ + if (buflen < (buf[0] == 4? 6:8)) + return 0; + s = buf + (buf[0] == 4? 6:8); + buflen -= (buf[0] == 4? 6:8); + switch (s[-1]) + { + case 1: + case 2: + case 3: + nmpis = 2; + break; + case 16: + case 20: + nmpis = 3; + break; + case 17: + nmpis = 4; + break; + default: + return 0; + } + + for (; nmpis; nmpis--) + { + unsigned int nbits, nbytes; + + if (buflen < 2) + return 0; + nbits = (s[0] << 8) | s[1]; + s += 2; buflen -= 2; + nbytes = (nbits+7) / 8; + if (buflen < nbytes) + return 0; + s += nbytes; buflen -= nbytes; + } + + return s - buf; +} + +static int +handle_zlib(int algo,FILE *fpin,FILE *fpout) +{ + z_stream zs; + byte *inbuf, *outbuf; + unsigned int inbufsize, outbufsize; + int c,zinit_done, zrc, nread, count; + size_t n; + + memset (&zs, 0, sizeof zs); + inbufsize = 2048; + inbuf = xmalloc (inbufsize); + outbufsize = 8192; + outbuf = xmalloc (outbufsize); + zs.avail_in = 0; + zinit_done = 0; + + do + { + if (zs.avail_in < inbufsize) + { + n = zs.avail_in; + if (!n) + zs.next_in = (Bytef *) inbuf; + count = inbufsize - n; + for (nread=0; + nread < count && (c=getc (fpin)) != EOF; + nread++) + inbuf[n+nread] = c; + + n += nread; + if (nread < count && algo == 1) + { + inbuf[n] = 0xFF; /* chew dummy byte */ + n++; + } + zs.avail_in = n; + } + zs.next_out = (Bytef *) outbuf; + zs.avail_out = outbufsize; + + if (!zinit_done) + { + zrc = (algo == 1? inflateInit2 ( &zs, -13) + : inflateInit ( &zs )); + if (zrc != Z_OK) + { + log_fatal ("zlib problem: %s\n", zs.msg? zs.msg : + zrc == Z_MEM_ERROR ? "out of core" : + zrc == Z_VERSION_ERROR ? + "invalid lib version" : + "unknown error" ); + } + zinit_done = 1; + } + else + { +#ifdef Z_SYNC_FLUSH + zrc = inflate (&zs, Z_SYNC_FLUSH); +#else + zrc = inflate (&zs, Z_PARTIAL_FLUSH); +#endif + if (zrc == Z_STREAM_END) + ; /* eof */ + else if (zrc != Z_OK && zrc != Z_BUF_ERROR) + { + if (zs.msg) + log_fatal ("zlib inflate problem: %s\n", zs.msg ); + else + log_fatal ("zlib inflate problem: rc=%d\n", zrc ); + } + for (n=0; n < outbufsize - zs.avail_out; n++) + { + if (putc (outbuf[n], fpout) == EOF ) + return 1; + } + } + } + while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR); + inflateEnd (&zs); + + return 0; +} + +#ifdef HAVE_BZIP2 +static int +handle_bzip2(int algo,FILE *fpin,FILE *fpout) +{ + bz_stream bzs; + byte *inbuf, *outbuf; + unsigned int inbufsize, outbufsize; + int c,zinit_done, zrc, nread, count; + size_t n; + + memset (&bzs, 0, sizeof bzs); + inbufsize = 2048; + inbuf = xmalloc (inbufsize); + outbufsize = 8192; + outbuf = xmalloc (outbufsize); + bzs.avail_in = 0; + zinit_done = 0; + + do + { + if (bzs.avail_in < inbufsize) + { + n = bzs.avail_in; + if (!n) + bzs.next_in = inbuf; + count = inbufsize - n; + for (nread=0; + nread < count && (c=getc (fpin)) != EOF; + nread++) + inbuf[n+nread] = c; + + n += nread; + if (nread < count && algo == 1) + { + inbuf[n] = 0xFF; /* chew dummy byte */ + n++; + } + bzs.avail_in = n; + } + bzs.next_out = outbuf; + bzs.avail_out = outbufsize; + + if (!zinit_done) + { + zrc = BZ2_bzDecompressInit(&bzs,0,0); + if (zrc != BZ_OK) + log_fatal ("bz2lib problem: %d\n",zrc); + zinit_done = 1; + } + else + { + zrc = BZ2_bzDecompress(&bzs); + if (zrc == BZ_STREAM_END) + ; /* eof */ + else if (zrc != BZ_OK && zrc != BZ_PARAM_ERROR) + log_fatal ("bz2lib inflate problem: %d\n", zrc ); + for (n=0; n < outbufsize - bzs.avail_out; n++) + { + if (putc (outbuf[n], fpout) == EOF ) + return 1; + } + } + } + while (zrc != BZ_STREAM_END && zrc != BZ_PARAM_ERROR); + BZ2_bzDecompressEnd(&bzs); + + return 0; +} +#endif /* HAVE_BZIP2 */ + +/* hdr must point to a buffer large enough to hold all header bytes */ +static int +write_part ( const char *fname, FILE *fpin, unsigned long pktlen, + int pkttype, int partial, unsigned char *hdr, size_t hdrlen) +{ + FILE *fpout; + int c, first; + unsigned char *p; + const char *outname = create_filename (pkttype); + +#if defined(__riscos__) && defined(USE_ZLIBRISCOS) + static int initialized = 0; + + if (!initialized) + initialized = riscos_load_module("ZLib", zlib_path, 1); +#endif + if (opt_no_split) + fpout = stdout; + else + { + if (opt_verbose) + log_info ("writing `%s'\n", outname); + fpout = fopen (outname, "wb"); + if (!fpout) + { + log_error ("error creating `%s': %s\n", outname, strerror(errno)); + /* stop right now, otherwise we would mess up the sequence + of the part numbers */ + g10_exit (1); + } + } + + if (opt_secret_to_public + && (pkttype == PKT_SECRET_KEY || pkttype == PKT_SECRET_SUBKEY)) + { + unsigned char *blob = xmalloc (pktlen); + int i, len; + + pkttype = pkttype == PKT_SECRET_KEY? PKT_PUBLIC_KEY:PKT_PUBLIC_SUBKEY; + + for (i=0; i < pktlen; i++) + { + c = getc (fpin); + if (c == EOF) + goto read_error; + blob[i] = c; + } + len = public_key_length (blob, pktlen); + if (!len) + { + log_error ("error calcualting public key length\n"); + g10_exit (1); + } + if ( (hdr[0] & 0x40) ) + { + if (write_new_header (fpout, pkttype, len)) + goto write_error; + } + else + { + if (write_old_header (fpout, pkttype, len)) + goto write_error; + } + + for (i=0; i < len; i++) + { + if ( putc (blob[i], fpout) == EOF ) + goto write_error; + } + + goto ready; + } + + + if (!opt_uncompress) + { + for (p=hdr; hdrlen; p++, hdrlen--) + { + if ( putc (*p, fpout) == EOF ) + goto write_error; + } + } + + first = 1; + while (partial) + { + size_t partlen; + + if (partial == 1) + { /* openpgp */ + if (first ) + { + c = pktlen; + assert( c >= 224 && c < 255 ); + first = 0; + } + else if ((c = getc (fpin)) == EOF ) + goto read_error; + else + hdr[hdrlen++] = c; + + if (c < 192) + { + pktlen = c; + partial = 0; /* (last segment may follow) */ + } + else if (c < 224 ) + { + pktlen = (c - 192) * 256; + if ((c = getc (fpin)) == EOF) + goto read_error; + hdr[hdrlen++] = c; + pktlen += c + 192; + partial = 0; + } + else if (c == 255) + { + if (read_u32 (fpin, &pktlen)) + goto read_error; + hdr[hdrlen++] = pktlen >> 24; + hdr[hdrlen++] = pktlen >> 16; + hdr[hdrlen++] = pktlen >> 8; + hdr[hdrlen++] = pktlen; + partial = 0; + } + else + { /* next partial body length */ + for (p=hdr; hdrlen; p++, hdrlen--) + { + if ( putc (*p, fpout) == EOF ) + goto write_error; + } + partlen = 1 << (c & 0x1f); + for (; partlen; partlen--) + { + if ((c = getc (fpin)) == EOF) + goto read_error; + if ( putc (c, fpout) == EOF ) + goto write_error; + } + } + } + else if (partial == 2) + { /* old gnupg */ + assert (!pktlen); + if ( read_u16 (fpin, &partlen) ) + goto read_error; + hdr[hdrlen++] = partlen >> 8; + hdr[hdrlen++] = partlen; + for (p=hdr; hdrlen; p++, hdrlen--) + { + if ( putc (*p, fpout) == EOF ) + goto write_error; + } + if (!partlen) + partial = 0; /* end of packet */ + for (; partlen; partlen--) + { + c = getc (fpin); + if (c == EOF) + goto read_error; + if ( putc (c, fpout) == EOF ) + goto write_error; + } + } + else + { /* compressed: read to end */ + pktlen = 0; + partial = 0; + hdrlen = 0; + if (opt_uncompress) + { + if ((c = getc (fpin)) == EOF) + goto read_error; + + if(c==1 || c==2) + { + if(handle_zlib(c,fpin,fpout)) + goto write_error; + } +#ifdef HAVE_BZIP2 + else if(c==3) + { + if(handle_bzip2(c,fpin,fpout)) + goto write_error; + } +#endif /* HAVE_BZIP2 */ + else + { + log_error("invalid compression algorithm (%d)\n",c); + goto read_error; + } + } + else + { + while ( (c=getc (fpin)) != EOF ) + { + if ( putc (c, fpout) == EOF ) + goto write_error; + } + } + if (!feof (fpin)) + goto read_error; + } + } + + for (p=hdr; hdrlen; p++, hdrlen--) + { + if ( putc (*p, fpout) == EOF ) + goto write_error; + } + + /* standard packet or last segment of partial length encoded packet */ + for (; pktlen; pktlen--) + { + c = getc (fpin); + if (c == EOF) + goto read_error; + if ( putc (c, fpout) == EOF ) + goto write_error; + } + + ready: + if ( !opt_no_split && fclose (fpout) ) + log_error ("error closing `%s': %s\n", outname, strerror (errno)); + return 0; + + write_error: + log_error ("error writing `%s': %s\n", outname, strerror (errno)); + if (!opt_no_split) + fclose (fpout); + return 2; + + read_error: + if (!opt_no_split) + { + int save = errno; + fclose (fpout); + errno = save; + } + return -1; +} + + + +static int +do_split (const char *fname, FILE *fp) +{ + int c, ctb, pkttype; + unsigned long pktlen = 0; + int partial = 0; + unsigned char header[20]; + int header_idx = 0; + + ctb = getc (fp); + if (ctb == EOF) + return 3; /* ready */ + header[header_idx++] = ctb; + + if (!(ctb & 0x80)) + { + log_error("invalid CTB %02x\n", ctb ); + return 1; + } + if ( (ctb & 0x40) ) + { /* new CTB */ + pkttype = (ctb & 0x3f); + if( (c = getc (fp)) == EOF ) + return -1; + header[header_idx++] = c; + + if ( c < 192 ) + pktlen = c; + else if ( c < 224 ) + { + pktlen = (c - 192) * 256; + if( (c = getc (fp)) == EOF ) + return -1; + header[header_idx++] = c; + pktlen += c + 192; + } + else if ( c == 255 ) + { + if (read_u32 (fp, &pktlen)) + return -1; + header[header_idx++] = pktlen >> 24; + header[header_idx++] = pktlen >> 16; + header[header_idx++] = pktlen >> 8; + header[header_idx++] = pktlen; + } + else + { /* partial body length */ + pktlen = c; + partial = 1; + } + } + else + { + int lenbytes; + + pkttype = (ctb>>2)&0xf; + lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); + if (!lenbytes ) + { + pktlen = 0; /* don't know the value */ + if( pkttype == PKT_COMPRESSED ) + partial = 3; + else + partial = 2; /* the old GnuPG partial length encoding */ + } + else + { + for ( ; lenbytes; lenbytes-- ) + { + pktlen <<= 8; + if( (c = getc (fp)) == EOF ) + return -1; + header[header_idx++] = c; + + pktlen |= c; + } + } + } + + return write_part (fname, fp, pktlen, pkttype, partial, + header, header_idx); +} + + +static void +split_packets (const char *fname) +{ + FILE *fp; + int rc; + + if (!fname || !strcmp (fname, "-")) + { + fp = stdin; + fname = "-"; + } + else if ( !(fp = fopen (fname,"rb")) ) + { + log_error ("can't open `%s': %s\n", fname, strerror (errno)); + return; + } + + while ( !(rc = do_split (fname, fp)) ) + ; + if ( rc > 0 ) + ; /* error already handled */ + else if ( ferror (fp) ) + log_error ("error reading `%s': %s\n", fname, strerror (errno)); + else + log_error ("premature EOF while reading `%s'\n", fname ); + + if ( fp != stdin ) + fclose (fp); +} diff --git a/tools/lspgpot b/tools/lspgpot new file mode 100755 index 000000000..f406392eb --- /dev/null +++ b/tools/lspgpot @@ -0,0 +1,27 @@ +#!/bin/sh +# lspgpot - script to extract the ownertrust values +# from PGP keyrings and list them in GnuPG ownertrust format. +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +if ! gpg --version > /dev/null 2>&1 ; then + echo "GnuPG not available!" + exit 1 +fi + +gpg --dry-run --with-fingerprint --with-colons $* | awk ' +BEGIN { FS=":" + printf "# Ownertrust listing generated by lspgpot\n" + printf "# This can be imported using the command:\n" + printf "# gpg --import-ownertrust\n\n" } +$1 == "fpr" { fpr = $10 } +$1 == "rtv" && $2 == 1 && $3 == 2 { printf "%s:3:\n", fpr; next } +$1 == "rtv" && $2 == 1 && $3 == 5 { printf "%s:4:\n", fpr; next } +$1 == "rtv" && $2 == 1 && $3 == 6 { printf "%s:5:\n", fpr; next } +' diff --git a/tools/mail-signed-keys b/tools/mail-signed-keys new file mode 100755 index 000000000..80fbb3481 --- /dev/null +++ b/tools/mail-signed-keys @@ -0,0 +1,114 @@ +#!/bin/sh +# Copyright (C) 2000, 2001 Free Software Foundation, Inc. +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# FIXME: Add --dry-run, use only valid email addreses, extract only given keys + +dryrun=0 +if [ "$1" = "--dry-run" ]; then + dryrun=1 + shift +fi + +if [ -z "$1" -o -z "$2" -o -z "$3" ]; then + echo "usage: mail-signed-keys keyring signedby signame" >&2 + exit 1 +fi + +signame="$3" + +if [ ! -f $1 ]; then + echo "mail-signed-keys: '$1': no such file" >&2 + exit 1 +fi + +[ -f '.#tdb.tmp' ] && rm '.#tdb.tmp' +ro="--homedir . --no-options --trustdb-name=./.#tdb.tmp --dry-run --lock-never --no-default-keyring --keyring $1" + +signedby=`gpg $ro --list-keys --with-colons $2 \ + 2>/dev/null | awk -F: '$1=="pub" {print $5; exit 0}'` + +if [ -z "$signedby" ]; then + echo "mail-signed-keys: '$2': no such signator" >&2 + exit 1 +fi + +if [ "$dryrun" = "0" ]; then + echo "About to send the the keys signed by $signedby" >&2 + echo -n "to their owners. Do you really want to do this? (y/N)" >&2 + read + [ "$REPLY" != "y" -a "$REPLY" != "Y" ] && exit 0 +fi + +gpg $ro --check-sigs --with-colons 2>/dev/null \ + | awk -F: -v signedby="$signedby" -v gpgopt="$ro" \ + -v dryrun="$dryrun" -v signame="$signame" ' +BEGIN { sendmail="/usr/lib/sendmail -oi -t " } +$1 == "pub" { nextkid=$5; nextuid=$10 + if( uidcount > 0 ) { myflush() } + kid=nextkid; uid=nextuid; next + } +$1 == "uid" { uid=$10 ; next } +$1 == "sig" && $2 == "!" && $5 == signedby { uids[uidcount++] = uid; next } +END { if( uidcount > 0 ) { myflush() } } + +function myflush() +{ + if ( kid == signedby ) { uidcount=0; return } + print "sending key " substr(kid,9) " to" | "cat >&2" + for(i=0; i < 1; i++ ) { + print " " uids[i] | "cat >&2" + if( dryrun == 0 ) { + if( i == 0 ) { + printf "To: %s", uids[i] | sendmail + } + else { + printf ",\n %s", uids[i] | sendmail + } + } + } + if(dryrun == 0) { + printf "\n" | sendmail + print "Subject: I signed your key " substr(kid,9) | sendmail + print "" | sendmail + print "Hi," | sendmail + print "" | sendmail + print "Here you get back the signed key." | sendmail + print "Please send it yourself to a keyserver." | sendmail + print "" | sendmail + print "Peace," | sendmail + print " " signame | sendmail + print "" | sendmail + cmd = "gpg " gpgopt " --export -a " kid " 2>/dev/null" + while( (cmd | getline) > 0 ) { + print | sendmail + } + print "" | sendmail + close(cmd) + close( sendmail ) + } + uidcount=0 +} +' + + + + + + + + + + + + + + + diff --git a/tools/make-dns-cert.c b/tools/make-dns-cert.c new file mode 100644 index 000000000..496b63b0b --- /dev/null +++ b/tools/make-dns-cert.c @@ -0,0 +1,239 @@ +/* make-dns-cert.c - An OpenPGP-to-DNS CERT conversion tool + * Copyright (C) 2006 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + * USA. + */ + +#include <config.h> +#include <unistd.h> +#ifdef HAVE_GETOPT_H +#include <getopt.h> +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> + +/* We use TYPE37 instead of CERT since not all nameservers can handle + CERT yet... */ + +static int +cert_key(const char *name,const char *keyfile) +{ + int fd,ret=1,err,i; + struct stat statbuf; + + fd=open(keyfile,O_RDONLY); + if(fd==-1) + { + fprintf(stderr,"Cannot open key file %s: %s\n",keyfile,strerror(errno)); + return 1; + } + + err=fstat(fd,&statbuf); + if(err==-1) + { + fprintf(stderr,"Unable to stat key file %s: %s\n", + keyfile,strerror(errno)); + goto fail; + } + + if(statbuf.st_size>65536) + { + fprintf(stderr,"Key %s too large for CERT encoding\n",keyfile); + goto fail; + } + + if(statbuf.st_size>16384) + fprintf(stderr,"Warning: key file %s is larger than the default" + " GnuPG max-cert-size\n",keyfile); + + printf("%s\tTYPE37\t\\# %u 0003 0000 00 ", + name,(unsigned int)statbuf.st_size+5); + + err=1; + while(err!=0) + { + unsigned char buffer[1024]; + + err=read(fd,buffer,1024); + if(err==-1) + { + fprintf(stderr,"Unable to read key file %s: %s\n", + keyfile,strerror(errno)); + goto fail; + } + + for(i=0;i<err;i++) + printf("%02X",buffer[i]); + } + + printf("\n"); + + ret=0; + + fail: + close(fd); + + return ret; +} + +static int +url_key(const char *name,const char *fpr,const char *url) +{ + int len=6,fprlen=0; + + if(fpr) + { + const char *tmp = fpr; + while (*tmp) + { + if ((*tmp >= 'A' && *tmp <= 'F') || + (*tmp >= 'a' && *tmp <= 'f') || + (*tmp >= '0' && *tmp <= '9')) + { + fprlen++; + } + else if (*tmp != ' ' && *tmp != '\t') + { + fprintf(stderr,"Fingerprint must consist of only hex digits" + " and whitespace\n"); + return 1; + } + + tmp++; + } + + if(fprlen%2) + { + fprintf(stderr,"Fingerprint must be an even number of characters\n"); + return 1; + } + + fprlen/=2; + len+=fprlen; + } + + if(url) + len+=strlen(url); + + if(!fpr && !url) + { + fprintf(stderr, + "Cannot generate a CERT without either a fingerprint or URL\n"); + return 1; + } + + printf("%s\tTYPE37\t\\# %d 0006 0000 00 %02X",name,len,fprlen); + + if(fpr) + printf(" %s",fpr); + + if(url) + { + const char *c; + printf(" "); + for(c=url;*c;c++) + printf("%02X",*c); + } + + printf("\n"); + + return 0; +} + +static void +usage(FILE *stream) +{ + fprintf(stream,"make-dns-cert\n"); + fprintf(stream,"\t-f\tfingerprint\n"); + fprintf(stream,"\t-u\tURL\n"); + fprintf(stream,"\t-k\tkey file\n"); + fprintf(stream,"\t-n\tDNS name\n"); +} + +int +main(int argc,char *argv[]) +{ + int arg,err=1; + char *fpr=NULL,*url=NULL,*keyfile=NULL,*name=NULL; + + if(argc==1) + { + usage(stderr); + return 1; + } + else if(argc>1 && strcmp(argv[1],"--version")==0) + { + printf("make-dns-cert (GnuPG) " VERSION "\n"); + return 0; + } + else if(argc>1 && strcmp(argv[1],"--help")==0) + { + usage(stdout); + return 0; + } + + while((arg=getopt(argc,argv,"hf:u:k:n:"))!=-1) + switch(arg) + { + default: + case 'h': + usage(stdout); + exit(0); + + case 'f': + fpr=optarg; + break; + + case 'u': + url=optarg; + break; + + case 'k': + keyfile=optarg; + break; + + case 'n': + name=optarg; + break; + } + + if(!name) + { + fprintf(stderr,"No name provided\n"); + return 1; + } + + if(keyfile && (fpr || url)) + { + fprintf(stderr,"Cannot generate a CERT record with both a keyfile and" + " a fingerprint or URL\n"); + return 1; + } + + if(keyfile) + err=cert_key(name,keyfile); + else + err=url_key(name,fpr,url); + + return err; +} diff --git a/tools/mk-tdata.c b/tools/mk-tdata.c new file mode 100644 index 000000000..833875d28 --- /dev/null +++ b/tools/mk-tdata.c @@ -0,0 +1,67 @@ +/* mk-tdata.c - Create some simple random testdata + * Copyright (C) 1998, 1999, 2000, 2001, 2006 Free Software Foundation, Inc. + * + * This file is free software; as a special exception the author gives + * unlimited permission to copy and/or distribute it, with or without + * modifications, as long as this notice is preserved. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include <config.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + + +#ifndef RAND_MAX /* for SunOS */ +#define RAND_MAX 32767 +#endif + +int +main(int argc, char **argv) +{ + int i, c = 0; + int limit =0; + int char_mode = 0; + + if (argc) + { + argc--; + argv++; + } + + /* Check for option --char N */ + if (argc > 1 && !strcmp (argv[0], "--char")) + { + char_mode = 1; + c = strtol (argv[1], NULL, 0); + argc -= 2; + argv += 2; + } + + limit = argc ? atoi(argv[0]) : 0; + + srand(getpid()); + + for (i=0; !limit || i < limit; i++ ) + { + if (char_mode) + { + putchar (c); + } + else + { +#ifdef HAVE_RAND + c = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1); +#else + c = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1); +#endif + putchar (c); + } + } + return 0; +} diff --git a/tools/pgpgroup-to-gpggroup b/tools/pgpgroup-to-gpggroup new file mode 100755 index 000000000..5ea9990b6 --- /dev/null +++ b/tools/pgpgroup-to-gpggroup @@ -0,0 +1,42 @@ +#!/usr/bin/perl -w + +# pgpgroup-to-gpggroup - convert PGP groups to GnuPG groups +# Copyright (C) 2004 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# This program requires a PGP command line program that supports +# groups (note that the PGP 8 command line doesn't). + +$pgp="pgp -gvv 2>/dev/null"; + +open(PGP,"$pgp|") || die "Unable to call PGP: $!"; + +while(<PGP>) +{ + # If the line begins with a ">", then it is a new group. + + if(/^ > (\S+)/) + { + print "\ngroup $1 = "; + } + elsif(/\s+(0x\S+)/) + { + print "$1 "; + } +} + +print "\n"; +close(PGP); |