From 0008610e28d20e091111113a1408f0df2167e914 Mon Sep 17 00:00:00 2001 From: Florian Loitsch Date: Fri, 8 Nov 2024 09:44:02 +0100 Subject: [PATCH] Remove deprecated certificates (#36) Users can always use older packages or install them by hand. --- .github/workflows/ci.yml | 9 +- src/certificate_roots.toit | 513 ------------------------------------- tests/parse_x509_test.toit | 12 +- tools/to_toit_source.toit | 249 ------------------ 4 files changed, 13 insertions(+), 770 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 23ae90e..be49de2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,6 +5,13 @@ on: release: types: [published] +env: + TOIT_VERSION: v2.0.0-alpha.100 + # Will be set in the 'Setup constants' step + TOIT_URL: + # Will be set in the 'Setup constants' step + DOWNLOAD_DIR: + jobs: build: strategy: @@ -19,8 +26,6 @@ jobs: - name: Setup constants shell: bash run: | - TOIT_VERSION=v2.0.0-alpha.91 - echo "TOIT_VERSION=$TOIT_VERSION" >> $GITHUB_ENV export DOWNLOAD_DIR="${{ github.workspace }}/downloads" echo "DOWNLOAD_DIR=$DOWNLOAD_DIR" >> $GITHUB_ENV if [[ "$RUNNER_OS" = "Linux" ]]; then diff --git a/src/certificate_roots.toit b/src/certificate_roots.toit index 451f740..2299620 100644 --- a/src/certificate_roots.toit +++ b/src/certificate_roots.toit @@ -2867,68 +2867,6 @@ Subject: CN=AAA Certificate Services O=Comodo CA Limited */ COMODO_AAA_SERVICES_ROOT ::= tls.RootCertificate --fingerprint=0x41187e1e COMODO_AAA_SERVICES_ROOT_BYTES_ -CYBERTRUST_GLOBAL_ROOT_BYTES_ ::= #[ - '0',0x82,3,0xa1,'0',130,2,137,160,3,2,1,2,2,11,4,0,0,0,0,1,15,133,170,'-', - 'H','0',13,6,9,'*',134,'H',134,247,13,1,1,5,5,0,'0',';','1',24,'0',22,6,3, - 'U',0x04,10,19,15,'C','y','b','e','r','t','r','u','s','t',',',' ','I','n', - 'c','1',0x1f,'0',29,6,3,'U',4,3,19,22,'C','y','b','e','r','t','r','u','s', - 't',' ','G','l','o','b','a','l',' ','R','o','o','t','0',30,23,0xd,'0','6', - '1','2','1','5','0','8','0','0','0','0','Z',23,13,'2','1','1','2','1','5', - '0','8','0','0','0','0','Z','0',';','1',24,'0',22,6,3,'U',4,0xa,19,15,'C', - 'y','b','e','r','t','r','u','s','t',',',' ','I','n','c','1',31,'0',29,6,3, - 'U',4,3,19,22,'C','y','b','e','r','t','r','u','s','t',' ','G','l','o','b', - 'a','l',' ','R','o','o','t','0',0x82,1,'"','0',13,6,9,'*',134,'H',134,247, - 13,1,1,1,5,0,3,130,1,15,0,'0',130,1,10,2,130,1,1,0,248,200,188,189,20,'P', - 'f',0x13,255,240,211,'y',236,'#',242,183,26,199,142,133,241,18,'s',166,25, - 0xaa,0x10,219,156,162,'e','t','Z','w','>','Q','}','V',246,220,'#',182,212, - 237,'_','X',177,'7','M',213,'I',14,'n',245,'j',135,214,210,140,210,39,198, - 0xe2,0xff,'6',0x9f,152,'e',160,19,'N',198,'*','d',155,213,144,18,207,20,6, - 0xf4,';',227,212,'(',190,232,14,248,171,'N','H',148,'m',142,149,'1',16,92, - 0xed,162,'-',189,213,':','m',178,28,187,'`',192,'F','K',1,245,'I',174,'~', - 'F',0x8a,208,'t',141,161,12,2,206,238,252,231,143,184,'k','f',243,127,'D', - 0,0xbf,'f','%',20,'+',221,16,'0',29,7,150,'?','M',246,'k',184,143,183,'{', - 0x0c,0xa5,'8',235,222,'G',219,213,']','9',252,136,167,243,215,'*','t',241, - 0xe8,'Z',0xa2,';',159,'P',186,166,140,'E','5',194,'P','e',149,220,'c',130, - 239,221,191,'w','M',156,'b',201,'c','s',22,208,')',15,'I',169,'H',240,179, - 0xaa,0xb7,'l',0xc5,167,'0','9','@',']',174,196,226,']','&','S',240,206,28, - '#',8,'a',168,148,25,186,4,'b','@',236,31,'8','p','w',18,6,'q',167,'0',24, - ']','%',39,165,2,3,1,0,1,163,129,165,'0',129,162,'0',14,6,3,'U',29,15,1,1, - 255,4,4,3,2,1,6,'0',15,6,3,'U',29,19,1,1,255,4,5,'0',3,1,1,255,'0',29,6,3, - 'U',29,0xe,4,22,4,20,182,8,'{',13,'z',204,172,' ','L',134,'V','2','^',207, - 0xab,'n',0x85,'-','p','W','0','?',6,3,'U',29,31,4,'8','0','6','0','4',160, - '2',0xa0,'0',0x86,'.','h','t','t','p',':','/','/','w','w','w','2','.','p', - 'u','b','l','i','c','-','t','r','u','s','t','.','c','o','m','/','c','r', - 'l','/','c','t','/','c','t','r','o','o','t','.','c','r','l','0',0x1f,6,3, - 'U',0x1d,'#',4,24,'0',22,0x80,20,182,8,'{',13,'z',204,172,' ','L',134,'V', - '2','^',207,171,'n',133,'-','p','W','0',13,6,9,'*',134,'H',134,247,13,1,1, - 5,5,0,3,0x82,1,1,0,'V',239,10,'#',160,'T','N',149,151,201,248,137,218,'E', - 0xc1,0xd4,0xa3,0,'%',244,31,19,171,183,163,133,'X','i',194,'0',173,216,21, - 0x8a,'-',227,201,205,129,'Z',248,'s','#','Z',167,'|',5,243,253,'"',';',14, - 0xd1,6,0xc4,219,'6','L','s',4,142,229,176,'"',228,197,243,'.',165,217,'#', - 0xe3,0xb8,'N','J',' ',0xa7,'n',2,'$',159,'"','`','g','{',139,29,'r',9,197, - '1',92,233,'y',159,128,'G','=',173,161,11,7,20,'=','G',255,3,'i',26,12,11, - 'D',231,'c','%',167,127,178,201,184,'v',132,237,'#',246,'}',7,171,'E','~', - 0xd3,0xdf,179,191,233,138,182,205,168,162,'g','+','R',213,183,'e',240,'9', - 'L','c',0xa0,0x91,'y',0x93,'R',15,'T',221,131,187,159,209,143,167,'S','s', - 0xc3,0xcb,0xff,'0',236,'|',4,184,216,'D',31,147,'_','q',9,'"',183,'n','>', - 234,28,3,'N',157,26,' ','a',251,129,'7',236,'^',252,10,'E',171,215,231,23, - 'U',0xd0,160,234,'`',155,166,246,227,140,'[',')',194,6,'`',20,157,'-',151, - 'L',0xa9,0x93,21,0x9d,'a',196,1,'_','H',214,'X',189,'V','1',18,'N',17,200, - '!',224,179,17,145,'e',219,180,166,136,'8',206,'U', -] - - -/** -Cybertrust Global Root. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. -*/ -CYBERTRUST_GLOBAL_ROOT ::= CYBERTRUST_GLOBAL_ROOT_ -CYBERTRUST_GLOBAL_ROOT_ ::= tls.RootCertificate --fingerprint=0x8dbc35 CYBERTRUST_GLOBAL_ROOT_BYTES_ - D_TRUST_BR_ROOT_CA_1_2020_BYTES_ ::= #[ '0',0x82,2,219,'0',130,2,'`',160,3,2,1,2,2,16,'|',201,143,'+',132,215,223, 0xea,0xf,201,'e',154,211,'K','M',150,'0',10,6,8,'*',134,'H',206,'=',4,3,3, @@ -3178,65 +3116,6 @@ Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009 O=D-Trust GmbH */ D_TRUST_ROOT_CLASS_3_CA_2_EV_2009 ::= tls.RootCertificate --fingerprint=0xcfccd458 D_TRUST_ROOT_CLASS_3_CA_2_EV_2009_BYTES_ -DST_ROOT_CA_X3_BYTES_ ::= #[ - '0',0x82,3,'J','0',0x82,2,'2',160,3,2,1,2,2,16,'D',175,176,128,214,163,39, - 186,137,'0','9',134,'.',248,'@','k','0',13,6,9,'*',134,'H',134,247,13,1,1, - 5,5,0,'0','?','1','$','0','"',6,3,'U',4,0xa,19,27,'D','i','g','i','t','a', - 'l',' ','S','i','g','n','a','t','u','r','e',' ','T','r','u','s','t',' ', - 'C','o','.','1',0x17,'0',21,6,3,'U',4,3,19,14,'D','S','T',' ','R','o','o', - 't',' ','C','A',' ','X','3','0',30,23,0xd,'0','0','0','9','3','0','2','1', - '1','2','1','9','Z',23,13,'2','1','0','9','3','0','1','4','0','1','1','5', - 'Z','0','?','1','$','0','"',0x06,3,'U',4,10,19,27,'D','i','g','i','t','a', - 'l',' ','S','i','g','n','a','t','u','r','e',' ','T','r','u','s','t',' ', - 'C','o','.','1',0x17,'0',21,6,3,'U',4,3,19,14,'D','S','T',' ','R','o','o', - 't',' ','C','A',' ','X','3','0',0x82,1,'"','0',13,6,9,'*',134,'H',134,247, - 0xd,1,1,1,5,0,3,130,1,15,0,'0',130,1,10,2,130,1,1,0,223,175,233,151,'P',8, - 0x83,'W',0xb4,204,'b','e',246,144,130,236,199,211,',','k','0',202,'[',236, - 217,195,'}',199,'@',193,24,20,139,224,232,'3','v','I','*',227,'?','!','I', - 147,172,'N',14,175,'>','H',203,'e',238,252,211,'!',15,'e',210,'*',217,'2', - 0x8f,0x8c,0xe5,247,'w',176,18,'{',181,149,192,137,163,169,186,237,'s','.', - 'z',12,6,'2',131,162,'~',138,20,'0',205,17,160,225,'*','8',185,'y',10,'1', - 0xfd,'P',0xbd,128,'e',223,183,'Q','c',131,200,226,136,'a',234,'K','a',129, - 0xec,'R','k',0xb9,0xa2,226,'K',26,'(',159,'H',163,158,12,218,9,142,'>',23, - '.',30,0xdd,' ',223,'[',198,'*',138,171,'.',189,'p',173,197,11,26,'%',144, - 't','r',197,'{','j',171,'4',214,'0',137,255,229,'h',19,'{','T',11,200,214, - 174,236,'Z',156,146,30,'=','d',179,140,198,223,191,201,'A','p',236,22,'r', - 213,'&',236,'8','U','9','C',208,252,253,24,92,'@',241,151,235,213,154,155, - 0x8d,29,0xba,218,'%',185,198,216,223,193,21,2,':',171,218,'n',241,'>','.', - 0xf5,0x5c,8,156,'<',214,131,'i',228,16,155,25,'*',182,')','W',227,229,'=', - 0x9b,159,240,2,']',2,3,1,0,1,163,'B','0','@','0',15,6,3,'U',29,19,1,1,255, - 4,5,'0',3,1,1,255,'0',14,6,3,'U',29,15,1,1,255,4,4,3,2,1,6,'0',29,6,3,'U', - 0x1d,14,4,22,4,20,196,167,177,164,'{',',','q',250,219,225,'K',144,'u',255, - 196,21,'`',133,137,16,'0',13,6,9,'*',134,'H',134,247,13,1,1,5,5,0,3,130,1, - 1,0,163,26,',',155,23,0,92,169,30,238,'(','f','7',':',191,131,199,'?','K', - 0xc3,9,160,149,' ',']',227,217,'Y','D',210,'>',13,'>',189,138,'K',160,'t', - 31,206,16,130,156,'t',26,29,'~',152,26,221,203,19,'K',179,' ','D',228,145, - 233,204,252,'}',165,219,'j',229,254,230,253,224,'N',221,183,0,':',181,'p', - 'I',0xaf,242,229,235,2,241,209,2,139,25,203,148,':','^','H',196,24,30,'X', - 0x19,'_',30,2,'Z',0xf0,12,241,177,173,169,220,'Y',134,139,'n',233,145,245, - 0x86,0xca,0xfa,185,'f','3',170,'Y','[',206,226,167,22,'s','G',203,'+',204, - 153,176,'7','H',207,227,'V','K',245,207,15,12,'r','2',135,198,240,'D',187, - 'S','r','m','C',0xf5,'&','H',0x9a,'R','g',183,'X',171,254,'g','v','q','x', - 0xdb,13,162,'V',20,19,'9','$','1',133,162,168,2,'Z','0','G',225,221,'P',7, - 0xbc,2,9,0x90,0,235,'d','c','`',155,22,188,136,201,18,230,210,'}',145,139, - 0xf9,'=','2',0x8d,'e',0xb4,233,'|',177,'W','v',234,197,182,'(','9',191,21, - 'e',0x1c,200,246,'w',150,'j',10,141,'w',11,216,145,11,4,142,7,219,')',182, - 10,238,157,130,'5','5',16, -] - - -/** -DST Root CA X3. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. Usually the replacement - is $ISRG_ROOT_X1. -*/ -DST_ROOT_CA_X3 ::= DST_ROOT_CA_X3_ -DST_ROOT_CA_X3_ ::= tls.RootCertificate --fingerprint=0x597f5e5c DST_ROOT_CA_X3_BYTES_ - DIGICERT_ASSURED_ID_ROOT_CA_BYTES_ ::= #[ '0',0x82,0x3,183,'0',130,2,159,160,3,2,1,2,2,16,12,231,224,229,23,216,'F', 0xfe,143,229,'`',252,27,240,'0','9','0',13,6,9,'*',134,'H',134,247,13,1,1, @@ -3863,91 +3742,6 @@ Subject: CN=DigiCert Trusted Root G4 O=DigiCert Inc OU=www.digicert.com */ DIGICERT_TRUSTED_ROOT_G4 ::= tls.RootCertificate --fingerprint=0x378b0597 DIGICERT_TRUSTED_ROOT_G4_BYTES_ -EC_ACC_BYTES_ ::= #[ - '0',0x82,5,'V','0',130,4,'>',160,3,2,1,2,2,16,238,'+','=',235,212,'!',222, - 20,0xa8,'b',172,4,243,221,196,1,'0',13,6,9,'*',134,'H',134,247,13,1,1,5,5, - 0x0,'0',129,243,'1',11,'0',9,6,3,'U',4,6,19,2,'E','S','1',';','0','9',6,3, - 'U',0x4,10,19,'2','A','g','e','n','c','i','a',' ','C','a','t','a','l','a', - 'n','a',' ','d','e',' ','C','e','r','t','i','f','i','c','a','c','i','o', - ' ','(','N','I','F',' ','Q','-','0','8','0','1','1','7','6','-','I',')', - '1','(','0','&',0x06,3,'U',4,11,19,31,'S','e','r','v','e','i','s',' ','P', - 'u','b','l','i','c','s',' ','d','e',' ','C','e','r','t','i','f','i','c', - 'a','c','i','o','1','5','0','3',0x6,3,'U',4,11,19,',','V','e','g','e','u', - ' ','h','t','t','p','s',':','/','/','w','w','w','.','c','a','t','c','e', - 'r','t','.','n','e','t','/','v','e','r','a','r','r','e','l',' ','(','c', - ')','0','3','1','5','0','3',0x6,3,'U',4,11,19,',','J','e','r','a','r','q', - 'u','i','a',' ','E','n','t','i','t','a','t','s',' ','d','e',' ','C','e', - 'r','t','i','f','i','c','a','c','i','o',' ','C','a','t','a','l','a','n', - 'e','s','1',0xf,'0',13,6,3,'U',4,3,19,6,'E','C','-','A','C','C','0',30,23, - 0xd,'0','3','0','1','0','7','2','3','0','0','0','0','Z',23,13,'3','1','0', - '1','0','7','2','2','5','9','5','9','Z','0',0x81,243,'1',11,'0',9,6,3,'U', - 4,6,19,2,'E','S','1',';','0','9',6,3,'U',4,0xa,19,'2','A','g','e','n','c', - 'i','a',' ','C','a','t','a','l','a','n','a',' ','d','e',' ','C','e','r', - 't','i','f','i','c','a','c','i','o',' ','(','N','I','F',' ','Q','-','0', - '8','0','1','1','7','6','-','I',')','1','(','0','&',0x06,3,'U',4,11,19,31, - 'S','e','r','v','e','i','s',' ','P','u','b','l','i','c','s',' ','d','e', - ' ','C','e','r','t','i','f','i','c','a','c','i','o','1','5','0','3',0x6,3, - 'U',0x4,11,19,',','V','e','g','e','u',' ','h','t','t','p','s',':','/','/', - 'w','w','w','.','c','a','t','c','e','r','t','.','n','e','t','/','v','e', - 'r','a','r','r','e','l',' ','(','c',')','0','3','1','5','0','3',6,3,'U',4, - 11,19,',','J','e','r','a','r','q','u','i','a',' ','E','n','t','i','t','a', - 't','s',' ','d','e',' ','C','e','r','t','i','f','i','c','a','c','i','o', - ' ','C','a','t','a','l','a','n','e','s','1',0x0f,'0',0xd,6,3,'U',4,3,19,6, - 'E','C','-','A','C','C','0',130,1,'"','0',13,6,9,'*',134,'H',134,247,13,1, - 1,1,5,0,3,130,1,15,0,'0',130,1,10,2,130,1,1,0,179,'"',199,'O',226,151,'B', - 0x95,136,'G',131,'@',246,29,23,243,131,'s','$',30,'Q',243,152,138,195,146, - 0xb8,255,'@',144,5,'p',135,'`',201,0,169,181,148,'e',25,'"',21,23,194,'C', - 'l','f','D',0x9a,13,4,'>','9','o',165,'K','z',170,'c',183,138,'D',157,217, - 'c',0x91,132,'f',224,'(',15,186,'B',227,'n',142,247,20,39,147,'i',238,145, - 14,163,'_',14,177,235,'f',162,'r','O',18,19,134,'e','z','>',219,'O',7,244, - 0xa7,9,'`',0xda,':','B',153,199,178,127,179,22,149,28,199,249,'4',181,148, - 133,213,153,'^',160,'H',160,'~',231,23,'e',184,162,'u',184,30,243,229,'B', - '}',0xaf,0xed,0xf3,138,'H','d',']',130,20,147,216,192,228,255,179,'P','r', - 0xf2,'v',0xf6,179,']','B','P','y',208,148,'>','k',12,0,190,216,'k',14,'N', - '*',0xec,'>',0xd2,204,130,162,24,'e','3',19,'w',158,154,']',26,19,216,195, - 0xdb,'=',0xc8,151,'z',238,'p',237,167,230,'|',219,'q',207,'-',148,'b',223, - 'm',0xd6,0xf5,'8',190,'?',165,133,10,25,184,168,216,9,'u','B','p',196,234, - 0xef,0xcb,14,200,'4',168,18,'"',152,12,184,19,148,182,'K',236,240,208,144, - 231,39,2,3,1,0,1,163,129,227,'0',129,224,'0',29,6,3,'U',29,17,4,22,'0',20, - 0x81,0x12,'e','c','_','a','c','c','@','c','a','t','c','e','r','t','.','n', - 'e','t','0',0xf,6,3,'U',29,19,1,1,255,4,5,'0',3,1,1,255,'0',14,6,3,'U',29, - 15,1,1,255,4,4,3,2,1,6,'0',29,6,3,'U',29,14,4,22,4,20,160,195,139,'D',170, - '7',0xa5,'E',0xbf,151,128,'Z',209,241,'x',162,155,233,']',141,'0',127,6,3, - 'U',0x1d,' ',4,'x','0','v','0','t',6,0xb,'+',6,1,4,1,245,'x',1,3,1,10,'0', - 'e','0',',',6,8,'+',6,1,5,5,7,2,1,22,' ','h','t','t','p','s',':','/','/', - 'w','w','w','.','c','a','t','c','e','r','t','.','n','e','t','/','v','e', - 'r','a','r','r','e','l','0','5',0x6,8,'+',6,1,5,5,7,2,2,'0',')',26,39,'V', - 'e','g','e','u',' ','h','t','t','p','s',':','/','/','w','w','w','.','c', - 'a','t','c','e','r','t','.','n','e','t','/','v','e','r','a','r','r','e', - 'l',' ','0',0x0d,6,9,'*',134,'H',134,247,13,1,1,5,5,0,3,130,1,1,0,160,'H', - '[',130,1,246,'M','H',184,'9','U','5',156,128,'z','S',153,213,'Z',255,177, - 'q',';',0xcc,'9',0x9,148,'^',214,218,239,190,1,'[',']',211,30,216,253,'}', - 'O',0xcd,0xa0,'A',0xe0,'4',147,191,203,226,134,156,'7',146,144,'V',28,220, - 0xeb,')',5,229,196,158,199,'5',223,138,12,205,197,'!','C',233,170,136,229, - '5',0xc0,25,'B','c','Z',2,'^',0xa4,'H',24,':',133,'o',220,157,188,'?',157, - 0x9c,193,135,184,'z','a',8,233,'w',11,127,'p',171,'z',221,217,151,',','d', - 0x1e,0x85,191,188,'t',150,161,195,'z',18,236,12,26,'n',131,12,'<',232,'r', - 'F',0x9f,0xfb,'H',213,'^',151,230,177,161,248,228,239,'F','%',148,156,137, - 219,'i','8',190,236,92,14,'V',199,'e','Q',229,'P',136,136,191,'B',213,'+', - '=',0xe5,249,186,158,'.',179,202,244,'s',146,2,11,190,'L','f',235,' ',254, - 0xb9,203,181,153,127,230,182,19,250,202,'K','M',217,238,'S','F',6,';',198, - 'N',173,147,'Z',129,'~','l','*','K','j',5,'E',140,242,'!',164,'1',144,135, - 'l','e',156,157,165,'`',149,':','R',127,245,209,171,8,'n',243,238,'[',249, - 136,'=','~',184,'o','n',3,228,'B', -] - - -/** -EC-ACC. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. -*/ -EC_ACC ::= EC_ACC_ -EC_ACC_ ::= tls.RootCertificate --fingerprint=0xde33eb19 EC_ACC_BYTES_ - ENTRUST_ROOT_CERTIFICATION_AUTHORITY_BYTES_ ::= #[ '0',0x82,0x4,145,'0',130,3,'y',160,3,2,1,2,2,4,'E','k','P','T','0',13,6,9, '*',0x86,'H',134,247,13,1,1,5,5,0,'0',129,176,'1',11,'0',9,6,3,'U',4,6,19, @@ -4948,69 +4742,6 @@ Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA */ GLOBALSIGN_ROOT_CA ::= tls.RootCertificate --fingerprint=0x361129dd GLOBALSIGN_ROOT_CA_BYTES_ -GLOBALSIGN_ROOT_CA_R2_BYTES_ ::= #[ - '0',0x82,3,0xba,'0',130,2,162,160,3,2,1,2,2,11,4,0,0,0,0,1,15,134,'&',230, - 13,'0',13,6,9,'*',134,'H',134,247,13,1,1,5,5,0,'0','L','1',' ','0',30,6,3, - 'U',0x04,11,19,23,'G','l','o','b','a','l','S','i','g','n',' ','R','o','o', - 't',' ','C','A',' ','-',' ','R','2','1',19,'0',17,6,3,'U',4,0xa,19,10,'G', - 'l','o','b','a','l','S','i','g','n','1',0x13,'0',17,6,3,'U',4,3,19,10,'G', - 'l','o','b','a','l','S','i','g','n','0',30,23,0xd,'0','6','1','2','1','5', - '0','8','0','0','0','0','Z',23,13,'2','1','1','2','1','5','0','8','0','0', - '0','0','Z','0','L','1',' ','0',30,6,3,'U',4,11,19,23,'G','l','o','b','a', - 'l','S','i','g','n',' ','R','o','o','t',' ','C','A',' ','-',' ','R','2', - '1',19,'0',17,6,3,'U',4,0xa,19,10,'G','l','o','b','a','l','S','i','g','n', - '1',0x13,'0',17,6,3,'U',4,3,19,10,'G','l','o','b','a','l','S','i','g','n', - '0',0x82,0x1,'"','0',13,6,9,'*',134,'H',134,247,13,1,1,1,5,0,3,130,1,15,0, - '0',0x82,1,0xa,2,130,1,1,0,166,207,'$',14,190,'.','o','(',153,'E','B',196, - 171,'>','!','T',155,11,211,127,132,'p',250,18,179,203,191,135,'_',198,127, - 0x86,0xd3,178,'0',92,214,253,173,241,'{',220,229,248,'`',150,9,146,16,245, - 0xd0,'S',0xde,251,'{','~','s',136,172,'R',136,'{','J',166,202,'I',166,'^', - 0xa8,167,140,'Z',17,188,'z',130,235,190,140,233,179,172,150,'%',7,151,'J', - 0x99,'*',7,'/',180,30,'w',191,138,15,181,2,'|',27,150,184,197,185,':',',', - 0xbc,214,18,185,235,'Y','}',226,208,6,134,'_','^','I','j',181,'9','^',136, - '4',0xec,0xbc,'x',12,8,152,132,'l',168,205,'K',180,160,'}',12,'y','M',240, - 0xb8,'-',0xcb,'!',202,213,'l','[','}',225,160,')',132,161,249,211,148,'I', - 0xcb,'$','b',145,' ',188,221,11,213,217,204,249,234,39,10,'+','s',145,198, - 0x9d,27,172,200,203,232,224,160,244,'/',144,139,'M',251,176,'6',27,246,25, - 'z',0x85,224,'m',242,'a',19,136,92,159,224,147,10,'Q',151,138,'Z',206,175, - 0xab,213,247,170,9,170,'`',189,220,217,'_',223,'r',169,'`',19,'^',0,1,201, - 'J',250,'?',164,234,7,3,'!',2,142,130,202,3,194,155,143,2,3,1,0,1,163,129, - 0x9c,'0',0x81,153,'0',14,6,3,'U',29,15,1,1,255,4,4,3,2,1,6,'0',15,6,3,'U', - 29,19,1,1,0xff,4,5,'0',3,1,1,255,'0',29,6,3,'U',29,14,4,22,4,20,155,226,7, - 'W','g',28,30,0xc0,'j',6,222,'Y',180,154,'-',223,220,25,134,'.','0','6',6, - 3,'U',29,31,4,'/','0','-','0','+',0xa0,')',160,39,134,'%','h','t','t','p', - ':','/','/','c','r','l','.','g','l','o','b','a','l','s','i','g','n','.', - 'n','e','t','/','r','o','o','t','-','r','2','.','c','r','l','0',0x1f,6,3, - 'U',0x1d,'#',4,24,'0',22,128,20,155,226,7,'W','g',28,30,192,'j',6,222,'Y', - 0xb4,154,'-',223,220,25,134,'.','0',13,6,9,'*',134,'H',134,247,13,1,1,5,5, - 0x0,3,130,1,1,0,153,129,'S',135,28,'h',151,134,145,236,224,'J',184,'D',11, - 0xab,129,172,39,'O',214,193,184,28,'C','x',179,12,154,252,234,',','<','n', - 'a',0x1b,'M','K',')',245,159,5,29,'&',193,184,233,131,0,'b','E',182,169,8, - 147,185,169,'3','K',24,154,194,248,135,136,'N',219,221,'q','4',26,193,'T', - 0xda,'F','?',0xe0,211,'*',171,'m','T','"',245,':','b',205,' ','o',186,')', - 0x89,0xd7,0xdd,145,238,211,92,162,'>',161,'[','A',245,223,229,'d','C','-', - 233,213,'9',171,210,162,223,183,139,208,192,128,25,28,'E',192,'-',140,232, - 0xf8,'-',164,'t','V','I',197,5,181,'O',21,222,'n','D','x','9',135,168,'~', - 0xbb,243,'y',24,145,187,244,'o',157,193,240,140,'5',140,']',1,251,195,'m', - 0xb9,0xef,'D','m','y','F','1','~',0xa,254,169,130,193,255,239,171,'n',' ', - 0xc4,'P',0xc9,'_',157,'M',155,23,140,12,229,1,201,160,'A','j','s','S',250, - 0xa5,'P',0xb4,'n','%',15,251,'L',24,244,253,'R',217,142,'i',177,232,17,15, - 222,136,216,251,29,'I',247,170,222,149,207,' ','x',194,'`',18,219,'%','@', - 140,'j',252,'~','B','8','@','d',18,247,158,129,225,147,'.', -] - - -/** -GlobalSign Root CA - R2. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. -*/ -GLOBALSIGN_ROOT_CA_R2 ::= GLOBALSIGN_ROOT_CA_R2_ -GLOBALSIGN_ROOT_CA_R2_ ::= tls.RootCertificate --fingerprint=0x23eb58ea GLOBALSIGN_ROOT_CA_R2_BYTES_ - GLOBALSIGN_ROOT_CA_R3_BYTES_ ::= #[ '0',0x82,0x3,'_','0',130,2,'G',160,3,2,1,2,2,11,4,0,0,0,0,1,'!','X','S',8, 162,'0',13,6,9,'*',134,'H',134,247,13,1,1,11,5,0,'0','L','1',' ','0',30,6, @@ -5607,76 +5338,6 @@ Subject: CN=Hellenic Academic and Research Institutions ECC RootCA 2015 O=Hellen */ HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ECC_ROOTCA_2015 ::= tls.RootCertificate --fingerprint=0x29d4953d HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ECC_ROOTCA_2015_BYTES_ -HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_BYTES_ ::= #[ - '0',0x82,4,'1','0',0x82,3,25,160,3,2,1,2,2,1,0,'0',13,6,9,'*',134,'H',134, - 0xf7,0x0d,1,1,5,5,0,'0',129,149,'1',11,'0',9,6,3,'U',4,6,19,2,'G','R','1', - 'D','0','B',0x6,3,'U',4,10,19,';','H','e','l','l','e','n','i','c',' ','A', - 'c','a','d','e','m','i','c',' ','a','n','d',' ','R','e','s','e','a','r', - 'c','h',' ','I','n','s','t','i','t','u','t','i','o','n','s',' ','C','e', - 'r','t','.',' ','A','u','t','h','o','r','i','t','y','1','@','0','>',0x6,3, - 'U',0x04,3,19,'7','H','e','l','l','e','n','i','c',' ','A','c','a','d','e', - 'm','i','c',' ','a','n','d',' ','R','e','s','e','a','r','c','h',' ','I', - 'n','s','t','i','t','u','t','i','o','n','s',' ','R','o','o','t','C','A', - ' ','2','0','1','1','0',30,23,0xd,'1','1','1','2','0','6','1','3','4','9', - '5','2','Z',23,13,'3','1','1','2','0','1','1','3','4','9','5','2','Z','0', - 0x81,0x95,'1',11,'0',9,6,3,'U',4,6,19,2,'G','R','1','D','0','B',6,3,'U',4, - 10,19,';','H','e','l','l','e','n','i','c',' ','A','c','a','d','e','m','i', - 'c',' ','a','n','d',' ','R','e','s','e','a','r','c','h',' ','I','n','s', - 't','i','t','u','t','i','o','n','s',' ','C','e','r','t','.',' ','A','u', - 't','h','o','r','i','t','y','1','@','0','>',0x06,3,'U',4,3,19,'7','H','e', - 'l','l','e','n','i','c',' ','A','c','a','d','e','m','i','c',' ','a','n', - 'd',' ','R','e','s','e','a','r','c','h',' ','I','n','s','t','i','t','u', - 't','i','o','n','s',' ','R','o','o','t','C','A',' ','2','0','1','1','0', - 0x82,0x1,'"','0',13,6,9,'*',134,'H',134,247,13,1,1,1,5,0,3,130,1,15,0,'0', - 0x82,0x1,10,2,130,1,1,0,169,'S',0,227,'.',166,246,142,250,'`',216,'-',149, - '>',0xf8,',','*','T','N',0xcd,185,132,'a',148,'X','O',143,'=',139,228,'C', - 243,'u',137,141,'Q',228,195,'7',210,138,136,'M','y',30,183,18,221,'C','x', - 'J',0x8a,0x92,230,215,'H',213,15,164,':',')','D','5',184,7,246,'h',29,'U', - 0xcd,'8','Q',0xf0,0x8c,'$','1',133,175,131,201,'}',233,'w',175,237,26,'{', - 157,23,249,179,157,'8','P',15,166,'Z','y',145,128,175,'7',174,166,211,'1', - 0xfb,0xb5,'&',9,0x9d,'<','Z',239,'Q',197,'+',223,150,']',235,'2',30,2,218, - 'p','I',0xec,'n',0x0c,200,154,'7',141,247,241,'6','`','K','&',',',130,158, - 0xd0,'x',243,13,15,'c',164,'Q','0',225,249,'+',39,18,7,216,234,189,24,'b', - 0x98,0xb0,'Y','7','}',0xbe,238,243,' ','Q','B','Z',131,239,147,186,'i',21, - 0xf1,'b',0x9d,0x9f,153,'9',130,161,183,'t','.',139,212,197,11,'{','/',240, - 0xc8,10,218,'=','y',10,154,147,28,165,'(','r','s',145,'C',154,167,209,'M', - 0x85,0x84,185,169,'t',143,20,'@',199,220,222,172,'A','d','l',180,25,155,2, - 'c','m','$','d',143,'D',178,'%',234,206,']','t',12,'c','2',92,141,135,229, - 2,3,1,0,1,0xa3,129,137,'0',129,134,'0',15,6,3,'U',29,19,1,1,255,4,5,'0',3, - 0x1,1,255,'0',11,6,3,'U',29,15,4,4,3,2,1,6,'0',29,6,3,'U',29,14,4,22,4,20, - 166,145,'B',253,19,'a','J','#',158,8,164,')',229,216,19,4,'#',238,'A','%', - '0','G',6,3,'U',29,30,4,'@','0','>',160,'<','0',5,130,3,'.','g','r','0',5, - 130,3,'.','e','u','0',6,130,4,'.','e','d','u','0',6,130,4,'.','o','r','g', - '0',0x5,129,3,'.','g','r','0',5,129,3,'.','e','u','0',6,129,4,'.','e','d', - 'u','0',6,129,4,'.','o','r','g','0',13,6,9,'*',134,'H',134,247,13,1,1,5,5, - 0,3,0x82,1,1,0,31,239,'y','A',225,'{','n','?',178,140,134,'7','B','J','N', - 28,'7',30,141,'f',186,'$',129,201,'O',18,15,'!',192,3,151,134,'%','m',']', - 0xd3,'"',')',168,'l',162,13,169,235,'=',6,'[',153,':',199,204,195,154,'4', - 0x7f,171,14,200,'N',28,225,250,228,220,205,13,190,191,'$',254,'l',231,'k', - 0xc2,0xd,200,6,158,'N',141,'a','(',166,'j',253,229,246,'b',234,24,'<','N', - 0xa0,'S',0x9d,178,':',156,235,165,156,145,22,182,'M',130,224,12,5,'H',169, - 'l',0xf5,0xcc,248,203,157,'I',180,240,2,165,253,'p',3,237,138,'!',165,174, - 19,0x86,'I',195,'3','s',190,135,';','t',139,23,'E','&','L',22,145,131,254, - 'g','}',0xcd,'M','c','g',0xfa,0xf3,3,18,150,'x',6,141,177,'g',237,142,'?', - 190,159,'O',2,245,179,9,'/',243,'L',135,223,'*',203,149,'|',1,204,172,'6', - 'z',191,162,'s','z',247,143,193,181,154,161,20,178,143,'3',159,13,239,'"', - 0xdc,'f','{',132,189,'E',23,6,'=','<',202,185,'w','4',143,202,234,207,'?', - '1','>',0xe3,0x88,227,128,'I','%',200,151,181,157,154,153,'M',176,'<',248, - 'J',0,155,'d',221,159,'9','K',209,39,215,184, -] - - -/** -Hellenic Academic and Research Institutions RootCA 2011. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. -*/ -HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011 ::= HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_ -HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_ ::= tls.RootCertificate --fingerprint=0x686c10e4 HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_BYTES_ - HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2015_BYTES_ ::= #[ '0',0x82,6,0xb,'0',130,3,243,160,3,2,1,2,2,1,0,'0',13,6,9,'*',134,'H',134, 0xf7,0xd,1,1,11,5,0,'0',129,166,'1',11,'0',9,6,3,'U',4,6,19,2,'G','R','1', @@ -6717,72 +6378,6 @@ Subject: CN=NetLock Arany (Class Gold) Főtanúsítvány O=NetLock Kft. OU=Tanú */ NETLOCK_ARANY ::= tls.RootCertificate --fingerprint=0xb7c838ac NETLOCK_ARANY_BYTES_ -NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_BYTES_ ::= #[ - '0',0x82,0x3,230,'0',130,2,206,160,3,2,1,2,2,16,'W',203,'3','o',194,92,22, - 230,'G',22,23,227,144,'1','h',224,'0',13,6,9,'*',134,'H',134,247,13,1,1,5, - 5,0,'0','b','1',0xb,'0',9,6,3,'U',4,6,19,2,'U','S','1','!','0',31,6,3,'U', - 0x04,10,19,24,'N','e','t','w','o','r','k',' ','S','o','l','u','t','i','o', - 'n','s',' ','L','.','L','.','C','.','1','0','0','.',6,3,'U',4,3,19,39,'N', - 'e','t','w','o','r','k',' ','S','o','l','u','t','i','o','n','s',' ','C', - 'e','r','t','i','f','i','c','a','t','e',' ','A','u','t','h','o','r','i', - 't','y','0',30,23,0xd,'0','6','1','2','0','1','0','0','0','0','0','0','Z', - 23,0xd,'2','9','1','2','3','1','2','3','5','9','5','9','Z','0','b','1',11, - '0',9,6,3,'U',4,6,19,2,'U','S','1','!','0',31,6,3,'U',4,0xa,19,24,'N','e', - 't','w','o','r','k',' ','S','o','l','u','t','i','o','n','s',' ','L','.', - 'L','.','C','.','1','0','0','.',6,3,'U',4,3,19,39,'N','e','t','w','o','r', - 'k',' ','S','o','l','u','t','i','o','n','s',' ','C','e','r','t','i','f', - 'i','c','a','t','e',' ','A','u','t','h','o','r','i','t','y','0',130,1,'"', - '0',0x0d,6,9,'*',134,'H',134,247,13,1,1,1,5,0,3,130,1,15,0,'0',130,1,10,2, - 0x82,1,1,0,0xe4,188,'~',146,'0','m',198,216,142,'+',11,188,'F',206,224,39, - 0x96,222,222,249,250,18,211,'<','3','s',179,4,'/',188,'q',140,229,159,182, - '"','`','>','_',']',0xce,0x9,255,130,12,27,154,'Q','P',26,'&',137,221,213, - 'a',']',0x19,0xdc,18,15,'-',10,162,'C',']',23,208,'4',146,' ',234,'s',207, - '8',',',0x6,'&',9,'z','r',247,250,'P','2',248,194,147,211,'i',162,'#',206, - 'A',0xb1,204,228,213,31,'6',209,138,':',248,140,'c',226,20,'Y','i',237,13, - 0xd3,0x7f,'k',232,184,3,229,'O','j',229,152,'c','i','H',5,190,'.',255,'3', - 182,233,151,'Y','i',248,'g',25,174,147,'a',150,'D',21,211,'r',176,'?',188, - 'j','}',0xec,'H',0x7f,141,195,171,170,'q','+','S','i','A','S','4',181,176, - 0xb9,197,6,10,196,176,'E',245,'A',']','n',137,'E','{','=',';','&',140,'t', - 194,229,210,209,'}',178,17,212,251,'X','2','"',154,128,201,220,253,12,233, - 0x7f,'^',3,151,206,';',0,20,135,39,'p','8',169,142,'n',179,39,'v',152,'Q', - 0xe0,5,0xe3,'!',171,26,213,133,'"','<',')',181,154,22,197,128,168,244,187, - 'k','0',0x8f,'/','F',0x2,162,177,12,'"',224,211,2,3,1,0,1,163,129,151,'0', - 0x81,148,'0',29,6,3,'U',29,14,4,22,4,20,'!','0',201,251,0,215,'N',152,218, - 0x87,170,'*',208,167,'.',177,'@','1',167,'L','0',14,6,3,'U',29,15,1,1,255, - 0x04,4,3,2,1,6,'0',15,6,3,'U',29,19,1,1,255,4,5,'0',3,1,1,255,'0','R',6,3, - 'U',0x1d,31,4,'K','0','I','0','G',160,'E',160,'C',134,'A','h','t','t','p', - ':','/','/','c','r','l','.','n','e','t','s','o','l','s','s','l','.','c', - 'o','m','/','N','e','t','w','o','r','k','S','o','l','u','t','i','o','n', - 's','C','e','r','t','i','f','i','c','a','t','e','A','u','t','h','o','r', - 'i','t','y','.','c','r','l','0',13,6,9,'*',134,'H',134,247,13,1,1,5,5,0,3, - 130,1,1,0,187,174,'K',231,183,'W',235,127,170,'-',183,'s','G',133,'j',193, - 0xe4,0xa5,29,0xe4,231,'<',233,244,'Y','e','w',181,'z','[','Z',141,'%','6', - 224,'z',151,'.','8',192,'W','`',131,152,6,131,159,185,'v','z','n','P',224, - 0xba,136,',',252,'E',204,24,176,153,149,'Q',14,236,29,184,136,255,135,'P', - 28,130,194,227,224,'2',128,191,160,11,'G',200,195,'1',239,153,'g','2',128, - 'O',23,'!','y',12,'i',92,222,'^','4',174,2,181,'&',234,'P',223,127,24,'e', - ',',0xc9,0xf2,'c',225,169,7,254,'|','q',31,'k','3','$','j',30,5,247,5,'h', - 0xc0,'j',0x12,203,'.','^','a',203,174,'(',211,'~',194,180,'f',145,'&','_', - '<','.','$','_',203,'X',15,235,'(',236,175,17,150,243,220,'{','o',192,167, - 0x88,0xf2,'S','w',179,'`','^',174,174,'(',218,'5',',','o','4','E',211,'&', - 0xe1,222,236,'[','O',39,'k',22,'|',189,'D',4,24,130,179,137,'y',23,16,'q', - '=','z',0xa2,22,'N',0xf5,1,205,164,'l','e','h',161,'I','v',92,'C',201,216, - 0xbc,'6','g','l',0xa5,148,181,212,204,185,189,'j','5','V','!',222,216,195, - 235,251,203,164,'`','L',176,'U',160,160,'{','W',178, -] - - -/** -Network Solutions Certificate Authority. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. -*/ -NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY ::= NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_ -NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_ ::= tls.RootCertificate --fingerprint=0x9f855a43 NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_BYTES_ - OISTE_WISEKEY_GLOBAL_ROOT_GB_CA_BYTES_ ::= #[ '0',0x82,3,181,'0',130,2,157,160,3,2,1,2,2,16,'v',177,' ','R','t',240,133, 0x87,'F',179,248,'#',26,246,194,192,'0',13,6,9,'*',134,'H',134,247,13,1,1, @@ -8536,93 +8131,6 @@ Subject: CN=Security Communication RootCA3 O=SECOM Trust Systems CO.,LTD. */ SECURITY_COMMUNICATION_ROOTCA3 ::= tls.RootCertificate --fingerprint=0xa5e9d9d9 SECURITY_COMMUNICATION_ROOTCA3_BYTES_ -STAAT_DER_NEDERLANDEN_EV_ROOT_CA_BYTES_ ::= #[ - '0',0x82,5,'p','0',130,3,'X',160,3,2,1,2,2,4,0,152,150,141,'0',13,6,9,'*', - 0x86,'H',0x86,247,13,1,1,11,5,0,'0','X','1',11,'0',9,6,3,'U',4,6,19,2,'N', - 'L','1',30,'0',28,6,3,'U',4,0xa,12,21,'S','t','a','a','t',' ','d','e','r', - ' ','N','e','d','e','r','l','a','n','d','e','n','1',')','0',39,6,3,'U',4, - 3,0xc,' ','S','t','a','a','t',' ','d','e','r',' ','N','e','d','e','r','l', - 'a','n','d','e','n',' ','E','V',' ','R','o','o','t',' ','C','A','0',30,23, - 0xd,'1','0','1','2','0','8','1','1','1','9','2','9','Z',23,13,'2','2','1', - '2','0','8','1','1','1','0','2','8','Z','0','X','1',0xb,'0',9,6,3,'U',4,6, - 19,2,'N','L','1',30,'0',28,6,3,'U',4,10,12,21,'S','t','a','a','t',' ','d', - 'e','r',' ','N','e','d','e','r','l','a','n','d','e','n','1',')','0',39,6, - 3,'U',4,3,0xc,' ','S','t','a','a','t',' ','d','e','r',' ','N','e','d','e', - 'r','l','a','n','d','e','n',' ','E','V',' ','R','o','o','t',' ','C','A', - '0',0x82,0x2,'"','0',13,6,9,'*',134,'H',134,247,13,1,1,1,5,0,3,130,2,15,0, - '0',0x82,2,10,2,130,2,1,0,227,199,'~',137,249,'$','K',':',210,'3',131,'5', - ',','i',0xec,0xdc,9,164,227,'Q',168,'%','+','y',184,8,'=',224,145,186,132, - 0x85,0xc6,0x85,164,202,230,201,'.','S',164,201,'$',30,253,'U','f','q',']', - ',',197,'`','h',4,183,217,194,'R','&','8',136,164,214,';','@',166,194,205, - '?',205,152,147,179,'T',20,'X',150,'U',213,'P',254,134,173,164,'c',127,92, - 135,246,142,230,39,146,'g',23,146,2,3,',',220,214,'f','t',237,221,'g',255, - 0xc1,'a',0x8d,'c','O',15,155,'m',23,'0','&',239,171,210,31,16,160,249,197, - 0x7f,22,'i',0x81,3,'G',237,30,'h',141,'r',161,'M',178,'&',198,186,'l','_', - 'm',214,175,209,177,19,142,169,173,243,'^','i','u','&',24,'>','A','+','!', - 0x7f,0xee,0x8b,']',7,6,157,'C',196,')',10,'+',252,'*','>',134,203,'<',131, - ':',0xf9,0xc9,0xd,218,197,153,226,188,'x','A','3','v',225,191,'/',']',229, - 164,152,'P',12,21,221,224,250,156,127,'8','h',208,178,166,'z',167,209,'1', - 0xbd,'~',0x8a,'X',39,'C',179,186,'3',145,211,167,152,21,92,154,230,211,15, - 'u',0xd9,0xfc,'A',0x98,151,'>',170,'%',219,143,146,'.',176,'{',12,'_',241, - 'c',0xa9,'7',0xf9,0x9b,'u','i','L','(','&','%',218,213,242,18,'p','E','U', - 0xe3,0xdf,'s','^','7',245,'!','l',144,142,'5','Z',201,211,'#',235,211,192, - 0xbe,'x',172,'B','(','X','f',165,'F','m','p',2,215,16,249,'K','T',252,']', - 0x86,'J',0x87,0xcf,127,202,'E',172,17,'Z',181,' ','Q',141,'/',136,'G',151, - '9',0xc0,207,186,192,'B',1,'@',153,'H','!',11,'k',167,210,253,150,213,209, - 0xbe,'F',0x9d,'I',0xe0,11,166,160,'"','N','8',208,193,'<','0',188,'p',143, - ',','u',204,208,197,140,'Q',';','=',148,8,'d','&','a','}',185,195,'e',143, - 0x14,156,'!',208,170,253,23,'r',3,143,189,155,140,230,'^','S',158,185,157, - 239,130,187,225,188,226,'r','A','[','!',148,211,'E','7',148,209,223,9,'9', - ']',0xe7,'#',0xaa,154,29,202,'m',168,10,134,133,138,130,190,'B',7,214,242, - '8',130,'s',218,135,'[',229,'<',211,158,'>',167,';',158,244,3,179,249,241, - '}',19,'t',2,0xff,187,161,229,250,0,'y',28,166,'f','A',136,92,'`','W',166, - '.',0x9,196,186,253,154,207,167,31,'@',195,187,204,'Z',10,'U','K',';','8', - 'v','Q',0xb8,'c',139,132,148,22,230,'V',243,2,3,1,0,1,163,'B','0','@','0', - 15,6,3,'U',29,19,1,1,255,4,5,'0',3,1,1,255,'0',14,6,3,'U',29,15,1,1,255,4, - 0x04,3,2,1,6,'0',29,6,3,'U',29,14,4,22,4,20,254,171,0,144,152,158,'$',252, - 0xa9,204,26,138,251,39,184,191,'0','n',168,';','0',13,6,9,'*',134,'H',134, - 0xf7,0xd,1,1,11,5,0,3,130,2,1,0,207,'w',',','n','V',190,'N',179,182,132,0, - 148,171,'G',201,13,210,'v',199,134,159,29,7,211,182,180,187,8,'x',175,'i', - 0xd2,11,'I',222,'3',197,172,173,194,136,2,'}',6,183,'5',2,193,'`',201,191, - 0xc4,232,148,222,212,211,169,19,'%','Z',254,'n',162,174,'}',5,220,'}',243, - 'l',0xf0,'~',0xa6,0x8d,238,217,215,206,'X',23,232,169,')',174,'s','H',135, - 0xe7,0x9b,0xca,'n',')',161,'d','_',25,19,247,174,6,16,255,'Q',198,155,'M', - 'U','%','O',0x93,0x99,16,1,'S','u',241,19,206,199,166,'A','A',210,191,136, - 0xa5,127,'E',252,172,184,165,181,'3',12,130,196,251,7,246,'j',229,'%',132, - '_',0x6,202,193,134,'9',17,219,'X',205,'w',';',',',194,'L',15,'^',154,227, - 240,171,'>','a',27,'P','$',194,192,244,241,25,240,17,')',182,165,24,2,155, - 0xd7,'c','L','p',0x8c,'G',163,3,'C',92,185,']','F',160,13,'o',255,'Y',142, - 190,221,159,'r',195,'[','+',223,140,'[',206,229,12,'F','l',146,178,10,163, - 'L','T','B',0x18,21,18,24,189,218,252,186,'t','n',255,193,182,160,'d',216, - 169,'_','U',174,159,92,'j','v',150,216,'s','g',135,251,'M',127,92,238,'i', - 0xca,'s',16,251,138,169,253,158,189,'6','8','I','I',135,244,14,20,240,233, - 0x87,0xb8,'?',167,'O','z','Z',142,'y',212,147,228,187,'h','R',132,172,'l', - 0xe9,0xf3,152,'p','U','r','2',249,'4',171,'+','I',181,205,' ','b',228,':', - 'z','g','c',0xab,0x96,220,'m',174,151,236,252,159,'v','V',136,'.','f',207, - '[',0xb6,0xc9,164,176,215,5,186,225,39,'/',147,187,'&','*',162,147,176,27, - 0xf3,142,190,29,'@',163,185,'6',143,'>',130,26,26,'^',136,234,'P',248,'Y', - 0xe2,131,'F',')',11,227,'D',92,225,149,182,'i',144,154,20,'o',151,174,129, - 0xcf,'h',0xef,153,154,190,181,231,225,127,248,250,19,'G',22,'L',204,'m',8, - '@',0xe7,139,'x','o','P',130,'D','P','?','f',6,138,171,'C',132,'V','J',15, - ' ','-',0x86,0x0e,245,210,219,210,'z',138,'K',205,165,232,'N',241,'^','&', - '%',0x1,'Y','#',160,'~',210,246,'~','!','W',215,39,188,21,'W','L',164,'F', - 193,224,131,30,12,'L','M',31,'O',6,25,226,249,168,244,':',130,161,178,'y', - 'C','y',0xd6,173,'o','z',39,144,3,164,234,'$',135,'?',217,189,217,233,242, - '_','P','I',28,238,236,215,'.', -] - - -/** -Staat der Nederlanden EV Root CA. -This certificate can be added to an HTTP client or a TLS socket with - the --root_certificates argument. -It can also be installed on the Toit process, to be used by all TLS - sockets that do not have explicit roots, using its install method. -Deprecated. This certificate has expired. -*/ -STAAT_DER_NEDERLANDEN_EV_ROOT_CA ::= STAAT_DER_NEDERLANDEN_EV_ROOT_CA_ -STAAT_DER_NEDERLANDEN_EV_ROOT_CA_ ::= tls.RootCertificate --fingerprint=0xd87d40f7 STAAT_DER_NEDERLANDEN_EV_ROOT_CA_BYTES_ - STARFIELD_CLASS_2_CA_BYTES_ ::= #[ '0',0x82,4,0xf,'0',130,2,247,160,3,2,1,2,2,1,0,'0',13,6,9,'*',134,'H',134, 0xf7,0x0d,1,1,5,5,0,'0','h','1',11,'0',9,6,3,'U',4,6,19,2,'U','S','1','%', @@ -11224,12 +10732,10 @@ MAP ::= { "CommScope Public Trust RSA Root-01": COMMSCOPE_PUBLIC_TRUST_RSA_ROOT_01, "CommScope Public Trust RSA Root-02": COMMSCOPE_PUBLIC_TRUST_RSA_ROOT_02, "Comodo AAA Services root": COMODO_AAA_SERVICES_ROOT, - "Cybertrust Global Root": CYBERTRUST_GLOBAL_ROOT, "D-TRUST BR Root CA 1 2020": D_TRUST_BR_ROOT_CA_1_2020, "D-TRUST EV Root CA 1 2020": D_TRUST_EV_ROOT_CA_1_2020, "D-TRUST Root Class 3 CA 2 2009": D_TRUST_ROOT_CLASS_3_CA_2_2009, "D-TRUST Root Class 3 CA 2 EV 2009": D_TRUST_ROOT_CLASS_3_CA_2_EV_2009, - "DST Root CA X3": DST_ROOT_CA_X3, "DigiCert Assured ID Root CA": DIGICERT_ASSURED_ID_ROOT_CA, "DigiCert Assured ID Root G2": DIGICERT_ASSURED_ID_ROOT_G2, "DigiCert Assured ID Root G3": DIGICERT_ASSURED_ID_ROOT_G3, @@ -11240,7 +10746,6 @@ MAP ::= { "DigiCert TLS ECC P384 Root G5": DIGICERT_TLS_ECC_P384_ROOT_G5, "DigiCert TLS RSA4096 Root G5": DIGICERT_TLS_RSA4096_ROOT_G5, "DigiCert Trusted Root G4": DIGICERT_TRUSTED_ROOT_G4, - "EC-ACC": EC_ACC, "Entrust Root Certification Authority": ENTRUST_ROOT_CERTIFICATION_AUTHORITY, "Entrust Root Certification Authority - EC1": ENTRUST_ROOT_CERTIFICATION_AUTHORITY_EC1, "Entrust Root Certification Authority - G2": ENTRUST_ROOT_CERTIFICATION_AUTHORITY_G2, @@ -11256,7 +10761,6 @@ MAP ::= { "GlobalSign ECC Root CA - R4": GLOBALSIGN_ECC_ROOT_CA_R4, "GlobalSign ECC Root CA - R5": GLOBALSIGN_ECC_ROOT_CA_R5, "GlobalSign Root CA": GLOBALSIGN_ROOT_CA, - "GlobalSign Root CA - R2": GLOBALSIGN_ROOT_CA_R2, "GlobalSign Root CA - R3": GLOBALSIGN_ROOT_CA_R3, "GlobalSign Root CA - R6": GLOBALSIGN_ROOT_CA_R6, "GlobalSign Root E46": GLOBALSIGN_ROOT_E46, @@ -11266,7 +10770,6 @@ MAP ::= { "HARICA TLS ECC Root CA 2021": HARICA_TLS_ECC_ROOT_CA_2021, "HARICA TLS RSA Root CA 2021": HARICA_TLS_RSA_ROOT_CA_2021, "Hellenic Academic and Research Institutions ECC RootCA 2015": HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ECC_ROOTCA_2015, - "Hellenic Academic and Research Institutions RootCA 2011": HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011, "Hellenic Academic and Research Institutions RootCA 2015": HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2015, "HiPKI Root CA - G1": HIPKI_ROOT_CA_G1, "Hongkong Post Root CA 3": HONGKONG_POST_ROOT_CA_3, @@ -11280,7 +10783,6 @@ MAP ::= { "Microsoft RSA Root Certificate Authority 2017": MICROSOFT_RSA_ROOT_CERTIFICATE_AUTHORITY_2017, "NAVER Global Root Certification Authority": NAVER_GLOBAL_ROOT_CERTIFICATION_AUTHORITY, "NetLock Arany (Class Gold) Főtanúsítvány": NETLOCK_ARANY, - "Network Solutions Certificate Authority": NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY, "OISTE WISeKey Global Root GB CA": OISTE_WISEKEY_GLOBAL_ROOT_GB_CA, "OISTE WISeKey Global Root GC CA": OISTE_WISEKEY_GLOBAL_ROOT_GC_CA, "QuoVadis Root CA 1 G3": QUOVADIS_ROOT_CA_1_G3, @@ -11306,7 +10808,6 @@ MAP ::= { "Security Communication ECC RootCA1": SECURITY_COMMUNICATION_ECC_ROOTCA1, "Security Communication RootCA2": SECURITY_COMMUNICATION_ROOTCA2, "Security Communication RootCA3": SECURITY_COMMUNICATION_ROOTCA3, - "Staat der Nederlanden EV Root CA": STAAT_DER_NEDERLANDEN_EV_ROOT_CA, "Starfield Class 2 CA": STARFIELD_CLASS_2_CA, "Starfield Root Certificate Authority - G2": STARFIELD_ROOT_CERTIFICATE_AUTHORITY_G2, "Starfield Services Root Certificate Authority - G2": STARFIELD_SERVICES_ROOT_CERTIFICATE_AUTHORITY_G2, @@ -11402,12 +10903,10 @@ ALL ::= [ COMMSCOPE_PUBLIC_TRUST_RSA_ROOT_01, COMMSCOPE_PUBLIC_TRUST_RSA_ROOT_02, COMODO_AAA_SERVICES_ROOT, - CYBERTRUST_GLOBAL_ROOT_, D_TRUST_BR_ROOT_CA_1_2020, D_TRUST_EV_ROOT_CA_1_2020, D_TRUST_ROOT_CLASS_3_CA_2_2009, D_TRUST_ROOT_CLASS_3_CA_2_EV_2009, - DST_ROOT_CA_X3_, DIGICERT_ASSURED_ID_ROOT_CA, DIGICERT_ASSURED_ID_ROOT_G2, DIGICERT_ASSURED_ID_ROOT_G3, @@ -11418,7 +10917,6 @@ ALL ::= [ DIGICERT_TLS_ECC_P384_ROOT_G5, DIGICERT_TLS_RSA4096_ROOT_G5, DIGICERT_TRUSTED_ROOT_G4, - EC_ACC_, ENTRUST_ROOT_CERTIFICATION_AUTHORITY, ENTRUST_ROOT_CERTIFICATION_AUTHORITY_EC1, ENTRUST_ROOT_CERTIFICATION_AUTHORITY_G2, @@ -11434,7 +10932,6 @@ ALL ::= [ GLOBALSIGN_ECC_ROOT_CA_R4, GLOBALSIGN_ECC_ROOT_CA_R5, GLOBALSIGN_ROOT_CA, - GLOBALSIGN_ROOT_CA_R2_, GLOBALSIGN_ROOT_CA_R3, GLOBALSIGN_ROOT_CA_R6, GLOBALSIGN_ROOT_E46, @@ -11444,7 +10941,6 @@ ALL ::= [ HARICA_TLS_ECC_ROOT_CA_2021, HARICA_TLS_RSA_ROOT_CA_2021, HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ECC_ROOTCA_2015, - HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_, HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2015, HIPKI_ROOT_CA_G1, HONGKONG_POST_ROOT_CA_3, @@ -11458,7 +10954,6 @@ ALL ::= [ MICROSOFT_RSA_ROOT_CERTIFICATE_AUTHORITY_2017, NAVER_GLOBAL_ROOT_CERTIFICATION_AUTHORITY, NETLOCK_ARANY, - NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_, OISTE_WISEKEY_GLOBAL_ROOT_GB_CA, OISTE_WISEKEY_GLOBAL_ROOT_GC_CA, QUOVADIS_ROOT_CA_1_G3, @@ -11484,7 +10979,6 @@ ALL ::= [ SECURITY_COMMUNICATION_ECC_ROOTCA1, SECURITY_COMMUNICATION_ROOTCA2, SECURITY_COMMUNICATION_ROOTCA3, - STAAT_DER_NEDERLANDEN_EV_ROOT_CA_, STARFIELD_CLASS_2_CA, STARFIELD_ROOT_CERTIFICATE_AUTHORITY_G2, STARFIELD_SERVICES_ROOT_CERTIFICATE_AUTHORITY_G2, @@ -11583,12 +11077,10 @@ install_all_trusted_roots -> none: COMMSCOPE_PUBLIC_TRUST_RSA_ROOT_01.install COMMSCOPE_PUBLIC_TRUST_RSA_ROOT_02.install COMODO_AAA_SERVICES_ROOT.install - CYBERTRUST_GLOBAL_ROOT.install D_TRUST_BR_ROOT_CA_1_2020.install D_TRUST_EV_ROOT_CA_1_2020.install D_TRUST_ROOT_CLASS_3_CA_2_2009.install D_TRUST_ROOT_CLASS_3_CA_2_EV_2009.install - DST_ROOT_CA_X3.install DIGICERT_ASSURED_ID_ROOT_CA.install DIGICERT_ASSURED_ID_ROOT_G2.install DIGICERT_ASSURED_ID_ROOT_G3.install @@ -11599,7 +11091,6 @@ install_all_trusted_roots -> none: DIGICERT_TLS_ECC_P384_ROOT_G5.install DIGICERT_TLS_RSA4096_ROOT_G5.install DIGICERT_TRUSTED_ROOT_G4.install - EC_ACC.install ENTRUST_ROOT_CERTIFICATION_AUTHORITY.install ENTRUST_ROOT_CERTIFICATION_AUTHORITY_EC1.install ENTRUST_ROOT_CERTIFICATION_AUTHORITY_G2.install @@ -11615,7 +11106,6 @@ install_all_trusted_roots -> none: GLOBALSIGN_ECC_ROOT_CA_R4.install GLOBALSIGN_ECC_ROOT_CA_R5.install GLOBALSIGN_ROOT_CA.install - GLOBALSIGN_ROOT_CA_R2.install GLOBALSIGN_ROOT_CA_R3.install GLOBALSIGN_ROOT_CA_R6.install GLOBALSIGN_ROOT_E46.install @@ -11625,7 +11115,6 @@ install_all_trusted_roots -> none: HARICA_TLS_ECC_ROOT_CA_2021.install HARICA_TLS_RSA_ROOT_CA_2021.install HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ECC_ROOTCA_2015.install - HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011.install HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2015.install HIPKI_ROOT_CA_G1.install HONGKONG_POST_ROOT_CA_3.install @@ -11639,7 +11128,6 @@ install_all_trusted_roots -> none: MICROSOFT_RSA_ROOT_CERTIFICATE_AUTHORITY_2017.install NAVER_GLOBAL_ROOT_CERTIFICATION_AUTHORITY.install NETLOCK_ARANY.install - NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY.install OISTE_WISEKEY_GLOBAL_ROOT_GB_CA.install OISTE_WISEKEY_GLOBAL_ROOT_GC_CA.install QUOVADIS_ROOT_CA_1_G3.install @@ -11665,7 +11153,6 @@ install_all_trusted_roots -> none: SECURITY_COMMUNICATION_ECC_ROOTCA1.install SECURITY_COMMUNICATION_ROOTCA2.install SECURITY_COMMUNICATION_ROOTCA3.install - STAAT_DER_NEDERLANDEN_EV_ROOT_CA.install STARFIELD_CLASS_2_CA.install STARFIELD_ROOT_CERTIFICATE_AUTHORITY_G2.install STARFIELD_SERVICES_ROOT_CERTIFICATE_AUTHORITY_G2.install diff --git a/tests/parse_x509_test.toit b/tests/parse_x509_test.toit index 5c55861..fecf43f 100644 --- a/tests/parse_x509_test.toit +++ b/tests/parse_x509_test.toit @@ -6,9 +6,9 @@ import certificate_roots import expect show * main: - dst := certificate_roots.DST_ROOT_CA_X3 - cyber := certificate_roots.CYBERTRUST_GLOBAL_ROOT - globalsign := certificate_roots.GLOBALSIGN_ROOT_CA_R2 - expect_not_equals dst cyber - expect_not_equals dst globalsign - expect_not_equals cyber globalsign + baltimore := certificate_roots.BALTIMORE-CYBERTRUST-ROOT + amazon-1 := certificate_roots.AMAZON-ROOT-CA-1 + comodo := certificate_roots.COMODO-AAA-SERVICES-ROOT + expect_not_equals baltimore amazon-1 + expect_not_equals amazon-1 comodo + expect_not_equals comodo baltimore diff --git a/tools/to_toit_source.toit b/tools/to_toit_source.toit index daa17e0..1d2d093 100644 --- a/tools/to_toit_source.toit +++ b/tools/to_toit_source.toit @@ -146,9 +146,6 @@ main args/List: else if in_cert_data: cert_code.add line - DEPRECATED_CERTS.do: | cert/Cert | - all_certs[cert.mixed_case_name] = cert - names := all_certs.keys.sort names.do: | mixed_case_name | cert/Cert := all_certs[mixed_case_name] @@ -247,249 +244,3 @@ main args/List: print "*/" print "install_common_trusted_roots -> none:" print " COMMON_TRUSTED_ROOTS.do: it.install" - -GLOBALSIGN_PEM ::= """ - MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G - A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp - Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 - MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG - A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI - hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL - v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 - eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq - tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd - C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa - zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB - mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH - V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n - bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG - 3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs - J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO - 291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS - ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd - AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 - TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== - """ - -DST_PEM ::= """ - MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ - MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT - DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow - PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD - Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB - AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O - rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq - OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b - xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw - 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD - aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV - HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG - SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 - ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr - AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz - R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 - JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo - Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ - """ - -CYBERTRUST_PEM ::= """ - MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG - A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh - bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE - ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 - 7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS - J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y - HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP - t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz - FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY - XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ - MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw - hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js - MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA - A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj - Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx - XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o - omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc - A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW - WL1WMRJOEcgh4LMRkWXbtKaIOM5V - """ - -NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_PEM ::= """ - MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi - MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu - MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp - dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV - UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO - ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG - SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz - c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP - OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl - mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF - BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 - qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw - gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB - BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu - bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp - dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 - 6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ - h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH - /nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv - wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN - pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey - """ - -EC_ACC_PEM ::= """ - MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB - 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy - dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 - YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 - dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh - IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD - LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG - EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g - KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD - ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu - bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg - ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN - BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R - 85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm - 4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV - HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd - QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t - lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB - o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E - BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 - opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo - dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW - ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN - AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y - /X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k - SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy - Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS - Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl - nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= - """ - -HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_PEM ::= """ - MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix - RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 - dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p - YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw - NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK - EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl - cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl - c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB - BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz - dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ - fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns - bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD - 75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP - FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV - HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp - 5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu - b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA - A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p - 6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 - TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 - dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys - Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI - l7WdmplNsDz4SgCbZN2fOUvRJ9e4 - """ - -STAAT_DER_NEDERLANDEN_EV_ROOT_CA_PEM ::= """ - MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO - TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh - dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y - MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg - TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS - b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS - M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC - UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d - Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p - rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l - pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb - j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC - KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS - /ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X - cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH - 1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP - px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB - /zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 - MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI - eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u - 2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS - v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC - wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy - CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e - vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 - Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa - Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL - eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 - FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc - 7uzXLg== - """ - -DST_BYTES ::= base64.decode ((DST_PEM.split "\n").join "") -CYBERTRUST_BYTES ::= base64.decode ((CYBERTRUST_PEM.split "\n").join "") -GLOBALSIGN_BYTES ::= base64.decode ((GLOBALSIGN_PEM.split "\n").join "") -NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_BYTES ::= base64.decode ((NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_PEM.split "\n").join "") -EC_ACC_BYTES ::= base64.decode ((EC_ACC_PEM.split "\n").join "") -HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_BYTES ::= base64.decode ((HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_PEM.split "\n").join "") -STAAT_DER_NEDERLANDEN_EV_ROOT_CA_BYTES ::= base64.decode ((STAAT_DER_NEDERLANDEN_EV_ROOT_CA_PEM.split "\n").join "") - -/// These certificates are no longer in Mozillas store because they -/// expired, but we keep them in our package to keep it backwards -/// compatible. Because Toit does not normally check expiry dates -/// on certificates they are likely to still work. -DEPRECATED_CERTS ::= [ - Cert - --is_deprecated - "GlobalSign Root CA - R2" - "GLOBALSIGN_ROOT_CA_R2" - null - GLOBALSIGN_BYTES - --comment="Deprecated. This certificate has expired.", - Cert - --is_deprecated - "DST Root CA X3" - "DST_ROOT_CA_X3" - null - DST_BYTES - --comment="Deprecated. This certificate has expired. Usually the replacement\n is \$ISRG_ROOT_X1.", - Cert - --is_deprecated - "Cybertrust Global Root" - "CYBERTRUST_GLOBAL_ROOT" - null - CYBERTRUST_BYTES - --comment="Deprecated. This certificate has expired.", - Cert - --is_deprecated - "Network Solutions Certificate Authority" - "NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY" - null - NETWORK_SOLUTIONS_CERTIFICATE_AUTHORITY_BYTES - --comment="Deprecated. This certificate has expired.", - Cert - --is_deprecated - "EC-ACC" - "EC_ACC" - null - EC_ACC_BYTES - --comment="Deprecated. This certificate has expired.", - Cert - --is_deprecated - "Hellenic Academic and Research Institutions RootCA 2011" - "HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011" - null - HELLENIC_ACADEMIC_AND_RESEARCH_INSTITUTIONS_ROOTCA_2011_BYTES - --comment="Deprecated. This certificate has expired.", - Cert - --is_deprecated - "Staat der Nederlanden EV Root CA" - "STAAT_DER_NEDERLANDEN_EV_ROOT_CA" - null - STAAT_DER_NEDERLANDEN_EV_ROOT_CA_BYTES - --comment="Deprecated. This certificate has expired.", -]